diff options
Diffstat (limited to 'mod')
37 files changed, 488 insertions, 345 deletions
diff --git a/mod/admin.php b/mod/admin.php index f7dde7bcb..1a926443f 100644 --- a/mod/admin.php +++ b/mod/admin.php @@ -192,8 +192,8 @@ function admin_page_site_post(&$a){ $no_community_page = !((x($_POST,'no_community_page')) ? True : False); $verifyssl = ((x($_POST,'verifyssl')) ? True : False); - $proxyuser = ((x($_POST,'proxyuser')) ? notags(trim($_POST['global_search_url'])) : ''); - $proxy = ((x($_POST,'proxy')) ? notags(trim($_POST['global_search_url'])) : ''); + $proxyuser = ((x($_POST,'proxyuser')) ? notags(trim($_POST['proxyuser'])) : ''); + $proxy = ((x($_POST,'proxy')) ? notags(trim($_POST['proxy'])) : ''); $timeout = ((x($_POST,'timeout')) ? intval(trim($_POST['timeout'])) : 60); $dfrn_only = ((x($_POST,'dfrn_only')) ? True : False); $ostatus_disabled = !((x($_POST,'ostatus_disabled')) ? True : False); @@ -234,7 +234,7 @@ function admin_page_site_post(&$a){ set_config('system','no_gravatar', $no_gravatar); set_config('system','no_regfullname', $no_regfullname); set_config('system','no_community_page', $no_community_page); - set_config('system','proxy', $no_utf); + set_config('system','no_utf', $no_utf); set_config('system','verifyssl', $verifyssl); set_config('system','proxyuser', $proxyuser); set_config('system','proxy', $proxy); @@ -322,7 +322,7 @@ function admin_page_site(&$a) { '$no_openid' => array('no_openid', t("OpenID support"), !get_config('system','no_openid'), "OpenID support for registration and logins."), '$no_gravatar' => array('no_gravatar', t("Gravatar support"), !get_config('system','no_gravatar'), "Search new user's photo on Gravatar."), '$no_regfullname' => array('no_regfullname', t("Fullname check"), !get_config('system','no_regfullname'), "Force users to register with a space between firstname and lastname in Full name, as an antispam measure"), - '$no_utf' => array('no_utf', t("UTF-8 Regular expressions"), !get_config('system','proxy'), "Use PHP UTF8 regular expressions"), + '$no_utf' => array('no_utf', t("UTF-8 Regular expressions"), !get_config('system','no_utf'), "Use PHP UTF8 regular expressions"), '$no_community_page' => array('no_community_page', t("Show Community Page"), !get_config('system','no_community_page'), "Display a Community page showing all recent public postings on this site."), '$ostatus_disabled' => array('ostatus_disabled', t("Enable OStatus support"), !get_config('system','ostatus_disable'), "Provide built-in OStatus \x28identi.ca, status.net, etc.\x29 compatibility. All communications in OStatus are public, so privacy warnings will be occasionally displayed."), '$dfrn_only' => array('dfrn_only', t('Only allow Friendika contacts'), get_config('system','dfrn_only'), "All contacts must use Friendika protocols. All other built-in communication protocols disabled."), diff --git a/mod/contactgroup.php b/mod/contactgroup.php new file mode 100644 index 000000000..bf81afe07 --- /dev/null +++ b/mod/contactgroup.php @@ -0,0 +1,50 @@ +<?php + +require_once('include/group.php'); + +function contactgroup_content(&$a) { + + + if(! local_user()) { + killme(); + } + + if(($a->argc > 2) && intval($a->argv[1]) && intval($a->argv[2])) { + $r = q("SELECT `id` FROM `contact` WHERE `id` = %d AND `uid` = %d and `self` = 0 and `blocked` = 0 AND `pending` = 0 LIMIT 1", + intval($a->argv[2]), + intval(local_user()) + ); + if(count($r)) + $change = intval($a->argv[2]); + } + + if(($a->argc > 1) && (intval($a->argv[1]))) { + + $r = q("SELECT * FROM `group` WHERE `id` = %d AND `uid` = %d AND `deleted` = 0 LIMIT 1", + intval($a->argv[1]), + intval(local_user()) + ); + if(! count($r)) { + killme(); + } + + $group = $r[0]; + $members = group_get_members($group['id']); + $preselected = array(); + if(count($members)) { + foreach($members as $member) + $preselected[] = $member['id']; + } + + if($change) { + if(in_array($change,$preselected)) { + group_rmv_member(local_user(),$group['name'],$change); + } + else { + group_add_member(local_user(),$group['name'],$change); + } + } + } + + killme(); +}
\ No newline at end of file diff --git a/mod/contacts.php b/mod/contacts.php index 1fa07688c..f8b9a743f 100644 --- a/mod/contacts.php +++ b/mod/contacts.php @@ -6,10 +6,22 @@ function contacts_init(&$a) { if(! local_user()) return; + $contact_id = 0; + if(($a->argc == 2) && intval($a->argv[1])) { + $contact_id = intval($a->argv[1]); + $r = q("SELECT * FROM `contact` WHERE `uid` = %d and `id` = %d LIMIT 1", + intval(local_user()), + intval($contact_id) + ); + if(! count($r)) { + $contact_id = 0; + } + } + require_once('include/group.php'); if(! x($a->page,'aside')) $a->page['aside'] = ''; - $a->page['aside'] .= group_side(); + $a->page['aside'] .= group_side('contacts','group',false,0,$contact_id); $inv = '<div class="side-link" id="side-invite-link" ><a href="invite" >' . t("Invite Friends") . '</a></div>'; @@ -237,16 +249,16 @@ function contacts_content(&$a) { $tpl = get_markup_template("contact_edit.tpl"); switch($r[0]['rel']) { - case REL_BUD: + case CONTACT_IS_FRIEND: $dir_icon = 'images/lrarrow.gif'; $alt_text = t('Mutual Friendship'); break; - case REL_VIP; + case CONTACT_IS_FOLLOWER; $dir_icon = 'images/larrow.gif'; $alt_text = t('is a fan of yours'); break; - case REL_FAN; + case CONTACT_IS_SHARING; $dir_icon = 'images/rarrow.gif'; $alt_text = t('you are a fan of'); break; @@ -264,13 +276,6 @@ function contacts_content(&$a) { } $grps = ''; - $member_of = member_of($r[0]['id']); - if(is_array($member_of) && count($member_of)) { - $grps = t('Member of: ') . EOL . '<ul>'; - foreach($member_of as $member) - $grps .= '<li><a href="group/' . $member['id'] . '" title="' . t('Edit') . '" ><img src="images/spencil.gif" alt="' . t('Edit') . '" /></a> <a href="network/' . $member['id'] . '">' . $member['name'] . '</a></li>'; - $grps .= '</ul>'; - } $insecure = '<div id="profile-edit-insecure"><p><img src="images/unlock_icon.gif" alt="' . t('Privacy Unavailable') . '" /> ' . t('Private communications are not available for this contact.') . '</p></div>'; @@ -314,7 +319,7 @@ function contacts_content(&$a) { '$contact_id' => $r[0]['id'], '$block_text' => (($r[0]['blocked']) ? t('Unblock this contact') : t('Block this contact') ), '$ignore_text' => (($r[0]['readonly']) ? t('Unignore this contact') : t('Ignore this contact') ), - '$insecure' => (($r[0]['network'] !== NETWORK_DFRN && $r[0]['network'] !== NETWORK_MAIL && $r[0]['network'] !== NETWORK_FACEBOOK) ? $insecure : ''), + '$insecure' => (($r[0]['network'] !== NETWORK_DFRN && $r[0]['network'] !== NETWORK_MAIL && $r[0]['network'] !== NETWORK_FACEBOOK && $r[0]['network'] !== NETWORK_DIASPORA) ? $insecure : ''), '$info' => $r[0]['info'], '$blocked' => (($r[0]['blocked']) ? '<div id="block-message">' . t('Currently blocked') . '</div>' : ''), '$ignored' => (($r[0]['readonly']) ? '<div id="ignore-message">' . t('Currently ignored') . '</div>' : ''), @@ -363,7 +368,7 @@ function contacts_content(&$a) { $search = dbesc($search.'*'); $sql_extra .= ((strlen($search)) ? " AND MATCH `name` AGAINST ('$search' IN BOOLEAN MODE) " : ""); - $sql_extra2 = ((($sort_type > 0) && ($sort_type <= REL_BUD)) ? sprintf(" AND `rel` = %d ",intval($sort_type)) : ''); + $sql_extra2 = ((($sort_type > 0) && ($sort_type <= CONTACT_IS_FRIEND)) ? sprintf(" AND `rel` = %d ",intval($sort_type)) : ''); $r = q("SELECT COUNT(*) AS `total` FROM `contact` @@ -387,15 +392,15 @@ function contacts_content(&$a) { continue; switch($rr['rel']) { - case REL_BUD: + case CONTACT_IS_FRIEND: $dir_icon = 'images/lrarrow.gif'; $alt_text = t('Mutual Friendship'); break; - case REL_VIP; + case CONTACT_IS_FOLLOWER; $dir_icon = 'images/larrow.gif'; $alt_text = t('is a fan of yours'); break; - case REL_FAN; + case CONTACT_IS_SHARING; $dir_icon = 'images/rarrow.gif'; $alt_text = t('you are a fan of'); break; diff --git a/mod/dfrn_confirm.php b/mod/dfrn_confirm.php index e2094b1f3..4088178c0 100644 --- a/mod/dfrn_confirm.php +++ b/mod/dfrn_confirm.php @@ -123,9 +123,12 @@ function dfrn_confirm_post(&$a,$handsfree = null) { $dfrn_confirm = $contact['confirm']; $aes_allow = $contact['aes_allow']; - $network = ((strlen($contact['issued-id'])) ? 'dfrn' : 'stat'); + $network = ((strlen($contact['issued-id'])) ? NETWORK_DFRN : NETWORK_OSTATUS); - if($network === 'dfrn') { + if($contact['network']) + $network = $contact['network']; + + if($network === NETWORK_DFRN) { /** * @@ -298,19 +301,19 @@ function dfrn_confirm_post(&$a,$handsfree = null) { * */ - require_once("Photo.php"); + require_once('include/Photo.php'); $photos = import_profile_photo($contact['photo'],$uid,$contact_id); logger('dfrn_confirm: confirm - imported photos'); - if($network === 'dfrn') { + if($network === NETWORK_DFRN) { - $new_relation = REL_VIP; - if(($relation == REL_FAN) || ($duplex)) - $new_relation = REL_BUD; + $new_relation = CONTACT_IS_FOLLOWER; + if(($relation == CONTACT_IS_SHARING) || ($duplex)) + $new_relation = CONTACT_IS_FRIEND; - if(($relation == REL_FAN) && ($duplex)) + if(($relation == CONTACT_IS_SHARING) && ($duplex)) $duplex = 0; $r = q("UPDATE `contact` SET `photo` = '%s', @@ -337,21 +340,29 @@ function dfrn_confirm_post(&$a,$handsfree = null) { ); } else { - // $network !== 'dfrn' - - $notify = ''; - $poll = ''; - - $arr = lrdd($contact['url']); - if(count($arr)) { - foreach($arr as $link) { - if($link['@attributes']['rel'] === 'salmon') - $notify = $link['@attributes']['href']; - if($link['@attributes']['rel'] === NAMESPACE_FEED) - $poll = $link['@attributes']['href']; + + // $network !== NETWORK_DFRN + + $network = (($contact['network']) ? $contact['network'] : NETWORK_OSTATUS); + $notify = (($contact['notify']) ? $contact['notify'] : ''); + $poll = (($contact['poll']) ? $contact['poll'] : ''); + + if((! $contact['notify']) || (! $contact['poll'])) { + $arr = lrdd($contact['url']); + if(count($arr)) { + foreach($arr as $link) { + if($link['@attributes']['rel'] === 'salmon') + $notify = $link['@attributes']['href']; + if($link['@attributes']['rel'] === NAMESPACE_FEED) + $poll = $link['@attributes']['href']; + } } } + $new_relation = $contact['rel']; + if($network === NETWORK_DIASPORA && $duplex) + $new_relation = CONTACT_IS_FRIEND; + $r = q("DELETE FROM `intro` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($intro_id), intval($uid) @@ -368,7 +379,8 @@ function dfrn_confirm_post(&$a,$handsfree = null) { `poll` = '%s', `blocked` = 0, `pending` = 0, - `network` = 'stat' + `network` = '%s', + `rel` = %d WHERE `id` = %d LIMIT 1 ", dbesc($photos[0]), @@ -379,6 +391,8 @@ function dfrn_confirm_post(&$a,$handsfree = null) { dbesc(datetime_convert()), dbesc($notify), dbesc($poll), + dbesc($network), + intval($new_relation), intval($contact_id) ); } @@ -401,7 +415,13 @@ function dfrn_confirm_post(&$a,$handsfree = null) { $r = q("SELECT `hide-friends` FROM `profile` WHERE `uid` = %d AND `is-default` = 1 LIMIT 1", intval($uid) ); - if((count($r)) && ($r[0]['hide-friends'] == 0) && (is_array($contact)) && isset($new_relation) && ($new_relation == REL_BUD)) { + if((count($r)) && ($r[0]['hide-friends'] == 0) && (is_array($contact)) && isset($new_relation) && ($new_relation == CONTACT_IS_FRIEND)) { + + if($r[0]['network'] === NETWORK_DIASPORA) { + require_once('include/diaspora.php'); + $ret = diaspora_share($user[0],$r[0]); + logger('mod_follow: diaspora_share returns: ' . $ret); + } require_once('include/items.php'); @@ -528,12 +548,22 @@ function dfrn_confirm_post(&$a,$handsfree = null) { dbesc($decrypted_source_url), intval($local_uid) ); - if(! count($ret)) { - // this is either a bogus confirmation (?) or we deleted the original introduction. - $message = t('Contact record was not found for you on our site.'); - xml_status(3,$message); - return; // NOTREACHED + if(strstr($decrypted_source_url,'http:')) + $newurl = str_replace('http:','https:',$decrypted_source_url); + else + $newurl = str_replace('https:','http:',$decrypted_source_url); + + $ret = q("SELECT * FROM `contact` WHERE `url` = '%s' AND `uid` = %d LIMIT 1", + dbesc($newurl), + intval($local_uid) + ); + if(! count($r)) { + // this is either a bogus confirmation (?) or we deleted the original introduction. + $message = t('Contact record was not found for you on our site.'); + xml_status(3,$message); + return; // NOTREACHED + } } $relation = $ret[0]['rel']; @@ -592,11 +622,11 @@ function dfrn_confirm_post(&$a,$handsfree = null) { logger('dfrn_confirm: request - photos imported'); - $new_relation = REL_FAN; - if(($relation == REL_VIP) || ($duplex)) - $new_relation = REL_BUD; + $new_relation = CONTACT_IS_SHARING; + if(($relation == CONTACT_IS_FOLLOWER) || ($duplex)) + $new_relation = CONTACT_IS_FRIEND; - if(($relation == REL_VIP) && ($duplex)) + if(($relation == CONTACT_IS_FOLLOWER) && ($duplex)) $duplex = 0; $r = q("UPDATE `contact` SET @@ -639,7 +669,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { if((count($r)) && ($r[0]['notify-flags'] & NOTIFY_CONFIRM)) { push_lang($r[0]['language']); - $tpl = (($new_relation == REL_BUD) + $tpl = (($new_relation == CONTACT_IS_FRIEND) ? get_intltext_template('friend_complete_eml.tpl') : get_intltext_template('intro_complete_eml.tpl')); @@ -672,7 +702,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { // somebody arrived here by mistake or they are fishing. Send them to the homepage. - goaway($a->get_baseurl()); + goaway(z_root()); // NOTREACHED } diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php index 0dc96f8a7..f284b8b38 100644 --- a/mod/dfrn_notify.php +++ b/mod/dfrn_notify.php @@ -704,6 +704,7 @@ function dfrn_notify_post(&$a) { $ev['uid'] = $importer['uid']; $ev['uri'] = $item_id; $ev['edited'] = $datarray['edited']; + $ev['private'] = $datarray['private']; $r = q("SELECT * FROM `event` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($item_id), diff --git a/mod/dfrn_poll.php b/mod/dfrn_poll.php index 76803ef1b..09f198b81 100644 --- a/mod/dfrn_poll.php +++ b/mod/dfrn_poll.php @@ -61,7 +61,7 @@ function dfrn_poll_init(&$a) { $my_id = '0:' . $dfrn_id; break; default: - goaway($a->get_baseurl()); + goaway(z_root()); break; // NOTREACHED } @@ -100,7 +100,7 @@ function dfrn_poll_init(&$a) { $profile = $r[0]['nickname']; goaway((strlen($destination_url)) ? $destination_url : $a->get_baseurl() . '/profile/' . $profile); } - goaway($a->get_baseurl()); + goaway(z_root()); } @@ -297,7 +297,7 @@ function dfrn_poll_post(&$a) { $my_id = '0:' . $dfrn_id; break; default: - goaway($a->get_baseurl()); + goaway(z_root()); break; // NOTREACHED } @@ -420,7 +420,7 @@ function dfrn_poll_content(&$a) { $my_id = '0:' . $dfrn_id; break; default: - goaway($a->get_baseurl()); + goaway(z_root()); break; // NOTREACHED } diff --git a/mod/dfrn_request.php b/mod/dfrn_request.php index c9811fa60..79070604b 100644 --- a/mod/dfrn_request.php +++ b/mod/dfrn_request.php @@ -48,7 +48,7 @@ function dfrn_request_post(&$a) { if($_POST['cancel']) { - goaway($a->get_baseurl()); + goaway(z_root()); } @@ -190,7 +190,7 @@ function dfrn_request_post(&$a) { // invalid/bogus request notice( t('Unrecoverable protocol error.') . EOL ); - goaway($a->get_baseurl()); + goaway(z_root()); return; // NOTREACHED } @@ -309,7 +309,7 @@ function dfrn_request_post(&$a) { notice( t('You have already introduced yourself here.') . EOL ); return; } - elseif($ret[0]['rel'] == REL_BUD) { + elseif($ret[0]['rel'] == CONTACT_IS_FRIEND) { notice( sprintf( t('Apparently you are already friends with %s.'), $a->profile['name']) . EOL); return; } @@ -445,7 +445,7 @@ function dfrn_request_post(&$a) { * * OStatus network * Check contact existence - * Try and scrape together enough information to create a contact record, with us as REL_VIP + * Try and scrape together enough information to create a contact record, with us as CONTACT_IS_FOLLOWER * Substitute our user's feed URL into $url template * Send the subscriber home to subscribe * @@ -602,7 +602,7 @@ function dfrn_request_content(&$a) { $myaddr = $a->get_baseurl() . '/profile/' . $a->user['nickname']; } else { - $myaddr = $a->user['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3 ); + $myaddr = $a->user['nickname'] . '@' . substr(z_root(), strpos(z_root(),'://') + 3 ); } } elseif(x($_GET,'addr')) { diff --git a/mod/display.php b/mod/display.php index 159ff57ed..52a84e755 100644 --- a/mod/display.php +++ b/mod/display.php @@ -114,7 +114,7 @@ function display_content(&$a) { } - $o .= '<div class="cc-license">' . t('Shared content is covered by the <a href="http://creativecommons.org/licenses/by/3.0/">Creative Commons Attribution 3.0</a> license.') . '</div>'; + $o .= cc_license(); return $o; } diff --git a/mod/events.php b/mod/events.php index b0b54601f..27ca69830 100644 --- a/mod/events.php +++ b/mod/events.php @@ -297,6 +297,12 @@ function events_content(&$a) { $fhour = ((x($orig_event)) ? datetime_convert('UTC', $tz, $fdt, 'H') : 0); $fminute = ((x($orig_event)) ? datetime_convert('UTC', $tz, $fdt, 'i') : 0); + $f = get_config('system','event_input_format'); + if(! $f) + $f = 'ymd'; + + $dateformat = datesel_format($f); + $timeformat = t('hour:minute'); require_once('include/acl_selectors.php'); @@ -306,14 +312,14 @@ function events_content(&$a) { '$cid' => $cid, '$uri' => $uri, '$e_text' => t('Event details'), - '$e_desc' => t('Format is year-month-day hour:minute. Starting date and Description are required.'), + '$e_desc' => sprintf( t('Format is %s %s. Starting date and Description are required.'),$dateformat,$timeformat), '$s_text' => t('Event Starts:') . ' <span class="required">*</span> ', - '$s_dsel' => datesel('start',$syear+5,$syear,false,$syear,$smonth,$sday), + '$s_dsel' => datesel($f,'start',$syear+5,$syear,false,$syear,$smonth,$sday), '$s_tsel' => timesel('start',$shour,$sminute), '$n_text' => t('Finish date/time is not known or not relevant'), '$n_checked' => $n_checked, '$f_text' => t('Event Finishes:'), - '$f_dsel' => datesel('finish',$fyear+5,$fyear,false,$fyear,$fmonth,$fday), + '$f_dsel' => datesel($f,'finish',$fyear+5,$fyear,false,$fyear,$fmonth,$fday), '$f_tsel' => timesel('finish',$fhour,$fminute), '$a_text' => t('Adjust for viewer timezone'), '$a_checked' => $a_checked, diff --git a/mod/follow.php b/mod/follow.php index 830399ff5..14b2ea46c 100644 --- a/mod/follow.php +++ b/mod/follow.php @@ -58,7 +58,7 @@ function follow_post(&$a) { } if($ret['network'] === NETWORK_OSTATUS && get_config('system','ostatus_disabled')) { - notice( t('Communication options with this network have been restricted.') . EOL); + notice( t('The profile address specified belongs to a network which has been disabled on this site.') . EOL); $ret['notify'] = ''; } @@ -71,6 +71,9 @@ function follow_post(&$a) { $writeable = 1; } + if($ret['network'] === NETWORK_DIASPORA) + $writeable = 1; + // check if we already have a contact // the poll url is more reliable than the profile url, as we may have // indirect links or webfinger links @@ -82,15 +85,20 @@ function follow_post(&$a) { if(count($r)) { // update contact - if($r[0]['rel'] == REL_VIP) { + if($r[0]['rel'] == CONTACT_IS_FOLLOWER || ($network === NETWORK_DIASPORA && $r[0]['rel'] == CONTACT_IS_SHARING)) { q("UPDATE `contact` SET `rel` = %d , `readonly` = 0 WHERE `id` = %d AND `uid` = %d LIMIT 1", - intval(REL_BUD), + intval(CONTACT_IS_FRIEND), intval($r[0]['id']), intval(local_user()) ); } } else { + + $new_relation = (($ret['network'] === NETWORK_MAIL) ? CONTACT_IS_FRIEND : CONTACT_IS_SHARING); + if($ret['network'] === NETWORK_DIASPORA) + $new_relation = CONTACT_IS_FOLLOWER; + // create contact record $r = q("INSERT INTO `contact` ( `uid`, `created`, `url`, `addr`, `alias`, `notify`, `poll`, `name`, `nick`, `photo`, `network`, `rel`, `priority`, `writable`, `blocked`, `readonly`, `pending` ) @@ -106,7 +114,7 @@ function follow_post(&$a) { dbesc($ret['nick']), dbesc($ret['photo']), dbesc($ret['network']), - intval(($ret['network'] === NETWORK_MAIL) ? REL_BUD : REL_FAN), + intval($new_relation), intval($ret['priority']), intval($writeable) ); @@ -175,10 +183,16 @@ function follow_post(&$a) { intval(local_user()) ); - - if((count($r)) && (x($contact,'notify')) && (strlen($contact['notify']))) { - require_once('include/salmon.php'); - slapper($r[0],$contact['notify'],$slap); + if(count($r)) { + if(($contact['network'] == NETWORK_OSTATUS) && (strlen($contact['notify']))) { + require_once('include/salmon.php'); + slapper($r[0],$contact['notify'],$slap); + } + if($contact['network'] == NETWORK_DIASPORA) { + require_once('include/diaspora.php'); + $ret = diaspora_share($a->user,$r[0]); + logger('mod_follow: diaspora_share returns: ' . $ret); + } } goaway($_SESSION['return_url']); diff --git a/mod/friendika.php b/mod/friendika.php index 753a9f478..d0e709c75 100644 --- a/mod/friendika.php +++ b/mod/friendika.php @@ -16,7 +16,7 @@ function friendika_init(&$a) { $data = Array( 'version' => FRIENDIKA_VERSION, - 'url' => $a->get_baseurl(), + 'url' => z_root(), 'plugins' => $a->plugins, 'register_policy' => $register_policy[$a->config['register_policy']], 'admin' => $admin, @@ -40,7 +40,7 @@ function friendika_content(&$a) { $o .= '<p></p><p>'; $o .= t('This is Friendika version') . ' ' . FRIENDIKA_VERSION . ' '; - $o .= t('running at web location') . ' ' . $a->get_baseurl() . '</p><p>'; + $o .= t('running at web location') . ' ' . z_root() . '</p><p>'; $o .= t('Shared content within the Friendika network is provided under the <a href="http://creativecommons.org/licenses/by/3.0/">Creative Commons Attribution 3.0 license</a>') . '</p><p>'; diff --git a/mod/hcard.php b/mod/hcard.php new file mode 100644 index 000000000..5505ca08e --- /dev/null +++ b/mod/hcard.php @@ -0,0 +1,50 @@ +<?php + +function hcard_init(&$a) { + + if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) + return; + + if($a->argc > 1) + $which = $a->argv[1]; + else { + notice( t('No profile') . EOL ); + $a->error = 404; + return; + } + + $profile = 0; + if((local_user()) && ($a->argc > 2) && ($a->argv[2] === 'view')) { + $which = $a->user['nickname']; + $profile = $a->argv[1]; + } + + profile_load($a,$which,$profile); + + if((x($a->profile,'page-flags')) && ($a->profile['page-flags'] == PAGE_COMMUNITY)) { + $a->page['htmlhead'] .= '<meta name="friendika.community" content="true" />'; + } + if(x($a->profile,'openidserver')) + $a->page['htmlhead'] .= '<link rel="openid.server" href="' . $a->profile['openidserver'] . '" />' . "\r\n"; + if(x($a->profile,'openid')) { + $delegate = ((strstr($a->profile['openid'],'://')) ? $a->profile['openid'] : 'http://' . $a->profile['openid']); + $a->page['htmlhead'] .= '<link rel="openid.delegate" href="' . $delegate . '" />' . "\r\n"; + } + + $keywords = ((x($a->profile,'pub_keywords')) ? $a->profile['pub_keywords'] : ''); + $keywords = str_replace(array(',',' ',',,'),array(' ',',',','),$keywords); + if(strlen($keywords)) + $a->page['htmlhead'] .= '<meta name="keywords" content="' . $keywords . '" />' . "\r\n" ; + + $a->page['htmlhead'] .= '<meta name="dfrn-global-visibility" content="' . (($a->profile['net-publish']) ? 'true' : 'false') . '" />' . "\r\n" ; + $a->page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . $a->get_baseurl() . '/dfrn_poll/' . $which .'" />' . "\r\n" ; + $uri = urlencode('acct:' . $a->profile['nickname'] . '@' . $a->get_hostname() . (($a->path) ? '/' . $a->path : '')); + $a->page['htmlhead'] .= '<link rel="lrdd" type="application/xrd+xml" href="' . $a->get_baseurl() . '/xrd/?uri=' . $uri . '" />' . "\r\n"; + header('Link: <' . $a->get_baseurl() . '/xrd/?uri=' . $uri . '>; rel="lrdd"; type="application/xrd+xml"', false); + + $dfrn_pages = array('request', 'confirm', 'notify', 'poll'); + foreach($dfrn_pages as $dfrn) + $a->page['htmlhead'] .= "<link rel=\"dfrn-{$dfrn}\" href=\"".$a->get_baseurl()."/dfrn_{$dfrn}/{$which}\" />\r\n"; + +} + diff --git a/mod/help.php b/mod/help.php index 561f5381f..495b4ccc2 100644 --- a/mod/help.php +++ b/mod/help.php @@ -9,7 +9,9 @@ function load_doc_file($s) { $d = dirname($s); if(file_exists("$d/$lang/$b")) return file_get_contents("$d/$lang/$b"); - return file_get_contents($s); + if(file_exists($s)) + return file_get_contents($s); + return ''; }} @@ -31,7 +33,12 @@ function help_content(&$a) { $a->page['title'] = t('Help'); } - + if(! strlen($text)) { + header($_SERVER["SERVER_PROTOCOL"] . ' 404 ' . t('Not Found')); + notice( t('Page not found.' ) . EOL); + return; + } + return Markdown($text); }
\ No newline at end of file diff --git a/mod/hostxrd.php b/mod/hostxrd.php new file mode 100644 index 000000000..c7861d26d --- /dev/null +++ b/mod/hostxrd.php @@ -0,0 +1,11 @@ +<?php + +function hostxrd_init(&$a) { + header('Access-Control-Allow-Origin: *'); + header("Content-type: text/xml"); + $tpl = file_get_contents('view/xrd_host.tpl'); + echo str_replace(array('$zroot','$domain'),array(z_root(),z_path()),$tpl); + session_write_close(); + exit(); + +}
\ No newline at end of file diff --git a/mod/install.php b/mod/install.php index 970ff6af8..27cc6af84 100644 --- a/mod/install.php +++ b/mod/install.php @@ -123,15 +123,15 @@ function install_content(&$a) { $o .= replace_macros($tpl, array( '$lbl_01' => t('Friendika Social Network'), '$lbl_02' => t('Installation'), - '$lbl_03' => t('In order to install Friendika we need to know how to contact your database.'), + '$lbl_03' => t('In order to install Friendika we need to know how to connect to your database.'), '$lbl_04' => t('Please contact your hosting provider or site administrator if you have questions about these settings.'), - '$lbl_05' => t('The database you specify below must already exist. If it does not, please create it before continuing.'), + '$lbl_05' => t('The database you specify below should already exist. If it does not, please create it before continuing.'), '$lbl_06' => t('Database Server Name'), '$lbl_07' => t('Database Login Name'), '$lbl_08' => t('Database Login Password'), '$lbl_09' => t('Database Name'), '$lbl_10' => t('Please select a default timezone for your website'), - '$lbl_11' => t('Site administrator email address. Your account email address will need match this.'), + '$lbl_11' => t('Site administrator email address. Your account email address must match this in order to use the web admin panel.'), '$baseurl' => $a->get_baseurl(), '$tzselect' => ((x($_POST,'timezone')) ? select_timezone($_POST['timezone']) : select_timezone()), '$submit' => t('Submit'), diff --git a/mod/item.php b/mod/item.php index f6f665a18..ef0b232d5 100644 --- a/mod/item.php +++ b/mod/item.php @@ -6,6 +6,8 @@ * text stuff. This function handles status, wall-to-wall status, * local comments, and remote coments - that are posted on this site * (as opposed to being delivered in a feed). + * Also processed here are posts and comments coming through the + * statusnet/twitter API. * All of these become an "item" which is our basic unit of * information. * Posts that originate externally or do not fall into the above @@ -33,22 +35,61 @@ function item_post(&$a) { call_hooks('post_local_start', $_POST); + $api_source = ((x($_POST,'api_source') && $_POST['api_source']) ? true : false); + + /** + * Is this a reply to something? + */ + $parent = ((x($_POST,'parent')) ? intval($_POST['parent']) : 0); + $parent_uri = ((x($_POST,'parent_uri')) ? trim($_POST['parent_uri']) : ''); $parent_item = null; $parent_contact = null; + $thr_parent = ''; + $parid = 0; + $r = false; - if($parent) { - $r = q("SELECT * FROM `item` WHERE `id` = %d LIMIT 1", - intval($parent) - ); - if(! count($r)) { + if($parent || $parent_uri) { + + if(! x($_POST,'type')) + $_POST['type'] = 'net-comment'; + + if($parent) { + $r = q("SELECT * FROM `item` WHERE `id` = %d LIMIT 1", + intval($parent) + ); + } + elseif($parent_uri && local_user()) { + // This is coming from an API source, and we are logged in + $r = q("SELECT * FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", + dbesc($parent_uri), + intval(local_user()) + ); + } + // if this isn't the real parent of the conversation, find it + if($r !== false && count($r)) { + $parid = $r[0]['parent']; + if($r[0]['id'] != $r[0]['parent']) { + $r = q("SELECT * FROM `item` WHERE `id` = `parent` AND `parent` = %d LIMIT 1", + intval($parid) + ); + } + } + + if(($r === false) || (! count($r))) { notice( t('Unable to locate original post.') . EOL); if(x($_POST,'return')) goaway($a->get_baseurl() . "/" . $_POST['return'] ); killme(); } $parent_item = $r[0]; + $parent = $r[0]['id']; + + // multi-level threading - preserve the info but re-parent to our single level threading + if(($parid) && ($parid != $parent)) + $thr_parent = $parent_uri; + if($parent_item['contact-id'] && $uid) { $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($parent_item['contact-id']), @@ -59,6 +100,8 @@ function item_post(&$a) { } } + if($parent) logger('mod_post: parent=' . $parent); + $profile_uid = ((x($_POST,'profile_uid')) ? intval($_POST['profile_uid']) : 0); $post_id = ((x($_POST['post_id'])) ? intval($_POST['post_id']) : 0); $app = ((x($_POST['source'])) ? strip_tags($_POST['source']) : ''); @@ -135,6 +178,20 @@ function item_post(&$a) { $pubmail_enable = ((x($_POST,'pubmail_enable') && intval($_POST['pubmail_enable']) && (! $private)) ? 1 : 0); + // if using the API, we won't see pubmail_enable - figure out if it should be set + + if($api_source && $profile_uid && $profile_uid == local_user() && (! $private)) { + $mail_disabled = ((function_exists('imap_open') && (! get_config('system','imap_disabled'))) ? 0 : 1); + if(! $mail_disabled) { + $r = q("SELECT * FROM `mailacct` WHERE `uid` = %d AND `server` != '' LIMIT 1", + intval(local_user()) + ); + if(count($r) && intval($r[0]['pubmail'])) + $pubmail_enabled = true; + } + } + + if(! strlen($body)) { info( t('Empty post discarded.') . EOL ); if(x($_POST,'return')) @@ -180,6 +237,8 @@ function item_post(&$a) { $contact_record = $r[0]; } + + $post_type = notags(trim($_POST['type'])); if($post_type === 'net-comment') { @@ -259,6 +318,10 @@ function item_post(&$a) { if(count($r)) { $r = q("UPDATE `attach` SET `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' WHERE `uid` = %d AND `id` = %d LIMIT 1", + dbesc($str_contact_allow), + dbesc($str_group_allow), + dbesc($str_contact_deny), + dbesc($str_group_deny), intval($profile_uid), intval($attach) ); @@ -391,7 +454,7 @@ function item_post(&$a) { if(count($r)) { if(strlen($attachments)) $attachments .= ','; - $attachments .= '[attach]href="' . $a->get_baseurl() . '/attach/' . $r[0]['id'] . '" size="' . $r[0]['filesize'] . '" type="' . $r[0]['filetype'] . '" title="' . (($r[0]['filename']) ? $r[0]['filename'] : ' ') . '"[/attach]'; + $attachments .= '[attach]href="' . $a->get_baseurl() . '/attach/' . $r[0]['id'] . '" length="' . $r[0]['filesize'] . '" type="' . $r[0]['filetype'] . '" title="' . (($r[0]['filename']) ? $r[0]['filename'] : '') . '"[/attach]'; } $body = str_replace($match[1],'',$body); } @@ -443,6 +506,7 @@ function item_post(&$a) { $datarray['private'] = $private; $datarray['pubmail'] = $pubmail_enable; $datarray['attach'] = $attachments; + $datarray['thr-parent'] = $thr_parent; /** * These fields are for the convenience of plugins... @@ -456,6 +520,9 @@ function item_post(&$a) { if($orig_post) $datarray['edit'] = true; + else + $datarray['guid'] = get_guid(); + call_hooks('post_local',$datarray); @@ -479,10 +546,11 @@ function item_post(&$a) { $post_id = 0; - $r = q("INSERT INTO `item` (`uid`,`type`,`wall`,`gravity`,`contact-id`,`owner-name`,`owner-link`,`owner-avatar`, - `author-name`, `author-link`, `author-avatar`, `created`, `edited`, `received`, `changed`, `uri`, `title`, `body`, `app`, `location`, `coord`, + $r = q("INSERT INTO `item` (`guid`, `uid`,`type`,`wall`,`gravity`,`contact-id`,`owner-name`,`owner-link`,`owner-avatar`, + `author-name`, `author-link`, `author-avatar`, `created`, `edited`, `received`, `changed`, `uri`, `thr-parent`, `title`, `body`, `app`, `location`, `coord`, `tag`, `inform`, `verb`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid`, `private`, `pubmail`, `attach` ) - VALUES( %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s' )", + VALUES( '%s', %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s' )", + dbesc($datarray['guid']), intval($datarray['uid']), dbesc($datarray['type']), intval($datarray['wall']), @@ -499,6 +567,7 @@ function item_post(&$a) { dbesc($datarray['received']), dbesc($datarray['changed']), dbesc($datarray['uri']), + dbesc($datarray['thr-parent']), dbesc($datarray['title']), dbesc($datarray['body']), dbesc($datarray['app']), @@ -731,12 +800,16 @@ function item_post(&$a) { } logger('post_complete'); + + // figure out how to return, depending on from whence we came + + if($api_source) + return; + if((x($_POST,'return')) && strlen($_POST['return'])) { logger('return: ' . $_POST['return']); goaway($a->get_baseurl() . "/" . $_POST['return'] ); } - if($_POST['api_source']) - return; $json = array('success' => 1); if(x($_POST,'jsreload') && strlen($_POST['jsreload'])) $json['reload'] = $a->get_baseurl() . '/' . $_POST['jsreload']; diff --git a/mod/login.php b/mod/login.php index 58af42d74..10b4d3001 100644 --- a/mod/login.php +++ b/mod/login.php @@ -3,6 +3,8 @@ function login_content(&$a) { if(x($_SESSION,'theme')) unset($_SESSION['theme']); + if(local_user()) + goaway(z_root()); return login(($a->config['register_policy'] == REGISTER_CLOSED) ? false : true); }
\ No newline at end of file diff --git a/mod/lostpass.php b/mod/lostpass.php index 3453a0db4..b71398fa4 100644 --- a/mod/lostpass.php +++ b/mod/lostpass.php @@ -5,7 +5,7 @@ function lostpass_post(&$a) { $email = notags(trim($_POST['login-name'])); if(! $email) - goaway($a->get_baseurl()); + goaway(z_root()); $r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' ) AND `verified` = 1 AND `blocked` = 0 LIMIT 1", dbesc($email), @@ -14,7 +14,7 @@ function lostpass_post(&$a) { if(! count($r)) { notice( t('No valid account found.') . EOL); - goaway($a->get_baseurl()); + goaway(z_root()); } $uid = $r[0]['uid']; @@ -46,7 +46,7 @@ function lostpass_post(&$a) { . 'Content-transfer-encoding: 8bit' ); - goaway($a->get_baseurl()); + goaway(z_root()); } @@ -62,7 +62,7 @@ function lostpass_content(&$a) { ); if(! count($r)) { notice( t("Request could not be verified. \x28You may have previously submitted it.\x29 Password reset failed.") . EOL); - goaway($a->get_baseurl()); + goaway(z_root()); return; } $uid = $r[0]['uid']; diff --git a/mod/network.php b/mod/network.php index 8d377fa0e..7cac7b858 100644 --- a/mod/network.php +++ b/mod/network.php @@ -297,9 +297,8 @@ function network_content(&$a, $update = 0) { $o .= conversation($a,$r,$mode,$update); if(! $update) { - $o .= paginate($a); - $o .= '<div class="cc-license">' . t('Shared content is covered by the <a href="http://creativecommons.org/licenses/by/3.0/">Creative Commons Attribution 3.0</a> license.') . '</div>'; + $o .= cc_license(); } return $o; diff --git a/mod/notifications.php b/mod/notifications.php index 6f9ece184..920d0d82d 100644 --- a/mod/notifications.php +++ b/mod/notifications.php @@ -3,7 +3,7 @@ function notifications_post(&$a) { if(! local_user()) { - goaway($a->get_baseurl()); + goaway(z_root()); } $request_id = (($a->argc > 1) ? $a->argv[1] : 0); @@ -60,7 +60,7 @@ function notifications_content(&$a) { if(! local_user()) { notice( t('Permission denied.') . EOL); - goaway($a->get_baseurl()); + return; } $o = ''; @@ -122,23 +122,25 @@ function notifications_content(&$a) { continue; } - $friend_selected = (($rr['network'] !== 'stat') ? ' checked="checked" ' : ' disabled '); - $fan_selected = (($rr['network'] === 'stat') ? ' checked="checked" disabled ' : ''); + $friend_selected = (($rr['network'] !== NETWORK_OSTATUS) ? ' checked="checked" ' : ' disabled '); + $fan_selected = (($rr['network'] === NETWORK_OSTATUS) ? ' checked="checked" disabled ' : ''); $dfrn_tpl = get_markup_template('netfriend.tpl'); $knowyou = ''; $dfrn_text = ''; - if($rr['network'] !== 'stat') { - $knowyou = t('Claims to be known to you: ') . (($rr['knowyou']) ? t('yes') : t('no')); - + if($rr['network'] === NETWORK_DFRN || $rr['network'] === NETWORK_DIASPORA) { + if($rr['network'] === NETWORK_DFRN) + $knowyou = t('Claims to be known to you: ') . (($rr['knowyou']) ? t('yes') : t('no')); + else + $knowyou = ''; $dfrn_text = replace_macros($dfrn_tpl,array( '$intro_id' => $rr['intro_id'], '$friend_selected' => $friend_selected, '$fan_selected' => $fan_selected, '$approve_as' => t('Approve as: '), '$as_friend' => t('Friend'), - '$as_fan' => t('Fan/Admirer') + '$as_fan' => (($rr['network'] == NETWORK_DIASPORA) ? t('Sharer') : t('Fan/Admirer')) )); } @@ -146,7 +148,7 @@ function notifications_content(&$a) { $o .= replace_macros($tpl,array( '$str_notifytype' => t('Notification type: '), - '$notify_type' => (($rr['network'] !== 'stat') ? t('Friend/Connect Request') : t('New Follower')), + '$notify_type' => (($rr['network'] !== NETWORK_OSTATUS) ? t('Friend/Connect Request') : t('New Follower')), '$dfrn_text' => $dfrn_text, '$dfrn_id' => $rr['issued-id'], '$uid' => $_SESSION['uid'], diff --git a/mod/openid.php b/mod/openid.php index 537d84ce3..6fbd013b8 100644 --- a/mod/openid.php +++ b/mod/openid.php @@ -8,7 +8,7 @@ function openid_content(&$a) { $noid = get_config('system','no_openid'); if($noid) - goaway($a->get_baseurl()); + goaway(z_root()); if((x($_GET,'openid_mode')) && (x($_SESSION,'openid'))) { $openid = new LightOpenID; @@ -49,7 +49,7 @@ function openid_content(&$a) { if($a->config['register_policy'] != REGISTER_CLOSED) goaway($a->get_baseurl() . '/register' . $args); else - goaway($a->get_baseurl()); + goaway(z_root()); // NOTREACHED } @@ -60,7 +60,7 @@ function openid_content(&$a) { ); if(! count($r)) { notice( t('Login failed.') . EOL ); - goaway($a->get_baseurl()); + goaway(z_root()); } unset($_SESSION['openid']); @@ -116,10 +116,10 @@ function openid_content(&$a) { if(($a->module !== 'home') && isset($_SESSION['return_url'])) goaway($a->get_baseurl() . '/' . $_SESSION['return_url']); else - goaway($a->get_baseurl()); + goaway(z_root()); } } notice( t('Login failed.') . EOL); - goaway($a->get_baseurl()); + goaway(z_root()); // NOTREACHED } diff --git a/mod/parse_url.php b/mod/parse_url.php index 46c6b46e9..9bb0bc464 100644 --- a/mod/parse_url.php +++ b/mod/parse_url.php @@ -116,7 +116,7 @@ function parse_url_content(&$a) { } if(strlen($text)) { - $text = '<br /><br />' . $text; + $text = '<br /><br /><blockquote>' . $text . '</blockquote><br />'; } echo sprintf($template,$url,($title) ? $title : $url,$text); diff --git a/mod/photo.php b/mod/photo.php index 9809aa418..3994620f8 100644 --- a/mod/photo.php +++ b/mod/photo.php @@ -5,6 +5,11 @@ require_once('include/security.php'); function photo_init(&$a) { switch($a->argc) { + case 4: + $person = $a->argv[3]; + $customres = intval($a->argv[2]); + $type = $a->argv[1]; + break; case 3: $person = $a->argv[2]; $type = $a->argv[1]; @@ -29,6 +34,7 @@ function photo_init(&$a) { switch($type) { case 'profile': + case 'custom': $resolution = 4; break; case 'micro': @@ -113,8 +119,17 @@ function photo_init(&$a) { // NOTREACHED } + if(intval($customres) && $customres > 0 && $customres < 500) { + require_once('include/Photo.php'); + $ph = new Photo($data); + if($ph->is_valid()) { + $ph->scaleImageSquare($customres); + $data = $ph->imageString(); + } + } + header("Content-type: image/jpeg"); echo $data; killme(); // NOTREACHED -}
\ No newline at end of file +} diff --git a/mod/photos.php b/mod/photos.php index 4a72bb680..cb13b7603 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -903,7 +903,7 @@ function photos_content(&$a) { $album = hex2bin($datum); $r = q("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` = '%s' - $sql_extra GROUP BY `resource-id`", + AND `scale` <= 4 $sql_extra GROUP BY `resource-id`", intval($owner_uid), dbesc($album) ); @@ -913,7 +913,7 @@ function photos_content(&$a) { } $r = q("SELECT `resource-id`, `id`, `filename`, max(`scale`) AS `scale`, `desc` FROM `photo` WHERE `uid` = %d AND `album` = '%s' - $sql_extra GROUP BY `resource-id` ORDER BY `created` DESC LIMIT %d , %d", + AND `scale` <= 4 $sql_extra GROUP BY `resource-id` ORDER BY `created` DESC LIMIT %d , %d", intval($owner_uid), dbesc($album), intval($a->pager['start']), diff --git a/mod/probe.php b/mod/probe.php new file mode 100644 index 000000000..c95db291b --- /dev/null +++ b/mod/probe.php @@ -0,0 +1,24 @@ +<?php + +require_once('include/Scrape.php'); + +function probe_content(&$a) { + + $o .= '<h3>Probe Diagnostic</h3>'; + + $o .= '<form action="probe" method="get">'; + $o .= 'Lookup address: <input type="text" style="width: 250px;" name="addr" value="' . $_GET['addr'] .'" />'; + $o .= '<input type="submit" name="submit" value="Submit" /></form>'; + + $o .= '<br /><br />'; + + if(x($_GET,'addr')) { + + $addr = trim($_GET['addr']); + $res = probe_url($addr); + $o .= '<pre>'; + $o .= str_replace("\n",'<br />',print_r($res,true)); + $o .= '</pre>'; + } + return $o; +} diff --git a/mod/profile.php b/mod/profile.php index 7e47c91bb..b309ea647 100644 --- a/mod/profile.php +++ b/mod/profile.php @@ -21,7 +21,7 @@ function profile_init(&$a) { profile_load($a,$which,$profile); - if((x($a->profile,'page-flags')) && ($a->profile['page-flags'] & PAGE_COMMUNITY)) { + if((x($a->profile,'page-flags')) && ($a->profile['page-flags'] == PAGE_COMMUNITY)) { $a->page['htmlhead'] .= '<meta name="friendika.community" content="true" />'; } if(x($a->profile,'openidserver')) @@ -236,9 +236,8 @@ function profile_content(&$a, $update = 0) { $o .= conversation($a,$r,'profile',$update); if(! $update) { - $o .= paginate($a); - $o .= '<div class="cc-license">' . t('Shared content is covered by the <a href="http://creativecommons.org/licenses/by/3.0/">Creative Commons Attribution 3.0</a> license.') . '</div>'; + $o .= cc_license(); } return $o; diff --git a/mod/profiles.php b/mod/profiles.php index 7041249e2..9b0a2970b 100644 --- a/mod/profiles.php +++ b/mod/profiles.php @@ -361,6 +361,9 @@ function profiles_content(&$a) { $a->page['htmlhead'] .= replace_macros($tpl, array('$baseurl' => $a->get_baseurl())); $a->page['htmlhead'] .= "<script type=\"text/javascript\" src=\"include/country.js\" ></script>"; + $f = get_config('system','birthday_input_format'); + if(! $f) + $f = 'ymd'; $is_default = (($r[0]['is-default']) ? 1 : 0); $tpl = get_markup_template("profile_edit.tpl"); @@ -375,7 +378,7 @@ function profiles_content(&$a) { '$lbl_fullname' => t('Your Full Name:'), '$lbl_title' => t('Title/Description:'), '$lbl_gender' => t('Your Gender:'), - '$lbl_bd' => t("Birthday \x28y/m/d\x29:"), + '$lbl_bd' => sprintf( t("Birthday \x28%s\x29:"),datesel_format($f)), '$lbl_address' => t('Street Address:'), '$lbl_city' => t('Locality/City:'), '$lbl_zip' => t('Postal/Zip Code:'), @@ -466,7 +469,7 @@ function profiles_content(&$a) { '$id' => $rr['id'], '$alt' => t('Profile Image'), '$profile_name' => $rr['profile-name'], - '$visible' => (($rr['is-default']) ? '<strong>' . t('Visible to everybody') . '</strong>' + '$visible' => (($rr['is-default']) ? '<strong>' . t('visible to everybody') . '</strong>' : '<a href="' . $a->get_baseurl() . '/profperm/' . $rr['id'] . '" />' . t('Edit visibility') . '</a>') )); } diff --git a/mod/pubsub.php b/mod/pubsub.php index edb0a7fe1..d6e3d378f 100644 --- a/mod/pubsub.php +++ b/mod/pubsub.php @@ -111,8 +111,8 @@ function pubsub_post(&$a) { AND ( `rel` = %d OR `rel` = %d ) AND `blocked` = 0 AND `readonly` = 0 LIMIT 1", intval($contact_id), intval($importer['uid']), - intval(REL_FAN), - intval(REL_BUD) + intval(CONTACT_IS_SHARING), + intval(CONTACT_IS_FRIEND) ); if(! count($r)) { diff --git a/mod/receive.php b/mod/receive.php index 6fb68e154..19c163967 100644 --- a/mod/receive.php +++ b/mod/receive.php @@ -6,25 +6,14 @@ require_once('include/salmon.php'); -require_once('library/simplepie/simplepie.inc'); - -function receive_return($val) { - - if($val >= 400) - $err = 'Error'; - if($val >= 200 && $val < 300) - $err = 'OK'; - - logger('mod-diaspora returns ' . $val); - header($_SERVER["SERVER_PROTOCOL"] . ' ' . $val . ' ' . $err); - killme(); - -} +require_once('include/crypto.php'); +require_once('include/diaspora.php'); + function receive_post(&$a) { if($a->argc != 3 || $a->argv[1] !== 'users') - receive_return(500); + http_status_exit(500); $guid = $a->argv[2]; @@ -32,183 +21,51 @@ function receive_post(&$a) { dbesc($guid) ); if(! count($r)) - salmon_return(500); + http_status_exit(500); $importer = $r[0]; - $xml = $_POST['xml']; + // It is an application/x-www-form-urlencoded + + $xml = urldecode($_POST['xml']); logger('mod-diaspora: new salmon ' . $xml, LOGGER_DATA); if(! $xml) - receive_return(500); - - // parse the xml - - $dom = simplexml_load_string($xml,'SimpleXMLElement',0,NAMESPACE_SALMON_ME); - - // figure out where in the DOM tree our data is hiding - - if($dom->provenance->data) - $base = $dom->provenance; - elseif($dom->env->data) - $base = $dom->env; - elseif($dom->data) - $base = $dom; - - if(! $base) { - logger('mod-diaspora: unable to locate salmon data in xml '); - receive_return(400); - } - - // Stash the signature away for now. We have to find their key or it won't be good for anything. - $signature = base64url_decode($base->sig); + http_status_exit(500); - // unpack the data + $msg = diaspora_decode($importer,$xml); - // strip whitespace so our data element will return to one big base64 blob - $data = str_replace(array(" ","\t","\r","\n"),array("","","",""),$base->data); + logger('mod-diaspora: decoded msg: ' . print_r($msg,true), LOGGER_DATA); - // stash away some other stuff for later + if(! is_array($msg)) + http_status_exit(500); - $type = $base->data[0]->attributes()->type[0]; - $keyhash = $base->sig[0]->attributes()->keyhash[0]; - $encoding = $base->encoding; - $alg = $base->alg; - $signed_data = $data . '.' . base64url_encode($type) . '.' . base64url_encode($encoding) . '.' . base64url_encode($alg); + $parsed_xml = parse_xml_string($msg['message'],false); - // decode the data - $data = base64url_decode($data); + $xmlbase = $parsed_xml->post; - // Remove the xml declaration - $data = preg_replace('/\<\?xml[^\?].*\?\>/','',$data); - - // Create a fake feed wrapper so simplepie doesn't choke - - $tpl = get_markup_template('fake_feed.tpl'); - - $base = substr($data,strpos($data,'<entry')); - - $feedxml = $tpl . $base . '</feed>'; - - logger('mod-diaspora: Processed feed: ' . $feedxml); - - // Now parse it like a normal atom feed to scrape out the author URI - - $feed = new SimplePie(); - $feed->set_raw_data($feedxml); - $feed->enable_order_by_date(false); - $feed->init(); - - logger('mod-diaspora: Feed parsed.'); - - if($feed->get_item_quantity()) { - foreach($feed->get_items() as $item) { - $author = $item->get_author(); - $author_link = unxmlify($author->get_link()); - break; - } + if($xmlbase->request) { + diaspora_request($importer,$xmlbase->request); } - - if(! $author_link) { - logger('mod-diaspora: Could not retrieve author URI.'); - receive_return(400); + elseif($xmlbase->status_message) { + diaspora_post($importer,$xmlbase->status_message); } - - // Once we have the author URI, go to the web and try to find their public key - - logger('mod-salmon: Fetching key for ' . $author_link ); - - - $key = get_salmon_key($author_link,$keyhash); - - if(! $key) { - logger('mod-salmon: Could not retrieve author key.'); - receive_return(400); + elseif($xmlbase->comment) { + diaspora_comment($importer,$xmlbase->comment,$msg); } - - // Setup RSA stuff to verify the signature - - set_include_path(get_include_path() . PATH_SEPARATOR . 'library' . PATH_SEPARATOR . 'phpsec'); - - require_once('library/phpsec/Crypt/RSA.php'); - - $key_info = explode('.',$key); - - $m = base64url_decode($key_info[1]); - $e = base64url_decode($key_info[2]); - - logger('mod-salmon: key details: ' . print_r($key_info,true)); - - $rsa = new CRYPT_RSA(); - $rsa->signatureMode = CRYPT_RSA_SIGNATURE_PKCS1; - $rsa->setHash('sha256'); - - $rsa->modulus = new Math_BigInteger($m, 256); - $rsa->k = strlen($rsa->modulus->toBytes()); - $rsa->exponent = new Math_BigInteger($e, 256); - - $verify = $rsa->verify($signed_data,$signature); - - if(! $verify) { - logger('mod-diaspora: Message did not verify. Discarding.'); - receive_return(400); + elseif($xmlbase->like) { + diaspora_like($importer,$xmlbase->like,$msg); } - - logger('mod-diaspora: Message verified.'); - - /* decrypt the sucker */ - /* - // TODO - */ - - /* - * - * If we reached this point, the message is good. Now let's figure out if the author is allowed to send us stuff. - * - */ - - $r = q("SELECT * FROM `contact` WHERE `network` = 'dspr' AND ( `url` = '%s' OR `alias` = '%s') - AND `uid` = %d LIMIT 1", - dbesc($author_link), - dbesc($author_link), - intval($importer['uid']) - ); - if(! count($r)) { - logger('mod-diaspora: Author unknown to us.'); - } - - // is this a follower? Or have we ignored the person? - // If so we can not accept this post. - - if((count($r)) && (($r[0]['readonly']) || ($r[0]['rel'] == REL_VIP) || ($r[0]['blocked']))) { - logger('mod-diaspora: Ignoring this author.'); - receive_return(202); - // NOTREACHED + elseif($xmlbase->retraction) { + diaspora_retraction($importer,$xmlbase->retraction,$msg); + } + else { + logger('mod-diaspora: unknown message type: ' . print_r($xmlbase,true)); } - require_once('include/items.php'); - - // Placeholder for hub discovery. We shouldn't find any hubs - // since we supplied the fake feed header - and it doesn't have any. - - $hub = ''; - - /** - * - * anti-spam measure: consume_feed will accept a follow activity from - * this person (and nothing else) if there is no existing contact record. - * - */ - - $contact_rec = ((count($r)) ? $r[0] : null); - - consume_feed($feedxml,$importer,$contact_rec,$hub); - - receive_return(200); + http_status_exit(200); + // NOTREACHED } - - - diff --git a/mod/redir.php b/mod/redir.php index 8d0c8f4b3..eb9702b04 100644 --- a/mod/redir.php +++ b/mod/redir.php @@ -3,7 +3,7 @@ function redir_init(&$a) { if((! local_user()) || (! ($a->argc == 2)) || (! intval($a->argv[1]))) - goaway($a->get_baseurl()); + goaway(z_root()); $cid = $a->argv[1]; $url = ((x($_GET,'url')) ? $_GET['url'] : ''); @@ -13,7 +13,7 @@ function redir_init(&$a) { ); if((! count($r)) || ($r[0]['network'] !== 'dfrn')) - goaway($a->get_baseurl()); + goaway(z_root()); $dfrn_id = $orig_id = (($r[0]['issued-id']) ? $r[0]['issued-id'] : $r[0]['dfrn-id']); diff --git a/mod/register.php b/mod/register.php index 0906395d2..5fceebd4b 100644 --- a/mod/register.php +++ b/mod/register.php @@ -201,7 +201,7 @@ function register_post(&$a) { $r = q("INSERT INTO `user` ( `guid`, `username`, `password`, `email`, `openid`, `nickname`, `pubkey`, `prvkey`, `spubkey`, `sprvkey`, `register_date`, `verified`, `blocked` ) VALUES ( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d )", - dbesc(generate_guid()), + dbesc(generate_user_guid()), dbesc($username), dbesc($new_password_encoded), dbesc($email), @@ -373,7 +373,7 @@ function register_post(&$a) { if($res) { info( t('Registration successful. Please check your email for further instructions.') . EOL ) ; - goaway($a->get_baseurl()); + goaway(z_root()); } else { notice( t('Failed to send email message. Here is the message that failed.') . $email_tpl . EOL ); @@ -382,7 +382,7 @@ function register_post(&$a) { elseif($a->config['register_policy'] == REGISTER_APPROVE) { if(! strlen($a->config['admin_email'])) { notice( t('Your registration can not be processed.') . EOL); - goaway($a->get_baseurl()); + goaway(z_root()); } $hash = random_string(); @@ -428,7 +428,7 @@ function register_post(&$a) { if($res) { info( t('Your registration is pending approval by the site owner.') . EOL ) ; - goaway($a->get_baseurl()); + goaway(z_root()); } } @@ -501,7 +501,7 @@ function register_content(&$a) { } - $license = t('Shared content is covered by the <a href="http://creativecommons.org/licenses/by/3.0/">Creative Commons Attribution 3.0</a> license.'); + $license = cc_license(); $o = get_markup_template("register.tpl"); diff --git a/mod/removeme.php b/mod/removeme.php index 6a56963b6..c181ee6ea 100644 --- a/mod/removeme.php +++ b/mod/removeme.php @@ -29,7 +29,7 @@ function removeme_post(&$a) { function removeme_content(&$a) { if(! local_user()) - goaway($a->get_baseurl()); + goaway(z_root()); $hash = random_string(); diff --git a/mod/salmon.php b/mod/salmon.php index 56ac071b0..0264e820d 100644 --- a/mod/salmon.php +++ b/mod/salmon.php @@ -5,6 +5,7 @@ // complicated process to try and sort out. require_once('include/salmon.php'); +require_once('include/crypto.php'); require_once('library/simplepie/simplepie.inc'); function salmon_return($val) { @@ -33,7 +34,7 @@ function salmon_post(&$a) { dbesc($nick) ); if(! count($r)) - salmon_return(500); + http_status_exit(500); $importer = $r[0]; @@ -52,7 +53,7 @@ function salmon_post(&$a) { if(! $base) { logger('mod-salmon: unable to locate salmon data in xml '); - salmon_return(400); + http_status_exit(400); } // Stash the signature away for now. We have to find their key or it won't be good for anything. @@ -72,12 +73,16 @@ function salmon_post(&$a) { $encoding = $base->encoding; $alg = $base->alg; - // If we're talking to status.net or one of their ilk, they aren't following the magic envelope spec - // and only signed the data element. We'll be nice and let them validate anyway. + // Salmon magic signatures have evolved and there is no way of knowing ahead of time which + // flavour we have. We'll try and verify it regardless. $stnet_signed_data = $data; + $signed_data = $data . '.' . base64url_encode($type) . '.' . base64url_encode($encoding) . '.' . base64url_encode($alg); + $compliant_format = str_replace('=','',$signed_data); + + // decode the data $data = base64url_decode($data); @@ -113,7 +118,7 @@ function salmon_post(&$a) { if(! $author_link) { logger('mod-salmon: Could not retrieve author URI.'); - salmon_return(400); + http_status_exit(400); } // Once we have the author URI, go to the web and try to find their public key @@ -125,44 +130,35 @@ function salmon_post(&$a) { if(! $key) { logger('mod-salmon: Could not retrieve author key.'); - salmon_return(400); + http_status_exit(400); } - // Setup RSA stuff to verify the signature - - set_include_path(get_include_path() . PATH_SEPARATOR . 'library/phpsec'); - - require_once('library/phpsec/Crypt/RSA.php'); - $key_info = explode('.',$key); $m = base64url_decode($key_info[1]); $e = base64url_decode($key_info[2]); - logger('mod-salmon: key details: ' . print_r($key_info,true)); - - $rsa = new CRYPT_RSA(); - $rsa->signatureMode = CRYPT_RSA_SIGNATURE_PKCS1; - $rsa->setHash('sha256'); + logger('mod-salmon: key details: ' . print_r($key_info,true), LOGGER_DEBUG); - $rsa->modulus = new Math_BigInteger($m, 256); - $rsa->k = strlen($rsa->modulus->toBytes()); - $rsa->exponent = new Math_BigInteger($e, 256); + $pubkey = metopem($m,$e); // We should have everything we need now. Let's see if it verifies. - // If it fails with the proper data format, try again using just the data - // (e.g. status.net) - $verify = $rsa->verify($signed_data,$signature); + $verify = rsa_verify($compliant_format,$signature,$pubkey); + + if(! $verify) { + logger('mod-salmon: message did not verify using protocol. Trying padding hack.'); + $verify = rsa_verify($signed_data,$signature,$pubkey); + } if(! $verify) { - logger('mod-salmon: message did not verify using protocol. Trying statusnet hack.'); - $verify = $rsa->verify($stnet_signed_data,$signature); + logger('mod-salmon: message did not verify using padding. Trying old statusnet hack.'); + $verify = rsa_verify($stnet_signed_data,$signature,$pubkey); } if(! $verify) { logger('mod-salmon: Message did not verify. Discarding.'); - salmon_return(400); + http_status_exit(400); } logger('mod-salmon: Message verified.'); @@ -187,9 +183,9 @@ function salmon_post(&$a) { // is this a follower? Or have we ignored the person? // If so we can not accept this post. - if((count($r)) && (($r[0]['readonly']) || ($r[0]['rel'] == REL_VIP) || ($r[0]['blocked']))) { + if((count($r)) && (($r[0]['readonly']) || ($r[0]['rel'] == CONTACT_IS_FOLLOWER) || ($r[0]['blocked']))) { logger('mod-salmon: Ignoring this author.'); - salmon_return(202); + http_status_exit(202); // NOTREACHED } @@ -211,7 +207,7 @@ function salmon_post(&$a) { consume_feed($feedxml,$importer,$contact_rec,$hub); - salmon_return(200); + http_status_exit(200); } diff --git a/mod/search.php b/mod/search.php index 9b465c0e5..88ff9bbb7 100644 --- a/mod/search.php +++ b/mod/search.php @@ -91,6 +91,7 @@ function search_content(&$a) { $o .= conversation($a,$r,'search',false); $o .= paginate($a); + $o .= cc_license(); return $o; } diff --git a/mod/wall_attach.php b/mod/wall_attach.php index f18fd10b7..ef6554df3 100644 --- a/mod/wall_attach.php +++ b/mod/wall_attach.php @@ -60,11 +60,11 @@ function wall_attach_post(&$a) { } $filedata = @file_get_contents($src); - - $mimetype = mime_content_type($src); + $mimetype = z_mime_content_type($filename); + if((! strlen($mimetype)) || ($mimetype === 'application/octet-stream') && function_exists('mime_content_type')) + $mimetype = mime_content_type($filename); $hash = random_string(); $created = datetime_convert(); - $r = q("INSERT INTO `attach` ( `uid`, `hash`, `filename`, `filetype`, `filesize`, `data`, `created`, `edited`, `allow_cid`, `allow_gid`,`deny_cid`, `deny_gid` ) VALUES ( %d, '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ", intval($page_owner_uid), diff --git a/mod/webfinger.php b/mod/webfinger.php index f6d6026b4..74bd2c954 100644 --- a/mod/webfinger.php +++ b/mod/webfinger.php @@ -23,4 +23,4 @@ function webfinger_content(&$a) { $o .= '</pre>'; } return $o; -}
\ No newline at end of file +} diff --git a/mod/xrd.php b/mod/xrd.php index accc2f68e..fcec74336 100644 --- a/mod/xrd.php +++ b/mod/xrd.php @@ -1,8 +1,8 @@ <?php -require_once('salmon.php'); +require_once('include/crypto.php'); -function xrd_content(&$a) { +function xrd_init(&$a) { $uri = urldecode(notags(trim($_GET['uri']))); @@ -27,25 +27,23 @@ function xrd_content(&$a) { header('Access-Control-Allow-Origin: *'); header("Content-type: text/xml"); - $dspr_enabled = get_config('system','diaspora_enabled'); - - if($dspr_enabled) { + if(get_config('system','diaspora_enabled')) { $tpl = file_get_contents('view/xrd_diaspora.tpl'); $dspr = replace_macros($tpl,array( '$baseurl' => $a->get_baseurl(), '$dspr_guid' => $r[0]['guid'], - '$dspr_key' => base64_encode($r[0]['pubkey']) + '$dspr_key' => base64_encode(pemtorsa($r[0]['pubkey'])) )); } else $dspr = ''; - $tpl = file_get_contents('view/xrd_person.tpl'); $o = replace_macros($tpl, array( '$accturi' => $uri, '$profile_url' => $a->get_baseurl() . '/profile/' . $r[0]['nickname'], + '$hcard_url' => $a->get_baseurl() . '/hcard/' . $r[0]['nickname'], '$atom' => $a->get_baseurl() . '/dfrn_poll/' . $r[0]['nickname'], '$photo' => $a->get_baseurl() . '/photo/profile/' . $r[0]['uid'] . '.jpg', '$dspr' => $dspr, @@ -58,7 +56,7 @@ function xrd_content(&$a) { $arr = array('user' => $r[0], 'xml' => $o); call_hooks('personal_xrd', $arr); - echo $o; + echo $arr['xml']; killme(); } |