From 5c0e135fe98fc91cee32e065c81e7a440c25ee2c Mon Sep 17 00:00:00 2001 From: Friendika Date: Wed, 14 Sep 2011 19:33:42 -0700 Subject: diaspora protocol changes --- include/diaspora.php | 170 ++++++++++++++++++++++++++++++--------------------- 1 file changed, 100 insertions(+), 70 deletions(-) (limited to 'include') diff --git a/include/diaspora.php b/include/diaspora.php index 6d070ecba..2145ca56c 100644 --- a/include/diaspora.php +++ b/include/diaspora.php @@ -5,34 +5,52 @@ require_once('include/items.php'); require_once('include/bb2diaspora.php'); require_once('include/contact_selectors.php'); + +function diaspora_dispatch_public($msg) { + + $r = q("SELECT `user`.* FROM `user` WHERE `user`.`uid` IN ( SELECT `uid` FROM `contact` WHERE `network` = '%s' AND `addr` = '%s' ) ", + dbesc(NETWORK_DIASPORA), + dbesc($msg['author']) + ); + if(count($r)) { + foreach($r as $rr) { + diaspora_dispatch($rr,$msg); + } + } +} + + + function diaspora_dispatch($importer,$msg) { + $ret = 0; + $parsed_xml = parse_xml_string($msg['message'],false); $xmlbase = $parsed_xml->post; if($xmlbase->request) { - diaspora_request($importer,$xmlbase->request); + $ret = diaspora_request($importer,$xmlbase->request); } elseif($xmlbase->status_message) { - diaspora_post($importer,$xmlbase->status_message); + $ret = diaspora_post($importer,$xmlbase->status_message); } elseif($xmlbase->comment) { - diaspora_comment($importer,$xmlbase->comment,$msg); + $ret = diaspora_comment($importer,$xmlbase->comment,$msg); } elseif($xmlbase->like) { - diaspora_like($importer,$xmlbase->like,$msg); + $ret = diaspora_like($importer,$xmlbase->like,$msg); } elseif($xmlbase->retraction) { - diaspora_retraction($importer,$xmlbase->retraction,$msg); + $ret = diaspora_retraction($importer,$xmlbase->retraction,$msg); } elseif($xmlbase->photo) { - diaspora_photo($importer,$xmlbase->photo,$msg); + $ret = diaspora_photo($importer,$xmlbase->photo,$msg); } else { logger('diaspora_dispatch: unknown message type: ' . print_r($xmlbase,true)); } - return; + return $ret; } function diaspora_get_contact_by_handle($uid,$handle) { @@ -106,16 +124,14 @@ function diaspora_msg_build($msg,$user,$contact,$prvkey,$pubkey) { $b64url_data = base64url_encode($b64_data); - $b64url_stripped = str_replace(array("\n","\r"," ","\t"),array('','','',''),$b64url_data); - $lines = str_split($b64url_stripped,60); - $data = implode("\n",$lines); - $data = $data . (($data[-1] != "\n") ? "\n" : '') ; + $data = str_replace(array("\n","\r"," ","\t"),array('','','',''),$b64url_data); + $type = 'application/atom+xml'; $encoding = 'base64url'; $alg = 'RSA-SHA256'; - $signable_data = $data . '.' . base64url_encode($type) . "\n" . '.' - . base64url_encode($encoding) . "\n" . '.' . base64url_encode($alg) . "\n"; + $signable_data = $data . '.' . base64url_encode($type) . '.' + . base64url_encode($encoding) . '.' . base64url_encode($alg) ; $signature = rsa_sign($signable_data,$prvkey); $sig = base64url_encode($signature); @@ -157,7 +173,7 @@ $magic_env = <<< EOT base64url RSA-SHA256 - $data + $data $sig @@ -185,50 +201,67 @@ EOT; function diaspora_decode($importer,$xml) { + $public = false; $basedom = parse_xml_string($xml); - $atom = $basedom->children(NAMESPACE_ATOM1); + $children = $basedom->children(NAMESPACE_DIASPORA_PROTOCOL); - // Diaspora devs: This is kind of sucky - 'encrypted_header' does not belong in the atom namespace + if($children->header) { + $public = true; + $author_link = str_replace('acct:','',$children->author_id); + } + else { - $encrypted_header = json_decode(base64_decode($atom->encrypted_header)); + $encrypted_header = json_decode(base64_decode($children->encrypted_header)); - $encrypted_aes_key_bundle = base64_decode($encrypted_header->aes_key); - $ciphertext = base64_decode($encrypted_header->ciphertext); + $encrypted_aes_key_bundle = base64_decode($encrypted_header->aes_key); + $ciphertext = base64_decode($encrypted_header->ciphertext); + + $outer_key_bundle = ''; + openssl_private_decrypt($encrypted_aes_key_bundle,$outer_key_bundle,$importer['prvkey']); + + $j_outer_key_bundle = json_decode($outer_key_bundle); + + $outer_iv = base64_decode($j_outer_key_bundle->iv); + $outer_key = base64_decode($j_outer_key_bundle->key); + + $decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $outer_key, $ciphertext, MCRYPT_MODE_CBC, $outer_iv); + + + $decrypted = pkcs5_unpad($decrypted); - $outer_key_bundle = ''; - openssl_private_decrypt($encrypted_aes_key_bundle,$outer_key_bundle,$importer['prvkey']); + /** + * $decrypted now contains something like + * + * + * 8e+G2+ET8l5BPuW0sVTnQw== + * UvSMb4puPeB14STkcDWq+4QE302Edu15oaprAQSkLKU= - $j_outer_key_bundle = json_decode($outer_key_bundle); +***** OBSOLETE - $outer_iv = base64_decode($j_outer_key_bundle->iv); - $outer_key = base64_decode($j_outer_key_bundle->key); + * + * Ryan Hughes + * acct:galaxor@diaspora.pirateship.org + * - $decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $outer_key, $ciphertext, MCRYPT_MODE_CBC, $outer_iv); +***** CURRENT + * acct:galaxor@diaspora.priateship.org - $decrypted = pkcs5_unpad($decrypted); +***** END DIFFS - /** - * $decrypted now contains something like - * - * - * 8e+G2+ET8l5BPuW0sVTnQw== - * UvSMb4puPeB14STkcDWq+4QE302Edu15oaprAQSkLKU= - * - * Ryan Hughes - * acct:galaxor@diaspora.pirateship.org - * - * - */ + * + */ - logger('decrypted: ' . $decrypted, LOGGER_DEBUG); - $idom = parse_xml_string($decrypted,false); + logger('decrypted: ' . $decrypted, LOGGER_DEBUG); + $idom = parse_xml_string($decrypted,false); - $inner_iv = base64_decode($idom->iv); - $inner_aes_key = base64_decode($idom->aes_key); + $inner_iv = base64_decode($idom->iv); + $inner_aes_key = base64_decode($idom->aes_key); - $author_link = str_replace('acct:','',$idom->author->uri); + $author_link = str_replace('acct:','',$idom->author_id); + + } $dom = $basedom->children(NAMESPACE_SALMON_ME); @@ -262,8 +295,8 @@ function diaspora_decode($importer,$xml) { // and transport whitespace mangling, and base64 wrapping rules. Guess what? PHP and Ruby // use different linelengths for base64 output. - $lines = str_split($data,60); - $data = implode("\n",$lines); +// $lines = str_split($data,60); + // $data = implode("\n",$lines); // stash away some other stuff for later @@ -273,22 +306,25 @@ function diaspora_decode($importer,$xml) { $encoding = $base->encoding; $alg = $base->alg; - // I can't even begin to tell you how sucky this is. Please read the spec. - $signed_data = $data . (($data[-1] != "\n") ? "\n" : '') . '.' . base64url_encode($type) . "\n" . '.' . base64url_encode($encoding) . "\n" . '.' . base64url_encode($alg) . "\n"; + $signed_data = $data . '.' . base64url_encode($type) . '.' . base64url_encode($encoding) . '.' . base64url_encode($alg); // decode the data $data = base64url_decode($data); - // Now pull out the inner encrypted blob - $inner_encrypted = base64_decode($data); + if($public) { + $inner_decrypted = $data; + } + else { - $inner_decrypted = - $inner_decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $inner_aes_key, $inner_encrypted, MCRYPT_MODE_CBC, $inner_iv); + // Decode the encrypted blob - $inner_decrypted = pkcs5_unpad($inner_decrypted); + $inner_encrypted = base64_decode($data); + $inner_decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $inner_aes_key, $inner_encrypted, MCRYPT_MODE_CBC, $inner_iv); + $inner_decrypted = pkcs5_unpad($inner_decrypted); + } if(! $author_link) { logger('mod-diaspora: Could not retrieve author URI.'); @@ -321,7 +357,6 @@ function diaspora_decode($importer,$xml) { } - function diaspora_request($importer,$xml) { $sender_handle = unxmlify($xml->sender_handle); @@ -332,7 +367,6 @@ function diaspora_request($importer,$xml) { $contact = diaspora_get_contact_by_handle($importer['uid'],$sender_handle); - if($contact) { // perhaps we were already sharing with this person. Now they're sharing with us. @@ -408,8 +442,7 @@ function diaspora_post($importer,$xml) { if(($contact['rel'] == CONTACT_IS_FOLLOWER) || ($contact['blocked']) || ($contact['readonly'])) { logger('diaspora_post: Ignoring this author.'); - http_status_exit(202); - // NOTREACHED + return 202; } $message_id = $diaspora_handle . ':' . $guid; @@ -493,8 +526,7 @@ function diaspora_comment($importer,$xml,$msg) { if(($contact['rel'] == CONTACT_IS_FOLLOWER) || ($contact['blocked']) || ($contact['readonly'])) { logger('diaspora_comment: Ignoring this author.'); - http_status_exit(202); - // NOTREACHED + return 202; } $r = q("SELECT * FROM `item` WHERE `uid` = %d AND `guid` = '%s' LIMIT 1", @@ -535,7 +567,7 @@ function diaspora_comment($importer,$xml,$msg) { } } - if(! rsa_verify($author_signed_data,$author_signature,$key,'sha')) { + if(! rsa_verify($author_signed_data,$author_signature,$key,'sha256')) { logger('diaspora_comment: verification failed.'); return; } @@ -548,7 +580,7 @@ function diaspora_comment($importer,$xml,$msg) { $key = $msg['key']; - if(! rsa_verify($owner_signed_data,$parent_author_signature,$key,'sha')) { + if(! rsa_verify($owner_signed_data,$parent_author_signature,$key,'sha256')) { logger('diaspora_comment: owner verification failed.'); return; } @@ -633,8 +665,7 @@ function diaspora_photo($importer,$xml,$msg) { if(($contact['rel'] == CONTACT_IS_FOLLOWER) || ($contact['blocked']) || ($contact['readonly'])) { logger('diaspora_photo: Ignoring this author.'); - http_status_exit(202); - // NOTREACHED + return 202; } $r = q("SELECT * FROM `item` WHERE `uid` = %d AND `guid` = '%s' LIMIT 1", @@ -686,8 +717,7 @@ function diaspora_like($importer,$xml,$msg) { if(($contact['rel'] == CONTACT_IS_FOLLOWER) || ($contact['blocked']) || ($contact['readonly'])) { logger('diaspora_like: Ignoring this author.'); - http_status_exit(202); - // NOTREACHED + return 202; } $r = q("SELECT * FROM `item` WHERE `uid` = %d AND `guid` = '%s' LIMIT 1", @@ -743,7 +773,7 @@ function diaspora_like($importer,$xml,$msg) { } } - if(! rsa_verify($author_signed_data,$author_signature,$key,'sha')) { + if(! rsa_verify($author_signed_data,$author_signature,$key,'sha256')) { logger('diaspora_like: verification failed.'); return; } @@ -756,7 +786,7 @@ function diaspora_like($importer,$xml,$msg) { $key = $msg['key']; - if(! rsa_verify($owner_signed_data,$parent_author_signature,$key,'sha')) { + if(! rsa_verify($owner_signed_data,$parent_author_signature,$key,'sha256')) { logger('diaspora_like: owner verification failed.'); return; } @@ -877,7 +907,7 @@ function diaspora_retraction($importer,$xml) { } } - http_exit_status(202); + return 202; // NOTREACHED } @@ -1044,7 +1074,7 @@ function diaspora_send_followup($item,$owner,$contact) { else $signed_text = $item['guid'] . ';' . $parent_guid . ';' . $text . ';' . $myaddr; - $authorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha')); + $authorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha256')); $msg = replace_macros($tpl,array( '$guid' => xmlify($item['guid']), @@ -1131,7 +1161,7 @@ function diaspora_send_relay($item,$owner,$contact) { else $signed_text = $item['guid'] . ';' . $parent_guid . ';' . $text . ';' . $myaddr; - $authorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha')); + $authorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha256')); q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", intval($item['id']), @@ -1145,7 +1175,7 @@ function diaspora_send_relay($item,$owner,$contact) { // sign it - $parentauthorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha')); + $parentauthorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha256')); $msg = replace_macros($tpl,array( '$guid' => xmlify($item['guid']), -- cgit v1.2.3 From 80f94bb12bd6d445554579def2bec0de333e4fb2 Mon Sep 17 00:00:00 2001 From: Friendika Date: Thu, 15 Sep 2011 17:47:16 -0700 Subject: federation friday update --- include/diaspora.php | 23 +++++------------------ 1 file changed, 5 insertions(+), 18 deletions(-) (limited to 'include') diff --git a/include/diaspora.php b/include/diaspora.php index 2145ca56c..4b1cc333b 100644 --- a/include/diaspora.php +++ b/include/diaspora.php @@ -115,7 +115,7 @@ function diaspora_msg_build($msg,$user,$contact,$prvkey,$pubkey) { $outer_iv = random_string(16); $b_outer_iv = base64_encode($outer_iv); - $handle = 'acct:' . $user['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3); + $handle = $user['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3); $padded_data = pkcs5_pad($msg,16); $inner_encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $inner_aes_key, $padded_data, MCRYPT_MODE_CBC, $inner_iv); @@ -126,7 +126,7 @@ function diaspora_msg_build($msg,$user,$contact,$prvkey,$pubkey) { $b64url_data = base64url_encode($b64_data); $data = str_replace(array("\n","\r"," ","\t"),array('','','',''),$b64url_data); - $type = 'application/atom+xml'; + $type = 'application/xml'; $encoding = 'base64url'; $alg = 'RSA-SHA256'; @@ -140,10 +140,7 @@ $decrypted_header = <<< EOT $b_inner_iv $b_inner_aes_key - - {$user['username']} - $handle - + $handle EOT; @@ -204,7 +201,7 @@ function diaspora_decode($importer,$xml) { $public = false; $basedom = parse_xml_string($xml); - $children = $basedom->children(NAMESPACE_DIASPORA_PROTOCOL); + $children = $basedom->children('https://joindiaspora.com/protocol'); if($children->header) { $public = true; @@ -288,16 +285,6 @@ function diaspora_decode($importer,$xml) { // strip whitespace so our data element will return to one big base64 blob $data = str_replace(array(" ","\t","\r","\n"),array("","","",""),$base->data); - // Add back the 60 char linefeeds - - // This completely violates the entire principle of salmon magic signatures, - // which was to have a message signing format that was completely ambivalent to linefeeds - // and transport whitespace mangling, and base64 wrapping rules. Guess what? PHP and Ruby - // use different linelengths for base64 output. - -// $lines = str_split($data,60); - // $data = implode("\n",$lines); - // stash away some other stuff for later @@ -347,7 +334,7 @@ function diaspora_decode($importer,$xml) { if(! $verify) { logger('mod-diaspora: Message did not verify. Discarding.'); - http_status_exit(400); +// http_status_exit(400); } logger('mod-diaspora: Message verified.'); -- cgit v1.2.3 From 9c3503a706d445bcbf7a14c2adcd8d344df3e46b Mon Sep 17 00:00:00 2001 From: Friendika Date: Fri, 16 Sep 2011 06:49:24 -0700 Subject: update timestamp on activity change (comment/like) --- include/items.php | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'include') diff --git a/include/items.php b/include/items.php index facd8b2d4..735adc717 100644 --- a/include/items.php +++ b/include/items.php @@ -865,6 +865,13 @@ function item_store($arr,$force_parent = false) { intval($current_post) ); + // update the timestamp on the parent + + q("UPDATE `item` set `changed` = '%s' WHERE `id` = %d LIMIT 1", + dbesc(datetime_convert()), + intval($parent_id) + ); + if($dsprsig) { q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", intval($current_post), -- cgit v1.2.3 From 5a6a3cab8ee6b5c979b7c51112bb2c86915ac207 Mon Sep 17 00:00:00 2001 From: Friendika Date: Fri, 16 Sep 2011 14:46:04 -0700 Subject: may fix diaspora send --- include/diaspora.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'include') diff --git a/include/diaspora.php b/include/diaspora.php index 4b1cc333b..5e4301e78 100644 --- a/include/diaspora.php +++ b/include/diaspora.php @@ -165,15 +165,15 @@ EOT; $magic_env = <<< EOT - + $encrypted_header - + base64url RSA-SHA256 $data $sig - + EOT; logger('diaspora_msg_build: magic_env: ' . $magic_env, LOGGER_DATA); -- cgit v1.2.3 From d7243be2eaab96f56ae639b1afe823a1646811f4 Mon Sep 17 00:00:00 2001 From: Friendika Date: Fri, 16 Sep 2011 14:51:25 -0700 Subject: log the D* publc messages --- include/diaspora.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/diaspora.php b/include/diaspora.php index 5e4301e78..0436673ea 100644 --- a/include/diaspora.php +++ b/include/diaspora.php @@ -8,15 +8,18 @@ require_once('include/contact_selectors.php'); function diaspora_dispatch_public($msg) { - $r = q("SELECT `user`.* FROM `user` WHERE `user`.`uid` IN ( SELECT `uid` FROM `contact` WHERE `network` = '%s' AND `addr` = '%s' ) ", + $r = q("SELECT `user`.* FROM `user` WHERE `user`.`uid` IN ( SELECT `contact`.`uid` FROM `contact` WHERE `contact`.`network` = '%s' AND `contact`.`addr` = '%s' ) ", dbesc(NETWORK_DIASPORA), dbesc($msg['author']) ); if(count($r)) { foreach($r as $rr) { + logger('diaspora_public: delivering to: ' . $rr['username']); diaspora_dispatch($rr,$msg); } } + else + logger('diaspora_public: no subscribers'); } -- cgit v1.2.3 From 6c4ad7df3aebec13406de129bec9e14db7bb2eea Mon Sep 17 00:00:00 2001 From: Friendika Date: Fri, 16 Sep 2011 14:57:41 -0700 Subject: public D* post fix --- include/diaspora.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/diaspora.php b/include/diaspora.php index 0436673ea..313324a16 100644 --- a/include/diaspora.php +++ b/include/diaspora.php @@ -208,7 +208,7 @@ function diaspora_decode($importer,$xml) { if($children->header) { $public = true; - $author_link = str_replace('acct:','',$children->author_id); + $author_link = str_replace('acct:','',$children->header->author_id); } else { -- cgit v1.2.3 From ce77c7287e8f6bf721c823290ff939b9ab5764e9 Mon Sep 17 00:00:00 2001 From: Friendika Date: Fri, 16 Sep 2011 15:40:34 -0700 Subject: show real profile link location on hover --- include/conversation.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'include') diff --git a/include/conversation.php b/include/conversation.php index 6aad2485a..4398d6a5c 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -211,7 +211,7 @@ function conversation(&$a, $items, $mode, $update) { $o .= replace_macros($tpl,array( '$id' => $item['item_id'], - '$linktitle' => sprintf( t('View %s\'s profile'), $profile_name), + '$linktitle' => sprintf( t('View %s\'s profile @ %s'), $profile_name, ((strlen($item['author-link'])) ? $item['author-link'] : $item['url'])), '$profile_url' => $profile_link, '$item_photo_menu' => item_photo_menu($item), '$name' => $profile_name, @@ -486,8 +486,8 @@ function conversation(&$a, $items, $mode, $update) { $tmp_item = replace_macros($template,array( '$id' => $item['item_id'], - '$linktitle' => sprintf( t('View %s\'s profile'), $profile_name), - '$olinktitle' => sprintf( t('View %s\'s profile'), $owner_name), + '$linktitle' => sprintf( t('View %s\'s profile @ %s'), $profile_name, ((strlen($item['author-link'])) ? $item['author-link'] : $item['url'])), + '$olinktitle' => sprintf( t('View %s\'s profile @ %s'), $profile_name, ((strlen($item['owner-link'])) ? $item['owner-link'] : $item['url'])), '$to' => t('to'), '$wall' => t('Wall-to-Wall'), '$vwall' => t('via Wall-To-Wall:'), -- cgit v1.2.3 From 5f4ab62fe330a714777fecae88465e83331abed1 Mon Sep 17 00:00:00 2001 From: Friendika Date: Sun, 18 Sep 2011 00:16:18 -0700 Subject: fix bbcode image size --- include/bbcode.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/bbcode.php b/include/bbcode.php index 3886af37d..3d6b907a6 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -113,6 +113,9 @@ function bbcode($Text,$preserve_nl = false) { // Check for [quote] text $Text = preg_replace("/\[quote\](.*?)\[\/quote\]/ism","$QuoteLayout", $Text); + // [img=widthxheight]image source[/img] + $Text = preg_replace("/\[img\=([0-9]*)x([0-9]*)\](.*?)\[\/img\]/ism", '', $Text); + // Images // [img]pathtoimage[/img] $Text = preg_replace("/\[img\](.*?)\[\/img\]/ism", '' . t('Image/photo') . '', $Text); @@ -125,8 +128,6 @@ function bbcode($Text,$preserve_nl = false) { $Text = preg_replace("/\[iframe\](.*?)\[\/iframe\]/ism", '', $Text); - // [img=widthxheight]image source[/img] - $Text = preg_replace("/\[img\=([0-9]*)x([0-9]*)\](.*?)\[\/img\]/ism", '', $Text); if (get_pconfig(local_user(), 'oembed', 'use_for_youtube' )==1){ // use oembed for youtube links -- cgit v1.2.3 From 309df8417206ed934961a1e2f26b2ca4e57418b3 Mon Sep 17 00:00:00 2001 From: Friendika Date: Sun, 18 Sep 2011 00:19:19 -0700 Subject: again fix bbcode image sizes --- include/bbcode.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/bbcode.php b/include/bbcode.php index 3d6b907a6..cbe19de54 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -114,7 +114,7 @@ function bbcode($Text,$preserve_nl = false) { $Text = preg_replace("/\[quote\](.*?)\[\/quote\]/ism","$QuoteLayout", $Text); // [img=widthxheight]image source[/img] - $Text = preg_replace("/\[img\=([0-9]*)x([0-9]*)\](.*?)\[\/img\]/ism", '', $Text); + $Text = preg_replace("/\[img\=([0-9]*)x([0-9]*)\](.*?)\[\/img\]/ism", '', $Text); // Images // [img]pathtoimage[/img] -- cgit v1.2.3 From da05ef2ae48beb0f3475cc705fde9a69e5947426 Mon Sep 17 00:00:00 2001 From: Friendika Date: Sun, 18 Sep 2011 04:34:17 -0700 Subject: rfc2047 encode notification email headers --- include/EmailNotification.php | 7 +++++++ include/email.php | 4 +++- 2 files changed, 10 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/EmailNotification.php b/include/EmailNotification.php index 78912c0b9..8861e8f5d 100644 --- a/include/EmailNotification.php +++ b/include/EmailNotification.php @@ -1,4 +1,7 @@ Date: Sun, 18 Sep 2011 06:20:18 -0700 Subject: bug #157 - allow deleted group to be revived, but warn of side effects --- include/group.php | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/group.php b/include/group.php index d92e24e20..4f3d5ee91 100644 --- a/include/group.php +++ b/include/group.php @@ -6,8 +6,26 @@ function group_add($uid,$name) { $ret = false; if(x($uid) && x($name)) { $r = group_byname($uid,$name); // check for dups - if($r !== false) + if($r !== false) { + + // This could be a problem. + // Let's assume we've just created a group which we once deleted + // all the old members are gone, but the group remains so we don't break any security + // access lists. What we're doing here is reviving the dead group, but old content which + // was restricted to this group may now be seen by the new group members. + + $z = q("SELECT * FROM `group` WHERE `id` = %d LIMIT 1", + intval($r) + ); + if(count($z) && $z[0]['deleted']) { + $r = q("UPDATE `group` SET `deleted` = 0 WHERE `uid` = %d AND `name` = '%s' LIMIT 1", + intval($uid), + dbesc($name) + ); + notice( t('A deleted group with this name was revived. Existing item permissions may apply to this group and any future members. If this is not what you intended, please create another group with a different name.') . EOL); + } return true; + } $r = q("INSERT INTO `group` ( `uid`, `name` ) VALUES( %d, '%s' ) ", intval($uid), -- cgit v1.2.3 From e2e29b2deafffb98d156fb3f726a3968b3492522 Mon Sep 17 00:00:00 2001 From: Friendika Date: Sun, 18 Sep 2011 17:16:02 -0700 Subject: only header encode if necessary --- include/email.php | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'include') diff --git a/include/email.php b/include/email.php index b34084549..3e6a8186d 100644 --- a/include/email.php +++ b/include/email.php @@ -169,6 +169,17 @@ function email_get_part($mbox,$uid,$p,$partno) { function email_header_encode($in_str, $charset) { $out_str = $in_str; + $need_to_convert = false; + + for($x = 0; $x < strlen($in_str); $x ++) { + if((ord($in_str[$x]) == 0) || ((ord($in_str[$x]) > 128))) { + $need_to_convert = true; + } + } + + if(! $need_to_convert) + return $in_str; + if ($out_str && $charset) { // define start delimimter, end delimiter and spacer -- cgit v1.2.3 From 8bf6a29d4e05af5d461da3f01999785dc12ee7da Mon Sep 17 00:00:00 2001 From: Friendika Date: Sun, 18 Sep 2011 19:04:11 -0700 Subject: optimise the commented date view --- include/items.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/items.php b/include/items.php index 735adc717..b433381a7 100644 --- a/include/items.php +++ b/include/items.php @@ -717,6 +717,7 @@ function item_store($arr,$force_parent = false) { $arr['owner-avatar'] = ((x($arr,'owner-avatar')) ? notags(trim($arr['owner-avatar'])) : ''); $arr['created'] = ((x($arr,'created') !== false) ? datetime_convert('UTC','UTC',$arr['created']) : datetime_convert()); $arr['edited'] = ((x($arr,'edited') !== false) ? datetime_convert('UTC','UTC',$arr['edited']) : datetime_convert()); + $arr['commented'] = datetime_convert(); $arr['received'] = datetime_convert(); $arr['changed'] = datetime_convert(); $arr['title'] = ((x($arr,'title')) ? notags(trim($arr['title'])) : ''); @@ -865,9 +866,10 @@ function item_store($arr,$force_parent = false) { intval($current_post) ); - // update the timestamp on the parent + // update the commented timestamp on the parent - q("UPDATE `item` set `changed` = '%s' WHERE `id` = %d LIMIT 1", + q("UPDATE `item` set `commented` = '%s', `changed` = '%s' WHERE `id` = %d LIMIT 1", + dbesc(datetime_convert()), dbesc(datetime_convert()), intval($parent_id) ); -- cgit v1.2.3 From 5b3f6459392ba6f417cfc5cb0d38094c009c6913 Mon Sep 17 00:00:00 2001 From: Friendika Date: Sun, 18 Sep 2011 19:53:45 -0700 Subject: account expiration structures --- include/api.php | 2 +- include/auth.php | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'include') diff --git a/include/api.php b/include/api.php index 5d008c290..74b4aaf6e 100644 --- a/include/api.php +++ b/include/api.php @@ -55,7 +55,7 @@ // process normal login request $r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' ) - AND `password` = '%s' AND `blocked` = 0 AND `verified` = 1 LIMIT 1", + AND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `verified` = 1 LIMIT 1", dbesc(trim($user)), dbesc(trim($user)), dbesc($encrypted) diff --git a/include/auth.php b/include/auth.php index b7b96bdc0..1f16b3504 100644 --- a/include/auth.php +++ b/include/auth.php @@ -49,7 +49,7 @@ if((isset($_SESSION)) && (x($_SESSION,'authenticated')) && ((! (x($_POST,'auth-p } $r = q("SELECT `user`.*, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey` - FROM `user` WHERE `uid` = %d LIMIT 1", + FROM `user` WHERE `uid` = %d AND `blocked` = 0 AND `account_expired` = 0 AND `verified` = 1 LIMIT 1", intval($_SESSION['uid']) ); @@ -186,7 +186,7 @@ else { $r = q("SELECT `user`.*, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey` FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' ) - AND `password` = '%s' AND `blocked` = 0 AND `verified` = 1 LIMIT 1", + AND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `verified` = 1 LIMIT 1", dbesc(trim($_POST['openid_url'])), dbesc(trim($_POST['openid_url'])), dbesc($encrypted) -- cgit v1.2.3 From 48ee3fa3b9c540185fb3691ce6a971dd2cf1fd68 Mon Sep 17 00:00:00 2001 From: Friendika Date: Sun, 18 Sep 2011 20:17:44 -0700 Subject: build diaspora public (batch) message --- include/diaspora.php | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) (limited to 'include') diff --git a/include/diaspora.php b/include/diaspora.php index 313324a16..a6f3002b9 100644 --- a/include/diaspora.php +++ b/include/diaspora.php @@ -103,6 +103,52 @@ function get_diaspora_key($uri) { } +function diaspora_pubmsg_build($msg,$user,$contact,$prvkey,$pubkey) { + $a = get_app(); + + logger('diaspora_pubmsg_build: ' . $msg, LOGGER_DATA); + + + $handle = $user['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3); + + $b64_data = base64_encode($msg); + $b64url_data = base64url_encode($b64_data); + + $data = str_replace(array("\n","\r"," ","\t"),array('','','',''),$b64url_data); + + $type = 'application/xml'; + $encoding = 'base64url'; + $alg = 'RSA-SHA256'; + + $signable_data = $data . '.' . base64url_encode($type) . '.' + . base64url_encode($encoding) . '.' . base64url_encode($alg) ; + + $signature = rsa_sign($signable_data,$prvkey); + $sig = base64url_encode($signature); + +$magic_env = <<< EOT + + +
+ $handle +
+ + base64url + RSA-SHA256 + $data + $sig + + +EOT; + + logger('diaspora_pubmsg_build: magic_env: ' . $magic_env, LOGGER_DATA); + return $magic_env; + +} + + + + function diaspora_msg_build($msg,$user,$contact,$prvkey,$pubkey) { $a = get_app(); -- cgit v1.2.3 From 2aef98f71d95ba5c2caae7637002daef0bce6de5 Mon Sep 17 00:00:00 2001 From: Friendika Date: Mon, 19 Sep 2011 01:17:12 -0700 Subject: cripple account when expired --- include/diaspora.php | 2 +- include/poller.php | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) (limited to 'include') diff --git a/include/diaspora.php b/include/diaspora.php index a6f3002b9..3c28373ea 100644 --- a/include/diaspora.php +++ b/include/diaspora.php @@ -8,7 +8,7 @@ require_once('include/contact_selectors.php'); function diaspora_dispatch_public($msg) { - $r = q("SELECT `user`.* FROM `user` WHERE `user`.`uid` IN ( SELECT `contact`.`uid` FROM `contact` WHERE `contact`.`network` = '%s' AND `contact`.`addr` = '%s' ) ", + $r = q("SELECT `user`.* FROM `user` WHERE `user`.`uid` IN ( SELECT `contact`.`uid` FROM `contact` WHERE `contact`.`network` = '%s' AND `contact`.`addr` = '%s' ) AND `account_expired` = 0 ", dbesc(NETWORK_DIASPORA), dbesc($msg['author']) ); diff --git a/include/poller.php b/include/poller.php index e80b696bf..dbae1deec 100644 --- a/include/poller.php +++ b/include/poller.php @@ -86,11 +86,12 @@ function poller_run($argv, $argc){ // and which have a polling address and ignore Diaspora since // we are unable to match those posts with a Diaspora GUID and prevent duplicates. - $contacts = q("SELECT `id` FROM `contact` + $contacts = q("SELECT `contact`.`id` FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid` WHERE ( `rel` = %d OR `rel` = %d ) AND `poll` != '' AND `network` != '%s' $sql_extra - AND `self` = 0 AND `blocked` = 0 AND `readonly` = 0 ORDER BY RAND()", + AND `self` = 0 AND `contact`.`blocked` = 0 AND `contact`.`readonly` = 0 + AND `user`.`account_expired` = 0 ORDER BY RAND()", intval(CONTACT_IS_SHARING), intval(CONTACT_IS_FRIEND), dbesc(NETWORK_DIASPORA) -- cgit v1.2.3 From fd18b42a5a4dfb212dac1272294a0934076183b7 Mon Sep 17 00:00:00 2001 From: Friendika Date: Mon, 19 Sep 2011 03:30:59 -0700 Subject: Check all keys before use --- include/conversation.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/conversation.php b/include/conversation.php index 4398d6a5c..7cea54db5 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -485,6 +485,7 @@ function conversation(&$a, $items, $mode, $update) { $tmp_item = replace_macros($template,array( + '$body' => $body, '$id' => $item['item_id'], '$linktitle' => sprintf( t('View %s\'s profile @ %s'), $profile_name, ((strlen($item['author-link'])) ? $item['author-link'] : $item['url'])), '$olinktitle' => sprintf( t('View %s\'s profile @ %s'), $profile_name, ((strlen($item['owner-link'])) ? $item['owner-link'] : $item['url'])), @@ -498,7 +499,6 @@ function conversation(&$a, $items, $mode, $update) { '$osparkle' => $osparkle, '$sparkle' => $sparkle, '$title' => $item['title'], - '$body' => $body, '$ago' => ((($item['app']) && ($item['id'] == $item['parent'])) ? sprintf( t('%s from %s'),relative_date($item['created']),$item['app']) : relative_date($item['created'])), '$lock' => $lock, '$location' => $location, @@ -514,6 +514,7 @@ function conversation(&$a, $items, $mode, $update) { '$like' => $like, '$dislike' => $dislike, '$comment' => $comment + )); -- cgit v1.2.3 From 97deaa31187868e200988a3fcd3722c49760fd4d Mon Sep 17 00:00:00 2001 From: Friendika Date: Mon, 19 Sep 2011 03:36:41 -0700 Subject: resume strict verification of Diaspora messages --- include/diaspora.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/diaspora.php b/include/diaspora.php index 3c28373ea..425bc722f 100644 --- a/include/diaspora.php +++ b/include/diaspora.php @@ -383,7 +383,7 @@ function diaspora_decode($importer,$xml) { if(! $verify) { logger('mod-diaspora: Message did not verify. Discarding.'); -// http_status_exit(400); + http_status_exit(400); } logger('mod-diaspora: Message verified.'); -- cgit v1.2.3 From 63277b57fc6557c5f59fefd1ae738ad3c3e2a9f1 Mon Sep 17 00:00:00 2001 From: Friendika Date: Mon, 19 Sep 2011 19:46:18 -0700 Subject: template escapes --- include/conversation.php | 10 +++++----- include/template_processor.php | 20 +++++++++++++++++++- 2 files changed, 24 insertions(+), 6 deletions(-) (limited to 'include') diff --git a/include/conversation.php b/include/conversation.php index 7cea54db5..b7fba9154 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -485,7 +485,7 @@ function conversation(&$a, $items, $mode, $update) { $tmp_item = replace_macros($template,array( - '$body' => $body, + '$body' => template_escape($body), '$id' => $item['item_id'], '$linktitle' => sprintf( t('View %s\'s profile @ %s'), $profile_name, ((strlen($item['author-link'])) ? $item['author-link'] : $item['url'])), '$olinktitle' => sprintf( t('View %s\'s profile @ %s'), $profile_name, ((strlen($item['owner-link'])) ? $item['owner-link'] : $item['url'])), @@ -494,18 +494,18 @@ function conversation(&$a, $items, $mode, $update) { '$vwall' => t('via Wall-To-Wall:'), '$profile_url' => $profile_link, '$item_photo_menu' => item_photo_menu($item), - '$name' => $profile_name, + '$name' => template_escape($profile_name), '$thumb' => $profile_avatar, '$osparkle' => $osparkle, '$sparkle' => $sparkle, - '$title' => $item['title'], + '$title' => template_escape($item['title']), '$ago' => ((($item['app']) && ($item['id'] == $item['parent'])) ? sprintf( t('%s from %s'),relative_date($item['created']),$item['app']) : relative_date($item['created'])), '$lock' => $lock, - '$location' => $location, + '$location' => template_escape($location), '$indent' => $indent, '$owner_url' => $owner_url, '$owner_photo' => $owner_photo, - '$owner_name' => $owner_name, + '$owner_name' => template_escape($owner_name), '$plink' => get_plink($item), '$edpost' => $edpost, '$star' => $star, diff --git a/include/template_processor.php b/include/template_processor.php index dc5c24de3..90452daca 100644 --- a/include/template_processor.php +++ b/include/template_processor.php @@ -196,8 +196,26 @@ $os=$s; $count++; $s = str_replace($this->search,$this->replace, $s); } - return $s; + return template_unescape($s); } } $t = new Template; + + + + +function template_escape($s) { + + return str_replace(array('$','{{'),array('!_Doll^Ars1Az_!','!_DoubLe^BraceS4Rw_!'),$s); + + +} + +function template_unescape($s) { + + return str_replace(array('!_Doll^Ars1Az_!','!_DoubLe^BraceS4Rw_!'),array('$','{{'),$s); + + + +} -- cgit v1.2.3 From c2ccb78869b8dfbbbaa124c81d717e1edff56304 Mon Sep 17 00:00:00 2001 From: Friendika Date: Mon, 19 Sep 2011 19:51:14 -0700 Subject: template escapes --- include/conversation.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'include') diff --git a/include/conversation.php b/include/conversation.php index b7fba9154..a4069c9fd 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -214,18 +214,18 @@ function conversation(&$a, $items, $mode, $update) { '$linktitle' => sprintf( t('View %s\'s profile @ %s'), $profile_name, ((strlen($item['author-link'])) ? $item['author-link'] : $item['url'])), '$profile_url' => $profile_link, '$item_photo_menu' => item_photo_menu($item), - '$name' => $profile_name, + '$name' => template_escape($profile_name), '$sparkle' => $sparkle, '$lock' => $lock, '$thumb' => $profile_avatar, - '$title' => $item['title'], - '$body' => $body, + '$title' => template_escape($item['title']), + '$body' => template_escape($body), '$ago' => (($item['app']) ? sprintf( t('%s from %s'),relative_date($item['created']),$item['app']) : relative_date($item['created'])), - '$location' => $location, + '$location' => template_escape($location), '$indent' => '', '$owner_url' => $owner_url, '$owner_photo' => $owner_photo, - '$owner_name' => $owner_name, + '$owner_name' => template_escape($owner_name), '$star' => $star, '$drop' => $drop, '$conv' => '' . t('View in context') . '' -- cgit v1.2.3 From 9edf15d3ef0548a35862fab37eee1fd310705285 Mon Sep 17 00:00:00 2001 From: Friendika Date: Tue, 20 Sep 2011 01:49:08 -0700 Subject: structures for batch mode (Diaspora/zot) --- include/Scrape.php | 5 +++- include/diaspora.php | 11 +++----- include/network.php | 73 ++++++++++++++++++++++++++++++++++++++-------------- 3 files changed, 62 insertions(+), 27 deletions(-) (limited to 'include') diff --git a/include/Scrape.php b/include/Scrape.php index 58468a40d..0115bf2e7 100644 --- a/include/Scrape.php +++ b/include/Scrape.php @@ -496,8 +496,10 @@ function probe_url($url, $mode = PROBE_NORMAL) { } if($diaspora && $diaspora_base && $diaspora_guid) { - if($mode == PROBE_DIASPORA || ! $notify) + if($mode == PROBE_DIASPORA || ! $notify) { $notify = $diaspora_base . 'receive/users/' . $diaspora_guid; + $batch = $diaspora_base . 'receive/public' ; + } if(strpos($url,'@')) $addr = str_replace('acct:', '', $url); } @@ -675,6 +677,7 @@ function probe_url($url, $mode = PROBE_NORMAL) { $result['nick'] = $vcard['nick']; $result['url'] = $profile; $result['addr'] = $addr; + $result['batch'] = $batch; $result['notify'] = $notify; $result['poll'] = $poll; $result['request'] = $request; diff --git a/include/diaspora.php b/include/diaspora.php index 425bc722f..94c4e3098 100644 --- a/include/diaspora.php +++ b/include/diaspora.php @@ -68,6 +68,7 @@ function diaspora_get_contact_by_handle($uid,$handle) { } function find_diaspora_person_by_handle($handle) { + $update = false; $r = q("select * from fcontact where network = '%s' and addr = '%s' limit 1", dbesc(NETWORK_DIASPORA), dbesc($handle) @@ -75,18 +76,14 @@ function find_diaspora_person_by_handle($handle) { if(count($r)) { // update record occasionally so it doesn't get stale $d = strtotime($r[0]['updated'] . ' +00:00'); - if($d < strtotime('now - 14 days')) { - q("delete from fcontact where id = %d limit 1", - intval($r[0]['id']) - ); - } - else + if($d > strtotime('now - 14 days')) return $r[0]; + $update = true; } require_once('include/Scrape.php'); $r = probe_url($handle, PROBE_DIASPORA); if((count($r)) && ($r['network'] === NETWORK_DIASPORA)) { - add_fcontact($r); + add_fcontact($r,$update); return ($r); } return false; diff --git a/include/network.php b/include/network.php index deb257ff3..ec99d1e0d 100644 --- a/include/network.php +++ b/include/network.php @@ -701,24 +701,59 @@ function parse_xml_string($s,$strict = true) { return $x; }} -function add_fcontact($arr) { - - $r = q("insert into fcontact ( `url`,`name`,`photo`,`request`,`nick`,`addr`, - `notify`,`poll`,`confirm`,`network`,`alias`,`pubkey`,`updated` ) - values('%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s')", - dbesc($arr['url']), - dbesc($arr['name']), - dbesc($arr['photo']), - dbesc($arr['request']), - dbesc($arr['nick']), - dbesc($arr['addr']), - dbesc($arr['notify']), - dbesc($arr['poll']), - dbesc($arr['confirm']), - dbesc($arr['network']), - dbesc($arr['alias']), - dbesc($arr['pubkey']), - dbesc(datetime_convert()) - ); +function add_fcontact($arr,$update = false) { + + if($update) { + $r = q("UPDATE `fcontact` SET + `name` = '%s', + `photo` = '%s', + `request` = '%s', + `nick` = '%s', + `addr` = '%s', + `batch` = '%s', + `notify` = '%s', + `poll` = '%s', + `confirm` = '%s', + `alias` = '%s', + `pubkey` = '%s', + `updated` = '%s' + WHERE `url` = '%s' AND `network` = '%s' LIMIT 1", + dbesc($arr['name']), + dbesc($arr['photo']), + dbesc($arr['request']), + dbesc($arr['nick']), + dbesc($arr['addr']), + dbesc($arr['batch']), + dbesc($arr['notify']), + dbesc($arr['poll']), + dbesc($arr['confirm']), + dbesc($arr['network']), + dbesc($arr['alias']), + dbesc($arr['pubkey']), + dbesc(datetime_convert()), + dbesc($arr['url']), + dbesc($arr['network']) + ); + } + else { + $r = q("insert into fcontact ( `url`,`name`,`photo`,`request`,`nick`,`addr`, + `batch`, `notify`,`poll`,`confirm`,`network`,`alias`,`pubkey`,`updated` ) + values('%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s')", + dbesc($arr['url']), + dbesc($arr['name']), + dbesc($arr['photo']), + dbesc($arr['request']), + dbesc($arr['nick']), + dbesc($arr['addr']), + dbesc($arr['batch']), + dbesc($arr['notify']), + dbesc($arr['poll']), + dbesc($arr['confirm']), + dbesc($arr['network']), + dbesc($arr['alias']), + dbesc($arr['pubkey']), + dbesc(datetime_convert()) + ); + } return $r; } -- cgit v1.2.3 From 119cd9c0cee5e416199da900016609259598cb0b Mon Sep 17 00:00:00 2001 From: Friendika Date: Tue, 20 Sep 2011 04:07:24 -0700 Subject: more multiline regex fixes --- include/bbcode.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'include') diff --git a/include/bbcode.php b/include/bbcode.php index cbe19de54..9abc7c439 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -43,11 +43,11 @@ function bbcode($Text,$preserve_nl = false) { // Perform URL Search - $Text = preg_replace("/([^\]\=]|^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,]+)/", '$1$2', $Text); + $Text = preg_replace("/([^\]\=]|^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,]+)/ism", '$1$2', $Text); - $Text = preg_replace("/\[url\]([$URLSearchString]*)\[\/url\]/m", '$1', $Text); - $Text = preg_replace("/\[url\=([$URLSearchString]*)\](.*?)\[\/url\]/m", '$2', $Text); - //$Text = preg_replace("/\[url\=([$URLSearchString]*)\]([$URLSearchString]*)\[\/url\]/m", '$2', $Text); + $Text = preg_replace("/\[url\]([$URLSearchString]*)\[\/url\]/ism", '$1', $Text); + $Text = preg_replace("/\[url\=([$URLSearchString]*)\](.*?)\[\/url\]/ism", '$2', $Text); + //$Text = preg_replace("/\[url\=([$URLSearchString]*)\]([$URLSearchString]*)\[\/url\]/ism", '$2', $Text); // Perform MAIL Search @@ -95,7 +95,7 @@ function bbcode($Text,$preserve_nl = false) { // $Text = str_replace("[*]", "
  • ", $Text); // Check for font change text - $Text = preg_replace("/\[font=(.*?)\](.*?)\[\/font\]/m","$2",$Text); + $Text = preg_replace("/\[font=(.*?)\](.*?)\[\/font\]/sm","$2",$Text); // Declare the format for [code] layout -- cgit v1.2.3 From deeae7bdb5dffcdb8f11a604d7ca3078cfadf754 Mon Sep 17 00:00:00 2001 From: Friendika Date: Tue, 20 Sep 2011 15:23:36 -0700 Subject: diaspora markdown changes, parse_url format change --- include/bb2diaspora.php | 27 +++++---------------------- 1 file changed, 5 insertions(+), 22 deletions(-) (limited to 'include') diff --git a/include/bb2diaspora.php b/include/bb2diaspora.php index 5b240bdd2..3d6408bcf 100644 --- a/include/bb2diaspora.php +++ b/include/bb2diaspora.php @@ -3,30 +3,14 @@ require_once("include/oembed.php"); require_once('include/event.php'); - - +require_once('library/markdown.php'); +require_once('include/html2bbcode.php'); function diaspora2bb($s) { - // bug #127 - $s = preg_replace('/\[(.+?)\]\((.+?)[^\\\]_(.+?)\)/','[$1]($2\\_$3)',$s); - - - $s = str_replace(array('\\**','\\__','\\*','\\_'), array('-^doublestar^-','-^doublescore-^','-^star^-','-^score^-'),$s); - $s = preg_replace("/\*\*\*(.+?)\*\*\*/", '[b][i]$1[/i][/b]', $s); - $s = preg_replace("/\_\_\_(.+?)\_\_\_/", '[b][i]$1[/i][/b]', $s); - $s = preg_replace("/\*\*(.+?)\*\*/", '[b]$1[/b]', $s); - $s = preg_replace("/\_\_(.+?)\_\_/", '[b]$1[/b]', $s); - $s = preg_replace("/\*(.+?)\*/", '[i]$1[/i]', $s); - $s = preg_replace("/\_(.+?)\_/", '[i]$1[/i]', $s); - - $s = str_replace(array('-^doublestar^-','-^doublescore-^','-^star^-','-^score^-'), array('**','__','*','_'), $s); - $s = preg_replace('/\!\[(.+?)\]\((.+?)\)/','[img]$2[/img]',$s); - $s = preg_replace('/\[(.+?)\]\((.+?)\)/','[url=$2]$1[/url]',$s); $s = preg_replace('/\@\{(.+?)\; (.+?)\@(.+?)\}/','@[url=https://$3/u/$2]$1[/url]',$s); - - - $s = escape_tags($s); + $s = Markdown($s); + $s = html2bbcode($s); return $s; } @@ -188,8 +172,7 @@ function bb2diaspora($Text,$preserve_nl = false) { $Text = preg_replace("/\<(.*?)(src|href)=(.*?)\&\;(.*?)\>/ism",'<$1$2=$3&$4>',$Text); - $Text = preg_replace('/\[(.*?)\\\\_(.*?)\]\((.*?)\)/ism','[$1_$2]($3)',$Text); - $Text = preg_replace('/\[(.*?)\\\\\*(.*?)\]\((.*?)\)/ism','[$1*$2]($3)',$Text); + $Text = preg_replace('/\[(.*?)\]\((.*?)\\\\_(.*?)\)/ism','[$1]($2_$3)',$Text); call_hooks('bb2diaspora',$Text); -- cgit v1.2.3 From 1c8e89bd032d15cdabca98d5ae9c8032ed3dd497 Mon Sep 17 00:00:00 2001 From: Friendika Date: Tue, 20 Sep 2011 16:31:45 -0700 Subject: social bookmark API, oexchange enhancements --- include/text.php | 57 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 57 insertions(+) (limited to 'include') diff --git a/include/text.php b/include/text.php index 501121c80..9ed6d23bf 100644 --- a/include/text.php +++ b/include/text.php @@ -922,3 +922,60 @@ function base64url_decode($s) { function cc_license() { return '
    ' . t('Shared content is covered by the Creative Commons Attribution 3.0 license.') . '
    '; } + +if (!function_exists('str_getcsv')) { + function str_getcsv($input, $delimiter = ',', $enclosure = '"', $escape = '\\', $eol = '\n') { + if (is_string($input) && !empty($input)) { + $output = array(); + $tmp = preg_split("/".$eol."/",$input); + if (is_array($tmp) && !empty($tmp)) { + while (list($line_num, $line) = each($tmp)) { + if (preg_match("/".$escape.$enclosure."/",$line)) { + while ($strlen = strlen($line)) { + $pos_delimiter = strpos($line,$delimiter); + $pos_enclosure_start = strpos($line,$enclosure); + if ( + is_int($pos_delimiter) && is_int($pos_enclosure_start) + && ($pos_enclosure_start < $pos_delimiter) + ) { + $enclosed_str = substr($line,1); + $pos_enclosure_end = strpos($enclosed_str,$enclosure); + $enclosed_str = substr($enclosed_str,0,$pos_enclosure_end); + $output[$line_num][] = $enclosed_str; + $offset = $pos_enclosure_end+3; + } else { + if (empty($pos_delimiter) && empty($pos_enclosure_start)) { + $output[$line_num][] = substr($line,0); + $offset = strlen($line); + } else { + $output[$line_num][] = substr($line,0,$pos_delimiter); + $offset = ( + !empty($pos_enclosure_start) + && ($pos_enclosure_start < $pos_delimiter) + ) + ?$pos_enclosure_start + :$pos_delimiter+1; + } + } + $line = substr($line,$offset); + } + } else { + $line = preg_split("/".$delimiter."/",$line); + + /* + * Validating against pesky extra line breaks creating false rows. + */ + if (is_array($line) && !empty($line[0])) { + $output[$line_num] = $line; + } + } + } + return $output; + } else { + return false; + } + } else { + return false; + } + } +} \ No newline at end of file -- cgit v1.2.3 From 38444aedd732d65b2df57c9ebce712dfd53fbf4d Mon Sep 17 00:00:00 2001 From: Friendika Date: Tue, 20 Sep 2011 17:56:44 -0700 Subject: improvements to Twitter probe --- include/Scrape.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'include') diff --git a/include/Scrape.php b/include/Scrape.php index 0115bf2e7..fd41b7bc6 100644 --- a/include/Scrape.php +++ b/include/Scrape.php @@ -534,6 +534,9 @@ function probe_url($url, $mode = PROBE_NORMAL) { else $poll = $tapi . '?screen_name=' . $tid; $profile = 'http://twitter.com/#!/' . $tid; + $vcard['photo'] = 'https://api.twitter.com/1/users/profile_image/' . $tid; + $vcard['nick'] = $tid; + $vcar['fn'] = $tid . '@twitter'; } if(! x($vcard,'fn')) -- cgit v1.2.3 From 8294dde936349a58e2c1a974768f5662f2ca9c2e Mon Sep 17 00:00:00 2001 From: Friendika Date: Tue, 20 Sep 2011 17:59:18 -0700 Subject: typo in Twitter probe update --- include/Scrape.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/Scrape.php b/include/Scrape.php index fd41b7bc6..a55608c2d 100644 --- a/include/Scrape.php +++ b/include/Scrape.php @@ -536,7 +536,7 @@ function probe_url($url, $mode = PROBE_NORMAL) { $profile = 'http://twitter.com/#!/' . $tid; $vcard['photo'] = 'https://api.twitter.com/1/users/profile_image/' . $tid; $vcard['nick'] = $tid; - $vcar['fn'] = $tid . '@twitter'; + $vcard['fn'] = $tid . '@twitter'; } if(! x($vcard,'fn')) -- cgit v1.2.3 From 9115e9c90b749e1739d412df2d63ae96e0b89b3e Mon Sep 17 00:00:00 2001 From: Friendika Date: Tue, 20 Sep 2011 18:07:33 -0700 Subject: no need to scrape Twitter profile photo from page - it's no longer there. --- include/Scrape.php | 14 -------------- 1 file changed, 14 deletions(-) (limited to 'include') diff --git a/include/Scrape.php b/include/Scrape.php index a55608c2d..2af02fff5 100644 --- a/include/Scrape.php +++ b/include/Scrape.php @@ -249,20 +249,6 @@ function scrape_feed($url) { return $ret; - $items = $dom->getElementsByTagName('img'); - - // get img elements (twitter) - - if($items) { - foreach($items as $item) { - $x = $item->getAttribute('id'); - if($x === 'profile-image') { - $ret['photo'] = $item->getAttribute('src'); - } - } - } - - $head = $dom->getElementsByTagName('base'); if($head) { foreach($head as $head0) { -- cgit v1.2.3 From 11ca81adbaa033123ca1aa2c354fb3be6f5225d0 Mon Sep 17 00:00:00 2001 From: Friendika Date: Wed, 21 Sep 2011 05:43:26 -0700 Subject: keychecks --- include/bb2diaspora.php | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'include') diff --git a/include/bb2diaspora.php b/include/bb2diaspora.php index 3d6408bcf..c72c78445 100644 --- a/include/bb2diaspora.php +++ b/include/bb2diaspora.php @@ -11,6 +11,10 @@ function diaspora2bb($s) { $s = preg_replace('/\@\{(.+?)\; (.+?)\@(.+?)\}/','@[url=https://$3/u/$2]$1[/url]',$s); $s = Markdown($s); $s = html2bbcode($s); + +// $s = preg_replace('/\[url=(.+?)\(.+?)\]/ism','[url=$1_$2]',$s); +// $s = preg_replace('/\[url=(.+?)\<\/em\>(.+?)\]/ism','[url=$1_$2]',$s); + return $s; } -- cgit v1.2.3 From c63adcfae061809ce25217207f638b1e6c1d1bee Mon Sep 17 00:00:00 2001 From: Friendika Date: Wed, 21 Sep 2011 07:09:37 -0700 Subject: bug #159 multiple definition of string_plural_form function when changing languages --- include/pgettext.php | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'include') diff --git a/include/pgettext.php b/include/pgettext.php index 49f100737..c7fc58698 100644 --- a/include/pgettext.php +++ b/include/pgettext.php @@ -90,8 +90,11 @@ if(! function_exists('load_translation_table')) { function load_translation_table($lang) { global $a; - if(file_exists("view/$lang/strings.php")) + if(file_exists("view/$lang/strings.php")) { include("view/$lang/strings.php"); + } + else + $a->strings = array(); }} // translate string if translation exists @@ -110,12 +113,13 @@ function t($s) { if(! function_exists('tt')){ function tt($singular, $plural, $count){ - + global $lang; $a = get_app(); if(x($a->strings,$singular)) { $t = $a->strings[$singular]; - $k = string_plural_select($count); + $f = 'string_plural_select_' . str_replace('-','_',$lang); + $k = $f($count); return is_array($t)?$t[$k]:$t; } -- cgit v1.2.3 From 030e1e82c32a3061abf71ffb90e65f2b9197d8a4 Mon Sep 17 00:00:00 2001 From: Friendika Date: Wed, 21 Sep 2011 15:37:16 -0700 Subject: finish up ability to switch languages without function collision --- include/pgettext.php | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/pgettext.php b/include/pgettext.php index c7fc58698..83e76ba9d 100644 --- a/include/pgettext.php +++ b/include/pgettext.php @@ -119,6 +119,8 @@ function tt($singular, $plural, $count){ if(x($a->strings,$singular)) { $t = $a->strings[$singular]; $f = 'string_plural_select_' . str_replace('-','_',$lang); + if(! function_exists($f)) + $f = 'string_plural_select_default'; $k = $f($count); return is_array($t)?$t[$k]:$t; } @@ -128,4 +130,13 @@ function tt($singular, $plural, $count){ } else { return $singular; } -}} \ No newline at end of file +}} + +// provide a fallback which will not collide with +// a function defined in any language file + +if(! function_exists('string_plural_select_default')) { +function string_plural_select_default($n) { + return ($n != 1); +}} + -- cgit v1.2.3 From 542aa22eb94e0f20806552b83cec2e46cf3b6f1b Mon Sep 17 00:00:00 2001 From: Friendika Date: Wed, 21 Sep 2011 16:00:17 -0700 Subject: provide ability to unset session language --- include/text.php | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'include') diff --git a/include/text.php b/include/text.php index 9ed6d23bf..37af65c70 100644 --- a/include/text.php +++ b/include/text.php @@ -847,10 +847,16 @@ function lang_selector() { $o .= '
    ' + $jotnets .= '
    ' . t("Post to Email") . '
    '; } diff --git a/include/group.php b/include/group.php index 4f3d5ee91..edc3de76c 100644 --- a/include/group.php +++ b/include/group.php @@ -164,7 +164,7 @@ function group_side($every="contacts",$each="group",$edit = false, $group_id = 0 $createtext = t('Create a new group'); $linktext= t('Everybody'); - $selected = (($group_id == 0) ? ' class="group-selected" ' : ''); + $selected = (($group_id == 0) ? ' group-selected' : ''); $o .= <<< EOT
    @@ -172,7 +172,7 @@ $o .= <<< EOT "; -- cgit v1.2.3 From 6a9e22550d82595c4341290ca26e3afc5fe6300f Mon Sep 17 00:00:00 2001 From: Friendika Date: Sat, 24 Sep 2011 05:45:34 -0700 Subject: . --- include/text.php | 3 --- 1 file changed, 3 deletions(-) (limited to 'include') diff --git a/include/text.php b/include/text.php index 37af65c70..cc1818163 100644 --- a/include/text.php +++ b/include/text.php @@ -925,9 +925,6 @@ function base64url_decode($s) { return base64_decode(strtr($s,'-_','+/')); } -function cc_license() { -return '
    ' . t('Shared content is covered by the Creative Commons Attribution 3.0 license.') . '
    '; -} if (!function_exists('str_getcsv')) { function str_getcsv($input, $delimiter = ',', $enclosure = '"', $escape = '\\', $eol = '\n') { -- cgit v1.2.3 From cb1c6dd1e37ccbbea47867faf0142e5d2f653624 Mon Sep 17 00:00:00 2001 From: Devlon Duthie Date: Sun, 25 Sep 2011 13:20:19 -0500 Subject: really commiting files this time, still getting the hang of git. some images added, some classes added to groupidebar, contacts sidebar notification flags moved out of nav and into banner for testbubble the testbubble css tweaks --- include/group.php | 2 +- include/profile_advanced.php | 76 ++++++++++++++++++++++---------------------- 2 files changed, 39 insertions(+), 39 deletions(-) (limited to 'include') diff --git a/include/group.php b/include/group.php index edc3de76c..e3c7d33d4 100644 --- a/include/group.php +++ b/include/group.php @@ -167,7 +167,7 @@ function group_side($every="contacts",$each="group",$edit = false, $group_id = 0 $selected = (($group_id == 0) ? ' group-selected' : ''); $o .= <<< EOT -
    +

    Groups