Merge branch 'dev' into sabre32

CHANGELOG

@@ -1,3 +1,73 @@
+Hubzilla 1.8
+	Administration:
+		Cleanup and resolve some edge cases with addon repository manager
+		Provide sort field and direction on all fields of account and channel administration tables
+		Rename 'user' administration to account administration to reflect its true purpose
+		'safemode' tool to quickly disable and re-enable addons during a hypothetical upgrade crisis
+	Security:
+		Edited comments to private posts could lose their privacy settings under some circumstances
+		Provide zot-finger signatures to prevent a possible but rare exploit involving DNS spoofing and phishing
+	ACL selections:
+		Various improvements to the ACL editor to further simplify the concepts and make it more intuitive
+	Chat:
+		Notifications of chatroom activity using standard browser notification interfaces.
+	Themes:
+		Allow a theme:schema string to represent a valid theme name. This fixes issues with setting schemas on site themes.
+	Pubsites:
+		Show server role (identify UNO or basic sites as opposed to hubzilla pro) and link to statistics
+	Documentation:
+		Clarify privacy rights of commenters w/r/t conversation owners, as this policy is network dependent.
+	Account Cloning:
+		Regression on clone channel creation created a new channel name each time.
+		New issue (fixed) with directory creation on cloned file content
+	Content Rendering:
+		Add inline code (in addition to the existing code blocks) to BBcode
+		Add emoji reactions
+		Add emojis as extended smilies with auto-complete support
+		Emoji added as feature so it can be enabled/disabled and locked
+		Ability to configure the standard reactions available on a site basis
+		Disable 'convenience' ajax autoload on pgdn key, as it could lead to premature memory exhaustion
+	Photos:
+		Change album sort ordering, allow widgets and plugins to define other orderings
+	Apps:
+		Synchronise app list with changes to system apps
+		Preserve existing app categories on app updates/edits
+	Architecture:
+		Provide autoloaded class files and libraries for plugins.
+		Further refactoring of session driver to sort out some cookie anomolies
+		Experimental PDO database driver
+		Creation of Daemon Master class and port all daemon (background task) interfaces to use it
+		Create separate class for each of 'Cron', 'Cron daily', and 'Cron weekly'.
+		Always run a Cron maintenance task if not run in the last four hours 
+		Refactor the template classes
+		Refactor the ConversationItem mess into ThreadItem and ThreadStream
+		Refactor Apps, Enotify, and Chat library code
+		Refactor the various Config libraries (Config, PConfig, XConfig, AConfig, AbConfig, and IConfig)
+		Created WebServer class for top level
+		Remove mcrypt dependencies (deprecated in PHP 7.1)
+		Remove all reserved (including merely 'not recommended') words as DB table column names
+		Provide mutex lock on DB logging to prevent recursion under rare failure modes. 
+	Bugfixes:
+		Remove db_close function on page end - not needed and will not work with persistent DB connections.
+		Undefined ref_session_write
+		Some session functions needed to be static to work with CalDAV/CardDAV
+		CLI interface: argc and argv were reversed
+		HTML entities double encoded in edited titles
+		Prevent delivering to empty recipients
+		Sabre library setting some security headers for SAML after we've emitted HTML content
+		Always initialise miniApp (caused obscure warning message if not set)
+		Block 'sys' channels from being 'random profile' candidates
+		DB update failed email could be sent in the wrong language under rare circumstances
+		Openid remote authentication used incorrect namespace
+	Plugins:
+		CalDAV/CardDAV plugin provided
+		Issue sending Diaspora 'like' activities from sources that did not propagate the DCV
+		Allow 'superblock' to work across API calls from third party clients
+		statistics.json: use 'zot' as protocol 
+		Issues fixed during testing of ability to follow Diaspora tags
+		Parse issue with Diaspora reshare content
+		Chess: moved to main repo, ported to 1.8
+
 Hubzilla 1.6
 	Cleanup and standardise the interfaces to the "jot" editor
 	Router re-written to support calling class object methods as controllers

Zotlabs/Daemon/Notifier.php

@@ -278,7 +278,11 @@ class Notifier {
 				logger('notifier: target item not forwardable: type ' . $target_item['item_type'], LOGGER_DEBUG);
 				return;
 			}
-			if(intval($target_item['item_unpublished']) || intval($target_item['item_delayed']) || intval($target_item['item_hidden'])) {
+
+			// Check for non published items, but allow an exclusion for transmitting hidden file activities
+
+			if(intval($target_item['item_unpublished']) || intval($target_item['item_delayed']) || 
+				( intval($target_item['item_hidden']) && ($target_item['obj_type'] !== ACTIVITY_OBJ_FILE))) {
 				logger('notifier: target item not published, so not forwardable', LOGGER_DEBUG);
 				return;
 			}

Zotlabs/Module/Acl.php

@@ -65,18 +65,20 @@ class Acl extends \Zotlabs\Web\Controller {
 				intval($count),
 				intval($start)
 			);
-	
-			foreach($r as $g){
-	//		logger('acl: group: ' . $g['gname'] . ' members: ' . group_get_members_xchan($g['id']));
-				$groups[] = array(
-					"type"  => "g",
-					"photo" => "images/twopeople.png",
-					"name"  => $g['gname'],
-					"id"	=> $g['id'],
-					"xid"   => $g['hash'],
-					"uids"  => group_get_members_xchan($g['id']),
-					"link"  => ''
-				);
+
+			if($r) {	
+				foreach($r as $g){
+		//		logger('acl: group: ' . $g['gname'] . ' members: ' . group_get_members_xchan($g['id']));
+					$groups[] = array(
+						"type"  => "g",
+						"photo" => "images/twopeople.png",
+						"name"  => $g['gname'],
+						"id"	=> $g['id'],
+						"xid"   => $g['hash'],
+						"uids"  => group_get_members_xchan($g['id']),
+						"link"  => ''
+					);
+				}
 			}
 		}
 	
@@ -204,7 +206,7 @@ class Acl extends \Zotlabs\Web\Controller {
 		else
 			$r = array();
 	
-		if(count($r)) {
+		if($r) {
 			foreach($r as $g){
 	
 				// remove RSS feeds from ACLs - they are inaccessible

Zotlabs/Module/Admin.php

@@ -1738,7 +1738,7 @@ class Admin extends \Zotlabs\Web\Controller {
 	
 			// name, label, value, help string, extra data...
 			'$debugging' => array('debugging', t("Debugging"),get_config('system','debugging'), ""),
-			'$logfile'   => array('logfile', t("Log file"), get_config('system','logfile'), t("Must be writable by web server. Relative to your Red top-level directory.")),
+			'$logfile'   => array('logfile', t("Log file"), get_config('system','logfile'), t("Must be writable by web server. Relative to your top-level webserver directory.")),
 			'$loglevel'  => array('loglevel', t("Log level"), get_config('system','loglevel'), "", $log_choices),
 	
 			'$form_security_token' => get_form_security_token('admin_logs'),

Zotlabs/Module/Rmagic.php

@@ -24,7 +24,7 @@ class Rmagic extends \Zotlabs\Web\Controller {
 		}
 	}
 	
-		function post() {
+	function post() {
 	
 		$address = trim($_REQUEST['address']);
 	
@@ -34,13 +34,13 @@ class Rmagic extends \Zotlabs\Web\Controller {
 	
 			try {
 				require_once('library/openid/openid.php');
-				$openid = new LightOpenID(z_root());
+				$openid = new \LightOpenID(z_root());
 				$openid->identity = $address;
 				$openid->returnUrl = z_root() . '/openid'; 
 				$openid->required = array('namePerson/friendly', 'namePerson');
 				$openid->optional = array('namePerson/first','media/image/aspect11','media/image/default');
 				goaway($openid->authUrl());
-			} catch (Exception $e) {
+			} catch (\Exception $e) {
 				notice( t('We encountered a problem while logging in with the OpenID you provided. Please check the correct spelling of the ID.').'<br /><br >'. t('The error message was:').' '.$e->getMessage());
 			}
 	
@@ -82,7 +82,7 @@ class Rmagic extends \Zotlabs\Web\Controller {
 	}
 	
 	
-		function get() {
+	function get() {
 	
 		$o = replace_macros(get_markup_template('rmagic.tpl'),array(
 			'$title' => t('Remote Authentication'),

doc/roadmap.bb

@@ -8,18 +8,8 @@ Roadmap for $Projectname V3
 Crypto
 	Convert E2EE to dynamic loading (on demand) using jQuery.getScript() [or other methods] to only load encryption libs when you require them. This should also support multiple encryption libraries (e.g. SJCL, others) triggered from the choice of algorithm and remain pluggable.
 
-Diaspora
-	Convert core Diaspora federation code into a plugin. This presents a number of challenges since it touches and special cases a lot of core functionality. (HZ - in progress)
-
 Subscriptions and business models
-	Build enough into core(/addons) to generate income (or at least try and cover costs) out of the box (in progress Habeas Codice)
-
-Merge all uploads into common DAV interface
-	Separate photo albums from photos and turn them into file directories. (HZ - done)
-	Upload everything direct to /store (HZ - done)
-	If photo, generate thumbnails and image resources (HZ - done)
-	Provide default upload folders with %y (and other?) macros for both photos and other file resources (HZ - done)
-	Allow "media" (anything that we can generate a thumbnail for) in the Photos section (and show thumbnails in the Files section where possible) (HZ - done)
+	Build enough into core(/addons) to generate income (or at least try and cover costs) out of the box 
 
 	Resolve the "every photo has an item" confusion, perhaps every file should also - but only if we can explain it and separate them conceptually.
 

doc/roadmapv4.bb

@@ -9,20 +9,20 @@ Goals/Highlights:
 
 Focus on visual website design tools, widgets, and sharing mechanisms
 
-App organisation.
+[x] App organisation.
 
-Conversion of core application to a composer format living under the namespace "Zotlabs"
+[x] Conversion of core application to a composer format living under the namespace "Zotlabs"
 
-Conversion of Modules to a more general purpose Controllers layout with DB/memory based
+[x] Conversion of Modules to a more general purpose Controllers layout with DB/memory based
 controller routing as opposed to filesystem routing.
 
-Conversion of core Zot Protocol to a class library
+[x] (partial) Conversion of core Zot Protocol to a class library
  
-Abstraction of nomadic identity so that sending/receiving to/from singleton networks to/from any clone works flawlessly - [b]provided[/b] the clone physically connected to that singleton identity is up. 
+[x] Abstraction of nomadic identity so that sending/receiving to/from singleton networks to/from any clone works flawlessly - [b]provided[/b] the clone physically connected to that singleton identity is up. 
 
 [h3]Community Development[/h3]
 
-CalDAV/CardDAV
+[x] CalDAV/CardDAV
 
 E-Commerce
 

doc/to_do_code.bb

@@ -6,6 +6,7 @@ We need much more than this, but here are areas where developers can help. Pleas
 [li]Include TOS link in registration/verification email[/li]
 [li]Auto preview posts/comments (configurable timer kicks in the preview if not 0)[/li]
 [li]SAML 2.0 and OpenID Connect provider functionality[/li]
+[li]relmeauth (aka indieauth) support[/li]
 [li]Create bug tracker module[/li]
 [li]Filing posts - provide a dropdown menu integrated with the 'post actions menu'[/li]
 [li]translation plugins - moses or apertium[/li]
@@ -17,7 +18,6 @@ We need much more than this, but here are areas where developers can help. Pleas
 [li]Integrate the "open site" list with the register page[/li]
 [li]Support comments and member notes on documentation pages (to achieve an effect similar to php.net)[/li]
 [li]Support comments on webpages[/li]
-[li]refactor the oembed client interface so that we can safely sandbox remote content[/li]
 [li]Write more webpage layouts[/li]
 [li]Write more webpage widgets[/li]
 [li]restricted access OAuth clients[/li]
@@ -27,14 +27,11 @@ We need much more than this, but here are areas where developers can help. Pleas
 [li]External post connectors, add popular services[/li]
 [li]service classes - provide a pluggable subscription payment gateway for premium accounts[/li]
 [li]service classes - account overview page showing resources consumed by channel. With special consideration this page can also be accessed at a meta level by the site admin to drill down on problematic accounts/channels.[/li]
-[li]implement CalDAV/CardDAV sync[/li]
 [li]Uploads - integrate #^[url=https://github.com/blueimp/jQuery-File-Upload]https://github.com/blueimp/jQuery-File-Upload[/url][/li]
 [li]API extensions, for Twitter API - search, friending, threading. For Red API, lots of stuff[/li]
 [li]Import channel from Diaspora/Friendica (Diaspora partially done)[/li]
 [li]MediaGoblin photo "crosspost" connector[/li]
-[li]App taxonomy[/li]
-[li]Customisable App collection pages[/li]
-[li]replace the tinymce visual editor and/or make the visual editor pluggable and responsive to different output formats. We probably want library/bbedit for bbcode. This needs a fair bit of work to catch up with our "enhanced bbcode", but start with images, links, bold and highlight and work from there.[/li]
+[li]provide a visual editor[/li]
 [li]Create mobile clients for the top platforms - which involves extending the API so that we can do stuff far beyond the current crop of Twitter/Statusnet clients. Ditto for mobile themes. We can probably use something like the Friendica Android app as a base to start from.[/li]
 [li]Implement owned and exchangeable "things".[/li]
 [li]Family Account creation - using service classes (an account holder can create a certain number of sub-accounts which are all tied to their subscription - if the subscription lapses they all go away).[/li]

view/js/main.js

@@ -321,22 +321,6 @@ $(function() {
 				return false;
 			}
 		}
-		if(event.keyCode == '34') {
-			if((pageHasMoreContent) && (! loadingPage)) {
-				$('#more').hide();
-				$('#no-more').hide();
-
-				next_page++;
-				scroll_next = true;
-				loadingPage = true;
-
-				if(($('.directory-end').length == 0) && ($('.photos-end').length == 0))
-					liveUpdate();
-				else
-					pageUpdate();
-				return true;
-			}
-		}
 
 		if(event.keyCode == '19' || (event.ctrlKey && event.which == '32')) {
 			event.preventDefault();