From ec8091a102b9cb2f8f47ef87982533bcd5ba9886 Mon Sep 17 00:00:00 2001 From: redmatrix Date: Wed, 22 Jun 2016 18:00:18 -0700 Subject: use the normal html escape for '@' in addresses rather than the high-plane unicode variant. This makes it copy-able, but not easily scrape-able. --- include/channel.php | 2 +- include/widgets.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/channel.php b/include/channel.php index 562aedddc..a0424ee39 100644 --- a/include/channel.php +++ b/include/channel.php @@ -862,7 +862,7 @@ function profile_load(&$a, $nickname, $profile = '') { ); if($z) { $p[0]['picdate'] = $z[0]['xchan_photo_date']; - $p[0]['reddress'] = str_replace('@','@',$z[0]['xchan_addr']); + $p[0]['reddress'] = str_replace('@','@',$z[0]['xchan_addr']); } // fetch user tags if this isn't the default profile diff --git a/include/widgets.php b/include/widgets.php index cdd5d72ab..8a7f4b69f 100644 --- a/include/widgets.php +++ b/include/widgets.php @@ -1158,7 +1158,7 @@ function widget_cover_photo($arr) { if(array_key_exists('subtitle', $arr) && isset($arr['subtitle'])) $subtitle = $arr['subtitle']; else - $subtitle = $channel['xchan_addr']; + $subtitle = str_replace('@','@',$channel['xchan_addr']); $c = get_cover_photo($channel_id,'html'); -- cgit v1.2.3 From 1267d995ef031f6ecf4d1f1951a700dfdcbf6c8d Mon Sep 17 00:00:00 2001 From: redmatrix Date: Wed, 22 Jun 2016 19:08:59 -0700 Subject: db statement debugging --- include/dba/dba_driver.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/dba/dba_driver.php b/include/dba/dba_driver.php index df072ed76..f6091f6e1 100755 --- a/include/dba/dba_driver.php +++ b/include/dba/dba_driver.php @@ -90,7 +90,7 @@ abstract class dba_driver { protected $db; protected $pdo = array(); - public $debug = 0; + public $debug = 0; public $connected = false; public $error = false; @@ -332,6 +332,9 @@ function q($sql) { else db_logger('dba: vsprintf error: ' . print_r(debug_backtrace(), true),LOGGER_NORMAL,LOG_CRIT); } + if(\DBA::$dba->debug) + db_logger('Sql: ' . $stmt, LOGGER_DEBUG, LOG_INFO); + return \DBA::$dba->q($stmt); } -- cgit v1.2.3 From cef77ce5bb296829576f5d7a515b56a8b18f99eb Mon Sep 17 00:00:00 2001 From: redmatrix Date: Wed, 22 Jun 2016 19:22:59 -0700 Subject: the xchan_query wasn't fully optimised as we were comparing quoted and unquoted strings when looking for duplicates --- include/text.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'include') diff --git a/include/text.php b/include/text.php index 4f28c6dbc..12b6b1137 100644 --- a/include/text.php +++ b/include/text.php @@ -2089,9 +2089,9 @@ function xchan_query(&$items,$abook = true,$effective_uid = 0) { } foreach($items as $item) { - if($item['owner_xchan'] && (! in_array($item['owner_xchan'],$arr))) + if($item['owner_xchan'] && (! in_array("'" . dbesc($item['owner_xchan']) . "'",$arr))) $arr[] = "'" . dbesc($item['owner_xchan']) . "'"; - if($item['author_xchan'] && (! in_array($item['author_xchan'],$arr))) + if($item['author_xchan'] && (! in_array("'" . dbesc($item['author_xchan']) . "'",$arr))) $arr[] = "'" . dbesc($item['author_xchan']) . "'"; } } @@ -2124,9 +2124,9 @@ function xchan_mail_query(&$item) { $arr = array(); $chans = null; if($item) { - if($item['from_xchan'] && (! in_array($item['from_xchan'],$arr))) + if($item['from_xchan'] && (! in_array("'" . dbesc($item['from_xchan']) . "'",$arr))) $arr[] = "'" . dbesc($item['from_xchan']) . "'"; - if($item['to_xchan'] && (! in_array($item['to_xchan'],$arr))) + if($item['to_xchan'] && (! in_array("'" . dbesc($item['to_xchan']) . "'",$arr))) $arr[] = "'" . dbesc($item['to_xchan']) . "'"; } -- cgit v1.2.3 From acf26d5c63c8b3316d713ce08b397f35aae03460 Mon Sep 17 00:00:00 2001 From: redmatrix Date: Thu, 23 Jun 2016 01:17:44 -0700 Subject: code cleanup for profile_photos --- include/photos.php | 65 +++++++++++++++++++++++++++++++++++++----------------- 1 file changed, 45 insertions(+), 20 deletions(-) (limited to 'include') diff --git a/include/photos.php b/include/photos.php index da6118b38..c70478146 100644 --- a/include/photos.php +++ b/include/photos.php @@ -707,40 +707,65 @@ function gps2Num($coordPart) { return floatval($parts[0]) / floatval($parts[1]); } -function profile_photo_set_profile_perms($profileid = '') { +function profile_photo_set_profile_perms($uid, $profileid = 0) { $allowcid = ''; - if (x($profileid)) { - - $r = q("SELECT photo, profile_guid, id, is_default, uid FROM profile WHERE profile.id = %d OR profile.profile_guid = '%s' LIMIT 1", intval($profileid), dbesc($profileid)); - - } else { - + if($profileid) { + $r = q("SELECT photo, profile_guid, id, is_default, uid + FROM profile WHERE uid = %d and ( profile.id = %d OR profile.profile_guid = '%s') LIMIT 1", + intval($profileid), + dbesc($profileid) + ); + } + else { logger('Resetting permissions on default-profile-photo for user'.local_channel()); - $r = q("SELECT photo, profile_guid, id, is_default, uid FROM profile WHERE profile.uid = %d AND is_default = 1 LIMIT 1", intval(local_channel()) ); //If no profile is given, we update the default profile + + $r = q("SELECT photo, profile_guid, id, is_default, uid FROM profile + WHERE profile.uid = %d AND is_default = 1 LIMIT 1", + intval($uid) + ); //If no profile is given, we update the default profile } + if(! $r) + return; $profile = $r[0]; - if(x($profile['id']) && x($profile['photo'])) { - preg_match("@\w*(?=-\d*$)@i", $profile['photo'], $resource_id); - $resource_id = $resource_id[0]; + + if($profile['id'] && $profile['photo']) { + preg_match("@\w*(?=-\d*$)@i", $profile['photo'], $resource_id); + $resource_id = $resource_id[0]; - if (intval($profile['is_default']) != 1) { - $r0 = q("SELECT channel_hash FROM channel WHERE channel_id = %d LIMIT 1", intval(local_channel()) ); - $r1 = q("SELECT abook.abook_xchan FROM abook WHERE abook_profile = '%d' ", intval($profile['id'])); //Should not be needed in future. Catches old int-profile-ids. - $r2 = q("SELECT abook.abook_xchan FROM abook WHERE abook_profile = '%s'", dbesc($profile['profile_guid'])); + if (! intval($profile['is_default'])) { + $r0 = q("SELECT channel_hash FROM channel WHERE channel_id = %d LIMIT 1", + intval($uid) + ); + //Should not be needed in future. Catches old int-profile-ids. + $r1 = q("SELECT abook.abook_xchan FROM abook WHERE abook_profile = '%d' ", + intval($profile['id']) + ); + $r2 = q("SELECT abook.abook_xchan FROM abook WHERE abook_profile = '%s'", + dbesc($profile['profile_guid']) + ); $allowcid = "<" . $r0[0]['channel_hash'] . ">"; foreach ($r1 as $entry) { $allowcid .= "<" . $entry['abook_xchan'] . ">"; } foreach ($r2 as $entry) { - $allowcid .= "<" . $entry['abook_xchan'] . ">"; - } + $allowcid .= "<" . $entry['abook_xchan'] . ">"; + } - q("UPDATE `photo` SET allow_cid = '%s' WHERE resource_id = '%s' AND uid = %d",dbesc($allowcid),dbesc($resource_id),intval($profile['uid'])); + q("UPDATE photo SET allow_cid = '%s' WHERE resource_id = '%s' AND uid = %d", + dbesc($allowcid), + dbesc($resource_id), + intval($uid) + ); - } else { - q("UPDATE `photo` SET allow_cid = '' WHERE profile = 1 AND uid = %d",intval($profile['uid'])); //Reset permissions on default profile picture to public + } + else { + //Reset permissions on default profile picture to public + q("UPDATE photo SET allow_cid = '' WHERE photo_usage = %d AND uid = %d", + intval(PHOTO_PROFILE), + intval($uid) + ); } } -- cgit v1.2.3 From e5c66d94f22d0efcdec0796872e9be81bff1bb4e Mon Sep 17 00:00:00 2001 From: redmatrix Date: Thu, 23 Jun 2016 05:18:58 -0700 Subject: relocate the cache class --- include/cache.php | 44 -------------------------------------------- include/oembed.php | 6 ++++-- include/text.php | 28 ++-------------------------- 3 files changed, 6 insertions(+), 72 deletions(-) delete mode 100644 include/cache.php (limited to 'include') diff --git a/include/cache.php b/include/cache.php deleted file mode 100644 index 4a3f453e1..000000000 --- a/include/cache.php +++ /dev/null @@ -1,44 +0,0 @@ -= 5.4 - * - * @FIXME We already have php >= 5.4 requirements, so can we remove this? - */ -if(! function_exists('hex2bin')) { -function hex2bin($s) { - if(! (is_string($s) && strlen($s))) - return ''; - - if(strlen($s) & 1) { - logger('hex2bin: illegal hex string: ' . $s); - return $s; - } - - if(! ctype_xdigit($s)) { - return($s); - } - - return(pack("H*",$s)); -}} - - // Automatic pagination. // To use, get the count of total items. // Then call App::set_pager_total($number_items); @@ -1283,7 +1259,7 @@ function normalise_link($url) { * is https and the other isn't, or if one is www.something and the other * isn't - and also ignore case differences. * - * @see normalis_link() + * @see normalise_link() * * @param string $a * @param string $b @@ -1635,7 +1611,7 @@ function prepare_text($text, $content_type = 'text/bbcode', $cache = false) { function create_export_photo_body(&$item) { if(($item['verb'] === ACTIVITY_POST) && ($item['obj_type'] === ACTIVITY_OBJ_PHOTO)) { - $j = json_decode($item['object'],true); + $j = json_decode($item['obj'],true); if($j) { $item['body'] .= "\n\n" . (($j['body']) ? $j['body'] : $j['bbcode']); $item['sig'] = ''; -- cgit v1.2.3 From b19bbf54736b83afaa26aa11ba95c7816c7f8599 Mon Sep 17 00:00:00 2001 From: redmatrix Date: Thu, 23 Jun 2016 18:12:26 -0700 Subject: change AbConfig to use channel_id instead of channel_hash; which was a mistake in retrospect --- include/channel.php | 2 +- include/config.php | 16 ++++++++-------- include/zot.php | 5 ++--- 3 files changed, 11 insertions(+), 12 deletions(-) (limited to 'include') diff --git a/include/channel.php b/include/channel.php index a0424ee39..a7624f060 100644 --- a/include/channel.php +++ b/include/channel.php @@ -516,7 +516,7 @@ function identity_basic_export($channel_id, $items = false) { for($x = 0; $x < count($ret['abook']); $x ++) { $xchans[] = $ret['abook'][$x]['abook_chan']; - $abconfig = load_abconfig($ret['channel']['channel_hash'],$ret['abook'][$x]['abook_xchan']); + $abconfig = load_abconfig($channel_id,$ret['abook'][$x]['abook_xchan']); if($abconfig) $ret['abook'][$x]['abconfig'] = $abconfig; } diff --git a/include/config.php b/include/config.php index 65199283d..ece22793f 100644 --- a/include/config.php +++ b/include/config.php @@ -98,20 +98,20 @@ function del_aconfig($account_id, $family, $key) { } -function load_abconfig($chash,$xhash) { - Zlib\AbConfig::Load($chash,$xhash); +function load_abconfig($chan,$xhash) { + Zlib\AbConfig::Load($chan,$xhash); } -function get_abconfig($chash,$xhash,$family,$key) { - return Zlib\AbConfig::Get($chash,$xhash,$family,$key); +function get_abconfig($chan,$xhash,$family,$key) { + return Zlib\AbConfig::Get($chan,$xhash,$family,$key); } -function set_abconfig($chash,$xhash,$family,$key,$value) { - return Zlib\AbConfig::Set($chash,$xhash,$family,$key,$value); +function set_abconfig($chan,$xhash,$family,$key,$value) { + return Zlib\AbConfig::Set($chan,$xhash,$family,$key,$value); } -function del_abconfig($chash,$xhash,$family,$key) { - return Zlib\AbConfig::Delete($chash,$xhash,$family,$key); +function del_abconfig($chan,$xhash,$family,$key) { + return Zlib\AbConfig::Delete($chan,$xhash,$family,$key); } function load_iconfig(&$item) { diff --git a/include/zot.php b/include/zot.php index 2530e55bb..6dd789181 100644 --- a/include/zot.php +++ b/include/zot.php @@ -552,7 +552,7 @@ function zot_refresh($them, $channel = null, $force = false) { unset($new_connection[0]['abook_account']); unset($new_connection[0]['abook_channel']); - $abconfig = load_abconfig($channel['channel_hash'],$new_connection['abook_xchan']); + $abconfig = load_abconfig($channel['channel_id'],$new_connection['abook_xchan']); if($abconfig) $new_connection['abconfig'] = $abconfig; @@ -3335,8 +3335,7 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) { if($abconfig) { // @fixme does not handle sync of del_abconfig foreach($abconfig as $abc) { - if($abc['chan'] === $channel['channel_hash']) - set_abconfig($abc['chan'],$abc['xchan'],$abc['cat'],$abc['k'],$abc['v']); + set_abconfig($channel['channel_id'],$abc['xchan'],$abc['cat'],$abc['k'],$abc['v']); } } } -- cgit v1.2.3 From f66576f366462c5d1e98e0ba4eacea9911c85eee Mon Sep 17 00:00:00 2001 From: redmatrix Date: Sat, 25 Jun 2016 04:09:07 -0700 Subject: media (e.g. video) files weren't being detected correctly in oembed, causing the stream to try and load large videos (and failing) --- include/oembed.php | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) (limited to 'include') diff --git a/include/oembed.php b/include/oembed.php index f1d9bd7d2..fe068278e 100755 --- a/include/oembed.php +++ b/include/oembed.php @@ -27,12 +27,6 @@ function oembed_action($embedurl) { logger('oembed_action: ' . $embedurl, LOGGER_DEBUG, LOG_INFO); - // These media files should now be caught in bbcode.php - // left here as a fallback in case this is called from another source - - $noexts = array("mp3","mp4","ogg","ogv","oga","ogm","webm","opus"); - $ext = pathinfo(strtolower($embedurl),PATHINFO_EXTENSION); - if(strpos($embedurl,'http://') === 0) { if(intval(get_config('system','embed_sslonly'))) { $action = 'block'; @@ -121,14 +115,19 @@ function oembed_fetch_url($embedurl){ // These media files should now be caught in bbcode.php // left here as a fallback in case this is called from another source - $noexts = array("mp3","mp4","ogg","ogv","oga","ogm","webm","opus"); - $ext = pathinfo(strtolower($embedurl),PATHINFO_EXTENSION); + $noexts = array(".mp3",".mp4",".ogg",".ogv",".oga",".ogm",".webm",".opus"); $result = oembed_action($embedurl); $embedurl = $result['url']; $action = $result['action']; + foreach($noexts as $ext) { + if(strpos(strtolower($embedurl),$ext) !== false) { + $action = 'block'; + } + } + $txt = null; if($action !== 'block') { @@ -153,7 +152,7 @@ function oembed_fetch_url($embedurl){ } - if (! in_array($ext, $noexts) && $action !== 'block') { + if ($action !== 'block') { // try oembed autodiscovery $redirects = 0; $result = z_fetch_url($furl, false, $redirects, array('timeout' => 15, 'accept_content' => "text/*", 'novalidate' => true )); -- cgit v1.2.3