Streams/streams
Streams/streams
1
0
Fork 0
mirror of https://codeberg.org/streams/streams.git synced 2024-09-19 21:35:13 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Some Doxygen comments and small cleanups.

Browse source
This commit is contained in:
Klaus Weidenbach 2014-12-07 19:27:14 +01:00
parent f1367cb9f9
commit 63646a1440
6 changed files with 396 additions and 271 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

186
boot.php
View file

@ -27,7 +27,6 @@
* documented.
*/
require_once('include/config.php');
require_once('include/network.php');
require_once('include/plugin.php');
@ -614,10 +613,10 @@ function startup() {
}
/**
*
* class: App
*
* Our main application structure for the life of this page
* @brief Our main application structure for the life of this page.
*
* Primarily deals with the URL that got us here
* and tries to make some sense of it, and
* stores our page contents and config storage
@ -683,11 +682,15 @@ class App {
public $force_max_items = 0;
public $theme_thread_allow = true;
// An array for all theme-controllable parameters
// Mostly unimplemented yet. Only options 'template_engine' and
// beyond are used.
private $theme = array(
/**
* @brief An array for all theme-controllable parameters
*
* Mostly unimplemented yet. Only options 'template_engine' and
* beyond are used.
*
* @var array
*/
private $theme = array(
'sourcename' => '',
'videowidth' => 425,
'videoheight' => 350,
@ -697,9 +700,17 @@ class App {
'template_engine' => 'smarty3',
);
// array of registered template engines ('name'=>'class name')
/**
* array of registered template engines ('name'=>'class name')
*
* @var array
*/
public $template_engines = array();
// array of instanced template engines ('name'=>'instance')
/**
* array of instanced template engines ('name'=>'instance')
*
* @var array
*/
public $template_engine_instance = array();
private $ldelim = array(
@ -716,7 +727,9 @@ class App {
private $baseurl;
private $path;
/**
* App constructor.
*/
function __construct() {
// we'll reset this after we read our config file
date_default_timezone_set('UTC');
@ -759,8 +772,8 @@ class App {
set_include_path("include/$this->hostname" . PATH_SEPARATOR . get_include_path());
if((x($_SERVER,'QUERY_STRING')) && substr($_SERVER['QUERY_STRING'],0,2) === "q=") {
$this->query_string = substr($_SERVER['QUERY_STRING'],2);
if((x($_SERVER,'QUERY_STRING')) && substr($_SERVER['QUERY_STRING'], 0, 2) === "q=") {
$this->query_string = substr($_SERVER['QUERY_STRING'], 2);
// removing trailing / - maybe a nginx problem
if (substr($this->query_string, 0, 1) == "/")
$this->query_string = substr($this->query_string, 1);
@ -770,8 +783,8 @@ class App {
// unix style "homedir"
if(substr($this->cmd,0,1) === '~')
$this->cmd = 'channel/' . substr($this->cmd,1);
if(substr($this->cmd, 0, 1) === '~')
$this->cmd = 'channel/' . substr($this->cmd, 1);
/**
@ -855,7 +868,6 @@ class App {
}
function set_baseurl($url) {
if(is_array($this->config)
&& array_key_exists('system',$this->config)
&& is_array($this->config['system'])
@ -888,7 +900,7 @@ class App {
}
function set_path($p) {
$this->path = trim(trim($p),'/');
$this->path = trim(trim($p), '/');
}
function get_path() {
@ -1030,6 +1042,7 @@ class App {
* return engine defined by theme, or default
*
* @param string $name Template engine name
*
* @return object Template Engine instance
*/
function template_engine($name = ''){
@ -1056,6 +1069,11 @@ class App {
echo "template engine <tt>$template_engine</tt> is not registered!\n"; killme();
}
/**
* @brief Returns the active template engine.
*
* @return string
*/
function get_template_engine() {
return $this->theme['template_engine'];
}
@ -1097,9 +1115,13 @@ class App {
} // End App class
// retrieve the App structure
// useful in functions which require it but don't get it passed to them
/**
* @brief Retrieve the App structure.
*
* Useful in functions which require it but don't get it passed to them
*
* @return App
*/
function get_app() {
global $a;
return $a;
@ -1117,7 +1139,8 @@ function get_app() {
*
* @param string|array $s variable to check
* @param string $k key inside the array to check
* @return bool
*
* @return bool|int
*/
function x($s, $k = null) {
if($k != null) {
@ -1167,24 +1190,43 @@ function z_path() {
return $base;
}
/**
* @brief Returns the baseurl.
*
* @see App::get_baseurl()
*
* @return string
*/
function z_root() {
global $a;
return $a->get_baseurl();
}
/**
* @brief Return absolut URL for given $path.
*
* @param string $path
*
* @return string
*/
function absurl($path) {
if(strpos($path,'/') === 0)
if(strpos($path, '/') === 0)
return z_path() . $path;
return $path;
}
function os_mkdir($path,$mode = 0777,$recursive = false) {
function os_mkdir($path, $mode = 0777, $recursive = false) {
$oldumask = @umask(0);
@mkdir($path, $mode, $recursive);
@umask($oldumask);
}
/**
* @brief Function to check if request was an AJAX (xmlhttprequest) request.
*
* @return boolean
*/
function is_ajax() {
return (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest');
}
@ -1332,11 +1374,11 @@ function check_config(&$a) {
else
$installed = array();
$plugins = get_config('system','addon');
$plugins = get_config('system', 'addon');
$plugins_arr = array();
if($plugins)
$plugins_arr = explode(',',str_replace(' ', '',$plugins));
$plugins_arr = explode(',', str_replace(' ', '', $plugins));
$a->plugins = $plugins_arr;
@ -1344,7 +1386,7 @@ function check_config(&$a) {
if(count($installed)) {
foreach($installed as $i) {
if(! in_array($i['name'],$plugins_arr)) {
if(! in_array($i['name'], $plugins_arr)) {
unload_plugin($i['name']);
}
else {
@ -1355,7 +1397,7 @@ function check_config(&$a) {
if(count($plugins_arr)) {
foreach($plugins_arr as $p) {
if(! in_array($p,$installed_arr)) {
if(! in_array($p, $installed_arr)) {
load_plugin($p);
}
}
@ -1365,7 +1407,7 @@ function check_config(&$a) {
}
function fix_system_urls($oldurl,$newurl) {
function fix_system_urls($oldurl, $newurl) {
require_once('include/crypto.php');
@ -1456,7 +1498,7 @@ function login($register = false, $form_id = 'main-login', $hiddens=false) {
$a = get_app();
$o = '';
$reg = false;
$reglink = get_config('system','register_link');
$reglink = get_config('system', 'register_link');
if(! strlen($reglink))
$reglink = 'register';
@ -1472,7 +1514,7 @@ function login($register = false, $form_id = 'main-login', $hiddens=false) {
$tpl = get_markup_template("logout.tpl");
}
else {
$a->page['htmlhead'] .= replace_macros(get_markup_template("login_head.tpl"),array(
$a->page['htmlhead'] .= replace_macros(get_markup_template("login_head.tpl"), array(
'$baseurl' => $a->get_baseurl(true)
));
@ -1501,16 +1543,17 @@ function login($register = false, $form_id = 'main-login', $hiddens=false) {
}
// Used to end the current process, after saving session state.
/**
* @brief Used to end the current process, after saving session state.
*/
function killme() {
session_write_close();
exit;
}
// redirect to another URL and terminate this process.
/**
* @brief Redirect to another URL and terminate this process.
*/
function goaway($s) {
header("Location: $s");
killme();
@ -1532,7 +1575,7 @@ function get_account_id() {
}
/**
* @brief Returns the entity id of locally logged in user or false.
* @brief Returns the entity id (channel_id) of locally logged in user or false.
*
* Returns authenticated numeric channel_id if authenticated and connected to
* a channel or 0. Sometimes referred to as $uid in the code.
@ -1546,22 +1589,28 @@ function local_user() {
return false;
}
// Returns contact id of authenticated site visitor or false
/**
* @brief Returns contact id (visitor_id) of authenticated site visitor or false.
*
* @return int|bool visitor_id or false
*/
function remote_user() {
if((x($_SESSION,'authenticated')) && (x($_SESSION,'visitor_id')))
if((x($_SESSION, 'authenticated')) && (x($_SESSION, 'visitor_id')))
return $_SESSION['visitor_id'];
return false;
}
// contents of $s are displayed prominently on the page the next time
// a page is loaded. Usually used for errors or alerts.
/**
* Contents of $s are displayed prominently on the page the next time
* a page is loaded. Usually used for errors or alerts.
*
* @param string $s Text to display
*/
function notice($s) {
$a = get_app();
if(! x($_SESSION, 'sysmsg')) $_SESSION['sysmsg'] = array();
if($a->interactive) {
// shameless plug, permission is denied and they have no identity.
// There's a fairly good chance that they've not got zot.
@ -1572,7 +1621,13 @@ function notice($s) {
}
}
/**
* Contents of $s are displayed prominently on the page the next time a page is
* loaded. Usually used for information.
* For error and alerts use notice().
*
* @param string $s Text to display
*/
function info($s) {
$a = get_app();
if(! x($_SESSION, 'sysmsg_info')) $_SESSION['sysmsg_info'] = array();
@ -1736,13 +1791,19 @@ function current_theme(){
/**
* Return full URL to theme which is currently in effect.
* @brief Return full URL to theme which is currently in effect.
*
* Provide a sane default if nothing is chosen or the specified theme does not exist.
*
* @param bool $installing default false
*
* @return string
*/
function current_theme_url($installing = false) {
global $a;
$t = current_theme();
$opts = '';
$opts = (($a->profile_uid) ? '?f=&puid=' . $a->profile_uid : '');
$opts .= ((x($a->layout,'schema')) ? '&schema=' . $a->layout['schema'] : '');
@ -1761,10 +1822,12 @@ function current_theme_url($installing = false) {
*/
function is_site_admin() {
$a = get_app();
if((intval($_SESSION['authenticated']))
&& (is_array($a->account))
&& ($a->account['account_roles'] & ACCOUNT_ROLE_ADMIN))
return true;
return false;
}
@ -1816,6 +1879,7 @@ function load_contact_links($uid) {
*
* @param array $params mapped array with query parameters
* @param string $name of parameter, default null
*
* @return string
*/
function build_querystring($params, $name = null) {
@ -1857,6 +1921,11 @@ function dba_timer() {
return microtime(true);
}
/**
* @brief Returns xchan_hash from the observer.
*
* @return string Empty if no observer, otherwise xchan_hash from observer
*/
function get_observer_hash() {
$observer = get_app()->get_observer();
if(is_array($observer))
@ -1892,6 +1961,7 @@ function curPageURL() {
*
* @param App $a global application object
* @param string $navname
*
* @return mixed
*/
function get_custom_nav(&$a, $navname) {
@ -2043,12 +2113,20 @@ function construct_page(&$a) {
);
}
/**
* @brief Returns RedMatrix's root directory.
*
* @return string
*/
function appdirpath() {
return dirname(__FILE__);
}
/**
* @brief Set a pageicon.
*
* @param string $icon
*/
function head_set_icon($icon) {
global $a;
@ -2056,6 +2134,11 @@ function head_set_icon($icon) {
// logger('head_set_icon: ' . $icon);
}
/**
* @brief Get the pageicon.
*
* @return string absolut path to pageicon
*/
function head_get_icon() {
global $a;
@ -2066,6 +2149,11 @@ function head_get_icon() {
return $icon;
}
/**
* @brief Return the Realm of the directory.
*
* @return string
*/
function get_directory_realm() {
if($x = get_config('system', 'directory_realm'))
return $x;

38
include/Import/Importer.php
View file

@ -1,26 +1,28 @@
<?php /** @file */
namespace Redmatrix\Import;
namespace RedMatrix\Import;
/**
* @brief Class Import
*
* @package RedMatrix\Import
*/
class Import {
$credentials = null;
$itemlist = null;
$src_items = null;
private $credentials = null;
$items = null;
protected $itemlist = null;
protected $src_items = null;
protected $items = null;
function get_credentials() {
return $this->credentials;
}
function get_itemlist() {
return $this->itemlist;
}
function get_item_ident($item) {
}
@ -43,19 +45,17 @@ class Import {
function convert_taxonomy($item_ident) {
}
function convert_child($child) {
}
function store($item,$update = false) {
function store($item, $update = false) {
}
function run() {
$this->credentials = $this->get_credentials();
$this->itemlist = $this->get_itemlist();
if($this->itemlist) {
@ -77,18 +77,6 @@ class Import {
}
$cnt ++;
}
}
}
}

2
include/Import/refimport.php
View file

@ -13,8 +13,6 @@ require_once('include/hubloc.php');
// with a browser until all the posts had been imported.
define('REDMATRIX_IMPORTCHANNEL','mike');
define('REFLECT_EXPORTUSERNAME','mike');
define('REFLECT_BLOGNAME','Diary and Other Rantings');

114
include/permissions.php
View file

@ -1,6 +1,19 @@
<?php /** @file */
<?php
/**
* @file incldue/permissions.php
*
* This file conntains functions to check and work with permissions.
*/
/**
* @brief Return an array with all available permissions.
*
* These are channel specific permissions.
* The list of available permissions can get manipulated by the <i>hook</i>
* <b>global_permissions</b>.
*
* @return array associative array containing all permissions
*/
function get_perms() {
// thinking about making element[2] a bitmask instead of boolean so that we can provide a list of applicable selections
@ -14,8 +27,8 @@ function get_perms() {
'view_profile' => array('channel_r_profile', intval(PERMS_R_PROFILE), true, t('Can view my default channel profile'), ''),
'view_photos' => array('channel_r_photos', intval(PERMS_R_PHOTOS), true, t('Can view my photo albums'), ''),
'view_contacts' => array('channel_r_abook', intval(PERMS_R_ABOOK), true, t('Can view my connections'), ''),
'view_storage' => array('channel_r_storage', intval(PERMS_R_STORAGE), true, t('Can view my file storage'), ''),
'view_pages' => array('channel_r_pages', intval(PERMS_R_PAGES), true, t('Can view my webpages'), ''),
'view_storage' => array('channel_r_storage', intval(PERMS_R_STORAGE), true, t('Can view my file storage'), ''),
'view_pages' => array('channel_r_pages', intval(PERMS_R_PAGES), true, t('Can view my webpages'), ''),
// Write permissions
'send_stream' => array('channel_w_stream', intval(PERMS_W_STREAM), false, t('Can send me their channel stream and posts'), ''),
@ -23,19 +36,20 @@ function get_perms() {
'post_comments' => array('channel_w_comment', intval(PERMS_W_COMMENT), false, t('Can comment on or like my posts'), ''),
'post_mail' => array('channel_w_mail', intval(PERMS_W_MAIL), false, t('Can send me private mail messages'), ''),
'post_photos' => array('channel_w_photos', intval(PERMS_W_PHOTOS), false, t('Can post photos to my photo albums'), ''),
'post_like' => array('channel_w_like', intval(PERMS_W_LIKE), false, t('Can like/dislike stuff'), t('Profiles and things other than posts/comments')),
'post_like' => array('channel_w_like', intval(PERMS_W_LIKE), false, t('Can like/dislike stuff'), t('Profiles and things other than posts/comments')),
'tag_deliver' => array('channel_w_tagwall', intval(PERMS_W_TAGWALL), false, t('Can forward to all my channel contacts via post @mentions'), t('Advanced - useful for creating group forum channels')),
'chat' => array('channel_w_chat', intval(PERMS_W_CHAT), false, t('Can chat with me (when available)'), t('')),
'write_storage' => array('channel_w_storage', intval(PERMS_W_STORAGE), false, t('Can write to my file storage'), ''),
'write_pages' => array('channel_w_pages', intval(PERMS_W_PAGES), false, t('Can edit my webpages'), ''),
'write_storage' => array('channel_w_storage', intval(PERMS_W_STORAGE), false, t('Can write to my file storage'), ''),
'write_pages' => array('channel_w_pages', intval(PERMS_W_PAGES), false, t('Can edit my webpages'), ''),
'republish' => array('channel_a_republish', intval(PERMS_A_REPUBLISH), false, t('Can source my public posts in derived channels'), t('Somewhat advanced - very useful in open communities')),
'republish' => array('channel_a_republish', intval(PERMS_A_REPUBLISH), false, t('Can source my public posts in derived channels'), t('Somewhat advanced - very useful in open communities')),
'delegate' => array('channel_a_delegate', intval(PERMS_A_DELEGATE), false, t('Can administer my channel resources'), t('Extremely advanced. Leave this alone unless you know what you are doing')),
'delegate' => array('channel_a_delegate', intval(PERMS_A_DELEGATE), false, t('Can administer my channel resources'), t('Extremely advanced. Leave this alone unless you know what you are doing')),
);
$ret = array('global_permissions' => $global_perms);
call_hooks('global_permissions',$ret);
call_hooks('global_permissions', $ret);
return $ret['global_permissions'];
}
@ -43,13 +57,13 @@ function get_perms() {
/**
* get_all_perms($uid,$observer_xchan)
*
* @param $uid : The channel_id associated with the resource owner
* @param $observer_xchan: The xchan_hash representing the observer
* @param int $uid The channel_id associated with the resource owner
* @param string $observer_xchan The xchan_hash representing the observer
* @param bool $internal_use (default true)
*
* @returns: array of all permissions, key is permission name, value is true or false
* @returns array of all permissions, key is permission name, value is true or false
*/
function get_all_perms($uid,$observer_xchan,$internal_use = true) {
function get_all_perms($uid, $observer_xchan, $internal_use = true) {
$global_perms = get_perms();
@ -85,7 +99,6 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
continue;
}
// Next we're going to check for blocked or ignored contacts.
// These take priority over all other settings.
@ -105,7 +118,7 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
if(! $x) {
// not in address book, see if they've got an xchan
$y = q("select xchan_network from xchan where xchan_hash = '%s' limit 1",
dbesc($observer_xchan)
dbesc($observer_xchan)
);
}
@ -130,7 +143,7 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
// system is blocked to anybody who is not authenticated
if((! $observer_xchan) && intval(get_config('system','block_public'))) {
if((! $observer_xchan) && intval(get_config('system', 'block_public'))) {
$ret[$perm_name] = false;
continue;
}
@ -226,7 +239,6 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
$ret[$perm_name] = false;
continue;
}
$arr = array(
@ -235,11 +247,23 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
'permissions' => $ret);
call_hooks('get_all_perms',$arr);
return $arr['permissions'];
}
function perm_is_allowed($uid,$observer_xchan,$permission) {
/**
* @brief Checks if given permission is allowed for given observer on a channel.
*
* Checks if the given observer with the hash $observer_xchan has permission
* $permission on channel_id $uid.
* $permission is one defined in get_perms();
*
* @param int $uid The channel_id associated with the resource owner
* @param string $observer_xchan The xchan_hash representing the observer
* @param string $permission
* @return bool true if permission is allowed for observer on channel
*/
function perm_is_allowed($uid, $observer_xchan, $permission) {
$arr = array(
'channel_id' => $uid,
@ -247,7 +271,7 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
'permission' => $permission,
'result' => false);
call_hooks('perm_is_allowed',$arr);
call_hooks('perm_is_allowed', $arr);
if($arr['result'])
return true;
@ -286,14 +310,14 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
if(! $x) {
// not in address book, see if they've got an xchan
$y = q("select xchan_network from xchan where xchan_hash = '%s' limit 1",
dbesc($observer_xchan)
dbesc($observer_xchan)
);
}
}
// system is blocked to anybody who is not authenticated
if((! $observer_xchan) && intval(get_config('system','block_public')))
if((! $observer_xchan) && intval(get_config('system', 'block_public')))
return false;
// Check if this $uid is actually the $observer_xchan
@ -301,7 +325,6 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
if($r[0]['channel_hash'] === $observer_xchan)
return true;
if($r[0][$channel_perm] & PERMS_PUBLIC)
return true;
@ -326,6 +349,7 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
);
if($c)
return true;
return false;
}
@ -368,18 +392,25 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
// Check a simple array of observers against a permissions
// return a simple array of those with permission
function check_list_permissions($uid,$arr,$perm) {
function check_list_permissions($uid, $arr, $perm) {
$result = array();
if($arr)
foreach($arr as $x)
if(perm_is_allowed($uid,$x,$perm))
if(perm_is_allowed($uid, $x, $perm))
$result[] = $x;
return($result);
}
/**
* @brief Sets site wide default permissions.
*
* @return array
*/
function site_default_perms() {
$ret = array();
$typical = array(
'view_stream' => PERMS_PUBLIC,
'view_profile' => PERMS_PUBLIC,
@ -401,14 +432,14 @@ function site_default_perms() {
);
$global_perms = get_perms();
$ret = array();
foreach($global_perms as $perm => $v) {
$x = get_config('default_perms',$perm);
$x = get_config('default_perms', $perm);
if($x === false)
$x = $typical[$perm];
$ret[$perm] = $x;
}
return $ret;
}
@ -468,7 +499,6 @@ function get_role_perms($role) {
break;
case 'social_restricted':
$ret['perms_auto'] = false;
$ret['default_collection'] = true;
@ -501,7 +531,6 @@ function get_role_perms($role) {
break;
case 'social_private':
$ret['perms_auto'] = false;
$ret['default_collection'] = true;
@ -598,7 +627,6 @@ function get_role_perms($role) {
break;
case 'forum_private':
$ret['perms_auto'] = false;
$ret['default_collection'] = true;
@ -664,7 +692,6 @@ function get_role_perms($role) {
break;
case 'feed_restricted':
$ret['perms_auto'] = false;
$ret['default_collection'] = true;
$ret['directory_publish'] = false;
@ -758,11 +785,8 @@ function get_role_perms($role) {
break;
default:
break;
}
$x = get_config('system','role_perms');
@ -775,7 +799,12 @@ function get_role_perms($role) {
return $ret;
}
/**
* @brief Creates a HTML select field with all available roles.
*
* @param string $current The current role
* @return string Returns the complete HTML code for this privacy-role-select field.
*/
function role_selector($current) {
if(! $current)
@ -792,16 +821,17 @@ function role_selector($current) {
array('soapbox' => t('Celebrity/Soapbox'), 'repository' => t('Group Repository'))),
'other' => array( t('Other'),
array('custom' => t('Custom/Expert Mode'))));
$o = '<select name="permissions_role" id="privacy-role-select">';
foreach($roles as $k => $v) {
$o .= '<optgroup label="'. htmlspecialchars($v[0]) . '" >';
$o .= '<optgroup label="'. htmlspecialchars($v[0]) . '">';
foreach($v[1] as $kk => $vv) {
$selected = (($kk === $current) ? ' selected="selected" ' : '');
$o .= '<option value="' . $kk . '" ' . $selected . '>' . htmlspecialchars($vv) . '</option>';
$selected = (($kk === $current) ? ' selected="selected"' : '');
$o .= '<option value="' . $kk . '"' . $selected . '>' . htmlspecialchars($vv) . '</option>';
}
$o .= '</optgroup>';
}
$o .= '</select>';
return $o;
}

111
include/security.php
View file

@ -1,12 +1,24 @@
<?php /** @file */
<?php
/**
* @file include/security.php
*
* Some security related functions.
*/
function authenticate_success($user_record, $login_initial = false, $interactive = false,$return = false,$update_lastlog = false) {
/**
* @param int $user_record The account_id
* @param bool $login_initial default false
* @param bool $interactive default false
* @param bool $return
* @param bool $update_lastlog
*/
function authenticate_success($user_record, $login_initial = false, $interactive = false, $return = false, $update_lastlog = false) {
$a = get_app();
$_SESSION['addr'] = $_SERVER['REMOTE_ADDR'];
if(x($user_record,'account_id')) {
if(x($user_record, 'account_id')) {
$a->account = $user_record;
$_SESSION['account_id'] = $user_record['account_id'];
$_SESSION['authenticated'] = 1;
@ -39,7 +51,7 @@ function authenticate_success($user_record, $login_initial = false, $interactive
// might want to log success here
}
if($return || x($_SESSION,'workflow')) {
if($return || x($_SESSION, 'workflow')) {
unset($_SESSION['workflow']);
return;
}
@ -70,7 +82,13 @@ function authenticate_success($user_record, $login_initial = false, $interactive
/* else just return */
}
/**
* @brief Change to another channel with current logged-in account.
*
* @param int $change_channel The channel_id of the channel you want to change to
*
* @return bool|array false or channel record of the new channel
*/
function change_channel($change_channel) {
$ret = false;
@ -83,17 +101,17 @@ function change_channel($change_channel) {
);
// It's not there. Is this an administrator, and is this the sys channel?
if (is_developer()) {
if (! $r) {
if (is_site_admin()) {
$r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel_id = %d and ( channel_pageflags & %d) and not (channel_pageflags & %d )>0 limit 1",
intval($change_channel),
intval(PAGE_SYSTEM),
intval(PAGE_REMOVED)
);
if (is_developer()) {
if (! $r) {
if (is_site_admin()) {
$r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel_id = %d and ( channel_pageflags & %d) and not (channel_pageflags & %d )>0 limit 1",
intval($change_channel),
intval(PAGE_SYSTEM),
intval(PAGE_REMOVED)
);
}
}
}
}
if($r) {
$hash = $r[0]['channel_hash'];
@ -109,23 +127,28 @@ function change_channel($change_channel) {
);
if($x) {
$_SESSION['my_url'] = $x[0]['xchan_url'];
$_SESSION['my_address'] = $r[0]['channel_address'] . '@' . substr(get_app()->get_baseurl(),strpos(get_app()->get_baseurl(),'://')+3);
$_SESSION['my_address'] = $r[0]['channel_address'] . '@' . substr(get_app()->get_baseurl(), strpos(get_app()->get_baseurl(), '://') + 3);
get_app()->set_observer($x[0]);
get_app()->set_perms(get_all_perms(local_user(),$hash));
get_app()->set_perms(get_all_perms(local_user(), $hash));
}
if(! is_dir('store/' . $r[0]['channel_address']))
@os_mkdir('store/' . $r[0]['channel_address'], STORAGE_DEFAULT_PERMISSIONS,true);
}
return $ret;
}
function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
/**
* @brief Creates an addiontal SQL where statement to check permissions.
*
* @param int $owner_id
* @param bool $remote_verified default false, not used at all
* @param string $groups this param is not used at all
*
* @return string additional SQL where statement
*/
function permissions_sql($owner_id, $remote_verified = false, $groups = null) {
if(defined('STATUSNET_PRIVACY_COMPATIBILITY'))
return '';
@ -143,7 +166,6 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
AND allow_gid = ''
AND deny_cid = ''
AND deny_gid = ''
";
/**
@ -162,7 +184,6 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
* done this and passed the groups into this function.
*/
else {
$observer = get_observer_hash();
if($observer) {
@ -191,7 +212,16 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
return $sql;
}
function item_permissions_sql($owner_id,$remote_verified = false,$groups = null) {
/**
* @brief Creates an addiontal SQL where statement to check permissions for an item.
*
* @param int $owner_id
* @param bool $remote_verified default false, not used at all
* @param string $groups this param is not used at all
*
* @return string additional SQL where statement
*/
function item_permissions_sql($owner_id, $remote_verified = false, $groups = null) {
if(defined('STATUSNET_PRIVACY_COMPATIBILITY'))
return '';
@ -207,7 +237,6 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null)
$sql = " AND item_private=0 ";
/**
* Profile owner - everything is visible
*/
@ -224,7 +253,6 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null)
* done this and passed the groups into this function.
*/
else {
$observer = get_observer_hash();
@ -250,12 +278,18 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null)
);
}
}
return $sql;
}
/**
* @param string $observer_hash
*
* @return string additional SQL where statement
*/
function public_permissions_sql($observer_hash) {
$observer = get_app()->get_observer();
//$observer = get_app()->get_observer();
$groups = init_groups_visitor($observer_hash);
$gs = '<<>>'; // should be impossible to match
@ -341,11 +375,11 @@ function check_form_security_token_ForbiddenOnErr($typename = '', $formname = 'f
}
}
// Returns an array of group id's this contact is a member of.
// This array will only contain group id's related to the uid of this
// DFRN contact. They are *not* neccessarily unique across the entire site.
if(! function_exists('init_groups_visitor')) {
function init_groups_visitor($contact_id) {
$groups = array();
@ -361,8 +395,6 @@ function init_groups_visitor($contact_id) {
// This is used to determine which uid have posts which are visible to the logged in user (from the API) for the
// public_timeline, and we can use this in a community page by making
// $perms = (PERMS_NETWORK|PERMS_PUBLIC) unless logged in.
@ -382,19 +414,22 @@ function stream_perms_api_uids($perms = NULL ) {
intval($perms),
intval(PAGE_CENSORED|PAGE_SYSTEM|PAGE_REMOVED)
);
if($r)
if($r) {
foreach($r as $rr)
if(! in_array($rr['channel_id'],$ret))
if(! in_array($rr['channel_id'], $ret))
$ret[] = $rr['channel_id'];
}
$str = '';
if($ret)
if($ret) {
foreach($ret as $rr) {
if($str)
$str .= ',';
$str .= intval($rr);
}
}
logger('stream_perms_api_uids: ' . $str, LOGGER_DEBUG);
return $str;
}
@ -409,19 +444,21 @@ function stream_perms_xchans($perms = NULL ) {
intval($perms),
intval(PAGE_CENSORED|PAGE_SYETEM|PAGE_REMOVED)
);
if($r)
if($r) {
foreach($r as $rr)
if(! in_array($rr['channel_hash'],$ret))
if(! in_array($rr['channel_hash'], $ret))
$ret[] = $rr['channel_hash'];
}
$str = '';
if($ret)
if($ret) {
foreach($ret as $rr) {
if($str)
$str .= ',';
$str .= "'" . dbesc($rr) . "'";
}
}
logger('stream_perms_xchans: ' . $str, LOGGER_DEBUG);
return $str;
}

142
include/widgets.php
View file

@ -1,4 +1,9 @@
<?php /** @file */
<?php
/**
* @file include/widgets.php
*
* @brief This file contains the widgets.
*/
require_once('include/dir_fns.php');
require_once('include/contact_widgets.php');
@ -6,7 +11,7 @@ require_once('include/contact_widgets.php');
function widget_profile($args) {
$a = get_app();
$block = (((get_config('system','block_public')) && (! local_user()) && (! remote_user())) ? true : false);
$block = (((get_config('system', 'block_public')) && (! local_user()) && (! remote_user())) ? true : false);
return profile_sidebar($a->profile, $block, true);
}
@ -16,14 +21,15 @@ function widget_profile($args) {
function widget_tagcloud($args) {
$o = '';
$tab = 0;
//$tab = 0;
$a = get_app();
$uid = $a->profile_uid;
$count = ((x($args,'count')) ? intval($args['count']) : 24);
$flags = 0;
$type = TERM_CATEGORY;
$r = tagadelic($uid,$count,$authors,$flags,ITEM_WEBPAGE,$type);
// FIXME there exists no $authors variable
$r = tagadelic($uid, $count, $authors, $flags, ITEM_WEBPAGE, $type);
if($r) {
$o = '<div class="tagblock widget"><h3>' . t('Categories') . '</h3><div class="tags" align="center">';
@ -77,7 +83,6 @@ function widget_collections($args) {
}
return group_side($every, $each, $edit, $current, $abook_id, $wmode);
}
@ -93,7 +98,6 @@ function widget_appselect($arr) {
}
function widget_suggestions($arr) {
if((! local_user()) || (! feature_enabled(local_user(),'suggest')))
@ -114,12 +118,9 @@ function widget_suggestions($arr) {
// This will throw some entropy intot he situation so you won't
// be looking at the same two mug shots every time the widget runs
$index = ((count($r) > 2) ? mt_rand(0,count($r) - 2) : 0);
for($x = $index; $x <= ($index+1); $x ++) {
$rr = $r[$x];
if(! $rr['xchan_url'])
break;
@ -138,7 +139,6 @@ function widget_suggestions($arr) {
);
}
$o = replace_macros(get_markup_template('suggest_widget.tpl'),array(
'$title' => t('Suggestions'),
'$more' => t('See more...'),
@ -146,13 +146,13 @@ function widget_suggestions($arr) {
));
return $o;
}
function widget_follow($args) {
if(! local_user())
return '';
$a = get_app();
$uid =$a->channel['channel_id'];
$r = q("select count(*) as total from abook where abook_channel = %d and not (abook_flags & %d)>0 ",
@ -163,10 +163,10 @@ function widget_follow($args) {
$total_channels = $r[0]['total'];
$limit = service_class_fetch($uid,'total_channels');
if($limit !== false) {
$abook_usage_message = sprintf( t("You have %1$.0f of %2$.0f allowed connections."), $total_channels, $limit);
$abook_usage_message = sprintf( t("You have %1$.0f of %2$.0f allowed connections."), $total_channels, $limit);
}
else {
$abook_usage_message = '';
$abook_usage_message = '';
}
return replace_macros(get_markup_template('follow.tpl'),array(
'$connect' => t('Add New Connection'),
@ -175,7 +175,6 @@ function widget_follow($args) {
'$follow' => t('Connect'),
'$abook_usage_message' => $abook_usage_message
));
}
@ -192,6 +191,7 @@ function widget_notes($arr) {
'$text' => $text,
'$save' => t('Save'),
));
return $o;
}
@ -228,8 +228,6 @@ function widget_savedsearch($arr) {
$search = '';
}
$srchurl = $a->query_string;
$srchurl = rtrim(preg_replace('/searchsave\=[^\&].*?(\&|$)/is','',$srchurl),'&');
@ -252,31 +250,28 @@ function widget_savedsearch($arr) {
if(count($r)) {
foreach($r as $rr) {
$saved[] = array(
'id' => $rr['tid'],
'term' => $rr['term'],
'term' => $rr['term'],
'dellink' => z_root() . '/' . $srchurl . (($hasq) ? '' : '?f=') . '&amp;searchremove=1&amp;search=' . urlencode($rr['term']),
'srchlink' => z_root() . '/' . $srchurl . (($hasq) ? '' : '?f=') . '&amp;search=' . urlencode($rr['term']),
'displayterm' => htmlspecialchars($rr['term'], ENT_COMPAT,'UTF-8'),
'encodedterm' => urlencode($rr['term']),
'delete' => t('Remove term'),
'selected' => ($search==$rr['term']),
'encodedterm' => urlencode($rr['term']),
'delete' => t('Remove term'),
'selected' => ($search==$rr['term']),
);
}
}
$tpl = get_markup_template("saved_searches.tpl");
$o = replace_macros($tpl, array(
'$title' => t('Saved Searches'),
'$add' => t('add'),
'$searchbox' => searchbox($search,'netsearch-box',$srchurl . (($hasq) ? '' : '?f='),true),
'$searchbox' => searchbox($search, 'netsearch-box', $srchurl . (($hasq) ? '' : '?f='), true),
'$saved' => $saved,
));
return $o;
}
@ -306,7 +301,6 @@ function widget_filer($arr) {
'$all' => t('Everything'),
'$terms' => $terms,
'$base' => z_root() . '/' . $a->cmd
));
}
@ -327,7 +321,6 @@ function widget_archive($arr) {
if(! perm_is_allowed($uid,get_observer_hash(),'view_stream'))
return '';
$wall = ((array_key_exists('wall', $arr)) ? intval($arr['wall']) : 0);
$style = ((array_key_exists('style', $arr)) ? $arr['style'] : 'select');
$showend = ((get_pconfig($uid,'system','archive_show_end_date')) ? true : false);
@ -336,10 +329,8 @@ function widget_archive($arr) {
if(! $visible_years)
$visible_years = 5;
$url = z_root() . '/' . $a->cmd;
$ret = list_post_dates($uid,$wall,$mindate);
if(! count($ret))
@ -367,7 +358,7 @@ function widget_fullprofile($arr) {
if(! $a->profile['profile_uid'])
return;
$block = (((get_config('system','block_public')) && (! local_user()) && (! remote_user())) ? true : false);
$block = (((get_config('system', 'block_public')) && (! local_user()) && (! remote_user())) ? true : false);
return profile_sidebar($a->profile, $block);
}
@ -375,41 +366,43 @@ function widget_fullprofile($arr) {
function widget_categories($arr) {
$a = get_app();
if($a->profile['profile_uid'] && (! perm_is_allowed($a->profile['profile_uid'],get_observer_hash(),'view_stream')))
return '';
$cat = ((x($_REQUEST,'cat')) ? htmlspecialchars($_REQUEST['cat'],ENT_COMPAT,'UTF-8') : '');
$srchurl = $a->query_string;
$srchurl = rtrim(preg_replace('/cat\=[^\&].*?(\&|$)/is','',$srchurl),'&');
$srchurl = str_replace(array('?f=','&f='),array('',''),$srchurl);
return categories_widget($srchurl,$cat);
return categories_widget($srchurl, $cat);
}
function widget_tagcloud_wall($arr) {
$a = get_app();
if((! $a->profile['profile_uid']) || (! $a->profile['channel_hash']))
return '';
if(! perm_is_allowed($a->profile['profile_uid'],get_observer_hash(),'view_stream'))
if(! perm_is_allowed($a->profile['profile_uid'], get_observer_hash(), 'view_stream'))
return '';
$limit = ((array_key_exists('limit',$arr)) ? intval($arr['limit']) : 50);
if(feature_enabled($a->profile['profile_uid'],'tagadelic'))
return tagblock('search',$a->profile['profile_uid'],$limit,$a->profile['channel_hash'],ITEM_WALL);
$limit = ((array_key_exists('limit', $arr)) ? intval($arr['limit']) : 50);
if(feature_enabled($a->profile['profile_uid'], 'tagadelic'))
return tagblock('search', $a->profile['profile_uid'], $limit, $a->profile['channel_hash'], ITEM_WALL);
return '';
}
function widget_catcloud_wall($arr) {
$a = get_app();
if((! $a->profile['profile_uid']) || (! $a->profile['channel_hash']))
return '';
if(! perm_is_allowed($a->profile['profile_uid'],get_observer_hash(),'view_stream'))
if(! perm_is_allowed($a->profile['profile_uid'], get_observer_hash(), 'view_stream'))
return '';
$limit = ((array_key_exists('limit',$arr)) ? intval($arr['limit']) : 50);
return catblock($a->profile['profile_uid'],$limit,$a->profile['channel_hash'],ITEM_WALL);
return '';
return catblock($a->profile['profile_uid'], $limit, $a->profile['channel_hash'], ITEM_WALL);
}
@ -438,6 +431,7 @@ function widget_affinity($arr) {
call_hooks('main_slider',$arr);
return $arr['html'];
}
return '';
}
@ -463,7 +457,6 @@ function widget_settings_menu($arr) {
if($abk)
$abook_self_id = $abk[0]['abook_id'];
$tabs = array(
array(
'label' => t('Account settings'),
@ -512,7 +505,6 @@ function widget_settings_menu($arr) {
'url' => $a->get_baseurl(true) . '/uexport/complete',
'selected' => ''
),
);
if($role === false || $role === 'custom') {
@ -529,7 +521,6 @@ function widget_settings_menu($arr) {
'url' => $a->get_baseurl(true) . '/connect/' . $channel['channel_address'],
'selected' => ''
);
}
if(feature_enabled(local_user(),'channel_sources')) {
@ -538,18 +529,14 @@ function widget_settings_menu($arr) {
'url' => $a->get_baseurl(true) . '/sources',
'selected' => ''
);
}
$tabtpl = get_markup_template("generic_links_widget.tpl");
return replace_macros($tabtpl, array(
'$title' => t('Settings'),
'$class' => 'settings-widget',
'$items' => $tabs,
));
}
@ -560,9 +547,7 @@ function widget_mailmenu($arr) {
$a = get_app();
return replace_macros(get_markup_template('message_side.tpl'), array(
'$title' => t('Messages'),
'$tabs'=> array(),
'$check'=>array(
'label' => t('Check Mail'),
'url' => $a->get_baseurl(true) . '/message',
@ -573,9 +558,7 @@ function widget_mailmenu($arr) {
'url' => $a->get_baseurl(true) . '/mail/new',
'sel'=> (argv(1) == 'new'),
)
));
}
function widget_design_tools($arr) {
@ -586,7 +569,7 @@ function widget_design_tools($arr) {
if($a->profile['profile_uid'])
if(($a->profile['profile_uid'] != local_user()) && (! $a->is_sys))
return '';
return '';
if(! local_user())
return '';
@ -601,24 +584,25 @@ function widget_findpeople($arr) {
function widget_photo_albums($arr) {
$a = get_app();
if(! $a->profile['profile_uid'])
return '';
$channelx = channelx_by_n($a->profile['profile_uid']);
if((! $channelx) || (! perm_is_allowed($a->profile['profile_uid'],get_observer_hash(),'view_photos')))
if((! $channelx) || (! perm_is_allowed($a->profile['profile_uid'], get_observer_hash(), 'view_photos')))
return '';
require_once('include/photos.php');
return photos_album_widget($channelx,$a->get_observer());
return photos_album_widget($channelx, $a->get_observer());
}
function widget_vcard($arr) {
require_once ('include/Contact.php');
return vcard_from_xchan('',get_app()->get_observer());
return vcard_from_xchan('', get_app()->get_observer());
}
/**
/*
* The following directory widgets are only useful on the directory page
*/
@ -631,21 +615,23 @@ function widget_dirsort($arr) {
}
function widget_dirtags($arr) {
return dir_tagblock(z_root() . '/directory',null);
return dir_tagblock(z_root() . '/directory', null);
}
function widget_menu_preview($arr) {
if(! get_app()->data['menu_item'])
return;
require_once('include/menu.php');
return menu_render(get_app()->data['menu_item']);
}
function widget_chatroom_list($arr) {
$a = get_app();
require_once("include/chat.php");
$r = chatroom_list($a->profile['profile_uid']);
return replace_macros(get_markup_template('chatroomlist.tpl'),array(
return replace_macros(get_markup_template('chatroomlist.tpl'), array(
'$header' => t('Chat Rooms'),
'$baseurl' => z_root(),
'$nickname' => $a->profile['channel_address'],
@ -658,7 +644,7 @@ function widget_bookmarkedchats($arr) {
if(! $h)
return;
$r = q("select * from xchat where xchat_xchan = '%s' group by xchat_url order by xchat_desc",
dbesc($h)
dbesc($h)
);
if($r) {
for($x = 0; $x < count($r); $x ++) {
@ -692,17 +678,17 @@ function widget_suggestedchats($arr) {
}
function widget_item($arr) {
// FIXME there is no $a here
$uid = $a->profile['profile_uid'];
if((! $uid) || (! $arr['mid']))
return '';
if(! perm_is_allowed($uid,get_observer_hash(),'view_pages'))
if(! perm_is_allowed($uid, get_observer_hash(), 'view_pages'))
return '';
require_once('include/security.php');
$sql_extra = item_permissions_sql($uid);
$r = q("select * from item where mid = '%s' and uid = %d and item_restrict = " . intval(ITEM_WEBPAGE) . " $sql_extra limit 1",
dbesc($arr['mid']),
intval($uid)
@ -712,11 +698,10 @@ function widget_item($arr) {
return '';
xchan_query($r);
$r = fetch_post_tags($r,true);
$r = fetch_post_tags($r, true);
$o .= prepare_page($r[0]);
$o = prepare_page($r[0]);
return $o;
}
function widget_clock($arr) {
@ -786,18 +771,17 @@ return $o;
* URL must be an http or https URL
*/
function widget_photo($arr) {
$style = $zrl = false;
$params = '';
if(array_key_exists('src',$arr) && isset($arr['src']))
if(array_key_exists('src', $arr) && isset($arr['src']))
$url = $arr['src'];
if(strpos($url,'http') !== 0)
return '';
if(array_key_exists('style',$arr) && isset($arr['style']))
if(array_key_exists('style', $arr) && isset($arr['style']))
$style = $arr['style'];
// ensure they can't sneak in an eval(js) function
@ -805,7 +789,7 @@ function widget_photo($arr) {
if(strpos($style,'(') !== false)
return '';
if(array_key_exists('zrl',$arr) && isset($arr['zrl']))
if(array_key_exists('zrl', $arr) && isset($arr['zrl']))
$zrl = (($arr['zrl']) ? true : false);
if($zrl)
@ -815,7 +799,7 @@ function widget_photo($arr) {
$o .= '<img ' . (($zrl) ? ' class="zrl" ' : '')
. (($style) ? ' style="' . $style . '"' : '')
. ' src="' . $url . '" alt="' . t('photo/image') . '" />';
. ' src="' . $url . '" alt="' . t('photo/image') . '">';
$o .= '</div>';
@ -826,15 +810,15 @@ function widget_photo($arr) {
function widget_photo_rand($arr) {
require_once('include/photos.php');
$style = $zrl = false;
$params = '';
if(array_key_exists('album',$arr) && isset($arr['album']))
$style = false;
if(array_key_exists('album', $arr) && isset($arr['album']))
$album = $arr['album'];
else
$album = '';
$channel_id = 0;
if(array_key_exists('channel_id',$arr) && intval($arr['channel_id']))
if(array_key_exists('channel_id', $arr) && intval($arr['channel_id']))
$channel_id = intval($arr['channel_id']);
if(! $channel_id)
$channel_id = get_app()->profile_uid;
@ -852,14 +836,14 @@ function widget_photo_rand($arr) {
$filtered[] = $p['src'];
if($filtered) {
$e = mt_rand(0,count($filtered)-1);
$e = mt_rand(0, count($filtered) - 1);
$url = $filtered[$e];
}
if(strpos($url,'http') !== 0)
if(strpos($url, 'http') !== 0)
return '';
if(array_key_exists('style',$arr) && isset($arr['style']))
if(array_key_exists('style', $arr) && isset($arr['style']))
$style = $arr['style'];
// ensure they can't sneak in an eval(js) function
@ -873,7 +857,7 @@ function widget_photo_rand($arr) {
$o .= '<img class="zrl" '
. (($style) ? ' style="' . $style . '"' : '')
. ' src="' . $url . '" alt="' . t('photo/image') . '" />';
. ' src="' . $url . '" alt="' . t('photo/image') . '">';
$o .= '</div>';
@ -913,10 +897,10 @@ function widget_random_block($arr) {
$o = '<div class="widget bblock">';
if($r[0]['title'])
$o .= '<h3>' . $r[0]['title'] . '</h3>';
$o .= prepare_text($r[0]['body'],$r[0]['mimetype']);
$o .= '</div>';
}
return $o;
return $o;
}