aboutsummaryrefslogtreecommitdiffstats
path: root/mod
diff options
context:
space:
mode:
Diffstat (limited to 'mod')
-rwxr-xr-xmod/admin.php69
-rwxr-xr-xmod/community.php12
-rwxr-xr-xmod/contacts.php39
-rw-r--r--mod/dfrn_confirm.php8
-rwxr-xr-xmod/dfrn_notify.php72
-rwxr-xr-xmod/dfrn_poll.php6
-rwxr-xr-xmod/dfrn_request.php21
-rwxr-xr-xmod/directory.php17
-rwxr-xr-xmod/display.php10
-rw-r--r--mod/filerm.php21
-rwxr-xr-xmod/group.php26
-rwxr-xr-xmod/item.php246
-rwxr-xr-xmod/lostpass.php9
-rwxr-xr-xmod/manage.php2
-rwxr-xr-xmod/message.php22
-rwxr-xr-xmod/network.php26
-rwxr-xr-xmod/notifications.php48
-rw-r--r--mod/notify.php4
-rwxr-xr-xmod/openid.php112
-rwxr-xr-xmod/photo.php26
-rwxr-xr-xmod/photos.php11
-rwxr-xr-xmod/profiles.php18
-rwxr-xr-xmod/search.php7
-rwxr-xr-xmod/settings.php41
-rwxr-xr-xmod/share.php2
25 files changed, 541 insertions, 334 deletions
diff --git a/mod/admin.php b/mod/admin.php
index 93714bb5f..a64b26903 100755
--- a/mod/admin.php
+++ b/mod/admin.php
@@ -37,7 +37,7 @@ function admin_post(&$a){
$func($a);
}
}
- goaway($a->get_baseurl() . '/admin/plugins/' . $a->argv[2] );
+ goaway($a->get_baseurl(true) . '/admin/plugins/' . $a->argv[2] );
return; // NOTREACHED
break;
case 'logs':
@@ -49,7 +49,7 @@ function admin_post(&$a){
}
}
- goaway($a->get_baseurl() . '/admin' );
+ goaway($a->get_baseurl(true) . '/admin' );
return; // NOTREACHED
}
@@ -68,11 +68,11 @@ function admin_content(&$a) {
// array( url, name, extra css classes )
$aside = Array(
- 'site' => Array($a->get_baseurl()."/admin/site/", t("Site") , "site"),
- 'users' => Array($a->get_baseurl()."/admin/users/", t("Users") , "users"),
- 'plugins'=> Array($a->get_baseurl()."/admin/plugins/", t("Plugins") , "plugins"),
- 'themes' => Array($a->get_baseurl()."/admin/themes/", t("Themes") , "themes"),
- 'update' => Array($a->get_baseurl()."/admin/update/", t("Update") , "update")
+ 'site' => Array($a->get_baseurl(true)."/admin/site/", t("Site") , "site"),
+ 'users' => Array($a->get_baseurl(true)."/admin/users/", t("Users") , "users"),
+ 'plugins'=> Array($a->get_baseurl(true)."/admin/plugins/", t("Plugins") , "plugins"),
+ 'themes' => Array($a->get_baseurl(true)."/admin/themes/", t("Themes") , "themes"),
+ 'update' => Array($a->get_baseurl(true)."/admin/update/", t("Update") , "update")
);
/* get plugins admin page */
@@ -81,18 +81,18 @@ function admin_content(&$a) {
$aside['plugins_admin']=Array();
foreach ($r as $h){
$plugin =$h['name'];
- $aside['plugins_admin'][] = Array($a->get_baseurl()."/admin/plugins/".$plugin, $plugin, "plugin");
+ $aside['plugins_admin'][] = Array($a->get_baseurl(true)."/admin/plugins/".$plugin, $plugin, "plugin");
// temp plugins with admin
$a->plugins_admin[] = $plugin;
}
- $aside['logs'] = Array($a->get_baseurl()."/admin/logs/", t("Logs"), "logs");
+ $aside['logs'] = Array($a->get_baseurl(true)."/admin/logs/", t("Logs"), "logs");
$t = get_markup_template("admin_aside.tpl");
$a->page['aside'] = replace_macros( $t, array(
'$admin' => $aside,
'$h_pending' => t('User registrations waiting for confirmation'),
- '$admurl'=> $a->get_baseurl()."/admin/"
+ '$admurl'=> $a->get_baseurl(true)."/admin/"
));
@@ -151,11 +151,7 @@ function admin_page_summary(&$a) {
$r = q("SELECT COUNT(id) as `count` FROM `register`");
$pending = $r[0]['count'];
-
-
-
-
-
+
$t = get_markup_template("admin_summary.tpl");
return replace_macros($t, array(
'$title' => t('Administration'),
@@ -210,7 +206,7 @@ function admin_page_site_post(&$a){
$dfrn_only = ((x($_POST,'dfrn_only')) ? True : False);
$ostatus_disabled = !((x($_POST,'ostatus_disabled')) ? True : False);
$diaspora_enabled = ((x($_POST,'diaspora_enabled')) ? True : False);
-
+ $ssl_policy = ((x($_POST,'ssl_policy')) ? intval($_POST['ssl_policy']) : 0);
set_config('config','sitename',$sitename);
if ($banner==""){
@@ -222,6 +218,7 @@ function admin_page_site_post(&$a){
} else {
set_config('system','banner', $banner);
}
+ set_config('system','ssl_policy',$ssl_policy);
set_config('system','language', $language);
set_config('system','theme', $theme);
set_config('system','maximagesize', $maximagesize);
@@ -258,7 +255,7 @@ function admin_page_site_post(&$a){
set_config('system','diaspora_enabled', $diaspora_enabled);
info( t('Site settings updated.') . EOL);
- goaway($a->get_baseurl() . '/admin/site' );
+ goaway($a->get_baseurl(true) . '/admin/site' );
return; // NOTREACHED
}
@@ -305,7 +302,13 @@ function admin_page_site(&$a) {
REGISTER_APPROVE => t("Requires approval"),
REGISTER_OPEN => t("Open")
);
-
+
+ $ssl_choices = array(
+ SSL_POLICY_NONE => t("No SSL policy, links will track page SSL state"),
+ SSL_POLICY_FULL => t("Force all links to use SSL"),
+ SSL_POLICY_SELFSIGN => t("Self-signed certificate, use SSL for local links only (discouraged)")
+ );
+
$t = get_markup_template("admin_site.tpl");
return replace_macros($t, array(
'$title' => t('Administration'),
@@ -316,13 +319,13 @@ function admin_page_site(&$a) {
'$corporate' => t('Policies'),
'$advanced' => t('Advanced'),
- '$baseurl' => $a->get_baseurl(),
+ '$baseurl' => $a->get_baseurl(true),
// name, label, value, help string, extra data...
'$sitename' => array('sitename', t("Site name"), htmlentities($a->config['sitename'], ENT_QUOTES), ""),
'$banner' => array('banner', t("Banner/Logo"), $banner, ""),
'$language' => array('language', t("System language"), get_config('system','language'), "", $lang_choices),
'$theme' => array('theme', t("System theme"), get_config('system','theme'), t("Default system theme - may be over-ridden by user profiles"), $theme_choices),
-
+ '$ssl_policy' => array('ssl_policy', t("SSL link policy"), (string) intval(get_config('system','ssl_policy')), t("Determines whether generated links should be forced to use SSL"), $ssl_choices),
'$maximagesize' => array('maximagesize', t("Maximum image size"), get_config('system','maximagesize'), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")),
'$register_policy' => array('register_policy', t("Register policy"), $a->config['register_policy'], "", $register_choices),
@@ -389,7 +392,7 @@ function admin_page_users_post(&$a){
user_deny($hash);
}
}
- goaway($a->get_baseurl() . '/admin/users' );
+ goaway($a->get_baseurl(true) . '/admin/users' );
return; // NOTREACHED
}
@@ -399,7 +402,7 @@ function admin_page_users(&$a){
$user = q("SELECT * FROM `user` WHERE `uid`=%d", intval($uid));
if (count($user)==0){
notice( 'User not found' . EOL);
- goaway($a->get_baseurl() . '/admin/users' );
+ goaway($a->get_baseurl(true) . '/admin/users' );
return; // NOTREACHED
}
switch($a->argv[2]){
@@ -418,7 +421,7 @@ function admin_page_users(&$a){
notice( sprintf( ($user[0]['blocked']?t("User '%s' unblocked"):t("User '%s' blocked")) , $user[0]['username']) . EOL);
}; break;
}
- goaway($a->get_baseurl() . '/admin/users' );
+ goaway($a->get_baseurl(true) . '/admin/users' );
return; // NOTREACHED
}
@@ -497,7 +500,7 @@ function admin_page_users(&$a){
// values //
- '$baseurl' => $a->get_baseurl(),
+ '$baseurl' => $a->get_baseurl(true),
'$pending' => $pending,
'$users' => $users,
@@ -536,7 +539,7 @@ function admin_page_plugins(&$a){
info( sprintf( t("Plugin %s enabled."), $plugin ) );
}
set_config("system","addon", implode(", ",$a->plugins));
- goaway($a->get_baseurl() . '/admin/plugins' );
+ goaway($a->get_baseurl(true) . '/admin/plugins' );
return; // NOTREACHED
}
// display plugin details
@@ -569,7 +572,7 @@ function admin_page_plugins(&$a){
'$page' => t('Plugins'),
'$toggle' => t('Toggle'),
'$settings' => t('Settings'),
- '$baseurl' => $a->get_baseurl(),
+ '$baseurl' => $a->get_baseurl(true),
'$plugin' => $plugin,
'$status' => $status,
@@ -607,7 +610,7 @@ function admin_page_plugins(&$a){
'$title' => t('Administration'),
'$page' => t('Plugins'),
'$submit' => t('Submit'),
- '$baseurl' => $a->get_baseurl(),
+ '$baseurl' => $a->get_baseurl(true),
'$function' => 'plugins',
'$plugins' => $plugins
));
@@ -713,7 +716,7 @@ function admin_page_themes(&$a){
info( sprintf('Theme %s disabled.',$theme));
set_config('system','allowed_themes',$s);
- goaway($a->get_baseurl() . '/admin/themes' );
+ goaway($a->get_baseurl(true) . '/admin/themes' );
return; // NOTREACHED
}
@@ -742,7 +745,7 @@ function admin_page_themes(&$a){
'$page' => t('Themes'),
'$toggle' => t('Toggle'),
'$settings' => t('Settings'),
- '$baseurl' => $a->get_baseurl(),
+ '$baseurl' => $a->get_baseurl(true),
'$plugin' => $theme,
'$status' => $status,
@@ -774,7 +777,7 @@ function admin_page_themes(&$a){
'$title' => t('Administration'),
'$page' => t('Themes'),
'$submit' => t('Submit'),
- '$baseurl' => $a->get_baseurl(),
+ '$baseurl' => $a->get_baseurl(true),
'$function' => 'themes',
'$plugins' => $xthemes,
'$experimental' => t('[Experimental]'),
@@ -802,7 +805,7 @@ function admin_page_logs_post(&$a) {
}
info( t("Log settings updated.") );
- goaway($a->get_baseurl() . '/admin/logs' );
+ goaway($a->get_baseurl(true) . '/admin/logs' );
return; // NOTREACHED
}
@@ -856,7 +859,7 @@ readable.");
'$submit' => t('Submit'),
'$clear' => t('Clear'),
'$data' => $data,
- '$baseurl' => $a->get_baseurl(),
+ '$baseurl' => $a->get_baseurl(true),
'$logname' => get_config('system','logfile'),
// name, label, value, help string, extra data...
@@ -901,7 +904,7 @@ function admin_page_remoteupdate(&$a) {
$tpl = get_markup_template("admin_remoteupdate.tpl");
return replace_macros($tpl, array(
- '$baseurl' => $a->get_baseurl(),
+ '$baseurl' => $a->get_baseurl(true),
'$submit' => t("Update now"),
'$close' => t("Close"),
'$localversion' => FRIENDICA_VERSION,
diff --git a/mod/community.php b/mod/community.php
index a98999942..cf459617e 100755
--- a/mod/community.php
+++ b/mod/community.php
@@ -41,15 +41,16 @@ function community_content(&$a, $update = 0) {
// Here is the way permissions work in this module...
- // Only public wall posts can be shown
+ // Only public posts can be shown
// OR your own posts if you are a logged in member
$r = q("SELECT COUNT(*) AS `total`
FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` LEFT JOIN `user` ON `user`.`uid` = `item`.`uid`
WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
- AND `wall` = 1 AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''
- AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND `user`.`hidewall` = 0
+ AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''
+ AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = ''
+ AND `item`.`private` = 0 AND `user`.`hidewall` = 0
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 "
);
@@ -69,8 +70,9 @@ function community_content(&$a, $update = 0) {
FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
LEFT JOIN `user` ON `user`.`uid` = `item`.`uid`
WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
- AND `wall` = 1 AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''
- AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND `user`.`hidewall` = 0
+ AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''
+ AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = ''
+ AND `item`.`private` = 0 AND `user`.`hidewall` = 0
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
ORDER BY `received` DESC LIMIT %d, %d ",
intval($a->pager['start']),
diff --git a/mod/contacts.php b/mod/contacts.php
index 38ca570dd..8aa51d00a 100755
--- a/mod/contacts.php
+++ b/mod/contacts.php
@@ -61,7 +61,7 @@ function contacts_post(&$a) {
if(! count($orig_record)) {
notice( t('Could not access contact record.') . EOL);
- goaway($a->get_baseurl() . '/contacts');
+ goaway($a->get_baseurl(true) . '/contacts');
return; // NOTREACHED
}
@@ -141,7 +141,7 @@ function contacts_content(&$a) {
if(! count($orig_record)) {
notice( t('Could not access contact record.') . EOL);
- goaway($a->get_baseurl() . '/contacts');
+ goaway($a->get_baseurl(true) . '/contacts');
return; // NOTREACHED
}
@@ -149,7 +149,7 @@ function contacts_content(&$a) {
// pull feed and consume it, which should subscribe to the hub.
proc_run('php',"include/poller.php","$contact_id");
- goaway($a->get_baseurl() . '/contacts/' . $contact_id);
+ goaway($a->get_baseurl(true) . '/contacts/' . $contact_id);
// NOTREACHED
}
@@ -164,7 +164,7 @@ function contacts_content(&$a) {
//notice( t('Contact has been ') . (($blocked) ? t('blocked') : t('unblocked')) . EOL );
info( (($blocked) ? t('Contact has been blocked') : t('Contact has been unblocked')) . EOL );
}
- goaway($a->get_baseurl() . '/contacts/' . $contact_id);
+ goaway($a->get_baseurl(true) . '/contacts/' . $contact_id);
return; // NOTREACHED
}
@@ -178,7 +178,7 @@ function contacts_content(&$a) {
if($r) {
info( (($readonly) ? t('Contact has been ignored') : t('Contact has been unignored')) . EOL );
}
- goaway($a->get_baseurl() . '/contacts/' . $contact_id);
+ goaway($a->get_baseurl(true) . '/contacts/' . $contact_id);
return; // NOTREACHED
}
@@ -220,9 +220,9 @@ function contacts_content(&$a) {
contact_remove($orig_record[0]['id']);
info( t('Contact has been removed.') . EOL );
if(x($_SESSION,'return_url'))
- goaway($a->get_baseurl() . '/' . $_SESSION['return_url']);
+ goaway($a->get_baseurl(true) . '/' . $_SESSION['return_url']);
else
- goaway($a->get_baseurl() . '/contacts');
+ goaway($a->get_baseurl(true) . '/contacts');
return; // NOTREACHED
}
}
@@ -233,7 +233,7 @@ function contacts_content(&$a) {
$contact = $a->data['contact'];
$tpl = get_markup_template('contact_head.tpl');
- $a->page['htmlhead'] .= replace_macros($tpl, array('$baseurl' => $a->get_baseurl()));
+ $a->page['htmlhead'] .= replace_macros($tpl, array('$baseurl' => $a->get_baseurl(true)));
require_once('include/contact_selectors.php');
@@ -295,17 +295,17 @@ function contacts_content(&$a) {
$tabs = array(
array(
'label' => (($contact['blocked']) ? t('Unblock') : t('Block') ),
- 'url' => $a->get_baseurl() . '/contacts/' . $contact_id . '/block',
+ 'url' => $a->get_baseurl(true) . '/contacts/' . $contact_id . '/block',
'sel' => '',
),
array(
'label' => (($contact['readonly']) ? t('Unignore') : t('Ignore') ),
- 'url' => $a->get_baseurl() . '/contacts/' . $contact_id . '/ignore',
+ 'url' => $a->get_baseurl(true) . '/contacts/' . $contact_id . '/ignore',
'sel' => '',
),
array(
'label' => t('Repair'),
- 'url' => $a->get_baseurl() . '/crepair/' . $contact_id,
+ 'url' => $a->get_baseurl(true) . '/crepair/' . $contact_id,
'sel' => '',
)
);
@@ -322,7 +322,7 @@ function contacts_content(&$a) {
'$lbl_info1' => t('Contact Information / Notes'),
'$infedit' => t('Edit contact notes'),
'$common_text' => $common_text,
- '$common_link' => $a->get_baseurl() . '/common/' . $contact['id'],
+ '$common_link' => $a->get_baseurl(true) . '/common/' . $contact['id'],
'$all_friends' => $all_friends,
'$relation_text' => $relation_text,
'$visit' => sprintf( t('Visit %s\'s profile [%s]'),$contact['name'],$contact['url']),
@@ -396,31 +396,36 @@ function contacts_content(&$a) {
$tabs = array(
array(
+ 'label' => t('Suggestions'),
+ 'url' => $a->get_baseurl(true) . '/suggest',
+ 'sel' => '',
+ ),
+ array(
'label' => t('All Contacts'),
- 'url' => $a->get_baseurl() . '/contacts/all',
+ 'url' => $a->get_baseurl(true) . '/contacts/all',
'sel' => ($all) ? 'active' : '',
),
array(
'label' => t('Unblocked Contacts'),
- 'url' => $a->get_baseurl() . '/contacts',
+ 'url' => $a->get_baseurl(true) . '/contacts',
'sel' => ((! $all) && (! $blocked) && (! $hidden) && (! $search) && (! $nets) && (! $ignored)) ? 'active' : '',
),
array(
'label' => t('Blocked Contacts'),
- 'url' => $a->get_baseurl() . '/contacts/blocked',
+ 'url' => $a->get_baseurl(true) . '/contacts/blocked',
'sel' => ($blocked) ? 'active' : '',
),
array(
'label' => t('Ignored Contacts'),
- 'url' => $a->get_baseurl() . '/contacts/ignored',
+ 'url' => $a->get_baseurl(true) . '/contacts/ignored',
'sel' => ($ignored) ? 'active' : '',
),
array(
'label' => t('Hidden Contacts'),
- 'url' => $a->get_baseurl() . '/contacts/hidden',
+ 'url' => $a->get_baseurl(true) . '/contacts/hidden',
'sel' => ($hidden) ? 'active' : '',
),
diff --git a/mod/dfrn_confirm.php b/mod/dfrn_confirm.php
index 0bc3ea7df..efb5be3a4 100644
--- a/mod/dfrn_confirm.php
+++ b/mod/dfrn_confirm.php
@@ -207,6 +207,9 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
if($duplex == 1)
$params['duplex'] = 1;
+ if($user['page-flags'] == PAGE_COMMUNITY)
+ $params['page'] = 1;
+
logger('dfrn_confirm: Confirm: posting data to ' . $dfrn_confirm . ': ' . print_r($params,true), LOGGER_DATA);
/**
@@ -522,6 +525,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
$source_url = ((x($_POST,'source_url')) ? hex2bin($_POST['source_url']) : '');
$aes_key = ((x($_POST,'aes_key')) ? $_POST['aes_key'] : '');
$duplex = ((x($_POST,'duplex')) ? intval($_POST['duplex']) : 0 );
+ $page = ((x($_POST,'page')) ? intval($_POST['page']) : 0 );
$version_id = ((x($_POST,'dfrn_version')) ? (float) $_POST['dfrn_version'] : 2.0);
logger('dfrn_confirm: requestee contacted: ' . $node);
@@ -651,7 +655,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
if(count($r))
$photo = $r[0]['photo'];
else
- $photo = $a->get_baseurl() . '/images/default-profile.jpg';
+ $photo = $a->get_baseurl() . '/images/person-175.jpg';
require_once("Photo.php");
@@ -677,6 +681,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
`blocked` = 0,
`pending` = 0,
`duplex` = %d,
+ `forum` = %d,
`network` = '%s' WHERE `id` = %d LIMIT 1
",
dbesc($photos[0]),
@@ -687,6 +692,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
dbesc(datetime_convert()),
dbesc(datetime_convert()),
intval($duplex),
+ intval($page),
dbesc(NETWORK_DFRN),
intval($dfrn_record)
);
diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php
index 0c0c27e3d..71860ac3b 100755
--- a/mod/dfrn_notify.php
+++ b/mod/dfrn_notify.php
@@ -14,6 +14,8 @@ function dfrn_notify_post(&$a) {
$key = ((x($_POST,'key')) ? $_POST['key'] : '');
$dissolve = ((x($_POST,'dissolve')) ? intval($_POST['dissolve']) : 0);
$perm = ((x($_POST,'perm')) ? notags(trim($_POST['perm'])) : 'r');
+ $ssl_policy = ((x($_POST,'ssl_policy')) ? notags(trim($_POST['ssl_policy'])): 'none');
+ $page = ((x($_POST,'page')) ? intval($_POST['page']) : 0);
$writable = (-1);
if($dfrn_version >= 2.21) {
@@ -86,14 +88,76 @@ function dfrn_notify_post(&$a) {
$importer = $r[0];
- if(($writable != (-1)) && ($writable != $importer['writable'])) {
- q("UPDATE `contact` SET `writable` = %d WHERE `id` = %d LIMIT 1",
- intval($writable),
+ if((($writable != (-1)) && ($writable != $importer['writable'])) || ($importer['forum'] != $page)) {
+ q("UPDATE `contact` SET `writable` = %d, forum = %d WHERE `id` = %d LIMIT 1",
+ intval(($writable == (-1)) ? $importer['writable'] : $writable),
+ intval($page),
intval($importer['id'])
);
- $importer['writable'] = $writable;
+ if($writable != (-1))
+ $importer['writable'] = $writable;
+ $importer['forum'] = $page;
}
+ // if contact's ssl policy changed, update our links
+
+ $ssl_changed = false;
+
+ if($ssl_policy == 'self' && strstr($importer['url'],'https:')) {
+ $ssl_changed = true;
+ $importer['url'] = str_replace('https:','http:',$importer['url']);
+ $importer['nurl'] = normalise_link($importer['url']);
+ $importer['photo'] = str_replace('https:','http:',$importer['photo']);
+ $importer['thumb'] = str_replace('https:','http:',$importer['thumb']);
+ $importer['micro'] = str_replace('https:','http:',$importer['micro']);
+ $importer['request'] = str_replace('https:','http:',$importer['request']);
+ $importer['notify'] = str_replace('https:','http:',$importer['notify']);
+ $importer['poll'] = str_replace('https:','http:',$importer['poll']);
+ $importer['confirm'] = str_replace('https:','http:',$importer['confirm']);
+ $importer['poco'] = str_replace('https:','http:',$importer['poco']);
+ }
+
+ if($ssl_policy == 'full' && strstr($importer['url'],'http:')) {
+ $ssl_changed = true;
+ $importer['url'] = str_replace('http:','https:',$importer['url']);
+ $importer['nurl'] = normalise_link($importer['url']);
+ $importer['photo'] = str_replace('http:','https:',$importer['photo']);
+ $importer['thumb'] = str_replace('http:','https:',$importer['thumb']);
+ $importer['micro'] = str_replace('http:','https:',$importer['micro']);
+ $importer['request'] = str_replace('http:','https:',$importer['request']);
+ $importer['notify'] = str_replace('http:','https:',$importer['notify']);
+ $importer['poll'] = str_replace('http:','https:',$importer['poll']);
+ $importer['confirm'] = str_replace('http:','https:',$importer['confirm']);
+ $importer['poco'] = str_replace('http:','https:',$importer['poco']);
+ }
+
+ if($ssl_changed) {
+ q("update contact set
+ url = '%s',
+ nurl = '%s',
+ photo = '%s',
+ thumb = '%s',
+ micro = '%s',
+ request = '%s',
+ notify = '%s',
+ poll = '%s',
+ confirm = '%s',
+ poco = '%s'
+ where id = %d limit 1",
+ dbesc($importer['url']),
+ dbesc($importer['nurl']),
+ dbesc($importer['photo']),
+ dbesc($importer['thumb']),
+ dbesc($importer['micro']),
+ dbesc($importer['request']),
+ dbesc($importer['notify']),
+ dbesc($importer['poll']),
+ dbesc($importer['confirm']),
+ dbesc($importer['poco']),
+ intval($importer['id'])
+ );
+ }
+
logger('dfrn_notify: received notify from ' . $importer['name'] . ' for ' . $importer['username']);
logger('dfrn_notify: data: ' . $data, LOGGER_DATA);
diff --git a/mod/dfrn_poll.php b/mod/dfrn_poll.php
index b12e07132..fe5cd4906 100755
--- a/mod/dfrn_poll.php
+++ b/mod/dfrn_poll.php
@@ -199,7 +199,7 @@ function dfrn_poll_post(&$a) {
$ptype = ((x($_POST,'type')) ? $_POST['type'] : '');
$dfrn_version = ((x($_POST,'dfrn_version')) ? (float) $_POST['dfrn_version'] : 2.0);
$perm = ((x($_POST,'perm')) ? $_POST['perm'] : 'r');
-
+
if($ptype === 'profile-check') {
if((strlen($challenge)) && (strlen($sec))) {
@@ -358,8 +358,8 @@ function dfrn_poll_post(&$a) {
intval($contact_id)
);
}
- }
-
+ }
+
header("Content-type: application/atom+xml");
$o = get_feed_for($a,$dfrn_id, $a->argv[1], $last_update, $direction);
echo $o;
diff --git a/mod/dfrn_request.php b/mod/dfrn_request.php
index 4acb5c9bb..c2d37dac7 100755
--- a/mod/dfrn_request.php
+++ b/mod/dfrn_request.php
@@ -77,9 +77,10 @@ function dfrn_request_post(&$a) {
* Lookup the contact based on their URL (which is the only unique thing we have at the moment)
*/
- $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `url` = '%s' AND `self` = 0 LIMIT 1",
+ $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND (`url` = '%s' OR `nurl` = '%s') AND `self` = 0 LIMIT 1",
intval(local_user()),
- dbesc($dfrn_url)
+ dbesc($dfrn_url),
+ dbesc(normalise_link($dfrn_url))
);
if(count($r)) {
@@ -668,7 +669,21 @@ function dfrn_request_content(&$a) {
$page_desc .= t("Please enter your 'Identity Address' from one of the following supported communications networks:");
- $emailnet = t("<strike>Connect as an email follower</strike> \x28Coming soon\x29");
+ // see if we are allowed to have NETWORK_MAIL2 contacts
+
+ $mail_disabled = ((function_exists('imap_open') && (! get_config('system','imap_disabled'))) ? 0 : 1);
+ if(get_config('system','dfrn_only'))
+ $mail_disabled = 1;
+
+ if(! $mail_disabled) {
+ $r = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1",
+ intval($a->profile['uid'])
+ );
+ if(! count($r))
+ $mail_disabled = 1;
+ }
+
+ $emailnet = (($mail_disabled) ? '' : t("<strike>Connect as an email follower</strike> \x28Coming soon\x29"));
$invite_desc = t('If you are not yet a member of the free social web, <a href="http://dir.friendica.com/siteinfo">follow this link to find a public Friendica site and join us today</a>.');
diff --git a/mod/directory.php b/mod/directory.php
index 962188945..7f18bd026 100755
--- a/mod/directory.php
+++ b/mod/directory.php
@@ -25,10 +25,6 @@ function directory_post(&$a) {
function directory_content(&$a) {
- $everything = (($a->argc > 1 && $a->argv[1] === 'all' && is_site_admin()) ? true : false);
- if(x($_SESSION,'submanage') && intval($_SESSION['submanage']))
- $everything = false;
-
if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
notice( t('Public access denied.') . EOL);
return;
@@ -52,12 +48,6 @@ function directory_content(&$a) {
}
$admin = '';
- if(is_site_admin()) {
- if($everything)
- $admin = '<ul><li><div id="directory-admin-link"><a href="' . $a->get_baseurl() . '/directory' . '">' . t('Normal site view') . '</a></div></li></ul>';
- else
- $admin = '<ul><li><div id="directory-admin-link"><a href="' . $a->get_baseurl() . '/directory/all' . '">' . t('Admin - View all site entries') . '</a></div></li></ul>';
- }
$o .= replace_macros($tpl, array(
'$search' => $search,
@@ -73,17 +63,14 @@ function directory_content(&$a) {
$search = dbesc($search);
$sql_extra = ((strlen($search)) ? " AND MATCH (`profile`.`name`, `user`.`nickname`, `pdesc`, `locality`,`region`,`country-name`,`gender`,`marital`,`sexual`,`about`,`romance`,`work`,`education`,`pub_keywords`,`prv_keywords` ) AGAINST ('$search' IN BOOLEAN MODE) " : "");
- $publish = ((get_config('system','publish_all') || $everything) ? '' : " AND `publish` = 1 " );
+ $publish = ((get_config('system','publish_all')) ? '' : " AND `publish` = 1 " );
$r = q("SELECT COUNT(*) AS `total` FROM `profile` LEFT JOIN `user` ON `user`.`uid` = `profile`.`uid` WHERE `is-default` = 1 $publish AND `user`.`blocked` = 0 $sql_extra ");
if(count($r))
$a->set_pager_total($r[0]['total']);
- if($everything)
- $order = " ORDER BY `register_date` DESC ";
- else
- $order = " ORDER BY `name` ASC ";
+ $order = " ORDER BY `name` ASC ";
$r = q("SELECT `profile`.*, `profile`.`uid` AS `profile_uid`, `user`.`nickname`, `user`.`timezone` FROM `profile` LEFT JOIN `user` ON `user`.`uid` = `profile`.`uid` WHERE `is-default` = 1 $publish AND `user`.`blocked` = 0 $sql_extra $order LIMIT %d , %d ",
diff --git a/mod/display.php b/mod/display.php
index f428149e8..81ed174ac 100755
--- a/mod/display.php
+++ b/mod/display.php
@@ -16,7 +16,15 @@ function display_content(&$a) {
$o = '<div id="live-display"></div>' . "\r\n";
- $a->page['htmlhead'] .= '<script>$(document).ready(function() { $(".comment-edit-wrapper textarea").contact_autocomplete(baseurl+"/acl"); });</script>';
+ $a->page['htmlhead'] .= <<<EOT
+<script>
+$(document).ready(function() {
+ $(".comment-edit-wrapper textarea").contact_autocomplete(baseurl+"/acl");
+ // make auto-complete work in more places
+ $(".wall-item-comment-wrapper textarea").contact_autocomplete(baseurl+"/acl");
+});
+</script>
+EOT;
$nick = (($a->argc > 1) ? $a->argv[1] : '');
diff --git a/mod/filerm.php b/mod/filerm.php
new file mode 100644
index 000000000..66b684dc9
--- /dev/null
+++ b/mod/filerm.php
@@ -0,0 +1,21 @@
+<?php
+
+function filerm_content(&$a) {
+
+ if(! local_user()) {
+ killme();
+ }
+
+ $term = notags(trim($_GET['term']));
+ $item_id = (($a->argc > 1) ? notags(trim($a->argv[1])) : 0);
+
+ logger('filerm: tag ' . $term . ' item ' . $item_id);
+
+ if($item_id && strlen($term))
+ file_tag_unsave_file(local_user(),$item_id,$term);
+
+ if(x($_SESSION,'return_url'))
+ goaway($a->get_baseurl() . '/' . $_SESSION['return_url']);
+
+ killme();
+}
diff --git a/mod/group.php b/mod/group.php
index 13401ef0d..a282dbccf 100755
--- a/mod/group.php
+++ b/mod/group.php
@@ -21,6 +21,8 @@ function group_post(&$a) {
}
if(($a->argc == 2) && ($a->argv[1] === 'new')) {
+ check_form_security_token_redirectOnErr('/group/new', 'group_edit');
+
$name = notags(trim($_POST['groupname']));
$r = group_add(local_user(),$name);
if($r) {
@@ -35,6 +37,8 @@ function group_post(&$a) {
return; // NOTREACHED
}
if(($a->argc == 2) && (intval($a->argv[1]))) {
+ check_form_security_token_redirectOnErr('/group', 'group_edit');
+
$r = q("SELECT * FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($a->argv[1]),
intval(local_user())
@@ -62,7 +66,8 @@ function group_post(&$a) {
}
function group_content(&$a) {
-
+ $change = false;
+
if(! local_user()) {
notice( t('Permission denied') . EOL);
return;
@@ -83,14 +88,17 @@ function group_content(&$a) {
return replace_macros($tpl, $context + array(
'$title' => t('Create a group of contacts/friends.'),
- '$gname' => array('groupname',t('Group Name: '),$group['name'], ''),
+ '$gname' => array('groupname',t('Group Name: '), '', ''),
'$gid' => 'new',
+ '$form_security_token' => get_form_security_token("group_edit"),
));
}
if(($a->argc == 3) && ($a->argv[1] === 'drop')) {
+ check_form_security_token_redirectOnErr('/group', 'group_drop', 't');
+
if(intval($a->argv[2])) {
$r = q("SELECT `name` FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($a->argv[2]),
@@ -108,6 +116,8 @@ function group_content(&$a) {
}
if(($a->argc > 2) && intval($a->argv[1]) && intval($a->argv[2])) {
+ check_form_security_token_ForbiddenOnErr('group_member_change', 't');
+
$r = q("SELECT `id` FROM `contact` WHERE `id` = %d AND `uid` = %d and `self` = 0 and `blocked` = 0 AND `pending` = 0 LIMIT 1",
intval($a->argv[2]),
intval(local_user())
@@ -155,7 +165,8 @@ function group_content(&$a) {
$drop_tpl = get_markup_template('group_drop.tpl');
$drop_txt = replace_macros($drop_tpl, array(
'$id' => $group['id'],
- '$delete' => t('Delete')
+ '$delete' => t('Delete'),
+ '$form_security_token' => get_form_security_token("group_drop"),
));
$celeb = ((($a->user['page-flags'] == PAGE_SOAPBOX) || ($a->user['page-flags'] == PAGE_COMMUNITY)) ? true : false);
@@ -166,6 +177,7 @@ function group_content(&$a) {
'$gname' => array('groupname',t('Group Name: '),$group['name'], ''),
'$gid' => $group['id'],
'$drop' => $drop_txt,
+ '$form_security_token' => get_form_security_token('group_edit'),
);
}
@@ -177,14 +189,14 @@ function group_content(&$a) {
'label_members' => t('Members'),
'members' => array(),
'label_contacts' => t('All Contacts'),
- 'contacts' => arraY(),
+ 'contacts' => array(),
);
-
+ $sec_token = addslashes(get_form_security_token('group_member_change'));
$textmode = (($switchtotext && (count($members) > $switchtotext)) ? true : false);
foreach($members as $member) {
if($member['url']) {
- $member['click'] = 'groupChangeMember(' . $group['id'] . ',' . $member['id'] . '); return true;';
+ $member['click'] = 'groupChangeMember(' . $group['id'] . ',' . $member['id'] . ',\'' . $sec_token . '\'); return true;';
$groupeditor['members'][] = micropro($member,true,'mpgroup', $textmode);
}
else
@@ -199,7 +211,7 @@ function group_content(&$a) {
$textmode = (($switchtotext && (count($r) > $switchtotext)) ? true : false);
foreach($r as $member) {
if(! in_array($member['id'],$preselected)) {
- $member['click'] = 'groupChangeMember(' . $group['id'] . ',' . $member['id'] . '); return true;';
+ $member['click'] = 'groupChangeMember(' . $group['id'] . ',' . $member['id'] . ',\'' . $sec_token . '\'); return true;';
$groupeditor['contacts'][] = micropro($member,true,'mpall', $textmode);
}
}
diff --git a/mod/item.php b/mod/item.php
index 81d7c753b..fe570075f 100755
--- a/mod/item.php
+++ b/mod/item.php
@@ -425,110 +425,7 @@ function item_post(&$a) {
if(count($tags)) {
foreach($tags as $tag) {
-
- if(isset($profile))
- unset($profile);
- if(strpos($tag,'#') === 0) {
- if(strpos($tag,'[url='))
- continue;
- $basetag = str_replace('_',' ',substr($tag,1));
- $body = str_replace($tag,'#[url=' . $a->get_baseurl() . '/search?search=' . rawurlencode($basetag) . ']' . $basetag . '[/url]',$body);
-
- $newtag = '#[url=' . $a->get_baseurl() . '/search?search=' . rawurlencode($basetag) . ']' . $basetag . '[/url]';
- if(! stristr($str_tags,$newtag)) {
- if(strlen($str_tags))
- $str_tags .= ',';
- $str_tags .= $newtag;
- }
- continue;
- }
- if(strpos($tag,'@') === 0) {
- if(strpos($tag,'[url='))
- continue;
- $stat = false;
- $name = substr($tag,1);
- if((strpos($name,'@')) || (strpos($name,'http://'))) {
- $newname = $name;
- $links = @lrdd($name);
- if(count($links)) {
- foreach($links as $link) {
- if($link['@attributes']['rel'] === 'http://webfinger.net/rel/profile-page')
- $profile = $link['@attributes']['href'];
- if($link['@attributes']['rel'] === 'salmon') {
- if(strlen($inform))
- $inform .= ',';
- $inform .= 'url:' . str_replace(',','%2c',$link['@attributes']['href']);
- }
- }
- }
- }
- else {
- $newname = $name;
- $alias = '';
- $tagcid = 0;
- if(strrpos($newname,'+')) {
- $tagcid = intval(substr($newname,strrpos($newname,'+') + 1));
- if(strpos($name,' '))
- $name = substr($name,0,strpos($name,' '));
- }
- if($tagcid) {
- $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
- intval($tagcid),
- intval($profile_uid)
- );
- }
- elseif(strstr($name,'_') || strstr($name,' ')) {
- $newname = str_replace('_',' ',$name);
- $r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `uid` = %d LIMIT 1",
- dbesc($newname),
- intval($profile_uid)
- );
- }
- else {
- $r = q("SELECT * FROM `contact` WHERE `attag` = '%s' OR `nick` = '%s' AND `uid` = %d ORDER BY `attag` DESC LIMIT 1",
- dbesc($name),
- dbesc($name),
- intval($profile_uid)
- );
- }
- if(count($r)) {
- $profile = $r[0]['url'];
- if($r[0]['network'] === 'stat') {
- $newname = $r[0]['nick'];
- $stat = true;
- if($r[0]['alias'])
- $alias = $r[0]['alias'];
- }
- else
- $newname = $r[0]['name'];
- if(strlen($inform))
- $inform .= ',';
- $inform .= 'cid:' . $r[0]['id'];
- }
- }
- if($profile) {
- $body = str_replace('@' . $name, '@' . '[url=' . $profile . ']' . $newname . '[/url]', $body);
- $profile = str_replace(',','%2c',$profile);
- $newtag = '@[url=' . $profile . ']' . $newname . '[/url]';
- if(! stristr($str_tags,$newtag)) {
- if(strlen($str_tags))
- $str_tags .= ',';
- $str_tags .= $newtag;
- }
-
- // Status.Net seems to require the numeric ID URL in a mention if the person isn't
- // subscribed to you. But the nickname URL is OK if they are. Grrr. We'll tag both.
-
- if(strlen($alias)) {
- $newtag = '@[url=' . $alias . ']' . $newname . '[/url]';
- if(! stristr($str_tags,$newtag)) {
- if(strlen($str_tags))
- $str_tags .= ',';
- $str_tags .= $newtag;
- }
- }
- }
- }
+ handle_tag($a, $body, $inform, $str_tags, $profile_uid, $tag);
}
}
@@ -627,7 +524,7 @@ function item_post(&$a) {
if($preview) {
require_once('include/conversation.php');
- $o = conversation(&$a,array(array_merge($contact_record,$datarray)),'search',false,true);
+ $o = conversation($a,array(array_merge($contact_record,$datarray)),'search',false,true);
logger('preview: ' . $o);
echo json_encode(array('preview' => $o));
killme();
@@ -922,3 +819,142 @@ function item_content(&$a) {
drop_item($a->argv[2]);
}
}
+
+/**
+ * This function removes the tag $tag from the text $body and replaces it with
+ * the appropiate link.
+ *
+ * @param unknown_type $body the text to replace the tag in
+ * @param unknown_type $inform a comma-seperated string containing everybody to inform
+ * @param unknown_type $str_tags string to add the tag to
+ * @param unknown_type $profile_uid
+ * @param unknown_type $tag the tag to replace
+ */
+function handle_tag($a, &$body, &$inform, &$str_tags, $profile_uid, $tag) {
+ //is it a hash tag?
+ if(strpos($tag,'#') === 0) {
+ //if the tag is replaced...
+ if(strpos($tag,'[url='))
+ //...do nothing
+ return;
+ //base tag has the tags name only
+ $basetag = str_replace('_',' ',substr($tag,1));
+ //create text for link
+ $newtag = '#[url=' . $a->get_baseurl() . '/search?search=' . rawurlencode($basetag) . ']' . $basetag . '[/url]';
+ //replace tag by the link
+ $body = str_replace($tag, $newtag, $body);
+
+ //is the link already in str_tags?
+ if(! stristr($str_tags,$newtag)) {
+ //append or set str_tags
+ if(strlen($str_tags))
+ $str_tags .= ',';
+ $str_tags .= $newtag;
+ }
+ return;
+ }
+ //is it a person tag?
+ if(strpos($tag,'@') === 0) {
+ //is it already replaced?
+ if(strpos($tag,'[url='))
+ return;
+ $stat = false;
+ //get the person's name
+ $name = substr($tag,1);
+ //is it a link or a full dfrn address?
+ if((strpos($name,'@')) || (strpos($name,'http://'))) {
+ $newname = $name;
+ //get the profile links
+ $links = @lrdd($name);
+ if(count($links)) {
+ //for all links, collect how is to inform and how's profile is to link
+ foreach($links as $link) {
+ if($link['@attributes']['rel'] === 'http://webfinger.net/rel/profile-page')
+ $profile = $link['@attributes']['href'];
+ if($link['@attributes']['rel'] === 'salmon') {
+ if(strlen($inform))
+ $inform .= ',';
+ $inform .= 'url:' . str_replace(',','%2c',$link['@attributes']['href']);
+ }
+ }
+ }
+ } else { //if it is a name rather than an address
+ $newname = $name;
+ $alias = '';
+ $tagcid = 0;
+ //is it some generated name?
+ if(strrpos($newname,'+')) {
+ //get the id
+ $tagcid = intval(substr($newname,strrpos($newname,'+') + 1));
+ //remove the next word from tag's name
+ if(strpos($name,' ')) {
+ $name = substr($name,0,strpos($name,' '));
+ }
+ }
+ if($tagcid) { //if there was an id
+ //select contact with that id from the logged in user's contact list
+ $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
+ intval($tagcid),
+ intval($profile_uid)
+ );
+ } elseif(strstr($name,'_') || strstr($name,' ')) { //no id
+ //get the real name
+ $newname = str_replace('_',' ',$name);
+ //select someone from this user's contacts by name
+ $r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `uid` = %d LIMIT 1",
+ dbesc($newname),
+ intval($profile_uid)
+ );
+ } else {
+ //select someone by attag or nick and the name passed in
+ $r = q("SELECT * FROM `contact` WHERE `attag` = '%s' OR `nick` = '%s' AND `uid` = %d ORDER BY `attag` DESC LIMIT 1",
+ dbesc($name),
+ dbesc($name),
+ intval($profile_uid)
+ );
+ }
+ //$r is set, if someone could be selected
+ if(count($r)) {
+ $profile = $r[0]['url'];
+ //set newname to nick, find alias
+ if($r[0]['network'] === 'stat') {
+ $newname = $r[0]['nick'];
+ $stat = true;
+ if($r[0]['alias'])
+ $alias = $r[0]['alias'];
+ }
+ else
+ $newname = $r[0]['name'];
+ //add person's id to $inform
+ if(strlen($inform))
+ $inform .= ',';
+ $inform .= 'cid:' . $r[0]['id'];
+ }
+ }
+ //if there is an url for this persons profile
+ if(isset($profile)) {
+ //create profile link
+ $profile = str_replace(',','%2c',$profile);
+ $newtag = '@[url=' . $profile . ']' . $newname . '[/url]';
+ $body = str_replace('@' . $name, $newtag, $body);
+ //append tag to str_tags
+ if(! stristr($str_tags,$newtag)) {
+ if(strlen($str_tags))
+ $str_tags .= ',';
+ $str_tags .= $newtag;
+ }
+
+ // Status.Net seems to require the numeric ID URL in a mention if the person isn't
+ // subscribed to you. But the nickname URL is OK if they are. Grrr. We'll tag both.
+
+ if(strlen($alias)) {
+ $newtag = '@[url=' . $alias . ']' . $newname . '[/url]';
+ if(! stristr($str_tags,$newtag)) {
+ if(strlen($str_tags))
+ $str_tags .= ',';
+ $str_tags .= $newtag;
+ }
+ }
+ }
+ }
+}
diff --git a/mod/lostpass.php b/mod/lostpass.php
index b71398fa4..57e6d6965 100755
--- a/mod/lostpass.php
+++ b/mod/lostpass.php
@@ -3,13 +3,13 @@
function lostpass_post(&$a) {
- $email = notags(trim($_POST['login-name']));
- if(! $email)
+ $loginame = notags(trim($_POST['login-name']));
+ if(! $loginame)
goaway(z_root());
$r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' ) AND `verified` = 1 AND `blocked` = 0 LIMIT 1",
- dbesc($email),
- dbesc($email)
+ dbesc($loginame),
+ dbesc($loginame)
);
if(! count($r)) {
@@ -19,6 +19,7 @@ function lostpass_post(&$a) {
$uid = $r[0]['uid'];
$username = $r[0]['username'];
+ $email = $r[0]['email'];
$new_password = autoname(12) . mt_rand(100,9999);
$new_password_encoded = hash('whirlpool',$new_password);
diff --git a/mod/manage.php b/mod/manage.php
index ec4dcd8a0..84dfa6917 100755
--- a/mod/manage.php
+++ b/mod/manage.php
@@ -74,7 +74,7 @@ function manage_post(&$a) {
if($limited_id)
$_SESSION['submanage'] = $original_id;
- goaway($a->get_baseurl() . '/profile/' . $a->user['nickname']);
+ goaway($a->get_baseurl(true) . '/profile/' . $a->user['nickname']);
// NOTREACHED
}
diff --git a/mod/message.php b/mod/message.php
index 65f692f3d..0907abd77 100755
--- a/mod/message.php
+++ b/mod/message.php
@@ -56,23 +56,23 @@ function message_content(&$a) {
return;
}
- $myprofile = $a->get_baseurl() . '/profile/' . $a->user['nickname'];
+ $myprofile = $a->get_baseurl(true) . '/profile/' . $a->user['nickname'];
$tabs = array(
array(
'label' => t('Inbox'),
- 'url'=> $a->get_baseurl() . '/message',
+ 'url'=> $a->get_baseurl(true) . '/message',
'sel'=> (($a->argc == 1) ? 'active' : ''),
),
array(
'label' => t('Outbox'),
- 'url' => $a->get_baseurl() . '/message/sent',
+ 'url' => $a->get_baseurl(true) . '/message/sent',
'sel'=> (($a->argv[1] == 'sent') ? 'active' : ''),
),
array(
'label' => t('New Message'),
- 'url' => $a->get_baseurl() . '/message/new',
+ 'url' => $a->get_baseurl(true) . '/message/new',
'sel'=> (($a->argv[1] == 'new') ? 'active' : ''),
),
);
@@ -99,7 +99,7 @@ function message_content(&$a) {
if($r) {
info( t('Message deleted.') . EOL );
}
- goaway($a->get_baseurl() . '/message' );
+ goaway($a->get_baseurl(true) . '/message' );
}
else {
$r = q("SELECT `parent-uri`,`convid` FROM `mail` WHERE `id` = %d AND `uid` = %d LIMIT 1",
@@ -129,7 +129,7 @@ function message_content(&$a) {
if($r)
info( t('Conversation removed.') . EOL );
}
- goaway($a->get_baseurl() . '/message' );
+ goaway($a->get_baseurl(true) . '/message' );
}
}
@@ -146,7 +146,7 @@ function message_content(&$a) {
$tpl = get_markup_template('msg-header.tpl');
$a->page['htmlhead'] .= replace_macros($tpl, array(
- '$baseurl' => $a->get_baseurl(),
+ '$baseurl' => $a->get_baseurl(true),
'$editselect' => (($plaintext) ? 'none' : '/(profile-jot-text|prvmail-text)/'),
'$nickname' => $a->user['nickname'],
'$linkurl' => t('Please enter a link URL:')
@@ -154,7 +154,7 @@ function message_content(&$a) {
$preselect = (isset($a->argv[2])?array($a->argv[2]):false);
- $select = contact_select('messageto','message-to-select', $preselect, 4, true);
+ $select = contact_select('messageto','message-to-select', $preselect, 4, true, false, false, 10);
$tpl = get_markup_template('prv_message.tpl');
$o .= replace_macros($tpl,array(
'$header' => t('Send Private Message'),
@@ -210,7 +210,7 @@ function message_content(&$a) {
$o .= replace_macros($tpl, array(
'$id' => $rr['id'],
'$from_name' =>$rr['from-name'],
- '$from_url' => (($rr['network'] === NETWORK_DFRN) ? $a->get_baseurl() . '/redir/' . $rr['contact-id'] : $rr['url']),
+ '$from_url' => (($rr['network'] === NETWORK_DFRN) ? $a->get_baseurl(true) . '/redir/' . $rr['contact-id'] : $rr['url']),
'$sparkle' => ' sparkle',
'$from_photo' => $rr['thumb'],
'$subject' => template_escape((($rr['mailseen']) ? $rr['title'] : '<strong>' . $rr['title'] . '</strong>')),
@@ -267,7 +267,7 @@ function message_content(&$a) {
$a->page['htmlhead'] .= replace_macros($tpl, array(
'$nickname' => $a->user['nickname'],
- '$baseurl' => $a->get_baseurl()
+ '$baseurl' => $a->get_baseurl(true)
));
@@ -278,7 +278,7 @@ function message_content(&$a) {
$sparkle = '';
}
else {
- $from_url = $a->get_baseurl() . '/redir/' . $message['contact-id'];
+ $from_url = $a->get_baseurl(true) . '/redir/' . $message['contact-id'];
$sparkle = ' sparkle';
}
$o .= replace_macros($tpl, array(
diff --git a/mod/network.php b/mod/network.php
index 4f58fc4fb..9ec8c23b5 100755
--- a/mod/network.php
+++ b/mod/network.php
@@ -44,14 +44,16 @@ function network_init(&$a) {
}
$a->page['aside'] .= group_side('network','network',true,$group_id);
- $a->page['aside'] .= networks_widget($a->get_baseurl() . '/network',(x($_GET, 'nets') ? $_GET['nets'] : ''));
+ $a->page['aside'] .= networks_widget($a->get_baseurl(true) . '/network',(x($_GET, 'nets') ? $_GET['nets'] : ''));
$a->page['aside'] .= saved_searches($search);
- $a->page['aside'] .= fileas_widget($a->get_baseurl() . '/network',(x($_GET, 'file') ? $_GET['file'] : ''));
+ $a->page['aside'] .= fileas_widget($a->get_baseurl(true) . '/network',(x($_GET, 'file') ? $_GET['file'] : ''));
}
function saved_searches($search) {
+ $a = get_app();
+
$srchurl = '/network?f='
. ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : '')
. ((x($_GET,'star')) ? '&star=' . $_GET['star'] : '')
@@ -167,38 +169,38 @@ function network_content(&$a, $update = 0) {
$tabs = array(
array(
'label' => t('Commented Order'),
- 'url'=>$a->get_baseurl() . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '?f=&cid=' . $_GET['cid'] : ''),
+ 'url'=>$a->get_baseurl(true) . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '?f=&cid=' . $_GET['cid'] : ''),
'sel'=>$all_active,
),
array(
'label' => t('Posted Order'),
- 'url'=>$a->get_baseurl() . '/' . str_replace('/new', '', $a->cmd) . '?f=&order=post' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : ''),
+ 'url'=>$a->get_baseurl(true) . '/' . str_replace('/new', '', $a->cmd) . '?f=&order=post' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : ''),
'sel'=>$postord_active,
),
array(
'label' => t('Personal'),
- 'url' => $a->get_baseurl() . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&conv=1',
+ 'url' => $a->get_baseurl(true) . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&conv=1',
'sel' => $conv_active,
),
array(
'label' => t('New'),
- 'url' => $a->get_baseurl() . '/' . str_replace('/new', '', $a->cmd) . '/new' . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : ''),
+ 'url' => $a->get_baseurl(true) . '/' . str_replace('/new', '', $a->cmd) . '/new' . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : ''),
'sel' => $new_active,
),
array(
'label' => t('Starred'),
- 'url'=>$a->get_baseurl() . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&star=1',
+ 'url'=>$a->get_baseurl(true) . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&star=1',
'sel'=>$starred_active,
),
array(
- 'label' => t('Bookmarks'),
- 'url'=>$a->get_baseurl() . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&bmark=1',
+ 'label' => t('Shared Links'),
+ 'url'=>$a->get_baseurl(true) . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&bmark=1',
'sel'=>$bookmarked_active,
),
// array(
// 'label' => t('Spam'),
-// 'url'=>$a->get_baseurl() . '/network?f=&spam=1'
+// 'url'=>$a->get_baseurl(true) . '/network?f=&spam=1'
// 'sel'=> $spam_active,
// ),
@@ -300,7 +302,7 @@ function network_content(&$a, $update = 0) {
if($update)
killme();
notice( t('No such group') . EOL );
- goaway($a->get_baseurl() . '/network');
+ goaway($a->get_baseurl(true) . '/network');
// NOTREACHED
}
@@ -332,7 +334,7 @@ function network_content(&$a, $update = 0) {
}
else {
notice( t('Invalid contact.') . EOL);
- goaway($a->get_baseurl() . '/network');
+ goaway($a->get_baseurl(true) . '/network');
// NOTREACHED
}
}
diff --git a/mod/notifications.php b/mod/notifications.php
index 99031a1d5..ff131010f 100755
--- a/mod/notifications.php
+++ b/mod/notifications.php
@@ -42,12 +42,12 @@ function notifications_post(&$a) {
intval(local_user())
);
}
- goaway($a->get_baseurl() . '/notifications/intros');
+ goaway($a->get_baseurl(true) . '/notifications/intros');
}
if($_POST['submit'] == t('Ignore')) {
$r = q("UPDATE `intro` SET `ignore` = 1 WHERE `id` = %d LIMIT 1",
intval($intro_id));
- goaway($a->get_baseurl() . '/notifications/intros');
+ goaway($a->get_baseurl(true) . '/notifications/intros');
}
}
}
@@ -69,32 +69,32 @@ function notifications_content(&$a) {
$tabs = array(
array(
'label' => t('System'),
- 'url'=>$a->get_baseurl() . '/notifications/system',
+ 'url'=>$a->get_baseurl(true) . '/notifications/system',
'sel'=> (($a->argv[1] == 'system') ? 'active' : ''),
),
array(
'label' => t('Network'),
- 'url'=>$a->get_baseurl() . '/notifications/network',
+ 'url'=>$a->get_baseurl(true) . '/notifications/network',
'sel'=> (($a->argv[1] == 'network') ? 'active' : ''),
),
array(
'label' => t('Personal'),
- 'url'=>$a->get_baseurl() . '/notifications/personal',
+ 'url'=>$a->get_baseurl(true) . '/notifications/personal',
'sel'=> (($a->argv[1] == 'personal') ? 'active' : ''),
),
array(
'label' => t('Home'),
- 'url' => $a->get_baseurl() . '/notifications/home',
+ 'url' => $a->get_baseurl(true) . '/notifications/home',
'sel'=> (($a->argv[1] == 'home') ? 'active' : ''),
),
array(
'label' => t('Introductions'),
- 'url' => $a->get_baseurl() . '/notifications/intros',
+ 'url' => $a->get_baseurl(true) . '/notifications/intros',
'sel'=> (($a->argv[1] == 'intros') ? 'active' : ''),
),
array(
'label' => t('Messages'),
- 'url' => $a->get_baseurl() . '/message',
+ 'url' => $a->get_baseurl(true) . '/message',
'sel'=> '',
),
);
@@ -143,7 +143,7 @@ function notifications_content(&$a) {
'$intro_id' => $rr['intro_id'],
'$madeby' => sprintf( t('suggested by %s'),$rr['name']),
'$contact_id' => $rr['contact-id'],
- '$photo' => ((x($rr,'fphoto')) ? $rr['fphoto'] : "images/default-profile.jpg"),
+ '$photo' => ((x($rr,'fphoto')) ? $rr['fphoto'] : "images/person-175.jpg"),
'$fullname' => $rr['fname'],
'$url' => $rr['furl'],
'$hidden' => array('hidden', t('Hide this contact from others'), ($rr['hidden'] == 1), ''),
@@ -191,7 +191,7 @@ function notifications_content(&$a) {
'$uid' => $_SESSION['uid'],
'$intro_id' => $rr['intro_id'],
'$contact_id' => $rr['contact-id'],
- '$photo' => ((x($rr,'photo')) ? $rr['photo'] : "images/default-profile.jpg"),
+ '$photo' => ((x($rr,'photo')) ? $rr['photo'] : "images/person-175.jpg"),
'$fullname' => $rr['name'],
'$hidden' => array('hidden', t('Hide this contact from others'), ($rr['hidden'] == 1), ''),
'$activity' => array('activity', t('Post a new friend activity'), 1, t('if applicable')),
@@ -244,7 +244,7 @@ function notifications_content(&$a) {
switch($it['verb']){
case ACTIVITY_LIKE:
$notif_content .= replace_macros($tpl_item_likes,array(
- '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'],
+ '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'],
'$item_image' => $it['author-avatar'],
'$item_text' => sprintf( t("%s liked %s's post"), $it['author-name'], $it['pname']),
'$item_when' => relative_date($it['created'])
@@ -253,7 +253,7 @@ function notifications_content(&$a) {
case ACTIVITY_DISLIKE:
$notif_content .= replace_macros($tpl_item_dislikes,array(
- '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'],
+ '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'],
'$item_image' => $it['author-avatar'],
'$item_text' => sprintf( t("%s disliked %s's post"), $it['author-name'], $it['pname']),
'$item_when' => relative_date($it['created'])
@@ -267,7 +267,7 @@ function notifications_content(&$a) {
$it['fname'] = $obj->title;
$notif_content .= replace_macros($tpl_item_friends,array(
- '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'],
+ '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'],
'$item_image' => $it['author-avatar'],
'$item_text' => sprintf( t("%s is now friends with %s"), $it['author-name'], $it['fname']),
'$item_when' => relative_date($it['created'])
@@ -281,7 +281,7 @@ function notifications_content(&$a) {
$tpl = (($it['id'] == $it['parent']) ? $tpl_item_posts : $tpl_item_comments);
$notif_content .= replace_macros($tpl,array(
- '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'],
+ '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'],
'$item_image' => $it['author-avatar'],
'$item_text' => $item_text,
'$item_when' => relative_date($it['created'])
@@ -314,7 +314,7 @@ function notifications_content(&$a) {
if (count($r) > 0) {
foreach ($r as $it) {
$notif_content .= replace_macros($not_tpl,array(
- '$item_link' => $a->get_baseurl().'/notify/view/'. $it['id'],
+ '$item_link' => $a->get_baseurl(true).'/notify/view/'. $it['id'],
'$item_image' => $it['photo'],
'$item_text' => strip_tags(bbcode($it['msg'])),
'$item_when' => relative_date($it['date'])
@@ -334,7 +334,7 @@ function notifications_content(&$a) {
$notif_tpl = get_markup_template('notifications.tpl');
- $myurl = $a->get_baseurl() . '/profile/'. $a->user['nickname'];
+ $myurl = $a->get_baseurl(true) . '/profile/'. $a->user['nickname'];
$myurl = substr($myurl,strpos($myurl,'://')+3);
$myurl = str_replace(array('www.','.'),array('','\\.'),$myurl);
$diasp_url = str_replace('/profile/','/u/',$myurl);
@@ -369,7 +369,7 @@ function notifications_content(&$a) {
switch($it['verb']){
case ACTIVITY_LIKE:
$notif_content .= replace_macros($tpl_item_likes,array(
- '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'],
+ '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'],
'$item_image' => $it['author-avatar'],
'$item_text' => sprintf( t("%s liked %s's post"), $it['author-name'], $it['pname']),
'$item_when' => relative_date($it['created'])
@@ -378,7 +378,7 @@ function notifications_content(&$a) {
case ACTIVITY_DISLIKE:
$notif_content .= replace_macros($tpl_item_dislikes,array(
- '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'],
+ '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'],
'$item_image' => $it['author-avatar'],
'$item_text' => sprintf( t("%s disliked %s's post"), $it['author-name'], $it['pname']),
'$item_when' => relative_date($it['created'])
@@ -392,7 +392,7 @@ function notifications_content(&$a) {
$it['fname'] = $obj->title;
$notif_content .= replace_macros($tpl_item_friends,array(
- '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'],
+ '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'],
'$item_image' => $it['author-avatar'],
'$item_text' => sprintf( t("%s is now friends with %s"), $it['author-name'], $it['fname']),
'$item_when' => relative_date($it['created'])
@@ -406,7 +406,7 @@ function notifications_content(&$a) {
$tpl = (($it['id'] == $it['parent']) ? $tpl_item_posts : $tpl_item_comments);
$notif_content .= replace_macros($tpl,array(
- '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'],
+ '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'],
'$item_image' => $it['author-avatar'],
'$item_text' => $item_text,
'$item_when' => relative_date($it['created'])
@@ -456,7 +456,7 @@ function notifications_content(&$a) {
switch($it['verb']){
case ACTIVITY_LIKE:
$notif_content .= replace_macros($tpl_item_likes,array(
- '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'],
+ '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'],
'$item_image' => $it['author-avatar'],
'$item_text' => sprintf( t("%s liked %s's post"), $it['author-name'], $it['pname']),
'$item_when' => relative_date($it['created'])
@@ -465,7 +465,7 @@ function notifications_content(&$a) {
break;
case ACTIVITY_DISLIKE:
$notif_content .= replace_macros($tpl_item_dislikes,array(
- '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'],
+ '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'],
'$item_image' => $it['author-avatar'],
'$item_text' => sprintf( t("%s disliked %s's post"), $it['author-name'], $it['pname']),
'$item_when' => relative_date($it['created'])
@@ -479,7 +479,7 @@ function notifications_content(&$a) {
$it['fname'] = $obj->title;
$notif_content .= replace_macros($tpl_item_friends,array(
- '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'],
+ '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'],
'$item_image' => $it['author-avatar'],
'$item_text' => sprintf( t("%s is now friends with %s"), $it['author-name'], $it['fname']),
'$item_when' => relative_date($it['created'])
@@ -488,7 +488,7 @@ function notifications_content(&$a) {
break;
default:
$notif_content .= replace_macros($tpl_item_comments,array(
- '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'],
+ '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'],
'$item_image' => $it['author-avatar'],
'$item_text' => sprintf( t("%s commented on %s's post"), $it['author-name'], $it['pname']),
'$item_when' => relative_date($it['created'])
diff --git a/mod/notify.php b/mod/notify.php
index a572b1534..ae8273a1d 100644
--- a/mod/notify.php
+++ b/mod/notify.php
@@ -20,7 +20,7 @@ function notify_init(&$a) {
goaway($r[0]['link']);
}
- goaway($a->get_baseurl());
+ goaway($a->get_baseurl(true));
}
if($a->argc > 2 && $a->argv[1] === 'mark' && $a->argv[2] === 'all' ) {
@@ -51,7 +51,7 @@ function notify_content(&$a) {
if (count($r) > 0) {
foreach ($r as $it) {
$notif_content .= replace_macros($not_tpl,array(
- '$item_link' => $a->get_baseurl().'/notify/view/'. $it['id'],
+ '$item_link' => $a->get_baseurl(true).'/notify/view/'. $it['id'],
'$item_image' => $it['photo'],
'$item_text' => strip_tags(bbcode($it['msg'])),
'$item_when' => relative_date($it['date'])
diff --git a/mod/openid.php b/mod/openid.php
index df074b299..e2cea7d85 100755
--- a/mod/openid.php
+++ b/mod/openid.php
@@ -10,68 +10,84 @@ function openid_content(&$a) {
if($noid)
goaway(z_root());
+ logger('mod_openid ' . print_r($_REQUEST,true), LOGGER_DATA);
+
if((x($_GET,'openid_mode')) && (x($_SESSION,'openid'))) {
+
$openid = new LightOpenID;
if($openid->validate()) {
- if(x($_SESSION,'register')) {
- unset($_SESSION['register']);
- $args = '';
- $attr = $openid->getAttributes();
- if(is_array($attr) && count($attr)) {
- foreach($attr as $k => $v) {
- if($k === 'namePerson/friendly')
- $nick = notags(trim($v));
- if($k === 'namePerson/first')
- $first = notags(trim($v));
- if($k === 'namePerson')
- $args .= '&username=' . notags(trim($v));
- if($k === 'contact/email')
- $args .= '&email=' . notags(trim($v));
- if($k === 'media/image/aspect11')
- $photosq = bin2hex(trim($v));
- if($k === 'media/image/default')
- $photo = bin2hex(trim($v));
- }
- }
- if($nick)
- $args .= '&nickname=' . $nick;
- elseif($first)
- $args .= '&nickname=' . $first;
+ $authid = normalise_openid($_REQUEST['openid_identity']);
- if($photosq)
- $args .= '&photo=' . $photosq;
- elseif($photo)
- $args .= '&photo=' . $photo;
+ if(! strlen($authid)) {
+ logger( t('OpenID protocol error. No ID returned.') . EOL);
+ goaway(z_root());
+ }
- $args .= '&openid_url=' . notags(trim($_SESSION['openid']));
- if($a->config['register_policy'] != REGISTER_CLOSED)
- goaway($a->get_baseurl() . '/register' . $args);
- else
- goaway(z_root());
+ $r = q("SELECT `user`.*, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey`
+ FROM `user` WHERE `openid` = '%s' AND `blocked` = 0
+ AND `account_expired` = 0 AND `verified` = 1 LIMIT 1",
+ dbesc($authid)
+ );
- // NOTREACHED
- }
+ if($r && count($r)) {
+ // successful OpenID login
- $r = q("SELECT `user`.*, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey`
- FROM `user` WHERE `openid` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `verified` = 1 LIMIT 1",
- dbesc($_SESSION['openid'])
- );
- if(! count($r)) {
- notice( t('Login failed.') . EOL );
+ unset($_SESSION['openid']);
+
+ require_once('include/security.php');
+ authenticate_success($r[0],true,true);
+
+ // just in case there was no return url set
+ // and we fell through
+
+ goaway(z_root());
+ }
+
+ // Successful OpenID login - but we can't match it to an existing account.
+ // New registration?
+
+ if($a->config['register_policy'] == REGISTER_CLOSED) {
+ notice( t('Account not found and OpenID registration is not permitted on this site.') . EOL);
goaway(z_root());
- }
- unset($_SESSION['openid']);
+ }
+
+ unset($_SESSION['register']);
+ $args = '';
+ $attr = $openid->getAttributes();
+ if(is_array($attr) && count($attr)) {
+ foreach($attr as $k => $v) {
+ if($k === 'namePerson/friendly')
+ $nick = notags(trim($v));
+ if($k === 'namePerson/first')
+ $first = notags(trim($v));
+ if($k === 'namePerson')
+ $args .= '&username=' . notags(trim($v));
+ if($k === 'contact/email')
+ $args .= '&email=' . notags(trim($v));
+ if($k === 'media/image/aspect11')
+ $photosq = bin2hex(trim($v));
+ if($k === 'media/image/default')
+ $photo = bin2hex(trim($v));
+ }
+ }
+ if($nick)
+ $args .= '&nickname=' . $nick;
+ elseif($first)
+ $args .= '&nickname=' . $first;
+
+ if($photosq)
+ $args .= '&photo=' . $photosq;
+ elseif($photo)
+ $args .= '&photo=' . $photo;
- require_once('include/security.php');
- authenticate_success($r[0],true,true);
+ $args .= '&openid_url=' . notags(trim($authid));
- // just in case there was no return url set
- // and we fell through
+ goaway($a->get_baseurl() . '/register' . $args);
- goaway(z_root());
+ // NOTREACHED
}
}
notice( t('Login failed.') . EOL);
diff --git a/mod/photo.php b/mod/photo.php
index c4a93769a..3a7025120 100755
--- a/mod/photo.php
+++ b/mod/photo.php
@@ -23,7 +23,7 @@ function photo_init(&$a) {
// NOTREACHED
}
- $default = 'images/default-profile.jpg';
+ $default = 'images/person-175.jpg';
if(isset($type)) {
@@ -39,12 +39,12 @@ function photo_init(&$a) {
break;
case 'micro':
$resolution = 6;
- $default = 'images/default-profile-mm.jpg';
+ $default = 'images/person-48.jpg';
break;
case 'avatar':
default:
$resolution = 5;
- $default = 'images/default-profile-sm.jpg';
+ $default = 'images/person-80.jpg';
break;
}
@@ -115,8 +115,24 @@ function photo_init(&$a) {
}
if(! isset($data)) {
- killme();
- // NOTREACHED
+ if(isset($resolution)) {
+ switch($resolution) {
+
+ case 4:
+ $data = file_get_contents('images/person-175.jpg');
+ break;
+ case 5:
+ $data = file_get_contents('images/person-80.jpg');
+ break;
+ case 6:
+ $data = file_get_contents('images/person-48.jpg');
+ break;
+ default:
+ killme();
+ // NOTREACHED
+ break;
+ }
+ }
}
if(isset($customres) && $customres > 0 && $customres < 500) {
diff --git a/mod/photos.php b/mod/photos.php
index e40ae0d74..b294f0a66 100755
--- a/mod/photos.php
+++ b/mod/photos.php
@@ -1081,6 +1081,17 @@ function photos_content(&$a) {
}
+ if(! $cmd !== 'edit') {
+ $a->page['htmlhead'] .= '<script>
+ $(document).keydown(function(event) {' . "\n";
+
+ if($prevlink)
+ $a->page['htmlhead'] .= 'if(event.ctrlKey && event.keyCode == 37) { event.preventDefault(); window.location.href = \'' . $prevlink . '\'; }' . "\n";
+ if($nextlink)
+ $a->page['htmlhead'] .= 'if(event.ctrlKey && event.keyCode == 39) { event.preventDefault(); window.location.href = \'' . $nextlink . '\'; }' . "\n";
+ $a->page['htmlhead'] .= '});</script>';
+ }
+
if($prevlink)
$prevlink = array($prevlink, '<div class="icon prev"></div>') ;
diff --git a/mod/profiles.php b/mod/profiles.php
index b307a2d43..7b3b6ccc1 100755
--- a/mod/profiles.php
+++ b/mod/profiles.php
@@ -240,7 +240,7 @@ function profiles_content(&$a) {
);
if(! count($r)) {
notice( t('Profile not found.') . EOL);
- goaway($a->get_baseurl() . '/profiles');
+ goaway($a->get_baseurl(true) . '/profiles');
return; // NOTREACHED
}
@@ -260,7 +260,7 @@ function profiles_content(&$a) {
if($r)
info( t('Profile deleted.') . EOL);
- goaway($a->get_baseurl() . '/profiles');
+ goaway($a->get_baseurl(true) . '/profiles');
return; // NOTREACHED
}
@@ -297,9 +297,9 @@ function profiles_content(&$a) {
info( t('New profile created.') . EOL);
if(count($r3) == 1)
- goaway($a->get_baseurl() . '/profiles/' . $r3[0]['id']);
+ goaway($a->get_baseurl(true) . '/profiles/' . $r3[0]['id']);
- goaway($a->get_baseurl() . '/profiles');
+ goaway($a->get_baseurl(true) . '/profiles');
}
if(($a->argc > 2) && ($a->argv[1] === 'clone')) {
@@ -339,9 +339,9 @@ function profiles_content(&$a) {
);
info( t('New profile created.') . EOL);
if(count($r3) == 1)
- goaway($a->get_baseurl() . '/profiles/' . $r3[0]['id']);
+ goaway($a->get_baseurl(true) . '/profiles/' . $r3[0]['id']);
- goaway($a->get_baseurl() . '/profiles');
+ goaway($a->get_baseurl(true) . '/profiles');
return; // NOTREACHED
}
@@ -373,7 +373,7 @@ function profiles_content(&$a) {
));
- $a->page['htmlhead'] .= replace_macros($tpl, array('$baseurl' => $a->get_baseurl()));
+ $a->page['htmlhead'] .= replace_macros($tpl, array('$baseurl' => $a->get_baseurl(true)));
$a->page['htmlhead'] .= "<script type=\"text/javascript\" src=\"js/country.js\" ></script>";
$f = get_config('system','birthday_input_format');
@@ -425,7 +425,7 @@ function profiles_content(&$a) {
'$lbl_work' => t('Work/employment'),
'$lbl_school' => t('School/education'),
'$disabled' => (($is_default) ? 'onclick="return false;" style="color: #BBBBFF;"' : ''),
- '$baseurl' => $a->get_baseurl(),
+ '$baseurl' => $a->get_baseurl(true),
'$profile_id' => $r[0]['id'],
'$profile_name' => $r[0]['profile-name'],
'$default' => (($is_default) ? '<p id="profile-edit-default-desc">' . t('This is your <strong>public</strong> profile.<br />It <strong>may</strong> be visible to anybody using the internet.') . '</p>' : ""),
@@ -489,7 +489,7 @@ function profiles_content(&$a) {
'$alt' => t('Profile Image'),
'$profile_name' => $rr['profile-name'],
'$visible' => (($rr['is-default']) ? '<strong>' . t('visible to everybody') . '</strong>'
- : '<a href="' . $a->get_baseurl() . '/profperm/' . $rr['id'] . '" />' . t('Edit visibility') . '</a>')
+ : '<a href="' . $a->get_baseurl(true) . '/profperm/' . $rr['id'] . '" />' . t('Edit visibility') . '</a>')
));
}
}
diff --git a/mod/search.php b/mod/search.php
index 386592ea1..50e7a6abc 100755
--- a/mod/search.php
+++ b/mod/search.php
@@ -93,8 +93,9 @@ function search_content(&$a) {
return $o;
// Here is the way permissions work in the search module...
- // Only public wall posts can be shown
+ // Only public posts can be shown
// OR your own posts if you are a logged in member
+ // No items will be shown if the member has a blocked profile wall.
$s_regx = sprintf("AND ( `item`.`body` REGEXP '%s' OR `item`.`tag` REGEXP '%s' )",
dbesc(preg_quote($search)), dbesc('\\]' . preg_quote($search) . '\\['));
@@ -104,7 +105,7 @@ function search_content(&$a) {
$r = q("SELECT COUNT(*) AS `total`
FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` LEFT JOIN `user` ON `user`.`uid` = `item`.`uid`
WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
- AND (( `wall` = 1 AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND `user`.`hidewall` = 0)
+ AND (( `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND `item`.`private` = 0 AND `user`.`hidewall` = 0)
OR `item`.`uid` = %d )
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
$search_alg ",
@@ -127,7 +128,7 @@ function search_content(&$a) {
FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
LEFT JOIN `user` ON `user`.`uid` = `item`.`uid`
WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
- AND (( `wall` = 1 AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND `item`.`private` = 0 AND `user`.`hidewall` = 0 )
+ AND (( `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND `item`.`private` = 0 AND `user`.`hidewall` = 0 )
OR `item`.`uid` = %d )
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
$search_alg
diff --git a/mod/settings.php b/mod/settings.php
index f42fdb397..59ede4729 100755
--- a/mod/settings.php
+++ b/mod/settings.php
@@ -59,7 +59,7 @@ function settings_post(&$a) {
q("DELETE FROM tokens WHERE id='%s' AND uid=%d",
dbesc($key),
local_user());
- goaway($a->get_baseurl()."/settings/oauth/");
+ goaway($a->get_baseurl(true)."/settings/oauth/");
return;
}
@@ -104,7 +104,7 @@ function settings_post(&$a) {
local_user());
}
}
- goaway($a->get_baseurl()."/settings/oauth/");
+ goaway($a->get_baseurl(true)."/settings/oauth/");
return;
}
@@ -322,6 +322,7 @@ function settings_post(&$a) {
$str_contact_deny = perms2str($_POST['contact_deny']);
$openidserver = $a->user['openidserver'];
+ $openid = normalise_openid($openid);
// If openid has changed or if there's an openid but no openidserver, try and discover it.
@@ -411,7 +412,7 @@ function settings_post(&$a) {
}
- goaway($a->get_baseurl() . '/settings' );
+ goaway($a->get_baseurl(true) . '/settings' );
return; // NOTREACHED
}
@@ -435,27 +436,27 @@ function settings_content(&$a) {
$tabs = array(
array(
'label' => t('Account settings'),
- 'url' => $a->get_baseurl().'/settings',
+ 'url' => $a->get_baseurl(true).'/settings',
'sel' => (($a->argc == 1)?'active':''),
),
array(
'label' => t('Connector settings'),
- 'url' => $a->get_baseurl().'/settings/connectors',
+ 'url' => $a->get_baseurl(true).'/settings/connectors',
'sel' => (($a->argc > 1) && ($a->argv[1] === 'connectors')?'active':''),
),
array(
'label' => t('Plugin settings'),
- 'url' => $a->get_baseurl().'/settings/addon',
+ 'url' => $a->get_baseurl(true).'/settings/addon',
'sel' => (($a->argc > 1) && ($a->argv[1] === 'addon')?'active':''),
),
array(
'label' => t('Connections'),
- 'url' => $a->get_baseurl() . '/settings/oauth',
+ 'url' => $a->get_baseurl(true) . '/settings/oauth',
'sel' => (($a->argc > 1) && ($a->argv[1] === 'oauth')?'active':''),
),
array(
'label' => t('Export personal data'),
- 'url' => $a->get_baseurl() . '/uexport',
+ 'url' => $a->get_baseurl(true) . '/uexport',
'sel' => ''
)
);
@@ -517,7 +518,7 @@ function settings_content(&$a) {
$r = q("DELETE FROM clients WHERE client_id='%s' AND uid=%d",
dbesc($a->argv[3]),
local_user());
- goaway($a->get_baseurl()."/settings/oauth/");
+ goaway($a->get_baseurl(true)."/settings/oauth/");
return;
}
@@ -533,7 +534,7 @@ function settings_content(&$a) {
$tpl = get_markup_template("settings_oauth.tpl");
$o .= replace_macros($tpl, array(
'$form_security_token' => get_form_security_token("settings_oauth"),
- '$baseurl' => $a->get_baseurl(),
+ '$baseurl' => $a->get_baseurl(true),
'$title' => t('Connected Apps'),
'$add' => t('Add application'),
'$edit' => t('Edit'),
@@ -559,7 +560,7 @@ function settings_content(&$a) {
$tpl = get_markup_template("settings_addons.tpl");
$o .= replace_macros($tpl, array(
- '$form_security_token' => get_form_security_token("settings_addons"),
+ '$form_security_token' => get_form_security_token("settings_addon"),
'$title' => t('Plugin Settings'),
'$tabs' => $tabs,
'$settings_addons' => $settings_addons
@@ -652,20 +653,20 @@ function settings_content(&$a) {
$blocktags = $a->user['blocktags'];
$expire_items = get_pconfig(local_user(), 'expire','items');
- $expire_items = (($expire_items===false)?1:$expire_items); // default if not set: 1
+ $expire_items = (($expire_items===false)? '1' : $expire_items); // default if not set: 1
$expire_notes = get_pconfig(local_user(), 'expire','notes');
- $expire_notes = (($expire_notes===false)?1:$expire_notes); // default if not set: 1
+ $expire_notes = (($expire_notes===false)? '1' : $expire_notes); // default if not set: 1
$expire_starred = get_pconfig(local_user(), 'expire','starred');
- $expire_starred = (($expire_starred===false)?1:$expire_starred); // default if not set: 1
+ $expire_starred = (($expire_starred===false)? '1' : $expire_starred); // default if not set: 1
$expire_photos = get_pconfig(local_user(), 'expire','photos');
- $expire_photos = (($expire_photos===false)?0:$expire_photos); // default if not set: 0
+ $expire_photos = (($expire_photos===false)? '0' : $expire_photos); // default if not set: 0
$suggestme = get_pconfig(local_user(), 'system','suggestme');
- $suggestme = (($suggestme===false)?0:$suggestme); // default if not set: 0
+ $suggestme = (($suggestme===false)? '0': $suggestme); // default if not set: 0
$browser_update = intval(get_pconfig(local_user(), 'system','update_interval'));
$browser_update = (($browser_update == 0) ? 40 : $browser_update / 1000); // default if not set: 40 seconds
@@ -736,13 +737,13 @@ function settings_content(&$a) {
));
$blockwall = replace_macros($opt_tpl,array(
- '$field' => array('blockwall', t('Allow friends to post to your profile page?'), ! $a->user['blockwall'], '', array(t('No'),t('Yes'))),
+ '$field' => array('blockwall', t('Allow friends to post to your profile page?'), (intval($a->user['blockwall']) ? '0' : '1'), '', array(t('No'),t('Yes'))),
));
$blocktags = replace_macros($opt_tpl,array(
- '$field' => array('blocktags', t('Allow friends to tag your posts?'), ! $a->user['blocktags'], '', array(t('No'),t('Yes'))),
+ '$field' => array('blocktags', t('Allow friends to tag your posts?'), (intval($a->user['blocktags']) ? '0' : '1'), '', array(t('No'),t('Yes'))),
));
@@ -789,7 +790,7 @@ function settings_content(&$a) {
$theme_selected = (!x($_SESSION,'theme')? $default_theme : $_SESSION['theme']);
- $subdir = ((strlen($a->get_path())) ? '<br />' . t('or') . ' ' . $a->get_baseurl() . '/profile/' . $nickname : '');
+ $subdir = ((strlen($a->get_path())) ? '<br />' . t('or') . ' ' . $a->get_baseurl(true) . '/profile/' . $nickname : '');
$tpl_addr = get_markup_template("settings_nick_set.tpl");
@@ -819,7 +820,7 @@ function settings_content(&$a) {
'$ptitle' => t('Account Settings'),
'$submit' => t('Submit'),
- '$baseurl' => $a->get_baseurl(),
+ '$baseurl' => $a->get_baseurl(true),
'$uid' => local_user(),
'$form_security_token' => get_form_security_token("settings"),
diff --git a/mod/share.php b/mod/share.php
index f6c025e3c..47bb851a4 100755
--- a/mod/share.php
+++ b/mod/share.php
@@ -17,7 +17,7 @@ function share_init(&$a) {
$o = '';
if(local_user() && intval(get_pconfig(local_user(),'system','plaintext'))) {
- $o .= '&#x2672; [url=' . $r[0]['author-link'] . ']' . $r[0]['author-name'] . '[/url]';
+ $o .= "\xE2\x99\xb2" . ' [url=' . $r[0]['author-link'] . ']' . $r[0]['author-name'] . '[/url]' . "\n";
if($r[0]['title'])
$o .= '[b]' . $r[0]['title'] . '[/b]' . "\n";
$o .= $r[0]['body'] . "\n";