aboutsummaryrefslogtreecommitdiffstats
path: root/mod
diff options
context:
space:
mode:
Diffstat (limited to 'mod')
-rw-r--r--mod/admin.php5
-rw-r--r--mod/bookmarks.php4
-rw-r--r--mod/cloud.php4
-rw-r--r--mod/item.php24
-rw-r--r--mod/manage.php5
-rw-r--r--mod/openid.php188
-rw-r--r--mod/rmagic.php58
-rw-r--r--mod/settings.php4
-rw-r--r--mod/siteinfo.php6
9 files changed, 261 insertions, 37 deletions
diff --git a/mod/admin.php b/mod/admin.php
index 01296bd29..c4a284941 100644
--- a/mod/admin.php
+++ b/mod/admin.php
@@ -706,9 +706,10 @@ function admin_page_users(&$a){
$users =q("SELECT `account_id` , `account_email`, `account_lastlog`, `account_created`, `account_expires`, " . "`account_service_class`, ( account_flags & %d ) > 0 as `blocked`, " .
"(SELECT GROUP_CONCAT( ch.channel_address SEPARATOR ' ') FROM channel as ch " .
- "WHERE ch.channel_account_id = ac.account_id) as `channels` " .
+ "WHERE ch.channel_account_id = ac.account_id and not (ch.channel_pageflags & %d )) as `channels` " .
"FROM account as ac where true $serviceclass $order limit %d , %d ",
- intval(ACCOUNT_BLOCKED),
+ intval(ACCOUNT_BLOCKED),
+ intval(PAGE_REMOVED),
intval($a->pager['start']),
intval($a->pager['itemspage'])
);
diff --git a/mod/bookmarks.php b/mod/bookmarks.php
index 67208937d..c5be68b8e 100644
--- a/mod/bookmarks.php
+++ b/mod/bookmarks.php
@@ -57,7 +57,7 @@ function bookmarks_content(&$a) {
if($x) {
foreach($x as $xx) {
$y = menu_fetch($xx['menu_name'],local_user(),get_observer_hash());
- $o .= menu_render($y);
+ $o .= menu_render($y,true);
}
}
@@ -69,7 +69,7 @@ function bookmarks_content(&$a) {
if($x) {
foreach($x as $xx) {
$y = menu_fetch($xx['menu_name'],local_user(),get_observer_hash());
- $o .= menu_render($y);
+ $o .= menu_render($y,true);
}
}
diff --git a/mod/cloud.php b/mod/cloud.php
index 18b61f941..3606325bd 100644
--- a/mod/cloud.php
+++ b/mod/cloud.php
@@ -73,11 +73,11 @@ function cloud_init(&$a) {
$_SERVER['QUERY_STRING'] = str_replace(array('?f=','&f='),array('',''),$_SERVER['QUERY_STRING']);
- $_SERVER['QUERY_STRING'] = preg_replace('/[\?&]zid=(.*?)([\?&]|$)/ism','',$_SERVER['QUERY_STRING']);
+ $_SERVER['QUERY_STRING'] = strip_zids($_SERVER['QUERY_STRING']);
$_SERVER['QUERY_STRING'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism','',$_SERVER['QUERY_STRING']);
$_SERVER['REQUEST_URI'] = str_replace(array('?f=','&f='),array('',''),$_SERVER['REQUEST_URI']);
- $_SERVER['REQUEST_URI'] = preg_replace('/[\?&]zid=(.*?)([\?&]|$)/ism','',$_SERVER['REQUEST_URI']);
+ $_SERVER['REQUEST_URI'] = strip_zids($_SERVER['REQUEST_URI']);
$_SERVER['REQUEST_URI'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism','',$_SERVER['REQUEST_URI']);
$rootDirectory = new RedDirectory('/',$auth);
diff --git a/mod/item.php b/mod/item.php
index 48f85f692..dc005bb20 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -423,19 +423,13 @@ function item_post(&$a) {
/**
* fix naked links by passing through a callback to see if this is a red site
* (already known to us) which will get a zrl, otherwise link with url, add bookmark tag to both.
- * First wrap any url which is part of link anchor text already in quotes so we don't double link it.
- * e.g. [url=http://foobar.com]something with http://elsewhere.com in it[/url]
- * becomes [url=http://foobar.com]something with "http://elsewhere.com" in it[/url]
- * otherwise http://elsewhere.com becomes #^[url=http://elsewhere.com]http://elsewhere.com[/url]
+ * First protect any url inside certain bbcode tags so we don't double link it.
*/
$body = preg_replace_callback('/\[code(.*?)\[\/(code)\]/ism','red_escape_codeblock',$body);
$body = preg_replace_callback('/\[url(.*?)\[\/(url)\]/ism','red_escape_codeblock',$body);
$body = preg_replace_callback('/\[zrl(.*?)\[\/(zrl)\]/ism','red_escape_codeblock',$body);
-// no longer needed
-// $body = preg_replace_callback('/\[([uz])rl(.*?)\](.*?)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\+\,]+)(.*?)\[\/([uz])rl\]/ism','red_escape_zrl_callback',$body);
-
$body = preg_replace_callback("/([^\]\='".'"'."]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\+\,]+)/ism", 'red_zrl_callback', $body);
$body = preg_replace_callback('/\[\$b64zrl(.*?)\[\/(zrl)\]/ism','red_unescape_codeblock',$body);
@@ -459,6 +453,16 @@ function item_post(&$a) {
* the post and we should keep it private. If it's encrypted we have no way of knowing
* so we'll set the permissions regardless and realise that the media may not be
* referenced in the post.
+ *
+ * What is preventing us from being able to upload photos into comments is dealing with
+ * the photo and attachment permissions, since we don't always know who was in the
+ * distribution for the top level post.
+ *
+ * We might be able to provide this functionality with a lot of fiddling:
+ * - if the top level post is public (make the photo public)
+ * - if the top level post was written by us or a wall post that belongs to us (match the top level post)
+ * - if the top level post has privacy mentions, add those to the permissions.
+ * - otherwise disallow the photo *or* make the photo public. This is the part that gets messy.
*/
if(! $preview) {
@@ -495,6 +499,7 @@ function item_post(&$a) {
$private_forum = false;
if(count($tags)) {
+ $first_access_tag = true;
foreach($tags as $tag) {
// If we already tagged 'Robert Johnson', don't try and tag 'Robert'.
@@ -514,6 +519,11 @@ function item_post(&$a) {
logger('handle_tag: ' . print_r($success,tue), LOGGER_DEBUG);
if(($access_tag) && (! $parent_item)) {
logger('access_tag: ' . $tag . ' ' . print_r($access_tag,true), LOGGER_DEBUG);
+ if ($first_access_tag) {
+ $str_contact_allow = '';
+ $str_group_allow = '';
+ $first_access_tag = false;
+ }
if(strpos($access_tag,'cid:') === 0) {
$str_contact_allow .= '<' . substr($access_tag,4) . '>';
$access_tag = '';
diff --git a/mod/manage.php b/mod/manage.php
index a2f65b271..0772e2d61 100644
--- a/mod/manage.php
+++ b/mod/manage.php
@@ -55,8 +55,9 @@ function manage_content(&$a) {
}
}
- $r = q("select count(channel_id) as total from channel where channel_account_id = %d ",
- intval(get_account_id())
+ $r = q("select count(channel_id) as total from channel where channel_account_id = %d and not ( channel_pageflags & %d )",
+ intval(get_account_id()),
+ intval(PAGE_REMOVED)
);
$limit = service_class_fetch(local_user(),'total_identities');
if($limit !== false) {
diff --git a/mod/openid.php b/mod/openid.php
new file mode 100644
index 000000000..1ab8749ee
--- /dev/null
+++ b/mod/openid.php
@@ -0,0 +1,188 @@
+<?php
+
+
+require_once('library/openid/openid.php');
+require_once('include/auth.php');
+
+function openid_content(&$a) {
+
+ $noid = get_config('system','disable_openid');
+ if($noid)
+ goaway(z_root());
+
+ logger('mod_openid ' . print_r($_REQUEST,true), LOGGER_DATA);
+
+ if(x($_REQUEST,'openid_mode')) {
+
+ $openid = new LightOpenID(z_root());
+
+ if($openid->validate()) {
+
+ logger('openid: validate');
+
+ $authid = normalise_openid($_REQUEST['openid_identity']);
+
+ if(! strlen($authid)) {
+ logger( t('OpenID protocol error. No ID returned.') . EOL);
+ goaway(z_root());
+ }
+
+ $x = match_openid($authid);
+ if($x) {
+
+ $r = q("select * from channel where channel_id = %d limit 1",
+ intval($x)
+ );
+ if($r) {
+ $y = q("select * from account where account_id = %d limit 1",
+ intval($r[0]['channel_account_id'])
+ );
+ if($y) {
+ foreach($y as $record) {
+ if(($record['account_flags'] == ACCOUNT_OK) || ($record['account_flags'] == ACCOUNT_UNVERIFIED)) {
+ logger('mod_openid: openid success for ' . $x[0]['channel_name']);
+ $_SESSION['uid'] = $r[0]['channel_id'];
+ $_SESSION['authenticated'] = true;
+ authenticate_success($record,true,true,true,true);
+ goaway(z_root());
+ }
+ }
+ }
+ }
+ }
+
+ // Successful OpenID login - but we can't match it to an existing account.
+ // See if they've got an xchan
+
+ $r = q("select * from xconfig left join xchan on xchan_hash = xconfig.xchan where cat = 'system' and k = 'openid' and v = '%s' limit 1",
+ dbesc($authid)
+ );
+
+ if($r) {
+ $_SESSION['authenticated'] = 1;
+ $_SESSION['visitor_id'] = $r[0]['xchan_hash'];
+ $_SESSION['my_address'] = $r[0]['xchan_addr'];
+ $arr = array('xchan' => $r[0], 'session' => $_SESSION);
+ call_hooks('magic_auth_openid_success',$arr);
+ $a->set_observer($r[0]);
+ require_once('include/security.php');
+ $a->set_groups(init_groups_visitor($_SESSION['visitor_id']));
+ info(sprintf( t('Welcome %s. Remote authentication successful.'),$r[0]['xchan_name']));
+ logger('mod_openid: remote auth success from ' . $r[0]['xchan_addr']);
+ if($_SESSION['return_url'])
+ goaway($_SESSION['return_url']);
+ goaway(z_root());
+ }
+
+ // no xchan...
+ // create one.
+ // We should probably probe the openid url and figure out if they have any kind of social presence we might be able to
+ // scrape some identifying info from.
+
+ $name = $authid;
+ $url = trim($_REQUEST['openid_identity'],'/');
+ if(strpos($url,'http') === false)
+ $url = 'https://' . $url;
+ $pphoto = get_default_profile_photo();
+ $parsed = @parse_url($url);
+ if($parsed) {
+ $host = $parsed['host'];
+ }
+
+ $attr = $openid->getAttributes();
+
+ if(is_array($attr) && count($attr)) {
+ foreach($attr as $k => $v) {
+ if($k === 'namePerson/friendly')
+ $nick = notags(trim($v));
+ if($k === 'namePerson/first')
+ $first = notags(trim($v));
+ if($k === 'namePerson')
+ $name = notags(trim($v));
+ if($k === 'contact/email')
+ $addr = notags(trim($v));
+ if($k === 'media/image/aspect11')
+ $photosq = trim($v);
+ if($k === 'media/image/default')
+ $photo_other = trim($v);
+ }
+ }
+ if(! $nick) {
+ if($first)
+ $nick = $first;
+ else
+ $nick = $name;
+ }
+
+ require_once('library/urlify/URLify.php');
+ $x = strtolower(URLify::transliterate($nick));
+ if($nick & $host)
+ $addr = $nick . '@' . $host;
+ $network = 'unknown';
+
+ if($photosq)
+ $pphoto = $photosq;
+ elseif($photo_other)
+ $pphoto = $photo_other;
+
+ $x = q("insert into xchan ( xchan_hash, xchan_guid, xchan_guid_sig, xchan_pubkey, xchan_photo_mimetype,
+ xchan_photo_l, xchan_addr, xchan_url, xchan_connurl, xchan_follow, xchan_connpage, xchan_name, xchan_network, xchan_photo_date,
+ xchan_name_date, xchan_flags)
+ values ( '%s', '%s', '%s', '%s' , '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d) ",
+ dbesc($url),
+ dbesc(''),
+ dbesc(''),
+ dbesc(''),
+ dbesc('image/jpeg'),
+ dbesc($pphoto),
+ dbesc($addr),
+ dbesc($url),
+ dbesc(''),
+ dbesc(''),
+ dbesc(''),
+ dbesc($name),
+ dbesc($network),
+ dbesc(datetime_convert()),
+ dbesc(datetime_convert()),
+ intval(XCHAN_FLAGS_HIDDEN)
+ );
+ if($x) {
+ $r = q("select * from xchan where xchan_hash = '%s' limit 1",
+ dbesc($url)
+ );
+ if($r) {
+
+ $photos = import_profile_photo($pphoto,$url);
+ if($photos) {
+ $z = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s',
+ xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s' limit 1",
+ dbesc(datetime_convert()),
+ dbesc($photos[0]),
+ dbesc($photos[1]),
+ dbesc($photos[2]),
+ dbesc($photos[3]),
+ dbesc($url)
+ );
+ }
+
+ set_xconfig($url,'system','openid',$authid);
+ $_SESSION['authenticated'] = 1;
+ $_SESSION['visitor_id'] = $r[0]['xchan_hash'];
+ $_SESSION['my_address'] = $r[0]['xchan_addr'];
+ $arr = array('xchan' => $r[0], 'session' => $_SESSION);
+ call_hooks('magic_auth_openid_success',$arr);
+ $a->set_observer($r[0]);
+ info(sprintf( t('Welcome %s. Remote authentication successful.'),$r[0]['xchan_name']));
+ logger('mod_openid: remote auth success from ' . $r[0]['xchan_addr']);
+ if($_SESSION['return_url'])
+ goaway($_SESSION['return_url']);
+ goaway(z_root());
+ }
+ }
+
+ }
+ }
+ notice( t('Login failed.') . EOL);
+ goaway(z_root());
+ // NOTREACHED
+}
diff --git a/mod/rmagic.php b/mod/rmagic.php
index b8c1c6553..946277327 100644
--- a/mod/rmagic.php
+++ b/mod/rmagic.php
@@ -22,31 +22,53 @@ function rmagic_init(&$a) {
function rmagic_post(&$a) {
- $address = $_REQUEST['address'];
+ $address = trim($_REQUEST['address']);
+
if(strpos($address,'@') === false) {
- notice('Invalid address.');
- return;
- }
+ $arr = array('address' => $address);
+ call_hooks('reverse_magic_auth', $arr);
- $r = null;
- if($address) {
- $r = q("select hubloc_url from hubloc where hubloc_addr = '%s' limit 1",
- dbesc($address)
- );
- }
- if($r) {
- $url = $r[0]['hubloc_url'];
+ try {
+ require_once('library/openid/openid.php');
+ $openid = new LightOpenID(z_root());
+ $openid->identity = $address;
+ $openid->returnUrl = z_root() . '/openid';
+ goaway($openid->authUrl());
+ } catch (Exception $e) {
+ notice( t('We encountered a problem while logging in with the OpenID you provided. Please check the correct spelling of the ID.').'<br /><br >'. t('The error message was:').' '.$e->getMessage());
+ }
+
+ // if they're still here...
+ notice( t('Authentication failed.') . EOL);
+ return;
}
else {
- $url = 'https://' . substr($address,strpos($address,'@')+1);
- }
- if($url) {
- $dest = z_root() . '/' . str_replace('zid=','zid_=',$a->query_string);
- goaway($url . '/magic' . '?f=&dest=' . $dest);
- }
+ // Presumed Red identity. Perform reverse magic auth
+
+ if(strpos($address,'@') === false) {
+ notice('Invalid address.');
+ return;
+ }
+ $r = null;
+ if($address) {
+ $r = q("select hubloc_url from hubloc where hubloc_addr = '%s' limit 1",
+ dbesc($address)
+ );
+ }
+ if($r) {
+ $url = $r[0]['hubloc_url'];
+ }
+ else {
+ $url = 'https://' . substr($address,strpos($address,'@')+1);
+ }
+ if($url) {
+ $dest = z_root() . '/' . str_replace('zid=','zid_=',$a->query_string);
+ goaway($url . '/magic' . '?f=&dest=' . $dest);
+ }
+ }
}
diff --git a/mod/settings.php b/mod/settings.php
index ec758bc90..5b0a8e8f2 100644
--- a/mod/settings.php
+++ b/mod/settings.php
@@ -798,6 +798,7 @@ function settings_content(&$a) {
array( t('Anybody in your address book'), PERMS_CONTACTS),
array( t('Anybody on this website'), PERMS_SITE),
array( t('Anybody in this network'), PERMS_NETWORK),
+ array( t('Anybody authenticated'), PERMS_AUTHED),
array( t('Anybody on the internet'), PERMS_PUBLIC)
);
@@ -939,6 +940,7 @@ function settings_content(&$a) {
'$pmacro1' => t('Private - <em>default private, never open or public</em>'),
'$pmacro0' => t('Blocked - <em>default blocked to/from everybody</em>'),
'$permiss_arr' => $permiss,
+ '$blocktags' => array('blocktags',t('Allow others to tag your posts'), 1-$blocktags, t('Often used by the community to retro-actively flag inappropriate content'),array(t('No'),t('Yes'))),
'$lbl_p2macro' => t('Advanced Privacy Settings'),
@@ -978,7 +980,7 @@ function settings_content(&$a) {
'$h_descadvn' => t('Change the behaviour of this account for special situations'),
'$pagetype' => $pagetype,
'$expert' => feature_enabled(local_user(),'expert'),
- '$hint' => t('Please enable expert mode (in Settings > Additional features) to adjust!'),
+ '$hint' => t('Please enable expert mode (in <a href="settings/features">Settings > Additional features</a>) to adjust!'),
));
diff --git a/mod/siteinfo.php b/mod/siteinfo.php
index 6b962c488..7fdb892d2 100644
--- a/mod/siteinfo.php
+++ b/mod/siteinfo.php
@@ -91,7 +91,7 @@ function siteinfo_content(&$a) {
$admininfo = bbcode(get_config('system','admininfo'));
$project_donate = t('Project Donations');
- $donate_text = t('<p>The Red Matrix is provided for you by volunteers working in their spare time. Your support will help us to build a better web. Select the following option for a one-time donation of your choosing</p>');
+ $donate_text = t('<p>The Red Matrix is provided for you by volunteers working in their spare time. Your support will help us to build a better, freer, and privacy respecting web. Select the following option for a one-time donation of your choosing</p>');
$alternatively = t('<p>or</p>');
$recurring = t('Recurring Donation Options');
@@ -99,12 +99,12 @@ function siteinfo_content(&$a) {
<h3>{$project_donate}</h3>
$donate_text
<form action="https://www.paypal.com/cgi-bin/webscr" method="post"><input type="hidden" name="cmd" value="_donations" /><input type="hidden" name="business" value="mike@macgirvin.com" /><input type="hidden" name="lc" value="US" /><input type="hidden" name="item_name" value="Distributed Social Network Support Donation" /><input type="hidden" name="no_note" value="0" /><input type="hidden" name="currency_code" value="USD" /><input type="hidden" name="bn" value="PP-DonationsBF:btn_donate_LG.gif:NonHostedGuest" /><input style="border: none;" type="image" name="submit" src="https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif" alt="Donations gladly accepted to support our work" /></form><br />
-$alternatively
+<strong>$alternatively</strong>
<form action="https://www.paypal.com/cgi-bin/webscr" method="post"><input type="hidden" name="cmd" value="_s-xclick" /><input type="hidden" name="hosted_button_id" value="FHV36KE28CYM8" /><br />
<table><tbody><tr><td><input type="hidden" name="on0" value="$recurring" />$recurring</td>
</tr><tr><td>
<select name="os0"><option value="Option 1">Option 1 : $3.00USD - monthly</option><option value="Option 2">Option 2 : $5.00USD - monthly</option><option value="Option 3">Option 3 : $10.00USD - monthly</option><option value="Option 4">Option 4 : $20.00USD - monthly</option></select></td>
-</tr></tbody></table><p><input type="hidden" name="currency_code" value="USD" /><input type="image" border="0" name="submit" src="https://www.paypalobjects.com/en_US/i/btn/btn_subscribeCC_LG.gif" alt="PayPal - The safer, easier way to pay online!" /><img src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" alt="" width="1" height="1" border="0" /></p></form>
+</tr></tbody></table><p><input type="hidden" name="currency_code" value="USD" /><input type="image" style="border: none;" border="0" name="submit" src="https://www.paypalobjects.com/en_US/i/btn/btn_subscribeCC_LG.gif" alt="PayPal - The safer, easier way to pay online!" /><img src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" alt="" width="1" height="1" border="0" /></p></form>
<p></p>
EOT;
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-02 04:01:52 +0000