Streams/streams
Streams/streams
1
0
Fork 0
mirror of https://codeberg.org/streams/streams.git synced 2024-09-20 02:35:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #547 from dawnbreak/docu

Browse source 
[TASK] Update Doxyfile and fix Doxygen errors.
This commit is contained in:
zotlabs 2016-10-14 12:55:01 +11:00 committed by GitHub
commit b9eb74a705
36 changed files with 1868 additions and 1786 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

54
Zotlabs/Module/Admin.php
View file

@ -1,21 +1,20 @@
<?php
namespace Zotlabs\Module;
/**
* @file mod/admin.php
* @file Zotlabs/Module/Admin.php
* @brief Hubzilla's admin controller.
*
* Controller for the /admin/ area.
*/
namespace Zotlabs\Module;
require_once('include/queue_fn.php');
require_once('include/account.php');
/**
* @param App &$a
* @brief Admin area.
*
*/
class Admin extends \Zotlabs\Web\Controller {
private $sm = null;
@ -26,36 +25,35 @@ class Admin extends \Zotlabs\Web\Controller {
function post(){
logger('admin_post', LOGGER_DEBUG);
if(! is_site_admin()) {
return;
}
if (argc() > 1) {
$this->sm->call('post');
}
goaway(z_root() . '/admin' );
}
/**
* @return string
*/
function get() {
logger('admin_content', LOGGER_DEBUG);
if(! is_site_admin()) {
return login(false);
}
/*
* Page content
*/
$o = '';
if(argc() > 1) {
$o = $this->sm->call('get');
if($o === false) {
@ -65,9 +63,9 @@ class Admin extends \Zotlabs\Web\Controller {
else {
$o = $this->admin_page_summary();
}
if(is_ajax()) {
echo $o;
echo $o;
killme();
return '';
}
@ -75,16 +73,15 @@ class Admin extends \Zotlabs\Web\Controller {
return $o;
}
}
/**
* @brief Returns content for Admin Summary Page.
*
* @param App &$a
* @return string HTML from parsed admin_summary.tpl
*/
function admin_page_summary() {
// list total user accounts, expirations etc.
$accounts = array();
$r = q("SELECT COUNT(*) AS total, COUNT(CASE WHEN account_expires > %s THEN 1 ELSE NULL END) AS expiring, COUNT(CASE WHEN account_expires < %s AND account_expires > '%s' THEN 1 ELSE NULL END) AS expired, COUNT(CASE WHEN (account_flags & %d)>0 THEN 1 ELSE NULL END) AS blocked FROM account",
@ -99,11 +96,11 @@ class Admin extends \Zotlabs\Web\Controller {
$accounts['expired'] = array('label' => t('# expired accounts'), 'val' => $r[0]['expired']);
$accounts['expiring'] = array('label' => t('# expiring accounts'), 'val' => $r[0]['expiring']);
}
// pending registrations
$r = q("SELECT COUNT(id) AS rtotal FROM register WHERE uid != '0'");
$pending = $r[0]['rtotal'];
// available channels, primary and clones
$channels = array();
$r = q("SELECT COUNT(*) AS total, COUNT(CASE WHEN channel_primary = 1 THEN 1 ELSE NULL END) AS main, COUNT(CASE WHEN channel_primary = 0 THEN 1 ELSE NULL END) AS clones FROM channel WHERE channel_removed = 0");
@ -112,15 +109,15 @@ class Admin extends \Zotlabs\Web\Controller {
$channels['main'] = array('label' => t('# primary'), 'val' => $r[0]['main']);
$channels['clones'] = array('label' => t('# clones'), 'val' => $r[0]['clones']);
}
// We can do better, but this is a quick queue status
$r = q("SELECT COUNT(outq_delivered) AS total FROM outq WHERE outq_delivered = 0");
$queue = (($r) ? $r[0]['total'] : 0);
$queues = array( 'label' => t('Message queues'), 'queue' => $queue );
// If no plugins active return 0, otherwise list of plugin names
$plugins = (count(\App::$plugins) == 0) ? count(\App::$plugins) : \App::$plugins;
// Could be extended to provide also other alerts to the admin
$alertmsg = '';
// annoy admin about upcoming unsupported PHP version
@ -135,7 +132,6 @@ class Admin extends \Zotlabs\Web\Controller {
$upgrade = ((version_compare(STD_VERSION,$vmaster) < 0) ? t('Your software should be updated') : '');
$t = get_markup_template('admin_summary.tpl');
return replace_macros($t, array(
'$title' => t('Administration'),
@ -150,10 +146,8 @@ class Admin extends \Zotlabs\Web\Controller {
'$vmaster' => array( t('Repository version (master)'), $vmaster),
'$vdev' => array( t('Repository version (dev)'), $vdev),
'$upgrade' => $upgrade,
'$build' => get_config('system', 'db_version')
'$build' => get_config('system', 'db_version')
));
}
}

90
Zotlabs/Module/Admin/Channels.php
View file

@ -2,35 +2,36 @@
namespace Zotlabs\Module\Admin;
/**
* @brief Admin Module for Channels.
*
*/
class Channels {
/**
* @brief Channels admin page.
* @brief Handle POST actions on channels admin page.
*
* @param App &$a
*/
function post() {
$channels = ( x($_POST, 'channel') ? $_POST['channel'] : Array() );
check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels');
$xor = db_getfunc('^');
if (x($_POST,'page_channels_block')){
foreach($channels as $uid){
if(x($_POST, 'page_channels_block')) {
foreach($channels as $uid) {
q("UPDATE channel SET channel_pageflags = ( channel_pageflags $xor %d ) where channel_id = %d",
intval(PAGE_CENSORED),
intval( $uid )
);
\Zotlabs\Daemon\Master::Summon(array('Directory',$uid,'nopush'));
\Zotlabs\Daemon\Master::Summon(array('Directory', $uid, 'nopush'));
}
notice( sprintf( tt("%s channel censored/uncensored", "%s channels censored/uncensored", count($channels)), count($channels)) );
}
if (x($_POST,'page_channels_code')){
foreach($channels as $uid){
if(x($_POST, 'page_channels_code')) {
foreach($channels as $uid) {
q("UPDATE channel SET channel_pageflags = ( channel_pageflags $xor %d ) where channel_id = %d",
intval(PAGE_ALLOWCODE),
intval( $uid )
@ -38,74 +39,71 @@ class Channels {
}
notice( sprintf( tt("%s channel code allowed/disallowed", "%s channels code allowed/disallowed", count($channels)), count($channels)) );
}
if (x($_POST,'page_channels_delete')){
foreach($channels as $uid){
channel_remove($uid,true);
if(x($_POST, 'page_channels_delete')) {
foreach($channels as $uid) {
channel_remove($uid, true);
}
notice( sprintf( tt("%s channel deleted", "%s channels deleted", count($channels)), count($channels)) );
}
goaway(z_root() . '/admin/channels' );
}
/**
* @brief
* @brief Generate channels admin page and handle single item operations.
*
* @return string
* @return string with parsed HTML
*/
function get() {
if(argc() > 2) {
$uid = argv(3);
$channel = q("SELECT * FROM channel WHERE channel_id = %d",
intval($uid)
);
if(! $channel) {
notice( t('Channel not found') . EOL);
goaway(z_root() . '/admin/channels' );
}
switch(argv(2)) {
case "delete":{
check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't');
// delete channel
channel_remove($uid,true);
notice( sprintf(t("Channel '%s' deleted"), $channel[0]['channel_name']) . EOL);
}; break;
case "block":{
check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't');
$pflags = $channel[0]['channel_pageflags'] ^ PAGE_CENSORED;
$pflags = $channel[0]['channel_pageflags'] ^ PAGE_CENSORED;
q("UPDATE channel SET channel_pageflags = %d where channel_id = %d",
intval($pflags),
intval( $uid )
);
\Zotlabs\Daemon\Master::Summon(array('Directory',$uid,'nopush'));
notice( sprintf( (($pflags & PAGE_CENSORED) ? t("Channel '%s' censored"): t("Channel '%s' uncensored")) , $channel[0]['channel_name'] . ' (' . $channel[0]['channel_address'] . ')' ) . EOL);
}; break;
case "code":{
check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't');
$pflags = $channel[0]['channel_pageflags'] ^ PAGE_ALLOWCODE;
$pflags = $channel[0]['channel_pageflags'] ^ PAGE_ALLOWCODE;
q("UPDATE channel SET channel_pageflags = %d where channel_id = %d",
intval($pflags),
intval( $uid )
);
notice( sprintf( (($pflags & PAGE_ALLOWCODE) ? t("Channel '%s' code allowed"): t("Channel '%s' code disallowed")) , $channel[0]['channel_name'] . ' (' . $channel[0]['channel_address'] . ')' ) . EOL);
}; break;
default:
default:
break;
}
goaway(z_root() . '/admin/channels' );
}
$key = (($_REQUEST['key']) ? dbesc($_REQUEST['key']) : 'channel_id');
$dir = 'asc';
if(array_key_exists('dir',$_REQUEST))
@ -114,10 +112,8 @@ class Channels {
$base = z_root() . '/admin/channels?f=';
$odir = (($dir === 'asc') ? '0' : '1');
/* get channels */
$total = q("SELECT count(*) as total FROM channel where channel_removed = 0 and channel_system = 0");
if($total) {
\App::set_pager_total($total[0]['total']);
@ -135,15 +131,15 @@ class Channels {
$channels[$x]['blocked'] = true;
else
$channels[$x]['blocked'] = false;
if($channels[$x]['channel_pageflags'] & PAGE_ALLOWCODE)
$channels[$x]['allowcode'] = true;
else
$channels[$x]['allowcode'] = false;
}
}
$t = get_markup_template("admin_channels.tpl");
$t = get_markup_template('admin_channels.tpl');
$o = replace_macros($t, array(
// strings //
'$title' => t('Administration'),
@ -158,29 +154,23 @@ class Channels {
'$h_channels' => t('Channel'),
'$base' => $base,
'$odir' => $odir,
'$th_channels' => array(
'$th_channels' => array(
[ t('UID'), 'channel_id' ],
[ t('Name'), 'channel_name' ],
[ t('Address'), 'channel_address' ]),
'$confirm_delete_multi' => t('Selected channels will be deleted!\n\nEverything that was posted in these channels on this site will be permanently deleted!\n\nAre you sure?'),
'$confirm_delete' => t('The channel {0} will be deleted!\n\nEverything that was posted in this channel on this site will be permanently deleted!\n\nAre you sure?'),
'$form_security_token' => get_form_security_token("admin_channels"),
'$form_security_token' => get_form_security_token('admin_channels'),
// values //
'$baseurl' => z_root(),
'$channels' => $channels,
));
$o .= paginate($a);
return $o;
}
}

109
Zotlabs/Module/Admin/Site.php
View file

@ -5,11 +5,9 @@ namespace Zotlabs\Module\Admin;
class Site {
/**
* @brief POST handler for Admin Site Page.
*
* @param App &$a
*/
function post(){
if (!x($_POST, 'page_site')) {
@ -17,38 +15,38 @@ class Site {
}
check_form_security_token_redirectOnErr('/admin/site', 'admin_site');
$sitename = ((x($_POST,'sitename')) ? notags(trim($_POST['sitename'])) : '');
$server_role = ((x($_POST,'server_role')) ? notags(trim($_POST['server_role'])) : 'standard');
$banner = ((x($_POST,'banner')) ? trim($_POST['banner']) : false);
$banner = ((x($_POST,'banner')) ? trim($_POST['banner']) : false);
$admininfo = ((x($_POST,'admininfo')) ? trim($_POST['admininfo']) : false);
$language = ((x($_POST,'language')) ? notags(trim($_POST['language'])) : '');
$theme = ((x($_POST,'theme')) ? notags(trim($_POST['theme'])) : '');
$theme_mobile = ((x($_POST,'theme_mobile')) ? notags(trim($_POST['theme_mobile'])) : '');
// $site_channel = ((x($_POST,'site_channel')) ? notags(trim($_POST['site_channel'])) : '');
// $site_channel = ((x($_POST,'site_channel')) ? notags(trim($_POST['site_channel'])) : '');
$maximagesize = ((x($_POST,'maximagesize')) ? intval(trim($_POST['maximagesize'])) : 0);
$register_policy = ((x($_POST,'register_policy')) ? intval(trim($_POST['register_policy'])) : 0);
$access_policy = ((x($_POST,'access_policy')) ? intval(trim($_POST['access_policy'])) : 0);
$invite_only = ((x($_POST,'invite_only')) ? True : False);
$abandon_days = ((x($_POST,'abandon_days')) ? intval(trim($_POST['abandon_days'])) : 0);
$invite_only = ((x($_POST,'invite_only')) ? True : False);
$abandon_days = ((x($_POST,'abandon_days')) ? intval(trim($_POST['abandon_days'])) : 0);
$register_text = ((x($_POST,'register_text')) ? notags(trim($_POST['register_text'])) : '');
$frontpage = ((x($_POST,'frontpage')) ? notags(trim($_POST['frontpage'])) : '');
$mirror_frontpage = ((x($_POST,'mirror_frontpage')) ? intval(trim($_POST['mirror_frontpage'])) : 0);
$directory_server = ((x($_POST,'directory_server')) ? trim($_POST['directory_server']) : '');
$allowed_sites = ((x($_POST,'allowed_sites')) ? notags(trim($_POST['allowed_sites'])) : '');
$force_publish = ((x($_POST,'publish_all')) ? True : False);
$disable_discover_tab = ((x($_POST,'disable_discover_tab')) ? False : True);
$login_on_homepage = ((x($_POST,'login_on_homepage')) ? True : False);
$enable_context_help = ((x($_POST,'enable_context_help')) ? True : False);
$frontpage = ((x($_POST,'frontpage')) ? notags(trim($_POST['frontpage'])) : '');
$mirror_frontpage = ((x($_POST,'mirror_frontpage')) ? intval(trim($_POST['mirror_frontpage'])) : 0);
$directory_server = ((x($_POST,'directory_server')) ? trim($_POST['directory_server']) : '');
$allowed_sites = ((x($_POST,'allowed_sites')) ? notags(trim($_POST['allowed_sites'])) : '');
$force_publish = ((x($_POST,'publish_all')) ? True : False);
$disable_discover_tab = ((x($_POST,'disable_discover_tab')) ? False : True);
$login_on_homepage = ((x($_POST,'login_on_homepage')) ? True : False);
$enable_context_help = ((x($_POST,'enable_context_help')) ? True : False);
$global_directory = ((x($_POST,'directory_submit_url')) ? notags(trim($_POST['directory_submit_url'])) : '');
$no_community_page = !((x($_POST,'no_community_page')) ? True : False);
$default_expire_days = ((array_key_exists('default_expire_days',$_POST)) ? intval($_POST['default_expire_days']) : 0);
$verifyssl = ((x($_POST,'verifyssl')) ? True : False);
$proxyuser = ((x($_POST,'proxyuser')) ? notags(trim($_POST['proxyuser'])) : '');
$proxy = ((x($_POST,'proxy')) ? notags(trim($_POST['proxy'])) : '');
@ -62,11 +60,9 @@ class Site {
$techlevel_lock = ((x($_POST,'techlock')) ? intval($_POST['techlock']) : 0);
$techlevel = null;
if(array_key_exists('techlevel',$_POST))
if(array_key_exists('techlevel', $_POST))
$techlevel = intval($_POST['techlevel']);
set_config('system', 'server_role', $server_role);
set_config('system', 'feed_contacts', $feed_contacts);
set_config('system', 'delivery_interval', $delivery_interval);
@ -84,16 +80,16 @@ class Site {
if(! is_null($techlevel))
set_config('system', 'techlevel', $techlevel);
if($directory_server)
set_config('system','directory_server',$directory_server);
if ($banner == '') {
del_config('system', 'banner');
} else {
set_config('system', 'banner', $banner);
}
if ($admininfo == ''){
del_config('system', 'admininfo');
} else {
@ -110,9 +106,9 @@ class Site {
}
// set_config('system','site_channel', $site_channel);
set_config('system','maximagesize', $maximagesize);
set_config('system','register_policy', $register_policy);
set_config('system','invitation_only', $invite_only);
set_config('system','invitation_only', $invite_only);
set_config('system','access_policy', $access_policy);
set_config('system','account_abandon_days', $abandon_days);
set_config('system','register_text', $register_text);
@ -124,14 +120,14 @@ class Site {
} else {
set_config('system', 'directory_submit_url', $global_directory);
}
set_config('system','no_community_page', $no_community_page);
set_config('system','no_utf', $no_utf);
set_config('system','verifyssl', $verifyssl);
set_config('system','proxyuser', $proxyuser);
set_config('system','proxy', $proxy);
set_config('system','curl_timeout', $timeout);
info( t('Site settings updated.') . EOL);
goaway(z_root() . '/admin/site' );
}
@ -139,15 +135,14 @@ class Site {
/**
* @brief Admin page site.
*
* @return string
* @return string with HTML
*/
function get() {
/* Installed langs */
$lang_choices = array();
$langs = glob('view/*/hstrings.php');
if(is_array($langs) && count($langs)) {
if(! in_array('view/en/hstrings.php',$langs))
$langs[] = 'view/en/';
@ -157,7 +152,7 @@ class Site {
$lang_choices[$t[1]] = $t[1];
}
}
/* Installed themes */
$theme_choices_mobile["---"] = t("Default");
$theme_choices = array();
@ -184,13 +179,13 @@ class Site {
}
}
}
$dir_choices = null;
$dirmode = get_config('system','directory_mode');
$realm = get_directory_realm();
// directory server should not be set or settable unless we are a directory client
if($dirmode == DIRECTORY_MODE_NORMAL) {
$x = q("select site_url from site where site_flags in (%d,%d) and site_realm = '%s'",
intval(DIRECTORY_MODE_SECONDARY),
@ -204,25 +199,25 @@ class Site {
}
}
}
/* Banner */
$banner = get_config('system', 'banner');
if($banner === false)
if($banner === false)
$banner = get_config('system','sitename');
$banner = htmlspecialchars($banner);
/* Admin Info */
$admininfo = get_config('system', 'admininfo');
/* Register policy */
$register_choices = Array(
REGISTER_CLOSED => t("No"),
REGISTER_APPROVE => t("Yes - with approval"),
REGISTER_OPEN => t("Yes")
);
/* Acess policy */
$access_choices = Array(
ACCESS_PRIVATE => t("My site is not a public server"),
@ -230,36 +225,32 @@ class Site {
ACCESS_FREE => t("My site has free access only"),
ACCESS_TIERED => t("My site offers free accounts with optional paid upgrades")
);
$discover_tab = get_config('system','disable_discover_tab');
// $disable public streams by default
if($discover_tab === false)
$discover_tab = 1;
// now invert the logic for the setting.
$discover_tab = (1 - $discover_tab);
$server_roles = [
'basic' => t('Basic/Minimal Social Networking'),
'standard' => t('Standard Configuration (default)'),
'pro' => t('Professional')
];
$techlevels = [
'0' => t('Beginner/Basic'),
'1' => t('Novice - not skilled but willing to learn'),
'2' => t('Intermediate - somewhat comfortable'),
'3' => t('Advanced - very comfortable'),
'4' => t('Expert - I can write computer code'),
'4' => t('Expert - I can write computer code'),
'5' => t('Wizard - I probably know more than you do')
];
$homelogin = get_config('system','login_on_homepage');
$enable_context_help = get_config('system','enable_context_help');
$t = get_markup_template("admin_site.tpl");
return replace_macros($t, array(
'$title' => t('Administration'),
@ -269,7 +260,7 @@ class Site {
'$upload' => t('File upload'),
'$corporate' => t('Policies'),
'$advanced' => t('Advanced'),
'$baseurl' => z_root(),
// name, label, value, help string, extra data...
'$sitename' => array('sitename', t("Site name"), htmlspecialchars(get_config('system','sitename'), ENT_QUOTES, 'UTF-8'),''),
@ -280,14 +271,13 @@ class Site {
'$techlock' => [ 'techlock', t('Lock the technical skill level setting'), get_config('system','techlevel_lock'), t('Members can set their own technical comfort level by default') ],
'$banner' => array('banner', t("Banner/Logo"), $banner, ""),
'$admininfo' => array('admininfo', t("Administrator Information"), $admininfo, t("Contact information for site administrators. Displayed on siteinfo page. BBCode can be used here")),
'$language' => array('language', t("System language"), get_config('system','language'), "", $lang_choices),
'$theme' => array('theme', t("System theme"), get_config('system','theme'), t("Default system theme - may be over-ridden by user profiles - <a href='#' id='cnftheme'>change theme settings</a>"), $theme_choices),
'$theme_mobile' => array('theme_mobile', t("Mobile system theme"), get_config('system','mobile_theme'), t("Theme for mobile devices"), $theme_choices_mobile),
// '$site_channel' => array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")),
'$feed_contacts' => array('feed_contacts', t('Allow Feeds as Connections'),get_config('system','feed_contacts'),t('(Heavy system resource usage)')),
// '$site_channel' => array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")),
'$feed_contacts' => array('feed_contacts', t('Allow Feeds as Connections'),get_config('system','feed_contacts'),t('(Heavy system resource usage)')),
'$maximagesize' => array('maximagesize', t("Maximum image size"), intval(get_config('system','maximagesize')), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")),
'$register_policy' => array('register_policy', t("Does this site allow new member registration?"), get_config('system','register_policy'), "", $register_choices),
'$invite_only' => array('invite_only', t("Invitation only"), get_config('system','invitation_only'), t("Only allow new member registrations with an invitation code. Above register policy must be set to Yes.")),
@ -302,9 +292,9 @@ class Site {
'$disable_discover_tab' => array('disable_discover_tab', t('Import Public Streams'), $discover_tab, t('Import and allow access to public content pulled from other sites. Warning: this content is unmoderated.')),
'$login_on_homepage' => array('login_on_homepage', t("Login on Homepage"),((intval($homelogin) || $homelogin === false) ? 1 : '') , t("Present a login box to visitors on the home page if no other content has been configured.")),
'$enable_context_help' => array('enable_context_help', t("Enable context help"),((intval($enable_context_help) === 1 || $enable_context_help === false) ? 1 : 0) , t("Display contextual help for the current page when the help button is pressed.")),
'$directory_server' => (($dir_choices) ? array('directory_server', t("Directory Server URL"), get_config('system','directory_server'), t("Default directory server"), $dir_choices) : null),
'$proxyuser' => array('proxyuser', t("Proxy user"), get_config('system','proxyuser'), ""),
'$proxy' => array('proxy', t("Proxy URL"), get_config('system','proxy'), ""),
'$timeout' => array('timeout', t("Network timeout"), (x(get_config('system','curl_timeout'))?get_config('system','curl_timeout'):60), t("Value is in seconds. Set to 0 for unlimited (not recommended).")),
@ -316,8 +306,5 @@ class Site {
'$form_security_token' => get_form_security_token("admin_site"),
));
}
}

53
Zotlabs/Module/Channel.php
View file

@ -1,6 +1,6 @@
<?php
namespace Zotlabs\Module;
namespace Zotlabs\Module;
require_once('include/contact_widgets.php');
require_once('include/items.php');
@ -10,6 +10,10 @@ require_once('include/conversation.php');
require_once('include/acl_selectors.php');
require_once('include/permissions.php');
/**
* @brief Channel Controller
*
*/
class Channel extends \Zotlabs\Web\Controller {
function init() {
@ -34,7 +38,7 @@ class Channel extends \Zotlabs\Web\Controller {
if((local_channel()) && (argc() > 2) && (argv(2) === 'view')) {
$which = $channel['channel_address'];
$profile = argv(1);
$profile = argv(1);
}
\App::$page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" title="' . t('Posts and comments') . '" href="' . z_root() . '/feed/' . $which . '" />' . "\r\n" ;
@ -48,12 +52,10 @@ class Channel extends \Zotlabs\Web\Controller {
// we start loading content
profile_load($which,$profile);
}
function get($update = 0, $load = false) {
if($load)
$_SESSION['loadtime'] = datetime_convert();
@ -66,7 +68,7 @@ class Channel extends \Zotlabs\Web\Controller {
$datequery = ((x($_GET,'dend') && is_a_date_arg($_GET['dend'])) ? notags($_GET['dend']) : '');
$datequery2 = ((x($_GET,'dbegin') && is_a_date_arg($_GET['dbegin'])) ? notags($_GET['dbegin']) : '');
if(observer_prohibited(true)) {
if(observer_prohibited(true)) {
return login();
}
@ -114,9 +116,9 @@ class Channel extends \Zotlabs\Web\Controller {
if($channel && $is_owner) {
$channel_acl = array(
'allow_cid' => $channel['channel_allow_cid'],
'allow_gid' => $channel['channel_allow_gid'],
'deny_cid' => $channel['channel_deny_cid'],
'allow_cid' => $channel['channel_allow_cid'],
'allow_gid' => $channel['channel_allow_gid'],
'deny_cid' => $channel['channel_deny_cid'],
'deny_gid' => $channel['channel_deny_gid']
);
}
@ -143,9 +145,9 @@ class Channel extends \Zotlabs\Web\Controller {
'bbco_autocomplete' => 'bbcode',
'bbcode' => true,
'jotnets' => true
);
);
$o .= status_editor($a,$x);
$o .= status_editor($a,$x);
}
}
@ -168,7 +170,7 @@ class Channel extends \Zotlabs\Web\Controller {
$simple_update = (($update) ? " AND item_unseen = 1 " : '');
\App::$page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string) . '" title="oembed" />' . "\r\n";
if($update && $_SESSION['loadtime'])
$simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) ";
if($load)
@ -183,7 +185,7 @@ class Channel extends \Zotlabs\Web\Controller {
intval(\App::$profile['profile_uid'])
);
$_SESSION['loadtime'] = datetime_convert();
}
}
else {
$r = q("SELECT distinct parent AS item_id, created from item
left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids )
@ -201,10 +203,10 @@ class Channel extends \Zotlabs\Web\Controller {
else {
if(x($category)) {
$sql_extra .= protect_sprintf(term_query('item', $category, TERM_CATEGORY));
$sql_extra .= protect_sprintf(term_query('item', $category, TERM_CATEGORY));
}
if(x($hashtags)) {
$sql_extra .= protect_sprintf(term_query('item', $hashtags, TERM_HASHTAG, TERM_COMMUNITYTAG));
$sql_extra .= protect_sprintf(term_query('item', $hashtags, TERM_HASHTAG, TERM_COMMUNITYTAG));
}
if($datequery) {
@ -228,10 +230,9 @@ class Channel extends \Zotlabs\Web\Controller {
if (! $r) {
notice( t('Permission denied.') . EOL);
}
}
}
else {
$r = q("SELECT distinct id AS item_id, created FROM item
$r = q("SELECT distinct id AS item_id, created FROM item
left join abook on item.author_xchan = abook.abook_xchan
WHERE uid = %d $item_normal
AND item_wall = 1 and item_thread_top = 1
@ -250,8 +251,8 @@ class Channel extends \Zotlabs\Web\Controller {
if($r) {
$parents_str = ids_to_querystr($r,'item_id');
$items = q("SELECT item.*, item.id AS item_id
$items = q("SELECT item.*, item.id AS item_id
FROM item
WHERE item.uid = %d $item_normal
AND item.parent IN ( %s )
@ -270,8 +271,7 @@ class Channel extends \Zotlabs\Web\Controller {
notice( t('Permission denied.') . EOL);
}
}
else {
} else {
$items = array();
}
@ -285,7 +285,7 @@ class Channel extends \Zotlabs\Web\Controller {
$maxheight = 400;
$o .= '<div id="live-channel"></div>' . "\r\n";
$o .= "<script> var profile_uid = " . \App::$profile['profile_uid']
$o .= "<script> var profile_uid = " . \App::$profile['profile_uid']
. "; var netargs = '?f='; var profile_page = " . \App::$pager['page']
. "; divmore_height = " . intval($maxheight) . "; </script>\r\n";
@ -317,7 +317,6 @@ class Channel extends \Zotlabs\Web\Controller {
'$dbegin' => $datequery2
));
}
$update_unseen = '';
@ -325,10 +324,10 @@ class Channel extends \Zotlabs\Web\Controller {
if($page_mode === 'list') {
/**
* in "list mode", only mark the parent item and any like activities as "seen".
* in "list mode", only mark the parent item and any like activities as "seen".
* We won't distinguish between comment likes and post likes. The important thing
* is that the number of unseen comments will be accurate. The SQL to separate the
* comment likes could also get somewhat hairy.
* comment likes could also get somewhat hairy.
*/
if($parents_str) {
@ -351,7 +350,7 @@ class Channel extends \Zotlabs\Web\Controller {
if($checkjs->disabled()) {
$o .= conversation($a,$items,'channel',$update,'traditional');
}
}
else {
$o .= conversation($a,$items,'channel',$update,$page_mode);
}
@ -362,7 +361,7 @@ class Channel extends \Zotlabs\Web\Controller {
\App::$page['title'] = $items[0]['title'] . " - " . \App::$page['title'];
}
if($mid)
if($mid)
$o .= '<div id="content-complete"></div>';
return $o;

51
Zotlabs/Module/Cloud.php
View file

@ -1,7 +1,7 @@
<?php
namespace Zotlabs\Module;
/**
* @file mod/cloud.php
* @file Zotlabs/Module/Cloud.php
* @brief Initialize Hubzilla's cloud (SabreDAV).
*
* Module for accessing the DAV storage area.
@ -17,34 +17,35 @@ require_once('include/attach.php');
/**
* @brief Fires up the SabreDAV server.
* @brief Cloud Module.
*
* @param App &$a
*/
class Cloud extends \Zotlabs\Web\Controller {
/**
* @brief Fires up the SabreDAV server.
*
*/
function init() {
if (! is_dir('store'))
os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false);
$which = null;
if (argc() > 1)
$which = argv(1);
$profile = 0;
\App::$page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . z_root() . '/feed/' . $which . '" />' . "\r\n";
if ($which)
profile_load( $which, $profile);
$auth = new \Zotlabs\Storage\BasicAuth();
$ob_hash = get_observer_hash();
if ($ob_hash) {
if (local_channel()) {
$channel = \App::get_channel();
@ -57,40 +58,40 @@ class Cloud extends \Zotlabs\Web\Controller {
}
$auth->observer = $ob_hash;
}
if ($_GET['davguest'])
$_SESSION['davguest'] = true;
$_SERVER['QUERY_STRING'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['QUERY_STRING']);
$_SERVER['QUERY_STRING'] = strip_zids($_SERVER['QUERY_STRING']);
$_SERVER['QUERY_STRING'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism', '', $_SERVER['QUERY_STRING']);
$_SERVER['REQUEST_URI'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['REQUEST_URI']);
$_SERVER['REQUEST_URI'] = strip_zids($_SERVER['REQUEST_URI']);
$_SERVER['REQUEST_URI'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism', '', $_SERVER['REQUEST_URI']);
$rootDirectory = new \Zotlabs\Storage\Directory('/', $auth);
// A SabreDAV server-object
$server = new SDAV\Server($rootDirectory);
// prevent overwriting changes each other with a lock backend
$lockBackend = new SDAV\Locks\Backend\File('store/[data]/locks');
$lockPlugin = new SDAV\Locks\Plugin($lockBackend);
$server->addPlugin($lockPlugin);
$is_readable = false;
// provide a directory view for the cloud in Hubzilla
$browser = new \Zotlabs\Storage\Browser($auth);
$auth->setBrowserPlugin($browser);
$server->addPlugin($browser);
// Experimental QuotaPlugin
// require_once('\Zotlabs\Storage/QuotaPlugin.php');
// $server->addPlugin(new \Zotlabs\Storage\\QuotaPlugin($auth));
ob_start();
// All we need to do now, is to fire up the server
$server->exec();
@ -99,5 +100,5 @@ class Cloud extends \Zotlabs\Web\Controller {
killme();
}
}

36
Zotlabs/Module/Dav.php
View file

@ -1,13 +1,13 @@
<?php
namespace Zotlabs\Module;
/**
* @file mod/dav.php
* @file Zotlabs/Module/Dav.php
* @brief Initialize Hubzilla's cloud (SabreDAV).
*
* Module for accessing the DAV storage area from a DAV client.
*/
namespace Zotlabs\Module;
use \Sabre\DAV as SDAV;
use \Zotlabs\Storage;
@ -16,16 +16,14 @@ require_once('vendor/autoload.php');
require_once('include/attach.php');
/**
* @brief Fires up the SabreDAV server.
*
* @param App &$a
*/
class Dav extends \Zotlabs\Web\Controller {
/**
* @brief Fires up the SabreDAV server.
*
*/
function init() {
// workaround for HTTP-auth in CGI mode
if (x($_SERVER, 'REDIRECT_REMOTE_USER')) {
$userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)) ;
@ -47,16 +45,16 @@ class Dav extends \Zotlabs\Web\Controller {
if (! is_dir('store'))
os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false);
if (argc() > 1)
profile_load(argv(1),0);
$auth = new \Zotlabs\Storage\BasicAuth();
$auth->setRealm(ucfirst(\Zotlabs\Lib\System::get_platform_name()) . ' ' . 'WebDAV');
$rootDirectory = new \Zotlabs\Storage\Directory('/', $auth);
// A SabreDAV server-object
$server = new SDAV\Server($rootDirectory);
@ -68,21 +66,21 @@ class Dav extends \Zotlabs\Web\Controller {
// prevent overwriting changes each other with a lock backend
$lockBackend = new SDAV\Locks\Backend\File('store/[data]/locks');
$lockPlugin = new SDAV\Locks\Plugin($lockBackend);
$server->addPlugin($lockPlugin);
// provide a directory view for the cloud in Hubzilla
$browser = new \Zotlabs\Storage\Browser($auth);
$auth->setBrowserPlugin($browser);
// Experimental QuotaPlugin
// require_once('Zotlabs/Storage/QuotaPlugin.php');
// $server->addPlugin(new \Zotlabs\Storage\QuotaPlugin($auth));
// All we need to do now, is to fire up the server
$server->exec();
killme();
}
}

216
Zotlabs/Module/Embedphotos.php
View file

@ -1,97 +1,96 @@
<?php
namespace Zotlabs\Module;
/**
* @brief
*
* This is the POST destination for the embedphotos button
*
*/
*/
class Embedphotos extends \Zotlabs\Web\Controller {
function get() {
}
/**
*
* This is the POST destination for the embedphotos button
*
*/
function post() {
if (argc() > 1 && argv(1) === 'album') {
// API: /embedphotos/album
$name = (x($_POST,'name') ? $_POST['name'] : null );
if (!$name) {
json_return_and_die(array('errormsg' => 'Error retrieving album', 'status' => false));
}
$album = $this->embedphotos_widget_album(array('channel' => \App::get_channel(), 'album' => $name));
json_return_and_die(array('status' => true, 'content' => $album));
}
if (argc() > 1 && argv(1) === 'albumlist') {
// API: /embedphotos/albumlist
$album_list = $this->embedphotos_album_list($a);
json_return_and_die(array('status' => true, 'albumlist' => $album_list));
}
if (argc() > 1 && argv(1) === 'photolink') {
// API: /embedphotos/photolink
$href = (x($_POST,'href') ? $_POST['href'] : null );
if (!$href) {
json_return_and_die(array('errormsg' => 'Error retrieving link ' . $href, 'status' => false));
}
$resource_id = array_pop(explode("/", $href));
$r = q("SELECT obj from item where resource_type = 'photo' and resource_id = '%s' limit 1",
dbesc($resource_id)
);
if(!$r) {
json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false));
}
$obj = json_decode($r[0]['obj'], true);
if(x($obj,'body')) {
$photolink = $obj['body'];
} elseif (x($obj,'bbcode')) {
$photolink = $obj['bbcode'];
} else {
json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false));
}
json_return_and_die(array('status' => true, 'photolink' => $photolink));
}
if (argc() > 1 && argv(1) === 'album') {
// API: /embedphotos/album
$name = (x($_POST,'name') ? $_POST['name'] : null );
if(!$name) {
json_return_and_die(array('errormsg' => 'Error retrieving album', 'status' => false));
}
$album = $this->embedphotos_widget_album(array('channel' => \App::get_channel(), 'album' => $name));
json_return_and_die(array('status' => true, 'content' => $album));
}
if(argc() > 1 && argv(1) === 'albumlist') {
// API: /embedphotos/albumlist
$album_list = $this->embedphotos_album_list($a);
json_return_and_die(array('status' => true, 'albumlist' => $album_list));
}
if(argc() > 1 && argv(1) === 'photolink') {
// API: /embedphotos/photolink
$href = (x($_POST,'href') ? $_POST['href'] : null );
if(!$href) {
json_return_and_die(array('errormsg' => 'Error retrieving link ' . $href, 'status' => false));
}
$resource_id = array_pop(explode("/", $href));
$r = q("SELECT obj from item where resource_type = 'photo' and resource_id = '%s' limit 1",
dbesc($resource_id)
);
if(!$r) {
json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false));
}
$obj = json_decode($r[0]['obj'], true);
if(x($obj,'body')) {
$photolink = $obj['body'];
} elseif (x($obj,'bbcode')) {
$photolink = $obj['bbcode'];
} else {
json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false));
}
json_return_and_die(array('status' => true, 'photolink' => $photolink));
}
}
/**
* Copied from include/widgets.php::widget_album() with a modification to get the profile_uid from
* the input array as in widget_item()
* @param type $name
* @return string
*/
function embedphotos_widget_album($args) {
$channel_id = 0;
if(array_key_exists('channel',$args))
$channel = $args['channel'];
$channel_id = intval($channel['channel_id']);
if(! $channel_id)
$channel_id = \App::$profile_uid;
if(! $channel_id)
return '';
/**
* Copied from include/widgets.php::widget_album() with a modification to get the profile_uid from
* the input array as in widget_item()
*
* @param array $args
* @return string with HTML
*/
function embedphotos_widget_album($args) {
$channel_id = 0;
if(array_key_exists('channel', $args))
$channel = $args['channel'];
$channel_id = intval($channel['channel_id']);
if(! $channel_id)
$channel_id = \App::$profile_uid;
if(! $channel_id)
return '';
$owner_uid = $channel_id;
require_once('include/security.php');
$sql_extra = permissions_sql($channel_id);
require_once('include/security.php');
$sql_extra = permissions_sql($channel_id);
if(! perm_is_allowed($channel_id,get_observer_hash(),'view_storage'))
return '';
if(! perm_is_allowed($channel_id,get_observer_hash(),'view_storage'))
return '';
if($args['album'])
$album = $args['album'];
if($args['title'])
$title = $args['title'];
if($args['album'])
$album = $args['album'];
if($args['title'])
$title = $args['title'];
/**
/**
* This may return incorrect permissions if you have multiple directories of the same name.
* It is a limitation of the photo table using a name for a photo album instead of a folder hash
*/
if($album) {
$x = q("select hash from attach where filename = '%s' and uid = %d limit 1",
dbesc($album),
@ -107,34 +106,33 @@ function embedphotos_widget_album($args) {
$order = 'DESC';
$r = q("SELECT p.resource_id, p.id, p.filename, p.mimetype, p.imgscale, p.description, p.created FROM photo p INNER JOIN
(SELECT resource_id, max(imgscale) imgscale FROM photo WHERE uid = %d AND album = '%s' AND imgscale <= 4 AND photo_usage IN ( %d, %d ) $sql_extra GROUP BY resource_id) ph
(SELECT resource_id, max(imgscale) imgscale FROM photo WHERE uid = %d AND album = '%s' AND imgscale <= 4 AND photo_usage IN ( %d, %d ) $sql_extra GROUP BY resource_id) ph
ON (p.resource_id = ph.resource_id AND p.imgscale = ph.imgscale)
ORDER BY created $order",
intval($owner_uid),
dbesc($album),
intval(PHOTO_NORMAL),
intval(PHOTO_PROFILE)
ORDER BY created $order",
intval($owner_uid),
dbesc($album),
intval(PHOTO_NORMAL),
intval(PHOTO_PROFILE)
);
$photos = array();
if(count($r)) {
$twist = 'rotright';
foreach($r as $rr) {
if($twist == 'rotright')
$twist = 'rotleft';
else
$twist = 'rotright';
$ext = $phototypes[$rr['mimetype']];
$imgalt_e = $rr['filename'];
$desc_e = $rr['description'];
$imagelink = (z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $rr['resource_id']
if(count($r)) {
$twist = 'rotright';
foreach($r as $rr) {
if($twist == 'rotright')
$twist = 'rotleft';
else
$twist = 'rotright';
$ext = $phototypes[$rr['mimetype']];
$imgalt_e = $rr['filename'];
$desc_e = $rr['description'];
$imagelink = (z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $rr['resource_id']
. (($_GET['order'] === 'posted') ? '?f=&order=posted' : ''));
$photos[] = array(
$photos[] = array(
'id' => $rr['id'],
'twist' => ' ' . $twist . rand(2,4),
'link' => $imagelink,
@ -146,8 +144,8 @@ function embedphotos_widget_album($args) {
'hash'=> $rr['resource_id'],
'unknown' => t('Unknown')
);
}
}
}
$tpl = get_markup_template('photo_album.tpl');
$o .= replace_macros($tpl, array(
@ -163,18 +161,16 @@ function embedphotos_widget_album($args) {
));
return $o;
}
}
function embedphotos_album_list($a) {
$o = '';
require_once('include/photos.php');
$p = photos_albums_list(\App::get_channel(), \App::get_observer());
if ($p['success']) {
return $p['albums'];
} else {
return null;
}
}
function embedphotos_album_list($a) {
require_once('include/photos.php');
$p = photos_albums_list(\App::get_channel(), \App::get_observer());
if($p['success']) {
return $p['albums'];
} else {
return null;
}
}
}

74
Zotlabs/Module/Filestorage.php
View file

@ -1,7 +1,7 @@
<?php
namespace Zotlabs\Module;
/**
* @file mod/filestorage.php
* @file Zotlabs/Module/Filestorage.php
*
*/
@ -16,43 +16,43 @@ require_once('include/attach.php');
class Filestorage extends \Zotlabs\Web\Controller {
function post() {
$channel_id = ((x($_POST, 'uid')) ? intval($_POST['uid']) : 0);
if((! $channel_id) || (! local_channel()) || ($channel_id != local_channel())) {
notice( t('Permission denied.') . EOL);
return;
}
$recurse = ((x($_POST, 'recurse')) ? intval($_POST['recurse']) : 0);
$resource = ((x($_POST, 'filehash')) ? notags($_POST['filehash']) : '');
$notify = ((x($_POST, 'notify')) ? intval($_POST['notify']) : 0);
if(! $resource) {
notice(t('Item not found.') . EOL);
return;
}
$channel = \App::get_channel();
$acl = new \Zotlabs\Access\AccessList($channel);
$acl->set_from_array($_REQUEST);
$x = $acl->get();
$cloudPath = get_parent_cloudpath($channel_id, $channel['channel_address'], $resource);
//get the object before permissions change so we can catch eventual former allowed members
$object = get_file_activity_object($channel_id, $resource, $cloudPath);
attach_change_permissions($channel_id, $resource, $x['allow_cid'], $x['allow_gid'], $x['deny_cid'], $x['deny_gid'], $recurse, true);
file_activity($channel_id, $object, $x['allow_cid'], $x['allow_gid'], $x['deny_cid'], $x['deny_gid'], 'post', $notify);
goaway($cloudPath);
}
function get() {
if(argc() > 1)
$which = argv(1);
else {
@ -60,7 +60,7 @@ class Filestorage extends \Zotlabs\Web\Controller {
\App::$error = 404;
return;
}
$r = q("select * from channel where channel_address = '%s'",
dbesc($which)
);
@ -68,32 +68,32 @@ class Filestorage extends \Zotlabs\Web\Controller {
$channel = $r[0];
$owner = intval($r[0]['channel_id']);
}
$observer = \App::get_observer();
$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
$perms = get_all_perms($owner, $ob_hash);
if(! $perms['view_storage']) {
notice( t('Permission denied.') . EOL);
return;
}
// Since we have ACL'd files in the wild, but don't have ACL here yet, we
// need to return for anyone other than the owner, despite the perms check for now.
$is_owner = (((local_channel()) && ($owner == local_channel())) ? true : false);
if(! $is_owner) {
info( t('Permission Denied.') . EOL );
return;
}
if(argc() > 3 && argv(3) === 'delete') {
if(! $perms['write_storage']) {
notice( t('Permission denied.') . EOL);
return;
}
$file = intval(argv(2));
$r = q("SELECT hash FROM attach WHERE id = %d AND uid = %d LIMIT 1",
dbesc($file),
@ -103,17 +103,17 @@ class Filestorage extends \Zotlabs\Web\Controller {
notice( t('File not found.') . EOL);
goaway(z_root() . '/cloud/' . $which);
}
$f = $r[0];
$channel = \App::get_channel();
$parentpath = get_parent_cloudpath($channel['channel_id'], $channel['channel_address'], $f['hash']);
attach_delete($owner, $f['hash']);
goaway($parentpath);
}
if(argc() > 3 && argv(3) === 'edit') {
require_once('include/acl_selectors.php');
if(! $perms['write_storage']) {
@ -121,23 +121,23 @@ class Filestorage extends \Zotlabs\Web\Controller {
return;
}
$file = intval(argv(2));
$r = q("select id, uid, folder, filename, revision, flags, is_dir, os_storage, hash, allow_cid, allow_gid, deny_cid, deny_gid from attach where id = %d and uid = %d limit 1",
intval($file),
intval($owner)
);
$f = $r[0];
$channel = \App::get_channel();
$cloudpath = get_cloudpath($f) . (intval($f['is_dir']) ? '?f=&davguest=1' : '');
$parentpath = get_parent_cloudpath($channel['channel_id'], $channel['channel_address'], $f['hash']);
$aclselect_e = populate_acl($f, false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_storage'));
$is_a_dir = (intval($f['is_dir']) ? true : false);
$lockstate = (($f['allow_cid'] || $f['allow_gid'] || $f['deny_cid'] || $f['deny_gid']) ? 'lock' : 'unlock');
$lockstate = (($f['allow_cid'] || $f['allow_gid'] || $f['deny_cid'] || $f['deny_gid']) ? 'lock' : 'unlock');
// Encode path that is used for link so it's a valid URL
// Keep slashes as slashes, otherwise mod_rewrite doesn't work correctly
$encoded_path = str_replace('%2F', '/', rawurlencode($cloudpath));
@ -167,12 +167,12 @@ class Filestorage extends \Zotlabs\Web\Controller {
'$link_btn_title' => t('Show URL to this file'),
'$notify' => array('notify', t('Notify your contacts about this file'), 0, '', array(t('No'), t('Yes'))),
));
echo $o;
killme();
}
goaway(z_root() . '/cloud/' . $which);
}
}

38
Zotlabs/Module/Help.php
View file

@ -1,66 +1,56 @@
<?php
namespace Zotlabs\Module;
require_once('include/help.php');
/**
* You can create local site resources in doc/Site.md and either link to doc/Home.md for the standard resources
* or use our include mechanism to include it on your local page.
*
*@code
* #include doc/Home.md;
*@endcode
*
* The syntax is somewhat strict.
*
* The syntax is somewhat strict.
*/
class Help extends \Zotlabs\Web\Controller {
function get() {
nav_set_selected('help');
if($_REQUEST['search']) {
$o .= '<div id="help-content" class="generic-content-wrapper">';
$o .= '<div class="section-title-wrapper">';
$o .= '<h2>' . t('Documentation Search') . ' - ' . htmlspecialchars($_REQUEST['search']) . '</h2>';
$o .= '</div>';
$o .= '<div class="section-content-wrapper">';
$r = search_doc_files($_REQUEST['search']);
if($r) {
$o .= '<ul class="help-searchlist">';
foreach($r as $rr) {
$dirname = dirname($rr['v']);
$fname = basename($rr['v']);
$fname = substr($fname,0,strrpos($fname,'.'));
$path = trim(substr($dirname,4),'/');
$o .= '<li><a href="help/' . (($path) ? $path . '/' : '') . $fname . '" >' . ucwords(str_replace('_',' ',notags($fname))) . '</a><br />'
. '<b><i>' . 'help/' . (($path) ? $path . '/' : '') . $fname . '</i></b><br />' .
'...' . str_replace('$Projectname',\Zotlabs\Lib\System::get_platform_name(),$rr['text']) . '...<br /><br /></li>';
$fname = substr($fname, 0, strrpos($fname, '.'));
$path = trim(substr($dirname, 4), '/');
$o .= '<li><a href="help/' . (($path) ? $path . '/' : '') . $fname . '" >' . ucwords(str_replace('_',' ',notags($fname))) . '</a><br>'
. '<b><i>' . 'help/' . (($path) ? $path . '/' : '') . $fname . '</i></b><br>'
. '...' . str_replace('$Projectname', \Zotlabs\Lib\System::get_platform_name(), $rr['text']) . '...<br><br></li>';
}
$o .= '</ul>';
$o .= '</div>';
$o .= '</div>';
}
return $o;
}
$content = get_help_content();
return replace_macros(get_markup_template("help.tpl"), array(
return replace_macros(get_markup_template('help.tpl'), array(
'$title' => t('$Projectname Documentation'),
'$content' => $content
));
}
}

207
Zotlabs/Module/Ping.php
View file

@ -1,32 +1,27 @@
<?php
namespace Zotlabs\Module;
/**
* @file mod/ping.php
*
*/
namespace Zotlabs\Module;
require_once('include/bbcode.php');
/**
* @brief do several updates when pinged.
* @brief Ping Controller.
*
* This function does several tasks. Whenever called it checks for new messages,
* introductions, notifications, etc. and returns a json with the results.
*
* @param App &$a
* @result JSON
*/
class Ping extends \Zotlabs\Web\Controller {
/**
* @brief do several updates when pinged.
*
* This function does several tasks. Whenever called it checks for new messages,
* introductions, notifications, etc. and returns a json with the results.
*
* @result JSON
*/
function init() {
$result = array();
$notifs = array();
$result['notify'] = 0;
$result['home'] = 0;
$result['network'] = 0;
@ -41,45 +36,45 @@ class Ping extends \Zotlabs\Web\Controller {
$result['all_events_today'] = 0;
$result['notice'] = array();
$result['info'] = array();
$t0 = dba_timer();
header("content-type: application/json");
$vnotify = false;
$item_normal = item_normal();
if(local_channel()) {
if(local_channel()) {
$vnotify = get_pconfig(local_channel(),'system','vnotify');
$evdays = intval(get_pconfig(local_channel(),'system','evdays'));
$ob_hash = get_observer_hash();
}
// if unset show all visual notification types
if($vnotify === false)
$vnotify = (-1);
if($evdays < 1)
$evdays = 3;
/**
* If you have several windows open to this site and switch to a different channel
* in one of them, the others may get into a confused state showing you a page or options
* in one of them, the others may get into a confused state showing you a page or options
* on that page which were only valid under the old identity. You session has changed.
* Therefore we send a notification of this fact back to the browser where it is picked up
* in javascript and which reloads the page it is on so that it is valid under the context
* of the now current channel.
* of the now current channel.
*/
$result['invalid'] = ((intval($_GET['uid'])) && (intval($_GET['uid']) != local_channel()) ? 1 : 0);
/**
* Send all system messages (alerts) to the browser.
* Some are marked as informational and some represent
* errors or serious notifications. These typically
* will popup on the current page (no matter what page it is)
*/
if(x($_SESSION, 'sysmsg')){
foreach ($_SESSION['sysmsg'] as $m){
$result['notice'][] = array('message' => $m);
@ -96,17 +91,16 @@ class Ping extends \Zotlabs\Web\Controller {
$result['info'] = array();
if(! ($vnotify & VNOTIFY_ALERT))
$result['notice'] = array();
if(\App::$install) {
echo json_encode($result);
killme();
}
/**
* Update chat presence indication (if applicable)
*/
if(get_observer_hash() && (! $result['invalid'])) {
$r = q("select cp_id, cp_room from chatpresence where cp_xchan = '%s' and cp_client = '%s' and cp_room = 0 limit 1",
dbesc(get_observer_hash()),
@ -114,7 +108,7 @@ class Ping extends \Zotlabs\Web\Controller {
);
$basic_presence = false;
if($r) {
$basic_presence = true;
$basic_presence = true;
q("update chatpresence set cp_last = '%s' where cp_id = %d",
dbesc(datetime_convert()),
intval($r[0]['cp_id'])
@ -130,40 +124,39 @@ class Ping extends \Zotlabs\Web\Controller {
);
}
}
/**
* Chatpresence continued... if somebody hasn't pinged recently, they've most likely left the page
* and shouldn't count as online anymore. We allow an expection for bots.
*/
q("delete from chatpresence where cp_last < %s - INTERVAL %s and cp_client != 'auto' ",
db_utcnow(), db_quoteinterval('3 MINUTE')
);
);
if((! local_channel()) || ($result['invalid'])) {
echo json_encode($result);
killme();
}
/**
* Everything following is only permitted under the context of a locally authenticated site member.
*/
/**
* Handle "mark all xyz notifications read" requests.
*/
// mark all items read
if(x($_REQUEST, 'markRead') && local_channel()) {
switch($_REQUEST['markRead']) {
case 'network':
$r = q("update item set item_unseen = 0 where item_unseen = 1 and uid = %d",
$r = q("update item set item_unseen = 0 where item_unseen = 1 and uid = %d",
intval(local_channel())
);
break;
case 'home':
$r = q("update item set item_unseen = 0 where item_unseen = 1 and item_wall = 1 and uid = %d",
$r = q("update item set item_unseen = 0 where item_unseen = 1 and item_wall = 1 and uid = %d",
intval(local_channel())
);
break;
@ -188,21 +181,18 @@ class Ping extends \Zotlabs\Web\Controller {
break;
}
}
if(x($_REQUEST, 'markItemRead') && local_channel()) {
$r = q("update item set item_unseen = 0 where parent = %d and uid = %d",
$r = q("update item set item_unseen = 0 where parent = %d and uid = %d",
intval($_REQUEST['markItemRead']),
intval(local_channel())
);
}
/**
* URL ping/something will return detail for "something", e.g. a json list with which to populate a notification
* dropdown menu.
*/
if(argc() > 1 && argv(1) === 'notify') {
$t = q("select count(*) as total from notify where uid = %d and seen = 0",
intval(local_channel())
@ -212,8 +202,7 @@ class Ping extends \Zotlabs\Web\Controller {
and seen = 0 order by created desc limit 50",
intval(local_channel())
);
}
else {
} else {
$z1 = q("select * from notify where uid = %d
and seen = 0 order by created desc limit 50",
intval(local_channel())
@ -225,62 +214,62 @@ class Ping extends \Zotlabs\Web\Controller {
);
$z = array_merge($z1,$z2);
}
if(count($z)) {
foreach($z as $zz) {
$notifs[] = array(
'notify_link' => z_root() . '/notify/view/' . $zz['id'],
'notify_link' => z_root() . '/notify/view/' . $zz['id'],
'name' => $zz['xname'],
'url' => $zz['url'],
'photo' => $zz['photo'],
'when' => relative_date($zz['created']),
'hclass' => (($zz['seen']) ? 'notify-seen' : 'notify-unseen'),
'when' => relative_date($zz['created']),
'hclass' => (($zz['seen']) ? 'notify-seen' : 'notify-unseen'),
'message' => strip_tags(bbcode($zz['msg']))
);
}
}
echo json_encode(array('notify' => $notifs));
killme();
}
if(argc() > 1 && argv(1) === 'messages') {
$channel = \App::get_channel();
$t = q("select mail.*, xchan.* from mail left join xchan on xchan_hash = from_xchan
where channel_id = %d and mail_seen = 0 and mail_deleted = 0
$t = q("select mail.*, xchan.* from mail left join xchan on xchan_hash = from_xchan
where channel_id = %d and mail_seen = 0 and mail_deleted = 0
and from_xchan != '%s' order by created desc limit 50",
intval(local_channel()),
dbesc($channel['channel_hash'])
);
if($t) {
foreach($t as $zz) {
$notifs[] = array(
'notify_link' => z_root() . '/mail/' . $zz['id'],
'notify_link' => z_root() . '/mail/' . $zz['id'],
'name' => $zz['xchan_name'],
'url' => $zz['xchan_url'],
'photo' => $zz['xchan_photo_s'],
'when' => relative_date($zz['created']),
'hclass' => (intval($zz['mail_seen']) ? 'notify-seen' : 'notify-unseen'),
'when' => relative_date($zz['created']),
'hclass' => (intval($zz['mail_seen']) ? 'notify-seen' : 'notify-unseen'),
'message' => t('sent you a private message'),
);
}
}
echo json_encode(array('notify' => $notifs));
killme();
}
if(argc() > 1 && (argv(1) === 'network' || argv(1) === 'home')) {
$result = array();
$r = q("SELECT * FROM item
WHERE item_unseen = 1 and uid = %d $item_normal
and author_xchan != '%s' ORDER BY created DESC limit 300",
intval(local_channel()),
dbesc($ob_hash)
);
if($r) {
xchan_query($r);
foreach($r as $item) {
@ -289,18 +278,18 @@ class Ping extends \Zotlabs\Web\Controller {
$result[] = \Zotlabs\Lib\Enotify::format($item);
}
}
// logger('ping (network||home): ' . print_r($result, true), LOGGER_DATA);
// logger('ping (network||home): ' . print_r($result, true), LOGGER_DATA);
echo json_encode(array('notify' => $result));
killme();
}
if(argc() > 1 && (argv(1) === 'intros')) {
$result = array();
$r = q("SELECT * FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and abook_pending = 1 and abook_self = 0 and abook_ignored = 0 and xchan_deleted = 0 and xchan_orphan = 0 ORDER BY abook_created DESC LIMIT 50",
intval(local_channel())
);
if($r) {
foreach($r as $rr) {
$result[] = array(
@ -308,8 +297,8 @@ class Ping extends \Zotlabs\Web\Controller {
'name' => $rr['xchan_name'],
'url' => $rr['xchan_url'],
'photo' => $rr['xchan_photo_s'],
'when' => relative_date($rr['abook_created']),
'hclass' => ('notify-unseen'),
'when' => relative_date($rr['abook_created']),
'hclass' => ('notify-unseen'),
'message' => t('added your channel')
);
}
@ -318,12 +307,12 @@ class Ping extends \Zotlabs\Web\Controller {
echo json_encode(array('notify' => $result));
killme();
}
if(argc() > 1 && (argv(1) === 'all_events')) {
$bd_format = t('g A l F d') ; // 8 AM Friday January 18
$result = array();
$r = q("SELECT * FROM event left join xchan on event_xchan = xchan_hash
WHERE event.uid = %d AND dtstart < '%s' AND dtstart > '%s' and dismissed = 0
and etype in ( 'event', 'birthday' )
@ -332,26 +321,25 @@ class Ping extends \Zotlabs\Web\Controller {
dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')),
dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days'))
);
if($r) {
foreach($r as $rr) {
if($rr['adjust'])
$md = datetime_convert('UTC', date_default_timezone_get(), $rr['dtstart'], 'Y/m');
else
$md = datetime_convert('UTC', 'UTC', $rr['dtstart'], 'Y/m');
$strt = datetime_convert('UTC', (($rr['adjust']) ? date_default_timezone_get() : 'UTC'), $rr['dtstart']);
$today = ((substr($strt, 0, 10) === datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y-m-d')) ? true : false);
$when = day_translate(datetime_convert('UTC', (($rr['adjust']) ? date_default_timezone_get() : 'UTC'), $rr['dtstart'], $bd_format)) . (($today) ? ' ' . t('[today]') : '');
$result[] = array(
'notify_link' => z_root() . '/events', // FIXME this takes you to an edit page and it may not be yours, we really want to just view the single event --> '/events/event/' . $rr['event_hash'],
'notify_link' => z_root() . '/events', /// @FIXME this takes you to an edit page and it may not be yours, we really want to just view the single event --> '/events/event/' . $rr['event_hash'],
'name' => $rr['xchan_name'],
'url' => $rr['xchan_url'],
'photo' => $rr['xchan_photo_s'],
'when' => $when,
'hclass' => ('notify-unseen'),
'hclass' => ('notify-unseen'),
'message' => t('posted an event')
);
}
@ -360,13 +348,10 @@ class Ping extends \Zotlabs\Web\Controller {
echo json_encode(array('notify' => $result));
killme();
}
/**
* Normal ping - just the counts, no detail
*/
if($vnotify & VNOTIFY_SYSTEM) {
$t = q("select count(*) as total from notify where uid = %d and seen = 0",
intval(local_channel())
@ -374,9 +359,9 @@ class Ping extends \Zotlabs\Web\Controller {
if($t)
$result['notify'] = intval($t[0]['total']);
}
$t1 = dba_timer();
if($vnotify & (VNOTIFY_NETWORK|VNOTIFY_CHANNEL)) {
$r = q("SELECT id, item_wall FROM item
WHERE item_unseen = 1 and uid = %d
@ -385,11 +370,11 @@ class Ping extends \Zotlabs\Web\Controller {
intval(local_channel()),
dbesc($ob_hash)
);
if($r) {
if($r) {
$arr = array('items' => $r);
call_hooks('network_ping', $arr);
foreach ($r as $it) {
if(intval($it['item_wall']))
$result['home'] ++;
@ -402,24 +387,23 @@ class Ping extends \Zotlabs\Web\Controller {
$result['network'] = 0;
if(! ($vnotify & VNOTIFY_CHANNEL))
$result['home'] = 0;
$t2 = dba_timer();
if($vnotify & VNOTIFY_INTRO) {
$intr = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and abook_pending = 1 and abook_self = 0 and abook_ignored = 0 and xchan_deleted = 0 and xchan_orphan = 0 ",
intval(local_channel())
);
$t3 = dba_timer();
if($intr)
$result['intros'] = intval($intr[0]['total']);
}
$t4 = dba_timer();
$channel = \App::get_channel();
if($vnotify & VNOTIFY_MAIL) {
$mails = q("SELECT count(id) as total from mail
WHERE channel_id = %d AND mail_seen = 0 and from_xchan != '%s' ",
@ -429,7 +413,7 @@ class Ping extends \Zotlabs\Web\Controller {
if($mails)
$result['mail'] = intval($mails[0]['total']);
}
if($vnotify & VNOTIFY_REGISTER) {
if (\App::$config['system']['register_policy'] == REGISTER_APPROVE && is_site_admin()) {
$regs = q("SELECT count(account_id) as total from account where (account_flags & %d) > 0",
@ -438,10 +422,10 @@ class Ping extends \Zotlabs\Web\Controller {
if($regs)
$result['register'] = intval($regs[0]['total']);
}
}
}
$t5 = dba_timer();
if($vnotify & (VNOTIFY_EVENT|VNOTIFY_EVENTTODAY|VNOTIFY_BIRTHDAY)) {
$events = q("SELECT etype, dtstart, adjust FROM event
WHERE event.uid = %d AND dtstart < '%s' AND dtstart > '%s' and dismissed = 0
@ -451,10 +435,10 @@ class Ping extends \Zotlabs\Web\Controller {
dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')),
dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days'))
);
if($events) {
$result['all_events'] = count($events);
if($result['all_events']) {
$str_now = datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y-m-d');
foreach($events as $x) {
@ -483,16 +467,15 @@ class Ping extends \Zotlabs\Web\Controller {
$result['all_events_today'] = $result['events_today'] = 0;
if(! ($vnotify & VNOTIFY_BIRTHDAY))
$result['birthdays'] = 0;
$x = json_encode($result);
$t6 = dba_timer();
// logger('ping timer: ' . sprintf('%01.4f %01.4f %01.4f %01.4f %01.4f %01.4f',$t6 - $t5, $t5 - $t4, $t4 - $t3, $t3 - $t2, $t2 - $t1, $t1 - $t0));
// logger('ping timer: ' . sprintf('%01.4f %01.4f %01.4f %01.4f %01.4f %01.4f',$t6 - $t5, $t5 - $t4, $t4 - $t3, $t3 - $t2, $t2 - $t1, $t1 - $t0));
echo $x;
killme();
}
}

30
Zotlabs/Module/Post.php
View file

@ -1,36 +1,34 @@
<?php
namespace Zotlabs\Module;
/**
* @file mod/post.php
* @file Zotlabs/Module/Post.php
*
* @brief Zot endpoint.
*
*/
namespace Zotlabs\Module;
require_once('include/zot.php');
/**
* @brief Post module.
*
*/
class Post extends \Zotlabs\Web\Controller {
function init() {
if (array_key_exists('auth', $_REQUEST)) {
if(array_key_exists('auth', $_REQUEST)) {
$x = new \Zotlabs\Zot\Auth($_REQUEST);
exit;
}
}
function post() {
$z = new \Zotlabs\Zot\Receiver($_REQUEST['data'],get_config('system','prvkey'), new \Zotlabs\Zot\ZotHandler());
function post() {
$z = new \Zotlabs\Zot\Receiver($_REQUEST['data'], get_config('system', 'prvkey'), new \Zotlabs\Zot\ZotHandler());
// notreached;
exit;
}
}

251
Zotlabs/Module/Setup.php
View file

@ -1,9 +1,9 @@
<?php
namespace Zotlabs\Module;
/**
* @file mod/setup.php
* @file Zotlabs/Module/Setup.php
*
* Controller for the initial setup/installation.
* @brief Controller for the initial setup/installation.
*
* @todo This setup module could need some love and improvements.
*/
@ -13,51 +13,50 @@ namespace Zotlabs\Module;
* @brief Initialisation for the setup module.
*
*/
class Setup extends \Zotlabs\Web\Controller {
private static $install_wizard_pass = 1;
/**
* {@inheritDoc}
* @see \\Zotlabs\\Web\\Controller::init()
*/
function init() {
// Ensure that if somebody hasn't read the install documentation and doesn't have all
// the required modules or has a totally borked shared hosting provider and they can't
// figure out what the hell is going on - that we at least spit out an error message which
// we can inquire about when they write to tell us that our software doesn't work.
// The worst thing we can do at this point is throw a white screen of death and rely on
// them knowing about servers and php modules and logfiles enough so that we can guess
// at the source of the problem. As ugly as it may be, we need to throw a technically worded
// PHP error message in their face. Once installation is complete application errors will
// throw a white screen because these error messages divulge information which can
// potentially be useful to hackers.
error_reporting(E_ERROR | E_WARNING | E_PARSE );
ini_set('log_errors', '0');
ini_set('display_errors', '1');
// $baseurl/setup/testrwrite to test if rewite in .htaccess is working
if (argc() == 2 && argv(1) == "testrewrite") {
echo 'ok';
killme();
}
if (x($_POST, 'pass')) {
$this->install_wizard_pass = intval($_POST['pass']);
}
else {
} else {
$this->install_wizard_pass = 1;
}
}
/**
* @brief Handle the actions of the different setup steps.
*
*/
function post() {
switch($this->install_wizard_pass) {
case 1:
case 2:
@ -77,15 +76,15 @@ class Setup extends \Zotlabs\Web\Controller {
$server_role = trim($_POST['server_role']);
if(! $server_role)
$server_role = 'standard';
// $siteurl should not have a trailing slash
$siteurl = rtrim($siteurl,'/');
require_once('include/dba/dba_driver.php');
$db = \DBA::dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, $dbtype, true);
if(! \DBA::$dba->connected) {
echo 'Database Connect failed: ' . \DBA::$dba->error;
killme();
@ -107,7 +106,7 @@ class Setup extends \Zotlabs\Web\Controller {
$server_role = trim($_POST['server_role']);
if(! $server_role)
$server_role = 'standard';
if($siteurl != z_root()) {
$test = z_fetch_url($siteurl."/setup/testrewrite");
if((! $test['success']) || ($test['body'] != 'ok')) {
@ -116,7 +115,7 @@ class Setup extends \Zotlabs\Web\Controller {
return;
}
}
if(! \DBA::$dba->connected) {
// connect to db
$db = \DBA::dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, $dbtype, true);
@ -126,7 +125,7 @@ class Setup extends \Zotlabs\Web\Controller {
echo 'CRITICAL: DB not connected.';
killme();
}
$tpl = get_intltext_template('htconfig.tpl');
$txt = replace_macros($tpl,array(
'$dbhost' => $dbhost,
@ -142,33 +141,33 @@ class Setup extends \Zotlabs\Web\Controller {
'$phpath' => $phpath,
'$adminmail' => $adminmail
));
$result = file_put_contents('.htconfig.php', $txt);
if(! $result) {
\App::$data['txt'] = $txt;
}
$errors = $this->load_database($db);
if($errors)
\App::$data['db_failed'] = $errors;
else
\App::$data['db_installed'] = true;
return;
// implied break;
default:
break;
}
}
function get_db_errno() {
if(class_exists('mysqli'))
return mysqli_connect_errno();
else
return mysql_errno();
}
/**
* @brief Get output for the setup page.
*
@ -176,13 +175,12 @@ class Setup extends \Zotlabs\Web\Controller {
*
* @return string parsed HTML output
*/
function get() {
$o = '';
$wizard_status = '';
$install_title = t('$Projectname Server - Setup');
if(x(\App::$data, 'db_conn_failed')) {
$this->install_wizard_pass = 2;
$wizard_status = t('Could not connect to database.');
@ -193,7 +191,7 @@ class Setup extends \Zotlabs\Web\Controller {
if(\App::$data['url_error'])
$wizard_status .= ' ' . \App::$data['url_error'];
}
if(x(\App::$data, 'db_create_failed')) {
$this->install_wizard_pass = 2;
$wizard_status = t('Could not create table.');
@ -222,11 +220,11 @@ class Setup extends \Zotlabs\Web\Controller {
));
}
}
if(x(\App::$data, 'txt') && strlen(\App::$data['txt'])) {
$db_return_text .= $this->manual_config($a);
}
if ($db_return_text != "") {
$tpl = get_markup_template('install.tpl');
return replace_macros($tpl, array(
@ -235,33 +233,33 @@ class Setup extends \Zotlabs\Web\Controller {
'$text' => $db_return_text . $this->what_next(),
));
}
switch ($this->install_wizard_pass){
case 1: { // System check
$checks = array();
$this->check_funcs($checks);
$this->check_htconfig($checks);
$this->check_store($checks);
$this->check_smarty3($checks);
$this->check_keys($checks);
if (x($_POST, 'phpath'))
$phpath = notags(trim($_POST['phpath']));
$this->check_php($phpath, $checks);
$this->check_phpconfig($checks);
$this->check_htaccess($checks);
$checkspassed = array_reduce($checks, "self::check_passed", true);
$tpl = get_markup_template('install_checks.tpl');
$o .= replace_macros($tpl, array(
'$title' => $install_title,
@ -276,9 +274,9 @@ class Setup extends \Zotlabs\Web\Controller {
));
return $o;
}; break;
case 2: { // Database config
$dbhost = ((x($_POST,'dbhost')) ? trim($_POST['dbhost']) : '127.0.0.1');
$dbuser = trim($_POST['dbuser']);
$dbport = intval(trim($_POST['dbport']));
@ -288,7 +286,7 @@ class Setup extends \Zotlabs\Web\Controller {
$phpath = trim($_POST['phpath']);
$adminmail = trim($_POST['adminmail']);
$siteurl = trim($_POST['siteurl']);
$tpl = get_markup_template('install_db.tpl');
$o .= replace_macros($tpl, array(
'$title' => $install_title,
@ -296,24 +294,24 @@ class Setup extends \Zotlabs\Web\Controller {
'$info_01' => t('In order to install $Projectname we need to know how to connect to your database.'),
'$info_02' => t('Please contact your hosting provider or site administrator if you have questions about these settings.'),
'$info_03' => t('The database you specify below should already exist. If it does not, please create it before continuing.'),
'$status' => $wizard_status,
'$dbhost' => array('dbhost', t('Database Server Name'), $dbhost, t('Default is 127.0.0.1')),
'$dbport' => array('dbport', t('Database Port'), $dbport, t('Communication port number - use 0 for default')),
'$dbuser' => array('dbuser', t('Database Login Name'), $dbuser, ''),
'$dbpass' => array('dbpass', t('Database Login Password'), $dbpass, ''),
'$dbdata' => array('dbdata', t('Database Name'), $dbdata, ''),
'$dbtype' => array('dbtype', t('Database Type'), $dbtype, '', array( 0=>'MySQL', 1=>'PostgreSQL' )),
'$adminmail' => array('adminmail', t('Site administrator email address'), $adminmail, t('Your account email address must match this in order to use the web admin panel.')),
'$siteurl' => array('siteurl', t('Website URL'), z_root(), t('Please use SSL (https) URL if available.')),
'$lbl_10' => t('Please select a default timezone for your website'),
'$baseurl' => z_root(),
'$phpath' => $phpath,
'$submit' => t('Submit'),
));
return $o;
@ -327,11 +325,11 @@ class Setup extends \Zotlabs\Web\Controller {
$dbdata = trim($_POST['dbdata']);
$dbtype = intval(trim($_POST['dbtype']));
$phpath = trim($_POST['phpath']);
$adminmail = trim($_POST['adminmail']);
$siteurl = trim($_POST['siteurl']);
$timezone = ((x($_POST,'timezone')) ? ($_POST['timezone']) : 'America/Los_Angeles');
$server_roles = [
'basic' => t('Basic/Minimal Social Networking'),
'standard' => t('Standard Configuration (default)'),
@ -343,7 +341,7 @@ class Setup extends \Zotlabs\Web\Controller {
'$title' => $install_title,
'$pass' => t('Site settings'),
'$status' => $wizard_status,
'$dbhost' => $dbhost,
'$dbport' => $dbport,
'$dbuser' => $dbuser,
@ -351,24 +349,24 @@ class Setup extends \Zotlabs\Web\Controller {
'$dbdata' => $dbdata,
'$phpath' => $phpath,
'$dbtype' => $dbtype,
'$adminmail' => array('adminmail', t('Site administrator email address'), $adminmail, t('Your account email address must match this in order to use the web admin panel.')),
'$siteurl' => array('siteurl', t('Website URL'), z_root(), t('Please use SSL (https) URL if available.')),
'$server_role' => array('server_role', t("Server Configuration/Role"), 'standard','',$server_roles),
'$server_role' => array('server_role', t("Server Configuration/Role"), 'standard','',$server_roles),
'$timezone' => array('timezone', t('Please select a default timezone for your website'), $timezone, '', get_timezones()),
'$baseurl' => z_root(),
'$submit' => t('Submit'),
));
return $o;
}; break;
}
}
/**
* @brief Add a check result to the array for output.
*
@ -376,7 +374,7 @@ class Setup extends \Zotlabs\Web\Controller {
* @param string $title a title for the check
* @param boolean $status
* @param boolean $required
* @param[optional] string $help optional help string
* @param string $help optional help string
*/
function check_add(&$checks, $title, $status, $required, $help = '') {
$checks[] = array(
@ -386,7 +384,7 @@ class Setup extends \Zotlabs\Web\Controller {
'help' => $help
);
}
/**
* @brief Checks the PHP environment.
*
@ -395,7 +393,7 @@ class Setup extends \Zotlabs\Web\Controller {
*/
function check_php(&$phpath, &$checks) {
$help = '';
if(version_compare(PHP_VERSION, '5.5') < 0) {
$help .= t('PHP version 5.5 or greater is required.');
$this->check_add($checks, t('PHP version'), false, false, $help);
@ -408,10 +406,10 @@ class Setup extends \Zotlabs\Web\Controller {
$phpath = trim(shell_exec('where php'));
else
$phpath = trim(shell_exec('which php'));
$passed = strlen($phpath);
}
if(!$passed) {
$help .= t('Could not find a command line version of PHP in the web server PATH.'). EOL;
$help .= t('If you don\'t have a command line version of PHP installed on server, you will not be able to run background polling via cron.') . EOL;
@ -422,9 +420,9 @@ class Setup extends \Zotlabs\Web\Controller {
));
$phpath = '';
}
$this->check_add($checks, t('Command line PHP').($passed?" (<tt>$phpath</tt>)":""), $passed, false, $help);
if($passed) {
$str = autoname(8);
$cmd = "$phpath install/testargs.php $str";
@ -435,11 +433,11 @@ class Setup extends \Zotlabs\Web\Controller {
$help .= t('The command line version of PHP on your system does not have "register_argc_argv" enabled.'). EOL;
$help .= t('This is required for message delivery to work.');
}
$this->check_add($checks, t('PHP register_argc_argv'), $passed, true, $help);
}
}
/**
* @brief Some PHP configuration checks.
*
@ -450,9 +448,9 @@ class Setup extends \Zotlabs\Web\Controller {
*/
function check_phpconfig(&$checks) {
require_once 'include/environment.php';
$help = '';
$result = getPhpiniUploadLimits();
$help = sprintf(t('Your max allowed total upload size is set to %s. Maximum size of one file to upload is set to %s. You are allowed to upload up to %d files at once.'),
userReadableSize($result['post_max_size']),
@ -460,10 +458,10 @@ class Setup extends \Zotlabs\Web\Controller {
$result['max_file_uploads']
);
$help .= '<br>' . t('You can adjust these settings in the servers php.ini.');
$this->check_add($checks, t('PHP upload limits'), true, false, $help);
}
/**
* @brief Check if the openssl implementation can generate keys.
*
@ -472,7 +470,7 @@ class Setup extends \Zotlabs\Web\Controller {
function check_keys(&$checks) {
$help = '';
$res = false;
if (function_exists('openssl_pkey_new')) {
$res = openssl_pkey_new(array(
'digest_alg' => 'sha1',
@ -480,17 +478,17 @@ class Setup extends \Zotlabs\Web\Controller {
'encrypt_key' => false)
);
}
// Get private key
if (! $res) {
$help .= t('Error: the "openssl_pkey_new" function on this system is not able to generate encryption keys'). EOL;
$help .= t('If running under Windows, please see "http://www.php.net/manual/en/openssl.installation.php".');
}
$this->check_add($checks, t('Generate encryption keys'), $res, true, $help);
}
/**
* @brief Check for some PHP functions and modules.
*
@ -498,7 +496,7 @@ class Setup extends \Zotlabs\Web\Controller {
*/
function check_funcs(&$checks) {
$ck_funcs = array();
// add check metadata, the real check is done bit later and return values set
$this->check_add($ck_funcs, t('libCurl PHP module'), true, true);
$this->check_add($ck_funcs, t('GD graphics PHP module'), true, true);
@ -506,7 +504,7 @@ class Setup extends \Zotlabs\Web\Controller {
$this->check_add($ck_funcs, t('mysqli or postgres PHP module'), true, true);
$this->check_add($ck_funcs, t('mb_string PHP module'), true, true);
$this->check_add($ck_funcs, t('xml PHP module'), true, true);
if(function_exists('apache_get_modules')){
if (! in_array('mod_rewrite', apache_get_modules())) {
$this->check_add($ck_funcs, t('Apache mod_rewrite module'), false, true, t('Error: Apache webserver mod-rewrite module is required but not installed.'));
@ -520,7 +518,7 @@ class Setup extends \Zotlabs\Web\Controller {
else {
$this->check_add($ck_funcs, t('proc_open'), true, true);
}
if(! function_exists('curl_init')) {
$ck_funcs[0]['status'] = false;
$ck_funcs[0]['help'] = t('Error: libCURL PHP module required but not installed.');
@ -545,10 +543,10 @@ class Setup extends \Zotlabs\Web\Controller {
$ck_funcs[6]['status'] = false;
$ck_funcs[6]['help'] = t('Error: xml PHP module required for DAV but not installed.');
}
$checks = array_merge($checks, $ck_funcs);
}
/**
* @brief Check for .htconfig requirements.
*
@ -557,7 +555,7 @@ class Setup extends \Zotlabs\Web\Controller {
function check_htconfig(&$checks) {
$status = true;
$help = '';
if( (file_exists('.htconfig.php') && !is_writable('.htconfig.php')) ||
(!file_exists('.htconfig.php') && !is_writable('.')) ) {
$status = false;
@ -566,10 +564,10 @@ class Setup extends \Zotlabs\Web\Controller {
$help .= t('At the end of this procedure, we will give you a text to save in a file named .htconfig.php in your Red top folder.').EOL;
$help .= t('You can alternatively skip this procedure and perform a manual installation. Please see the file "install/INSTALL.txt" for instructions.').EOL;
}
$this->check_add($checks, t('.htconfig.php is writable'), $status, false, $help);
}
/**
* @brief Checks for our templating engine Smarty3 requirements.
*
@ -578,7 +576,7 @@ class Setup extends \Zotlabs\Web\Controller {
function check_smarty3(&$checks) {
$status = true;
$help = '';
if(! is_writable(TEMPLATE_BUILD_PATH) ) {
$status = false;
$help = t('Red uses the Smarty3 template engine to render its web views. Smarty3 compiles templates to PHP to speed up rendering.') .EOL;
@ -586,10 +584,10 @@ class Setup extends \Zotlabs\Web\Controller {
$help .= t('Please ensure that the user that your web server runs as (e.g. www-data) has write access to this folder.').EOL;
$help .= sprintf( t('Note: as a security measure, you should give the web server write access to %s only--not the template files (.tpl) that it contains.'), TEMPLATE_BUILD_PATH) . EOL;
}
$this->check_add($checks, sprintf( t('%s is writable'), TEMPLATE_BUILD_PATH), $status, true, $help);
}
/**
* @brief Check for store directory.
*
@ -598,18 +596,18 @@ class Setup extends \Zotlabs\Web\Controller {
function check_store(&$checks) {
$status = true;
$help = '';
@os_mkdir(TEMPLATE_BUILD_PATH, STORAGE_DEFAULT_PERMISSIONS, true);
if(! is_writable('store')) {
$status = false;
$help = t('This software uses the store directory to save uploaded files. The web server needs to have write access to the store directory under the Red top level folder') . EOL;
$help .= t('Please ensure that the user that your web server runs as (e.g. www-data) has write access to this folder.').EOL;
}
$this->check_add($checks, t('store is writable'), $status, true, $help);
}
/**
* @brief Check URL rewrite und SSL certificate.
*
@ -620,9 +618,9 @@ class Setup extends \Zotlabs\Web\Controller {
$status = true;
$help = '';
$ssl_error = false;
$url = z_root() . '/setup/testrewrite';
if (function_exists('curl_init')){
$test = z_fetch_url($url);
if(! $test['success']) {
@ -638,7 +636,7 @@ class Setup extends \Zotlabs\Web\Controller {
$ssl_error = true;
}
}
if($ssl_error) {
$help = t('SSL certificate cannot be validated. Fix certificate or disable https access to this site.') . EOL;
$help .= t('If you have https access to your website or allow connections to TCP port 443 (the https: port), you MUST use a browser-valid certificate. You MUST NOT use self-signed certificates!') . EOL;
@ -649,31 +647,35 @@ class Setup extends \Zotlabs\Web\Controller {
$help .= t('If you are confident that the certificate is valid and signed by a trusted authority, check to see if you have failed to install an intermediate cert. These are not normally required by browsers, but are required for server-to-server communications.') . EOL;
$this->check_add($checks, t('SSL certificate validation'), false, true, $help);
}
}
if ((! $test['success']) || ($test['body'] != "ok")) {
$status = false;
$help = t('Url rewrite in .htaccess is not working. Check your server configuration.'.'Test: '.var_export($test,true));
}
$this->check_add($checks, t('Url rewrite is working'), $status, true, $help);
} else {
// cannot check modrewrite if libcurl is not installed
}
}
/**
* @brief
*
* @param App &$a
* @return string with paresed HTML
*/
function manual_config(&$a) {
$data = htmlspecialchars(\App::$data['txt'], ENT_COMPAT, 'UTF-8');
$o = t('The database configuration file ".htconfig.php" could not be written. Please use the enclosed text to create a configuration file in your web server root.');
$o .= "<textarea rows=\"24\" cols=\"80\" >$data</textarea>";
return $o;
}
function load_database_rem($v, $i){
$l = trim($i);
if (strlen($l)>1 && ($l[0]=="-" || ($l[0]=="/" && $l[1]=="*"))){
@ -682,11 +684,11 @@ class Setup extends \Zotlabs\Web\Controller {
return $v."\n".$i;
}
}
function load_database($db) {
$str = file_get_contents(\DBA::$dba->get_install_script());
$arr = explode(';',$str);
$arr = explode(';', $str);
$errors = false;
foreach($arr as $a) {
if(strlen(trim($a))) {
@ -696,15 +698,19 @@ class Setup extends \Zotlabs\Web\Controller {
}
}
}
return $errors;
}
/**
* @brief
*
* @return string with parsed HTML
*/
function what_next() {
$a = get_app();
// install the standard theme
set_config('system', 'allowed_themes', 'redbasic');
// Set a lenient list of ciphers if using openssl. Other ssl engines
// (e.g. NSS used in RedHat) require different syntax, so hopefully
@ -718,15 +724,15 @@ class Setup extends \Zotlabs\Web\Controller {
// weird SSL error which they can't do anything about. This does not affect
// the SSL server, but is only a client negotiation to find something workable.
// Hence it will not make your system susceptible to POODL or other nasties.
$x = curl_version();
if(stristr($x['ssl_version'],'openssl'))
set_config('system','curl_ssl_ciphers','ALL:!eNULL');
// Create a system channel
require_once ('include/channel.php');
create_sys_channel();
$baseurl = z_root();
return
t('<h1>What next</h1>')
@ -737,13 +743,18 @@ class Setup extends \Zotlabs\Web\Controller {
."</p>";
}
/**
* @brief
*
* @param unknown $v
* @param array $c
* @return array
*/
static private function check_passed($v, $c) {
if ($c['required'])
$v = $v && $c['status'];
return $v;
}
}

158
Zotlabs/Module/Thing.php
View file

@ -1,10 +1,10 @@
<?php
namespace Zotlabs\Module;
/**
* @file mod/thing.php
* @brief
* @file Zotlabs/Module/Thing.php
*/
namespace Zotlabs\Module;
require_once('include/items.php');
require_once('include/security.php');
require_once('include/selectors.php');
@ -14,72 +14,72 @@ require_once('include/acl_selectors.php');
class Thing extends \Zotlabs\Web\Controller {
function init() {
if(! local_channel())
return;
$channel = \App::get_channel();
$term_hash = (($_REQUEST['term_hash']) ? $_REQUEST['term_hash'] : '');
$name = escape_tags($_REQUEST['term']);
$verb = escape_tags($_REQUEST['verb']);
$activity = intval($_REQUEST['activity']);
$profile_guid = escape_tags($_REQUEST['profile_assign']);
$url = $_REQUEST['url'];
$photo = $_REQUEST['img'];
$hash = random_string();
$verbs = obj_verbs();
/**
* verbs: [0] = first person singular, e.g. "I want", [1] = 3rd person singular, e.g. "Bill wants"
* verbs: [0] = first person singular, e.g. "I want", [1] = 3rd person singular, e.g. "Bill wants"
* We use the first person form when creating an activity, but the third person for use in activities
* @FIXME There is no accounting for verb gender for languages where this is significant. We may eventually
* require obj_verbs() to provide full conjugations and specify which form to use in the $_REQUEST params to this module.
*/
$translated_verb = $verbs[$verb][1];
/*
* The site administrator can do things that normals cannot.
* This is restricted because it will likely cause
* an activitystreams protocol violation and the activity might
* choke in some other network and result in unnecessary
* choke in some other network and result in unnecessary
* support requests. It isn't because we're trying to be heavy-handed
* about what you can and can't do.
* about what you can and can't do.
*/
if(! $translated_verb) {
if(is_site_admin())
$translated_verb = $verb;
}
/*
* Things, objects: We do not provide definite (a, an) or indefinite (the) articles or singular/plural designators
* That needs to be specified in your thing. e.g. Mike has "a carrot", Greg wants "balls", Bob likes "the Boston Red Sox".
* That needs to be specified in your thing. e.g. Mike has "a carrot", Greg wants "balls", Bob likes "the Boston Red Sox".
*/
/*
* Future work on this module might produce more complex activities with targets, e.g. Phillip likes Karen's moustache
* and to describe other non-thing objects like channels, such as Karl wants Susan - where Susan represents a channel profile.
*/
if((! $name) || (! $translated_verb))
return;
$acl = new \Zotlabs\Access\AccessList($channel);
if(array_key_exists('contact_allow',$_REQUEST)
|| array_key_exists('group_allow',$_REQUEST)
|| array_key_exists('contact_deny',$_REQUEST)
|| array_key_exists('group_deny',$_REQUEST)) {
$acl->set_from_array($_REQUEST);
}
$x = $acl->get();
if($term_hash) {
$t = q("select * from obj where obj_obj = '%s' and obj_channel = %d limit 1",
dbesc($term_hash),
@ -97,7 +97,7 @@ class Thing extends \Zotlabs\Web\Controller {
}
else
$local_photo = $orig_record['obj_imgurl'];
$r = q("update obj set obj_term = '%s', obj_url = '%s', obj_imgurl = '%s', obj_edited = '%s', allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where obj_obj = '%s' and obj_channel = %d ",
dbesc($name),
dbesc(($url) ? $url : z_root() . '/thing/' . $term_hash),
@ -110,9 +110,9 @@ class Thing extends \Zotlabs\Web\Controller {
dbesc($term_hash),
intval(local_channel())
);
info( t('Thing updated') . EOL);
$r = q("select * from obj where obj_channel = %d and obj_obj = '%s' limit 1",
intval(local_channel()),
dbesc($term_hash)
@ -120,31 +120,31 @@ class Thing extends \Zotlabs\Web\Controller {
if($r) {
build_sync_packet(0, array('obj' => $r));
}
return;
}
$sql = (($profile_guid) ? " and profile_guid = '" . dbesc($profile_guid) . "' " : " and is_default = 1 ");
$p = q("select profile_guid, is_default from profile where uid = %d $sql limit 1",
intval(local_channel())
);
if($p)
$profile = $p[0];
else
return;
$local_photo = null;
if($photo) {
$arr = import_xchan_photo($photo,get_observer_hash(),true);
$local_photo = $arr[0];
$local_photo_type = $arr[3];
}
$created = datetime_convert();
$url = (($url) ? $url : z_root() . '/thing/' . $hash);
$r = q("insert into obj ( obj_page, obj_verb, obj_type, obj_channel, obj_obj, obj_term, obj_url, obj_imgurl, obj_created, obj_edited, allow_cid, allow_gid, deny_cid, deny_gid ) values ('%s','%s', %d, %d, '%s','%s','%s','%s','%s','%s','%s','%s','%s','%s') ",
dbesc($profile['profile_guid']),
dbesc($verb),
@ -161,14 +161,14 @@ class Thing extends \Zotlabs\Web\Controller {
dbesc($x['deny_cid']),
dbesc($x['deny_gid'])
);
if(! $r) {
notice( t('Object store: failed'));
return;
}
info( t('Thing added'));
$r = q("select * from obj where obj_channel = %d and obj_obj = '%s' limit 1",
intval(local_channel()),
dbesc($hash)
@ -176,15 +176,15 @@ class Thing extends \Zotlabs\Web\Controller {
if($r) {
build_sync_packet(0, array('obj' => $r));
}
if($activity) {
$arr = array();
$links = array(array('rel' => 'alternate','type' => 'text/html', 'href' => $url));
if($local_photo)
$links[] = array('rel' => 'photo', 'type' => $local_photo_type, 'href' => $local_photo);
$objtype = ACTIVITY_OBJ_THING;
$obj = json_encode(array(
'type' => $objtype,
'id' => $url,
@ -192,28 +192,28 @@ class Thing extends \Zotlabs\Web\Controller {
'title' => $name,
'content' => $name
));
$bodyverb = str_replace('OBJ: ', '',t('OBJ: %1$s %2$s %3$s'));
$arr['owner_xchan'] = $channel['channel_hash'];
$arr['author_xchan'] = $channel['channel_hash'];
$arr['item_origin'] = 1;
$arr['item_wall'] = 1;
$arr['item_thread_top'] = 1;
$ulink = '[zrl=' . $channel['xchan_url'] . ']' . $channel['channel_name'] . '[/zrl]';
$plink = '[zrl=' . $url . ']' . $name . '[/zrl]';
$arr['body'] = sprintf( $bodyverb, $ulink, $translated_verb, $plink );
if($local_photo)
$arr['body'] .= "\n\n[zmg]" . $local_photo . "[/zmg]";
$arr['verb'] = $verb;
$arr['obj_type'] = $objtype;
$arr['obj'] = $obj;
if(! $profile['is_default']) {
$arr['item_private'] = true;
$str = '';
@ -229,37 +229,37 @@ class Thing extends \Zotlabs\Web\Controller {
else
$arr['allow_cid'] = '<' . get_observer_hash() . '>';
}
$ret = post_activity_item($arr);
}
}
function get() {
// @FIXME one problem with things is we can't share them unless we provide the channel in the url
// so we can definitively lookup the owner.
// so we can definitively lookup the owner.
if(argc() == 2) {
$r = q("select obj_channel from obj where obj_type = %d and obj_obj = '%s' limit 1",
intval(TERM_OBJ_THING),
dbesc(argv(1))
);
if($r)
if($r)
$sql_extra = permissions_sql($r[0]['obj_channel']);
$r = q("select * from obj where obj_type = %d and obj_obj = '%s' $sql_extra limit 1",
intval(TERM_OBJ_THING),
dbesc(argv(1))
);
if($r) {
return replace_macros(get_markup_template('show_thing.tpl'), array(
'$header' => t('Show Thing'),
'$edit' => t('Edit'),
'$delete' => t('Delete'),
'$canedit' => ((local_channel() && local_channel() == $r[0]['obj_channel']) ? true : false),
'$canedit' => ((local_channel() && local_channel() == $r[0]['obj_channel']) ? true : false),
'$thing' => $r[0] ));
}
else {
@ -267,34 +267,34 @@ class Thing extends \Zotlabs\Web\Controller {
return;
}
}
$channel = \App::get_channel();
if(! (local_channel() && $channel)) {
notice( t('Permission denied.') . EOL);
return;
}
$acl = new \Zotlabs\Access\AccessList($channel);
$channel_acl = $acl->get();
$lockstate = (($acl->is_private()) ? 'lock' : 'unlock');
$thing_hash = '';
if(argc() == 3 && argv(1) === 'edit') {
$thing_hash = argv(2);
$r = q("select * from obj where obj_type = %d and obj_obj = '%s' limit 1",
intval(TERM_OBJ_THING),
dbesc($thing_hash)
);
if((! $r) || ($r[0]['obj_channel'] != local_channel())) {
notice( t('Permission denied.') . EOL);
return '';
}
$o .= replace_macros(get_markup_template('thing_edit.tpl'),array(
'$thing_hdr' => t('Edit Thing'),
'$multiprof' => feature_enabled(local_channel(),'multi_profiles'),
@ -319,36 +319,36 @@ class Thing extends \Zotlabs\Web\Controller {
'$lockstate' => $lockstate,
'$submit' => t('Submit')
));
return $o;
}
if(argc() == 3 && argv(1) === 'drop') {
$thing_hash = argv(2);
$r = q("select * from obj where obj_type = %d and obj_obj = '%s' limit 1",
intval(TERM_OBJ_THING),
dbesc($thing_hash)
);
if((! $r) || ($r[0]['obj_channel'] != local_channel())) {
notice( t('Permission denied.') . EOL);
return '';
}
$x = q("delete from obj where obj_obj = '%s' and obj_type = %d and obj_channel = %d",
dbesc($thing_hash),
intval(TERM_OBJ_THING),
intval(local_channel())
);
$r[0]['obj_deleted'] = 1;
build_sync_packet(0,array('obj' => $r));
return $o;
}
$o .= replace_macros(get_markup_template('thing_input.tpl'),array(
'$thing_hdr' => t('Add Thing to your Profile'),
'$multiprof' => feature_enabled(local_channel(),'multi_profiles'),
@ -369,8 +369,8 @@ class Thing extends \Zotlabs\Web\Controller {
'$lockstate' => $lockstate,
'$submit' => t('Submit')
));
return $o;
}
}

32
Zotlabs/Storage/BasicAuth.php
View file

@ -12,7 +12,7 @@ use Sabre\HTTP\ResponseInterface;
* This class also contains some data which is not necessary for authentication
* like timezone settings.
*
* @extends Sabre\DAV\Auth\Backend\AbstractBasic
* @extends \\Sabre\\DAV\\Auth\\Backend\\AbstractBasic
*
* @link http://github.com/friendica/red
* @license http://opensource.org/licenses/mit-license.php The MIT License (MIT)
@ -24,37 +24,37 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic {
*
* It is used for building path in filestorage/.
*
* @var string|null
* @var string|null $channel_name
*/
protected $channel_name = null;
/**
* channel_id of the current channel of the logged-in account.
* @brief channel_id of the current channel of the logged-in account.
*
* @var int
* @var int $channel_id
*/
public $channel_id = 0;
/**
* channel_hash of the current channel of the logged-in account.
* @brief channel_hash of the current channel of the logged-in account.
*
* @var string
* @var string $channel_hash
*/
public $channel_hash = '';
/**
* Set in mod/cloud.php to observer_hash.
* @brief Set in mod/cloud.php to observer_hash.
*
* @var string
* @var string $observer
*/
public $observer = '';
/**
*
* @see Browser::set_writeable()
* @var \Sabre\DAV\Browser\Plugin
* @var \\Sabre\\DAV\\Browser\\Plugin $browser
*/
public $browser;
/**
* channel_id of the current visited path. Set in Directory::getDir().
* @brief channel_id of the current visited path. Set in Directory::getDir().
*
* @var int
* @var int $owner_id
*/
public $owner_id = 0;
/**
@ -62,15 +62,15 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic {
*
* Used for creating the path in cloud/
*
* @var string
* @var string $owner_nick
*/
public $owner_nick = '';
/**
* Timezone from the visiting channel's channel_timezone.
*
* Used in @ref RedBrowser
* Used in @ref Browser
*
* @var string
* @var string $timezone
*/
protected $timezone = '';
@ -82,7 +82,7 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic {
* @brief Validates a username and password.
*
*
* @see \Sabre\DAV\Auth\Backend\AbstractBasic::validateUserPass
* @see \\Sabre\\DAV\\Auth\\Backend\\AbstractBasic::validateUserPass
* @param string $username
* @param string $password
* @return bool
@ -211,7 +211,7 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic {
*
* If nobody is currently logged in, this method should return null.
*
* @see \Sabre\DAV\Auth\Backend\AbstractBasic::getCurrentUser
* @see \\Sabre\\DAV\\Auth\\Backend\\AbstractBasic::getCurrentUser
* @return string|null
*/
public function getCurrentUser() {

29
Zotlabs/Storage/Browser.php
View file

@ -7,10 +7,10 @@ use Sabre\DAV;
/**
* @brief Provides a DAV frontend for the webbrowser.
*
* RedBrowser is a SabreDAV server-plugin to provide a view to the DAV storage
* Browser is a SabreDAV server-plugin to provide a view to the DAV storage
* for the webbrowser.
*
* @extends \Sabre\DAV\Browser\Plugin
* @extends \\Sabre\\DAV\\Browser\\Plugin
*
* @link http://github.com/friendica/red
* @license http://opensource.org/licenses/mit-license.php The MIT License (MIT)
@ -19,13 +19,13 @@ class Browser extends DAV\Browser\Plugin {
/**
* @see set_writeable()
* @see \Sabre\DAV\Auth\Backend\BackendInterface
* @var RedBasicAuth
* @see \\Sabre\\DAV\\Auth\\Backend\\BackendInterface
* @var BasicAuth $auth
*/
private $auth;
/**
* @brief Constructor for RedBrowser class.
* @brief Constructor for Browser class.
*
* $enablePost will be activated through set_writeable() in a later stage.
* At the moment the write_storage permission is only valid for the whole
@ -36,7 +36,7 @@ class Browser extends DAV\Browser\Plugin {
* Disable assets with $enableAssets = false. Should get some thumbnail views
* anyway.
*
* @param RedBasicAuth &$auth
* @param BasicAuth &$auth
*/
public function __construct(&$auth) {
$this->auth = $auth;
@ -95,7 +95,6 @@ class Browser extends DAV\Browser\Plugin {
'{DAV:}getlastmodified',
), 1);
$parent = $this->server->tree->getNodeForPath($path);
$parentpath = array();
@ -263,10 +262,11 @@ class Browser extends DAV\Browser\Plugin {
* @brief Creates a form to add new folders and upload files.
*
* @param \Sabre\DAV\INode $node
* @param string &$output
* @param[in,out] string &$output
* @param string $path
*/
public function htmlActionsPanel(DAV\INode $node, &$output, $path) {
if (! $node instanceof DAV\ICollection)
if(! $node instanceof DAV\ICollection)
return;
// We also know fairly certain that if an object is a non-extended
@ -278,9 +278,9 @@ class Browser extends DAV\Browser\Plugin {
$aclselect = null;
$lockstate = '';
if ($this->auth->owner_id) {
if($this->auth->owner_id) {
$channel = channelx_by_n($this->auth->owner_id);
if ($channel) {
if($channel) {
$acl = new \Zotlabs\Access\AccessList($channel);
$channel_acl = $acl->get();
$lockstate = (($acl->is_private()) ? 'lock' : 'unlock');
@ -295,12 +295,12 @@ class Browser extends DAV\Browser\Plugin {
intval($this->auth->channel_account_id)
);
$used = $r[0]['total'];
if ($used) {
if($used) {
$quotaDesc = t('You are using %1$s of your available file storage.');
$quotaDesc = sprintf($quotaDesc,
userReadableSize($used));
}
if ($limit && $used) {
if($limit && $used) {
$quotaDesc = t('You are using %1$s of %2$s available file storage. (%3$s&#37;)');
$quotaDesc = sprintf($quotaDesc,
userReadableSize($used),
@ -355,7 +355,7 @@ class Browser extends DAV\Browser\Plugin {
*
* @param int $owner
* The owner_id
* @param string $hash
* @param string $parentHash
* The parent's folder hash
* @param string $attachName
* The name of the attachment
@ -373,6 +373,7 @@ class Browser extends DAV\Browser\Plugin {
$hash = $rr['hash'];
}
}
return $hash;
}

42
Zotlabs/Storage/Directory.php
View file

@ -9,9 +9,9 @@ use Sabre\DAV;
*
* A class that represents a directory.
*
* @extends \Sabre\DAV\Node
* @implements \Sabre\DAV\ICollection
* @implements \Sabre\DAV\IQuota
* @extends \\Sabre\\DAV\\Node
* @implements \\Sabre\\DAV\\ICollection
* @implements \\Sabre\\DAV\\IQuota
*
* @link http://github.com/friendica/red
* @license http://opensource.org/licenses/mit-license.php The MIT License (MIT)
@ -21,7 +21,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
/**
* @brief The path inside /cloud
*
* @var string
* @var string $red_path
*/
private $red_path;
private $folder_hash;
@ -29,7 +29,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
* @brief The full path as seen in the browser.
* /cloud + $red_path
* @todo I think this is not used anywhere, we always strip '/cloud' and only use it in debug
* @var string
* @var string $ext_path
*/
private $ext_path;
private $root_dir = '';
@ -38,7 +38,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
* @brief The real path on the filesystem.
* The actual path in store/ with the hashed names.
*
* @var string
* @var string $os_path
*/
private $os_path = '';
@ -46,7 +46,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
* @brief Sets up the directory node, expects a full path.
*
* @param string $ext_path a full path
* @param RedBasicAuth &$auth_plugin
* @param BasicAuth &$auth_plugin
*/
public function __construct($ext_path, &$auth_plugin) {
// $ext_path = urldecode($ext_path);
@ -55,14 +55,14 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
// remove "/cloud" from the beginning of the path
$modulename = \App::$module;
$this->red_path = ((strpos($ext_path, '/' . $modulename) === 0) ? substr($ext_path, strlen($modulename) + 1) : $ext_path);
if (! $this->red_path) {
if(! $this->red_path) {
$this->red_path = '/';
}
$this->auth = $auth_plugin;
$this->folder_hash = '';
$this->getDir();
if ($this->auth->browser) {
if($this->auth->browser) {
$this->auth->browser->set_writeable();
}
}
@ -76,8 +76,8 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
/**
* @brief Returns an array with all the child nodes.
*
* @throw \Sabre\DAV\Exception\Forbidden
* @return array \Sabre\DAV\INode[]
* @throw "\Sabre\DAV\Exception\Forbidden"
* @return array \\Sabre\\DAV\\INode[]
*/
public function getChildren() {
logger('children for ' . $this->ext_path, LOGGER_DATA);
@ -98,8 +98,8 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
/**
* @brief Returns a child by name.
*
* @throw \Sabre\DAV\Exception\Forbidden
* @throw \Sabre\DAV\Exception\NotFound
* @throw "\Sabre\DAV\Exception\Forbidden"
* @throw "\Sabre\DAV\Exception\NotFound"
* @param string $name
*/
public function getChild($name) {
@ -141,7 +141,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
*
* @todo handle duplicate directory name
*
* @throw \Sabre\DAV\Exception\Forbidden
* @throw "\Sabre\DAV\Exception\Forbidden"
* @param string $name The new name of the directory.
* @return void
*/
@ -186,7 +186,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
* After successful creation of the file, you may choose to return the ETag
* of the new file here.
*
* @throw \Sabre\DAV\Exception\Forbidden
* @throw "\Sabre\DAV\Exception\Forbidden"
* @param string $name Name of the file
* @param resource|string $data Initial payload
* @return null|string ETag
@ -431,7 +431,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
/**
* @todo add description of what this function does.
*
* @throw \Sabre\DAV\Exception\NotFound
* @throw "\Sabre\DAV\Exception\NotFound"
* @return void
*/
function getDir() {
@ -557,13 +557,13 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
/**
* @brief Array with all Directory and File DAV\Node items for the given path.
* @brief Array with all Directory and File DAV\\Node items for the given path.
*
* @param string $file path to a directory
* @param \Zotlabs\Storage\BasicAuth &$auth
* @returns null|array \Sabre\DAV\INode[]
* @throw \Sabre\DAV\Exception\Forbidden
* @throw \Sabre\DAV\Exception\NotFound
* @returns null|array \\Sabre\\DAV\\INode[]
* @throw "\Sabre\DAV\Exception\Forbidden"
* @throw "\Sabre\DAV\Exception\NotFound"
*/
function CollectionData($file, &$auth) {
$ret = array();
@ -710,7 +710,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
* @param BasicAuth &$auth
* @param boolean $test (optional) enable test mode
* @return File|Directory|boolean|null
* @throw \Sabre\DAV\Exception\Forbidden
* @throw "\Sabre\DAV\Exception\Forbidden"
*/
function FileData($file, &$auth, $test = false) {
logger($file . (($test) ? ' (test mode) ' : ''), LOGGER_DATA);

48
Zotlabs/Storage/File.php
View file

@ -9,8 +9,8 @@ use Sabre\DAV;
*
* It provides all functions to work with files in Red's cloud through DAV protocol.
*
* @extends \Sabre\DAV\Node
* @implements \Sabre\DAV\IFile
* @extends \\Sabre\\DAV\\Node
* @implements \\Sabre\\DAV\\IFile
*
* @link http://github.com/friendica/red
* @license http://opensource.org/licenses/mit-license.php The MIT License (MIT)
@ -20,20 +20,20 @@ class File extends DAV\Node implements DAV\IFile {
/**
* The file from attach table.
*
* @var array
* data
* flags
* filename (string)
* filetype (string)
* @var array $data
* * data
* * flags
* * filename (string)
* * filetype (string)
*/
private $data;
/**
* @see \Sabre\DAV\Auth\Backend\BackendInterface
* @var \RedMatrix\RedDAV\RedBasicAuth
* @see \\Sabre\\DAV\\Auth\\Backend\\BackendInterface
* @var \\Zotlabs\\Storage\\BasicAuth $auth
*/
private $auth;
/**
* @var string
* @var string $name
*/
private $name;
@ -65,8 +65,8 @@ class File extends DAV\Node implements DAV\IFile {
/**
* @brief Renames the file.
*
* @throw Sabre\DAV\Exception\Forbidden
* @param string $name The new name of the file.
* @throw "\Sabre\DAV\Exception\Forbidden"
* @param string $newName The new name of the file.
* @return void
*/
public function setName($newName) {
@ -95,7 +95,7 @@ class File extends DAV\Node implements DAV\IFile {
$ch = channelx_by_n($this->auth->owner_id);
if($ch) {
$sync = attach_export_data($ch,$this->data['hash']);
if($sync)
if($sync)
build_sync_packet($ch['channel_id'],array('file' => array($sync)));
}
}
@ -138,7 +138,7 @@ class File extends DAV\Node implements DAV\IFile {
$album = $f1[0]['filename'];
$direct = $f1[0];
}
}
}
$fname = dbunescbin($d[0]['content']);
if(strpos($fname,'store') === false)
$f = 'store/' . $this->auth->owner_nick . '/' . $fname ;
@ -151,11 +151,11 @@ class File extends DAV\Node implements DAV\IFile {
logger('filename: ' . $f . ' size: ' . $size, LOGGER_DEBUG);
}
$gis = @getimagesize($f);
logger('getimagesize: ' . print_r($gis,true), LOGGER_DATA);
logger('getimagesize: ' . print_r($gis,true), LOGGER_DATA);
if(($gis) && ($gis[2] === IMAGETYPE_GIF || $gis[2] === IMAGETYPE_JPEG || $gis[2] === IMAGETYPE_PNG)) {
$is_photo = 1;
}
}
}
else {
// this shouldn't happen any more
$r = q("UPDATE attach SET content = '%s' WHERE hash = '%s' AND uid = %d",
@ -222,7 +222,7 @@ class File extends DAV\Node implements DAV\IFile {
$sync = attach_export_data($c[0],$this->data['hash']);
if($sync)
if($sync)
build_sync_packet($c[0]['channel_id'],array('file' => array($sync)));
}
@ -322,16 +322,16 @@ class File extends DAV\Node implements DAV\IFile {
* This method checks the permissions and then calls attach_delete() function
* to actually remove the file.
*
* @throw \Sabre\DAV\Exception\Forbidden
* @throw "\Sabre\DAV\Exception\Forbidden"
*/
public function delete() {
logger('delete file ' . basename($this->name), LOGGER_DEBUG);
if ((! $this->auth->owner_id) || (! perm_is_allowed($this->auth->owner_id, $this->auth->observer, 'write_storage'))) {
if((! $this->auth->owner_id) || (! perm_is_allowed($this->auth->owner_id, $this->auth->observer, 'write_storage'))) {
throw new DAV\Exception\Forbidden('Permission denied.');
}
if ($this->auth->owner_id !== $this->auth->channel_id) {
if($this->auth->owner_id !== $this->auth->channel_id) {
if (($this->auth->observer !== $this->data['creator']) || intval($this->data['is_dir'])) {
throw new DAV\Exception\Forbidden('Permission denied.');
}
@ -340,14 +340,14 @@ class File extends DAV\Node implements DAV\IFile {
if(get_pconfig($this->auth->owner_id,'system','os_delete_prohibit') && \App::$module == 'dav') {
throw new DAV\Exception\Forbidden('Permission denied.');
}
attach_delete($this->auth->owner_id, $this->data['hash']);
$ch = channelx_by_n($this->auth->owner_id);
if($ch) {
$sync = attach_export_data($ch,$this->data['hash'],true);
if($sync)
build_sync_packet($ch['channel_id'],array('file' => array($sync)));
$sync = attach_export_data($ch, $this->data['hash'], true);
if($sync)
build_sync_packet($ch['channel_id'], array('file' => array($sync)));
}
}
}

98
Zotlabs/Web/Router.php
View file

@ -2,51 +2,53 @@
namespace Zotlabs\Web;
/**
*
* We have already parsed the server path into App::$argc and App::$argv
*
* App::$argv[0] is our module name. Let's call it 'foo'. We will load the
* Zotlabs/Module/Foo.php (object) or file mod/foo.php (procedural)
* and use it for handling our URL request to 'https://ourgreatwebsite.something/foo' .
* The module file contains a few functions that we call in various circumstances
* and in the following order:
* @code{.php}
* Object:
* class Foo extends \Zotlabs\Web\Controller {
* function init() { init function }
* function post() { post function }
* function get() { normal page function }
* }
*
* Procedual interface:
* foo_init()
* foo_post() (only called if there are $_POST variables)
* foo_content() - the string return of this function contains our page body
* @endcode
* Modules which emit other serialisations besides HTML (XML,JSON, etc.) should do
* so within the module init and/or post functions and then invoke killme() to terminate
* further processing.
*/
class Router {
private $modname = '';
private $controller = null;
/**
* @brief Router constructor
*
* @param[in,out] App &$a
* @throws Exception module not found
*/
function __construct(&$a) {
/**
*
* We have already parsed the server path into App::$argc and App::$argv
*
* App::$argv[0] is our module name. Let's call it 'foo'. We will load the
* Zotlabs/Module/Foo.php (object) or file mod/foo.php (procedural)
* and use it for handling our URL request to 'https://ourgreatwebsite.something/foo' .
* The module file contains a few functions that we call in various circumstances
* and in the following order:
*
* Object:
* class Foo extends Zotlabs\Web\Controller {
* function init() { init function }
* function post() { post function }
* function get() { normal page function }
* }
*
* Procedual interface:
* foo_init()
* foo_post() (only called if there are $_POST variables)
* foo_content() - the string return of this function contains our page body
*
* Modules which emit other serialisations besides HTML (XML,JSON, etc.) should do
* so within the module init and/or post functions and then invoke killme() to terminate
* further processing.
*/
$module = \App::$module;
$modname = "Zotlabs\\Module\\" . ucfirst($module);
if(strlen($module)) {
/**
*
/*
* We will always have a module name.
* First see if we have a plugin which is masquerading as a module.
*
*/
if(is_array(\App::$plugins) && in_array($module,\App::$plugins) && file_exists("addon/{$module}/{$module}.php")) {
@ -66,7 +68,7 @@ class Router {
goaway(z_root());
}
/**
/*
* If the site has a custom module to over-ride the standard module, use it.
* Otherwise, look for the standard program module
*/
@ -101,13 +103,13 @@ class Router {
}
}
}
/**
* This provides a place for plugins to register module handlers which don't otherwise exist
* on the system, or to completely over-ride an existing module.
/*
* This provides a place for plugins to register module handlers which don't otherwise exist
* on the system, or to completely over-ride an existing module.
* If the plugin sets 'installed' to true we won't throw a 404 error for the specified module even if
* there is no specific module file or matching plugin name.
* The plugin should catch at least one of the module hooks for this URL.
* The plugin should catch at least one of the module hooks for this URL.
*/
$x = array('module' => $module, 'installed' => \App::$module_loaded, 'controller' => $this->controller);
@ -117,7 +119,7 @@ class Router {
$this->controller = $x['controller'];
}
/**
/*
* The URL provided does not resolve to a valid module.
*
* On Dreamhost sites, quite often things go wrong for no apparent reason and they send us to '/internal_error.html'.
@ -157,7 +159,11 @@ class Router {
}
}
/**
* @brief
*
* @param[in,out] App &$a
*/
function Dispatch(&$a) {
/**
@ -168,14 +174,14 @@ class Router {
\App::$page['page_title'] = \App::$module;
$placeholder = '';
/**
/*
* No theme has been specified when calling the module_init functions
* For this reason, please restrict the use of templates to those which
* do not provide any presentation details - as themes will not be able
* to over-ride them.
*/
$arr = array('init' => true, 'replace' => false);
$arr = array('init' => true, 'replace' => false);
call_hooks(\App::$module . '_mod_init', $arr);
if(! $arr['replace']) {
if($this->controller && method_exists($this->controller,'init')) {
@ -187,7 +193,7 @@ class Router {
}
}
/**
/*
* Do all theme initialisation here before calling any additional module functions.
* The module_init function may have changed the theme.
* Additionally any page with a Comanche template may alter the theme.
@ -195,7 +201,7 @@ class Router {
*/
/**
/*
* In case a page has overloaded a module, see if we already have a layout defined
* otherwise, if a PDL file exists for this module, use it
* The member may have also created a customised PDL that's stored in the config
@ -203,7 +209,7 @@ class Router {
load_pdl($a);
/**
/*
* load current theme info
*/
@ -226,7 +232,7 @@ class Router {
}
}
if(($_SERVER['REQUEST_METHOD'] === 'POST') && (! \App::$error) && (! x($_POST, 'auth-params'))) {
if(($_SERVER['REQUEST_METHOD'] === 'POST') && (! \App::$error) && (! x($_POST, 'auth-params'))) {
call_hooks(\App::$module . '_mod_post', $_POST);
if($this->controller && method_exists($this->controller,'post')) {
@ -238,7 +244,7 @@ class Router {
}
}
if(! \App::$error) {
if(! \App::$error) {
$arr = array('content' => \App::$page['content'], 'replace' => false);
call_hooks(\App::$module . '_mod_content', $arr);
\App::$page['content'] = $arr['content'];

24
Zotlabs/Web/SubModule.php
View file

@ -2,23 +2,28 @@
namespace Zotlabs\Web;
/*
* @brief
*
*/
class SubModule {
private $controller = false;
/**
* @brief Submodule constructor.
*
* Initiate sub-modules. By default the submodule name is in argv(1), though this is configurable.
* Example: Given a URL path such as /admin/plugins, and the Admin module initiates sub-modules.
* This means we'll look for a class Plugins in Zotlabs/Module/Admin/Plugins.php
* The specific methods and calling parameters are up to the top level module controller logic.
* The specific methods and calling parameters are up to the top level module controller logic.
*
* **If** you were to provide sub-module support on the photos module, you would probably use
* $whicharg = 2, as photos are typically called with a URL path of /photos/channel_address/submodule_name
* where submodule_name might be something like album or image.
*
* @param int $whicharg
*/
function __construct($whicharg = 1) {
if(argc() < ($whicharg + 1))
@ -31,13 +36,20 @@ class SubModule {
}
}
/**
* @brief
*
* @param string $method
* @return boolean|mixed
*/
function call($method) {
if(! $this->controller)
return false;
if(method_exists($this->controller,$method))
if(method_exists($this->controller, $method))
return $this->controller->$method();
return false;
}
}

40
Zotlabs/Zot/Finger.php
View file

@ -2,7 +2,10 @@
namespace Zotlabs\Zot;
/**
* @brief Finger
*
*/
class Finger {
static private $token;
@ -19,25 +22,25 @@ class Finger {
*
* @return zotinfo array (with 'success' => true) or array('success' => false);
*/
static public function run($webbie, $channel = null, $autofallback = true) {
$ret = array('success' => false);
self::$token = random_string();
if (strpos($webbie,'@') === false) {
if (strpos($webbie, '@') === false) {
$address = $webbie;
$host = \App::get_hostname();
} else {
$address = substr($webbie,0,strpos($webbie,'@'));
$host = substr($webbie,strpos($webbie,'@')+1);
$address = substr($webbie, 0, strpos($webbie, '@'));
$host = substr($webbie, strpos($webbie, '@')+1);
}
$xchan_addr = $address . '@' . $host;
if ((! $address) || (! $xchan_addr)) {
logger('zot_finger: no address :' . $webbie);
return $ret;
}
@ -53,16 +56,16 @@ class Finger {
dbesc($xchan_addr)
);
if ($r) {
if($r) {
$url = $r[0]['hubloc_url'];
if ($r[0]['hubloc_network'] && $r[0]['hubloc_network'] !== 'zot') {
if($r[0]['hubloc_network'] && $r[0]['hubloc_network'] !== 'zot') {
logger('zot_finger: alternate network: ' . $webbie);
logger('url: '.$url.', net: '.var_export($r[0]['hubloc_network'],true), LOGGER_DATA, LOG_DEBUG);
logger('url: '.$url.', net: '.var_export($r[0]['hubloc_network'], true), LOGGER_DATA, LOG_DEBUG);
return $ret;
}
}
else {
} else {
$url = 'https://' . $host;
}
@ -88,13 +91,12 @@ class Finger {
$result = z_post_url('http://' . $host . $rhs,$postvars);
}
}
}
else {
} else {
$rhs .= '?f=&address=' . urlencode($address) . '&token=' . self::$token;
$result = z_fetch_url($url . $rhs);
if ((! $result['success']) && ($autofallback)) {
if ($https) {
if((! $result['success']) && ($autofallback)) {
if($https) {
logger('zot_finger: https failed. falling back to http');
$result = z_fetch_url('http://' . $host . $rhs);
}
@ -103,23 +105,25 @@ class Finger {
if(! $result['success']) {
logger('zot_finger: no results');
return $ret;
}
$x = json_decode($result['body'],true);
$x = json_decode($result['body'], true);
if($x) {
$signed_token = ((is_array($x) && array_key_exists('signed_token',$x)) ? $x['signed_token'] : null);
$signed_token = ((is_array($x) && array_key_exists('signed_token', $x)) ? $x['signed_token'] : null);
if($signed_token) {
$valid = rsa_verify('token.' . self::$token,base64url_decode($signed_token),$x['key']);
$valid = rsa_verify('token.' . self::$token, base64url_decode($signed_token), $x['key']);
if(! $valid) {
logger('invalid signed token: ' . $url . $rhs, LOGGER_NORMAL, LOG_ERR);
return $ret;
}
}
else {
logger('No signed token from ' . $url . $rhs, LOGGER_NORMAL, LOG_WARNING);
// after 2017-01-01 this will be a hard error unless you over-ride it.
if((time() > 1483228800) && (! get_config('system','allow_unsigned_zotfinger')))
if((time() > 1483228800) && (! get_config('system', 'allow_unsigned_zotfinger')))
return $ret;
}
}

1
include/Import/Importer.php
View file

@ -5,7 +5,6 @@ namespace Hubzilla\Import;
/**
* @brief Class Import
*
* @package Hubzilla\Import
*/
class Import {

73
include/acl_selectors.php
View file

@ -1,17 +1,24 @@
<?php /** @file */
<?php
/**
*
* @file include/acl_selectors.php
*
* @package acl_selectors
*/
/**
* @package acl_selectors
* @brief
*
* @param string $selname
* @param string $selclass
* @param mixed $preselected
* @param number $size
* @return string
*/
function group_select($selname,$selclass,$preselected = false,$size = 4) {
function group_select($selname, $selclass, $preselected = false, $size = 4) {
$o = '';
$o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\" >\r\n";
$o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\">\r\n";
$r = q("SELECT * FROM groups WHERE deleted = 0 AND uid = %d ORDER BY gname ASC",
intval(local_channel())
@ -34,19 +41,17 @@ function group_select($selname,$selclass,$preselected = false,$size = 4) {
$o .= "<option value=\"{$rr['id']}\" $selected title=\"{$rr['name']}\" >$trimmed</option>\r\n";
}
}
$o .= "</select>\r\n";
call_hooks(App::$module . '_post_' . $selname, $o);
return $o;
}
function contact_select($selname, $selclass, $preselected = false, $size = 4, $privmail = false, $celeb = false, $privatenet = false, $tabindex = null) {
$o = '';
// When used for private messages, we limit correspondence to mutual DFRN/Friendica friends and the selector
@ -54,17 +59,17 @@ function contact_select($selname, $selclass, $preselected = false, $size = 4, $p
$sql_extra = '';
$tabindex = ($tabindex > 0 ? "tabindex=\"$tabindex\"" : "");
$tabindex = ($tabindex > 0 ? 'tabindex="$tabindex"' : '');
if($privmail)
$o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"$size\" $tabindex >\r\n";
else
$o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\" $tabindex >\r\n";
else
$o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\" $tabindex>\r\n";
$r = q("SELECT abook_id, xchan_name, xchan_url, xchan_photo_s from abook left join xchan on abook_xchan = xchan_hash
where abook_self = 0 and abook_channel = %d
$sql_extra
ORDER BY xchan_name ASC ",
ORDER BY xchan_name ASC",
intval(local_channel())
);
@ -78,15 +83,14 @@ function contact_select($selname, $selclass, $preselected = false, $size = 4, $p
if($r) {
foreach($r as $rr) {
if((is_array($preselected)) && in_array($rr['id'], $preselected))
$selected = " selected=\"selected\" ";
$selected = ' selected="selected" ';
else
$selected = '';
$trimmed = mb_substr($rr['xchan_name'],0,20);
$trimmed = mb_substr($rr['xchan_name'], 0, 20);
$o .= "<option value=\"{$rr['abook_id']}\" $selected title=\"{$rr['xchan_name']}|{$rr['xchan_url']}\" >$trimmed</option>\r\n";
}
}
$o .= "</select>\r\n";
@ -98,13 +102,13 @@ function contact_select($selname, $selclass, $preselected = false, $size = 4, $p
function fixacl(&$item) {
$item = str_replace(array('<','>'),array('',''),$item);
$item = str_replace(array('<', '>'), array('', ''), $item);
}
/**
* Builds a modal dialog for editing permissions, using acl_selector.tpl as the template.
*
* @param array $default Optional access control list for the initial state of the dialog.
* @param array $defaults Optional access control list for the initial state of the dialog.
* @param boolean $show_jotnets Whether plugins for federated networks should be included in the permissions dialog
* @param PermissionDescription $emptyACL_description - An optional description for the permission implied by selecting an empty ACL. Preferably an instance of PermissionDescription.
* @param string $dialog_description Optional message to include at the top of the dialog. E.g. "Warning: Post permissions cannot be changed once sent".
@ -118,16 +122,15 @@ function populate_acl($defaults = null,$show_jotnets = true, $emptyACL_descripti
$allow_cid = $allow_gid = $deny_cid = $deny_gid = false;
$showall_origin = '';
$showall_icon = 'fa-globe';
$role = get_pconfig(local_channel(),'system','permissions_role');
$role = get_pconfig(local_channel(), 'system', 'permissions_role');
if(! $emptyACL_description) {
$showall_caption = t('Visible to your default audience');
} else if (is_a($emptyACL_description, '\\Zotlabs\\Lib\\PermissionDescription')) {
} else if(is_a($emptyACL_description, '\\Zotlabs\\Lib\\PermissionDescription')) {
$showall_caption = $emptyACL_description->get_permission_description();
$showall_origin = (($role === 'custom') ? $emptyACL_description->get_permission_origin_description() : '');
$showall_icon = $emptyACL_description->get_permission_icon();
} else {
// For backwards compatibility we still accept a string... for now!
$showall_caption = $emptyACL_description;
@ -135,7 +138,7 @@ function populate_acl($defaults = null,$show_jotnets = true, $emptyACL_descripti
if(is_array($defaults)) {
$allow_cid = ((strlen($defaults['allow_cid']))
$allow_cid = ((strlen($defaults['allow_cid']))
? explode('><', $defaults['allow_cid']) : array() );
$allow_gid = ((strlen($defaults['allow_gid']))
? explode('><', $defaults['allow_gid']) : array() );
@ -169,9 +172,9 @@ function populate_acl($defaults = null,$show_jotnets = true, $emptyACL_descripti
'$select_label' => t('Who can see this?'),
'$custom' => t('Custom selection'),
'$showlimitedDesc' => t('Select "Show" to allow viewing. "Don\'t show" lets you override and limit the scope of "Show".'),
'$show' => t("Show"),
'$show' => t('Show'),
'$hide' => t("Don't show"),
'$search' => t("Search"),
'$search' => t('Search'),
'$allowcid' => json_encode($allow_cid),
'$allowgid' => json_encode($allow_gid),
'$denycid' => json_encode($deny_cid),
@ -183,20 +186,19 @@ function populate_acl($defaults = null,$show_jotnets = true, $emptyACL_descripti
));
return $o;
}
/**
* Returns a string that's suitable for passing as the $dialog_description argument to a
* populate_acl() call for wall posts or network posts.
*
* This string is needed in 3 different files, and our .po translation system currently
* cannot be used as a string table (because the value is always the key in english) so
* I've centralized the value here (making this function name the "key") until we have a
* better way.
*
* @return string Description to present to user in modal permissions dialog
*/
* Returns a string that's suitable for passing as the $dialog_description argument to a
* populate_acl() call for wall posts or network posts.
*
* This string is needed in 3 different files, and our .po translation system currently
* cannot be used as a string table (because the value is always the key in english) so
* I've centralized the value here (making this function name the "key") until we have a
* better way.
*
* @return string Description to present to user in modal permissions dialog
*/
function get_post_aclDialogDescription() {
// I'm trying to make two points in this description text - warn about finality of wall
@ -212,4 +214,3 @@ function get_post_aclDialogDescription() {
return sprintf($description, $emphasisOpen, $emphasisClose);
}

283
include/attach.php
View file

@ -159,7 +159,6 @@ function attach_count_files($channel_id, $observer, $hash = '', $filename = '',
intval($channel_id)
);
$ret['success'] = ((is_array($r)) ? true : false);
$ret['results'] = ((is_array($r)) ? count($r) : false);
@ -226,7 +225,8 @@ function attach_list_files($channel_id, $observer, $hash = '', $filename = '', $
* This could exhaust memory so most useful only when immediately sending the data.
*
* @param string $hash
* @param int $rev Revision
* @param string $observer_hash
* @param int $rev (optional) Revision default 0
* @return array
*/
function attach_by_hash($hash, $observer_hash, $rev = 0) {
@ -285,7 +285,7 @@ function attach_by_hash($hash, $observer_hash, $rev = 0) {
function attach_can_view_folder($uid,$ob_hash,$folder_hash) {
$sql_extra = permissions_sql($uid,$ob_hash);
$hash = $folder_hash;
$hash = $folder_hash;
$result = false;
do {
@ -295,9 +295,10 @@ function attach_can_view_folder($uid,$ob_hash,$folder_hash) {
);
if(! $r)
return false;
$hash = $r[0]['folder'];
}
while($hash);
} while($hash);
return true;
}
@ -308,8 +309,9 @@ function attach_can_view_folder($uid,$ob_hash,$folder_hash) {
* Returns the entire attach structure excluding data.
*
* @see attach_by_hash()
* @param $hash
* @param $rev revision default 0
* @param string $hash
* @param string $observer_hash
* @param int $rev (optional) revision default 0
* @return associative array with everything except data
* * \e boolean \b success boolean true or false
* * \e string \b message (optional) only when success is false
@ -335,12 +337,12 @@ function attach_by_hash_nodata($hash, $observer_hash, $rev = 0) {
return $ret;
}
if(! perm_is_allowed($r[0]['uid'],$observer_hash,'view_storage')) {
if(! perm_is_allowed($r[0]['uid'], $observer_hash, 'view_storage')) {
$ret['message'] = t('Permission denied.');
return $ret;
}
$sql_extra = permissions_sql($r[0]['uid'],$observer_hash);
$sql_extra = permissions_sql($r[0]['uid'], $observer_hash);
// Now we'll see if we can access the attachment
@ -355,14 +357,13 @@ function attach_by_hash_nodata($hash, $observer_hash, $rev = 0) {
}
if($r[0]['folder']) {
$x = attach_can_view_folder($r[0]['uid'],$observer_hash,$r[0]['folder']);
$x = attach_can_view_folder($r[0]['uid'], $observer_hash, $r[0]['folder']);
if(! $x) {
$ret['message'] = t('Permission denied.');
return $ret;
}
}
$ret['success'] = true;
$ret['data'] = $r[0];
@ -378,25 +379,18 @@ function attach_by_hash_nodata($hash, $observer_hash, $rev = 0) {
* @note Requires an input field \e userfile and does not accept multiple files
* in one request.
*
* @param array $channel channel array of owner
* @param string $observer_hash hash of current observer
* @param string $options (optional) one of update, replace, revision
* @param array $arr (optional) associative array
*/
/**
* A lot going on in this function, and some of it is old cruft and some is new cruft
* @note A lot going on in this function, and some of it is old cruft and some is new cruft
* and the entire thing probably needs to be refactored. It started out just storing
* files, before we had DAV. It was made extensible to do extra stuff like edit an
* files, before we had DAV. It was made extensible to do extra stuff like edit an
* existing file or optionally store a separate revision using $options to choose between different
* storage models. Along the way we moved from
* DB data storage to file system storage.
* Then DAV came along and used different upload methods depending on whether the
* file was stored as a DAV directory object or updated as a file object. One of these
* DB data storage to file system storage.
* Then DAV came along and used different upload methods depending on whether the
* file was stored as a DAV directory object or updated as a file object. One of these
* is essentially an update and the other is basically an upload, but doesn't use the traditional PHP
* upload workflow.
* upload workflow.
* Then came hubzilla and we tried to merge photo functionality with the file storage. Most of
* that integration occurs within this function.
* that integration occurs within this function.
* This required overlap with the old photo_upload stuff and photo albums were
* completely different concepts from directories which needed to be reconciled somehow.
* The old revision stuff is kind of orphaned currently. There's new revision stuff for photos
@ -404,13 +398,18 @@ function attach_by_hash_nodata($hash, $observer_hash, $rev = 0) {
* That's where it sits currently. I repeat it needs to be refactored, and this note is here
* for future explorers and those who may be doing that work to understand where it came
* from and got to be the monstrosity of tangled unrelated code that it currently is.
*
* @param array $channel channel array of owner
* @param string $observer_hash hash of current observer
* @param string $options (optional) one of update, replace, revision
* @param array $arr (optional) associative array
* @return void|array
*/
function attach_store($channel, $observer_hash, $options = '', $arr = null) {
require_once('include/photos.php');
call_hooks('photo_upload_begin',$arr);
call_hooks('photo_upload_begin', $arr);
$ret = array('success' => false);
$channel_id = $channel['channel_id'];
@ -441,7 +440,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
return $ret;
}
$str_group_allow = perms2str($arr['group_allow']);
$str_group_allow = perms2str($arr['group_allow']);
$str_contact_allow = perms2str($arr['contact_allow']);
$str_group_deny = perms2str($arr['group_deny']);
$str_contact_deny = perms2str($arr['contact_deny']);
@ -458,7 +457,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
$remove_when_processed = true;
if($options === 'import') {
if($options === 'import') {
$src = $arr['src'];
$filename = $arr['filename'];
$filesize = @filesize($src);
@ -485,17 +484,15 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
elseif($options !== 'update') {
$f = array('src' => '', 'filename' => '', 'filesize' => 0, 'type' => '');
call_hooks('photo_upload_file',$f);
call_hooks('photo_upload_file',$f);
call_hooks('attach_upload_file',$f);
if (x($f,'src') && x($f,'filesize')) {
$src = $f['src'];
$filename = $f['filename'];
$filesize = $f['filesize'];
$type = $f['type'];
} else {
if (x($f,'src') && x($f,'filesize')) {
$src = $f['src'];
$filename = $f['filename'];
$filesize = $f['filesize'];
$type = $f['type'];
} else {
if(! x($_FILES,'userfile')) {
$ret['message'] = t('No source file.');
return $ret;
@ -543,12 +540,10 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
$hash = $x[0]['hash'];
}
$def_extension = '';
$is_photo = 0;
$gis = @getimagesize($src);
logger('getimagesize: ' . print_r($gis,true), LOGGER_DATA);
logger('getimagesize: ' . print_r($gis,true), LOGGER_DATA);
if(($gis) && ($gis[2] === IMAGETYPE_GIF || $gis[2] === IMAGETYPE_JPEG || $gis[2] === IMAGETYPE_PNG)) {
$is_photo = 1;
if($gis[2] === IMAGETYPE_GIF)
@ -557,7 +552,6 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
$def_extension = '.jpg';
if($gis[2] === IMAGETYPE_PNG)
$def_extension = '.png';
}
$pathname = '';
@ -607,7 +601,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
}
else {
$folder_hash = ((($arr) && array_key_exists('folder',$arr)) ? $arr['folder'] : '');
}
}
if((! $options) || ($options === 'import')) {
@ -654,8 +648,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
}
if($found)
$x++;
}
while($found);
} while($found);
$filename = $basename . '(' . $x . ')' . $ext;
}
else
@ -702,7 +695,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
if($folder_hash) {
$curr = find_folder_hash_by_attach_hash($channel_id,$folder_hash,true);
if($curr)
if($curr)
$os_relpath .= $curr . '/';
$os_relpath .= $folder_hash . '/';
}
@ -765,7 +758,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
);
}
elseif($options === 'update') {
$r = q("update attach set filename = '%s', filetype = '%s', folder = '%s', edited = '%s', os_storage = %d, is_photo = %d, os_path = '%s',
$r = q("update attach set filename = '%s', filetype = '%s', folder = '%s', edited = '%s', os_storage = %d, is_photo = %d, os_path = '%s',
allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where id = %d and uid = %d",
dbesc((array_key_exists('filename',$arr)) ? $arr['filename'] : $x[0]['filename']),
dbesc((array_key_exists('filetype',$arr)) ? $arr['filetype'] : $x[0]['filetype']),
@ -783,7 +776,6 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
);
}
else {
$r = q("INSERT INTO attach ( aid, uid, hash, creator, filename, filetype, folder, filesize, revision, os_storage, is_photo, content, created, edited, os_path, allow_cid, allow_gid,deny_cid, deny_gid )
VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', %d, %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ",
intval($channel['channel_account_id']),
@ -869,7 +861,6 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
return $ret;
}
$ret['success'] = true;
$ret['data'] = $r[0];
if(! $is_photo) {
@ -880,7 +871,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
if($dosync) {
$sync = attach_export_data($channel,$hash);
if($sync)
if($sync)
build_sync_packet($channel['channel_id'],array('file' => array($sync)));
}
@ -998,7 +989,7 @@ function attach_mkdir($channel, $observer_hash, $arr = null) {
intval($channel['channel_id'])
);
if($r) {
if(array_key_exists('force',$arr) && intval($arr['force'])
if(array_key_exists('force',$arr) && intval($arr['force'])
&& (intval($r[0]['is_dir']))) {
$ret['success'] = true;
$r = q("select * from attach where id = %d limit 1",
@ -1150,7 +1141,7 @@ function attach_mkdirp($channel, $observer_hash, $arr = null) {
if(! $p)
continue;
$arx = array(
'filename' => $p,
'filename' => $p,
'folder' => $current_parent,
'force' => 1
);
@ -1163,7 +1154,7 @@ function attach_mkdirp($channel, $observer_hash, $arr = null) {
if(array_key_exists('deny_gid',$arr))
$arx['deny_gid'] = $arr['deny_gid'];
$x = attach_mkdir($channel, $observer_hash, $arx);
$x = attach_mkdir($channel, $observer_hash, $arx);
if($x['success']) {
$current_parent = $x['data']['hash'];
}
@ -1177,26 +1168,22 @@ function attach_mkdirp($channel, $observer_hash, $arr = null) {
$ret['data'] = $x['data'];
}
return $ret;
return $ret;
}
/**
* @brief Changes permissions of a file.
*
* @param int $channel_id
* @param int $channel_id The id of the channel
* @param array $resource
* @param string $allow_cid
* @param string $allow_gid
* @param string $deny_cid
* @param string $deny_gid
* @param boolean $recurse (optional) default false
* @param boolean $sync (optional) default false
*/
function attach_change_permissions($channel_id, $resource, $allow_cid, $allow_gid, $deny_cid, $deny_gid, $recurse = false, $sync = false) {
@ -1248,7 +1235,7 @@ function attach_change_permissions($channel_id, $resource, $allow_cid, $allow_gi
if($sync) {
$data = attach_export_data($channel,$resource);
if($data)
if($data)
build_sync_packet($channel['channel_id'],array('file' => array($data)));
}
}
@ -1263,6 +1250,7 @@ function attach_change_permissions($channel_id, $resource, $allow_cid, $allow_gi
* The id of the channel
* @param string $resource
* The hash to delete
* @param int $is_photo (optional) default 0
* @return void
*/
function attach_delete($channel_id, $resource, $is_photo = 0) {
@ -1337,7 +1325,7 @@ function attach_delete($channel_id, $resource, $is_photo = 0) {
dbesc($resource)
);
}
// update the parent folder's lastmodified timestamp
$e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d",
dbesc(datetime_convert()),
@ -1425,6 +1413,7 @@ function get_parent_cloudpath($channel_id, $channel_name, $attachHash) {
$parentFullPath = $parentName . '/' . $parentFullPath;
}
} while ($parentHash);
$parentFullPath = z_root() . '/cloud/' . $channel_name . '/' . $parentFullPath;
return $parentFullPath;
@ -1437,11 +1426,14 @@ function get_parent_cloudpath($channel_id, $channel_name, $attachHash) {
* The id of the channel
* @param string $attachHash
* The hash of the attachment
* @param boolean $recurse
* (optional) default false
* @return string
*/
function find_folder_hash_by_attach_hash($channel_id, $attachHash, $recurse = false) {
logger('attach_hash: ' . $attachHash);
logger('attach_hash: ' . $attachHash);
$r = q("SELECT folder FROM attach WHERE uid = %d AND hash = '%s' LIMIT 1",
intval($channel_id),
dbesc($attachHash)
@ -1449,10 +1441,11 @@ logger('attach_hash: ' . $attachHash);
$hash = '';
if($r && $r[0]['folder']) {
if($recurse)
$hash = find_folder_hash_by_attach_hash($channel_id,$r[0]['folder'],true) . '/' . $r[0]['folder'];
$hash = find_folder_hash_by_attach_hash($channel_id,$r[0]['folder'],true) . '/' . $r[0]['folder'];
else
$hash = $r[0]['folder'];
}
return $hash;
}
@ -1569,7 +1562,7 @@ function file_activity($channel_id, $object, $allow_cid, $allow_gid, $deny_cid,
$arr = array();
$arr['aid'] = get_account_id();
$arr['uid'] = $channel_id;
$arr['item_wall'] = 1;
$arr['item_wall'] = 1;
$arr['item_origin'] = 1;
$arr['item_unseen'] = 1;
$arr['author_xchan'] = $poster['xchan_hash'];
@ -1732,11 +1725,11 @@ function get_file_activity_object($channel_id, $hash, $cloudpath) {
/**
* @brief Returns array of channels which have recursive permission for a file
*
* @param $arr_allow_cid
* @param $arr_allow_gid
* @param $arr_deny_cid
* @param $arr_deny_gid
* @param $folder_hash
* @param array $arr_allow_cid
* @param array $arr_allow_gid
* @param array $arr_deny_cid
* @param array $arr_deny_gid
* @param string $folder_hash
*/
function recursive_activity_recipients($arr_allow_cid, $arr_allow_gid, $arr_deny_cid, $arr_deny_gid, $folder_hash) {
@ -1931,50 +1924,53 @@ function attach_export_data($channel, $resource_id, $deleted = false) {
}
return $ret;
}
/* strip off 'store/nickname/' from the provided path */
/**
* @brief Strip off 'store/nickname/' from the provided path
*
* @param string $s
* @return string
*/
function get_attach_binname($s) {
$p = $s;
if(strpos($s,'store/') === 0) {
$p = substr($s,6);
$p = substr($p,strpos($p,'/')+1);
if(strpos($s, 'store/') === 0) {
$p = substr($s, 6);
$p = substr($p, strpos($p, '/')+1);
}
return $p;
}
function get_dirpath_by_cloudpath($channel, $path) {
$path = notags(trim($path));
$path = notags(trim($path));
$h = @parse_url($path);
if(! $h || !x($h, 'path')) {
return null;
}
if(substr($h['path'],-1,1) === '/') {
$h['path'] = substr($h['path'],0,-1);
if(substr($h['path'], -1, 1) === '/') {
$h['path'] = substr($h['path'], 0, -1);
}
if(substr($h['path'],0,1) === '/') {
$h['path'] = substr($h['path'],1);
$h['path'] = substr($h['path'], 1);
}
$folders = explode('/', $h['path']);
$f = array_shift($folders);
$nick = $channel['channel_address'];
//check to see if the absolute path was provided (/cloud/channelname/path/to/folder)
if($f === 'cloud' ) {
if($f === 'cloud' ) {
$g = array_shift($folders);
if( $g !== $nick) {
// if nick does not follow "cloud", then the top level folder must be called "cloud"
// and the given path must be relative to "/cloud/channelname/".
// and the given path must be relative to "/cloud/channelname/".
$folders = array_unshift(array_unshift($folders, $g), $f);
}
}
} else {
array_unshift($folders, $f);
}
@ -1998,8 +1994,6 @@ function get_dirpath_by_cloudpath($channel, $path) {
} else {
return $clouddir . $subdir;
}
}
function get_filename_by_cloudname($cloudname, $channel, $storepath) {
@ -2013,66 +2007,74 @@ function get_filename_by_cloudname($cloudname, $channel, $storepath) {
return null;
}
// recursively copy a directory into cloud files
function copy_folder_to_cloudfiles($channel, $observer_hash, $srcpath, $cloudpath)
{
if (!is_dir($srcpath) || !is_readable($srcpath)) {
logger('Error reading source path: ' . $srcpath, LOGGER_NORMAL);
/**
* @brief recursively copy a directory into cloud files
*
* @param array $channel
* @param string $observer_hash
* @param string $srcpath
* @param string $cloudpath
* @return boolean
*/
function copy_folder_to_cloudfiles($channel, $observer_hash, $srcpath, $cloudpath) {
if (!is_dir($srcpath) || !is_readable($srcpath)) {
logger('Error reading source path: ' . $srcpath, LOGGER_NORMAL);
return false;
}
$nodes = array_diff(scandir($srcpath), array('.', '..'));
foreach ($nodes as $node) {
$clouddir = $cloudpath . '/' . $node; // Sub-folder in cloud files destination
$nodepath = $srcpath . '/' . $node; // Sub-folder in source path
if(is_dir($nodepath)) {
$x = attach_mkdirp($channel, $observer_hash, array('pathname' => $clouddir));
if(!$x['success']) {
logger('Error creating cloud path: ' . $clouddir, LOGGER_NORMAL);
return false;
}
// Recursively call this function where the source and destination are the subfolders
$success = copy_folder_to_cloudfiles($channel, $observer_hash, $nodepath, $clouddir);
if(!$success) {
logger('Error copying contents of folder: ' . $nodepath, LOGGER_NORMAL);
return false;
}
} elseif(is_file($nodepath) && is_readable($nodepath)) {
$x = attach_store($channel, $observer_hash, 'import', array(
'directory' => $cloudpath,
'src' => $nodepath,
'filename' => $node,
'filesize' => @filesize($nodepath),
'preserve_original' => true
));
if(!$x['success']) {
logger('Error copying file: ' . $nodepath, LOGGER_NORMAL);
logger('Return value: ' . json_encode($x), LOGGER_NORMAL);
return false;
}
} else {
logger('Error scanning source path', LOGGER_NORMAL);
return false;
}
$nodes = array_diff(scandir($srcpath), array('.', '..'));
foreach ($nodes as $node) {
$clouddir = $cloudpath . '/' . $node; // Sub-folder in cloud files destination
$nodepath = $srcpath . '/' . $node; // Sub-folder in source path
if(is_dir($nodepath)) {
$x = attach_mkdirp($channel, $observer_hash, array('pathname' => $clouddir));
if(!$x['success']) {
logger('Error creating cloud path: ' . $clouddir, LOGGER_NORMAL);
return false;
}
// Recursively call this function where the source and destination are the subfolders
$success = copy_folder_to_cloudfiles($channel, $observer_hash, $nodepath, $clouddir);
if(!$success) {
logger('Error copying contents of folder: ' . $nodepath, LOGGER_NORMAL);
return false;
}
} elseif (is_file($nodepath) && is_readable($nodepath)) {
$x = attach_store($channel, $observer_hash, 'import',
array(
'directory' => $cloudpath,
'src' => $nodepath,
'filename' => $node,
'filesize' => @filesize($nodepath),
'preserve_original' => true)
);
if(!$x['success']) {
logger('Error copying file: ' . $nodepath , LOGGER_NORMAL);
logger('Return value: ' . json_encode($x), LOGGER_NORMAL);
return false;
}
} else {
logger('Error scanning source path', LOGGER_NORMAL);
return false;
}
}
}
return true;
return true;
}
/**
* attach_move()
* This function performs an in place directory-to-directory move of a stored attachment or photo.
* The data is physically moved in the store/nickname storage location and the paths adjusted
* in the attach structure (and if applicable the photo table). The new 'album name' is recorded
* for photos and will show up immediately there.
* This takes a channel_id, attach.hash of the file to move (this is the same as a photo resource_id), and
* the attach.hash of the new parent folder, which must already exist. If $new_folder_hash is blank or empty,
* the file is relocated to the root of the channel's storage area.
* the file is relocated to the root of the channel's storage area.
*
* @fixme: this operation is currently not synced to clones !!
*
* @param int $channel_id
* @param int $resource_id
* @param string $new_folder_hash
* @return void|boolean
*/
function attach_move($channel_id,$resource_id,$new_folder_hash) {
function attach_move($channel_id, $resource_id, $new_folder_hash) {
$c = channelx_by_n($channel_id);
if(! $c)
@ -2086,7 +2088,7 @@ function attach_move($channel_id,$resource_id,$new_folder_hash) {
return false;
$oldstorepath = $r[0]['content'];
if($new_folder_hash) {
$n = q("select * from attach where hash = '%s' and uid = %d limit 1",
dbesc($new_folder_hash),
@ -2094,6 +2096,7 @@ function attach_move($channel_id,$resource_id,$new_folder_hash) {
);
if(! $n)
return;
$newdirname = $n[0]['filename'];
$newstorepath = $n[0]['content'] . '/' . $resource_id;
}
@ -2115,7 +2118,7 @@ function attach_move($channel_id,$resource_id,$new_folder_hash) {
if($s) {
$overwrite = get_pconfig($channel_id,'system','overwrite_dup_files');
if($overwrite) {
// @fixme
/// @fixme
return;
}
else {
@ -2147,7 +2150,7 @@ function attach_move($channel_id,$resource_id,$new_folder_hash) {
}
if($found)
$x++;
}
}
while($found);
$filename = $basename . '(' . $x . ')' . $ext;
}
@ -2179,7 +2182,6 @@ function attach_move($channel_id,$resource_id,$new_folder_hash) {
}
return true;
}
@ -2191,7 +2193,7 @@ function attach_folder_select_list($channel_id) {
$out = [];
$out[''] = '/';
if($r) {
foreach($r as $rv) {
$x = attach_folder_rpaths($r,$rv);
@ -2199,6 +2201,7 @@ function attach_folder_select_list($channel_id) {
$out[$x[0]] = $x[1];
}
}
return $out;
}
@ -2223,11 +2226,11 @@ function attach_folder_rpaths($all_folders,$that_folder) {
break;
}
}
if(! $found)
if(! $found)
$error = true;
}
while((! $found) && (! $error) && ($parent_hash != ''));
}
return (($error) ? false : [ $current_hash , $path ]);
return (($error) ? false : [ $current_hash , $path ]);
}

187
include/channel.php
View file

@ -182,7 +182,7 @@ function create_identity($arr) {
return $ret;
}
$ret = identity_check_service_class($arr['account_id']);
if (!$ret['success']) {
if (!$ret['success']) {
return $ret;
}
// save this for auto_friending
@ -236,13 +236,13 @@ function create_identity($arr) {
$publish = intval($role_permissions['directory_publish']);
$primary = true;
if(array_key_exists('primary', $arr))
$primary = intval($arr['primary']);
$expire = 0;
$r = q("insert into channel ( channel_account_id, channel_primary,
$r = q("insert into channel ( channel_account_id, channel_primary,
channel_name, channel_address, channel_guid, channel_guid_sig,
channel_hash, channel_prvkey, channel_pubkey, channel_pageflags, channel_system, channel_expire_days, channel_timezone )
values ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s' ) ",
@ -262,7 +262,7 @@ function create_identity($arr) {
dbesc(App::$timezone)
);
$r = q("select * from channel where channel_account_id = %d
$r = q("select * from channel where channel_account_id = %d
and channel_guid = '%s' limit 1",
intval($arr['account_id']),
dbesc($guid)
@ -291,7 +291,7 @@ function create_identity($arr) {
// Create a verified hub location pointing to this site.
$r = q("insert into hubloc ( hubloc_guid, hubloc_guid_sig, hubloc_hash, hubloc_addr, hubloc_primary,
$r = q("insert into hubloc ( hubloc_guid, hubloc_guid_sig, hubloc_hash, hubloc_addr, hubloc_primary,
hubloc_url, hubloc_url_sig, hubloc_host, hubloc_callback, hubloc_sitekey, hubloc_network )
values ( '%s', '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s' )",
dbesc($guid),
@ -392,11 +392,11 @@ function create_identity($arr) {
intval($newuid)
);
}
}
}
}
// Create a group with yourself as a member. This allows somebody to use it
// right away as a default group for new contacts.
// Create a group with yourself as a member. This allows somebody to use it
// right away as a default group for new contacts.
require_once('include/group.php');
group_add($newuid, t('Friends'));
@ -422,7 +422,7 @@ function create_identity($arr) {
set_pconfig($ret['channel']['channel_id'],'system','photo_path', '%Y-%m');
set_pconfig($ret['channel']['channel_id'],'system','attach_path','%Y-%m');
}
// auto-follow any of the hub's pre-configured channel choices.
// Only do this if it's the first channel for this account;
// otherwise it could get annoying. Don't make this list too big
@ -494,7 +494,7 @@ function identity_basic_export($channel_id, $items = false) {
$ret = array();
// use constants here as otherwise we will have no idea if we can import from a site
// use constants here as otherwise we will have no idea if we can import from a site
// with a non-standard platform and version.
$ret['compatibility'] = array('project' => PLATFORM_NAME, 'version' => STD_VERSION, 'database' => DB_UPDATE_VERSION, 'server_role' => Zotlabs\Lib\System::get_server_role());
@ -503,7 +503,7 @@ function identity_basic_export($channel_id, $items = false) {
);
if($r) {
translate_channel_perms_outbound($r[0]);
$ret['channel'] = $r[0];
$ret['channel'] = $r[0];
$ret['relocate'] = [ 'channel_address' => $r[0]['channel_address'], 'url' => z_root()];
}
@ -526,7 +526,7 @@ function identity_basic_export($channel_id, $items = false) {
if($abconfig)
$ret['abook'][$x]['abconfig'] = $abconfig;
translate_abook_perms_outbound($ret['abook'][$x]);
}
}
stringify_array_elms($xchans);
}
@ -534,7 +534,7 @@ function identity_basic_export($channel_id, $items = false) {
$r = q("select * from xchan where xchan_hash in ( " . implode(',',$xchans) . " ) ");
if($r)
$ret['xchan'] = $r;
$r = q("select * from hubloc where hubloc_hash in ( " . implode(',',$xchans) . " ) ");
if($r)
$ret['hubloc'] = $r;
@ -578,7 +578,6 @@ function identity_basic_export($channel_id, $items = false) {
if($r)
$ret['term'] = $r;
// add psuedo-column obj_baseurl to aid in relocations
$r = q("select obj.*, '%s' as obj_baseurl from obj where obj_channel = %d",
@ -608,7 +607,6 @@ function identity_basic_export($channel_id, $items = false) {
if($r)
$ret['chatroom'] = $r;
$r = q("select * from event where uid = %d",
intval($channel_id)
);
@ -625,7 +623,7 @@ function identity_basic_export($channel_id, $items = false) {
foreach($r as $rr)
$ret['event_item'][] = encode_item($rr,true);
}
$x = menu_list($channel_id);
if($x) {
$ret['menu'] = array();
@ -636,12 +634,10 @@ function identity_basic_export($channel_id, $items = false) {
}
}
$addon = array('channel_id' => $channel_id,'data' => $ret);
call_hooks('identity_basic_export',$addon);
$ret = $addon['data'];
if(! $items)
return $ret;
@ -659,11 +655,10 @@ function identity_basic_export($channel_id, $items = false) {
if($r) {
for($x = 0; $x < count($r); $x ++) {
$r[$x]['subject'] = base64url_decode(str_rot47($r[$x]['subject']));
}
}
$ret['conv'] = $r;
}
$r = q("select * from mail where mail.uid = %d",
intval($channel_id)
);
@ -680,15 +675,15 @@ function identity_basic_export($channel_id, $items = false) {
/** @warning this may run into memory limits on smaller systems */
/** export three months of posts. If you want to export and import all posts you have to start with
* the first year and export/import them in ascending order.
/** export three months of posts. If you want to export and import all posts you have to start with
* the first year and export/import them in ascending order.
*
* Don't export linked resource items. we'll have to pull those out separately.
*/
$r = q("select * from item where item_wall = 1 and item_deleted = 0 and uid = %d and created > %s - INTERVAL %s and resource_type = '' order by created",
intval($channel_id),
db_utcnow(),
db_utcnow(),
db_quoteinterval('3 MONTH')
);
if($r) {
@ -730,7 +725,7 @@ function identity_export_year($channel_id,$year,$month = 0) {
$r = q("select * from item where ( item_wall = 1 or item_type != %d ) and item_deleted = 0 and uid = %d and created >= '%s' and created < '%s' and resource_type = '' order by created",
intval(ITEM_TYPE_POST),
intval($channel_id),
dbesc($mindate),
dbesc($mindate),
dbesc($maxdate)
);
@ -745,16 +740,24 @@ function identity_export_year($channel_id,$year,$month = 0) {
return $ret;
}
// export items within an arbitrary date range. Date/time is in UTC.
function channel_export_items($channel_id,$start,$finish) {
/**
* @brief Export items within an arbitrary date range.
*
* Date/time is in UTC.
*
* @param int $channel_id The channel ID
* @param string $start
* @param string $finish
* @return array
*/
function channel_export_items($channel_id, $start, $finish) {
if(! $start)
return array();
else
$start = datetime_convert('UTC','UTC',$start);
$start = datetime_convert('UTC', 'UTC', $start);
$finish = datetime_convert('UTC','UTC',(($finish) ? $finish : 'now'));
$finish = datetime_convert('UTC', 'UTC', (($finish) ? $finish : 'now'));
if($finish < $start)
return array();
@ -768,16 +771,16 @@ function channel_export_items($channel_id,$start,$finish) {
$r = q("select * from item where ( item_wall = 1 or item_type != %d ) and item_deleted = 0 and uid = %d and created >= '%s' and created < '%s' and resource_type = '' order by created",
intval(ITEM_TYPE_POST),
intval($channel_id),
dbesc($start),
dbesc($start),
dbesc($finish)
);
if($r) {
$ret['item'] = array();
xchan_query($r);
$r = fetch_post_tags($r,true);
$r = fetch_post_tags($r, true);
foreach($r as $rr)
$ret['item'][] = encode_item($rr,true);
$ret['item'][] = encode_item($rr, true);
}
return $ret;
@ -792,7 +795,7 @@ function channel_export_items($channel_id,$start,$finish) {
*
* Permissions of the current observer are checked. If a restricted profile is available
* to the current observer, that will be loaded instead of the channel default profile.
*
*
* The channel owner can set $profile to a valid profile_guid to preview that profile.
*
* The channel default theme is also selected for use, unless over-riden elsewhere.
@ -866,7 +869,6 @@ function profile_load($nickname, $profile = '') {
intval($p[0]['profile_uid'])
);
if($q) {
$extra_fields = array();
require_once('include/channel.php');
@ -985,7 +987,6 @@ function profile_edit_menu($uid) {
}
return $ret;
}
/**
@ -997,6 +998,7 @@ function profile_edit_menu($uid) {
* @param array $profile
* @param int $block
* @param boolean $show_connect
* @param mixed $zcard
*
* @return HTML string suitable for sidebar inclusion
* Exceptions: Returns empty string if passed $profile is wrong type or not populated
@ -1032,7 +1034,7 @@ function profile_sidebar($profile, $block = 0, $show_connect = true, $zcard = fa
$connect_url = rconnect_url($profile['uid'],get_observer_hash());
$connect = (($connect_url) ? t('Connect') : '');
if($connect_url)
if($connect_url)
$connect_url = sprintf($connect_url,urlencode(channel_reddress($profile)));
// premium channel - over-ride
@ -1163,7 +1165,6 @@ function advanced_profile(&$a) {
}
$tpl = get_markup_template('profile_advanced.tpl');
$profile = array();
@ -1198,12 +1199,12 @@ function advanced_profile(&$a) {
if((substr(App::$profile['dob'],5,2) === '00') || (substr(App::$profile['dob'],8,2) === '00'))
$val = substr(App::$profile['dob'],0,4);
$year_bd_format = t('j F, Y');
$short_bd_format = t('j F');
if(! $val) {
$val = ((intval(App::$profile['dob']))
$val = ((intval(App::$profile['dob']))
? day_translate(datetime_convert('UTC','UTC',App::$profile['dob'] . ' 00:00 +00:00',$year_bd_format))
: day_translate(datetime_convert('UTC','UTC','2001-' . substr(App::$profile['dob'],5) . ' 00:00 +00:00',$short_bd_format)));
}
@ -1248,7 +1249,7 @@ function advanced_profile(&$a) {
if($txt = prepare_text(App::$profile['channels'])) $profile['channels'] = array( t('My other channels:'), $txt);
if($txt = prepare_text(App::$profile['music'])) $profile['music'] = array( t('Musical interests:'), $txt);
if($txt = prepare_text(App::$profile['book'])) $profile['book'] = array( t('Books, literature:'), $txt);
if($txt = prepare_text(App::$profile['tv'])) $profile['tv'] = array( t('Television:'), $txt);
@ -1256,7 +1257,7 @@ function advanced_profile(&$a) {
if($txt = prepare_text(App::$profile['film'])) $profile['film'] = array( t('Film/dance/culture/entertainment:'), $txt);
if($txt = prepare_text(App::$profile['romance'])) $profile['romance'] = array( t('Love/Romance:'), $txt);
if($txt = prepare_text(App::$profile['employment'])) $profile['employment'] = array( t('Work/employment:'), $txt);
if($txt = prepare_text(App::$profile['education'])) $profile['education'] = array( t('School/education:'), $txt );
@ -1275,7 +1276,7 @@ function advanced_profile(&$a) {
$things = get_things(App::$profile['profile_guid'],App::$profile['profile_uid']);
// logger('mod_profile: things: ' . print_r($things,true), LOGGER_DATA);
// logger('mod_profile: things: ' . print_r($things,true), LOGGER_DATA);
return replace_macros($tpl, array(
'$title' => t('Profile'),
@ -1403,7 +1404,8 @@ function zid($s,$address = '') {
$mine = get_my_url();
$myaddr = (($address) ? $address : get_my_address());
/** @FIXME checking against our own channel url is no longer reliable. We may have a lot
/**
* @FIXME checking against our own channel url is no longer reliable. We may have a lot
* of urls attached to out channel. Should probably match against our site, since we
* will not need to remote authenticate on our own site anyway.
*/
@ -1426,8 +1428,8 @@ function zid($s,$address = '') {
// Used from within PCSS themes to set theme parameters. If there's a
// puid request variable, that is the "page owner" and normally their theme
// settings take precedence; unless a local user sets the "always_my_theme"
// system pconfig, which means they don't want to see anybody else's theme
// settings take precedence; unless a local user sets the "always_my_theme"
// system pconfig, which means they don't want to see anybody else's theme
// settings except their own while on this site.
function get_theme_uid() {
@ -1619,7 +1621,7 @@ function get_profile_fields_advanced($filter = 0) {
* The channel to disable notifications for
* @returns int
* Current notification flag value. Send this to notifications_on() to restore the channel settings when finished
* with the activity requiring notifications_off();
* with the activity requiring notifications_off();
*/
function notifications_off($channel_id) {
$r = q("select channel_notifyflags from channel where channel_id = %d limit 1",
@ -1633,18 +1635,18 @@ function notifications_off($channel_id) {
}
function notifications_on($channel_id,$value) {
function notifications_on($channel_id, $value) {
$x = q("update channel set channel_notifyflags = %d where channel_id = %d",
intval($value),
intval($channel_id)
);
return $x;
}
function get_channel_default_perms($uid) {
$ret = [];
$r = q("select abook_xchan from abook where abook_channel = %d and abook_self = 1 limit 1",
@ -1666,7 +1668,6 @@ function get_channel_default_perms($uid) {
function profiles_build_sync($channel_id) {
$r = q("select * from profile where uid = %d",
intval($channel_id)
);
@ -1713,7 +1714,6 @@ function auto_channel_create($account_id) {
$arr['nickname'] = check_webbie(array($arr['nickname'], $arr['nickname'] . mt_rand(1000,9999)));
return create_identity($arr);
}
function get_cover_photo($channel_id,$format = 'bbcode', $res = PHOTO_RES_COVER_1200) {
@ -1748,18 +1748,24 @@ function get_cover_photo($channel_id,$format = 'bbcode', $res = PHOTO_RES_COVER_
break;
}
return $output;
return $output;
}
function get_zcard($channel,$observer_hash = '',$args = array()) {
/**
* @brief
*
* @param array $channel
* @param string $observer_hash
* @param array $args
* @return string
*/
function get_zcard($channel, $observer_hash = '', $args = array()) {
logger('get_zcard');
$maxwidth = (($args['width']) ? intval($args['width']) : 0);
$maxheight = (($args['height']) ? intval($args['height']) : 0);
if(($maxwidth > 1200) || ($maxwidth < 1))
$maxwidth = 1200;
@ -1767,25 +1773,22 @@ function get_zcard($channel,$observer_hash = '',$args = array()) {
$width = 425;
$size = 'hz_small';
$cover_size = PHOTO_RES_COVER_425;
$pphoto = array('mimetype' => $channel['xchan_photo_mimetype'], 'width' => 80 , 'height' => 80, 'href' => $channel['xchan_photo_m']);
}
elseif($maxwidth <= 900) {
$pphoto = array('mimetype' => $channel['xchan_photo_mimetype'], 'width' => 80 , 'height' => 80, 'href' => $channel['xchan_photo_m']);
} elseif($maxwidth <= 900) {
$width = 900;
$size = 'hz_medium';
$cover_size = PHOTO_RES_COVER_850;
$pphoto = array('mimetype' => $channel['xchan_photo_mimetype'], 'width' => 160 , 'height' => 160, 'href' => $channel['xchan_photo_l']);
}
elseif($maxwidth <= 1200) {
$pphoto = array('mimetype' => $channel['xchan_photo_mimetype'], 'width' => 160 , 'height' => 160, 'href' => $channel['xchan_photo_l']);
} elseif($maxwidth <= 1200) {
$width = 1200;
$size = 'hz_large';
$cover_size = PHOTO_RES_COVER_1200;
$pphoto = array('mimetype' => $channel['xchan_photo_mimetype'], 'width' => 300 , 'height' => 300, 'href' => $channel['xchan_photo_l']);
$pphoto = array('mimetype' => $channel['xchan_photo_mimetype'], 'width' => 300 , 'height' => 300, 'href' => $channel['xchan_photo_l']);
}
// $scale = (float) $maxwidth / $width;
// $translate = intval(($scale / 1.0) * 100);
$channel['channel_addr'] = channel_reddress($channel);
$zcard = array('chan' => $channel);
@ -1798,12 +1801,11 @@ function get_zcard($channel,$observer_hash = '',$args = array()) {
if($r) {
$cover = $r[0];
$cover['href'] = z_root() . '/photo/' . $r[0]['resource_id'] . '-' . $r[0]['imgscale'];
}
else {
} else {
$cover = $pphoto;
}
$o .= replace_macros(get_markup_template('zcard.tpl'),array(
$o .= replace_macros(get_markup_template('zcard.tpl'), array(
'$maxwidth' => $maxwidth,
'$scale' => $scale,
'$translate' => $translate,
@ -1811,21 +1813,19 @@ function get_zcard($channel,$observer_hash = '',$args = array()) {
'$cover' => $cover,
'$pphoto' => $pphoto,
'$zcard' => $zcard
));
));
return $o;
}
function get_zcard_embed($channel,$observer_hash = '',$args = array()) {
function get_zcard_embed($channel, $observer_hash = '', $args = array()) {
logger('get_zcard_embed');
$maxwidth = (($args['width']) ? intval($args['width']) : 0);
$maxheight = (($args['height']) ? intval($args['height']) : 0);
if(($maxwidth > 1200) || ($maxwidth < 1))
$maxwidth = 1200;
@ -1860,11 +1860,10 @@ function get_zcard_embed($channel,$observer_hash = '',$args = array()) {
if($r) {
$cover = $r[0];
$cover['href'] = z_root() . '/photo/' . $r[0]['resource_id'] . '-' . $r[0]['imgscale'];
}
else {
} else {
$cover = $pphoto;
}
$o .= replace_macros(get_markup_template('zcard_embed.tpl'),array(
'$maxwidth' => $maxwidth,
'$scale' => $scale,
@ -1873,36 +1872,62 @@ function get_zcard_embed($channel,$observer_hash = '',$args = array()) {
'$cover' => $cover,
'$pphoto' => $pphoto,
'$zcard' => $zcard
));
));
return $o;
}
/**
* @brief
*
* @param string $nick
* @return mixed
*/
function channelx_by_nick($nick) {
$r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_address = '%s' and channel_removed = 0 LIMIT 1",
dbesc($nick)
);
return(($r) ? $r[0] : false);
}
/**
* @brief
*
* @param string $hash
* @return mixed
*/
function channelx_by_hash($hash) {
$r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_hash = '%s' and channel_removed = 0 LIMIT 1",
$r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_hash = '%s' and channel_removed = 0 LIMIT 1",
dbesc($hash)
);
return(($r) ? $r[0] : false);
}
/**
* @brief
*
* @param int $id
* @return mixed
*/
function channelx_by_n($id) {
$r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_id = %d and channel_removed = 0 LIMIT 1",
$r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_id = %d and channel_removed = 0 LIMIT 1",
dbesc($id)
);
return(($r) ? $r[0] : false);
}
/**
* @brief
*
* @param string $channel
* @return string
*/
function channel_reddress($channel) {
if(! ($channel && array_key_exists('channel_address',$channel)))
if(! ($channel && array_key_exists('channel_address', $channel)))
return '';
return strtolower($channel['channel_address'] . '@' . App::get_hostname());
}

4
include/config.php
View file

@ -1,5 +1,4 @@
<?php
/**
* @file include/config.php
* @brief Arbitrary configuration storage.
@ -7,7 +6,6 @@
* Arrays get stored as serialized strings.
* Booleans are stored as integer 0/1.
*
* - <b>config</b> is used for hub specific configurations. It overrides the
* configurations from .htconfig file. The storage is of size TEXT.
* - <b>pconfig</b> is used for channel specific configurations and takes a
@ -26,7 +24,7 @@
* - get_config() and set_config() can also be done through the command line tool
* @ref util/config.md "util/config"
* - get_pconfig() and set_pconfig() can also be done through the command line tool
* @ref util/pconfig.md "util/pconfig" and takes a channel_id as first argument.
* @ref util/pconfig.md "util/pconfig" and takes a channel_id as first argument.
*
*/

24
include/datetime.php
View file

@ -92,8 +92,8 @@ function datetime_convert($from = 'UTC', $to = 'UTC', $s = 'now', $fmt = "Y-m-d
// Slight hackish adjustment so that 'zero' datetime actually returns what is intended
// otherwise we end up with -0001-11-30 ...
// add 32 days so that we at least get year 00, and then hack around the fact that
// months and days always start with 1.
// add 32 days so that we at least get year 00, and then hack around the fact that
// months and days always start with 1.
// if(substr($s,0,10) == '0000-00-00') {
// $d = new DateTime($s . ' + 32 days', new DateTimeZone('UTC'));
@ -195,7 +195,7 @@ function timesel($format, $h, $m, $id='timepicker') {
/**
* @brief Returns a datetime selector.
*
* @param $format
* @param string $format
* format string, e.g. 'ymd' or 'mdy'. Not currently supported
* @param $min
* unix timestamp of minimum date
@ -203,6 +203,7 @@ function timesel($format, $h, $m, $id='timepicker') {
* unix timestap of maximum date
* @param $default
* unix timestamp of default date
* @param string $label
* @param string $id
* id and name of datetimepicker (defaults to "datetimepicker")
* @param boolean $pickdate
@ -214,8 +215,9 @@ function timesel($format, $h, $m, $id='timepicker') {
* @param $maxfrom
* set maximum date from picker with id $maxfrom (none by default)
* @param boolean $required default false
* @param int $first_day (optional) default 0
* @return string Parsed HTML output.
*
*
* @todo Once browser support is better this could probably be replaced with
* native HTML5 date picker.
*/
@ -239,10 +241,10 @@ function datetimesel($format, $min, $max, $default, $label, $id = 'datetimepicke
if(!$picktime) $pickers .= ',timepicker: false, closeOnDateSelect:true';
$extra_js = '';
if($minfrom != '')
if($minfrom != '')
$extra_js .= "\$('#id_$minfrom').data('xdsoft_datetimepicker').setOptions({onChangeDateTime: function (currentDateTime) { \$('#id_$id').data('xdsoft_datetimepicker').setOptions({minDate: currentDateTime})}})";
if($maxfrom != '')
if($maxfrom != '')
$extra_js .= "\$('#id_$maxfrom').data('xdsoft_datetimepicker').setOptions({onChangeDateTime: function (currentDateTime) { \$('#id_$id').data('xdsoft_datetimepicker').setOptions({maxDate: currentDateTime})}})";
$readable_format = $dateformat;
@ -276,7 +278,7 @@ function datetimesel($format, $min, $max, $default, $label, $id = 'datetimepicke
*/
function relative_date($posted_date, $format = null) {
$localtime = datetime_convert('UTC', date_default_timezone_get(), $posted_date);
$localtime = datetime_convert('UTC', date_default_timezone_get(), $posted_date);
$abs = strtotime($localtime);
@ -340,7 +342,7 @@ function plural_dates($k,$n) {
return;
}
}
@ -512,7 +514,7 @@ function cal($y = 0, $m = 0, $links = false, $class='') {
/**
* @brief Return the next birthday, converted from the owner's timezone to UTC.
*
*
* This makes it globally portable.
* If the provided birthday lacks a month and or day, return an empty string.
* A missing year is acceptable.
@ -554,7 +556,7 @@ function update_birthdays() {
require_once('include/event.php');
require_once('include/permissions.php');
$r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash
$r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash
WHERE abook_dob > %s + interval %s and abook_dob < %s + interval %s",
db_utcnow(), db_quoteinterval('7 day'),
db_utcnow(), db_quoteinterval('14 day')
@ -572,7 +574,7 @@ function update_birthdays() {
$ev['dtend'] = datetime_convert('UTC', 'UTC', $rr['abook_dob'] . ' + 1 day ');
$ev['adjust'] = intval(feature_enabled($rr['abook_channel'],'smart_birthdays'));
$ev['summary'] = sprintf( t('%1$s\'s birthday'), $rr['xchan_name']);
$ev['description'] = sprintf( t('Happy Birthday %1$s'),
$ev['description'] = sprintf( t('Happy Birthday %1$s'),
'[zrl=' . $rr['xchan_url'] . ']' . $rr['xchan_name'] . '[/zrl]') ;
$ev['etype'] = 'birthday';

103
include/help.php
View file

@ -1,11 +1,17 @@
<?php
/**
* @brief
*
* @param string $tocpath
* @return string|unknown
*/
function get_help_content($tocpath = false) {
global $lang;
$doctype = 'markdown';
$text = '';
$path = (($tocpath !== false) ? $tocpath : '');
@ -25,7 +31,7 @@ function get_help_content($tocpath = false) {
\App::$page['title'] = t('Help:') . ' ' . ucwords(str_replace('-',' ',notags($title)));
$text = load_doc_file('doc/' . $path . '.md');
if(! $text) {
$text = load_doc_file('doc/' . $path . '.bb');
if($text)
@ -51,16 +57,16 @@ function get_help_content($tocpath = false) {
$text = load_doc_file('doc/main.bb');
\App::$page['title'] = t('Help');
}
if(! $text) {
header($_SERVER["SERVER_PROTOCOL"] . ' 404 ' . t('Not Found'));
$tpl = get_markup_template("404.tpl");
return replace_macros($tpl, array(
'$message' => t('Page not found.' )
'$message' => t('Page not found.')
));
}
}
if($doctype === 'html')
$content = $text;
if($doctype === 'markdown') {
@ -74,30 +80,30 @@ function get_help_content($tocpath = false) {
require_once('include/bbcode.php');
$content = bbcode($text);
// bbcode retargets external content to new windows. This content is internal.
$content = str_replace(' target="_blank"','',$content);
}
$content = str_replace(' target="_blank"', '', $content);
}
$content = preg_replace_callback("/#include (.*?)\;/ism", 'preg_callback_help_include', $content);
return translate_projectname($content);
}
function preg_callback_help_include($matches) {
if($matches[1]) {
$include = str_replace($matches[0],load_doc_file($matches[1]),$matches[0]);
if(preg_match('/\.bb$/', $matches[1]) || preg_match('/\.txt$/', $matches[1])) {
require_once('include/bbcode.php');
$include = bbcode($include);
$include = str_replace(' target="_blank"','',$include);
}
$include = str_replace(' target="_blank"','',$include);
}
elseif(preg_match('/\.md$/', $matches[1])) {
require_once('library/markdown.php');
$include = Markdown($include);
}
return $include;
}
}
@ -110,10 +116,10 @@ function load_doc_file($s) {
$d = dirname($s);
$c = find_doc_file("$d/$lang/$b");
if($c)
if($c)
return $c;
$c = find_doc_file($s);
if($c)
if($c)
return $c;
return '';
}
@ -125,6 +131,12 @@ function find_doc_file($s) {
return '';
}
/**
* @brief
*
* @param string $s
* @return number|mixed|unknown|boolean
*/
function search_doc_files($s) {
$itemspage = get_pconfig(local_channel(),'system','itemspage');
@ -133,21 +145,21 @@ function search_doc_files($s) {
$regexop = db_getfunc('REGEXP');
$r = q("select iconfig.v, item.* from item left join iconfig on item.id = iconfig.iid
$r = q("select iconfig.v, item.* from item left join iconfig on item.id = iconfig.iid
where iconfig.cat = 'system' and iconfig.k = 'docfile' and
body $regexop '%s' and item_type = %d $pager_sql",
dbesc($s),
intval(ITEM_TYPE_DOC)
);
$r = fetch_post_tags($r,true);
$r = fetch_post_tags($r, true);
for($x = 0; $x < count($r); $x ++) {
$position = stripos($r[$x]['body'], $s);
$dislen = 300;
$start = $position-floor($dislen/2);
if ( $start < 0) {
$start = 0;
$start = 0;
}
$r[$x]['text'] = substr($r[$x]['body'], $start, $dislen);
@ -159,43 +171,50 @@ function search_doc_files($s) {
}
}
}
if(stristr($r[$x]['v'],$s))
if(stristr($r[$x]['v'], $s))
$r[$x]['rank'] ++;
$r[$x]['rank'] += substr_count(strtolower($r[$x]['text']),strtolower($s));
$r[$x]['rank'] += substr_count(strtolower($r[$x]['text']), strtolower($s));
// bias the results to the observer's native language
if($r[$x]['lang'] === \App::$language)
$r[$x]['rank'] = $r[$x]['rank'] + 10;
}
usort($r,'doc_rank_sort');
return $r;
}
function doc_rank_sort($s1,$s2) {
function doc_rank_sort($s1, $s2) {
if($s1['rank'] == $s2['rank'])
return 0;
return (($s1['rank'] < $s2['rank']) ? 1 : (-1));
}
/**
* @brief
*
* @return string
*/
function load_context_help() {
$path = App::$cmd;
$args = App::$argv;
$lang = App::$language;
if(! isset($lang) || !is_dir('doc/context/' . $lang . '/')) {
$lang = 'en';
}
$lang = 'en';
}
while($path) {
$context_help = load_doc_file('doc/context/' . $lang . '/' . $path . '/help.html');
if(!$context_help) {
// Fallback to English if the translation is absent
$context_help = load_doc_file('doc/context/en/' . $path . '/help.html');
}
if(!$context_help) {
// Fallback to English if the translation is absent
$context_help = load_doc_file('doc/context/en/' . $path . '/help.html');
}
if($context_help)
break;
array_pop($args);
$path = implode($args,'/');
}
@ -203,7 +222,12 @@ function load_context_help() {
return $context_help;
}
/**
* @brief
*
* @param string $s
* @return void|boolean[]|number[]|string[]|unknown[]
*/
function store_doc_file($s) {
if(is_dir($s))
@ -215,10 +239,9 @@ function store_doc_file($s) {
$item['aid'] = 0;
$item['uid'] = $sys['channel_id'];
if(strpos($s,'.md'))
if(strpos($s, '.md'))
$mimetype = 'text/markdown';
elseif(strpos($s,'.html'))
elseif(strpos($s, '.html'))
$mimetype = 'text/html';
else
$mimetype = 'text/bbcode';
@ -227,12 +250,12 @@ function store_doc_file($s) {
$item['body'] = html2plain(prepare_text(file_get_contents($s),$mimetype, true));
$item['mimetype'] = 'text/plain';
$item['plink'] = z_root() . '/' . str_replace('doc','help',$s);
$item['owner_xchan'] = $item['author_xchan'] = $sys['channel_hash'];
$item['item_type'] = ITEM_TYPE_DOC;
$r = q("select item.* from item left join iconfig on item.id = iconfig.iid
$r = q("select item.* from item left join iconfig on item.id = iconfig.iid
where iconfig.cat = 'system' and iconfig.k = 'docfile' and
iconfig.v = '%s' and item_type = %d limit 1",
dbesc($s),
@ -252,6 +275,4 @@ function store_doc_file($s) {
}
return $x;
}

96
include/items.php
View file

@ -3,9 +3,6 @@
* @file include/items.php
*/
// uncertain if this line is needed and why
use Sabre\HTTP\URLUtil;
use Zotlabs\Lib as Zlib;
require_once('include/bbcode.php');
@ -66,6 +63,7 @@ function collect_recipients($item, &$private_envelope) {
if($recipients && $deny)
$recipients = array_diff($recipients,$deny);
$private_envelope = true;
}
else {
@ -116,7 +114,7 @@ function collect_recipients($item, &$private_envelope) {
// Add the authors of any posts in this thread, if they are known to us.
// This is specifically designed to forward wall-to-wall posts to the original author,
// in case they aren't a connection but have permission to write on our wall.
// in case they aren't a connection but have permission to write on our wall.
// This is important for issue tracker channels. It should be a no-op for most channels.
// Whether or not they will accept the delivery is not determined here, but should
// be taken into account by zot:process_delivery()
@ -131,7 +129,6 @@ function collect_recipients($item, &$private_envelope) {
}
}
}
}
@ -173,19 +170,19 @@ function comments_are_now_closed($item) {
}
function item_normal() {
return " and item.item_hidden = 0 and item.item_type = 0 and item.item_deleted = 0
and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_pending_remove = 0
return " and item.item_hidden = 0 and item.item_type = 0 and item.item_deleted = 0
and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_pending_remove = 0
and item.item_blocked = 0 ";
}
/**
* @brief
*
* This is a compatibility function primarily for plugins, because
*
* This is a compatibility function primarily for plugins, because
* in earlier DB schemas this was a much simpler single integer compare
*
* @param array $item
*/
function is_item_normal($item) {
if(intval($item['item_hidden']) || intval($item['item_type']) || intval($item['item_deleted'])
@ -193,8 +190,7 @@ function is_item_normal($item) {
|| intval($item['item_blocked']))
return false;
return true;
return true;
}
/**
@ -236,7 +232,7 @@ function can_comment_on_post($observer_xchan, $item) {
case 'public':
// We don't really allow or support public comments yet, but anonymous
// folks won't ever reach this point (as $observer_xchan will be empty).
// This means the viewer has an xchan and we can identify them.
// This means the viewer has an xchan and we can identify them.
return true;
break;
case 'any connections':
@ -481,7 +477,7 @@ function validate_item_elements($message,$arr) {
if(! array_key_exists('created',$arr))
$result['message'] = 'missing created, possible author/owner lookup failure';
if((! $arr['mid']) || (! $arr['parent_mid']))
if((! $arr['mid']) || (! $arr['parent_mid']))
$result['message'] = 'missing message-id or parent message-id';
if(array_key_exists('flags',$message) && in_array('relay',$message['flags']) && $arr['mid'] === $arr['parent_mid'])
@ -495,10 +491,6 @@ function validate_item_elements($message,$arr) {
}
/**
* @brief Limit lenght on imported system messages.
*
@ -652,7 +644,6 @@ function get_item_elements($x,$allow_code = false) {
if(mb_strlen($arr['title']) > 255)
$arr['title'] = mb_substr($arr['title'],0,255);
$arr['app'] = (($x['app']) ? htmlspecialchars($x['app'], ENT_COMPAT,'UTF-8',false) : '');
$arr['route'] = (($x['route']) ? htmlspecialchars($x['route'], ENT_COMPAT,'UTF-8',false) : '');
$arr['mid'] = (($x['message_id']) ? htmlspecialchars($x['message_id'], ENT_COMPAT,'UTF-8',false) : '');
@ -714,7 +705,7 @@ function get_item_elements($x,$allow_code = false) {
// hub and verify that they are legit - or else we're going to toss the post. We only need to do this
// once, and after that your hub knows them. Sure some info is in the post, but it's only a transit identifier
// and not enough info to be able to look you up from your hash - which is the only thing stored with the post.
$xchan_hash = import_author_xchan($x['author']);
if($xchan_hash)
$arr['author_xchan'] = $xchan_hash;
@ -1057,7 +1048,6 @@ function encode_item($item,$mirror = false) {
$x['item_blocked'] = $item['item_blocked'];
}
$x['message_id'] = $item['mid'];
$x['message_top'] = $item['parent_mid'];
$x['message_parent'] = $item['thr_parent'];
@ -1078,9 +1068,9 @@ function encode_item($item,$mirror = false) {
$x['longlat'] = $item['coord'];
$x['signature'] = $item['sig'];
$x['route'] = $item['route'];
$x['owner'] = encode_item_xchan($item['owner']);
$x['author'] = encode_item_xchan($item['author']);
if($item['obj'])
$x['object'] = json_decode($item['obj'],true);
if($item['target'])
@ -1237,7 +1227,7 @@ function decode_item_meta($meta) {
$ret[] = array('cat' => escape_tags($m['family']),'k' => escape_tags($m['key']),'v' => $m['value'],'sharing' => $m['sharing']);
}
}
return $ret;
return $ret;
}
/**
@ -1530,6 +1520,8 @@ function get_profile_elements($x) {
*
* @param array $arr
* @param boolean $allow_exec (optional) default false
* @param boolean $deliver (optional) default true
*
* @return array
* * \e boolean \b success
* * \e int \b item_id
@ -1662,7 +1654,7 @@ function item_store($arr, $allow_exec = false, $deliver = true) {
// otherwise, just preserve the original timestamp.
$arr['received'] = ((x($arr,'received') !== false) ? datetime_convert('UTC','UTC',$arr['received']) : datetime_convert());
$arr['changed'] = ((x($arr,'changed') !== false) ? datetime_convert('UTC','UTC',$arr['changed']) : datetime_convert());
$arr['changed'] = ((x($arr,'changed') !== false) ? datetime_convert('UTC','UTC',$arr['changed']) : datetime_convert());
}
$arr['location'] = ((x($arr,'location')) ? notags(trim($arr['location'])) : '');
@ -1681,7 +1673,7 @@ function item_store($arr, $allow_exec = false, $deliver = true) {
$arr['public_policy'] = ((x($arr,'public_policy')) ? notags(trim($arr['public_policy'])) : '' );
$arr['comment_policy'] = ((x($arr,'comment_policy')) ? notags(trim($arr['comment_policy'])) : 'contacts' );
if(! array_key_exists('item_unseen',$arr))
$arr['item_unseen'] = 1;
@ -2334,10 +2326,10 @@ function send_status_notifications($post_id,$item) {
// check for an unfollow thread activity - we should probably decode the obj and check the id
// but it will be extremely rare for this to be wrong.
if(($xx['verb'] === ACTIVITY_UNFOLLOW)
&& ($xx['obj_type'] === ACTIVITY_OBJ_NOTE || $xx['obj_type'] === ACTIVITY_OBJ_PHOTO)
if(($xx['verb'] === ACTIVITY_UNFOLLOW)
&& ($xx['obj_type'] === ACTIVITY_OBJ_NOTE || $xx['obj_type'] === ACTIVITY_OBJ_PHOTO)
&& ($xx['parent'] != $xx['id']))
$unfollowed = true;
$unfollowed = true;
}
if($xx['id'] == $xx['parent']) {
$parent = $xx['parent'];
@ -2560,7 +2552,7 @@ function tag_deliver($uid, $item_id) {
if($mention) {
logger('tag_deliver: mention found for ' . $u[0]['channel_name']);
$r = q("update item set item_mentionsme = 1 where id = %d",
intval($item_id)
);
@ -2849,7 +2841,7 @@ function start_delivery_chain($channel, $item, $item_id, $parent) {
$title = $item['title'];
$body = $item['body'];
$r = q("update item set item_uplink = %d, item_nocomment = %d, item_obscured = %d, item_flags = %d, owner_xchan = '%s', allow_cid = '%s', allow_gid = '%s',
$r = q("update item set item_uplink = %d, item_nocomment = %d, item_obscured = %d, item_flags = %d, owner_xchan = '%s', allow_cid = '%s', allow_gid = '%s',
deny_cid = '%s', deny_gid = '%s', item_private = %d, public_policy = '%s', comment_policy = '%s', title = '%s', body = '%s', item_wall = %d, item_origin = %d where id = %d",
intval($item_uplink),
intval($item_nocomment),
@ -3344,7 +3336,7 @@ function item_expire($uid,$days) {
AND item_starred = 0
$sql_extra $item_normal LIMIT $expire_limit ",
intval($uid),
db_utcnow(),
db_utcnow(),
db_quoteinterval(intval($days).' DAY')
);
@ -3737,7 +3729,7 @@ function fetch_post_tags($items,$link = false) {
);
$imeta = q("select * from iconfig where iid in ( %s )",
dbesc($tag_finder_str)
);
);
}
@ -3870,7 +3862,7 @@ function zot_feed($uid,$observer_hash,$arr) {
unset($r[$x]);
}
}
$parents_str = ids_to_querystr($r,'parent');
$sys_query = ((is_sys_channel($uid)) ? $sql_extra : '');
$item_normal = item_normal();
@ -3934,9 +3926,9 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
if($arr['mid'])
$sql_options .= " and parent_mid = '" . dbesc($arr['mid']) . "' ";
$sql_extra = " AND item.parent IN ( SELECT parent FROM item WHERE item_thread_top = 1 $sql_options $item_normal ) ";
if($arr['since_id'])
$sql_extra .= " and item.id > " . $since_id . " ";
@ -4188,7 +4180,7 @@ function update_remote_id($channel,$post_id,$webpage,$pagetitle,$namespace,$remo
if(! $post_id)
return;
if($webpage == ITEM_TYPE_WEBPAGE)
$page_type = 'WEBPAGE';
elseif($webpage == ITEM_TYPE_BLOCK)
@ -4339,7 +4331,7 @@ function send_profile_photo_activity($channel,$photo,$profile) {
$ptext = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $photo['resource_id'] . ']' . t('profile photo') . '[/zrl]';
$ltext = '[zrl=' . z_root() . '/profile/' . $channel['channel_address'] . ']' . '[zmg=150x150]' . z_root() . '/photo/' . $photo['resource_id'] . '-4[/zmg][/zrl]';
$ltext = '[zrl=' . z_root() . '/profile/' . $channel['channel_address'] . ']' . '[zmg=150x150]' . z_root() . '/photo/' . $photo['resource_id'] . '-4[/zmg][/zrl]';
$arr['body'] = sprintf($t,$channel['channel_name'],$ptext) . "\n\n" . $ltext;
@ -4381,11 +4373,11 @@ function sync_an_item($channel_id,$item_id) {
function fix_attached_photo_permissions($uid,$xchan_hash,$body,
$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny) {
if(get_pconfig($uid,'system','force_public_uploads')) {
$str_contact_allow = $str_group_allow = $str_contact_deny = $str_group_deny = '';
}
$match = null;
// match img and zmg image links
if(preg_match_all("/\[[zi]mg(.*?)\](.*?)\[\/[zi]mg\]/",$body,$match)) {
@ -4402,7 +4394,7 @@ function fix_attached_photo_permissions($uid,$xchan_hash,$body,
if(! strlen($image_uri))
continue;
$srch = '<' . $xchan_hash . '>';
$r = q("select folder from attach where hash = '%s' and uid = %d limit 1",
dbesc($image_uri),
intval($uid)
@ -4419,15 +4411,15 @@ function fix_attached_photo_permissions($uid,$xchan_hash,$body,
$str_group_deny = $f[0]['deny_gid'];
}
}
$r = q("SELECT id FROM photo
$r = q("SELECT id FROM photo
WHERE allow_cid = '%s' AND allow_gid = '' AND deny_cid = '' AND deny_gid = ''
AND resource_id = '%s' AND uid = %d LIMIT 1",
dbesc($srch),
dbesc($image_uri),
intval($uid)
);
if($r) {
$r = q("UPDATE photo SET allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s'
WHERE resource_id = '%s' AND uid = %d ",
@ -4438,9 +4430,9 @@ function fix_attached_photo_permissions($uid,$xchan_hash,$body,
dbesc($image_uri),
intval($uid)
);
// also update the linked item (which is probably invisible)
$r = q("select id from item
WHERE allow_cid = '%s' AND allow_gid = '' AND deny_cid = '' AND deny_gid = ''
AND resource_id = '%s' and resource_type = 'photo' AND uid = %d LIMIT 1",
@ -4450,7 +4442,7 @@ function fix_attached_photo_permissions($uid,$xchan_hash,$body,
);
if($r) {
$private = (($str_contact_allow || $str_group_allow || $str_contact_deny || $str_group_deny) ? true : false);
$r = q("UPDATE item SET allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d
WHERE id = %d AND uid = %d",
dbesc($str_contact_allow),
@ -4476,23 +4468,23 @@ function fix_attached_photo_permissions($uid,$xchan_hash,$body,
intval($r[0]['id']),
intval($uid)
);
}
}
}
}
}
}
}
function fix_attached_file_permissions($channel,$observer_hash,$body,
$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny) {
if(get_pconfig($channel['channel_id'],'system','force_public_uploads')) {
$str_contact_allow = $str_group_allow = $str_contact_deny = $str_group_deny = '';
}
$match = false;
if(preg_match_all("/\[attachment\](.*?)\[\/attachment\]/",$body,$match)) {
$attaches = $match[1];
if($attaches) {

128
include/network.php
View file

@ -30,12 +30,12 @@ function get_capath() {
* * \b filep => stream resource to write body to. header and body are not returned when using this option.
* * \b custom => custom request method: e.g. 'PUT', 'DELETE'
* * \b cookiejar => cookie file (write)
* * \B cookiefile => cookie file (read)
* * \b cookiefile => cookie file (read)
*
* @return array an associative array with:
* * \e int \b return_code => HTTP return code or 0 if timeout or failure
* * \e boolean \b success => boolean true (if HTTP 2xx result) or false
* * \e string \b header => HTTP headers
* * \e string \b header => HTTP headers
* * \e string \b body => fetched content
*/
function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) {
@ -43,7 +43,7 @@ function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) {
$ret = array('return_code' => 0, 'success' => false, 'header' => "", 'body' => "");
$ch = @curl_init($url);
if(($redirects > 8) || (! $ch))
if(($redirects > 8) || (! $ch))
return $ret;
@curl_setopt($ch, CURLOPT_HEADER, true);
@ -64,7 +64,7 @@ function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) {
if(x($opts,'upload'))
@curl_setopt($ch, CURLOPT_UPLOAD, $opts['upload']);
if(x($opts,'infile'))
@curl_setopt($ch, CURLOPT_INFILE, $opts['infile']);
@ -104,7 +104,7 @@ function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) {
if(x($opts,'cookie'))
@curl_setopt($ch, CURLOPT_COOKIE, $opts['cookie']);
@curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,
@curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,
((x($opts,'novalidate') && intval($opts['novalidate'])) ? false : true));
$prx = get_config('system','proxy');
@ -179,10 +179,10 @@ function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) {
* @param string $url
* URL to post
* @param mixed $params
* The full data to post in a HTTP "POST" operation. This parameter can
* either be passed as a urlencoded string like 'para1=val1&para2=val2&...'
* or as an array with the field name as key and field data as value. If value
* is an array, the Content-Type header will be set to multipart/form-data.
* The full data to post in a HTTP "POST" operation. This parameter can
* either be passed as a urlencoded string like 'para1=val1&para2=val2&...'
* or as an array with the field name as key and field data as value. If value
* is an array, the Content-Type header will be set to multipart/form-data.
* @param int $redirects = 0
* internal use, recursion counter
* @param array $opts (optional parameters)
@ -209,7 +209,7 @@ function z_post_url($url,$params, $redirects = 0, $opts = array()) {
$ret = array('return_code' => 0, 'success' => false, 'header' => "", 'body' => "");
$ch = curl_init($url);
if(($redirects > 8) || (! $ch))
if(($redirects > 8) || (! $ch))
return $ret;
@curl_setopt($ch, CURLOPT_HEADER, true);
@ -232,7 +232,7 @@ function z_post_url($url,$params, $redirects = 0, $opts = array()) {
if(x($opts,'headers')) {
@curl_setopt($ch, CURLOPT_HTTPHEADER, $opts['headers']);
}
if(x($opts,'nobody'))
@curl_setopt($ch, CURLOPT_NOBODY, $opts['nobody']);
@ -265,7 +265,7 @@ function z_post_url($url,$params, $redirects = 0, $opts = array()) {
if(x($opts,'cookie'))
@curl_setopt($ch, CURLOPT_COOKIE, $opts['cookie']);
@curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,
@curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,
((x($opts,'novalidate') && intval($opts['novalidate'])) ? false : true));
$prx = get_config('system','proxy');
@ -379,8 +379,8 @@ function json_return_and_die($x, $content_type = 'application/json') {
// Generic XML return
// Outputs a basic dfrn XML status structure to STDOUT, with a <status> variable
// of $st and an optional text <message> of $message and terminates the current process.
// Outputs a basic dfrn XML status structure to STDOUT, with a <status> variable
// of $st and an optional text <message> of $message and terminates the current process.
function xml_status($st, $message = '') {
@ -399,7 +399,7 @@ function xml_status($st, $message = '') {
/**
* @brief Send HTTP status header
* @brief Send HTTP status header
*
* @param int $val
* integer HTTP status result value
@ -413,7 +413,7 @@ function http_status($val, $msg = '') {
if ($val >= 200 && $val < 300)
$msg = (($msg) ? $msg : 'OK');
logger('http_status_exit ' . $val . ' ' . $msg);
logger('http_status_exit ' . $val . ' ' . $msg);
header($_SERVER['SERVER_PROTOCOL'] . ' ' . $val . ' ' . $msg);
}
@ -486,14 +486,14 @@ function convert_xml_element_to_array($xml_element, &$recursion_depth=0) {
function validate_url(&$url) {
// no naked subdomains (allow localhost for tests)
if(strpos($url,'.') === false && strpos($url,'/localhost/') === false)
return false;
if(substr($url,0,4) != 'http')
$url = 'http://' . $url;
$h = @parse_url($url);
if(($h) && (@dns_get_record($h['host'], DNS_A + DNS_CNAME + DNS_PTR) || filter_var($h['host'], FILTER_VALIDATE_IP) )) {
return true;
}
@ -552,7 +552,7 @@ function allowed_url($url) {
foreach($allowed as $a) {
$pat = strtolower(trim($a));
if(($fnmatch && fnmatch($pat,$host)) || ($pat == $host)) {
$found = true;
$found = true;
break;
}
}
@ -575,14 +575,14 @@ function allowed_email($email) {
$str_allowed = get_config('system','allowed_email');
$str_not_allowed = get_config('system','not_allowed_email');
if(! $str_allowed && ! $str_not_allowed)
return true;
$return = false;
$found_allowed = false;
$found_allowed = false;
$found_not_allowed = false;
$fnmatch = function_exists('fnmatch');
$allowed = explode(',',$str_allowed);
@ -591,7 +591,7 @@ function allowed_email($email) {
foreach($allowed as $a) {
$pat = strtolower(trim($a));
if(($fnmatch && fnmatch($pat,$email)) || ($pat == $domain)) {
$found_allowed = true;
$found_allowed = true;
break;
}
}
@ -603,16 +603,16 @@ function allowed_email($email) {
foreach($not_allowed as $na) {
$pat = strtolower(trim($na));
if(($fnmatch && fnmatch($pat,$email)) || ($pat == $domain)) {
$found_not_allowed = true;
$found_not_allowed = true;
break;
}
}
}
}
if ($found_allowed) {
$return = true;
$return = true;
} elseif (!$str_allowed && !$found_not_allowed) {
$return = true;
$return = true;
}
return $return;
}
@ -652,7 +652,7 @@ function scale_external_images($s, $include_link = true, $scale_replace = false)
foreach($matches as $mtch) {
logger('scale_external_image: ' . $mtch[2] . ' ' . $mtch[3]);
if(substr($mtch[1],0,1) == '=') {
$owidth = intval(substr($mtch[2],1));
if(intval($owidth) > 0 && intval($owidth) < 1024)
@ -686,7 +686,7 @@ function scale_external_images($s, $include_link = true, $scale_replace = false)
$type = guess_image_type($mtch[3],$i['header']);
if(strpos($type,'image') === false)
continue;
if($i['success']) {
$ph = photo_factory($i['body'], $type);
if($ph->is_valid()) {
@ -700,7 +700,7 @@ function scale_external_images($s, $include_link = true, $scale_replace = false)
$new_height = $ph->getHeight();
logger('scale_external_images: ' . $orig_width . '->' . $new_width . 'w ' . $orig_height . '->' . $new_height . 'h' . ' match: ' . $mtch[0], LOGGER_DEBUG);
$s = str_replace($mtch[0],'[' . $tag . '=' . $new_width . 'x' . $new_height. ']' . $scaled . '[/' . $tag . ']'
. "\n" . (($include_link)
. "\n" . (($include_link)
? '[zrl=' . $mtch[2] . ']' . t('view full size') . '[/zrl]' . "\n"
: ''),$s);
logger('scale_external_images: new string: ' . $s, LOGGER_DEBUG);
@ -728,7 +728,7 @@ function scale_external_images($s, $include_link = true, $scale_replace = false)
* Return: The parsed XML in an array form. Use print_r() to see the resulting array structure.
* Examples: $array = xml2array(file_get_contents('feed.xml'));
* $array = xml2array(file_get_contents('feed.xml', true, 1, 'attribute'));
*/
*/
function xml2array($contents, $namespaces = true, $get_attributes=1, $priority = 'attribute') {
if(!$contents) return array();
@ -752,7 +752,7 @@ function xml2array($contents, $namespaces = true, $get_attributes=1, $priority =
return array();
}
xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, "UTF-8");
xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, "UTF-8");
// http://minutillo.com/steve/weblog/2004/6/17/php-xml-and-character-encodings-a-tale-of-sadness-rage-and-data-loss
xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, 0);
xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, 1);
@ -786,7 +786,7 @@ function xml2array($contents, $namespaces = true, $get_attributes=1, $priority =
$result = array();
$attributes_data = array();
if(isset($value)) {
if($priority == 'tag') $result = $value;
else $result['value'] = $value; // Put the value in a assoc array if we are in the 'Attribute' mode
@ -802,7 +802,7 @@ function xml2array($contents, $namespaces = true, $get_attributes=1, $priority =
// See tag status and do the needed.
if($namespaces && strpos($tag,':')) {
$namespc = substr($tag,0,strrpos($tag,':'));
$namespc = substr($tag,0,strrpos($tag,':'));
$tag = strtolower(substr($tag,strlen($namespc)+1));
$result['@namespace'] = $namespc;
}
@ -825,7 +825,7 @@ function xml2array($contents, $namespaces = true, $get_attributes=1, $priority =
} else { // This section will make the value an array if multiple tags with the same name appear together
$current[$tag] = array($current[$tag],$result); // This will combine the existing item and the new item together to make an array
$repeated_tag_index[$tag.'_'.$level] = 2;
if(isset($current[$tag.'_attr'])) { // The attribute of the last(0th) tag must be moved as well
$current[$tag]['0_attr'] = $current[$tag.'_attr'];
unset($current[$tag.'_attr']);
@ -848,7 +848,7 @@ function xml2array($contents, $namespaces = true, $get_attributes=1, $priority =
// ...push the new element into that array.
$current[$tag][$repeated_tag_index[$tag.'_'.$level]] = $result;
if($priority == 'tag' and $get_attributes and $attributes_data) {
$current[$tag][$repeated_tag_index[$tag.'_'.$level] . '_attr'] = $attributes_data;
}
@ -859,11 +859,11 @@ function xml2array($contents, $namespaces = true, $get_attributes=1, $priority =
$repeated_tag_index[$tag.'_'.$level] = 1;
if($priority == 'tag' and $get_attributes) {
if(isset($current[$tag.'_attr'])) { // The attribute of the last(0th) tag must be moved as well
$current[$tag]['0_attr'] = $current[$tag.'_attr'];
unset($current[$tag.'_attr']);
}
if($attributes_data) {
$current[$tag][$repeated_tag_index[$tag.'_'.$level] . '_attr'] = $attributes_data;
}
@ -876,9 +876,9 @@ function xml2array($contents, $namespaces = true, $get_attributes=1, $priority =
$current = &$parent[$level-1];
}
}
return($xml_array);
}
}
function email_header_encode($in_str, $charset = 'UTF-8') {
@ -1128,7 +1128,7 @@ function discover_by_webbie($webbie) {
$diaspora = false;
$gnusoc = false;
$dfrn = false;
$has_salmon = false;
$salmon_key = false;
$atom_feed = false;
@ -1144,7 +1144,7 @@ function discover_by_webbie($webbie) {
if(array_key_exists('rel',$link)) {
// If we discover zot - don't search further; grab the info and get out of
// here.
// here.
if($link['rel'] === PROTOCOL_ZOT) {
logger('discover_by_webbie: zot found for ' . $webbie, LOGGER_DEBUG);
@ -1204,11 +1204,11 @@ function discover_by_webbie($webbie) {
$pubkey = '';
if(is_array($x)) {
if(array_key_exists('address',$x))
if(array_key_exists('address',$x))
$address = $x['address'];
if(array_key_exists('location',$x))
if(array_key_exists('location',$x))
$location = $x['location'];
if(array_key_exists('nickname',$x))
if(array_key_exists('nickname',$x))
$nickname = $x['nickname'];
}
@ -1216,16 +1216,16 @@ function discover_by_webbie($webbie) {
$probe_old = true;
if((! $dfrn) && (! $has_salmon))
if((! $dfrn) && (! $has_salmon))
$probe_old = true;
if($probe_old) {
$y = old_webfinger($webbie);
$y = old_webfinger($webbie);
if($y) {
logger('old_webfinger: ' . print_r($x,true));
foreach($y as $link) {
if($link['@attributes']['rel'] === NAMESPACE_DFRN)
$dfrn = unamp($link['@attributes']['href']);
$dfrn = unamp($link['@attributes']['href']);
if($link['@attributes']['rel'] === 'salmon')
$notify = unamp($link['@attributes']['href']);
if($link['@attributes']['rel'] === NAMESPACE_FEED)
@ -1344,7 +1344,7 @@ function discover_by_webbie($webbie) {
if($vcard['fn'])
$fullname = $vcard['fn'];
if($vcard['photo'] && (strpos($vcard['photo'],'http') !== 0))
$vcard['photo'] = $diaspora_base . '/' . $vcard['photo'];
$vcard['photo'] = $diaspora_base . '/' . $vcard['photo'];
if(($vcard['public_key']) && (! $pubkey)) {
$diaspora_key = $vcard['public_key'];
if(strstr($diaspora_key,'RSA '))
@ -1358,7 +1358,7 @@ function discover_by_webbie($webbie) {
if(($vcard['uid']) && (! $diaspora_guid))
$diaspora_guid = $vcard['uid'];
if(($vcard['url']) && (! $diaspora_base))
$diaspora_base = $vcard['url'];
$diaspora_base = $vcard['url'];
@ -1372,7 +1372,7 @@ function discover_by_webbie($webbie) {
if(($profile) && (! $location))
$location = $profile;
if($location) {
if($location) {
$m = parse_url($location);
$base = $m['scheme'] . '://' . $m['host'];
$host = $m['host'];
@ -1407,7 +1407,7 @@ function discover_by_webbie($webbie) {
// if we have everything we need, let's create the records
if($network && $address && $fullname && $pubkey && $location) {
if($network && $address && $fullname && $pubkey && $location) {
$r = q("select * from xchan where xchan_hash = '%s' limit 1",
dbesc($address)
);
@ -1493,7 +1493,7 @@ function webfinger_rfc7033($webbie,$zot = false) {
// We could have a number of URL aliases and webbies
// make an executive decision about the most likely "best" of each
// by comparing against some examples from known networks we're likely to encounter.
// Otherwise we have to store every alias that we may ever encounter and
// Otherwise we have to store every alias that we may ever encounter and
// validate every URL we ever find against every possible alias
// @fixme pump.io is going to be a real bugger since it doesn't return subject or aliases
@ -1564,7 +1564,7 @@ function match_webfinger_location($s,$h) {
return $s;
return '';
}
@ -1935,7 +1935,7 @@ function format_and_send_email($sender,$xchan,$item) {
));
$sender_name = t('Administrator');
$hostname = App::get_hostname();
if(strpos($hostname,':'))
$hostname = substr($hostname,0,strpos($hostname,':'));
@ -1964,7 +1964,7 @@ function do_delivery($deliveries) {
if(! (is_array($deliveries) && count($deliveries)))
return;
$interval = ((get_config('system','delivery_interval') !== false)
$interval = ((get_config('system','delivery_interval') !== false)
? intval(get_config('system','delivery_interval')) : 2 );
$deliveries_per_process = intval(get_config('system','delivery_batch_count'));
@ -1993,7 +1993,7 @@ function do_delivery($deliveries) {
if($deliver)
Zotlabs\Daemon\Master::Summon(array('Deliver',$deliver));
}
@ -2002,7 +2002,7 @@ function get_site_info() {
$register_policy = Array('REGISTER_CLOSED', 'REGISTER_APPROVE', 'REGISTER_OPEN');
$directory_mode = Array('DIRECTORY_MODE_NORMAL', 'DIRECTORY_MODE_PRIMARY', 'DIRECTORY_MODE_SECONDARY', 256 => 'DIRECTORY_MODE_STANDALONE');
$sql_extra = '';
$r = q("select * from channel left join account on account_id = channel_account_id where ( account_roles & 4096 )>0 and account_default_channel = channel_id");
@ -2053,7 +2053,7 @@ function get_site_info() {
else {
$version = $commit = '';
}
//Statistics
$channels_total_stat = intval(get_config('system','channels_total_stat'));
$channels_active_halfyear_stat = intval(get_config('system','channels_active_halfyear_stat'));
@ -2073,7 +2073,7 @@ function get_site_info() {
}
$data = Array(
'version' => $version,
'version_tag' => $tag,
@ -2190,7 +2190,7 @@ function deliverable_singleton($channel_id,$xchan) {
function get_repository_version($branch = 'master') {
$path = "https://raw.githubusercontent.com/redmatrix/hubzilla/$branch/boot.php";
$x = z_fetch_url($path);
if($x['success']) {
$y = preg_match('/define(.*?)STD_VERSION(.*?)([0-9.].*)\'/',$x['body'],$matches);
@ -2199,7 +2199,7 @@ function get_repository_version($branch = 'master') {
}
return '?.?';
}
}
function network_to_name($s) {
@ -2270,7 +2270,7 @@ function z_mail($params) {
return $params['result'];
}
$fromName = email_header_encode(html_entity_decode($params['fromName'],ENT_QUOTES,'UTF-8'),'UTF-8');
$fromName = email_header_encode(html_entity_decode($params['fromName'],ENT_QUOTES,'UTF-8'),'UTF-8');
$messageSubject = email_header_encode(html_entity_decode($params['messageSubject'],ENT_QUOTES,'UTF-8'),'UTF-8');
$messageHeader =

96
include/photos.php
View file

@ -45,7 +45,7 @@ function photo_upload($channel, $observer, $args) {
if(array_key_exists('deliver',$args))
$deliver = intval($args['deliver']);
// Set to default channel permissions. If the parent directory (album) has permissions set,
// Set to default channel permissions. If the parent directory (album) has permissions set,
// use those instead. If we have specific permissions supplied, they take precedence over
// all other settings. 'allow_cid' being passed from an external source takes priority over channel settings.
// ...messy... needs re-factoring once the photos/files integration stabilises
@ -55,9 +55,9 @@ function photo_upload($channel, $observer, $args) {
$acl->set($args['directory']);
if(array_key_exists('allow_cid',$args))
$acl->set($args);
if( (array_key_exists('group_allow',$args))
|| (array_key_exists('contact_allow',$args))
|| (array_key_exists('group_deny',$args))
if( (array_key_exists('group_allow',$args))
|| (array_key_exists('contact_allow',$args))
|| (array_key_exists('group_deny',$args))
|| (array_key_exists('contact_deny',$args))) {
$acl->set_from_array($args);
}
@ -103,7 +103,7 @@ function photo_upload($channel, $observer, $args) {
$type = $_FILES['userfile']['type'];
}
if (! $type)
if (! $type)
$type=guess_image_type($filename);
logger('photo_upload: received file: ' . $filename . ' as ' . $src . ' ('. $type . ') ' . $filesize . ' bytes', LOGGER_DEBUG);
@ -176,7 +176,7 @@ function photo_upload($channel, $observer, $args) {
$errors = false;
$p = array('aid' => $account_id, 'uid' => $channel_id, 'xchan' => $visitor, 'resource_id' => $photo_hash,
'filename' => $filename, 'album' => $album, 'imgscale' => 0, 'photo_usage' => PHOTO_NORMAL,
'filename' => $filename, 'album' => $album, 'imgscale' => 0, 'photo_usage' => PHOTO_NORMAL,
'allow_cid' => $ac['allow_cid'], 'allow_gid' => $ac['allow_gid'],
'deny_cid' => $ac['deny_cid'], 'deny_gid' => $ac['deny_gid'],
'os_storage' => $os_storage, 'os_path' => $args['os_path']
@ -220,8 +220,8 @@ function photo_upload($channel, $observer, $args) {
);
if(! $r1)
$errors = true;
if(($width > 640 || $height > 640) && (! $errors))
if(($width > 640 || $height > 640) && (! $errors))
$ph->scaleImage(640);
$p['imgscale'] = 2;
@ -236,7 +236,7 @@ function photo_upload($channel, $observer, $args) {
if(! $r2)
$errors = true;
if(($width > 320 || $height > 320) && (! $errors))
if(($width > 320 || $height > 320) && (! $errors))
$ph->scaleImage(320);
$p['imgscale'] = 3;
@ -304,8 +304,8 @@ function photo_upload($channel, $observer, $args) {
$summary = (($args['body']) ? $args['body'] : '') . '[footer]' . $activity_format . '[/footer]';
$obj_body = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $photo_hash . ']'
. $tag . z_root() . "/photo/{$photo_hash}-{$scale}." . $ph->getExt() . '[/zmg]'
$obj_body = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $photo_hash . ']'
. $tag . z_root() . "/photo/{$photo_hash}-{$scale}." . $ph->getExt() . '[/zmg]'
. '[/zrl]';
// Create item object
@ -361,7 +361,7 @@ function photo_upload($channel, $observer, $args) {
$item['uid'] = $channel['channel_id'];
item_store_update($item,false,$deliver);
continue;
}
}
}
else {
$item['aid'] = $channel['channel_account_id'];
@ -381,7 +381,7 @@ function photo_upload($channel, $observer, $args) {
$arr['aid'] = $account_id;
$arr['uid'] = $channel_id;
$arr['mid'] = $mid;
$arr['parent_mid'] = $mid;
$arr['parent_mid'] = $mid;
$arr['item_hidden'] = $item_hidden;
$arr['resource_type'] = 'photo';
$arr['resource_id'] = $photo_hash;
@ -407,10 +407,10 @@ function photo_upload($channel, $observer, $args) {
// this one is tricky because the item and the photo have the same permissions, those of the photo.
// Use the channel read_stream permissions to get the correct public_policy for the item and recalculate the
// private flag accordingly. This may cause subtle bugs due to custom permissions roles. We want to use
// private flag accordingly. This may cause subtle bugs due to custom permissions roles. We want to use
// public policy when federating items to other sites, but should probably ignore them when accessing the item
// in the photos pages - using the photos permissions instead. We need the public policy to keep the photo
// linked item from leaking into the feed when somebody has a channel with read_stream restrictions.
// linked item from leaking into the feed when somebody has a channel with read_stream restrictions.
$arr['public_policy'] = map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_stream'),true);
if($arr['public_policy'])
@ -421,7 +421,7 @@ function photo_upload($channel, $observer, $args) {
$result = item_store($arr,false,$deliver);
$item_id = $result['item_id'];
if($visible && $deliver)
if($visible && $deliver)
Zotlabs\Daemon\Master::Summon(array('Notifier', 'wall-new', $item_id));
}
@ -443,9 +443,12 @@ function photo_upload($channel, $observer, $args) {
*
* @param array $channel
* @param array $observer
* @param array $sort_key (optional) default album
* @param array $direction (optional) default asc
*
* @return bool|array false if no view_storage permission or an array
* * success (bool)
* * albums (array)
* * \e boolean \b success
* * \e array \b albums
*/
function photos_albums_list($channel, $observer, $sort_key = 'album', $direction = 'asc') {
@ -455,14 +458,11 @@ function photos_albums_list($channel, $observer, $sort_key = 'album', $direction
if(! perm_is_allowed($channel_id, $observer_xchan, 'view_storage'))
return false;
$sql_extra = permissions_sql($channel_id,$observer_xchan);
$sort_key = dbesc($sort_key);
$direction = dbesc($direction);
$albums = q("SELECT count( distinct resource_id ) as total, album from photo where uid = %d and photo_usage IN ( %d, %d ) $sql_extra group by album order by $sort_key $direction",
intval($channel_id),
intval(PHOTO_NORMAL),
@ -479,8 +479,8 @@ function photos_albums_list($channel, $observer, $sort_key = 'album', $direction
foreach($albums as $k => $album) {
$entry = array(
'text' => (($album['album']) ? $album['album'] : '/'),
'total' => $album['total'],
'url' => z_root() . '/photos/' . $channel['channel_address'] . '/album/' . bin2hex($album['album']),
'total' => $album['total'],
'url' => z_root() . '/photos/' . $channel['channel_address'] . '/album/' . bin2hex($album['album']),
'urlencode' => urlencode($album['album']),
'bin2hex' => bin2hex($album['album'])
);
@ -506,7 +506,7 @@ function photos_album_widget($channelx,$observer,$sortkey = 'album',$direction =
'$title' => t('Photo Albums'),
'$albums' => $albums['albums'],
'$baseurl' => z_root(),
'$upload' => ((perm_is_allowed($channelx['channel_id'],(($observer) ? $observer['xchan_hash'] : ''),'write_storage'))
'$upload' => ((perm_is_allowed($channelx['channel_id'],(($observer) ? $observer['xchan_hash'] : ''),'write_storage'))
? t('Upload New Photos') : '')
));
}
@ -533,7 +533,7 @@ function photos_list_photos($channel, $observer, $album = '') {
$sql_extra = permissions_sql($channel_id);
if($album)
$sql_extra .= " and album = '" . protect_sprintf(dbesc($album)) . "' ";
$sql_extra .= " and album = '" . protect_sprintf(dbesc($album)) . "' ";
$ret = array('success' => false);
@ -647,7 +647,7 @@ function photos_create_item($channel, $creator_hash, $photo, $visible = false) {
$arr['aid'] = $channel['channel_account_id'];
$arr['uid'] = $channel['channel_id'];
$arr['mid'] = $mid;
$arr['parent_mid'] = $mid;
$arr['parent_mid'] = $mid;
$arr['item_wall'] = 1;
$arr['item_origin'] = 1;
$arr['item_thread_top'] = 1;
@ -663,9 +663,9 @@ function photos_create_item($channel, $creator_hash, $photo, $visible = false) {
$arr['deny_gid'] = $photo['deny_gid'];
$arr['plink'] = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . $arr['mid'];
$arr['body'] = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $photo['resource_id'] . ']'
. '[zmg]' . z_root() . '/photo/' . $photo['resource_id'] . '-' . $photo['imgscale'] . '[/zmg]'
$arr['body'] = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $photo['resource_id'] . ']'
. '[zmg]' . z_root() . '/photo/' . $photo['resource_id'] . '-' . $photo['imgscale'] . '[/zmg]'
. '[/zrl]';
$result = item_store($arr);
@ -710,39 +710,39 @@ function gps2Num($coordPart) {
}
function profile_photo_set_profile_perms($uid, $profileid = 0) {
$allowcid = '';
if($profileid) {
$r = q("SELECT photo, profile_guid, id, is_default, uid
FROM profile WHERE uid = %d and ( profile.id = %d OR profile.profile_guid = '%s') LIMIT 1",
FROM profile WHERE uid = %d and ( profile.id = %d OR profile.profile_guid = '%s') LIMIT 1",
intval($uid),
intval($profileid),
intval($profileid),
dbesc($profileid)
);
}
}
else {
logger('Resetting permissions on default-profile-photo for user'.local_channel());
$r = q("SELECT photo, profile_guid, id, is_default, uid FROM profile
WHERE profile.uid = %d AND is_default = 1 LIMIT 1",
intval($uid)
$r = q("SELECT photo, profile_guid, id, is_default, uid FROM profile
WHERE profile.uid = %d AND is_default = 1 LIMIT 1",
intval($uid)
); //If no profile is given, we update the default profile
}
if(! $r)
return;
$profile = $r[0];
if($profile['id'] && $profile['photo']) {
if($profile['id'] && $profile['photo']) {
preg_match("@\w*(?=-\d*$)@i", $profile['photo'], $resource_id);
$resource_id = $resource_id[0];
if (! intval($profile['is_default'])) {
$r0 = q("SELECT channel_hash FROM channel WHERE channel_id = %d LIMIT 1",
intval($uid)
$r0 = q("SELECT channel_hash FROM channel WHERE channel_id = %d LIMIT 1",
intval($uid)
);
//Should not be needed in future. Catches old int-profile-ids.
$r1 = q("SELECT abook.abook_xchan FROM abook WHERE abook_profile = '%d' ",
$r1 = q("SELECT abook.abook_xchan FROM abook WHERE abook_profile = '%d' ",
intval($profile['id'])
);
$r2 = q("SELECT abook.abook_xchan FROM abook WHERE abook_profile = '%s'",
@ -750,27 +750,27 @@ function profile_photo_set_profile_perms($uid, $profileid = 0) {
);
$allowcid = "<" . $r0[0]['channel_hash'] . ">";
foreach ($r1 as $entry) {
$allowcid .= "<" . $entry['abook_xchan'] . ">";
$allowcid .= "<" . $entry['abook_xchan'] . ">";
}
foreach ($r2 as $entry) {
$allowcid .= "<" . $entry['abook_xchan'] . ">";
}
q("UPDATE photo SET allow_cid = '%s' WHERE resource_id = '%s' AND uid = %d",
dbesc($allowcid),
dbesc($resource_id),
intval($uid)
);
}
}
else {
//Reset permissions on default profile picture to public
q("UPDATE photo SET allow_cid = '' WHERE photo_usage = %d AND uid = %d",
intval(PHOTO_PROFILE),
intval($uid)
);
);
}
}
return;
}

46
include/plugin.php
View file

@ -143,7 +143,7 @@ function reload_plugins() {
if(file_exists($fname)) {
$t = @filemtime($fname);
foreach($installed as $i) {
if(($i['aname'] == $pl) && ($i['tstamp'] != $t)) {
if(($i['aname'] == $pl) && ($i['tstamp'] != $t)) {
logger('Reloading plugin: ' . $i['aname']);
@include_once($fname);
@ -205,7 +205,7 @@ function register_hook($hook, $file, $function, $priority = 0) {
/**
* @brief unregisters a hook.
*
*
* @param string $hook the name of the hook
* @param string $file the name of the file that hooks into
* @param string $function the name of the function that the hook called
@ -224,7 +224,7 @@ function unregister_hook($hook, $file, $function) {
//
// It might not be obvious but themes can manually add hooks to the App::$hooks
// array in their theme_init() and use this to customise the app behaviour.
// array in their theme_init() and use this to customise the app behaviour.
// UPDATE: use insert_hook($hookname,$function_name) to do this
//
@ -248,20 +248,22 @@ function load_hooks() {
/**
* @brief Inserts a hook into a page request.
*
* Insert a short-lived hook into the running page request.
* Hooks are normally persistent so that they can be called
* Insert a short-lived hook into the running page request.
* Hooks are normally persistent so that they can be called
* across asynchronous processes such as delivery and poll
* processes.
*
* insert_hook lets you attach a hook callback immediately
* which will not persist beyond the life of this page request
* or the current process.
* or the current process.
*
* @param string $hook
* name of hook to attach callback
* @param string $fn
* function name of callback handler
*/
* @param int $version (optional) default 0
* @param int $priority (optional) default 0
*/
function insert_hook($hook, $fn, $version = 0, $priority = 0) {
if(! is_array(App::$hooks))
@ -293,7 +295,7 @@ function call_hooks($name, &$data = null) {
$hook[1] = unserialize($hook[1]);
}
elseif(strpos($hook[1],'::')) {
// We shouldn't need to do this, but it appears that PHP
// We shouldn't need to do this, but it appears that PHP
// isn't able to directly execute a string variable with a class
// method in the manner we are attempting it, so we'll
// turn it into an array.
@ -306,10 +308,10 @@ function call_hooks($name, &$data = null) {
$func($data);
else
$func($a, $data);
}
}
else {
// Don't do any DB write calls if we're currently logging a possibly failed DB call.
// Don't do any DB write calls if we're currently logging a possibly failed DB call.
if(! DBA::$logging) {
// The hook should be removed so we don't process it.
q("DELETE FROM hook WHERE hook = '%s' AND file = '%s' AND fn = '%s'",
@ -370,7 +372,7 @@ function get_plugin_info($plugin){
} else {
$info[$k][] = array('name' => $v);
}
}
}
else {
$info[$k] = $v;
}
@ -407,8 +409,8 @@ function check_plugin_versions($info) {
if(array_key_exists('serverroles',$info)) {
$role = \Zotlabs\Lib\System::get_server_role();
if(! (
stristr($info['serverroles'],'*')
|| stristr($info['serverroles'],'any')
stristr($info['serverroles'],'*')
|| stristr($info['serverroles'],'any')
|| stristr($info['serverroles'],$role))) {
logger('serverrole limit: ' . $info['name'],LOGGER_NORMAL,LOG_WARNING);
return false;
@ -426,7 +428,7 @@ function check_plugin_versions($info) {
if(! $test)
continue;
if(! in_array($test,App::$plugins))
$found = false;
$found = false;
}
}
if(! $found)
@ -583,11 +585,11 @@ function format_css_if_exists($source) {
/*
* This basically calculates the baseurl. We have other functions to do that, but
* there was an issue with script paths and mixed-content whose details are arcane
* and perhaps lost in the message archives. The short answer is that we're ignoring
* the URL which we are "supposed" to use, and generating script paths relative to
* there was an issue with script paths and mixed-content whose details are arcane
* and perhaps lost in the message archives. The short answer is that we're ignoring
* the URL which we are "supposed" to use, and generating script paths relative to
* the URL which we are currently using; in order to ensure they are found and aren't
* blocked due to mixed content issues.
* blocked due to mixed content issues.
*/
function script_path() {
@ -599,7 +601,7 @@ function script_path() {
$scheme = 'https';
else
$scheme = 'http';
// Some proxy setups may require using http_host
if(intval(App::$config['system']['script_path_use_http_host']))
@ -631,7 +633,7 @@ function head_remove_js($src, $priority = 0) {
}
// We should probably try to register main.js with a high priority, but currently we handle it
// separately and put it at the end of the html head block in case any other javascript is
// separately and put it at the end of the html head block in case any other javascript is
// added outside the head_add_js construct.
function head_get_js() {
@ -640,7 +642,7 @@ function head_get_js() {
if(App::$js_sources) {
ksort(App::$js_sources,SORT_NUMERIC);
foreach(App::$js_sources as $sources) {
if(count($sources)) {
if(count($sources)) {
foreach($sources as $source) {
if($src === 'main.js')
continue;
@ -655,7 +657,7 @@ function head_get_js() {
function head_get_main_js() {
$str = '';
$sources = array('main.js');
if(count($sources))
if(count($sources))
foreach($sources as $source)
$str .= format_js_if_exists($source,true);
return $str;

84
include/security.php
View file

@ -2,11 +2,12 @@
/**
* @file include/security.php
*
* Some security related functions.
* @brief Some security related functions.
*/
/**
* @param int $user_record The account_id
* @param array $channel
* @param bool $login_initial default false
* @param bool $interactive default false
* @param bool $return
@ -27,8 +28,8 @@ function authenticate_success($user_record, $channel = null, $login_initial = fa
$uid_to_load = $channel['channel_id'];
if(! $uid_to_load) {
$uid_to_load = (((x($_SESSION,'uid')) && (intval($_SESSION['uid'])))
? intval($_SESSION['uid'])
$uid_to_load = (((x($_SESSION,'uid')) && (intval($_SESSION['uid'])))
? intval($_SESSION['uid'])
: intval(App::$account['account_default_channel'])
);
}
@ -89,21 +90,28 @@ function authenticate_success($user_record, $channel = null, $login_initial = fa
function atoken_login($atoken) {
if(! $atoken)
return false;
$_SESSION['authenticated'] = 1;
$_SESSION['visitor_id'] = $atoken['xchan_hash'];
$_SESSION['atoken'] = $atoken['atoken_id'];
\App::set_observer($atoken);
return true;
}
/**
* @brief
*
* @param array $atoken
* @return array|null
*/
function atoken_xchan($atoken) {
$c = channelx_by_n($atoken['atoken_uid']);
if($c) {
return [
'atoken_id' => $atoken['atoken_id'],
'atoken_id' => $atoken['atoken_id'],
'xchan_hash' => substr($c['channel_hash'],0,16) . '.' . $atoken['atoken_name'],
'xchan_name' => $atoken['atoken_name'],
'xchan_addr' => t('guest:') . $atoken['atoken_name'] . '@' . \App::get_hostname(),
@ -114,9 +122,9 @@ function atoken_xchan($atoken) {
'xchan_photo_l' => get_default_profile_photo(300),
'xchan_photo_m' => get_default_profile_photo(80),
'xchan_photo_s' => get_default_profile_photo(48)
];
}
return null;
}
@ -133,7 +141,7 @@ function atoken_delete($atoken_id) {
);
if(! $c)
return;
$atoken_xchan = substr($c[0]['channel_hash'],0,16) . '.' . $r[0]['atoken_name'];
q("delete from atoken where atoken_id = %d",
@ -145,12 +153,16 @@ function atoken_delete($atoken_id) {
);
}
// in order for atoken logins to create content (such as posts) they need a stored xchan.
// we'll create one on the first atoken_login; it can't really ever go away but perhaps
// @fixme we should set xchan_deleted if it's expired or removed
/**
* @brief
*
* In order for atoken logins to create content (such as posts) they need a stored xchan.
* we'll create one on the first atoken_login; it can't really ever go away but perhaps
* @fixme we should set xchan_deleted if it's expired or removed
*
* @param array $xchan
* @return void|boolean
*/
function atoken_create_xchan($xchan) {
$r = q("select xchan_hash from xchan where xchan_hash = '%s'",
@ -159,7 +171,7 @@ function atoken_create_xchan($xchan) {
if($r)
return;
$r = q("insert into xchan ( xchan_hash, xchan_guid, xchan_addr, xchan_url, xchan_name, xchan_network, xchan_photo_mimetype, xchan_photo_l, xchan_photo_m, xchan_photo_s )
$r = q("insert into xchan ( xchan_hash, xchan_guid, xchan_addr, xchan_url, xchan_name, xchan_network, xchan_photo_mimetype, xchan_photo_l, xchan_photo_m, xchan_photo_s )
values ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s') ",
dbesc($xchan['xchan_hash']),
dbesc($xchan['xchan_hash']),
@ -202,12 +214,11 @@ function atoken_abook($uid,$xchan_hash) {
}
return false;
}
function pseudo_abook($xchan) {
if(! $xchan)
if(! $xchan)
return false;
// set abook_pseudo to flag that we aren't really connected.
@ -216,8 +227,8 @@ function pseudo_abook($xchan) {
$xchan['abook_blocked'] = 0;
$xchan['abook_ignored'] = 0;
$xchan['abook_pending'] = 0;
return $xchan;
}
@ -228,7 +239,6 @@ function pseudo_abook($xchan) {
*
* @return bool|array false or channel record of the new channel
*/
function change_channel($change_channel) {
$ret = false;
@ -260,7 +270,7 @@ function change_channel($change_channel) {
date_default_timezone_set($r[0]['channel_timezone']);
$ret = $r[0];
}
$x = q("select * from xchan where xchan_hash = '%s' limit 1",
$x = q("select * from xchan where xchan_hash = '%s' limit 1",
dbesc($hash)
);
if($x) {
@ -275,7 +285,6 @@ function change_channel($change_channel) {
$arr = [ 'channel_id' => $change_channel, 'chanx' => $ret ];
call_hooks('change_channel', $arr);
}
return $ret;
@ -285,11 +294,11 @@ function change_channel($change_channel) {
* @brief Creates an additional SQL where statement to check permissions.
*
* @param int $owner_id
* @param bool $remote_observer - if unset use current observer
* @param bool $remote_observer (optional) use current observer if unset
* @param $table (optional)
*
* @return string additional SQL where statement
*/
function permissions_sql($owner_id, $remote_observer = null, $table = '') {
$local_channel = local_channel();
@ -303,11 +312,10 @@ function permissions_sql($owner_id, $remote_observer = null, $table = '') {
if($table)
$table .= '.';
$sql = " AND {$table}allow_cid = ''
AND {$table}allow_gid = ''
AND {$table}deny_cid = ''
AND {$table}deny_gid = ''
$sql = " AND {$table}allow_cid = ''
AND {$table}allow_gid = ''
AND {$table}deny_cid = ''
AND {$table}deny_gid = ''
";
/**
@ -319,7 +327,7 @@ function permissions_sql($owner_id, $remote_observer = null, $table = '') {
}
/**
* Authenticated visitor. Unless pre-verified,
* Authenticated visitor. Unless pre-verified,
* check that the contact belongs to this $owner_id
* and load the groups the visitor belongs to.
* If pre-verified, the caller is expected to have already
@ -358,7 +366,7 @@ function permissions_sql($owner_id, $remote_observer = null, $table = '') {
* @brief Creates an addiontal SQL where statement to check permissions for an item.
*
* @param int $owner_id
* @param bool $remote_observer, use current observer if unset
* @param bool $remote_observer (optional) use current observer if unset
*
* @return string additional SQL where statement
*/
@ -379,7 +387,7 @@ function item_permissions_sql($owner_id, $remote_observer = null) {
*/
if(($local_channel) && ($local_channel == $owner_id)) {
$sql = '';
$sql = '';
}
/**
@ -425,7 +433,7 @@ function item_permissions_sql($owner_id, $remote_observer = null) {
/**
* Remote visitors also need to be checked against the public_scope parameter if item_private is set.
* This function checks the various permutations of that field for any which apply to this observer.
*
*
*/
@ -448,9 +456,9 @@ function scopes_sql($uid,$observer) {
$str .= " or public_policy = 'contacts' ) ";
return $str;
}
@ -500,7 +508,7 @@ function public_permissions_sql($observer_hash) {
* If the new page contains by any chance external elements, then the used security token is exposed by the referrer.
* Actually, important actions should not be triggered by Links / GET-Requests at all, but somethimes they still are,
* so this mechanism brings in some damage control (the attacker would be able to forge a request to a form of this type, but not to forms of other types).
*/
*/
function get_form_security_token($typename = '') {
$timestamp = time();
@ -561,13 +569,13 @@ function init_groups_visitor($contact_id) {
// This is used to determine which uid have posts which are visible to the logged in user (from the API) for the
// This is used to determine which uid have posts which are visible to the logged in user (from the API) for the
// public_timeline, and we can use this in a community page by making
// $perms = (PERMS_NETWORK|PERMS_PUBLIC) unless logged in.
// $perms = (PERMS_NETWORK|PERMS_PUBLIC) unless logged in.
// Collect uids of everybody on this site who has opened their posts to everybody on this site (or greater visibility)
// We always include yourself if logged in because you can always see your own posts
// resolving granular permissions for the observer against every person and every post on the site
// will likely be too expensive.
// will likely be too expensive.
// Returns a string list of comma separated channel_ids suitable for direct inclusion in a SQL query
function stream_perms_api_uids($perms = NULL, $limit = 0, $rand = 0 ) {

565
include/text.php
View file

File diff suppressed because it is too large Load diff

95
include/widgets.php
View file

@ -126,7 +126,7 @@ function widget_suggestions($arr) {
// Get two random entries from the top 20 returned.
// We'll grab the first one and the one immediately following.
// This will throw some entropy intot he situation so you won't
// This will throw some entropy intot he situation so you won't
// be looking at the same two mug shots every time the widget runs
$index = ((count($r) > 2) ? mt_rand(0,count($r) - 2) : 0);
@ -169,7 +169,7 @@ function widget_follow($args) {
intval($uid)
);
if($r)
$total_channels = $r[0]['total'];
$total_channels = $r[0]['total'];
$limit = service_class_fetch($uid,'total_channels');
if($limit !== false) {
$abook_usage_message = sprintf( t("You have %1$.0f of %2$.0f allowed connections."), $total_channels, $limit);
@ -212,7 +212,7 @@ function widget_savedsearch($arr) {
$search = ((x($_GET,'netsearch')) ? $_GET['netsearch'] : '');
if(! $search)
$search = ((x($_GET,'search')) ? $_GET['search'] : '');
if(x($_GET,'searchsave') && $search) {
$r = q("select * from term where uid = %d and ttype = %d and term = '%s' limit 1",
intval(local_channel()),
@ -252,7 +252,7 @@ function widget_savedsearch($arr) {
$hasamp = ((strpos($srchurl,'&') !== false) ? true : false);
if(($hasamp) && (! $hasq))
$srchurl = substr($srchurl,0,strpos($srchurl,'&')) . '?f=&' . substr($srchurl,strpos($srchurl,'&')+1);
$srchurl = substr($srchurl,0,strpos($srchurl,'&')) . '?f=&' . substr($srchurl,strpos($srchurl,'&')+1);
$o = '';
@ -292,7 +292,7 @@ function widget_savedsearch($arr) {
function widget_sitesearch($arr) {
$search = ((x($_GET,'search')) ? $_GET['search'] : '');
$srchurl = App::$query_string;
$srchurl = rtrim(preg_replace('/search\=[^\&].*?(\&|$)/is','',$srchurl),'&');
@ -304,7 +304,7 @@ function widget_sitesearch($arr) {
$hasamp = ((strpos($srchurl,'&') !== false) ? true : false);
if(($hasamp) && (! $hasq))
$srchurl = substr($srchurl,0,strpos($srchurl,'&')) . '?f=&' . substr($srchurl,strpos($srchurl,'&')+1);
$srchurl = substr($srchurl,0,strpos($srchurl,'&')) . '?f=&' . substr($srchurl,strpos($srchurl,'&')+1);
$o = '';
@ -554,7 +554,7 @@ function widget_affinity($arr) {
));
$arr = array('html' => $x);
call_hooks('main_slider',$arr);
return $arr['html'];
return $arr['html'];
}
return '';
@ -802,10 +802,10 @@ function widget_design_tools($arr) {
// mod menu doesn't load a profile. For any modules which load a profile, check it.
// otherwise local_channel() is sufficient for permissions.
if(App::$profile['profile_uid'])
if(App::$profile['profile_uid'])
if((App::$profile['profile_uid'] != local_channel()) && (! App::$is_sys))
return '';
if(! local_channel())
return '';
@ -817,10 +817,10 @@ function widget_website_portation_tools($arr) {
// mod menu doesn't load a profile. For any modules which load a profile, check it.
// otherwise local_channel() is sufficient for permissions.
if(App::$profile['profile_uid'])
if(App::$profile['profile_uid'])
if((App::$profile['profile_uid'] != local_channel()) && (! App::$is_sys))
return '';
if(! local_channel())
return '';
@ -841,7 +841,7 @@ function widget_photo_albums($arr) {
return '';
require_once('include/photos.php');
$sortkey = ((array_key_exists('sortkey',$arr)) ? $arr['sortkey'] : 'album');
$direction = ((array_key_exists('direction',$arr)) ? $arr['direction'] : 'asc');
$direction = ((array_key_exists('direction',$arr)) ? $arr['direction'] : 'asc');
return photos_album_widget($channelx, App::get_observer(),$sortkey,$direction);
}
@ -901,7 +901,7 @@ function widget_wiki_list($arr) {
require_once("include/wiki.php");
$channel = null;
if (argc() < 2 && local_channel()) {
if (argc() < 2 && local_channel()) {
// This should not occur because /wiki should redirect to /wiki/channel ...
$channel = \App::get_channel();
} else {
@ -996,9 +996,9 @@ function widget_suggestedchats($arr) {
if(! feature_enabled(App::$profile['profile_uid'],'ajaxchat'))
return '';
// There are reports that this tool does not ever remove chatrooms on dead sites,
// There are reports that this tool does not ever remove chatrooms on dead sites,
// and also will happily link to private chats which you cannot enter.
// For those reasons, it will be disabled until somebody decides it's worth
// For those reasons, it will be disabled until somebody decides it's worth
// fixing and comes up with a plan for doing so.
return '';
@ -1044,7 +1044,7 @@ function widget_item($arr) {
if($arr['title']) {
$r = q("select item.* from item left join iconfig on item.id = iconfig.iid
where item.uid = %d and iconfig.cat = 'system' and iconfig.v = '%s'
where item.uid = %d and iconfig.cat = 'system' and iconfig.v = '%s'
and iconfig.k = 'WEBPAGE' and item_type = %d $sql_options $revision limit 1",
intval($channel_id),
dbesc($arr['title']),
@ -1108,7 +1108,7 @@ function showtime(){
// timeValue += ((seconds < 10) ? ":0" : ":") + seconds
if(! military)
timeValue += (hours >= 12) ? " P.M." : " A.M."
$('.clockface').html(timeValue)
$('.clockface').html(timeValue)
timerID = setTimeout("showtime()",1000)
timerRunning = true
}
@ -1124,17 +1124,16 @@ return $o;
}
/**
* @function widget_photo($arr)
* widget to display a single photo.
* @param array $arr;
* 'src' => URL of photo
* 'zrl' => true or false, use zid in url
* 'style' => CSS string
* URL must be an http or https URL
* @brief Widget to display a single photo.
*
* @param array $arr associative array with
* * \e string \b src URL of photo; URL must be an http or https URL
* * \e boolean \b zrl use zid in URL
* * \e string \b style CSS string
*
* @return string with parsed HTML
*/
function widget_photo($arr) {
$style = $zrl = false;
@ -1142,7 +1141,7 @@ function widget_photo($arr) {
if(array_key_exists('src', $arr) && isset($arr['src']))
$url = $arr['src'];
if(strpos($url,'http') !== 0)
if(strpos($url, 'http') !== 0)
return '';
if(array_key_exists('style', $arr) && isset($arr['style']))
@ -1150,7 +1149,7 @@ function widget_photo($arr) {
// ensure they can't sneak in an eval(js) function
if(strpbrk($style,'(\'"<>') !== false)
if(strpbrk($style, '(\'"<>') !== false)
$style = '';
if(array_key_exists('zrl', $arr) && isset($arr['zrl']))
@ -1161,8 +1160,8 @@ function widget_photo($arr) {
$o = '<div class="widget">';
$o .= '<img ' . (($zrl) ? ' class="zrl" ' : '')
. (($style) ? ' style="' . $style . '"' : '')
$o .= '<img ' . (($zrl) ? ' class="zrl" ' : '')
. (($style) ? ' style="' . $style . '"' : '')
. ' src="' . $url . '" alt="' . t('photo/image') . '">';
$o .= '</div>';
@ -1175,7 +1174,7 @@ function widget_cover_photo($arr) {
require_once('include/channel.php');
$o = '';
if(App::$module == 'channel' && $_REQUEST['mid'])
return '';
@ -1191,7 +1190,7 @@ function widget_cover_photo($arr) {
if(array_key_exists('style', $arr) && isset($arr['style']))
$style = $arr['style'];
else
else
$style = 'width:100%; height: auto;';
// ensure they can't sneak in an eval(js) function
@ -1273,8 +1272,8 @@ function widget_photo_rand($arr) {
$o = '<div class="widget">';
$o .= '<img class="zrl" '
. (($style) ? ' style="' . $style . '"' : '')
$o .= '<img class="zrl" '
. (($style) ? ' style="' . $style . '"' : '')
. ' src="' . $url . '" alt="' . t('photo/image') . '">';
$o .= '</div>';
@ -1304,7 +1303,7 @@ function widget_random_block($arr) {
$randfunc = db_getfunc('RAND');
$r = q("select item.* from item left join iconfig on item.id = iconfig.iid
where item.uid = %d and iconfig.cat = 'system' and iconfig.v like '%s' and iconfig.k = 'BUILDBLOCK' and
where item.uid = %d and iconfig.cat = 'system' and iconfig.v like '%s' and iconfig.k = 'BUILDBLOCK' and
item_type = %d $sql_options order by $randfunc limit 1",
intval($channel_id),
dbesc('%' . $contains . '%'),
@ -1413,7 +1412,7 @@ function widget_forums($arr) {
/**
* We used to try and find public forums with custom permissions by checking to see if
* send_stream was false and tag_deliver was true. However with the newer extensible
* send_stream was false and tag_deliver was true. However with the newer extensible
* permissions infrastructure this makes for a very complicated query. Now we're only
* checking channels that report themselves specifically as pubforums
*/
@ -1440,11 +1439,11 @@ function widget_forums($arr) {
/**
* @FIXME
* This SQL makes the counts correct when you get forum posts arriving from different routes/sources
* (like personal channels). However the network query for these posts doesn't yet include this
* correction and it makes the SQL for that query pretty hairy so this is left as a future exercise.
* (like personal channels). However the network query for these posts doesn't yet include this
* correction and it makes the SQL for that query pretty hairy so this is left as a future exercise.
* It may make more sense in that query to look for the mention in the body rather than another join,
* but that makes it very inefficient.
*
*
$r = q("select sum(item_unseen) as unseen from item left join term on oid = id where otype = %d and owner_xchan != '%s' and item.uid = %d and url = '%s' and ttype = %d $perms_sql ",
intval(TERM_OBJ_POST),
dbesc($r1[$x]['xchan_hash']),
@ -1457,7 +1456,7 @@ function widget_forums($arr) {
*
* end @FIXME
*/
}
if($r1) {
@ -1471,7 +1470,7 @@ function widget_forums($arr) {
}
$o .= '</ul></div>';
}
return $o;
return $o;
}
@ -1489,7 +1488,7 @@ function widget_tasklist($arr) {
$(".tasklist-tasks").html(data.html);
});
}
</script>';
</script>';
$o .= '<div class="widget">' . '<h3>' . t('Tasks') . '</h3><div class="tasklist-tasks">';
$o .= '</div><form id="tasklist-new-form" action="" ><input id="tasklist-new-summary" type="text" name="summary" value="" /></form>';
@ -1516,7 +1515,7 @@ function widget_helpindex($arr) {
if(argc() > 2) {
$path = '';
for($x = 1; $x < argc(); $x ++) {
$path .= argv($x) . '/';
$path .= argv($x) . '/';
$y = get_help_content($path . 'sitetoc');
if(! $y)
$y = get_help_content($path . 'toc');
@ -1590,7 +1589,7 @@ function widget_admin($arr) {
call_hooks('admin_aside',$arr);
$o .= replace_macros(get_markup_template('admin_aside.tpl'), array(
'$admin' => $aside,
'$admin' => $aside,
'$admtxt' => t('Admin'),
'$plugadmtxt' => t('Plugin Features'),
'$plugins' => $plugins,
@ -1620,7 +1619,7 @@ function widget_album($args) {
if($args['title'])
$title = $args['title'];
/**
/**
* This may return incorrect permissions if you have multiple directories of the same name.
* It is a limitation of the photo table using a name for a photo album instead of a folder hash
*/
@ -1640,7 +1639,7 @@ function widget_album($args) {
$order = 'DESC';
$r = q("SELECT p.resource_id, p.id, p.filename, p.mimetype, p.imgscale, p.description, p.created FROM photo p INNER JOIN
(SELECT resource_id, max(imgscale) imgscale FROM photo WHERE uid = %d AND album = '%s' AND imgscale <= 4 AND photo_usage IN ( %d, %d ) $sql_extra GROUP BY resource_id) ph
(SELECT resource_id, max(imgscale) imgscale FROM photo WHERE uid = %d AND album = '%s' AND imgscale <= 4 AND photo_usage IN ( %d, %d ) $sql_extra GROUP BY resource_id) ph
ON (p.resource_id = ph.resource_id AND p.imgscale = ph.imgscale)
ORDER BY created $order ",
intval($owner_uid),
@ -1648,7 +1647,7 @@ function widget_album($args) {
intval(PHOTO_NORMAL),
intval(PHOTO_PROFILE)
);
//edit album name
$album_edit = null;
@ -1661,7 +1660,7 @@ function widget_album($args) {
$twist = 'rotleft';
else
$twist = 'rotright';
$ext = $phototypes[$rr['mimetype']];
$imgalt_e = $rr['filename'];

183
include/zot.php
View file

@ -176,7 +176,7 @@ function zot_zot($url, $data) {
* @param boolean $autofallback
* fallback/failover to http if https connection cannot be established. Default is true.
*
* @return array see z_post_url() and \ref mod/zfinger.php
* @return array see z_post_url() and \ref Zotlabs::Zot::Finger "\\Zotlabs\\Zot\\Finger"
*/
function zot_finger($webbie, $channel = null, $autofallback = true) {
@ -301,7 +301,7 @@ function zot_refresh($them, $channel = null, $force = false) {
// if they re-installed the server we could end up with the wrong record - pointing to the old install.
// We'll order by reverse id to try and pick off the newest one first and hopefully end up with the
// correct hubloc. If this doesn't work we may have to re-write this section to try them all.
// correct hubloc. If this doesn't work we may have to re-write this section to try them all.
if(array_key_exists('xchan_addr',$them) && $them['xchan_addr']) {
$r = q("select hubloc_url, hubloc_primary from hubloc where hubloc_addr = '%s' order by hubloc_id desc",
@ -522,7 +522,7 @@ function zot_refresh($them, $channel = null, $force = false) {
'to_xchan' => $channel['channel_hash'],
'link' => z_root() . '/connedit/' . $new_connection[0]['abook_id'],
));
if(intval($permissions['view_stream'])) {
if(intval(get_pconfig($channel['channel_id'],'perm_limits','send_stream') & PERMS_PENDING)
|| (! intval($new_connection[0]['abook_pending'])))
@ -535,7 +535,7 @@ function zot_refresh($them, $channel = null, $force = false) {
if($default_group) {
require_once('include/group.php');
$g = group_rec_byhash($channel['channel_id'],$default_group);
if($g)
if($g)
group_add_member($channel['channel_id'],'',$x['hash'],$g['id']);
}
@ -571,11 +571,12 @@ function zot_refresh($them, $channel = null, $force = false) {
* * \e string \b guid_sig => guid signed with conversant's private key
* * \e string \b url => URL of the origination hub of this communication
* * \e string \b url_sig => URL signed with conversant's private key
* @param boolean $multiple (optional) default false
*
* @returns array|null null if site is blacklisted or not found, otherwise an
* array with an hubloc record
*/
function zot_gethub($arr,$multiple = false) {
function zot_gethub($arr, $multiple = false) {
if($arr['guid'] && $arr['guid_sig'] && $arr['url'] && $arr['url_sig']) {
@ -586,7 +587,7 @@ function zot_gethub($arr,$multiple = false) {
$limit = (($multiple) ? '' : ' limit 1 ');
$sitekey = ((array_key_exists('sitekey',$arr) && $arr['sitekey']) ? " and hubloc_sitekey = '" . protect_sprintf($arr['sitekey']) . "' " : '');
$r = q("select * from hubloc
where hubloc_guid = '%s' and hubloc_guid_sig = '%s'
and hubloc_url = '%s' and hubloc_url_sig = '%s'
@ -754,15 +755,15 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) {
if(intval($r[0]['xchan_pubforum']) != intval($arr['public_forum']))
$pubforum_changed = 1;
if(($r[0]['xchan_name_date'] != $arr['name_updated'])
|| ($r[0]['xchan_connurl'] != $arr['connections_url'])
if(($r[0]['xchan_name_date'] != $arr['name_updated'])
|| ($r[0]['xchan_connurl'] != $arr['connections_url'])
|| ($r[0]['xchan_addr'] != $arr['address'])
|| ($r[0]['xchan_follow'] != $arr['follow_url'])
|| ($r[0]['xchan_connpage'] != $arr['connect_url'])
|| ($r[0]['xchan_connpage'] != $arr['connect_url'])
|| ($r[0]['xchan_url'] != $arr['url'])
|| $hidden_changed || $adult_changed || $deleted_changed || $pubforum_changed ) {
$rup = q("update xchan set xchan_name = '%s', xchan_name_date = '%s', xchan_connurl = '%s', xchan_follow = '%s',
xchan_connpage = '%s', xchan_hidden = %d, xchan_selfcensored = %d, xchan_deleted = %d, xchan_pubforum = %d,
$rup = q("update xchan set xchan_name = '%s', xchan_name_date = '%s', xchan_connurl = '%s', xchan_follow = '%s',
xchan_connpage = '%s', xchan_hidden = %d, xchan_selfcensored = %d, xchan_deleted = %d, xchan_pubforum = %d,
xchan_addr = '%s', xchan_url = '%s' where xchan_hash = '%s'",
dbesc(($arr['name']) ? $arr['name'] : '-'),
dbesc($arr['name_updated']),
@ -1022,12 +1023,12 @@ function zot_process_response($hub, $arr, $outq) {
}
}
// we have a more descriptive delivery report, so discard the per hub 'queued' report.
// we have a more descriptive delivery report, so discard the per hub 'queued' report.
q("delete from dreport where dreport_queue = '%s' ",
dbesc($outq['outq_hash'])
);
// update the timestamp for this site
q("update site set site_dead = 0, site_update = '%s' where site_url = '%s'",
@ -1068,7 +1069,7 @@ function zot_fetch($arr) {
// set $multiple param on zot_gethub() to return all matching hubs
// This allows us to recover from re-installs when a redundant (but invalid) hubloc for
// this identity is widely dispersed throughout the network.
// this identity is widely dispersed throughout the network.
$ret_hubs = zot_gethub($arr['sender'],true);
if(! $ret_hubs) {
@ -1080,7 +1081,7 @@ function zot_fetch($arr) {
$data = array(
'type' => 'pickup',
'url' => z_root(),
'callback_sig' => base64url_encode(rsa_sign(z_root() . '/post',get_config('system','prvkey'))),
'callback_sig' => base64url_encode(rsa_sign(z_root() . '/post',get_config('system','prvkey'))),
'callback' => z_root() . '/post',
'secret' => $arr['secret'],
'secret_sig' => base64url_encode(rsa_sign($arr['secret'],get_config('system','prvkey')))
@ -1091,7 +1092,7 @@ function zot_fetch($arr) {
$fetch = zot_zot($url,$datatosend);
$result = zot_import($fetch, $arr['sender']['url']);
if($result)
return $result;
}
@ -1195,7 +1196,7 @@ function zot_import($arr, $sender_url) {
if($recip_arr) {
stringify_array_elms($recip_arr);
$recips = implode(',',$recip_arr);
$r = q("select channel_hash as hash from channel where channel_hash in ( " . $recips . " )
$r = q("select channel_hash as hash from channel where channel_hash in ( " . $recips . " )
and channel_removed = 0 ");
}
@ -1403,7 +1404,7 @@ function public_recips($msg) {
$perm = 'post_mail';
$r = array();
$c = q("select channel_id, channel_hash from channel where channel_removed = 0");
if($c) {
foreach($c as $cc) {
@ -1432,7 +1433,7 @@ function public_recips($msg) {
if(($tag['type'] === 'mention') && (strpos($tag['url'],z_root()) !== false)) {
$address = basename($tag['url']);
if($address) {
$z = q("select channel_hash as hash from channel where channel_address = '%s'
$z = q("select channel_hash as hash from channel where channel_address = '%s'
and channel_removed = 0 limit 1",
dbesc($address)
);
@ -1605,12 +1606,12 @@ function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $
/**
* @FIXME: Somehow we need to block normal message delivery from our clones, as the delivered
* message doesn't have ACL information in it as the cloned copy does. That copy
* will normally arrive first via sync delivery, but this isn't guaranteed.
* message doesn't have ACL information in it as the cloned copy does. That copy
* will normally arrive first via sync delivery, but this isn't guaranteed.
* There's a chance the current delivery could take place before the cloned copy arrives
* hence the item could have the wrong ACL and *could* be used in subsequent deliveries or
* access checks. So far all attempts at identifying this situation precisely
* have caused issues with delivery of relayed comments.
* have caused issues with delivery of relayed comments.
*/
// if(($d['hash'] === $sender['hash']) && ($sender['url'] !== z_root()) && (! $relay)) {
@ -1743,7 +1744,7 @@ function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $
intval($channel['channel_id']),
dbesc($arr['owner_xchan'])
);
$abook = (($ab) ? $ab[0] : null);
$abook = (($ab) ? $ab[0] : null);
if(intval($arr['item_deleted'])) {
@ -1757,7 +1758,7 @@ function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $
$arr['uid'] = $channel['channel_id'];
$item_id = delete_imported_item($sender,$arr,$channel['channel_id'],$relay);
$DR->update(($item_id) ? 'deleted' : 'delete_failed');
$DR->update(($item_id) ? 'deleted' : 'delete_failed');
$result[] = $DR->get();
if($relay && $item_id) {
@ -1779,7 +1780,7 @@ function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $
$item_id = $r[0]['id'];
if(intval($r[0]['item_deleted'])) {
// It was deleted locally.
// It was deleted locally.
$DR->update('update ignored');
$result[] = $DR->get();
@ -1806,8 +1807,8 @@ function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $
$result[] = $DR->get();
// We need this line to ensure wall-to-wall comments are relayed (by falling through to the relay bit),
// and at the same time not relay any other relayable posts more than once, because to do so is very wasteful.
// We need this line to ensure wall-to-wall comments are relayed (by falling through to the relay bit),
// and at the same time not relay any other relayable posts more than once, because to do so is very wasteful.
if(! intval($r[0]['item_origin']))
continue;
}
@ -1821,7 +1822,7 @@ function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $
if(check_item_source($arr['uid'], $arr))
call_hooks('post_local', $arr);
$item_id = 0;
if(($arr['mid'] == $arr['parent_mid']) && (! post_is_importable($arr,$abook))) {
@ -1934,9 +1935,11 @@ function remove_community_tag($sender, $arr, $uid) {
* @brief Just calls item_store_update() and logs result.
*
* @see item_store_update()
*
* @param array $sender (unused)
* @param array $item
* @param int $uid (unused)
* @param array $orig
* @param int $uid
*/
function update_imported_item($sender, $item, $orig, $uid) {
@ -1957,7 +1960,7 @@ function update_imported_item($sender, $item, $orig, $uid) {
// because event_addtocal will parse the body to get the 'new' event details
if($orig['resource_type'] === 'event') {
$res = event_addtocal($orig['id'],$uid);
$res = event_addtocal($orig['id'], $uid);
if(! $res)
logger('update event: failed');
}
@ -2232,15 +2235,15 @@ function process_location_delivery($sender,$arr,$deliveries) {
/**
* @brief checks for a moved UNO channel and sets the channel_moved flag
*
*
* Currently the effect of this flag is to turn the channel into 'read-only' mode.
* New content will not be processed (there was still an issue with blocking the
* New content will not be processed (there was still an issue with blocking the
* ability to post comments as of 10-Mar-2016).
* We do not physically remove the channel at this time. The hub admin may choose
* We do not physically remove the channel at this time. The hub admin may choose
* to do so, but is encouraged to allow a grace period of several days in case there
* are any issues migrating content. This packet will generally be received by the
* original site when the basic channel import has been processed.
*
*
* This will only be executed on the UNO system which is the old location
* if a new location is reported and there is only one location record.
* The rest of the hubloc syncronisation will be handled within
@ -2252,7 +2255,7 @@ function process_location_delivery($sender,$arr,$deliveries) {
function check_location_move($sender_hash,$locations) {
if(! $locations)
return;
return;
if(get_config('system','server_role') !== 'basic')
return;
@ -2275,13 +2278,13 @@ function check_location_move($sender_hash,$locations) {
dbesc($sender_hash)
);
// federation plugins may wish to notify connections
// federation plugins may wish to notify connections
// of the move on singleton networks
$arr = array('channel' => $r[0],'locations' => $locations);
call_hooks('location_move',$arr);
}
}
}
@ -2536,7 +2539,7 @@ function zot_encode_locations($channel) {
foreach($x as $hub) {
// if this is a local channel that has been deleted, the hubloc is no good - make sure it is marked deleted
// so that nobody tries to use it.
// so that nobody tries to use it.
if(intval($channel['channel_removed']) && $hub['hubloc_url'] === z_root())
$hub['hubloc_deleted'] = 1;
@ -3090,7 +3093,7 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
require_once('include/import.php');
/** @FIXME this will sync red structures (channel, pconfig and abook).
/** @FIXME this will sync red structures (channel, pconfig and abook).
Eventually we need to make this application agnostic. */
$result = array();
@ -3181,15 +3184,15 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
$arr['channel']['channel_pageflags'] = $arr['channel']['channel_pageflags'] - 0x1000;
}
$disallowed = [
'channel_id', 'channel_account_id', 'channel_primary', 'channel_prvkey',
'channel_address', 'channel_notifyflags', 'channel_removed', 'channel_deleted',
'channel_system', 'channel_r_stream', 'channel_r_profile', 'channel_r_abook',
'channel_r_storage', 'channel_r_pages', 'channel_w_stream', 'channel_w_wall',
'channel_w_comment', 'channel_w_mail', 'channel_w_like', 'channel_w_tagwall',
'channel_w_chat', 'channel_w_storage', 'channel_w_pages', 'channel_a_republish',
'channel_a_delegate'
$disallowed = [
'channel_id', 'channel_account_id', 'channel_primary', 'channel_prvkey',
'channel_address', 'channel_notifyflags', 'channel_removed', 'channel_deleted',
'channel_system', 'channel_r_stream', 'channel_r_profile', 'channel_r_abook',
'channel_r_storage', 'channel_r_pages', 'channel_w_stream', 'channel_w_wall',
'channel_w_comment', 'channel_w_mail', 'channel_w_like', 'channel_w_tagwall',
'channel_w_chat', 'channel_w_storage', 'channel_w_pages', 'channel_a_republish',
'channel_a_delegate'
];
$clean = array();
@ -3226,7 +3229,7 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
foreach($arr['abook'] as $abook) {
$abconfig = null;
@ -3503,7 +3506,7 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
foreach($profile as $k => $v) {
if(in_array($k,$disallowed))
continue;
if($k === 'name')
$clean['fullname'] = $v;
elseif($k === 'with')
@ -3514,7 +3517,7 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
$clean[$k] = $v;
/**
* @TODO
* @TODO
* We also need to import local photos if a custom photo is selected
*/
}
@ -3716,18 +3719,18 @@ function zotinfo($arr) {
}
}
$ztarget_hash = (($ztarget && $zsig) ? make_xchan_hash($ztarget,$zsig) : '' );
$ztarget_hash = (($ztarget && $zsig) ? make_xchan_hash($ztarget,$zsig) : '' );
$r = null;
if(strlen($zhash)) {
$r = q("select channel.*, xchan.* from channel left join xchan on channel_hash = xchan_hash
$r = q("select channel.*, xchan.* from channel left join xchan on channel_hash = xchan_hash
where channel_hash = '%s' limit 1",
dbesc($zhash)
);
}
elseif(strlen($zguid) && strlen($zguid_sig)) {
$r = q("select channel.*, xchan.* from channel left join xchan on channel_hash = xchan_hash
$r = q("select channel.*, xchan.* from channel left join xchan on channel_hash = xchan_hash
where channel_guid = '%s' and channel_guid_sig = '%s' limit 1",
dbesc($zguid),
dbesc($zguid_sig)
@ -3746,7 +3749,7 @@ function zotinfo($arr) {
/**
* The special address '[system]' will return a system channel if one has been defined,
* Or the first valid channel we find if there are no system channels.
* Or the first valid channel we find if there are no system channels.
*
* This is used by magic-auth if we have no prior communications with this site - and
* returns an identity on this site which we can use to create a valid hub record so that
@ -3761,7 +3764,7 @@ function zotinfo($arr) {
$r = q("select channel.*, xchan.* from channel left join xchan on channel_hash = xchan_hash
where channel_removed = 0 order by channel_id limit 1");
}
}
}
}
else {
$ret['message'] = 'Invalid request';
@ -3786,7 +3789,7 @@ function zotinfo($arr) {
if($deleted || $censored || $sys_channel)
$searchable = false;
$public_forum = false;
$role = get_pconfig($e['channel_id'],'system','permissions_role');
@ -3819,14 +3822,14 @@ function zotinfo($arr) {
if($p) {
if(! intval($p[0]['publish']))
$searchable = false;
$searchable = false;
$profile['description'] = $p[0]['pdesc'];
$profile['birthday'] = $p[0]['dob'];
if(($profile['birthday'] != '0000-00-00') && (($bd = z_birthday($p[0]['dob'],$e['channel_timezone'])) !== ''))
$profile['next_birthday'] = $bd;
if($age = age($p[0]['dob'],$e['channel_timezone'],''))
if($age = age($p[0]['dob'],$e['channel_timezone'],''))
$profile['age'] = $age;
$profile['gender'] = $p[0]['gender'];
$profile['marital'] = $p[0]['marital'];
@ -3879,14 +3882,14 @@ function zotinfo($arr) {
$ret['adult_content'] = $adult_channel;
$ret['public_forum'] = $public_forum;
if($deleted)
$ret['deleted'] = $deleted;
$ret['deleted'] = $deleted;
if(intval($e['channel_removed']))
$ret['deleted_locally'] = true;
// premium or other channel desiring some contact with potential followers before connecting.
// This is a template - %s will be replaced with the follow_url we discover for the return channel.
if($special_channel)
if($special_channel)
$ret['connect_url'] = z_root() . '/connect/' . $e['channel_address'];
// This is a template for our follow url, %s will be replaced with a webbie
@ -3962,7 +3965,7 @@ function zotinfo($arr) {
$ret['site']['access_policy'] = 'tiered';
$ret['site']['accounts'] = account_total();
require_once('include/channel.php');
$ret['site']['channels'] = channel_total();
@ -4003,7 +4006,7 @@ function check_zotinfo($channel,$locations,&$ret) {
// This function will likely expand as we find more things to detect and fix.
// 1. Because magic-auth is reliant on it, ensure that the system channel has a valid hubloc
// Force this to be the case if anything is found to be wrong with it.
// Force this to be the case if anything is found to be wrong with it.
// @FIXME ensure that the system channel exists in the first place and has an xchan
@ -4023,9 +4026,9 @@ function check_zotinfo($channel,$locations,&$ret) {
logger('System channel locations are not valid. Attempting repair.');
// Don't trust any existing records. Just get rid of them, but only do this
// Don't trust any existing records. Just get rid of them, but only do this
// for the sys channel as normal channels will be trickier.
q("delete from hubloc where hubloc_hash = '%s'",
dbesc($channel['channel_hash'])
);
@ -4082,7 +4085,7 @@ function delivery_report_is_storable($dr) {
return false;
// is the recipient one of our connections, or do we want to store every report?
// is the recipient one of our connections, or do we want to store every report?
$r = explode(' ', $dr['recipient']);
$rxchan = $r[0];
@ -4093,15 +4096,15 @@ function delivery_report_is_storable($dr) {
// We always add ourself as a recipient to private and relayed posts
// So if a remote site says they can't find us, that's no big surprise
// and just creates a lot of extra report noise
if(($dr['location'] !== z_root()) && ($dr['sender'] === $rxchan) && ($dr['status'] === 'recipient_not_found'))
return false;
// If you have a private post with a recipient list, every single site is going to report
// back a failed delivery for anybody on that list that isn't local to them. We're only
// back a failed delivery for anybody on that list that isn't local to them. We're only
// concerned about this if we have a local hubloc record which says we expected them to
// have a channel on that site.
$r = q("select hubloc_id from hubloc where hubloc_hash = '%s' and hubloc_url = '%s'",
dbesc($rxchan),
dbesc($dr['location'])
@ -4131,7 +4134,7 @@ function update_hub_connected($hub,$sitekey = '') {
* Any hub with the same URL and a different sitekey cannot be valid.
* Get rid of them (mark them deleted). There's a good chance they were re-installs.
*/
q("update hubloc set hubloc_deleted = 1, hubloc_error = 1 where hubloc_url = '%s' and hubloc_sitekey != '%s' ",
dbesc($hub['hubloc_url']),
dbesc($sitekey)
@ -4142,7 +4145,7 @@ function update_hub_connected($hub,$sitekey = '') {
$sitekey = $hub['sitekey'];
}
// $sender['sitekey'] is a new addition to the protocol to distinguish
// $sender['sitekey'] is a new addition to the protocol to distinguish
// hublocs coming from re-installed sites. Older sites will not provide
// this field and we have to still mark them valid, since we can't tell
// if this hubloc has the same sitekey as the packet we received.
@ -4165,7 +4168,7 @@ function update_hub_connected($hub,$sitekey = '') {
if(intval($hub['hubloc_error'])) {
q("update hubloc set hubloc_error = 0 where hubloc_id = %d and hubloc_sitekey = '%s' ",
intval($hub['hubloc_id']),
dbesc($sitekey)
dbesc($sitekey)
);
if(intval($r[0]['hubloc_orphancheck'])) {
q("update hubloc set hubloc_orhpancheck = 0 where hubloc_id = %d and hubloc_sitekey = '%s' ",
@ -4177,7 +4180,7 @@ function update_hub_connected($hub,$sitekey = '') {
dbesc($hub['hubloc_hash'])
);
}
return $hub['hubloc_url'];
}
@ -4190,7 +4193,7 @@ function zot_reply_ping() {
// This will let us know if any important communication details
// that we may have stored are no longer valid, regardless of xchan details.
logger('POST: got ping send pong now back: ' . z_root() , LOGGER_DEBUG );
$ret['success'] = true;
$ret['site'] = array();
$ret['site']['url'] = z_root();
@ -4264,7 +4267,7 @@ function zot_reply_pickup($data) {
/*
* If we made it to here, the signatures verify, but we still don't know if the tracking ID is valid.
* It wouldn't be an error if the tracking ID isn't found, because we may have sent this particular
* queue item with another pickup (after the tracking ID for the other pickup was verified).
* queue item with another pickup (after the tracking ID for the other pickup was verified).
*/
$r = q("select outq_posturl from outq where outq_hash = '%s' and outq_posturl = '%s' limit 1",
@ -4304,7 +4307,7 @@ function zot_reply_pickup($data) {
}
else
$ret['pickup'][] = array('notify' => json_decode($rr['outq_notify'],true),'message' => $x);
remove_queue_item($rr['outq_hash']);
}
}
@ -4326,7 +4329,7 @@ function zot_reply_auth_check($data,$encrypted_packet) {
* Requestor visits /magic/?dest=somewhere on their own site with a browser
* magic redirects them to $destsite/post [with auth args....]
* $destsite sends an auth_check packet to originator site
* The auth_check packet is handled here by the originator's site
* The auth_check packet is handled here by the originator's site
* - the browser session is still waiting
* inside $destsite/post for everything to verify
* If everything checks out we'll return a token to $destsite
@ -4348,9 +4351,9 @@ function zot_reply_auth_check($data,$encrypted_packet) {
// garbage collect any old unused notifications
// This was and should be 10 minutes but my hosting provider has time lag between the DB and
// the web server. We should probably convert this to webserver time rather than DB time so
// that the different clocks won't affect it and allow us to keep the time short.
// This was and should be 10 minutes but my hosting provider has time lag between the DB and
// the web server. We should probably convert this to webserver time rather than DB time so
// that the different clocks won't affect it and allow us to keep the time short.
Zotlabs\Zot\Verify::purge('auth','30 MINUTE');
@ -4361,7 +4364,7 @@ function zot_reply_auth_check($data,$encrypted_packet) {
// We created a unique hash in mod/magic.php when we invoked remote auth, and stored it in
// the verify table. It is now coming back to us as 'secret' and is signed by a channel at the other end.
// First verify their signature. We will have obtained a zot-info packet from them as part of the sender
// verification.
// verification.
if ((! $y) || (! rsa_verify($data['secret'], base64url_decode($data['secret_sig']),$y[0]['xchan_pubkey']))) {
logger('mod_zot: auth_check: sender not found or secret_sig invalid.');
@ -4434,7 +4437,7 @@ function zot_reply_purge($sender,$recipients) {
if ($recipients) {
// basically this means "unfriend"
foreach ($recipients as $recip) {
$r = q("select channel.*,xchan.* from channel
$r = q("select channel.*,xchan.* from channel
left join xchan on channel_hash = xchan_hash
where channel_guid = '%s' and channel_guid_sig = '%s' limit 1",
dbesc($recip['guid']),
@ -4451,13 +4454,13 @@ function zot_reply_purge($sender,$recipients) {
}
}
$ret['success'] = true;
}
}
else {
// Unfriend everybody - basically this means the channel has committed suicide
$arr = $sender;
$sender_hash = make_xchan_hash($arr['guid'],$arr['guid_sig']);
remove_all_xchan_resources($sender_hash);
remove_all_xchan_resources($sender_hash);
$ret['success'] = true;
}
@ -4472,7 +4475,7 @@ function zot_reply_refresh($sender,$recipients) {
// remote channel info (such as permissions or photo or something)
// has been updated. Grab a fresh copy and sync it.
// The difference between refresh and force_refresh is that
// The difference between refresh and force_refresh is that
// force_refresh unconditionally creates a directory update record,
// even if no changes were detected upon processing.
@ -4481,7 +4484,7 @@ function zot_reply_refresh($sender,$recipients) {
// This would be a permissions update, typically for one connection
foreach ($recipients as $recip) {
$r = q("select channel.*,xchan.* from channel
$r = q("select channel.*,xchan.* from channel
left join xchan on channel_hash = xchan_hash
where channel_guid = '%s' and channel_guid_sig = '%s' limit 1",
dbesc($recip['guid']),
@ -4489,17 +4492,17 @@ function zot_reply_refresh($sender,$recipients) {
);
$x = zot_refresh(array(
'xchan_guid' => $sender['guid'],
'xchan_guid' => $sender['guid'],
'xchan_guid_sig' => $sender['guid_sig'],
'hubloc_url' => $sender['url']
), $r[0], (($msgtype === 'force_refresh') ? true : false));
}
}
}
else {
// system wide refresh
$x = zot_refresh(array(
'xchan_guid' => $sender['guid'],
'xchan_guid' => $sender['guid'],
'xchan_guid_sig' => $sender['guid_sig'],
'hubloc_url' => $sender['url']
), null, (($msgtype === 'force_refresh') ? true : false));
@ -4522,7 +4525,7 @@ function zot_reply_notify($data) {
if($async) {
// add to receive queue
// qreceive_add($data);
}
}
else {
$x = zot_fetch($data);
$ret['delivery_report'] = $x;

6
util/Doxyfile
View file

@ -1,8 +1,8 @@
INPUT = README.md index.php boot.php mod/ include/ util/ view/ version.inc
INPUT = README.md index.php boot.php include/ install/ util/ view/ Zotlabs/
RECURSIVE = YES
PROJECT_NAME = "The Hubzilla"
PROJECT_LOGO = images/rm-64.png
EXCLUDE = .htconfig.php library/ doc/ vendor/ .git/ util/zotsh/easywebdav/
EXCLUDE = .htconfig.php library/ doc/ store/ vendor/ .git/ util/zotsh/easywebdav/ util/generate-hooks-index/
EXCLUDE_PATTERNS = *smarty3* *strings.php *.out *test*
OUTPUT_DIRECTORY = doc
GENERATE_HTML = YES
@ -21,3 +21,5 @@ ALIASES += "fixme=\xrefitem fixme \"Fixme\" \"Fixme List\""
ALIASES += "FIXME=\fixme"
ALIASES += "TODO=\todo"
ALIASES += "BUG=\bug"
ALIASES += "hooks=\xrefitem hooks \"Hooks\" \"Hooks List\""
ALIASES += "HOOKS=\hooks"