aboutsummaryrefslogtreecommitdiffstats
path: root/mod
diff options
context:
space:
mode:
Diffstat (limited to 'mod')
-rw-r--r--mod/acl.php2
-rw-r--r--mod/dfrn_confirm.php11
-rw-r--r--mod/dfrn_notify.php10
-rw-r--r--mod/dfrn_request.php16
-rw-r--r--mod/item.php41
-rw-r--r--mod/network.php41
-rw-r--r--mod/notes.php6
-rw-r--r--mod/profiles.php13
-rw-r--r--mod/register.php328
-rw-r--r--mod/search.php18
-rw-r--r--mod/settings.php28
-rw-r--r--mod/wallmessage.php4
12 files changed, 154 insertions, 364 deletions
diff --git a/mod/acl.php b/mod/acl.php
index 168b1f59f..1e8898ab6 100644
--- a/mod/acl.php
+++ b/mod/acl.php
@@ -135,7 +135,7 @@ function acl_init(&$a){
foreach($r as $g) {
$x['photos'][] = $g['micro'];
$x['links'][] = $g['url'];
- $x['suggestions'][] = $g['name']; // sprintf( t('%s [%s]'),$g['name'],$g['url']);
+ $x['suggestions'][] = $g['name'];
$x['data'][] = intval($g['id']);
}
}
diff --git a/mod/dfrn_confirm.php b/mod/dfrn_confirm.php
index 093993bbc..76b99cbca 100644
--- a/mod/dfrn_confirm.php
+++ b/mod/dfrn_confirm.php
@@ -202,6 +202,8 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
if($user[0]['page-flags'] == PAGE_COMMUNITY)
$params['page'] = 1;
+ if($user[0]['page-flags'] == PAGE_PRVGROUP)
+ $params['page'] = 2;
logger('dfrn_confirm: Confirm: posting data to ' . $dfrn_confirm . ': ' . print_r($params,true), LOGGER_DATA);
@@ -500,7 +502,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
);
if($contact && $g && intval($g[0]['def_gid'])) {
require_once('include/group.php');
- group_add_member($uid,'',$contact[0]['id'],$g[0]['def_gid']);
+ group_add_member($uid,'',$contact['id'],$g[0]['def_gid']);
}
// Let's send our user to the contact editor in case they want to
@@ -537,6 +539,9 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
$page = ((x($_POST,'page')) ? intval($_POST['page']) : 0 );
$version_id = ((x($_POST,'dfrn_version')) ? (float) $_POST['dfrn_version'] : 2.0);
+ $forum = (($page == 1) ? 1 : 0);
+ $prv = (($page == 2) ? 1 : 0);
+
logger('dfrn_confirm: requestee contacted: ' . $node);
logger('dfrn_confirm: request: POST=' . print_r($_POST,true), LOGGER_DATA);
@@ -691,6 +696,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
`pending` = 0,
`duplex` = %d,
`forum` = %d,
+ `prv` = %d,
`network` = '%s' WHERE `id` = %d LIMIT 1
",
dbesc($photos[0]),
@@ -701,7 +707,8 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
dbesc(datetime_convert()),
dbesc(datetime_convert()),
intval($duplex),
- intval($page),
+ intval($forum),
+ intval($prv),
dbesc(NETWORK_DFRN),
intval($dfrn_record)
);
diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php
index 65d39d5fe..e55da5572 100644
--- a/mod/dfrn_notify.php
+++ b/mod/dfrn_notify.php
@@ -17,6 +17,9 @@ function dfrn_notify_post(&$a) {
$ssl_policy = ((x($_POST,'ssl_policy')) ? notags(trim($_POST['ssl_policy'])): 'none');
$page = ((x($_POST,'page')) ? intval($_POST['page']) : 0);
+ $forum = (($page == 1) ? 1 : 0);
+ $prv = (($page == 2) ? 1 : 0);
+
$writable = (-1);
if($dfrn_version >= 2.21) {
$writable = (($perm === 'rw') ? 1 : 0);
@@ -88,10 +91,11 @@ function dfrn_notify_post(&$a) {
$importer = $r[0];
- if((($writable != (-1)) && ($writable != $importer['writable'])) || ($importer['forum'] != $page)) {
- q("UPDATE `contact` SET `writable` = %d, forum = %d WHERE `id` = %d LIMIT 1",
+ if((($writable != (-1)) && ($writable != $importer['writable'])) || ($importer['forum'] != $forum) || ($importer['prv'] != $prv)) {
+ q("UPDATE `contact` SET `writable` = %d, forum = %d, prv = %d WHERE `id` = %d LIMIT 1",
intval(($writable == (-1)) ? $importer['writable'] : $writable),
- intval($page),
+ intval($forum),
+ intval($prv),
intval($importer['id'])
);
if($writable != (-1))
diff --git a/mod/dfrn_request.php b/mod/dfrn_request.php
index b809929d7..896fe1792 100644
--- a/mod/dfrn_request.php
+++ b/mod/dfrn_request.php
@@ -68,7 +68,7 @@ function dfrn_request_post(&$a) {
$dfrn_url = notags(trim($_POST['dfrn_url']));
$aes_allow = (((x($_POST,'aes_allow')) && ($_POST['aes_allow'] == 1)) ? 1 : 0);
$confirm_key = ((x($_POST,'confirm_key')) ? $_POST['confirm_key'] : "");
-
+ $hidden = ((x($_POST,'hidden-contact')) ? intval($_POST['hidden-contact']) : 0);
$contact_record = null;
if(x($dfrn_url)) {
@@ -98,8 +98,9 @@ function dfrn_request_post(&$a) {
}
if(is_array($contact_record)) {
- $r = q("UPDATE `contact` SET `ret-aes` = %d WHERE `id` = %d LIMIT 1",
+ $r = q("UPDATE `contact` SET `ret-aes` = %d, hidden = %d WHERE `id` = %d LIMIT 1",
intval($aes_allow),
+ intval($hidden),
intval($contact_record['id'])
);
}
@@ -144,8 +145,8 @@ function dfrn_request_post(&$a) {
*/
$r = q("INSERT INTO `contact` ( `uid`, `created`,`url`, `nurl`, `name`, `nick`, `photo`, `site-pubkey`,
- `request`, `confirm`, `notify`, `poll`, `poco`, `network`, `aes_allow`)
- VALUES ( %d, '%s', '%s', '%s', '%s' , '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d)",
+ `request`, `confirm`, `notify`, `poll`, `poco`, `network`, `aes_allow`, `hidden`)
+ VALUES ( %d, '%s', '%s', '%s', '%s' , '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d)",
intval(local_user()),
datetime_convert(),
dbesc($dfrn_url),
@@ -160,7 +161,8 @@ function dfrn_request_post(&$a) {
$parms['dfrn-poll'],
$parms['dfrn-poco'],
dbesc(NETWORK_DFRN),
- intval($aes_allow)
+ intval($aes_allow),
+ intval($hidden)
);
}
@@ -649,6 +651,8 @@ function dfrn_request_content(&$a) {
$o = replace_macros($tpl,array(
'$dfrn_url' => $dfrn_url,
'$aes_allow' => (($aes_allow) ? '<input type="hidden" name="aes_allow" value="1" />' : "" ),
+ '$hidethem' => t('Hide this contact'),
+ '$hidechecked' => '',
'$confirm_key' => $confirm_key,
'$welcome' => sprintf( t('Welcome home %s.'), $a->user['username']),
'$please' => sprintf( t('Please confirm your introduction/connection request to %s.'), $dfrn_url),
@@ -680,7 +684,7 @@ function dfrn_request_content(&$a) {
$auto_confirm = false;
if(count($r)) {
- if($r[0]['page-flags'] != PAGE_NORMAL)
+ if(($r[0]['page-flags'] != PAGE_NORMAL) && ($r[0]['page-flags'] != PAGE_PRVGROUP))
$auto_confirm = true;
if(! $auto_confirm) {
diff --git a/mod/item.php b/mod/item.php
index 81dd553cd..497cf5daa 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -262,17 +262,17 @@ function item_post(&$a) {
}
}
- if(strlen($categories)) {
- // get the "fileas" tags for this post
- $filedas = file_tag_file_to_list($categories, 'file');
+ if(strlen($categories)) {
+ // get the "fileas" tags for this post
+ $filedas = file_tag_file_to_list($categories, 'file');
}
- // save old and new categories, so we can determine what needs to be deleted from pconfig
- $categories_old = $categories;
- $categories = file_tag_list_to_file(trim($_REQUEST['category']), 'category');
- $categories_new = $categories;
- if(strlen($filedas)) {
- // append the fileas stuff to the new categories list
- $categories .= file_tag_list_to_file($filedas, 'file');
+ // save old and new categories, so we can determine what needs to be deleted from pconfig
+ $categories_old = $categories;
+ $categories = file_tag_list_to_file(trim($_REQUEST['category']), 'category');
+ $categories_new = $categories;
+ if(strlen($filedas)) {
+ // append the fileas stuff to the new categories list
+ $categories .= file_tag_list_to_file($filedas, 'file');
}
// Work around doubled linefeeds in Tinymce 3.5b2
@@ -355,13 +355,15 @@ function item_post(&$a) {
$image_uri = substr($image_uri,0, strpos($image_uri,'-'));
if(! strlen($image_uri))
continue;
- $srch = '<' . intval($contact_record['id']) . '>';
+ $srch = '<' . intval($contact_id) . '>';
+
$r = q("SELECT `id` FROM `photo` WHERE `allow_cid` = '%s' AND `allow_gid` = '' AND `deny_cid` = '' AND `deny_gid` = ''
AND `resource-id` = '%s' AND `uid` = %d LIMIT 1",
dbesc($srch),
dbesc($image_uri),
intval($profile_uid)
);
+
if(! count($r))
continue;
@@ -451,6 +453,7 @@ function item_post(&$a) {
$tagged = array();
+ $private_forum = false;
if(count($tags)) {
foreach($tags as $tag) {
@@ -469,11 +472,22 @@ function item_post(&$a) {
continue;
$success = handle_tag($a, $body, $inform, $str_tags, (local_user()) ? local_user() : $profile_uid , $tag);
- if($success)
+ if($success['replaced'])
$tagged[] = $tag;
+ if(is_array($success['contact']) && intval($success['contact']['prv'])) {
+ $private_forum = true;
+ $private_id = $success['contact']['id'];
+ }
}
}
+ if(($private_forum) && (! $parent) && (! $private)) {
+ // we tagged a private forum in a top level post and the message was public.
+ // Restrict it.
+ $private = 1;
+ $str_contact_allow = '<' . $private_id . '>';
+ }
+
$attachments = '';
$match = false;
@@ -891,6 +905,7 @@ function item_content(&$a) {
function handle_tag($a, &$body, &$inform, &$str_tags, $profile_uid, $tag) {
$replaced = false;
+ $r = null;
//is it a hash tag?
if(strpos($tag,'#') === 0) {
@@ -1021,5 +1036,5 @@ function handle_tag($a, &$body, &$inform, &$str_tags, $profile_uid, $tag) {
}
}
- return $replaced;
+ return array('replaced' => $replaced, 'contact' => $r[0]);
}
diff --git a/mod/network.php b/mod/network.php
index f43eeb67e..7c4c1ac04 100644
--- a/mod/network.php
+++ b/mod/network.php
@@ -402,10 +402,22 @@ function network_content(&$a, $update = 0) {
if(x($_GET,'search')) {
$search = escape_tags($_GET['search']);
- $sql_extra .= sprintf(" AND ( `item`.`body` like '%s' OR `item`.`tag` like '%s' ) ",
- dbesc(protect_sprintf('%' . $search . '%')),
- dbesc(protect_sprintf('%]' . $search . '[%'))
- );
+ if (get_config('system','use_fulltext_engine')) {
+ if(strpos($search,'#') === 0)
+ $sql_extra .= sprintf(" AND (MATCH(tag) AGAINST ('".'"%s"'."' in boolean mode)) ",
+ dbesc(protect_sprintf($search))
+ );
+ else
+ $sql_extra .= sprintf(" AND (MATCH(`item`.`body`) AGAINST ('".'"%s"'."' in boolean mode) or MATCH(tag) AGAINST ('".'"%s"'."' in boolean mode)) ",
+ dbesc(protect_sprintf($search)),
+ dbesc(protect_sprintf($search))
+ );
+ } else {
+ $sql_extra .= sprintf(" AND ( `item`.`body` like '%s' OR `item`.`tag` like '%s' ) ",
+ dbesc(protect_sprintf('%' . $search . '%')),
+ dbesc(protect_sprintf('%]' . $search . '[%'))
+ );
+ }
}
if(strlen($file)) {
$sql_extra .= file_tag_file_query('item',unxmlify($file));
@@ -414,15 +426,22 @@ function network_content(&$a, $update = 0) {
if($conv) {
$myurl = $a->get_baseurl() . '/profile/'. $a->user['nickname'];
$myurl = substr($myurl,strpos($myurl,'://')+3);
- $myurl = str_replace(array('www.','.'),array('','\\.'),$myurl);
+ $myurl = str_replace('www.','',$myurl);
$diasp_url = str_replace('/profile/','/u/',$myurl);
- $sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where ( `author-link` like '%s' or `tag` like '%s' or tag like '%s' )) ",
- dbesc(protect_sprintf('%s' . $myurl)),
- dbesc(protect_sprintf('%' . $myurl . '\\]%')),
- dbesc(protect_sprintf('%' . $diasp_url . '\\]%'))
- );
- }
+ if (get_config('system','use_fulltext_engine'))
+ $sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where (MATCH(`author-link`) AGAINST ('".'"%s"'."' in boolean mode) or MATCH(`tag`) AGAINST ('".'"%s"'."' in boolean mode) or MATCH(tag) AGAINST ('".'"%s"'."' in boolean mode))) ",
+ dbesc(protect_sprintf($myurl)),
+ dbesc(protect_sprintf($myurl)),
+ dbesc(protect_sprintf($diasp_url))
+ );
+ else
+ $sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where ( `author-link` like '%s' or `tag` like '%s' or tag like '%s' )) ",
+ dbesc(protect_sprintf('%' . $myurl)),
+ dbesc(protect_sprintf('%' . $myurl . ']%')),
+ dbesc(protect_sprintf('%' . $diasp_url . ']%'))
+ );
+ }
if($update) {
diff --git a/mod/notes.php b/mod/notes.php
index 0072ce447..703c898e6 100644
--- a/mod/notes.php
+++ b/mod/notes.php
@@ -80,7 +80,8 @@ function notes_content(&$a,$update = false) {
$r = q("SELECT COUNT(*) AS `total`
FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
- WHERE `item`.`uid` = %d AND `item`.`visible` = 1 and `item`.`moderated` = 0 AND `item`.`deleted` = 0
+ WHERE `item`.`uid` = %d AND `item`.`visible` = 1 and `item`.`moderated` = 0
+ AND `item`.`deleted` = 0 AND `item`.`type` = 'note'
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `contact`.`self` = 1
AND `item`.`id` = `item`.`parent` AND `item`.`wall` = 0
$sql_extra ",
@@ -95,7 +96,8 @@ function notes_content(&$a,$update = false) {
$r = q("SELECT `item`.`id` AS `item_id`, `contact`.`uid` AS `contact-uid`
FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
- WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
+ WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
+ and `item`.`moderated` = 0 AND `item`.`type` = 'note'
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `contact`.`self` = 1
AND `item`.`id` = `item`.`parent` AND `item`.`wall` = 0
$sql_extra
diff --git a/mod/profiles.php b/mod/profiles.php
index 26fc88765..ca3890eb9 100644
--- a/mod/profiles.php
+++ b/mod/profiles.php
@@ -146,7 +146,7 @@ function profiles_post(&$a) {
$value = $marital;
}
if($withchanged) {
- $changes[] = '&hearts; ' . t('Romantic Partner');
+ $changes[] = '[color=#ff0000]&hearts;[/color] ' . t('Romantic Partner');
$value = strip_tags($with);
}
if($work != $orig[0]['work']) {
@@ -176,9 +176,18 @@ function profiles_post(&$a) {
$changes[] = t('Interests');
$value = $interest;
}
- if($address != $orig[0]['address'] || $locality != $orig[0]['locality'] || $region != $orig[0]['region']
+ if($address != $orig[0]['address']) {
+ $changes[] = t('Address');
+ // New address not sent in notifications, potential privacy issues
+ // in case this leaks to unintended recipients. Yes, it's in the public
+ // profile but that doesn't mean we have to broadcast it to everybody.
+ }
+ if($locality != $orig[0]['locality'] || $region != $orig[0]['region']
|| $country_name != $orig[0]['country-name']) {
$changes[] = t('Location');
+ $comma1 = ((($locality) && ($region || $country_name)) ? ', ' : ' ');
+ $comma2 = (($region && $country_name) ? ', ' : '');
+ $value = $locality . $comma1 . $region . $comma2 . $country_name;
}
profile_activity($changes,$value);
diff --git a/mod/register.php b/mod/register.php
index 58bba8533..b162f62be 100644
--- a/mod/register.php
+++ b/mod/register.php
@@ -43,326 +43,44 @@ function register_post(&$a) {
break;
}
- $using_invites = get_config('system','invitation_only');
- $num_invites = get_config('system','number_invites');
-
-
- $invite_id = ((x($_POST,'invite_id')) ? notags(trim($_POST['invite_id'])) : '');
- $username = ((x($_POST,'username')) ? notags(trim($_POST['username'])) : '');
- $nickname = ((x($_POST,'nickname')) ? notags(trim($_POST['nickname'])) : '');
- $email = ((x($_POST,'email')) ? notags(trim($_POST['email'])) : '');
- $openid_url = ((x($_POST,'openid_url')) ? notags(trim($_POST['openid_url'])) : '');
- $photo = ((x($_POST,'photo')) ? notags(trim($_POST['photo'])) : '');
- $publish = ((x($_POST,'profile_publish_reg') && intval($_POST['profile_publish_reg'])) ? 1 : 0);
-
- $netpublish = ((strlen(get_config('system','directory_submit_url'))) ? $publish : 0);
-
- $tmp_str = $openid_url;
-
- if($using_invites) {
- if(! $invite_id) {
- notice( t('An invitation is required.') . EOL);
- return;
- }
- $r = q("select * from register where `hash` = '%s' limit 1", dbesc($invite_id));
- if(! results($r)) {
- notice( t('Invitation could not be verified.') . EOL);
- return;
- }
- }
-
- if((! x($username)) || (! x($email)) || (! x($nickname))) {
- if($openid_url) {
- if(! validate_url($tmp_str)) {
- notice( t('Invalid OpenID url') . EOL);
- return;
- }
- $_SESSION['register'] = 1;
- $_SESSION['openid'] = $openid_url;
- require_once('library/openid.php');
- $openid = new LightOpenID;
- $openid->identity = $openid_url;
- $openid->returnUrl = $a->get_baseurl() . '/openid';
- $openid->required = array('namePerson/friendly', 'contact/email', 'namePerson');
- $openid->optional = array('namePerson/first','media/image/aspect11','media/image/default');
- goaway($openid->authUrl());
- // NOTREACHED
- }
-
- notice( t('Please enter the required information.') . EOL );
- return;
- }
-
- if(! validate_url($tmp_str))
- $openid_url = '';
-
-
- $err = '';
-
- // collapse multiple spaces in name
- $username = preg_replace('/ +/',' ',$username);
-
- if(mb_strlen($username) > 48)
- $err .= t('Please use a shorter name.') . EOL;
- if(mb_strlen($username) < 3)
- $err .= t('Name too short.') . EOL;
-
- // I don't really like having this rule, but it cuts down
- // on the number of auto-registrations by Russian spammers
-
- // Using preg_match was completely unreliable, due to mixed UTF-8 regex support
- // $no_utf = get_config('system','no_utf');
- // $pat = (($no_utf) ? '/^[a-zA-Z]* [a-zA-Z]*$/' : '/^\p{L}* \p{L}*$/u' );
+ require_once('include/user.php');
- // So now we are just looking for a space in the full name.
-
- $loose_reg = get_config('system','no_regfullname');
- if(! $loose_reg) {
- $username = mb_convert_case($username,MB_CASE_TITLE,'UTF-8');
- if(! strpos($username,' '))
- $err .= t("That doesn't appear to be your full \x28First Last\x29 name.") . EOL;
- }
-
-
- if(! allowed_email($email))
- $err .= t('Your email domain is not among those allowed on this site.') . EOL;
-
- if((! valid_email($email)) || (! validate_email($email)))
- $err .= t('Not a valid email address.') . EOL;
-
- // Disallow somebody creating an account using openid that uses the admin email address,
- // since openid bypasses email verification. We'll allow it if there is not yet an admin account.
-
- if((x($a->config,'admin_email')) && (strcasecmp($email,$a->config['admin_email']) == 0) && strlen($openid_url)) {
- $r = q("SELECT * FROM `user` WHERE `email` = '%s' LIMIT 1",
- dbesc($email)
- );
- if(count($r))
- $err .= t('Cannot use that email.') . EOL;
- }
+ $result = create_user($_POST);
- $nickname = $_POST['nickname'] = strtolower($nickname);
-
- if(! preg_match("/^[a-z][a-z0-9\-\_]*$/",$nickname))
- $err .= t('Your "nickname" can only contain "a-z", "0-9", "-", and "_", and must also begin with a letter.') . EOL;
- $r = q("SELECT `uid` FROM `user`
- WHERE `nickname` = '%s' LIMIT 1",
- dbesc($nickname)
- );
- if(count($r))
- $err .= t('Nickname is already registered. Please choose another.') . EOL;
-
- // Check deleted accounts that had this nickname. Doesn't matter to us,
- // but could be a security issue for federated platforms.
-
- $r = q("SELECT * FROM `userd`
- WHERE `username` = '%s' LIMIT 1",
- dbesc($nickname)
- );
- if(count($r))
- $err .= t('Nickname was once registered here and may not be re-used. Please choose another.') . EOL;
-
- if(strlen($err)) {
- notice( $err );
+ if(! $result['success']) {
+ notice($result['message']);
return;
}
-
- $new_password = autoname(6) . mt_rand(100,9999);
- $new_password_encoded = hash('whirlpool',$new_password);
-
- require_once('include/crypto.php');
-
- $result = new_keypair(1024);
-
- if($result === false) {
- notice( t('SERIOUS ERROR: Generation of security keys failed.') . EOL);
- return;
- }
-
- $prvkey = $result['prvkey'];
- $pubkey = $result['pubkey'];
-
- /**
- *
- * Create another keypair for signing/verifying
- * salmon protocol messages. We have to use a slightly
- * less robust key because this won't be using openssl
- * but the phpseclib. Since it is PHP interpreted code
- * it is not nearly as efficient, and the larger keys
- * will take several minutes each to process.
- *
- */
-
- $sres = new_keypair(512);
- $sprvkey = $sres['prvkey'];
- $spubkey = $sres['pubkey'];
-
- $r = q("INSERT INTO `user` ( `guid`, `username`, `password`, `email`, `openid`, `nickname`,
- `pubkey`, `prvkey`, `spubkey`, `sprvkey`, `register_date`, `verified`, `blocked`, `timezone` )
- VALUES ( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, 'UTC' )",
- dbesc(generate_user_guid()),
- dbesc($username),
- dbesc($new_password_encoded),
- dbesc($email),
- dbesc($openid_url),
- dbesc($nickname),
- dbesc($pubkey),
- dbesc($prvkey),
- dbesc($spubkey),
- dbesc($sprvkey),
- dbesc(datetime_convert()),
- intval($verified),
- intval($blocked)
- );
-
- if($r) {
- $r = q("SELECT `uid` FROM `user`
- WHERE `username` = '%s' AND `password` = '%s' LIMIT 1",
- dbesc($username),
- dbesc($new_password_encoded)
- );
- if($r !== false && count($r))
- $newuid = intval($r[0]['uid']);
- }
- else {
- notice( t('An error occurred during registration. Please try again.') . EOL );
- return;
- }
-
- /**
- * if somebody clicked submit twice very quickly, they could end up with two accounts
- * due to race condition. Remove this one.
- */
-
- $r = q("SELECT `uid` FROM `user`
- WHERE `nickname` = '%s' ",
- dbesc($nickname)
- );
- if((count($r) > 1) && $newuid) {
- $err .= t('Nickname is already registered. Please choose another.') . EOL;
- q("DELETE FROM `user` WHERE `uid` = %d LIMIT 1",
- intval($newuid)
- );
- notice ($err);
- return;
- }
-
- if(x($newuid) !== false) {
- $r = q("INSERT INTO `profile` ( `uid`, `profile-name`, `is-default`, `name`, `photo`, `thumb`, `publish`, `net-publish` )
- VALUES ( %d, '%s', %d, '%s', '%s', '%s', %d, %d ) ",
- intval($newuid),
- 'default',
- 1,
- dbesc($username),
- dbesc($a->get_baseurl() . "/photo/profile/{$newuid}.jpg"),
- dbesc($a->get_baseurl() . "/photo/avatar/{$newuid}.jpg"),
- intval($publish),
- intval($netpublish)
-
- );
- if($r === false) {
- notice( t('An error occurred creating your default profile. Please try again.') . EOL );
- // Start fresh next time.
- $r = q("DELETE FROM `user` WHERE `uid` = %d",
- intval($newuid));
- return;
- }
- $r = q("INSERT INTO `contact` ( `uid`, `created`, `self`, `name`, `nick`, `photo`, `thumb`, `micro`, `blocked`, `pending`, `url`, `nurl`,
- `request`, `notify`, `poll`, `confirm`, `poco`, `name-date`, `uri-date`, `avatar-date`, `closeness` )
- VALUES ( %d, '%s', 1, '%s', '%s', '%s', '%s', '%s', 0, 0, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', 0 ) ",
- intval($newuid),
- datetime_convert(),
- dbesc($username),
- dbesc($nickname),
- dbesc($a->get_baseurl() . "/photo/profile/{$newuid}.jpg"),
- dbesc($a->get_baseurl() . "/photo/avatar/{$newuid}.jpg"),
- dbesc($a->get_baseurl() . "/photo/micro/{$newuid}.jpg"),
- dbesc($a->get_baseurl() . "/profile/$nickname"),
- dbesc(normalise_link($a->get_baseurl() . "/profile/$nickname")),
- dbesc($a->get_baseurl() . "/dfrn_request/$nickname"),
- dbesc($a->get_baseurl() . "/dfrn_notify/$nickname"),
- dbesc($a->get_baseurl() . "/dfrn_poll/$nickname"),
- dbesc($a->get_baseurl() . "/dfrn_confirm/$nickname"),
- dbesc($a->get_baseurl() . "/poco/$nickname"),
- dbesc(datetime_convert()),
- dbesc(datetime_convert()),
- dbesc(datetime_convert())
- );
-
-
- }
-
- // if we have no OpenID photo try to look up an avatar
- if(! strlen($photo))
- $photo = avatar_img($email);
-
- // unless there is no avatar-plugin loaded
- if(strlen($photo)) {
- require_once('include/Photo.php');
- $photo_failure = false;
-
- $filename = basename($photo);
- $img_str = fetch_url($photo,true);
- $img = new Photo($img_str);
- if($img->is_valid()) {
-
- $img->scaleImageSquare(175);
-
- $hash = photo_new_resource();
-
- $r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 4 );
-
- if($r === false)
- $photo_failure = true;
-
- $img->scaleImage(80);
-
- $r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 5 );
-
- if($r === false)
- $photo_failure = true;
-
- $img->scaleImage(48);
-
- $r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 6 );
-
- if($r === false)
- $photo_failure = true;
-
- if(! $photo_failure) {
- q("UPDATE `photo` SET `profile` = 1 WHERE `resource-id` = '%s' ",
- dbesc($hash)
- );
- }
- }
- }
-
+ $user = $result['user'];
+
if($netpublish && $a->config['register_policy'] != REGISTER_APPROVE) {
- $url = $a->get_baseurl() . "/profile/$nickname";
+ $url = $a->get_baseurl() . '/profile/' . $user['nickname'];
proc_run('php',"include/directory.php","$url");
}
+ $using_invites = get_config('system','invitation_only');
+ $num_invites = get_config('system','number_invites');
+ $invite_id = ((x($_POST,'invite_id')) ? notags(trim($_POST['invite_id'])) : '');
- call_hooks('register_account', $newuid);
if( $a->config['register_policy'] == REGISTER_OPEN ) {
if($using_invites && $invite_id) {
q("delete * from register where hash = '%s' limit 1", dbesc($invite_id));
- set_pconfig($newuid,'system','invites_remaining',$num_invites);
+ set_pconfig($user['uid'],'system','invites_remaining',$num_invites);
}
$email_tpl = get_intltext_template("register_open_eml.tpl");
$email_tpl = replace_macros($email_tpl, array(
'$sitename' => $a->config['sitename'],
'$siteurl' => $a->get_baseurl(),
- '$username' => $username,
- '$email' => $email,
- '$password' => $new_password,
- '$uid' => $newuid ));
+ '$username' => $user['username'],
+ '$email' => $user['email'],
+ '$password' => $result['password'],
+ '$uid' => $user['uid'] ));
- $res = mail($email, sprintf(t('Registration details for %s'), $a->config['sitename']),
+ $res = mail($user['email'], sprintf(t('Registration details for %s'), $a->config['sitename']),
$email_tpl,
'From: ' . t('Administrator') . '@' . $_SERVER['SERVER_NAME'] . "\n"
. 'Content-type: text/plain; charset=UTF-8' . "\n"
@@ -387,8 +105,8 @@ function register_post(&$a) {
$r = q("INSERT INTO `register` ( `hash`, `created`, `uid`, `password`, `language` ) VALUES ( '%s', '%s', %d, '%s', '%s' ) ",
dbesc($hash),
dbesc(datetime_convert()),
- intval($newuid),
- dbesc($new_password),
+ intval($user['uid']),
+ dbesc($result['password']),
dbesc($lang)
);
@@ -402,17 +120,17 @@ function register_post(&$a) {
if($using_invites && $invite_id) {
q("delete * from register where hash = '%s' limit 1", dbesc($invite_id));
- set_pconfig($newuid,'system','invites_remaining',$num_invites);
+ set_pconfig($user['uid'],'system','invites_remaining',$num_invites);
}
$email_tpl = get_intltext_template("register_verify_eml.tpl");
$email_tpl = replace_macros($email_tpl, array(
'$sitename' => $a->config['sitename'],
'$siteurl' => $a->get_baseurl(),
- '$username' => $username,
- '$email' => $email,
- '$password' => $new_password,
- '$uid' => $newuid,
+ '$username' => $user['username'],
+ '$email' => $user['email'],
+ '$password' => $result['password'],
+ '$uid' => $user['uid'],
'$hash' => $hash
));
diff --git a/mod/search.php b/mod/search.php
index 3e6bf68aa..466ffc4c3 100644
--- a/mod/search.php
+++ b/mod/search.php
@@ -71,7 +71,7 @@ function search_content(&$a) {
notice( t('Public access denied.') . EOL);
return;
}
-
+
nav_set_selected('search');
require_once("include/bbcode.php");
@@ -96,7 +96,6 @@ function search_content(&$a) {
$o .= search($search,'search-box','/search',((local_user()) ? true : false));
-
if(strpos($search,'#') === 0) {
$tag = true;
$search = substr($search,1);
@@ -109,10 +108,17 @@ function search_content(&$a) {
if(! $search)
return $o;
- if($tag)
- $sql_extra = sprintf(" AND `item`.`tag` REGEXP '%s' ", dbesc('\\]' . preg_quote($search) . '\\['));
- else
- $sql_extra = sprintf(" AND `item`.`body` REGEXP '%s' ", dbesc(preg_quote($search)));
+ if (get_config('system','use_fulltext_engine')) {
+ if($tag)
+ $sql_extra = sprintf(" AND MATCH (`item`.`tag`) AGAINST ('".'"%s"'."' in boolean mode) ", '#'.dbesc(protect_sprintf($search)));
+ else
+ $sql_extra = sprintf(" AND MATCH (`item`.`body`) AGAINST ('".'"%s"'."' in boolean mode) ", dbesc(protect_sprintf($search)));
+ } else {
+ if($tag)
+ $sql_extra = sprintf(" AND `item`.`tag` REGEXP '%s' ", dbesc('\\]' . protect_sprintf(preg_quote($search)) . '\\['));
+ else
+ $sql_extra = sprintf(" AND `item`.`body` REGEXP '%s' ", dbesc(protect_sprintf(preg_quote($search))));
+ }
diff --git a/mod/settings.php b/mod/settings.php
index 40fa55eea..92593d7a8 100644
--- a/mod/settings.php
+++ b/mod/settings.php
@@ -15,6 +15,7 @@ function get_theme_config_file($theme){
}
function settings_init(&$a) {
+
// These lines provide the javascript needed by the acl selector
$a->page['htmlhead'] .= "<script> var ispublic = '" . t('everybody') . "';" ;
@@ -86,6 +87,7 @@ EOT;
$tabtpl = get_markup_template("generic_links_widget.tpl");
$a->page['aside'] = replace_macros($tabtpl, array(
'$title' => t('Settings'),
+ '$class' => 'settings-widget',
'$items' => $tabs,
));
@@ -337,8 +339,7 @@ function settings_post(&$a) {
$expire_notes = ((x($_POST,'expire_notes')) ? intval($_POST['expire_notes']) : 0);
$expire_starred = ((x($_POST,'expire_starred')) ? intval($_POST['expire_starred']) : 0);
$expire_photos = ((x($_POST,'expire_photos'))? intval($_POST['expire_photos']) : 0);
-
-
+ $expire_network_only = ((x($_POST,'expire_network_only'))? intval($_POST['expire_network_only']) : 0);
$allow_location = (((x($_POST,'allow_location')) && (intval($_POST['allow_location']) == 1)) ? 1: 0);
$publish = (((x($_POST,'profile_in_directory')) && (intval($_POST['profile_in_directory']) == 1)) ? 1: 0);
@@ -434,6 +435,7 @@ function settings_post(&$a) {
set_pconfig(local_user(),'expire','notes', $expire_notes);
set_pconfig(local_user(),'expire','starred', $expire_starred);
set_pconfig(local_user(),'expire','photos', $expire_photos);
+ set_pconfig(local_user(),'expire','network_only', $expire_network_only);
set_pconfig(local_user(),'system','suggestme', $suggestme);
set_pconfig(local_user(),'system','post_newfriend', $post_newfriend);
@@ -443,7 +445,7 @@ function settings_post(&$a) {
if($page_flags == PAGE_PRVGROUP) {
$hidewall = 1;
- if((! str_contact_allow) && (! str_group_allow) && (! str_contact_deny) && (! $str_group_deny)) {
+ if((! $str_contact_allow) && (! $str_group_allow) && (! $str_contact_deny) && (! $str_group_deny)) {
if($def_gid) {
info( t('Private forum has no privacy permissions. Using default privacy group.'). EOL);
$str_group_allow = '<' . $def_gid . '>';
@@ -811,6 +813,9 @@ function settings_content(&$a) {
$expire_photos = get_pconfig(local_user(), 'expire','photos');
$expire_photos = (($expire_photos===false)? '0' : $expire_photos); // default if not set: 0
+ $expire_network_only = get_pconfig(local_user(), 'expire','network_only');
+ $expire_network_only = (($expire_network_only===false)? '0' : $expire_network_only); // default if not set: 0
+
$suggestme = get_pconfig(local_user(), 'system','suggestme');
$suggestme = (($suggestme===false)? '0': $suggestme); // default if not set: 0
@@ -832,27 +837,26 @@ function settings_content(&$a) {
$pageset_tpl = get_markup_template('pagetypes.tpl');
$pagetype = replace_macros($pageset_tpl,array(
- '$page_normal' => array('page-flags', t('Normal Account'), PAGE_NORMAL,
+ '$page_normal' => array('page-flags', t('Normal Account Page'), PAGE_NORMAL,
t('This account is a normal personal profile'),
($a->user['page-flags'] == PAGE_NORMAL)),
- '$page_soapbox' => array('page-flags', t('Soapbox Account'), PAGE_SOAPBOX,
+ '$page_soapbox' => array('page-flags', t('Soapbox Page'), PAGE_SOAPBOX,
t('Automatically approve all connection/friend requests as read-only fans'),
($a->user['page-flags'] == PAGE_SOAPBOX)),
- '$page_community' => array('page-flags', t('Community/Celebrity Account'), PAGE_COMMUNITY,
+ '$page_community' => array('page-flags', t('Community Forum/Celebrity Account'), PAGE_COMMUNITY,
t('Automatically approve all connection/friend requests as read-write fans'),
($a->user['page-flags'] == PAGE_COMMUNITY)),
- '$page_freelove' => array('page-flags', t('Automatic Friend Account'), PAGE_FREELOVE,
+ '$page_freelove' => array('page-flags', t('Automatic Friend Page'), PAGE_FREELOVE,
t('Automatically approve all connection/friend requests as friends'),
($a->user['page-flags'] == PAGE_FREELOVE)),
- '$page_prvgroup' => array('page-flags', t('Private Forum'), PAGE_PRVGROUP,
- t('Private forum - approved members only [Experimental]'),
+ '$page_prvgroup' => array('page-flags', t('Private Forum [Experimental]'), PAGE_PRVGROUP,
+ t('Private forum - approved members only'),
($a->user['page-flags'] == PAGE_PRVGROUP)),
- '$experimental' => ( (intval(get_config('system','prvgroup_testing'))) ? 'true' : ''),
));
@@ -953,6 +957,7 @@ function settings_content(&$a) {
'notes' => array('expire_notes', t("Expire personal notes:"), $expire_notes, '', array(t('No'),t('Yes'))),
'starred' => array('expire_starred', t("Expire starred posts:"), $expire_starred, '', array(t('No'),t('Yes'))),
'photos' => array('expire_photos', t("Expire photos:"), $expire_photos, '', array(t('No'),t('Yes'))),
+ 'network_only' => array('expire_network_only', t("Only expire posts by others:"), $expire_network_only, '', array(t('No'),t('Yes'))),
);
require_once('include/group.php');
@@ -1020,7 +1025,8 @@ function settings_content(&$a) {
'$notify7' => array('notify7', t('You are tagged in a post'), ($notify & NOTIFY_TAGSELF), NOTIFY_TAGSELF, ''),
- '$h_advn' => t('Advanced Page Settings'),
+ '$h_advn' => t('Advanced Account/Page Type Settings'),
+ '$h_descadvn' => t('Change the behaviour of this account for special situations'),
'$pagetype' => $pagetype,
diff --git a/mod/wallmessage.php b/mod/wallmessage.php
index 1a4882b64..cf349775c 100644
--- a/mod/wallmessage.php
+++ b/mod/wallmessage.php
@@ -44,7 +44,7 @@ function wallmessage_post(&$a) {
}
// Work around doubled linefeeds in Tinymce 3.5b2
-dbg(1);
+
$body = str_replace("\r\n","\n",$body);
$body = str_replace("\n\n","\n",$body);
@@ -67,7 +67,7 @@ dbg(1);
default:
info( t('Message sent.') . EOL );
}
-dbg(0);
+
// goaway($a->get_baseurl() . '/profile/' . $user['nickname']);
}