From 3cab53a7efbc58cdf1d81740cf00136c016e2863 Mon Sep 17 00:00:00 2001
From: toclimb <toclimb@misanthrozot.com>
Date: Wed, 29 Jan 2014 00:43:54 +0100
Subject: Don't look for text emoticons inside the matching angle brackets of a
 HTML tag

---
 include/text.php | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'include')

diff --git a/include/text.php b/include/text.php
index f5c440e4a..4cb7a1d5e 100755
--- a/include/text.php
+++ b/include/text.php
@@ -891,6 +891,7 @@ function smilies($s, $sample = false) {
 
 	$s = preg_replace_callback('/<pre>(.*?)<\/pre>/ism','smile_encode',$s);
 	$s = preg_replace_callback('/<code>(.*?)<\/code>/ism','smile_encode',$s);
+	$s = preg_replace_callback('/<(.*?)>/s','smile_encode',$s);
 
 	$texts =  array( 
 		'&lt;3', 
@@ -983,6 +984,7 @@ function smilies($s, $sample = false) {
 
 	$s = preg_replace_callback('/<pre>(.*?)<\/pre>/ism','smile_decode',$s);
 	$s = preg_replace_callback('/<code>(.*?)<\/code>/ism','smile_decode',$s);
+	$s = preg_replace_callback('/<(.*?)>/s','smile_decode',$s);
 
 	return $s;
 
-- 
cgit v1.2.3


From d79a2e3b55c7cf6c775b8ecf7fbf708248aa16c8 Mon Sep 17 00:00:00 2001
From: friendica <info@friendica.com>
Date: Tue, 28 Jan 2014 16:32:47 -0800
Subject: undo pull request #287

---
 include/text.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'include')

diff --git a/include/text.php b/include/text.php
index 4cb7a1d5e..a459296cb 100755
--- a/include/text.php
+++ b/include/text.php
@@ -891,7 +891,7 @@ function smilies($s, $sample = false) {
 
 	$s = preg_replace_callback('/<pre>(.*?)<\/pre>/ism','smile_encode',$s);
 	$s = preg_replace_callback('/<code>(.*?)<\/code>/ism','smile_encode',$s);
-	$s = preg_replace_callback('/<(.*?)>/s','smile_encode',$s);
+//	$s = preg_replace_callback('/<(.*?)>/ism','smile_encode',$s);
 
 	$texts =  array( 
 		'&lt;3', 
@@ -984,7 +984,7 @@ function smilies($s, $sample = false) {
 
 	$s = preg_replace_callback('/<pre>(.*?)<\/pre>/ism','smile_decode',$s);
 	$s = preg_replace_callback('/<code>(.*?)<\/code>/ism','smile_decode',$s);
-	$s = preg_replace_callback('/<(.*?)>/s','smile_decode',$s);
+//	$s = preg_replace_callback('/<(.*?)>/s','smile_decode',$s);
 
 	return $s;
 
-- 
cgit v1.2.3


From 3dfd38021f193d16d3c6ed4824fa24e42a62238f Mon Sep 17 00:00:00 2001
From: friendica <info@friendica.com>
Date: Tue, 28 Jan 2014 16:35:10 -0800
Subject: SECURITY: remove style and class bbcodes

---
 include/bbcode.php | 8 --------
 1 file changed, 8 deletions(-)

(limited to 'include')

diff --git a/include/bbcode.php b/include/bbcode.php
index 084c02125..fec8750e9 100644
--- a/include/bbcode.php
+++ b/include/bbcode.php
@@ -442,14 +442,6 @@ function bbcode($Text,$preserve_nl = false, $tryoembed = true) {
 	// Check for list text
 	$Text = str_replace("[*]", "<li>", $Text);
 
-	// Check for style sheet commands
-	if (strpos($Text,'[/style]') !== false) {		
-		$Text = preg_replace("(\[style=(.*?)\](.*?)\[\/style\])ism","<span style=\"$1;\">$2</span>",$Text);
-	}
-	// Check for CSS classes
-	if (strpos($Text,'[/class]') !== false) {	
-		$Text = preg_replace("(\[class=(.*?)\](.*?)\[\/class\])ism","<span class=\"$1\">$2</span>",$Text);
-	}
  	// handle nested lists
 	$endlessloop = 0;
 
-- 
cgit v1.2.3


From cc11535e34f1cc91251d7ca3f38ef38997774857 Mon Sep 17 00:00:00 2001
From: friendica <info@friendica.com>
Date: Tue, 28 Jan 2014 17:07:25 -0800
Subject: online indication on profile sidebar

---
 include/identity.php | 28 +++++++++++++++++++++++++++-
 1 file changed, 27 insertions(+), 1 deletion(-)

(limited to 'include')

diff --git a/include/identity.php b/include/identity.php
index a99474d42..ee289495d 100644
--- a/include/identity.php
+++ b/include/identity.php
@@ -544,6 +544,9 @@ function profile_load(&$a, $nickname, $profile = '') {
 	}
 
 	$a->profile = $r[0];
+	$online = get_online_status($nickname);
+	$a->profile['online_status'] = $online['result'];
+
 	$a->profile_uid = $r[0]['profile_uid'];
 
 	$a->page['title'] = $a->profile['channel_name'] . " - " . $a->profile['channel_address'] . "@" . $a->get_hostname();
@@ -678,13 +681,15 @@ function profile_sidebar($profile, $block = 0, $show_connect = true) {
 	$gender   = ((x($profile,'gender')   == 1) ? t('Gender:')   : False);
 	$marital  = ((x($profile,'marital')  == 1) ? t('Status:')   : False);
 	$homepage = ((x($profile,'homepage') == 1) ? t('Homepage:') : False);
+	$profile['online']   = (($profile['online_status'] === 'online') ? t('Online Now') : False);
+logger('online: ' . $profile['online']);
 
 	if(! perm_is_allowed($profile['uid'],((is_array($observer)) ? $observer['xchan_hash'] : ''),'view_profile')) {
 		$block = true;
 	}
 
 	if(($profile['hidewall'] || $block) && (! local_user()) && (! remote_user())) {
-		$location = $pdesc = $gender = $marital = $homepage = False;
+		$location = $pdesc = $gender = $marital = $homepage = $online = False;
 	}
 
 	$firstname = ((strpos($profile['name'],' '))
@@ -1144,3 +1149,24 @@ function is_foreigner($s) {
 function is_member($s) {
 	return((is_foreigner($s)) ? false : true);
 }
+
+function get_online_status($nick) {
+
+	$ret = array('result' => false);
+
+	$r = q("select channel_id, channel_hash from channel where channel_address = '%s' limit 1",
+		dbesc(argv(1))
+	);
+	if($r) {
+		$hide = get_pconfig($r[0]['channel_id'],'system','hide_online_status');
+		if($hide)
+			return $ret;
+		$x = q("select cp_status from chatpresence where cp_xchan = '%s' and cp_room = 0 limit 1",
+			dbesc($r[0]['channel_hash'])
+		);
+		if($x)
+			$ret['result'] = $x[0]['cp_status'];
+	}
+
+	return $ret;
+}
-- 
cgit v1.2.3


From d970c69f91b96b3ef40752a95ecec8ca8b11b62a Mon Sep 17 00:00:00 2001
From: friendica <info@friendica.com>
Date: Tue, 28 Jan 2014 19:49:56 -0800
Subject: online indication to the directory popup

---
 include/identity.php | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

(limited to 'include')

diff --git a/include/identity.php b/include/identity.php
index ee289495d..2db5d8ece 100644
--- a/include/identity.php
+++ b/include/identity.php
@@ -1170,3 +1170,25 @@ function get_online_status($nick) {
 
 	return $ret;
 }
+
+
+function remote_online_status($webbie) {
+
+	$result = false;
+	$r = q("select * from hubloc where hubloc_addr = '%s' limit 1",
+		dbesc($webbie)
+	);
+	if(! $r)
+		return $result;
+
+	$url = $r[0]['hubloc_url'] . '/online/' . substr($webbie,0,strpos($webbie,'@'));
+
+	$x = z_fetch_url($url);
+	if($x['success']) {
+		$j = json_decode($x['body'],true);
+		if($j)
+			$result = (($j['result']) ? $j['result'] : false);
+	}
+	return $result;
+
+}
-- 
cgit v1.2.3


From 9261a170eb45f0b189afb4c1a30603d0cbb8f31c Mon Sep 17 00:00:00 2001
From: friendica <info@friendica.com>
Date: Wed, 29 Jan 2014 00:08:29 -0800
Subject: basic chatroom management backend

---
 include/chat.php | 117 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 117 insertions(+)
 create mode 100644 include/chat.php

(limited to 'include')

diff --git a/include/chat.php b/include/chat.php
new file mode 100644
index 000000000..4df419294
--- /dev/null
+++ b/include/chat.php
@@ -0,0 +1,117 @@
+<?php /** @file */
+
+
+function chatroom_create($channel,$arr) {
+
+	$ret = array('success' => false);
+
+	$name = trim($arr['name']);
+	if(! $name) {
+		$ret['message'] = t('Missing room name');
+		return $ret;
+	}
+
+	$r = q("select cr_id from chatroom where cr_uid = %d and cr_name = '%s' limit 1",
+		intval($channel['channel_id']),
+		dbesc($name)
+	);
+	if($r) {
+		$ret['message'] = t('Duplicate room name');
+		return $ret;
+	}
+
+	$created = datetime_convert();
+
+	$x = q("insert into chatroom ( cr_aid, cr_uid, cr_name, cr_created, cr_edited, allow_cid, allow_gid, deny_cid, deny_gid )
+		values ( %d, %d , '%s' '%s', '%s', '%s', '%s', '%s', '%s' ) ",
+		intval($channel['account_id']),
+		intval($channel['channel_id']),
+		dbesc($name),
+		dbesc($created),
+		dbesc($created),
+		dbesc($arr['allow_cid']),
+		dbesc($arr['allow_gid']),
+		dbesc($arr['deny_cid']),
+		dbesc($arr['deny_gid'])
+	);
+	if($x)
+		$ret['success'] = true;
+
+	return $ret;
+}
+
+
+function chatroom_destroy($channel,$arr) {
+
+	$ret = array('success' => false);
+	if(intval($arr['cr_id']))
+		$sql_extra = " and cr_id = " . intval($arr['cr_id']) . " ";
+	elseif(trim($arr['cr_name']))
+		$sql_extra = " and cr_name = '" . protect_sprintf(dbesc(trim($arr['cr_name']))) . "' ";
+	else {
+		$ret['message'] = t('Invalid room specifier.');
+		return $ret;
+	}
+
+	$r = q("select * from chatroom where cr_uid = %d $sql_extra limit 1",
+		intval($channel['channel_id'])
+	);
+	if(! $r) {		
+		$ret['message'] = t('Invalid room specifier.');
+		return $ret;
+	}
+
+	q("delete from chatroom where cr_id = %d limit 1",
+		intval($r[0]['cr_id'])
+	);
+	if($r[0]['cr_id']) {
+		q("delete from chatpresence where cp_room = %d",
+			intval($r[0]['cr_id'])
+		);
+	}
+	$ret['success'] = true;
+	return $ret;
+}
+
+
+function chatroom_enter($observer_xchan,$room_id,$status) {
+	if(! $room_id || ! $observer)
+		return;
+	$r = q("select * from chatpresence where cp_xchan = '%s' and cp_room = %d limit 1",
+		dbesc($observer_xchan),
+		intval($room_id)
+	);
+	if($r) {
+		q("update chatpresence set cp_status = %d and cp_last = '%s' where cp_id = %d limit 1",
+			dbesc($status),
+			dbesc(datetime_convert()),
+			intval($r[0]['cp_id'])
+		);
+		return true;
+	}
+
+	$r = q("insert into chatpresence ( cp_room, cp_xchan, cp_last, cp_status )
+		values ( %d, '%s', '%s', '%s' )",
+		intval($room_id),
+		dbesc($observer_xchan),
+		dbesc(datetime_convert()),
+		dbesc($status)
+	);
+	return $r;
+}
+
+
+function chatroom_leave($observer_xchan,$room_id,$status) {
+	if(! $room_id || ! $observer)
+		return;
+	$r = q("select * from chatpresence where cp_xchan = '%s' and cp_room = %d limit 1",
+		dbesc($observer_xchan),
+		intval($room_id)
+	);
+	if($r) {
+		q("delete from chatpresence where cp_id = %d limit 1",
+			intval($r[0]['cp_id'])
+		);
+	}
+	return true;
+}
\ No newline at end of file
-- 
cgit v1.2.3


From 9f546757021305b6cfe924f38ca1af5fd5d3e69b Mon Sep 17 00:00:00 2001
From: friendica <info@friendica.com>
Date: Wed, 29 Jan 2014 01:52:23 -0800
Subject: chatroom list widget backend

---
 include/chat.php    | 9 +++++++++
 include/widgets.php | 9 +++++++++
 2 files changed, 18 insertions(+)

(limited to 'include')

diff --git a/include/chat.php b/include/chat.php
index 4df419294..cb910bd62 100644
--- a/include/chat.php
+++ b/include/chat.php
@@ -114,4 +114,13 @@ function chatroom_leave($observer_xchan,$room_id,$status) {
 		);
 	}
 	return true;
+}
+
+
+function chatroom_list($uid) {
+
+	$r = q("select cr_name, cr_id, count(cp_id) as cr_inroom from chatroom left join chatpresence on cr_id = cp_room where cr_uid = %d order by cr_name group by cp_id",
+		intval($uid)
+	);
+	return $r;
 }
\ No newline at end of file
diff --git a/include/widgets.php b/include/widgets.php
index efa350785..8b22515b1 100644
--- a/include/widgets.php
+++ b/include/widgets.php
@@ -576,3 +576,12 @@ function widget_menu_preview($arr) {
 	require_once('include/menu.php');
 	return menu_render(get_app()->data['menu_item']);
 }
+
+function widget_chatroom_list($arr) {
+	require_once("include/chat.php");
+	$r = chatroom_list(local_user());
+	return replace_macros(get_markup_template('chatroomlist.tpl'),array(
+		'$header' => t('Chat Rooms'),
+		'$items' => $r,
+	));
+}
\ No newline at end of file
-- 
cgit v1.2.3


From 10b51a9471bba2a1b058eee2d362d3d2189627be Mon Sep 17 00:00:00 2001
From: friendica <info@friendica.com>
Date: Wed, 29 Jan 2014 02:25:21 -0800
Subject: issues uncovered whilst testing the chatroom API

---
 include/chat.php | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

(limited to 'include')

diff --git a/include/chat.php b/include/chat.php
index cb910bd62..8011fdb5b 100644
--- a/include/chat.php
+++ b/include/chat.php
@@ -23,8 +23,8 @@ function chatroom_create($channel,$arr) {
 	$created = datetime_convert();
 
 	$x = q("insert into chatroom ( cr_aid, cr_uid, cr_name, cr_created, cr_edited, allow_cid, allow_gid, deny_cid, deny_gid )
-		values ( %d, %d , '%s' '%s', '%s', '%s', '%s', '%s', '%s' ) ",
-		intval($channel['account_id']),
+		values ( %d, %d , '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ",
+		intval($channel['channel_account_id']),
 		intval($channel['channel_id']),
 		dbesc($name),
 		dbesc($created),
@@ -34,6 +34,7 @@ function chatroom_create($channel,$arr) {
 		dbesc($arr['deny_cid']),
 		dbesc($arr['deny_gid'])
 	);
+
 	if($x)
 		$ret['success'] = true;
 
@@ -74,8 +75,8 @@ function chatroom_destroy($channel,$arr) {
 }
 
 
-function chatroom_enter($observer_xchan,$room_id,$status) {
-	if(! $room_id || ! $observer)
+function chatroom_enter($observer_xchan,$room_id,$status,$client) {
+	if(! $room_id || ! $observer_xchan)
 		return;
 	$r = q("select * from chatpresence where cp_xchan = '%s' and cp_room = %d limit 1",
 		dbesc($observer_xchan),
@@ -90,19 +91,20 @@ function chatroom_enter($observer_xchan,$room_id,$status) {
 		return true;
 	}
 
-	$r = q("insert into chatpresence ( cp_room, cp_xchan, cp_last, cp_status )
-		values ( %d, '%s', '%s', '%s' )",
+	$r = q("insert into chatpresence ( cp_room, cp_xchan, cp_last, cp_status, cp_client )
+		values ( %d, '%s', '%s', '%s', '%s' )",
 		intval($room_id),
 		dbesc($observer_xchan),
 		dbesc(datetime_convert()),
-		dbesc($status)
+		dbesc($status),
+		dbesc($client)
 	);
 	return $r;
 }
 
 
 function chatroom_leave($observer_xchan,$room_id,$status) {
-	if(! $room_id || ! $observer)
+	if(! $room_id || ! $observer_xchan)
 		return;
 	$r = q("select * from chatpresence where cp_xchan = '%s' and cp_room = %d limit 1",
 		dbesc($observer_xchan),
-- 
cgit v1.2.3


From 6a9d43bcbe167ff3a8f9bd8a2ce93d9fc298fcdf Mon Sep 17 00:00:00 2001
From: friendica <info@friendica.com>
Date: Wed, 29 Jan 2014 03:16:07 -0800
Subject: debug chatroom_list widget

---
 include/chat.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'include')

diff --git a/include/chat.php b/include/chat.php
index 8011fdb5b..9d90f7970 100644
--- a/include/chat.php
+++ b/include/chat.php
@@ -121,8 +121,9 @@ function chatroom_leave($observer_xchan,$room_id,$status) {
 
 function chatroom_list($uid) {
 
-	$r = q("select cr_name, cr_id, count(cp_id) as cr_inroom from chatroom left join chatpresence on cr_id = cp_room where cr_uid = %d order by cr_name group by cp_id",
+	$r = q("select cr_name, cr_id, count(cp_id) as cr_inroom from chatroom left join chatpresence on cr_id = cp_room where cr_uid = %d  group by cp_id order by cr_name",
 		intval($uid)
 	);
+
 	return $r;
 }
\ No newline at end of file
-- 
cgit v1.2.3


From a1e7c65d51a6472cf7fe95686883f77953d7dfd7 Mon Sep 17 00:00:00 2001
From: friendica <info@friendica.com>
Date: Wed, 29 Jan 2014 03:39:32 -0800
Subject: chatroom permissions enforcement

---
 include/chat.php | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

(limited to 'include')

diff --git a/include/chat.php b/include/chat.php
index 9d90f7970..6bcb003ff 100644
--- a/include/chat.php
+++ b/include/chat.php
@@ -76,8 +76,27 @@ function chatroom_destroy($channel,$arr) {
 
 
 function chatroom_enter($observer_xchan,$room_id,$status,$client) {
+
 	if(! $room_id || ! $observer_xchan)
 		return;
+
+	$r = q("select * from chatroom where cr_id = %d limit 1",
+		intval($room_id)
+	);
+	if(! $r)
+		return;
+	require_once('include/security.php');
+	$sql_extra = permissions_sql($r[0]['cr_uid']);
+
+	$x = q("select * from chatroom where cr_id = %d and uid = %d $sql_extra limit 1",
+			intval($room_id)
+			intval($r[0]['cr_uid'])
+	);
+	if(! $x) {
+		notice( t('Permission denied.') . EOL);
+		return;
+	}
+
 	$r = q("select * from chatpresence where cp_xchan = '%s' and cp_room = %d limit 1",
 		dbesc($observer_xchan),
 		intval($room_id)
-- 
cgit v1.2.3