diff options
Diffstat (limited to 'mod')
| -rw-r--r-- | mod/admin.php | 6 | ||||
| -rw-r--r-- | mod/invite.php | 2 | ||||
| -rw-r--r-- | mod/item.php | 8 | ||||
| -rwxr-xr-x | mod/like.php | 8 | ||||
| -rw-r--r-- | mod/magic.php | 6 | ||||
| -rw-r--r-- | mod/message.php | 7 | ||||
| -rwxr-xr-x | mod/mood.php | 2 | ||||
| -rw-r--r-- | mod/parse_url.php | 10 | ||||
| -rw-r--r-- | mod/photos.php | 8 | ||||
| -rw-r--r-- | mod/ping.php | 2 | ||||
| -rwxr-xr-x | mod/poke.php | 2 | ||||
| -rw-r--r-- | mod/post.php | 12 | ||||
| -rw-r--r-- | mod/siteinfo.php | 6 | ||||
| -rwxr-xr-x | mod/subthread.php | 6 | ||||
| -rw-r--r-- | mod/tagger.php | 12 |
15 files changed, 59 insertions, 38 deletions
diff --git a/mod/admin.php b/mod/admin.php index bda4b0794..670e89066 100644 --- a/mod/admin.php +++ b/mod/admin.php @@ -1,7 +1,7 @@ <?php /** - * Friendica admin + * Red admin */ @@ -188,7 +188,7 @@ function admin_page_summary(&$a) { '$users' => Array( t('Registered users'), $users), '$accounts' => $accounts, '$pending' => Array( t('Pending registrations'), $pending), - '$version' => Array( t('Version'), FRIENDICA_VERSION), + '$version' => Array( t('Version'), RED_VERSION), '$build' => get_config('system','db_version'), '$plugins' => Array( t('Active plugins'), $a->plugins ) )); @@ -1048,7 +1048,7 @@ readable."); // name, label, value, help string, extra data... '$debugging' => array('debugging', t("Debugging"),get_config('system','debugging'), ""), - '$logfile' => array('logfile', t("Log file"), get_config('system','logfile'), t("Must be writable by web server. Relative to your Friendica top-level directory.")), + '$logfile' => array('logfile', t("Log file"), get_config('system','logfile'), t("Must be writable by web server. Relative to your Red top-level directory.")), '$loglevel' => array('loglevel', t("Log level"), get_config('system','loglevel'), "", $log_choices), '$form_security_token' => get_form_security_token("admin_logs"), diff --git a/mod/invite.php b/mod/invite.php index 336e20164..cb8d4c6eb 100644 --- a/mod/invite.php +++ b/mod/invite.php @@ -68,7 +68,7 @@ function invite_post(&$a) { else $nmessage = $message; - $res = mail($recip, sprintf( t('Please join us on Friendica'), $a->config['sitename']), + $res = mail($recip, sprintf( t('Please join us on Red'), $a->config['sitename']), $nmessage, "From: " . $a->user['email'] . "\n" . 'Content-type: text/plain; charset=UTF-8' . "\n" diff --git a/mod/item.php b/mod/item.php index 89059c205..a9b658441 100644 --- a/mod/item.php +++ b/mod/item.php @@ -785,14 +785,14 @@ function handle_tag($a, &$body, &$inform, &$str_tags, $profile_uid, $tag) { //is it a hash tag? if(strpos($tag,'#') === 0) { //if the tag is replaced... - if(strpos($tag,'[url=')) + if(strpos($tag,'[zrl=')) //...do nothing return $replaced; //base tag has the tags name only $basetag = str_replace('_',' ',substr($tag,1)); //create text for link $url = $a->get_baseurl() . '/search?tag=' . rawurlencode($basetag); - $newtag = '#[url=' . $a->get_baseurl() . '/search?tag=' . rawurlencode($basetag) . ']' . $basetag . '[/url]'; + $newtag = '#[zrl=' . $a->get_baseurl() . '/search?tag=' . rawurlencode($basetag) . ']' . $basetag . '[/zrl]'; //replace tag by the link $body = str_replace($tag, $newtag, $body); $replaced = true; @@ -809,7 +809,7 @@ function handle_tag($a, &$body, &$inform, &$str_tags, $profile_uid, $tag) { //is it a person tag? if(strpos($tag,'@') === 0) { //is it already replaced? - if(strpos($tag,'[url=')) + if(strpos($tag,'[zrl=')) return $replaced; $stat = false; //get the person's name @@ -905,7 +905,7 @@ function handle_tag($a, &$body, &$inform, &$str_tags, $profile_uid, $tag) { //create profile link $profile = str_replace(',','%2c',$profile); $url = $profile; - $newtag = '@[url=' . $profile . ']' . $newname . '[/url]'; + $newtag = '@[zrl=' . $profile . ']' . $newname . '[/zrl]'; $body = str_replace('@' . $name, $newtag, $body); //append tag to str_tags if(! stristr($str_tags,$newtag)) { diff --git a/mod/like.php b/mod/like.php index 70add59bd..35a94ab78 100755 --- a/mod/like.php +++ b/mod/like.php @@ -135,7 +135,7 @@ function like_content(&$a) { if(! isset($bodyverb)) return; - $item_flags = ITEM_ORIGIN; + $item_flags = ITEM_ORIGIN | ITEM_NOTSHOWN; if($item['item_flags'] & ITEM_WALL) $item_flags |= ITEM_WALL; @@ -153,9 +153,9 @@ function like_content(&$a) { $arr['author_xchan'] = $observer['xchan_hash']; - $ulink = '[url=' . $thread_owner['xchan_url'] . ']' . $thread_owner['xchan_name'] . '[/url]'; - $alink = '[url=' . $observer['xchan_url'] . ']' . $observer['xchan_name'] . '[/url]'; - $plink = '[url=' . $a->get_baseurl() . '/display/' . $item['mid'] . ']' . $post_type . '[/url]'; + $ulink = '[zrl=' . $thread_owner['xchan_url'] . ']' . $thread_owner['xchan_name'] . '[/zrl]'; + $alink = '[zrl=' . $observer['xchan_url'] . ']' . $observer['xchan_name'] . '[/zrl]'; + $plink = '[zrl=' . $a->get_baseurl() . '/display/' . $item['mid'] . ']' . $post_type . '[/zrl]'; $arr['body'] = sprintf( $bodyverb, $alink, $ulink, $plink ); diff --git a/mod/magic.php b/mod/magic.php index 0f9a66c5b..e655e9737 100644 --- a/mod/magic.php +++ b/mod/magic.php @@ -35,7 +35,6 @@ function magic_init(&$a) { } - if(! $x) { // Finger them if they've never been seen here before @@ -60,6 +59,9 @@ function magic_init(&$a) { return; } + // This is ready-made for a plugin that provides a blacklist or "ask me" before blindly authenticating. + // By default, we'll proceed without asking. + $arr = array( 'channel_id' => local_user(), 'xchan' => $x[0], @@ -117,7 +119,7 @@ function magic_init(&$a) { goaway($x[0]['hubloc_callback'] . '/' . substr($x[0]['hubloc_addr'],0,strpos($x[0]['hubloc_addr'],'@')) . '/?f=&auth=' . $channel['channel_address'] . '@' . $a->get_hostname() - . '&sec=' . $token . '&dest=' . $dest . '&version=' . ZOT_REVISION); + . '&sec=' . $token . '&dest=' . urlencode($dest) . '&version=' . ZOT_REVISION); } if(strpos($dest,'/')) diff --git a/mod/message.php b/mod/message.php index 94a8344ea..93b5c2494 100644 --- a/mod/message.php +++ b/mod/message.php @@ -160,9 +160,10 @@ function item_redir_and_replace_images($body, $images, $cid) { $newbody = ''; for($i = 0; $i < count($images); $i++) { - $search = '/\[url\=(.*?)\]\[!#saved_image' . $i . '#!\]\[\/url\]' . '/is'; - $replace = '[url=' . z_path() . '/redir/' . $cid - . '?f=1&url=' . '$1' . '][!#saved_image' . $i . '#!][/url]' ; + $search = '/\[zrl\=(.*?)\]\[!#saved_image' . $i . '#!\]\[\/zrl\]' . '/is'; +//FIXME + $replace = '[zrl=' . z_path() . '/redir/' . $cid + . '?f=1&url=' . '$1' . '][!#saved_image' . $i . '#!][/zrl]' ; $img_end = strpos($origbody, '[!#saved_image' . $i . '#!][/url]') + strlen('[!#saved_image' . $i . '#!][/url]'); $process_part = substr($origbody, 0, $img_end); diff --git a/mod/mood.php b/mod/mood.php index b5414ca12..0c611997c 100755 --- a/mod/mood.php +++ b/mod/mood.php @@ -60,7 +60,7 @@ function mood_init(&$a) { $mid = item_message_id(); - $action = sprintf( t('%1$s is currently %2$s'), '[url=' . $poster['xchan_url'] . ']' . $poster['xchan_name'] . '[/url]' , $verbs[$verb]); + $action = sprintf( t('%1$s is currently %2$s'), '[zrl=' . $poster['xchan_url'] . ']' . $poster['xchan_name'] . '[/zrl]' , $verbs[$verb]); $item_flags = ITEM_WALL|ITEM_ORIGIN|ITEM_UNSEEN; if(! $parent_mid) $item_flags |= ITEM_THREAD_TOP; diff --git a/mod/parse_url.php b/mod/parse_url.php index e7b9bb391..9d68b907d 100644 --- a/mod/parse_url.php +++ b/mod/parse_url.php @@ -63,7 +63,7 @@ function parseurl_getsiteinfo($url) { $header = $result['header']; $body = $result['body']; - $body = mb_convert_encoding($body, "UTF-8", $charset); + $body = mb_convert_encoding($body, 'UTF-8', 'UTF-8'); $body = mb_convert_encoding($body, 'HTML-ENTITIES', "UTF-8"); $doc = new DOMDocument(); @@ -99,6 +99,9 @@ function parseurl_getsiteinfo($url) { $attr["content"] = html_entity_decode($attr["content"], ENT_QUOTES, "UTF-8"); switch (strtolower($attr["name"])) { + case 'generator': + $siteinfo['generator'] = $attr['content']; + break; case "fulltitle": $siteinfo["title"] = $attr["content"]; break; @@ -274,6 +277,11 @@ function parse_url_content(&$a) { $siteinfo = parseurl_getsiteinfo($url); + // If this is a Red site, use zrl rather than url so they get zids sent to them by default + + if( x($siteinfo,'generator') && (strpos($siteinfo['generator'],RED_PLATFORM . ' ') == 0)) + $template = str_replace('url','zrl',$template); + if($siteinfo["title"] == "") { echo sprintf($template,$url,$url,'') . $str_tags; killme(); diff --git a/mod/photos.php b/mod/photos.php index 05410a750..df41b3a07 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -413,13 +413,13 @@ function photos_post(&$a) { } if($profile) { if(substr($notify,0,4) === 'cid:') - $taginfo[] = array($newname,$profile,$notify,$r[0],'@[url=' . str_replace(',','%2c',$profile) . ']' . $newname . '[/url]'); + $taginfo[] = array($newname,$profile,$notify,$r[0],'@[zrl=' . str_replace(',','%2c',$profile) . ']' . $newname . '[/zrl]'); else $taginfo[] = array($newname,$profile,$notify,null,$str_tags .= '@[url=' . $profile . ']' . $newname . '[/url]'); if(strlen($str_tags)) $str_tags .= ','; $profile = str_replace(',','%2c',$profile); - $str_tags .= '@[url=' . $profile . ']' . $newname . '[/url]'; + $str_tags .= '@[zrl=' . $profile . ']' . $newname . '[/zrl]'; } } } @@ -487,9 +487,9 @@ function photos_post(&$a) { $arr['tag'] = $tagged[4]; $arr['inform'] = $tagged[2]; $arr['origin'] = 1; - $arr['body'] = sprintf( t('%1$s was tagged in %2$s by %3$s'), '[url=' . $tagged[1] . ']' . $tagged[0] . '[/url]', '[url=' . $a->get_baseurl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . ']' . t('a photo') . '[/url]', '[url=' . $owner_record['url'] . ']' . $owner_record['name'] . '[/url]') ; + $arr['body'] = sprintf( t('%1$s was tagged in %2$s by %3$s'), '[zrl=' . $tagged[1] . ']' . $tagged[0] . '[/zrl]', '[zrl=' . $a->get_baseurl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . ']' . t('a photo') . '[/zrl]', '[zrl=' . $owner_record['url'] . ']' . $owner_record['name'] . '[/zrl]') ; - $arr['body'] .= "\n\n" . '[url=' . $a->get_baseurl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource_id'] . ']' . '[img]' . $a->get_baseurl() . "/photo/" . $p[0]['resource_id'] . '-' . $best . '.' . $ext . '[/img][/url]' . "\n" ; + $arr['body'] .= "\n\n" . '[zrl=' . $a->get_baseurl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource_id'] . ']' . '[img]' . $a->get_baseurl() . "/photo/" . $p[0]['resource_id'] . '-' . $best . '.' . $ext . '[/img][/zrl]' . "\n" ; $arr['object'] = '<object><type>' . ACTIVITY_OBJ_PERSON . '</type><title>' . $tagged[0] . '</title><id>' . $tagged[1] . '/' . $tagged[0] . '</id>'; $arr['object'] .= '<link>' . xmlify('<link rel="alternate" type="text/html" href="' . $tagged[1] . '" />' . "\n"); diff --git a/mod/ping.php b/mod/ping.php index 7ae99d44c..76d84d0e4 100644 --- a/mod/ping.php +++ b/mod/ping.php @@ -75,7 +75,7 @@ function ping_init(&$a) { ); break; case 'all_events': - $r = q("update event set ignore = 1 where ignore = 0 and uid = %d", + $r = q("update event set `ignore` = 1 where `ignore` = 0 and uid = %d", intval(local_user()) ); break; diff --git a/mod/poke.php b/mod/poke.php index 1738fd8dd..2ccbfbd77 100755 --- a/mod/poke.php +++ b/mod/poke.php @@ -104,7 +104,7 @@ function poke_init(&$a) { $arr['obj_type'] = ACTIVITY_OBJ_PERSON; $arr['origin'] = 1; - $arr['body'] = '[url=' . $poster['url'] . ']' . $poster['name'] . '[/url]' . ' ' . t($verbs[$verb][0]) . ' ' . '[url=' . $target['url'] . ']' . $target['name'] . '[/url]'; + $arr['body'] = '[zrl=' . $poster['url'] . ']' . $poster['name'] . '[/zrl]' . ' ' . t($verbs[$verb][0]) . ' ' . '[zrl=' . $target['url'] . ']' . $target['name'] . '[/zrl]'; $arr['object'] = '<object><type>' . ACTIVITY_OBJ_PERSON . '</type><title>' . $target['name'] . '</title><id>' . $a->get_baseurl() . '/contact/' . $target['id'] . '</id>'; $arr['object'] .= '<link>' . xmlify('<link rel="alternate" type="text/html" href="' . $target['url'] . '" />' . "\n"); diff --git a/mod/post.php b/mod/post.php index 5b002eb36..5919ed2b4 100644 --- a/mod/post.php +++ b/mod/post.php @@ -96,6 +96,13 @@ function post_init(&$a) { } if($already_authed || $j['success']) { + if($j['success']) { + // legit response, but we do need to check that this wasn't answered by a man-in-middle + if(! rsa_verify($sec . $x[0]['xchan_hash'],base64url_decode($j['confirm']),$x[0]['xchan_pubkey'])) { + logger('mod_zot: auth: final confirmation failed.'); + goaway($desturl); + } + } // everything is good... maybe if(local_user()) { @@ -386,7 +393,7 @@ function post_post(&$a) { $arr = $data['recipients'][0]; $recip_hash = base64url_encode(hash('whirlpool',$arr['guid'] . $arr['guid_sig'], true)); - $c = q("select channel_id from channel where channel_hash = '%s' limit 1", + $c = q("select channel_id, channel_prvkey from channel where channel_hash = '%s' limit 1", dbesc($recip_hash) ); if(! $c) { @@ -394,6 +401,8 @@ function post_post(&$a) { json_return_and_die($ret); } + $confirm = base64url_encode(rsa_sign($data['secret'] . $recip_hash,$c[0]['channel_prvkey'])); + // This additionally checks for forged senders since we already stored the expected result in meta // and we've already verified that this is them via zot_gethub() and that their key signed our token @@ -412,6 +421,7 @@ function post_post(&$a) { logger('mod_zot: auth_check: success', LOGGER_DEBUG); $ret['success'] = true; + $ret['confirm'] = $confirm; json_return_and_die($ret); } diff --git a/mod/siteinfo.php b/mod/siteinfo.php index 7ea81fec1..f2f444fac 100644 --- a/mod/siteinfo.php +++ b/mod/siteinfo.php @@ -28,13 +28,13 @@ function siteinfo_init(&$a) { } $data = Array( - 'version' => FRIENDICA_VERSION, + 'version' => RED_VERSION, 'url' => z_root(), 'plugins' => $visible_plugins, 'register_policy' => $register_policy[$a->config['system']['register_policy']], 'admin' => $admin, 'site_name' => $a->config['sitename'], - 'platform' => FRIENDICA_PLATFORM, + 'platform' => RED_PLATFORM, 'info' => ((x($a->config,'info')) ? $a->config['info'] : '') ); @@ -48,7 +48,7 @@ function siteinfo_init(&$a) { function siteinfo_content(&$a) { if(! get_config('system','hidden_version_siteinfo')) - $version = sprintf( t('Version %s'), FRIENDICA_VERSION ); + $version = sprintf( t('Version %s'), RED_VERSION ); else $version = ""; diff --git a/mod/subthread.php b/mod/subthread.php index c91052395..66dc86eb2 100755 --- a/mod/subthread.php +++ b/mod/subthread.php @@ -126,9 +126,9 @@ EOT; $arr['author-link'] = $contact['url']; $arr['author-avatar'] = $contact['thumb']; - $ulink = '[url=' . $contact['url'] . ']' . $contact['name'] . '[/url]'; - $alink = '[url=' . $item['author-link'] . ']' . $item['author-name'] . '[/url]'; - $plink = '[url=' . $a->get_baseurl() . '/display/' . $owner['nickname'] . '/' . $item['id'] . ']' . $post_type . '[/url]'; + $ulink = '[zrl=' . $contact['url'] . ']' . $contact['name'] . '[/zrl]'; + $alink = '[zrl=' . $item['author-link'] . ']' . $item['author-name'] . '[/zrl]'; + $plink = '[zrl=' . $a->get_baseurl() . '/display/' . $owner['nickname'] . '/' . $item['id'] . ']' . $post_type . '[/zrl]'; $arr['body'] = sprintf( $bodyverb, $ulink, $alink, $plink ); $arr['verb'] = $activity; diff --git a/mod/tagger.php b/mod/tagger.php index ff99a2f8a..b8e90e2fd 100644 --- a/mod/tagger.php +++ b/mod/tagger.php @@ -97,7 +97,7 @@ EOT; if(! isset($bodyverb)) return; - $termlink = html_entity_decode('⌗') . '[url=' . $a->get_baseurl() . '/search?tag=' . urlencode($term) . ']'. $term . '[/url]'; + $termlink = html_entity_decode('⌗') . '[zrl=' . $a->get_baseurl() . '/search?tag=' . urlencode($term) . ']'. $term . '[/zrl]'; $arr = array(); @@ -116,9 +116,9 @@ EOT; $arr['author-link'] = $contact['url']; $arr['author-avatar'] = $contact['thumb']; - $ulink = '[url=' . $contact['url'] . ']' . $contact['name'] . '[/url]'; - $alink = '[url=' . $item['author-link'] . ']' . $item['author-name'] . '[/url]'; - $plink = '[url=' . $item['plink'] . ']' . $post_type . '[/url]'; + $ulink = '[zrl=' . $contact['url'] . ']' . $contact['name'] . '[/zrl]'; + $alink = '[zrl=' . $item['author-link'] . ']' . $item['author-name'] . '[/zrl]'; + $plink = '[zrl=' . $item['plink'] . ']' . $post_type . '[/zrl]'; $arr['body'] = sprintf( $bodyverb, $ulink, $alink, $plink, $termlink ); $arr['verb'] = ACTIVITY_TAG; @@ -152,7 +152,7 @@ EOT; if((! $blocktags) && (! stristr($item['tag'], ']' . $term . '[' ))) { q("update item set tag = '%s' where id = %d limit 1", - dbesc($item['tag'] . (strlen($item['tag']) ? ',' : '') . '#[url=' . $a->get_baseurl() . '/search?tag=' . $term . ']'. $term . '[/url]'), + dbesc($item['tag'] . (strlen($item['tag']) ? ',' : '') . '#[zrl=' . $a->get_baseurl() . '/search?tag=' . $term . ']'. $term . '[/zrl]'), intval($item['id']) ); } @@ -168,7 +168,7 @@ EOT; ); if(count($x) && !$x[0]['blocktags'] && (! stristr($r[0]['tag'], ']' . $term . '['))) { q("update item set tag = '%s' where id = %d limit 1", - dbesc($r[0]['tag'] . (strlen($r[0]['tag']) ? ',' : '') . '#[url=' . $a->get_baseurl() . '/search?tag=' . $term . ']'. $term . '[/url]'), + dbesc($r[0]['tag'] . (strlen($r[0]['tag']) ? ',' : '') . '#[zrl=' . $a->get_baseurl() . '/search?tag=' . $term . ']'. $term . '[/zrl]'), intval($r[0]['id']) ); } |