From c37ffd2999453de17bd6b0c98b708a0f55bacdc7 Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 5 Mar 2012 15:04:43 -0800 Subject: can_write_wall documentation --- include/security.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/security.php b/include/security.php index bc2c9f0bf..6b8128bdd 100755 --- a/include/security.php +++ b/include/security.php @@ -108,14 +108,18 @@ function can_write_wall(&$a,$owner) { if(remote_user()) { - // user remembered decision and avoid a DB lookup for each and every display item + // use remembered decision and avoid a DB lookup for each and every display item // DO NOT use this function if there are going to be multiple owners + // We have a contact-id for an authenticated remote user, this block determines if the contact + // belongs to this page owner, and has the necessary permissions to post content + if($verified === 2) return true; elseif($verified === 1) return false; else { + $r = q("SELECT `contact`.*, `user`.`page-flags` FROM `contact` LEFT JOIN `user` on `user`.`uid` = `contact`.`uid` WHERE `contact`.`uid` = %d AND `contact`.`id` = %d AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `user`.`blockwall` = 0 AND `readonly` = 0 AND ( `contact`.`rel` IN ( %d , %d ) OR `user`.`page-flags` = %d ) LIMIT 1", @@ -125,6 +129,7 @@ function can_write_wall(&$a,$owner) { intval(CONTACT_IS_FRIEND), intval(PAGE_COMMUNITY) ); + if(count($r)) { $verified = 2; return true; -- cgit v1.2.3 From 23718bfc259c00e87e3845ba4b1ead52ca7c6559 Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 6 Mar 2012 02:17:55 -0800 Subject: prevent duplicate likes --- include/items.php | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) (limited to 'include') diff --git a/include/items.php b/include/items.php index 3c55fbb4f..fdff6b642 100755 --- a/include/items.php +++ b/include/items.php @@ -1595,6 +1595,14 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0) if((activity_match($datarray['verb'],ACTIVITY_LIKE)) || (activity_match($datarray['verb'],ACTIVITY_DISLIKE))) { $datarray['type'] = 'activity'; $datarray['gravity'] = GRAVITY_LIKE; + // only one like or dislike per person + $r = q("select id from item where uid = %d and `contact-id` = %d and verb ='%s' and deleted = 0 limit 1", + intval($datarray['uid']), + intval($datarray['contact-id']), + dbesc($datarray['verb']) + ); + if($r && count($r)) + continue; } if(($datarray['verb'] === ACTIVITY_TAG) && ($datarray['object-type'] === ACTIVITY_OBJ_TAGTERM)) { @@ -2148,6 +2156,14 @@ function local_delivery($importer,$data) { $datarray['type'] = 'activity'; $datarray['gravity'] = GRAVITY_LIKE; $datarray['last-child'] = 0; + // only one like or dislike per person + $r = q("select id from item where uid = %d and `contact-id` = %d and verb ='%s' and deleted = 0 limit 1", + intval($datarray['uid']), + intval($datarray['contact-id']), + dbesc($datarray['verb']) + ); + if($r && count($r)) + continue; } if(($datarray['verb'] === ACTIVITY_TAG) && ($datarray['object-type'] === ACTIVITY_OBJ_TAGTERM)) { @@ -2297,6 +2313,15 @@ function local_delivery($importer,$data) { if(($datarray['verb'] == ACTIVITY_LIKE) || ($datarray['verb'] == ACTIVITY_DISLIKE)) { $datarray['type'] = 'activity'; $datarray['gravity'] = GRAVITY_LIKE; + // only one like or dislike per person + $r = q("select id from item where uid = %d and `contact-id` = %d and verb ='%s' and deleted = 0 limit 1", + intval($datarray['uid']), + intval($datarray['contact-id']), + dbesc($datarray['verb']) + ); + if($r && count($r)) + continue; + } if(($datarray['verb'] === ACTIVITY_TAG) && ($datarray['object-type'] === ACTIVITY_OBJ_TAGTERM)) { -- cgit v1.2.3 From eec4cff84be630bf3a4165321a423c29ed7926e9 Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 6 Mar 2012 04:28:45 -0800 Subject: remove "smilie" expansion for Diaspora logo --- include/text.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/text.php b/include/text.php index 042ee982c..c8c03174e 100755 --- a/include/text.php +++ b/include/text.php @@ -737,7 +737,7 @@ function smilies($s, $sample = false) { ':headdesk', '~friendika', '~friendica', - 'Diaspora*' +// 'Diaspora*' ); $icons = array( @@ -778,7 +778,7 @@ function smilies($s, $sample = false) { ':headdesk', '~friendika ~friendika', '~friendica ~friendica', - 'DiasporaDiaspora*', +// 'DiasporaDiaspora*', ); -- cgit v1.2.3 From a265afe7eb43bfe494669ee245c97bd7460fb671 Mon Sep 17 00:00:00 2001 From: Thomas Date: Tue, 6 Mar 2012 20:44:53 +0000 Subject: added beard smileys --- include/text.php | 43 ++++++++----------------------------------- 1 file changed, 8 insertions(+), 35 deletions(-) mode change 100755 => 100644 include/text.php (limited to 'include') diff --git a/include/text.php b/include/text.php old mode 100755 new mode 100644 index c8c03174e..2667ddddc --- a/include/text.php +++ b/include/text.php @@ -14,13 +14,7 @@ if(! function_exists('replace_macros')) { function replace_macros($s,$r) { global $t; - //$ts = microtime(); - $r = $t->replace($s,$r); - //$tt = microtime() - $ts; - - //$a = get_app(); - //$a->page['debug'] .= "$tt
\n"; - return $r; + return $t->replace($s,$r); }} @@ -737,7 +731,9 @@ function smilies($s, $sample = false) { ':headdesk', '~friendika', '~friendica', -// 'Diaspora*' + 'Diaspora*', + ':beard', + ':whitebeard' ); $icons = array( @@ -778,7 +774,9 @@ function smilies($s, $sample = false) { ':headdesk', '~friendika ~friendika', '~friendica ~friendica', -// 'DiasporaDiaspora*', + 'DiasporaDiaspora*', + ':beard', + ':whitebeard' ); @@ -792,7 +790,6 @@ function smilies($s, $sample = false) { } } else { - $params['string'] = preg_replace_callback('/<(3+)/','preg_heart',$params['string']); $s = str_replace($params['texts'],$params['icons'],$params['string']); } @@ -811,18 +808,7 @@ function smile_decode($m) { return(str_replace($m[1],base64url_decode($m[1]),$m[0])); } -// expand <3333 to the correct number of hearts -function preg_heart($x) { - $a = get_app(); - if(strlen($x[1]) == 1) - return $x[0]; - $t = ''; - for($cnt = 0; $cnt < strlen($x[1]); $cnt ++) - $t .= '<3'; - $r = str_replace($x[0],$t,$x[0]); - return $r; -} if(! function_exists('day_translate')) { @@ -1014,7 +1000,7 @@ function lang_selector() { } $ll = substr($l,5); $ll = substr($ll,0,strrpos($ll,'/')); - $selected = (($ll === $lang && (x($_SESSION, 'language'))) ? ' selected="selected" ' : ''); + $selected = (($ll === $lang && (x($_SESSION['language']))) ? ' selected="selected" ' : ''); $o .= ''; } } @@ -1219,16 +1205,3 @@ function reltoabs($text, $base) return $text; } -function item_post_type($item) { - if(intval($item['event-id'])) - return t('event'); - if(strlen($item['resource-id'])) - return t('photo'); - if(strlen($item['verb']) && $item['verb'] !== ACTIVITY_POST) - return t('activity'); - if($item['id'] != $item['parent']) - return t('comment'); - return t('post'); -} - - -- cgit v1.2.3 From 67456bad067dd06c5775979c07c25c767164da36 Mon Sep 17 00:00:00 2001 From: Thomas Date: Tue, 6 Mar 2012 20:50:38 +0000 Subject: Fixed...merged with mainline THEN added beards. --- include/text.php | 41 ++++++++++++++++++++++++++++++++++++----- 1 file changed, 36 insertions(+), 5 deletions(-) (limited to 'include') diff --git a/include/text.php b/include/text.php index 2667ddddc..e7c95d35c 100644 --- a/include/text.php +++ b/include/text.php @@ -14,7 +14,13 @@ if(! function_exists('replace_macros')) { function replace_macros($s,$r) { global $t; - return $t->replace($s,$r); + //$ts = microtime(); + $r = $t->replace($s,$r); + //$tt = microtime() - $ts; + + //$a = get_app(); + //$a->page['debug'] .= "$tt
\n"; + return $r; }} @@ -731,9 +737,10 @@ function smilies($s, $sample = false) { ':headdesk', '~friendika', '~friendica', - 'Diaspora*', +// 'Diaspora*' ':beard', ':whitebeard' + ); $icons = array( @@ -774,10 +781,9 @@ function smilies($s, $sample = false) { ':headdesk', '~friendika ~friendika', '~friendica ~friendica', - 'DiasporaDiaspora*', +// 'DiasporaDiaspora*', ':beard', ':whitebeard' - ); $params = array('texts' => $texts, 'icons' => $icons, 'string' => $s); @@ -790,6 +796,7 @@ function smilies($s, $sample = false) { } } else { + $params['string'] = preg_replace_callback('/<(3+)/','preg_heart',$params['string']); $s = str_replace($params['texts'],$params['icons'],$params['string']); } @@ -808,7 +815,18 @@ function smile_decode($m) { return(str_replace($m[1],base64url_decode($m[1]),$m[0])); } +// expand <3333 to the correct number of hearts +function preg_heart($x) { + $a = get_app(); + if(strlen($x[1]) == 1) + return $x[0]; + $t = ''; + for($cnt = 0; $cnt < strlen($x[1]); $cnt ++) + $t .= '<3'; + $r = str_replace($x[0],$t,$x[0]); + return $r; +} if(! function_exists('day_translate')) { @@ -1000,7 +1018,7 @@ function lang_selector() { } $ll = substr($l,5); $ll = substr($ll,0,strrpos($ll,'/')); - $selected = (($ll === $lang && (x($_SESSION['language']))) ? ' selected="selected" ' : ''); + $selected = (($ll === $lang && (x($_SESSION, 'language'))) ? ' selected="selected" ' : ''); $o .= ''; } } @@ -1205,3 +1223,16 @@ function reltoabs($text, $base) return $text; } +function item_post_type($item) { + if(intval($item['event-id'])) + return t('event'); + if(strlen($item['resource-id'])) + return t('photo'); + if(strlen($item['verb']) && $item['verb'] !== ACTIVITY_POST) + return t('activity'); + if($item['id'] != $item['parent']) + return t('comment'); + return t('post'); +} + + -- cgit v1.2.3 From 8fb0ea4048745c09ece6c84f23bffdccfc59d67d Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 6 Mar 2012 14:27:53 -0800 Subject: bugs #312, #313 --- include/conversation.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/conversation.php b/include/conversation.php index f4740688c..b458923e5 100755 --- a/include/conversation.php +++ b/include/conversation.php @@ -217,7 +217,7 @@ function conversation(&$a, $items, $mode, $update, $preview = false) { if($update) $return_url = $_SESSION['return_url']; else - $return_url = $_SESSION['return_url'] = $a->cmd; + $return_url = $_SESSION['return_url'] = $a->query_string; load_contact_links(local_user()); -- cgit v1.2.3 From 6a5c4bab9c4e06c65fb68b0586853f169197ab0b Mon Sep 17 00:00:00 2001 From: tommy tomson Date: Wed, 7 Mar 2012 00:07:27 +0100 Subject: messages-menu translation, add scroll-to-top and theme-bug-report in theme --- include/nav.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'include') diff --git a/include/nav.php b/include/nav.php index 511ca07fc..aadfa82fd 100755 --- a/include/nav.php +++ b/include/nav.php @@ -122,6 +122,9 @@ function nav(&$a) { } $nav['messages'] = array('message', t('Messages'), "", t('Private mail')); + $nav['messages']['inbox'] = array('message', t('Inbox'), "", t('Inbox')); + $nav['messages']['outbox']= array('message/sent', t('Outbox'), "", t('Outbox')); + $nav['messages']['new'] = array('message/new', t('New Message'), "", t('New Message')); if(is_array($a->identities) && count($a->identities) > 1) { $nav['manage'] = array('manage', t('Manage'), "", t('Manage other pages')); -- cgit v1.2.3 From 88cd5800cf2e22f365bc38f567fcc1627e9278a7 Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 6 Mar 2012 17:21:14 -0800 Subject: [privacy] rework latest fix --- include/security.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/security.php b/include/security.php index 6b8128bdd..c04491570 100755 --- a/include/security.php +++ b/include/security.php @@ -159,6 +159,7 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) { AND allow_gid = '' AND deny_cid = '' AND deny_gid = '' + AND private = 0 "; /** @@ -199,10 +200,11 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) { } $sql = sprintf( - " AND ( allow_cid = '' OR allow_cid REGEXP '<%d>' ) + " AND (( allow_cid = '' OR allow_cid REGEXP '<%d>' ) AND ( deny_cid = '' OR NOT deny_cid REGEXP '<%d>' ) AND ( allow_gid = '' OR allow_gid REGEXP '%s' ) AND ( deny_gid = '' OR NOT deny_gid REGEXP '%s') + OR private = 0 ) ", intval($remote_user), intval($remote_user), -- cgit v1.2.3 From 7ad2dd65654f6b1cb17ae98e65c3e95528d29e30 Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 6 Mar 2012 17:52:00 -0800 Subject: fix photos after permissions_sql change --- include/security.php | 80 +++++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 76 insertions(+), 4 deletions(-) (limited to 'include') diff --git a/include/security.php b/include/security.php index c04491570..9042d4d64 100755 --- a/include/security.php +++ b/include/security.php @@ -149,6 +149,77 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) { $local_user = local_user(); $remote_user = remote_user(); + /** + * Construct permissions + * + * default permissions - anonymous user + */ + + $sql = " AND allow_cid = '' + AND allow_gid = '' + AND deny_cid = '' + AND deny_gid = '' + "; + + /** + * Profile owner - everything is visible + */ + + if(($local_user) && ($local_user == $owner_id)) { + $sql = ''; + } + + /** + * Authenticated visitor. Unless pre-verified, + * check that the contact belongs to this $owner_id + * and load the groups the visitor belongs to. + * If pre-verified, the caller is expected to have already + * done this and passed the groups into this function. + */ + + elseif($remote_user) { + + if(! $remote_verified) { + $r = q("SELECT id FROM contact WHERE id = %d AND uid = %d AND blocked = 0 LIMIT 1", + intval($remote_user), + intval($owner_id) + ); + if(count($r)) { + $remote_verified = true; + $groups = init_groups_visitor($remote_user); + } + } + if($remote_verified) { + + $gs = '<<>>'; // should be impossible to match + + if(is_array($groups) && count($groups)) { + foreach($groups as $g) + $gs .= '|<' . intval($g) . '>'; + } + + $sql = sprintf( + " AND ( allow_cid = '' OR allow_cid REGEXP '<%d>' ) + AND ( deny_cid = '' OR NOT deny_cid REGEXP '<%d>' ) + AND ( allow_gid = '' OR allow_gid REGEXP '%s' ) + AND ( deny_gid = '' OR NOT deny_gid REGEXP '%s') + ", + intval($remote_user), + intval($remote_user), + dbesc($gs), + dbesc($gs) + ); + } + } + return $sql; +} + + +function item_permissions_sql($owner_id,$remote_verified = false,$groups = null) { + + $local_user = local_user(); + $remote_user = remote_user(); + /** * Construct permissions * @@ -200,11 +271,10 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) { } $sql = sprintf( - " AND (( allow_cid = '' OR allow_cid REGEXP '<%d>' ) + " AND ( private = 0 OR (( allow_cid = '' OR allow_cid REGEXP '<%d>' ) AND ( deny_cid = '' OR NOT deny_cid REGEXP '<%d>' ) AND ( allow_gid = '' OR allow_gid REGEXP '%s' ) - AND ( deny_gid = '' OR NOT deny_gid REGEXP '%s') - OR private = 0 ) + AND ( deny_gid = '' OR NOT deny_gid REGEXP '%s'))) ", intval($remote_user), intval($remote_user), @@ -214,4 +284,6 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) { } } return $sql; -} \ No newline at end of file +} + + -- cgit v1.2.3