diff --git a/CHANGELOG b/CHANGELOG index 1b5155019..7fc5835a7 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -34,6 +34,7 @@ Hubzilla 1.8 Apps: Synchronise app list with changes to system apps Preserve existing app categories on app updates/edits + Regression: fixed translated system app names Architecture: Provide autoloaded class files and libraries for plugins. Further refactoring of session driver to sort out some cookie anomolies @@ -61,6 +62,9 @@ Hubzilla 1.8 Block 'sys' channels from being 'random profile' candidates DB update failed email could be sent in the wrong language under rare circumstances Openid remote authentication used incorrect namespace + URL attached to profile "things" was not linked, always showing the "thing" manage page + New connection wasn't added to default privacy group when "auto-accept" was enabled + Regression: iconfig sharing wasn't working properly Plugins: CalDAV/CardDAV plugin provided Issue sending Diaspora 'like' activities from sources that did not propagate the DCV diff --git a/Zotlabs/Lib/AbConfig.php b/Zotlabs/Lib/AbConfig.php index f2d6522b9..138d0dfea 100644 --- a/Zotlabs/Lib/AbConfig.php +++ b/Zotlabs/Lib/AbConfig.php @@ -5,18 +5,18 @@ namespace Zotlabs\Lib; class AbConfig { - static public function Load($chash,$xhash) { - $r = q("select * from abconfig where chan = '%s' and xchan = '%s'", - dbesc($chash), + static public function Load($chan,$xhash) { + $r = q("select * from abconfig where chan = %d and xchan = '%s'", + intval($chan), dbesc($xhash) ); return $r; } - static public function Get($chash,$xhash,$family,$key) { - $r = q("select * from abconfig where chan = '%s' and xchan = '%s' and cat = '%s' and k = '%s' limit 1", - dbesc($chash), + static public function Get($chan,$xhash,$family,$key) { + $r = q("select * from abconfig where chan = %d and xchan = '%s' and cat = '%s' and k = '%s' limit 1", + intval($chan), dbesc($xhash), dbesc($family), dbesc($key) @@ -28,14 +28,14 @@ class AbConfig { } - static public function Set($chash,$xhash,$family,$key,$value) { + static public function Set($chan,$xhash,$family,$key,$value) { $dbvalue = ((is_array($value)) ? serialize($value) : $value); $dbvalue = ((is_bool($dbvalue)) ? intval($dbvalue) : $dbvalue); - if(self::Get($chash,$xhash,$family,$key) === false) { - $r = q("insert into abconfig ( chan, xchan, cat, k, v ) values ( '%s', '%s', '%s', '%s', '%s' ) ", - dbesc($chash), + if(self::Get($chan,$xhash,$family,$key) === false) { + $r = q("insert into abconfig ( chan, xchan, cat, k, v ) values ( %d, '%s', '%s', '%s', '%s' ) ", + intval($chan), dbesc($xhash), dbesc($family), dbesc($key), @@ -43,9 +43,9 @@ class AbConfig { ); } else { - $r = q("update abconfig set v = '%s' where chan = '%s' and xchan = '%s' and cat = '%s' and k = '%s' ", + $r = q("update abconfig set v = '%s' where chan = %d and xchan = '%s' and cat = '%s' and k = '%s' ", dbesc($dbvalue), - dbesc($chash), + dbesc($chan), dbesc($xhash), dbesc($family), dbesc($key) @@ -58,10 +58,10 @@ class AbConfig { } - static public function Delete($chash,$xhash,$family,$key) { + static public function Delete($chan,$xhash,$family,$key) { - $r = q("delete from abconfig where chan = '%s' and xchan = '%s' and cat = '%s' and k = '%s' ", - dbesc($chash), + $r = q("delete from abconfig where chan = %d and xchan = '%s' and cat = '%s' and k = '%s' ", + intval($chan), dbesc($xhash), dbesc($family), dbesc($key) @@ -70,4 +70,4 @@ class AbConfig { return $r; } -} \ No newline at end of file +} diff --git a/Zotlabs/Lib/Cache.php b/Zotlabs/Lib/Cache.php new file mode 100644 index 000000000..35c8f56ad --- /dev/null +++ b/Zotlabs/Lib/Cache.php @@ -0,0 +1,46 @@ +request_data = $s; + $this->filepos = 0; + } + + public function curl_read($ch,$fh,$size) { + + if($this->filepos < 0) { + unset($fh); + return ''; + } + + $s = substr($this->request_data,$this->filepos,$size); + + if(strlen($s) < $size) + $this->filepos = (-1); + else + $this->filepos = $this->filepos + $size; + + return $s; + } + + + public function __construct($opts = array()) { + $this->set($opts); + } + + private function set($opts = array()) { + if($opts) { + foreach($opts as $k => $v) { + switch($k) { + case 'http_auth': + $this->auth = $v; + break; + case 'custom': + $this->request_method = $v; + break; + case 'url': + $this->url = $v; + break; + case 'data': + $this->set_data($v); + if($v) { + $this->upload = true; + } + else { + $this->upload = false; + } + break; + case 'headers': + $this->headers = $v; + break; + default: + $this->curlopts[$k] = $v; + break; + } + } + } + } + + function exec() { + $opts = $this->curlopts; + if($this->auth) + $opts['http_auth'] = $this->auth; + if($this->custom) + $opts['custom'] = $this->custom; + if($this->headers) + $opts['headers'] = $this->headers; + if($this->upload) { + $opts['upload'] = true; + $opts['infile'] = $this->filehandle; + $opts['infilesize'] = strlen($this->request_data); + $opts['readfunc'] = [ $this, 'curl_read' ] ; + } + + $recurse = 0; + return z_fetch_url($this->url,true,$recurse,(($opts) ? $opts : null)); + + } + + +} diff --git a/Zotlabs/Lib/XConfig.php b/Zotlabs/Lib/XConfig.php index e28dcf559..7f3d0f2cd 100644 --- a/Zotlabs/Lib/XConfig.php +++ b/Zotlabs/Lib/XConfig.php @@ -122,7 +122,7 @@ class XConfig { ); } - App::$config[$xchan][$family][$key] = $value; + \App::$config[$xchan][$family][$key] = $value; if($ret) return $value; @@ -157,4 +157,4 @@ class XConfig { return $ret; } -} \ No newline at end of file +} diff --git a/Zotlabs/Module/Connedit.php b/Zotlabs/Module/Connedit.php index 3feba5370..feed9cb1a 100644 --- a/Zotlabs/Module/Connedit.php +++ b/Zotlabs/Module/Connedit.php @@ -219,7 +219,7 @@ class Connedit extends \Zotlabs\Web\Controller { //Update profile photo permissions logger('A new profile was assigned - updating profile photos'); - profile_photo_set_profile_perms($profile_id); + profile_photo_set_profile_perms(local_channel(),$profile_id); } @@ -345,7 +345,7 @@ class Connedit extends \Zotlabs\Web\Controller { unset($clone['abook_account']); unset($clone['abook_channel']); - $abconfig = load_abconfig($channel['channel_hash'],$clone['abook_xchan']); + $abconfig = load_abconfig($channel['channel_id'],$clone['abook_xchan']); if($abconfig) $clone['abconfig'] = $abconfig; diff --git a/Zotlabs/Module/Cover_photo.php b/Zotlabs/Module/Cover_photo.php index a72c3389f..5633976c8 100644 --- a/Zotlabs/Module/Cover_photo.php +++ b/Zotlabs/Module/Cover_photo.php @@ -40,7 +40,7 @@ class Cover_photo extends \Zotlabs\Web\Controller { * */ - function post() { + function post() { if(! local_channel()) { return; @@ -271,7 +271,7 @@ class Cover_photo extends \Zotlabs\Web\Controller { */ - function get() { + function get() { if(! local_channel()) { notice( t('Permission denied.') . EOL ); diff --git a/Zotlabs/Module/Follow.php b/Zotlabs/Module/Follow.php index 1df382a89..3641330c9 100644 --- a/Zotlabs/Module/Follow.php +++ b/Zotlabs/Module/Follow.php @@ -43,7 +43,7 @@ class Follow extends \Zotlabs\Web\Controller { unset($clone['abook_account']); unset($clone['abook_channel']); - $abconfig = load_abconfig($channel['channel_hash'],$clone['abook_xchan']); + $abconfig = load_abconfig($channel['channel_id'],$clone['abook_xchan']); if($abconfig) $clone['abconfig'] = $abconfig; diff --git a/Zotlabs/Module/Import.php b/Zotlabs/Module/Import.php index 122e27e90..e34f5e49e 100644 --- a/Zotlabs/Module/Import.php +++ b/Zotlabs/Module/Import.php @@ -131,6 +131,8 @@ class Import extends \Zotlabs\Web\Controller { // import channel + $relocate = ((array_key_exists('relocate',$data)) ? $data['relocate'] : null); + if(array_key_exists('channel',$data)) { if($completed < 1) { @@ -387,8 +389,7 @@ class Import extends \Zotlabs\Web\Controller { if($abconfig) { // @fixme does not handle sync of del_abconfig foreach($abconfig as $abc) { - if($abc['chan'] === $channel['channel_hash']) - set_abconfig($abc['chan'],$abc['xchan'],$abc['cat'],$abc['k'],$abc['v']); + set_abconfig($channel['channel_id'],$abc['xchan'],$abc['cat'],$abc['k'],$abc['v']); } } @@ -475,7 +476,7 @@ class Import extends \Zotlabs\Web\Controller { import_events($channel,$data['event']); if(is_array($data['event_item'])) - import_items($channel,$data['event_item']); + import_items($channel,$data['event_item'],false,$relocate); if(is_array($data['menu'])) import_menus($channel,$data['menu']); @@ -486,7 +487,7 @@ class Import extends \Zotlabs\Web\Controller { $saved_notification_flags = notifications_off($channel['channel_id']); if($import_posts && array_key_exists('item',$data) && $data['item']) - import_items($channel,$data['item']); + import_items($channel,$data['item'],false,$relocate); notifications_on($channel['channel_id'],$saved_notification_flags); diff --git a/Zotlabs/Module/Import_items.php b/Zotlabs/Module/Import_items.php index a862836c5..07b1c620c 100644 --- a/Zotlabs/Module/Import_items.php +++ b/Zotlabs/Module/Import_items.php @@ -92,7 +92,7 @@ class Import_items extends \Zotlabs\Web\Controller { if(array_key_exists('item',$data) && $data['item']) { - import_items($channel,$data['item']); + import_items($channel,$data['item'],false,((array_key_exists('relocate',$data)) ? $data['relocate'] : null)); } if(array_key_exists('item_id',$data) && $data['item_id']) { @@ -106,7 +106,7 @@ class Import_items extends \Zotlabs\Web\Controller { - function get() { + function get() { if(! local_channel()) { notice( t('Permission denied') . EOL); diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php index 272da7971..369dd3948 100644 --- a/Zotlabs/Module/Item.php +++ b/Zotlabs/Module/Item.php @@ -894,8 +894,8 @@ class Item extends \Zotlabs\Web\Controller { if($orig_post) { $datarray['id'] = $post_id; - item_store_update($datarray,$execflag); - + $x = item_store_update($datarray,$execflag); + if(! $parent) { $r = q("select * from item where id = %d", intval($post_id) diff --git a/Zotlabs/Module/Pdledit.php b/Zotlabs/Module/Pdledit.php index accfb6fa1..5cb00f165 100644 --- a/Zotlabs/Module/Pdledit.php +++ b/Zotlabs/Module/Pdledit.php @@ -20,7 +20,7 @@ class Pdledit extends \Zotlabs\Web\Controller { } - function get() { + function get() { if(! local_channel()) { notice( t('Permission denied.') . EOL); @@ -32,18 +32,18 @@ class Pdledit extends \Zotlabs\Web\Controller { else { $o .= '
'; $o .= '

' . t('Edit System Page Description') . '

'; - $files = glob('mod/*'); + $files = glob('Zotlabs/Module/*.php'); if($files) { foreach($files as $f) { - $name = basename($f,'.php'); + $name = lcfirst(basename($f,'.php')); $x = theme_include('mod_' . $name . '.pdl'); if($x) { $o .= '' . $name . '
'; } } } - - $o .= '
'; + + $o .= ''; // list module pdl files return $o; diff --git a/Zotlabs/Module/Photo.php b/Zotlabs/Module/Photo.php index 92c9ac3c0..5148c4a94 100644 --- a/Zotlabs/Module/Photo.php +++ b/Zotlabs/Module/Photo.php @@ -62,7 +62,7 @@ class Photo extends \Zotlabs\Web\Controller { intval($uid), intval(PHOTO_PROFILE) ); - if(count($r)) { + if($r) { $data = dbunescbin($r[0]['content']); $mimetype = $r[0]['mimetype']; } @@ -79,7 +79,7 @@ class Photo extends \Zotlabs\Web\Controller { * Other photos */ - /* Check for a cookie to indicate display pixel density, in order to detect high-resolution + /* Check for a cookie to indicate display pixel density, in order to detect high-resolution displays. This procedure was derived from the "Retina Images" by Jeremey Worboys, used in accordance with the Creative Commons Attribution 3.0 Unported License. Project link: https://github.com/Retina-Images/Retina-Images diff --git a/Zotlabs/Module/Profile_photo.php b/Zotlabs/Module/Profile_photo.php index 6129a7492..72c92e721 100644 --- a/Zotlabs/Module/Profile_photo.php +++ b/Zotlabs/Module/Profile_photo.php @@ -23,12 +23,11 @@ class Profile_photo extends \Zotlabs\Web\Controller { /* @brief Initalize the profile-photo edit view * - * @param $a Current application * @return void * */ - function init() { + function init() { if(! local_channel()) { return; @@ -46,7 +45,7 @@ class Profile_photo extends \Zotlabs\Web\Controller { * */ - function post() { + function post() { if(! local_channel()) { return; @@ -54,24 +53,7 @@ class Profile_photo extends \Zotlabs\Web\Controller { check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo'); - if((x($_POST,'cropfinal')) && ($_POST['cropfinal'] == 1)) { - - // unless proven otherwise - $is_default_profile = 1; - - if($_REQUEST['profile']) { - $r = q("select id, profile_guid, is_default, gender from profile where id = %d and uid = %d limit 1", - intval($_REQUEST['profile']), - intval(local_channel()) - ); - if($r) { - $profile = $r[0]; - if(! intval($profile['is_default'])) - $is_default_profile = 0; - } - } - - + if((array_key_exists('postfinal',$_POST)) && (intval($_POST['cropfinal']) == 1)) { // phase 2 - we have finished cropping @@ -86,7 +68,23 @@ class Profile_photo extends \Zotlabs\Web\Controller { $scale = substr($image_id,-1,1); $image_id = substr($image_id,0,-2); } - + + + // unless proven otherwise + $is_default_profile = 1; + + if($_REQUEST['profile']) { + $r = q("select id, profile_guid, is_default, gender from profile where id = %d and uid = %d limit 1", + intval($_REQUEST['profile']), + intval(local_channel()) + ); + if($r) { + $profile = $r[0]; + if(! intval($profile['is_default'])) + $is_default_profile = 0; + } + } + $srcX = $_POST['xstart']; $srcY = $_POST['ystart']; @@ -110,30 +108,38 @@ class Profile_photo extends \Zotlabs\Web\Controller { $aid = get_account_id(); - $p = array('aid' => $aid, 'uid' => local_channel(), 'resource_id' => $base_image['resource_id'], - 'filename' => $base_image['filename'], 'album' => t('Profile Photos')); + $p = [ + 'aid' => $aid, + 'uid' => local_channel(), + 'resource_id' => $base_image['resource_id'], + 'filename' => $base_image['filename'], + 'album' => t('Profile Photos') + ]; - $p['imgscale'] = 4; + $p['imgscale'] = PHOTO_RES_PROFILE_300; $p['photo_usage'] = (($is_default_profile) ? PHOTO_PROFILE : PHOTO_NORMAL); $r1 = $im->save($p); $im->scaleImage(80); - $p['imgscale'] = 5; + $p['imgscale'] = PHOTO_RES_PROFILE_80; $r2 = $im->save($p); $im->scaleImage(48); - $p['imgscale'] = 6; + $p['imgscale'] = PHOTO_RES_PROFILE_48; $r3 = $im->save($p); if($r1 === false || $r2 === false || $r3 === false) { // if one failed, delete them all so we can start over. notice( t('Image resize failed.') . EOL ); - $x = q("delete from photo where resource_id = '%s' and uid = %d and imgscale >= 4 ", + $x = q("delete from photo where resource_id = '%s' and uid = %d and imgscale in ( %d, %d, %d ) ", dbesc($base_image['resource_id']), - local_channel() + local_channel(), + intval(PHOTO_RES_PROFILE_300), + intval(PHOTO_RES_PROFILE_80), + intval(PHOTO_RES_PROFILE_48) ); return; } @@ -183,10 +189,7 @@ class Profile_photo extends \Zotlabs\Web\Controller { // Now copy profile-permissions to pictures, to prevent privacyleaks by automatically created folder 'Profile Pictures' - profile_photo_set_profile_perms($_REQUEST['profile']); - - - + profile_photo_set_profile_perms(local_channel(),$_REQUEST['profile']); } else notice( t('Unable to process image') . EOL); @@ -196,7 +199,9 @@ class Profile_photo extends \Zotlabs\Web\Controller { return; // NOTREACHED } - + // A new photo was uploaded. Store it and save some important details + // in App::$data for use in the cropping function + $hash = photo_new_resource(); $smallest = 0; @@ -220,7 +225,7 @@ class Profile_photo extends \Zotlabs\Web\Controller { $os_storage = false; foreach($i as $ii) { - if(intval($ii['imgscale']) < 2) { + if(intval($ii['imgscale']) < PHOTO_RES_640) { $smallest = intval($ii['imgscale']); $os_storage = intval($ii['os_storage']); $imagedata = $ii['content']; @@ -238,7 +243,10 @@ class Profile_photo extends \Zotlabs\Web\Controller { } return $this->profile_photo_crop_ui_head($a, $ph, $hash, $smallest); - + + // This will "fall through" to the get() method, and since + // App::$data['imagecrop'] is set, it will proceed to cropping + // rather than present the upload form } @@ -269,11 +277,19 @@ class Profile_photo extends \Zotlabs\Web\Controller { notice( t('Permission denied.') . EOL ); return; }; - - // check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo'); - + $resource_id = argv(2); + // When using an existing photo, we don't have a dialogue to offer a choice of profiles, + // so it gets attached to the default + + $p = q("select id from profile where is_default = 1 and uid = %d", + intval(local_channel()) + ); + if($p) { + $_REQUEST['profile'] = $p[0]['id']; + } + $r = q("SELECT id, album, imgscale FROM photo WHERE uid = %d AND resource_id = '%s' ORDER BY imgscale ASC", intval(local_channel()), @@ -285,11 +301,11 @@ class Profile_photo extends \Zotlabs\Web\Controller { } $havescale = false; foreach($r as $rr) { - if($rr['imgscale'] == 5) + if($rr['imgscale'] == PHOTO_RES_PROFILE_80) $havescale = true; } - // set an already loaded photo as profile photo + // set an already loaded and cropped photo as profile photo if(($r[0]['album'] == t('Profile Photos')) && ($havescale)) { // unset any existing profile photos @@ -310,7 +326,7 @@ class Profile_photo extends \Zotlabs\Web\Controller { dbesc($channel['xchan_hash']) ); - profile_photo_set_profile_perms(); //Reset default photo permissions to public + profile_photo_set_profile_perms(local_channel()); // Reset default photo permissions to public \Zotlabs\Daemon\Master::Summon(array('Directory',local_channel())); goaway(z_root() . '/profiles'); } @@ -342,17 +358,22 @@ class Profile_photo extends \Zotlabs\Web\Controller { if($i) { $hash = $i[0]['resource_id']; foreach($i as $ii) { - if(intval($ii['imgscale']) < 2) { + if(intval($ii['imgscale']) < PHOTO_RES_640) { $smallest = intval($ii['imgscale']); } } } } - profile_photo_crop_ui_head($a, $ph, $hash, $smallest); + $this->profile_photo_crop_ui_head($a, $ph, $hash, $smallest); + + // falls through with App::$data['imagecrop'] set so we go straight to the cropping section } - $profiles = q("select id, profile_name as name, is_default from profile where uid = %d", + + // present an upload form + + $profiles = q("select id, profile_name as name, is_default from profile where uid = %d order by id asc", intval(local_channel()) ); @@ -379,6 +400,9 @@ class Profile_photo extends \Zotlabs\Web\Controller { return $o; } else { + + // present a cropping form + $filename = \App::$data['imagecrop'] . '-' . \App::$data['imagecrop_resolution']; $resolution = \App::$data['imagecrop_resolution']; $tpl = get_markup_template("cropbody.tpl"); @@ -416,13 +440,13 @@ class Profile_photo extends \Zotlabs\Web\Controller { if($max_length > 0) $ph->scaleImage($max_length); - $width = $ph->getWidth(); - $height = $ph->getHeight(); + \App::$data['width'] = $ph->getWidth(); + \App::$data['height'] = $ph->getHeight(); - if($width < 500 || $height < 500) { + if(\App::$data['width'] < 500 || \App::$data['height'] < 500) { $ph->scaleImageUp(400); - $width = $ph->getWidth(); - $height = $ph->getHeight(); + \App::$data['width'] = $ph->getWidth(); + \App::$data['height'] = $ph->getHeight(); } diff --git a/Zotlabs/Module/Profperm.php b/Zotlabs/Module/Profperm.php index 33e9d1ece..79ce7a7ed 100644 --- a/Zotlabs/Module/Profperm.php +++ b/Zotlabs/Module/Profperm.php @@ -97,7 +97,7 @@ class Profperm extends \Zotlabs\Web\Controller { //Time to update the permissions on the profile-pictures as well - profile_photo_set_profile_perms($profile['id']); + profile_photo_set_profile_perms(local_channel(),$profile['id']); $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d AND abook_profile = '%s'", intval(local_channel()), diff --git a/Zotlabs/Module/Siteinfo.php b/Zotlabs/Module/Siteinfo.php index 41f6e9f0b..a15e2896d 100644 --- a/Zotlabs/Module/Siteinfo.php +++ b/Zotlabs/Module/Siteinfo.php @@ -27,28 +27,11 @@ class Siteinfo extends \Zotlabs\Web\Controller { else { $version = $commit = ''; } - $visible_plugins = array(); - if(is_array(\App::$plugins) && count(\App::$plugins)) { - $r = q("select * from addon where hidden = 0"); - if(count($r)) - foreach($r as $rr) - $visible_plugins[] = $rr['name']; - } - - $plugins_list = ''; - if(count($visible_plugins)) { - $plugins_text = t('Installed plugins/addons/apps:'); - $sorted = $visible_plugins; - $s = ''; - sort($sorted); - foreach($sorted as $p) { - if(strlen($p)) { - if(strlen($s)) $s .= ', '; - $s .= $p; - } - } - $plugins_list .= $s; - } + + $plugins_list = implode(', ',visible_plugin_list()); + + if($plugins_list) + $plugins_text = t('Installed plugins/addons/apps:'); else $plugins_text = t('No installed plugins/addons/apps'); diff --git a/Zotlabs/Module/Thing.php b/Zotlabs/Module/Thing.php index e23cce565..65fc0588e 100644 --- a/Zotlabs/Module/Thing.php +++ b/Zotlabs/Module/Thing.php @@ -26,7 +26,7 @@ class Thing extends \Zotlabs\Web\Controller { $verb = escape_tags($_REQUEST['verb']); $activity = intval($_REQUEST['activity']); $profile_guid = escape_tags($_REQUEST['profile_assign']); - $url = $_REQUEST['link']; + $url = $_REQUEST['url']; $photo = $_REQUEST['img']; $hash = random_string(); @@ -235,7 +235,7 @@ class Thing extends \Zotlabs\Web\Controller { } - function get() { + function get() { // @FIXME one problem with things is we can't share them unless we provide the channel in the url // so we can definitively lookup the owner. diff --git a/Zotlabs/Module/Uexport.php b/Zotlabs/Module/Uexport.php index d48f96d76..f36d77174 100644 --- a/Zotlabs/Module/Uexport.php +++ b/Zotlabs/Module/Uexport.php @@ -44,7 +44,7 @@ class Uexport extends \Zotlabs\Web\Controller { } } - function get() { + function get() { $y = datetime_convert('UTC',date_default_timezone_get(),'now','Y'); diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index 9e7d151b5..bef831de8 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -136,6 +136,16 @@ class Wiki extends \Zotlabs\Web\Controller { // Render the Markdown-formatted page content in HTML require_once('library/markdown.php'); + $wikiModalID = random_string(3); + $wikiModal = replace_macros( + get_markup_template('generic_modal.tpl'), array( + '$id' => $wikiModalID, + '$title' => t('Revision Comparison'), + '$ok' => t('Revert'), + '$cancel' => t('Cancel') + ) + ); + $o .= replace_macros(get_markup_template('wiki.tpl'),array( '$wikiheaderName' => $wikiheaderName, '$wikiheaderPage' => $wikiheaderPage, @@ -157,7 +167,10 @@ class Wiki extends \Zotlabs\Web\Controller { '$pageName' => array('pageName', t('Enter the name of the new page:'), '', ''), '$pageRename' => array('pageRename', t('Enter the new name:'), '', ''), '$commitMsg' => array('commitMsg', '', '', '', '', 'placeholder="(optional) Enter a custom message when saving the page..."'), - '$pageHistory' => $pageHistory['history'] + '$pageHistory' => $pageHistory['history'], + '$wikiModal' => $wikiModal, + '$wikiModalID' => $wikiModalID, + '$commit' => 'HEAD' )); head_add_js('library/ace/ace.js'); // Ace Code Editor return $o; @@ -412,7 +425,7 @@ class Wiki extends \Zotlabs\Web\Controller { json_return_and_die(array('success' => false)); } } - $reverted = wiki_revert_page(array('commitHash' => $commitHash, 'observer' => \App::get_observer(), 'resource_id' => $resource_id, 'pageUrlName' => $pageUrlName)); + $reverted = wiki_revert_page(array('commitHash' => $commitHash, 'resource_id' => $resource_id, 'pageUrlName' => $pageUrlName)); if($reverted['success']) { json_return_and_die(array('content' => $reverted['content'], 'message' => '', 'success' => true)); } else { @@ -420,6 +433,32 @@ class Wiki extends \Zotlabs\Web\Controller { } } + // Compare page revisions + if ((argc() === 4) && (argv(2) === 'compare') && (argv(3) === 'page')) { + $resource_id = $_POST['resource_id']; + $pageUrlName = $_POST['name']; + $compareCommit = $_POST['compareCommit']; + $currentCommit = $_POST['currentCommit']; + // Determine if observer has permission to revert pages + $nick = argv(1); + $channel = get_channel_by_nick($nick); + if (local_channel() !== intval($channel['channel_id'])) { + $observer_hash = get_observer_hash(); + $perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash); + if(!$perms['read']) { + logger('Wiki read permission denied.' . EOL); + json_return_and_die(array('success' => false)); + } + } + $compare = wiki_compare_page(array('currentCommit' => $currentCommit, 'compareCommit' => $compareCommit, 'resource_id' => $resource_id, 'pageUrlName' => $pageUrlName)); + if($compare['success']) { + $diffHTML = '
Current RevisionSelected Revision
' . $compare['diff']; + json_return_and_die(array('diff' => $diffHTML, 'message' => '', 'success' => true)); + } else { + json_return_and_die(array('diff' => '', 'message' => 'Error comparing page', 'success' => false)); + } + } + // Rename a page if ((argc() === 4) && (argv(2) === 'rename') && (argv(3) === 'page')) { $resource_id = $_POST['resource_id']; diff --git a/Zotlabs/Storage/CalDAVClient.php b/Zotlabs/Storage/CalDAVClient.php new file mode 100644 index 000000000..c1a8db932 --- /dev/null +++ b/Zotlabs/Storage/CalDAVClient.php @@ -0,0 +1,738 @@ +username = $user; + $this->password = $pass; + $this->url = $url; + + } + + private function set_data($s) { + $this->request_data = $s; + $this->filepos = 0; + } + + public function curl_read($ch,$fh,$size) { + + if($this->filepos < 0) { + unset($fh); + return ''; + } + + $s = substr($this->request_data,$this->filepos,$size); + + if(strlen($s) < $size) + $this->filepos = (-1); + else + $this->filepos = $this->filepos + $size; + + return $s; + } + + function ctag_fetch() { + $headers = [ 'Depth: 0', 'Prefer: return-minimal', 'Content-Type: application/xml; charset=utf-8']; + + // recommended ctag fetch by sabre + + $this->set_data(' + + + + + + +'); + + // thunderbird uses this - it's a bit more verbose on what capabilities + // are provided by the server + + $this->set_data(' + + + + + + + + + +'); + + + + $auth = $this->username . ':' . $this->password; + + $recurse = 0; + + $x = z_fetch_url($this->url,true,$recurse, + [ 'headers' => $headers, + 'http_auth' => $auth, + 'custom' => 'PROPFIND', + 'upload' => true, + 'infile' => 3, + 'infilesize' => strlen($this->request_data), + 'readfunc' => [ $this, 'curl_read' ] + ]); + + return $x; + + } + + + function detail_fetch() { + $headers = [ 'Depth: 1', 'Prefer: return-minimal', 'Content-Type: application/xml; charset=utf-8']; + + // this query should return all objects in the given calendar, you can filter it appropriately + // using filter options + + $this->set_data(' + + + + + + + + +'); + + $auth = $this->username . ':' . $this->password; + + $recurse = 0; + $x = z_fetch_url($this->url,true,$recurse, + [ 'headers' => $headers, + 'http_auth' => $auth, + 'custom' => 'REPORT', + 'upload' => true, + 'infile' => 3, + 'infilesize' => strlen($this->request_data), + 'readfunc' => [ $this, 'curl_read' ] + ]); + + + return $x; + + } + + +} + + + +/* + +PROPFIND /calendars/johndoe/home/ HTTP/1.1 +Depth: 0 +Prefer: return-minimal +Content-Type: application/xml; charset=utf-8 + + + + + + + + +// Responses: success + +HTTP/1.1 207 Multi-status +Content-Type: application/xml; charset=utf-8 + + + + /calendars/johndoe/home/ + + + Home calendar + 3145 + + HTTP/1.1 200 OK + + + + +// Responses: fail + +HTTP/1.1 207 Multi-status +Content-Type: application/xml; charset=utf-8 + + + + /calendars/johndoe/home/ + + + + + + HTTP/1.1 403 Forbidden + + + + + +// sample request body in DOM +// prepare request body +$doc = new DOMDocument('1.0', 'utf-8'); +$doc->formatOutput = true; + +$query = $doc->createElement('c:calendar-query'); +$query->setAttributeNS('http://www.w3.org/2000/xmlns/', 'xmlns:c', 'urn:ietf:params:xml:ns:caldav'); +$query->setAttributeNS('http://www.w3.org/2000/xmlns/', 'xmlns:d', 'DAV:'); + +$prop = $doc->createElement('d:prop'); +$prop->appendChild($doc->createElement('d:getetag')); +$prop->appendChild($doc->createElement('c:calendar-data')); +$query->appendChild($prop); +$doc->appendChild($query); +$body = $doc->saveXML(); + +echo "Body: " . $body . "
"; + + +Now we download every single object in this calendar. To do this, we use a REPORT method. + +REPORT /calendars/johndoe/home/ HTTP/1.1 +Depth: 1 +Prefer: return-minimal +Content-Type: application/xml; charset=utf-8 + + + + + + + + + + + +This request will give us every object that's a VCALENDAR object, and its etag. + +If you're only interested in VTODO (because you're writing a todo app) you can also filter for just those: + +REPORT /calendars/johndoe/home/ HTTP/1.1 +Depth: 1 +Prefer: return-minimal +Content-Type: application/xml; charset=utf-8 + + + + + + + + + + + + + +Similarly it's also possible to filter to just events, or only get events within a specific time-range. + +This report will return a multi-status object again: + +HTTP/1.1 207 Multi-status +Content-Type: application/xml; charset=utf-8 + + + + /calendars/johndoe/home/132456762153245.ics + + + "2134-314" + BEGIN:VCALENDAR + VERSION:2.0 + CALSCALE:GREGORIAN + BEGIN:VTODO + UID:132456762153245 + SUMMARY:Do the dishes + DUE:20121028T115600Z + END:VTODO + END:VCALENDAR + + + HTTP/1.1 200 OK + + + + /calendars/johndoe/home/132456-34365.ics + + + "5467-323" + BEGIN:VCALENDAR + VERSION:2.0 + CALSCALE:GREGORIAN + BEGIN:VEVENT + UID:132456-34365 + SUMMARY:Weekly meeting + DTSTART:20120101T120000 + DURATION:PT1H + RRULE:FREQ=WEEKLY + END:VEVENT + END:VCALENDAR + + + HTTP/1.1 200 OK + + + + +This calendar only contained 2 objects. A todo and a weekly event. + +So after you retrieved and processed these, for each object you must retain: + + The calendar data itself + The url + The etag + +In this case all urls ended with .ics. This is often the case, but you must not rely on this. In this case the UID in the calendar object was also identical to a part of the url. This too is often the case, but again not something you can rely on, so don't make any assumptions. + +The url and the UID have no meaningful relationship, so treat both those items as separate unique identifiers. +Finding out if anything changed + +To see if anything in a calendar changed, we simply request the ctag again on the calendar. If the ctag did not change, you still have the latest copy. + +If it did change, you must request all the etags in the entire calendar again: + +REPORT /calendars/johndoe/home/ HTTP/1.1 +Depth: 1 +Prefer: return-minimal +Content-Type: application/xml; charset=utf-8 + + + + + + + + + + + + +Note that this last request is extremely similar to a previous one, but we are only asking fo the etag, not the calendar-data. + +The reason for this, is that calendars can be rather huge. It will save a TON of bandwidth to only check the etag first. + +HTTP/1.1 207 Multi-status +Content-Type: application/xml; charset=utf-8 + + + + /calendars/johndoe/home/132456762153245.ics + + + "xxxx-xxx" + + HTTP/1.1 200 OK + + + + /calendars/johndoe/home/fancy-caldav-client-1234253678.ics + + + "5-12" + + HTTP/1.1 200 OK + + + + +Judging from this last request, 3 things have changed: + + The etag for the task has changed, so the contents must be different + There's a new url, some other client must have added an object + One object is missing, something must have deleted it. + +So based on those 3 items we know that we need to delete an object from our local list, and fetch the contents for the new item, and the updated one. + +To fetch the data for these, you can simply issue GET requests: + +GET /calendars/johndoe/home/132456762153245.ics HTTP/1.1 + +But, because in a worst-case scenario this could result in a LOT of GET requests we can do a 'multiget'. + +REPORT /calendars/johndoe/home/ HTTP/1.1 +Depth: 1 +Prefer: return-minimal +Content-Type: application/xml; charset=utf-8 + + + + + + + /calendars/johndoe/home/132456762153245.ics + /calendars/johndoe/home/fancy-caldav-client-1234253678.ics + + +This request will simply return a multi-status again with the calendar-data and etag. +A small note about application design + +If you read this far and understood what's been said, you may have realized that it's a bit cumbersome to have a separate step for the initial sync, and subsequent updates. + +It would totally be possible to skip the 'initial sync', and just use calendar-query and calendar-multiget REPORTS for the initial sync as well. +Updating a calendar object + +Updating a calendar object is rather simple: + +PUT /calendars/johndoe/home/132456762153245.ics HTTP/1.1 +Content-Type: text/calendar; charset=utf-8 +If-Match: "2134-314" + +BEGIN:VCALENDAR +.... +END:VCALENDAR + +A response to this will be something like this: + +HTTP/1.1 204 No Content +ETag: "2134-315" + +The update gave us back the new ETag. SabreDAV gives this ETag on updates back most of the time, but not always. + +There are cases where the caldav server must modify the iCalendar object right after storage. In those cases an ETag will not be returned, and you should issue a GET request immediately to get the correct object. + +A few notes: + + You must not change the UID of the original object + Every object should hold only 1 event or task. + You cannot change an VEVENT into a VTODO. + +Creating a calendar object + +Creating a calendar object is almost identical, except that you don't have a url yet to a calendar object. + +Instead, it is up to you to determine the new url. + +PUT /calendars/johndoe/home/somerandomstring.ics HTTP/1.1 +Content-Type: text/calendar; charset=utf-8 + +BEGIN:VCALENDAR +.... +END:VCALENDAR + +A response to this will be something like this: + +HTTP/1.1 201 Created +ETag: "21345-324" + +Similar to updating, an ETag is often returned, but there are cases where this is not true. +Deleting a calendar object + +Deleting is simple enough: + +DELETE /calendars/johndoe/home/132456762153245.ics HTTP/1.1 +If-Match: "2134-314" + +Speeding up Sync with WebDAV-Sync + +WebDAV-Sync is a protocol extension that is defined in rfc6578. Because this extension was defined later, some servers may not support this yet. + +SabreDAV supports this since 2.0. + +WebDAV-Sync allows a client to ask just for calendars that have changed. The process on a high-level is as follows: + + Client requests sync-token from server. + Server reports token 15. + Some time passes. + Client does a Sync REPORT on an calendar, and supplied token 15. + Server returns vcard urls that have changed or have been deleted and returns token 17. + +As you can see, after the initial sync, only items that have been created, modified or deleted will ever be sent. + +This has a lot of advantages. The transmitted xml bodies can generally be a lot shorter, and is also easier on both client and server in terms of memory and CPU usage, because only a limited set of items will have to be compared. + +It's important to note, that a client should only do Sync operations, if the server reports that it has support for it. The quickest way to do so, is to request {DAV}sync-token on the calendar you wish to sync. + +Technically, a server may support 'sync' on one calendar, and it may not support it on another, although this is probably rare. +Getting the first sync-token + +Initially, we just request a sync token when asking for calendar information: + +PROPFIND /calendars/johndoe/home/ HTTP/1.1 +Depth: 0 +Content-Type: application/xml; charset=utf-8 + + + + + + + + + +This would return something as follows: + + + + /calendars/johndoe/home/ + + + My calendar + 3145 + http://sabredav.org/ns/sync-token/3145 + + HTTP/1.1 200 OK + + + + +As you can see, the sync-token is a url. It always should be a url. Even though a number appears in the url, you are not allowed to attach any meaning to that url. Some servers may have use an increasing number, another server may use a completely random string. +Receiving changes + +After a sync token has been obtained, and the client already has the initial copy of the calendar, the client is able to request all changes since the token was issued. + +This is done with a REPORT request that may look like this: + +REPORT /calendars/johndoe/home/ HTTP/1.1 +Host: dav.example.org +Content-Type: application/xml; charset="utf-8" + + + + http://sabredav.org/ns/sync/3145 + 1 + + + + + +This requests all the changes since sync-token identified by http://sabredav.org/ns/sync/3145, and for the calendar objects that have been added or modified, we're requesting the etag. + +The response to a query like this is another multistatus xml body. Example: + +HTTP/1.1 207 Multi-Status +Content-Type: application/xml; charset="utf-8" + + + + + /calendars/johndoe/home/newevent.ics + + + "33441-34321" + + HTTP/1.1 200 OK + + + + /calendars/johndoe/home/updatedevent.ics + + + "33541-34696" + + HTTP/1.1 200 OK + + + + /calendars/johndoe/home/deletedevent.ics + HTTP/1.1 404 Not Found + + http://sabredav.org/ns/sync/5001 + + +The last response reported two changes: newevent.ics and updatedevent.ics. There's no way to tell from the response wether those cards got created or updated, you, as a client can only infer this based on the vcards you are already aware of. + +The entry with name deletedevent.ics got deleted as indicated by the 404 status. Note that the status element is here a child of d:response when in all previous examples it has been a child of d:propstat. + +The other difference with the other multi-status examples, is that this one has a sync-token element with the latest sync-token. +Caveats + +Note that a server is free to 'forget' any sync-tokens that have been previously issued. In this case it may be needed to do a full-sync again. + +In case the supplied sync-token is not recognized by the server, a HTTP error is emitted. SabreDAV emits a 403. +Discovery + +Ideally you will want to make sure that all the calendars in an account are automatically discovered. The best user interface would be to just have to ask for three items: + + Username + Password + Server + +And the server should be as short as possible. This is possible with most servers. + +If, for example a user specified 'dav.example.org' for the server, the first thing you should do is attempt to send a PROPFIND request to https://dav.example.org/. Note that you SHOULD try the https url before the http url. + +This PROPFIND request looks as follows: + +PROPFIND / HTTP/1.1 +Depth: 0 +Prefer: return-minimal +Content-Type: application/xml; charset=utf-8 + + + + + + + +This will return a response such as the following: + +HTTP/1.1 207 Multi-status +Content-Type: application/xml; charset=utf-8 + + + + / + + + + /principals/users/johndoe/ + + + HTTP/1.1 200 OK + + + + +A 'principal' is a user. The url that's being returned, is a url that refers to the current user. On this url you can request additional information about the user. + +What we need from this url, is their 'calendar home'. The calendar home is a collection that contains all of the users' calendars. + +To request that, issue the following request: + +PROPFIND /principals/users/johndoe/ HTTP/1.1 +Depth: 0 +Prefer: return-minimal +Content-Type: application/xml; charset=utf-8 + + + + + + + +This will return a response such as the following: + +HTTP/1.1 207 Multi-status +Content-Type: application/xml; charset=utf-8 + + + + /principals/users/johndoe/ + + + + /calendars/johndoe/ + + + HTTP/1.1 200 OK + + + + +Lastly, to list all the calendars for the user, issue a PROPFIND request with Depth: 1. + +PROPFIND /calendars/johndoe/ HTTP/1.1 +Depth: 1 +Prefer: return-minimal +Content-Type: application/xml; charset=utf-8 + + + + + + + + + + +In that last request, we asked for 4 properties. + +The resourcetype tells us what type of object we're getting back. You must read out the resourcetype and ensure that it contains at least a calendar element in the CalDAV namespace. Other items may be returned, including non- calendar, which your application should ignore. + +The displayname is a human-readable string for the calendarname, the ctag was already covered in an earlier section. + +Lastly, supported-calendar-component-set. This gives us a list of components that the calendar accepts. This could be just VTODO, VEVENT, VJOURNAL or a combination of these three. + +If you are just creating a todo-list application, this means you should only list the calendars that support the VTODO component. + +HTTP/1.1 207 Multi-status +Content-Type: application/xml; charset=utf-8 + + + + /calendars/johndoe/ + + + + + + + HTTP/1.1 200 OK + + + + /calendars/johndoe/home/ + + + + + + + Home calendar + 3145 + + + + + HTTP/1.1 200 OK + + + + /calendars/johndoe/tasks/ + + + + + + + My TODO list + 3345 + + + + + HTTP/1.1 200 OK + + + +*/ diff --git a/Zotlabs/Web/CheckJS.php b/Zotlabs/Web/CheckJS.php index 5f9856a8c..109790fa5 100644 --- a/Zotlabs/Web/CheckJS.php +++ b/Zotlabs/Web/CheckJS.php @@ -21,6 +21,9 @@ class CheckJS { $page = urlencode(\App::$query_string); if($test) { + self::$jsdisabled = 1; + if(array_key_exists('jsdisabled',$_COOKIE)) + self::$jsdisabled = $_COOKIE['jsdisabled']; if(! array_key_exists('jsdisabled',$_COOKIE)) { \App::$page['htmlhead'] .= "\r\n" . '' . "\r\n"; diff --git a/boot.php b/boot.php index 0ce4ab93e..215f25ad2 100755 --- a/boot.php +++ b/boot.php @@ -34,7 +34,6 @@ require_once('include/text.php'); require_once('include/datetime.php'); require_once('include/language.php'); require_once('include/nav.php'); -require_once('include/cache.php'); require_once('include/permissions.php'); require_once('library/Mobile_Detect/Mobile_Detect.php'); require_once('include/features.php'); @@ -46,9 +45,9 @@ require_once('include/account.php'); define ( 'PLATFORM_NAME', 'hubzilla' ); define ( 'STD_VERSION', '1.9' ); -define ( 'ZOT_REVISION', 1.1 ); +define ( 'ZOT_REVISION', '1.1' ); -define ( 'DB_UPDATE_VERSION', 1177 ); +define ( 'DB_UPDATE_VERSION', 1179 ); /** @@ -771,6 +770,7 @@ class App { public static $groups; public static $language; public static $langsave; + public static $rtl = false; public static $plugins_admin; public static $module_loaded = false; public static $query_string; @@ -2282,6 +2282,12 @@ function construct_page(&$a) { $page = App::$page; $profile = App::$profile; + // There's some experimental support for right-to-left text in the view/php/default.php page template. + // In v1.9 we started providing direction preference in the per language hstrings.php file + // This requires somebody with fluency in a RTL language to make happen + + $page['direction'] = 0; // ((App::$rtl) ? 1 : 0); + header("Content-type: text/html; charset=utf-8"); // security headers - see https://securityheaders.io diff --git a/doc/bbcode.html b/doc/bbcode.html index 5a51135ea..7a2c969eb 100644 --- a/doc/bbcode.html +++ b/doc/bbcode.html @@ -14,6 +14,7 @@
  • [img float=right]https://zothub.com/images/default_profile_photos/rainbow_man/48.jpg[/img] Image/photo
  • [code]code[/code] code
    +
  • [code=xxx]syntax highlighted code[/code] supported languages php, css, mysql, sql, abap, diff, html, perl, ruby, vbscript, avrc, dtd, java, xml, cpp, python, javascript, js, json, sh
  • [quote]quote[/quote]
    quote

  • [quote=Author]Author? Me? No, no, no...[/quote]
    Author wrote:
    Author? Me? No, no, no...

  • [nobb] may be used to escape bbcode.
    @@ -83,7 +84,7 @@ or

    [dl terms="b"]
    [*= First element term] First element descript
  • [spoiler] for hiding spoilers

  • [rpost=title]Text to post[/rpost] The observer will be returned to their home hub to enter a post with the specified title and body. Both are optional
    • -
  • [qr]text to post[/qr] - create a QR code.
    • +
  • [qr]text to post[/qr] - create a QR code (if the qrator plugin is installed).
  • [toc] - create a table of content in a webpage. Please refer to the original jquery toc to get more explanations.