From 5c0e135fe98fc91cee32e065c81e7a440c25ee2c Mon Sep 17 00:00:00 2001
From: Friendika
Date: Wed, 14 Sep 2011 19:33:42 -0700
Subject: diaspora protocol changes
---
mod/receive.php | 34 +++++++++++++++++++++++-----------
1 file changed, 23 insertions(+), 11 deletions(-)
(limited to 'mod')
diff --git a/mod/receive.php b/mod/receive.php
index 34128518b..72e290348 100644
--- a/mod/receive.php
+++ b/mod/receive.php
@@ -12,18 +12,26 @@ require_once('include/diaspora.php');
function receive_post(&$a) {
- if($a->argc != 3 || $a->argv[1] !== 'users')
- http_status_exit(500);
+ $public = false;
- $guid = $a->argv[2];
+ if(($a->argc == 2) && ($a->argv[1] === 'public')) {
+ $public = true;
+ }
+ else {
- $r = q("SELECT * FROM `user` WHERE `guid` = '%s' LIMIT 1",
- dbesc($guid)
- );
- if(! count($r))
- http_status_exit(500);
+ if($a->argc != 3 || $a->argv[1] !== 'users')
+ http_status_exit(500);
+
+ $guid = $a->argv[2];
+
+ $r = q("SELECT * FROM `user` WHERE `guid` = '%s' LIMIT 1",
+ dbesc($guid)
+ );
+ if(! count($r))
+ http_status_exit(500);
- $importer = $r[0];
+ $importer = $r[0];
+ }
// It is an application/x-www-form-urlencoded
@@ -41,9 +49,13 @@ function receive_post(&$a) {
if(! is_array($msg))
http_status_exit(500);
- diaspora_dispatch($importer,$msg);
+ $ret = 0;
+ if($public)
+ diaspora_dispatch_public($msg);
+ else
+ $ret = diaspora_dispatch($importer,$msg);
- http_status_exit(200);
+ http_status_exit(($ret) ? $ret : 200);
// NOTREACHED
}
--
cgit v1.2.3
From 9c3503a706d445bcbf7a14c2adcd8d344df3e46b Mon Sep 17 00:00:00 2001
From: Friendika
Date: Fri, 16 Sep 2011 06:49:24 -0700
Subject: update timestamp on activity change (comment/like)
---
mod/item.php | 6 ++++++
1 file changed, 6 insertions(+)
(limited to 'mod')
diff --git a/mod/item.php b/mod/item.php
index 025a12a32..38f4c2040 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -803,6 +803,12 @@ function item_post(&$a) {
// NOTREACHED
}
+ // update the timestamp on the parent
+
+ q("UPDATE `item` set `changed` = '%s' WHERE `id` = %d LIMIT 1",
+ dbesc(datetime_convert()),
+ intval($parent)
+ );
$datarray['id'] = $post_id;
$datarray['plink'] = $a->get_baseurl() . '/display/' . $user['nickname'] . '/' . $post_id;
--
cgit v1.2.3
From 8bf6a29d4e05af5d461da3f01999785dc12ee7da Mon Sep 17 00:00:00 2001
From: Friendika
Date: Sun, 18 Sep 2011 19:04:11 -0700
Subject: optimise the commented date view
---
mod/item.php | 11 ++++--
mod/network.php | 112 +++++++++++++++++---------------------------------------
2 files changed, 41 insertions(+), 82 deletions(-)
(limited to 'mod')
diff --git a/mod/item.php b/mod/item.php
index 38f4c2040..cad72122b 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -501,6 +501,7 @@ function item_post(&$a) {
$datarray['author-avatar'] = $author['thumb'];
$datarray['created'] = datetime_convert();
$datarray['edited'] = datetime_convert();
+ $datarray['commented'] = datetime_convert();
$datarray['received'] = datetime_convert();
$datarray['changed'] = datetime_convert();
$datarray['uri'] = $uri;
@@ -561,9 +562,9 @@ function item_post(&$a) {
$r = q("INSERT INTO `item` (`guid`, `uid`,`type`,`wall`,`gravity`,`contact-id`,`owner-name`,`owner-link`,`owner-avatar`,
- `author-name`, `author-link`, `author-avatar`, `created`, `edited`, `received`, `changed`, `uri`, `thr-parent`, `title`, `body`, `app`, `location`, `coord`,
+ `author-name`, `author-link`, `author-avatar`, `created`, `edited`, `commented`, `received`, `changed`, `uri`, `thr-parent`, `title`, `body`, `app`, `location`, `coord`,
`tag`, `inform`, `verb`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid`, `private`, `pubmail`, `attach`, `bookmark` )
- VALUES( '%s', %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d )",
+ VALUES( '%s', %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d )",
dbesc($datarray['guid']),
intval($datarray['uid']),
dbesc($datarray['type']),
@@ -578,6 +579,7 @@ function item_post(&$a) {
dbesc($datarray['author-avatar']),
dbesc($datarray['created']),
dbesc($datarray['edited']),
+ dbesc($datarray['commented']),
dbesc($datarray['received']),
dbesc($datarray['changed']),
dbesc($datarray['uri']),
@@ -803,9 +805,10 @@ function item_post(&$a) {
// NOTREACHED
}
- // update the timestamp on the parent
+ // update the commented timestamp on the parent
- q("UPDATE `item` set `changed` = '%s' WHERE `id` = %d LIMIT 1",
+ q("UPDATE `item` set `commented` = '%s', `changed` = '%s' WHERE `id` = %d LIMIT 1",
+ dbesc(datetime_convert()),
dbesc(datetime_convert()),
intval($parent)
);
diff --git a/mod/network.php b/mod/network.php
index 438b3417d..5faeee453 100644
--- a/mod/network.php
+++ b/mod/network.php
@@ -315,44 +315,27 @@ function network_content(&$a, $update = 0) {
else {
// Normal conversation view
- // Show conversation by activity date
- if($order === 'post') {
- $r = q("SELECT `item`.`id` AS `item_id`, `contact`.`uid` AS `contact_uid`
- FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
- WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
- AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
- AND `item`.`parent` = `item`.`id`
- $sql_extra
- ORDER BY `item`.`created` DESC LIMIT %d ,%d ",
- intval(local_user()),
- intval($a->pager['start']),
- intval($a->pager['itemspage'])
- );
- }
- else {
- // $order === 'comment'
- // First fetch a known number of parent items
-
- $r = q("SELECT `item`.`id` AS `item_id`, `contact`.`uid` AS `contact_uid`
- FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
- , (SELECT `_com`.`parent`,max(`_com`.`created`) as `created`
- FROM `item` AS `_com`
- WHERE `_com`.`uid`=%d AND
- (`_com`.`parent`!=`_com`.`id` OR `_com`.`id` NOT IN (SELECT `__com`.`parent` FROM `item` as `__com` WHERE `__com`.`parent`!=`__com`.`id`))
- GROUP BY `_com`.`parent` ORDER BY `created` DESC) AS `com`
- WHERE `item`.`id`=`com`.`parent` AND
- `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
- AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
- $sql_extra
- ORDER BY `com`.`created` DESC LIMIT %d ,%d ",
- intval(local_user()),
- intval(local_user()),
- intval($a->pager['start']),
- intval($a->pager['itemspage'])
- );
- }
+ if($order === 'post')
+ $ordering = "`created`";
+ else
+ $ordering = "`commented`";
+
+ // Fetch a page full of parent items for this page
+
+ $r = q("SELECT `item`.`id` AS `item_id`, `contact`.`uid` AS `contact_uid`
+ FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
+ WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
+ AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
+ AND `item`.`parent` = `item`.`id`
+ $sql_extra
+ ORDER BY `item`.$ordering DESC LIMIT %d ,%d ",
+ intval(local_user()),
+ intval($a->pager['start']),
+ intval($a->pager['itemspage'])
+ );
+
// Then fetch all the children of the parents that are on this page
$parents_arr = array();
@@ -363,48 +346,21 @@ function network_content(&$a, $update = 0) {
$parents_arr[] = $rr['item_id'];
$parents_str = implode(', ', $parents_arr);
- if($order === 'post') {
- // parent created order
- $r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
- `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`, `contact`.`writable`,
- `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
- `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
- FROM `item`, (SELECT `p`.`id`,`p`.`created` FROM `item` AS `p` WHERE `p`.`parent`=`p`.`id`) as `parentitem`, `contact`
- WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
- AND `contact`.`id` = `item`.`contact-id`
- AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
- AND `item`.`parent` = `parentitem`.`id` AND `item`.`parent` IN ( %s )
- $sql_extra
- ORDER BY `parentitem`.`created` DESC, `item`.`gravity` ASC, `item`.`created` ASC ",
- intval(local_user()),
- dbesc($parents_str)
- );
- }
- else {
- // $order === 'comment'
-
- $r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
- `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`, `contact`.`writable`,
- `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
- `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
- FROM `item`, `contact`,
- (SELECT `_com`.`parent`,max(`_com`.`created`) as `created`
- FROM `item` AS `_com`
- WHERE `_com`.`uid`=%d AND
- (`_com`.`parent`!=`_com`.`id` OR `_com`.`id` NOT IN (SELECT `__com`.`parent` FROM `item` as `__com` WHERE `__com`.`parent`!=`__com`.`id`))
- GROUP BY `_com`.`parent` ORDER BY `created` DESC) AS `com`
- WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
- AND `contact`.`id` = `item`.`contact-id`
- AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
- AND `item`.`parent` = `com`.`parent` AND `item`.`parent` IN ( %s )
- $sql_extra
- ORDER BY `com`.`created` DESC, `item`.`gravity` ASC, `item`.`created` ASC ",
- intval(local_user()),
- intval(local_user()),
- dbesc($parents_str)
- );
- }
- }
+ $r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
+ `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`, `contact`.`writable`,
+ `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
+ `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
+ FROM `item`, (SELECT `p`.`id`,`p`.`created`,`p`.`commented` FROM `item` AS `p` WHERE `p`.`parent`=`p`.`id`) as `parentitem`, `contact`
+ WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
+ AND `contact`.`id` = `item`.`contact-id`
+ AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
+ AND `item`.`parent` = `parentitem`.`id` AND `item`.`parent` IN ( %s )
+ $sql_extra
+ ORDER BY `parentitem`.$ordering DESC, `item`.`gravity` ASC, `item`.`created` ASC ",
+ intval(local_user()),
+ dbesc($parents_str)
+ );
+ }
}
// Set this so that the conversation function can find out contact info for our wall-wall items
--
cgit v1.2.3
From 5b3f6459392ba6f417cfc5cb0d38094c009c6913 Mon Sep 17 00:00:00 2001
From: Friendika
Date: Sun, 18 Sep 2011 19:53:45 -0700
Subject: account expiration structures
---
mod/openid.php | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
(limited to 'mod')
diff --git a/mod/openid.php b/mod/openid.php
index 3c3293147..b8734f023 100644
--- a/mod/openid.php
+++ b/mod/openid.php
@@ -56,7 +56,7 @@ function openid_content(&$a) {
$r = q("SELECT `user`.*, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey`
- FROM `user` WHERE `openid` = '%s' AND `blocked` = 0 AND `verified` = 1 LIMIT 1",
+ FROM `user` WHERE `openid` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `verified` = 1 LIMIT 1",
dbesc($_SESSION['openid'])
);
if(! count($r)) {
--
cgit v1.2.3
From 2aef98f71d95ba5c2caae7637002daef0bce6de5 Mon Sep 17 00:00:00 2001
From: Friendika
Date: Mon, 19 Sep 2011 01:17:12 -0700
Subject: cripple account when expired
---
mod/dfrn_notify.php | 5 +++--
mod/pubsub.php | 4 ++--
mod/receive.php | 2 +-
mod/salmon.php | 4 ++--
4 files changed, 8 insertions(+), 7 deletions(-)
(limited to 'mod')
diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php
index 84cb2fc16..d174c87ee 100644
--- a/mod/dfrn_notify.php
+++ b/mod/dfrn_notify.php
@@ -72,7 +72,7 @@ function dfrn_notify_post(&$a) {
FROM `contact`
LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid`
WHERE `contact`.`blocked` = 0 AND `contact`.`pending` = 0
- AND `user`.`nickname` = '%s' $sql_extra LIMIT 1",
+ AND `user`.`nickname` = '%s' AND `user`.`account_expired` = 0 $sql_extra LIMIT 1",
dbesc($a->argv[1])
);
@@ -829,7 +829,8 @@ function dfrn_notify_content(&$a) {
}
$r = q("SELECT `contact`.*, `user`.`nickname` FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid`
- WHERE `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `user`.`nickname` = '%s' $sql_extra LIMIT 1",
+ WHERE `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `user`.`nickname` = '%s'
+ AND `user`.`account_expired` = 0 $sql_extra LIMIT 1",
dbesc($a->argv[1])
);
diff --git a/mod/pubsub.php b/mod/pubsub.php
index 4dff5d531..b2f006927 100644
--- a/mod/pubsub.php
+++ b/mod/pubsub.php
@@ -44,7 +44,7 @@ function pubsub_init(&$a) {
$subscribe = (($hub_mode === 'subscribe') ? 1 : 0);
- $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' LIMIT 1",
+ $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `account_expired` = 0 LIMIT 1",
dbesc($nick)
);
if(! count($r))
@@ -99,7 +99,7 @@ function pubsub_post(&$a) {
$nick = (($a->argc > 1) ? notags(trim($a->argv[1])) : '');
$contact_id = (($a->argc > 2) ? intval($a->argv[2]) : 0 );
- $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' LIMIT 1",
+ $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `account_expired` = 0 LIMIT 1",
dbesc($nick)
);
if(! count($r))
diff --git a/mod/receive.php b/mod/receive.php
index 72e290348..950bf0bd3 100644
--- a/mod/receive.php
+++ b/mod/receive.php
@@ -24,7 +24,7 @@ function receive_post(&$a) {
$guid = $a->argv[2];
- $r = q("SELECT * FROM `user` WHERE `guid` = '%s' LIMIT 1",
+ $r = q("SELECT * FROM `user` WHERE `guid` = '%s' AND `account_expired` = 0 LIMIT 1",
dbesc($guid)
);
if(! count($r))
diff --git a/mod/salmon.php b/mod/salmon.php
index 0264e820d..6172d17a1 100644
--- a/mod/salmon.php
+++ b/mod/salmon.php
@@ -25,12 +25,12 @@ function salmon_post(&$a) {
$xml = file_get_contents('php://input');
- logger('mod-salmon: new salmon ' . $xml);
+ logger('mod-salmon: new salmon ' . $xml, LOGGER_DATA);
$nick = (($a->argc > 1) ? notags(trim($a->argv[1])) : '');
$mentions = (($a->argc > 2 && $a->argv[2] === 'mention') ? true : false);
- $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' LIMIT 1",
+ $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `account_expired` = 0 LIMIT 1",
dbesc($nick)
);
if(! count($r))
--
cgit v1.2.3
From 0a30a91b14c8887db668d74759953405f02d4e65 Mon Sep 17 00:00:00 2001
From: Friendika
Date: Mon, 19 Sep 2011 02:13:59 -0700
Subject: basic zot discovery framework
---
mod/hostxrd.php | 3 ++-
mod/xrd.php | 1 +
2 files changed, 3 insertions(+), 1 deletion(-)
(limited to 'mod')
diff --git a/mod/hostxrd.php b/mod/hostxrd.php
index c7861d26d..1cc18da7a 100644
--- a/mod/hostxrd.php
+++ b/mod/hostxrd.php
@@ -4,7 +4,8 @@ function hostxrd_init(&$a) {
header('Access-Control-Allow-Origin: *');
header("Content-type: text/xml");
$tpl = file_get_contents('view/xrd_host.tpl');
- echo str_replace(array('$zroot','$domain'),array(z_root(),z_path()),$tpl);
+ echo str_replace(array(
+ '$zroot','$domain','$zot_post'),array(z_root(),z_path(),z_root() . '/post'),$tpl);
session_write_close();
exit();
diff --git a/mod/xrd.php b/mod/xrd.php
index fcec74336..dae6e4828 100644
--- a/mod/xrd.php
+++ b/mod/xrd.php
@@ -45,6 +45,7 @@ function xrd_init(&$a) {
'$profile_url' => $a->get_baseurl() . '/profile/' . $r[0]['nickname'],
'$hcard_url' => $a->get_baseurl() . '/hcard/' . $r[0]['nickname'],
'$atom' => $a->get_baseurl() . '/dfrn_poll/' . $r[0]['nickname'],
+ '$zot_post' => $a->get_baseurl() . '/post/' . $r[0]['nickname'],
'$photo' => $a->get_baseurl() . '/photo/profile/' . $r[0]['uid'] . '.jpg',
'$dspr' => $dspr,
'$salmon' => $a->get_baseurl() . '/salmon/' . $r[0]['nickname'],
--
cgit v1.2.3
From fd18b42a5a4dfb212dac1272294a0934076183b7 Mon Sep 17 00:00:00 2001
From: Friendika
Date: Mon, 19 Sep 2011 03:30:59 -0700
Subject: Check all keys before use
---
mod/dfrn_notify.php | 20 ++++++++++++--------
1 file changed, 12 insertions(+), 8 deletions(-)
(limited to 'mod')
diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php
index d174c87ee..bd665c208 100644
--- a/mod/dfrn_notify.php
+++ b/mod/dfrn_notify.php
@@ -807,7 +807,7 @@ function dfrn_notify_content(&$a) {
intval(time() + 90 )
);
- logger('dfrn_notify: challenge=' . $hash );
+ logger('dfrn_notify: challenge=' . $hash, LOGGER_DEBUG );
$sql_extra = '';
switch($direction) {
@@ -841,14 +841,18 @@ function dfrn_notify_content(&$a) {
$encrypted_id = '';
$id_str = $my_id . '.' . mt_rand(1000,9999);
- if((($r[0]['duplex']) && strlen($r[0]['prvkey'])) || (! strlen($r[0]['pubkey']))) {
- openssl_private_encrypt($hash,$challenge,$r[0]['prvkey']);
- openssl_private_encrypt($id_str,$encrypted_id,$r[0]['prvkey']);
- }
- else {
- openssl_public_encrypt($hash,$challenge,$r[0]['pubkey']);
- openssl_public_encrypt($id_str,$encrypted_id,$r[0]['pubkey']);
+ if(strlen($r[0]['prvkey']) || strlen($r[0]['pubkey'])) {
+ if(($r[0]['duplex']) || (! strlen($r[0]['pubkey']))) {
+ openssl_private_encrypt($hash,$challenge,$r[0]['prvkey']);
+ openssl_private_encrypt($id_str,$encrypted_id,$r[0]['prvkey']);
+ }
+ else {
+ openssl_public_encrypt($hash,$challenge,$r[0]['pubkey']);
+ openssl_public_encrypt($id_str,$encrypted_id,$r[0]['pubkey']);
+ }
}
+ else
+ $status = 1;
$challenge = bin2hex($challenge);
$encrypted_id = bin2hex($encrypted_id);
--
cgit v1.2.3
From a810d2a993fb0d5d778cf56f9cdea151ecdec341 Mon Sep 17 00:00:00 2001
From: Friendika
Date: Mon, 19 Sep 2011 16:39:23 -0700
Subject: put profile photo on photos page
---
mod/photos.php | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
(limited to 'mod')
diff --git a/mod/photos.php b/mod/photos.php
index b74ca85d7..7b660bfa3 100644
--- a/mod/photos.php
+++ b/mod/photos.php
@@ -34,12 +34,14 @@ function photos_init(&$a) {
$a->data['albums'] = $albums;
$o .= '';
+ $o .= '![' . $a->data['user']['username'] . '](' . $a->get_baseurl() . '/photo/profile/' . $a->data['user']['uid'] . '.jpg)
';
+
$o .= '';
$o .= '';
foreach($albums as $album) {
- // don't show contact photos. We once trasnlated this name, but then you could still access it under
+ // don't show contact photos. We once translated this name, but then you could still access it under
// a different language setting. Now we store the name in English and check in English (and translated for legacy albums).
if((! strlen($album['album'])) || ($album['album'] === 'Contact Photos') || ($album['album'] === t('Contact Photos')))
--
cgit v1.2.3
From 63277b57fc6557c5f59fefd1ae738ad3c3e2a9f1 Mon Sep 17 00:00:00 2001
From: Friendika
Date: Mon, 19 Sep 2011 19:46:18 -0700
Subject: template escapes
---
mod/message.php | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
(limited to 'mod')
diff --git a/mod/message.php b/mod/message.php
index 165d63814..e031cdafa 100644
--- a/mod/message.php
+++ b/mod/message.php
@@ -159,10 +159,10 @@ function message_content(&$a) {
'$from_url' => $a->get_baseurl() . '/redir/' . $rr['contact-id'],
'$sparkle' => ' sparkle',
'$from_photo' => $rr['thumb'],
- '$subject' => (($rr['mailseen']) ? $rr['title'] : '' . $rr['title'] . ''),
+ '$subject' => template_escape((($rr['mailseen']) ? $rr['title'] : '' . $rr['title'] . '')),
'$delete' => t('Delete conversation'),
- '$body' => $rr['body'],
- '$to_name' => $rr['name'],
+ '$body' => template_escape($rr['body']),
+ '$to_name' => template_escape($rr['name']),
'$date' => datetime_convert('UTC',date_default_timezone_get(),$rr['mailcreated'], t('D, d M Y - g:i A'))
));
}
@@ -221,14 +221,14 @@ function message_content(&$a) {
}
$o .= replace_macros($tpl, array(
'$id' => $message['id'],
- '$from_name' =>$message['from-name'],
+ '$from_name' => template_escape($message['from-name']),
'$from_url' => $from_url,
'$sparkle' => $sparkle,
'$from_photo' => $message['from-photo'],
- '$subject' => $message['title'],
- '$body' => smilies(bbcode($message['body'])),
+ '$subject' => template_escape($message['title']),
+ '$body' => template_escape(smilies(bbcode($message['body']))),
'$delete' => t('Delete message'),
- '$to_name' => $message['name'],
+ '$to_name' => template_escape($message['name']),
'$date' => datetime_convert('UTC',date_default_timezone_get(),$message['created'],'D, d M Y - g:i A')
));
@@ -240,7 +240,7 @@ function message_content(&$a) {
'$header' => t('Send Reply'),
'$to' => t('To:'),
'$subject' => t('Subject:'),
- '$subjtxt' => $message['title'],
+ '$subjtxt' => template_escape($message['title']),
'$readonly' => ' readonly="readonly" style="background: #BBBBBB;" ',
'$yourmessage' => t('Your message:'),
'$select' => $select,
--
cgit v1.2.3
From 660787916ef33e8efc6d03ad1f74e1c74eb7feaf Mon Sep 17 00:00:00 2001
From: Friendika
Date: Mon, 19 Sep 2011 20:24:32 -0700
Subject: template escapes
---
mod/photos.php | 34 +++++++++++++++++-----------------
1 file changed, 17 insertions(+), 17 deletions(-)
(limited to 'mod')
diff --git a/mod/photos.php b/mod/photos.php
index 7b660bfa3..72f2abd56 100644
--- a/mod/photos.php
+++ b/mod/photos.php
@@ -889,9 +889,9 @@ function photos_content(&$a) {
'$nickname' => $a->data['user']['nickname'],
'$newalbum' => t('New album name: '),
'$existalbumtext' => t('or existing album name: '),
- '$albumselect' => $albumselect,
+ '$albumselect' => template_escape($albumselect),
'$permissions' => t('Permissions'),
- '$aclselect' => (($visitor) ? '' : populate_acl($a->user, $celeb)),
+ '$aclselect' => (($visitor) ? '' : template_escape(populate_acl($a->user, $celeb))),
'$uploader' => $ret['addon_text'],
'$default' => (($ret['default_upload']) ? $default_upload : ''),
'$uploadurl' => $ret['post_url']
@@ -932,7 +932,7 @@ function photos_content(&$a) {
$o .= replace_macros($edit_tpl,array(
'$nametext' => t('New album name: '),
'$nickname' => $a->data['user']['nickname'],
- '$album' => $album,
+ '$album' => template_escape($album),
'$hexalbum' => bin2hex($album),
'$submit' => t('Submit'),
'$dropsubmit' => t('Delete Album')
@@ -957,8 +957,8 @@ function photos_content(&$a) {
'$photolink' => $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $rr['resource-id'],
'$phototitle' => t('View Photo'),
'$imgsrc' => $a->get_baseurl() . '/photo/' . $rr['resource-id'] . '-' . $rr['scale'] . '.jpg',
- '$imgalt' => $rr['filename'],
- '$desc'=> $rr['desc']
+ '$imgalt' => template_escape($rr['filename']),
+ '$desc'=> template_escape($rr['desc'])
));
}
@@ -1132,16 +1132,16 @@ function photos_content(&$a) {
$edit_tpl = get_markup_template('photo_edit.tpl');
$edit = replace_macros($edit_tpl, array(
'$id' => $ph[0]['id'],
- '$album' => $ph[0]['album'],
+ '$album' => template_escape($ph[0]['album']),
'$newalbum' => t('New album name'),
'$nickname' => $a->data['user']['nickname'],
'$resource_id' => $ph[0]['resource-id'],
'$capt_label' => t('Caption'),
- '$caption' => $ph[0]['desc'],
+ '$caption' => template_escape($ph[0]['desc']),
'$tag_label' => t('Add a Tag'),
'$tags' => $link_item['tag'],
'$permissions' => t('Permissions'),
- '$aclselect' => populate_acl($ph[0]),
+ '$aclselect' => template_escape(populate_acl($ph[0])),
'$help_tags' => t('Example: @bob, @Barbara_Jensen, @jim@example.com, #California, #camping'),
'$item_id' => ((count($linked_items)) ? $link_item['id'] : 0),
'$submit' => t('Submit'),
@@ -1287,11 +1287,11 @@ function photos_content(&$a) {
$comments .= replace_macros($template,array(
'$id' => $item['item_id'],
'$profile_url' => $profile_link,
- '$name' => $profile_name,
+ '$name' => template_escape($profile_name),
'$thumb' => $profile_avatar,
'$sparkle' => $sparkle,
- '$title' => $item['title'],
- '$body' => bbcode($item['body']),
+ '$title' => template_escape($item['title']),
+ '$body' => template_escape(bbcode($item['body'])),
'$ago' => relative_date($item['created']),
'$indent' => (($item['parent'] != $item['item_id']) ? ' comment' : ''),
'$drop' => $drop,
@@ -1306,18 +1306,18 @@ function photos_content(&$a) {
$photo_tpl = get_markup_template('photo_view.tpl');
$o .= replace_macros($photo_tpl, array(
'$id' => $ph[0]['id'],
- '$album' => array($album_link,$ph[0]['album']),
+ '$album' => array($album_link,template_escape($ph[0]['album'])),
'$tools' => $tools,
'$lock' => $lock,
'$photo' => $photo,
'$prevlink' => $prevlink,
'$nextlink' => $nextlink,
'$desc' => $ph[0]['desc'],
- '$tags' => $tags,
+ '$tags' => template_escape($tags),
'$edit' => $edit,
'$likebuttons' => $likebuttons,
- '$like' => $like,
- '$dislike' => $dislike,
+ '$like' => template_escape($like),
+ '$dislike' => template_escape($dislike),
'$comments' => $comments,
'$paginate' => $paginate,
));
@@ -1365,9 +1365,9 @@ function photos_content(&$a) {
'$phototitle' => t('View Photo'),
'$imgsrc' => $a->get_baseurl() . '/photo/' . $rr['resource-id'] . '-' . ((($rr['scale']) == 6) ? 4 : $rr['scale']) . '.jpg',
'$albumlink' => $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/album/' . bin2hex($rr['album']),
- '$albumname' => $rr['album'],
+ '$albumname' => template_escape($rr['album']),
'$albumalt' => t('View Album'),
- '$imgalt' => $rr['filename']
+ '$imgalt' => template_escape($rr['filename'])
));
}
--
cgit v1.2.3
From d653d922b117cb123268e0b7f7b584e86482f5a7 Mon Sep 17 00:00:00 2001
From: Friendika
Date: Mon, 19 Sep 2011 21:24:16 -0700
Subject: sorting through key issue
---
mod/dfrn_notify.php | 22 +++++++++++-----------
1 file changed, 11 insertions(+), 11 deletions(-)
(limited to 'mod')
diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php
index bd665c208..870e4f2fb 100644
--- a/mod/dfrn_notify.php
+++ b/mod/dfrn_notify.php
@@ -841,18 +841,18 @@ function dfrn_notify_content(&$a) {
$encrypted_id = '';
$id_str = $my_id . '.' . mt_rand(1000,9999);
- if(strlen($r[0]['prvkey']) || strlen($r[0]['pubkey'])) {
- if(($r[0]['duplex']) || (! strlen($r[0]['pubkey']))) {
- openssl_private_encrypt($hash,$challenge,$r[0]['prvkey']);
- openssl_private_encrypt($id_str,$encrypted_id,$r[0]['prvkey']);
- }
- else {
- openssl_public_encrypt($hash,$challenge,$r[0]['pubkey']);
- openssl_public_encrypt($id_str,$encrypted_id,$r[0]['pubkey']);
- }
+ $prv_key = trim($r[0]['prvkey']);
+ $pub_key = trim($r[0]['pubkey']);
+ $dplx = intval($r[0]['duplex']);
+
+ if((($dplx) && (strlen($prv_key))) || ((strlen($prv_key)) && (!(strlen($pub_key))))) {
+ openssl_private_encrypt($hash,$challenge,$prv_key);
+ openssl_private_encrypt($id_str,$encrypted_id,$prv_key);
+ }
+ else {
+ openssl_public_encrypt($hash,$challenge,$pub_key);
+ openssl_public_encrypt($id_str,$encrypted_id,$pub_key);
}
- else
- $status = 1;
$challenge = bin2hex($challenge);
$encrypted_id = bin2hex($encrypted_id);
--
cgit v1.2.3
From 8a11cec61a87600273f1349e3d112e7fc1e65486 Mon Sep 17 00:00:00 2001
From: Friendika
Date: Mon, 19 Sep 2011 22:21:55 -0700
Subject: allow setting all the bookmarked URL fields via script/API
---
mod/parse_url.php | 113 +++++++++++++++++++++++++++++++++---------------------
1 file changed, 70 insertions(+), 43 deletions(-)
(limited to 'mod')
diff --git a/mod/parse_url.php b/mod/parse_url.php
index 79c336ddc..89ef24f87 100644
--- a/mod/parse_url.php
+++ b/mod/parse_url.php
@@ -5,13 +5,21 @@ require_once('library/HTMLPurifier.auto.php');
function parse_url_content(&$a) {
- logger('parse_url: ' . $_GET['url']);
+ $text = null;
+
+ if(x($_GET,'binurl'))
+ $url = trim(hex2bin($_GET['binurl']));
+ else
+ $url = trim($_GET['url']);
+
+ if($_GET['title'])
+ $title = strip_tags(trim($_GET['title']));
- $url = trim(hex2bin($_GET['url']));
+ if($_GET['desc'])
+ $text = strip_tags(trim($_GET['desc']));
logger('parse_url: ' . $url);
- $text = null;
$template = "
%s%s
";
@@ -25,6 +33,20 @@ function parse_url_content(&$a) {
killme();
}
+ if($url && $title && $text) {
+
+ $text = '
' . $text . '
';
+ $title = str_replace(array("\r","\n"),array('',''),$title);
+
+ $result = sprintf($template,$url,($title) ? $title : $url,$text);
+
+ logger('parse_url (unparsed): returns: ' . $result);
+
+ echo $result;
+ killme();
+ }
+
+
if($url) {
$s = fetch_url($url);
} else {
@@ -39,10 +61,12 @@ function parse_url_content(&$a) {
killme();
}
- if(strpos($s,'')) {
- $title = substr($s,strpos($s,'')+7,64);
- if(strpos($title,'<') !== false)
- $title = strip_tags(substr($title,0,strpos($title,'<')));
+ if(! $title) {
+ if(strpos($s,'')) {
+ $title = substr($s,strpos($s,'')+7,64);
+ if(strpos($title,'<') !== false)
+ $title = strip_tags(substr($title,0,strpos($title,'<')));
+ }
}
$config = HTMLPurifier_Config::createDefault();
@@ -69,48 +93,51 @@ function parse_url_content(&$a) {
}
}
- $divs = $dom->getElementsByTagName('div');
- if($divs) {
- foreach($divs as $div) {
- $class = $div->getAttribute('class');
- if($class && (stristr($class,'article') || stristr($class,'content'))) {
- $items = $div->getElementsByTagName('p');
- if($items) {
- foreach($items as $item) {
- $text = $item->textContent;
- if(stristr($text,'\r\n";
}
--
cgit v1.2.3
From 7ea6b0a1264ec0c1cdb18a82b6a4f11e570f0e83 Mon Sep 17 00:00:00 2001
From: Friendika
Date: Fri, 23 Sep 2011 05:03:12 -0700
Subject: fix message ordering glitch on network page
---
mod/network.php | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
(limited to 'mod')
diff --git a/mod/network.php b/mod/network.php
index c168f96eb..dd22e7d5b 100644
--- a/mod/network.php
+++ b/mod/network.php
@@ -358,7 +358,7 @@ function network_content(&$a, $update = 0) {
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
AND `item`.`parent` = `parentitem`.`id` AND `item`.`parent` IN ( %s )
$sql_extra
- ORDER BY `parentitem`.$ordering DESC, `item`.`gravity` ASC, `item`.`created` ASC ",
+ ORDER BY `parentitem`.$ordering DESC, `parentitem`.`id` ASC, `item`.`gravity` ASC, `item`.`created` ASC ",
intval(local_user()),
dbesc($parents_str)
);
--
cgit v1.2.3
From 6a9e22550d82595c4341290ca26e3afc5fe6300f Mon Sep 17 00:00:00 2001
From: Friendika
Date: Sat, 24 Sep 2011 05:45:34 -0700
Subject: .
---
mod/display.php | 2 --
mod/friendika.php | 2 --
mod/network.php | 1 -
mod/profile.php | 1 -
mod/register.php | 3 +--
mod/search.php | 1 -
6 files changed, 1 insertion(+), 9 deletions(-)
(limited to 'mod')
diff --git a/mod/display.php b/mod/display.php
index 52a84e755..281ce1dd4 100644
--- a/mod/display.php
+++ b/mod/display.php
@@ -114,8 +114,6 @@ function display_content(&$a) {
}
- $o .= cc_license();
-
return $o;
}
diff --git a/mod/friendika.php b/mod/friendika.php
index d0e709c75..c5d7de59f 100644
--- a/mod/friendika.php
+++ b/mod/friendika.php
@@ -42,8 +42,6 @@ function friendika_content(&$a) {
$o .= t('This is Friendika version') . ' ' . FRIENDIKA_VERSION . ' ';
$o .= t('running at web location') . ' ' . z_root() . '
';
- $o .= t('Shared content within the Friendika network is provided under the Creative Commons Attribution 3.0 license') . '
';
-
$o .= t('Please visit Project.Friendika.com to learn more about the Friendika project.') . '
';
$o .= t('Bug reports and issues: please visit') . ' ' . 'Bugs.Friendika.com
';
diff --git a/mod/network.php b/mod/network.php
index dd22e7d5b..63d344db3 100644
--- a/mod/network.php
+++ b/mod/network.php
@@ -374,7 +374,6 @@ function network_content(&$a, $update = 0) {
if(! $update) {
$o .= paginate($a);
- $o .= cc_license();
}
return $o;
diff --git a/mod/profile.php b/mod/profile.php
index 2dd5df758..b09251cd5 100644
--- a/mod/profile.php
+++ b/mod/profile.php
@@ -238,7 +238,6 @@ function profile_content(&$a, $update = 0) {
if(! $update) {
$o .= paginate($a);
- $o .= cc_license();
}
return $o;
diff --git a/mod/register.php b/mod/register.php
index 5fceebd4b..85e1f9faa 100644
--- a/mod/register.php
+++ b/mod/register.php
@@ -501,8 +501,7 @@ function register_content(&$a) {
}
- $license = cc_license();
-
+ $license = '';
$o = get_markup_template("register.tpl");
$o = replace_macros($o, array(
diff --git a/mod/search.php b/mod/search.php
index d22fea6ff..d150b2e1e 100644
--- a/mod/search.php
+++ b/mod/search.php
@@ -145,7 +145,6 @@ function search_content(&$a) {
$o .= conversation($a,$r,'search',false);
$o .= paginate($a);
- $o .= cc_license();
return $o;
}
--
cgit v1.2.3
From cb1c6dd1e37ccbbea47867faf0142e5d2f653624 Mon Sep 17 00:00:00 2001
From: Devlon Duthie
Date: Sun, 25 Sep 2011 13:20:19 -0500
Subject: really commiting files this time, still getting the hang of git. some
images added, some classes added to groupidebar, contacts sidebar
notification flags moved out of nav and into banner for testbubble the
testbubble css tweaks
---
mod/contacts.php | 11 +++--
mod/network.php | 136 ++++++++++++++++++++++++++++++++++---------------------
mod/photos.php | 11 +++--
3 files changed, 98 insertions(+), 60 deletions(-)
(limited to 'mod')
diff --git a/mod/contacts.php b/mod/contacts.php
index 307e9b15b..24613a994 100644
--- a/mod/contacts.php
+++ b/mod/contacts.php
@@ -36,15 +36,16 @@ function contacts_init(&$a) {
elseif($a->config['register_policy'] != REGISTER_CLOSED)
$a->page['aside'] .= $inv;
-
- $a->page['aside'] .= '';
-
$tpl = get_markup_template('follow.tpl');
+
+ $findSimilarLink = '';
+
$a->page['aside'] .= replace_macros($tpl,array(
'$label' => t('Connect/Follow'),
'$hint' => t('Example: bob@example.com, http://example.com/barbara'),
- '$follow' => t('Follow')
+ '$follow' => t('Follow'),
+ '$findSimilar' => $findSimilarLink
));
diff --git a/mod/network.php b/mod/network.php
index dd22e7d5b..927f7b24e 100644
--- a/mod/network.php
+++ b/mod/network.php
@@ -17,12 +17,12 @@ function network_init(&$a) {
// We need a better way of managing a growing argument list
- $srchurl = '/network'
- . ((x($_GET,'cid')) ? '?cid=' . $_GET['cid'] : '')
- . ((x($_GET,'star')) ? '?star=' . $_GET['star'] : '')
- . ((x($_GET,'order')) ? '?order=' . $_GET['order'] : '')
- . ((x($_GET,'bmark')) ? '?bmark=' . $_GET['bmark'] : '');
-
+ // moved into savedsearches()
+ // $srchurl = '/network'
+ // . ((x($_GET,'cid')) ? '?cid=' . $_GET['cid'] : '')
+ // . ((x($_GET,'star')) ? '?star=' . $_GET['star'] : '')
+ // . ((x($_GET,'bmark')) ? '?bmark=' . $_GET['bmark'] : '');
+
if(x($_GET,'save')) {
$r = q("select * from `search` where `uid` = %d and `term` = '%s' limit 1",
intval(local_user()),
@@ -42,76 +42,110 @@ function network_init(&$a) {
);
}
- $a->page['aside'] .= search($search,'netsearch-box',$srchurl,true);
-
- $a->page['aside'] .= '';
-
-
- $a->page['aside'] .= '
';
- if(($a->argc > 1 && $a->argv[1] === 'new') || ($a->argc > 2 && $a->argv[2] === 'new') || x($_GET,'search')) {
- $a->page['aside'] .= '
' . t('View Conversations') . '';
+ // item filter tabs
+ // TODO: fix this logic, reduce duplication
+ $a->page['content'] .= '
';
+
+ $starred_active = '';
+ $new_active = '';
+ $bookmarked_active = '';
+ $all_active = '';
+ $search_active = '';
+
+ if(($a->argc > 1 && $a->argv[1] === 'new')
+ || ($a->argc > 2 && $a->argv[2] === 'new')) {
+ $new_active = 'active';
}
- else {
- $a->page['aside'] .= '
' . t('View New Items') . '';
-
- if(x($_GET,'star'))
- $a->page['aside'] .= '
';
- else
- $a->page['aside'] .= '
';
-
- if(! $_GET['bmark'])
- $a->page['aside'] .= '
';
-
-
+
+ if(x($_GET,'search')) {
+ $search_active = 'active';
}
-
- $a->page['aside'] .= '
';
-
+
+ if(x($_GET,'star')) {
+ $starred_active = 'active';
+ }
+
+ if($_GET['bmark']) {
+ $bookmarked_active = 'active';
+ }
+
+ if (($new_active == '')
+ && ($starred_active == '')
+ && ($bookmarked_active == '')
+ && ($search_active == '')) {
+ $all_active = 'active';
+ }
+
+ // network links moved to content to match other pages
+ // all
+ $a->page['content'] .= ''
+ . t('All') . '';
+
+ // new
+ $a->page['content'] .= ''
+ . t('New') . '';
+
+ // starred
+ $a->page['content'] .= ''
+ . t('Starred') . '';
+
+ // bookmarks
+ $a->page['content'] .= ''
+ . t('Bookmarks') . '';
+
+ $a->page['content'] .= '';
+ // --- end item filter tabs
+
+ // search terms header
+ if(x($_GET,'search')) {
+ $a->page['content'] .= 'Search Results For: ' . $search . '
';
+ }
+
$a->page['aside'] .= group_side('network','network',true,$group_id);
+
+ // moved to saved searches to have it in the same div
+ //$a->page['aside'] .= search($search,'netsearch-box',$srchurl,true);
- $a->page['aside'] .= saved_searches();
+ $a->page['aside'] .= saved_searches($search);
}
-function saved_searches() {
+function saved_searches($search) {
+ $srchurl = '/network'
+ . ((x($_GET,'cid')) ? '?cid=' . $_GET['cid'] : '')
+ . ((x($_GET,'star')) ? '?star=' . $_GET['star'] : '')
+ . ((x($_GET,'bmark')) ? '?bmark=' . $_GET['bmark'] : '');
+
$o = '';
$r = q("select `term` from `search` WHERE `uid` = %d",
intval(local_user())
);
+ $o .= '' . "\r\n";
return $o;
}
-
-
function network_content(&$a, $update = 0) {
require_once('include/conversation.php');
diff --git a/mod/photos.php b/mod/photos.php
index 7141919b0..cb7df15cc 100644
--- a/mod/photos.php
+++ b/mod/photos.php
@@ -33,11 +33,14 @@ function photos_init(&$a) {
if(count($albums)) {
$a->data['albums'] = $albums;
- $o .= '';
+ $o .= '';
+ $o .= '
' . $a->data['user']['username'] . '';
$o .= '
';
-
- $o .= '
';
-
+ $o .= '
';
+
+ $o .= '