From 8892568652c2fc56e39611660d9bec4770c4354b Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sat, 13 Jan 2018 12:24:55 -0800 Subject: improve owa logging --- Zotlabs/Module/Owa.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php index 9a39fe4c0..8764a33ee 100644 --- a/Zotlabs/Module/Owa.php +++ b/Zotlabs/Module/Owa.php @@ -38,14 +38,18 @@ class Owa extends \Zotlabs\Web\Controller { foreach($r as $hubloc) { $verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']); if($verified && $verified['header_signed'] && $verified['header_valid']) { + logger('OWA success: ' . $hubloc['hubloc_addr'],LOGGER_DATA); $ret['success'] = true; $token = random_string(32); - \Zotlabs\Zot\Verify::create('owt',0,$token,$r[0]['hubloc_addr']); + \Zotlabs\Zot\Verify::create('owt',0,$token,$hubloc['hubloc_addr']); $result = ''; openssl_public_encrypt($token,$result,$hubloc['xchan_pubkey']); $ret['encrypted_token'] = base64url_encode($result); break; } + else { + logger('OWA fail: ' . $hubloc['hubloc_id'] . ' ' . $hubloc['hubloc_addr']); + } } } } -- cgit v1.2.3 From 08bea83c032675e93c789070e681aab212c1d2a4 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sat, 13 Jan 2018 13:45:33 -0800 Subject: unexpected openssl result --- Zotlabs/Module/Owa.php | 1 + Zotlabs/Web/HTTPSig.php | 2 +- include/crypto.php | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php index 8764a33ee..537489687 100644 --- a/Zotlabs/Module/Owa.php +++ b/Zotlabs/Module/Owa.php @@ -38,6 +38,7 @@ class Owa extends \Zotlabs\Web\Controller { foreach($r as $hubloc) { $verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']); if($verified && $verified['header_signed'] && $verified['header_valid']) { + logger('OWA header: ' . print_r($verified,true)); logger('OWA success: ' . $hubloc['hubloc_addr'],LOGGER_DATA); $ret['success'] = true; $token = random_string(32); diff --git a/Zotlabs/Web/HTTPSig.php b/Zotlabs/Web/HTTPSig.php index 9a8c23a9b..9a6c3cd39 100644 --- a/Zotlabs/Web/HTTPSig.php +++ b/Zotlabs/Web/HTTPSig.php @@ -117,7 +117,7 @@ class HTTPSig { logger('verified: ' . $x, LOGGER_DEBUG); - if($x === false) + if(! intval($x)) return $result; if(! $spoofable) diff --git a/include/crypto.php b/include/crypto.php index 622add4dc..ab10edb03 100644 --- a/include/crypto.php +++ b/include/crypto.php @@ -28,7 +28,7 @@ function rsa_verify($data,$sig,$key,$alg = 'sha256') { btlogger('openssl_verify: key: ' . $key, LOGGER_DEBUG, LOG_ERR); } - return $verify; + return (intval($verify) > 0 ? 1 : 0); } function pkcs5_pad ($text, $blocksize) -- cgit v1.2.3 From eb3e43feec4e2de439de5398fcf498c0de5afbd4 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sat, 13 Jan 2018 14:08:15 -0800 Subject: cleanup of last fix --- Zotlabs/Module/Owa.php | 2 +- Zotlabs/Web/HTTPSig.php | 2 +- include/crypto.php | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php index 537489687..23ee14f39 100644 --- a/Zotlabs/Module/Owa.php +++ b/Zotlabs/Module/Owa.php @@ -38,7 +38,7 @@ class Owa extends \Zotlabs\Web\Controller { foreach($r as $hubloc) { $verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']); if($verified && $verified['header_signed'] && $verified['header_valid']) { - logger('OWA header: ' . print_r($verified,true)); + logger('OWA header: ' . print_r($verified,true),LOGGER_DATA); logger('OWA success: ' . $hubloc['hubloc_addr'],LOGGER_DATA); $ret['success'] = true; $token = random_string(32); diff --git a/Zotlabs/Web/HTTPSig.php b/Zotlabs/Web/HTTPSig.php index 9a6c3cd39..63033ce5e 100644 --- a/Zotlabs/Web/HTTPSig.php +++ b/Zotlabs/Web/HTTPSig.php @@ -117,7 +117,7 @@ class HTTPSig { logger('verified: ' . $x, LOGGER_DEBUG); - if(! intval($x)) + if(! $x) return $result; if(! $spoofable) diff --git a/include/crypto.php b/include/crypto.php index ab10edb03..b990b18d9 100644 --- a/include/crypto.php +++ b/include/crypto.php @@ -22,13 +22,13 @@ function rsa_verify($data,$sig,$key,$alg = 'sha256') { $alg = OPENSSL_ALGO_SHA256; $verify = @openssl_verify($data,$sig,$key,$alg); - if(! $verify) { + if($verify === (-1)) { while($msg = openssl_error_string()) logger('openssl_verify: ' . $msg,LOGGER_NORMAL,LOG_ERR); btlogger('openssl_verify: key: ' . $key, LOGGER_DEBUG, LOG_ERR); } - return (intval($verify) > 0 ? 1 : 0); + return (($verify > 0) ? true : false); } function pkcs5_pad ($text, $blocksize) -- cgit v1.2.3 From ef11b3eb2bea74f0714402256e677fe7835c43ab Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Sun, 14 Jan 2018 15:02:43 -0500 Subject: Added minimum registration age to /admin/site settings page --- Zotlabs/Module/Admin/Site.php | 4 +++- view/tpl/admin_site.tpl | 1 + 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/Zotlabs/Module/Admin/Site.php b/Zotlabs/Module/Admin/Site.php index 50756c654..60cb39277 100644 --- a/Zotlabs/Module/Admin/Site.php +++ b/Zotlabs/Module/Admin/Site.php @@ -29,7 +29,7 @@ class Site { $maximagesize = ((x($_POST,'maximagesize')) ? intval(trim($_POST['maximagesize'])) : 0); $register_policy = ((x($_POST,'register_policy')) ? intval(trim($_POST['register_policy'])) : 0); - + $minimum_age = ((x($_POST,'minimum_age')) ? intval(trim($_POST['minimum_age'])) : 13); $access_policy = ((x($_POST,'access_policy')) ? intval(trim($_POST['access_policy'])) : 0); $invite_only = ((x($_POST,'invite_only')) ? True : False); $abandon_days = ((x($_POST,'abandon_days')) ? intval(trim($_POST['abandon_days'])) : 0); @@ -127,6 +127,7 @@ class Site { set_config('system','maximagesize', $maximagesize); set_config('system','register_policy', $register_policy); + set_config('system','minimum_age', $minimum_age); set_config('system','invitation_only', $invite_only); set_config('system','access_policy', $access_policy); set_config('system','account_abandon_days', $abandon_days); @@ -303,6 +304,7 @@ class Site { '$maximagesize' => array('maximagesize', t("Maximum image size"), intval(get_config('system','maximagesize')), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")), '$register_policy' => array('register_policy', t("Does this site allow new member registration?"), get_config('system','register_policy'), "", $register_choices), '$invite_only' => array('invite_only', t("Invitation only"), get_config('system','invitation_only'), t("Only allow new member registrations with an invitation code. Above register policy must be set to Yes.")), + '$minimum_age' => array('minimum_age', t("Minimum age"), (x(get_config('system','minimum_age'))?get_config('system','minimum_age'):13), t("Minimum age (in years) for who may register on this site.")), '$access_policy' => array('access_policy', t("Which best describes the types of account offered by this hub?"), get_config('system','access_policy'), "This is displayed on the public server site list.", $access_choices), '$register_text' => array('register_text', t("Register text"), htmlspecialchars(get_config('system','register_text'), ENT_QUOTES, 'UTF-8'), t("Will be displayed prominently on the registration page.")), '$frontpage' => array('frontpage', t("Site homepage to show visitors (default: login box)"), get_config('system','frontpage'), t("example: 'public' to show public stream, 'page/sys/home' to show a system webpage called 'home' or 'include:home.html' to include a file.")), diff --git a/view/tpl/admin_site.tpl b/view/tpl/admin_site.tpl index 2b4e8c9f9..97c14b6e3 100755 --- a/view/tpl/admin_site.tpl +++ b/view/tpl/admin_site.tpl @@ -70,6 +70,7 @@ {{include file="field_input.tpl" field=$register_text}} {{include file="field_select.tpl" field=$register_policy}} {{include file="field_checkbox.tpl" field=$invite_only}} + {{include file="field_input.tpl" field=$minimum_age}} {{include file="field_select.tpl" field=$access_policy}} {{include file="field_input.tpl" field=$location}} {{include file="field_input.tpl" field=$sellpage}} -- cgit v1.2.3 From f0faa7f9b06481200c21459f9c53db457b7941b3 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sun, 14 Jan 2018 16:45:33 -0800 Subject: support tables in markdown posts/comments (but not table alignment); and do not support iframes from html source. --- include/html2bbcode.php | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/include/html2bbcode.php b/include/html2bbcode.php index f67231847..4166299db 100644 --- a/include/html2bbcode.php +++ b/include/html2bbcode.php @@ -188,13 +188,14 @@ function html2bbcode($message) node2bbcode($doc, 'hr', array(), "[hr]", ""); - node2bbcode($doc, 'table', array(), "", ""); - node2bbcode($doc, 'tr', array(), "\n", ""); - node2bbcode($doc, 'td', array(), "\t", ""); - //node2bbcode($doc, 'table', array(), "[table]", "[/table]"); - //node2bbcode($doc, 'th', array(), "[th]", "[/th]"); - //node2bbcode($doc, 'tr', array(), "[tr]", "[/tr]"); - //node2bbcode($doc, 'td', array(), "[td]", "[/td]"); +// node2bbcode($doc, 'table', array(), "", ""); +// node2bbcode($doc, 'tr', array(), "\n", ""); +// node2bbcode($doc, 'td', array(), "\t", ""); + + node2bbcode($doc, 'table', array(), "[table]", "[/table]"); + node2bbcode($doc, 'th', array(), "[th]", "[/th]"); + node2bbcode($doc, 'tr', array(), "[tr]", "[/tr]"); + node2bbcode($doc, 'td', array(), "[td]", "[/td]"); node2bbcode($doc, 'h1', array(), "\n\n[h1]", "[/h1]\n"); node2bbcode($doc, 'h2', array(), "\n\n[h2]", "[/h2]\n"); @@ -211,7 +212,7 @@ function html2bbcode($message) node2bbcode($doc, 'video', array('src'=>'/(.+)/'), '[video]$1', '[/video]'); node2bbcode($doc, 'audio', array('src'=>'/(.+)/'), '[audio]$1', '[/audio]'); - node2bbcode($doc, 'iframe', array('src'=>'/(.+)/'), '[iframe]$1', '[/iframe]'); +// node2bbcode($doc, 'iframe', array('src'=>'/(.+)/'), '[iframe]$1', '[/iframe]'); node2bbcode($doc, 'code', array(), '[code]', '[/code]'); -- cgit v1.2.3 From 91db66b32d2c469a6d0292712666614b48b4c62e Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sun, 14 Jan 2018 18:22:58 -0800 Subject: move markdown-in-posts/comments feature to plugin --- Zotlabs/Module/Item.php | 14 ++++++-------- include/features.php | 15 ++++----------- 2 files changed, 10 insertions(+), 19 deletions(-) diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php index 6365230f8..ad829137a 100644 --- a/Zotlabs/Module/Item.php +++ b/Zotlabs/Module/Item.php @@ -504,7 +504,12 @@ class Item extends \Zotlabs\Web\Controller { $body = z_input_filter($body,$mimetype,$execflag); } - // Verify ability to use html or php!!! + + $arr = [ 'profile_uid' => $profile_uid, 'content' => $body, 'mimetype' => $mimetype ]; + call_hooks('post_content',$arr); + $body = $arr['content']; + $mimetype = $arr['mimetype']; + $gacl = $acl->get(); $str_contact_allow = $gacl['allow_cid']; @@ -516,13 +521,6 @@ class Item extends \Zotlabs\Web\Controller { require_once('include/text.php'); - if($uid && $uid == $profile_uid && feature_enabled($uid,'markdown')) { - require_once('include/markdown.php'); - $body = preg_replace_callback('/\[share(.*?)\]/ism','\share_shield',$body); - $body = markdown_to_bb($body,true,['preserve_lf' => true]); - $body = preg_replace_callback('/\[share(.*?)\]/ism','\share_unshield',$body); - - } // BBCODE alert: the following functions assume bbcode input // and will require alternatives for alternative content-types (text/html, text/markdown, text/plain, etc.) diff --git a/include/features.php b/include/features.php index 8601ff79e..69eeed3e8 100644 --- a/include/features.php +++ b/include/features.php @@ -373,15 +373,6 @@ function get_features($filtered = true) { t('Post/Comment Tools'), - [ - 'markdown', - t('Markdown'), - t('Use markdown for editing posts'), - false, - get_config('feature_lock','markdown'), - feature_level('markdown',2), - ], - [ 'commtag', t('Community Tagging'), @@ -490,6 +481,8 @@ function get_features($filtered = true) { else { $narr = $arr; } - call_hooks('get_features',$narr); - return $narr; + + $x = [ 'features' => $narr, 'filtered' => $filtered, 'techlevel' => $techlevel ]; + call_hooks('get_features',$x); + return $x['features']; } -- cgit v1.2.3 From 746ea5a3691a67ceb176352e8b6fcfe0f2dc99d6 Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Mon, 15 Jan 2018 11:34:42 +0100 Subject: fix some regressions with permission roles --- Zotlabs/Module/Connedit.php | 2 +- Zotlabs/Module/Defperms.php | 2 +- view/js/mod_connedit.js | 4 ++-- view/js/mod_defperms.js | 4 ++-- view/js/mod_settings.js | 4 ++-- view/tpl/abook_edit.tpl | 1 - view/tpl/defperms.tpl | 1 - 7 files changed, 8 insertions(+), 10 deletions(-) diff --git a/Zotlabs/Module/Connedit.php b/Zotlabs/Module/Connedit.php index e0511b0d3..8288886cd 100644 --- a/Zotlabs/Module/Connedit.php +++ b/Zotlabs/Module/Connedit.php @@ -866,7 +866,7 @@ class Connedit extends \Zotlabs\Web\Controller { $o .= replace_macros($tpl, [ '$header' => (($self) ? t('Connection Default Permissions') : sprintf( t('Connection: %s'),$contact['xchan_name'])), '$autoperms' => array('autoperms',t('Apply these permissions automatically'), ((get_pconfig(local_channel(),'system','autoperms')) ? 1 : 0), t('Connection requests will be approved without your interaction'), $yes_no), - '$permcat' => [ 'permcat', t('Permission role'), '', '',$permcats ], + '$permcat' => [ 'permcat', t('Permission role'), '', '',$permcats ], '$permcat_new' => t('Add permission role'), '$permcat_enable' => feature_enabled(local_channel(),'permcats'), '$addr' => $contact['xchan_addr'], diff --git a/Zotlabs/Module/Defperms.php b/Zotlabs/Module/Defperms.php index 9214331e4..422333a50 100644 --- a/Zotlabs/Module/Defperms.php +++ b/Zotlabs/Module/Defperms.php @@ -237,7 +237,7 @@ class Defperms extends \Zotlabs\Web\Controller { $o .= replace_macros($tpl, [ '$header' => t('Connection Default Permissions'), '$autoperms' => array('autoperms',t('Apply these permissions automatically'), ((get_pconfig(local_channel(),'system','autoperms')) ? 1 : 0), t('If enabled, connection requests will be approved without your interaction'), $yes_no), - '$permcat' => [ 'permcat', t('Permission role'), '', '',$permcats ], + '$permcat' => [ 'permcat', t('Permission role'), '', '',$permcats ], '$permcat_new' => t('Add permission role'), '$permcat_enable' => feature_enabled(local_channel(),'permcats'), '$section' => $section, diff --git a/view/js/mod_connedit.js b/view/js/mod_connedit.js index 7100e0d07..34e9a3b21 100644 --- a/view/js/mod_connedit.js +++ b/view/js/mod_connedit.js @@ -19,7 +19,7 @@ $(document).ready(function() { $('#id_permcat').change(function() { - $('.loading-role-rotator').spin(true); + $('.loading').toggleClass('invisible'); var permName = $('#id_permcat').val(); loadAbookRole(permName); }); @@ -128,7 +128,7 @@ function loadAbookRole(name) { if(this.value) $('#me_id_perms_' + this.name).attr('checked','checked'); }); - $('.loading-role-rotator').spin(false); + $('.loading').toggleClass('invisible'); }); } diff --git a/view/js/mod_defperms.js b/view/js/mod_defperms.js index c89142579..18ebe268e 100644 --- a/view/js/mod_defperms.js +++ b/view/js/mod_defperms.js @@ -1,7 +1,7 @@ $(document).ready(function() { $('#id_permcat').change(function() { - $('.loading-role-rotator').show(); + $('.loading').toggleClass('invisible'); var permName = $('#id_permcat').val(); loadConnectionRole(permName); }); @@ -25,7 +25,7 @@ function loadConnectionRole(name) { if(this.value) $('#id_perms_' + this.name).attr('checked','checked'); }); - $('.loading-role-rotator').hide(); + $('.loading').toggleClass('invisible'); }); } diff --git a/view/js/mod_settings.js b/view/js/mod_settings.js index f9faa3d5c..d3392c748 100644 --- a/view/js/mod_settings.js +++ b/view/js/mod_settings.js @@ -19,7 +19,7 @@ $(document).ready(function() { }); $('#id_permcat_list').change(function() { - $('.loading-role-rotator').spin(true); + $('.loading').toggleClass('invisible'); var permName = $('#id_permcat').val(); loadPermcat(permName); }); @@ -172,7 +172,7 @@ function loadPermcat(name) { if(this.value) $('#me_id_perms_' + this.name).attr('checked','checked'); }); - $('.loading-role-rotator').spin(false); + $('.loading').toggleClass('invisible'); }); } diff --git a/view/tpl/abook_edit.tpl b/view/tpl/abook_edit.tpl index 13b94a560..81c182e1b 100755 --- a/view/tpl/abook_edit.tpl +++ b/view/tpl/abook_edit.tpl @@ -485,7 +485,6 @@ {{if $permcat_enable}} -
 {{$permcat_new}} {{include file="field_select.tpl" field=$permcat}} {{/if}} diff --git a/view/tpl/defperms.tpl b/view/tpl/defperms.tpl index f4a711957..5273ee91b 100755 --- a/view/tpl/defperms.tpl +++ b/view/tpl/defperms.tpl @@ -17,7 +17,6 @@

{{$permnote_self}}

{{if $permcat_enable}} -
 {{$permcat_new}} {{include file="field_select.tpl" field=$permcat}} {{/if}} -- cgit v1.2.3