diff options
Diffstat (limited to 'mod')
46 files changed, 1113 insertions, 331 deletions
diff --git a/mod/acl.php b/mod/acl.php index cb5959a95..f2d2456a6 100644 --- a/mod/acl.php +++ b/mod/acl.php @@ -53,12 +53,13 @@ function acl_init(&$a){ "photo" => "images/default-group-mm.png", "name" => $g['name'], "id" => intval($g['id']), - "uids" => array_map("intval", explode(",",$g['uids'])) + "uids" => array_map("intval", explode(",",$g['uids'])), + "link" => '' ); } - $r = q("SELECT `id`, `name`, `micro`, `network` FROM `contact` + $r = q("SELECT `id`, `name`, `micro`, `network`, `url` FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 AND `notify` != '' $sql_extra ORDER BY `name` ASC ", @@ -70,7 +71,8 @@ function acl_init(&$a){ "photo" => $g['micro'], "name" => $g['name'], "id" => intval($g['id']), - "network" => $g['network'] + "network" => $g['network'], + "link" => $g['url'], ); } diff --git a/mod/admin.php b/mod/admin.php index 7799e64ab..ebef1ccb9 100644 --- a/mod/admin.php +++ b/mod/admin.php @@ -177,6 +177,8 @@ function admin_page_site_post(&$a){ $register_policy = ((x($_POST,'register_policy')) ? intval(trim($_POST['register_policy'])) : 0); + $abandon_days = ((x($_POST,'abandon_days')) ? intval(trim($_POST['abandon_days'])) : 0); + $register_text = ((x($_POST,'register_text')) ? notags(trim($_POST['register_text'])) : ''); $allowed_sites = ((x($_POST,'allowed_sites')) ? notags(trim($_POST['allowed_sites'])) : ''); @@ -215,6 +217,7 @@ function admin_page_site_post(&$a){ set_config('system','maximagesize', $maximagesize); set_config('config','register_policy', $register_policy); + set_config('system','account_abandon_days', $abandon_days); set_config('config','register_text', $register_text); set_config('system','allowed_sites', $allowed_sites); set_config('system','allowed_email', $allowed_email); @@ -314,6 +317,7 @@ function admin_page_site(&$a) { '$register_policy' => array('register_policy', t("Register policy"), $a->config['register_policy'], "", $register_choices), '$register_text' => array('register_text', t("Register text"), htmlentities($a->config['register_text'], ENT_QUOTES), "Will be displayed prominently on the registration page."), + '$abandon_days' => array('abandon_days', t('Accounts abandoned after x days'), get_config('system','account_abandon_days'), t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.')), '$allowed_sites' => array('allowed_sites', t("Allowed friend domains"), get_config('system','allowed_sites'), "Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains"), '$allowed_email' => array('allowed_email', t("Allowed email domains"), get_config('system','allowed_email'), "Comma separated list of domains which are allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains"), '$block_public' => array('block_public', t("Block public"), get_config('system','block_public'), "Check to block public access to all otherwise public personal pages on this site unless you are currently logged in."), @@ -344,7 +348,7 @@ function admin_page_site(&$a) { * Users admin page */ function admin_page_users_post(&$a){ - $pending = ( x(£_POST, 'pending') ? $_POST['pending'] : Array() ); + $pending = ( x($_POST, 'pending') ? $_POST['pending'] : Array() ); $users = ( x($_POST, 'user') ? $_POST['user'] : Array() ); if (x($_POST,'page_users_block')){ @@ -540,7 +544,7 @@ function admin_page_plugins(&$a){ } $admin_form=""; - if (in_array($plugin, $a->plugins_admin)){ + if (is_array($a->plugins_admin) && in_array($plugin, $a->plugins_admin)){ @require_once("addon/$plugin/$plugin.php"); $func = $plugin.'_plugin_admin'; $func($a, $admin_form); @@ -632,7 +636,7 @@ function admin_page_logs(&$a){ $f = get_config('system','logfile'); $size = filesize($f); - if($size > 5000000) + if($size > 5000000 || $size < 0) $size = 5000000; $data = ''; diff --git a/mod/apps.php b/mod/apps.php index 7a0a3f59e..8049b45fb 100644 --- a/mod/apps.php +++ b/mod/apps.php @@ -1,15 +1,18 @@ <?php - function apps_content(&$a) { + $title = t('Applications'); - $o .= '<h3>' . t('Applications') . '</h3>'; - - if($a->apps) - $o .= $a->apps; - else + if(count($a->apps)==0) notice( t('No installed applications.') . EOL); - return $o; -}
\ No newline at end of file + $tpl = get_markup_template("apps.tpl"); + return replace_macros($tpl, array( + '$title' => $title, + '$apps' => $a->apps, + )); + + + +} diff --git a/mod/community.php b/mod/community.php index cf43598b5..cb255029f 100644 --- a/mod/community.php +++ b/mod/community.php @@ -25,7 +25,7 @@ function community_content(&$a, $update = 0) { $o .= '<h3>' . t('Community') . '</h3>'; if(! $update) { - $o .= '<script> $(document).ready(function() { $(\'#nav-community-link\').addClass(\'nav-selected\'); });</script>'; + nav_set_selected('community'); $o .= '<div id="live-community"></div>' . "\r\n"; $o .= "<script> var profile_uid = -1; var netargs = '/?f='; var profile_page = " . $a->pager['page'] . "; </script>\r\n"; } diff --git a/mod/contacts.php b/mod/contacts.php index 4d9385026..ea429d39f 100644 --- a/mod/contacts.php +++ b/mod/contacts.php @@ -23,8 +23,6 @@ function contacts_init(&$a) { $a->page['aside'] = ''; $a->page['aside'] .= group_side('contacts','group',false,0,$contact_id); - $inv = '<div class="side-link" id="side-invite-link" ><a href="invite" >' . t("Invite Friends") . '</a></div>'; - if(get_config('system','invitation_only')) { $x = get_pconfig(local_user(),'system','invites_remaining'); if($x || is_site_admin()) { @@ -33,21 +31,26 @@ function contacts_init(&$a) { . '</div>' . $inv; } } - elseif($a->config['register_policy'] != REGISTER_CLOSED) - $a->page['aside'] .= $inv; - - - $a->page['aside'] .= '<div class="side-link" id="side-match-link"><a href="match" >' - . t('Find People With Shared Interests') . '</a></div>'; $tpl = get_markup_template('follow.tpl'); + + $findSimilarLink = '<div class="side-link" id="side-match-link"><a href="match" >' + . t('Similar Interests') . '</a></div>'; + + $inv = ''; + if($a->config['register_policy'] != REGISTER_CLOSED) { + $inv = '<div class="side-link" id="side-invite-link" ><a href="invite" >' . t("Invite Friends") . '</a></div>'; + } + $a->page['aside'] .= replace_macros($tpl,array( '$label' => t('Connect/Follow'), '$hint' => t('Example: bob@example.com, http://example.com/barbara'), - '$follow' => t('Follow') + '$follow' => t('Follow'), + '$findSimilar' => $findSimilarLink, + '$inviteFriends' => $inv )); - + } @@ -87,25 +90,15 @@ function contacts_post(&$a) { $priority = intval($_POST['poll']); - if($priority == (-1)) - if($priority > 5 || $priority < 0) $priority = 0; - $rating = intval($_POST['reputation']); - if($rating > 5 || $rating < 0) - $rating = 0; - - $reason = notags(trim($_POST['reason'])); - $info = escape_tags(trim($_POST['info'])); - $r = q("UPDATE `contact` SET `profile-id` = %d, `priority` = %d , `rating` = %d, `reason` = '%s', `info` = '%s' + $r = q("UPDATE `contact` SET `profile-id` = %d, `priority` = %d , `info` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($profile_id), intval($priority), - intval($rating), - dbesc($reason), dbesc($info), intval($contact_id), intval(local_user()) @@ -124,7 +117,7 @@ function contacts_content(&$a) { $sort_type = 0; $o = ''; - $o .= '<script> $(document).ready(function() { $(\'#nav-contacts-link\').addClass(\'nav-selected\'); });</script>'; + nav_set_selected('contacts'); $_SESSION['return_url'] = $a->get_baseurl() . '/' . $a->cmd; @@ -277,8 +270,6 @@ function contacts_content(&$a) { $sparkle = ''; } - $grps = ''; - $insecure = '<div id="profile-edit-insecure"><p><img src="images/unlock_icon.gif" alt="' . t('Privacy Unavailable') . '" /> ' . t('Private communications are not available for this contact.') . '</p></div>'; @@ -292,6 +283,9 @@ function contacts_content(&$a) { $lblsuggest = (($r[0]['network'] === NETWORK_DFRN) ? '<div id="contact-suggest-wrapper"><a href="fsuggest/' . $r[0]['id'] . '" id="contact-suggest">' . t('Suggest friends') . '</a></div>' : ''); + $poll_enabled = (($r[0]['network'] !== NETWORK_DIASPORA) ? true : false); + + $nettype = '<div id="contact-edit-nettype">' . sprintf( t('Network type: %s'),network_to_name($r[0]['network'])) . '</div>'; $o .= replace_macros($tpl,array( '$header' => t('Contact Editor'), @@ -310,9 +304,10 @@ function contacts_content(&$a) { '$lblcrepair' => t("Repair contact URL settings \x28WARNING: Advanced\x29"), '$lblrecent' => t('View conversations'), '$lblsuggest' => $lblsuggest, - '$grps' => $grps, '$delete' => t('Delete contact'), - '$poll_interval' => contact_poll_interval($r[0]['priority']), + '$nettype' => $nettype, + '$poll_interval' => contact_poll_interval($r[0]['priority'],(! $poll_enabled)), + '$poll_enabled' => $poll_enabled, '$lastupdtext' => t('Last updated: '), '$updpub' => t('Update public posts: '), '$last_update' => $last_update, @@ -325,9 +320,6 @@ function contacts_content(&$a) { '$info' => $r[0]['info'], '$blocked' => (($r[0]['blocked']) ? '<div id="block-message">' . t('Currently blocked') . '</div>' : ''), '$ignored' => (($r[0]['readonly']) ? '<div id="ignore-message">' . t('Currently ignored') . '</div>' : ''), - '$rating' => contact_reputation($r[0]['rating']), - '$reason' => $r[0]['reason'], - '$groups' => '', // group_selector(), '$photo' => $r[0]['photo'], '$name' => $r[0]['name'], '$dir_icon' => $dir_icon, @@ -422,11 +414,12 @@ function contacts_content(&$a) { $o .= replace_macros($tpl, array( '$img_hover' => sprintf( t('Visit %s\'s profile [%s]'),$rr['name'],$rr['url']), '$edit_hover' => t('Edit contact'), + '$contact_photo_menu' => contact_photo_menu($rr), '$id' => $rr['id'], '$alt_text' => $alt_text, '$dir_icon' => $dir_icon, '$thumb' => $rr['thumb'], - '$name' => substr($rr['name'],0,20), + '$name' => $rr['name'], '$username' => $rr['name'], '$sparkle' => $sparkle, '$url' => $url diff --git a/mod/crepair.php b/mod/crepair.php index 4babd6bf7..afa45e881 100644 --- a/mod/crepair.php +++ b/mod/crepair.php @@ -18,15 +18,16 @@ function crepair_post(&$a) { $contact = $r[0]; - $nick = ((x($_POST,'nick')) ? $_POST['nick'] : null); - $url = ((x($_POST,'url')) ? $_POST['url'] : null); - $request = ((x($_POST,'request')) ? $_POST['request'] : null); - $confirm = ((x($_POST,'confirm')) ? $_POST['confirm'] : null); - $notify = ((x($_POST,'notify')) ? $_POST['notify'] : null); - $poll = ((x($_POST,'poll')) ? $_POST['poll'] : null); + $nick = ((x($_POST,'nick')) ? $_POST['nick'] : ''); + $url = ((x($_POST,'url')) ? $_POST['url'] : ''); + $request = ((x($_POST,'request')) ? $_POST['request'] : ''); + $confirm = ((x($_POST,'confirm')) ? $_POST['confirm'] : ''); + $notify = ((x($_POST,'notify')) ? $_POST['notify'] : ''); + $poll = ((x($_POST,'poll')) ? $_POST['poll'] : ''); + $attag = ((x($_POST,'attag')) ? $_POST['attag'] : ''); - $r = q("UPDATE `contact` SET `nick` = '%s', `url` = '%s', `request` = '%s', `confirm` = '%s', `notify` = '%s', `poll` = '%s' + $r = q("UPDATE `contact` SET `nick` = '%s', `url` = '%s', `request` = '%s', `confirm` = '%s', `notify` = '%s', `poll` = '%s', `attag` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1", dbesc($nick), dbesc($url), @@ -34,6 +35,7 @@ function crepair_post(&$a) { dbesc($confirm), dbesc($notify), dbesc($poll), + dbesc($attag), intval($contact['id']), local_user() ); @@ -84,6 +86,7 @@ function crepair_content(&$a) { $o .= replace_macros($tpl, array( '$label_name' => t('Name'), '$label_nick' => t('Account Nickname'), + '$label_attag' => t('@Tagname - overrides Name/Nickname'), '$label_url' => t('Account URL'), '$label_request' => t('Friend Request URL'), '$label_confirm' => t('Friend Confirm URL'), @@ -97,6 +100,7 @@ function crepair_content(&$a) { '$confirm' => $contact['confirm'], '$notify' => $contact['notify'], '$poll' => $contact['poll'], + '$contact_attag' => $contact['attag'], '$lbl_submit' => t('Submit') )); diff --git a/mod/dfrn_confirm.php b/mod/dfrn_confirm.php index 4dacb5d81..180e8ff31 100644 --- a/mod/dfrn_confirm.php +++ b/mod/dfrn_confirm.php @@ -566,7 +566,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { dbesc($newurl), intval($local_uid) ); - if(! count($r)) { + if(! count($ret)) { // this is either a bogus confirmation (?) or we deleted the original introduction. $message = t('Contact record was not found for you on our site.'); xml_status(3,$message); @@ -581,6 +581,11 @@ function dfrn_confirm_post(&$a,$handsfree = null) { $foreign_pubkey = $ret[0]['site-pubkey']; $dfrn_record = $ret[0]['id']; + if(! $foreign_pubkey) { + $message = sprintf( t('Site public key not available in contact record for URL %s.'), $newurl); + xml_status(3,$message); + } + $decrypted_dfrn_id = ""; openssl_public_decrypt($dfrn_id,$decrypted_dfrn_id,$foreign_pubkey); diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php index 84cb2fc16..23bdd7388 100644 --- a/mod/dfrn_notify.php +++ b/mod/dfrn_notify.php @@ -72,7 +72,7 @@ function dfrn_notify_post(&$a) { FROM `contact` LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid` WHERE `contact`.`blocked` = 0 AND `contact`.`pending` = 0 - AND `user`.`nickname` = '%s' $sql_extra LIMIT 1", + AND `user`.`nickname` = '%s' AND `user`.`account_expired` = 0 $sql_extra LIMIT 1", dbesc($a->argv[1]) ); @@ -807,7 +807,7 @@ function dfrn_notify_content(&$a) { intval(time() + 90 ) ); - logger('dfrn_notify: challenge=' . $hash ); + logger('dfrn_notify: challenge=' . $hash, LOGGER_DEBUG ); $sql_extra = ''; switch($direction) { @@ -829,7 +829,8 @@ function dfrn_notify_content(&$a) { } $r = q("SELECT `contact`.*, `user`.`nickname` FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid` - WHERE `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `user`.`nickname` = '%s' $sql_extra LIMIT 1", + WHERE `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `user`.`nickname` = '%s' + AND `user`.`account_expired` = 0 $sql_extra LIMIT 1", dbesc($a->argv[1]) ); @@ -840,14 +841,20 @@ function dfrn_notify_content(&$a) { $encrypted_id = ''; $id_str = $my_id . '.' . mt_rand(1000,9999); - if((($r[0]['duplex']) && strlen($r[0]['prvkey'])) || (! strlen($r[0]['pubkey']))) { - openssl_private_encrypt($hash,$challenge,$r[0]['prvkey']); - openssl_private_encrypt($id_str,$encrypted_id,$r[0]['prvkey']); + $prv_key = trim($r[0]['prvkey']); + $pub_key = trim($r[0]['pubkey']); + $dplx = intval($r[0]['duplex']); + + if((($dplx) && (strlen($prv_key))) || ((strlen($prv_key)) && (!(strlen($pub_key))))) { + openssl_private_encrypt($hash,$challenge,$prv_key); + openssl_private_encrypt($id_str,$encrypted_id,$prv_key); } - else { - openssl_public_encrypt($hash,$challenge,$r[0]['pubkey']); - openssl_public_encrypt($id_str,$encrypted_id,$r[0]['pubkey']); + elseif(strlen($pub_key)) { + openssl_public_encrypt($hash,$challenge,$pub_key); + openssl_public_encrypt($id_str,$encrypted_id,$pub_key); } + else + $status = 1; $challenge = bin2hex($challenge); $encrypted_id = bin2hex($encrypted_id); diff --git a/mod/dfrn_request.php b/mod/dfrn_request.php index 98901e9f5..5d789f480 100644 --- a/mod/dfrn_request.php +++ b/mod/dfrn_request.php @@ -277,14 +277,15 @@ function dfrn_request_post(&$a) { // Canonicalise email-style profile locator - $url = webfinger_dfrn($url); + $hcard = ''; + $url = webfinger_dfrn($url,$hcard); if(substr($url,0,5) === 'stat:') { - $network = 'stat'; + $network = NETWORK_OSTATUS; $url = substr($url,5); } else { - $network = 'dfrn'; + $network = NETWORK_DFRN; } logger('dfrn_request: url: ' . $url); @@ -342,7 +343,7 @@ function dfrn_request_post(&$a) { require_once('Scrape.php'); - $parms = scrape_dfrn($url); + $parms = scrape_dfrn(($hcard) ? $hcard : $url); if(! count($parms)) { notice( t('Profile location is not valid or does not contain profile information.') . EOL ); @@ -611,6 +612,9 @@ function dfrn_request_content(&$a) { $myaddr = ((x($_GET,'address')) ? $_GET['address'] : ''); } + $target_addr = $a->profile['nickname'] . '@' . substr(z_root(), strpos(z_root(),'://') + 3 ); + + /** * * The auto_request form only has the profile address @@ -624,6 +628,11 @@ function dfrn_request_content(&$a) { else $tpl = get_markup_template('auto_request.tpl'); + $page_desc = sprintf( t('Diaspora members: Please do not use this form. Instead, enter "%s" into your Diaspora search bar.'), + $target_addr) . EOL . EOL; + + $page_desc .= t("Please enter your 'Identity Address' from one of the following supported social networks:"); + $o .= replace_macros($tpl,array( '$header' => t('Friend/Connection Request'), '$desc' => t('Examples: jojo@demo.friendika.com, http://demo.friendika.com/profile/jojo, testuser@identi.ca'), @@ -632,11 +641,11 @@ function dfrn_request_content(&$a) { '$yes' => t('Yes'), '$no' => t('No'), '$add_note' => t('Add a personal note:'), - '$page_desc' => t("Please enter your 'Identity Address' from one of the following supported social networks:"), + '$page_desc' => $page_desc, '$friendika' => t('Friendika'), '$statusnet' => t('StatusNet/Federated Social Web'), - '$private_net' => t("Private \x28secure\x29 network"), - '$public_net' => t("Public \x28insecure\x29 network"), + '$diaspora' => t('Diaspora'), + '$diasnote' => t('- please share from your own site as noted above'), '$your_address' => t('Your Identity Address:'), '$submit' => t('Submit Request'), '$cancel' => t('Cancel'), diff --git a/mod/directory.php b/mod/directory.php index 0c60f04bf..93abcd5de 100644 --- a/mod/directory.php +++ b/mod/directory.php @@ -22,7 +22,7 @@ function directory_content(&$a) { } $o = ''; - $o .= '<script> $(document).ready(function() { $(\'#nav-directory-link\').addClass(\'nav-selected\'); });</script>'; + nav_set_selected('directory'); if(x($_SESSION,'theme')) unset($_SESSION['theme']); diff --git a/mod/display.php b/mod/display.php index 52a84e755..281ce1dd4 100644 --- a/mod/display.php +++ b/mod/display.php @@ -114,8 +114,6 @@ function display_content(&$a) { } - $o .= cc_license(); - return $o; } diff --git a/mod/editpost.php b/mod/editpost.php index c396ee44b..bceb9250a 100644 --- a/mod/editpost.php +++ b/mod/editpost.php @@ -71,7 +71,7 @@ function editpost_content(&$a) { if($mail_enabled) { $selected = (($pubmail_enabled) ? ' checked="checked" ' : ''); - $jotnets .= '<div class="profile-jot-net"><input type="checkbox" name="pubmail_enable"' . $selected . 'value="1" /> ' + $jotnets .= '<div class="profile-jot-net"><input type="checkbox" name="pubmail_enable"' . $selected . ' value="1" /> ' . t("Post to Email") . '</div>'; } diff --git a/mod/events.php b/mod/events.php index 27ca69830..5bc9807ed 100644 --- a/mod/events.php +++ b/mod/events.php @@ -45,13 +45,20 @@ function events_post(&$a) { $finish = datetime_convert('UTC','UTC',$finish); } + // Don't allow the event to finish before it begins. + // It won't hurt anything, but somebody will file a bug report + // and we'll waste a bunch of time responding to it. Time that + // could've been spent doing something else. + + if(strcmp($finish,$start) < 0) + $finish = $start; $desc = escape_tags(trim($_POST['desc'])); $location = escape_tags(trim($_POST['location'])); $type = 'event'; if((! $desc) || (! $start)) { - notice('Event description and start time are required.'); + notice( t('Event description and start time are required.') . EOL); goaway($a->get_baseurl() . '/events/new'); } diff --git a/mod/follow.php b/mod/follow.php index df4d2e630..77c8ae18f 100644 --- a/mod/follow.php +++ b/mod/follow.php @@ -100,14 +100,15 @@ function follow_post(&$a) { $new_relation = CONTACT_IS_FOLLOWER; // create contact record - $r = q("INSERT INTO `contact` ( `uid`, `created`, `url`, `addr`, `alias`, `notify`, `poll`, `name`, `nick`, `photo`, `network`, `pubkey`, `rel`, `priority`, + $r = q("INSERT INTO `contact` ( `uid`, `created`, `url`, `addr`, `alias`, `batch`, `notify`, `poll`, `name`, `nick`, `photo`, `network`, `pubkey`, `rel`, `priority`, `writable`, `blocked`, `readonly`, `pending` ) - VALUES ( %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, 0, 0, 0 ) ", + VALUES ( %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, 0, 0, 0 ) ", intval(local_user()), dbesc(datetime_convert()), dbesc($ret['url']), dbesc($ret['addr']), dbesc($ret['alias']), + dbesc($ret['batch']), dbesc($ret['notify']), dbesc($ret['poll']), dbesc($ret['name']), diff --git a/mod/friendika.php b/mod/friendika.php index d0e709c75..b12110bd5 100644 --- a/mod/friendika.php +++ b/mod/friendika.php @@ -21,6 +21,7 @@ function friendika_init(&$a) { 'register_policy' => $register_policy[$a->config['register_policy']], 'admin' => $admin, 'site_name' => $a->config['sitename'], + 'platform' => FRIENDIKA_PLATFORM, 'info' => ((x($a->config,'info')) ? $a->config['info'] : '') ); @@ -42,8 +43,6 @@ function friendika_content(&$a) { $o .= t('This is Friendika version') . ' ' . FRIENDIKA_VERSION . ' '; $o .= t('running at web location') . ' ' . z_root() . '</p><p>'; - $o .= t('Shared content within the Friendika network is provided under the <a href="http://creativecommons.org/licenses/by/3.0/">Creative Commons Attribution 3.0 license</a>') . '</p><p>'; - $o .= t('Please visit <a href="http://project.friendika.com">Project.Friendika.com</a> to learn more about the Friendika project.') . '</p><p>'; $o .= t('Bug reports and issues: please visit') . ' ' . '<a href="http://bugs.friendika.com">Bugs.Friendika.com</a></p><p>'; diff --git a/mod/group.php b/mod/group.php index 981796f67..ca163902c 100644 --- a/mod/group.php +++ b/mod/group.php @@ -176,8 +176,8 @@ function group_content(&$a) { if($change) $o = ''; - $o .= '<div id="group-members">'; $o .= '<h3>' . t('Members') . '</h3>'; + $o .= '<div id="group-members">'; $textmode = (($switchtotext && (count($members) > $switchtotext)) ? true : false); foreach($members as $member) { if($member['url']) { @@ -190,9 +190,10 @@ function group_content(&$a) { $o .= '</div><div id="group-members-end"></div>'; $o .= '<hr id="group-separator" />'; + + $o .= '<h3>' . t('All Contacts') . '</h3>'; $o .= '<div id="group-all-contacts">'; - $o .= '<h3>' . t('All Contacts') . '</h3>'; $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `blocked` = 0 and `pending` = 0 and `self` = 0 ORDER BY `name` ASC", intval(local_user()) ); diff --git a/mod/help.php b/mod/help.php index 495b4ccc2..af05bd47c 100644 --- a/mod/help.php +++ b/mod/help.php @@ -17,6 +17,7 @@ function load_doc_file($s) { function help_content(&$a) { + nav_set_selected('help'); global $lang; @@ -35,10 +36,12 @@ function help_content(&$a) { if(! strlen($text)) { header($_SERVER["SERVER_PROTOCOL"] . ' 404 ' . t('Not Found')); - notice( t('Page not found.' ) . EOL); - return; + $tpl = get_markup_template("404.tpl"); + return replace_macros($tpl, array( + '$message' => t('Page not found.' ) + )); } return Markdown($text); -}
\ No newline at end of file +} diff --git a/mod/hostxrd.php b/mod/hostxrd.php index c7861d26d..fe61a874c 100644 --- a/mod/hostxrd.php +++ b/mod/hostxrd.php @@ -1,10 +1,38 @@ <?php +require_once('include/crypto.php'); + function hostxrd_init(&$a) { header('Access-Control-Allow-Origin: *'); header("Content-type: text/xml"); + $pubkey = get_config('system','site_pubkey'); + + if(! $pubkey) { + + // should only have to ever do this once. + + $res=openssl_pkey_new(array( + 'digest_alg' => 'sha1', + 'private_key_bits' => 4096, + 'encrypt_key' => false )); + + + $prvkey = ''; + + openssl_pkey_export($res, $prvkey); + + // Get public key + + $pkey = openssl_pkey_get_details($res); + $pubkey = $pkey["key"]; + + set_config('system','site_prvkey', $prvkey); + set_config('system','site_pubkey', $pubkey); + } + $tpl = file_get_contents('view/xrd_host.tpl'); - echo str_replace(array('$zroot','$domain'),array(z_root(),z_path()),$tpl); + echo str_replace(array( + '$zhost','$zroot','$domain','$zot_post','$bigkey'),array($a->get_hostname(),z_root(),z_path(),z_root() . '/post', salmon_key(get_config('system','site_pubkey'))),$tpl); session_write_close(); exit(); diff --git a/mod/item.php b/mod/item.php index ef0b232d5..b8c0683aa 100644 --- a/mod/item.php +++ b/mod/item.php @@ -15,6 +15,8 @@ * */ +require_once('include/crypto.php'); + function item_post(&$a) { if((! local_user()) && (! remote_user())) @@ -36,6 +38,7 @@ function item_post(&$a) { call_hooks('post_local_start', $_POST); $api_source = ((x($_POST,'api_source') && $_POST['api_source']) ? true : false); + $return_path = ((x($_POST,'return')) ? $_POST['return'] : ''); /** * Is this a reply to something? @@ -80,7 +83,7 @@ function item_post(&$a) { if(($r === false) || (! count($r))) { notice( t('Unable to locate original post.') . EOL); if(x($_POST,'return')) - goaway($a->get_baseurl() . "/" . $_POST['return'] ); + goaway($a->get_baseurl() . "/" . $return_path ); killme(); } $parent_item = $r[0]; @@ -109,7 +112,7 @@ function item_post(&$a) { if(! can_write_wall($a,$profile_uid)) { notice( t('Permission denied.') . EOL) ; if(x($_POST,'return')) - goaway($a->get_baseurl() . "/" . $_POST['return'] ); + goaway($a->get_baseurl() . "/" . $return_path ); killme(); } @@ -195,7 +198,7 @@ function item_post(&$a) { if(! strlen($body)) { info( t('Empty post discarded.') . EOL ); if(x($_POST,'return')) - goaway($a->get_baseurl() . "/" . $_POST['return'] ); + goaway($a->get_baseurl() . "/" . $return_path ); killme(); } } @@ -330,11 +333,20 @@ function item_post(&$a) { } } + // embedded bookmark in post? convert to regular url and set bookmark flag + + $bookmark = 0; + if(preg_match_all("/\[bookmark\=([^\]]*)\](.*?)\[\/bookmark\]/ism",$body,$match)) { + $bookmark = 1; + $body = preg_replace("/\[bookmark\=([^\]]*)\](.*?)\[\/bookmark\]/ism",'[url=$1]$2[/url]',$body); + } + + /** * Fold multi-line [code] sequences */ - $body = preg_replace('/\[\/code\]\s*\[code\]/m',"\n",$body); + $body = preg_replace('/\[\/code\]\s*\[code\]/ism',"\n",$body); /** * Look for any tags and linkify them @@ -351,7 +363,7 @@ function item_post(&$a) { * and we are replying, and there isn't one already */ - if(($parent_contact) && ($parent_contact['network'] === 'stat') + if(($parent_contact) && ($parent_contact['network'] === NETWORK_OSTATUS) && ($parent_contact['nick']) && (! in_array('@' . $parent_contact['nick'],$tags))) { $body = '@' . $parent_contact['nick'] . ' ' . $body; $tags[] = '@' . $parent_contact['nick']; @@ -402,7 +414,8 @@ function item_post(&$a) { ); } else { - $r = q("SELECT * FROM `contact` WHERE `nick` = '%s' AND `uid` = %d LIMIT 1", + $r = q("SELECT * FROM `contact` WHERE `attag` = '%s' OR `nick` = '%s' AND `uid` = %d ORDER BY `attag` DESC LIMIT 1", + dbesc($name), dbesc($name), intval($profile_uid) ); @@ -488,6 +501,7 @@ function item_post(&$a) { $datarray['author-avatar'] = $author['thumb']; $datarray['created'] = datetime_convert(); $datarray['edited'] = datetime_convert(); + $datarray['commented'] = datetime_convert(); $datarray['received'] = datetime_convert(); $datarray['changed'] = datetime_convert(); $datarray['uri'] = $uri; @@ -506,6 +520,7 @@ function item_post(&$a) { $datarray['private'] = $private; $datarray['pubmail'] = $pubmail_enable; $datarray['attach'] = $attachments; + $datarray['bookmark'] = intval($bookmark); $datarray['thr-parent'] = $thr_parent; /** @@ -536,9 +551,9 @@ function item_post(&$a) { ); proc_run('php', "include/notifier.php", 'edit_post', "$post_id"); - if((x($_POST,'return')) && strlen($_POST['return'])) { - logger('return: ' . $_POST['return']); - goaway($a->get_baseurl() . "/" . $_POST['return'] ); + if((x($_POST,'return')) && strlen($return_path)) { + logger('return: ' . $return_path); + goaway($a->get_baseurl() . "/" . $return_path ); } killme(); } @@ -547,9 +562,9 @@ function item_post(&$a) { $r = q("INSERT INTO `item` (`guid`, `uid`,`type`,`wall`,`gravity`,`contact-id`,`owner-name`,`owner-link`,`owner-avatar`, - `author-name`, `author-link`, `author-avatar`, `created`, `edited`, `received`, `changed`, `uri`, `thr-parent`, `title`, `body`, `app`, `location`, `coord`, - `tag`, `inform`, `verb`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid`, `private`, `pubmail`, `attach` ) - VALUES( '%s', %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s' )", + `author-name`, `author-link`, `author-avatar`, `created`, `edited`, `commented`, `received`, `changed`, `uri`, `thr-parent`, `title`, `body`, `app`, `location`, `coord`, + `tag`, `inform`, `verb`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid`, `private`, `pubmail`, `attach`, `bookmark` ) + VALUES( '%s', %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d )", dbesc($datarray['guid']), intval($datarray['uid']), dbesc($datarray['type']), @@ -564,6 +579,7 @@ function item_post(&$a) { dbesc($datarray['author-avatar']), dbesc($datarray['created']), dbesc($datarray['edited']), + dbesc($datarray['commented']), dbesc($datarray['received']), dbesc($datarray['changed']), dbesc($datarray['uri']), @@ -582,7 +598,8 @@ function item_post(&$a) { dbesc($datarray['deny_gid']), intval($datarray['private']), intval($datarray['pubmail']), - dbesc($datarray['attach']) + dbesc($datarray['attach']), + intval($datarray['bookmark']) ); $r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' LIMIT 1", @@ -674,6 +691,27 @@ function item_post(&$a) { pop_lang(); } + + // We won't be able to sign Diaspora comments for authenticated visitors - we don't have their private key + + if($self) { + require_once('include/bb2diaspora.php'); + $signed_body = html_entity_decode(bb2diaspora($datarray['body'])); + $myaddr = $a->user['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3); + if($datarray['verb'] === ACTIVITY_LIKE) + $signed_text = $datarray['guid'] . ';' . 'Post' . ';' . $parent_item['guid'] . ';' . 'true' . ';' . $myaddr; + else + $signed_text = $datarray['guid'] . ';' . $parent_item['guid'] . ';' . $signed_body . ';' . $myaddr; + + $authorsig = base64_encode(rsa_sign($signed_text,$a->user['prvkey'],'sha')); + + q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", + intval($post_id), + dbesc($signed_text), + dbesc(base64_encode($authorsig)), + dbesc($myaddr) + ); + } } else { $parent = $post_id; @@ -741,6 +779,11 @@ function item_post(&$a) { } } + // fallback so that parent always gets set to non-zero. + + if(! $parent) + $parent = $post_id; + $r = q("UPDATE `item` SET `parent` = %d, `parent-uri` = '%s', `plink` = '%s', `changed` = '%s', `last-child` = 1, `visible` = 1 WHERE `id` = %d LIMIT 1", intval($parent), @@ -763,11 +806,17 @@ function item_post(&$a) { else { logger('mod_item: unable to retrieve post that was just stored.'); notify( t('System error. Post not saved.')); - goaway($a->get_baseurl() . "/" . $_POST['return'] ); + goaway($a->get_baseurl() . "/" . $return_path ); // NOTREACHED } - proc_run('php', "include/notifier.php", $notify_type, "$post_id"); + // update the commented timestamp on the parent + + q("UPDATE `item` set `commented` = '%s', `changed` = '%s' WHERE `id` = %d LIMIT 1", + dbesc(datetime_convert()), + dbesc(datetime_convert()), + intval($parent) + ); $datarray['id'] = $post_id; $datarray['plink'] = $a->get_baseurl() . '/display/' . $user['nickname'] . '/' . $post_id; @@ -799,6 +848,17 @@ function item_post(&$a) { } } + // This is a real juggling act on shared hosting services which kill your processes + // e.g. dreamhost. We used to start delivery to our native delivery agents in the background + // and then run our plugin delivery from the foreground. We're now doing plugin delivery first, + // because as soon as you start loading up a bunch of remote delivey processes, *this* page is + // likely to get killed off. If you end up looking at an /item URL and a blank page, + // it's very likely the delivery got killed before all your friends could be notified. + // Currently the only realistic fixes are to use a reliable server - which precludes shared hosting, + // or cut back on plugins which do remote deliveries. + + proc_run('php', "include/notifier.php", $notify_type, "$post_id"); + logger('post_complete'); // figure out how to return, depending on from whence we came @@ -806,10 +866,10 @@ function item_post(&$a) { if($api_source) return; - if((x($_POST,'return')) && strlen($_POST['return'])) { - logger('return: ' . $_POST['return']); - goaway($a->get_baseurl() . "/" . $_POST['return'] ); + if($return_path) { + goaway($a->get_baseurl() . "/" . $return_path); } + $json = array('success' => 1); if(x($_POST,'jsreload') && strlen($_POST['jsreload'])) $json['reload'] = $a->get_baseurl() . '/' . $_POST['jsreload']; diff --git a/mod/like.php b/mod/like.php index 287630212..95bedcc20 100644 --- a/mod/like.php +++ b/mod/like.php @@ -55,6 +55,22 @@ function like_content(&$a) { return; } + $remote_owner = null; + + if(! $item['wall']) { + // The top level post may have been written by somebody on another system + $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", + intval($item['contact-id']), + intval($item['uid']) + ); + if(! count($r)) + return; + if(! $r[0]['self']) + $remote_owner = $r[0]; + } + + // this represents the post owner on this system. + $r = q("SELECT `contact`.*, `user`.`nickname` FROM `contact` LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid` WHERE `contact`.`self` = 1 AND `contact`.`uid` = %d LIMIT 1", intval($owner_uid) @@ -67,6 +83,11 @@ function like_content(&$a) { return; } + if(! $remote_owner) + $remote_owner = $owner; + + + // This represents the person posting if((local_user()) && (local_user() == $owner_uid)) { $contact = $owner; @@ -137,9 +158,9 @@ EOT; $arr['gravity'] = GRAVITY_LIKE; $arr['parent'] = $item['id']; $arr['parent-uri'] = $item['uri']; - $arr['owner-name'] = $owner['name']; - $arr['owner-link'] = $owner['url']; - $arr['owner-avatar'] = $owner['thumb']; + $arr['owner-name'] = $remote_owner['name']; + $arr['owner-link'] = $remote_owner['url']; + $arr['owner-avatar'] = $remote_owner['thumb']; $arr['author-name'] = $contact['name']; $arr['author-link'] = $contact['url']; $arr['author-avatar'] = $contact['thumb']; diff --git a/mod/localtime.php b/mod/localtime.php new file mode 100644 index 000000000..c03eae1b0 --- /dev/null +++ b/mod/localtime.php @@ -0,0 +1,49 @@ +<?php + +require_once('include/datetime.php'); + + +function localtime_post(&$a) { + + $t = $_REQUEST['time']; + if(! $t) + $t = 'now'; + + $bd_format = t('l F d, Y \@ g:i A') ; // Friday January 18, 2011 @ 8 AM + + if($_POST['timezone']) + $a->data['mod-localtime'] = datetime_convert('UTC',$_POST['timezone'],$t,$bd_format); + +} + +function localtime_content(&$a) { + $t = $_REQUEST['time']; + if(! $t) + $t = 'now'; + + $o .= '<h3>' . t('Time Conversion') . '</h3>'; + + $o .= '<p>' . t('Friendika provides this service for sharing events with other networks and friends in unknown timezones.') . '</p>'; + + + + $o .= '<p>' . sprintf( t('UTC time: %s'), $t) . '</p>'; + + if($_REQUEST['timezone']) + $o .= '<p>' . sprintf( t('Current timezone: %s'), $_REQUEST['timezone']) . '</p>'; + + if(x($a->data,'mod-localtime')) + $o .= '<p>' . sprintf( t('Converted localtime: %s'),$a->data['mod-localtime']) . '</p>'; + + + $o .= '<form action ="' . $a->get_baseurl() . '/localtime?f=&time=' . $t . '" method="post" >'; + + $o .= '<p>' . t('Please select your timezone:') . '</p>'; + + $o .= select_timezone(($_REQUEST['timezone']) ? $_REQUEST['timezone'] : 'America/Los_Angeles'); + + $o .= '<input type="submit" name="submit" value="' . t('Submit') . '" /></form>'; + + return $o; + +}
\ No newline at end of file diff --git a/mod/match.php b/mod/match.php index 5dd80fe3e..eea2dad4f 100644 --- a/mod/match.php +++ b/mod/match.php @@ -22,6 +22,7 @@ function match_content(&$a) { $params = array(); $tags = trim($r[0]['pub_keywords'] . ' ' . $r[0]['prv_keywords']); + if($tags) { $params['s'] = $tags; if($a->pager['page'] != 1) @@ -40,15 +41,17 @@ function match_content(&$a) { } if(count($j->results)) { + + $tpl = get_markup_template('match.tpl'); foreach($j->results as $jj) { - - $o .= '<div class="profile-match-wrapper"><div class="profile-match-photo">'; - $o .= '<a href="' . $jj->url . '">' . '<img src="' . $jj->photo . '" alt="' . $jj->name . '" title="' . $jj->name . '[' . $jj->tags . ']' . '" /></a></div>'; - $o .= '<div class="profile-match-break"></div>'; - $o .= '<div class="profile-match-name"><a href="' . $jj->url . '" title="' . $jj->name . '[' . $jj->url .']' . '">' . $jj->name . '</a></div>'; - $o .= '<div class="profile-match-end"></div></div>'; + + $o .= replace_macros($tpl,array( + '$url' => $jj->url, + '$name' => $jj->name, + '$photo' => $jj->photo, + '$tags' => $jj->tags + )); } - $o .= '<div id="profile-match-wrapper-end"></div>'; } else { info( t('No matches') . EOL); diff --git a/mod/message.php b/mod/message.php index 165d63814..d4772d026 100644 --- a/mod/message.php +++ b/mod/message.php @@ -36,7 +36,7 @@ function message_post(&$a) { function message_content(&$a) { $o = ''; - $o .= '<script> $(document).ready(function() { $(\'#nav-messages-link\').addClass(\'nav-selected\'); });</script>'; + nav_set_selected('messages'); if(! local_user()) { notice( t('Permission denied.') . EOL); @@ -45,13 +45,21 @@ function message_content(&$a) { $myprofile = $a->get_baseurl() . '/profile/' . $a->user['nickname']; - + if (($a->argc > 1) && ($a->argv[1] === 'new')) { + $tab = 'new'; + } else if ($a->argc == 2 && $a->argv[1] === 'sent') { + $tab = 'sent'; + } else { + $tab = 'inbox'; + } + $tpl = get_markup_template('mail_head.tpl'); $header = replace_macros($tpl, array( '$messages' => t('Messages'), '$inbox' => t('Inbox'), '$outbox' => t('Outbox'), - '$new' => t('New Message') + '$new' => t('New Message'), + '$activetab' => $tab )); @@ -90,6 +98,8 @@ function message_content(&$a) { if(($a->argc > 1) && ($a->argv[1] === 'new')) { + $o .= $header; + $tpl = get_markup_template('msg-header.tpl'); $a->page['htmlhead'] .= replace_macros($tpl, array( @@ -114,7 +124,6 @@ function message_content(&$a) { '$upload' => t('Upload photo'), '$insert' => t('Insert web link'), '$wait' => t('Please wait') - )); return $o; @@ -159,10 +168,10 @@ function message_content(&$a) { '$from_url' => $a->get_baseurl() . '/redir/' . $rr['contact-id'], '$sparkle' => ' sparkle', '$from_photo' => $rr['thumb'], - '$subject' => (($rr['mailseen']) ? $rr['title'] : '<strong>' . $rr['title'] . '</strong>'), + '$subject' => template_escape((($rr['mailseen']) ? $rr['title'] : '<strong>' . $rr['title'] . '</strong>')), '$delete' => t('Delete conversation'), - '$body' => $rr['body'], - '$to_name' => $rr['name'], + '$body' => template_escape($rr['body']), + '$to_name' => template_escape($rr['name']), '$date' => datetime_convert('UTC',date_default_timezone_get(),$rr['mailcreated'], t('D, d M Y - g:i A')) )); } @@ -221,14 +230,14 @@ function message_content(&$a) { } $o .= replace_macros($tpl, array( '$id' => $message['id'], - '$from_name' =>$message['from-name'], + '$from_name' => template_escape($message['from-name']), '$from_url' => $from_url, '$sparkle' => $sparkle, '$from_photo' => $message['from-photo'], - '$subject' => $message['title'], - '$body' => smilies(bbcode($message['body'])), + '$subject' => template_escape($message['title']), + '$body' => template_escape(smilies(bbcode($message['body']))), '$delete' => t('Delete message'), - '$to_name' => $message['name'], + '$to_name' => template_escape($message['name']), '$date' => datetime_convert('UTC',date_default_timezone_get(),$message['created'],'D, d M Y - g:i A') )); @@ -240,7 +249,7 @@ function message_content(&$a) { '$header' => t('Send Reply'), '$to' => t('To:'), '$subject' => t('Subject:'), - '$subjtxt' => $message['title'], + '$subjtxt' => template_escape($message['title']), '$readonly' => ' readonly="readonly" style="background: #BBBBBB;" ', '$yourmessage' => t('Your message:'), '$select' => $select, @@ -248,7 +257,6 @@ function message_content(&$a) { '$upload' => t('Upload photo'), '$insert' => t('Insert web link'), '$wait' => t('Please wait') - )); return $o; diff --git a/mod/network.php b/mod/network.php index 05b74b50a..371a35402 100644 --- a/mod/network.php +++ b/mod/network.php @@ -14,41 +14,137 @@ function network_init(&$a) { $a->page['aside'] = ''; $search = ((x($_GET,'search')) ? escape_tags($_GET['search']) : ''); - $srchurl = '/network' . ((x($_GET,'cid')) ? '?cid=' . $_GET['cid'] : '') . ((x($_GET,'star')) ? '?star=' . $_GET['star'] : ''); + // We need a better way of managing a growing argument list - $a->page['aside'] .= search($search,'netsearch-box',$srchurl); + // moved into savedsearches() + // $srchurl = '/network' + // . ((x($_GET,'cid')) ? '?cid=' . $_GET['cid'] : '') + // . ((x($_GET,'star')) ? '?star=' . $_GET['star'] : '') + // . ((x($_GET,'bmark')) ? '?bmark=' . $_GET['bmark'] : ''); + + if(x($_GET,'save')) { + $r = q("select * from `search` where `uid` = %d and `term` = '%s' limit 1", + intval(local_user()), + dbesc($search) + ); + if(! count($r)) { + q("insert into `search` ( `uid`,`term` ) values ( %d, '%s') ", + intval(local_user()), + dbesc($search) + ); + } + } + if(x($_GET,'remove')) { + q("delete from `search` where `uid` = %d and `term` = '%s' limit 1", + intval(local_user()), + dbesc($search) + ); + } - $a->page['aside'] .= '<div id="network-new-link">'; + // item filter tabs + // TODO: fix this logic, reduce duplication + $a->page['content'] .= '<div class="tabs-wrapper">'; + + $starred_active = ''; + $new_active = ''; + $bookmarked_active = ''; + $all_active = ''; + $search_active = ''; + + if(($a->argc > 1 && $a->argv[1] === 'new') + || ($a->argc > 2 && $a->argv[2] === 'new')) { + $new_active = 'active'; + } + + if(x($_GET,'search')) { + $search_active = 'active'; + } + + if(x($_GET,'star')) { + $starred_active = 'active'; + } + + if($_GET['bmark']) { + $bookmarked_active = 'active'; + } + + if (($new_active == '') + && ($starred_active == '') + && ($bookmarked_active == '') + && ($search_active == '')) { + $all_active = 'active'; + } + + // network links moved to content to match other pages + // all + // added 'button' class for easier styling - not the best place for it, should be moved into the tpl like profile_tabs.tpl + // once there is a network_tabs.tpl or something + $a->page['content'] .= '<a class="button tabs ' . $all_active . '" href="' . $a->get_baseurl() . '/' + . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '?cid=' . $_GET['cid'] : '') . '">' + . t('All') . '</a>'; + + // new + $a->page['content'] .= '<a class="button tabs ' . $new_active . '" href="' . $a->get_baseurl() . '/' + . str_replace('/new', '', $a->cmd) . '/new' + . ((x($_GET,'cid')) ? '/?cid=' . $_GET['cid'] : '') . '">' + . t('New') . '</a>'; + + // starred + $a->page['content'] .= '<a class="button tabs ' . $starred_active . '" href="' . $a->get_baseurl() . '/' + . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '/?cid=' . $_GET['cid'] : '') . '&star=1" >' + . t('Starred') . '</a>'; + + // bookmarks + $a->page['content'] .= '<a class="button tabs ' . $bookmarked_active . '" href="' . $a->get_baseurl() . '/' + . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '/?cid=' . $_GET['cid'] : '') . '&bmark=1" >' + . t('Bookmarks') . '</a>'; + + $a->page['content'] .= '</div>'; + // --- end item filter tabs + + // search terms header + if(x($_GET,'search')) { + $a->page['content'] .= '<h2>Search Results For: ' . $search . '</h2>'; + } + + $a->page['aside'] .= group_side('network','network',true,$group_id); + + // moved to saved searches to have it in the same div + //$a->page['aside'] .= search($search,'netsearch-box',$srchurl,true); + $a->page['aside'] .= saved_searches($search); - $a->page['aside'] .= '<div id="network-view-link">'; - if(($a->argc > 1 && $a->argv[1] === 'new') || ($a->argc > 2 && $a->argv[2] === 'new') || x($_GET,'search')) - $a->page['aside'] .= '<a href="' . $a->get_baseurl() . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '?cid=' . $_GET['cid'] : '') . '">' . t('View Conversations') . '</a></div>'; - else { - $a->page['aside'] .= '<a href="' . $a->get_baseurl() . '/' . $a->cmd . '/new' . ((x($_GET,'cid')) ? '/?cid=' . $_GET['cid'] : '') . '">' . t('View New Items') . '</a></div>'; +} - if(x($_GET,'star')) - $a->page['aside'] .= '<div id="network-star-link">' - . '<a class="network-star" href="' . $a->get_baseurl() . '/' . $a->cmd - . ((x($_GET,'cid')) ? '/?cid=' . $_GET['cid'] : '') . '">' - . t('View Any Items') . '</a>' - . '<span class="network-star icon starred"></span>' - . '<span class="network-star icon unstarred"></span>' - . '<div class="clear"></div></div>'; - else - $a->page['aside'] .= '<div id="network-star-link">' - . '<a class="network-star" href="' . $a->get_baseurl() . '/' . $a->cmd - . ((x($_GET,'cid')) ? '/?cid=' . $_GET['cid'] : '') . '&star=1" >' - . t('View Starred Items') . '</a>' - . '<span class="network-star icon starred"></span>' - . '<div class="clear"></div></div>'; +function saved_searches($search) { - } + $srchurl = '/network' + . ((x($_GET,'cid')) ? '?cid=' . $_GET['cid'] : '') + . ((x($_GET,'star')) ? '?star=' . $_GET['star'] : '') + . ((x($_GET,'bmark')) ? '?bmark=' . $_GET['bmark'] : ''); + + $o = ''; - $a->page['aside'] .= '</div>'; + $r = q("select `term` from `search` WHERE `uid` = %d", + intval(local_user()) + ); + + $o .= '<div id="saved-search-list" class="widget">'; + $o .= '<h3 id="search">' . t('Saved Searches') . '</h3>' . "\r\n"; + $o .= search($search,'netsearch-box',$srchurl,true); + + if(count($r)) { + $o .= '<ul id="saved-search-ul">' . "\r\n"; + foreach($r as $rr) { + $o .= '<li class="saved-search-li clear"><a href="network/?f=&remove=1&search=' . $rr['term'] . '" class="icon drophide savedsearchdrop" title="' . t('Remove term') . '" onclick="return confirmDelete();" onmouseover="imgbright(this);" onmouseout="imgdull(this);" ></a> <a href="network/?f&search=' . $rr['term'] . '" class="savedsearchterm" >' . $rr['term'] . '</a></li>' . "\r\n"; + } + $o .= '</ul>'; + } + + $o .= '</div>' . "\r\n"; + return $o; - $a->page['aside'] .= group_side('network','network',true,$group_id); } @@ -68,8 +164,12 @@ function network_content(&$a, $update = 0) { $nouveau = false; require_once('include/acl_selectors.php'); - $cid = ((x($_GET['cid'])) ? intval($_GET['cid']) : 0); - $star = ((x($_GET['star'])) ? intval($_GET['star']) : 0); + $cid = ((x($_GET,'cid')) ? intval($_GET['cid']) : 0); + $star = ((x($_GET,'star')) ? intval($_GET['star']) : 0); + $bmark = ((x($_GET,'bmark')) ? intval($_GET['bmark']) : 0); + $order = ((x($_GET,'order')) ? notags($_GET['order']) : 'comment'); + $liked = ((x($_GET,'liked')) ? intval($_GET['liked']) : 0); + if(($a->argc > 2) && $a->argv[2] === 'new') $nouveau = true; @@ -98,7 +198,7 @@ function network_content(&$a, $update = 0) { } } - $o .= '<script> $(document).ready(function() { $(\'#nav-network-link\').addClass(\'nav-selected\'); });</script>'; + nav_set_selected('network'); $_SESSION['return_url'] = $a->cmd; @@ -130,6 +230,9 @@ function network_content(&$a, $update = 0) { . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : '') . ((x($_GET,'search')) ? '&search=' . $_GET['search'] : '') . ((x($_GET,'star')) ? '&star=' . $_GET['star'] : '') + . ((x($_GET,'order')) ? '&order=' . $_GET['order'] : '') + . ((x($_GET,'bmark')) ? '&bmark=' . $_GET['bmark'] : '') + . ((x($_GET,'liked')) ? '&liked=' . $_GET['liked'] : '') . "'; var profile_page = " . $a->pager['page'] . "; </script>\r\n"; } @@ -151,6 +254,9 @@ function network_content(&$a, $update = 0) { $star_sql = (($star) ? " AND `starred` = 1 " : ''); + if($bmark) + $star_sql .= " AND `bookmark` = 1 "; + $sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE `id` = `parent` $star_sql ) "; if($group) { @@ -188,7 +294,7 @@ function network_content(&$a, $update = 0) { if(count($r)) { $sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE `id` = `parent` $star_sql AND `contact-id` IN ( " . intval($cid) . " )) "; $o = '<h2>' . t('Contact: ') . $r[0]['name'] . '</h2>' . $o; - if($r[0]['network'] !== NETWORK_MAIL && $r[0]['network'] !== NETWORK_DFRN && $r[0]['network'] !== NETWORK_FACEBOOK && $r[0]['writable'] && (! get_pconfig(local_user(),'system','nowarn_insecure'))) { + if($r[0]['network'] !== NETWORK_MAIL && $r[0]['network'] !== NETWORK_DFRN && $r[0]['network'] !== NETWORK_FACEBOOK && $r[0]['network'] !== NETWORK_DIASPORA && $r[0]['writable'] && (! get_pconfig(local_user(),'system','nowarn_insecure'))) { notice( t('Private messages to this person are at risk of public disclosure.') . EOL); } @@ -247,7 +353,14 @@ function network_content(&$a, $update = 0) { else { // Normal conversation view - // First fetch a known number of parent items + + + if($order === 'post') + $ordering = "`created`"; + else + $ordering = "`commented`"; + + // Fetch a page full of parent items for this page $r = q("SELECT `item`.`id` AS `item_id`, `contact`.`uid` AS `contact_uid` FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` @@ -255,13 +368,12 @@ function network_content(&$a, $update = 0) { AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `item`.`parent` = `item`.`id` $sql_extra - ORDER BY `item`.`created` DESC LIMIT %d ,%d ", + ORDER BY `item`.$ordering DESC LIMIT %d ,%d ", intval(local_user()), intval($a->pager['start']), intval($a->pager['itemspage']) ); - // Then fetch all the children of the parents that are on this page $parents_arr = array(); @@ -272,21 +384,21 @@ function network_content(&$a, $update = 0) { $parents_arr[] = $rr['item_id']; $parents_str = implode(', ', $parents_arr); - $r = q("SELECT `item`.*, `item`.`id` AS `item_id`, + $r = q("SELECT `item`.*, `item`.`id` AS `item_id`, `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`, `contact`.`writable`, `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`, `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid` - FROM `item`, (SELECT `p`.`id`,`p`.`created` FROM `item` AS `p` WHERE `p`.`parent`=`p`.`id`) as `parentitem`, `contact` + FROM `item`, (SELECT `p`.`id`,`p`.`created`,`p`.`commented` FROM `item` AS `p` WHERE `p`.`parent`=`p`.`id`) as `parentitem`, `contact` WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0 AND `contact`.`id` = `item`.`contact-id` AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `item`.`parent` = `parentitem`.`id` AND `item`.`parent` IN ( %s ) $sql_extra - ORDER BY `parentitem`.`created` DESC, `item`.`gravity` ASC, `item`.`created` ASC ", + ORDER BY `parentitem`.$ordering DESC, `parentitem`.`id` ASC, `item`.`gravity` ASC, `item`.`created` ASC ", intval(local_user()), dbesc($parents_str) ); - } + } } // Set this so that the conversation function can find out contact info for our wall-wall items @@ -298,7 +410,6 @@ function network_content(&$a, $update = 0) { if(! $update) { $o .= paginate($a); - $o .= cc_license(); } return $o; diff --git a/mod/notes.php b/mod/notes.php index 9f1a4662d..369f120a7 100644 --- a/mod/notes.php +++ b/mod/notes.php @@ -14,7 +14,7 @@ function notes_init(&$a) { } -function notes_content(&$a) { +function notes_content(&$a,$update = false) { if(! local_user()) { notice( t('Permission denied.') . EOL); @@ -52,31 +52,37 @@ function notes_content(&$a) { )); - $o .= '<h3>' . t('Personal Notes') . '</h3>'; + if(! $update) { + $o .= '<h3>' . t('Personal Notes') . '</h3>'; - $commpage = false; - $commvisitor = false; + $commpage = false; + $commvisitor = false; - $celeb = false; + $celeb = false; - $x = array( - 'is_owner' => $is_owner, - 'allow_location' => (($a->user['allow_location']) ? true : false), - 'default_location' => $a->user['default-location'], - 'nickname' => $a->user['nickname'], - 'lockstate' => 'lock', - 'acl' => '', - 'bang' => '', - 'visitor' => 'block', - 'profile_uid' => local_user(), - 'button' => t('Save') + $x = array( + 'is_owner' => $is_owner, + 'allow_location' => (($a->user['allow_location']) ? true : false), + 'default_location' => $a->user['default-location'], + 'nickname' => $a->user['nickname'], + 'lockstate' => 'lock', + 'acl' => '', + 'bang' => '', + 'visitor' => 'block', + 'profile_uid' => local_user(), + 'button' => t('Save') - ); + ); - $o .= status_editor($a,$x,$a->contact['id']); + $o .= status_editor($a,$x,$a->contact['id']); + $o .= '<div id="live-notes"></div>' . "\r\n"; + $o .= "<script> var profile_uid = " . local_user() + . "; var netargs = '/?f='; var profile_page = " . $a->pager['page'] . "; </script>\r\n"; + + } // Construct permissions diff --git a/mod/notifications.php b/mod/notifications.php index 8c32ee862..0c35d4cd1 100644 --- a/mod/notifications.php +++ b/mod/notifications.php @@ -64,7 +64,7 @@ function notifications_content(&$a) { } $o = ''; - $o .= '<script> $(document).ready(function() { $(\'#nav-notify-link\').addClass(\'nav-selected\'); });</script>'; + nav_set_selected("notifications"); if(($a->argc > 1) && ($a->argv[1] == 'all')) $sql_extra = ''; diff --git a/mod/oexchange.php b/mod/oexchange.php index 1a990c64f..53dce6446 100644 --- a/mod/oexchange.php +++ b/mod/oexchange.php @@ -28,9 +28,16 @@ function oexchange_content(&$a) { return; } - $url = (((x($_GET,'url')) && strlen($_GET['url'])) ? notags(trim($_GET['url'])) : ''); - - $s = fetch_url($a->get_baseurl() . '/parse_url&url=' . $url); + $url = (((x($_GET,'url')) && strlen($_GET['url'])) + ? urlencode(notags(trim($_GET['url']))) : ''); + $title = (((x($_GET,'title')) && strlen($_GET['title'])) + ? '&title=' . urlencode(notags(trim($_GET['title']))) : ''); + $description = (((x($_GET,'description')) && strlen($_GET['description'])) + ? '&description=' . urlencode(notags(trim($_GET['description']))) : ''); + $tags = (((x($_GET,'tags')) && strlen($_GET['tags'])) + ? '&tags=' . urlencode(notags(trim($_GET['tags']))) : ''); + + $s = fetch_url($a->get_baseurl() . '/parse_url?f=&url=' . $url . $title . $description . $tags); if(! strlen($s)) return; diff --git a/mod/openid.php b/mod/openid.php index 6fbd013b8..b8734f023 100644 --- a/mod/openid.php +++ b/mod/openid.php @@ -55,7 +55,8 @@ function openid_content(&$a) { } - $r = q("SELECT * FROM `user` WHERE `openid` = '%s' AND `blocked` = 0 AND `verified` = 1 LIMIT 1", + $r = q("SELECT `user`.*, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey` + FROM `user` WHERE `openid` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `verified` = 1 LIMIT 1", dbesc($_SESSION['openid']) ); if(! count($r)) { diff --git a/mod/parse_url.php b/mod/parse_url.php index 9bb0bc464..a238ecb2f 100644 --- a/mod/parse_url.php +++ b/mod/parse_url.php @@ -3,17 +3,38 @@ require_once('library/HTML5/Parser.php'); require_once('library/HTMLPurifier.auto.php'); +function arr_add_hashes(&$item,$k) { + $item = '#' . $item; +} + function parse_url_content(&$a) { - logger('parse_url: ' . $_GET['url']); + $text = null; + $str_tags = ''; + + if(x($_GET,'binurl')) + $url = trim(hex2bin($_GET['binurl'])); + else + $url = trim($_GET['url']); - $url = trim(hex2bin($_GET['url'])); + if($_GET['title']) + $title = strip_tags(trim($_GET['title'])); + + if($_GET['description']) + $text = strip_tags(trim($_GET['description'])); + + if($_GET['tags']) { + $arr_tags = str_getcsv($_GET['tags']); + if(count($arr_tags)) { + array_walk($arr_tags,'arr_add_hashes'); + $str_tags = '<br />' . implode(' ',$arr_tags) . '<br />'; + } + } logger('parse_url: ' . $url); - $text = null; - $template = "<br /><a href=\"%s\" >%s</a>%s<br />"; + $template = "<br /><a class=\"bookmark\" href=\"%s\" >%s</a>%s<br />"; $arr = array('url' => $url, 'text' => ''); @@ -25,6 +46,20 @@ function parse_url_content(&$a) { killme(); } + if($url && $title && $text) { + + $text = '<br /><br /><blockquote>' . $text . '</blockquote><br />'; + $title = str_replace(array("\r","\n"),array('',''),$title); + + $result = sprintf($template,$url,($title) ? $title : $url,$text) . $str_tags; + + logger('parse_url (unparsed): returns: ' . $result); + + echo $result; + killme(); + } + + if($url) { $s = fetch_url($url); } else { @@ -35,14 +70,16 @@ function parse_url_content(&$a) { logger('parse_url: data: ' . $s, LOGGER_DATA); if(! $s) { - echo sprintf($template,$url,$url,''); + echo sprintf($template,$url,$url,'') . $str_tags; killme(); } - if(strpos($s,'<title>')) { - $title = substr($s,strpos($s,'<title>')+7,64); - if(strpos($title,'<') !== false) - $title = strip_tags(substr($title,0,strpos($title,'<'))); + if(! $title) { + if(strpos($s,'<title>')) { + $title = substr($s,strpos($s,'<title>')+7,64); + if(strpos($title,'<') !== false) + $title = strip_tags(substr($title,0,strpos($title,'<'))); + } } $config = HTMLPurifier_Config::createDefault(); @@ -56,7 +93,7 @@ function parse_url_content(&$a) { $dom = @HTML5_Parser::parse($s); if(! $dom) { - echo sprintf($template,$url,$url,''); + echo sprintf($template,$url,$url,'') . $str_tags; killme(); } @@ -69,48 +106,51 @@ function parse_url_content(&$a) { } } - $divs = $dom->getElementsByTagName('div'); - if($divs) { - foreach($divs as $div) { - $class = $div->getAttribute('class'); - if($class && (stristr($class,'article') || stristr($class,'content'))) { - $items = $div->getElementsByTagName('p'); - if($items) { - foreach($items as $item) { - $text = $item->textContent; - if(stristr($text,'<script')) { - $text = ''; - continue; - } - $text = strip_tags($text); - if(strlen($text) < 100) { - $text = ''; - continue; + + if(! $text) { + $divs = $dom->getElementsByTagName('div'); + if($divs) { + foreach($divs as $div) { + $class = $div->getAttribute('class'); + if($class && (stristr($class,'article') || stristr($class,'content'))) { + $items = $div->getElementsByTagName('p'); + if($items) { + foreach($items as $item) { + $text = $item->textContent; + if(stristr($text,'<script')) { + $text = ''; + continue; + } + $text = strip_tags($text); + if(strlen($text) < 100) { + $text = ''; + continue; + } + $text = substr($text,0,250) . '...' ; + break; } - $text = substr($text,0,250) . '...' ; - break; } } + if($text) + break; } - if($text) - break; } - } - if(! $text) { - $items = $dom->getElementsByTagName('p'); - if($items) { - foreach($items as $item) { - $text = $item->textContent; - if(stristr($text,'<script')) - continue; - $text = strip_tags($text); - if(strlen($text) < 100) { - $text = ''; - continue; + if(! $text) { + $items = $dom->getElementsByTagName('p'); + if($items) { + foreach($items as $item) { + $text = $item->textContent; + if(stristr($text,'<script')) + continue; + $text = strip_tags($text); + if(strlen($text) < 100) { + $text = ''; + continue; + } + $text = substr($text,0,250) . '...' ; + break; } - $text = substr($text,0,250) . '...' ; - break; } } } @@ -119,6 +159,12 @@ function parse_url_content(&$a) { $text = '<br /><br /><blockquote>' . $text . '</blockquote><br />'; } - echo sprintf($template,$url,($title) ? $title : $url,$text); + $title = str_replace(array("\r","\n"),array('',''),$title); + + $result = sprintf($template,$url,($title) ? $title : $url,$text) . $str_tags; + + logger('parse_url: returns: ' . $result); + + echo $result; killme(); } diff --git a/mod/photo.php b/mod/photo.php index 3994620f8..a5a5a1dc1 100644 --- a/mod/photo.php +++ b/mod/photo.php @@ -128,7 +128,14 @@ function photo_init(&$a) { } } + if(function_exists('header_remove')) { + header_remove('Pragma'); + header_remove('pragma'); + } + header("Content-type: image/jpeg"); + header("Expires: " . gmdate("D, d M Y H:i:s", time() + (3600*24)) . " GMT"); + header("Cache-Control: max-age=" . (3600*24)); echo $data; killme(); // NOTREACHED diff --git a/mod/photos.php b/mod/photos.php index cb13b7603..1321af192 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -33,13 +33,18 @@ function photos_init(&$a) { if(count($albums)) { $a->data['albums'] = $albums; - $o .= '<h4><a href="' . $a->get_baseurl() . '/profile/' . $a->data['user']['nickname'] . '">' . $a->data['user']['username'] . '</a></h4>'; - $o .= '<h4>' . '<a href="' . $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '">' . t('Photo Albums') . '</a></h4>'; - + $o .= '<div class="vcard">'; + $o .= '<div class="fn">' . $a->data['user']['username'] . '</div>'; + $o .= '<div id="profile-photo-wrapper"><img class="photo" style="width: 175px; height: 175px;" src="' . $a->get_baseurl() . '/photo/profile/' . $a->data['user']['uid'] . '.jpg" alt="' . $a->data['user']['username'] . '" /></div>'; + $o .= '</div>'; + + $o .= '<div id="side-bar-photos-albums" class="widget">'; + $o .= '<h3>' . '<a href="' . $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '">' . t('Photo Albums') . '</a></h4>'; + $o .= '<ul>'; foreach($albums as $album) { - // don't show contact photos. We once trasnlated this name, but then you could still access it under + // don't show contact photos. We once translated this name, but then you could still access it under // a different language setting. Now we store the name in English and check in English (and translated for legacy albums). if((! strlen($album['album'])) || ($album['album'] === 'Contact Photos') || ($album['album'] === t('Contact Photos'))) @@ -87,15 +92,11 @@ EOT; function photos_post(&$a) { - logger('mod/photos.php: photos_post(): begin' , 'LOGGER_DEBUG'); + logger('mod-photos: photos_post(): begin' , 'LOGGER_DEBUG'); - foreach($_REQUEST AS $key => $val) { - logger('mod/photos.php: photos_post(): $_REQUEST key: ' . $key . ' val: ' . $val , 'LOGGER_DEBUG'); - } - foreach($_FILES AS $key => $val) { - logger('mod/photos.php: photos_post(): $_FILES key: ' . $key . ' val: ' . $val , 'LOGGER_DEBUG'); - } + logger('mod_photos: REQUEST ' . print_r($_REQUEST,true), LOGGER_DATA); + logger('mod_photos: FILES ' . print_r($_FILES,true), LOGGER_DATA); $can_post = false; $visitor = 0; @@ -414,7 +415,8 @@ function photos_post(&$a) { ); } else { - $r = q("SELECT * FROM `contact` WHERE `nick` = '%s' AND `uid` = %d LIMIT 1", + $r = q("SELECT * FROM `contact` WHERE `attag` = '%s' OR `nick` = '%s' AND `uid` = %d ORDER BY `attag` DESC LIMIT 1", + dbesc($name), dbesc($name), intval($page_owner_uid) ); @@ -579,6 +581,9 @@ function photos_post(&$a) { else $visible = 0; + if(intval($_REQUEST['not_visible'])) + $visible = 0; + $str_group_allow = perms2str(((is_array($_REQUEST['group_allow'])) ? $_REQUEST['group_allow'] : explode(',',$_REQUEST['group_allow']))); $str_contact_allow = perms2str(((is_array($_REQUEST['contact_allow'])) ? $_REQUEST['contact_allow'] : explode(',',$_REQUEST['contact_allow']))); $str_group_deny = perms2str(((is_array($_REQUEST['group_deny'])) ? $_REQUEST['group_deny'] : explode(',',$_REQUEST['group_deny']))); @@ -886,9 +891,10 @@ function photos_content(&$a) { '$nickname' => $a->data['user']['nickname'], '$newalbum' => t('New album name: '), '$existalbumtext' => t('or existing album name: '), - '$albumselect' => $albumselect, + '$nosharetext' => t('Do not show a status post for this upload'), + '$albumselect' => template_escape($albumselect), '$permissions' => t('Permissions'), - '$aclselect' => (($visitor) ? '' : populate_acl($a->user, $celeb)), + '$aclselect' => (($visitor) ? '' : template_escape(populate_acl($a->user, $celeb))), '$uploader' => $ret['addon_text'], '$default' => (($ret['default_upload']) ? $default_upload : ''), '$uploadurl' => $ret['post_url'] @@ -929,7 +935,7 @@ function photos_content(&$a) { $o .= replace_macros($edit_tpl,array( '$nametext' => t('New album name: '), '$nickname' => $a->data['user']['nickname'], - '$album' => $album, + '$album' => template_escape($album), '$hexalbum' => bin2hex($album), '$submit' => t('Submit'), '$dropsubmit' => t('Delete Album') @@ -954,8 +960,8 @@ function photos_content(&$a) { '$photolink' => $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $rr['resource-id'], '$phototitle' => t('View Photo'), '$imgsrc' => $a->get_baseurl() . '/photo/' . $rr['resource-id'] . '-' . $rr['scale'] . '.jpg', - '$imgalt' => $rr['filename'], - '$desc'=> $rr['desc'] + '$imgalt' => template_escape($rr['filename']), + '$desc'=> template_escape($rr['desc']) )); } @@ -981,7 +987,15 @@ function photos_content(&$a) { ); if(! count($ph)) { - notice( t('Photo not available') . EOL ); + $ph = q("SELECT `id` FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' + LIMIT 1", + intval($owner_uid), + dbesc($datum) + ); + if(count($ph)) + notice( t('Permission denied. Access to this item may be restricted.')); + else + notice( t('Photo not available') . EOL ); return; } @@ -1006,8 +1020,9 @@ function photos_content(&$a) { break; } } - $prevlink = $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $prvnxt[$prv]['resource-id'] ; - $nextlink = $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $prvnxt[$nxt]['resource-id'] ; + $edit_suffix = ((($cmd === 'edit') && ($can_post)) ? '/edit' : ''); + $prevlink = $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $prvnxt[$prv]['resource-id'] . $edit_suffix; + $nextlink = $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $prvnxt[$nxt]['resource-id'] . $edit_suffix; } @@ -1030,7 +1045,7 @@ function photos_content(&$a) { if($can_post && ($ph[0]['uid'] == $owner_uid)) { $tools = array( - 'edit' => array($a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $datum . '/edit', t('Edit photo')), + 'edit' => array($a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $datum . (($cmd === 'edit') ? '' : '/edit'), (($cmd === 'edit') ? t('View photo') : t('Edit photo'))), 'profile'=>array($a->get_baseurl() . '/profile_photo/use/'.$ph[0]['resource-id'], t('Use as profile photo')), ); @@ -1129,16 +1144,16 @@ function photos_content(&$a) { $edit_tpl = get_markup_template('photo_edit.tpl'); $edit = replace_macros($edit_tpl, array( '$id' => $ph[0]['id'], - '$album' => $ph[0]['album'], + '$album' => template_escape($ph[0]['album']), '$newalbum' => t('New album name'), '$nickname' => $a->data['user']['nickname'], '$resource_id' => $ph[0]['resource-id'], '$capt_label' => t('Caption'), - '$caption' => $ph[0]['desc'], + '$caption' => template_escape($ph[0]['desc']), '$tag_label' => t('Add a Tag'), '$tags' => $link_item['tag'], '$permissions' => t('Permissions'), - '$aclselect' => populate_acl($ph[0]), + '$aclselect' => template_escape(populate_acl($ph[0])), '$help_tags' => t('Example: @bob, @Barbara_Jensen, @jim@example.com, #California, #camping'), '$item_id' => ((count($linked_items)) ? $link_item['id'] : 0), '$submit' => t('Submit'), @@ -1284,11 +1299,11 @@ function photos_content(&$a) { $comments .= replace_macros($template,array( '$id' => $item['item_id'], '$profile_url' => $profile_link, - '$name' => $profile_name, + '$name' => template_escape($profile_name), '$thumb' => $profile_avatar, '$sparkle' => $sparkle, - '$title' => $item['title'], - '$body' => bbcode($item['body']), + '$title' => template_escape($item['title']), + '$body' => template_escape(bbcode($item['body'])), '$ago' => relative_date($item['created']), '$indent' => (($item['parent'] != $item['item_id']) ? ' comment' : ''), '$drop' => $drop, @@ -1303,18 +1318,18 @@ function photos_content(&$a) { $photo_tpl = get_markup_template('photo_view.tpl'); $o .= replace_macros($photo_tpl, array( '$id' => $ph[0]['id'], - '$album' => array($album_link,$ph[0]['album']), + '$album' => array($album_link,template_escape($ph[0]['album'])), '$tools' => $tools, '$lock' => $lock, '$photo' => $photo, '$prevlink' => $prevlink, '$nextlink' => $nextlink, '$desc' => $ph[0]['desc'], - '$tags' => $tags, + '$tags' => template_escape($tags), '$edit' => $edit, '$likebuttons' => $likebuttons, - '$like' => $like, - '$dislike' => $dislike, + '$like' => template_escape($like), + '$dislike' => template_escape($dislike), '$comments' => $comments, '$paginate' => $paginate, )); @@ -1362,9 +1377,9 @@ function photos_content(&$a) { '$phototitle' => t('View Photo'), '$imgsrc' => $a->get_baseurl() . '/photo/' . $rr['resource-id'] . '-' . ((($rr['scale']) == 6) ? 4 : $rr['scale']) . '.jpg', '$albumlink' => $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/album/' . bin2hex($rr['album']), - '$albumname' => $rr['album'], + '$albumname' => template_escape($rr['album']), '$albumalt' => t('View Album'), - '$imgalt' => $rr['filename'] + '$imgalt' => template_escape($rr['filename']) )); } diff --git a/mod/ping.php b/mod/ping.php index 924f9ff76..544a42e14 100644 --- a/mod/ping.php +++ b/mod/ping.php @@ -1,48 +1,193 @@ <?php - +require_once("include/datetime.php"); function ping_init(&$a) { - if(! local_user()) - xml_status(0); - - $r = q("SELECT COUNT(*) AS `total` FROM `item` - WHERE `unseen` = 1 AND `visible` = 1 AND `deleted` = 0 AND `uid` = %d AND `wall` = 0 ", - intval(local_user()) - ); - $network = $r[0]['total']; - - $r = q("SELECT COUNT(*) AS `total` FROM `item` - WHERE `unseen` = 1 AND `visible` = 1 AND `deleted` = 0 AND `uid` = %d AND `wall` = 1 ", - intval(local_user()) - ); - $home = $r[0]['total']; - - $r = q("SELECT COUNT(*) AS `total` FROM `intro` - WHERE `uid` = %d AND `blocked` = 0 AND `ignore` = 0 ", - intval(local_user()) - ); - $intro = $r[0]['total']; - - $myurl = $a->get_baseurl() . '/profile/' . $a->user['nickname'] ; - $r = q("SELECT COUNT(*) AS `total` FROM `mail` - WHERE `uid` = %d AND `seen` = 0 AND `from-url` != '%s' ", - intval(local_user()), - dbesc($myurl) - ); - $mail = $r[0]['total']; - - if ($a->config['register_policy'] == REGISTER_APPROVE && is_site_admin()){ - $r = q("SELECT COUNT(*) AS `total` FROM `register`"); - $register = $r[0]['total']; - } else { - $register = "0"; + header("Content-type: text/xml"); + echo "<?xml version=\"1.0\" encoding=\"UTF-8\" ?> + <result>"; + + if(local_user()){ + + + $comments = array(); + $likes = array(); + $dislikes = array(); + $friends = array(); + + $r = q("SELECT `item`.`id`,`item`.`parent`, `item`.`verb`, `item`.`author-name`, + `item`.`author-link`, `item`.`author-avatar`, `item`.`created`, `item`.`object`, + `pitem`.`author-name` as `pname`, `pitem`.`author-link` as `plink` + FROM `item` INNER JOIN `item` as `pitem` ON `pitem`.`id`=`item`.`parent` + WHERE `item`.`unseen` = 1 AND `item`.`visible` = 1 AND + `item`.`deleted` = 0 AND `item`.`uid` = %d AND `item`.`wall` = 0", + intval(local_user()) + ); + + $network = count($r); + foreach ($r as $it) { + switch($it['verb']){ + case ACTIVITY_LIKE: + $likes[] = $it; + break; + case ACTIVITY_DISLIKE: + $dislikes[] = $it; + break; + case ACTIVITY_FRIEND: + $xmlhead="<"."?xml version='1.0' encoding='UTF-8' ?".">"; + $obj = parse_xml_string($xmlhead.$it['object']); + $it['fname'] = $obj->title; + $friends[] = $it; + break; + default: + if ($it['parent']!=$it['id']) $comments[] = $it; + } + } + + + $r = q("SELECT `item`.`id`,`item`.`parent`, `item`.`verb`, `item`.`author-name`, + `item`.`author-link`, `item`.`author-avatar`, `item`.`created`, `item`.`object`, + `pitem`.`author-name` as `pname`, `pitem`.`author-link` as `plink` + FROM `item` INNER JOIN `item` as `pitem` ON `pitem`.`id`=`item`.`parent` + WHERE `item`.`unseen` = 1 AND `item`.`visible` = 1 AND + `item`.`deleted` = 0 AND `item`.`uid` = %d AND `item`.`wall` = 1", + intval(local_user()) + ); + $home = count($r); + foreach ($r as $it) { + switch($it['verb']){ + case ACTIVITY_LIKE: + $likes[] = $it; + break; + case ACTIVITY_DISLIKE: + $dislikes[] = $it; + break; + case ACTIVITY_FRIEND: + $xmlhead="<"."?xml version='1.0' encoding='UTF-8' ?".">"; + $obj = parse_xml_string($xmlhead.$it['object']); + $it['fname'] = $obj->title; + $friends[] = $it; + break; + default: + if ($it['parent']!=$it['id']) $comments[] = $it; + } + } + + + $intros1 = q("SELECT COUNT(`intro`.`id`) AS `total`, `intro`.`id`, `intro`.`datetime`, + `fcontact`.`name`, `fcontact`.`url`, `fcontact`.`photo` + FROM `intro` LEFT JOIN `fcontact` ON `intro`.`fid` = `fcontact`.`id` + WHERE `intro`.`uid` = %d AND `intro`.`blocked` = 0 AND `intro`.`ignore` = 0 AND `intro`.`fid`!=0", + intval(local_user()) + ); + $intros2 = q("SELECT COUNT(`intro`.`id`) AS `total`, `intro`.`id`, `intro`.`datetime`, + `contact`.`name`, `contact`.`url`, `contact`.`photo` + FROM `intro` LEFT JOIN `contact` ON `intro`.`contact-id` = `contact`.`id` + WHERE `intro`.`uid` = %d AND `intro`.`blocked` = 0 AND `intro`.`ignore` = 0 AND `intro`.`contact-id`!=0", + intval(local_user()) + ); + + $intro = $intros1[0]['total'] + $intros2[0]['total']; + if ($intros1[0]['total']==0) $intros1=Array(); + if ($intros2[0]['total']==0) $intros2=Array(); + $intros = $intros1+$intros2; + + + + $myurl = $a->get_baseurl() . '/profile/' . $a->user['nickname'] ; + $mails = q("SELECT *, COUNT(*) AS `total` FROM `mail` + WHERE `uid` = %d AND `seen` = 0 AND `from-url` != '%s' ", + intval(local_user()), + dbesc($myurl) + ); + $mail = $mails[0]['total']; + + if ($a->config['register_policy'] == REGISTER_APPROVE && is_site_admin()){ + $regs = q("SELECT `contact`.`name`, `contact`.`url`, `contact`.`micro`, `register`.`created`, COUNT(*) as `total` FROM `contact` RIGHT JOIN `register` ON `register`.`uid`=`contact`.`uid` WHERE `contact`.`self`=1"); + $register = $regs[0]['total']; + } else { + $register = "0"; + } + + + function xmlize($href, $name, $url, $photo, $date, $message){ + $notsxml = '<note href="%s" name="%s" url="%s" photo="%s" date="%s">%s</note>'; + return sprintf ( $notsxml, + xmlify($href), xmlify($name), xmlify($url), xmlify($photo), xmlify($date), xmlify($message) + ); + } + + + echo "<intro>$intro</intro> + <mail>$mail</mail> + <net>$network</net> + <home>$home</home>"; + if ($register!=0) echo "<register>$register</register>"; + + $tot = $mail+$intro+$register+count($comments)+count($likes)+count($dislikes)+count($friends); + + echo ' <notif count="'.$tot.'">'; + if ($intro>0){ + foreach ($intros as $i) { + echo xmlize( $a->get_baseurl().'/notifications/'.$i['id'], $i['name'], $i['url'], $i['photo'], relative_date($i['datetime']), t("{0} wants to be your friend") ); + }; + } + if ($mail>0){ + foreach ($mails as $i) { + echo xmlize( $a->get_baseurl().'/message/'.$i['id'], $i['from-name'], $i['from-url'], $i['from-photo'], relative_date($i['created']), t("{0} sent you a message") ); + }; + } + if ($register>0){ + foreach ($regs as $i) { + echo xmlize( $a->get_baseurl().'/admin/users/', $i['name'], $i['url'], $i['micro'], relative_date($i['created']), t("{0} requested registration") ); + }; + } + + if (count($comments)){ + foreach ($comments as $i) { + echo xmlize( $a->get_baseurl().'/display/'.$a->user['nickname']."/".$i['parent'], $i['author-name'], $i['author-link'], $i['author-avatar'], relative_date($i['created']), sprintf( t("{0} commented %s's post"), $i['pname'] ) ); + }; + } + if (count($likes)){ + foreach ($likes as $i) { + echo xmlize( $a->get_baseurl().'/display/'.$a->user['nickname']."/".$i['parent'], $i['author-name'], $i['author-link'], $i['author-avatar'], relative_date($i['created']), sprintf( t("{0} like %s's post"), $i['pname'] ) ); + }; + } + if (count($dislikes)){ + foreach ($dislikes as $i) { + echo xmlize( $a->get_baseurl().'/display/'.$a->user['nickname']."/".$i['parent'], $i['author-name'], $i['author-link'], $i['author-avatar'], relative_date($i['created']), sprintf( t("{0} dislike %s's post"), $i['pname'] ) ); + }; + } + if (count($friends)){ + foreach ($friends as $i) { + echo xmlize( $a->get_baseurl().'/display/'.$a->user['nickname']."/".$i['parent'], $i['author-name'], $i['author-link'], $i['author-avatar'], relative_date($i['created']), sprintf( t("{0} is now friend with %s"), $i['fname'] ) ); + }; + } + + + echo " </notif>"; } + echo " <sysmsgs>"; + if(x($_SESSION,'sysmsg')){ + foreach ($_SESSION['sysmsg'] as $m){ + echo "<notice>".($m)."</notice>"; + } + //$_SESSION['sysmsg']=array(); + unset($_SESSION['sysmsg']); + } + if(x($_SESSION,'sysmsg_info')){ + foreach ($_SESSION['sysmsg_info'] as $m){ + echo "<info>".($m)."</info>"; + } + //$_SESSION['sysmsg_info']=array(); + unset($_SESSION['sysmsg_info']); + } - header("Content-type: text/xml"); - echo "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\r\n<result><intro>$intro</intro><mail>$mail</mail><net>$network</net><home>$home</home><register>$register</register></result>\r\n"; + echo " </sysmsgs>"; + echo"</result> + "; killme(); } diff --git a/mod/post.php b/mod/post.php new file mode 100644 index 000000000..4a7e33b23 --- /dev/null +++ b/mod/post.php @@ -0,0 +1,51 @@ +<?php + +/** + * Zot endpoint + */ + + +require_once('include/salmon.php'); +require_once('include/crypto.php'); +// not yet ready for prime time +//require_once('include/zot.php'); + +function post_post(&$a) { + + $bulk_delivery = false; + + if($a->argc == 1) { + $bulk_delivery = true; + } + else { + $nickname = $a->argv[2]; + $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' + AND `account_expired` = 0 LIMIT 1", + dbesc($nickname) + ); + if(! count($r)) + http_status_exit(500); + + $importer = $r[0]; + } + + $xml = file_get_contents('php://input'); + + logger('mod-post: new zot: ' . $xml, LOGGER_DATA); + + if(! $xml) + http_status_exit(500); + + $msg = zot_decode($importer,$xml); + + logger('mod-post: decoded msg: ' . print_r($msg,true), LOGGER_DATA); + + if(! is_array($msg)) + http_status_exit(500); + + $ret = 0; + $ret = zot_incoming($bulk_delivery, $importer,$msg); + http_status_exit(($ret) ? $ret : 200); + // NOTREACHED +} + diff --git a/mod/profile.php b/mod/profile.php index 2dd5df758..50bbdd46e 100644 --- a/mod/profile.php +++ b/mod/profile.php @@ -70,8 +70,9 @@ function profile_content(&$a, $update = 0) { $a->profile['profile_uid'] = $update; } else { - if($a->profile['profile_uid'] == local_user()) - $o .= '<script> $(document).ready(function() { $(\'#nav-home-link\').addClass(\'nav-selected\'); });</script>'; + if($a->profile['profile_uid'] == local_user()) { + nav_set_selected('home'); + } } $contact = null; @@ -238,7 +239,6 @@ function profile_content(&$a, $update = 0) { if(! $update) { $o .= paginate($a); - $o .= cc_license(); } return $o; diff --git a/mod/profile_photo.php b/mod/profile_photo.php index 8dc896653..4de3aaa3e 100644 --- a/mod/profile_photo.php +++ b/mod/profile_photo.php @@ -155,9 +155,15 @@ function profile_photo_content(&$a) { notice( t('Permission denied.') . EOL ); return; } + $havescale = false; + foreach($r as $rr) { + if($rr['scale'] == 5) + $havescale = true; + } + // set an already uloaded photo as profile photo // if photo is in 'Profile Photos', change it in db - if ($r[0]['album']== t('Profile Photos')){ + if (($r[0]['album']== t('Profile Photos')) && ($havescale)){ $r=q("UPDATE `photo` SET `profile`=0 WHERE `profile`=1 AND `uid`=%d", intval(local_user())); diff --git a/mod/profiles.php b/mod/profiles.php index b269fa30c..f5f335c7e 100644 --- a/mod/profiles.php +++ b/mod/profiles.php @@ -220,7 +220,7 @@ function profiles_post(&$a) { function profiles_content(&$a) { $o = ''; - $o .= '<script> $(document).ready(function() { $(\'#nav-profiles-link\').addClass(\'nav-selected\'); });</script>'; + nav_set_selected('profiles'); if(! local_user()) { notice( t('Permission denied.') . EOL); @@ -359,7 +359,7 @@ function profiles_content(&$a) { $a->page['htmlhead'] .= replace_macros($tpl, array('$baseurl' => $a->get_baseurl())); - $a->page['htmlhead'] .= "<script type=\"text/javascript\" src=\"include/country.js\" ></script>"; + $a->page['htmlhead'] .= "<script type=\"text/javascript\" src=\"js/country.js\" ></script>"; $f = get_config('system','birthday_input_format'); if(! $f) diff --git a/mod/pubsub.php b/mod/pubsub.php index 4dff5d531..b2f006927 100644 --- a/mod/pubsub.php +++ b/mod/pubsub.php @@ -44,7 +44,7 @@ function pubsub_init(&$a) { $subscribe = (($hub_mode === 'subscribe') ? 1 : 0); - $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' LIMIT 1", + $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `account_expired` = 0 LIMIT 1", dbesc($nick) ); if(! count($r)) @@ -99,7 +99,7 @@ function pubsub_post(&$a) { $nick = (($a->argc > 1) ? notags(trim($a->argv[1])) : ''); $contact_id = (($a->argc > 2) ? intval($a->argv[2]) : 0 ); - $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' LIMIT 1", + $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `account_expired` = 0 LIMIT 1", dbesc($nick) ); if(! count($r)) diff --git a/mod/receive.php b/mod/receive.php index 34128518b..950bf0bd3 100644 --- a/mod/receive.php +++ b/mod/receive.php @@ -12,18 +12,26 @@ require_once('include/diaspora.php'); function receive_post(&$a) { - if($a->argc != 3 || $a->argv[1] !== 'users') - http_status_exit(500); + $public = false; - $guid = $a->argv[2]; + if(($a->argc == 2) && ($a->argv[1] === 'public')) { + $public = true; + } + else { - $r = q("SELECT * FROM `user` WHERE `guid` = '%s' LIMIT 1", - dbesc($guid) - ); - if(! count($r)) - http_status_exit(500); + if($a->argc != 3 || $a->argv[1] !== 'users') + http_status_exit(500); + + $guid = $a->argv[2]; + + $r = q("SELECT * FROM `user` WHERE `guid` = '%s' AND `account_expired` = 0 LIMIT 1", + dbesc($guid) + ); + if(! count($r)) + http_status_exit(500); - $importer = $r[0]; + $importer = $r[0]; + } // It is an application/x-www-form-urlencoded @@ -41,9 +49,13 @@ function receive_post(&$a) { if(! is_array($msg)) http_status_exit(500); - diaspora_dispatch($importer,$msg); + $ret = 0; + if($public) + diaspora_dispatch_public($msg); + else + $ret = diaspora_dispatch($importer,$msg); - http_status_exit(200); + http_status_exit(($ret) ? $ret : 200); // NOTREACHED } diff --git a/mod/register.php b/mod/register.php index 5fceebd4b..85e1f9faa 100644 --- a/mod/register.php +++ b/mod/register.php @@ -501,8 +501,7 @@ function register_content(&$a) { } - $license = cc_license(); - + $license = ''; $o = get_markup_template("register.tpl"); $o = replace_macros($o, array( diff --git a/mod/salmon.php b/mod/salmon.php index 0264e820d..6172d17a1 100644 --- a/mod/salmon.php +++ b/mod/salmon.php @@ -25,12 +25,12 @@ function salmon_post(&$a) { $xml = file_get_contents('php://input'); - logger('mod-salmon: new salmon ' . $xml); + logger('mod-salmon: new salmon ' . $xml, LOGGER_DATA); $nick = (($a->argc > 1) ? notags(trim($a->argv[1])) : ''); $mentions = (($a->argc > 2 && $a->argv[2] === 'mention') ? true : false); - $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' LIMIT 1", + $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `account_expired` = 0 LIMIT 1", dbesc($nick) ); if(! count($r)) diff --git a/mod/search.php b/mod/search.php index 88ff9bbb7..034794e17 100644 --- a/mod/search.php +++ b/mod/search.php @@ -1,5 +1,60 @@ <?php +function search_saved_searches() { + + $o = ''; + + $r = q("select `term` from `search` WHERE `uid` = %d", + intval(local_user()) + ); + + if(count($r)) { + $o .= '<div id="saved-search-list" class="widget">'; + $o .= '<h3>' . t('Saved Searches') . '</h3>' . "\r\n"; + $o .= '<ul id="saved-search-ul">' . "\r\n"; + foreach($r as $rr) { + $o .= '<li class="saved-search-li clear"><a href="search/?f=&remove=1&search=' . $rr['term'] . '" class="icon drophide savedsearchdrop" title="' . t('Remove term') . '" onclick="return confirmDelete();" onmouseover="imgbright(this);" onmouseout="imgdull(this);" ></a> <a href="search/?f=&search=' . $rr['term'] . '" class="savedsearchterm" >' . $rr['term'] . '</a></li>' . "\r\n"; + } + $o .= '</ul></div>' . "\r\n"; + } + + return $o; + +} + + +function search_init(&$a) { + + $search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : ''); + + if(local_user()) { + if(x($_GET,'save') && $search) { + $r = q("select * from `search` where `uid` = %d and `term` = '%s' limit 1", + intval(local_user()), + dbesc($search) + ); + if(! count($r)) { + q("insert into `search` ( `uid`,`term` ) values ( %d, '%s') ", + intval(local_user()), + dbesc($search) + ); + } + } + if(x($_GET,'remove') && $search) { + q("delete from `search` where `uid` = %d and `term` = '%s' limit 1", + intval(local_user()), + dbesc($search) + ); + } + + $a->page['aside'] .= search_saved_searches(); + + } + + +} + + function search_post(&$a) { if(x($_POST,'search')) @@ -13,6 +68,8 @@ function search_content(&$a) { notice( t('Public access denied.') . EOL); return; } + + nav_set_selected('search'); require_once("include/bbcode.php"); require_once('include/security.php'); @@ -30,7 +87,7 @@ function search_content(&$a) { else $search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : ''); - $o .= search($search); + $o .= search($search,'search-box','/search',((local_user()) ? true : false)); if(! $search) return $o; @@ -86,12 +143,11 @@ function search_content(&$a) { ); - + $o .= '<h2>Search results for: ' . $search . '</h2>'; $o .= conversation($a,$r,'search',false); $o .= paginate($a); - $o .= cc_license(); return $o; } diff --git a/mod/settings.php b/mod/settings.php index 1b4098de8..44ebdd77b 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -299,7 +299,7 @@ if(! function_exists('settings_content')) { function settings_content(&$a) { $o = ''; - $o .= '<script> $(document).ready(function() { $(\'#nav-settings-link\').addClass(\'nav-selected\'); });</script>'; + nav_set_selected('settings'); if(! local_user()) { notice( t('Permission denied.') . EOL ); diff --git a/mod/tagmatch.php b/mod/tagmatch.php new file mode 100644 index 000000000..8023fa433 --- /dev/null +++ b/mod/tagmatch.php @@ -0,0 +1,52 @@ +<?php + + +function tagmatch_content(&$a) { + + $search = notags(trim($_REQUEST['search'])); + + $o = ''; + + $o .= '<h2>' . t('Tag Match') . ' - ' . $search . '</h2>'; + + if($search) { + + $p = (($a->pager['page'] != 1) ? '&p=' . $a->pager['page'] : ''); + + if(strlen(get_config('system','directory_submit_url'))) + $x = fetch_url('http://dir.friendika.com/lsearch?f=' . $p . '&search=' . urlencode($search)); + +//TODO fallback local search if global dir not available. +// else +// $x = post_url($a->get_baseurl() . '/lsearch', $params); + + $j = json_decode($x); + + if($j->total) { + $a->set_pager_total($j->total); + $a->set_pager_itemspage($j->items_page); + } + + if(count($j->results)) { + + $tpl = get_markup_template('match.tpl'); + foreach($j->results as $jj) { + + $o .= replace_macros($tpl,array( + '$url' => $jj->url, + '$name' => $jj->name, + '$photo' => $jj->photo, + '$tags' => $jj->tags + )); + } + } + else { + info( t('No matches') . EOL); + } + + } + + $o .= '<div class="clear"></div>'; + $o .= paginate($a); + return $o; +} diff --git a/mod/update_notes.php b/mod/update_notes.php new file mode 100644 index 000000000..90cc5bc69 --- /dev/null +++ b/mod/update_notes.php @@ -0,0 +1,60 @@ +<?php + +/** + * Module: update_profile + * Purpose: AJAX synchronisation of profile page + * + */ + + +require_once('mod/notes.php'); + +function update_notes_content(&$a) { + + $profile_uid = intval($_GET['p']); + + header("Content-type: text/html"); + echo "<!DOCTYPE html><html><body>\r\n"; + + /** + * We can remove this hack once Internet Explorer recognises HTML5 natively + */ + + echo (($_GET['msie'] == 1) ? '<div>' : '<section>'); + + /** + * + * Grab the page inner contents by calling the content function from the profile module directly, + * but move any image src attributes to another attribute name. This is because + * some browsers will prefetch all the images for the page even if we don't need them. + * The only ones we need to fetch are those for new page additions, which we'll discover + * on the client side and then swap the image back. + * + */ + + $text = notes_content($a,$profile_uid); + + $pattern = "/<img([^>]*) src=\"([^\"]*)\"/"; + $replace = "<img\${1} dst=\"\${2}\""; + $text = preg_replace($pattern, $replace, $text); + + $replace = '<br />' . t('[Embedded content - reload page to view]') . '<br />'; + $pattern = "/<\s*audio[^>]*>(.*?)<\s*\/\s*audio>/i"; + $text = preg_replace($pattern, $replace, $text); + $pattern = "/<\s*video[^>]*>(.*?)<\s*\/\s*video>/i"; + $text = preg_replace($pattern, $replace, $text); + $pattern = "/<\s*embed[^>]*>(.*?)<\s*\/\s*embed>/i"; + $text = preg_replace($pattern, $replace, $text); + $pattern = "/<\s*iframe[^>]*>(.*?)<\s*\/\s*iframe>/i"; + $text = preg_replace($pattern, $replace, $text); + + /** + * reportedly some versions of MSIE don't handle tabs in XMLHttpRequest documents very well + */ + + echo str_replace("\t",' ',$text); + echo (($_GET['msie'] == 1) ? '</div>' : '</section>'); + echo "</body></html>\r\n"; + killme(); + +}
\ No newline at end of file diff --git a/mod/wall_attach.php b/mod/wall_attach.php index ef6554df3..a66ed0d05 100644 --- a/mod/wall_attach.php +++ b/mod/wall_attach.php @@ -61,7 +61,7 @@ function wall_attach_post(&$a) { $filedata = @file_get_contents($src); $mimetype = z_mime_content_type($filename); - if((! strlen($mimetype)) || ($mimetype === 'application/octet-stream') && function_exists('mime_content_type')) + if(((! strlen($mimetype)) || ($mimetype === 'application/octet-stream')) && function_exists('mime_content_type')) $mimetype = mime_content_type($filename); $hash = random_string(); $created = datetime_convert(); diff --git a/mod/xrd.php b/mod/xrd.php index fcec74336..a416a2cf3 100644 --- a/mod/xrd.php +++ b/mod/xrd.php @@ -41,15 +41,18 @@ function xrd_init(&$a) { $tpl = file_get_contents('view/xrd_person.tpl'); $o = replace_macros($tpl, array( + '$nick' => $r[0]['nickname'], '$accturi' => $uri, '$profile_url' => $a->get_baseurl() . '/profile/' . $r[0]['nickname'], '$hcard_url' => $a->get_baseurl() . '/hcard/' . $r[0]['nickname'], '$atom' => $a->get_baseurl() . '/dfrn_poll/' . $r[0]['nickname'], + '$zot_post' => $a->get_baseurl() . '/post/' . $r[0]['nickname'], '$photo' => $a->get_baseurl() . '/photo/profile/' . $r[0]['uid'] . '.jpg', '$dspr' => $dspr, '$salmon' => $a->get_baseurl() . '/salmon/' . $r[0]['nickname'], '$salmen' => $a->get_baseurl() . '/salmon/' . $r[0]['nickname'] . '/mention', - '$modexp' => 'data:application/magic-public-key,' . $salmon_key + '$modexp' => 'data:application/magic-public-key,' . $salmon_key, + '$bigkey' => salmon_key($r[0]['pubkey']) )); |