streams/mod/rpost.php

<?php /** @file */

require_once('acl_selectors.php');
require_once('include/crypto.php');
require_once('include/items.php');
require_once('include/taxonomy.php');
require_once('include/conversation.php');
require_once('include/zot.php');

/**
 * remote post
 * 
 * https://yoursite/rpost?f=&title=&body=&remote_return=
 *
 * This can be called via either GET or POST, use POST for long body content as suhosin often limits GET parameter length
 *
 * f= placeholder, often required
 * title= Title of post
 * body= Body of post
 * url= URL which will be parsed and the results appended to the body
 * source= Source application
 * remote_return= absolute URL to return after posting is finished
 * type= choices are 'html' or 'bbcode', default is 'bbcode'
 *
 */


function rpost_content(&$a) {

	$o = '';

	if(! local_channel()) {
		if(remote_channel()) {
			// redirect to your own site.
			// We can only do this with a GET request so you'll need to keep the text short or risk getting truncated
			// by the wretched beast called 'suhosin'. All the browsers now allow long GET requests, but suhosin
			// blocks them.

			$url = get_rpost_path($a->get_observer());
			// make sure we're not looping to our own hub
			if(($url) && (! stristr($url, $a->get_hostname()))) {
				foreach($_REQUEST as $key => $arg) {
					$url .= '&' . $key . '=' . $arg;
				}
				goaway($url);
			}
		}

		// The login procedure is going to bugger our $_REQUEST variables
		// so save them in the session.

		if(array_key_exists('body',$_REQUEST)) {
			$_SESSION['rpost'] = $_REQUEST;
		}
		return login();
	}

	// If we have saved rpost session variables, but nothing in the current $_REQUEST, recover the saved variables

	if((! array_key_exists('body',$_REQUEST)) && (array_key_exists('rpost',$_SESSION))) {
		$_REQUEST = $_SESSION['rpost'];
		unset($_SESSION['rpost']);
	}

	if(array_key_exists('channel',$_REQUEST)) {
		$r = q("select channel_id from channel where channel_account_id = %d and channel_address = '%s' limit 1",
			intval(get_account_id()),
			dbesc($_REQUEST['channel'])
		);
		if($r) {
			require_once('include/security.php');
			$change = change_channel($r[0]['channel_id']);
		}
	}

	if($_REQUEST['remote_return']) {
		$_SESSION['remote_return'] = $_REQUEST['remote_return'];
	}
	if(argc() > 1 && argv(1) === 'return') {
		if($_SESSION['remote_return'])
			goaway($_SESSION['remote_return']);
		goaway(z_root() . '/network');
	}

	$plaintext = true;
//	if(feature_enabled(local_channel(),'richtext'))
//		$plaintext = false;

	if(array_key_exists('type', $_REQUEST) && $_REQUEST['type'] === 'html') {
		require_once('include/html2bbcode.php');
		$_REQUEST['body'] = html2bbcode($_REQUEST['body']); 
	}

	$channel = $a->get_channel();

	$channel_acl = array(
		'allow_cid' => $channel['channel_allow_cid'],
		'allow_gid' => $channel['channel_allow_gid'],
		'deny_cid'  => $channel['channel_deny_cid'],
		'deny_gid'  => $channel['channel_deny_gid']
	);

	if($_REQUEST['url']) {
		$x = z_fetch_url(z_root() . '/parse_url?f=&url=' . urlencode($_REQUEST['url']));
		if($x['success'])
			$_REQUEST['body'] = $_REQUEST['body'] . $x['body'];
	}

	$x = array(
		'is_owner' => true,
		'allow_location' => ((intval(get_pconfig($channel['channel_id'],'system','use_browser_location'))) ? '1' : ''),
		'default_location' => $channel['channel_location'],
		'nickname' => $channel['channel_address'],
		'lockstate' => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] 
			|| $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
		'acl' => populate_acl($channel_acl),
		'bang' => '',
		'visitor' => true,
		'profile_uid' => local_channel(),
		'title' => $_REQUEST['title'],
		'body' => $_REQUEST['body'],
		'attachment' => $_REQUEST['attachment'],
		'source' => ((x($_REQUEST,'source')) ? strip_tags($_REQUEST['source']) : ''),
		'return_path' => 'rpost/return'
	);

	$editor = status_editor($a,$x);

	$o .= replace_macros(get_markup_template('edpost_head.tpl'), array(
		'$title' => t('Edit post'),
		'$editor' => $editor
	));

	return $o;

}
remote post module so that from anywhere on the web or at least within the matrix you'll be able to share content or we can have apps on other sites that post status updates on your wall. All with your permission of course as you'll have to click "share" to actually post it. 2013-10-28 03:01:28 +00:00			`<?php /** @file */`

			`require_once('acl_selectors.php');`
			`require_once('include/crypto.php');`
			`require_once('include/items.php');`
			`require_once('include/taxonomy.php');`
			`require_once('include/conversation.php');`
send rpost requests from remote sites back to yours. 2013-10-30 04:49:10 +00:00			`require_once('include/zot.php');`
remote post module so that from anywhere on the web or at least within the matrix you'll be able to share content or we can have apps on other sites that post status updates on your wall. All with your permission of course as you'll have to click "share" to actually post it. 2013-10-28 03:01:28 +00:00
			`/**`
			`* remote post`
			`*`
			`* https://yoursite/rpost?f=&title=&body=&remote_return=`
			`*`
			`* This can be called via either GET or POST, use POST for long body content as suhosin often limits GET parameter length`
			`*`
			`* f= placeholder, often required`
			`* title= Title of post`
			`* body= Body of post`
config to hide version tag from siteinfo - on my site it's meaningless. 2015-03-20 23:46:07 +00:00			`* url= URL which will be parsed and the results appended to the body`
allow rpost to set source app 2013-11-15 11:10:00 +00:00			`* source= Source application`
remote post module so that from anywhere on the web or at least within the matrix you'll be able to share content or we can have apps on other sites that post status updates on your wall. All with your permission of course as you'll have to click "share" to actually post it. 2013-10-28 03:01:28 +00:00			`* remote_return= absolute URL to return after posting is finished`
fix order of args for array_key_exists and allow rpost to accept html 2013-10-31 04:36:33 +00:00			`* type= choices are 'html' or 'bbcode', default is 'bbcode'`
remote post module so that from anywhere on the web or at least within the matrix you'll be able to share content or we can have apps on other sites that post status updates on your wall. All with your permission of course as you'll have to click "share" to actually post it. 2013-10-28 03:01:28 +00:00			`*`
			`*/`



			`function rpost_content(&$a) {`

			`$o = '';`

local_user => local_channel 2015-01-29 04:56:04 +00:00			`if(! local_channel()) {`
remote_user => remote_channel 2015-01-29 04:58:59 +00:00			`if(remote_channel()) {`
rpost bbcode tag 2013-10-30 01:46:51 +00:00			`// redirect to your own site.`
			`// We can only do this with a GET request so you'll need to keep the text short or risk getting truncated`
remote "add bookmark" - like rpost but saves a bookmark from a remote hub into one of your own bookmark folders (or a new one if desired). 2014-02-25 04:46:52 +00:00			`// by the wretched beast called 'suhosin'. All the browsers now allow long GET requests, but suhosin`
rpost bbcode tag 2013-10-30 01:46:51 +00:00			`// blocks them.`

send rpost requests from remote sites back to yours. 2013-10-30 04:49:10 +00:00			`$url = get_rpost_path($a->get_observer());`
prevent loops 2013-10-30 04:52:46 +00:00			`// make sure we're not looping to our own hub`
			`if(($url) && (! stristr($url, $a->get_hostname()))) {`
send rpost requests from remote sites back to yours. 2013-10-30 04:49:10 +00:00			`foreach($_REQUEST as $key => $arg) {`
			`$url .= '&' . $key . '=' . $arg;`
			`}`
			`goaway($url);`
			`}`
rpost bbcode tag 2013-10-30 01:46:51 +00:00			`}`

allow rpost parameters to survive a login if you weren't locally logged in at the time. 2013-10-31 03:42:43 +00:00			`// The login procedure is going to bugger our $_REQUEST variables`
			`// so save them in the session.`

fix order of args for array_key_exists and allow rpost to accept html 2013-10-31 04:36:33 +00:00			`if(array_key_exists('body',$_REQUEST)) {`
allow rpost parameters to survive a login if you weren't locally logged in at the time. 2013-10-31 03:42:43 +00:00			`$_SESSION['rpost'] = $_REQUEST;`
			`}`
remote post module so that from anywhere on the web or at least within the matrix you'll be able to share content or we can have apps on other sites that post status updates on your wall. All with your permission of course as you'll have to click "share" to actually post it. 2013-10-28 03:01:28 +00:00			`return login();`
			`}`

allow rpost parameters to survive a login if you weren't locally logged in at the time. 2013-10-31 03:42:43 +00:00			`// If we have saved rpost session variables, but nothing in the current $_REQUEST, recover the saved variables`

fix order of args for array_key_exists and allow rpost to accept html 2013-10-31 04:36:33 +00:00			`if((! array_key_exists('body',$_REQUEST)) && (array_key_exists('rpost',$_SESSION))) {`
allow rpost parameters to survive a login if you weren't locally logged in at the time. 2013-10-31 03:42:43 +00:00			`$_REQUEST = $_SESSION['rpost'];`
			`unset($_SESSION['rpost']);`
			`}`

allow rpost to take a channel argument (the channel nickname) and change channel to that if it's valid 2014-06-09 23:57:01 +00:00			`if(array_key_exists('channel',$_REQUEST)) {`
			`$r = q("select channel_id from channel where channel_account_id = %d and channel_address = '%s' limit 1",`
			`intval(get_account_id()),`
			`dbesc($_REQUEST['channel'])`
			`);`
			`if($r) {`
			`require_once('include/security.php');`
			`$change = change_channel($r[0]['channel_id']);`
			`}`
			`}`

remote post module so that from anywhere on the web or at least within the matrix you'll be able to share content or we can have apps on other sites that post status updates on your wall. All with your permission of course as you'll have to click "share" to actually post it. 2013-10-28 03:01:28 +00:00			`if($_REQUEST['remote_return']) {`
			`$_SESSION['remote_return'] = $_REQUEST['remote_return'];`
			`}`
after rposting - if there's no remote_return, go to your matrix page rather than leave you on a blank rpost page. 2014-01-27 23:25:04 +00:00			`if(argc() > 1 && argv(1) === 'return') {`
			`if($_SESSION['remote_return'])`
			`goaway($_SESSION['remote_return']);`
			`goaway(z_root() . '/network');`
remote post module so that from anywhere on the web or at least within the matrix you'll be able to share content or we can have apps on other sites that post status updates on your wall. All with your permission of course as you'll have to click "share" to actually post it. 2013-10-28 03:01:28 +00:00			`}`

			`$plaintext = true;`
local_user => local_channel 2015-01-29 04:56:04 +00:00			`// if(feature_enabled(local_channel(),'richtext'))`
rule of snakes #1, kill the snake. tinymce is gone. if you want a visual editor, figure out what you want and make it happen. If you don't want a visual editor, do nothing. This is in the community's hands. I don't need a visual editor. 2014-06-28 12:05:34 +00:00			`// $plaintext = false;`
remote post module so that from anywhere on the web or at least within the matrix you'll be able to share content or we can have apps on other sites that post status updates on your wall. All with your permission of course as you'll have to click "share" to actually post it. 2013-10-28 03:01:28 +00:00
fix order of args for array_key_exists and allow rpost to accept html 2013-10-31 04:36:33 +00:00			`if(array_key_exists('type', $_REQUEST) && $_REQUEST['type'] === 'html') {`
			`require_once('include/html2bbcode.php');`
			`$_REQUEST['body'] = html2bbcode($_REQUEST['body']);`
			`}`
remote post module so that from anywhere on the web or at least within the matrix you'll be able to share content or we can have apps on other sites that post status updates on your wall. All with your permission of course as you'll have to click "share" to actually post it. 2013-10-28 03:01:28 +00:00
			`$channel = $a->get_channel();`

make rpost respect default post permissions 2015-04-16 09:15:04 +00:00			`$channel_acl = array(`
			`'allow_cid' => $channel['channel_allow_cid'],`
			`'allow_gid' => $channel['channel_allow_gid'],`
			`'deny_cid' => $channel['channel_deny_cid'],`
			`'deny_gid' => $channel['channel_deny_gid']`
			`);`

call parse_url from rpost and add the result to the content body if invoked with a url argument 2015-03-19 23:41:41 +00:00			`if($_REQUEST['url']) {`
			`$x = z_fetch_url(z_root() . '/parse_url?f=&url=' . urlencode($_REQUEST['url']));`
			`if($x['success'])`
			`$_REQUEST['body'] = $_REQUEST['body'] . $x['body'];`
			`}`
remote post module so that from anywhere on the web or at least within the matrix you'll be able to share content or we can have apps on other sites that post status updates on your wall. All with your permission of course as you'll have to click "share" to actually post it. 2013-10-28 03:01:28 +00:00
			`$x = array(`
			`'is_owner' => true,`
			`'allow_location' => ((intval(get_pconfig($channel['channel_id'],'system','use_browser_location'))) ? '1' : ''),`
			`'default_location' => $channel['channel_location'],`
			`'nickname' => $channel['channel_address'],`
			`'lockstate' => (($channel['channel_allow_cid'] \|\| $channel['channel_allow_gid']`
			`\|\| $channel['channel_deny_cid'] \|\| $channel['channel_deny_gid']) ? 'lock' : 'unlock'),`
make rpost respect default post permissions 2015-04-16 09:15:04 +00:00			`'acl' => populate_acl($channel_acl),`
remote post module so that from anywhere on the web or at least within the matrix you'll be able to share content or we can have apps on other sites that post status updates on your wall. All with your permission of course as you'll have to click "share" to actually post it. 2013-10-28 03:01:28 +00:00			`'bang' => '',`
change the way jot tools are displayed/hidden 2014-04-08 20:07:06 +00:00			`'visitor' => true,`
local_user => local_channel 2015-01-29 04:56:04 +00:00			`'profile_uid' => local_channel(),`
remote post module so that from anywhere on the web or at least within the matrix you'll be able to share content or we can have apps on other sites that post status updates on your wall. All with your permission of course as you'll have to click "share" to actually post it. 2013-10-28 03:01:28 +00:00			`'title' => $_REQUEST['title'],`
			`'body' => $_REQUEST['body'],`
provide a separate input field for rpost attachments 2015-04-16 21:26:11 +00:00			`'attachment' => $_REQUEST['attachment'],`
allow rpost to set source app 2013-11-15 11:10:00 +00:00			`'source' => ((x($_REQUEST,'source')) ? strip_tags($_REQUEST['source']) : ''),`
remote post module so that from anywhere on the web or at least within the matrix you'll be able to share content or we can have apps on other sites that post status updates on your wall. All with your permission of course as you'll have to click "share" to actually post it. 2013-10-28 03:01:28 +00:00			`'return_path' => 'rpost/return'`
			`);`

allow jot to be displayed expanded, remove deprected datetimepicker js and some random fixes 2015-04-17 09:20:22 +00:00			`$editor = status_editor($a,$x);`
remote post module so that from anywhere on the web or at least within the matrix you'll be able to share content or we can have apps on other sites that post status updates on your wall. All with your permission of course as you'll have to click "share" to actually post it. 2013-10-28 03:01:28 +00:00
allow jot to be displayed expanded, remove deprected datetimepicker js and some random fixes 2015-04-17 09:20:22 +00:00			`$o .= replace_macros(get_markup_template('edpost_head.tpl'), array(`
			`'$title' => t('Edit post'),`
			`'$editor' => $editor`
			`));`
remote post module so that from anywhere on the web or at least within the matrix you'll be able to share content or we can have apps on other sites that post status updates on your wall. All with your permission of course as you'll have to click "share" to actually post it. 2013-10-28 03:01:28 +00:00
			`return $o;`

			`}`