From 4274a2d06c9ee2c28acba0dac3d5353e13776581 Mon Sep 17 00:00:00 2001 From: friendica Date: Sun, 2 Nov 2014 00:06:52 -0700 Subject: add some more safety checks before turning the conversation request messages back on --- include/photos.php | 2 +- include/zot.php | 8 +++++--- 2 files changed, 6 insertions(+), 4 deletions(-) (limited to 'include') diff --git a/include/photos.php b/include/photos.php index badbbd791..adb7c988a 100644 --- a/include/photos.php +++ b/include/photos.php @@ -178,7 +178,7 @@ function photo_upload($channel, $observer, $args) { if($args['title']) $p['title'] = $args['title']; if($args['description']) - $p['desciprion'] = $args['description']; + $p['description'] = $args['description']; $r1 = $ph->save($p); diff --git a/include/zot.php b/include/zot.php index 24ace9cbb..153fa28bf 100644 --- a/include/zot.php +++ b/include/zot.php @@ -1448,11 +1448,13 @@ function process_delivery($sender,$arr,$deliveries,$relay,$public = false,$reque // Don't do this if it's a relay post as we're the ones who are supposed to have the copy and we don't want the request to loop. // Also don't do this if this comment came from a conversation request packet. It's possible that comments are allowed but posting // isn't and that could cause a conversation fetch loop. We can detect these packets since they are delivered via a 'notify' packet type - // that has a message_id element in the initial zot packet (just like the corresponding 'request' packet type which makes the request). + // that has a message_id element in the initial zot packet (just like the corresponding 'request' packet type which makes the request). + // We'll also check the send_stream permission, because if it isn't allowed the top level post is unlikely to be imported and + // this is just an exercise in futility. - if((! $relay) && (! $request)) + if((! $relay) && (! $request) && (! $public) && perm_is_allowed($channel['channel_id'],$sender['hash'],'send_stream')) { proc_run('php', 'include/notifier.php', 'request', $channel['channel_id'], $sender['hash'], $arr['parent_mid']); - + } continue; } if($relay) { -- cgit v1.2.3 From 285d6f61e4bf8aeaa3294ac4b7af43366a1448e9 Mon Sep 17 00:00:00 2001 From: friendica Date: Sun, 2 Nov 2014 15:28:20 -0800 Subject: I'm going to try again with the conversation request packets. I've looked this over and tested a lot of edge cases, and thought about from every angle I can think of to prevent looping. I don't *think* this can loop. I also doubt that this is the problem at friendicared.de, but I don't know for sure what that problem might be. --- include/deliver.php | 7 ++++-- include/zot.php | 66 ++++++++++++++++++++++++++++++++++++++++++++--------- 2 files changed, 60 insertions(+), 13 deletions(-) (limited to 'include') diff --git a/include/deliver.php b/include/deliver.php index 8f6ba543d..729018448 100644 --- a/include/deliver.php +++ b/include/deliver.php @@ -40,6 +40,10 @@ function deliver_run($argv, $argc) { $notify = json_decode($r[0]['outq_notify'],true); + // Check if this is a conversation request packet. It won't have outq_msg + // but will be an encrypted packet - so will need to be handed off to + // web delivery rather than processed inline. + $sendtoweb = false; if(array_key_exists('iv',$notify) && (! $r[0]['outq_msg'])) $sendtoweb = true; @@ -48,8 +52,7 @@ function deliver_run($argv, $argc) { logger('deliver: local delivery', LOGGER_DEBUG); // local delivery // we should probably batch these and save a few delivery processes - // If there is no outq_msg, this is a refresh_all message which does not require local handling - // also send 'request' packets to the webservice so it can decode the packet + if($r[0]['outq_msg']) { $m = json_decode($r[0]['outq_msg'],true); if(array_key_exists('message_list',$m)) { diff --git a/include/zot.php b/include/zot.php index 153fa28bf..f18830e78 100644 --- a/include/zot.php +++ b/include/zot.php @@ -1082,6 +1082,8 @@ function zot_import($arr, $sender_url) { } $message_request = ((array_key_exists('message_id',$i['notify'])) ? true : false); + if($message_request) + logger('processing message request'); $i['notify']['sender']['hash'] = make_xchan_hash($i['notify']['sender']['guid'],$i['notify']['sender']['guid_sig']); $deliveries = null; @@ -1444,15 +1446,22 @@ function process_delivery($sender,$arr,$deliveries,$relay,$public = false,$reque if(! $r) { $result[] = array($d['hash'],'comment parent not found',$channel['channel_name'] . ' <' . $channel['channel_address'] . '@' . get_app()->get_hostname() . '>',$arr['mid']); - // We don't seem to have a copy of this conversation or at least the parent - so request a copy of the entire conversation to date. - // Don't do this if it's a relay post as we're the ones who are supposed to have the copy and we don't want the request to loop. - // Also don't do this if this comment came from a conversation request packet. It's possible that comments are allowed but posting - // isn't and that could cause a conversation fetch loop. We can detect these packets since they are delivered via a 'notify' packet type - // that has a message_id element in the initial zot packet (just like the corresponding 'request' packet type which makes the request). - // We'll also check the send_stream permission, because if it isn't allowed the top level post is unlikely to be imported and + // We don't seem to have a copy of this conversation or at least the parent + // - so request a copy of the entire conversation to date. + // Don't do this if it's a relay post as we're the ones who are supposed to + // have the copy and we don't want the request to loop. + // Also don't do this if this comment came from a conversation request packet. + // It's possible that comments are allowed but posting isn't and that could + // cause a conversation fetch loop. We can detect these packets since they are + // delivered via a 'notify' packet type that has a message_id element in the + // initial zot packet (just like the corresponding 'request' packet type which + // makes the request). + // We'll also check the send_stream permission - because if it isn't allowed, + // the top level post is unlikely to be imported and // this is just an exercise in futility. - if((! $relay) && (! $request) && (! $public) && perm_is_allowed($channel['channel_id'],$sender['hash'],'send_stream')) { + if((! $relay) && (! $request) && (! $public) + && perm_is_allowed($channel['channel_id'],$sender['hash'],'send_stream')) { proc_run('php', 'include/notifier.php', 'request', $channel['channel_id'], $sender['hash'], $arr['parent_mid']); } continue; @@ -2812,12 +2821,25 @@ function import_author_zot($x) { return false; } + +/** + * @function zot_process_message_request($data) + * If a site receives a comment to a post but finds they have no parent to attach it with, they + * may send a 'request' packet containing the message_id of the missing parent. This is the handler + * for that packet. We will create a message_list array of the entire conversation starting with + * the missing parent and invoke delivery to the sender of the packet. + * + * include/deliver.php (for local delivery) and mod/post.php (for web delivery) detect the existence of + * this 'message_list' at the destination and split it into individual messages which are + * processed/delivered in order. + * + * Called from mod/post.php + */ + + function zot_process_message_request($data) { $ret = array('success' => false); -// note: disabled until the loops stop. - return $ret; - if(! $data['message_id']) { $ret['message'] = 'no message_id'; logger('no message_id'); @@ -2827,6 +2849,10 @@ function zot_process_message_request($data) { $sender = $data['sender']; $sender_hash = make_xchan_hash($sender['guid'],$sender['guid_sig']); + /* + * Find the local channel in charge of this post (the first and only recipient of the request packet) + */ + $arr = $data['recipients'][0]; $recip_hash = make_xchan_hash($arr['guid'],$arr['guid_sig']); $c = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_hash = '%s' limit 1", @@ -2837,13 +2863,20 @@ function zot_process_message_request($data) { $ret['message'] .= 'recipient not found.' . EOL; return $ret; } + + /* + * fetch the requested conversation + */ + $messages = zot_feed($c[0]['channel_id'],$sender_hash,array('message_id' => $data['message_id'])); + if($messages) { $env_recips = null; $r = q("select hubloc_guid, hubloc_url, hubloc_sitekey, hubloc_network, hubloc_flags, hubloc_callback, hubloc_host - from hubloc where hubloc_hash = '" . dbesc($sender_hash) . "' and not (hubloc_flags & %d) + from hubloc where hubloc_hash = '%s' and not (hubloc_flags & %d) and not (hubloc_status & %d) group by hubloc_sitekey", + dbesc($sender_hash), intval(HUBLOC_FLAGS_DELETED), intval(HUBLOC_OFFLINE) ); @@ -2858,10 +2891,16 @@ function zot_process_message_request($data) { $private = ((array_key_exists('flags',$messages[0]) && in_array('private',$messages[0]['flags'])) ? true : false); if($private) $env_recips = array('guid' => $sender['guid'],'guid_sig' => $sender['guid_sig'],'hash' => $sender_hash); + $data_packet = json_encode(array('message_list' => $messages)); foreach($hubs as $hub) { $hash = random_string(); + + /* + * create a notify packet and drop the actual message packet in the queue for pickup + */ + $n = zot_build_packet($c[0],'notify',$env_recips,(($private) ? $hub['hubloc_sitekey'] : null),$hash,array('message_id' => $data['message_id'])); q("insert into outq ( outq_hash, outq_account, outq_channel, outq_driver, outq_posturl, outq_async, outq_created, outq_updated, outq_notify, outq_msg ) @@ -2877,6 +2916,11 @@ function zot_process_message_request($data) { dbesc($n), dbesc($data_packet) ); + + /* + * invoke delivery to send out the notify packet + */ + proc_run('php','include/deliver.php',$hash); } -- cgit v1.2.3 From 0e4f318b71fc454c3a0ce6f0e073d9808ff00269 Mon Sep 17 00:00:00 2001 From: friendica Date: Sun, 2 Nov 2014 19:22:18 -0800 Subject: php warnings --- include/zot.php | 46 +++++++++++++++++++++++----------------------- 1 file changed, 23 insertions(+), 23 deletions(-) (limited to 'include') diff --git a/include/zot.php b/include/zot.php index f18830e78..f1ff084ac 100644 --- a/include/zot.php +++ b/include/zot.php @@ -5,7 +5,7 @@ require_once('include/items.php'); require_once('include/hubloc.php'); /** - * Red implementation of zot protocol. + * Red implementation of zot protocol. * * https://github.com/friendica/red/wiki/zot * https://github.com/friendica/red/wiki/Zot---A-High-Level-Overview @@ -20,8 +20,8 @@ require_once('include/hubloc.php'); * Generates a unique string for use as a zot guid using our DNS-based url, the channel nickname and some entropy. * The entropy ensures uniqueness against re-installs where the same URL and nickname are chosen. * NOTE: zot doesn't require this to be unique. Internally we use a whirlpool hash of this guid and the signature - * of this guid signed with the channel private key. This can be verified and should make the probability of - * collision of the verified result negligible within the constraints of our immediate universe. + * of this guid signed with the channel private key. This can be verified and should make the probability of + * collision of the verified result negligible within the constraints of our immediate universe. * * @param string channel_nickname = unique nickname of controlling entity * @@ -51,7 +51,7 @@ function make_xchan_hash($guid,$guid_sig) { /** * @function zot_get_hublocs($hash) - * Given a zot hash, return all distinct hubs. + * Given a zot hash, return all distinct hubs. * This function is used in building the zot discovery packet * and therefore should only be used by channels which are defined * on this hub @@ -71,7 +71,7 @@ function make_xchan_hash($guid,$guid_sig) { * hubloc_connect char(255) * hubloc_sitekey text * hubloc_updated datetime - * hubloc_connected datetime + * hubloc_connected datetime * */ @@ -85,21 +85,21 @@ function zot_get_hublocs($hash) { ); return $ret; } - + /** * * @function zot_build_packet($channel,$type = 'notify',$recipients = null, $remote_key = null, $secret = null) * builds a zot notification packet that you can either - * store in the queue with a message array or call zot_zot to immediately + * store in the queue with a message array or call zot_zot to immediately * zot it to the other side * * @param array $channel => sender channel structure * @param string $type => packet type: one of 'ping', 'pickup', 'purge', 'refresh', 'force_refresh', 'notify', 'auth_check' * @param array $recipients => envelope information, array ( 'guid' => string, 'guid_sig' => string ); empty for public posts * @param string $remote_key => optional public site key of target hub used to encrypt entire packet - * NOTE: remote_key and encrypted packets are required for 'auth_check' packets, optional for all others + * NOTE: remote_key and encrypted packets are required for 'auth_check' packets, optional for all others * @param string $secret => random string, required for packets which require verification/callback - * e.g. 'pickup', 'purge', 'notify', 'auth_check'. Packet types 'ping', 'force_refresh', and 'refresh' do not require verification + * e.g. 'pickup', 'purge', 'notify', 'auth_check'. Packet types 'ping', 'force_refresh', and 'refresh' do not require verification * * @returns string json encoded zot packet */ @@ -1071,7 +1071,7 @@ function zot_import($arr, $sender_url) { if(array_key_exists('iv',$i['notify'])) { $i['notify'] = json_decode(crypto_unencapsulate($i['notify'],get_config('system','prvkey')),true); - } + } logger('zot_import: notify: ' . print_r($i['notify'],true), LOGGER_DATA); @@ -1107,7 +1107,7 @@ function zot_import($arr, $sender_url) { // It's a specifically targetted post. If we were sent a public_scope hint (likely), // get rid of it so that it doesn't get stored and cause trouble. - if(array_key_exists('message',$i) && array_key_exists('public_scope',$i['message'])) + if(($i) && is_array($i) && array_key_exists('message',$i) && is_array($i['message']) && array_key_exists('public_scope',$i['message'])) unset($i['message']['public_scope']); $deliveries = $r; @@ -2460,8 +2460,8 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) { $channel = $r[0]; - $max_friends = service_class_fetch($channel['channel_id'],'total_channels'); - $max_feeds = account_service_class_fetch($channel['channel_account_id'],'total_feeds'); + $max_friends = service_class_fetch($channel['channel_id'],'total_channels'); + $max_feeds = account_service_class_fetch($channel['channel_account_id'],'total_feeds'); if($channel['channel_hash'] != $sender['hash']) { @@ -2547,7 +2547,7 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) { continue; } $j = json_decode($f['body'],true); - if(! ($j['success'] && $j['guid'])) { + if(! ($j['success'] && $j['guid'])) { logger('process_channel_sync_delivery: probe failed.'); continue; } @@ -2646,8 +2646,8 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) { intval($channel['channel_id']), intval($cl['visible']), intval($cl['deleted']), - dbesc($cl['name']) - ); + dbesc($cl['name']) + ); } // now look for any collections locally which weren't in the list we just received. @@ -2877,13 +2877,13 @@ function zot_process_message_request($data) { from hubloc where hubloc_hash = '%s' and not (hubloc_flags & %d) and not (hubloc_status & %d) group by hubloc_sitekey", dbesc($sender_hash), - intval(HUBLOC_FLAGS_DELETED), - intval(HUBLOC_OFFLINE) - ); - if(! $r) { - logger('no hubs'); - return $ret; - } + intval(HUBLOC_FLAGS_DELETED), + intval(HUBLOC_OFFLINE) + ); + if(! $r) { + logger('no hubs'); + return $ret; + } $hubs = $r; $hublist = array(); $keys = array(); -- cgit v1.2.3 From ac858f4bd4fcb9c65cbc7b19288cdad0076aa072 Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 3 Nov 2014 01:06:02 -0800 Subject: provide example import script --- include/Import/Importer.php | 94 +++++++++++++++ include/Import/refimport.php | 282 +++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 376 insertions(+) create mode 100644 include/Import/Importer.php create mode 100644 include/Import/refimport.php (limited to 'include') diff --git a/include/Import/Importer.php b/include/Import/Importer.php new file mode 100644 index 000000000..c42344236 --- /dev/null +++ b/include/Import/Importer.php @@ -0,0 +1,94 @@ +credentials = $this->get_credentials(); + $this->itemlist = $this->get_itemlist(); + if($this->itemlist) { + $this->src_items = array(); + $this->items = array(); + $cnt = 0; + foreach($this->itemlist as $item) { + $ident = $item->get_item_ident($item); + $this->src_items[$ident]['item'] = $this->get_item($ident); + $this->src_items[$ident]['taxonomy'] = $this->get_taxonomy($ident); + $this->src_items[$ident]['children'] = $this->get_children($ident); + $this->items[$cnt]['item'] = $this->convert_item($ident); + $this->items[$cnt]['item']['term'] = $this->convert_taxonomy($ident); + if($this->src_items[$ident]['children']) { + $this->items[$cnt]['children'] = array(); + foreach($this->src_items[$ident]['children'] as $child) { + $this[$cnt]['children'][] = $this->convert_child($child); + } + } + $cnt ++; + } + + + + + } + + + + + + + } + + +} \ No newline at end of file diff --git a/include/Import/refimport.php b/include/Import/refimport.php new file mode 100644 index 000000000..4f2572660 --- /dev/null +++ b/include/Import/refimport.php @@ -0,0 +1,282 @@ + $channel['channel_id'], + 'type' => TERM_CATEGORY, + 'otype' => TERM_OBJ_POST, + 'term' => trim($tax['name']), + 'url' => $channel['xchan_url'] . '?f=&cat=' . urlencode(trim($tax['name'])) + ); + } + } + + // store the item + + if($arr['id']) + item_store_update($arr); + else + item_store($arr); + + // if there are any comments, process them + // $comment['registered'] is somebody with an account on the system. Others are mostly anonymous + + if($j['comments']) { + foreach($j['comments'] as $comment) { + $user = (($comment['registered']) ? reflect_find_user($users,$comment['author']) : null); + reflect_comment_store($channel,$arr,$comment,$user); + } + } + $processed ++; + + if(REFLECT_MAXPERRUN && $processed > REFLECT_MAXPERRUN) + break; + } + return 'processed: ' . $processed . EOL . 'completed: ' . $ignored . EOL; + +} + +function reflect_article_callback($matches) { + return '[zrl=' . z_root() . '/display/'. $matches[1] . ']' . $matches[2] . '[/zrl]'; +} + +function reflect_photo_callback($matches) { + + if(strpos($matches[2],'http') !== false) + return $matches[0]; + + $prefix = REFLECT_BASEURL; + $x = z_fetch_url($prefix.$matches[2],true); + + $hash = basename($matches[2]); + + if($x['success']) { + $channel = reflect_get_channel(); + require_once('include/photos.php'); + $p = photo_upload($channel,$channel, + array('data' => $x['body'], + 'resource_id' => str_replace('-','',$hash), + 'filename' => $hash . '.jpg', + 'type' => 'image/jpeg', + 'not_visible' => true + ) + ); + + if($p['success']) + $newlink = $p['resource_id'] . '-0.jpg'; + + + // import photo and locate the link for it. + return '[zmg]' . z_root() . '/photo/' . $newlink . '[/zmg]'; + + } + // no replacement. Leave it alone. + return $matches[0]; +} + +function reflect_find_user($users,$name) { + if($users) { + foreach($users as $x) { + if($x['name'] === $name) { + return $x; + } + } + } + + return false; + +} + +function reflect_comment_store($channel,$post,$comment,$user) { + + // if the commenter was the channel owner, use their redmatrix xchan + + if($comment['author'] === REFLECT_EXPORTUSERNAME && $comment['registered']) + $hash = $channel['xchan_hash']; + else { + // we need a unique hash for the commenter. We don't know how many may have supplied + // http://yahoo.com as their URL, so we'll use their avatar guid if they have one. + // anonymous folks may get more than one xchan_hash if they commented more than once. + + $hash = (($comment['registered'] && $user) ? $user['avatar'] : ''); + if(! $hash) + $hash = random_string() . '.unknown'; + + // create an xchan for them which will also import their profile photo + // they will have a network type 'unknown'. + + $x = array( + 'hash' => $hash, + 'guid' => $hash, + 'url' => (($comment['url']) ? $comment['url'] : z_root()), + 'photo' => (($user) ? REFLECT_BASEURL . $user['avatar'] : z_root() . '/' . get_default_profile_photo()), + 'name' => $comment['author'] + ); + xchan_store($x); + + } + + $arr = array(); + + $r = q("select * from item where mid = '%s' and uid = %d limit 1", + dbesc($comment['guid']), + intval($channel['channel_id']) + ); + if($r) { + if(REFLECT_OVERWRITE) + $arr['id'] = $r[0]['id']; + else + return; + } + + // this is a lot like storing the post except for subtle differences, like parent_mid, flags, author_xchan, + // and we don't have a comment edited field so use creation date + + $arr['uid'] = $channel['channel_account_id']; + $arr['aid'] = $channel['channel_id']; + $arr['mid'] = $comment['guid']; + $arr['parent_mid'] = $post['mid']; + $arr['created'] = $comment['created']; + $arr['edited'] = $comment['created']; + $arr['author_xchan'] = $hash; + $arr['owner_xchan'] = $channel['channel_hash']; + $arr['item_flags'] = ITEM_ORIGIN|ITEM_WALL; + $arr['verb'] = ACTIVITY_POST; + $arr['comment_policy'] = 'contacts'; + + + $arr['title'] = html2bbcode($comment['title']); + $arr['title'] = htmlspecialchars($arr['title'],ENT_COMPAT,'UTF-8',false); + + + $arr['body'] = html2bbcode($comment['body']); + $arr['body'] = htmlspecialchars($arr['body'],ENT_COMPAT,'UTF-8',false); + $arr['body'] = preg_replace_callback("/\[url\=\/+article\/(.*?)\](.*?)\[url\]/",'reflect_article_callback',$arr['body']); + $arr['body'] = preg_replace_callback("/\[img(.*?)\](.*?)\[\/img\]/",'reflect_photo_callback',$arr['body']); + + // logger('comment: ' . print_r($arr,true)); + + if($arr['id']) + item_store_update($arr); + else + item_store($arr); + +} -- cgit v1.2.3 From 9984ff37e5df237ccdd0169387ade070babfd666 Mon Sep 17 00:00:00 2001 From: Thomas Willingham Date: Mon, 3 Nov 2014 15:33:59 +0000 Subject: innodb issue --- include/session.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/session.php b/include/session.php index b531688e2..8500e2cd3 100644 --- a/include/session.php +++ b/include/session.php @@ -84,8 +84,9 @@ function ref_session_destroy ($id) { function ref_session_gc($expire) { q("DELETE FROM session WHERE expire < %d", dbesc(time())); - q("OPTIMIZE TABLE session"); - return true; + if (! get_config('system','innodb')) + q("OPTIMIZE TABLE session"); + return true; } $gc_probability = 50; -- cgit v1.2.3 From a6d8c3193a6fc243f3e516118c793e5b871b8247 Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 3 Nov 2014 14:49:03 -0800 Subject: various UI issues related to having an enormous number of entries in the posted_date selector including years/months that had no posts --- include/items.php | 7 +++++-- include/widgets.php | 17 +++++++++++++++-- 2 files changed, 20 insertions(+), 4 deletions(-) (limited to 'include') diff --git a/include/items.php b/include/items.php index d173e1a98..325947341 100755 --- a/include/items.php +++ b/include/items.php @@ -4128,10 +4128,13 @@ function first_post_date($uid,$wall = false) { * current flat list of all representative dates. */ -function list_post_dates($uid,$wall) { +function list_post_dates($uid,$wall,$mindate) { $dnow = datetime_convert('',date_default_timezone_get(),'now','Y-m-d'); - $dthen = first_post_date($uid,$wall); + if($mindate) + $dthen = datetime_convert('',date_default_timezone_get(),$mindate); + else + $dthen = first_post_date($uid,$wall); if(! $dthen) return array(); diff --git a/include/widgets.php b/include/widgets.php index 2e406aa77..703bc07a8 100644 --- a/include/widgets.php +++ b/include/widgets.php @@ -330,19 +330,32 @@ function widget_archive($arr) { $wall = ((array_key_exists('wall', $arr)) ? intval($arr['wall']) : 0); $style = ((array_key_exists('style', $arr)) ? $arr['style'] : 'select'); + $showend = ((get_pconfig($uid,'system','archive_show_end_date')) ? true : false); + $mindate = get_pconfig($uid,'system','archive_mindate'); + $visible_years = get_pconfig($uid,'system','archive_visible_years'); + if(! $visible_years) + $visible_years = 5; + + $url = z_root() . '/' . $a->cmd; - $ret = list_post_dates($uid,$wall); + $ret = list_post_dates($uid,$wall,$mindate); if(! count($ret)) return ''; + $cutoff_year = intval(datetime_convert('',date_default_timezone_get(),'now','Y')) - $visible_years; + $cutoff = ((array_key_exists($cutoff_year,$ret))? true : false); + $o = replace_macros(get_markup_template('posted_date_widget.tpl'),array( '$title' => t('Archives'), - '$size' => ((count($ret) > 6) ? 6 : count($ret)), + '$size' => $visible_years, + '$cutoff_year' => $cutoff_year, + '$cutoff' => $cutoff, '$url' => $url, '$style' => $style, + '$showend' => $showend, '$dates' => $ret )); return $o; -- cgit v1.2.3 From d5d6158973ecb83b63d42c57c96dce849842c83b Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 4 Nov 2014 17:11:02 -0800 Subject: ok heads up - potentially destabilising change. I've tried to sort out all the default connection permissions for those who don't have a predefined (or therefore have a "custom") permissions role. Unfortunately this includes most people that were using this software more than a month ago. The real changes are that the SELF address book entry no longer holds "auto-permissions" but instead holds your "default permissions" (if you have a pre-defined role, the defaults will be pulled from the role table). The auto permissions have moved to a pconfig (uid.system.autoperms). A DB update will move these settings into their new homes. What used to be the "Auto-permissions settings" page is now the "default permissions settings" page and a checkbox therein decides whether or not to apply the permissions automatically. A link to this page will only be shown when you have the "custom" role selected. With luck nobody will notice anything wrong. But at least for the next few days, please review permissions that have been assigned to new connections (either automatically or manually) and make sure they make sense (e.g. they aren't "nothing"). You still need to take action when seeing a message "permissions have changed but not yet submitted" as we always let you review and perhaps adjust the settings _before_ a connection is established (unless you have autoperms turned on). --- include/diaspora.php | 19 +++++++++---------- include/follow.php | 10 ++-------- include/identity.php | 17 ++++++++++++++++- include/widgets.php | 2 +- include/zot.php | 18 +++++++++--------- 5 files changed, 37 insertions(+), 29 deletions(-) (limited to 'include') diff --git a/include/diaspora.php b/include/diaspora.php index c6d4b7423..d4e8a2802 100755 --- a/include/diaspora.php +++ b/include/diaspora.php @@ -673,16 +673,15 @@ function diaspora_request($importer,$xml) { return; } - $default_perms = 0; - // look for default permissions to apply in return - e.g. auto-friend - $z = q("select * from abook where abook_channel = %d and (abook_flags & %d) limit 1", - intval($importer['channel_id']), - intval(ABOOK_FLAG_SELF) - ); - - if($z) - $default_perms = intval($z[0]['abook_my_perms']); - + $role = get_pconfig($channel['channel_id'],'system','permissions_role'); + if($role) { + $x = get_role_perms($role); + if($x['perms_auto']) + $default_perms = $x['perms_accept']; + } + if(! $default_perms) + $default_perms = intval(get_pconfig($channel['channel_id'],'system','autoperms')); + $their_perms = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK|PERMS_W_STREAM|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT|PERMS_R_STORAGE|PERMS_R_PAGES; $r = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_my_perms, abook_their_perms, abook_closeness, abook_rating, abook_created, abook_updated, abook_connected, abook_dob, abook_flags) values ( %d, %d, '%s', %d, %d, %d, %d, '%s', '%s', '%s', '%s', %d )", diff --git a/include/follow.php b/include/follow.php index 20fd7f5fc..b5196834d 100644 --- a/include/follow.php +++ b/include/follow.php @@ -64,13 +64,9 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) $j = json_decode($ret['body'],true); } - if($is_red && $j) { - + $my_perms = get_channel_default_perms($uid); - // fixme - we need to be able to define these somewhere for the custom role - $my_perms = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK - |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT - |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE; + if($is_red && $j) { $role = get_pconfig($uid,'system','permissions_role'); if($role) { @@ -141,7 +137,6 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) } } - $my_perms = 0; $their_perms = 0; $xchan_hash = ''; @@ -168,7 +163,6 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) if($r) { $xchan_hash = $r[0]['xchan_hash']; $their_perms = 0; - $my_perms = PERMS_W_STREAM|PERMS_W_MAIL; $role = get_pconfig($uid,'system','permissions_role'); if($role) { $x = get_role_perms($role); diff --git a/include/identity.php b/include/identity.php index 9a574ea65..16e3eff0e 100644 --- a/include/identity.php +++ b/include/identity.php @@ -348,10 +348,13 @@ function create_identity($arr) { dbesc($a->get_baseurl() . "/photo/profile/m/{$newuid}") ); - $myperms = 0; if($role_permissions) { $myperms = ((array_key_exists('perms_auto',$role_permissions) && $role_permissions['perms_auto']) ? intval($role_permissions['perms_accept']) : 0); } + else + $myperms = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTOS|PERMS_R_ABOOK + |PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT + |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE; $r = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_closeness, abook_created, abook_updated, abook_flags, abook_my_perms ) values ( %d, %d, '%s', %d, '%s', '%s', %d, %d ) ", @@ -1561,4 +1564,16 @@ function notifications_on($channel_id,$value) { intval($channel_id) ); return $x; +} + + +function get_channel_default_perms($uid) { + + $r = q("select abook_my_perms from abook where abook_channel = %d and abook_flags & %d limit 1", + intval($uid), + intval(ABOOK_FLAG_SELF) + ); + if($r) + return $r[0]['abook_my_perms']; + return 0; } \ No newline at end of file diff --git a/include/widgets.php b/include/widgets.php index 703bc07a8..f678e40dd 100644 --- a/include/widgets.php +++ b/include/widgets.php @@ -506,7 +506,7 @@ function widget_settings_menu($arr) { if($role === false || $role === 'custom') { $tabs[] = array( - 'label' => t('Automatic Permissions (Advanced)'), + 'label' => t('Connection Default Permissions'), 'url' => $a->get_baseurl(true) . '/connedit/' . $abook_self_id, 'selected' => '' ); diff --git a/include/zot.php b/include/zot.php index f1ff084ac..9f22bc30b 100644 --- a/include/zot.php +++ b/include/zot.php @@ -439,15 +439,15 @@ function zot_refresh($them,$channel = null, $force = false) { } } else { - $default_perms = 0; - // look for default permissions to apply in return - e.g. auto-friend - $z = q("select * from abook where abook_channel = %d and (abook_flags & %d) limit 1", - intval($channel['channel_id']), - intval(ABOOK_FLAG_SELF) - ); - - if($z) - $default_perms = intval($z[0]['abook_my_perms']); + $role = get_pconfig($channel['channel_id'],'system','permissions_role'); + if($role) { + $x = get_role_perms($role); + if($x['perms_auto']) + $default_perms = $x['perms_accept']; + } + if(! $default_perms) + $default_perms = intval(get_pconfig($channel['channel_id'],'system','autoperms')); + // Keep original perms to check if we need to notify them $previous_perms = get_all_perms($channel['channel_id'],$x['hash']); -- cgit v1.2.3 From 3b22e2f5f508cb5e45ae426210e5ca9fe9115417 Mon Sep 17 00:00:00 2001 From: friendica Date: Wed, 5 Nov 2014 16:21:03 -0800 Subject: some minor cleanup of unreported (and as yet undiscovered) issues with permissions toggling. No smoking guns and no obvious issues discovered here. Repeated and tried to duplicate zottell's issue as described without seeing any obvious problems. --- include/follow.php | 5 +++-- include/identity.php | 2 ++ 2 files changed, 5 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/follow.php b/include/follow.php index b5196834d..421bdd083 100644 --- a/include/follow.php +++ b/include/follow.php @@ -203,8 +203,9 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) return $result; } - $r = q("select count(*) as total from abook where abook_account = %d and ( abook_flags & ABOOK_FLAG_FEED )", - intval($aid) + $r = q("select count(*) as total from abook where abook_account = %d and ( abook_flags & %d )", + intval($aid), + intval(ABOOK_FLAG_FEED) ); if($r) $total_feeds = $r[0]['total']; diff --git a/include/identity.php b/include/identity.php index 16e3eff0e..b9ee00623 100644 --- a/include/identity.php +++ b/include/identity.php @@ -376,6 +376,8 @@ function create_identity($arr) { set_pconfig($newuid,'system','permissions_role',$arr['permissions_role']); if(array_key_exists('online',$role_permissions)) set_pconfig($newuid,'system','hide_presence',1-intval($role_permissions['online'])); + if(array_key_exists('perms_auto',$role_permissions)) + set_pconfig($newuid,'system','autoperms',(($role_permissions['perms_auto']) ? $role_permissions['perms_accept'] : 0)); } // Create a group with yourself as a member. This allows somebody to use it -- cgit v1.2.3 From 1237957dd54b47685269300ca128455463e0787c Mon Sep 17 00:00:00 2001 From: friendica Date: Wed, 5 Nov 2014 21:02:33 -0800 Subject: logging changes, untranslated string --- include/bb2diaspora.php | 6 +++--- include/diaspora.php | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'include') diff --git a/include/bb2diaspora.php b/include/bb2diaspora.php index 8a178d1ac..3c4f07568 100644 --- a/include/bb2diaspora.php +++ b/include/bb2diaspora.php @@ -277,7 +277,7 @@ function bb2diaspora_itemwallwall(&$item) { } if(($item['mid'] == $item['parent_mid']) && ($item['author_xchan'] != $item['owner_xchan']) && (is_array($item['author']))) { - logger('bb2diaspora_itemwallwall: author: ' . print_r($item['author'],true), LOGGER_DEBUG); + logger('bb2diaspora_itemwallwall: author: ' . print_r($item['author'],true), LOGGER_DATA); } if(($item['mid'] == $item['parent_mid']) && ($item['author_xchan'] != $item['owner_xchan']) && (is_array($item['author'])) && $item['author']['xchan_url'] && $item['author']['xchan_name'] && $item['author']['xchan_photo_m']) { @@ -388,7 +388,7 @@ function bb2diaspora_itembody($item,$force_update = false) { } } - logger('bb2diaspora_itembody : ' . $body); +// logger('bb2diaspora_itembody : ' . $body, LOGGER_DATA); return html_entity_decode($body); @@ -462,7 +462,7 @@ function format_event_diaspora($ev) { $bd_format = t('l F d, Y \@ g:i A') ; // Friday January 18, 2011 @ 8 AM - $o = 'Friendica event notification:' . "\n"; + $o = t('Redmatrix event notification:') . "\n"; $o .= '**' . (($ev['summary']) ? bb2diaspora($ev['summary']) : bb2diaspora($ev['desc'])) . '**' . "\n"; diff --git a/include/diaspora.php b/include/diaspora.php index d4e8a2802..7858fa203 100755 --- a/include/diaspora.php +++ b/include/diaspora.php @@ -58,7 +58,7 @@ function diaspora_dispatch($importer,$msg,$attempt=1) { $xmlbase = $parsed_xml->post; - logger('diaspora_dispatch: ' . print_r($xmlbase,true), LOGGER_DATA); +// logger('diaspora_dispatch: ' . print_r($xmlbase,true), LOGGER_DATA); if($xmlbase->request) { -- cgit v1.2.3 From 4057e82bb46e7f30e8bccfb076be85ac9f91f256 Mon Sep 17 00:00:00 2001 From: friendica Date: Thu, 6 Nov 2014 01:24:04 -0800 Subject: category tagblock --- include/taxonomy.php | 22 ++++++++++++++++++++++ include/widgets.php | 11 +++++++++++ 2 files changed, 33 insertions(+) (limited to 'include') diff --git a/include/taxonomy.php b/include/taxonomy.php index 35605da22..d683b24a6 100644 --- a/include/taxonomy.php +++ b/include/taxonomy.php @@ -216,6 +216,28 @@ function tagblock($link,$uid,$count = 0,$authors = '',$flags = 0,$restrict = 0,$ return $o; } +function catblock($uid,$count = 0,$authors = '',$flags = 0,$restrict = 0,$type = TERM_CATEGORY) { + $o = ''; + $tab = 0; + + $r = tagadelic($uid,$count,$authors,$flags,$restrict,$type); + + if($r) { + $c = q("select channel_address from channel where channel_id = %d limit 1", + intval($uid) + ); + + $o = '

' . t('Categories') . '

'; + foreach($r as $rr) { + $o .= ''.$rr[0].' ' . "\r\n"; + } + $o .= '
'; + } + return $o; +} + + + function dir_tagblock($link,$r) { $o = ''; $tab = 0; diff --git a/include/widgets.php b/include/widgets.php index f678e40dd..dcad3eff6 100644 --- a/include/widgets.php +++ b/include/widgets.php @@ -400,6 +400,17 @@ function widget_tagcloud_wall($arr) { return tagblock('search',$a->profile['profile_uid'],$limit,$a->profile['channel_hash'],ITEM_WALL); return ''; } +function widget_catcloud_wall($arr) { + $a = get_app(); + if((! $a->profile['profile_uid']) || (! $a->profile['channel_hash'])) + return ''; + if(! perm_is_allowed($a->profile['profile_uid'],get_observer_hash(),'view_stream')) + return ''; + + $limit = ((array_key_exists('limit',$arr)) ? intval($arr['limit']) : 50); + return catblock($a->profile['profile_uid'],$limit,$a->profile['channel_hash'],ITEM_WALL); + return ''; +} function widget_affinity($arr) { -- cgit v1.2.3 From a23435540ef097eb6e718129004d259a5313ef6b Mon Sep 17 00:00:00 2001 From: friendica Date: Thu, 6 Nov 2014 01:32:47 -0800 Subject: make sure the "tagcloud" actually shows hashtags. So we don't confuse folks with categories. --- include/taxonomy.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/taxonomy.php b/include/taxonomy.php index d683b24a6..fab31c73d 100644 --- a/include/taxonomy.php +++ b/include/taxonomy.php @@ -209,7 +209,7 @@ function tagblock($link,$uid,$count = 0,$authors = '',$flags = 0,$restrict = 0,$ if($r) { $o = '

' . t('Tags') . '

'; foreach($r as $rr) { - $o .= ''.$rr[0].' ' . "\r\n"; + $o .= '#'.$rr[0].' ' . "\r\n"; } $o .= '
'; } -- cgit v1.2.3 From 1f35d9432ff6391c183fe9e268cbf3b76ac8dd0d Mon Sep 17 00:00:00 2001 From: zottel Date: Thu, 6 Nov 2014 17:24:05 +0100 Subject: don't overwrite $x (contains import_xchan result) with role permissions --- include/zot.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'include') diff --git a/include/zot.php b/include/zot.php index 9f22bc30b..bdc1f607f 100644 --- a/include/zot.php +++ b/include/zot.php @@ -441,9 +441,9 @@ function zot_refresh($them,$channel = null, $force = false) { else { $role = get_pconfig($channel['channel_id'],'system','permissions_role'); if($role) { - $x = get_role_perms($role); - if($x['perms_auto']) - $default_perms = $x['perms_accept']; + $xx = get_role_perms($role); + if($xx['perms_auto']) + $default_perms = $xx['perms_accept']; } if(! $default_perms) $default_perms = intval(get_pconfig($channel['channel_id'],'system','autoperms')); -- cgit v1.2.3 From 1fbd1a79c7a19ff51b9e8ab4bad67ec0bf687839 Mon Sep 17 00:00:00 2001 From: friendica Date: Thu, 6 Nov 2014 17:27:28 -0800 Subject: Provide a way to mark photos as adult and hide them from the default album view. Still need a button or setting to enable "unsafe viewing". This has no effect anywhere but in the album views. They can still be viewed by flipping through the individual photos with 'prev' and 'next'. We probably need a comprehensive strategy for how to deal with n-s-f-w photos in albums so consider this a band-aid which requires additional work and integration with other facilities which access these photos. It is entirely optional. --- include/poller.php | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) (limited to 'include') diff --git a/include/poller.php b/include/poller.php index f11618d37..1734af7d9 100644 --- a/include/poller.php +++ b/include/poller.php @@ -123,8 +123,8 @@ function poller_run($argv, $argc){ if(($d2 != $d1) && ($h1 == $h2)) { - require_once('include/dir_fns.php'); - check_upstream_directory(); + require_once('include/dir_fns.php'); + check_upstream_directory(); call_hooks('cron_daily',datetime_convert()); @@ -263,7 +263,7 @@ function poller_run($argv, $argc){ ); - $contacts = q("SELECT abook_id, abook_flags, abook_updated, abook_connected, abook_closeness, abook_xchan, abook_channel + $contacts = q("SELECT abook_id, abook_flags, abook_network, abook_updated, abook_connected, abook_closeness, abook_xchan, abook_channel FROM abook LEFT JOIN account on abook_account = account_id where 1 $sql_extra AND (( abook_flags & %d ) OR ( abook_flags = %d )) @@ -305,6 +305,7 @@ function poller_run($argv, $argc){ $update = true; } else { + // if we've never connected with them, start the mark for death countdown from now if($c == NULL_DATE) { @@ -351,12 +352,17 @@ function poller_run($argv, $argc){ $update = true; } - } if((! $update) && (! $force)) continue; + // we handled feed contacts earlier - now filter out anything else that + // doesn't require polling to keep the process count down. + + if($contact['abook_network'] !== 'zot') + continue; + proc_run('php','include/onepoll.php',$contact['abook_id']); if($interval) @time_sleep_until(microtime(true) + (float) $interval); -- cgit v1.2.3 From c4a07010f76a0cc7f4b3ed3d7e08912bce14dcb6 Mon Sep 17 00:00:00 2001 From: friendica Date: Thu, 6 Nov 2014 18:05:02 -0800 Subject: visible flag reversed --- include/photos.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/photos.php b/include/photos.php index adb7c988a..23c1ea826 100644 --- a/include/photos.php +++ b/include/photos.php @@ -431,7 +431,7 @@ function photos_create_item($channel, $creator_hash, $photo, $visible = false) { // Create item container $item_flags = ITEM_WALL|ITEM_ORIGIN|ITEM_THREAD_TOP; - $item_restrict = (($visible) ? ITEM_HIDDEN : ITEM_VISIBLE); + $item_restrict = (($visible) ? ITEM_VISIBLE : ITEM_HIDDEN); $title = ''; $mid = item_message_id(); -- cgit v1.2.3 From 961049f5faf04edcf3dc5485e76d81460b929efb Mon Sep 17 00:00:00 2001 From: friendica Date: Fri, 7 Nov 2014 12:16:13 -0800 Subject: revert that bit --- include/poller.php | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) (limited to 'include') diff --git a/include/poller.php b/include/poller.php index 1734af7d9..026d84c62 100644 --- a/include/poller.php +++ b/include/poller.php @@ -263,7 +263,7 @@ function poller_run($argv, $argc){ ); - $contacts = q("SELECT abook_id, abook_flags, abook_network, abook_updated, abook_connected, abook_closeness, abook_xchan, abook_channel + $contacts = q("SELECT abook_id, abook_flags, abook_updated, abook_connected, abook_closeness, abook_xchan, abook_channel FROM abook LEFT JOIN account on abook_account = account_id where 1 $sql_extra AND (( abook_flags & %d ) OR ( abook_flags = %d )) @@ -357,12 +357,6 @@ function poller_run($argv, $argc){ if((! $update) && (! $force)) continue; - // we handled feed contacts earlier - now filter out anything else that - // doesn't require polling to keep the process count down. - - if($contact['abook_network'] !== 'zot') - continue; - proc_run('php','include/onepoll.php',$contact['abook_id']); if($interval) @time_sleep_until(microtime(true) + (float) $interval); -- cgit v1.2.3 From 55f64c37364a1e4ac3e57a6af2953df196589c49 Mon Sep 17 00:00:00 2001 From: friendica Date: Fri, 7 Nov 2014 13:06:56 -0800 Subject: tgroup_check - decrypt if obscured before checking body text for reshares --- include/items.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/items.php b/include/items.php index 325947341..7e2bb4f18 100755 --- a/include/items.php +++ b/include/items.php @@ -2974,7 +2974,15 @@ function tgroup_check($uid,$item) { // At this point we've determined that the person receiving this post was mentioned in it. // Now let's check if this mention was inside a reshare so we don't spam a forum - $body = preg_replace('/\[share(.*?)\[\/share\]/','',$item['body']); + + $body = $item['body']; + + if(array_key_exists('item_flags',$item) && ($item['item_flags'] & ITEM_OBSCURED) && $body) { + $key = get_config('system','prvkey'); + $body = crypto_unencapsulate(json_decode($body,true),$key); + } + + $body = preg_replace('/\[share(.*?)\[\/share\]/','',$body); $pattern = '/@\!?\[zrl\=' . preg_quote($term['url'],'/') . '\]' . preg_quote($term['term'] . '+','/') . '\[\/zrl\]/'; -- cgit v1.2.3 From 24bdf58d2bd564c22c44a39f369a50df918c8c38 Mon Sep 17 00:00:00 2001 From: Stefan Parviainen Date: Sun, 9 Nov 2014 09:37:06 +0100 Subject: Use consistent terminology for channel directory --- include/nav.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/nav.php b/include/nav.php index f1f89db20..4c3da2195 100644 --- a/include/nav.php +++ b/include/nav.php @@ -173,7 +173,7 @@ EOT; $nav['search'] = array('search', t('Search'), "", t('Search site content')); - $nav['directory'] = array('directory', t('Directory'), "", t('Channel Locator')); + $nav['directory'] = array('directory', t('Directory'), "", t('Channel Directory')); /** -- cgit v1.2.3 From e7b634f81d5c5cd85210cce7ed69ffb27470c66c Mon Sep 17 00:00:00 2001 From: zottel Date: Mon, 10 Nov 2014 12:25:35 +0100 Subject: set channel_w_stream to 0 for forum roles --- include/permissions.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'include') diff --git a/include/permissions.php b/include/permissions.php index 186ba32d8..119ecc865 100644 --- a/include/permissions.php +++ b/include/permissions.php @@ -549,7 +549,7 @@ function get_role_perms($role) { $ret['channel_r_profile'] = PERMS_PUBLIC; $ret['channel_r_photos'] = PERMS_PUBLIC; $ret['channel_r_abook'] = PERMS_PUBLIC; - $ret['channel_w_stream'] = PERMS_CONTACTS; + $ret['channel_w_stream'] = 0; $ret['channel_w_wall'] = PERMS_CONTACTS; $ret['channel_w_tagwall'] = PERMS_CONTACTS; $ret['channel_w_comment'] = PERMS_CONTACTS; @@ -581,7 +581,7 @@ function get_role_perms($role) { $ret['channel_r_profile'] = PERMS_PUBLIC; $ret['channel_r_photos'] = PERMS_PUBLIC; $ret['channel_r_abook'] = PERMS_PUBLIC; - $ret['channel_w_stream'] = PERMS_CONTACTS; + $ret['channel_w_stream'] = 0; $ret['channel_w_wall'] = PERMS_CONTACTS; $ret['channel_w_tagwall'] = PERMS_SPECIFIC; $ret['channel_w_comment'] = PERMS_CONTACTS; @@ -614,7 +614,7 @@ function get_role_perms($role) { $ret['channel_r_profile'] = PERMS_CONTACTS; $ret['channel_r_photos'] = PERMS_CONTACTS; $ret['channel_r_abook'] = PERMS_CONTACTS; - $ret['channel_w_stream'] = PERMS_CONTACTS; + $ret['channel_w_stream'] = 0; $ret['channel_w_wall'] = PERMS_CONTACTS; $ret['channel_w_tagwall'] = 0; $ret['channel_w_comment'] = PERMS_CONTACTS; -- cgit v1.2.3 From 62094652333514e92f9f00699e14b9f49680bb64 Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 10 Nov 2014 15:21:04 -0800 Subject: add public forum identification to libzot. No attempt is made to identify other types of forums or weird custom channel permissions. If the channel is auto-accept and taggable, it's a public forum. --- include/zot.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/zot.php b/include/zot.php index bdc1f607f..ac68c0035 100644 --- a/include/zot.php +++ b/include/zot.php @@ -699,10 +699,14 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) { $dirmode = get_config('system','directory_mode'); - if((($arr['site']['directory_mode'] === 'standalone') || ($dirmode & DIRECTORY_MODE_STANDALONE)) -&& ($arr['site']['url'] != z_root())) + if((($arr['site']['directory_mode'] === 'standalone') || ($dirmode & DIRECTORY_MODE_STANDALONE)) && ($arr['site']['url'] != z_root())) $arr['searchable'] = false; + $public_forum = (($r[0]['xchan_flags'] & XCHAN_FLAGS_PUBFORUM) ? true : false); + $pubforum_changed = ((intval($public_forum) != intval($arr['public_forum'])) ? true : false); + if($pubforum_changed) + $new_flags = $r[0]['xchan_flags'] ^ XCHAN_FLAGS_PUBFORUM; + $hidden = (1 - intval($arr['searchable'])); // Be careful - XCHAN_FLAGS_HIDDEN should evaluate to 1 -- cgit v1.2.3 From 56199027768a07d7f1f980df08fb9c5dc7b1278e Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 10 Nov 2014 17:44:02 -0800 Subject: indicate public forums in directory results (there will be some [possibly considerable] lag time before existing forums are correctly tagged). --- include/zot.php | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'include') diff --git a/include/zot.php b/include/zot.php index ac68c0035..2954408b9 100644 --- a/include/zot.php +++ b/include/zot.php @@ -702,10 +702,6 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) { if((($arr['site']['directory_mode'] === 'standalone') || ($dirmode & DIRECTORY_MODE_STANDALONE)) && ($arr['site']['url'] != z_root())) $arr['searchable'] = false; - $public_forum = (($r[0]['xchan_flags'] & XCHAN_FLAGS_PUBFORUM) ? true : false); - $pubforum_changed = ((intval($public_forum) != intval($arr['public_forum'])) ? true : false); - if($pubforum_changed) - $new_flags = $r[0]['xchan_flags'] ^ XCHAN_FLAGS_PUBFORUM; $hidden = (1 - intval($arr['searchable'])); @@ -725,6 +721,11 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) { if($deleted_changed) $new_flags = $new_flags ^ XCHAN_FLAGS_DELETED; + $public_forum = (($r[0]['xchan_flags'] & XCHAN_FLAGS_PUBFORUM) ? true : false); + $pubforum_changed = ((intval($public_forum) != intval($arr['public_forum'])) ? true : false); + if($pubforum_changed) + $new_flags = $r[0]['xchan_flags'] ^ XCHAN_FLAGS_PUBFORUM; + if(($r[0]['xchan_name_date'] != $arr['name_updated']) || ($r[0]['xchan_connurl'] != $arr['connections_url']) || ($r[0]['xchan_flags'] != $new_flags) -- cgit v1.2.3 From d432f4ccd5696565dbc6e726d6d06eb77fd35f77 Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 10 Nov 2014 19:20:23 -0800 Subject: issue #683 - don't linkify homepage field without validating --- include/identity.php | 2 ++ 1 file changed, 2 insertions(+) (limited to 'include') diff --git a/include/identity.php b/include/identity.php index b9ee00623..c8b5a3679 100644 --- a/include/identity.php +++ b/include/identity.php @@ -890,6 +890,8 @@ function profile_sidebar($profile, $block = 0, $show_connect = true) { || (x($profile,'country_name') == 1)) $location = t('Location:'); + $profile['homepage'] = linkify($profile['homepage']); + $gender = ((x($profile,'gender') == 1) ? t('Gender:') : False); $marital = ((x($profile,'marital') == 1) ? t('Status:') : False); $homepage = ((x($profile,'homepage') == 1) ? t('Homepage:') : False); -- cgit v1.2.3 From 325b269b224615a9c584e0ec631a11d68bb24eb8 Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 11 Nov 2014 01:05:29 -0800 Subject: the code is a bit crufty, but this should fix issue #687 --- include/datetime.php | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) (limited to 'include') diff --git a/include/datetime.php b/include/datetime.php index 00bac8ad1..47c63e51d 100644 --- a/include/datetime.php +++ b/include/datetime.php @@ -134,10 +134,17 @@ function dob($dob) { if(! $f) $f = 'ymd'; - if ($dob && $dob != '0000-00-00') - $o = datesel($f,mktime(0,0,0,0,0,1900),mktime(),mktime(0,0,0,$month,$day,$year),'dob'); + if($dob === '0000-00-00') + $value = ''; else - $o = datesel($f,mktime(0,0,0,0,0,1900),mktime(),false,'dob'); + $value = (($year) ? datetime_convert('UTC','UTC',$dob,'Y-m-d') : datetime_convert('UTC','UTC',$dob,'m-d')); + + $o = ''; + +// if ($dob && $dob != '0000-00-00') +// $o = datesel($f,mktime(0,0,0,0,0,1900),mktime(),mktime(0,0,0,$month,$day,$year),'dob'); +// else +// $o = datesel($f,mktime(0,0,0,0,0,1900),mktime(),false,'dob'); return $o; } -- cgit v1.2.3 From 09b09dedbc3157e1859f4a777aeab54fadabfb43 Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 11 Nov 2014 16:06:16 -0800 Subject: Most directory searches are POST. get_query_args() only handles GET so that had to be fixed or page 2 of directory search results wouldn't match the search. --- include/text.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/text.php b/include/text.php index fca23ca22..4aa412355 100644 --- a/include/text.php +++ b/include/text.php @@ -2046,7 +2046,7 @@ function normalise_openid($s) { // used in ajax endless scroll request to find out all the args that the master page was viewing. // This was using $_REQUEST, but $_REQUEST also contains all your cookies. So we're restricting it -// to $_GET. If this is used in a post handler, that decision may need to be considered. +// to $_GET and $_POST. function extra_query_args() { $s = ''; @@ -2058,5 +2058,13 @@ function extra_query_args() { } } } + if(count($_POST)) { + foreach($_POST as $k => $v) { + // these are request vars we don't want to duplicate + if(! in_array($k, array('q','f','zid','page','PHPSESSID'))) { + $s .= '&' . $k . '=' . $v; + } + } + } return $s; } -- cgit v1.2.3 From 06e5d0798c67e8314429e475523a6a30e50bfb8e Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 11 Nov 2014 16:09:45 -0800 Subject: and urlencode that. --- include/text.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/text.php b/include/text.php index 4aa412355..7cb54edd3 100644 --- a/include/text.php +++ b/include/text.php @@ -2054,7 +2054,7 @@ function extra_query_args() { foreach($_GET as $k => $v) { // these are request vars we don't want to duplicate if(! in_array($k, array('q','f','zid','page','PHPSESSID'))) { - $s .= '&' . $k . '=' . $v; + $s .= '&' . $k . '=' . urlencode($v); } } } @@ -2062,7 +2062,7 @@ function extra_query_args() { foreach($_POST as $k => $v) { // these are request vars we don't want to duplicate if(! in_array($k, array('q','f','zid','page','PHPSESSID'))) { - $s .= '&' . $k . '=' . $v; + $s .= '&' . $k . '=' . urlencode($v); } } } -- cgit v1.2.3 From 570577a99089ff5bb48c5c67a612bdd874721e95 Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 11 Nov 2014 18:05:50 -0800 Subject: a couple of places where we need to look for a sys channel euid. --- include/text.php | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'include') diff --git a/include/text.php b/include/text.php index 7cb54edd3..ba1f9e5a3 100644 --- a/include/text.php +++ b/include/text.php @@ -2021,7 +2021,14 @@ function json_decode_plus($s) { function design_tools() { + $channel = get_app()->get_channel(); + + if(array_key_exists('sys',$_REQUEST) && $_REQUEST['sys'] == 1 && is_site_admin()) { + require_once('include/identity.php'); + $channel = get_sys_channel(); + } + $who = $channel['channel_address']; return replace_macros(get_markup_template('design_tools.tpl'), array( -- cgit v1.2.3 From b5af6679857eeafcb360d7dec69acf11af034c1d Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 11 Nov 2014 19:29:30 -0800 Subject: slow progress on sys publishing, making sure all the data we need is in the places we need it but validate it anyway --- include/text.php | 2 +- include/widgets.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/text.php b/include/text.php index ba1f9e5a3..686dee4a2 100644 --- a/include/text.php +++ b/include/text.php @@ -2024,7 +2024,7 @@ function design_tools() { $channel = get_app()->get_channel(); - if(array_key_exists('sys',$_REQUEST) && $_REQUEST['sys'] == 1 && is_site_admin()) { + if(get_app()->is_sys && is_site_admin()) { require_once('include/identity.php'); $channel = get_sys_channel(); } diff --git a/include/widgets.php b/include/widgets.php index dcad3eff6..cb5dc6846 100644 --- a/include/widgets.php +++ b/include/widgets.php @@ -585,7 +585,7 @@ function widget_design_tools($arr) { // otherwise local_user() is sufficient for permissions. if($a->profile['profile_uid']) - if($a->profile['profile_uid'] != local_user()) + if(($a->profile['profile_uid'] != local_user()) && (! $a->is_sys)) return ''; if(! local_user()) -- cgit v1.2.3 From 4b9ec6645b79f4da1ad5e7dd20a04ca6ca4a3e4a Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 11 Nov 2014 20:44:43 -0800 Subject: cleanup --- include/conversation.php | 8 ++++++-- include/text.php | 3 +++ 2 files changed, 9 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/conversation.php b/include/conversation.php index a531de9ba..c2258c20a 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -1493,8 +1493,12 @@ function network_tabs() { function profile_tabs($a, $is_owner=False, $nickname=Null){ - //echo "
"; var_dump($a->user); killme();
-		
+
+	// Don't provide any profile tabs if we're running as the sys channel
+	
+	if($a->is_sys)
+		return;
+	
 	$channel = $a->get_channel();
 
 	if (is_null($nickname))
diff --git a/include/text.php b/include/text.php
index 686dee4a2..d816fdb0a 100644
--- a/include/text.php
+++ b/include/text.php
@@ -2023,10 +2023,12 @@ function json_decode_plus($s) {
 function design_tools() {
 
 	$channel  = get_app()->get_channel();
+	$sys = false;
 
 	if(get_app()->is_sys && is_site_admin()) {
 		require_once('include/identity.php');
 		$channel = get_sys_channel();
+		$sys = true;
 	}
 
 	$who = $channel['channel_address'];
@@ -2034,6 +2036,7 @@ function design_tools() {
 	return replace_macros(get_markup_template('design_tools.tpl'), array(
 		'$title' => t('Design'),
 		'$who' => $who,
+		'$sys' => $sys,
 		'$blocks' => t('Blocks'),
 		'$menus' => t('Menus'),
 		'$layout' => t('Layouts'),
-- 
cgit v1.2.3


From 1ed144b83c3cefb685dfff37fd7d415bf5a2ffdb Mon Sep 17 00:00:00 2001
From: marijus 
Date: Wed, 12 Nov 2014 10:27:13 +0100
Subject: make search and advanced search use the same input form

---
 include/contact_widgets.php | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'include')

diff --git a/include/contact_widgets.php b/include/contact_widgets.php
index 28a9fcfd3..ee9394e95 100644
--- a/include/contact_widgets.php
+++ b/include/contact_widgets.php
@@ -29,8 +29,7 @@ function findpeople_widget() {
 		'$random' => t('Random Profile'),
 		'$inv' => t('Invite Friends'),
 		'$advanced_search' => $advanced_search,
-		'$advanced_hint' => t('Exammple: name=fred and country=iceland'),
-		'$find_advanced' => t('Advanced Find'),
+		'$advanced_hint' => "\r\n" . t('Advanced example: name=fred and country=iceland'),
 		'$loggedin' => local_user()
 	));
 
-- 
cgit v1.2.3


From fc2bf4c29b45a97ec745c26821cc31cfe97f091c Mon Sep 17 00:00:00 2001
From: Klaus Weidenbach 
Date: Thu, 13 Nov 2014 00:00:50 +0100
Subject: Some Doxygen documentation.

Add some more Doxygen formating for boot.php and dba_driver.php.
Cleaning a bit up, too.
---
 include/dba/dba_driver.php | 172 +++++++++++++++++++++++++++++++++------------
 1 file changed, 128 insertions(+), 44 deletions(-)

(limited to 'include')

diff --git a/include/dba/dba_driver.php b/include/dba/dba_driver.php
index 3e19b7aa4..31b7890f1 100755
--- a/include/dba/dba_driver.php
+++ b/include/dba/dba_driver.php
@@ -1,23 +1,48 @@
-install($server, $port, $user,$pass,$db))) {
+		if(($install) && (! $this->install($server, $port, $user, $pass, $db))) {
 			return;
 		}
-		$this->connect($server, $port, $user,$pass,$db);
+		$this->connect($server, $port, $user, $pass, $db);
 	}
 
-
-	function install($server,$user,$pass,$db) {
+	function install($server, $user, $pass, $db) {
 		if (!(strlen($server) && strlen($user))){
 			$this->connected = false;
 			$this->db = null;
@@ -56,7 +115,11 @@ abstract class dba_driver {
 		return true;
 	}
 
-
+	/**
+	 * @brief Sets the database driver's debugging state.
+	 *
+	 * @param int $dbg 0 to disable debugging
+	 */
 	function dbg($dbg) {
 		$this->debug = $dbg;
 	}
@@ -67,10 +130,12 @@ abstract class dba_driver {
 		}
 	}
 
-}
+} // end abstract dba_driver class
 
 
 
+// Procedural functions
+
 function printable($s) {
 	$s = preg_replace("~([\x01-\x08\x0E-\x0F\x10-\x1F\x7F-\xFF])~",".", $s);
 	$s = str_replace("\x00",'.',$s);
@@ -79,91 +144,110 @@ function printable($s) {
 	return $s;
 }
 
-// Procedural functions
-
+/**
+ * @brief set database driver debugging state.
+ *
+ * @param int $state 0 to disable debugging
+ */
 function dbg($state) {
 	global $db;
+
 	if($db)
-	$db->dbg($state);
+		$db->dbg($state);
 }
 
-
+/**
+ * @brief Escape strings being passed to DB queries.
+ *
+ * Always escape strings being used in DB queries. This function returns the
+ * escaped string. Integer DB parameters should all be proven integers by
+ * wrapping with intval().
+ *
+ * @param string $str A string to pass to a DB query
+ * @return Return an escaped string of the value to pass to a DB query.
+ */
 function dbesc($str) {
 	global $db;
+
 	if($db && $db->connected)
 		return($db->escape($str));
 	else
-		return(str_replace("'","\\'",$str));
+		return(str_replace("'", "\\'", $str));
 }
 
-
-
-// Function: q($sql,$args);
-// Description: execute SQL query with printf style args.
-// Example: $r = q("SELECT * FROM `%s` WHERE `uid` = %d",
-//                   'user', 1);
-
-
+/**
+ * @brief Execute a SQL query with printf style args.
+ *
+ * printf style arguments %s and %d are replaced with variable arguments, which
+ * should each be appropriately dbesc() or intval().
+ * SELECT queries return an array of results or false if SQL or DB error. Other
+ * queries return true if the command was successful or false if it wasn't.
+ *
+ * Example:
+ *  $r = q("SELECT * FROM `%s` WHERE `uid` = %d",
+ *         'user', 1);
+ *
+ * @param string $sql The SQL query to execute
+ * @return bool|array
+ */
 function q($sql) {
-
 	global $db;
+
 	$args = func_get_args();
 	unset($args[0]);
 
 	if($db && $db->connected) {
-		$stmt = vsprintf($sql,$args);
+		$stmt = vsprintf($sql, $args);
 		if($stmt === false) {
-			if(version_compare(PHP_VERSION,'5.4.0') >= 0)
-				logger('dba: vsprintf error: ' . print_r(debug_backtrace(DEBUG_BACKTRACE_PROVIDE_OBJECT,1),true));
+			if(version_compare(PHP_VERSION, '5.4.0') >= 0)
+				logger('dba: vsprintf error: ' .
+					print_r(debug_backtrace(DEBUG_BACKTRACE_PROVIDE_OBJECT, 1), true));
 			else
-				logger('dba: vsprintf error: ' . print_r(debug_backtrace(),true));
+				logger('dba: vsprintf error: ' . print_r(debug_backtrace(), true));
 		}
 		return $db->q($stmt);
 	}
 
-	/**
-	 *
+	/*
 	 * This will happen occasionally trying to store the 
 	 * session data after abnormal program termination 
-	 *
 	 */
 	logger('dba: no database: ' . print_r($args,true));
-	return false; 
 
+	return false;
 }
 
 /**
+ * @brief Raw DB query, no arguments.
  *
- * Raw db query, no arguments
+ * This function executes a raw DB query without any arguments.
  *
+ * @param string $sql The SQL query to execute
  */
-
-
 function dbq($sql) {
-
 	global $db;
+
 	if($db && $db->connected)
 		$ret = $db->q($sql);
 	else
 		$ret = false;
+
 	return $ret;
 }
 
 
-// Caller is responsible for ensuring that any integer arguments to 
+
+// Caller is responsible for ensuring that any integer arguments to
 // dbesc_array are actually integers and not malformed strings containing
 // SQL injection vectors. All integer array elements should be specifically 
 // cast to int to avoid trouble. 
 
-
-
 function dbesc_array_cb(&$item, $key) {
 	if(is_string($item))
 		$item = dbesc($item);
 }
 
 
-
 function dbesc_array(&$arr) {
 	if(is_array($arr) && count($arr)) {
 		array_walk($arr,'dbesc_array_cb');
-- 
cgit v1.2.3