aboutsummaryrefslogtreecommitdiffstats
path: root/mod
diff options
context:
space:
mode:
Diffstat (limited to 'mod')
-rw-r--r--mod/contacts.php2
-rw-r--r--mod/dfrn_poll.php4
-rw-r--r--mod/dfrn_request.php10
-rw-r--r--mod/directory.php6
-rw-r--r--mod/display.php5
-rw-r--r--mod/editpost.php1
-rw-r--r--mod/item.php6
-rw-r--r--mod/like.php4
-rw-r--r--mod/network.php6
-rw-r--r--mod/openid.php11
-rw-r--r--mod/photos.php114
-rw-r--r--mod/profile.php9
-rw-r--r--mod/profile_photo.php7
-rw-r--r--mod/search.php5
-rw-r--r--mod/settings.php4
-rw-r--r--mod/viewcontacts.php10
16 files changed, 151 insertions, 53 deletions
diff --git a/mod/contacts.php b/mod/contacts.php
index a1219f94d..c22bc3c83 100644
--- a/mod/contacts.php
+++ b/mod/contacts.php
@@ -285,7 +285,7 @@ function contacts_content(&$a) {
'$contact_id' => $r[0]['id'],
'$block_text' => (($r[0]['blocked']) ? t('Unblock this contact') : t('Block this contact') ),
'$ignore_text' => (($r[0]['readonly']) ? t('Unignore this contact') : t('Ignore this contact') ),
- '$insecure' => (($r[0]['network'] !== NETWORK_DFRN && $r[0]['network'] !== NETWORK_MAIL) ? $insecure : ''),
+ '$insecure' => (($r[0]['network'] !== NETWORK_DFRN && $r[0]['network'] !== NETWORK_MAIL && $r[0]['network'] !== NETWORK_FACEBOOK) ? $insecure : ''),
'$info' => $r[0]['info'],
'$blocked' => (($r[0]['blocked']) ? '<div id="block-message">' . t('Currently blocked') . '</div>' : ''),
'$ignored' => (($r[0]['readonly']) ? '<div id="ignore-message">' . t('Currently ignored') . '</div>' : ''),
diff --git a/mod/dfrn_poll.php b/mod/dfrn_poll.php
index f8c726c1a..718aa165c 100644
--- a/mod/dfrn_poll.php
+++ b/mod/dfrn_poll.php
@@ -27,6 +27,10 @@ function dfrn_poll_init(&$a) {
}
if(($dfrn_id === '') && (! x($_POST,'dfrn_id')) && ($a->argc > 1)) {
+ if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
+ killme();
+ }
+
logger('dfrn_poll: public feed request from ' . $_SERVER['REMOTE_ADDR'] );
header("Content-type: application/atom+xml");
$o = get_feed_for($a, '', $a->argv[1],$last_update);
diff --git a/mod/dfrn_request.php b/mod/dfrn_request.php
index 4463c713f..1af0dc85d 100644
--- a/mod/dfrn_request.php
+++ b/mod/dfrn_request.php
@@ -12,6 +12,10 @@
if(! function_exists('dfrn_request_init')) {
function dfrn_request_init(&$a) {
+ if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
+ return;
+ }
+
if($a->argc > 1)
$which = $a->argv[1];
@@ -583,6 +587,12 @@ function dfrn_request_content(&$a) {
* Normal web request. Display our user's introduction form.
*/
+ if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
+ notice( t('Public access denied.') . EOL);
+ return;
+ }
+
+
/**
* Try to auto-fill the profile address
*/
diff --git a/mod/directory.php b/mod/directory.php
index a02a4a4a5..95ddbda21 100644
--- a/mod/directory.php
+++ b/mod/directory.php
@@ -13,6 +13,12 @@ function directory_post(&$a) {
function directory_content(&$a) {
+
+ if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
+ notice( t('Public access denied.') . EOL);
+ return;
+ }
+
$o = '';
$o .= '<script> $(document).ready(function() { $(\'#nav-directory-link\').addClass(\'nav-selected\'); });</script>';
if(x($_SESSION,'theme'))
diff --git a/mod/display.php b/mod/display.php
index c8496160f..fdb93e480 100644
--- a/mod/display.php
+++ b/mod/display.php
@@ -3,6 +3,11 @@
function display_content(&$a) {
+ if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
+ notice( t('Public access denied.') . EOL);
+ return;
+ }
+
require_once("include/bbcode.php");
require_once('include/security.php');
require_once('include/conversation.php');
diff --git a/mod/editpost.php b/mod/editpost.php
index 3c92e8bbe..fd84fc26d 100644
--- a/mod/editpost.php
+++ b/mod/editpost.php
@@ -35,6 +35,7 @@ function editpost_content(&$a) {
$a->page['htmlhead'] .= replace_macros($tpl, array(
'$baseurl' => $a->get_baseurl(),
+ '$ispublic' => t('Visible to <strong>everybody</strong>'),
'$geotag' => $geotag,
'$nickname' => $a->user['nickname']
));
diff --git a/mod/item.php b/mod/item.php
index e53cfb033..c4f368fd0 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -538,7 +538,8 @@ function item_post(&$a) {
proc_run('php', "include/notifier.php", $notify_type, "$post_id");
- $datarray['id'] = $post_id;
+ $datarray['id'] = $post_id;
+ $datarray['plink'] = $a->get_baseurl() . '/display/' . $user['nickname'] . '/' . $post_id;
call_hooks('post_local_end', $datarray);
@@ -670,7 +671,8 @@ function item_content(&$a) {
// send the notification upstream/downstream as the case may be
proc_run('php',"include/notifier.php","drop","$drop_id");
-
+// We seem to lose the return url occasionally. Have not been able to reliably duplicate
+// logger('drop_return_url: ' . $_SESSION['return_url']);
goaway($a->get_baseurl() . '/' . $_SESSION['return_url']);
//NOTREACHED
}
diff --git a/mod/like.php b/mod/like.php
index 3e3d69529..966fe500b 100644
--- a/mod/like.php
+++ b/mod/like.php
@@ -173,6 +173,10 @@ EOT;
);
}
+ $arr['id'] = $post_id;
+
+ call_hooks('post_local_end', $arr);
+
proc_run('php',"include/notifier.php","like","$post_id");
return; // NOTREACHED
diff --git a/mod/network.php b/mod/network.php
index f40d34353..7ad5058bf 100644
--- a/mod/network.php
+++ b/mod/network.php
@@ -137,7 +137,7 @@ function network_content(&$a, $update = 0) {
notice( t('Group is empty'));
}
- $sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE `id` = `parent` AND `contact-id` IN ( $contact_str )) ";
+ $sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE `id` = `parent` AND ( `contact-id` IN ( $contact_str ) OR `allow_gid` REGEXP '<" . intval($group) . ">' )) ";
$o = '<h2>' . t('Group: ') . $r[0]['name'] . '</h2>' . $o;
}
elseif($cid) {
@@ -149,7 +149,7 @@ function network_content(&$a, $update = 0) {
if(count($r)) {
$sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE `id` = `parent` AND `contact-id` IN ( " . intval($cid) . " )) ";
$o = '<h2>' . t('Contact: ') . $r[0]['name'] . '</h2>' . $o;
- if($r[0]['network'] !== NETWORK_MAIL && $r[0]['network'] !== NETWORK_DFRN && $r[0]['writable'] && (! get_pconfig(local_user(),'system','nowarn_insecure'))) {
+ if($r[0]['network'] !== NETWORK_MAIL && $r[0]['network'] !== NETWORK_DFRN && $r[0]['network'] !== NETWORK_FACEBOOK && $r[0]['writable'] && (! get_pconfig(local_user(),'system','nowarn_insecure'))) {
notice( t('Private messages to this person are at risk of public disclosure.') . EOL);
}
@@ -164,11 +164,13 @@ function network_content(&$a, $update = 0) {
if((! $group) && (! $cid) && (! $update))
$o .= get_birthdays();
+ $sql_extra2 = (($nouveau) ? '' : " AND `item`.`parent` = `item`.`id` ");
$r = q("SELECT COUNT(*) AS `total`
FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
+ $sql_extra2
$sql_extra ",
intval($_SESSION['uid'])
);
diff --git a/mod/openid.php b/mod/openid.php
index 68d7c3fd2..c3c6c11e9 100644
--- a/mod/openid.php
+++ b/mod/openid.php
@@ -70,9 +70,18 @@ function openid_content(&$a) {
$_SESSION['page_flags'] = $r[0]['page-flags'];
$_SESSION['my_url'] = $a->get_baseurl() . '/profile/' . $r[0]['nickname'];
- notice( sprintf( t("Welcome back "), $r[0]['username']) . EOL);
$a->user = $r[0];
+ if($a->user['login_date'] === '0000-00-00 00:00:00') {
+ $_SESSION['return_url'] = 'profile_photo/new';
+ $a->module = 'profile_photo';
+ notice( t("Welcome ") . $a->user['username'] . EOL);
+ notice( t('Please upload a profile photo.') . EOL);
+ }
+ else
+ notice( t("Welcome back ") . $a->user['username'] . EOL);
+
+
if(strlen($a->user['timezone'])) {
date_default_timezone_set($a->user['timezone']);
$a->timezone = $a->user['timezone'];
diff --git a/mod/photos.php b/mod/photos.php
index 186873a7b..7f94bc520 100644
--- a/mod/photos.php
+++ b/mod/photos.php
@@ -6,6 +6,10 @@ require_once('include/bbcode.php');
function photos_init(&$a) {
+
+ if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
+ return;
+ }
$o = '';
if($a->argc > 1) {
@@ -635,6 +639,9 @@ foreach($_FILES AS $key => $val) {
$item_id = item_store($arr);
+ if($visible)
+ proc_run('php', "include/notifier.php", 'wall-new', $item_id);
+
call_hooks('photo_post_end',intval($item_id));
// addon uploaders should call "killme()" [e.g. exit] within the photo_post_end hook
@@ -657,6 +664,12 @@ function photos_content(&$a) {
// photos/name/image/xxxxx/edit
+ if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
+ notice( t('Public access denied.') . EOL);
+ return;
+ }
+
+
require_once('include/bbcode.php');
require_once('include/security.php');
require_once('include/conversation.php');
@@ -899,7 +912,7 @@ function photos_content(&$a) {
- $o = '<div id="live-display"></div>' . "\r\n";
+ $o = '';
// fetch image, item containing image, then comments
$ph = q("SELECT * FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s'
@@ -952,34 +965,36 @@ function photos_content(&$a) {
}
}
-
- $o .= '<h3>' . '<a href="' . $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/album/' . bin2hex($ph[0]['album']) . '">' . $ph[0]['album'] . '</a></h3>';
+ $album_link = $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/album/' . bin2hex($ph[0]['album']);
+ $tools = Null;
+ $lock = Null;
if($can_post && ($ph[0]['uid'] == $owner_uid)) {
- $o .= '<div id="photo-edit-link-wrap" ><a id="photo-edit-link" href="' . $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $datum . '/edit' . '">' . t('Edit photo') . '</a>';
-
- $o .= ' - <a id="photo-toprofile-link" href="' . $a->get_baseurl() . '/profile_photo/use/'.$ph[0]['resource-id'].'">'.t('Use as profile photo').'</a>';
+ $tools = array(
+ 'edit' => array($a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $datum . '/edit', t('Edit photo')),
+ 'profile'=>array($a->get_baseurl() . '/profile_photo/use/'.$ph[0]['resource-id'], t('Use as profile photo')),
+ );
+
// lock
- $o .= ( ( ($ph[0]['uid'] == local_user()) && (strlen($ph[0]['allow_cid']) || strlen($ph[0]['allow_gid'])
+ $lock = ( ( ($ph[0]['uid'] == local_user()) && (strlen($ph[0]['allow_cid']) || strlen($ph[0]['allow_gid'])
|| strlen($ph[0]['deny_cid']) || strlen($ph[0]['deny_gid'])) )
- ? ' - <img src="images/lock_icon.gif" class="lockview" alt="' . t('Private Message') . '" onclick="lockview(event,\'photo/' . $ph[0]['id'] . '\');" />'
- : '');
+ ? t('Private Message')
+ : Null);
- $o .= '</div>';
+
}
if($prevlink)
- $o .= '<div id="photo-prev-link"><a href="' . $prevlink .'">' . t('<< Prev') . '</a></div>' ;
+ $prevlink = array($prevlink, t('<< Prev')) ;
- $o .= '<div id="photo-photo"><a href="' . $a->get_baseurl() . '/photo/'
- . $hires['resource-id'] . '-' . $hires['scale'] . '.jpg" title="'
- . t('View Full Size') . '" ><img src="' . $a->get_baseurl() . '/photo/'
- . $lores['resource-id'] . '-' . $lores['scale'] . '.jpg' . '" /></a></div>';
+ $photo = array(
+ 'href' => $a->get_baseurl() . '/photo/' . $hires['resource-id'] . '-' . $hires['scale'] . '.jpg',
+ 'title'=> t('View Full Size'),
+ 'src' => $a->get_baseurl() . '/photo/' . $lores['resource-id'] . '-' . $lores['scale'] . '.jpg'
+ );
if($nextlink)
- $o .= '<div id="photo-next-link"><a href="' . $nextlink .'">' . t('Next >>') . '</a></div>';
-
- $o .= '<div id="photo-photo-end"></div>';
+ $nextlink = array($nextlink, t('Next >>'));
// Do we have an item for this photo?
@@ -1031,28 +1046,27 @@ function photos_content(&$a) {
}
}
- $o .= '<div id="photo-caption" >' . $ph[0]['desc'] . '</div>';
-
+ $tags=Null;
if(count($linked_items) && strlen($link_item['tag'])) {
$arr = explode(',',$link_item['tag']);
- // parse tags and add links
- $o .= '<div id="in-this-photo-text">' . t('Tags: ') . '</div>';
- $o .= '<div id="in-this-photo">';
+ // parse tags and add links
$tag_str = '';
foreach($arr as $t) {
if(strlen($tag_str))
$tag_str .= ', ';
$tag_str .= bbcode($t);
}
- $o .= $tag_str . '</div>';
+ $tags = array(t('Tags: '), $tag_str);
if($cmd === 'edit')
- $o .= '<div id="tag-remove"><a href="' . $a->get_baseurl() . '/tagrm/' . $link_item['id'] . '">' . t('[Remove any tag]') . '</a></div>';
+ $tags[] = $a->get_baseurl() . '/tagrm/' . $link_item['id'];
+ $tags[] = t('[Remove any tag]');
}
+ $edit = Null;
if(($cmd === 'edit') && ($can_post)) {
$edit_tpl = load_view_file('view/photo_edit.tpl');
- $o .= replace_macros($edit_tpl, array(
+ $edit = replace_macros($edit_tpl, array(
'$id' => $ph[0]['id'],
'$album' => $ph[0]['album'],
'$newalbum' => t('New album name'),
@@ -1083,22 +1097,19 @@ function photos_content(&$a) {
if($can_post || can_write_wall($a,$owner_uid)) {
$likebuttons = replace_macros($like_tpl,array(
- '$id' => $item['id'],
+ '$id' => $link_item['id'],
'$likethis' => t("I like this \x28toggle\x29"),
'$nolike' => t("I don't like this \x28toggle\x29"),
'$share' => t('Share'),
- '$wait' => t('Please wait')
+ '$wait' => t('Please wait')
));
}
+ $comments = '';
if(! count($r)) {
- $o .= '<div id="photo-like-div">';
- $o .= $likebuttons;
- $o .= '</div>';
-
if($can_post || can_write_wall($a,$owner_uid)) {
if($link_item['last-child']) {
- $o .= replace_macros($cmnt_tpl,array(
+ $comments .= replace_macros($cmnt_tpl,array(
'$return_path' => '',
'$jsreload' => $return_url,
'$type' => 'wall-comment',
@@ -1118,6 +1129,9 @@ function photos_content(&$a) {
$alike = array();
$dlike = array();
+
+ $like = '';
+ $dislike = '';
// display comments
if(count($r)) {
@@ -1130,17 +1144,11 @@ function photos_content(&$a) {
$like = ((isset($alike[$link_item['id']])) ? format_like($alike[$link_item['id']],$alike[$link_item['id'] . '-l'],'like',$link_item['id']) : '');
$dislike = ((isset($dlike[$link_item['id']])) ? format_like($dlike[$link_item['id']],$dlike[$link_item['id'] . '-l'],'dislike',$link_item['id']) : '');
- $o .= '<div id="photo-like-div">';
- $o .= $likebuttons;
- $o .= $like;
- $o .= $dislike;
- $o .= '</div>';
-
if($can_post || can_write_wall($a,$owner_uid)) {
if($link_item['last-child']) {
- $o .= replace_macros($cmnt_tpl,array(
+ $comments .= replace_macros($cmnt_tpl,array(
'$return_path' => '',
'$jsreload' => $return_url,
'$type' => 'wall-comment',
@@ -1169,7 +1177,7 @@ function photos_content(&$a) {
if($can_post || can_write_wall($a,$owner_uid)) {
if($item['last-child']) {
- $comment = replace_macros($cmnt_tpl,array(
+ $comments .= replace_macros($cmnt_tpl,array(
'$return_path' => '',
'$jsreload' => $return_url,
'$type' => 'wall-comment',
@@ -1208,7 +1216,7 @@ function photos_content(&$a) {
$drop = replace_macros(load_view_file('view/wall_item_drop.tpl'), array('$id' => $item['id'], '$delete' => t('Delete')));
- $o .= replace_macros($template,array(
+ $comments .= replace_macros($template,array(
'$id' => $item['item_id'],
'$profile_url' => $profile_link,
'$name' => $profile_name,
@@ -1224,8 +1232,28 @@ function photos_content(&$a) {
}
}
- $o .= paginate($a);
+ $paginate = paginate($a);
}
+
+ $photo_tpl = load_view_file('view/photo_view.tpl');
+ $o .= replace_macros($photo_tpl, array(
+ '$id' => $ph[0]['id'],
+ '$album' => array($album_link,$ph[0]['album']),
+ '$tools' => $tools,
+ '$lock' => $lock,
+ '$photo' => $photo,
+ '$prevlink' => $prevlink,
+ '$nextlink' => $nextlink,
+ '$desc' => $ph[0]['desc'],
+ '$tags' => $tags,
+ '$edit' => $edit,
+ '$likebuttons' => $likebuttons,
+ '$like' => $like,
+ '$dislike' => $dislike,
+ '$comments' => $comments,
+ '$paginate' => $paginate,
+ ));
+
return $o;
}
diff --git a/mod/profile.php b/mod/profile.php
index dfa5649e0..2af6f2429 100644
--- a/mod/profile.php
+++ b/mod/profile.php
@@ -2,6 +2,9 @@
function profile_init(&$a) {
+ if((get_config('system','block_public')) && (! local_user()) && (! remote_user()))
+ return;
+
if($a->argc > 1)
$which = $a->argv[1];
else {
@@ -48,6 +51,12 @@ function profile_init(&$a) {
function profile_content(&$a, $update = 0) {
+ if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
+ return login();
+ }
+
+
+
require_once("include/bbcode.php");
require_once('include/security.php');
require_once('include/conversation.php');
diff --git a/mod/profile_photo.php b/mod/profile_photo.php
index fe4da3baf..e9008ab29 100644
--- a/mod/profile_photo.php
+++ b/mod/profile_photo.php
@@ -134,6 +134,11 @@ function profile_photo_content(&$a) {
return;
}
+ $newuser = false;
+
+ if($a->argc == 2 && $a->argv[1] === 'new')
+ $newuser = true;
+
if( $a->argv[1]=='use'){
if ($a->argc<3){
notice( t('Permission denied.') . EOL );
@@ -188,7 +193,7 @@ function profile_photo_content(&$a) {
'$lbl_upfile' => t('Upload File:'),
'$title' => t('Upload Profile Photo'),
'$submit' => t('Upload'),
- '$select' => sprintf('%s %s', t('or'), '<a href="'. $a->get_baseurl() . '/photos/' . $a->user['nickname'] . '">' . t('select a photo from your photo albums') . '</a>')
+ '$select' => sprintf('%s %s', t('or'), ($newuser) ? '<a href="' . $a->get_baseurl() . '">' . t('skip this step') . '</a>' : '<a href="'. $a->get_baseurl() . '/photos/' . $a->user['nickname'] . '">' . t('select a photo from your photo albums') . '</a>')
));
return $o;
diff --git a/mod/search.php b/mod/search.php
index 793a8c2bb..33032e183 100644
--- a/mod/search.php
+++ b/mod/search.php
@@ -9,6 +9,11 @@ function search_post(&$a) {
function search_content(&$a) {
+ if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
+ notice( t('Public access denied.') . EOL);
+ return;
+ }
+
require_once("include/bbcode.php");
require_once('include/security.php');
require_once('include/conversation.php');
diff --git a/mod/settings.php b/mod/settings.php
index 95b622c4e..66b66d22d 100644
--- a/mod/settings.php
+++ b/mod/settings.php
@@ -95,9 +95,9 @@ function settings_post(&$a) {
}
if(strlen($mail_pass)) {
$pass = '';
- openssl(private_encrypt($mail_pass,$pass,$a->user['pubkey']));
+ openssl_public_encrypt($mail_pass,$pass,$a->user['pubkey']);
q("UPDATE `mailacct` SET `pass` = '%s' WHERE `uid` = %d LIMIT 1",
- dbesc(hex2bin($pass)),
+ dbesc(bin2hex($pass)),
intval(local_user())
);
}
diff --git a/mod/viewcontacts.php b/mod/viewcontacts.php
index 063637bf9..c970db33a 100644
--- a/mod/viewcontacts.php
+++ b/mod/viewcontacts.php
@@ -2,13 +2,21 @@
function viewcontacts_init(&$a) {
- profile_load($a,$a->argv[1]);
+ if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
+ return;
+ }
+ profile_load($a,$a->argv[1]);
}
function viewcontacts_content(&$a) {
+ if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
+ notice( t('Public access denied.') . EOL);
+ return;
+ }
+
if(((! count($a->profile)) || ($a->profile['hide-friends']))) {
notice( t('Permission denied.') . EOL);
return;
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-14 12:01:41 +0000