mirror of
https://codeberg.org/streams/streams.git
synced 2024-09-19 16:15:13 +00:00
Merge branch 'dev' into nomadic
This commit is contained in:
commit
253ee62d2c
22 changed files with 1475 additions and 1373 deletions
|
@ -125,7 +125,7 @@ function collect_recipients($item, &$private_envelope) {
|
|||
// This is a somewhat expensive operation but important.
|
||||
// Don't send this item to anybody who doesn't have the deliver_stream permission
|
||||
|
||||
$recipients = check_deliver_permissions($item['uid'],$recipients);
|
||||
$recipients = check_deliver_permissions($item,$recipients);
|
||||
|
||||
// Add both the author and owner (if different).
|
||||
|
||||
|
|
|
@ -3,6 +3,7 @@
|
|||
use Code\Access\Permissions;
|
||||
use Code\Access\PermissionLimits;
|
||||
use Code\Extend\Hook;
|
||||
use Code\Lib\Libzot;
|
||||
|
||||
require_once('include/security.php');
|
||||
|
||||
|
@ -515,9 +516,11 @@ function check_list_permissions($uid, $arr, $perm)
|
|||
return($result);
|
||||
}
|
||||
|
||||
function check_deliver_permissions($uid, $arr)
|
||||
function check_deliver_permissions($item, $arr, $includeMentions = false)
|
||||
{
|
||||
$result = [];
|
||||
$uid = $item['uid'] ?? 0;
|
||||
$terms = ((isset($item['term'])) ? get_terms_oftype($item['term'], [TERM_MENTION, TERM_GROUP]) : false);
|
||||
// Find actors we are not delivering to.
|
||||
$r = q("select * from abconfig where chan = %d and cat = 'system' and k = 'my_perms' and v not like '%%deliver_stream%%'",
|
||||
intval($uid)
|
||||
|
@ -533,27 +536,47 @@ function check_deliver_permissions($uid, $arr)
|
|||
|
||||
// Filter the recipient list accordingly.
|
||||
if ($arr) {
|
||||
foreach ($arr as $x) {
|
||||
foreach ($arr as $recipient) {
|
||||
$accepting = $deliverable = false;
|
||||
if (in_array($x, $theyAccept)) {
|
||||
if (in_array($recipient, $theyAccept)) {
|
||||
$accepting = true;
|
||||
}
|
||||
if (!in_array($x, $willNotSend)) {
|
||||
|
||||
if (!in_array($recipient,$willNotSend)) {
|
||||
$deliverable = true;
|
||||
}
|
||||
if ($deliverable && !$accepting) {
|
||||
if ($deliverable || !$accepting) {
|
||||
// Groups don't generally provide send_stream permission as they aren't really following you,
|
||||
// but they do allow you to send them group targeted posts.
|
||||
$r = q("select xchan_hash from xchan where xchan_hash = '%s' and xchan_type = %d ",
|
||||
dbesc($x),
|
||||
|
||||
$r = q("select xchan_hash from xchan where xchan_hash = '%s' and xchan_type = %d",
|
||||
dbesc($recipient),
|
||||
intval(XCHAN_TYPE_GROUP)
|
||||
);
|
||||
if ($r) {
|
||||
$result[] = $x;
|
||||
if ($r && !in_array($recipient, $result)) {
|
||||
$result[] = $recipient;
|
||||
continue;
|
||||
}
|
||||
}
|
||||
if ($deliverable && $accepting) {
|
||||
$result[] = $x;
|
||||
}
|
||||
|
||||
if ($deliverable && $accepting && !in_array($recipient, $result)) {
|
||||
$result[] = $recipient;
|
||||
}
|
||||
}
|
||||
// Send mentions even if you have no permission to do so. They might allow it.
|
||||
if ($terms && $includeMentions) {
|
||||
foreach ($terms as $term) {
|
||||
$r = q("select * from hubloc where (hubloc_hash = '%s' or hubloc_id_url = '%s') and hubloc_deleted = 0",
|
||||
dbesc($term['url']),
|
||||
dbesc($term['url'])
|
||||
);
|
||||
$r = Libzot::zot_record_preferred($r);
|
||||
if ($r && !in_array($r['hubloc_hash'], $result)) {
|
||||
$result[] = $r['hubloc_hash'];
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -65,7 +65,7 @@ App::$config['system']['ssl_cookie_protection'] = 1;
|
|||
// In order to perform system administration via the admin panel, admin_email
|
||||
// must precisely match the email address of the person logged in.
|
||||
|
||||
App::$config['system']['register_policy'] = REGISTER_OPEN;
|
||||
App::$config['system']['register_policy'] = REGISTER_APPROVE;
|
||||
App::$config['system']['register_text'] = '';
|
||||
App::$config['system']['admin_email'] = '';
|
||||
|
||||
|
|
|
@ -444,7 +444,7 @@ class Notifier implements DaemonInterface
|
|||
else {
|
||||
$sendto = array_merge($sendto, self::getConversationAudience($parent_item));
|
||||
}
|
||||
self::$recipients = check_deliver_permissions($target_item['uid'], $sendto);
|
||||
self::$recipients = check_deliver_permissions($target_item, $sendto);
|
||||
logger('followup relay (upstream delivery)', LOGGER_DEBUG);
|
||||
logger('replyto: upstream recipients ' . print_r(self::$recipients, true), LOGGER_DEBUG);
|
||||
|
||||
|
@ -497,7 +497,7 @@ class Notifier implements DaemonInterface
|
|||
foreach ($r as $rv) {
|
||||
self::$recipients[] = $rv['abook_xchan'];
|
||||
}
|
||||
self::$recipients = check_deliver_permissions($target_item['uid'], self::$recipients);
|
||||
self::$recipients = check_deliver_permissions($target_item, self::$recipients, true);
|
||||
}
|
||||
}
|
||||
elseif (($audience & AUDIENCE_SENDER) || ($audience & AUDIENCE_FOLLOWERS)
|
||||
|
@ -524,7 +524,7 @@ class Notifier implements DaemonInterface
|
|||
}
|
||||
}
|
||||
}
|
||||
self::$recipients = check_deliver_permissions($target_item['uid'], $sendto);
|
||||
self::$recipients = check_deliver_permissions($target_item, $sendto, ($audience & AUDIENCE_FOLLOWERS));
|
||||
}
|
||||
else {
|
||||
self::$private = false;
|
||||
|
|
48
src/Lib/DataUrl.php
Normal file
48
src/Lib/DataUrl.php
Normal file
|
@ -0,0 +1,48 @@
|
|||
<?php
|
||||
|
||||
namespace Code\Lib;
|
||||
|
||||
class DataUrl
|
||||
{
|
||||
protected $data = null;
|
||||
protected $mediaType = null;
|
||||
protected $encoding = null;
|
||||
|
||||
public function __construct($data, $mediaType = '', $encoding = '')
|
||||
{
|
||||
$this->data = $data;
|
||||
$this->mediaType = $mediaType;
|
||||
$this->encoding = $encoding;
|
||||
return $this;
|
||||
}
|
||||
|
||||
public function encode()
|
||||
{
|
||||
return 'data:' . $this->mediaType . (($this->encoding) ? ';' . $this->encoding : '') . ','
|
||||
. (($this->encoding) ? base64_encode($this->data) : urlencode($this->data));
|
||||
|
||||
}
|
||||
|
||||
public function decode()
|
||||
{
|
||||
if (str_starts_with($this->data, 'data:')) {
|
||||
$explode = explode(',', $this->data);
|
||||
if (count($explode) === 2) {
|
||||
$this->mediaType = substr($explode[0], strlen('data:'));
|
||||
if (str_ends_with($this->mediaType, ';base64')) {
|
||||
$this->encoding = 'base64';
|
||||
$this->mediaType = substr($this->mediaType, 0, strlen($this->mediaType) - strlen(';base64'));
|
||||
} else {
|
||||
$this->encoding = '';
|
||||
}
|
||||
return [
|
||||
'data' => $this->encoding ? base64_decode($this->data) : urldecode($this->data),
|
||||
'encoding' => $this->encoding,
|
||||
'mediaType' => $this->mediaType ?: 'text/plain;charset=US-ASCII',
|
||||
];
|
||||
}
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
}
|
|
@ -124,7 +124,7 @@ class Embedphotos extends Controller
|
|||
$alt = ' alt="' . $alt . '"';
|
||||
|
||||
$output = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $resource . ']'
|
||||
. '[zmg width="' . $r[0]['width'] . '" height="' . $r[0]['height'] . '"' . $alt . ']'
|
||||
. '[zmg width="' . $r[0]['width'] . '" height="' . $r[0]['height'] . '"' . "\n\n" . $alt . "\n\n" . ']'
|
||||
. z_root() . '/photo/' . $resource . '-' . $resolution . $ext . '[/zmg][/zrl]';
|
||||
|
||||
return $output;
|
||||
|
@ -158,8 +158,9 @@ class Embedphotos extends Controller
|
|||
$url = $url . '?token=' . $token;
|
||||
}
|
||||
|
||||
$output .= '[zmg width="' . $image['width'] . '" height="' . $image['height'] . '" ' . "\n\n" . $alt . "\n\n" . ']'
|
||||
. $url . '[/zmg]' . "\n\n";
|
||||
$output .= '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $image['resource_id'] . ']'
|
||||
. '[zmg width="' . $image['width'] . '" height="' . $image['height'] . '" ' . "\n\n" . $alt . "\n\n" . ']'
|
||||
. $url . '[/zmg][/zrl]' . "\n\n";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -85,6 +85,20 @@ class Register extends Controller
|
|||
|
||||
$email_verify = get_config('system', 'verify_email');
|
||||
|
||||
// If this is the first account to be created, the login email must match the
|
||||
// admin email. Other attempts will be rejected. If it is the admin email, bypass
|
||||
// some restrictive policies.
|
||||
|
||||
$totalAccounts = Account::account_total();
|
||||
if ($totalAccounts === 0) {
|
||||
if (Account::check_admin($_POST)) {
|
||||
$policy = REGISTER_OPEN;
|
||||
$email_verify = false;
|
||||
} else {
|
||||
notice(t('The first account <strong>must</strong> be registered using the admin email which was supplied during setup.') . EOL);
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
switch ($policy) {
|
||||
case REGISTER_OPEN:
|
||||
|
@ -125,8 +139,10 @@ class Register extends Controller
|
|||
return;
|
||||
}
|
||||
|
||||
require_once('include/security.php');
|
||||
// At this point the account has been created without error. Purge any error messages from prior failed
|
||||
// registration attempts which haven't yet been delivered to the browser and start fresh.
|
||||
|
||||
$_SESSION['sysmsg'] = [];
|
||||
|
||||
if ($_REQUEST['name']) {
|
||||
set_aconfig($result['account']['account_id'], 'register', 'channel_name', $_REQUEST['name']);
|
||||
|
@ -141,12 +157,6 @@ class Register extends Controller
|
|||
set_aconfig($result['account']['account_id'], 'register', 'reason', substr(trim(escape_tags($_REQUEST['reason'])),0, 500));
|
||||
}
|
||||
|
||||
// At this point the account has been created without error. Purge any error messages from prior failed registration
|
||||
// attempts which haven't yet been delivered to the browser and start fresh. If you're willing to figure out why they
|
||||
// weren't delivered to the browser please adopt zap issue 34.
|
||||
|
||||
$_SESSION['sysmsg'] = [];
|
||||
|
||||
$using_invites = intval(get_config('system', 'invitation_only'));
|
||||
$num_invites = intval(get_config('system', 'number_invites'));
|
||||
$invite_code = ((x($_POST, 'invite_code')) ? notags(trim($_POST['invite_code'])) : '');
|
||||
|
@ -164,7 +174,7 @@ class Register extends Controller
|
|||
$res = Account::send_register_success_email($result['email'], $result['password']);
|
||||
}
|
||||
if ($res) {
|
||||
if ($invite_code) {
|
||||
if ($invite_code || !$email_verify) {
|
||||
info(t('Registration successful. Continue to create your first channel...') . EOL);
|
||||
} else {
|
||||
info(t('Registration successful. Please check your email for validation instructions.') . EOL);
|
||||
|
@ -215,13 +225,21 @@ class Register extends Controller
|
|||
|
||||
public function get()
|
||||
{
|
||||
|
||||
$registration_is = EMPTY_STR;
|
||||
$other_sites = false;
|
||||
$policy = (int)Config::Get('system','register_policy');
|
||||
$email_verify = get_config('system', 'verify_email');
|
||||
|
||||
if ($policy === REGISTER_CLOSED) {
|
||||
$totalAccounts = Account::account_total();
|
||||
if($totalAccounts === 0) {
|
||||
$policy = REGISTER_OPEN;
|
||||
$email_verify = false;
|
||||
info( t('Please use the admin email address supplied during setup.') . EOL);
|
||||
}
|
||||
|
||||
if ($policy === REGISTER_CLOSED && !is_site_admin()) {
|
||||
notice(t('Registration on this website is disabled.') . EOL);
|
||||
$registration_is = t('Registration on this website is disabled.');
|
||||
$other_sites = true;
|
||||
}
|
||||
|
||||
|
@ -298,8 +316,6 @@ class Register extends Controller
|
|||
|
||||
$auto_create = (bool)get_config('system', 'auto_channel_create');
|
||||
$default_role = get_config('system', 'default_permissions_role', 'social_restricted');
|
||||
$email_verify = get_config('system', 'verify_email');
|
||||
|
||||
|
||||
$o = replace_macros(Theme::get_template('register.tpl'), [
|
||||
'$form_security_token' => get_form_security_token("register"),
|
||||
|
@ -321,6 +337,7 @@ class Register extends Controller
|
|||
'$pass1' => $password,
|
||||
'$pass2' => $password2,
|
||||
'$reason' => $reason,
|
||||
'$disabled' => $policy === REGISTER_CLOSED && !is_site_admin(),
|
||||
'$submit' => t('Register'),
|
||||
'$verify_note' => (($email_verify) ? t('This site requires email verification. After completing this form, please check your email for further instructions.') : ''),
|
||||
]);
|
||||
|
|
|
@ -47,7 +47,7 @@ if($argc > 1 && $argv[1] === 'list') {
|
|||
|
||||
|
||||
if($argc > 2 && $argv[1] === 'add' && intval($argv[2])) {
|
||||
$r = q('update account set account_roles = (account_roles | 4096) where account_id = %d',
|
||||
$r = q('update account set account_roles = 4096, account_flags = 0 where account_id = %d',
|
||||
intval($argv[2])
|
||||
);
|
||||
}
|
||||
|
|
2671
util/messages.po
2671
util/messages.po
File diff suppressed because it is too large
Load diff
|
@ -1,2 +1,2 @@
|
|||
<?php
|
||||
define ('STD_VERSION', '24.06.10');
|
||||
define ('STD_VERSION', '24.06.14');
|
||||
|
|
|
@ -50,7 +50,7 @@ App::$config['system']['ssl_cookie_protection'] = 1;
|
|||
// to the email address of an already registered person who can authorise
|
||||
// and/or approve/deny the request.
|
||||
|
||||
App::$config['system']['register_policy'] = REGISTER_OPEN;
|
||||
App::$config['system']['register_policy'] = REGISTER_APPROVE;
|
||||
App::$config['system']['register_text'] = '';
|
||||
App::$config['system']['admin_email'] = '{{$adminmail}}';
|
||||
|
||||
|
|
|
@ -51,7 +51,7 @@ App::$config['system']['ssl_cookie_protection'] = 1;
|
|||
// to the email address of an already registered person who can authorise
|
||||
// and/or approve/deny the request.
|
||||
|
||||
App::$config['system']['register_policy'] = REGISTER_OPEN;
|
||||
App::$config['system']['register_policy'] = REGISTER_APPROVE;
|
||||
App::$config['system']['register_text'] = '';
|
||||
App::$config['system']['admin_email'] = '{{$adminmail}}';
|
||||
|
||||
|
|
|
@ -51,7 +51,7 @@ App::$config['system']['ssl_cookie_protection'] = 1;
|
|||
// to the email address of an already registered person who can authorise
|
||||
// and/or approve/deny the request.
|
||||
|
||||
App::$config['system']['register_policy'] = REGISTER_OPEN;
|
||||
App::$config['system']['register_policy'] = REGISTER_APPROVE;
|
||||
App::$config['system']['register_text'] = '';
|
||||
App::$config['system']['admin_email'] = '{{$adminmail}}';
|
||||
|
||||
|
|
|
@ -51,7 +51,7 @@ App::$config['system']['ssl_cookie_protection'] = 1;
|
|||
// to the email address of an already registered person who can authorise
|
||||
// and/or approve/deny the request.
|
||||
|
||||
App::$config['system']['register_policy'] = REGISTER_OPEN;
|
||||
App::$config['system']['register_policy'] = REGISTER_APPROVE;
|
||||
App::$config['system']['register_text'] = '';
|
||||
App::$config['system']['admin_email'] = '{{$adminmail}}';
|
||||
|
||||
|
|
|
@ -50,7 +50,7 @@ App::$config['system']['ssl_cookie_protection'] = 1;
|
|||
// to the email address of an already registered person who can authorise
|
||||
// and/or approve/deny the request.
|
||||
|
||||
App::$config['system']['register_policy'] = REGISTER_OPEN;
|
||||
App::$config['system']['register_policy'] = REGISTER_APPROVE;
|
||||
App::$config['system']['register_text'] = '';
|
||||
App::$config['system']['admin_email'] = '{{$adminmail}}';
|
||||
|
||||
|
|
|
@ -51,7 +51,7 @@ App::$config['system']['ssl_cookie_protection'] = 1;
|
|||
// to the email address of an already registered person who can authorise
|
||||
// and/or approve/deny the request.
|
||||
|
||||
App::$config['system']['register_policy'] = REGISTER_OPEN;
|
||||
App::$config['system']['register_policy'] = REGISTER_APPROVE;
|
||||
App::$config['system']['register_text'] = '';
|
||||
App::$config['system']['admin_email'] = '{{$adminmail}}';
|
||||
|
||||
|
|
|
@ -51,7 +51,7 @@ App::$config['system']['ssl_cookie_protection'] = 1;
|
|||
// to the email address of an already registered person who can authorise
|
||||
// and/or approve/deny the request.
|
||||
|
||||
App::$config['system']['register_policy'] = REGISTER_OPEN;
|
||||
App::$config['system']['register_policy'] = REGISTER_APPROVE;
|
||||
App::$config['system']['register_text'] = '';
|
||||
App::$config['system']['admin_email'] = '{{$adminmail}}';
|
||||
|
||||
|
|
|
@ -52,7 +52,7 @@ App::$config['system']['ssl_cookie_protection'] = 1;
|
|||
// REGISTER_APPROVE wymaga ustawienia 'admin_email' na adres e-mail już
|
||||
// zarejestrowanej osoby, która może autoryzować i/lub zatwierdź/odrzuć wniosek.
|
||||
|
||||
App::$config['system']['register_policy'] = REGISTER_OPEN;
|
||||
App::$config['system']['register_policy'] = REGISTER_APPROVE;
|
||||
App::$config['system']['register_text'] = '';
|
||||
App::$config['system']['admin_email'] = '{{$adminmail}}';
|
||||
|
||||
|
|
|
@ -51,7 +51,7 @@ App::$config['system']['ssl_cookie_protection'] = 1;
|
|||
// to the email address of an already registered person who can authorise
|
||||
// and/or approve/deny the request.
|
||||
|
||||
App::$config['system']['register_policy'] = REGISTER_OPEN;
|
||||
App::$config['system']['register_policy'] = REGISTER_APPROVE;
|
||||
App::$config['system']['register_text'] = '';
|
||||
App::$config['system']['admin_email'] = '{{$adminmail}}';
|
||||
|
||||
|
|
|
@ -51,7 +51,7 @@ App::$config['system']['ssl_cookie_protection'] = 1;
|
|||
// to the email address of an already registered person who can authorise
|
||||
// and/or approve/deny the request.
|
||||
|
||||
App::$config['system']['register_policy'] = REGISTER_OPEN;
|
||||
App::$config['system']['register_policy'] = REGISTER_APPROVE;
|
||||
App::$config['system']['register_text'] = '';
|
||||
App::$config['system']['admin_email'] = '{{$adminmail}}';
|
||||
|
||||
|
|
|
@ -51,7 +51,7 @@ App::$config['system']['ssl_cookie_protection'] = 1;
|
|||
// to the email address of an already registered person who can authorise
|
||||
// and/or approve/deny the request.
|
||||
|
||||
App::$config['system']['register_policy'] = REGISTER_OPEN;
|
||||
App::$config['system']['register_policy'] = REGISTER_APPROVE;
|
||||
App::$config['system']['register_text'] = '';
|
||||
App::$config['system']['admin_email'] = '{{$adminmail}}';
|
||||
|
||||
|
|
|
@ -60,7 +60,7 @@
|
|||
{{include file="field_input.tpl" field=$phrase}}
|
||||
{{/if}}
|
||||
|
||||
<button class="btn btn-primary" type="submit" name="submit" id="newchannel-submit-button" value="{{$submit}}">{{$submit}}</button>
|
||||
<button class="btn btn-primary" type="submit" name="submit" id="newchannel-submit-button" {{if $disabled}}disabled="disabled" {{/if}}value="{{$submit}}">{{$submit}}</button>
|
||||
<div id="register-submit-end" class="register-field-end"></div>
|
||||
</form>
|
||||
<br>
|
||||
|
|
Loading…
Reference in a new issue