From 7cfa7a7671f0bf8316bc63912452e156fc48129e Mon Sep 17 00:00:00 2001 From: friendica Date: Thu, 17 May 2012 19:59:46 -0700 Subject: tell browser not to cache permission denied (private) photos so that after authenticating we don't have to fight the browser - plus more prvgroup work --- mod/photo.php | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) (limited to 'mod') diff --git a/mod/photo.php b/mod/photo.php index 1d38fe8e4..3cd8250a9 100644 --- a/mod/photo.php +++ b/mod/photo.php @@ -28,6 +28,8 @@ function photo_init(&$a) { } }*/ + $prvcachecontrol = false; + switch($a->argc) { case 4: $person = $a->argv[3]; @@ -134,6 +136,7 @@ function photo_init(&$a) { ); if(count($r)) { $data = file_get_contents('images/nosign.jpg'); + $prvcachecontrol = true; } } } @@ -179,8 +182,22 @@ function photo_init(&$a) { } header("Content-type: image/jpeg"); - header("Expires: " . gmdate("D, d M Y H:i:s", time() + (3600*24)) . " GMT"); - header("Cache-Control: max-age=" . (3600*24)); + + if($prvcachecontrol) { + + // it is a private photo that they have no permission to view. + // tell the browser not to cache it, in case they authenticate + // and subsequently have permission to see it + + header("Cache-Control: no-store, no-cache, must-revalidate"); + + } + else { + + header("Expires: " . gmdate("D, d M Y H:i:s", time() + (3600*24)) . " GMT"); + header("Cache-Control: max-age=" . (3600*24)); + + } echo $data; killme(); // NOTREACHED -- cgit v1.2.3 From 7b0ded3f1478553e1fe93c95c272b99d78f0132b Mon Sep 17 00:00:00 2001 From: friendica Date: Thu, 17 May 2012 22:44:52 -0700 Subject: more private forums, default privacy group for new contacts --- mod/dfrn_request.php | 8 ++++++++ mod/follow.php | 10 ++++++++++ mod/settings.php | 22 ++++++++++++++++++++-- 3 files changed, 38 insertions(+), 2 deletions(-) (limited to 'mod') diff --git a/mod/dfrn_request.php b/mod/dfrn_request.php index 2169c494c..b809929d7 100644 --- a/mod/dfrn_request.php +++ b/mod/dfrn_request.php @@ -370,6 +370,14 @@ function dfrn_request_post(&$a) { if(count($r)) { $contact_id = $r[0]['id']; + $g = q("select def_gid from user where uid = %d limit 1", + intval($uid) + ); + if($g && intval($g[0]['def_gid'])) { + require_once('include/group.php'); + group_add_member($uid,'',$contact_id,$g[0]['def_gid']); + } + $photo = avatar_img($addr); $r = q("UPDATE `contact` SET diff --git a/mod/follow.php b/mod/follow.php index 4a7f99bf0..cdecd5f2a 100644 --- a/mod/follow.php +++ b/mod/follow.php @@ -109,6 +109,7 @@ function follow_init(&$a) { dbesc($ret['poll']) ); + if(count($r)) { // update contact if($r[0]['rel'] == CONTACT_IS_FOLLOWER || ($network === NETWORK_DIASPORA && $r[0]['rel'] == CONTACT_IS_SHARING)) { @@ -165,6 +166,15 @@ function follow_init(&$a) { $contact = $r[0]; $contact_id = $r[0]['id']; + + $g = q("select def_gid from user where uid = %d limit 1", + intval($uid) + ); + if($g && intval($g[0]['def_gid'])) { + require_once('include/group.php'); + group_add_member($uid,'',$contact_id,$g[0]['def_gid']); + } + require_once("Photo.php"); $photos = import_profile_photo($ret['photo'],$uid,$contact_id); diff --git a/mod/settings.php b/mod/settings.php index 5f5b2ab2e..23dde3f2a 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -330,6 +330,7 @@ function settings_post(&$a) { $openid = ((x($_POST,'openid_url')) ? notags(trim($_POST['openid_url'])) : ''); $maxreq = ((x($_POST,'maxreq')) ? intval($_POST['maxreq']) : 0); $expire = ((x($_POST,'expire')) ? intval($_POST['expire']) : 0); + $def_gid = ((x($_POST,'group-selection')) ? intval($_POST['group-selection']) : 0); $expire_items = ((x($_POST,'expire_items')) ? intval($_POST['expire_items']) : 0); @@ -355,6 +356,9 @@ function settings_post(&$a) { $post_joingroup = (($_POST['post_joingroup'] == 1) ? 1: 0); $post_profilechange = (($_POST['post_profilechange'] == 1) ? 1: 0); + if($page_flags == PAGE_PRVGROUP) { + $hidewall = 1; + } $notify = 0; @@ -441,7 +445,7 @@ function settings_post(&$a) { set_pconfig(local_user(),'system','post_profilechange', $post_profilechange); - $r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `openid` = '%s', `timezone` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `notify-flags` = %d, `page-flags` = %d, `default-location` = '%s', `allow_location` = %d, `maxreq` = %d, `expire` = %d, `openidserver` = '%s', `blockwall` = %d, `hidewall` = %d, `blocktags` = %d, `unkmail` = %d, `cntunkmail` = %d WHERE `uid` = %d LIMIT 1", + $r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `openid` = '%s', `timezone` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `notify-flags` = %d, `page-flags` = %d, `default-location` = '%s', `allow_location` = %d, `maxreq` = %d, `expire` = %d, `openidserver` = '%s', `def_gid` = %d, `blockwall` = %d, `hidewall` = %d, `blocktags` = %d, `unkmail` = %d, `cntunkmail` = %d WHERE `uid` = %d LIMIT 1", dbesc($username), dbesc($email), dbesc($openid), @@ -457,6 +461,7 @@ function settings_post(&$a) { intval($maxreq), intval($expire), dbesc($openidserver), + intval($def_gid), intval($blockwall), intval($hidewall), intval($blocktags), @@ -833,6 +838,13 @@ function settings_content(&$a) { '$page_freelove' => array('page-flags', t('Automatic Friend Account'), PAGE_FREELOVE, t('Automatically approve all connection/friend requests as friends'), ($a->user['page-flags'] == PAGE_FREELOVE)), + + '$page_prvgroup' => array('page-flags', t('Private Forum'), PAGE_PRVGROUP, + t('Private forum - approved members only [Experimental]'), + ($a->user['page-flags'] == PAGE_PRVGROUP)), + + '$experimental' => ( (intval(get_config('system','prvgroup_testing'))) ? 'true' : ''), + )); $noid = get_config('system','no_openid'); @@ -934,6 +946,9 @@ function settings_content(&$a) { 'photos' => array('expire_photos', t("Expire photos:"), $expire_photos, '', array(t('No'),t('Yes'))), ); + require_once('include/group.php'); + $group_select = mini_group_select(local_user(),$a->user['def_gid']); + $o .= replace_macros($stpl,array( '$ptitle' => t('Account Settings'), @@ -941,7 +956,6 @@ function settings_content(&$a) { '$baseurl' => $a->get_baseurl(true), '$uid' => local_user(), '$form_security_token' => get_form_security_token("settings"), - '$nickname_block' => $prof_addr, '$h_pass' => t('Password Settings'), @@ -968,6 +982,10 @@ function settings_content(&$a) { '$suggestme' => $suggestme, '$blockwall'=> $blockwall, // array('blockwall', t('Allow friends to post to your profile page:'), !$blockwall, ''), '$blocktags'=> $blocktags, // array('blocktags', t('Allow friends to tag your posts:'), !$blocktags, ''), + '$group_lbl_select' => t('Default privacy group for new contacts'), + '$group_select' => $group_select, + + '$expire' => $expire_arr, '$profile_in_dir' => $profile_in_dir, -- cgit v1.2.3 From 1d157fc747232a158209367e2ebaeadc3f3a56ec Mon Sep 17 00:00:00 2001 From: friendica Date: Thu, 17 May 2012 23:05:41 -0700 Subject: make it difficult to setup a private forum with no privacy --- mod/settings.php | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) (limited to 'mod') diff --git a/mod/settings.php b/mod/settings.php index 23dde3f2a..8c7b1c49c 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -356,10 +356,6 @@ function settings_post(&$a) { $post_joingroup = (($_POST['post_joingroup'] == 1) ? 1: 0); $post_profilechange = (($_POST['post_profilechange'] == 1) ? 1: 0); - if($page_flags == PAGE_PRVGROUP) { - $hidewall = 1; - } - $notify = 0; if(x($_POST,'notify1')) @@ -445,6 +441,19 @@ function settings_post(&$a) { set_pconfig(local_user(),'system','post_profilechange', $post_profilechange); + if($page_flags == PAGE_PRVGROUP) { + $hidewall = 1; + if((! str_contact_allow) && (! str_group_allow) && (! str_contact_deny) && (! $str_group_deny)) { + if($def_gid) { + info( t('Private forum has no privacy permissions. Using default privacy group.'). EOL); + $str_group_allow = '<' . $def_gid . '>'; + } + else { + notice( t('Private forum has no privacy permissions and no default privacy group.') . EOL); + } + } + } + $r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `openid` = '%s', `timezone` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `notify-flags` = %d, `page-flags` = %d, `default-location` = '%s', `allow_location` = %d, `maxreq` = %d, `expire` = %d, `openidserver` = '%s', `def_gid` = %d, `blockwall` = %d, `hidewall` = %d, `blocktags` = %d, `unkmail` = %d, `cntunkmail` = %d WHERE `uid` = %d LIMIT 1", dbesc($username), dbesc($email), -- cgit v1.2.3 From 5ecaeb8e5c9fb01ee768df2a650d2187d971b105 Mon Sep 17 00:00:00 2001 From: friendica Date: Fri, 18 May 2012 01:03:46 -0700 Subject: catch more places to apply default group --- mod/dfrn_confirm.php | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'mod') diff --git a/mod/dfrn_confirm.php b/mod/dfrn_confirm.php index 2b25095fd..227d72cbf 100644 --- a/mod/dfrn_confirm.php +++ b/mod/dfrn_confirm.php @@ -500,6 +500,16 @@ function dfrn_confirm_post(&$a,$handsfree = null) { } } } + + + $g = q("select def_gid from user where uid = %d limit 1", + intval($uid) + ); + if($contact && $g && intval($g[0]['def_gid'])) { + require_once('include/group.php'); + group_add_member($uid,'',$contact[0]['id'],$g[0]['def_gid']); + } + // Let's send our user to the contact editor in case they want to // do anything special with this new friend. -- cgit v1.2.3 From 34b79b4f2b8b9a563717ca60bc55ff868c29df1a Mon Sep 17 00:00:00 2001 From: friendica Date: Fri, 18 May 2012 01:38:11 -0700 Subject: theming for default group selector --- mod/settings.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'mod') diff --git a/mod/settings.php b/mod/settings.php index 8c7b1c49c..40fa55eea 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -991,7 +991,7 @@ function settings_content(&$a) { '$suggestme' => $suggestme, '$blockwall'=> $blockwall, // array('blockwall', t('Allow friends to post to your profile page:'), !$blockwall, ''), '$blocktags'=> $blocktags, // array('blocktags', t('Allow friends to tag your posts:'), !$blocktags, ''), - '$group_lbl_select' => t('Default privacy group for new contacts'), + '$group_select' => $group_select, -- cgit v1.2.3 From 4133df62234cc3466f34b8a7d52147a1e422bbc0 Mon Sep 17 00:00:00 2001 From: friendica Date: Fri, 18 May 2012 17:55:11 -0700 Subject: profile change activity link bug --- mod/profiles.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'mod') diff --git a/mod/profiles.php b/mod/profiles.php index c72a233c2..26fc88765 100644 --- a/mod/profiles.php +++ b/mod/profiles.php @@ -329,7 +329,7 @@ function profile_activity($changed, $value) { if($t == 1 && strlen($value)) { $message = sprintf( t('%1$s changed %2$s to “%3$s”'), $A, $changes, $value); - $message .= "\n\n" . sprintf( t(" - Visit %1$s\'s %2$s"), $A, $prof); + $message .= "\n\n" . sprintf( t(' - Visit %1$s\'s %2$s'), $A, $prof); } else $message = sprintf( t('%1$s has an updated %2$s, changing %3$s.'), $A, $prof, $changes); -- cgit v1.2.3 From 513ef2410d9b892c8ebcb7ceac96b97023c3b5a5 Mon Sep 17 00:00:00 2001 From: friendica Date: Sat, 19 May 2012 02:42:11 -0700 Subject: backend support for 'x' deliveries per process - x is configurable, more importantly any search starting with # is automatically a tag search. TODO: Need to extend this to people searches starting with @ --- mod/search.php | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'mod') diff --git a/mod/search.php b/mod/search.php index d467764b0..635c87b70 100644 --- a/mod/search.php +++ b/mod/search.php @@ -96,6 +96,12 @@ function search_content(&$a) { $o .= search($search,'search-box','/search',((local_user()) ? true : false)); + + if(strpos($search,'#') === 0) { + $tag = true; + $search = substr($search,1); + } + if(! $search) return $o; -- cgit v1.2.3 From 8c80fe0bf51fa472ddf9bf225490e47ea1bf4a7f Mon Sep 17 00:00:00 2001 From: Michael Vogel Date: Sun, 20 May 2012 00:11:32 +0200 Subject: Performance tests --- mod/network.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'mod') diff --git a/mod/network.php b/mod/network.php index e59839ccc..c5347756c 100644 --- a/mod/network.php +++ b/mod/network.php @@ -413,7 +413,7 @@ function network_content(&$a, $update = 0) { $myurl = str_replace(array('www.','.'),array('','\\.'),$myurl); $diasp_url = str_replace('/profile/','/u/',$myurl); $sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where ( `author-link` like '%s' or `tag` like '%s' or tag like '%s' )) ", - dbesc(protect_sprintf('%s' . $myurl)), + dbesc(protect_sprintf('%' . $myurl)), dbesc(protect_sprintf('%' . $myurl . '\\]%')), dbesc(protect_sprintf('%' . $diasp_url . '\\]%')) ); -- cgit v1.2.3 From dd86f40f9608afe7b58784530bd2cf117397c59b Mon Sep 17 00:00:00 2001 From: friendica Date: Sat, 19 May 2012 16:42:24 -0700 Subject: set comment permissions explicitly to parent permissions --- mod/item.php | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) (limited to 'mod') diff --git a/mod/item.php b/mod/item.php index 639379fe0..9f6b2aef4 100644 --- a/mod/item.php +++ b/mod/item.php @@ -218,14 +218,23 @@ function item_post(&$a) { $private = ((strlen($str_group_allow) || strlen($str_contact_allow) || strlen($str_group_deny) || strlen($str_contact_deny)) ? 1 : 0); - if(($parent_item) && - (($parent_item['private']) + // If this is a comment, set the permissions from the parent. + + if($parent_item) { + $private = 0; + + if(($parent_item['private']) || strlen($parent_item['allow_cid']) || strlen($parent_item['allow_gid']) || strlen($parent_item['deny_cid']) - || strlen($parent_item['deny_gid']) - )) { - $private = 1; + || strlen($parent_item['deny_gid'])) { + $private = 1; + } + + $str_contact_allow = $parent_item['allow_cid']; + $str_group_allow = $parent_item['allow_gid']; + $str_contact_deny = $parent_item['deny_cid']; + $str_group_deny = $parent_item['deny_gid']; } $pubmail_enable = ((x($_REQUEST,'pubmail_enable') && intval($_REQUEST['pubmail_enable']) && (! $private)) ? 1 : 0); -- cgit v1.2.3 From f16a1199408d167bbc7c52dc408ef02b36808317 Mon Sep 17 00:00:00 2001 From: friendica Date: Sat, 19 May 2012 21:53:27 -0700 Subject: search with leading @ performs directory search (# for tag search), nothing for text search --- mod/dirfind.php | 3 +++ mod/search.php | 6 +++++- 2 files changed, 8 insertions(+), 1 deletion(-) (limited to 'mod') diff --git a/mod/dirfind.php b/mod/dirfind.php index 34c54dd91..5c5d0e933 100644 --- a/mod/dirfind.php +++ b/mod/dirfind.php @@ -17,6 +17,9 @@ function dirfind_init(&$a) { function dirfind_content(&$a) { $search = notags(trim($_REQUEST['search'])); + + if(strpos($search,'@') === 0) + $search = substr($search,1); $o = ''; diff --git a/mod/search.php b/mod/search.php index 635c87b70..3e6bf68aa 100644 --- a/mod/search.php +++ b/mod/search.php @@ -80,7 +80,7 @@ function search_content(&$a) { $o = '' . "\r\n"; - $o .= '

' . t('Search This Site') . '

'; + $o .= '

' . t('Search') . '

'; if(x($a->data,'search')) $search = notags(trim($a->data['search'])); @@ -101,6 +101,10 @@ function search_content(&$a) { $tag = true; $search = substr($search,1); } + if(strpos($search,'@') === 0) { + require_once('mod/dirfind.php'); + return dirfind_content($a); + } if(! $search) return $o; -- cgit v1.2.3 From afaf9ec74fe0662de76deabd11d630f871802579 Mon Sep 17 00:00:00 2001 From: friendica Date: Sun, 20 May 2012 18:30:02 -0700 Subject: rev update --- mod/dfrn_confirm.php | 15 ++++----------- mod/hostxrd.php | 22 +++------------------- mod/register.php | 37 ++++++++----------------------------- 3 files changed, 15 insertions(+), 59 deletions(-) (limited to 'mod') diff --git a/mod/dfrn_confirm.php b/mod/dfrn_confirm.php index 227d72cbf..093993bbc 100644 --- a/mod/dfrn_confirm.php +++ b/mod/dfrn_confirm.php @@ -144,19 +144,12 @@ function dfrn_confirm_post(&$a,$handsfree = null) { * worried about key leakage than anybody cracking it. * */ + require_once('include/crypto.php'); - $res = openssl_pkey_new(array( - 'digest_alg' => 'sha1', - 'private_key_bits' => 4096, - 'encrypt_key' => false ) - ); - - $private_key = ''; - - openssl_pkey_export($res, $private_key); + $res = new_keypair(1024); - $pubkey = openssl_pkey_get_details($res); - $public_key = $pubkey["key"]; + $private_key = $res['prvkey']; + $public_key = $res['pubkey']; // Save the private key. Send them the public key. diff --git a/mod/hostxrd.php b/mod/hostxrd.php index fe61a874c..9b2411f26 100644 --- a/mod/hostxrd.php +++ b/mod/hostxrd.php @@ -8,26 +8,10 @@ function hostxrd_init(&$a) { $pubkey = get_config('system','site_pubkey'); if(! $pubkey) { + $res = new_keypair(1024); - // should only have to ever do this once. - - $res=openssl_pkey_new(array( - 'digest_alg' => 'sha1', - 'private_key_bits' => 4096, - 'encrypt_key' => false )); - - - $prvkey = ''; - - openssl_pkey_export($res, $prvkey); - - // Get public key - - $pkey = openssl_pkey_get_details($res); - $pubkey = $pkey["key"]; - - set_config('system','site_prvkey', $prvkey); - set_config('system','site_pubkey', $pubkey); + set_config('system','site_prvkey', $res['prvkey']); + set_config('system','site_pubkey', $res['pubkey']); } $tpl = file_get_contents('view/xrd_host.tpl'); diff --git a/mod/register.php b/mod/register.php index b60707d45..58bba8533 100644 --- a/mod/register.php +++ b/mod/register.php @@ -171,26 +171,17 @@ function register_post(&$a) { $new_password = autoname(6) . mt_rand(100,9999); $new_password_encoded = hash('whirlpool',$new_password); - $res=openssl_pkey_new(array( - 'digest_alg' => 'sha1', - 'private_key_bits' => 4096, - 'encrypt_key' => false )); + require_once('include/crypto.php'); - // Get private key + $result = new_keypair(1024); - if(empty($res)) { + if($result === false) { notice( t('SERIOUS ERROR: Generation of security keys failed.') . EOL); return; } - $prvkey = ''; - - openssl_pkey_export($res, $prvkey); - - // Get public key - - $pkey = openssl_pkey_get_details($res); - $pubkey = $pkey["key"]; + $prvkey = $result['prvkey']; + $pubkey = $result['pubkey']; /** * @@ -203,21 +194,9 @@ function register_post(&$a) { * */ - $sres=openssl_pkey_new(array( - 'digest_alg' => 'sha1', - 'private_key_bits' => 512, - 'encrypt_key' => false )); - - // Get private key - - $sprvkey = ''; - - openssl_pkey_export($sres, $sprvkey); - - // Get public key - - $spkey = openssl_pkey_get_details($sres); - $spubkey = $spkey["key"]; + $sres = new_keypair(512); + $sprvkey = $sres['prvkey']; + $spubkey = $sres['pubkey']; $r = q("INSERT INTO `user` ( `guid`, `username`, `password`, `email`, `openid`, `nickname`, `pubkey`, `prvkey`, `spubkey`, `sprvkey`, `register_date`, `verified`, `blocked`, `timezone` ) -- cgit v1.2.3 From 54e2c1ca81b99d4ac418e9287e00440de1fdc664 Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 21 May 2012 16:40:11 -0700 Subject: rev update, bug 428, 429, and ability to block globaldir submissions from demo sites --- mod/admin.php | 2 +- mod/photos.php | 14 ++++++++++++++ 2 files changed, 15 insertions(+), 1 deletion(-) (limited to 'mod') diff --git a/mod/admin.php b/mod/admin.php index 2810c8a8a..1f53f112d 100644 --- a/mod/admin.php +++ b/mod/admin.php @@ -417,7 +417,7 @@ function admin_page_site(&$a) { '$maximagesize' => array('maximagesize', t("Maximum image size"), get_config('system','maximagesize'), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")), '$register_policy' => array('register_policy', t("Register policy"), $a->config['register_policy'], "", $register_choices), - '$register_text' => array('register_text', t("Register text"), htmlentities($a->config['register_text'], ENT_QUOTES), t("Will be displayed prominently on the registration page.")), + '$register_text' => array('register_text', t("Register text"), htmlentities($a->config['register_text'], ENT_QUOTES, 'UTF-8'), t("Will be displayed prominently on the registration page.")), '$abandon_days' => array('abandon_days', t('Accounts abandoned after x days'), get_config('system','account_abandon_days'), t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.')), '$allowed_sites' => array('allowed_sites', t("Allowed friend domains"), get_config('system','allowed_sites'), t("Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains")), '$allowed_email' => array('allowed_email', t("Allowed email domains"), get_config('system','allowed_email'), t("Comma separated list of domains which are allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains")), diff --git a/mod/photos.php b/mod/photos.php index 8da94841e..082947bdb 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -977,9 +977,16 @@ function photos_content(&$a) { $tpl = get_markup_template('photo_album.tpl'); if(count($r)) + $twist = 'rotright'; foreach($r as $rr) { + if($twist == 'rotright') + $twist = 'rotleft'; + else + $twist = 'rotright'; + $o .= replace_macros($tpl,array( '$id' => $rr['id'], + '$twist' => ' ' . $twist . rand(2,4), '$photolink' => $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $rr['resource-id'], '$phototitle' => t('View Photo'), '$imgsrc' => $a->get_baseurl() . '/photo/' . $rr['resource-id'] . '-' . $rr['scale'] . '.jpg', @@ -1400,9 +1407,16 @@ function photos_content(&$a) { $photos = array(); if(count($r)) { + $twist = 'rotright'; foreach($r as $rr) { + if($twist == 'rotright') + $twist = 'rotleft'; + else + $twist = 'rotright'; + $photos[] = array( 'id' => $rr['id'], + 'twist' => ' ' . $twist . rand(2,4), 'link' => $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $rr['resource-id'], 'title' => t('View Photo'), 'src' => $a->get_baseurl() . '/photo/' . $rr['resource-id'] . '-' . ((($rr['scale']) == 6) ? 4 : $rr['scale']) . '.jpg', -- cgit v1.2.3 From a16382529135a76c5afaf4d4189856734a8e7f58 Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 21 May 2012 22:54:39 -0700 Subject: redir links for permission controlled attachments --- mod/item.php | 16 ++++++---------- mod/redir.php | 2 +- 2 files changed, 7 insertions(+), 11 deletions(-) (limited to 'mod') diff --git a/mod/item.php b/mod/item.php index 9f6b2aef4..81dd553cd 100644 --- a/mod/item.php +++ b/mod/item.php @@ -290,18 +290,16 @@ function item_post(&$a) { $author = null; $self = false; - if(($_SESSION['uid']) && ($_SESSION['uid'] == $profile_uid)) { + if((local_user()) && (local_user() == $profile_uid)) { $self = true; $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1", intval($_SESSION['uid']) ); } - else { - if((x($_SESSION,'visitor_id')) && (intval($_SESSION['visitor_id']))) { - $r = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1", - intval($_SESSION['visitor_id']) - ); - } + elseif(remote_user()) { + $r = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1", + intval(remote_user()) + ); } if(count($r)) { @@ -311,7 +309,7 @@ function item_post(&$a) { // get contact info for owner - if($profile_uid == $_SESSION['uid']) { + if($profile_uid == local_user()) { $contact_record = $author; } else { @@ -322,8 +320,6 @@ function item_post(&$a) { $contact_record = $r[0]; } - - $post_type = notags(trim($_REQUEST['type'])); if($post_type === 'net-comment') { diff --git a/mod/redir.php b/mod/redir.php index 9223e5483..0f7b5cc23 100644 --- a/mod/redir.php +++ b/mod/redir.php @@ -6,7 +6,7 @@ function redir_init(&$a) { // traditional DFRN - if(local_user() && $a->argc == 2 && intval($a->argv[1])) { + if(local_user() && $a->argc > 1 && intval($a->argv[1])) { $cid = $a->argv[1]; -- cgit v1.2.3 From f29f861d25c443075c1bd310313aaf52596402a3 Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 22 May 2012 03:44:03 -0700 Subject: add queue totals to admin summary page --- mod/admin.php | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) (limited to 'mod') diff --git a/mod/admin.php b/mod/admin.php index 1f53f112d..d19118b78 100644 --- a/mod/admin.php +++ b/mod/admin.php @@ -115,7 +115,7 @@ function admin_content(&$a) { $aside['logs'] = Array($a->get_baseurl(true)."/admin/logs/", t("Logs"), "logs"); $t = get_markup_template("admin_aside.tpl"); - $a->page['aside'] = replace_macros( $t, array( + $a->page['aside'] .= replace_macros( $t, array( '$admin' => $aside, '$h_pending' => t('User registrations waiting for confirmation'), '$admurl'=> $a->get_baseurl(true)."/admin/" @@ -182,6 +182,7 @@ function admin_page_summary(&$a) { Array( t('Community/Celebrity Account'), 0), Array( t('Automatic Friend Account'), 0) ); + $users=0; foreach ($r as $u){ $accounts[$u['page-flags']][1] = $u['count']; $users+= $u['count']; } @@ -190,10 +191,22 @@ function admin_page_summary(&$a) { $r = q("SELECT COUNT(id) as `count` FROM `register`"); $pending = $r[0]['count']; + $r = q("select count(*) as total from deliverq where 1"); + $deliverq = (($r) ? $r[0]['total'] : 0); + + $r = q("select count(*) as total from queue where 1"); + $queue = (($r) ? $r[0]['total'] : 0); + + // We can do better, but this is a quick queue status + + $queues = array( 'label' => t('Message queues'), 'deliverq' => $deliverq, 'queue' => $queue ); + + $t = get_markup_template("admin_summary.tpl"); return replace_macros($t, array( '$title' => t('Administration'), '$page' => t('Summary'), + '$queues' => $queues, '$users' => Array( t('Registered users'), $users), '$accounts' => $accounts, '$pending' => Array( t('Pending registrations'), $pending), -- cgit v1.2.3 From e70573f34cb6729f45cb020ee9349c8ff948ff3b Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 22 May 2012 16:01:07 -0700 Subject: if identity (uid) changes - reload any other open browser windows on next ping. --- mod/ping.php | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'mod') diff --git a/mod/ping.php b/mod/ping.php index 63aaa0f45..55dcb26bb 100644 --- a/mod/ping.php +++ b/mod/ping.php @@ -10,8 +10,16 @@ function ping_init(&$a) { "; $xmlhead="<"."?xml version='1.0' encoding='UTF-8' ?".">"; + if(local_user()){ + // Different login session than the page that is calling us. + + if(intval($_GET['uid']) && intval($_GET['uid']) != local_user()) { + echo '1'; + killme(); + } + $firehose = intval(get_pconfig(local_user(),'system','notify_full')); $t = q("select count(*) as total from notify where uid = %d and seen = 0", -- cgit v1.2.3 From 3ac7c4e8599266aba69bf521c7ba94393df3c728 Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 22 May 2012 21:20:31 -0700 Subject: keep FB out of private notes --- mod/network.php | 6 +++++- mod/notes.php | 4 ++-- 2 files changed, 7 insertions(+), 3 deletions(-) (limited to 'mod') diff --git a/mod/network.php b/mod/network.php index e59839ccc..f43eeb67e 100644 --- a/mod/network.php +++ b/mod/network.php @@ -108,6 +108,10 @@ function network_content(&$a, $update = 0) { return login(false); } + $arr = array('query' => $a->query_string); + + call_hooks('network_content_init', $arr); + $o = ''; // item filter tabs @@ -157,7 +161,7 @@ function network_content(&$a, $update = 0) { $all_active = 'active'; } - + $postord_active = ''; if($all_active && x($_GET,'order') && $_GET['order'] !== 'comment') { diff --git a/mod/notes.php b/mod/notes.php index e6e2b44fb..0072ce447 100644 --- a/mod/notes.php +++ b/mod/notes.php @@ -81,7 +81,7 @@ function notes_content(&$a,$update = false) { $r = q("SELECT COUNT(*) AS `total` FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` WHERE `item`.`uid` = %d AND `item`.`visible` = 1 and `item`.`moderated` = 0 AND `item`.`deleted` = 0 - AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 + AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `contact`.`self` = 1 AND `item`.`id` = `item`.`parent` AND `item`.`wall` = 0 $sql_extra ", intval(local_user()) @@ -96,7 +96,7 @@ function notes_content(&$a,$update = false) { $r = q("SELECT `item`.`id` AS `item_id`, `contact`.`uid` AS `contact-uid` FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0 - AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 + AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `contact`.`self` = 1 AND `item`.`id` = `item`.`parent` AND `item`.`wall` = 0 $sql_extra ORDER BY `item`.`created` DESC LIMIT %d ,%d ", -- cgit v1.2.3 From 61dba985c14ebcfd20d18b579aee9b781f98bc23 Mon Sep 17 00:00:00 2001 From: friendica Date: Wed, 23 May 2012 01:01:04 -0700 Subject: photo rotation --- mod/photos.php | 58 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 57 insertions(+), 1 deletion(-) (limited to 'mod') diff --git a/mod/photos.php b/mod/photos.php index 082947bdb..3ce6f9934 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -287,6 +287,7 @@ function photos_post(&$a) { if(($a->argc > 2) && ((x($_POST,'desc') !== false) || (x($_POST,'newtag') !== false)) || (x($_POST,'albname') !== false)) { + $desc = ((x($_POST,'desc')) ? notags(trim($_POST['desc'])) : ''); $rawtags = ((x($_POST,'newtag')) ? notags(trim($_POST['newtag'])) : ''); $item_id = ((x($_POST,'item_id')) ? intval($_POST['item_id']) : 0); @@ -300,7 +301,61 @@ function photos_post(&$a) { if(! strlen($albname)) $albname = datetime_convert('UTC',date_default_timezone_get(),'now', 'Y'); + + + if((x($_POST,'rotate') !== false) && (intval($_POST['rotate']) == 1)) { + logger('rotate'); + + $r = q("select * from photo where `resource-id` = '%s' and uid = %d and scale = 0 limit 1", + dbesc($resource_id), + intval($page_owner_uid) + ); + if(count($r)) { + $ph = new Photo($r[0]['data']); + if($ph->is_valid()) { + $ph->rotate(270); + + $width = $ph->getWidth(); + $height = $ph->getHeight(); + + $x = q("update photo set data = '%s', height = %d, width = %d where `resource-id` = '%s' and uid = %d and scale = 0 limit 1", + dbesc($ph->imageString()), + intval($height), + intval($width), + dbesc($resource_id), + intval($page_owner_uid) + ); + + if($width > 640 || $height > 640) { + $ph->scaleImage(640); + $width = $ph->getWidth(); + $height = $ph->getHeight(); + $x = q("update photo set data = '%s', height = %d, width = %d where `resource-id` = '%s' and uid = %d and scale = 1 limit 1", + dbesc($ph->imageString()), + intval($height), + intval($width), + dbesc($resource_id), + intval($page_owner_uid) + ); + } + + if($width > 320 || $height > 320) { + $ph->scaleImage(320); + $width = $ph->getWidth(); + $height = $ph->getHeight(); + + $x = q("update photo set data = '%s', height = %d, width = %d where `resource-id` = '%s' and uid = %d and scale = 2 limit 1", + dbesc($ph->imageString()), + intval($height), + intval($width), + dbesc($resource_id), + intval($page_owner_uid) + ); + } + } + } + } $p = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d ORDER BY `scale` DESC", dbesc($resource_id), @@ -1105,7 +1160,7 @@ function photos_content(&$a) { $photo = array( 'href' => $a->get_baseurl() . '/photo/' . $hires['resource-id'] . '-' . $hires['scale'] . '.jpg', 'title'=> t('View Full Size'), - 'src' => $a->get_baseurl() . '/photo/' . $lores['resource-id'] . '-' . $lores['scale'] . '.jpg' + 'src' => $a->get_baseurl() . '/photo/' . $lores['resource-id'] . '-' . $lores['scale'] . '.jpg' . '?f=&_u=' . datetime_convert('','','','ymdhis') ); if($nextlink) @@ -1185,6 +1240,7 @@ function photos_content(&$a) { $edit_tpl = get_markup_template('photo_edit.tpl'); $edit = replace_macros($edit_tpl, array( '$id' => $ph[0]['id'], + '$rotate' => t('Rotate CW'), '$album' => template_escape($ph[0]['album']), '$newalbum' => t('New album name'), '$nickname' => $a->data['user']['nickname'], -- cgit v1.2.3 From 325343a4922543a0043b91054984354624cf5504 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 23 May 2012 07:38:31 -0400 Subject: Update install wizard - writable .htconfig.php not required - add test for working .htaccess/mod_rewrite configuration - fix last pass: create tables, eventually show config text and print a "What next" section --- mod/install.php | 87 ++++++++++++++++++++++++++++++++++----------------------- 1 file changed, 52 insertions(+), 35 deletions(-) (limited to 'mod') diff --git a/mod/install.php b/mod/install.php index 6f5552076..1bdb792a9 100644 --- a/mod/install.php +++ b/mod/install.php @@ -4,6 +4,12 @@ $install_wizard_pass=1; function install_init(&$a){ + + // $baseurl/install/testrwrite to test if rewite in .htaccess is working + if ($a->argc==2 && $a->argv[1]=="testrewrite") { + echo "ok"; + killme(); + } global $install_wizard_pass; if (x($_POST,'pass')) $install_wizard_pass = intval($_POST['pass']); @@ -110,14 +116,7 @@ function install_content(&$a) { $wizard_status = ""; $install_title = t('Friendica Social Communications Server - Setup'); - if(x($a->data,'txt') && strlen($a->data['txt'])) { - $tpl = get_markup_template('install.tpl'); - return replace_macros($tpl, array( - '$title' => $install_title, - '$pass' => t('Database connection'), - '$text' => manual_config($a), - )); - } + if(x($a->data,'db_conn_failed')) { $install_wizard_pass = 2; @@ -128,39 +127,20 @@ function install_content(&$a) { $wizard_status = t('Could not create table.'); } + $db_return_text=""; if(x($a->data,'db_installed')) { $txt = '

'; $txt .= t('Your Friendica site database has been installed.') . EOL; - $txt .= t('IMPORTANT: You will need to [manually] setup a scheduled task for the poller.') . EOL ; - $txt .= t('Please see the file "INSTALL.txt".') . EOL ; - $txt .= '
'; - $txt .= '' . t('Proceed to registration') . '' ; - $txt .= '

'; - - $tpl = get_markup_template('install.tpl'); - return replace_macros($tpl, array( - '$title' => $install_title, - '$pass' => t('Proceed with Installation'), - '$text' => $txt, - )); - + $db_return_text .= $txt; } if(x($a->data,'db_failed')) { $txt = t('You may need to import the file "database.sql" manually using phpmyadmin or mysql.') . EOL; $txt .= t('Please see the file "INSTALL.txt".') . EOL ."
" ; $txt .= "
".$a->data['db_failed'] . "
". EOL ; - - $tpl = get_markup_template('install.tpl'); - return replace_macros($tpl, array( - '$title' => $install_title, - '$pass' => t('Database connection'), - '$status' => t('Database import failed.'), - '$text' => $txt, - )); - + $db_return_text .= $txt; } - + if($db && $db->connected) { $r = q("SELECT COUNT(*) as `total` FROM `user`"); if($r && count($r) && $r[0]['total']) { @@ -174,6 +154,19 @@ function install_content(&$a) { } } + if(x($a->data,'txt') && strlen($a->data['txt'])) { + $tpl = get_markup_template('install.tpl'); + $db_return_text .= manual_config($a); + } + + if ($db_return_text!="") { + return replace_macros($tpl, array( + '$title' => $install_title, + '$pass' => "", + '$text' => $db_return_text . what_next(), + )); + } + switch ($install_wizard_pass){ case 1: { // System check @@ -191,7 +184,8 @@ function install_content(&$a) { check_php($phpath, $checks); - + check_htaccess($checks); + function check_passed($v, $c){ if ($c['required']) $v = $v && $c['status']; @@ -422,14 +416,26 @@ function check_htconfig(&$checks) { $status=false; $help = t('The web installer needs to be able to create a file called ".htconfig.php" in the top folder of your web server and it is unable to do so.') .EOL; $help .= t('This is most often a permission setting, as the web server may not be able to write files in your folder - even if you can.').EOL; - $help .= t('Please check with your site documentation or support people to see if this situation can be corrected.').EOL; - $help .= t('If not, you may be required to perform a manual installation. Please see the file "INSTALL.txt" for instructions.').EOL; + $help .= t('At the end of this procedure, we will give you a text to save in a file named .htconfig.php in your Friendica top folder.').EOL; + $help .= t('You can alternatively skip this procedure and perform a manual installation. Please see the file "INSTALL.txt" for instructions.').EOL; } - check_add($checks, t('.htconfig.php is writable'), $status, true, $help); + check_add($checks, t('.htconfig.php is writable'), $status, false, $help); } +function check_htaccess(&$checks) { + $a = get_app(); + $status = true; + $help = ""; + $test = fetch_url($a->get_baseurl()."/install/testrewrite"); + if ($test!="ok") { + $status = false; + $help = t('Url rewrite in .htconfig is not working. Check your server configuration.'); + } + check_add($checks, t('Url rewrite is working'), $status, true, $help); +} + function manual_config(&$a) { $data = htmlentities($a->data['txt']); @@ -465,5 +471,16 @@ function load_database($db) { return $errors; } +function what_next() { + $a = get_app(); + $baseurl = $a->get_baseurl(); + return + t('

What next

') + ."

".t('IMPORTANT: You will need to [manually] setup a scheduled task for the poller.') + .t('Please see the file "INSTALL.txt".') + ."

" + .t("Go to your new Firendica node registration page and register as new user. Remember to use the same email you have entered as administrator email. This will allow you to enter the site admin panel.") + ."

"; +} -- cgit v1.2.3 From a5b8339a75858d17d9b50f3694fe89daae1414fe Mon Sep 17 00:00:00 2001 From: root Date: Thu, 24 May 2012 04:21:33 -0400 Subject: install wizard: fix php executable path - php executable not required - "check again" button submit form instead of reload page via js - checks form submit to install module without redirect --- mod/install.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'mod') diff --git a/mod/install.php b/mod/install.php index 1bdb792a9..6d6232a95 100644 --- a/mod/install.php +++ b/mod/install.php @@ -315,14 +315,16 @@ function check_php(&$phpath, &$checks) { $help = ""; if(!$passed) { $help .= t('Could not find a command line version of PHP in the web server PATH.'). EOL; + $help .= t("If you don't have a command line version of PHP installed on server, you will not be able to run background polling via cron. See 'Activating scheduled tasks'") . EOL ; + $help .= EOL . EOL ; $tpl = get_markup_template('field_input.tpl'); $help .= replace_macros($tpl, array( - '$field' => array('phpath', t('PHP executable path'), $phpath, t('Enter full path to php executable')), + '$field' => array('phpath', t('PHP executable path'), $phpath, t('Enter full path to php executable. You can leave this blank to continue the installation.')), )); $phpath=""; } - check_add($checks, t('Command line PHP'), $passed, true, $help); + check_add($checks, t('Command line PHP').($passed?" ($phpath)":""), $passed, false, $help); if($passed) { $str = autoname(8); -- cgit v1.2.3 From 88d5d9684a51119f62a60c588b2bf468f71fd884 Mon Sep 17 00:00:00 2001 From: root Date: Fri, 25 May 2012 03:05:07 -0400 Subject: admin: remove update link in admin menu --- mod/admin.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'mod') diff --git a/mod/admin.php b/mod/admin.php index d19118b78..6b1a53a30 100644 --- a/mod/admin.php +++ b/mod/admin.php @@ -98,7 +98,7 @@ function admin_content(&$a) { 'plugins'=> Array($a->get_baseurl(true)."/admin/plugins/", t("Plugins") , "plugins"), 'themes' => Array($a->get_baseurl(true)."/admin/themes/", t("Themes") , "themes"), 'dbsync' => Array($a->get_baseurl(true)."/admin/dbsync/", t('DB updates'), "dbsync"), - 'update' => Array($a->get_baseurl(true)."/admin/update/", t("Software Update") , "update") + //'update' => Array($a->get_baseurl(true)."/admin/update/", t("Software Update") , "update") ); /* get plugins admin page */ -- cgit v1.2.3 From abb9fecf0954e883f19b3cf16279dfa2d8c20271 Mon Sep 17 00:00:00 2001 From: friendica Date: Fri, 25 May 2012 00:42:38 -0700 Subject: rev update --- mod/profiles.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'mod') diff --git a/mod/profiles.php b/mod/profiles.php index 26fc88765..8e4fba74e 100644 --- a/mod/profiles.php +++ b/mod/profiles.php @@ -146,7 +146,7 @@ function profiles_post(&$a) { $value = $marital; } if($withchanged) { - $changes[] = '♥ ' . t('Romantic Partner'); + $changes[] = '[color=#ff0000]♥[/color] ' . t('Romantic Partner'); $value = strip_tags($with); } if($work != $orig[0]['work']) { -- cgit v1.2.3 From fafd41f4bfcebdc0560f6b458df2cb089fce63ff Mon Sep 17 00:00:00 2001 From: friendica Date: Fri, 25 May 2012 14:36:17 -0700 Subject: keep private FB stuff out of personal notes --- mod/notes.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'mod') diff --git a/mod/notes.php b/mod/notes.php index 0072ce447..64cc17a65 100644 --- a/mod/notes.php +++ b/mod/notes.php @@ -80,7 +80,8 @@ function notes_content(&$a,$update = false) { $r = q("SELECT COUNT(*) AS `total` FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` - WHERE `item`.`uid` = %d AND `item`.`visible` = 1 and `item`.`moderated` = 0 AND `item`.`deleted` = 0 + WHERE `item`.`uid` = %d AND `item`.`visible` = 1 and `item`.`moderated` = 0 + AND `item`.`deleted` = 0 AND `item`.`origin` = 1 AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `contact`.`self` = 1 AND `item`.`id` = `item`.`parent` AND `item`.`wall` = 0 $sql_extra ", @@ -95,7 +96,8 @@ function notes_content(&$a,$update = false) { $r = q("SELECT `item`.`id` AS `item_id`, `contact`.`uid` AS `contact-uid` FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` - WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0 + WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0 + and `item`.`moderated` = 0 AND `item`.`origin` = 1 AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `contact`.`self` = 1 AND `item`.`id` = `item`.`parent` AND `item`.`wall` = 0 $sql_extra -- cgit v1.2.3 From 27c903a8d0d9e8eeca31a21356256593da683da6 Mon Sep 17 00:00:00 2001 From: friendica Date: Fri, 25 May 2012 15:56:18 -0700 Subject: improve location change notifications --- mod/profiles.php | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'mod') diff --git a/mod/profiles.php b/mod/profiles.php index 8e4fba74e..ca3890eb9 100644 --- a/mod/profiles.php +++ b/mod/profiles.php @@ -176,9 +176,18 @@ function profiles_post(&$a) { $changes[] = t('Interests'); $value = $interest; } - if($address != $orig[0]['address'] || $locality != $orig[0]['locality'] || $region != $orig[0]['region'] + if($address != $orig[0]['address']) { + $changes[] = t('Address'); + // New address not sent in notifications, potential privacy issues + // in case this leaks to unintended recipients. Yes, it's in the public + // profile but that doesn't mean we have to broadcast it to everybody. + } + if($locality != $orig[0]['locality'] || $region != $orig[0]['region'] || $country_name != $orig[0]['country-name']) { $changes[] = t('Location'); + $comma1 = ((($locality) && ($region || $country_name)) ? ', ' : ' '); + $comma2 = (($region && $country_name) ? ', ' : ''); + $value = $locality . $comma1 . $region . $comma2 . $country_name; } profile_activity($changes,$value); -- cgit v1.2.3 From 0ef8ccf11bbc6f353610b0a67c203a7f8438387b Mon Sep 17 00:00:00 2001 From: friendica Date: Fri, 25 May 2012 17:42:35 -0700 Subject: fix wall_uploaded photo permissions on group post by member --- mod/item.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'mod') diff --git a/mod/item.php b/mod/item.php index 81dd553cd..df242d6f7 100644 --- a/mod/item.php +++ b/mod/item.php @@ -355,13 +355,15 @@ function item_post(&$a) { $image_uri = substr($image_uri,0, strpos($image_uri,'-')); if(! strlen($image_uri)) continue; - $srch = '<' . intval($contact_record['id']) . '>'; + $srch = '<' . intval($contact_id) . '>'; + $r = q("SELECT `id` FROM `photo` WHERE `allow_cid` = '%s' AND `allow_gid` = '' AND `deny_cid` = '' AND `deny_gid` = '' AND `resource-id` = '%s' AND `uid` = %d LIMIT 1", dbesc($srch), dbesc($image_uri), intval($profile_uid) ); + if(! count($r)) continue; -- cgit v1.2.3 From bb4712b171f1c5ee02a49afc9ebff9bb8af3b052 Mon Sep 17 00:00:00 2001 From: friendica Date: Fri, 25 May 2012 18:06:51 -0700 Subject: bug #434 - default group placement not working after accepting dfrn friend request --- mod/dfrn_confirm.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'mod') diff --git a/mod/dfrn_confirm.php b/mod/dfrn_confirm.php index 093993bbc..564ae5ca2 100644 --- a/mod/dfrn_confirm.php +++ b/mod/dfrn_confirm.php @@ -500,7 +500,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { ); if($contact && $g && intval($g[0]['def_gid'])) { require_once('include/group.php'); - group_add_member($uid,'',$contact[0]['id'],$g[0]['def_gid']); + group_add_member($uid,'',$contact['id'],$g[0]['def_gid']); } // Let's send our user to the contact editor in case they want to -- cgit v1.2.3 From 49512105082dde72553f4250e6284920612cc6b8 Mon Sep 17 00:00:00 2001 From: Michael Vogel Date: Sat, 26 May 2012 03:21:07 +0200 Subject: Speed optimisation by enabling the posibility of the MySQL fulltext engine --- mod/network.php | 18 +++++++++++++----- mod/search.php | 16 +++++++++++----- 2 files changed, 24 insertions(+), 10 deletions(-) (limited to 'mod') diff --git a/mod/network.php b/mod/network.php index c6f683b93..f54d055d3 100644 --- a/mod/network.php +++ b/mod/network.php @@ -416,11 +416,19 @@ function network_content(&$a, $update = 0) { $myurl = substr($myurl,strpos($myurl,'://')+3); $myurl = str_replace(array('www.','.'),array('','\\.'),$myurl); $diasp_url = str_replace('/profile/','/u/',$myurl); - $sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where ( `author-link` like '%s' or `tag` like '%s' or tag like '%s' )) ", - dbesc(protect_sprintf('%' . $myurl)), - dbesc(protect_sprintf('%' . $myurl . '\\]%')), - dbesc(protect_sprintf('%' . $diasp_url . '\\]%')) - ); + if (get_config('system','use_fulltext_engine')) + $sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where (MATCH(`author-link`) AGAINST ('".'"%s"'."' in boolean mode) or MATCH(`tag`) AGAINST ('".'"%s"'."' in boolean mode) or MATCH(tag) AGAINST ('".'"%s"'."' in boolean mode))) ", + dbesc(protect_sprintf($myurl)), + dbesc(protect_sprintf($myurl)), + dbesc(protect_sprintf($diasp_url)) + ); + else + $sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where ( `author-link` like '%s' or `tag` like '%s' or tag like '%s' )) ", + dbesc(protect_sprintf('%' . $myurl)), + dbesc(protect_sprintf('%' . $myurl . '\\]%')), + dbesc(protect_sprintf('%' . $diasp_url . '\\]%')) + ); + } diff --git a/mod/search.php b/mod/search.php index 3e6bf68aa..ac5134696 100644 --- a/mod/search.php +++ b/mod/search.php @@ -109,11 +109,17 @@ function search_content(&$a) { if(! $search) return $o; - if($tag) - $sql_extra = sprintf(" AND `item`.`tag` REGEXP '%s' ", dbesc('\\]' . preg_quote($search) . '\\[')); - else - $sql_extra = sprintf(" AND `item`.`body` REGEXP '%s' ", dbesc(preg_quote($search))); - + if (get_config('system','use_fulltext_engine')) { + if($tag) + $sql_extra = sprintf(" AND MATCH (`item`.`tag`) AGAINST ('".'"%s"'."' in boolean mode) ", '#'.preg_quote($search)); + else + $sql_extra = sprintf(" AND MATCH (`item`.`body`) AGAINST ('".'"%s"'."' in boolean mode) ", dbesc(preg_quote($search))); + } else { + if($tag) + $sql_extra = sprintf(" AND `item`.`tag` REGEXP '%s' ", dbesc('\\]' . preg_quote($search) . '\\[')); + else + $sql_extra = sprintf(" AND `item`.`body` REGEXP '%s' ", dbesc(preg_quote($search))); + } -- cgit v1.2.3 From f5290a5a107ef2d6c309c4a3205319c9b0d13994 Mon Sep 17 00:00:00 2001 From: friendica Date: Fri, 25 May 2012 18:29:06 -0700 Subject: missing entries on personal tab after sql text search optimise --- mod/network.php | 9 ++++----- mod/wallmessage.php | 4 ++-- 2 files changed, 6 insertions(+), 7 deletions(-) (limited to 'mod') diff --git a/mod/network.php b/mod/network.php index f43eeb67e..fbfe2de4f 100644 --- a/mod/network.php +++ b/mod/network.php @@ -414,16 +414,15 @@ function network_content(&$a, $update = 0) { if($conv) { $myurl = $a->get_baseurl() . '/profile/'. $a->user['nickname']; $myurl = substr($myurl,strpos($myurl,'://')+3); - $myurl = str_replace(array('www.','.'),array('','\\.'),$myurl); + $myurl = str_replace('www.','',$myurl); $diasp_url = str_replace('/profile/','/u/',$myurl); $sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where ( `author-link` like '%s' or `tag` like '%s' or tag like '%s' )) ", - dbesc(protect_sprintf('%s' . $myurl)), - dbesc(protect_sprintf('%' . $myurl . '\\]%')), - dbesc(protect_sprintf('%' . $diasp_url . '\\]%')) + dbesc(protect_sprintf('%' . $myurl)), + dbesc(protect_sprintf('%' . $myurl . ']%')), + dbesc(protect_sprintf('%' . $diasp_url . ']%')) ); } - if($update) { // only setup pagination on initial page view diff --git a/mod/wallmessage.php b/mod/wallmessage.php index 1a4882b64..cf349775c 100644 --- a/mod/wallmessage.php +++ b/mod/wallmessage.php @@ -44,7 +44,7 @@ function wallmessage_post(&$a) { } // Work around doubled linefeeds in Tinymce 3.5b2 -dbg(1); + $body = str_replace("\r\n","\n",$body); $body = str_replace("\n\n","\n",$body); @@ -67,7 +67,7 @@ dbg(1); default: info( t('Message sent.') . EOL ); } -dbg(0); + // goaway($a->get_baseurl() . '/profile/' . $user['nickname']); } -- cgit v1.2.3 From a5dc41ab131d4235eb947ff00d7af0593bf0e460 Mon Sep 17 00:00:00 2001 From: Michael Vogel Date: Sat, 26 May 2012 11:51:48 +0200 Subject: Saved searches now can search for tags as well --- mod/network.php | 20 ++++++++++++++++---- mod/search.php | 3 +-- 2 files changed, 17 insertions(+), 6 deletions(-) (limited to 'mod') diff --git a/mod/network.php b/mod/network.php index f54d055d3..6b4fa9a5b 100644 --- a/mod/network.php +++ b/mod/network.php @@ -402,10 +402,22 @@ function network_content(&$a, $update = 0) { if(x($_GET,'search')) { $search = escape_tags($_GET['search']); - $sql_extra .= sprintf(" AND ( `item`.`body` like '%s' OR `item`.`tag` like '%s' ) ", - dbesc(protect_sprintf('%' . $search . '%')), - dbesc(protect_sprintf('%]' . $search . '[%')) - ); + if (get_config('system','use_fulltext_engine')) { + if(strpos($search,'#') === 0) + $sql_extra .= sprintf(" AND (MATCH(tag) AGAINST ('".'"%s"'."' in boolean mode)) ", + dbesc(protect_sprintf($search)) + ); + else + $sql_extra .= sprintf(" AND (MATCH(`item`.`body`) AGAINST ('".'"%s"'."' in boolean mode) or MATCH(tag) AGAINST ('".'"%s"'."' in boolean mode)) ", + dbesc(protect_sprintf($search)), + dbesc(protect_sprintf($search)) + ); + } else { + $sql_extra .= sprintf(" AND ( `item`.`body` like '%s' OR `item`.`tag` like '%s' ) ", + dbesc(protect_sprintf('%' . $search . '%')), + dbesc(protect_sprintf('%]' . $search . '[%')) + ); + } } if(strlen($file)) { $sql_extra .= file_tag_file_query('item',unxmlify($file)); diff --git a/mod/search.php b/mod/search.php index ac5134696..d4cd9d967 100644 --- a/mod/search.php +++ b/mod/search.php @@ -71,7 +71,7 @@ function search_content(&$a) { notice( t('Public access denied.') . EOL); return; } - + nav_set_selected('search'); require_once("include/bbcode.php"); @@ -96,7 +96,6 @@ function search_content(&$a) { $o .= search($search,'search-box','/search',((local_user()) ? true : false)); - if(strpos($search,'#') === 0) { $tag = true; $search = substr($search,1); -- cgit v1.2.3 From 2bd1004587fc8d928b9458b2383b656df115578c Mon Sep 17 00:00:00 2001 From: friendica Date: Sun, 27 May 2012 21:01:58 -0700 Subject: rework the way private photos are embedded to avoid url differences and also check the permissions if possible to make sure that nothing sneaks by. --- mod/settings.php | 1 + 1 file changed, 1 insertion(+) (limited to 'mod') diff --git a/mod/settings.php b/mod/settings.php index 40fa55eea..e6eb4011f 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -15,6 +15,7 @@ function get_theme_config_file($theme){ } function settings_init(&$a) { + // These lines provide the javascript needed by the acl selector $a->page['htmlhead'] .= "