diff options
Diffstat (limited to 'mod')
| -rw-r--r-- | mod/_well_known.php | 5 | ||||
| -rw-r--r-- | mod/connections.php | 2 | ||||
| -rw-r--r-- | mod/editpost.php | 10 | ||||
| -rw-r--r-- | mod/editwebpage.php | 53 | ||||
| -rwxr-xr-x | mod/events.php | 2 | ||||
| -rw-r--r-- | mod/invite.php | 47 | ||||
| -rw-r--r-- | mod/item.php | 60 | ||||
| -rwxr-xr-x | mod/mood.php | 3 | ||||
| -rw-r--r-- | mod/settings.php | 4 | ||||
| -rw-r--r-- | mod/webpages.php | 6 | ||||
| -rw-r--r-- | mod/zotfeed.php | 2 |
11 files changed, 143 insertions, 51 deletions
diff --git a/mod/_well_known.php b/mod/_well_known.php index 184f75593..6e77336c3 100644 --- a/mod/_well_known.php +++ b/mod/_well_known.php @@ -4,11 +4,6 @@ function _well_known_init(&$a){ if(argc() > 1) {
switch(argv(1)) {
- case "host-meta":
- require_once('mod/hostxrd.php');
- hostxrd_init($a);
- break;
-
case 'zot-info':
$a->argc -= 1;
array_shift($a->argv);
diff --git a/mod/connections.php b/mod/connections.php index 88291ba8d..9321676c5 100644 --- a/mod/connections.php +++ b/mod/connections.php @@ -159,7 +159,6 @@ function connections_content(&$a) { $sort_type = 0; $o = ''; - nav_set_selected('connections'); if(! local_user()) { @@ -511,6 +510,7 @@ function connections_content(&$a) { $search_flags = ABOOK_FLAG_PENDING; $head = t('New'); $pending = true; + nav_set_selected('intros'); break; case 'all': diff --git a/mod/editpost.php b/mod/editpost.php index af6f741c6..e36e0ea5a 100644 --- a/mod/editpost.php +++ b/mod/editpost.php @@ -1,6 +1,7 @@ <?php require_once('acl_selectors.php'); +require_once('include/crypto.php'); function editpost_content(&$a) { @@ -47,6 +48,15 @@ function editpost_content(&$a) { )); + + if($itm[0]['item_flags'] & ITEM_OBSCURED) { + $key = get_config('system','prvkey'); + if($itm[0]['title']) + $itm[0]['title'] = aes_unencapsulate(json_decode($itm[0]['title'],true),$key); + if($itm[0]['body']) + $itm[0]['body'] = aes_unencapsulate(json_decode($itm[0]['body'],true),$key); + } + $tpl = get_markup_template("jot.tpl"); $jotplugins = ''; diff --git a/mod/editwebpage.php b/mod/editwebpage.php index d15d9f364..c7323a7f7 100644 --- a/mod/editwebpage.php +++ b/mod/editwebpage.php @@ -5,26 +5,50 @@ require_once('acl_selectors.php'); function editwebpage_content(&$a) { +// We first need to figure out who owns the webpage, grab it from an argument + $which = argv(1); + +// $a->get_channel() and stuff don't work here, so we've got to find the owner for ourselves. + $owner = q("select channel_id from channel where channel_address = '%s'", + dbesc($which) + ); + + + if((local_user()) && (argc() > 2) && (argv(2) === 'view')) { + $which = $channel['channel_address']; + } + + $o = ''; - // We can do better, but for now, editing only works for your own pages, so... - if(! local_user()) { - notice( t('Permission denied.') . EOL); - return; - } - $post_id = ((argc() > 1) ? intval(argv(1)) : 0); +// Figure out which post we're editing + $post_id = ((argc() > 2) ? intval(argv(2)) : 0); + if(! $post_id) { notice( t('Item not found') . EOL); return; } - // uid and author_xchan alone should be enough - but it doesn't seem to be any more expensive to use both, so keep it in case of edge cases - $itm = q("SELECT * FROM `item` WHERE `id` = %d and uid = %s and author_xchan = '%s' LIMIT 1", +// Now we've got a post and an owner, let's find out if we're allowed to edit it + + $observer = $a->get_observer(); + $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); + + $perms = get_all_perms($owner,$ob_hash); + + if(! $perms['write_pages']) { + notice( t('Permission denied.') . EOL); + return; + } + + + +// We've already figured out which item we want and whose copy we need, so we don't need anything fancy here + $itm = q("SELECT * FROM `item` WHERE `id` = %d and uid = %s LIMIT 1", intval($post_id), - intval(local_user()), - dbesc(get_observer_hash()) + intval($owner) ); @@ -61,9 +85,14 @@ function editwebpage_content(&$a) { //$tpl = replace_macros($tpl,array('$jotplugins' => $jotplugins)); +//FIXME A return path with $_SESSION doesn't work for observer (at least, not here it doesn't). It'll WSoD instead of loading a sensible page. So, send folk +//back to the channel address until somebody figures out how to fix it - we can't send them back to webpages, because that could leak private pages they can't see +//when ACL is done. + + $rp = 'channel' . '/' . $which; $o .= replace_macros($tpl,array( - '$return_path' => $_SESSION['return_url'], + '$return_path' => $rp, '$action' => 'item', '$share' => t('Edit'), '$upload' => t('Upload photo'), @@ -93,7 +122,7 @@ function editwebpage_content(&$a) { '$lockstate' => $lockstate, '$acl' => '', '$bang' => '', - '$profile_uid' => local_user(), + '$profile_uid' => (intval($owner)), '$preview' => ((feature_enabled(local_user(),'preview')) ? t('Preview') : ''), '$jotplugins' => $jotplugins, '$sourceapp' => t($a->sourcename), diff --git a/mod/events.php b/mod/events.php index 44f7522ad..f43a99cba 100755 --- a/mod/events.php +++ b/mod/events.php @@ -135,6 +135,8 @@ function events_content(&$a) { return; } + nav_set_selected('all_events'); + if((argc() > 2) && (argv(1) === 'ignore') && intval(argv(2))) { $r = q("update event set ignore = 1 where id = %d and uid = %d limit 1", intval(argv(2)), diff --git a/mod/invite.php b/mod/invite.php index cb8d4c6eb..cb8cd1f63 100644 --- a/mod/invite.php +++ b/mod/invite.php @@ -68,9 +68,12 @@ function invite_post(&$a) { else $nmessage = $message; + $account = $a->get_account(); + + $res = mail($recip, sprintf( t('Please join us on Red'), $a->config['sitename']), $nmessage, - "From: " . $a->user['email'] . "\n" + "From: " . $account['account_email'] . "\n" . 'Content-type: text/plain; charset=UTF-8' . "\n" . 'Content-transfer-encoding: 8bit' ); @@ -112,29 +115,41 @@ function invite_content(&$a) { } } - $dirloc = get_config('system','directory_submit_url'); - if(strlen($dirloc)) { - if($a->config['system']['register_policy'] == REGISTER_CLOSED) - $linktxt = sprintf( t('Visit %s for a list of public sites that you can join. Friendica members on other sites can all connect with each other, as well as with members of many other social networks.'), dirname($dirloc) . '/siteinfo'); - elseif($a->config['system']['register_policy'] != REGISTER_CLOSED) - $linktxt = sprintf( t('To accept this invitation, please visit and register at %s or any other public Friendica website.'), $a->get_baseurl()) - . "\r\n" . "\r\n" . sprintf( t('Friendica sites all inter-connect to create a huge privacy-enhanced social web that is owned and controlled by its members. They can also connect with many traditional social networks. See %s for a list of alternate Friendica sites you can join.'),dirname($dirloc) . '/siteinfo'); - } - else { - $o = t('Our apologies. This system is not currently configured to connect with other public sites or invite members.'); +// $dirloc = get_config('system','directory_submit_url'); +// if(strlen($dirloc)) { +// if($a->config['system']['register_policy'] == REGISTER_CLOSED) +// $linktxt = sprintf( t('Visit %s for a list of public sites that you can join. Friendica members on other sites can all connect with each other, as well as with members of many other social networks.'), dirname($dirloc) . '/siteinfo'); +// elseif($a->config['system']['register_policy'] != REGISTER_CLOSED) +// $linktxt = sprintf( t('To accept this invitation, please visit and register at %s or any other public Friendica website.'), $a->get_baseurl()) +// . "\r\n" . "\r\n" . sprintf( t('Friendica sites all inter-connect to create a huge privacy-enhanced social web that is owned and controlled by its members. They can also connect with many traditional social networks. See %s for a list of alternate Friendica sites you can join.'),dirname($dirloc) . '/siteinfo'); +// } +// else { +// $o = t('Our apologies. This system is not currently configured to connect with other public sites or invite members.'); +// return $o; +// } + + $ob = $a->get_observer(); + if(! $ob) return $o; - } + + $channel = $a->get_channel(); $o = replace_macros($tpl, array( '$form_security_token' => get_form_security_token("send_invite"), '$invite' => t('Send invitations'), '$addr_text' => t('Enter email addresses, one per line:'), '$msg_text' => t('Your message:'), - '$default_message' => t('You are cordially invited to join me and other close friends on Friendica - and help us to create a better social web.') . "\r\n" . "\r\n" + '$default_message' => t('You are cordially invited to join me and some other close friends on the Red Matrix - a revolutionary new decentralised social and information tool.') . "\r\n" . "\r\n" . $linktxt - . "\r\n" . "\r\n" . (($invonly) ? t('You will need to supply this invitation code: $invite_code') . "\r\n" . "\r\n" : '') .t('Once you have registered, please connect with me via my profile page at:') - . "\r\n" . "\r\n" . $a->get_baseurl() . '/channel/' . $a->user['nickname'] - . "\r\n" . "\r\n" . t('For more information about the Friendica project and why we feel it is important, please visit http://friendica.com') . "\r\n" . "\r\n" , + . (($invonly) ? "\r\n" . "\r\n" . t('You will need to supply this invitation code: $invite_code') . "\r\n" . "\r\n" : '') + + . t('Please visit my channel at') + . "\r\n" . "\r\n" + . z_root() . "/channel/" . $channel['channel_address'] + . "\r\n" . "\r\n" + . t('Once you have registered, please connect with my Red Matrix channel address:') + . "\r\n" . "\r\n" . $ob['xchan_addr'] + . "\r\n" . "\r\n" . t('For more information about the Red Matrix Project and why it has the potential to change the internet as we know it, please visit http://getzot.com') . "\r\n" . "\r\n" , '$submit' => t('Submit') )); diff --git a/mod/item.php b/mod/item.php index c504c77e1..dc8ee5015 100644 --- a/mod/item.php +++ b/mod/item.php @@ -44,7 +44,7 @@ function item_post(&$a) { call_hooks('post_local_start', $_REQUEST); - logger('postvars ' . print_r($_REQUEST,true), LOGGER_DATA); +// logger('postvars ' . print_r($_REQUEST,true), LOGGER_DATA); $api_source = ((x($_REQUEST,'api_source') && $_REQUEST['api_source']) ? true : false); @@ -130,14 +130,15 @@ function item_post(&$a) { //if(($parid) && ($parid != $parent)) $thr_parent = $parent_mid; - if($parent_item['contact-id'] && $uid) { - $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", - intval($parent_item['contact-id']), - intval($uid) - ); - if(count($r)) - $parent_contact = $r[0]; - } +// if($parent_item['contact-id'] && $uid) { +// $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", +// intval($parent_item['contact-id']), +// intval($uid) +// ); +// if(count($r)) +// $parent_contact = $r[0]; +// } + } if($parent) { @@ -203,6 +204,10 @@ function item_post(&$a) { goaway($a->get_baseurl() . "/" . $return_path ); killme(); } + + if($observer) { + logger('mod_item: post accepted from ' . $observer['xchan_name'] . ' for ' . $owner_xchan['xchan_name'], LOGGER_DEBUG); + } if($orig_post) { @@ -333,8 +338,6 @@ function item_post(&$a) { $body .= "\n\n@group+" . $x[0]['abook_id'] . "\n"; } - - /** * fix naked links by passing through a callback to see if this is a red site * (already known to us) which will get a zrl, otherwise link with url @@ -580,6 +583,22 @@ function item_post(&$a) { } + if(mb_strlen($datarray['title']) > 255) + $datarray['title'] = mb_substr($datarray['title'],0,255); + + if(array_key_exists('item_private',$datarray) && $datarray['item_private']) { + logger('Encrypting local storage'); + $key = get_config('system','pubkey'); + $datarray['item_flags'] = $datarray['item_flags'] | ITEM_OBSCURED; + if($datarray['title']) + $datarray['title'] = json_encode(aes_encapsulate($datarray['title'],$key)); + if($datarray['body']) + $datarray['body'] = json_encode(aes_encapsulate($datarray['body'],$key)); + } + + + + if($orig_post) { $r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `attach` = '%s', `edited` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1", dbesc($datarray['title']), @@ -602,6 +621,23 @@ function item_post(&$a) { ); + if(count($post_tags)) { + foreach($post_tags as $tag) { + if(strlen(trim($tag['term']))) { + q("insert into term (uid,oid,otype,type,term,url) values (%d,%d,%d,%d,'%s','%s')", + intval($tag['uid']), + intval($post_id), + intval($tag['otype']), + intval($tag['type']), + dbesc(trim($tag['term'])), + dbesc(trim($tag['url'])) + ); + } + } + } + + + proc_run('php', "include/notifier.php", 'edit_post', $post_id); if((x($_REQUEST,'return')) && strlen($return_path)) { logger('return: ' . $return_path); @@ -648,7 +684,7 @@ function item_post(&$a) { dbesc($parent_item['allow_gid']), dbesc($parent_item['deny_cid']), dbesc($parent_item['deny_gid']), - intval($parent_item['private']), + intval($parent_item['item_private']), intval($post_id) ); diff --git a/mod/mood.php b/mod/mood.php index 0c611997c..7b6a0c392 100755 --- a/mod/mood.php +++ b/mod/mood.php @@ -38,7 +38,7 @@ function mood_init(&$a) { ); if(count($r)) { $parent_mid = $r[0]['mid']; - $private = $r[0]['private']; + $private = $r[0]['item_private']; $allow_cid = $r[0]['allow_cid']; $allow_gid = $r[0]['allow_gid']; $deny_cid = $r[0]['deny_cid']; @@ -80,6 +80,7 @@ function mood_init(&$a) { $arr['allow_gid'] = $allow_gid; $arr['deny_cid'] = $deny_cid; $arr['deny_gid'] = $deny_gid; + $arr['item_private'] = $private; $arr['verb'] = $activity; $arr['body'] = $action; diff --git a/mod/settings.php b/mod/settings.php index 6ab036437..0cca41810 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -336,6 +336,7 @@ function settings_post(&$a) { $expire_network_only = ((x($_POST,'expire_network_only'))? intval($_POST['expire_network_only']) : 0); $allow_location = (((x($_POST,'allow_location')) && (intval($_POST['allow_location']) == 1)) ? 1: 0); + $publish = (((x($_POST,'profile_in_directory')) && (intval($_POST['profile_in_directory']) == 1)) ? 1: 0); $page_flags = (((x($_POST,'page-flags')) && (intval($_POST['page-flags']))) ? intval($_POST['page-flags']) : 0); $blockwall = (((x($_POST,'blockwall')) && (intval($_POST['blockwall']) == 1)) ? 0: 1); // this setting is inverted! @@ -460,6 +461,7 @@ function settings_post(&$a) { set_pconfig(local_user(),'system','post_profilechange', $post_profilechange); set_pconfig(local_user(),'system','blocktags',$blocktags); + /* if($page_flags == PAGE_PRVGROUP) { $hidewall = 1; @@ -1017,7 +1019,7 @@ function settings_content(&$a) { '$email' => array('email', t('Email Address:'), $email, ''), '$timezone' => array('timezone_select' , t('Your Timezone:'), select_timezone($timezone), ''), '$defloc' => array('defloc', t('Default Post Location:'), $defloc, ''), - '$allowloc' => array('allow_location', t('Use Browser Location:'), (intval(get_pconfig(local_user(),'system','use_browser_location')) == 1), ''), + '$allowloc' => array('allow_location', t('Use Browser Location:'), ((get_pconfig(local_user(),'system','use_browser_location')) ? 1 : ''), ''), '$h_prv' => t('Security and Privacy Settings'), diff --git a/mod/webpages.php b/mod/webpages.php index cf6a99d1e..f2026ea0b 100644 --- a/mod/webpages.php +++ b/mod/webpages.php @@ -60,10 +60,12 @@ $r = q("select * from item_id where uid = %d and service = 'WEBPAGE'", } - +//Build the base URL for edit links + $url = z_root() . "/editwebpage/" . $a->profile['channel_address']; // This isn't pretty, but it works. Until I figure out what to do with the UI, it's Good Enough(TM). return $o . replace_macros(get_markup_template("webpagelist.tpl"), array( - '$editlink' => t('Edit'), + '$baseurl' => $url, + '$edit' => t('Edit'), '$pages' => $pages, '$channel' => $a->profile['channel_address'], '$view' => t('View'), diff --git a/mod/zotfeed.php b/mod/zotfeed.php index 76a860139..2ca049563 100644 --- a/mod/zotfeed.php +++ b/mod/zotfeed.php @@ -9,7 +9,7 @@ function zotfeed_init(&$a) { $mindate = (($_REQUEST['mindate']) ? datetime_convert('UTC','UTC',$_REQUEST['mindate']) : ''); if(! $mindate) - $mindate = '0000-00-00 00:00:00'; + $mindate = datetime_convert('UTC','UTC', 'now - 1 month'); if(get_config('system','block_public') && (! get_account_id()) && (! remote_user())) { $result['message'] = 'Public access denied'; |