From 9beda708deebbd318bf5930da03a6046d7cc58cc Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sun, 26 Aug 2018 23:00:31 -0700 Subject: [PATCH] Change main router request variable from 'q' to 'req'. This is necessary to implement search in the twitter api addon, because twitter requires use of the variable 'q'. --- .htaccess | 6 +- Zotlabs/Lib/Libzotdir.php | 2 +- Zotlabs/Module/Connections.php | 2 +- Zotlabs/Module/Directory.php | 2 +- Zotlabs/Module/Photos.php | 5 +- Zotlabs/Module/Rpost.php | 2 +- Zotlabs/Module/Viewconnections.php | 2 +- boot.php | 9 +- include/dir_fns.php | 436 +++++++++++++++++++++++++++++ include/text.php | 4 +- install/sample-nginx.conf | 6 +- library/OAuth1.php | 4 +- 12 files changed, 459 insertions(+), 21 deletions(-) create mode 100644 include/dir_fns.php diff --git a/.htaccess b/.htaccess index 3420313a5..7a265eda1 100644 --- a/.htaccess +++ b/.htaccess @@ -20,15 +20,15 @@ AddType audio/ogg .oga RewriteRule "(^|/)\.git" - [F] RewriteRule "(^|/)store" - [F] - # Rewrite current-style URLs of the form 'index.php?q=x'. + # Rewrite current-style URLs of the form 'index.php?req=x'. # Also place auth information into REMOTE_USER for sites running # in CGI mode. RewriteCond %{REQUEST_URI} ^/\.well\-known/.* - RewriteRule ^(.*)$ index.php?q=$1 [E=REMOTE_USER:%{HTTP:Authorization},L,QSA] + RewriteRule ^(.*)$ index.php?req=$1 [E=REMOTE_USER:%{HTTP:Authorization},L,QSA] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d - RewriteRule ^(.*)$ index.php?q=$1 [E=REMOTE_USER:%{HTTP:Authorization},L,QSA] + RewriteRule ^(.*)$ index.php?req=$1 [E=REMOTE_USER:%{HTTP:Authorization},L,QSA] diff --git a/Zotlabs/Lib/Libzotdir.php b/Zotlabs/Lib/Libzotdir.php index 91d089c86..81a5b3319 100644 --- a/Zotlabs/Lib/Libzotdir.php +++ b/Zotlabs/Lib/Libzotdir.php @@ -152,7 +152,7 @@ class Libzotdir { unset($tmp['pubforums']); unset($tmp['global']); unset($tmp['safe']); - unset($tmp['q']); + unset($tmp['req']); unset($tmp['f']); $forumsurl = $url . http_build_query($tmp) . $suggest; diff --git a/Zotlabs/Module/Connections.php b/Zotlabs/Module/Connections.php index 25e459c65..5f1ca7cc7 100644 --- a/Zotlabs/Module/Connections.php +++ b/Zotlabs/Module/Connections.php @@ -326,7 +326,7 @@ class Connections extends \Zotlabs\Web\Controller { killme(); } else { - $o .= ""; + $o .= ""; $o .= replace_macros(get_markup_template('connections.tpl'),array( '$header' => t('Connections') . (($head) ? ': ' . $head : ''), '$tabs' => $tabs, diff --git a/Zotlabs/Module/Directory.php b/Zotlabs/Module/Directory.php index 66a638fad..d23f0b1c3 100644 --- a/Zotlabs/Module/Directory.php +++ b/Zotlabs/Module/Directory.php @@ -399,7 +399,7 @@ class Directory extends \Zotlabs\Web\Controller { $dirtitle = (($globaldir) ? t('Global Directory') : t('Local Directory')); - $o .= ""; + $o .= ""; $o .= replace_macros($tpl, array( '$search' => $search, '$desc' => t('Find'), diff --git a/Zotlabs/Module/Photos.php b/Zotlabs/Module/Photos.php index 49021b6fa..69a74cec2 100644 --- a/Zotlabs/Module/Photos.php +++ b/Zotlabs/Module/Photos.php @@ -740,7 +740,7 @@ class Photos extends \Zotlabs\Web\Controller { killme(); } else { - $o .= ""; + $o .= ""; $tpl = get_markup_template('photo_album.tpl'); $o .= replace_macros($tpl, array( '$photos' => $photos, @@ -1268,7 +1268,8 @@ class Photos extends \Zotlabs\Web\Controller { killme(); } else { - $o .= ""; + + $o .= ""; $o .= replace_macros(get_markup_template('photos_recent.tpl'), [ '$title' => t('Recent Photos'), diff --git a/Zotlabs/Module/Rpost.php b/Zotlabs/Module/Rpost.php index 44dc5eea1..76fc5490f 100644 --- a/Zotlabs/Module/Rpost.php +++ b/Zotlabs/Module/Rpost.php @@ -46,7 +46,7 @@ class Rpost extends \Zotlabs\Web\Controller { // make sure we're not looping to our own hub if(($url) && (! stristr($url, \App::get_hostname()))) { foreach($_GET as $key => $arg) { - if($key === 'q') + if($key === 'req') continue; $url .= '&' . $key . '=' . $arg; } diff --git a/Zotlabs/Module/Viewconnections.php b/Zotlabs/Module/Viewconnections.php index 7c00750f7..c94da9267 100644 --- a/Zotlabs/Module/Viewconnections.php +++ b/Zotlabs/Module/Viewconnections.php @@ -107,7 +107,7 @@ class Viewconnections extends \Zotlabs\Web\Controller { killme(); } else { - $o .= ""; + $o .= ""; $tpl = get_markup_template("viewcontact_template.tpl"); $o .= replace_macros($tpl, array( '$title' => t('View Connections'), diff --git a/boot.php b/boot.php index 8256a94b0..439a7b49f 100755 --- a/boot.php +++ b/boot.php @@ -846,8 +846,9 @@ class App { self::$path = $path; } - if((x($_SERVER,'QUERY_STRING')) && substr($_SERVER['QUERY_STRING'], 0, 2) === "q=") { - self::$query_string = str_replace(['<','>'],['<','>'],substr($_SERVER['QUERY_STRING'], 2)); + if((x($_SERVER,'QUERY_STRING')) && substr($_SERVER['QUERY_STRING'], 0, 4) === "req=") { + self::$query_string = str_replace(['<','>'],['<','>'],substr($_SERVER['QUERY_STRING'], 4)); + // removing trailing / - maybe a nginx problem if (substr(self::$query_string, 0, 1) == "/") { self::$query_string = substr(self::$query_string, 1); } @@ -855,8 +856,8 @@ class App { self::$query_string = preg_replace('/&/','?',self::$query_string,1); } - if(x($_GET,'q')) - self::$cmd = escape_tags(trim($_GET['q'],'/\\')); + if(x($_GET,'req')) + self::$cmd = escape_tags(trim($_GET['req'],'/\\')); // unix style "homedir" diff --git a/include/dir_fns.php b/include/dir_fns.php new file mode 100644 index 000000000..99dcb63fb --- /dev/null +++ b/include/dir_fns.php @@ -0,0 +1,436 @@ + $preferred); +} + +/** + * Directories may come and go over time. We will need to check that our + * directory server is still valid occasionally, and reset to something that + * is if our directory has gone offline for any reason + */ +function check_upstream_directory() { + + $directory = get_config('system', 'directory_server'); + + // it's possible there is no directory server configured and the local hub is being used. + // If so, default to preserving the absence of a specific server setting. + + $isadir = true; + + if ($directory) { + $h = parse_url($directory); + if ($h) { + $j = Zotlabs\Zot\Finger::run('[system]@' . $h['host']); + if ($j['success']) { + if (array_key_exists('site', $j) && array_key_exists('directory_mode', $j['site'])) { + if ($j['site']['directory_mode'] === 'normal') { + $isadir = false; + } + } + } + } + } + + if (! $isadir) + set_config('system', 'directory_server', ''); +} + +function get_directory_setting($observer, $setting) { + + if ($observer) + $ret = get_xconfig($observer, 'directory', $setting); + else + $ret = ((array_key_exists($setting,$_SESSION)) ? intval($_SESSION[$setting]) : false); + + if($ret === false) + $ret = get_config('directory', $setting); + + + // 'safemode' is the default if there is no observer or no established preference. + + if($setting == 'safemode' && $ret === false) + $ret = 1; + + return $ret; +} + +/** + * @brief Called by the directory_sort widget. + */ +function dir_sort_links() { + + $safe_mode = 1; + + $observer = get_observer_hash(); + + $safe_mode = get_directory_setting($observer, 'safemode'); + $globaldir = get_directory_setting($observer, 'globaldir'); + $pubforums = get_directory_setting($observer, 'pubforums'); + + // Build urls without order and pubforums so it's easy to tack on the changed value + // Probably there's an easier way to do this + + $directory_sort_order = get_config('system','directory_sort_order'); + if(! $directory_sort_order) + $directory_sort_order = 'date'; + + $current_order = (($_REQUEST['order']) ? $_REQUEST['order'] : $directory_sort_order); + $suggest = (($_REQUEST['suggest']) ? '&suggest=' . $_REQUEST['suggest'] : ''); + + $url = 'directory?f='; + + $tmp = array_merge($_GET,$_POST); + unset($tmp['suggest']); + unset($tmp['pubforums']); + unset($tmp['global']); + unset($tmp['safe']); + unset($tmp['req']); + unset($tmp['f']); + $forumsurl = $url . http_build_query($tmp) . $suggest; + + $o = replace_macros(get_markup_template('dir_sort_links.tpl'), array( + '$header' => t('Directory Options'), + '$forumsurl' => $forumsurl, + '$safemode' => array('safemode', t('Safe Mode'),$safe_mode,'',array(t('No'), t('Yes')),' onchange=\'window.location.href="' . $forumsurl . '&safe="+(this.checked ? 1 : 0)\''), + '$pubforums' => array('pubforums', t('Public Forums Only'),$pubforums,'',array(t('No'), t('Yes')),' onchange=\'window.location.href="' . $forumsurl . '&pubforums="+(this.checked ? 1 : 0)\''), + '$globaldir' => array('globaldir', t('This Website Only'), 1-intval($globaldir),'',array(t('No'), t('Yes')),' onchange=\'window.location.href="' . $forumsurl . '&global="+(this.checked ? 0 : 1)\''), + )); + + return $o; +} + +/** + * @brief Checks the directory mode of this hub. + * + * Checks the directory mode of this hub to see if it is some form of directory server. If it is, + * get the directory realm of this hub. Fetch a list of all other directory servers in this realm and request + * a directory sync packet. This will contain both directory updates and new ratings. Store these all in the DB. + * In the case of updates, we will query each of them asynchronously from a poller task. Ratings are stored + * directly if the rater's signature matches. + * + * @param int $dirmode; + */ +function sync_directories($dirmode) { + + if ($dirmode == DIRECTORY_MODE_STANDALONE || $dirmode == DIRECTORY_MODE_NORMAL) + return; + + $realm = get_directory_realm(); + if ($realm == DIRECTORY_REALM) { + $r = q("select * from site where (site_flags & %d) > 0 and site_url != '%s' and site_type = %d and ( site_realm = '%s' or site_realm = '') ", + intval(DIRECTORY_MODE_PRIMARY|DIRECTORY_MODE_SECONDARY), + dbesc(z_root()), + intval(SITE_TYPE_ZOT), + dbesc($realm) + ); + } else { + $r = q("select * from site where (site_flags & %d) > 0 and site_url != '%s' and site_realm like '%s' and site_type = %d ", + intval(DIRECTORY_MODE_PRIMARY|DIRECTORY_MODE_SECONDARY), + dbesc(z_root()), + dbesc(protect_sprintf('%' . $realm . '%')), + intval(SITE_TYPE_ZOT) + ); + } + + // If there are no directory servers, setup the fallback master + /** @FIXME What to do if we're in a different realm? */ + + if ((! $r) && (z_root() != DIRECTORY_FALLBACK_MASTER)) { + + $x = site_store_lowlevel( + [ + 'site_url' => DIRECTORY_FALLBACK_MASTER, + 'site_flags' => DIRECTORY_MODE_PRIMARY, + 'site_update' => NULL_DATE, + 'site_directory' => DIRECTORY_FALLBACK_MASTER . '/dirsearch', + 'site_realm' => DIRECTORY_REALM, + 'site_valid' => 1, + 'site_crypto' => 'aes256cbc' + ] + ); + + $r = q("select * from site where site_flags in (%d, %d) and site_url != '%s' and site_type = %d ", + intval(DIRECTORY_MODE_PRIMARY), + intval(DIRECTORY_MODE_SECONDARY), + dbesc(z_root()), + intval(SITE_TYPE_ZOT) + ); + } + if (! $r) + return; + + foreach ($r as $rr) { + if (! $rr['site_directory']) + continue; + + logger('sync directories: ' . $rr['site_directory']); + + // for brand new directory servers, only load the last couple of days. + // It will take about a month for a new directory to obtain the full current repertoire of channels. + /** @FIXME Go back and pick up earlier ratings if this is a new directory server. These do not get refreshed. */ + + $token = get_config('system','realm_token'); + + $syncdate = (($rr['site_sync'] <= NULL_DATE) ? datetime_convert('UTC','UTC','now - 2 days') : $rr['site_sync']); + $x = z_fetch_url($rr['site_directory'] . '?f=&sync=' . urlencode($syncdate) . (($token) ? '&t=' . $token : '')); + + if (! $x['success']) + continue; + + $j = json_decode($x['body'],true); + if (!($j['transactions']) || ($j['ratings'])) + continue; + + q("update site set site_sync = '%s' where site_url = '%s'", + dbesc(datetime_convert()), + dbesc($rr['site_url']) + ); + + logger('sync_directories: ' . $rr['site_url'] . ': ' . print_r($j,true), LOGGER_DATA); + + if (is_array($j['transactions']) && count($j['transactions'])) { + foreach ($j['transactions'] as $t) { + $r = q("select * from updates where ud_guid = '%s' limit 1", + dbesc($t['transaction_id']) + ); + if($r) + continue; + + $ud_flags = 0; + if (is_array($t['flags']) && in_array('deleted',$t['flags'])) + $ud_flags |= UPDATE_FLAGS_DELETED; + if (is_array($t['flags']) && in_array('forced',$t['flags'])) + $ud_flags |= UPDATE_FLAGS_FORCED; + + $z = q("insert into updates ( ud_hash, ud_guid, ud_date, ud_flags, ud_addr ) + values ( '%s', '%s', '%s', %d, '%s' ) ", + dbesc($t['hash']), + dbesc($t['transaction_id']), + dbesc($t['timestamp']), + intval($ud_flags), + dbesc($t['address']) + ); + } + } + if (is_array($j['ratings']) && count($j['ratings'])) { + foreach ($j['ratings'] as $rr) { + $x = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1", + dbesc($rr['channel']), + dbesc($rr['target']) + ); + if ($x && $x[0]['xlink_updated'] >= $rr['edited']) + continue; + + // Ratings are signed by the rater. We need to verify before we can accept it. + /** @TODO Queue or defer if the xchan is not yet present on our site */ + + $y = q("select xchan_pubkey from xchan where xchan_hash = '%s' limit 1", + dbesc($rr['channel']) + ); + if (! $y) { + logger('key unavailable on this site for ' . $rr['channel']); + continue; + } + if (! rsa_verify($rr['target'] . '.' . $rr['rating'] . '.' . $rr['rating_text'], base64url_decode($rr['signature']),$y[0]['xchan_pubkey'])) { + logger('failed to verify rating'); + continue; + } + + if ($x) { + $z = q("update xlink set xlink_rating = %d, xlink_rating_text = '%s', xlink_sig = '%s', xlink_updated = '%s' where xlink_id = %d", + intval($rr['rating']), + dbesc($rr['rating_text']), + dbesc($rr['signature']), + dbesc(datetime_convert()), + intval($x[0]['xlink_id']) + ); + logger('rating updated'); + } else { + $z = q("insert into xlink ( xlink_xchan, xlink_link, xlink_rating, xlink_rating_text, xlink_sig, xlink_updated, xlink_static ) values( '%s', '%s', %d, '%s', '%s', '%s', 1 ) ", + dbesc($rr['channel']), + dbesc($rr['target']), + intval($rr['rating']), + dbesc($rr['rating_text']), + dbesc($rr['signature']), + dbesc(datetime_convert()) + ); + logger('rating created'); + } + } + } + } +} + + +/** + * @brief + * + * Given an update record, probe the channel, grab a zot-info packet and refresh/sync the data. + * + * Ignore updating records marked as deleted. + * + * If successful, sets ud_last in the DB to the current datetime for this + * reddress/webbie. + * + * @param array $ud Entry from update table + */ +function update_directory_entry($ud) { + + logger('update_directory_entry: ' . print_r($ud,true), LOGGER_DATA); + + if ($ud['ud_addr'] && (! ($ud['ud_flags'] & UPDATE_FLAGS_DELETED))) { + $success = false; + $x = zot_finger($ud['ud_addr'], ''); + if ($x['success']) { + $j = json_decode($x['body'], true); + if ($j) + $success = true; + + $y = import_xchan($j, 0, $ud); + } + if (! $success) { + q("update updates set ud_last = '%s' where ud_addr = '%s'", + dbesc(datetime_convert()), + dbesc($ud['ud_addr']) + ); + } + } +} + + +/** + * @brief Push local channel updates to a local directory server. + * + * This is called from include/directory.php if a profile is to be pushed to the + * directory and the local hub in this case is any kind of directory server. + * + * @param int $uid + * @param boolean $force + */ +function local_dir_update($uid, $force) { + + logger('local_dir_update: uid: ' . $uid, LOGGER_DEBUG); + + $p = q("select channel.channel_hash, channel_address, channel_timezone, profile.* from profile left join channel on channel_id = uid where uid = %d and is_default = 1", + intval($uid) + ); + + $profile = array(); + $profile['encoding'] = 'zot'; + + if ($p) { + $hash = $p[0]['channel_hash']; + + $profile['description'] = $p[0]['pdesc']; + $profile['birthday'] = $p[0]['dob']; + if ($age = age($p[0]['dob'],$p[0]['channel_timezone'],'')) + $profile['age'] = $age; + + $profile['gender'] = $p[0]['gender']; + $profile['marital'] = $p[0]['marital']; + $profile['sexual'] = $p[0]['sexual']; + $profile['locale'] = $p[0]['locality']; + $profile['region'] = $p[0]['region']; + $profile['postcode'] = $p[0]['postal_code']; + $profile['country'] = $p[0]['country_name']; + $profile['about'] = $p[0]['about']; + $profile['homepage'] = $p[0]['homepage']; + $profile['hometown'] = $p[0]['hometown']; + + if ($p[0]['keywords']) { + $tags = array(); + $k = explode(' ', $p[0]['keywords']); + if ($k) + foreach ($k as $kk) + if (trim($kk)) + $tags[] = trim($kk); + + if ($tags) + $profile['keywords'] = $tags; + } + + $hidden = (1 - intval($p[0]['publish'])); + + logger('hidden: ' . $hidden); + + $r = q("select xchan_hidden from xchan where xchan_hash = '%s' limit 1", + dbesc($p[0]['channel_hash']) + ); + + if(intval($r[0]['xchan_hidden']) != $hidden) { + $r = q("update xchan set xchan_hidden = %d where xchan_hash = '%s'", + intval($hidden), + dbesc($p[0]['channel_hash']) + ); + } + + $arr = array('channel_id' => $uid, 'hash' => $hash, 'profile' => $profile); + call_hooks('local_dir_update', $arr); + + $address = channel_reddress($p[0]); + + if (perm_is_allowed($uid, '', 'view_profile')) { + import_directory_profile($hash, $arr['profile'], $address, 0); + } else { + // they may have made it private + $r = q("delete from xprof where xprof_hash = '%s'", + dbesc($hash) + ); + $r = q("delete from xtag where xtag_hash = '%s'", + dbesc($hash) + ); + } + } + + $ud_hash = random_string() . '@' . App::get_hostname(); + update_modtime($hash, $ud_hash, channel_reddress($p[0]),(($force) ? UPDATE_FLAGS_FORCED : UPDATE_FLAGS_UPDATED)); +} diff --git a/include/text.php b/include/text.php index c9ac1ea76..d0bfe336f 100644 --- a/include/text.php +++ b/include/text.php @@ -2534,7 +2534,7 @@ function extra_query_args() { if(count($_GET)) { foreach($_GET as $k => $v) { // these are request vars we don't want to duplicate - if(! in_array($k, array('q','f','zid','page','PHPSESSID'))) { + if(! in_array($k, array('req','f','zid','page','PHPSESSID'))) { $s .= '&' . $k . '=' . urlencode($v); } } @@ -2542,7 +2542,7 @@ function extra_query_args() { if(count($_POST)) { foreach($_POST as $k => $v) { // these are request vars we don't want to duplicate - if(! in_array($k, array('q','f','zid','page','PHPSESSID'))) { + if(! in_array($k, array('req','f','zid','page','PHPSESSID'))) { $s .= '&' . $k . '=' . urlencode($v); } } diff --git a/install/sample-nginx.conf b/install/sample-nginx.conf index 839f208ae..c29eb30db 100644 --- a/install/sample-nginx.conf +++ b/install/sample-nginx.conf @@ -78,7 +78,7 @@ server { # rewrite to front controller as default rule location / { if (!-e $request_filename) { - rewrite ^(.*)$ /index.php?q=$1; + rewrite ^(.*)$ /index.php?req=$1; } } @@ -87,7 +87,7 @@ server { location ^~ /.well-known/ { allow all; if (!-e $request_filename) { - rewrite ^(.*)$ /index.php?q=$1; + rewrite ^(.*)$ /index.php?req=$1; } } @@ -97,7 +97,7 @@ server { # added .htm for advanced source code editor library # location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|map|ttf|woff|woff2|svg)$ { # expires 30d; - # try_files $uri /index.php?q=$uri&$args; + # try_files $uri /index.php?req=$uri&$args; # } # block these file types diff --git a/library/OAuth1.php b/library/OAuth1.php index 0a6b20b0a..e70cf0a1b 100644 --- a/library/OAuth1.php +++ b/library/OAuth1.php @@ -293,8 +293,8 @@ class OAuth1Request { } // fix for friendica redirect system // FIXME or don't, but figure out if this is absolutely necessary and act accordingly - $http_url = substr($http_url, 0, strpos($http_url,$parameters['q'])+strlen($parameters['q'])); - unset( $parameters['q'] ); + $http_url = substr($http_url, 0, strpos($http_url,$parameters['req'])+strlen($parameters['req'])); + unset( $parameters['req'] ); return new OAuth1Request($http_method, $http_url, $parameters); }