aboutsummaryrefslogtreecommitdiffstats
path: root/mod
diff options
context:
space:
mode:
Diffstat (limited to 'mod')
-rw-r--r--mod/cloud.php107
-rw-r--r--mod/connections.php3
-rw-r--r--mod/directory.php2
-rw-r--r--mod/dirsearch.php6
-rw-r--r--mod/display.php25
-rw-r--r--mod/item.php26
-rw-r--r--mod/message.php32
-rw-r--r--mod/oexchange.php15
-rw-r--r--mod/photos.php50
-rwxr-xr-xmod/setup.php4
-rw-r--r--mod/view.php2
-rw-r--r--mod/webpages.php2
12 files changed, 216 insertions, 58 deletions
diff --git a/mod/cloud.php b/mod/cloud.php
new file mode 100644
index 000000000..cdd926444
--- /dev/null
+++ b/mod/cloud.php
@@ -0,0 +1,107 @@
+<?php
+
+ // This module is currently !!!HIGHLY EXPERIMENTAL!!!
+ // You should think twice before running this on a production server
+ // as security mechanisms are not yet implemented and those that
+ // are implemented probably don't work.
+
+ // DAV mounts will probably fail if you don't use SSL, because some platforms refuse to send
+ // basic auth over non-encrypted connections.
+ // One could use digest auth - but then one has to calculate the A1 digest and store it for
+ // all acounts. We aren't doing that. We have a stored password already. We don't need another
+ // one. The login unfortunately is the channel nickname (webbie) as we have no way of passing
+ // the destination channel to DAV. You should be able to login with your account credentials
+ // and be directed to your default channel.
+
+ // This interface does not yet support Red stored files. Consider any content in your "store"
+ // directory to be throw-away until advised otherwise.
+
+
+
+ use Sabre\DAV;
+
+ require_once('vendor/autoload.php');
+
+
+ // workaround for HTTP-auth in CGI mode
+ if(x($_SERVER,'REDIRECT_REMOTE_USER')) {
+ $userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"],6)) ;
+ if(strlen($userpass)) {
+ list($name, $password) = explode(':', $userpass);
+ $_SERVER['PHP_AUTH_USER'] = $name;
+ $_SERVER['PHP_AUTH_PW'] = $password;
+ }
+ }
+
+ if(x($_SERVER,'HTTP_AUTHORIZATION')) {
+ $userpass = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"],6)) ;
+ if(strlen($userpass)) {
+ list($name, $password) = explode(':', $userpass);
+ $_SERVER['PHP_AUTH_USER'] = $name;
+ $_SERVER['PHP_AUTH_PW'] = $password;
+ }
+ }
+
+
+
+class RedBasicAuth extends Sabre\DAV\Auth\Backend\AbstractBasic {
+
+ protected function validateUserPass($username, $password) {
+ require_once('include/auth.php');
+ $record = account_verify_password($email,$pass);
+ if($record && $record['account_default_channel']) {
+ $r = q("select * from channel where channel_account_id = %d and channel_id = %d limit 1",
+ intval($record['account_id']),
+ intval($record['account_default_channel'])
+ );
+ if($r) {
+ $this->currentUser = $r[0]['channel_address'];
+ return true;
+ }
+ }
+ $r = q("select channel_account_id from channel where channel_address = '%s' limit 1",
+ dbesc($username)
+ );
+ if($r) {
+ $x = q("select * from account where account_id = %d limit 1",
+ intval($r[0]['channel_account_id'])
+ );
+ if($x) {
+ foreach($x as $record) {
+ if(($record['account_flags'] == ACCOUNT_OK) || ($record['account_flags'] == ACCOUNT_UNVERIFIED)
+ && (hash('whirlpool',$record['account_salt'] . $password) === $record['account_password'])) {
+ logger('(DAV) RedBasicAuth: password verified for ' . $username);
+ return true;
+ }
+ }
+ }
+ }
+ logger('(DAV) RedBasicAuth: password failed for ' . $username);
+ return false;
+ }
+}
+
+
+function cloud_init() {
+
+ if(! get_config('system','enable_cloud'))
+ killme();
+
+ $rootDirectory = new DAV\FS\Directory('store');
+ $server = new DAV\Server($rootDirectory);
+ $lockBackend = new DAV\Locks\Backend\File('store/data/locks');
+ $lockPlugin = new DAV\Locks\Plugin($lockBackend);
+
+ $server->addPlugin($lockPlugin);
+
+ $auth = new RedBasicAuth();
+
+ $auth->Authenticate($server,'Red Matrix');
+
+
+ // All we need to do now, is to fire up the server
+ $server->exec();
+
+ exit;
+
+} \ No newline at end of file
diff --git a/mod/connections.php b/mod/connections.php
index 95fc18174..bcb78f138 100644
--- a/mod/connections.php
+++ b/mod/connections.php
@@ -422,6 +422,7 @@ function connections_content(&$a) {
'$tab_str' => $tab_str,
'$is_pending' => (($contact['abook_flags'] & ABOOK_FLAG_PENDING) ? 1 : ''),
'$unapproved' => $unapproved,
+ '$inherited' => t('inherited'),
'$approve' => t('Approve this connection'),
'$noperms' => (((! $self) && (! $contact['abook_my_perms'])) ? t('Connection has no individual permissions!') : ''),
'$noperm_desc' => (((! $self) && (! $contact['abook_my_perms'])) ? t('This may be appropriate based on your <a href="settings">privacy settings</a>, though you may wish to review the "Advanced Permissions".') : ''),
@@ -440,7 +441,7 @@ function connections_content(&$a) {
'$cautious' => t('Cautious Sharing'),
'$follow' => t('Follow Only'),
'$permlbl' => t('Individual Permissions'),
- '$permnote' => t('Individual permissions are only enabled for <a href="settings">privacy settings</a> which are set to "Only those you specifically allow". Otherwise they are controlled by your privacy settings.'),
+ '$permnote' => t('Some permissions may be inherited from your <a href="settings">privacy settings</a>, which have higher priority. Changing those on this page will have no effect.'),
'$advanced' => t('Advanced Permissions'),
'$quick' => t('Quick Links'),
'$common_link' => $a->get_baseurl(true) . '/common/loc/' . local_user() . '/' . $contact['id'],
diff --git a/mod/directory.php b/mod/directory.php
index 195ca993e..13855cff7 100644
--- a/mod/directory.php
+++ b/mod/directory.php
@@ -14,6 +14,8 @@ function directory_aside(&$a) {
require_once('include/contact_widgets.php');
$a->set_widget('find_people',findpeople_widget());
}
+ $a->set_widget('dir_sort_order',dir_sort_links());
+
}
diff --git a/mod/dirsearch.php b/mod/dirsearch.php
index 14307f274..115bc2235 100644
--- a/mod/dirsearch.php
+++ b/mod/dirsearch.php
@@ -132,7 +132,7 @@ function dirsearch_content(&$a) {
if($sort_order == 'date')
- $order = ""; // Not currently implemented
+ $order = " order by xchan_name_date desc ";
elseif($sort_order == 'reverse')
$order = " order by xchan_name desc ";
else
@@ -159,10 +159,12 @@ function dirsearch_content(&$a) {
json_return_and_die($spkt);
}
else {
- $r = q("SELECT xchan.*, xprof.* from xchan left join xprof on xchan_hash = xprof_hash where $logic $sql_extra and not ( xchan_flags & %d ) and not ( xchan_flags & %d ) $safesql $order $qlimit ",
+
+ $r = q("SELECT xchan.*, xprof.* from xchan left join xprof on xchan_hash = xprof_hash where ( $logic $sql_extra ) and not ( xchan_flags & %d ) and not ( xchan_flags & %d ) $safesql $order $qlimit ",
intval(XCHAN_FLAGS_HIDDEN),
intval(XCHAN_FLAGS_ORPHAN)
);
+
}
$ret['page'] = $page + 1;
diff --git a/mod/display.php b/mod/display.php
index c9f6595c6..d91d14d01 100644
--- a/mod/display.php
+++ b/mod/display.php
@@ -35,6 +35,29 @@ function display_content(&$a, $update = 0, $load = false) {
$observer_is_owner = false;
+
+ if(local_user() && (! $update)) {
+
+ $channel = $a->get_channel();
+
+ $x = array(
+ 'is_owner' => true,
+ 'allow_location' => ((intval(get_pconfig($channel['channel_id'],'system','use_browser_location'))) ? '1' : ''),
+ 'default_location' => $channel['channel_location'],
+ 'nickname' => $channel['channel_address'],
+ 'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
+
+ 'acl' => populate_acl($channel, false),
+ 'bang' => '',
+ 'visitor' => 'block',
+ 'profile_uid' => local_user(),
+ 'return_path' => 'channel/' . $channel['channel_address']
+ );
+
+ $o .= status_editor($a,$x);
+
+ }
+
// This page can be viewed by anybody so the query could be complicated
// First we'll see if there is a copy of the item which is owned by us - if we're logged in locally.
// If that fails (or we aren't logged in locally),
@@ -166,6 +189,8 @@ function display_content(&$a, $update = 0, $load = false) {
);
}
+ $o .= '<div id="content-complete"></div>';
+
return $o;
diff --git a/mod/item.php b/mod/item.php
index 48a22bd3c..218e9c174 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -161,7 +161,6 @@ function item_post(&$a) {
$observer = $a->get_observer();
-
if($parent) {
logger('mod_item: item_post parent=' . $parent);
$can_comment = false;
@@ -386,9 +385,10 @@ function item_post(&$a) {
$body = fix_mce_lf($body);
}
- // If we're sending a private top-level message with a single @-taggable channel as a recipient, @-tag it.
+ // If we're sending a private top-level message with a single @-taggable channel as a recipient, @-tag it, if our pconfig is set.
+
- if((! $parent) && (substr_count($str_contact_allow,'<') == 1) && ($str_group_allow == '') && ($str_contact_deny == '') && ($str_group_deny == '')) {
+ if((! $parent) && (get_pconfig($profile_uid,'system','tagifonlyrecip')) && (substr_count($str_contact_allow,'<') == 1) && ($str_group_allow == '') && ($str_contact_deny == '') && ($str_group_deny == '')) {
$x = q("select abook_id, abook_their_perms from abook where abook_xchan = '%s' and abook_channel = %d limit 1",
dbesc(str_replace(array('<','>'),array('',''),$str_contact_allow)),
intval($profile_uid)
@@ -529,7 +529,7 @@ function item_post(&$a) {
'type' => TERM_CATEGORY,
'otype' => TERM_OBJ_POST,
'term' => trim($cat),
- 'url' => ''
+ 'url' => $owner_xchan['xchan_url'] . '?f=&cat=' . urlencode(trim($cat))
);
}
}
@@ -605,6 +605,7 @@ function item_post(&$a) {
$datarray['item_flags'] = $item_flags;
$datarray['layout_mid'] = $layout_mid;
$datarray['comment_policy'] = map_scope($channel['channel_w_comment']);
+ $datarray['term'] = $post_tags;
// preview mode - prepare the body for display and send it via json
@@ -685,21 +686,6 @@ function item_post(&$a) {
if($post_id) {
logger('mod_item: saved item ' . $post_id);
- if(count($post_tags)) {
- foreach($post_tags as $tag) {
- if(strlen(trim($tag['term']))) {
- q("insert into term (uid,oid,otype,type,term,url) values (%d,%d,%d,%d,'%s','%s')",
- intval($tag['uid']),
- intval($post_id),
- intval($tag['otype']),
- intval($tag['type']),
- dbesc(trim($tag['term'])),
- dbesc(trim($tag['url']))
- );
- }
- }
- }
-
if($parent) {
$r = q("UPDATE `item` SET `changed` = '%s' WHERE `parent` = %d ",
@@ -894,7 +880,7 @@ function handle_tag($a, &$body, &$inform, &$str_tags, $profile_uid, $tag) {
$url = 'http://getzot.com';
$newtag = '#[zrl=' . $url . ']' . $basetag . '[/zrl]';
$body = str_replace($tag,$newtag,$body);
- $replace = true;
+ $replaced = true;
}
else {
//base tag has the tags name only
diff --git a/mod/message.php b/mod/message.php
index 652481579..1b4c6ae26 100644
--- a/mod/message.php
+++ b/mod/message.php
@@ -233,6 +233,24 @@ function message_content(&$a) {
}
}
+ if((argc() == 3) && (argv(1) === 'recall')) {
+ if(! intval(argv(2)))
+ return;
+ $cmd = argv(1);
+ $r = q("update mail set mail_flags = mail_flags | %d where id = %d and channel_id = %d limit 1",
+ intval(MAIL_RECALLED),
+ intval(argv(2)),
+ intval(local_user())
+ );
+ proc_run('php','include/notifier.php','mail',intval(argv(2)));
+
+ if($r) {
+ info( t('Message recalled.') . EOL );
+ }
+ goaway($a->get_baseurl(true) . '/message' );
+
+ }
+
if((argc() > 1) && ($a->argv[1] === 'new')) {
@@ -360,6 +378,16 @@ function message_content(&$a) {
return $o;
}
+ $other_channel = null;
+ if($messages[0]['to_xchan'] === $channel['channel_hash'])
+ $other_channel = $messages[0]['from'];
+ else
+ $other_channel = $messages[0]['to'];
+
+ require_once('include/Contact.php');
+
+ $a->set_widget('mail_conversant',vcard_from_xchan($other_channel,$get_observer_hash,'mail'));
+
$tpl = get_markup_template('msg-header.tpl');
@@ -422,6 +450,9 @@ function message_content(&$a) {
'subject' => $message['title'],
'body' => smilies(bbcode($message['body']) . $s),
'delete' => t('Delete message'),
+ 'recall' => t('Recall message'),
+ 'can_recall' => (($channel['channel_hash'] == $message['from_xchan']) ? true : false),
+ 'is_recalled' => (($message['mail_flags'] & MAIL_RECALLED) ? t('Message has been recalled.') : ''),
'date' => datetime_convert('UTC',date_default_timezone_get(),$message['created'],'D, d M Y - g:i A'),
);
@@ -440,6 +471,7 @@ function message_content(&$a) {
$tpl = get_markup_template('mail_display.tpl');
$o = replace_macros($tpl, array(
+ '$prvmsg_header' => t('Private Conversation'),
'$thread_id' => $a->argv[1],
'$thread_subject' => $message['title'],
'$thread_seen' => $seen,
diff --git a/mod/oexchange.php b/mod/oexchange.php
index 63b48751c..27c8b388d 100644
--- a/mod/oexchange.php
+++ b/mod/oexchange.php
@@ -15,6 +15,21 @@ function oexchange_init(&$a) {
function oexchange_content(&$a) {
if(! local_user()) {
+ if(remote_user()) {
+ $observer = $a->get_observer();
+ if($observer && $observer['xchan_url']) {
+ $parsed = @parse_url($observer['xchan_url']);
+ if(! $parsed) {
+ notice( t('Unable to find your hub.') . EOL);
+ return;
+ }
+ $url = $parsed['scheme'] . '://' . $parsed['host'] . (($parsed['port']) ? ':' . $parsed['port'] : '');
+ $url .= '/oexchange';
+ $result = z_post_url($url,$_REQUEST);
+ json_return_and_die($result);
+ }
+ }
+
return login(false);
}
diff --git a/mod/photos.php b/mod/photos.php
index f751d7d4f..075d01cf2 100644
--- a/mod/photos.php
+++ b/mod/photos.php
@@ -616,36 +616,28 @@ function photos_content(&$a) {
$can_post = false;
$visitor = 0;
- $contact = null;
- $remote_contact = false;
- $contact_id = 0;
+
$owner_uid = $a->data['channel']['channel_id'];
$owner_aid = $a->data['channel']['channel_account_id'];
- $community_page = (($a->data['user']['page-flags'] == PAGE_COMMUNITY) ? true : false);
+ $observer = $a->get_observer();
- if((local_user()) && (local_user() == $owner_uid))
- $can_post = true;
+ $can_post = perm_is_allowed($owner_uid,$observer['xchan_hash'],'post_photos');
+ $can_view = perm_is_allowed($owner_uid,$observer['xchan_hash'],'view_photos');
-// FIXME
- if(! $remote_contact) {
- if(local_user()) {
- $contact_id = $_SESSION['cid'];
- $contact = $a->contact;
- }
- }
- if($a->data['user']['hidewall'] && (local_user() != $owner_uid) && (! $remote_contact)) {
+ if(! $can_view) {
notice( t('Access to this item is restricted.') . EOL);
return;
}
- $sql_extra = permissions_sql($owner_uid,$remote_contact,$groups);
+ $sql_extra = permissions_sql($owner_uid);
$o = "";
// tabs
+
$_is_owner = (local_user() && (local_user() == $owner_uid));
$o .= profile_tabs($a,$_is_owner, $a->data['channel']['channel_address']);
@@ -708,7 +700,7 @@ function photos_content(&$a) {
}
$albumselect_e = $albumselect;
- $aclselect_e = (($visitor) ? '' : populate_acl($a->user, $celeb));
+ $aclselect_e = (($_is_owner) ? populate_acl($a->get_channel(), false) : '');
$tpl = get_markup_template('photos_upload.tpl');
$o .= replace_macros($tpl,array(
@@ -963,16 +955,12 @@ function photos_content(&$a) {
}
- if(! $can_post) {
- $a->page['htmlhead'] .= '<script>
- $(document).keydown(function(event) {' . "\n";
-
- if($prevlink)
- $a->page['htmlhead'] .= 'if(event.ctrlKey && event.keyCode == 37) { event.preventDefault(); window.location.href = \'' . $prevlink . '\'; }' . "\n";
- if($nextlink)
- $a->page['htmlhead'] .= 'if(event.ctrlKey && event.keyCode == 39) { event.preventDefault(); window.location.href = \'' . $nextlink . '\'; }' . "\n";
- $a->page['htmlhead'] .= '});</script>';
- }
+ $a->page['htmlhead'] .= '<script>$(document).keydown(function(event) {' . "\n";
+ if($prevlink)
+ $a->page['htmlhead'] .= 'if(event.ctrlKey && event.keyCode == 37) { event.preventDefault(); window.location.href = \'' . $prevlink . '\'; }' . "\n";
+ if($nextlink)
+ $a->page['htmlhead'] .= 'if(event.ctrlKey && event.keyCode == 39) { event.preventDefault(); window.location.href = \'' . $nextlink . '\'; }' . "\n";
+ $a->page['htmlhead'] .= '});</script>';
if($prevlink)
$prevlink = array($prevlink, '<i class="icon-backward photo-icons""></i>') ;
@@ -1085,9 +1073,9 @@ function photos_content(&$a) {
'$id' => $link_item['id'],
'$parent' => $link_item['id'],
'$profile_uid' => $owner_uid,
- '$mylink' => $contact['url'],
+ '$mylink' => $observer['xchan_url'],
'$mytitle' => t('This is you'),
- '$myphoto' => $contact['thumb'],
+ '$myphoto' => $observer['xchan_photo_s'],
'$comment' => t('Comment'),
'$submit' => t('Submit'),
'$preview' => t('Preview'),
@@ -1137,7 +1125,7 @@ function photos_content(&$a) {
$drop = '';
- if(($item['contact-id'] == $contact_id) || ($item['uid'] == local_user()))
+ if($observer['xchan_hash'] === $item['author_xchan'] || $observer['xchan_hash'] === $item['owner_xchan'])
$drop = replace_macros(get_markup_template('photo_drop.tpl'), array('$id' => $item['id'], '$delete' => t('Delete')));
@@ -1171,9 +1159,9 @@ function photos_content(&$a) {
'$id' => $link_item['id'],
'$parent' => $link_item['id'],
'$profile_uid' => $owner_uid,
- '$mylink' => $contact['url'],
+ '$mylink' => $observer['xchan_url'],
'$mytitle' => t('This is you'),
- '$myphoto' => $contact['thumb'],
+ '$myphoto' => $observer['xchan_photo_s'],
'$comment' => t('Comment'),
'$submit' => t('Submit'),
'$ww' => ''
diff --git a/mod/setup.php b/mod/setup.php
index 97bdba34e..b825b5e0d 100755
--- a/mod/setup.php
+++ b/mod/setup.php
@@ -453,8 +453,8 @@ function check_funcs(&$checks) {
$ck_funcs[4]['help']= t('Error: mb_string PHP module required but not installed.');
}
if(! function_exists('mcrypt_encrypt')){
- $ck_funcs[4]['status']= false;
- $ck_funcs[4]['help']= t('Error: mcrypt PHP module required but not installed.');
+ $ck_funcs[5]['status']= false;
+ $ck_funcs[5]['help']= t('Error: mcrypt PHP module required but not installed.');
}
$checks = array_merge($checks, $ck_funcs);
diff --git a/mod/view.php b/mod/view.php
index 9e5eff962..d4381743c 100644
--- a/mod/view.php
+++ b/mod/view.php
@@ -1,6 +1,6 @@
<?php
/**
- * load view/theme/$current_theme/style.php with friendica contex
+ * load view/theme/$current_theme/style.php with Red context
*/
function view_init($a){
diff --git a/mod/webpages.php b/mod/webpages.php
index 04c2e07c5..2c5728531 100644
--- a/mod/webpages.php
+++ b/mod/webpages.php
@@ -99,7 +99,7 @@ $r = q("select * from item_id where uid = %d and service = 'WEBPAGE' order by si
'$pages' => $pages,
'$channel' => $which,
'$view' => t('View'),
- '$preview' => '1',
+ '$preview' => t('Preview'),
));