harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'dev' of https://github.com/redmatrix/hubzilla into dev_merge

Browse Source
This commit is contained in:
zotlabs 2018-01-15 21:49:28 -08:00
commit 05f9f0a393
15 changed files with 40 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Zotlabs/Module/Admin/Site.php
View File

@ -29,7 +29,7 @@ class Site {
$maximagesize = ((x($_POST,'maximagesize')) ? intval(trim($_POST['maximagesize'])) : 0); $maximagesize = ((x($_POST,'maximagesize')) ? intval(trim($_POST['maximagesize'])) : 0);
$register_policy = ((x($_POST,'register_policy')) ? intval(trim($_POST['register_policy'])) : 0); $register_policy = ((x($_POST,'register_policy')) ? intval(trim($_POST['register_policy'])) : 0);
$minimum_age = ((x($_POST,'minimum_age')) ? intval(trim($_POST['minimum_age'])) : 13);
$access_policy = ((x($_POST,'access_policy')) ? intval(trim($_POST['access_policy'])) : 0); $access_policy = ((x($_POST,'access_policy')) ? intval(trim($_POST['access_policy'])) : 0);
$invite_only = ((x($_POST,'invite_only')) ? True : False); $invite_only = ((x($_POST,'invite_only')) ? True : False);
$abandon_days = ((x($_POST,'abandon_days')) ? intval(trim($_POST['abandon_days'])) : 0); $abandon_days = ((x($_POST,'abandon_days')) ? intval(trim($_POST['abandon_days'])) : 0);
@ -127,6 +127,7 @@ class Site {
set_config('system','maximagesize', $maximagesize); set_config('system','maximagesize', $maximagesize);
set_config('system','register_policy', $register_policy); set_config('system','register_policy', $register_policy);
set_config('system','minimum_age', $minimum_age);
set_config('system','invitation_only', $invite_only); set_config('system','invitation_only', $invite_only);
set_config('system','access_policy', $access_policy); set_config('system','access_policy', $access_policy);
set_config('system','account_abandon_days', $abandon_days); set_config('system','account_abandon_days', $abandon_days);
@ -303,6 +304,7 @@ class Site {
'$maximagesize' => array('maximagesize', t("Maximum image size"), intval(get_config('system','maximagesize')), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")), '$maximagesize' => array('maximagesize', t("Maximum image size"), intval(get_config('system','maximagesize')), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")),
'$register_policy' => array('register_policy', t("Does this site allow new member registration?"), get_config('system','register_policy'), "", $register_choices), '$register_policy' => array('register_policy', t("Does this site allow new member registration?"), get_config('system','register_policy'), "", $register_choices),
'$invite_only' => array('invite_only', t("Invitation only"), get_config('system','invitation_only'), t("Only allow new member registrations with an invitation code. Above register policy must be set to Yes.")), '$invite_only' => array('invite_only', t("Invitation only"), get_config('system','invitation_only'), t("Only allow new member registrations with an invitation code. Above register policy must be set to Yes.")),
'$minimum_age' => array('minimum_age', t("Minimum age"), (x(get_config('system','minimum_age'))?get_config('system','minimum_age'):13), t("Minimum age (in years) for who may register on this site.")),
'$access_policy' => array('access_policy', t("Which best describes the types of account offered by this hub?"), get_config('system','access_policy'), "This is displayed on the public server site list.", $access_choices), '$access_policy' => array('access_policy', t("Which best describes the types of account offered by this hub?"), get_config('system','access_policy'), "This is displayed on the public server site list.", $access_choices),
'$register_text' => array('register_text', t("Register text"), htmlspecialchars(get_config('system','register_text'), ENT_QUOTES, 'UTF-8'), t("Will be displayed prominently on the registration page.")), '$register_text' => array('register_text', t("Register text"), htmlspecialchars(get_config('system','register_text'), ENT_QUOTES, 'UTF-8'), t("Will be displayed prominently on the registration page.")),
'$frontpage' => array('frontpage', t("Site homepage to show visitors (default: login box)"), get_config('system','frontpage'), t("example: 'public' to show public stream, 'page/sys/home' to show a system webpage called 'home' or 'include:home.html' to include a file.")), '$frontpage' => array('frontpage', t("Site homepage to show visitors (default: login box)"), get_config('system','frontpage'), t("example: 'public' to show public stream, 'page/sys/home' to show a system webpage called 'home' or 'include:home.html' to include a file.")),

2
Zotlabs/Module/Connedit.php
View File

@ -866,7 +866,7 @@ class Connedit extends \Zotlabs\Web\Controller {
$o .= replace_macros($tpl, [ $o .= replace_macros($tpl, [
'$header' => (($self) ? t('Connection Default Permissions') : sprintf( t('Connection: %s'),$contact['xchan_name'])), '$header' => (($self) ? t('Connection Default Permissions') : sprintf( t('Connection: %s'),$contact['xchan_name'])),
'$autoperms' => array('autoperms',t('Apply these permissions automatically'), ((get_pconfig(local_channel(),'system','autoperms')) ? 1 : 0), t('Connection requests will be approved without your interaction'), $yes_no), '$autoperms' => array('autoperms',t('Apply these permissions automatically'), ((get_pconfig(local_channel(),'system','autoperms')) ? 1 : 0), t('Connection requests will be approved without your interaction'), $yes_no),
'$permcat' => [ 'permcat', t('Permission role'), '', '',$permcats ], '$permcat' => [ 'permcat', t('Permission role'), '', '<span class="loading invisible">' . t('Loading') . '<span class="jumping-dots"><span class="dot-1">.</span><span class="dot-2">.</span><span class="dot-3">.</span></span></span>',$permcats ],
'$permcat_new' => t('Add permission role'), '$permcat_new' => t('Add permission role'),
'$permcat_enable' => feature_enabled(local_channel(),'permcats'), '$permcat_enable' => feature_enabled(local_channel(),'permcats'),
'$addr' => $contact['xchan_addr'], '$addr' => $contact['xchan_addr'],

2
Zotlabs/Module/Defperms.php
View File

@ -237,7 +237,7 @@ class Defperms extends \Zotlabs\Web\Controller {
$o .= replace_macros($tpl, [ $o .= replace_macros($tpl, [
'$header' => t('Connection Default Permissions'), '$header' => t('Connection Default Permissions'),
'$autoperms' => array('autoperms',t('Apply these permissions automatically'), ((get_pconfig(local_channel(),'system','autoperms')) ? 1 : 0), t('If enabled, connection requests will be approved without your interaction'), $yes_no), '$autoperms' => array('autoperms',t('Apply these permissions automatically'), ((get_pconfig(local_channel(),'system','autoperms')) ? 1 : 0), t('If enabled, connection requests will be approved without your interaction'), $yes_no),
'$permcat' => [ 'permcat', t('Permission role'), '', '',$permcats ], '$permcat' => [ 'permcat', t('Permission role'), '', '<span class="loading invisible">' . t('Loading') . '<span class="jumping-dots"><span class="dot-1">.</span><span class="dot-2">.</span><span class="dot-3">.</span></span></span>',$permcats ],
'$permcat_new' => t('Add permission role'), '$permcat_new' => t('Add permission role'),
'$permcat_enable' => feature_enabled(local_channel(),'permcats'), '$permcat_enable' => feature_enabled(local_channel(),'permcats'),
'$section' => $section, '$section' => $section,

14
Zotlabs/Module/Item.php
View File

@ -504,7 +504,12 @@ class Item extends \Zotlabs\Web\Controller {
$body = z_input_filter($body,$mimetype,$execflag); $body = z_input_filter($body,$mimetype,$execflag);
} }
// Verify ability to use html or php!!!
$arr = [ 'profile_uid' => $profile_uid, 'content' => $body, 'mimetype' => $mimetype ];
call_hooks('post_content',$arr);
$body = $arr['content'];
$mimetype = $arr['mimetype'];
$gacl = $acl->get(); $gacl = $acl->get();
$str_contact_allow = $gacl['allow_cid']; $str_contact_allow = $gacl['allow_cid'];
@ -516,13 +521,6 @@ class Item extends \Zotlabs\Web\Controller {
require_once('include/text.php'); require_once('include/text.php');
if($uid && $uid == $profile_uid && feature_enabled($uid,'markdown')) {
require_once('include/markdown.php');
$body = preg_replace_callback('/\[share(.*?)\]/ism','\share_shield',$body);
$body = markdown_to_bb($body,true,['preserve_lf' => true]);
$body = preg_replace_callback('/\[share(.*?)\]/ism','\share_unshield',$body);
}
// BBCODE alert: the following functions assume bbcode input // BBCODE alert: the following functions assume bbcode input
// and will require alternatives for alternative content-types (text/html, text/markdown, text/plain, etc.) // and will require alternatives for alternative content-types (text/html, text/markdown, text/plain, etc.)

7
Zotlabs/Module/Owa.php
View File

@ -38,14 +38,19 @@ class Owa extends \Zotlabs\Web\Controller {
foreach($r as $hubloc) { foreach($r as $hubloc) {
$verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']); $verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']);
if($verified && $verified['header_signed'] && $verified['header_valid']) { if($verified && $verified['header_signed'] && $verified['header_valid']) {
logger('OWA header: ' . print_r($verified,true),LOGGER_DATA);
logger('OWA success: ' . $hubloc['hubloc_addr'],LOGGER_DATA);
$ret['success'] = true; $ret['success'] = true;
$token = random_string(32); $token = random_string(32);
\Zotlabs\Zot\Verify::create('owt',0,$token,$r[0]['hubloc_addr']); \Zotlabs\Zot\Verify::create('owt',0,$token,$hubloc['hubloc_addr']);
$result = ''; $result = '';
openssl_public_encrypt($token,$result,$hubloc['xchan_pubkey']); openssl_public_encrypt($token,$result,$hubloc['xchan_pubkey']);
$ret['encrypted_token'] = base64url_encode($result); $ret['encrypted_token'] = base64url_encode($result);
break; break;
} }
else {
logger('OWA fail: ' . $hubloc['hubloc_id'] . ' ' . $hubloc['hubloc_addr']);
}
} }
} }
} }

2
Zotlabs/Web/HTTPSig.php
View File

@ -117,7 +117,7 @@ class HTTPSig {
logger('verified: ' . $x, LOGGER_DEBUG); logger('verified: ' . $x, LOGGER_DEBUG);
if($x === false) if(! $x)
return $result; return $result;
if(! $spoofable) if(! $spoofable)

4
include/crypto.php
View File

@ -22,13 +22,13 @@ function rsa_verify($data,$sig,$key,$alg = 'sha256') {
$alg = OPENSSL_ALGO_SHA256; $alg = OPENSSL_ALGO_SHA256;
$verify = @openssl_verify($data,$sig,$key,$alg); $verify = @openssl_verify($data,$sig,$key,$alg);
if(! $verify) { if($verify === (-1)) {
while($msg = openssl_error_string()) while($msg = openssl_error_string())
logger('openssl_verify: ' . $msg,LOGGER_NORMAL,LOG_ERR); logger('openssl_verify: ' . $msg,LOGGER_NORMAL,LOG_ERR);
btlogger('openssl_verify: key: ' . $key, LOGGER_DEBUG, LOG_ERR); btlogger('openssl_verify: key: ' . $key, LOGGER_DEBUG, LOG_ERR);
} }
return $verify; return (($verify > 0) ? true : false);
} }
function pkcs5_pad ($text, $blocksize) function pkcs5_pad ($text, $blocksize)

15
include/features.php
View File

@ -373,15 +373,6 @@ function get_features($filtered = true) {
t('Post/Comment Tools'), t('Post/Comment Tools'),
[
'markdown',
t('Markdown'),
t('Use markdown for editing posts'),
false,
get_config('feature_lock','markdown'),
feature_level('markdown',2),
],
[ [
'commtag', 'commtag',
t('Community Tagging'), t('Community Tagging'),
@ -490,6 +481,8 @@ function get_features($filtered = true) {
else { else {
$narr = $arr; $narr = $arr;
} }
call_hooks('get_features',$narr);
return $narr; $x = [ 'features' => $narr, 'filtered' => $filtered, 'techlevel' => $techlevel ];
call_hooks('get_features',$x);
return $x['features'];
} }

17
include/html2bbcode.php
View File

@ -188,13 +188,14 @@ function html2bbcode($message)
node2bbcode($doc, 'hr', array(), "[hr]", ""); node2bbcode($doc, 'hr', array(), "[hr]", "");
node2bbcode($doc, 'table', array(), "", ""); // node2bbcode($doc, 'table', array(), "", "");
node2bbcode($doc, 'tr', array(), "\n", ""); // node2bbcode($doc, 'tr', array(), "\n", "");
node2bbcode($doc, 'td', array(), "\t", ""); // node2bbcode($doc, 'td', array(), "\t", "");
//node2bbcode($doc, 'table', array(), "[table]", "[/table]");
//node2bbcode($doc, 'th', array(), "[th]", "[/th]"); node2bbcode($doc, 'table', array(), "[table]", "[/table]");
//node2bbcode($doc, 'tr', array(), "[tr]", "[/tr]"); node2bbcode($doc, 'th', array(), "[th]", "[/th]");
//node2bbcode($doc, 'td', array(), "[td]", "[/td]"); node2bbcode($doc, 'tr', array(), "[tr]", "[/tr]");
node2bbcode($doc, 'td', array(), "[td]", "[/td]");
node2bbcode($doc, 'h1', array(), "\n\n[h1]", "[/h1]\n"); node2bbcode($doc, 'h1', array(), "\n\n[h1]", "[/h1]\n");
node2bbcode($doc, 'h2', array(), "\n\n[h2]", "[/h2]\n"); node2bbcode($doc, 'h2', array(), "\n\n[h2]", "[/h2]\n");
@ -211,7 +212,7 @@ function html2bbcode($message)
node2bbcode($doc, 'video', array('src'=>'/(.+)/'), '[video]$1', '[/video]'); node2bbcode($doc, 'video', array('src'=>'/(.+)/'), '[video]$1', '[/video]');
node2bbcode($doc, 'audio', array('src'=>'/(.+)/'), '[audio]$1', '[/audio]'); node2bbcode($doc, 'audio', array('src'=>'/(.+)/'), '[audio]$1', '[/audio]');
node2bbcode($doc, 'iframe', array('src'=>'/(.+)/'), '[iframe]$1', '[/iframe]'); // node2bbcode($doc, 'iframe', array('src'=>'/(.+)/'), '[iframe]$1', '[/iframe]');
node2bbcode($doc, 'code', array(), '[code]', '[/code]'); node2bbcode($doc, 'code', array(), '[code]', '[/code]');

4
view/js/mod_connedit.js
View File

@ -19,7 +19,7 @@ $(document).ready(function() {
$('#id_permcat').change(function() { $('#id_permcat').change(function() {
$('.loading-role-rotator').spin(true); $('.loading').toggleClass('invisible');
var permName = $('#id_permcat').val(); var permName = $('#id_permcat').val();
loadAbookRole(permName); loadAbookRole(permName);
}); });
@ -128,7 +128,7 @@ function loadAbookRole(name) {
if(this.value) if(this.value)
$('#me_id_perms_' + this.name).attr('checked','checked'); $('#me_id_perms_' + this.name).attr('checked','checked');
}); });
$('.loading-role-rotator').spin(false); $('.loading').toggleClass('invisible');
}); });
} }

4
view/js/mod_defperms.js
View File

@ -1,7 +1,7 @@
$(document).ready(function() { $(document).ready(function() {
$('#id_permcat').change(function() { $('#id_permcat').change(function() {
$('.loading-role-rotator').show(); $('.loading').toggleClass('invisible');
var permName = $('#id_permcat').val(); var permName = $('#id_permcat').val();
loadConnectionRole(permName); loadConnectionRole(permName);
}); });
@ -25,7 +25,7 @@ function loadConnectionRole(name) {
if(this.value) if(this.value)
$('#id_perms_' + this.name).attr('checked','checked'); $('#id_perms_' + this.name).attr('checked','checked');
}); });
$('.loading-role-rotator').hide(); $('.loading').toggleClass('invisible');
}); });
} }

4
view/js/mod_settings.js
View File

@ -19,7 +19,7 @@ $(document).ready(function() {
}); });
$('#id_permcat_list').change(function() { $('#id_permcat_list').change(function() {
$('.loading-role-rotator').spin(true); $('.loading').toggleClass('invisible');
var permName = $('#id_permcat').val(); var permName = $('#id_permcat').val();
loadPermcat(permName); loadPermcat(permName);
}); });
@ -172,7 +172,7 @@ function loadPermcat(name) {
if(this.value) if(this.value)
$('#me_id_perms_' + this.name).attr('checked','checked'); $('#me_id_perms_' + this.name).attr('checked','checked');
}); });
$('.loading-role-rotator').spin(false); $('.loading').toggleClass('invisible');
}); });
} }

1
view/tpl/abook_edit.tpl
View File

@ -485,7 +485,6 @@
</div> </div>
{{if $permcat_enable}} {{if $permcat_enable}}
<div class="loading-role-rotator"></div>
<a href="settings/permcats" class="pull-right"><i class="fa fa-plus"></i>&nbsp;{{$permcat_new}}</a> <a href="settings/permcats" class="pull-right"><i class="fa fa-plus"></i>&nbsp;{{$permcat_new}}</a>
{{include file="field_select.tpl" field=$permcat}} {{include file="field_select.tpl" field=$permcat}}
{{/if}} {{/if}}

1
view/tpl/admin_site.tpl
View File

@ -70,6 +70,7 @@
{{include file="field_input.tpl" field=$register_text}} {{include file="field_input.tpl" field=$register_text}}
{{include file="field_select.tpl" field=$register_policy}} {{include file="field_select.tpl" field=$register_policy}}
{{include file="field_checkbox.tpl" field=$invite_only}} {{include file="field_checkbox.tpl" field=$invite_only}}
{{include file="field_input.tpl" field=$minimum_age}}
{{include file="field_select.tpl" field=$access_policy}} {{include file="field_select.tpl" field=$access_policy}}
{{include file="field_input.tpl" field=$location}} {{include file="field_input.tpl" field=$location}}
{{include file="field_input.tpl" field=$sellpage}} {{include file="field_input.tpl" field=$sellpage}}

1
view/tpl/defperms.tpl
View File

@ -17,7 +17,6 @@
<p>{{$permnote_self}}</p> <p>{{$permnote_self}}</p>
</div> </div>
{{if $permcat_enable}} {{if $permcat_enable}}
<div class="loading-role-rotator spinner-wrapper"></div>
<a href="settings/permcats" class="pull-right"><i class="fa fa-plus"></i>&nbsp;{{$permcat_new}}</a> <a href="settings/permcats" class="pull-right"><i class="fa fa-plus"></i>&nbsp;{{$permcat_new}}</a>
{{include file="field_select.tpl" field=$permcat}} {{include file="field_select.tpl" field=$permcat}}
{{/if}} {{/if}}