From 45e0fc6802b360710becf7ddaf6aed6a9de1d876 Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Mon, 26 Feb 2018 18:16:43 -0500 Subject: Successful OAuth2 sequence demonstrated with the test vehicle, including an authenticated API call using an access_token. --- include/api_auth.php | 57 +++++++++++++++++++++++++++++++++++++++++----------- include/network.php | 4 +++- 2 files changed, 48 insertions(+), 13 deletions(-) (limited to 'include') diff --git a/include/api_auth.php b/include/api_auth.php index 5c0bcb317..e2f7ab155 100644 --- a/include/api_auth.php +++ b/include/api_auth.php @@ -14,25 +14,58 @@ function api_login(&$a){ // login with oauth try { - $oauth = new ZotOAuth1(); - $req = OAuth1Request::from_request(); + // OAuth 2.0 + $storage = new \Zotlabs\Identity\OAuth2Storage(\DBA::$dba->db); + $server = new \Zotlabs\Identity\OAuth2Server($storage); + $request = \OAuth2\Request::createFromGlobals(); + if ($server->verifyResourceRequest($request)) { + $token = $server->getAccessTokenData($request); + $uid = $token['user_id']; + $r = q("SELECT * FROM channel WHERE channel_id = %d LIMIT 1", + intval($uid) + ); + if (count($r)) { + $record = $r[0]; + } else { + header('HTTP/1.0 401 Unauthorized'); + echo('This api requires login'); + killme(); + } + + $_SESSION['uid'] = $record['channel_id']; + $_SESSION['addr'] = $_SERVER['REMOTE_ADDR']; + + $x = q("select * from account where account_id = %d LIMIT 1", + intval($record['channel_account_id']) + ); + if ($x) { + require_once('include/security.php'); + authenticate_success($x[0], null, true, false, true, true); + $_SESSION['allow_api'] = true; + call_hooks('logged_in', App::$user); + return; + } + } else { + // OAuth 1.0 + $oauth = new ZotOAuth1(); + $req = OAuth1Request::from_request(); - list($consumer,$token) = $oauth->verify_request($req); + list($consumer, $token) = $oauth->verify_request($req); - if (!is_null($token)){ - $oauth->loginUser($token->uid); + if (!is_null($token)) { + $oauth->loginUser($token->uid); - App::set_oauth_key($consumer->key); + App::set_oauth_key($consumer->key); - call_hooks('logged_in', App::$user); - return; + call_hooks('logged_in', App::$user); + return; + } + killme(); } - killme(); - } - catch(Exception $e) { + } catch (Exception $e) { logger($e->getMessage()); } - + // workarounds for HTTP-auth in CGI mode foreach([ 'REDIRECT_REMOTE_USER', 'HTTP_AUTHORIZATION' ] as $head) { diff --git a/include/network.php b/include/network.php index f8cb68613..9768a2544 100644 --- a/include/network.php +++ b/include/network.php @@ -88,6 +88,8 @@ function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) { $instance_headers[] = 'Cookie: PHPSESSID=' . session_id(); } } + logger('headers: ' . json_encode($instance_headers, JSON_PRETTY_PRINT)); + if($instance_headers) @curl_setopt($ch, CURLOPT_HTTPHEADER, $instance_headers); @@ -143,7 +145,7 @@ function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) { $base = $s; $curl_info = @curl_getinfo($ch); $http_code = $curl_info['http_code']; - //logger('fetch_url:' . $http_code . ' data: ' . $s); + logger('fetch_url:' . $http_code . ' data: ' . $s); $header = ''; // Pull out multiple headers, e.g. proxy and continuation headers -- cgit v1.2.3 From b60098ec68e76cad9ebebdc83bb9c23766be9c52 Mon Sep 17 00:00:00 2001 From: Klaus Weidenbach Date: Thu, 1 Mar 2018 11:29:15 +0100 Subject: Update composer autoload cache. --- include/zot.php | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) (limited to 'include') diff --git a/include/zot.php b/include/zot.php index 0cfc370a2..25e30ccbc 100644 --- a/include/zot.php +++ b/include/zot.php @@ -171,6 +171,8 @@ function zot_build_packet($channel, $type = 'notify', $recipients = null, $remot * packet type: one of 'ping', 'pickup', 'purge', 'refresh', 'keychange', 'force_refresh', 'notify', 'auth_check' * @param array $recipients * envelope information, array ( 'guid' => string, 'guid_sig' => string ); empty for public posts + * @param string msg + * optional message * @param string $remote_key * optional public site key of target hub used to encrypt entire packet * NOTE: remote_key and encrypted packets are required for 'auth_check' packets, optional for all others @@ -299,7 +301,7 @@ function zot_zot($url, $data, $channel = null,$crypto = null) { if($channel) { $headers['X-Zot-Token'] = random_string(); $hash = \Zotlabs\Web\HTTPSig::generate_digest($data,false); - $headers['X-Zot-Digest'] = 'SHA-256=' . $hash; + $headers['X-Zot-Digest'] = 'SHA-256=' . $hash; $h = \Zotlabs\Web\HTTPSig::create_sig('',$headers,$channel['channel_prvkey'],'acct:' . $channel['channel_address'] . '@' . \App::get_hostname(),false,false,'sha512',(($crypto) ? $crypto['hubloc_sitekey'] : ''), (($crypto) ? zot_best_algorithm($crypto['site_crypto']) : '')); } @@ -393,7 +395,7 @@ function zot_refresh($them, $channel = null, $force = false) { if($s && intval($s[0]['site_dead']) && (! $force)) { logger('zot_refresh: site ' . $url . ' is marked dead and force flag is not set. Cancelling operation.'); return false; - } + } $token = random_string(); @@ -1156,7 +1158,7 @@ function zot_process_response($hub, $arr, $outq) { * and also that the signer and the sender match. * If that happens, we do not need to fetch/pickup the message - we have it already and it is verified. * Translate it into the form we need for zot_import() and import it. - * + * * Otherwise send back a pickup message, using our message tracking ID ($arr['secret']), which we will sign with our site * private key. * The entire pickup message is encrypted with the remote site's public key. @@ -5090,7 +5092,7 @@ function zot_reply_refresh($sender, $recipients) { function zot6_check_sig() { $ret = [ 'success' => false ]; - + logger('server: ' . print_r($_SERVER,true), LOGGER_DATA); if(array_key_exists('HTTP_SIGNATURE',$_SERVER)) { -- cgit v1.2.3 From dcfe9bc64f822af02021767bf8c70fbe9d847bda Mon Sep 17 00:00:00 2001 From: zotlabs Date: Fri, 2 Mar 2018 01:01:30 -0800 Subject: background work for caldav integration continued, modify mod_follow to allow it to be called from ajax without redirecting. --- include/event.php | 22 ++++++++++++++++++++++ include/follow.php | 15 ++++++++++++--- 2 files changed, 34 insertions(+), 3 deletions(-) (limited to 'include') diff --git a/include/event.php b/include/event.php index 1077a3c64..84a16e8be 100644 --- a/include/event.php +++ b/include/event.php @@ -1322,3 +1322,25 @@ function translate_type($type) { return [$type, t('Other') . ' (' . $type . ')']; } } + + +function cal_store_lowlevel($arr) { + + $store = [ + 'cal_aid' => ((array_key_exists('cal_aid',$arr)) ? $arr['cal_aid'] : 0), + 'cal_uid' => ((array_key_exists('cal_uid',$arr)) ? $arr['cal_uid'] : 0), + 'cal_hash' => ((array_key_exists('cal_hash',$arr)) ? $arr['cal_hash'] : ''), + 'cal_name' => ((array_key_exists('cal_name',$arr)) ? $arr['cal_name'] : ''), + 'uri' => ((array_key_exists('uri',$arr)) ? $arr['uri'] : ''), + 'logname' => ((array_key_exists('logname',$arr)) ? $arr['logname'] : ''), + 'pass' => ((array_key_exists('pass',$arr)) ? $arr['pass'] : ''), + 'ctag' => ((array_key_exists('ctag',$arr)) ? $arr['ctag'] : ''), + 'synctoken' => ((array_key_exists('synctoken',$arr)) ? $arr['synctoken'] : ''), + 'cal_types' => ((array_key_exists('cal_types',$arr)) ? $arr['cal_types'] : ''), + ]; + + return create_table_from_array('cal', $store); + +} + + diff --git a/include/follow.php b/include/follow.php index 0843802c5..a63fe66ea 100644 --- a/include/follow.php +++ b/include/follow.php @@ -88,9 +88,18 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) // Premium channel, set confirm before callback to avoid recursion - if(array_key_exists('connect_url',$j) && ($interactive) && (! $confirm)) - goaway(zid($j['connect_url'])); - + if(array_key_exists('connect_url',$j) && (! $confirm)) { + if($interactive) { + goaway(zid($j['connect_url'])); + } + else { + $result['message'] = t('Premium channel - please visit:') . ' ' . zid($j['connect_url']); + logger('mod_follow: ' . $result['message']); + return $result; + } + } + + // do we have an xchan and hubloc? // If not, create them. -- cgit v1.2.3 From b38ce967f36e0dc5a503fbca9477732cd8967ea6 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Fri, 2 Mar 2018 12:41:50 -0800 Subject: sort settings/featured --- include/text.php | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'include') diff --git a/include/text.php b/include/text.php index c82fad517..6675043e6 100644 --- a/include/text.php +++ b/include/text.php @@ -3311,4 +3311,10 @@ function purify_filename($s) { return $s; } +// callback for sorting the settings/featured entries. +function featured_sort($a,$b) { + $s1 = substr($a,strpos($a,'id='),20); + $s2 = substr($b,strpos($b,'id='),20); + return(strcmp($s1,$s2)); +} -- cgit v1.2.3 From df038055799d839aebab4e1a8b43fba81192c186 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Fri, 2 Mar 2018 13:15:28 -0800 Subject: process follow from article menu in the background, do not reload page - hubzilla issue #987 --- include/conversation.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'include') diff --git a/include/conversation.php b/include/conversation.php index 0bb9c769a..6374267eb 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -1005,7 +1005,7 @@ function thread_author_menu($item, $mode = '') { $contact = App::$contacts[$item['author_xchan']]; else if($local_channel && $item['author']['xchan_addr']) - $follow_url = z_root() . '/follow/?f=&url=' . urlencode($item['author']['xchan_addr']); + $follow_url = z_root() . '/follow/?f=&url=' . urlencode($item['author']['xchan_addr']) . '&interactive=0'; if($item['uid'] > 0 && author_is_pmable($item['author'],$contact)) { @@ -1051,8 +1051,8 @@ function thread_author_menu($item, $mode = '') { 'menu' => 'follow', 'title' => t('Connect'), 'icon' => 'fw', - 'action' => '', - 'href' => $follow_url + 'action' => 'doFollowAuthor(\'' . $follow_url . '\'); return false;', + 'href' => '#', ]; } -- cgit v1.2.3 From c3920116f2fbf994f63b8bf9d190b16699cb93c0 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sat, 3 Mar 2018 13:52:55 -0800 Subject: more work on federated polls --- include/bbcode.php | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) (limited to 'include') diff --git a/include/bbcode.php b/include/bbcode.php index 03a46444b..b33766757 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -668,6 +668,31 @@ function bb_fixtable_lf($match) { } +function bbtopoll($s) { + + $pl = []; + + $match = ''; + if(! preg_match("/\[poll=(.*?)\](.*?)\[\/poll\]/ism",$s,$match)) { + return null; + } + $pl['poll_id'] = $match[1]; + $pl['poll_question'] = $match[2]; + + $match = ''; + if(preg_match_all("/\[poll\-answer=(.*?)\](.*?)\[\/poll\-answer\]/is",$s,$match,PREG_SET_ORDER)) { + $pl['answer'] = []; + foreach($match as $m) { + $ans = [ 'answer_id' => $m[1], 'answer_text' => $m[2] ]; + $pl['answer'][] = $ans; + } + } + + return $pl; + +} + + function parseIdentityAwareHTML($Text) { // Hide all [noparse] contained bbtags by spacefying them @@ -766,6 +791,11 @@ function bbcode($Text, $options = []) { $ev = bbtoevent($Text); + // and the same with polls + + $pl = bbtopoll($Text); + + // process [observer] tags before we do anything else because we might // be stripping away stuff that then doesn't need to be worked on anymore -- cgit v1.2.3 From 14f701f7fc20104520a3837c6e6c359dfa0161f7 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sun, 4 Mar 2018 14:30:09 -0800 Subject: restrict mail messages to max_import_size --- include/items.php | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'include') diff --git a/include/items.php b/include/items.php index 790b91c88..50f663836 100755 --- a/include/items.php +++ b/include/items.php @@ -1412,6 +1412,13 @@ function get_mail_elements($x) { } else { $arr['body'] = (($x['body']) ? htmlspecialchars($x['body'], ENT_COMPAT,'UTF-8',false) : ''); + + $maxlen = get_max_import_size(); + + if($maxlen && mb_strlen($arr['body']) > $maxlen) { + $arr['body'] = mb_substr($arr['body'],0,$maxlen,'UTF-8'); + logger('message length exceeds max_import_size: truncated'); + } } $arr['title'] = (($x['title'])? htmlspecialchars($x['title'],ENT_COMPAT,'UTF-8',false) : ''); -- cgit v1.2.3 From be6619d9c06a31fa211c6200aad377d94c1fd0b5 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sun, 4 Mar 2018 15:29:10 -0800 Subject: bugfix: unable to reset profile fields to defaults in admin/profs by emptying the textarea --- include/channel.php | 1 + 1 file changed, 1 insertion(+) (limited to 'include') diff --git a/include/channel.php b/include/channel.php index a8ddfa978..204c1e64f 100644 --- a/include/channel.php +++ b/include/channel.php @@ -1897,6 +1897,7 @@ function is_public_profile() { function get_profile_fields_basic($filter = 0) { $profile_fields_basic = (($filter == 0) ? get_config('system','profile_fields_basic') : null); + if(! $profile_fields_basic) $profile_fields_basic = array('fullname','pdesc','chandesc','comms','gender','dob','dob_tz','region','country_name','marital','sexual','homepage','hometown','keywords','about','contact'); -- cgit v1.2.3 From 59a2057fa0faac2db7b36a5d6c40435c6e13d378 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sun, 4 Mar 2018 17:36:52 -0800 Subject: fix some issues with friend suggestions on standalone sites with no 'suggestme' volunteers. This wrongly pulled up a site directory suggesting everybody on the site. While a better outcome than finding nobody, this does not fit with our ethical design goals. If there are no friends of friends, we will only suggest those who volunteer to be on the default suggestion list. Also do not attempt to load poco data from dead sites. --- include/channel.php | 3 +-- include/socgraph.php | 13 ++++++++----- 2 files changed, 9 insertions(+), 7 deletions(-) (limited to 'include') diff --git a/include/channel.php b/include/channel.php index 204c1e64f..a754d3504 100644 --- a/include/channel.php +++ b/include/channel.php @@ -1126,8 +1126,7 @@ function channel_export_items($channel_id, $start, $finish) { /** * @brief Loads a profile into the App structure. * - * The function requires a writeable copy of the main App structure, and the - * nickname of a valid channel. + * The function requires the nickname of a valid channel. * * Permissions of the current observer are checked. If a restricted profile is available * to the current observer, that will be loaded instead of the channel default profile. diff --git a/include/socgraph.php b/include/socgraph.php index 87a880202..6cddbbaac 100644 --- a/include/socgraph.php +++ b/include/socgraph.php @@ -52,7 +52,7 @@ function poco_load($xchan = '', $url = null) { elseif($s['return_code'] == 404) logger('poco_load: nothing found'); else - logger('poco_load: returns ' . print_r($s,true)); + logger('poco_load: returns ' . print_r($s,true), LOGGER_DATA); return; } @@ -288,11 +288,14 @@ function suggestion_query($uid, $myxchan, $start = 0, $limit = 80) { function update_suggestions() { - $dirmode = get_config('system', 'directory_mode'); - if($dirmode === false) - $dirmode = DIRECTORY_MODE_NORMAL; + $dirmode = get_config('system', 'directory_mode', DIRECTORY_MODE_NORMAL); - if(($dirmode == DIRECTORY_MODE_PRIMARY) || ($dirmode == DIRECTORY_MODE_STANDALONE)) { + if($dirmode == DIRECTORY_MODE_STANDALONE) { + poco_load('', z_root() . '/poco'); + return; + } + + if($dirmode == DIRECTORY_MODE_PRIMARY) { $url = z_root() . '/sitelist'; } else { -- cgit v1.2.3 From 0a876e1518e83636f65b35394076745254db019d Mon Sep 17 00:00:00 2001 From: zotlabs Date: Tue, 6 Mar 2018 11:39:49 -0800 Subject: don't add pending connections to the default privacy group until accepted --- include/zot.php | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) (limited to 'include') diff --git a/include/zot.php b/include/zot.php index 25e30ccbc..c11cace2a 100644 --- a/include/zot.php +++ b/include/zot.php @@ -589,13 +589,16 @@ function zot_refresh($them, $channel = null, $force = false) { // If there is a default group for this channel, add this connection to it - - $default_group = $channel['channel_default_group']; - if($default_group) { - require_once('include/group.php'); - $g = group_rec_byhash($channel['channel_id'],$default_group); - if($g) - group_add_member($channel['channel_id'],'',$x['hash'],$g['id']); + // for pending connections this will happens at acceptance time. + + if(! intval($new_connection[0]['abook_pending'])) { + $default_group = $channel['channel_default_group']; + if($default_group) { + require_once('include/group.php'); + $g = group_rec_byhash($channel['channel_id'],$default_group); + if($g) + group_add_member($channel['channel_id'],'',$x['hash'],$g['id']); + } } unset($new_connection[0]['abook_id']); -- cgit v1.2.3 From 34399b8b47d9a85eb3c4095392ab994792257d88 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Mon, 12 Mar 2018 15:47:33 -0700 Subject: obscure permission issue with custom permissions when using the highly discouraged advisory privacy modes --- include/items.php | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'include') diff --git a/include/items.php b/include/items.php index 50f663836..7faa1b9ec 100755 --- a/include/items.php +++ b/include/items.php @@ -969,6 +969,10 @@ function import_author_unknown($x) { return false; } +function empty_acl($item) { + return (($item['allow_cid'] === EMPTY_STR && $item['allow_gid'] === EMPTY_STR && $item['deny_cid'] === EMPTY_STR && $item['deny_gid'] === EMPTY_STR) ? true : false); +} + function encode_item($item,$mirror = false) { $x = array(); $x['type'] = 'activity'; -- cgit v1.2.3 From ab1d47b36f21e5881900d9d805f4f7876f1c472f Mon Sep 17 00:00:00 2001 From: zotlabs Date: Mon, 12 Mar 2018 20:54:55 -0700 Subject: unicode/emoji usernames. Warning: experimental feature, unstable, untested, disabled by default, use at your own risk, may not federate to other platforms and protocols. May not clone correctly. Bug reports which neglect to include detailed roubleshooting information and patches/pull requests will be ignored. --- include/channel.php | 4 ++-- include/text.php | 16 ++++++++++++++++ 2 files changed, 18 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/channel.php b/include/channel.php index a754d3504..c94f5c657 100644 --- a/include/channel.php +++ b/include/channel.php @@ -1234,7 +1234,7 @@ function profile_load($nickname, $profile = '') { ); if($z) { $p[0]['picdate'] = $z[0]['xchan_photo_date']; - $p[0]['reddress'] = str_replace('@','@',$z[0]['xchan_addr']); + $p[0]['reddress'] = str_replace('@','@',unpunify($z[0]['xchan_addr'])); } // fetch user tags if this isn't the default profile @@ -1255,7 +1255,7 @@ function profile_load($nickname, $profile = '') { App::$profile = $p[0]; App::$profile_uid = $p[0]['profile_uid']; - App::$page['title'] = App::$profile['channel_name'] . " - " . channel_reddress(App::$profile); + App::$page['title'] = App::$profile['channel_name'] . " - " . unpunify(channel_reddress(App::$profile)); App::$profile['permission_to_view'] = $can_view_profile; diff --git a/include/text.php b/include/text.php index 6675043e6..c1e064857 100644 --- a/include/text.php +++ b/include/text.php @@ -3318,3 +3318,19 @@ function featured_sort($a,$b) { $s2 = substr($b,strpos($b,'id='),20); return(strcmp($s1,$s2)); } + + +function punify($s) { + require_once('vendor/simplepie/simplepie/idn/idna_convert.class.php'); + $x = new idna_convert(['encoding' => 'utf8']); + return $x->encode($s); + +} + +function unpunify($s) { + require_once('vendor/simplepie/simplepie/idn/idna_convert.class.php'); + $x = new idna_convert(['encoding' => 'utf8']); + return $x->decode($s); + +} + -- cgit v1.2.3 From 128d1f7aa8a11e0394913a10daef56cd4be450b1 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Tue, 13 Mar 2018 22:47:11 -0700 Subject: somewhere along the line the output of exif_read_data() changed and it no longer provides populated sections. Adjust for the new format and allow for the old because I cannot find documentation of this change anywhere. This affects photo rotation and the photo map feature. --- include/photo/photo_driver.php | 4 ++-- include/photos.php | 15 +++++++++++---- 2 files changed, 13 insertions(+), 6 deletions(-) (limited to 'include') diff --git a/include/photo/photo_driver.php b/include/photo/photo_driver.php index 6af753195..00284a288 100644 --- a/include/photo/photo_driver.php +++ b/include/photo/photo_driver.php @@ -289,12 +289,12 @@ abstract class photo_driver { return false; } - $ort = $exif['IFD0']['Orientation']; + $ort = ((array_key_exists('IFD0',$exif)) ? $exif['IFD0']['Orientation'] : $exif['Orientation']); if(! $ort) { return false; } - + switch($ort) { case 1: // nothing break; diff --git a/include/photos.php b/include/photos.php index b1391f284..321f7159c 100644 --- a/include/photos.php +++ b/include/photos.php @@ -333,10 +333,17 @@ function photo_upload($channel, $observer, $args) { $lat = $lon = null; - if($exif && $exif['GPS']) { - if(feature_enabled($channel_id,'photo_location')) { - $lat = getGps($exif['GPS']['GPSLatitude'], $exif['GPS']['GPSLatitudeRef']); - $lon = getGps($exif['GPS']['GPSLongitude'], $exif['GPS']['GPSLongitudeRef']); + if($exif && feature_enabled($channel_id,'photo_location')) { + $gps = null; + if(array_key_exists('GPS',$exif)) { + $gps = $exif['GPS']; + } + elseif(array_key_exists('GPSLatitude',$exif)) { + $gps = $exif; + } + if($gps) { + $lat = getGps($gps['GPSLatitude'], $gps['GPSLatitudeRef']); + $lon = getGps($gps['GPSLongitude'], $gps['GPSLongitudeRef']); } } -- cgit v1.2.3 From 0905018d3b3b02def2b0e69e9bc4c4ef2b2b86aa Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 14 Mar 2018 14:51:33 -0700 Subject: use original exif_read_data() parameters which were lost in a regression; unset automatic nsfw category generated for Mastodon content warning posts, as people use CW as a spoiler mechanism 99% of the time and flagging inappropriate content 1% of the time. --- include/feedutils.php | 8 ++++++++ include/photo/photo_driver.php | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/feedutils.php b/include/feedutils.php index 369193fce..4864a6ef5 100644 --- a/include/feedutils.php +++ b/include/feedutils.php @@ -668,6 +668,14 @@ function get_atom_elements($feed, $item) { } $termterm = notags(trim(unxmlify($term))); + // Mastodon auto generates an nsfw category tag for any 'content-warning' message. + // Most people use CW and use both summary/content as a spoiler and we honour that + // construct so the post will already be collapsed. The generated tag is almost + // always wrong and even if it isn't we would already be doing the right thing. + + if($mastodon && $termterm === 'nsfw') + continue; + if($termterm) { $terms[] = array( 'otype' => TERM_OBJ_POST, diff --git a/include/photo/photo_driver.php b/include/photo/photo_driver.php index 00284a288..22d2b776d 100644 --- a/include/photo/photo_driver.php +++ b/include/photo/photo_driver.php @@ -273,7 +273,7 @@ abstract class photo_driver { } if($f) { - return @exif_read_data($f); + return @exif_read_data($f,null,true); } return false; -- cgit v1.2.3 From a94a28bb7e2df6e8438deed9f0fb0e22682e61cc Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 14 Mar 2018 20:47:11 -0700 Subject: mastodon content-warning cont: only strip nsfw tag if a content warning spoiler is used. Else it's legitimately nsfw. --- include/feedutils.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/feedutils.php b/include/feedutils.php index 4864a6ef5..62e1299a4 100644 --- a/include/feedutils.php +++ b/include/feedutils.php @@ -673,7 +673,7 @@ function get_atom_elements($feed, $item) { // construct so the post will already be collapsed. The generated tag is almost // always wrong and even if it isn't we would already be doing the right thing. - if($mastodon && $termterm === 'nsfw') + if($mastodon && $termterm === 'nsfw' && $summary && $res['body']) continue; if($termterm) { -- cgit v1.2.3 From aa4f8b2901bbd15cac0a6dec704bc800686a1eb0 Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Thu, 15 Mar 2018 13:34:40 +0100 Subject: add xchan_network = zot and xchan_deleted = 0 to the random_profile() query --- include/connections.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/connections.php b/include/connections.php index e9d7daa2d..c5d74d4ca 100644 --- a/include/connections.php +++ b/include/connections.php @@ -421,7 +421,10 @@ function random_profile() { for($i = 0; $i < $retryrandom; $i++) { - $r = q("select xchan_url, xchan_hash from xchan left join hubloc on hubloc_hash = xchan_hash where xchan_hidden = 0 and xchan_system = 0 and hubloc_connected > %s - interval %s order by $randfunc limit 1", + $r = q("select xchan_url, xchan_hash from xchan left join hubloc on hubloc_hash = xchan_hash where + xchan_hidden = 0 and xchan_system = 0 and + xchan_network = 'zot' and xchan_deleted = 0 and + hubloc_connected > %s - interval %s order by $randfunc limit 1", db_utcnow(), db_quoteinterval('30 day') ); -- cgit v1.2.3 From 6c709551ce49feaa93b68253cb5767ad4cab66c1 Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Thu, 15 Mar 2018 14:31:50 +0100 Subject: do not always zid share links. add missing < --- include/bbcode.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'include') diff --git a/include/bbcode.php b/include/bbcode.php index b33766757..cd1a84d00 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -329,7 +329,7 @@ function bb_ShareAttributes($match) { $headline = '
'; if ($avatar != "") - $headline .= '' . $author . ''; + $headline .= '' . $author . ''; if(strpos($link,'/cards/')) $type = t('card'); @@ -341,8 +341,8 @@ function bb_ShareAttributes($match) { // Bob Smith wrote the following post 2 hours ago $fmt = sprintf( t('%1$s wrote the following %2$s %3$s'), - '' . $author . '', - '' . $type . '', + '' . $author . '', + '' . $type . '', $reldate ); @@ -393,7 +393,7 @@ function bb_ShareAttributesSimple($match) { if ($matches[1] != "") $profile = $matches[1]; - $text = html_entity_decode("♲ ", ENT_QUOTES, 'UTF-8') . ' ' . $author . ': div class="reshared-content">' . $match[2] . '
'; + $text = html_entity_decode("♲ ", ENT_QUOTES, 'UTF-8') . ' ' . $author . ':
' . $match[2] . '
'; return($text); } -- cgit v1.2.3 From 34fee2a7909674ced6aea91e60f8ff77e8345e8b Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Thu, 15 Mar 2018 14:53:18 +0100 Subject: match hosts instead of urls to decide if to zid or not to zid --- include/zid.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'include') diff --git a/include/zid.php b/include/zid.php index 67c1d9f6c..5b5601191 100644 --- a/include/zid.php +++ b/include/zid.php @@ -53,13 +53,13 @@ function zid($s, $address = '') { $mine = get_my_url(); $myaddr = (($address) ? $address : get_my_address()); - /** - * @FIXME checking against our own channel url is no longer reliable. We may have a lot - * of urls attached to our channel. Should probably match against our site, since we - * will not need to remote authenticate on our own site anyway. - */ + $mine_parsed = parse_url($mine); + $s_parsed = parse_url($s); - if ($mine && $myaddr && (! link_compare($mine,$s))) + if($mine_parsed['host'] === $s_parsed['host']) + $url_match = true; + + if ($mine && $myaddr && (! $url_match)) $zurl = $s . (($num_slashes >= 3) ? '' : '/') . $achar . 'zid=' . urlencode($myaddr); else $zurl = $s; @@ -346,4 +346,4 @@ function owt_init($token) { info(sprintf( t('OpenWebAuth: %1$s welcomes %2$s'),\App::get_hostname(), $hubloc['xchan_name'])); logger('OpenWebAuth: auth success from ' . $hubloc['xchan_addr']); -} \ No newline at end of file +} -- cgit v1.2.3 From 91b710b07d5fc2b48b5d56d1801a36532008d1e9 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Thu, 15 Mar 2018 17:51:24 -0700 Subject: add auth flag to share attributes so we can make a costly determination to use zid at post submission time instead of making multiple calls to is_matrix_url() at render time --- include/bbcode.php | 19 ++++++++++++++++--- include/feedutils.php | 1 + 2 files changed, 17 insertions(+), 3 deletions(-) (limited to 'include') diff --git a/include/bbcode.php b/include/bbcode.php index cd1a84d00..67f40dd23 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -311,6 +311,19 @@ function bb_ShareAttributes($match) { if ($matches[1] != "") $posted = $matches[1]; + $auth = ""; + preg_match("/auth='(.*?)'/ism", $attributes, $matches); + if ($matches[1] != "") { + if($matches[1] === 'true') + $auth = true; + else + $auth = false; + } + + if($auth === EMPTY_STR) { + $auth = is_matrix_url($profile); + } + // message_id is never used, do we still need it? $message_id = ""; preg_match("/message_id='(.*?)'/ism", $attributes, $matches); @@ -329,7 +342,7 @@ function bb_ShareAttributes($match) { $headline = '
'; if ($avatar != "") - $headline .= '' . $author . ''; + $headline .= '' . $author . ''; if(strpos($link,'/cards/')) $type = t('card'); @@ -341,8 +354,8 @@ function bb_ShareAttributes($match) { // Bob Smith wrote the following post 2 hours ago $fmt = sprintf( t('%1$s wrote the following %2$s %3$s'), - '' . $author . '', - '' . $type . '', + '' . $author . '', + '' . $type . '', $reldate ); diff --git a/include/feedutils.php b/include/feedutils.php index 62e1299a4..023caaad6 100644 --- a/include/feedutils.php +++ b/include/feedutils.php @@ -934,6 +934,7 @@ function feed_get_reshare(&$res,$item) { "' profile='" . $share['profile'] . "' avatar='" . $share['avatar'] . "' link='" . $share['alternate'] . + "' auth='" . 'false' . "' posted='" . $share['created'] . "' message_id='" . $share['message_id'] . "']"; -- cgit v1.2.3 From 3d6b606792171870becbc587ed6812cee4b94b9a Mon Sep 17 00:00:00 2001 From: zotlabs Date: Tue, 20 Mar 2018 04:08:36 -0700 Subject: add the social "party" permission role --- include/oembed.php | 1 + 1 file changed, 1 insertion(+) (limited to 'include') diff --git a/include/oembed.php b/include/oembed.php index c2bf0a0ed..eee53b6c1 100755 --- a/include/oembed.php +++ b/include/oembed.php @@ -32,6 +32,7 @@ function oembed_action($embedurl) { $action = 'block'; } } + if(strpos($embedurl,'.well-known') !== false) $action = 'block'; -- cgit v1.2.3 From 1514b0f4e5c053df60b8873b5411c70be727d227 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 21 Mar 2018 21:19:18 -0700 Subject: initial support for alternative sort orders on the cloud pages. Can be triggered manually but further development is required. --- include/zid.php | 1 + 1 file changed, 1 insertion(+) (limited to 'include') diff --git a/include/zid.php b/include/zid.php index 5b5601191..5275c6d5a 100644 --- a/include/zid.php +++ b/include/zid.php @@ -109,6 +109,7 @@ function clean_query_string($s = '') { $x = strip_zids(($s) ? $s : \App::$query_string); $x = strip_owt($x); $x = strip_zats($x); + $x = strip_query_param($x,'sort'); return strip_query_param($x,'f'); } -- cgit v1.2.3 From 1f128e84fb8f407c6bd678b3b2bb25605884cfc5 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 21 Mar 2018 22:52:24 -0700 Subject: Hubzilla issue #1006, fix anonymous comments bump thread before being approved. --- include/items.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/items.php b/include/items.php index 7faa1b9ec..53d1a3c02 100755 --- a/include/items.php +++ b/include/items.php @@ -1977,11 +1977,11 @@ function item_store($arr, $allow_exec = false, $deliver = true) { */ call_hooks('post_remote_end', $arr); - // update the commented timestamp on the parent - unless this is potentially a clone of an older item + // update the commented timestamp on the parent - unless this is a moderated comment or a potential clone of an older item // which we don't wish to bring to the surface. As the queue only holds deliveries for 3 days, it's // suspected of being an older cloned item if the creation time is older than that. - if($arr['created'] > datetime_convert('','','now - 4 days')) { + if((intval($arr['item_blocked']) != ITEM_MODERATED) || ($arr['created'] > datetime_convert('','','now - 4 days'))) { $z = q("select max(created) as commented from item where parent_mid = '%s' and uid = %d and item_delayed = 0 ", dbesc($arr['parent_mid']), intval($arr['uid']) -- cgit v1.2.3 From 05e11844e5a0f90b7f45f27047b2926442484108 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Thu, 22 Mar 2018 17:17:00 -0700 Subject: make list mode work in cards and articles --- include/conversation.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'include') diff --git a/include/conversation.php b/include/conversation.php index 6374267eb..64beb1b0e 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -838,11 +838,11 @@ function conversation($items, $mode, $update, $page_mode = 'traditional', $prepa $item_object = new Zotlabs\Lib\ThreadItem($item); $conv->add_thread($item_object); - if($page_mode === 'list') { + if(($page_mode === 'list') || ($page_mode === 'pager_list')) { $item_object->set_template('conv_list.tpl'); $item_object->set_display_mode('list'); } - if($page_mode === 'cards') { + if($mode === 'cards' || $mode === 'articles') { $item_object->set_reload($jsreload); } @@ -857,7 +857,7 @@ function conversation($items, $mode, $update, $page_mode = 'traditional', $prepa } } - if($page_mode === 'traditional' || $page_mode === 'preview') { + if(in_array($page_mode, [ 'traditional', 'preview', 'pager_list'] )) { $page_template = get_markup_template("threaded_conversation.tpl"); } elseif($update) { -- cgit v1.2.3 From 034032c7c27ca0e0ba0720aeea84ba6272eb6d36 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Thu, 22 Mar 2018 19:52:25 -0700 Subject: slight change in mail privacy implementation. If you initiate a private mail conversation and they respond, accept the reply. You can't hide behind your permissions or lack thereof. Often this will be accidental. If you truly want to block them from replying and your permissions otherwise would not allow them to reply, delete the conversation. --- include/zot.php | 26 ++++++++++++++++++++++---- 1 file changed, 22 insertions(+), 4 deletions(-) (limited to 'include') diff --git a/include/zot.php b/include/zot.php index c11cace2a..25ea9b8fb 100644 --- a/include/zot.php +++ b/include/zot.php @@ -2285,13 +2285,31 @@ function process_mail_delivery($sender, $arr, $deliveries) { continue; } + if(! perm_is_allowed($channel['channel_id'],$sender['hash'],'post_mail')) { - logger("permission denied for mail delivery {$channel['channel_id']}"); - $DR->update('permission denied'); - $result[] = $DR->get(); - continue; + + /* + * Always allow somebody to reply if you initiated the conversation. It's anti-social + * and a bit rude to send a private message to somebody and block their ability to respond. + * If you are being harrassed and want to put an end to it, delete the conversation. + */ + + $return = false; + if($arr['parent_mid']) { + $return = q("select * from mail where mid = '%s' and channel_id = %d limit 1", + dbesc($arr['parent_mid']), + intval($channel['channel_id']) + ); + } + if(! $return) { + logger("permission denied for mail delivery {$channel['channel_id']}"); + $DR->update('permission denied'); + $result[] = $DR->get(); + continue; + } } + $r = q("select id from mail where mid = '%s' and channel_id = %d limit 1", dbesc($arr['mid']), intval($channel['channel_id']) -- cgit v1.2.3 From af8cbf000fb1433b7c7d2c6c4543980f01ba69a9 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Thu, 22 Mar 2018 21:23:12 -0700 Subject: tagadelic was being overly protective of permissions. --- include/taxonomy.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/taxonomy.php b/include/taxonomy.php index 393b8718e..4a3818096 100644 --- a/include/taxonomy.php +++ b/include/taxonomy.php @@ -182,11 +182,10 @@ function tagadelic($uid, $count = 0, $authors = '', $owner = '', $flags = 0, $re $sql_options .= " and owner_xchan = '" . dbesc($owner) . "' "; } - // Fetch tags $r = q("select term, count(term) as total from term left join item on term.oid = item.id where term.uid = %d and term.ttype = %d - and otype = %d and item_type = %d and item_private = 0 + and otype = %d and item_type = %d $sql_options $item_normal group by term order by total desc %s", intval($uid), @@ -196,6 +195,7 @@ function tagadelic($uid, $count = 0, $authors = '', $owner = '', $flags = 0, $re ((intval($count)) ? "limit $count" : '') ); + if(! $r) return array(); -- cgit v1.2.3 From ac967db4e87761c1be98d6f548ecedd55d942fea Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Fri, 23 Mar 2018 09:40:24 +0100 Subject: new markdown lib seems to handle < and > correct. remove the workaraound. --- include/markdown.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/markdown.php b/include/markdown.php index e4a35e3c3..431ba84a4 100644 --- a/include/markdown.php +++ b/include/markdown.php @@ -207,7 +207,7 @@ function bb_to_markdown($Text, $options = []) { $Text = bbcode($Text, [ 'tryoembed' => false ]); // Markdownify does not preserve previously escaped html entities such as <> and &. - $Text = str_replace(array('<','>','&'),array('&_lt_;','&_gt_;','&_amp_;'),$Text); + //$Text = str_replace(array('<','>','&'),array('&_lt_;','&_gt_;','&_amp_;'),$Text); // Now convert HTML to Markdown @@ -215,7 +215,7 @@ function bb_to_markdown($Text, $options = []) { // It also adds backslashes to our attempt at getting around the html entity preservation for some weird reason. - $Text = str_replace(array('&\\_lt\\_;','&\\_gt\\_;','&\\_amp\\_;'),array('<','>','&'),$Text); + //$Text = str_replace(array('&\\_lt\\_;','&\\_gt\\_;','&\\_amp\\_;'),array('<','>','&'),$Text); // If the text going into bbcode() has a plain URL in it, i.e. // with no [url] tags around it, it will come out of parseString() -- cgit v1.2.3 From 9a155cf5a576e01960c8d8b6128bfc27077211af Mon Sep 17 00:00:00 2001 From: zotlabs Date: Fri, 23 Mar 2018 19:03:30 -0700 Subject: turn newmember widget into a feature --- include/features.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/features.php b/include/features.php index 993266977..3928fc5cf 100644 --- a/include/features.php +++ b/include/features.php @@ -45,6 +45,7 @@ function feature_level($feature,$def) { function get_features($filtered = true) { + $account = \App::get_account(); $arr = [ @@ -53,7 +54,14 @@ function get_features($filtered = true) { t('General Features'), - + [ + 'start_menu', + t('New Member Links'), + t('Display new member quick links menu'), + true, + get_config('feature_lock','start_menu'), + feature_level('start_menu',1), + ], [ 'advanced_profiles', -- cgit v1.2.3 From abe6ab477531916158c04e3d387cb02e839d28b6 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Fri, 23 Mar 2018 21:24:24 -0700 Subject: logic fallacy when updating parent timestamp of moderated comment --- include/items.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/items.php b/include/items.php index 53d1a3c02..a2068868a 100755 --- a/include/items.php +++ b/include/items.php @@ -1977,11 +1977,19 @@ function item_store($arr, $allow_exec = false, $deliver = true) { */ call_hooks('post_remote_end', $arr); + $update_parent = true; + // update the commented timestamp on the parent - unless this is a moderated comment or a potential clone of an older item // which we don't wish to bring to the surface. As the queue only holds deliveries for 3 days, it's // suspected of being an older cloned item if the creation time is older than that. - if((intval($arr['item_blocked']) != ITEM_MODERATED) || ($arr['created'] > datetime_convert('','','now - 4 days'))) { + if(intval($arr['item_blocked']) === ITEM_MODERATED) + $update_parent = false; + + if($arr['created'] < datetime_convert('','','now - 4 days')) + $update_parent = false; + + if($update_parent) { $z = q("select max(created) as commented from item where parent_mid = '%s' and uid = %d and item_delayed = 0 ", dbesc($arr['parent_mid']), intval($arr['uid']) -- cgit v1.2.3 From 558e3f804247b14448969d8a0c8cf83b6c0fe4d7 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sat, 24 Mar 2018 02:22:24 -0700 Subject: code optimisations and de-duplication on updating parent commented timestamp --- include/items.php | 56 ++++++++++++++++++++++++++++++------------------------- 1 file changed, 31 insertions(+), 25 deletions(-) (limited to 'include') diff --git a/include/items.php b/include/items.php index a2068868a..d1625e944 100755 --- a/include/items.php +++ b/include/items.php @@ -1977,31 +1977,7 @@ function item_store($arr, $allow_exec = false, $deliver = true) { */ call_hooks('post_remote_end', $arr); - $update_parent = true; - - // update the commented timestamp on the parent - unless this is a moderated comment or a potential clone of an older item - // which we don't wish to bring to the surface. As the queue only holds deliveries for 3 days, it's - // suspected of being an older cloned item if the creation time is older than that. - - if(intval($arr['item_blocked']) === ITEM_MODERATED) - $update_parent = false; - - if($arr['created'] < datetime_convert('','','now - 4 days')) - $update_parent = false; - - if($update_parent) { - $z = q("select max(created) as commented from item where parent_mid = '%s' and uid = %d and item_delayed = 0 ", - dbesc($arr['parent_mid']), - intval($arr['uid']) - ); - - q("UPDATE item set commented = '%s', changed = '%s' WHERE id = %d", - dbesc(($z) ? $z[0]['commented'] : (datetime_convert())), - dbesc(datetime_convert()), - intval($parent_id) - ); - } - + item_update_parent_commented($arr); // If _creating_ a deleted item, don't propagate it further or send out notifications. // We need to store the item details just in case the delete came in before the original post, @@ -2332,6 +2308,36 @@ function item_store_update($arr, $allow_exec = false, $deliver = true) { return $ret; } +function item_update_parent_commented($item) { + + + $update_parent = true; + + // update the commented timestamp on the parent + // - unless this is a moderated comment or a potential clone of an older item + // which we don't wish to bring to the surface. As the queue only holds deliveries + // for 3 days, it's suspected of being an older cloned item if the creation time + //is older than that. + + if(intval($item['item_blocked']) === ITEM_MODERATED) + $update_parent = false; + + if($item['created'] < datetime_convert('','','now - 4 days')) + $update_parent = false; + + if($update_parent) { + $z = q("select max(created) as commented from item where parent_mid = '%s' and uid = %d and item_delayed = 0 ", + dbesc($item['parent_mid']), + intval($item['uid']) + ); + + q("UPDATE item set commented = '%s', changed = '%s' WHERE id = %d", + dbesc(($z) ? $z[0]['commented'] : datetime_convert()), + dbesc(datetime_convert()), + intval($item['parent']) + ); + } +} function send_status_notifications($post_id,$item) { -- cgit v1.2.3 From 4ef2493e957ce1f2c8ea4045dba2746032f34d41 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sun, 25 Mar 2018 21:15:23 -0700 Subject: testing start_menu feature --- include/features.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/features.php b/include/features.php index 3928fc5cf..5481c37a4 100644 --- a/include/features.php +++ b/include/features.php @@ -28,8 +28,9 @@ function get_feature_default($feature) { $f = get_features(false); foreach($f as $cat) { foreach($cat as $feat) { - if(is_array($feat) && $feat[0] === $feature) + if(is_array($feat) && $feat[0] === $feature) { return $feat[3]; + } } } return false; @@ -58,7 +59,7 @@ function get_features($filtered = true) { 'start_menu', t('New Member Links'), t('Display new member quick links menu'), - true, + (($account['account_created'] > datetime_convert('','','now - 60 days')) ? true : false), get_config('feature_lock','start_menu'), feature_level('start_menu',1), ], -- cgit v1.2.3 From 2fc3f381ac3486e8c4910e70a3933a4b6718ba19 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sun, 25 Mar 2018 21:48:42 -0700 Subject: php strpos() empty needle warning when a term entry has no url --- include/text.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/text.php b/include/text.php index c1e064857..f9cefd020 100644 --- a/include/text.php +++ b/include/text.php @@ -1491,7 +1491,7 @@ function format_hashtags(&$item) { $term = htmlspecialchars($t['term'], ENT_COMPAT, 'UTF-8', false) ; if(! trim($term)) continue; - if(strpos($item['body'], $t['url'])) + if($t['url'] && strpos($item['body'], $t['url'])) continue; if($s) $s .= ' '; -- cgit v1.2.3 From 35b6c2baad74c28a993e6cd1008bc0d66e7361ae Mon Sep 17 00:00:00 2001 From: zotlabs Date: Tue, 27 Mar 2018 15:08:27 -0700 Subject: Hard fail imports of removed channels. This is silly. --- include/import.php | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'include') diff --git a/include/import.php b/include/import.php index 9920df8be..d8b7030b6 100644 --- a/include/import.php +++ b/include/import.php @@ -21,6 +21,11 @@ function import_channel($channel, $account_id, $seize) { $channel['channel_removed'] = (($channel['channel_pageflags'] & 0x8000) ? 1 : 0); } + if(intval($channel['channel_removed'])) { + notice( t('Unable to import a removed channel.') . EOL); + return false; + } + // Ignore the hash provided and re-calculate $channel['channel_hash'] = make_xchan_hash($channel['channel_guid'],$channel['channel_guid_sig']); -- cgit v1.2.3 From 08274ffab733a2e7c861006d6ba72f4695b069e6 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Tue, 27 Mar 2018 18:01:20 -0700 Subject: put vcard widget with author of top-level post on display page --- include/connections.php | 1 - 1 file changed, 1 deletion(-) (limited to 'include') diff --git a/include/connections.php b/include/connections.php index c5d74d4ca..8d1b9e07f 100644 --- a/include/connections.php +++ b/include/connections.php @@ -100,7 +100,6 @@ function vcard_from_xchan($xchan, $observer = null, $mode = '') { if(! $xchan) return; -// FIXME - show connect button to observer if appropriate $connect = false; if(local_channel()) { $r = q("select * from abook where abook_xchan = '%s' and abook_channel = %d limit 1", -- cgit v1.2.3 From 662316e6873fa8152bb96b172c42ca424cb5fbd3 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Tue, 27 Mar 2018 21:13:14 -0700 Subject: update folder timestamp on uploaded files (fixme - we need to recurse back to the storage root but that is for another day) --- include/attach.php | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'include') diff --git a/include/attach.php b/include/attach.php index 39269eb03..363005029 100644 --- a/include/attach.php +++ b/include/attach.php @@ -948,6 +948,16 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) { return $ret; } + // Update the folder timestamp @todo recurse to the storage root folder + + if($folder_hash) { + q("UPDATE attach set edited = '%s' where hash = '%s' and uid = %d and is_dir = 1", + dbesc($edited), + dbesc($folder_hash), + intval($channel_id) + ); + } + // Caution: This re-uses $sql_options set further above $r = q("select * from attach where uid = %d and hash = '%s' $sql_options limit 1", -- cgit v1.2.3 From cd485b0fdf159ed30b73d7bf84d132ab3af9a418 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 28 Mar 2018 19:25:11 -0700 Subject: hubzilla issue #1015 - login with unicode domain name --- include/account.php | 3 ++- include/auth.php | 5 +++-- 2 files changed, 5 insertions(+), 3 deletions(-) (limited to 'include') diff --git a/include/account.php b/include/account.php index 40cf281c3..2b24364f4 100644 --- a/include/account.php +++ b/include/account.php @@ -23,6 +23,7 @@ function get_account_by_id($account_id) { function check_account_email($email) { + $email = punify($email); $result = array('error' => false, 'message' => ''); // Caution: empty email isn't counted as an error in this function. @@ -139,7 +140,7 @@ function create_account($arr) { $result = array('success' => false, 'email' => '', 'password' => '', 'message' => ''); $invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : ''); - $email = ((x($arr,'email')) ? notags(trim($arr['email'])) : ''); + $email = ((x($arr,'email')) ? notags(punify(trim($arr['email']))) : ''); $password = ((x($arr,'password')) ? trim($arr['password']) : ''); $password2 = ((x($arr,'password2')) ? trim($arr['password2']) : ''); $parent = ((x($arr,'parent')) ? intval($arr['parent']) : 0 ); diff --git a/include/auth.php b/include/auth.php index 6f5e58361..844566919 100644 --- a/include/auth.php +++ b/include/auth.php @@ -37,6 +37,7 @@ require_once('include/security.php'); function account_verify_password($login, $pass) { $ret = [ 'account' => null, 'channel' => null, 'xchan' => null ]; + $login = punify($login); $email_verify = get_config('system', 'verify_email'); $register_policy = get_config('system', 'register_policy'); @@ -235,7 +236,7 @@ else { $record = null; $addon_auth = array( - 'username' => trim($_POST['username']), + 'username' => punify(trim($_POST['username'])), 'password' => trim($_POST['password']), 'authenticated' => 0, 'user_record' => null @@ -261,7 +262,7 @@ else { $verify = account_verify_password($_POST['username'], $_POST['password']); if($verify && array_key_exists('reason',$verify) && $verify['reason'] === 'unvalidated') { notice( t('Email validation is incomplete. Please check your email.')); - goaway(z_root() . '/email_validation/' . bin2hex(trim(escape_tags($_POST['username'])))); + goaway(z_root() . '/email_validation/' . bin2hex(punify(trim(escape_tags($_POST['username']))))); } elseif($verify) { $atoken = $verify['xchan']; -- cgit v1.2.3 From 33bb89729cdb7d8cc462253fd2b984e2e2bf4471 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Thu, 29 Mar 2018 02:26:25 -0700 Subject: hubzilla issue #1019 - punycode urls on connedit page when displaying locations --- include/hubloc.php | 3 ++- include/text.php | 8 +++++--- 2 files changed, 7 insertions(+), 4 deletions(-) (limited to 'include') diff --git a/include/hubloc.php b/include/hubloc.php index 0d1a2e560..33d5dcbb2 100644 --- a/include/hubloc.php +++ b/include/hubloc.php @@ -270,7 +270,8 @@ function locations_by_netid($netid) { dbesc($netid) ); - return array_elm_to_str($locs,'location',', '); + + return array_elm_to_str($locs,'location',', ','trim_and_unpunify'); } diff --git a/include/text.php b/include/text.php index f9cefd020..f634f0d55 100644 --- a/include/text.php +++ b/include/text.php @@ -2189,13 +2189,13 @@ function ids_to_querystr($arr,$idx = 'id',$quote = false) { * @returns string */ -function array_elm_to_str($arr,$elm,$delim = ',') { +function array_elm_to_str($arr,$elm,$delim = ',',$each = 'trim') { $tmp = []; if($arr && is_array($arr)) { foreach($arr as $x) { if(is_array($x) && array_key_exists($elm,$x)) { - $z = trim($x[$elm]); + $z = $each($x[$elm]); if(($z) && (! in_array($z,$tmp))) { $tmp[] = $z; } @@ -2205,7 +2205,9 @@ function array_elm_to_str($arr,$elm,$delim = ',') { return implode($delim,$tmp); } - +function trim_and_unpunify($s) { + return unpunify(trim($s)); +} /** -- cgit v1.2.3 From 238303d81913dd81a1e8907d216ed6c866bd834a Mon Sep 17 00:00:00 2001 From: zotlabs Date: Thu, 29 Mar 2018 15:32:35 -0700 Subject: add directory keyword links to profile --- include/channel.php | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/channel.php b/include/channel.php index c94f5c657..460c818da 100644 --- a/include/channel.php +++ b/include/channel.php @@ -1573,14 +1573,25 @@ function advanced_profile() { $profile['howlong'] = relative_date(App::$profile['howlong'], t('for %1$d %2$s')); } + if(App::$profile['keywords']) { + $keywords = str_replace(',',' ', App::$profile['keywords']); + $keywords = str_replace(' ',' ', $keywords); + $karr = explode(' ', $keywords); + if($karr) { + for($cnt = 0; $cnt < count($karr); $cnt ++) { + $karr[$cnt] = '' . $karr[$cnt] . ''; + } + } + $profile['keywords'] = array( t('Tags:'), implode(' ', $karr)); + } + + if(App::$profile['sexual']) $profile['sexual'] = array( t('Sexual Preference:'), App::$profile['sexual'] ); if(App::$profile['homepage']) $profile['homepage'] = array( t('Homepage:'), linkify(App::$profile['homepage']) ); if(App::$profile['hometown']) $profile['hometown'] = array( t('Hometown:'), linkify(App::$profile['hometown']) ); - if(App::$profile['keywords']) $profile['keywords'] = array( t('Tags:'), App::$profile['keywords']); - if(App::$profile['politic']) $profile['politic'] = array( t('Political Views:'), App::$profile['politic']); if(App::$profile['religion']) $profile['religion'] = array( t('Religion:'), App::$profile['religion']); -- cgit v1.2.3 From 4493304fa79aded582b65498aacf6db48a788bdc Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sat, 31 Mar 2018 13:22:12 -0700 Subject: wrong function --- include/network.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/network.php b/include/network.php index f8cb68613..a49e5920d 100644 --- a/include/network.php +++ b/include/network.php @@ -1873,7 +1873,7 @@ function probe_api_path($host) { foreach($paths as $path) { $curpath = $scheme . '://' . $host . $path; $x = z_fetch_url($curpath); - if($x['success'] && ! strlen($x['body'], 'not implemented')) + if($x['success'] && ! strpos($x['body'], 'not implemented')) return str_replace('version', '', $curpath); } } -- cgit v1.2.3 From 9a1f051068b5d301bbe1f08b6b160447fa94a34a Mon Sep 17 00:00:00 2001 From: zotlabs Date: Mon, 2 Apr 2018 13:32:10 -0700 Subject: missing year on profile birthday input, some optimisations to stats --- include/datetime.php | 8 +++++++- include/items.php | 4 +--- include/statistics_fns.php | 44 +++++++++----------------------------------- 3 files changed, 17 insertions(+), 39 deletions(-) (limited to 'include') diff --git a/include/datetime.php b/include/datetime.php index 766c90d16..3a07f1ccf 100644 --- a/include/datetime.php +++ b/include/datetime.php @@ -125,10 +125,16 @@ function datetime_convert($from = 'UTC', $to = 'UTC', $s = 'now', $fmt = "Y-m-d */ function dob($dob) { + $y = substr($dob,0,4); + if((! ctype_digit($y)) || ($y < 1900)) + $ignore_year = true; + else + $ignore_year = false; + if ($dob === '0000-00-00' || $dob === '') $value = ''; else - $value = (($year) ? datetime_convert('UTC','UTC',$dob,'Y-m-d') : datetime_convert('UTC','UTC',$dob,'m-d')); + $value = (($ignore_year) ? datetime_convert('UTC','UTC',$dob,'m-d') : datetime_convert('UTC','UTC',$dob,'Y-m-d')); $o = replace_macros(get_markup_template("field_input.tpl"), [ '$field' => [ 'dob', t('Birthday'), $value, ((intval($value)) ? t('Age: ') . age($value,App::$user['timezone'],App::$user['timezone']) : ''), '', 'placeholder="' . t('YYYY-MM-DD or MM-DD') .'"' ] diff --git a/include/items.php b/include/items.php index d1625e944..e232a0200 100755 --- a/include/items.php +++ b/include/items.php @@ -2551,9 +2551,7 @@ function tag_deliver($uid, $item_id) { $j_obj = json_decode($item['obj'],true); logger('tag_deliver: tag object: ' . print_r($j_obj,true), LOGGER_DATA); if($j_obj && $j_obj['id'] && $j_obj['title']) { - if(is_array($j_obj['link'])) - $taglink = get_rel_link($j_obj['link'],'alternate'); - + //COMMUNITYTAG store_item_tag($u[0]['channel_id'],$p[0]['id'],TERM_OBJ_POST,TERM_COMMUNITYTAG,$j_obj['title'],$j_obj['id']); $x = q("update item set edited = '%s', received = '%s', changed = '%s' where mid = '%s' and uid = %d", dbesc(datetime_convert()), diff --git a/include/statistics_fns.php b/include/statistics_fns.php index d213485bf..98b0efd41 100644 --- a/include/statistics_fns.php +++ b/include/statistics_fns.php @@ -17,23 +17,10 @@ function update_channels_active_halfyear_stat() { db_utcnow(), db_quoteinterval('6 MONTH') ); if($r) { - $s = ''; - foreach($r as $rr) { - if($s) - $s .= ','; - $s .= intval($rr['channel_id']); - } - $x = q("select uid from item where uid in ( $s ) and item_wall = 1 and created > %s - INTERVAL %s group by uid", - db_utcnow(), db_quoteinterval('6 MONTH') - ); - if($x) { - $channels_active_halfyear_stat = count($x); - set_config('system','channels_active_halfyear_stat',$channels_active_halfyear_stat); - } else { - set_config('system','channels_active_halfyear_stat',0); - } - } else { - set_config('system','channels_active_halfyear_stat',0); + set_config('system','channels_active_halfyear_stat',count($r)); + } + else { + set_config('system','channels_active_halfyear_stat','0'); } } @@ -43,28 +30,15 @@ function update_channels_active_monthly_stat() { db_utcnow(), db_quoteinterval('1 MONTH') ); if($r) { - $s = ''; - foreach($r as $rr) { - if($s) - $s .= ','; - $s .= intval($rr['channel_id']); - } - $x = q("select uid from item where uid in ( $s ) and item_wall = 1 and created > %s - INTERVAL %s group by uid", - db_utcnow(), db_quoteinterval('1 MONTH') - ); - if($x) { - $channels_active_monthly_stat = count($x); - set_config('system','channels_active_monthly_stat',$channels_active_monthly_stat); - } else { - set_config('system','channels_active_monthly_stat',0); - } - } else { - set_config('system','channels_active_monthly_stat',0); + set_config('system','channels_active_monthly_stat',count($r)); + } + else { + set_config('system','channels_active_monthly_stat','0'); } } function update_local_posts_stat() { - $posts = q("SELECT COUNT(*) AS local_posts FROM item WHERE item_wall = 1 "); + $posts = q("SELECT COUNT(*) AS local_posts FROM item WHERE item_wall = 1 and id = parent"); if (is_array($posts)) { $local_posts_stat = intval($posts[0]["local_posts"]); set_config('system','local_posts_stat',$local_posts_stat); -- cgit v1.2.3 From 753e1e4616acc19ff54024443e9ed3d60b0296fc Mon Sep 17 00:00:00 2001 From: zotlabs Date: Mon, 2 Apr 2018 19:32:22 -0700 Subject: commtag refactor --- include/items.php | 93 ++++++++++++++++++++++++++++++++++--------------------- 1 file changed, 58 insertions(+), 35 deletions(-) (limited to 'include') diff --git a/include/items.php b/include/items.php index e232a0200..5e84c62c7 100755 --- a/include/items.php +++ b/include/items.php @@ -2532,41 +2532,7 @@ function tag_deliver($uid, $item_id) { */ if($item['obj_type'] === ACTIVITY_OBJ_TAGTERM) { - - // We received a community tag activity for a post. - // See if we are the owner of the parent item and have given permission to tag our posts. - // If so tag the parent post. - - logger('tag_deliver: community tag activity received'); - - if(($item['owner_xchan'] === $u[0]['channel_hash']) && (! get_pconfig($u[0]['channel_id'],'system','blocktags'))) { - logger('tag_deliver: community tag recipient: ' . $u[0]['channel_name']); - $j_tgt = json_decode($item['target'],true); - if($j_tgt && $j_tgt['id']) { - $p = q("select * from item where mid = '%s' and uid = %d limit 1", - dbesc($j_tgt['id']), - intval($u[0]['channel_id']) - ); - if($p) { - $j_obj = json_decode($item['obj'],true); - logger('tag_deliver: tag object: ' . print_r($j_obj,true), LOGGER_DATA); - if($j_obj && $j_obj['id'] && $j_obj['title']) { - //COMMUNITYTAG - store_item_tag($u[0]['channel_id'],$p[0]['id'],TERM_OBJ_POST,TERM_COMMUNITYTAG,$j_obj['title'],$j_obj['id']); - $x = q("update item set edited = '%s', received = '%s', changed = '%s' where mid = '%s' and uid = %d", - dbesc(datetime_convert()), - dbesc(datetime_convert()), - dbesc(datetime_convert()), - dbesc($j_tgt['id']), - intval($u[0]['channel_id']) - ); - Zotlabs\Daemon\Master::Summon(array('Notifier','edit_post',$p[0]['id'])); - } - } - } - } - else - logger('Tag permission denied for ' . $u[0]['channel_address']); + item_community_tag($u[0],$item); } /* @@ -2761,6 +2727,63 @@ function tag_deliver($uid, $item_id) { } + +function item_community_tag($channel,$item) { + + + // We received a community tag activity for a post. + // See if we are the owner of the parent item and have given permission to tag our posts. + // If so tag the parent post. + + logger('tag_deliver: community tag activity received'); + + // refactor of this code block is in progress and is not yet completed + + $tag_the_post = false; + $p = null; + + $j_tgt = json_decode($item['target'],true); + if($j_tgt && $j_tgt['id']) { + $p = q("select * from item where mid = '%s' and uid = %d limit 1", + dbesc($j_tgt['id']), + intval($channel['channel_id']) + ); + } + if($p) { + xchan_query($p); + $items = fetch_post_tags($p,true); + $pitem = $items[0]; + $auth = get_iconfig($pitem,'system','communitytagauth'); + if($auth) { + if(rsa_verify('tagauth.' . $item['mid'],$auth,$pitem['owner']['xchan_pubkey'])) { + logger('tag_deliver: tagging the post: ' . $channel['channel_name']); + $tag_the_post = true; + } + } + else { + if(($pitem['owner_xchan'] === $channel['channel_hash']) && (! intval(get_pconfig($channel['channel_id'],'system','blocktags')))) { + logger('tag_deliver: community tag recipient: ' . $channel['channel_name']); + $tag_the_post = true; + $sig = rsa_sign('tagauth.' . $item['mid'],$channel['channel_prvkey']); + set_iconfig($item['id'],'system','communitytagauth',$sig,1); + } + } + + if($tag_the_post) { + store_item_tag($channel['channel_id'],$pitem['id'],TERM_OBJ_POST,TERM_COMMUNITYTAG,$j_obj['title'],$j_obj['id']); + } + + } + + if(! $tag_the_post) { + logger('Tag permission denied for ' . $channel['channel_address']); + } + +} + + + + /** * @brief This function is called pre-deliver to see if a post matches the criteria to be tag delivered. * -- cgit v1.2.3 From 4e21c14ff6b8c8dddf10acaf5cac9fe0764e4899 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Mon, 2 Apr 2018 20:39:28 -0700 Subject: community tagging refactor - we no longer send an edited post/comment to everybody. The post owner approves the tag and this is transmitted along with the tag activity. Recipients check the signature of the approval and add the tag to their local copy of the post. --- include/items.php | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) (limited to 'include') diff --git a/include/items.php b/include/items.php index 5e84c62c7..62f1c6195 100755 --- a/include/items.php +++ b/include/items.php @@ -2735,13 +2735,12 @@ function item_community_tag($channel,$item) { // See if we are the owner of the parent item and have given permission to tag our posts. // If so tag the parent post. - logger('tag_deliver: community tag activity received'); - - // refactor of this code block is in progress and is not yet completed + logger('tag_deliver: community tag activity received: channel: ' . $channel['channel_name']); $tag_the_post = false; $p = null; + $j_obj = json_decode($item['obj'],true); $j_tgt = json_decode($item['target'],true); if($j_tgt && $j_tgt['id']) { $p = q("select * from item where mid = '%s' and uid = %d limit 1", @@ -2753,9 +2752,9 @@ function item_community_tag($channel,$item) { xchan_query($p); $items = fetch_post_tags($p,true); $pitem = $items[0]; - $auth = get_iconfig($pitem,'system','communitytagauth'); + $auth = get_iconfig($item,'system','communitytagauth'); if($auth) { - if(rsa_verify('tagauth.' . $item['mid'],$auth,$pitem['owner']['xchan_pubkey'])) { + if(rsa_verify('tagauth.' . $item['mid'],base64url_decode($auth),$pitem['owner']['xchan_pubkey'])) { logger('tag_deliver: tagging the post: ' . $channel['channel_name']); $tag_the_post = true; } @@ -2765,18 +2764,17 @@ function item_community_tag($channel,$item) { logger('tag_deliver: community tag recipient: ' . $channel['channel_name']); $tag_the_post = true; $sig = rsa_sign('tagauth.' . $item['mid'],$channel['channel_prvkey']); - set_iconfig($item['id'],'system','communitytagauth',$sig,1); + logger('tag_deliver: setting iconfig for ' . $item['id']); + set_iconfig($item['id'],'system','communitytagauth',base64url_encode($sig),1); } } if($tag_the_post) { store_item_tag($channel['channel_id'],$pitem['id'],TERM_OBJ_POST,TERM_COMMUNITYTAG,$j_obj['title'],$j_obj['id']); } - - } - - if(! $tag_the_post) { - logger('Tag permission denied for ' . $channel['channel_address']); + else { + logger('Tag permission denied for ' . $channel['channel_address']); + } } } -- cgit v1.2.3 From 5ac0f371c748367b16fedde27edc9771b08bf4c6 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Tue, 3 Apr 2018 17:52:54 -0700 Subject: community tags: allow signature of either author or owner so that it stands a chance of working across multiple delivery chains --- include/items.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/items.php b/include/items.php index 62f1c6195..6ddab9bf8 100755 --- a/include/items.php +++ b/include/items.php @@ -2754,7 +2754,7 @@ function item_community_tag($channel,$item) { $pitem = $items[0]; $auth = get_iconfig($item,'system','communitytagauth'); if($auth) { - if(rsa_verify('tagauth.' . $item['mid'],base64url_decode($auth),$pitem['owner']['xchan_pubkey'])) { + if(rsa_verify('tagauth.' . $item['mid'],base64url_decode($auth),$pitem['owner']['xchan_pubkey']) || rsa_verify('tagauth.' . $item['mid'],base64url_decode($auth),$pitem['author']['xchan_pubkey'])) { logger('tag_deliver: tagging the post: ' . $channel['channel_name']); $tag_the_post = true; } -- cgit v1.2.3 From f7481396060a5a57cdd5fe7055eed5ad3225f8f1 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 4 Apr 2018 16:33:11 -0700 Subject: allow the link target attribute to be modified in bbcode() from much further up the call stack in prepare_page() which will usually refer to a local item. --- include/bbcode.php | 44 ++++++++++++++++++-------------------------- include/conversation.php | 2 +- include/help.php | 2 +- include/text.php | 9 +++++---- 4 files changed, 25 insertions(+), 32 deletions(-) (limited to 'include') diff --git a/include/bbcode.php b/include/bbcode.php index 67f40dd23..8850f1c65 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -783,7 +783,9 @@ function bbcode($Text, $options = []) { $preserve_nl = ((array_key_exists('preserve_nl',$options)) ? $options['preserve_nl'] : false); $tryoembed = ((array_key_exists('tryoembed',$options)) ? $options['tryoembed'] : true); $cache = ((array_key_exists('cache',$options)) ? $options['cache'] : false); + $newwin = ((array_key_exists('newwin',$options)) ? $options['newwin'] : true); + $target = (($newwin) ? ' target="_blank" ' : ''); call_hooks('bbcode_filter', $Text); @@ -934,7 +936,7 @@ function bbcode($Text, $options = []) { if($tryoembed) { $Text = preg_replace_callback("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/$urlchars+)/ismu", 'tryoembed', $Text); } - $Text = preg_replace("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/$urlchars+)/ismu", '$1$2', $Text); + $Text = preg_replace("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/$urlchars+)/ismu", '$1$2', $Text); } if (strpos($Text,'[/share]') !== false) { @@ -946,16 +948,16 @@ function bbcode($Text, $options = []) { } } if (strpos($Text,'[/url]') !== false) { - $Text = preg_replace("/\#\^\[url\]([$URLSearchString]*)\[\/url\]/ism", '#^$1', $Text); - $Text = preg_replace("/\#\^\[url\=([$URLSearchString]*)\](.*?)\[\/url\]/ism", '#^$2', $Text); - $Text = preg_replace("/\[url\]([$URLSearchString]*)\[\/url\]/ism", '$1', $Text); - $Text = preg_replace("/\[url\=([$URLSearchString]*)\](.*?)\[\/url\]/ism", '$2', $Text); + $Text = preg_replace("/\#\^\[url\]([$URLSearchString]*)\[\/url\]/ism", '#^$1', $Text); + $Text = preg_replace("/\#\^\[url\=([$URLSearchString]*)\](.*?)\[\/url\]/ism", '#^$2', $Text); + $Text = preg_replace("/\[url\]([$URLSearchString]*)\[\/url\]/ism", '$1', $Text); + $Text = preg_replace("/\[url\=([$URLSearchString]*)\](.*?)\[\/url\]/ism", '$2', $Text); } if (strpos($Text,'[/zrl]') !== false) { - $Text = preg_replace("/\#\^\[zrl\]([$URLSearchString]*)\[\/zrl\]/ism", '#^$1', $Text); - $Text = preg_replace("/\#\^\[zrl\=([$URLSearchString]*)\](.*?)\[\/zrl\]/ism", '#^$2', $Text); - $Text = preg_replace("/\[zrl\]([$URLSearchString]*)\[\/zrl\]/ism", '$1', $Text); - $Text = preg_replace("/\[zrl\=([$URLSearchString]*)\](.*?)\[\/zrl\]/ism", '$2', $Text); + $Text = preg_replace("/\#\^\[zrl\]([$URLSearchString]*)\[\/zrl\]/ism", '#^$1', $Text); + $Text = preg_replace("/\#\^\[zrl\=([$URLSearchString]*)\](.*?)\[\/zrl\]/ism", '#^$2', $Text); + $Text = preg_replace("/\[zrl\]([$URLSearchString]*)\[\/zrl\]/ism", '$1', $Text); + $Text = preg_replace("/\[zrl\=([$URLSearchString]*)\](.*?)\[\/zrl\]/ism", '$2', $Text); } if (get_account_techlevel() < 2) @@ -963,8 +965,8 @@ function bbcode($Text, $options = []) { // Perform MAIL Search if (strpos($Text,'[/mail]') !== false) { - $Text = preg_replace("/\[mail\]([$MAILSearchString]*)\[\/mail\]/", '$1', $Text); - $Text = preg_replace("/\[mail\=([$MAILSearchString]*)\](.*?)\[\/mail\]/", '$2', $Text); + $Text = preg_replace("/\[mail\]([$MAILSearchString]*)\[\/mail\]/", '$1', $Text); + $Text = preg_replace("/\[mail\=([$MAILSearchString]*)\](.*?)\[\/mail\]/", '$2', $Text); } @@ -1286,28 +1288,18 @@ function bbcode($Text, $options = []) { // if video couldn't be embedded, link to it instead. if (strpos($Text,'[/video]') !== false) { - $Text = preg_replace("/\[video\](.*?)\[\/video\]/", '$1', $Text); + $Text = preg_replace("/\[video\](.*?)\[\/video\]/", '$1', $Text); } if (strpos($Text,'[/audio]') !== false) { - $Text = preg_replace("/\[audio\](.*?)\[\/audio\]/", '$1', $Text); + $Text = preg_replace("/\[audio\](.*?)\[\/audio\]/", '$1', $Text); } if (strpos($Text,'[/zvideo]') !== false) { - $Text = preg_replace("/\[zvideo\](.*?)\[\/zvideo\]/", '$1', $Text); + $Text = preg_replace("/\[zvideo\](.*?)\[\/zvideo\]/", '$1', $Text); } if (strpos($Text,'[/zaudio]') !== false) { - $Text = preg_replace("/\[zaudio\](.*?)\[\/zaudio\]/", '$1', $Text); - } - -// if ($tryoembed){ -// if (strpos($Text,'[/iframe]') !== false) { -// $Text = preg_replace_callback("/\[iframe\](.*?)\[\/iframe\]/ism", 'bb_iframe', $Text); -// } -// } else { -// if (strpos($Text,'[/iframe]') !== false) { -// $Text = preg_replace("/\[iframe\](.*?)\[\/iframe\]/ism", '$1', $Text); -// } -// } + $Text = preg_replace("/\[zaudio\](.*?)\[\/zaudio\]/", '$1', $Text); + } // oembed tag $Text = oembed_bbcode2html($Text); diff --git a/include/conversation.php b/include/conversation.php index 64beb1b0e..ce0467770 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -1607,7 +1607,7 @@ function prepare_page($item) { // prepare_body calls unobscure() as a side effect. Do it here so that // the template will get passed an unobscured title. - $body = prepare_body($item, true); + $body = prepare_body($item, [ 'newwin' => false ]); if(App::$page['template'] == 'none') { $tpl = 'page_display_empty.tpl'; diff --git a/include/help.php b/include/help.php index 0dc37e517..ce389b4db 100644 --- a/include/help.php +++ b/include/help.php @@ -306,7 +306,7 @@ function store_doc_file($s) { require_once('include/html2plain.php'); - $item['body'] = html2plain(prepare_text(file_get_contents($s),$mimetype, true)); + $item['body'] = html2plain(prepare_text(file_get_contents($s),$mimetype, [ 'cache' => true ])); $item['mimetype'] = 'text/plain'; $item['plink'] = z_root() . '/' . str_replace('doc','help',$s); diff --git a/include/text.php b/include/text.php index f634f0d55..658f53305 100644 --- a/include/text.php +++ b/include/text.php @@ -1588,7 +1588,7 @@ function generate_named_map($location) { } -function prepare_body(&$item,$attach = false) { +function prepare_body(&$item,$attach = false,$opts = false) { call_hooks('prepare_body_init', $item); @@ -1616,7 +1616,7 @@ function prepare_body(&$item,$attach = false) { $s .= prepare_binary($item); } else { - $s .= prepare_text($item['body'],$item['mimetype'], false); + $s .= prepare_text($item['body'],$item['mimetype'], $opts); } $event = (($item['obj_type'] === ACTIVITY_OBJ_EVENT) ? format_event_obj($item['obj']) : false); @@ -1698,7 +1698,8 @@ function prepare_binary($item) { * * @return string */ -function prepare_text($text, $content_type = 'text/bbcode', $cache = false) { +function prepare_text($text, $content_type = 'text/bbcode', $opts = false) { + switch($content_type) { case 'text/plain': @@ -1742,7 +1743,7 @@ function prepare_text($text, $content_type = 'text/bbcode', $cache = false) { if(stristr($text,'[nosmile]')) $s = bbcode($text, [ 'cache' => $cache ]); else - $s = smilies(bbcode($text, [ 'cache' => $cache ])); + $s = smilies(bbcode($text, ((is_array($opts)) ? $opts : [] ))); $s = zidify_links($s); -- cgit v1.2.3 From 1a25b0bda7d598888a49ee722f0f5cbea2a2f8f9 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 4 Apr 2018 17:54:43 -0700 Subject: allow the profile recrods to be cloned separately --- include/channel.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/channel.php b/include/channel.php index 460c818da..4a87ef602 100644 --- a/include/channel.php +++ b/include/channel.php @@ -780,7 +780,7 @@ function identity_basic_export($channel_id, $sections = null) { } } - if(in_array('channel',$sections)) { + if(in_array('channel',$sections) || in_array('profile',$sections)) { $r = q("select * from profile where uid = %d", intval($channel_id) ); -- cgit v1.2.3 From e8646799427a51a13e97f83a7858274fbf85ba20 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 4 Apr 2018 18:53:06 -0700 Subject: private forum mentions --- include/text.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/text.php b/include/text.php index 658f53305..255d02c7c 100644 --- a/include/text.php +++ b/include/text.php @@ -2577,6 +2577,9 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag, $d // The @! tag will alter permissions $exclusive = (((! $grouptag) && (strpos($tag,'!') === 1) && (! $diaspora)) ? true : false); + if(($grouptag) && (strpos($tag,'!!') === 0)) { + $exclusive = true; + } //is it already replaced? if(strpos($tag,'[zrl=')) @@ -2749,8 +2752,8 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag, $d $profile = str_replace(',','%2c',$profile); $url = $profile; if($grouptag) { - $newtag = '!' . '[zrl=' . $profile . ']' . $newname . '[/zrl]'; - $body = str_replace('!' . $name, $newtag, $body); + $newtag = '!' . (($exclusive) ? '!' : '') . '[zrl=' . $profile . ']' . $newname . '[/zrl]'; + $body = str_replace('!' . (($exclusive) ? '!' : '') . $name, $newtag, $body); } else { $newtag = '@' . (($exclusive) ? '!' : '') . '[zrl=' . $profile . ']' . $newname . (($forum && ! $trailing_plus_name) ? '+' : '') . '[/zrl]'; @@ -2800,6 +2803,7 @@ function linkify_tags($a, &$body, $uid, $diaspora = false) { continue; $success = handle_tag($a, $body, $access_tag, $str_tags, ($uid) ? $uid : App::$profile_uid , $tag, $diaspora); + $results[] = array('success' => $success, 'access_tag' => $access_tag); if($success['replaced']) $tagged[] = $tag; } -- cgit v1.2.3 From c86032d4dc0e3396a03d8bcc8eef25d9191f3cfc Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 4 Apr 2018 20:58:54 -0700 Subject: oauth2 dynamic client registration update --- include/api.php | 30 +++++++++++------------------- 1 file changed, 11 insertions(+), 19 deletions(-) (limited to 'include') diff --git a/include/api.php b/include/api.php index c91590070..6a05a40a5 100644 --- a/include/api.php +++ b/include/api.php @@ -193,26 +193,18 @@ require_once('include/api_zot.php'); $redirect = trim($_REQUEST['redirect_uris'][0]); else $redirect = trim($_REQUEST['redirect_uris']); + $grant_types = trim($_REQUEST['grant_types']); + $scope = trim($_REQUEST['scope']); $icon = trim($_REQUEST['logo_uri']); - if($oauth2) { - $r = q("INSERT INTO oauth_clients (client_id, client_secret, redirect_uri, grant_types, scope, user_id) - VALUES ( '%s', '%s', '%s', null, null, null ) ", - dbesc($key), - dbesc($secret), - dbesc($redirect) - ); - } - else { - $r = q("INSERT INTO clients (client_id, pw, clname, redirect_uri, icon, uid) - VALUES ('%s','%s','%s','%s','%s',%d)", - dbesc($key), - dbesc($secret), - dbesc($name), - dbesc($redirect), - dbesc($icon), - intval(0) - ); - } + $r = q("INSERT INTO oauth_clients (client_id, client_secret, redirect_uri, grant_types, scope, user_id) + VALUES ( '%s', '%s', '%s', '%s', '%s', '%s' ) ", + dbesc($key), + dbesc($secret), + dbesc($redirect), + dbesc($grant_types), + dbesc($scope), + dbesc((string) api_user()) + ); $ret['client_id'] = $key; $ret['client_secret'] = $secret; -- cgit v1.2.3 From fe401203bd33fdb19880420556c8a6b6a371f94e Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 4 Apr 2018 23:14:41 -0700 Subject: bbcode() - ensure that $options is always an array, as the interface has changed slightly --- include/bbcode.php | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'include') diff --git a/include/bbcode.php b/include/bbcode.php index 8850f1c65..152e4888f 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -780,6 +780,10 @@ function parseIdentityAwareHTML($Text) { function bbcode($Text, $options = []) { + if(! is_array($options)) { + $options = []; + } + $preserve_nl = ((array_key_exists('preserve_nl',$options)) ? $options['preserve_nl'] : false); $tryoembed = ((array_key_exists('tryoembed',$options)) ? $options['tryoembed'] : true); $cache = ((array_key_exists('cache',$options)) ? $options['cache'] : false); -- cgit v1.2.3 From f4c94ab121167ac34e550939f032e9982d69307b Mon Sep 17 00:00:00 2001 From: zotlabs Date: Thu, 5 Apr 2018 17:31:20 -0700 Subject: use profile_store_lowlevel() when importing profile structures to ensure all non-null fields are present --- include/import.php | 2 +- include/zot.php | 11 +++++++---- 2 files changed, 8 insertions(+), 5 deletions(-) (limited to 'include') diff --git a/include/import.php b/include/import.php index d8b7030b6..1b0e95416 100644 --- a/include/import.php +++ b/include/import.php @@ -180,7 +180,7 @@ function import_profiles($channel, $profiles) { $profile['thumb'] = z_root() . '/photo/' . basename($profile['thumb']); } - create_table_from_array('profile', $profile); + profile_store_lowlevel($profile); } } } diff --git a/include/zot.php b/include/zot.php index 25ea9b8fb..2ad43f0e5 100644 --- a/include/zot.php +++ b/include/zot.php @@ -3855,11 +3855,14 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) { intval($channel['channel_id']) ); if(! $x) { - q("insert into profile ( profile_guid, aid, uid ) values ('%s', %d, %d)", - dbesc($profile['profile_guid']), - intval($channel['channel_account_id']), - intval($channel['channel_id']) + profile_store_lowlevel( + [ + 'aid' => $channel['channel_account_id'], + 'uid' => $channel['channel_id'], + 'profile_guid' => $profile['profile_guid'], + ] ); + $x = q("select * from profile where profile_guid = '%s' and uid = %d limit 1", dbesc($profile['profile_guid']), intval($channel['channel_id']) -- cgit v1.2.3 From 4a45c35c4e0e27b737d80a6f151b0b50aaef3d1e Mon Sep 17 00:00:00 2001 From: zotlabs Date: Thu, 5 Apr 2018 21:01:36 -0700 Subject: oauth2 client settings page --- include/features.php | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/features.php b/include/features.php index 5481c37a4..4859a01db 100644 --- a/include/features.php +++ b/include/features.php @@ -246,13 +246,22 @@ function get_features($filtered = true) { [ 'oauth_clients', - t('OAuth Clients'), - t('Manage authenticatication tokens for mobile and remote apps.'), + t('OAuth1 Clients'), + t('Manage OAuth1 authenticatication tokens for mobile and remote apps.'), false, get_config('feature_lock','oauth_clients'), feature_level('oauth_clients',1), ], + [ + 'oauth2_clients', + t('OAuth2 Clients'), + t('Manage OAuth2 authenticatication tokens for mobile and remote apps.'), + false, + get_config('feature_lock','oauth2_clients'), + feature_level('oauth2_clients',1), + ], + [ 'access_tokens', t('Access Tokens'), -- cgit v1.2.3 From 4499ee178f5ae7238fe1d3bd4bcc5060111f546a Mon Sep 17 00:00:00 2001 From: zotlabs Date: Fri, 6 Apr 2018 01:24:38 -0700 Subject: put directory server in siteinfo - there are a lot of sites using broken directories --- include/network.php | 1 + 1 file changed, 1 insertion(+) (limited to 'include') diff --git a/include/network.php b/include/network.php index a49e5920d..db9a7d00a 100644 --- a/include/network.php +++ b/include/network.php @@ -1607,6 +1607,7 @@ function get_site_info() { 'register_policy' => $register_policy[get_config('system','register_policy')], 'invitation_only' => (bool) intval(get_config('system','invitation_only')), 'directory_mode' => $directory_mode[get_config('system','directory_mode')], + 'directory_server' => get_config('system','directory_server'), 'language' => get_config('system','language'), 'rss_connections' => (bool) intval(get_config('system','feed_contacts')), 'expiration' => $site_expire, -- cgit v1.2.3 From 8048b7addcf214d1f81cd63d602cce21adce0c8d Mon Sep 17 00:00:00 2001 From: zotlabs Date: Fri, 6 Apr 2018 16:45:25 -0700 Subject: channel import failing to provide channel_password value --- include/import.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/import.php b/include/import.php index 1b0e95416..0d3fb8c32 100644 --- a/include/import.php +++ b/include/import.php @@ -99,7 +99,7 @@ function import_channel($channel, $account_id, $seize) { } if($clean) { - create_table_from_array('channel',$clean); + channel_store_lowlevel($clean); } $r = q("select * from channel where channel_account_id = %d and channel_guid = '%s' limit 1", -- cgit v1.2.3 From 0fba1a777e155781a8c59c85c4443dc4f56f165d Mon Sep 17 00:00:00 2001 From: "DM42.Net (Matt Dent)" Date: Sat, 7 Apr 2018 22:17:19 -0400 Subject: Add error handler and try/catch for all () calls --- include/plugin.php | 60 +++++++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 53 insertions(+), 7 deletions(-) (limited to 'include') diff --git a/include/plugin.php b/include/plugin.php index 62d443ab8..29d24b410 100755 --- a/include/plugin.php +++ b/include/plugin.php @@ -6,6 +6,24 @@ */ +/** + * @brief Handle errors in plugin calls + * + * @param string $plugin name of the addon + * @param string $error_text text of error + * @param bool $uninstall uninstall plugin + */ +function handleerrors_plugin($plugin,$notice,$log,$uninstall=false){ + logger("Addons: [" . $plugin . "] Error: ".$log, LOGGER_ERROR); + if ($notice != '') { + notice("[" . $plugin . "] Error: ".$notice, LOGGER_ERROR); + } + + if ($uninstall) { + plugin_uninstall($plugin); + } +} + /** * @brief Unloads an addon. * @@ -17,7 +35,11 @@ function unload_plugin($plugin){ @include_once('addon/' . $plugin . '/' . $plugin . '.php'); if(function_exists($plugin . '_unload')) { $func = $plugin . '_unload'; - $func(); + try { + $func(); + } catch ($e) { + handleerrors_plugin($plugin,"Unable to unload.",$e->getMessage()); + } } } @@ -38,7 +60,11 @@ function uninstall_plugin($plugin) { @include_once('addon/' . $plugin . '/' . $plugin . '.php'); if(function_exists($plugin . '_uninstall')) { $func = $plugin . '_uninstall'; - $func(); + try { + $func(); + } catch ($e) { + handleerrors_plugin($plugin,"Unable to uninstall.","Unable to run _uninstall : ".$e->getMessage()); + } } q("DELETE FROM addon WHERE aname = '%s' ", @@ -64,7 +90,12 @@ function install_plugin($plugin) { @include_once('addon/' . $plugin . '/' . $plugin . '.php'); if(function_exists($plugin . '_install')) { $func = $plugin . '_install'; - $func(); + try { + $func(); + } catch ($e) { + handleerrors_plugin($plugin,"Install failed.","Install failed : ".$e->getMessage()); + return; + } } $plugin_admin = (function_exists($plugin . '_plugin_admin') ? 1 : 0); @@ -94,7 +125,12 @@ function load_plugin($plugin) { @include_once('addon/' . $plugin . '/' . $plugin . '.php'); if(function_exists($plugin . '_load')) { $func = $plugin . '_load'; - $func(); + try { + $func(); + } catch ($e) { + handleerrors_plugin($plugin,"Unable to load.","FAILED loading : ".$e->getMessage()); + return; + } // we can add the following with the previous SQL // once most site tables have been updated. @@ -108,7 +144,7 @@ function load_plugin($plugin) { return true; } else { - logger("Addons: FAILED loading " . $plugin); + logger("Addons: FAILED loading " . $plugin . " (missing _load function)"); return false; } } @@ -160,11 +196,21 @@ function reload_plugins() { if(function_exists($pl . '_unload')) { $func = $pl . '_unload'; - $func(); + try { + $func(); + } catch ($e) { + handleerrors_plugin($plugin,"","UNLOAD FAILED (uninstalling) : ".$e->getMessage(),true); + continue; + } } if(function_exists($pl . '_load')) { $func = $pl . '_load'; - $func(); + try { + $func(); + } catch ($e) { + handleerrors_plugin($plugin,"","LOAD FAILED (uninstalling): ".$e->getMessage(),true); + continue; + } } q("UPDATE addon SET tstamp = %d WHERE id = %d", intval($t), -- cgit v1.2.3 From 35b4f0a863421fdfe27b6371516dc37805583317 Mon Sep 17 00:00:00 2001 From: "M.Dent" Date: Sat, 7 Apr 2018 23:01:18 -0400 Subject: Add class for Exceptions --- include/plugin.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'include') diff --git a/include/plugin.php b/include/plugin.php index 29d24b410..2ef33e6fa 100755 --- a/include/plugin.php +++ b/include/plugin.php @@ -37,7 +37,7 @@ function unload_plugin($plugin){ $func = $plugin . '_unload'; try { $func(); - } catch ($e) { + } catch (Exception $e) { handleerrors_plugin($plugin,"Unable to unload.",$e->getMessage()); } } @@ -62,7 +62,7 @@ function uninstall_plugin($plugin) { $func = $plugin . '_uninstall'; try { $func(); - } catch ($e) { + } catch (Exception $e) { handleerrors_plugin($plugin,"Unable to uninstall.","Unable to run _uninstall : ".$e->getMessage()); } } @@ -92,7 +92,7 @@ function install_plugin($plugin) { $func = $plugin . '_install'; try { $func(); - } catch ($e) { + } catch (Exception $e) { handleerrors_plugin($plugin,"Install failed.","Install failed : ".$e->getMessage()); return; } @@ -127,7 +127,7 @@ function load_plugin($plugin) { $func = $plugin . '_load'; try { $func(); - } catch ($e) { + } catch (Exception $e) { handleerrors_plugin($plugin,"Unable to load.","FAILED loading : ".$e->getMessage()); return; } @@ -198,7 +198,7 @@ function reload_plugins() { $func = $pl . '_unload'; try { $func(); - } catch ($e) { + } catch (Exception $e) { handleerrors_plugin($plugin,"","UNLOAD FAILED (uninstalling) : ".$e->getMessage(),true); continue; } @@ -207,7 +207,7 @@ function reload_plugins() { $func = $pl . '_load'; try { $func(); - } catch ($e) { + } catch (Exception $e) { handleerrors_plugin($plugin,"","LOAD FAILED (uninstalling): ".$e->getMessage(),true); continue; } -- cgit v1.2.3 From a0cba6564f5b42c0882ef1c6837677544d1ffb9f Mon Sep 17 00:00:00 2001 From: "M.Dent" Date: Sat, 7 Apr 2018 23:12:39 -0400 Subject: Uninstall plugin on Exception on load. --- include/plugin.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/plugin.php b/include/plugin.php index 2ef33e6fa..2084f9107 100755 --- a/include/plugin.php +++ b/include/plugin.php @@ -128,7 +128,7 @@ function load_plugin($plugin) { try { $func(); } catch (Exception $e) { - handleerrors_plugin($plugin,"Unable to load.","FAILED loading : ".$e->getMessage()); + handleerrors_plugin($plugin,"Unable to load.","FAILED loading : ".$e->getMessage(),true); return; } -- cgit v1.2.3 From ff77f14f2fb628a2192997052cc5813c421de2f7 Mon Sep 17 00:00:00 2001 From: "M.Dent" Date: Sat, 7 Apr 2018 23:41:22 -0400 Subject: Remove remove plugin from \App::[] on uninstall --- include/plugin.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/plugin.php b/include/plugin.php index 2084f9107..4545e1e8d 100755 --- a/include/plugin.php +++ b/include/plugin.php @@ -20,7 +20,10 @@ function handleerrors_plugin($plugin,$notice,$log,$uninstall=false){ } if ($uninstall) { - plugin_uninstall($plugin); + $idx = array_search($plugin, \App::$plugins); + unset(\App::$plugins[$idx]); + uninstall_plugin($plugin); + set_config("system","addon", implode(", ",\App::$plugins)); } } -- cgit v1.2.3 From f9ec3c66ff1305ca0647454d27793ac5365f7f4a Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Sun, 8 Apr 2018 19:44:21 -0400 Subject: Added feature setting for auto-save, defaulting to enabled. --- include/conversation.php | 5 ++++- include/features.php | 9 +++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/conversation.php b/include/conversation.php index ce0467770..3834d9866 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -1301,7 +1301,9 @@ function status_editor($a, $x, $popup = false) { $id_select = ''; $webpage = ((x($x,'webpage')) ? $x['webpage'] : ''); - + + $feature_auto_save_draft = ((feature_enabled($x['profile_uid'], 'auto_save_draft')) ? "true" : "false"); + $tpl = get_markup_template('jot-header.tpl'); App::$page['htmlhead'] .= replace_macros($tpl, array( @@ -1323,6 +1325,7 @@ function status_editor($a, $x, $popup = false) { '$modalerroralbum' => t('Error getting album'), '$nocomment_enabled' => t('Comments enabled'), '$nocomment_disabled' => t('Comments disabled'), + '$auto_save_draft' => $feature_auto_save_draft, )); $tpl = get_markup_template('jot.tpl'); diff --git a/include/features.php b/include/features.php index 4859a01db..36f4f0433 100644 --- a/include/features.php +++ b/include/features.php @@ -350,6 +350,15 @@ function get_features($filtered = true) { feature_level('suppress_duplicates',1), ], + [ + 'auto_save_draft', + t('Auto-save drafts of posts and comments'), + t('Automatically saves post and comment drafts in local browser storage to help prevent accidental loss of compositions'), + true, + get_config('feature_lock','auto_save_draft'), + feature_level('auto_save_draft',1), + ], + ], // Network Tools -- cgit v1.2.3 From 6ce3ca1ce02a535938812372ece9377242c2eaa4 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sun, 8 Apr 2018 19:28:57 -0700 Subject: anon_identity_init: put anonymous commenters in network 'anon' so that they can be easily distinguished from federated network members and handled appropriately. --- include/channel.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'include') diff --git a/include/channel.php b/include/channel.php index 4a87ef602..296f84c7b 100644 --- a/include/channel.php +++ b/include/channel.php @@ -2725,7 +2725,7 @@ function anon_identity_init($reqvars) { $hash = hash('md5',$anon_email); - $x = q("select * from xchan where xchan_guid = '%s' and xchan_hash = '%s' and xchan_network = 'unknown' limit 1", + $x = q("select * from xchan where xchan_guid = '%s' and xchan_hash = '%s' and xchan_network = 'anon' limit 1", dbesc($anon_email), dbesc($hash) ); @@ -2736,12 +2736,12 @@ function anon_identity_init($reqvars) { 'xchan_hash' => $hash, 'xchan_name' => $anon_name, 'xchan_url' => $anon_url, - 'xchan_network' => 'unknown', + 'xchan_network' => 'anon', 'xchan_name_date' => datetime_convert() ]); - $x = q("select * from xchan where xchan_guid = '%s' and xchan_hash = '%s' and xchan_network = 'unknown' limit 1", + $x = q("select * from xchan where xchan_guid = '%s' and xchan_hash = '%s' and xchan_network = 'anon' limit 1", dbesc($anon_email), dbesc($hash) ); -- cgit v1.2.3 From e0255c0dc45d8c670b865087336b4807d831e0fb Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sun, 8 Apr 2018 20:05:30 -0700 Subject: first cut of feature/techlevel merge --- include/features.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/features.php b/include/features.php index 4859a01db..57a6f7310 100644 --- a/include/features.php +++ b/include/features.php @@ -44,7 +44,7 @@ function feature_level($feature,$def) { return $def; } -function get_features($filtered = true) { +function get_features($filtered = true, $level = (-1)) { $account = \App::get_account(); @@ -499,7 +499,7 @@ function get_features($filtered = true) { $arr = $x['features']; - $techlevel = get_account_techlevel(); + $techlevel = (($level >= 0) ? $level : get_account_techlevel()); // removed any locked features and remove the entire category if this makes it empty -- cgit v1.2.3 From 6844d7c752a0d8614aa7490287d72a84a95b3a73 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sun, 8 Apr 2018 22:53:04 -0700 Subject: don't provide a connect button for transient identities --- include/connections.php | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'include') diff --git a/include/connections.php b/include/connections.php index 8d1b9e07f..e5bf07d96 100644 --- a/include/connections.php +++ b/include/connections.php @@ -110,6 +110,12 @@ function vcard_from_xchan($xchan, $observer = null, $mode = '') { $connect = t('Connect'); } + // don't provide a connect button for transient or one-way identities + + if(in_array($xchan['xchan_network'],['rss','anon','unknown']) || strpos($xchan['xchan_addr'],'guest:') === 0) { + $connect = false; + } + if(array_key_exists('channel_id',$xchan)) App::$profile_uid = $xchan['channel_id']; -- cgit v1.2.3 From 04935f139d924514b066a3cbe3a544102090de59 Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Mon, 9 Apr 2018 14:28:41 +0200 Subject: fix xchan_query() for anon comments --- include/channel.php | 2 +- include/text.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/channel.php b/include/channel.php index 296f84c7b..5f87e587c 100644 --- a/include/channel.php +++ b/include/channel.php @@ -2748,7 +2748,7 @@ function anon_identity_init($reqvars) { $photo = z_root() . '/' . get_default_profile_photo(300); $photos = import_xchan_photo($photo,$hash); - $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_guid = '%s' and xchan_hash = '%s' and xchan_network = 'unknown' ", + $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_guid = '%s' and xchan_hash = '%s' and xchan_network = 'anon' ", dbesc(datetime_convert()), dbesc($photos[0]), dbesc($photos[1]), diff --git a/include/text.php b/include/text.php index 255d02c7c..13c4bb819 100644 --- a/include/text.php +++ b/include/text.php @@ -2251,7 +2251,7 @@ function xchan_query(&$items, $abook = true, $effective_uid = 0) { $chans = q("select xchan.*,hubloc.* from xchan left join hubloc on hubloc_hash = xchan_hash where xchan_hash in (" . protect_sprintf(implode(',', $arr)) . ") and hubloc_primary = 1"); } - $xchans = q("select * from xchan where xchan_hash in (" . protect_sprintf(implode(',',$arr)) . ") and xchan_network in ('rss','unknown')"); + $xchans = q("select * from xchan where xchan_hash in (" . protect_sprintf(implode(',',$arr)) . ") and xchan_network in ('rss','unknown', 'anon')"); if(! $chans) $chans = $xchans; else -- cgit v1.2.3 From 6bf2c64aa2a5a25edbb84b747ab81a47d9e08abd Mon Sep 17 00:00:00 2001 From: zotlabs Date: Mon, 9 Apr 2018 21:44:04 -0700 Subject: Create catcloud widget and provide a type option which can include 'cards' or 'articles' --- include/taxonomy.php | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) (limited to 'include') diff --git a/include/taxonomy.php b/include/taxonomy.php index 4a3818096..d9bf3ecc4 100644 --- a/include/taxonomy.php +++ b/include/taxonomy.php @@ -212,8 +212,9 @@ function card_tagadelic($uid, $count = 0, $authors = '', $owner = '', $flags = 0 if(! perm_is_allowed($uid,get_observer_hash(),'view_pages')) return array(); + $item_normal = " and item.item_hidden = 0 and item.item_deleted = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_pending_remove = 0 + and item.item_blocked = 0 and item.obj_type != 'http://purl.org/zot/activity/file' "; - $item_normal = item_normal(); $sql_options = item_permissions_sql($uid); $count = intval($count); @@ -236,15 +237,16 @@ function card_tagadelic($uid, $count = 0, $authors = '', $owner = '', $flags = 0 // Fetch tags + $r = q("select term, count(term) as total from term left join item on term.oid = item.id where term.uid = %d and term.ttype = %d - and otype = %d and item_type = %d and item_private = 0 + and otype = %d and item_type = %d $sql_options $item_normal group by term order by total desc %s", intval($uid), intval($type), intval(TERM_OBJ_POST), - intval($restrict), + intval(ITEM_TYPE_CARD), ((intval($count)) ? "limit $count" : '') ); @@ -263,7 +265,9 @@ function article_tagadelic($uid, $count = 0, $authors = '', $owner = '', $flags return array(); - $item_normal = item_normal(); + $item_normal = " and item.item_hidden = 0 and item.item_deleted = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_pending_remove = 0 + and item.item_blocked = 0 and item.obj_type != 'http://purl.org/zot/activity/file' "; + $sql_options = item_permissions_sql($uid); $count = intval($count); @@ -288,13 +292,13 @@ function article_tagadelic($uid, $count = 0, $authors = '', $owner = '', $flags // Fetch tags $r = q("select term, count(term) as total from term left join item on term.oid = item.id where term.uid = %d and term.ttype = %d - and otype = %d and item_type = %d and item_private = 0 + and otype = %d and item_type = %d $sql_options $item_normal group by term order by total desc %s", intval($uid), intval($type), intval(TERM_OBJ_POST), - intval($restrict), + intval(ITEM_TYPE_ARTICLE), ((intval($count)) ? "limit $count" : '') ); -- cgit v1.2.3 From e060135304a337cf4a627b1f1e0dc7131f987362 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Mon, 9 Apr 2018 23:39:47 -0700 Subject: add commented_days parameter to item_expire(), default 7. Both expire_days and commented_days have to be exceeded to expire. --- include/items.php | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/items.php b/include/items.php index 6ddab9bf8..8bc4595b6 100755 --- a/include/items.php +++ b/include/items.php @@ -3504,11 +3504,14 @@ function item_getfeedattach($item) { } -function item_expire($uid,$days) { +function item_expire($uid,$days,$comment_days = 7) { if((! $uid) || ($days < 1)) return; + if(! $comment_days) + $comment_days = 7; + // $expire_network_only = save your own wall posts // and just expire conversations started by others // do not enable this until we can pass bulk delete messages through zot @@ -3527,6 +3530,7 @@ function item_expire($uid,$days) { $r = q("SELECT id FROM item WHERE uid = %d AND created < %s - INTERVAL %s + AND commented < %s - INTERVAL %s AND item_retained = 0 AND item_thread_top = 1 AND resource_type = '' @@ -3534,7 +3538,9 @@ function item_expire($uid,$days) { $sql_extra $item_normal LIMIT $expire_limit ", intval($uid), db_utcnow(), - db_quoteinterval(intval($days).' DAY') + db_quoteinterval(intval($days) . ' DAY'), + db_utcnow(), + db_quoteinterval(intval($comment_days) . ' DAY') ); if(! $r) -- cgit v1.2.3 From 2fa9645dfc4dc640d7460f069fc9536cce1e4fd2 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 11 Apr 2018 17:40:04 -0700 Subject: channel delegation: push current identity and pop it on logout from the delegated channel. This fixes the known issue of being forced to log back in after leaving the delegated channel. --- include/auth.php | 13 +++++++++++-- include/bbcode.php | 4 ++-- include/html2bbcode.php | 1 + 3 files changed, 14 insertions(+), 4 deletions(-) (limited to 'include') diff --git a/include/auth.php b/include/auth.php index 844566919..c44eeb8fc 100644 --- a/include/auth.php +++ b/include/auth.php @@ -145,8 +145,17 @@ if((isset($_SESSION)) && (x($_SESSION, 'authenticated')) && // process logout request $args = array('channel_id' => local_channel()); call_hooks('logging_out', $args); - App::$session->nuke(); - info( t('Logged out.') . EOL); + + + if($_SESSION['delegate'] && $_SESSION['delegate_push']) { + $_SESSION = $_SESSION['delegate_push']; + info( t('Delegation session ended.') . EOL); + } + else { + App::$session->nuke(); + info( t('Logged out.') . EOL); + } + goaway(z_root()); } diff --git a/include/bbcode.php b/include/bbcode.php index 152e4888f..340fe6b25 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -1001,11 +1001,11 @@ function bbcode($Text, $options = []) { } // Check for strike-through text if (strpos($Text,'[s]') !== false) { - $Text = preg_replace("(\[s\](.*?)\[\/s\])ism", '$1', $Text); + $Text = preg_replace("(\[s\](.*?)\[\/s\])ism", '$1', $Text); } // Check for over-line text if (strpos($Text,'[o]') !== false) { - $Text = preg_replace("(\[o\](.*?)\[\/o\])ism", '$1', $Text); + $Text = preg_replace("(\[o\](.*?)\[\/o\])ism", '$1', $Text); } if (strpos($Text,'[sup]') !== false) { $Text = preg_replace("(\[sup\](.*?)\[\/sup\])ism", '$1', $Text); diff --git a/include/html2bbcode.php b/include/html2bbcode.php index 4166299db..1a03fbdaf 100644 --- a/include/html2bbcode.php +++ b/include/html2bbcode.php @@ -164,6 +164,7 @@ function html2bbcode($message) node2bbcode($doc, 'b', array(), '[b]', '[/b]'); node2bbcode($doc, 'i', array(), '[i]', '[/i]'); node2bbcode($doc, 'u', array(), '[u]', '[/u]'); + node2bbcode($doc, 's', array(), '[s]', '[/s]'); node2bbcode($doc, 'big', array(), "[size=large]", "[/size]"); node2bbcode($doc, 'small', array(), "[size=small]", "[/size]"); -- cgit v1.2.3 From 739a6128247d55cdab9a6432e28f5710310951b3 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 11 Apr 2018 21:51:57 -0700 Subject: poll responses: start treating them as hidden activities now so that when this feature gets finished it will work flawlessly for versions greater than today. --- include/conversation.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/conversation.php b/include/conversation.php index 3834d9866..82317ae95 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -404,7 +404,7 @@ function count_descendants($item) { * @return boolean */ function visible_activity($item) { - $hidden_activities = [ ACTIVITY_LIKE, ACTIVITY_DISLIKE, ACTIVITY_AGREE, ACTIVITY_DISAGREE, ACTIVITY_ABSTAIN, ACTIVITY_ATTEND, ACTIVITY_ATTENDNO, ACTIVITY_ATTENDMAYBE ]; + $hidden_activities = [ ACTIVITY_LIKE, ACTIVITY_DISLIKE, ACTIVITY_AGREE, ACTIVITY_DISAGREE, ACTIVITY_ABSTAIN, ACTIVITY_ATTEND, ACTIVITY_ATTENDNO, ACTIVITY_ATTENDMAYBE, ACTIVITY_POLLRESPONSE ]; if(intval($item['item_notshown'])) return false; -- cgit v1.2.3 From 4aaea422bc78b351f055df66b1491e476bf65e12 Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Fri, 13 Apr 2018 10:12:57 +0200 Subject: move the thread author menu to to the wall item photo. the menu list was getting too long. --- include/conversation.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/conversation.php b/include/conversation.php index 82317ae95..4aa097d07 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -1039,7 +1039,7 @@ function thread_author_menu($item, $mode = '') { if($posts_link) { $menu[] = [ 'menu' => 'view_posts', - 'title' => t('Activity/Posts'), + 'title' => t('Recent Activity'), 'icon' => 'fw', 'action' => '', 'href' => $posts_link -- cgit v1.2.3 From e04d3c45a4fe7e503ea727c54e4c541d40e14661 Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Fri, 13 Apr 2018 11:58:12 +0200 Subject: provide visible star status for starred posts --- include/conversation.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/conversation.php b/include/conversation.php index 4aa097d07..30acd6329 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -1724,7 +1724,7 @@ function network_tabs() { if(feature_enabled(local_channel(),'star_posts')) { $tabs[] = array( 'label' => t('Starred'), - 'url'=>z_root() . '/' . $cmd . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&star=1', + 'url'=>z_root() . '/' . $cmd . '/?f=' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : '') . '&star=1', 'sel'=>$starred_active, 'title' => t('Favourite Posts'), ); -- cgit v1.2.3 From fdf5799857d2f92f6ec7658d271fd3aab22768d5 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sat, 14 Apr 2018 16:47:51 -0700 Subject: allow dbg(2) to only return the canonical SQL used in the query and the number of results, but not log every single result. Maybe we should use 1 for this and 2 for the full results, but I didn't really want to change the way people do things today. If anybody has a strong opinion about doing this, go ahead and change it and send a note to the developer forum. --- include/dba/dba_pdo.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/dba/dba_pdo.php b/include/dba/dba_pdo.php index f24c5381a..9321fddd6 100755 --- a/include/dba/dba_pdo.php +++ b/include/dba/dba_pdo.php @@ -100,7 +100,9 @@ class dba_pdo extends dba_driver { if($this->debug) { db_logger('dba_pdo: DEBUG: ' . printable($sql) . ' returned ' . count($r) . ' results.', LOGGER_NORMAL, LOG_INFO); - db_logger('dba_pdo: ' . printable(print_r($r,true)), LOGGER_NORMAL, LOG_INFO); + if(intval($this->debug) === 1) { + db_logger('dba_pdo: ' . printable(print_r($r,true)), LOGGER_NORMAL, LOG_INFO); + } } return (($this->error) ? false : $r); -- cgit v1.2.3 From 518db97962c52e9d6dfb5638647eb48ab55c354f Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sat, 14 Apr 2018 16:56:30 -0700 Subject: never mind. dbg(1) now gives you the basic debug result and dbg(2) gives you the verbose debug option with all the results. --- include/dba/dba_pdo.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/dba/dba_pdo.php b/include/dba/dba_pdo.php index 9321fddd6..5002f53e7 100755 --- a/include/dba/dba_pdo.php +++ b/include/dba/dba_pdo.php @@ -100,7 +100,7 @@ class dba_pdo extends dba_driver { if($this->debug) { db_logger('dba_pdo: DEBUG: ' . printable($sql) . ' returned ' . count($r) . ' results.', LOGGER_NORMAL, LOG_INFO); - if(intval($this->debug) === 1) { + if(intval($this->debug) > 1) { db_logger('dba_pdo: ' . printable(print_r($r,true)), LOGGER_NORMAL, LOG_INFO); } } -- cgit v1.2.3 From 1662f76f03e8f12adeaeb91ee1745aa070f317fe Mon Sep 17 00:00:00 2001 From: zotlabs Date: Mon, 16 Apr 2018 16:12:57 -0700 Subject: hubzilla issue #1078 ; provide content-type header for system emails (was already correct for notification emails) --- include/network.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/network.php b/include/network.php index db9a7d00a..747b46877 100644 --- a/include/network.php +++ b/include/network.php @@ -1845,7 +1845,8 @@ function z_mail($params) { $messageHeader = $params['additionalMailHeader'] . "From: $fromName <{$params['fromEmail']}>\n" . - "Reply-To: $fromName <{$params['replyTo']}>"; + "Reply-To: $fromName <{$params['replyTo']}>\n" . + "Content-Type: text/plain; charset=UTF-8"; // send the message $res = mail( -- cgit v1.2.3 From d38b5ed2f52526f9f50313d9123643be3d84842b Mon Sep 17 00:00:00 2001 From: zotlabs Date: Mon, 16 Apr 2018 17:40:33 -0700 Subject: update the placeholder --- include/nav.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/nav.php b/include/nav.php index df58ee96f..a443c58ff 100644 --- a/include/nav.php +++ b/include/nav.php @@ -176,7 +176,7 @@ EOT; $nav['help'] = [$help_url, t('Help'), "", t('Help and documentation'), 'help_nav_btn', $context_help, $enable_context_help]; } - $nav['search'] = ['search', t('Search'), "", t('Search site @name, #tag, ?docs, content')]; + $nav['search'] = ['search', t('Search'), "", t('Search site @name, !forum, #tag, ?docs, content')]; /** @@ -287,7 +287,7 @@ EOT; '$is_owner' => $is_owner, '$sel' => App::$nav_sel, '$powered_by' => $powered_by, - '$help' => t('@name, #tag, ?doc, content'), + '$help' => t('@name, !forum, #tag, ?doc, content'), '$pleasewait' => t('Please wait...'), '$nav_apps' => $nav_apps, '$navbar_apps' => $navbar_apps, -- cgit v1.2.3 From 43e55eb9a6cb66ad040064fca8b8296bcd298a03 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Mon, 16 Apr 2018 21:40:43 -0700 Subject: Active channels information is a bit imprecise. Provide a higher accuracy method. This will require a transition period --- include/channel.php | 2 +- include/security.php | 9 +++++++++ include/zot.php | 11 +++++++++++ 3 files changed, 21 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/channel.php b/include/channel.php index 5f87e587c..4bf490bf0 100644 --- a/include/channel.php +++ b/include/channel.php @@ -2563,7 +2563,7 @@ function channel_remove($channel_id, $local = true, $unset_session = false) { q("DELETE FROM photo WHERE uid = %d", intval($channel_id)); q("DELETE FROM attach WHERE uid = %d", intval($channel_id)); q("DELETE FROM profile WHERE uid = %d", intval($channel_id)); - q("DELETE FROM src WHERE src_channel_id = %d", intval($channel_id)); + q("DELETE FROM source WHERE src_channel_id = %d", intval($channel_id)); $r = q("select hash FROM attach WHERE uid = %d", intval($channel_id)); if($r) { diff --git a/include/security.php b/include/security.php index 8b7e7d076..19278d5cb 100644 --- a/include/security.php +++ b/include/security.php @@ -266,6 +266,15 @@ function change_channel($change_channel) { $_SESSION['mobile_theme'] = get_pconfig(local_channel(),'system', 'mobile_theme'); $_SESSION['cloud_tiles'] = get_pconfig(local_channel(),'system', 'cloud_tiles'); date_default_timezone_set($r[0]['channel_timezone']); + + // Update the active timestamp at most once a day + + if(substr($r[0]['channel_active'],0,10) !== substr(datetime_convert(),0,10)) { + $z = q("UPDATE channel SET channel_active = '%s' WHERE channel_id = %d", + dbesc(datetime_convert()), + intval($r[0]['channel_id']) + ); + } $ret = $r[0]; } $x = q("select * from xchan where xchan_hash = '%s' limit 1", diff --git a/include/zot.php b/include/zot.php index 2ad43f0e5..c2b622277 100644 --- a/include/zot.php +++ b/include/zot.php @@ -3208,6 +3208,9 @@ function build_sync_packet($uid = 0, $packet = null, $groups_changed = false) { $channel = $r[0]; + // don't provide these in the export + + unset($channel['channel_active']); unset($channel['channel_password']); unset($channel['channel_salt']); @@ -3474,6 +3477,14 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) { continue; } + // if the clone is active, so are we + + if(substr($channel['channel_active'],0,10) !== substr(datetime_convert(),0,10)) { + q("UPDATE channel set channel_active = '%s' where channel_id = %d", + dbesc(datetime_convert()), + intval($channel['channel_id']) + ); + } if(array_key_exists('config',$arr) && is_array($arr['config']) && count($arr['config'])) { foreach($arr['config'] as $cat => $k) { -- cgit v1.2.3 From 8b9952e770a6a0245a2b8a1a41214b9fec440e08 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Mon, 16 Apr 2018 23:32:40 -0700 Subject: set the correct webfinger Accept: request header now that Mastodon fixed the bug that we changed it to work around --- include/network.php | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) (limited to 'include') diff --git a/include/network.php b/include/network.php index 747b46877..897fbccd6 100644 --- a/include/network.php +++ b/include/network.php @@ -1240,16 +1240,9 @@ function webfinger_rfc7033($webbie, $zot = false) { } logger('fetching url from resource: ' . $rhs . ':' . $webbie); - // The default curl Accept: header is */*, which is incorrectly handled by Mastodon servers - // and results in a 406 (Not Acceptable) response, and will also incorrectly produce an XML - // document if you use 'application/jrd+json, */*'. We could set this to application/jrd+json, - // but some test webfinger servers may not explicitly set the content type and they would be - // blocked. The best compromise until Mastodon is fixed is to remove the Accept header which is - // accomplished by setting it to nothing. - $counter = 0; $s = z_fetch_url('https://' . $rhs . '/.well-known/webfinger?f=&resource=' . $resource . (($zot) ? '&zot=1' : ''), - false, $counter, [ 'headers' => [ 'Accept:' ] ]); + false, $counter, [ 'headers' => [ 'Accept: application/jrd+json, */*' ] ]); if($s['success']) { $j = json_decode($s['body'], true); -- cgit v1.2.3 From 393cd46a82bd4c00c72e8734df2d1fa62928cc06 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Tue, 17 Apr 2018 20:08:14 -0700 Subject: public stream tag enhancements --- include/taxonomy.php | 64 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) (limited to 'include') diff --git a/include/taxonomy.php b/include/taxonomy.php index d9bf3ecc4..6011ca80c 100644 --- a/include/taxonomy.php +++ b/include/taxonomy.php @@ -312,6 +312,70 @@ function article_tagadelic($uid, $count = 0, $authors = '', $owner = '', $flags +function pubtagblock($net,$site,$limit,$recent = 0,$type = TERM_HASHTAG) { + $o = ''; + + $r = pub_tagadelic($net,$site,$limit,$since,$type); + $link = z_root() . '/pubstream'; + + if($r) { + $o = '

' . (($recent) ? t('Trending') : t('Tags')) . '

'; + foreach($r as $rr) { + $o .= '#'.$rr[0].' ' . "\r\n"; + } + $o .= '
'; + } + + return $o; +} + +function pub_tagadelic($net,$site,$limit,$recent,$type) { + + + $item_normal = item_normal(); + $count = intval($limit); + + + if($site) { + $uids = " and item.uid in ( " . stream_perms_api_uids(PERMS_PUBLIC) . " ) and item_private = 0 and item_wall = 1 "; + } + else { + $sys = get_sys_channel(); + $uids = " and item.uid = " . intval($sys['channel_id']) . " "; + $sql_extra = item_permissions_sql($sys['channel_id']); + } + + if($recent) + $sql_extra .= " and item.created > '" . datetime_convert('UTC','UTC', 'now - ' . intval($recent) . ' days ') . "' "; + + // Fetch tags + $r = q("select term, count(term) as total from term left join item on term.oid = item.id + where term.ttype = %d + and otype = %d and item_type = %d + $sql_extra $uids $item_normal + group by term order by total desc %s", + intval($type), + intval(TERM_OBJ_POST), + intval(ITEM_TYPE_POST), + ((intval($count)) ? "limit $count" : '') + ); + + if(! $r) + return array(); + + return Zotlabs\Text\Tagadelic::calc($r); + +} + + + + + + + + + + function dir_tagadelic($count = 0, $hub = '') { -- cgit v1.2.3 From a806c68713baebcc8ca3353e01031593b2f571a4 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Tue, 17 Apr 2018 20:27:36 -0700 Subject: fine tuning the public stream tag results --- include/taxonomy.php | 9 --------- 1 file changed, 9 deletions(-) (limited to 'include') diff --git a/include/taxonomy.php b/include/taxonomy.php index 6011ca80c..97cbe03d7 100644 --- a/include/taxonomy.php +++ b/include/taxonomy.php @@ -368,15 +368,6 @@ function pub_tagadelic($net,$site,$limit,$recent,$type) { } - - - - - - - - - function dir_tagadelic($count = 0, $hub = '') { $count = intval($count); -- cgit v1.2.3 From 6903dbcc0dd01e86f853fdd0cba680ece05aa937 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Tue, 17 Apr 2018 21:48:43 -0700 Subject: re-use directory safemode setting for public stream tag filtering since a handful of well-known tags skews the results wildly. Added 'bot' to the list just because it's noisy. A site can customise or nullify this feature if they desire. --- include/taxonomy.php | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) (limited to 'include') diff --git a/include/taxonomy.php b/include/taxonomy.php index 97cbe03d7..59998be83 100644 --- a/include/taxonomy.php +++ b/include/taxonomy.php @@ -312,10 +312,10 @@ function article_tagadelic($uid, $count = 0, $authors = '', $owner = '', $flags -function pubtagblock($net,$site,$limit,$recent = 0,$type = TERM_HASHTAG) { +function pubtagblock($net,$site,$limit,$recent = 0,$safemode = 1, $type = TERM_HASHTAG) { $o = ''; - $r = pub_tagadelic($net,$site,$limit,$since,$type); + $r = pub_tagadelic($net,$site,$limit,$since,$safemode,$type); $link = z_root() . '/pubstream'; if($r) { @@ -329,13 +329,12 @@ function pubtagblock($net,$site,$limit,$recent = 0,$type = TERM_HASHTAG) { return $o; } -function pub_tagadelic($net,$site,$limit,$recent,$type) { +function pub_tagadelic($net,$site,$limit,$recent,$safemode,$type) { $item_normal = item_normal(); $count = intval($limit); - if($site) { $uids = " and item.uid in ( " . stream_perms_api_uids(PERMS_PUBLIC) . " ) and item_private = 0 and item_wall = 1 "; } @@ -348,6 +347,16 @@ function pub_tagadelic($net,$site,$limit,$recent,$type) { if($recent) $sql_extra .= " and item.created > '" . datetime_convert('UTC','UTC', 'now - ' . intval($recent) . ' days ') . "' "; + + if($safemode) { + $unsafetags = get_config('system','unsafepubtags', [ 'boobs', 'bot', 'girl','girls', 'nsfw', 'sexy', 'nude' ]); + if($unsafetags) { + stringify_array_elms($unsafetags,true); + $sql_extra .= " and not term.term in ( " . implode(",",$unsafetags) . ") "; + } + } + + // Fetch tags $r = q("select term, count(term) as total from term left join item on term.oid = item.id where term.ttype = %d -- cgit v1.2.3 From 0f5ae5cac8770e27e815ac6558862a0fd321446d Mon Sep 17 00:00:00 2001 From: zotlabs Date: Tue, 17 Apr 2018 21:55:00 -0700 Subject: also add the noisy 'rss' tag --- include/taxonomy.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/taxonomy.php b/include/taxonomy.php index 59998be83..c46f60e46 100644 --- a/include/taxonomy.php +++ b/include/taxonomy.php @@ -349,7 +349,7 @@ function pub_tagadelic($net,$site,$limit,$recent,$safemode,$type) { if($safemode) { - $unsafetags = get_config('system','unsafepubtags', [ 'boobs', 'bot', 'girl','girls', 'nsfw', 'sexy', 'nude' ]); + $unsafetags = get_config('system','unsafepubtags', [ 'boobs', 'bot', 'rss', 'girl','girls', 'nsfw', 'sexy', 'nude' ]); if($unsafetags) { stringify_array_elms($unsafetags,true); $sql_extra .= " and not term.term in ( " . implode(",",$unsafetags) . ") "; -- cgit v1.2.3 From fc7d9c235cf845e687095d4f30d32eca4c12bc4a Mon Sep 17 00:00:00 2001 From: zotlabs Date: Tue, 17 Apr 2018 22:23:28 -0700 Subject: minor code optimisation --- include/taxonomy.php | 15 +++++---------- include/text.php | 17 +++++++++++++++++ 2 files changed, 22 insertions(+), 10 deletions(-) (limited to 'include') diff --git a/include/taxonomy.php b/include/taxonomy.php index c46f60e46..f65cdd941 100644 --- a/include/taxonomy.php +++ b/include/taxonomy.php @@ -174,8 +174,7 @@ function tagadelic($uid, $count = 0, $authors = '', $owner = '', $flags = 0, $re if(! is_array($authors)) $authors = array($authors); - stringify_array_elms($authors,true); - $sql_options .= " and author_xchan in (" . implode(',',$authors) . ") "; + $sql_options .= " and author_xchan in (" . stringify_array($authors,true) . ") "; } if($owner) { @@ -227,8 +226,7 @@ function card_tagadelic($uid, $count = 0, $authors = '', $owner = '', $flags = 0 if(! is_array($authors)) $authors = array($authors); - stringify_array_elms($authors,true); - $sql_options .= " and author_xchan in (" . implode(',',$authors) . ") "; + $sql_options .= " and author_xchan in (" . stringify_array($authors,true) . ") "; } if($owner) { @@ -280,8 +278,7 @@ function article_tagadelic($uid, $count = 0, $authors = '', $owner = '', $flags if(! is_array($authors)) $authors = array($authors); - stringify_array_elms($authors,true); - $sql_options .= " and author_xchan in (" . implode(',',$authors) . ") "; + $sql_options .= " and author_xchan in (" . stringify_array($authors,true) . ") "; } if($owner) { @@ -351,8 +348,7 @@ function pub_tagadelic($net,$site,$limit,$recent,$safemode,$type) { if($safemode) { $unsafetags = get_config('system','unsafepubtags', [ 'boobs', 'bot', 'rss', 'girl','girls', 'nsfw', 'sexy', 'nude' ]); if($unsafetags) { - stringify_array_elms($unsafetags,true); - $sql_extra .= " and not term.term in ( " . implode(",",$unsafetags) . ") "; + $sql_extra .= " and not term.term in ( " . stringify_array($unsafetags,true) . ") "; } } @@ -621,9 +617,8 @@ function get_things($profile_hash,$uid) { if(! in_array($rr['obj_obj'],$profile_hashes)) $profile_hashes[] = $rr['obj_obj']; } - stringify_array_elms($profile_hashes); if(! $profile_hash) { - $exp = explode(',',$profile_hashes); + $exp = stringify_array($profile_hashes,true); $p = q("select profile_guid as hash, profile_name as name from profile where profile_guid in ( $exp ) "); if($p) { foreach($r as $rr) { diff --git a/include/text.php b/include/text.php index 13c4bb819..bc44f22f3 100644 --- a/include/text.php +++ b/include/text.php @@ -2324,6 +2324,23 @@ function stringify_array_elms(&$arr, $escape = false) { $arr[$x] = "'" . (($escape) ? dbesc($arr[$x]) : $arr[$x]) . "'"; } + +/** + * @brief Similar to stringify_array_elms but returns a string. If $escape is true, dbesc() each element before adding quotes. + * + * @param array $arr + * @param boolean $escape (optional) default false + * @return string + */ +function stringify_array($arr, $escape = false) { + if($arr) { + stringify_array_elms($arr); + return(implode(',',$arr)); + } + return EMPTY_STR; +} + + /** * @brief Indents a flat JSON string to make it more human-readable. * -- cgit v1.2.3 From c53f788cc85f83f00e1b5bec19efd54f1372a12b Mon Sep 17 00:00:00 2001 From: zotlabs Date: Tue, 17 Apr 2018 23:36:35 -0700 Subject: add alt_pager to mod_moderate, remove legacy $a parameter from all occurrences of alt_pager --- include/text.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/text.php b/include/text.php index bc44f22f3..e04b51610 100644 --- a/include/text.php +++ b/include/text.php @@ -531,7 +531,7 @@ function paginate(&$a) { } -function alt_pager(&$a, $i, $more = '', $less = '') { +function alt_pager($i, $more = '', $less = '') { if(! $more) $more = t('older'); -- cgit v1.2.3 From 2ec28a59932defdf6353f8ed72e3e67ef5a90f9a Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 18 Apr 2018 15:56:57 -0700 Subject: just provide the trending tags in public stream by default and simplify the query to improve load times; I intend to do additional work on this feature later --- include/taxonomy.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/taxonomy.php b/include/taxonomy.php index f65cdd941..e8d33986f 100644 --- a/include/taxonomy.php +++ b/include/taxonomy.php @@ -338,7 +338,7 @@ function pub_tagadelic($net,$site,$limit,$recent,$safemode,$type) { else { $sys = get_sys_channel(); $uids = " and item.uid = " . intval($sys['channel_id']) . " "; - $sql_extra = item_permissions_sql($sys['channel_id']); + $sql_extra = " and item_private = 0 "; } if($recent) -- cgit v1.2.3 From 85ccfb4bbcbd22ac234a8ac2a3d7ec2ec831ae29 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 18 Apr 2018 17:07:29 -0700 Subject: do not queue anything which lacks a destination url --- include/queue_fn.php | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'include') diff --git a/include/queue_fn.php b/include/queue_fn.php index 798ac36db..f05bac5b0 100644 --- a/include/queue_fn.php +++ b/include/queue_fn.php @@ -95,6 +95,12 @@ function queue_set_delivered($id,$channel = 0) { function queue_insert($arr) { + // do not queue anything with no destination + + if(! (array_key_exists('posturl',$arr) && trim($arr['posturl']))) { + return false; + } + $x = q("insert into outq ( outq_hash, outq_account, outq_channel, outq_driver, outq_posturl, outq_async, outq_priority, outq_created, outq_updated, outq_scheduled, outq_notify, outq_msg ) values ( '%s', %d, %d, '%s', '%s', %d, %d, '%s', '%s', '%s', '%s', '%s' )", -- cgit v1.2.3 From a2e0706d55ee02cf665f366616ef10ff624b3bcc Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 18 Apr 2018 17:26:05 -0700 Subject: relax restrictions to the design tools menu to allow those with write_pages permission; this doesn't fix the underlying modules though as there are some potential security issues at the moment. --- include/text.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/text.php b/include/text.php index e04b51610..55fc49560 100644 --- a/include/text.php +++ b/include/text.php @@ -2404,7 +2404,7 @@ function jindent($json) { */ function design_tools() { - $channel = App::get_channel(); + $channel = channelx_by_n(App::$profile['profile_uid']); $sys = false; if(App::$is_sys && is_site_admin()) { -- cgit v1.2.3 From a81011333fc113006fbf49b561915532f6cd2509 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 18 Apr 2018 19:41:09 -0700 Subject: follow activitypub by webfinger; requires addon update to all federation protocols --- include/follow.php | 8 ++++---- include/network.php | 9 +++++---- 2 files changed, 9 insertions(+), 8 deletions(-) (limited to 'include') diff --git a/include/follow.php b/include/follow.php index a63fe66ea..d803afa3f 100644 --- a/include/follow.php +++ b/include/follow.php @@ -150,9 +150,9 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) // attempt network auto-discovery - $d = discover_by_webbie($url,$protocol); + $wf = discover_by_webbie($url,$protocol); - if((! $d) && ($is_http)) { + if((! $wf) && ($is_http)) { // try RSS discovery @@ -167,9 +167,9 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) } } - if($d) { + if($wf || $d) { $r = q("select * from xchan where xchan_hash = '%s' or xchan_url = '%s' limit 1", - dbesc($url), + dbesc(($wf) ? $wf : $url), dbesc($url) ); } diff --git a/include/network.php b/include/network.php index 897fbccd6..c41d87af0 100644 --- a/include/network.php +++ b/include/network.php @@ -1192,9 +1192,10 @@ function discover_by_webbie($webbie, $protocol = '') { logger('webfinger: ' . print_r($x,true), LOGGER_DATA, LOG_INFO); $arr = [ - 'address' => $webbie, - 'protocol' => $protocol, - 'success' => false, + 'address' => $webbie, + 'protocol' => $protocol, + 'success' => false, + 'xchan' => '', 'webfinger' => $x ]; /** @@ -1207,7 +1208,7 @@ function discover_by_webbie($webbie, $protocol = '') { */ call_hooks('discover_channel_webfinger', $arr); if($arr['success']) - return true; + return $arr['xchan']; return false; } -- cgit v1.2.3 From 2254262cf0bc89fb671b71fafde795a6b596e17f Mon Sep 17 00:00:00 2001 From: zotlabs Date: Thu, 19 Apr 2018 17:43:50 -0700 Subject: code booboo may have degraded the performance of the Trending tag query more than necessary --- include/taxonomy.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/taxonomy.php b/include/taxonomy.php index e8d33986f..46d95458c 100644 --- a/include/taxonomy.php +++ b/include/taxonomy.php @@ -312,7 +312,8 @@ function article_tagadelic($uid, $count = 0, $authors = '', $owner = '', $flags function pubtagblock($net,$site,$limit,$recent = 0,$safemode = 1, $type = TERM_HASHTAG) { $o = ''; - $r = pub_tagadelic($net,$site,$limit,$since,$safemode,$type); + $r = pub_tagadelic($net,$site,$limit,$recent,$safemode,$type); + $link = z_root() . '/pubstream'; if($r) { -- cgit v1.2.3 From 636fb95e24ad802edf40c48164692409a243164b Mon Sep 17 00:00:00 2001 From: zotlabs Date: Thu, 19 Apr 2018 23:35:24 -0700 Subject: permissions php error applying bit compare operation on a (presumed) boolean --- include/permissions.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'include') diff --git a/include/permissions.php b/include/permissions.php index f97142fab..591fe7ce5 100644 --- a/include/permissions.php +++ b/include/permissions.php @@ -47,6 +47,9 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) { // First find out what the channel owner declared permissions to be. $channel_perm = \Zotlabs\Access\PermissionLimits::Get($uid,$perm_name); + if($channel_perm === false) { + $channel_perm = 0; + } if(! $channel_checked) { $r = q("select * from channel where channel_id = %d limit 1", -- cgit v1.2.3 From 8d0cbeab388b1a7f3eb426f71c97ff690496005d Mon Sep 17 00:00:00 2001 From: zotlabs Date: Thu, 19 Apr 2018 23:37:47 -0700 Subject: better fix to permisisons.php - just cast to int. That's exactly what we want. --- include/permissions.php | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) (limited to 'include') diff --git a/include/permissions.php b/include/permissions.php index 591fe7ce5..185d37b6a 100644 --- a/include/permissions.php +++ b/include/permissions.php @@ -46,10 +46,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) { // First find out what the channel owner declared permissions to be. - $channel_perm = \Zotlabs\Access\PermissionLimits::Get($uid,$perm_name); - if($channel_perm === false) { - $channel_perm = 0; - } + $channel_perm = intval(\Zotlabs\Access\PermissionLimits::Get($uid,$perm_name)); if(! $channel_checked) { $r = q("select * from channel where channel_id = %d limit 1", -- cgit v1.2.3 From 55dc6fbc1cae70e4f2b207c517c8c9155fda9662 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sun, 22 Apr 2018 18:12:16 -0700 Subject: imagemagick preserves exif when scaling. GD does not. We do not want to preserve exif on thumbnails which we have rotated, as a browser reading the exif information could rotate them yet again. This checkin adds an abstract function to the generic photo driver which makes the behaviour consistent by stripping EXIF from imagick processed images. However, we will attempt to preserve any ICC colour profiles. See http://php.net/manual/en/imagick.stripimage.php --- include/photo/photo_driver.php | 1 + include/photo/photo_gd.php | 5 +++++ include/photo/photo_imagick.php | 13 +++++++++++++ include/photos.php | 4 ++++ 4 files changed, 23 insertions(+) (limited to 'include') diff --git a/include/photo/photo_driver.php b/include/photo/photo_driver.php index 22d2b776d..2e2f5a758 100644 --- a/include/photo/photo_driver.php +++ b/include/photo/photo_driver.php @@ -75,6 +75,7 @@ abstract class photo_driver { abstract function imageString(); + abstract function clearexif(); public function __construct($data, $type='') { $this->types = $this->supportedTypes(); diff --git a/include/photo/photo_gd.php b/include/photo/photo_gd.php index 24bdc204f..e98ac2827 100644 --- a/include/photo/photo_gd.php +++ b/include/photo/photo_gd.php @@ -35,6 +35,11 @@ class photo_gd extends photo_driver { } + public function clearexif() { + return; + } + + public function destroy() { if($this->is_valid()) { imagedestroy($this->image); diff --git a/include/photo/photo_imagick.php b/include/photo/photo_imagick.php index 32bb61342..89577e71e 100644 --- a/include/photo/photo_imagick.php +++ b/include/photo/photo_imagick.php @@ -96,6 +96,19 @@ class photo_imagick extends photo_driver { } + public function clearexif() { + + $profiles = $this->image->getImageProfiles("icc", true); + + $this->image->stripImage(); + + if(!empty($profiles)) { + $this->image->profileImage("icc", $profiles['icc']); + } + } + + + public function getImage() { if(!$this->is_valid()) return FALSE; diff --git a/include/photos.php b/include/photos.php index 321f7159c..9ae0e6874 100644 --- a/include/photos.php +++ b/include/photos.php @@ -211,6 +211,10 @@ function photo_upload($channel, $observer, $args) { $ph->orient($exif); } + + $ph->clearexif(); + + @unlink($src); $max_length = get_config('system','max_image_length'); -- cgit v1.2.3 From fedb5fbcf5bf2a5dcecc0ad6324775ccbedbf3d6 Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Mon, 23 Apr 2018 10:47:35 +0200 Subject: update zot.php to fix php warning invalid argument supplied for foreach() - this is taken from pr #1085 which was against wrong branch --- include/zot.php | 34 ++++++++++++++++++---------------- 1 file changed, 18 insertions(+), 16 deletions(-) (limited to 'include') diff --git a/include/zot.php b/include/zot.php index c2b622277..0343f4464 100644 --- a/include/zot.php +++ b/include/zot.php @@ -3811,25 +3811,27 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) { foreach($x as $y) { // for each group, loop on members list we just received - foreach($members[$y['hash']] as $member) { - $found = false; - $z = q("select xchan from group_member where gid = %d and uid = %d and xchan = '%s' limit 1", - intval($y['id']), - intval($channel['channel_id']), - dbesc($member) - ); - if($z) - $found = true; - - // if somebody is in the group that wasn't before - add them - - if(! $found) { - q("INSERT INTO group_member (uid, gid, xchan) - VALUES( %d, %d, '%s' ) ", - intval($channel['channel_id']), + if(isset($y['hash']) && isset($members[$y['hash']])) { + foreach($members[$y['hash']] as $member) { + $found = false; + $z = q("select xchan from group_member where gid = %d and uid = %d and xchan = '%s' limit 1", intval($y['id']), + intval($channel['channel_id']), dbesc($member) ); + if($z) + $found = true; + + // if somebody is in the group that wasn't before - add them + + if(! $found) { + q("INSERT INTO group_member (uid, gid, xchan) + VALUES( %d, %d, '%s' ) ", + intval($channel['channel_id']), + intval($y['id']), + dbesc($member) + ); + } } } -- cgit v1.2.3 From 9ac67b44e42f433e34f60556e631b7573a83eb50 Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Mon, 23 Apr 2018 11:37:39 +0200 Subject: strings update --- include/conversation.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/conversation.php b/include/conversation.php index 30acd6329..97dd402fc 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -930,7 +930,7 @@ function thread_action_menu($item,$mode = '') { $menu[] = [ 'menu' => 'view_source', 'title' => t('View Source'), - 'icon' => 'eye', + 'icon' => 'code', 'action' => 'viewsrc(' . $item['id'] . '); return false;', 'href' => '#' ]; -- cgit v1.2.3 From b8aabde6c33f763984f3189b79f22cb8d62f2188 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 25 Apr 2018 20:47:30 -0700 Subject: malformed embeds from gfycat hubzilla issue #1108 --- include/oembed.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/oembed.php b/include/oembed.php index eee53b6c1..e677087a2 100755 --- a/include/oembed.php +++ b/include/oembed.php @@ -234,9 +234,11 @@ function oembed_fetch_url($embedurl){ if(preg_match('#\ Date: Thu, 26 Apr 2018 19:21:08 -0700 Subject: more testing of attach_move() uncovered some issues --- include/attach.php | 130 ++++++++++++++++++++++++++++++----------------------- 1 file changed, 73 insertions(+), 57 deletions(-) (limited to 'include') diff --git a/include/attach.php b/include/attach.php index 363005029..27bf0218a 100644 --- a/include/attach.php +++ b/include/attach.php @@ -2286,33 +2286,22 @@ function attach_move($channel_id, $resource_id, $new_folder_hash) { if(! ($c && $resource_id)) return false; + + // find the resource to be moved + $r = q("select * from attach where hash = '%s' and uid = %d limit 1", dbesc($resource_id), intval($channel_id) ); - if(! $r) + if(! $r) { + logger('resource_id not found'); return false; + } $oldstorepath = dbunescbin($r[0]['content']); - if($r[0]['is_dir']) { - $move_success = true; - $x = q("select hash from attach where folder = '%s' and uid = %d", - dbesc($r[0]['hash']), - intval($channel_id) - ); - if($x) { - foreach($x as $xv) { - $rs = attach_move($channel_id,$xv['hash'],$r[0]['hash']); - if(! $rs) { - $move_success = false; - break; - } - } - } - return $move_success; - } + // find the resource we are moving to if($new_folder_hash) { $n = q("select * from attach where hash = '%s' and uid = %d and is_dir = 1 limit 1", @@ -2326,6 +2315,10 @@ function attach_move($channel_id, $resource_id, $new_folder_hash) { $newstorepath = dbunescbin($n[0]['content']) . '/' . $resource_id; } else { + + // root directory + + $newdirname = EMPTY_STR; $newstorepath = 'store/' . $c['channel_address'] . '/' . $resource_id; } @@ -2335,56 +2328,61 @@ function attach_move($channel_id, $resource_id, $new_folder_hash) { $filename = $r[0]['filename']; - $s = q("select filename, id, hash, filesize from attach where filename = '%s' and folder = '%s' ", - dbesc($filename), - dbesc($new_folder_hash) - ); + // don't do duplicate check unless our parent folder has changed. - if($s) { - $overwrite = get_pconfig($channel_id,'system','overwrite_dup_files'); - if($overwrite) { - /// @fixme - return; - } - else { - if(strpos($filename,'.') !== false) { - $basename = substr($filename,0,strrpos($filename,'.')); - $ext = substr($filename,strrpos($filename,'.')); + if($r[0]['folder'] !== $new_folder_hash) { + + $s = q("select filename, id, hash, filesize from attach where filename = '%s' and folder = '%s' ", + dbesc($filename), + dbesc($new_folder_hash) + ); + + if($s) { + $overwrite = get_pconfig($channel_id,'system','overwrite_dup_files'); + if($overwrite) { + /// @fixme + return; } else { - $basename = $filename; - $ext = ''; - } + if(strpos($filename,'.') !== false) { + $basename = substr($filename,0,strrpos($filename,'.')); + $ext = substr($filename,strrpos($filename,'.')); + } + else { + $basename = $filename; + $ext = ''; + } - $matches = false; - if(preg_match('/(.*?)\([0-9]{1,}\)$/',$basename,$matches)) - $basename = $matches[1]; + $matches = false; + if(preg_match('/(.*?)\([0-9]{1,}\)$/',$basename,$matches)) + $basename = $matches[1]; - $v = q("select filename from attach where ( filename = '%s' OR filename like '%s' ) and folder = '%s' ", - dbesc($basename . $ext), - dbesc($basename . '(%)' . $ext), - dbesc($new_folder_hash) - ); + $v = q("select filename from attach where ( filename = '%s' OR filename like '%s' ) and folder = '%s' ", + dbesc($basename . $ext), + dbesc($basename . '(%)' . $ext), + dbesc($new_folder_hash) + ); - if($v) { - $x = 1; + if($v) { + $x = 1; - do { - $found = false; - foreach($v as $vv) { - if($vv['filename'] === $basename . '(' . $x . ')' . $ext) { - $found = true; - break; + do { + $found = false; + foreach($v as $vv) { + if($vv['filename'] === $basename . '(' . $x . ')' . $ext) { + $found = true; + break; + } } + if($found) + $x++; } - if($found) - $x++; + while($found); + $filename = $basename . '(' . $x . ')' . $ext; } - while($found); - $filename = $basename . '(' . $x . ')' . $ext; + else + $filename = $basename . $ext; } - else - $filename = $basename . $ext; } } @@ -2423,6 +2421,24 @@ function attach_move($channel_id, $resource_id, $new_folder_hash) { ); } + if($r[0]['is_dir']) { + $move_success = true; + $x = q("select hash from attach where folder = '%s' and uid = %d", + dbesc($r[0]['hash']), + intval($channel_id) + ); + if($x) { + foreach($x as $xv) { + $rs = attach_move($channel_id,$xv['hash'],$r[0]['hash']); + if(! $rs) { + $move_success = false; + break; + } + } + } + return $move_success; + } + return true; } -- cgit v1.2.3 From d0ba2cf6d469f2cbaef3749525eb19fcf36ed26d Mon Sep 17 00:00:00 2001 From: zotlabs Date: Thu, 26 Apr 2018 20:27:14 -0700 Subject: where possible strip zid parameter from links that get pasted into posts so that they will get a correct zid when rendered --- include/bbcode.php | 8 +++++--- include/text.php | 2 +- include/zid.php | 6 +++++- 3 files changed, 11 insertions(+), 5 deletions(-) (limited to 'include') diff --git a/include/bbcode.php b/include/bbcode.php index 340fe6b25..345b5b025 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -85,12 +85,14 @@ function tryoembed($match) { function nakedoembed($match) { $url = ((count($match) == 2) ? $match[1] : $match[2]); - $o = oembed_fetch_url($url); + $strip_url = strip_escaped_zids($url); + + $o = oembed_fetch_url($strip_url); if ($o['type'] == 'error') - return $match[0]; + return str_replace($url,$strip_url,$match[0]); - return '[embed]' . $url . '[/embed]'; + return '[embed]' . $strip_url . '[/embed]'; } function tryzrlaudio($match) { diff --git a/include/text.php b/include/text.php index 55fc49560..af88c9f9c 100644 --- a/include/text.php +++ b/include/text.php @@ -3267,6 +3267,7 @@ function cleanup_bbcode($body) { * First protect any url inside certain bbcode tags so we don't double link it. */ + $body = preg_replace_callback('/\[code(.*?)\[\/(code)\]/ism','\red_escape_codeblock',$body); $body = preg_replace_callback('/\[url(.*?)\[\/(url)\]/ism','\red_escape_codeblock',$body); $body = preg_replace_callback('/\[zrl(.*?)\[\/(zrl)\]/ism','\red_escape_codeblock',$body); @@ -3296,7 +3297,6 @@ function cleanup_bbcode($body) { $body = scale_external_images($body,false); - return $body; } diff --git a/include/zid.php b/include/zid.php index 5275c6d5a..fe06948ba 100644 --- a/include/zid.php +++ b/include/zid.php @@ -60,7 +60,7 @@ function zid($s, $address = '') { $url_match = true; if ($mine && $myaddr && (! $url_match)) - $zurl = $s . (($num_slashes >= 3) ? '' : '/') . $achar . 'zid=' . urlencode($myaddr); + $zurl = $s . (($num_slashes >= 3) ? '' : '/') . (($achar === '?') ? '?f=&' : '&') . 'zid=' . urlencode($myaddr); else $zurl = $s; @@ -103,6 +103,10 @@ function strip_zats($s) { return preg_replace('/[\?&]zat=(.*?)(&|$)/ism','$2',$s); } +function strip_escaped_zids($s) { + $x = preg_replace('/&\;zid=(.*?)(&|$)/ism','$2',$s); + return strip_query_param($x,'f'); +} function clean_query_string($s = '') { -- cgit v1.2.3 From 5e23640563618df30ff77ad21bbd429908267a32 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sat, 28 Apr 2018 14:13:56 -0700 Subject: remove unused function --- include/network.php | 25 +------------------------ 1 file changed, 1 insertion(+), 24 deletions(-) (limited to 'include') diff --git a/include/network.php b/include/network.php index c41d87af0..72f1dacaf 100644 --- a/include/network.php +++ b/include/network.php @@ -368,27 +368,6 @@ function z_post_url($url, $params, $redirects = 0, $opts = array()) { return($ret); } -/** - * @brief Like z_post_url() but with an application/json HTTP header. - * - * Add a "Content-Type: application/json" HTTP-header to $opts and call z_post_url(). - * - * @see z_post_url() - * - * @param string $url - * @param array $params - * @param number $redirects default 0 - * @param array $opts (optional) curl options - * @return z_post_url() - */ -function z_post_url_json($url, $params, $redirects = 0, $opts = array()) { - - $opts = array_merge($opts, array('headers' => array('Content-Type: application/json'))); - - return z_post_url($url,json_encode($params),$redirects,$opts); -} - - function json_return_and_die($x, $content_type = 'application/json') { header("Content-type: $content_type"); echo json_encode($x); @@ -779,7 +758,7 @@ function scale_external_images($s, $include_link = true, $scale_replace = false) * @brief xml2array() will convert the given XML text to an array in the XML structure. * * Link: http://www.bin-co.com/php/scripts/xml2array/ - * Portions significantly re-written by mike@macgirvin.com for Friendica + * Portions significantly re-written by mike@macgirvin.com * (namespaces, lowercase tags, get_attribute default changed, more...) * * Examples: $array = xml2array(file_get_contents('feed.xml')); @@ -1160,8 +1139,6 @@ function discover_by_webbie($webbie, $protocol = '') { $network = null; -// $webbie = strtolower($webbie); - $x = webfinger_rfc7033($webbie, true); if($x && array_key_exists('links',$x) && $x['links']) { foreach($x['links'] as $link) { -- cgit v1.2.3 From f620274c6a68ae9a2a6a5142947aa199862087fc Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sun, 29 Apr 2018 23:05:38 -0700 Subject: hubzilla issue #1119 - xml2array has issues with some unicode sequences/conversions. Working around it using the older simplexml parser until it can be debugged, as Diaspora does not use complex XML with namespaces; which is where we need the more advaced capabilities of xml2array. --- include/network.php | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'include') diff --git a/include/network.php b/include/network.php index 72f1dacaf..8b7490a8a 100644 --- a/include/network.php +++ b/include/network.php @@ -648,6 +648,7 @@ function parse_xml_string($s, $strict = true) { libxml_use_internal_errors(true); + $x = @simplexml_load_string($s2); if($x === false) { logger('libxml: parse: error: ' . $s2, LOGGER_DATA); @@ -661,6 +662,16 @@ function parse_xml_string($s, $strict = true) { return $x; } + +function sxml2array ( $xmlObject, $out = array () ) +{ + foreach ( (array) $xmlObject as $index => $node ) + $out[$index] = ( is_object ( $node ) ) ? sxml2array ( $node ) : $node; + + return $out; +} + + /** * @brief Scales an external image. * -- cgit v1.2.3 From e1738e8021dd482421e0d7aaae91bc4600550e34 Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Mon, 30 Apr 2018 10:27:11 +0200 Subject: Revert "hubzilla issue #1119 - xml2array has issues with some unicode sequences/conversions. Working around it using the older simplexml parser until it can be debugged, as Diaspora does not use complex XML with namespaces; which is where we need the more advaced capabilities of xml2array." This reverts commit f620274c6a68ae9a2a6a5142947aa199862087fc. --- include/network.php | 11 ----------- 1 file changed, 11 deletions(-) (limited to 'include') diff --git a/include/network.php b/include/network.php index 8b7490a8a..72f1dacaf 100644 --- a/include/network.php +++ b/include/network.php @@ -648,7 +648,6 @@ function parse_xml_string($s, $strict = true) { libxml_use_internal_errors(true); - $x = @simplexml_load_string($s2); if($x === false) { logger('libxml: parse: error: ' . $s2, LOGGER_DATA); @@ -662,16 +661,6 @@ function parse_xml_string($s, $strict = true) { return $x; } - -function sxml2array ( $xmlObject, $out = array () ) -{ - foreach ( (array) $xmlObject as $index => $node ) - $out[$index] = ( is_object ( $node ) ) ? sxml2array ( $node ) : $node; - - return $out; -} - - /** * @brief Scales an external image. * -- cgit v1.2.3 From 12c9e64463061650c32b49349351203ed62ec651 Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Mon, 30 Apr 2018 14:33:35 +0200 Subject: activitypub xchans do not have an xchan_addr. use xchan_url for the follow button if we do not find an xchan_addr --- include/connections.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/connections.php b/include/connections.php index e5bf07d96..32baa94bd 100644 --- a/include/connections.php +++ b/include/connections.php @@ -127,7 +127,7 @@ function vcard_from_xchan($xchan, $observer = null, $mode = '') { return replace_macros(get_markup_template('xchan_vcard.tpl'),array( '$name' => $xchan['xchan_name'], '$photo' => ((is_array(App::$profile) && array_key_exists('photo',App::$profile)) ? App::$profile['photo'] : $xchan['xchan_photo_l']), - '$follow' => $xchan['xchan_addr'], + '$follow' => (($xchan['xchan_addr']) ? $xchan['xchan_addr'] : $xchan['xchan_url']), '$link' => zid($xchan['xchan_url']), '$connect' => $connect, '$newwin' => (($mode === 'chanview') ? t('New window') : ''), -- cgit v1.2.3 From 3af691043dca48a788274bce86979b0c7df14a82 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Mon, 30 Apr 2018 22:30:59 -0700 Subject: parent folder permissions weren't being checked back to the cloud root directory in all cases --- include/attach.php | 39 ++++++++++++++++++++++++++------------- 1 file changed, 26 insertions(+), 13 deletions(-) (limited to 'include') diff --git a/include/attach.php b/include/attach.php index 27bf0218a..0d2b43b58 100644 --- a/include/attach.php +++ b/include/attach.php @@ -266,14 +266,12 @@ function attach_by_hash($hash, $observer_hash, $rev = 0) { return $ret; } - if(! perm_is_allowed($r[0]['uid'], $observer_hash, 'view_storage')) { + if(! attach_can_view($r[0]['uid'], $observer_hash, $hash)) { $ret['message'] = t('Permission denied.'); return $ret; } - $sql_extra = permissions_sql($r[0]['uid'],$observer_hash); - - // Now we'll see if we can access the attachment + // We've already checked for existence and permissions $r = q("SELECT * FROM attach WHERE hash = '%s' and uid = %d $sql_extra LIMIT 1", dbesc($hash), @@ -281,20 +279,12 @@ function attach_by_hash($hash, $observer_hash, $rev = 0) { ); if(! $r) { - $ret['message'] = t('Permission denied.'); + $ret['message'] = t('Unknown error.'); return $ret; } $r[0]['content'] = dbunescbin($r[0]['content']); - if($r[0]['folder']) { - $x = attach_can_view_folder($r[0]['uid'],$observer_hash,$r[0]['folder']); - if(! $x) { - $ret['message'] = t('Permission denied.'); - return $ret; - } - } - $ret['success'] = true; $ret['data'] = $r[0]; @@ -302,6 +292,29 @@ function attach_by_hash($hash, $observer_hash, $rev = 0) { } +function attach_can_view($uid,$ob_hash,$resource) { + + $sql_extra = permissions_sql($uid,$ob_hash); + $hash = $resource; + + if(! perm_is_allowed($uid,$ob_hash,'view_storage')) { + return false; + } + + $r = q("select folder from attach where hash = '%s' and uid = %d $sql_extra", + dbesc($hash), + intval($uid) + ); + if(! $r) { + return false; + } + + return attach_can_view_folder($uid,$ob_hash,$r[0]['folder']); + +} + + + function attach_can_view_folder($uid,$ob_hash,$folder_hash) { $sql_extra = permissions_sql($uid,$ob_hash); -- cgit v1.2.3 From 5c5ae2969e5465ff559b63532122611c315d88d9 Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Tue, 1 May 2018 10:34:23 +0200 Subject: Revert "Revert "hubzilla issue #1119 - xml2array has issues with some unicode sequences/conversions. Working around it using the older simplexml parser until it can be debugged, as Diaspora does not use complex XML with namespaces; which is where we need the more advaced capabilities of xml2array."" This reverts commit b223e364c6221aa3c680505fda4acfd6a1790272. --- include/network.php | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'include') diff --git a/include/network.php b/include/network.php index 72f1dacaf..8b7490a8a 100644 --- a/include/network.php +++ b/include/network.php @@ -648,6 +648,7 @@ function parse_xml_string($s, $strict = true) { libxml_use_internal_errors(true); + $x = @simplexml_load_string($s2); if($x === false) { logger('libxml: parse: error: ' . $s2, LOGGER_DATA); @@ -661,6 +662,16 @@ function parse_xml_string($s, $strict = true) { return $x; } + +function sxml2array ( $xmlObject, $out = array () ) +{ + foreach ( (array) $xmlObject as $index => $node ) + $out[$index] = ( is_object ( $node ) ) ? sxml2array ( $node ) : $node; + + return $out; +} + + /** * @brief Scales an external image. * -- cgit v1.2.3 From a9b71f5b4a6ed0f40b42c828a27fce472988fc30 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Tue, 1 May 2018 19:38:32 -0700 Subject: The channel import page seems to have missed the big theme cleanup of the last couple of years. --- include/dba/dba_driver.php | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) (limited to 'include') diff --git a/include/dba/dba_driver.php b/include/dba/dba_driver.php index b3298b673..9e9f24bb3 100755 --- a/include/dba/dba_driver.php +++ b/include/dba/dba_driver.php @@ -460,3 +460,28 @@ function db_logger($s,$level = LOGGER_NORMAL,$syslog = LOG_INFO) { \DBA::$logging = false; \DBA::$dba->debug = $saved; } + + +function db_columns($table) { + + if($table) { + if(ACTIVE_DBTYPE === DBTYPE_POSTGRES) { + $r = q("SELECT column_name as field FROM information_schema.columns WHERE table_schema = 'public' AND table_name = '%s'", + dbesc($table) + ); + if($r) { + return ids_to_array($r,'field'); + } + } + else { + $r = q("show columns in %s", + dbesc($table) + ); + if($r) { + return ids_to_array($r,'Field'); + } + } + } + + return []; +} \ No newline at end of file -- cgit v1.2.3 From 1f429a003386bbf11f26c9caea4b18b01cf09ef2 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 2 May 2018 13:49:22 -0700 Subject: hubzilla issue #1151 - activitypub mention gets bookmarked --- include/network.php | 4 ++-- include/text.php | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'include') diff --git a/include/network.php b/include/network.php index 8b7490a8a..a00ede6bf 100644 --- a/include/network.php +++ b/include/network.php @@ -797,7 +797,7 @@ function xml2array($contents, $namespaces = true, $get_attributes=1, $priority = if($namespaces) $parser = @xml_parser_create_ns("UTF-8",':'); else - $parser = @xml_parser_create(); + $parser = @xml_parser_create('UTF-8'); if(! $parser) { logger('xml2array: xml_parser_create: no resource'); @@ -807,7 +807,7 @@ function xml2array($contents, $namespaces = true, $get_attributes=1, $priority = xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, "UTF-8"); // http://minutillo.com/steve/weblog/2004/6/17/php-xml-and-character-encodings-a-tale-of-sadness-rage-and-data-loss xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, 0); - xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, 1); + xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, 0); @xml_parse_into_struct($parser, trim($contents), $xml_values); @xml_parser_free($parser); diff --git a/include/text.php b/include/text.php index af88c9f9c..babc18b44 100644 --- a/include/text.php +++ b/include/text.php @@ -3273,9 +3273,9 @@ function cleanup_bbcode($body) { $body = preg_replace_callback('/\[zrl(.*?)\[\/(zrl)\]/ism','\red_escape_codeblock',$body); - $body = preg_replace_callback("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\pL\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\\ + $body = preg_replace_callback("/([^\]\='".'"'."\/\{]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\pL\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\\ +\,\(\)]+)/ismu", '\nakedoembed', $body); - $body = preg_replace_callback("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\pL\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\\ + $body = preg_replace_callback("/([^\]\='".'"'."\/\{]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\pL\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\\ +\,\(\)]+)/ismu", '\red_zrl_callback', $body); $body = preg_replace_callback('/\[\$b64zrl(.*?)\[\/(zrl)\]/ism','\red_unescape_codeblock',$body); -- cgit v1.2.3 From 2f9a04455988620485fb0462c1889af502a20f71 Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Thu, 3 May 2018 12:34:51 +0200 Subject: Revert "hubzilla issue #1151 - activitypub mention gets bookmarked" This reverts commit 285781b8870d1c36cf90a3b38a448719b8bf9d21. --- include/network.php | 4 ++-- include/text.php | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'include') diff --git a/include/network.php b/include/network.php index a00ede6bf..8b7490a8a 100644 --- a/include/network.php +++ b/include/network.php @@ -797,7 +797,7 @@ function xml2array($contents, $namespaces = true, $get_attributes=1, $priority = if($namespaces) $parser = @xml_parser_create_ns("UTF-8",':'); else - $parser = @xml_parser_create('UTF-8'); + $parser = @xml_parser_create(); if(! $parser) { logger('xml2array: xml_parser_create: no resource'); @@ -807,7 +807,7 @@ function xml2array($contents, $namespaces = true, $get_attributes=1, $priority = xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, "UTF-8"); // http://minutillo.com/steve/weblog/2004/6/17/php-xml-and-character-encodings-a-tale-of-sadness-rage-and-data-loss xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, 0); - xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, 0); + xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, 1); @xml_parse_into_struct($parser, trim($contents), $xml_values); @xml_parser_free($parser); diff --git a/include/text.php b/include/text.php index babc18b44..af88c9f9c 100644 --- a/include/text.php +++ b/include/text.php @@ -3273,9 +3273,9 @@ function cleanup_bbcode($body) { $body = preg_replace_callback('/\[zrl(.*?)\[\/(zrl)\]/ism','\red_escape_codeblock',$body); - $body = preg_replace_callback("/([^\]\='".'"'."\/\{]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\pL\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\\ + $body = preg_replace_callback("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\pL\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\\ +\,\(\)]+)/ismu", '\nakedoembed', $body); - $body = preg_replace_callback("/([^\]\='".'"'."\/\{]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\pL\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\\ + $body = preg_replace_callback("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\pL\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\\ +\,\(\)]+)/ismu", '\red_zrl_callback', $body); $body = preg_replace_callback('/\[\$b64zrl(.*?)\[\/(zrl)\]/ism','\red_unescape_codeblock',$body); -- cgit v1.2.3