harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'upstream/dev' into dev

Browse Source
This commit is contained in:
Manuel Jiménez Friaza 2019-05-19 13:25:00 +02:00
commit 429140df97
845 changed files with 82563 additions and 49644 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

95
.gitlab-ci.yml
View File

@ -1,6 +1,6 @@
# Select image from https://hub.docker.com/_/php/
#image: php:7.2
# Use a prepared Hubzilla image to optimise pipeline run
# Use a prepared Hubzilla image to optimise pipeline duration
image: registry.gitlab.com/dawnbreak/hubzilla/core:php7.2
@ -32,55 +32,28 @@ variables:
before_script:
# pecl and composer do not work with PHP production restrictions (from Hubzilla Docker image)
- if [ -f /usr/local/etc/php/conf.d/z_prod.ini ]; then mv /usr/local/etc/php/conf.d/z_prod.ini /usr/local/etc/php/conf.d/z_prod.ini.off; fi
# Install & enable Xdebug for code coverage reports
- pecl install xdebug
- docker-php-ext-enable xdebug
# Install composer
- curl -sS https://getcomposer.org/installer | php
# Install dev libraries from composer
- php composer.phar install --no-progress
- php ./composer.phar install --no-progress
# test PHP7 with MySQL 5.7
php7.2_mysql 1/2:
# hidden job definition with template for MySQL/MariaDB
.job_template_mysql: &job_definition_mysql
stage: test
services:
- mysql:5.7
script:
- echo "USE $MYSQL_DATABASE; $(cat ./install/schema_mysql.sql)" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE"
- echo "SHOW DATABASES;" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE"
- echo "USE $MYSQL_DATABASE; SHOW TABLES;" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE"
- vendor/bin/phpunit --configuration tests/phpunit.xml --coverage-text
# test PHP7 with MySQL latest (8)
php7.2_mysql 2/2:
stage: test
services:
- name: mysql:latest
command: ["--default-authentication-plugin=mysql_native_password"]
script:
- echo "USE $MYSQL_DATABASE; $(cat ./install/schema_mysql.sql)" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE"
- echo "SHOW DATABASES;" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE"
- echo "USE $MYSQL_DATABASE; SHOW TABLES;" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE"
- vendor/bin/phpunit --configuration tests/phpunit.xml --coverage-text
# test PHP7 with MariaDB latest (10.3)
php7.2_mariadb:
stage: test
services:
- name: mariadb:latest
alias: mysql
script:
- echo "USE $MYSQL_DATABASE; $(cat ./install/schema_mysql.sql)" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE"
- echo "SHOW DATABASES;" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE"
- echo "USE $MYSQL_DATABASE; SHOW TABLES;" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE"
- vendor/bin/phpunit --configuration tests/phpunit.xml --coverage-text
# test PHP7 with PostgreSQL latest
php7.2_postgres:
# hidden job definition with template for PostgreSQL
.job_template_postgres: &job_definition_postgres
stage: test
services:
- postgres:latest
@ -95,7 +68,10 @@ php7.2_postgres:
#- psql -h "postgres" -U "$POSTGRES_USER" -d "$POSTGRES_DB" -c "\dt;"
# Run the actual tests
- vendor/bin/phpunit --configuration tests/phpunit-pgsql.xml --testdox
artifacts:
# hidden job definition with artifacts config template
.artifacts_template:
artifacts: &artifacts_template
expire_in: 1 week
# Gitlab should show the results, but has problems parsing PHPUnit's junit file.
reports:
@ -106,7 +82,52 @@ php7.2_postgres:
- tests/results/
# Generate Doxygen API Documentation and deploy it at GitLab pages
# PHP7.2 with MySQL 5.7
php7.2_mysql5.7:
<<: *job_definition_mysql
services:
- mysql:5.7
# PHP7.2 with MySQL 8 (latest)
php7.2_mysql8:
<<: *job_definition_mysql
services:
- name: mysql:8
command: ["--default-authentication-plugin=mysql_native_password"]
# PHP7.2 with MariaDB 10.2
php7.2_mariadb10.2:
<<: *job_definition_mysql
services:
- name: mariadb:10.2
alias: mysql
# PHP7.3 with MariaDB 10.3 (latest)
php7.3_mariadb10.3:
<<: *job_definition_mysql
image: registry.gitlab.com/dawnbreak/hubzilla/core:php7.3
services:
- name: mariadb:10.3
alias: mysql
# PHP7.2 with PostgreSQL latest (11)
php7.2_postgres11:
<<: *job_definition_postgres
artifacts: *artifacts_template
# PHP7.3 with PostgreSQL latest (11)
php7.3_postgres11:
<<: *job_definition_postgres
image: registry.gitlab.com/dawnbreak/hubzilla/core:php7.3
artifacts: *artifacts_template
# Generate Doxygen API Documentation and deploy it as GitLab pages
pages:
stage: deploy
cache: {}

188
.homeinstall/README.md
View File

@ -1,16 +1,43 @@
# Hubzilla at Home next to your Router
Run hubzilla-setup.sh for an unattended installation of hubzilla.
This readme will show you how to install and run Hubzilla or Zap at home.
The installation is done by a script.
What the script will do for you...
+ install everything required by Zap/Hubzilla, basically a web server (Apache), PHP, a database (MySQL), certbot,...
+ create a database
+ run certbot to have everything for a secure connection (httpS)
+ create a script for daily maintenance
- backup to external disk (certificates, database, /var/www/)
- renew certfificate (letsencrypt)
- update of Zap/Hubzilla
- update of Debian
- restart
+ create cron jobs for
- DynDNS (selfHOST.de or freedns.afraid.org) every 5 minutes
- Master.php for Zap/Hubzilla every 10 minutes
- daily maintenance script every day at 05:30
The script is known to work without adjustments with
+ Hardware
- Mini-PC with Debian-9.5-amd64, or
- Rapberry 3 with Raspbian, Debian-9.5
- Mini-PC with Debian 9 (stretch), or
- Rapberry 3 with Raspbian, Debian 9
+ DynDNS
- selfHOST.de
- freedns.afraid.org
The script can install both [Hubzilla](https://zotlabs.org/page/hubzilla/hubzilla-project) and [Zap](https://zotlabs.com/zap/). Make sure to use the correct GIT repositories.
+ Hubzilla
- core: git clone https://framagit.org/hubzilla/core.git html (in this readme)
- addons: util/add_addon_repo https://framagit.org/hubzilla/addons.git hzaddons (in hubzilla-setup.sh)
+ Zap
- core: git clone https://framagit.org/zot/zap.git html (in this readme)
- addons: util/add_addon_repo https://framagit.org/zot/zap-addons.git zaddons (in hubzilla-setup.sh)
## Disclaimers
- This script does work with Debian 9 only.
@ -29,7 +56,7 @@ Hardware
Software
+ Fresh installation of Debian 9 (Stretch)
+ Router with open ports 80 and 443 for your Hub
+ Router with open ports 80 and 443 for your web server
## The basic steps (quick overview)
@ -44,10 +71,9 @@ Software
- nano hubzilla-config.txt
- Read the comments carefully
- Enter your values: db pass, domain, values for dyn DNS
- Make sure your external drive (for backups) is mounted
- Prepare your external disk for backups
- hubzilla-setup.sh as root
- ... wait, wait, wait until the script is finised
- reboot
+ Open your domain with a browser and step throught the initial configuration of hubzilla.
## Troubleshooting
@ -66,58 +92,28 @@ In Admin settings of hubzilla or via terminal
# Step-by-Step in Detail
## Preparations Hardware
### Mini-PC
### Recommended: USB Drive for Backups
The installation will create a daily backup written to an external drive.
The USB drive must be compatible with the filesystems
- ext4 (if you do not want to encrypt the USB)
- LUKS + ext4 (if you want to encrypt the USB)
The backup includes
- Hubzilla DB
- Hubzilla installation /var/www/html
- Certificates for letsencrypt
## Preparations Software
### Install Debian Linux on the Mini-PC
## Install Debian 9
Download the stable Debian at https://www.debian.org/
(Debian 8 is no longer supported.)
Provided you use a Raspberry Pi 3...
Create bootable USB drive with Debian on it.You could use
Download the OS Raspbian from https://www.raspberrypi.org/downloads/raspbian/
- unetbootin, https://en.wikipedia.org/wiki/UNetbootin
- or simply the linux command "dd"
Follow the installation instruction there.
Example for command dd...
## Configure your Router
su -
dd if=2018-10-09-raspbian-stretch.img of=/dev/mmcblk0
Your web has to be visible in the internet.
Do not forget to unmount the SD card before and check if unmounted like in this example...
su -
umount /dev/mmcblk0*
df -h
Switch off your mini pc, plug in your USB drive and start the mini pc from the
stick. Install Debian. Follow the instructions of the installation.
### Configure your Router
Open the ports 80 and 443 on your router for your Debian
Open the ports 80 and 443 on your router for your Debian. Make sure your web server is marked as "exposed host".
## Preparations Dynamic IP Address
Follow the instructions in .homeinstall/hubzilla-config.txt.
In short...
Your Hubzilla must be reachable by a domain that you can type in your browser
cooldomain.org
@ -132,105 +128,15 @@ There are two ways to get a domain...
...for example buy at selfHOST.de
The cost are around 10,- € once and 1,50 € per month (2017).
The cost is 1,50 € per month (2019).
### Method 2: Register a free subdomain
...for example register at freedns.afraid.org
Follow the instructions in .homeinstall/hubzilla-config.txt.
## Note on Rasperry
## Install Hubzilla on your Debian
Login to your debian
(Provided your username is "you" and the name of the mini pc is "debian". You
could take the IP address instead of "debian")
ssh -X you@debian
Change to root user
su -l
Install git
apt-get install git
Make the directory for apache and change diretory to it
mkdir /var/www
cd /var/www/
Clone hubzilla from git ("git pull" will update it later)
git clone https://framagit.org/hubzilla/core.git html
Change to the install script
cd html/.homeinstall/
Copy the template file
cp hubzilla-config.txt.template hubzilla-config.txt
Modify the file "hubzilla-config.txt". Read the instructions there carefully and enter your values.
nano hubzilla-config.txt
Make sure your external drive (for backups) is plugged in and can be mounted as configured in "hubzilla-config.txt". Otherwise the daily backups will not work.
Run the script
./hubzilla-setup.sh
Wait... The script should not finish with an error message.
In a webbrowser open your domain.
Expected: A test page of hubzilla is shown. All checks there should be
successfull. Go on...
Expected: A page for the Hubzilla server configuration shows up.
Leave db server name "127.0.0.1" and port "0" untouched.
Enter
- DB user name = hubzilla
- DB pass word = This is the password you entered in "hubzilla-config.txt"
- DB name = hubzilla
Leave db type "MySQL" untouched.
Follow the instructions in the next pages.
Recommended: Set path to imagemagick
- in admin settings of hubzilla or
- via terminal
util/config system.imagick_convert_path /usr/bin/convert
After the daily script was executed at 05:30 (am)
- look at /var/www/html/hubzilla-daily.log
- check your backup on the external drive
- optionally view the daily log under yourdomain.org/admin/logs/
- set the logfile to var/www/html/hubzilla-daily.log
## Install Hubzilla in a Virtual Machine for Test Purposes
Modify the file "hubzilla-config.txt".
nano hubzilla-config.txt
There use
le_domain=localhost
## Note for the Rasperry
The script was tested with an Raspberry 3 under Raspian (Debian 9.5, 2018-10-09-raspbian-stretch.img).
The script was tested with an Raspberry 3 under Raspian, Debian 9.
It is recommended to run the Raspi without graphical frontend (X-Server). Use...
@ -240,7 +146,7 @@ to boot the Rapsi to the client console.
DO NOT FORGET TO CHANGE THE DEFAULT PASSWORD FOR USER PI!
If the validation of the mail address fails for the very first registered user...
On a Raspian Stretch (Debian 9) the validation of the mail address fails for the very first user.
This used to happen on some *bsd distros but there was some work to fix that a year ago (2017).
So if your system isn't registered in DNS or DNS isn't active do

11
.homeinstall/hubzilla-config.txt.template
View File

@ -2,8 +2,8 @@
### MANDATORY - database password #############
#
# Please give your database password
# It is better to not use blanks inside the password.
# Example: db_pass=pass_word_with_no_blanks_in_it
# Example: db_pass="this password has blanks in it"
db_pass=
###############################################
@ -18,9 +18,12 @@ db_pass=
# Example: my.cooldomain.org
# Example: cooldomain.org
#
# Example: localhost (test installation without certificates for httpS)
# You might use "localhost" for a LOCAL TEST installation.
# This is usefull if you want to debug the server inside a VM.
#
# Email is optional
# Example: localhost
#
# Email is optional if you use "localhost".
#
#
le_domain=
@ -30,7 +33,7 @@ le_email=
### OPTIONAL - selfHOST - dynamic IP address ##
#
# 1. Register a domain at selfhost.de
# - choose offer "DOMAIN dynamisch" 1,50€/mon at 08.01.2016
# - choose offer "DOMAIN dynamisch" 1,50€/mon at 04/2019
# 2. Get your configuration for dynamic IP update
# - Log in at selfhost.de
# - go to "DynDNS Accounte"

293
.homeinstall/hubzilla-setup.sh Executable file → Normal file
View File

@ -3,7 +3,10 @@
# How to use
# ----------
#
# This file automates the installation of hubzilla under Debian Linux
# This file automates the installation of
# - hubzilla: https://zotlabs.org/page/hubzilla/hubzilla-project and
# - zap: https://zotlabs.com/zap/
# under Debian Linux
#
# 1) Copy the file "hubzilla-config.txt.template" to "hubzilla-config.txt"
# Follow the instuctions there
@ -25,16 +28,14 @@
# * php,
# * mysql - the database for hubzilla,
# * phpmyadmin,
# * git to download and update hubzilla itself
# * git to download and update hubzilla addon
# - download hubzilla core and addons
# - configure cron
# * "poller.php" for regular background prozesses of hubzilla
# * to_do "apt-get update" and "apt-get dist-upgrade" to keep linux
# up-to-date
# * to_do backup hubzillas database and files (rsnapshot)
# - configure dynamic ip with cron
# - to_do letsencrypt
# - to_do redirection to https
# * "Master.php" for regular background prozesses of hubzilla
# * "apt-get update" and "apt-get dist-upgrade" and "apt-get autoremove" to keep linux up-to-date
# * run command to keep the IP up-to-date > DynDNS provided by selfHOST.de or freedns.afraid.org
# * backup hubzillas database and files (rsync)
# - letsencrypt
#
#
# Discussion
@ -43,26 +44,11 @@
# Security - password is the same for mysql-server, phpmyadmin and hubzilla db
# - The script runs into installation errors for phpmyadmin if it uses
# different passwords. For the sake of simplicity one singel password.
#
# Security - suhosin for PHP
# - The script does not install suhosin.
# - Is the security package suhosin usefull or not usefull?
#
# Hubzilla - email verification
# - The script switches off email verification off in all htconfig.tpl.
# Example: /var/www/html/view/en/htconfig.tpl
# - Is this a silly idea or not?
#
#
# Remove Hubzilla (for a fresh start using the script)
# ----------------------------------------------------
#
# You could use /var/www/hubzilla-remove.sh
# that is created by hubzilla-setup.sh.
#
# The script will remove (almost everything) what was installed by the script.
# After the removal you could run the script again to have a fresh install
# of all applications including hubzilla and its database.
#
# How to restore from backup
# --------------------------
@ -76,18 +62,10 @@
#
# hubzilla-daily.sh makes a (daily) backup of all relevant files
# - /var/lib/mysql/ > hubzilla database
# - /var/www/html/ > hubzilla from github
# - /var/www/letsencrypt/ > certificates
# - /var/www/ > hubzilla/zap from github
# - /etc/letsencrypt/ > certificates
#
# hubzilla-daily.sh writes the backup
# - either to an external disk compatible to LUKS+ext4 (see hubzilla-config.txt)
# - or to /var/cache/rsnapshot in case the external disk is not plugged in
#
# Restore backup
# - - - - - - -
#
# This was not tested yet.
# Bacically you can copy the files from the backup to the server.
# hubzilla-daily.sh writes the backup to an external disk compatible to LUKS+ext4 (see hubzilla-config.txt)
#
# Credits
# -------
@ -136,11 +114,11 @@ function check_config {
# backup is important and should be checked
if [ -n "$backup_device_name" ]
then
if [ ! -d "$backup_mount_point" ]
then
mkdir "$backup_mount_point"
fi
device_mounted=0
if [ ! -d "$backup_mount_point" ]
then
mkdir "$backup_mount_point"
fi
device_mounted=0
if fdisk -l | grep -i "$backup_device_name.*linux"
then
print_info "ok - filesystem of external device is linux"
@ -264,7 +242,7 @@ function install_sendmail {
function install_php {
# openssl and mbstring are included in libapache2-mod-php
print_info "installing php..."
nocheck_install "libapache2-mod-php php php-pear php-curl php-mcrypt php-gd"
nocheck_install "libapache2-mod-php php php-pear php-curl php-mcrypt php-gd php-mysqli php-mbstring php-xml"
sed -i "s/^upload_max_filesize =.*/upload_max_filesize = 100M/g" /etc/php/7.0/apache2/php.ini
sed -i "s/^post_max_size =.*/post_max_size = 100M/g" /etc/php/7.0/apache2/php.ini
}
@ -449,11 +427,11 @@ function configure_cron_selfhost {
print_info "configure cron for selfhost..."
if [ -z "$selfhost_user" ]
then
print_info "freedns is not configured because freedns_key is empty in $configfile"
print_info "selfhost is not configured because selfhost_key is empty in $configfile"
else
# Use cron for dynamich ip update
# - at reboot
# - every 30 minutes
# - every 5 minutes
if [ -z "`grep 'selfhost-updater.sh' /etc/crontab`" ]
then
echo "@reboot root bash /etc/selfhost/selfhost-updater.sh update > /dev/null 2>&1" >> /etc/crontab
@ -471,89 +449,24 @@ function install_letsencrypt {
then
die "Failed to install let's encrypt: 'le_domain' is empty in $configfile"
fi
# configure apache
apache_le_conf=/etc/apache2/sites-available/le-default.conf
if [ -f $apache_le_conf ]
# check if user gave mail address
if [ -z "$le_email" ]
then
print_info "$apache_le_conf exist already"
die "Failed to install let's encrypt: 'le_domain' is empty in $configfile"
fi
nocheck_install "apt-transport-https"
# add backports to your sources.list
backports_list=/etc/apt/sources.list.d/backports.list
if [ -f $backports_list ]
then
print_info "$backports_list exist already"
else
cat > $apache_le_conf <<END
# letsencrypt default Apache configuration
Alias /.well-known/acme-challenge /var/www/letsencrypt
<Directory /var/www/letsencrypt>
Options FollowSymLinks
Allow from all
</Directory>
END
a2ensite le-default.conf
service apache2 restart
echo "deb https://deb.debian.org/debian stretch-backports main" > $backports_list
fi
# download the shell script
if [ -d $le_dir ]
then
print_info "letsenrypt exists already (nothing downloaded > no certificate created and registered)"
return 0
fi
git clone https://github.com/lukas2511/dehydrated $le_dir
cd $le_dir
# create config file for letsencrypt.sh
echo "WELLKNOWN=$le_dir" > $le_dir/config.sh
if [ -n "$le_email" ]
then
echo "CONTACT_EMAIL=$le_email" >> $le_dir/config.sh
fi
# create domain file for letsencrypt.sh
# WATCH THIS:
# - It did not work wit "sub.domain.org www.sub.domain.org".
# - So just use "sub.domain.org" only!
echo "$le_domain" > $le_dir/domains.txt
# test apache config for letsencrpyt
url_http=http://$le_domain/.well-known/acme-challenge/domains.txt
wget_output=$(wget -nv --spider --max-redirect 0 $url_http)
if [ $? -ne 0 ]
then
die "Failed to load $url_http"
fi
# accept terms of service of letsencrypt
./dehydrated --register --accept-terms
# run script dehydrated
#
./dehydrated --cron --config $le_dir/config.sh
}
function configure_apache_for_https {
print_info "configuring apache to use httpS ..."
# letsencrypt.sh
#
# "${BASEDIR}/certs/${domain}/privkey.pem"
# "${BASEDIR}/certs/${domain}/cert.pem"
# "${BASEDIR}/certs/${domain}/fullchain.pem"
#
SSLCertificateFile=${le_dir}/certs/${le_domain}/cert.pem
SSLCertificateKeyFile=${le_dir}/certs/${le_domain}/privkey.pem
SSLCertificateChainFile=${le_dir}/certs/${le_domain}/fullchain.pem
if [ ! -f $SSLCertificateFile ]
then
print_warn "Failed to configure apache for httpS: Missing certificate file $SSLCertificateFile"
return 0
fi
# make sure that the ssl mode is enabled
print_info "...configuring apache to use httpS - a2enmod ssl ..."
a2enmod ssl
# modify apach' ssl conf file
if grep -i "ServerName" $sslconf
then
print_info "seems that apache was already configered to use httpS with $sslconf"
else
sed -i "s/ServerAdmin.*$/ServerAdmin webmaster@localhost\\n ServerName ${le_domain}/" $sslconf
fi
sed -i s#/etc/ssl/certs/ssl-cert-snakeoil.pem#$SSLCertificateFile# $sslconf
sed -i s#/etc/ssl/private/ssl-cert-snakeoil.key#$SSLCertificateKeyFile# $sslconf
sed -i s#/etc/apache2/ssl.crt/server-ca.crt#$SSLCertificateChainFile# $sslconf
sed -i s/#SSLCertificateChainFile/SSLCertificateChainFile/ $sslconf
# apply changes
a2ensite default-ssl.conf
apt-get -y update
DEBIAN_FRONTEND=noninteractive apt-get -q -y -t stretch-backports install certbot python-certbot-apache
print_info "run certbot ..."
certbot --apache -w /var/www/html -d $le_domain -m $le_email --agree-tos --non-interactive --redirect --hsts --uir
service apache2 restart
}
@ -572,7 +485,10 @@ function check_https {
function install_hubzilla {
print_info "installing hubzilla addons..."
cd /var/www/html/
util/add_addon_repo https://framagit.org/hubzilla/addons.git hzaddons
# if you install Hubzilla
util/add_addon_repo https://framagit.org/hubzilla/addons hzaddons
# if you install ZAP
#util/add_addon_repo https://framagit.org/zot/zap-addons.git zaddons
mkdir -p "store/[data]/smarty3"
chmod -R 777 store
touch .htconfig.php
@ -582,7 +498,7 @@ function install_hubzilla {
chown root:www-data /var/www/html/
chown root:www-data /var/www/html/.htaccess
chmod 0644 /var/www/html/.htaccess
# try to switch off email registration
print_info "try to switch off email registration..."
sed -i "s/verify_email.*1/verify_email'] = 0/" /var/www/html/view/*/ht*
if [ -n "`grep -r 'verify_email.*1' /var/www/html/view/`" ]
then
@ -591,49 +507,9 @@ function install_hubzilla {
print_info "installed hubzilla"
}
function rewrite_to_https {
print_info "configuring apache to redirect http to httpS ..."
htaccessfile=/var/www/html/.htaccess
if grep -i "https" $htaccessfile
then
print_info "...configuring apache to redirect http to httpS was already done in $htaccessfile"
else
sed -i "s#QSA]#QSA]\\n RewriteCond %{SERVER_PORT} !^443$\\n RewriteRule (.*) https://%{HTTP_HOST}/$1 [R=301,L]#" $htaccessfile
fi
service apache2 restart
}
# This will allways overwrite both config files
# - internal disk
# - external disk (LUKS + ext4)
# of rsnapshot for hubzilla
function install_rsnapshot {
print_info "installing rsnapshot..."
nocheck_install "rsnapshot"
# internal disk
cp -f /etc/rsnapshot.conf $snapshotconfig
sed -i "s/^cmd_cp/#cmd_cp/" $snapshotconfig
sed -i "s/^backup/#backup/" $snapshotconfig
echo "backup /var/lib/mysql/ localhost/" >> $snapshotconfig
echo "backup /var/www/html/ localhost/" >> $snapshotconfig
echo "backup /var/www/letsencrypt/ localhost/" >> $snapshotconfig
# external disk
if [ -n "$backup_device_name" ]
then
cp -f /etc/rsnapshot.conf $snapshotconfig_external_device
sed -i "s#snapshot_root.*#snapshot_root $backup_mount_point#" $snapshotconfig_external_device
sed -i "/alpha/s/6/30/" $snapshotconfig_external_device
sed -i "s/^cmd_cp/#cmd_cp/" $snapshotconfig_external_device
sed -i "s/^backup/#backup/" $snapshotconfig_external_device
if [ -z "`grep 'letsencrypt' $snapshotconfig_external_device`" ]
then
echo "backup /var/lib/mysql/ localhost/" >> $snapshotconfig_external_device
echo "backup /var/www/html/ localhost/" >> $snapshotconfig_external_device
echo "backup /var/www/letsencrypt/ localhost/" >> $snapshotconfig_external_device
fi
else
print_info "No backup configuration (rsnapshot) for external device configured. Reason: backup_device_name and/or backup_device_pass not given in $configfile"
fi
function install_rsync {
print_info "installing rsync..."
nocheck_install "rsync"
}
function install_cryptosetup {
@ -644,28 +520,28 @@ function install_cryptosetup {
function configure_cron_daily {
print_info "configuring cron..."
# every 10 min for poller.php
if [ -z "`grep 'poller.php' /etc/crontab`" ]
if [ -z "`grep 'Master.php' /etc/crontab`" ]
then
echo "*/10 * * * * www-data cd /var/www/html; php Zotlabs/Daemon/Master.php Cron >> /dev/null 2>&1" >> /etc/crontab
fi
# Run external script daily at 05:30
# - stop apache and mysql-server
# - backup hubzilla
# - renew the certificate of letsencrypt
# - backup db, files (/var/www/html), certificates if letsencrypt
# - update hubzilla core and addon
# - update and upgrade linux
# - reboot
# - reboot is done by "shutdown -h now" because "reboot" hangs sometimes depending on the system
echo "#!/bin/sh" > /var/www/$hubzilladaily
echo "#" >> /var/www/$hubzilladaily
echo "echo \" \"" >> /var/www/$hubzilladaily
echo "echo \"+++ \$(date) +++\"" >> /var/www/$hubzilladaily
echo "echo \" \"" >> /var/www/$hubzilladaily
echo "echo \"\$(date) - renew certificate...\"" >> /var/www/$hubzilladaily
echo "bash $le_dir/dehydrated --cron --config $le_dir/config.sh" >> /var/www/$hubzilladaily
echo "certbot renew --noninteractive" >> /var/www/$hubzilladaily
echo "#" >> /var/www/$hubzilladaily
echo "# stop hubzilla" >> /var/www/$hubzilladaily
echo "echo \"\$(date) - stoping apache and mysql...\"" >> /var/www/$hubzilladaily
echo "echo \"\$(date) - stopping apache and mysql...\"" >> /var/www/$hubzilladaily
echo "service apache2 stop" >> /var/www/$hubzilladaily
echo "/etc/init.d/mysql stop # to avoid inconsistancies" >> /var/www/$hubzilladaily
echo "/etc/init.d/mysql stop # to avoid inconsistencies" >> /var/www/$hubzilladaily
echo "#" >> /var/www/$hubzilladaily
echo "# backup" >> /var/www/$hubzilladaily
echo "echo \"\$(date) - try to mount external device for backup...\"" >> /var/www/$hubzilladaily
@ -696,11 +572,13 @@ echo " if mount $backup_device_name $backup_mount_point" >> /var/www/$hub
echo " then" >> /var/www/$hubzilladaily
echo " device_mounted=1" >> /var/www/$hubzilladaily
echo " echo \"device $backup_device_name is now mounted. Starting backup...\"" >> /var/www/$hubzilladaily
echo " rsnapshot -c $snapshotconfig_external_device alpha" >> /var/www/$hubzilladaily
echo " echo \"\$(date) - disk sizes...\"" >> /var/www/$hubzilladaily
echo " df -h" >> /var/www/$hubzilladaily
echo " echo \"\$(date) - db size...\"" >> /var/www/$hubzilladaily
echo " du -h $backup_mount_point | grep mysql/hubzilla" >> /var/www/$hubzilladaily
echo " rsync -a --delete /var/lib/mysql/ /media/hubzilla_backup/mysql" >> /var/www/$hubzilladaily
echo " rsync -a --delete /var/www/ /media/hubzilla_backup/www" >> /var/www/$hubzilladaily
echo " rsync -a --delete /etc/letsencrypt/ /media/hubzilla_backup/letsencrypt" >> /var/www/$hubzilladaily
echo " echo \"\$(date) - disk sizes...\"" >> /var/www/$hubzilladaily
echo " df -h" >> /var/www/$hubzilladaily
echo " echo \"\$(date) - db size...\"" >> /var/www/$hubzilladaily
echo " du -h $backup_mount_point | grep mysql/hubzilla" >> /var/www/$hubzilladaily
echo " echo \"unmounting backup device...\"" >> /var/www/$hubzilladaily
echo " umount $backup_mount_point" >> /var/www/$hubzilladaily
echo " else" >> /var/www/$hubzilladaily
@ -722,18 +600,16 @@ echo "echo \"\$(date) - db size...\"" >> /var/www/$hubzilladaily
echo "du -h /var/lib/mysql/ | grep mysql/hubzilla" >> /var/www/$hubzilladaily
echo "#" >> /var/www/$hubzilladaily
echo "# update" >> /var/www/$hubzilladaily
echo "echo \"\$(date) - updating dehydrated...\"" >> /var/www/$hubzilladaily
echo "git -C /var/www/letsencrypt/ pull" >> /var/www/$hubzilladaily
echo "echo \"\$(date) - updating hubhilla core...\"" >> /var/www/$hubzilladaily
echo "echo \"\$(date) - updating core and addons...\"" >> /var/www/$hubzilladaily
echo "(cd /var/www/html/ ; util/udall)" >> /var/www/$hubzilladaily
echo "chown -R www-data:www-data /var/www/html/ # make all accessable for the webserver" >> /var/www/$hubzilladaily
echo "chown root:www-data /var/www/html/.htaccess" >> /var/www/$hubzilladaily
echo "chmod 0644 /var/www/html/.htaccess # www-data can read but not write it" >> /var/www/$hubzilladaily
echo "echo \"\$(date) - updating linux...\"" >> /var/www/$hubzilladaily
echo "apt-get -q -y update && apt-get -q -y dist-upgrade && apt-get -q -y autoremove # update linux and upgrade" >> /var/www/$hubzilladaily
echo "echo \"\$(date) - Backup hubzilla and update linux finished. Rebooting...\"" >> /var/www/$hubzilladaily
echo "echo \"\$(date) - Backup and update finished. Rebooting...\"" >> /var/www/$hubzilladaily
echo "#" >> /var/www/$hubzilladaily
echo "reboot" >> /var/www/$hubzilladaily
echo "shutdown -r now" >> /var/www/$hubzilladaily
if [ -z "`grep 'hubzilla-daily.sh' /etc/crontab`" ]
then
@ -745,38 +621,6 @@ echo "reboot" >> /var/www/$hubzilladaily
print_info "configured cron for updates/upgrades"
}
function write_uninstall_script {
print_info "writing uninstall script..."
cat > /var/www/hubzilla-remove.sh <<END
#!/bin/sh
#
# This script removes Hubzilla.
# You might do this for a fresh start using the script.
# The script will remove (almost everything) what was installed by the script,
# all applications including hubzilla and its database.
#
# Backup the certificates of letsencrypt (you never know)
cp -a /var/www/letsencrypt/ ~/backup_le_certificats
#
# Removal
apt-get remove apache2 apache2-utils libapache2-mod-php5 php5 php-pear php5-xcache php5-curl php5-mcrypt php5-gd php5-mysql mysql-server mysql-client phpmyadmin
apt-get purge apache2 apache2-utils libapache2-mod-php5 php5 php-pear php5-xcache php5-curl php5-mcrypt php5-gd php5-mysql mysql-server mysql-client phpmyadmin
apt-get autoremove
apt-get clean
rm /etc/rsnapshot_hubzilla.conf
rm /etc/rsnapshot_hubzilla_external_device.conf
rm -R /etc/apache2/
rm -R /var/lib/mysql/
rm -R /var/www
rm -R /etc/selfhost/
# uncomment the next line if you want to remove the backups
# rm -R /var/cache/rsnapshot
nano /etc/crontab # remove entries there manually
END
chmod -x /var/www/hubzilla-remove.sh
}
########################################################################
# START OF PROGRAM
########################################################################
@ -792,11 +636,7 @@ selfhostdir=/etc/selfhost
selfhostscript=selfhost-updater.sh
hubzilladaily=hubzilla-daily.sh
plugins_update=.homeinstall/plugins_update.sh
snapshotconfig=/etc/rsnapshot_hubzilla.conf
snapshotconfig_external_device=/etc/rsnapshot_hubzilla_external_device.conf
backup_mount_point=/media/hubzilla_backup
le_dir=/var/www/letsencrypt
sslconf=/etc/apache2/sites-available/default-ssl.conf
#set -x # activate debugging from here
@ -820,7 +660,6 @@ configure_cron_selfhost
if [ "$le_domain" != "localhost" ]
then
install_letsencrypt
configure_apache_for_https
check_https
else
print_info "is localhost - skipped installation of letsencrypt and configuration of apache for https"
@ -828,20 +667,12 @@ fi
install_hubzilla
if [ "$le_domain" != "localhost" ]
then
rewrite_to_https
install_rsnapshot
else
print_info "is localhost - skipped rewrite to https and installation of rsnapshot"
fi
configure_cron_daily
if [ "$le_domain" != "localhost" ]
then
install_rsync
install_cryptosetup
write_uninstall_script
else
print_info "is localhost - skipped installation of cryptosetup"
fi

170
CHANGELOG
View File

@ -1,3 +1,173 @@
Hubzilla 4.0.3 (2019-04-26)
- Add attachments to zot6 event objects
- Add zot6 to federated transports
- Update import/export to handle zot6 hublocs and xchans
- Update fix_system_urls() to handle zot6 hublocs
- Fix infinite loop using postgres as backend
- Fix magic auth in combination with zot6
- Fix check for required PHP version
- Diaspora: favour diaspora protocol identities over others with same hubloc or xchan address
Hubzilla 4.0.2 (2019-04-08)
- Port cdav calendar to fullcalendar version 4
- Fix perms_pending not evaluated correctly
- Fix return wrong profile photo modification date by plugin
- Fix suggestion widget using feature_enabled still
- Fix check service class limits when syncing files
- Remove xchan_instance_url from notifier query - it is not used anymore
- Implement remove cover photo functionality
- Fix z6_discover() and create a zot6 hubloc on import if applicable
- Add backend support for connections ordering
- Deduplicate items in item_store() by uuid if we got one otherwise by mid
- Add ITEM_TYPE_CUSTOM support to mod display
- Fix mod subthread on sys channel items
- Fix "recipient not found" dreport spaming with own xchan
- Fix wrong variables in dirsearch
- Fix 48 hours timeframe check in mod changeaddr
- Fix wrong variable in Libsync
- Pubcrawl: revert adding additional receivers to comments
- Diaspora: fix intro received when being banned
- Pubcrawl: add diaspora:guid from friendica AP posts for deduplication
- Diaspora: fix friendica plink
- Photocache: fix issue with spaces and quotes in original filenames
Hubzilla 4.0.1 (2019-03-21)
- Fix permissions not getting decrypted on follow
- Add option to add a poster to the video bbcode
- Fix SQL performance issue with queries including thr_parent
- Fix share encoding issue between hz and zap
- Fix edge case in unsupported advisory privacy
- Messagefilter enhancements
- Fix XSS issues
- Clone systems apps to the extent possible
- Auto-configure imagick thumbnail binary during setup if possible
- Fix array not unserialized in util/service_class
- Add phpmd and phpcs to composer require-dev for code linting
- Fix issue with email encoding
- Fix signature issue for zot6 content imported from zotfeeds to hubzilla
- Find unregistered z6 clones on hubzilla sites
- Add zot6 to clonable networks
- Add owner permission checks to AS item fetch
- Perform zot6 discovery in import_author_xchan
- Fix authenticated fetches
- Port zot_record_preferred() from zap
Addons:
- Pubcrawl: deliver comments to abook contacts and thread participants
- Pubcrawl: fix can_comment_on_post()
- Deliverynotice: do not save empty postopts
- Gravatar: fix URL and use z_fetch_url()
- Pubcrawl: improve SQL queries in pubcrawl_item_mod_init()
- Pubcrawl: fix authenticated item fetch
Hubzilla 4.0 (2019-03-08)
- Add CURLOPT_CONNECTTIMEOUT option
- Allow parameters as final path argument in API router
- Remove clones from delivery recipients for top-level posts in favor of clone sync
- Mention php-zip module dependency in administrator guide
- Iron out some kinks with scrollToItem() in combination with collapsed content and images
- Zot API changes to support combined content (items+files) import addon
- Update PHP Version check during setup - min version is now 7.1
- Urlencode links in category widget
- Implement ability for channel visitors to be able to delete their own content
- Support zot location independent urls
- MySQL 8 admin summary compatibility
- Improved gitlab-ci environment
- Deprecate and remove addon settings in favour of per app settings
- Refactor PhotoDriver class and add tests
- Convert affinity tool to app
- Refactor linkify_tags() so it works with xchans across multiple protocols
- Add the actual mid to viewsrc for debuging reasons
- Add filter hooks and the ability to add buttons to the default status editor
- Prevent Hubzilla usage for SEO backlinks
- Implement privacy warning for forum posts via !-tag
- Set document title when title changes on a page update
- Cache embeds in the background on initial storage rather than on first access
- Custom sessionhandler support
- Update nginx and lighttpd sample server configs to explicit disallow access to util
- Introduce command line tool for managing site admins
- Various doxygen improvements
- Add privacygroup_extras_post/drop hooks
- Add collect_public_recipients hook
- Prevent memory exhaustion on zot message pickup with large message queue
- Remove experimental worker queue from core
- Add get_base_apps hook
- Improve handling of notification updates while commenting
- Add warning if upload_filesize < 4MB
- Add ITEM_TYPE_CUSTOM and hooks for processing custom item types
- Set min/maxversion for plugins to STD_VERSION unless otherwise specified
- Add option to make affinity slider 'sticky' across page loads
- Add photo_view_filter hook
- Reset page title if article has no title
- Implement the zot6 protocol
- Add PHOTO_CACHE photo type
- Basic support for HTTP3
- Add native summary support
- Disable image caching if personal or group permissions enabled
Bugfixes
- Fix guest access token xchan record not created on URL login
- Fix regression where mod oep was still using hex2bin/bin2hex instead of album hash
- Fix regression when selecting multiple images in embed images
- Fix broken sync_an_item()
- Fix page jumping on like if comments are expanded (show all x comments)
- Fix regression in mod display where an page update could display items from multiple channels
- Fix starring and filing allowed for other unsupported item types
- Fix wrong variable in z_get_temp_dir()
- Fix page jumping when liking a collapsed/expanded post
- Fix tags detection in URL
- Fix warnings in mod embedphotos
- Fix wrong variable in can_comment_on_post()
- Fix mod new_channel counting removed channels
- Fix regression where not all content variables were sslified
- Fix default values for affinity tool and other information which could be lost when approving a connection
- Fix regression in linkdropper()
- Fix issue with unset auto_save_draft variable which resultet in a javascript error
- Fix home notifications won't expand if there are more than 300 unseen network notifications ahead of them
- Fix total_identities count
- Fix delayed items propagate before publication on cloned channels
Addons
- twitter_api: fedilab needs profile_image_url_https
- New addon: content_import - imports items and files to cloned channels (this obsoletes hzfiles)
- Diaspora: prevent processing of incomplete messages in various places
- hzfiles: fix add missing load/unload functions
- chess: do not look for games if we have no game_id - improves initial pageload performance
- chess: convert to app
- channelreputation: convert to app
- irc: convert to per app
- Provide the addon_common directory for common addon libraries
- fuzzloc: convert to app
- flattrwidget: convert to app
- jappixmini: convert to app
- xmpp: convert to app
- visage: convert to app
- diaspora: reflect linkify_tags() rewrite
- twitter: convert to app
- smileybutton: convert to app
- skeleton: convert to app
- planets: convert to app
- pumpio: convert to app
- pageheader: convert to app
- nsabait: convert to app
- dwpost: convert to app
- diaspora: set the preserve_lf option in various places
- diaspora: fix comments from unknown persons are not accpted
- nofed: convert to app
- ljpost: convert to app
- diaspora: call update_queue_item() if delivery failed
- pubcrawl: call update_queue_item() if delivery failed
- libertree: convert to app
- New addon: queueworker advanced - queue handling (experimental)
- gallery: extended functionality: implements stream image viewer, converts images at the beginning of a post to a gallery
- authchoose: correction to query, add affinity setting
- New addon: photocache - local caching for public photos
- New addon: totp - two factor authentication using time-based one-time passwords
Hubzilla 3.8.9 (2018-02-03)
- Fix typos in mod oep
- Fix page jumping when liking collapsed/expanded post

1
Zotlabs/Daemon/Cron_daily.php
View File

@ -85,6 +85,7 @@ class Cron_daily {
Master::Summon(array('Cli_suggest'));
remove_obsolete_hublocs();
z6_discover();
call_hooks('cron_daily',datetime_convert());

8
Zotlabs/Daemon/Notifier.php
View File

@ -412,6 +412,12 @@ class Notifier {
$private = false;
$recipients = collect_recipients($parent_item,$private);
if ($top_level_post) {
// remove clones who will receive the post via sync
$recipients = array_diff($recipients, [ $target_item['owner_xchan'] ]);
}
// FIXME add any additional recipients such as mentions, etc.
// don't send deletions onward for other people's stuff
@ -446,7 +452,7 @@ class Notifier {
$env_recips = (($private) ? array() : null);
$details = q("select xchan_hash, xchan_instance_url, xchan_network, xchan_addr, xchan_guid, xchan_guid_sig from xchan where xchan_hash in (" . protect_sprintf(implode(',',$recipients)) . ")");
$details = q("select xchan_hash, xchan_network, xchan_addr, xchan_guid, xchan_guid_sig from xchan where xchan_hash in (" . protect_sprintf(implode(',',$recipients)) . ")");
$recip_list = array();

1
Zotlabs/Daemon/Poller.php
View File

@ -199,6 +199,7 @@ class Poller {
set_config('system','lastpoll',datetime_convert());
//All done - clear the lockfile
@unlink($lockfile);
return;

111
Zotlabs/Lib/Activity.php
View File

@ -2,6 +2,7 @@
namespace Zotlabs\Lib;
use Zotlabs\Daemon\Master;
use Zotlabs\Zot6\HTTPSig;
class Activity {
@ -13,27 +14,30 @@ class Activity {
$x = json_decode($x,true);
}
if(is_array($x) && array_key_exists('asld',$x)) {
$x = $x['asld'];
}
if(is_array($x)) {
if($x['type'] === ACTIVITY_OBJ_PERSON) {
return self::fetch_person($x);
}
if($x['type'] === ACTIVITY_OBJ_PROFILE) {
return self::fetch_profile($x);
}
if(in_array($x['type'], [ ACTIVITY_OBJ_NOTE, ACTIVITY_OBJ_ARTICLE ] )) {
return self::fetch_item($x);
}
if($x['type'] === ACTIVITY_OBJ_THING) {
return self::fetch_thing($x);
}
if($x['type'] === ACTIVITY_OBJ_EVENT) {
return self::fetch_event($x);
}
if($x['type'] === ACTIVITY_OBJ_PHOTO) {
return self::fetch_image($x);
if(array_key_exists('asld',$x)) {
return $x['asld'];
}
if($x['type'] === ACTIVITY_OBJ_PERSON) {
return self::fetch_person($x);
}
if($x['type'] === ACTIVITY_OBJ_PROFILE) {
return self::fetch_profile($x);
}
if(in_array($x['type'], [ ACTIVITY_OBJ_NOTE, ACTIVITY_OBJ_ARTICLE ] )) {
return self::fetch_item($x);
}
if($x['type'] === ACTIVITY_OBJ_THING) {
return self::fetch_thing($x);
}
if($x['type'] === ACTIVITY_OBJ_EVENT) {
return self::fetch_event($x);
}
if($x['type'] === ACTIVITY_OBJ_PHOTO) {
return self::fetch_image($x);
}
}
return $x;
@ -150,7 +154,7 @@ class Activity {
'type' => 'Image',
'id' => $x['id'],
'name' => $x['title'],
'content' => bbcode($x['body']),
'content' => bbcode($x['body'], [ 'cache' => true ]),
'source' => [ 'mediaType' => 'text/bbcode', 'content' => $x['body'] ],
'published' => datetime_convert('UTC','UTC',$x['created'],ATOM_TIME),
'updated' => datetime_convert('UTC','UTC', $x['edited'],ATOM_TIME),
@ -180,14 +184,24 @@ class Activity {
$y = [
'type' => 'Event',
'id' => z_root() . '/event/' . $ev['event_hash'],
'summary' => bbcode($ev['summary']),
'summary' => bbcode($ev['summary'], [ 'cache' => true ]),
// RFC3339 Section 4.3
'startTime' => (($ev['adjust']) ? datetime_convert('UTC','UTC',$ev['dtstart'], ATOM_TIME) : datetime_convert('UTC','UTC',$ev['dtstart'],'Y-m-d\\TH:i:s-00:00')),
'content' => bbcode($ev['description']),
'location' => [ 'type' => 'Place', 'content' => bbcode($ev['location']) ],
'content' => bbcode($ev['description'], [ 'cache' => true ]),
'location' => [ 'type' => 'Place', 'content' => bbcode($ev['location'], [ 'cache' => true ]) ],
'source' => [ 'content' => format_event_bbcode($ev), 'mediaType' => 'text/bbcode' ],
'actor' => $actor,
];
if(! $ev['nofinish']) {
$y['endTime'] = (($ev['adjust']) ? datetime_convert('UTC','UTC',$ev['dtend'], ATOM_TIME) : datetime_convert('UTC','UTC',$ev['dtend'],'Y-m-d\\TH:i:s-00:00'));
}
// copy attachments from the passed object - these are already formatted for ActivityStreams
if($x['attachment']) {
$y['attachment'] = $x['attachment'];
}
if($actor) {
return $y;
}
@ -296,15 +310,15 @@ class Activity {
$ret['attributedTo'] = $i['author']['xchan_url'];
if($i['id'] != $i['parent']) {
$ret['inReplyTo'] = ((strpos($i['parent_mid'],'http') === 0) ? $i['parent_mid'] : z_root() . '/item/' . urlencode($i['parent_mid']));
$ret['inReplyTo'] = ((strpos($i['thr_parent'],'http') === 0) ? $i['thr_parent'] : z_root() . '/item/' . urlencode($i['thr_parent']));
}
if($i['mimetype'] === 'text/bbcode') {
if($i['title'])
$ret['name'] = bbcode($i['title']);
$ret['name'] = bbcode($i['title'], [ 'cache' => true ]);
if($i['summary'])
$ret['summary'] = bbcode($i['summary']);
$ret['content'] = bbcode($i['body']);
$ret['summary'] = bbcode($i['summary'], [ 'cache' => true ]);
$ret['content'] = bbcode($i['body'], [ 'cache' => true ]);
$ret['source'] = [ 'content' => $i['body'], 'mediaType' => 'text/bbcode' ];
}
@ -397,7 +411,7 @@ class Activity {
$ret = [];
if($item['attach']) {
$atts = json_decode($item['attach'],true);
$atts = ((is_array($item['attach'])) ? $item['attach'] : json_decode($item['attach'],true));
if($atts) {
foreach($atts as $att) {
if(strpos($att['type'],'image')) {
@ -409,7 +423,7 @@ class Activity {
}
}
}
return $ret;
}
@ -462,14 +476,14 @@ class Activity {
$ret['id'] = ((strpos($i['mid'],'http') === 0) ? $i['mid'] : z_root() . '/activity/' . urlencode($i['mid']));
if($i['title'])
$ret['name'] = html2plain(bbcode($i['title']));
$ret['name'] = html2plain(bbcode($i['title'], [ 'cache' => true ]));
if($i['summary'])
$ret['summary'] = bbcode($i['summary']);
$ret['summary'] = bbcode($i['summary'], [ 'cache' => true ]);
if($ret['type'] === 'Announce') {
$tmp = preg_replace('/\[share(.*?)\[\/share\]/ism',EMPTY_STR, $i['body']);
$ret['content'] = bbcode($tmp);
$ret['content'] = bbcode($tmp, [ 'cache' => true ]);
$ret['source'] = [
'content' => $i['body'],
'mediaType' => 'text/bbcode'
@ -495,7 +509,7 @@ class Activity {
}
if($i['id'] != $i['parent']) {
$ret['inReplyTo'] = ((strpos($i['parent_mid'],'http') === 0) ? $i['parent_mid'] : z_root() . '/item/' . urlencode($i['parent_mid']));
$ret['inReplyTo'] = ((strpos($i['thr_parent'],'http') === 0) ? $i['thr_parent'] : z_root() . '/item/' . urlencode($i['thr_parent']));
$reply = true;
if($i['item_private']) {
@ -526,6 +540,10 @@ class Activity {
else
return [];
if(strpos($i['body'],'[/share]') !== false) {
$i['obj'] = null;
}
if($i['obj']) {
if(! is_array($i['obj'])) {
$i['obj'] = json_decode($i['obj'],true);
@ -548,6 +566,7 @@ class Activity {
return [];
}
if($i['target']) {
if(! is_array($i['target'])) {
$i['target'] = json_decode($i['target'],true);
@ -692,7 +711,7 @@ class Activity {
// Reactions will just map to normal activities
if(strpos($verb,ACTIVITY_REACT) !== false)
return 'Create';
return 'emojiReaction';
if(strpos($verb,ACTIVITY_MOOD) !== false)
return 'Create';
@ -868,7 +887,7 @@ class Activity {
// Send an Accept back to them
set_abconfig($channel['channel_id'],$person_obj['id'],'pubcrawl','their_follow_id', $their_follow_id);
\Zotlabs\Daemon\Master::Summon([ 'Notifier', 'permissions_accept', $contact['abook_id'] ]);
Master::Summon([ 'Notifier', 'permissions_accept', $contact['abook_id'] ]);
return;
case 'Accept':
@ -969,9 +988,9 @@ class Activity {
if($my_perms && $automatic) {
// send an Accept for this Follow activity
\Zotlabs\Daemon\Master::Summon([ 'Notifier', 'permissions_accept', $new_connection[0]['abook_id'] ]);
Master::Summon([ 'Notifier', 'permissions_accept', $new_connection[0]['abook_id'] ]);
// Send back a Follow notification to them
\Zotlabs\Daemon\Master::Summon([ 'Notifier', 'permissions_create', $new_connection[0]['abook_id'] ]);
Master::Summon([ 'Notifier', 'permissions_create', $new_connection[0]['abook_id'] ]);
}
$clone = array();
@ -1162,7 +1181,7 @@ class Activity {
$photos = import_xchan_photo($icon,$url);
$r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s'",
dbescdate(datetime_convert('UTC','UTC',$arr['photo_updated'])),
dbescdate(datetime_convert('UTC','UTC',$photos[5])),
dbesc($photos[0]),
dbesc($photos[1]),
dbesc($photos[2]),
@ -1406,7 +1425,7 @@ class Activity {
if($parent) {
if($s['owner_xchan'] === $channel['channel_hash']) {
// We are the owner of this conversation, so send all received comments back downstream
Zotlabs\Daemon\Master::Summon(array('Notifier','comment-import',$x['item_id']));
Master::Summon(array('Notifier','comment-import',$x['item_id']));
}
$r = q("select * from item where id = %d limit 1",
intval($x['item_id'])
@ -1468,7 +1487,7 @@ class Activity {
}
if(in_array($act->type, [ 'Like', 'Dislike', 'Flag', 'Block', 'Announce', 'Accept', 'Reject', 'TentativeAccept' ])) {
if(in_array($act->type, [ 'Like', 'Dislike', 'Flag', 'Block', 'Announce', 'Accept', 'Reject', 'TentativeAccept', 'emojiReaction' ])) {
$response_activity = true;
@ -1509,6 +1528,9 @@ class Activity {
if($act->type === 'Announce') {
$content['content'] = sprintf( t('&#x1f501; Repeated %1$s\'s %2$s'), $mention, $act->obj['type']);
}
if ($act->type === 'emojiReaction') {
$content['content'] = (($act->tgt && $act->tgt['type'] === 'Image') ? '[img=32x32]' . $act->tgt['url'] . '[/img]' : '&#x' . $act->tgt['name'] . ';');
}
}
if(! $s['created'])
@ -1790,7 +1812,7 @@ class Activity {
$s['item_private'] = 1;
set_iconfig($s,'activitypub','recips',$act->raw_recips);
// @FIXME: $parent is not defined
if($parent) {
set_iconfig($s,'activitypub','rawmsg',$act->raw,1);
}
@ -1921,10 +1943,11 @@ class Activity {
if(is_array($x) && $x['item_id']) {
// @FIXME: $parent is not defined
if($parent) {
if($s['owner_xchan'] === $channel['channel_hash']) {
// We are the owner of this conversation, so send all received comments back downstream
Zotlabs\Daemon\Master::Summon(array('Notifier','comment-import',$x['item_id']));
Master::Summon(array('Notifier','comment-import',$x['item_id']));
}
$r = q("select * from item where id = %d limit 1",
intval($x['item_id'])
@ -2060,7 +2083,7 @@ class Activity {
if($result['success']) {
// if the message isn't already being relayed, notify others
if(intval($parent_item['item_origin']))
Zotlabs\Daemon\Master::Summon(array('Notifier','comment-import',$result['item_id']));
Master::Summon(array('Notifier','comment-import',$result['item_id']));
sync_an_item($channel['channel_id'],$result['item_id']);
}

5
Zotlabs/Lib/ActivityStreams.php
View File

@ -319,7 +319,10 @@ class ActivityStreams {
function get_compound_property($property, $base = '', $namespace = '', $first = false) {
$x = $this->get_property_obj($property, $base, $namespace);
if($this->is_url($x)) {
$x = $this->fetch_property($x);
$y = $this->fetch_property($x);
if (is_array($y)) {
$x = $y;
}
}
// verify and unpack JSalmon signature if present

10
Zotlabs/Lib/Api_router.php
View File

@ -12,8 +12,16 @@ class Api_router {
}
static function find($path) {
if(array_key_exists($path,self::$routes))
if (array_key_exists($path,self::$routes)) {
return self::$routes[$path];
}
$with_params = dirname($path) . '/[id]';
if (array_key_exists($with_params,self::$routes)) {
return self::$routes[$with_params];
}
return null;
}

7
Zotlabs/Lib/Apps.php
View File

@ -70,7 +70,7 @@ class Apps {
'Channel Home',
'View Profile',
'Photos',
'Events',
'Calendar',
'Directory',
'Search',
'Help',
@ -327,6 +327,8 @@ class Apps {
'Report Bug' => t('Report Bug'),
'Bookmarks' => t('Bookmarks'),
'Chatrooms' => t('Chatrooms'),
'Content Filter' => t('Content Filter'),
'Content Import' => t('Content Import'),
'Connections' => t('Connections'),
'Remote Diagnostics' => t('Remote Diagnostics'),
'Suggest Channels' => t('Suggest Channels'),
@ -340,7 +342,7 @@ class Apps {
'Channel Home' => t('Channel Home'),
'View Profile' => t('View Profile'),
'Photos' => t('Photos'),
'Events' => t('Events'),
'Calendar' => t('Calendar'),
'Directory' => t('Directory'),
'Help' => t('Help'),
'Mail' => t('Mail'),
@ -361,7 +363,6 @@ class Apps {
'Privacy Groups' => t('Privacy Groups'),
'Notifications' => t('Notifications'),
'Order Apps' => t('Order Apps'),
'CalDAV' => t('CalDAV'),
'CardDAV' => t('CardDAV'),
'Channel Sources' => t('Channel Sources'),
'Guest Access' => t('Guest Access'),

9
Zotlabs/Lib/DB_Upgrade.php
View File

@ -58,10 +58,15 @@ class DB_Upgrade {
$c = new $cls();
$retval = $c->run();
if($retval != UPDATE_SUCCESS) {
$source = t('Source code of failed update: ') . "\n\n" . @file_get_contents('Zotlabs/Update/' . $s . '.php');
// Prevent sending hundreds of thousands of emails by creating
// a lockfile.
@ -86,7 +91,9 @@ class DB_Upgrade {
'$sitename' => \App::$config['system']['sitename'],
'$siteurl' => z_root(),
'$update' => $x,
'$error' => sprintf( t('Update %s failed. See error logs.'), $x)
'$error' => sprintf( t('Update %s failed. See error logs.'), $x),
'$baseurl' => z_root(),
'$source' => $source
]
)
]

2
Zotlabs/Lib/DReport.php
View File

@ -118,7 +118,7 @@ class DReport {
// So if a remote site says they can't find us, that's no big surprise
// and just creates a lot of extra report noise
if(($dr['location'] !== z_root()) && ($dr['sender'] === $rxchan) && ($dr['status'] === 'recipient_not_found'))
if(($dr['location'] !== z_root()) && ($dr['sender'] === $rxchan) && ($dr['status'] === 'recipient not found'))
return false;
// If you have a private post with a recipient list, every single site is going to report

24
Zotlabs/Lib/Enotify.php
View File

@ -754,9 +754,9 @@ class Enotify {
// generate a multipart/alternative message header
$messageHeader =
$params['additionalMailHeader'] .
"From: $fromName <{$params['fromEmail']}>\n" .
"Reply-To: $fromName <{$params['replyTo']}>\n" .
"MIME-Version: 1.0\n" .
"From: $fromName <{$params['fromEmail']}>" . PHP_EOL .
"Reply-To: $fromName <{$params['replyTo']}>" . PHP_EOL .
"MIME-Version: 1.0" . PHP_EOL .
"Content-Type: multipart/alternative; boundary=\"{$mimeBoundary}\"";
// assemble the final multipart message body with the text and html types included
@ -764,15 +764,15 @@ class Enotify {
$htmlBody = chunk_split(base64_encode($params['htmlVersion']));
$multipartMessageBody =
"--" . $mimeBoundary . "\n" . // plain text section
"Content-Type: text/plain; charset=UTF-8\n" .
"Content-Transfer-Encoding: base64\n\n" .
$textBody . "\n" .
"--" . $mimeBoundary . "\n" . // text/html section
"Content-Type: text/html; charset=UTF-8\n" .
"Content-Transfer-Encoding: base64\n\n" .
$htmlBody . "\n" .
"--" . $mimeBoundary . "--\n"; // message ending
"--" . $mimeBoundary . PHP_EOL . // plain text section
"Content-Type: text/plain; charset=UTF-8" . PHP_EOL .
"Content-Transfer-Encoding: base64" . PHP_EOL . PHP_EOL .
$textBody . PHP_EOL .
"--" . $mimeBoundary . PHP_EOL . // text/html section
"Content-Type: text/html; charset=UTF-8" . PHP_EOL .
"Content-Transfer-Encoding: base64" . PHP_EOL . PHP_EOL .
$htmlBody . PHP_EOL .
"--" . $mimeBoundary . "--" . PHP_EOL; // message ending
// send the message
$res = mail(

2
Zotlabs/Lib/Libsync.php
View File

@ -336,7 +336,7 @@ class Libsync {
$disallowed = array('abook_id','abook_account','abook_channel','abook_rating','abook_rating_text','abook_not_here');
$fields = db_columns($abook);
$fields = db_columns('abook');
foreach($arr['abook'] as $abook) {

102
Zotlabs/Lib/Libzot.php
View File

@ -685,9 +685,27 @@ class Libzot {
$adult_changed = 1;
if(intval($r[0]['xchan_deleted']) != intval($arr['deleted']))
$deleted_changed = 1;
// new style 6-MAR-2019
if(array_key_exists('channel_type',$arr)) {
if($arr['channel_type'] === 'collection') {
// do nothing at this time.
}
elseif($arr['channel_type'] === 'group') {
$arr['public_forum'] = 1;
}
else {
$arr['public_forum'] = 0;
}
}
// old style
if(intval($r[0]['xchan_pubforum']) != intval($arr['public_forum']))
$pubforum_changed = 1;
if($arr['protocols']) {
$protocols = implode(',',$arr['protocols']);
if($protocols !== 'zot6') {
@ -1107,9 +1125,14 @@ class Libzot {
logger('Activity rejected: ' . print_r($data,true));
return;
}
$arr = Activity::decode_note($AS);
if (is_array($AS->obj)) {
$arr = Activity::decode_note($AS);
}
else {
$arr = [];
}
logger($AS->debug());
logger($AS->debug(),LOGGER_DATA);
}
@ -1174,12 +1197,14 @@ class Libzot {
//logger($AS->debug());
$r = q("select hubloc_hash from hubloc where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1",
$r = q("select hubloc_hash, hubloc_network from hubloc where hubloc_id_url = '%s' ",
dbesc($AS->actor['id'])
);
if($r) {
$arr['author_xchan'] = $r[0]['hubloc_hash'];
// selects a zot6 hash if available, otherwise use whatever we have
$r = self::zot_record_preferred($r);
$arr['author_xchan'] = $r['hubloc_hash'];
}
@ -1212,7 +1237,7 @@ class Libzot {
$relay = (($env['type'] === 'response') ? true : false );
$result = self::process_delivery($env['sender'],$arr,$deliveries,$relay,false,$message_request);
$result = self::process_delivery($env['sender'],$AS,$arr,$deliveries,$relay,false,$message_request);
}
elseif($env['type'] === 'sync') {
// $arr = get_channelsync_elements($data);
@ -1385,7 +1410,7 @@ class Libzot {
/**
* @brief
*
* @param array $sender
* @param string $sender
* @param array $arr
* @param array $deliveries
* @param boolean $relay
@ -1394,7 +1419,7 @@ class Libzot {
* @return array
*/
static function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $request = false) {
static function process_delivery($sender, $act, $arr, $deliveries, $relay, $public = false, $request = false) {
$result = [];
@ -1423,6 +1448,24 @@ class Libzot {
$DR->set_name($channel['channel_name'] . ' <' . channel_reddress($channel) . '>');
if(($act) && ($act->obj) && (! is_array($act->obj))) {
// The initial object fetch failed using the sys channel credentials.
// Try again using the delivery channel credentials.
// We will also need to re-parse the $item array,
// but preserve any values that were set during anonymous parsing.
$o = Activity::fetch($act->obj,$channel);
if($o) {
$act->obj = $o;
$arr = array_merge(Activity::decode_note($act),$arr);
}
else {
$DR->update('Incomplete or corrupt activity');
$result[] = $DR->get();
continue;
}
}
/**
* We need to block normal top-level message delivery from our clones, as the delivered
* message doesn't have ACL information in it as the cloned copy does. That copy
@ -1841,7 +1884,7 @@ class Libzot {
logger('FOF Activity received: ' . print_r($arr,true), LOGGER_DATA, LOG_DEBUG);
logger('FOF Activity recipient: ' . $channel['channel_portable_id'], LOGGER_DATA, LOG_DEBUG);
$result = self::process_delivery($arr['owner_xchan'],$arr, [ $channel['channel_portable_id'] ],false,false,true);
$result = self::process_delivery($arr['owner_xchan'],$AS, $arr, [ $channel['channel_portable_id'] ],false,false,true);
if ($result) {
$ret = array_merge($ret, $result);
}
@ -1854,8 +1897,7 @@ class Libzot {
/**
* @brief Remove community tag.
*
* @param array $sender an associative array with
* * \e string \b hash a xchan_hash
* @param string $sender
* @param array $arr an associative array
* * \e int \b verb
* * \e int \b obj_type
@ -1928,7 +1970,7 @@ class Libzot {
*
* @see item_store_update()
*
* @param array $sender
* @param string $sender
* @param array $item
* @param array $orig
* @param int $uid
@ -1979,7 +2021,7 @@ class Libzot {
/**
* @brief Deletes an imported item.
*
* @param array $sender
* @param string $sender
* * \e string \b hash a xchan_hash
* @param array $item
* @param int $uid
@ -1997,9 +2039,9 @@ class Libzot {
$r = q("select id, author_xchan, owner_xchan, source_xchan, item_deleted from item where ( author_xchan = '%s' or owner_xchan = '%s' or source_xchan = '%s' )
and mid = '%s' and uid = %d limit 1",
dbesc($sender['hash']),
dbesc($sender['hash']),
dbesc($sender['hash']),
dbesc($sender),
dbesc($sender),
dbesc($sender),
dbesc($item['mid']),
intval($uid)
);
@ -2154,8 +2196,7 @@ class Libzot {
*
* @see import_directory_profile()
*
* @param array $sender an associative array
* * \e string \b hash a xchan_hash
* @param string $sender
* @param array $arr
* @param array $deliveries (unused)
* @return void
@ -2165,7 +2206,7 @@ class Libzot {
logger('process_profile_delivery', LOGGER_DEBUG);
$r = q("select xchan_addr from xchan where xchan_hash = '%s' limit 1",
dbesc($sender['hash'])
dbesc($sender)
);
if($r) {
Libzotdir::import_directory_profile($sender, $arr, $r[0]['xchan_addr'], UPDATE_FLAGS_UPDATED, 0);
@ -2176,8 +2217,7 @@ class Libzot {
/**
* @brief
*
* @param array $sender an associative array
* * \e string \b hash a xchan_hash
* @param string $sender
* @param array $arr
* @param array $deliveries (unused) deliveries is irrelevant
* @return void
@ -3058,4 +3098,26 @@ class Libzot {
return(($x) ? true : false);
}
static public function zot_record_preferred($arr, $check = 'hubloc_network') {
if(! $arr) {
return $arr;
}
foreach($arr as $v) {
if($v[$check] === 'zot6') {
return $v;
}
}
foreach($arr as $v) {
if($v[$check] === 'zot') {
return $v;
}
}
return $arr[0];
}
}

4
Zotlabs/Lib/Libzotdir.php
View File

@ -307,7 +307,7 @@ class Libzotdir {
if ($ud['ud_addr'] && (! ($ud['ud_flags'] & UPDATE_FLAGS_DELETED))) {
$success = false;
$href = \Zotlabs\Lib\Webfinger::zot_url(punify($url));
$href = \Zotlabs\Lib\Webfinger::zot_url(punify($ud['ud_addr']));
if($href) {
$zf = \Zotlabs\Lib\Zotfinger::exec($href);
}
@ -651,4 +651,4 @@ class Libzotdir {
}
}

16
Zotlabs/Lib/MessageFilter.php
View File

@ -19,7 +19,7 @@ class MessageFilter {
$lang = null;
if((strpos($incl,'lang=') !== false) || (strpos($excl,'lang=') !== false)) {
if((strpos($incl,'lang=') !== false) || (strpos($excl,'lang=') !== false) || (strpos($incl,'lang!=') !== false) || (strpos($excl,'lang!=') !== false)) {
$lang = detect_language($text);
}
@ -39,10 +39,17 @@ class MessageFilter {
if((($t['ttype'] == TERM_HASHTAG) || ($t['ttype'] == TERM_COMMUNITYTAG)) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*')))
return false;
}
elseif(substr($word,0,1) === '$' && $tags) {
foreach($tags as $t)
if(($t['ttype'] == TERM_CATEGORY) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*')))
return false;
}
elseif((strpos($word,'/') === 0) && preg_match($word,$text))
return false;
elseif((strpos($word,'lang=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,5))) == 0))
return false;
elseif((strpos($word,'lang!=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,6))) != 0))
return false;
elseif(stristr($text,$word) !== false)
return false;
}
@ -60,10 +67,17 @@ class MessageFilter {
if((($t['ttype'] == TERM_HASHTAG) || ($t['ttype'] == TERM_COMMUNITYTAG)) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*')))
return true;
}
elseif(substr($word,0,1) === '$' && $tags) {
foreach($tags as $t)
if(($t['ttype'] == TERM_CATEGORY) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*')))
return true;
}
elseif((strpos($word,'/') === 0) && preg_match($word,$text))
return true;
elseif((strpos($word,'lang=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,5))) == 0))
return true;
elseif((strpos($word,'lang!=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,6))) != 0))
return true;
elseif(stristr($text,$word) !== false)
return true;
}

26
Zotlabs/Lib/ThreadItem.php
View File

@ -38,6 +38,7 @@ class ThreadItem {
$this->data = $data;
$this->toplevel = ($this->get_id() == $this->get_data_value('parent'));
$this->threaded = get_config('system','thread_allow');
$observer = \App::get_observer();
@ -305,6 +306,7 @@ class ThreadItem {
if($this->is_commentable() && $observer) {
$like = array( t("I like this \x28toggle\x29"), t("like"));
$dislike = array( t("I don't like this \x28toggle\x29"), t("dislike"));
$reply_to = array( t("Reply on this comment"), t("reply"), t("Reply to"));
}
if ($shareable) {
@ -331,7 +333,6 @@ class ThreadItem {
if(strcmp(datetime_convert('UTC','UTC',$item['created']),datetime_convert('UTC','UTC','now - 12 hours')) > 0)
$is_new = true;
localize_item($item);
$body = prepare_body($item,true);
@ -347,10 +348,6 @@ class ThreadItem {
$comment_count_txt = sprintf( tt('%d comment','%d comments',$total_children),$total_children );
$list_unseen_txt = (($unseen_comments) ? sprintf('%d unseen',$unseen_comments) : '');
$children = $this->get_children();
$has_tags = (($body['tags'] || $body['categories'] || $body['mentions'] || $body['attachments'] || $body['folders']) ? true : false);
@ -373,13 +370,15 @@ class ThreadItem {
'text' => strip_tags($body['html']),
'id' => $this->get_id(),
'mid' => $item['mid'],
'parent' => $item['parent'],
'author_id' => (($item['author']['xchan_addr']) ? $item['author']['xchan_addr'] : $item['author']['xchan_url']),
'isevent' => $isevent,
'attend' => $attend,
'consensus' => $consensus,
'conlabels' => $conlabels,
'canvote' => $canvote,
'linktitle' => sprintf( t('View %s\'s profile - %s'), $profile_name, $item['author']['xchan_addr']),
'olinktitle' => sprintf( t('View %s\'s profile - %s'), $this->get_owner_name(), $item['owner']['xchan_addr']),
'linktitle' => sprintf( t('View %s\'s profile - %s'), $profile_name, (($item['author']['xchan_addr']) ? $item['author']['xchan_addr'] : $item['author']['xchan_url'])),
'olinktitle' => sprintf( t('View %s\'s profile - %s'), $this->get_owner_name(), (($item['owner']['xchan_addr']) ? $item['owner']['xchan_addr'] : $item['owner']['xchan_url'])),
'llink' => $item['llink'],
'viewthread' => $viewthread,
'to' => t('to'),
@ -425,9 +424,11 @@ class ThreadItem {
'has_tags' => $has_tags,
'reactions' => $this->reactions,
// Item toolbar buttons
'emojis' => (($this->is_toplevel() && $this->is_commentable() && $observer && feature_enabled($conv->get_profile_owner(),'emojis')) ? '1' : ''),
'emojis' => (($this->is_toplevel() && $this->is_commentable() && $observer && feature_enabled($conv->get_profile_owner(),'emojis')) ? '1' : ''),
'like' => $like,
'dislike' => ((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike : ''),
'reply_to' => (((! $this->is_toplevel()) && feature_enabled($conv->get_profile_owner(),'reply_to')) ? $reply_to : ''),
'top_hint' => t("Go to previous comment"),
'share' => $share,
'embed' => $embed,
'rawmid' => $item['mid'],
@ -440,9 +441,8 @@ class ThreadItem {
'addtocal' => (($has_event) ? t('Add to Calendar') : ''),
'drop' => $drop,
'multidrop' => ((feature_enabled($conv->get_profile_owner(),'multi_delete')) ? $multidrop : ''),
'dropdown_extras' => $dropdown_extras,
'dropdown_extras' => $dropdown_extras,
// end toolbar buttons
'unseen_comments' => $unseen_comments,
'comment_count' => $total_children,
'comment_count_txt' => $comment_count_txt,
@ -469,7 +469,8 @@ class ThreadItem {
'wait' => t('Please wait'),
'submid' => str_replace(['+','='], ['',''], base64_encode($item['mid'])),
'thread_level' => $thread_level,
'settings' => $settings
'settings' => $settings,
'thr_parent' => (($item['parent_mid'] != $item['thr_parent']) ? $item['thr_parent'] : '')
);
$arr = array('item' => $item, 'output' => $tmp_item);
@ -814,7 +815,7 @@ class ThreadItem {
'$anonname' => [ 'anonname', t('Your full name (required)') ],
'$anonmail' => [ 'anonmail', t('Your email address (required)') ],
'$anonurl' => [ 'anonurl', t('Your website URL (optional)') ],
'$auto_save_draft' => $feature_auto_save_draft,
'$auto_save_draft' => $feature_auto_save_draft
));
return $comment_box;
@ -869,4 +870,3 @@ class ThreadItem {
}

2
Zotlabs/Lib/ZotURL.php
View File

@ -66,7 +66,7 @@ class ZotURL {
}
static public function is_zoturl($s) {
static public function is_zoturl($url) {
if(strpos($url,'x-zot:') === 0) {
return true;

2
Zotlabs/Module/Acl.php
View File

@ -166,7 +166,7 @@ class Acl extends \Zotlabs\Web\Controller {
if($extra_channels) {
foreach($extra_channels as $channel) {
if(perm_is_allowed(intval($channel), get_observer_hash(),'view_contacts')) {
if($extra_channel_sql)
if($extra_channels_sql)
$extra_channels_sql .= ',';
$extra_channels_sql .= intval($channel);
}

45
Zotlabs/Module/Admin/Dbsync.php
View File

@ -19,7 +19,47 @@ class Dbsync {
info( t('Update has been marked successful') . EOL);
goaway(z_root() . '/admin/dbsync');
}
if(argc() > 3 && intval(argv(3)) && argv(2) === 'verify') {
$s = '_' . intval(argv(3));
$cls = '\\Zotlabs\Update\\' . $s ;
if(class_exists($cls)) {
$c = new $cls();
if(method_exists($c,'verify')) {
$retval = $c->verify();
if($retval === UPDATE_FAILED) {
$o .= sprintf( t('Verification of update %s failed. Check system logs.'), $s);
}
elseif($retval === UPDATE_SUCCESS) {
$o .= sprintf( t('Update %s was successfully applied.'), $s);
set_config('database',$s, 'success');
}
else
$o .= sprintf( t('Verifying update %s did not return a status. Unknown if it succeeded.'), $s);
}
else {
$o .= sprintf( t('Update %s does not contain a verification function.'), $s );
}
}
else
$o .= sprintf( t('Update function %s could not be found.'), $s);
return $o;
// remove the old style config if it exists
del_config('database', 'update_r' . intval(argv(3)));
set_config('database', '_' . intval(argv(3)), 'success');
if(intval(get_config('system','db_version')) < intval(argv(3)))
set_config('system','db_version',intval(argv(3)));
info( t('Update has been marked successful') . EOL);
goaway(z_root() . '/admin/dbsync');
}
if(argc() > 2 && intval(argv(2))) {
$x = intval(argv(2));
$s = '_' . $x;
@ -28,14 +68,14 @@ class Dbsync {
$c = new $cls();
$retval = $c->run();
if($retval === UPDATE_FAILED) {
$o .= sprintf( t('Executing %s failed. Check system logs.'), $s);
$o .= sprintf( t('Executing update procedure %s failed. Check system logs.'), $s);
}
elseif($retval === UPDATE_SUCCESS) {
$o .= sprintf( t('Update %s was successfully applied.'), $s);
set_config('database',$s, 'success');
}
else
$o .= sprintf( t('Update %s did not return a status. Unknown if it succeeded.'), $s);
$o .= sprintf( t('Update %s did not return a status. It cannot be determined if it was successful.'), $s);
}
else
$o .= sprintf( t('Update function %s could not be found.'), $s);
@ -59,6 +99,7 @@ class Dbsync {
'$banner' => t('Failed Updates'),
'$desc' => '',
'$mark' => t('Mark success (if update was manually applied)'),
'$verify' => t('Attempt to verify this update if a verification procedure exists'),
'$apply' => t('Attempt to execute this update step automatically'),
'$failed' => $failed
));

56
Zotlabs/Module/Apschema.php Normal file
View File

@ -0,0 +1,56 @@
<?php
namespace Zotlabs\Module;
class Apschema extends \Zotlabs\Web\Controller {
function init() {
$base = z_root();
$arr = [
'@context' => [
'zot' => z_root() . '/apschema#',
'id' => '@id',
'type' => '@type',
'commentPolicy' => 'as:commentPolicy',
'meData' => 'zot:meData',
'meDataType' => 'zot:meDataType',
'meEncoding' => 'zot:meEncoding',
'meAlgorithm' => 'zot:meAlgorithm',
'meCreator' => 'zot:meCreator',
'meSignatureValue' => 'zot:meSignatureValue',
'locationAddress' => 'zot:locationAddress',
'locationPrimary' => 'zot:locationPrimary',
'locationDeleted' => 'zot:locationDeleted',
'nomadicLocation' => 'zot:nomadicLocation',
'nomadicHubs' => 'zot:nomadicHubs',
'emojiReaction' => 'zot:emojiReaction',
'magicEnv' => [
'@id' => 'zot:magicEnv',
'@type' => '@id'
],
'nomadicLocations' => [
'@id' => 'zot:nomadicLocations',
'@type' => '@id'
],
'ostatus' => 'http://ostatus.org#',
'conversation' => 'ostatus:conversation'
]
];
header('Content-Type: application/ld+json');
echo json_encode($arr,JSON_UNESCAPED_SLASHES);
killme();
}
}

217
Zotlabs/Module/Cdav.php
View File

@ -133,10 +133,6 @@ class Cdav extends Controller {
logger('loggedin');
if((argv(1) == 'calendars') && (!Apps::system_app_installed(local_channel(), 'CalDAV'))) {
killme();
}
if((argv(1) == 'addressbooks') && (!Apps::system_app_installed(local_channel(), 'CardDAV'))) {
killme();
}
@ -221,10 +217,6 @@ class Cdav extends Controller {
if(! local_channel())
return;
if((argv(1) === 'calendar') && (! Apps::system_app_installed(local_channel(), 'CalDAV'))) {
return;
}
if((argv(1) === 'addressbook') && (! Apps::system_app_installed(local_channel(), 'CardDAV'))) {
return;
}
@ -280,9 +272,12 @@ class Cdav extends Controller {
return;
$title = $_REQUEST['title'];
$dtstart = new \DateTime($_REQUEST['dtstart']);
if($_REQUEST['dtend'])
$dtend = new \DateTime($_REQUEST['dtend']);
$start = datetime_convert(App::$timezone, 'UTC', $_REQUEST['dtstart']);
$dtstart = new \DateTime($start);
if($_REQUEST['dtend']) {
$end = datetime_convert(App::$timezone, 'UTC', $_REQUEST['dtend']);
$dtend = new \DateTime($end);
}
$description = $_REQUEST['description'];
$location = $_REQUEST['location'];
@ -306,13 +301,17 @@ class Cdav extends Controller {
'DTSTART' => $dtstart
]
]);
if($dtend)
if($dtend) {
$vcalendar->VEVENT->add('DTEND', $dtend);
$vcalendar->VEVENT->DTEND['TZID'] = App::$timezone;
}
if($description)
$vcalendar->VEVENT->add('DESCRIPTION', $description);
if($location)
$vcalendar->VEVENT->add('LOCATION', $location);
$vcalendar->VEVENT->DTSTART['TZID'] = App::$timezone;
$calendarData = $vcalendar->serialize();
$caldavBackend->createCalendarObject($id, $objectUri, $calendarData);
@ -351,8 +350,12 @@ class Cdav extends Controller {
$uri = $_REQUEST['uri'];
$title = $_REQUEST['title'];
$dtstart = new \DateTime($_REQUEST['dtstart']);
$dtend = $_REQUEST['dtend'] ? new \DateTime($_REQUEST['dtend']) : '';
$start = datetime_convert(App::$timezone, 'UTC', $_REQUEST['dtstart']);
$dtstart = new \DateTime($start);
if($_REQUEST['dtend']) {
$end = datetime_convert(App::$timezone, 'UTC', $_REQUEST['dtend']);
$dtend = new \DateTime($end);
}
$description = $_REQUEST['description'];
$location = $_REQUEST['location'];
@ -404,8 +407,12 @@ class Cdav extends Controller {
return;
$uri = $_REQUEST['uri'];
$dtstart = new \DateTime($_REQUEST['dtstart']);
$dtend = $_REQUEST['dtend'] ? new \DateTime($_REQUEST['dtend']) : '';
$start = datetime_convert(App::$timezone, 'UTC', $_REQUEST['dtstart']);
$dtstart = new \DateTime($start);
if($_REQUEST['dtend']) {
$end = datetime_convert(App::$timezone, 'UTC', $_REQUEST['dtend']);
$dtend = new \DateTime($end);
}
$object = $caldavBackend->getCalendarObject($id, $uri);
@ -747,16 +754,27 @@ class Cdav extends Controller {
//Import calendar or addressbook
if(($_FILES) && array_key_exists('userfile',$_FILES) && intval($_FILES['userfile']['size']) && $_REQUEST['target']) {
$src = @file_get_contents($_FILES['userfile']['tmp_name']);
$src = $_FILES['userfile']['tmp_name'];
if($src) {
if($_REQUEST['c_upload']) {
if($_REQUEST['target'] == 'channel_calendar') {
$result = parse_ical_file($src,local_channel());
if($result)
info( t('Calendar entries imported.') . EOL);
else
notice( t('No calendar entries found.') . EOL);
@unlink($src);
return;
}
$id = explode(':', $_REQUEST['target']);
$ext = 'ics';
$table = 'calendarobjects';
$column = 'calendarid';
$objects = new \Sabre\VObject\Splitter\ICalendar($src);
$objects = new \Sabre\VObject\Splitter\ICalendar(@file_get_contents($src));
$profile = \Sabre\VObject\Node::PROFILE_CALDAV;
$backend = new \Sabre\CalDAV\Backend\PDO($pdo);
}
@ -766,7 +784,7 @@ class Cdav extends Controller {
$ext = 'vcf';
$table = 'cards';
$column = 'addressbookid';
$objects = new \Sabre\VObject\Splitter\VCard($src);
$objects = new \Sabre\VObject\Splitter\VCard(@file_get_contents($src));
$profile = \Sabre\VObject\Node::PROFILE_CARDDAV;
$backend = new \Sabre\CardDAV\Backend\PDO($pdo);
}
@ -832,15 +850,6 @@ class Cdav extends Controller {
if(!local_channel())
return;
if((argv(1) === 'calendar') && (! Apps::system_app_installed(local_channel(), 'CalDAV'))) {
//Do not display any associated widgets at this point
App::$pdl = '';
$o = '<b>' . t('CalDAV App') . ' (' . t('Not Installed') . '):</b><br>';
$o .= t('CalDAV capable calendar');
return $o;
}
if((argv(1) === 'addressbook') && (! Apps::system_app_installed(local_channel(), 'CardDAV'))) {
//Do not display any associated widgets at this point
App::$pdl = '';
@ -869,28 +878,93 @@ class Cdav extends Controller {
}
if(argv(1) === 'calendar') {
nav_set_selected('CalDAV');
nav_set_selected('Calendar');
$caldavBackend = new \Sabre\CalDAV\Backend\PDO($pdo);
$calendars = $caldavBackend->getCalendarsForUser($principalUri);
}
//Display calendar(s) here
if(argc() == 2 && argv(1) === 'calendar') {
if(argc() <= 3 && argv(1) === 'calendar') {
head_add_css('/library/fullcalendar/fullcalendar.css');
head_add_css('/library/fullcalendar/packages/core/main.min.css');
head_add_css('/library/fullcalendar/packages/daygrid/main.min.css');
head_add_css('/library/fullcalendar/packages/timegrid/main.min.css');
head_add_css('/library/fullcalendar/packages/list/main.min.css');
head_add_css('cdav_calendar.css');
head_add_js('/library/moment/moment.min.js', 1);
head_add_js('/library/fullcalendar/fullcalendar.min.js', 1);
head_add_js('/library/fullcalendar/locale-all.js', 1);
head_add_js('/library/fullcalendar/packages/core/main.min.js');
head_add_js('/library/fullcalendar/packages/interaction/main.min.js');
head_add_js('/library/fullcalendar/packages/daygrid/main.min.js');
head_add_js('/library/fullcalendar/packages/timegrid/main.min.js');
head_add_js('/library/fullcalendar/packages/list/main.min.js');
$sources = '';
$resource_id = '';
$resource = null;
if(argc() == 3)
$resource_id = argv(2);
if($resource_id) {
$r = q("SELECT event.*, item.author_xchan, item.owner_xchan, item.plink, item.id as item_id FROM event LEFT JOIN item ON event.event_hash = item.resource_id
WHERE event.uid = %d AND event.event_hash = '%s' LIMIT 1",
intval(local_channel()),
dbesc($resource_id)
);
if($r) {
xchan_query($r);
$r = fetch_post_tags($r,true);
$r[0]['dtstart'] = (($r[0]['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$r[0]['dtstart'], 'c') : datetime_convert('UTC','UTC',$r[0]['dtstart'],'c'));
$r[0]['dtend'] = (($r[0]['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$r[0]['dtend'], 'c') : datetime_convert('UTC','UTC',$r[0]['dtend'],'c'));
$r[0]['plink'] = [$r[0]['plink'], t('Link to source')];
$resource = $r[0];
$catsenabled = feature_enabled(local_channel(),'categories');
$categories = '';
if($catsenabled){
if($r[0]['term']) {
$cats = get_terms_oftype($r[0]['term'], TERM_CATEGORY);
foreach ($cats as $cat) {
if(strlen($categories))
$categories .= ', ';
$categories .= $cat['term'];
}
}
}
if($r[0]['dismissed'] == 0) {
q("UPDATE event SET dismissed = 1 WHERE event.uid = %d AND event.event_hash = '%s'",
intval(local_channel()),
dbesc($resource_id)
);
}
}
}
if(get_pconfig(local_channel(), 'cdav_calendar', 'channel_calendar')) {
$sources .= '{
id: \'channel_calendar\',
url: \'/channel_calendar/json/\',
color: \'#3a87ad\'
}, ';
}
$channel_calendars[] = [
'displayname' => $channel['channel_name'],
'id' => 'channel_calendar'
];
foreach($calendars as $calendar) {
$editable = (($calendar['share-access'] == 2) ? 'false' : 'true'); // false/true must be string since we're passing it to javascript
$color = (($calendar['{http://apple.com/ns/ical/}calendar-color']) ? $calendar['{http://apple.com/ns/ical/}calendar-color'] : '#3a87ad');
$color = (($calendar['{http://apple.com/ns/ical/}calendar-color']) ? $calendar['{http://apple.com/ns/ical/}calendar-color'] : '#6cad39');
$sharer = (($calendar['share-access'] == 3) ? $calendar['{urn:ietf:params:xml:ns:caldav}calendar-description'] : '');
$switch = get_pconfig(local_channel(), 'cdav_calendar', $calendar['id'][0]);
if($switch) {
$sources .= '{
id: ' . $calendar['id'][0] . ',
url: \'/cdav/calendar/json/' . $calendar['id'][0] . '/' . $calendar['id'][1] . '\',
color: \'' . $color . '\'
}, ';
@ -911,15 +985,29 @@ class Cdav extends Controller {
$first_day = (($first_day) ? $first_day : 0);
$title = ['title', t('Event title')];
$dtstart = ['dtstart', t('Start date and time'), '', t('Example: YYYY-MM-DD HH:mm')];
$dtend = ['dtend', t('End date and time'), '', t('Example: YYYY-MM-DD HH:mm')];
$dtstart = ['dtstart', t('Start date and time')];
$dtend = ['dtend', t('End date and time')];
$description = ['description', t('Description')];
$location = ['location', t('Location')];
$catsenabled = feature_enabled(local_channel(), 'categories');
require_once('include/acl_selectors.php');
$accesslist = new \Zotlabs\Access\AccessList($channel);
$perm_defaults = $accesslist->get();
//$acl = (($orig_event['event_xchan']) ? '' : populate_acl(((x($orig_event)) ? $orig_event : $perm_defaults), false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream')));
$acl = populate_acl($perm_defaults, false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'));
//$permissions = ((x($orig_event)) ? $orig_event : $perm_defaults);
$permissions = $perm_defaults;
$o .= replace_macros(get_markup_template('cdav_calendar.tpl'), [
'$sources' => $sources,
'$color' => $color,
'$lang' => App::$language,
'$timezone' => App::$timezone,
'$first_day' => $first_day,
'$prev' => t('Previous'),
'$next' => t('Next'),
@ -931,6 +1019,7 @@ class Cdav extends Controller {
'$list_week' => t('List week'),
'$list_day' => t('List day'),
'$title' => $title,
'$channel_calendars' => $channel_calendars,
'$writable_calendars' => $writable_calendars,
'$dtstart' => $dtstart,
'$dtend' => $dtend,
@ -938,11 +1027,27 @@ class Cdav extends Controller {
'$location' => $location,
'$more' => t('More'),
'$less' => t('Less'),
'$update' => t('Update'),
'$calendar_select_label' => t('Select calendar'),
'$calendar_optiopns_label' => [t('Channel Calendars'), t('CalDAV Calendars')],
'$delete' => t('Delete'),
'$delete_all' => t('Delete all'),
'$cancel' => t('Cancel'),
'$recurrence_warning' => t('Sorry! Editing of recurrent events is not yet implemented.')
'$create' => t('Create'),
'$recurrence_warning' => t('Sorry! Editing of recurrent events is not yet implemented.'),
'$channel_hash' => $channel['channel_hash'],
'$acl' => $acl,
'$lockstate' => (($accesslist->is_private()) ? 'lock' : 'unlock'),
'$allow_cid' => acl2json($permissions['allow_cid']),
'$allow_gid' => acl2json($permissions['allow_gid']),
'$deny_cid' => acl2json($permissions['deny_cid']),
'$deny_gid' => acl2json($permissions['deny_gid']),
'$catsenabled' => $catsenabled,
'$categories_label' => t('Categories'),
'$resource' => json_encode($resource),
'$categories' => $categories
]);
return $o;
@ -952,10 +1057,12 @@ class Cdav extends Controller {
//Provide json data for calendar
if(argc() == 5 && argv(1) === 'calendar' && argv(2) === 'json' && intval(argv(3)) && intval(argv(4))) {
$events = [];
$id = [argv(3), argv(4)];
if(! cdav_perms($id[0],$calendars))
killme();
json_return_and_die($events);
if (x($_GET,'start'))
$start = new \DateTime($_GET['start']);
@ -969,16 +1076,19 @@ class Cdav extends Controller {
$filters['comp-filters'][0]['time-range']['end'] = $end;
$uris = $caldavBackend->calendarQuery($id, $filters);
if($uris) {
$objects = $caldavBackend->getMultipleCalendarObjects($id, $uris);
foreach($objects as $object) {
$vcalendar = \Sabre\VObject\Reader::read($object['calendardata']);
if(isset($vcalendar->VEVENT->RRULE))
if(isset($vcalendar->VEVENT->RRULE)) {
// expanding recurrent events seems to loose timezone info
// save it here so we can add it later
$recurrent_timezone = (string)$vcalendar->VEVENT->DTSTART['TZID'];
$vcalendar = $vcalendar->expand($start, $end);
}
foreach($vcalendar->VEVENT as $vevent) {
$title = (string)$vevent->SUMMARY;
@ -986,14 +1096,15 @@ class Cdav extends Controller {
$dtend = (string)$vevent->DTEND;
$description = (string)$vevent->DESCRIPTION;
$location = (string)$vevent->LOCATION;
$timezone = (string)$vevent->DTSTART['TZID'];
$rw = ((cdav_perms($id[0],$calendars,true)) ? true : false);
$editable = $rw ? true : false;
$recurrent = ((isset($vevent->{'RECURRENCE-ID'})) ? true : false);
$editable = $rw ? true : false;
if($recurrent)
if($recurrent) {
$editable = false;
$timezone = $recurrent_timezone;
}
$allDay = false;
@ -1007,8 +1118,8 @@ class Cdav extends Controller {
'calendar_id' => $id,
'uri' => $object['uri'],
'title' => $title,
'start' => $dtstart,
'end' => $dtend,
'start' => datetime_convert($timezone, $timezone, $dtstart, 'c'),
'end' => (($dtend) ? datetime_convert($timezone, $timezone, $dtend, 'c') : ''),
'description' => $description,
'location' => $location,
'allDay' => $allDay,
@ -1018,15 +1129,12 @@ class Cdav extends Controller {
];
}
}
json_return_and_die($events);
}
else {
killme();
}
json_return_and_die($events);
}
//enable/disable calendars
if(argc() == 5 && argv(1) === 'calendar' && argv(2) === 'switch' && intval(argv(3)) && (argv(4) == 1 || argv(4) == 0)) {
if(argc() == 5 && argv(1) === 'calendar' && argv(2) === 'switch' && argv(3) && (argv(4) == 1 || argv(4) == 0)) {
$id = argv(3);
if(! cdav_perms($id,$calendars))
@ -1285,12 +1393,13 @@ class Cdav extends Controller {
$caldavBackend = new \Sabre\CalDAV\Backend\PDO($pdo);
$properties = [
'{DAV:}displayname' => t('Default Calendar'),
'{http://apple.com/ns/ical/}calendar-color' => '#3a87ad',
'{http://apple.com/ns/ical/}calendar-color' => '#6cad39',
'{urn:ietf:params:xml:ns:caldav}calendar-description' => $channel['channel_name']
];
$id = $caldavBackend->createCalendar($uri, 'default', $properties);
set_pconfig(local_channel(), 'cdav_calendar' , $id[0], 1);
set_pconfig(local_channel(), 'cdav_calendar' , 'channel_calendar', 1);
//create default addressbook
$carddavBackend = new \Sabre\CardDAV\Backend\PDO($pdo);

4
Zotlabs/Module/Changeaddr.php
View File

@ -31,7 +31,7 @@ class Changeaddr extends \Zotlabs\Web\Controller {
if($account['account_password_changed'] > NULL_DATE) {
$d1 = datetime_convert('UTC','UTC','now - 48 hours');
if($account['account_password_changed'] > d1) {
if($account['account_password_changed'] > $d1) {
notice( t('Channel name changes are not allowed within 48 hours of changing the account password.') . EOL);
return;
}
@ -49,7 +49,7 @@ class Changeaddr extends \Zotlabs\Web\Controller {
if(check_webbie(array($new_address)) !== $new_address) {
notice( t('Nickname has unsupported characters or is already being used on this site.') . EOL);
return $ret;
return;
}
channel_change_address($channel,$new_address);

22
Zotlabs/Module/Channel.php
View File

@ -46,14 +46,14 @@ class Channel extends Controller {
$channel = App::get_channel();
if((local_channel()) && (argc() > 2) && (argv(2) === 'view')) {
$which = $channel['channel_address'];
$profile = argv(1);
}
$which = $channel['channel_address'];
$profile = argv(1);
}
$channel = channelx_by_nick($which);
if(! $channel) {
http_status_exit(404, 'Not found');
}
if(! $channel) {
http_status_exit(404, 'Not found');
}
// handle zot6 channel discovery
@ -310,10 +310,6 @@ class Channel extends Controller {
$sql_extra2 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery2))));
}
if($datequery || $datequery2) {
$sql_extra2 .= " and item.item_thread_top != 0 ";
}
if($order === 'post')
$ordering = "created";
else
@ -342,7 +338,7 @@ class Channel extends Controller {
AND (abook.abook_blocked = 0 or abook.abook_flags is null)
AND item.item_wall = 1 AND item.item_thread_top = 1
$sql_extra $sql_extra2
ORDER BY $ordering DESC $pager_sql ",
ORDER BY $ordering DESC, item_id $pager_sql ",
intval(App::$profile['profile_uid'])
);
}
@ -414,12 +410,12 @@ class Channel extends Controller {
'$page' => ((App::$pager['page'] != 1) ? App::$pager['page'] : 1),
'$search' => $search,
'$xchan' => '',
'$order' => $order,
'$order' => (($order) ? urlencode($order) : ''),
'$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0),
'$file' => '',
'$cats' => (($category) ? urlencode($category) : ''),
'$tags' => (($hashtags) ? urlencode($hashtags) : ''),
'$mid' => $mid,
'$mid' => (($mid) ? urlencode($mid) : ''),
'$verb' => '',
'$net' => '',
'$dend' => $datequery,

480
Zotlabs/Module/Channel_calendar.php Normal file
View File

@ -0,0 +1,480 @@
<?php
namespace Zotlabs\Module;
require_once('include/conversation.php');
require_once('include/bbcode.php');
require_once('include/datetime.php');
require_once('include/event.php');
require_once('include/items.php');
require_once('include/html2plain.php');
class Channel_calendar extends \Zotlabs\Web\Controller {
function post() {
logger('post: ' . print_r($_REQUEST,true), LOGGER_DATA);
if(! local_channel())
return;
$event_id = ((x($_POST,'event_id')) ? intval($_POST['event_id']) : 0);
$event_hash = ((x($_POST,'event_hash')) ? $_POST['event_hash'] : '');
$xchan = ((x($_POST,'xchan')) ? dbesc($_POST['xchan']) : '');
$uid = local_channel();
$start_text = escape_tags($_REQUEST['dtstart']);
$finish_text = escape_tags($_REQUEST['dtend']);
$adjust = intval($_POST['adjust']);
$nofinish = intval($_POST['nofinish']);
$timezone = ((x($_POST,'timezone_select')) ? notags(trim($_POST['timezone_select'])) : '');
$tz = (($timezone) ? $timezone : date_default_timezone_get());
$categories = escape_tags(trim($_POST['categories']));
// only allow editing your own events.
if(($xchan) && ($xchan !== get_observer_hash()))
return;
if($start_text) {
$start = $start_text;
}
else {
$start = sprintf('%d-%d-%d %d:%d:0',$startyear,$startmonth,$startday,$starthour,$startminute);
}
if($finish_text) {
$finish = $finish_text;
}
else {
$finish = sprintf('%d-%d-%d %d:%d:0',$finishyear,$finishmonth,$finishday,$finishhour,$finishminute);
}
if($nofinish) {
$finish = NULL_DATE;
}
if($adjust) {
$start = datetime_convert($tz,'UTC',$start);
if(! $nofinish)
$finish = datetime_convert($tz,'UTC',$finish);
}
else {
$start = datetime_convert('UTC','UTC',$start);
if(! $nofinish)
$finish = datetime_convert('UTC','UTC',$finish);
}
$summary = escape_tags(trim($_POST['summary']));
$desc = escape_tags(trim($_POST['desc']));
$location = escape_tags(trim($_POST['location']));
$type = escape_tags(trim($_POST['type']));
// Don't allow the event to finish before it begins.
// It won't hurt anything, but somebody will file a bug report
// and we'll waste a bunch of time responding to it. Time that
// could've been spent doing something else.
if(strcmp($finish,$start) < 0 && !$nofinish) {
notice( t('Event can not end before it has started.') . EOL);
if(intval($_REQUEST['preview'])) {
echo( t('Unable to generate preview.'));
}
killme();
}
if((! $summary) || (! $start)) {
notice( t('Event title and start time are required.') . EOL);
if(intval($_REQUEST['preview'])) {
echo( t('Unable to generate preview.'));
}
killme();
}
$channel = \App::get_channel();
$acl = new \Zotlabs\Access\AccessList(false);
if($event_id) {
$x = q("select * from event where id = %d and uid = %d limit 1",
intval($event_id),
intval(local_channel())
);
if(! $x) {
notice( t('Event not found.') . EOL);
if(intval($_REQUEST['preview'])) {
echo( t('Unable to generate preview.'));
killme();
}
return;
}
$acl->set($x[0]);
$created = $x[0]['created'];
$edited = datetime_convert();
}
else {
$created = $edited = datetime_convert();
$acl->set_from_array($_POST);
}
$post_tags = array();
$channel = \App::get_channel();
$ac = $acl->get();
$str_contact_allow = $ac['allow_cid'];
$str_group_allow = $ac['allow_gid'];
$str_contact_deny = $ac['deny_cid'];
$str_group_deny = $ac['deny_gid'];
$private = $acl->is_private();
require_once('include/text.php');
$results = linkify_tags($desc, local_channel());
if($results) {
// Set permissions based on tag replacements
set_linkified_perms($results, $str_contact_allow, $str_group_allow, local_channel(), false, $private);
foreach($results as $result) {
$success = $result['success'];
if($success['replaced']) {
$post_tags[] = array(
'uid' => local_channel(),
'ttype' => $success['termtype'],
'otype' => TERM_OBJ_POST,
'term' => $success['term'],
'url' => $success['url']
);
}
}
}
if(strlen($categories)) {
$cats = explode(',',$categories);
foreach($cats as $cat) {
$post_tags[] = array(
'uid' => local_channel(),
'ttype' => TERM_CATEGORY,
'otype' => TERM_OBJ_POST,
'term' => trim($cat),
'url' => $channel['xchan_url'] . '?f=&cat=' . urlencode(trim($cat))
);
}
}
$datarray = array();
$datarray['dtstart'] = $start;
$datarray['dtend'] = $finish;
$datarray['summary'] = $summary;
$datarray['description'] = $desc;
$datarray['location'] = $location;
$datarray['etype'] = $type;
$datarray['adjust'] = $adjust;
$datarray['nofinish'] = $nofinish;
$datarray['uid'] = local_channel();
$datarray['account'] = get_account_id();
$datarray['event_xchan'] = $channel['channel_hash'];
$datarray['allow_cid'] = $str_contact_allow;
$datarray['allow_gid'] = $str_group_allow;
$datarray['deny_cid'] = $str_contact_deny;
$datarray['deny_gid'] = $str_group_deny;
$datarray['private'] = intval($private);
$datarray['id'] = $event_id;
$datarray['created'] = $created;
$datarray['edited'] = $edited;
if(intval($_REQUEST['preview'])) {
$html = format_event_html($datarray);
echo $html;
killme();
}
$event = event_store_event($datarray);
if($post_tags)
$datarray['term'] = $post_tags;
$item_id = event_store_item($datarray,$event);
if($item_id) {
$r = q("select * from item where id = %d",
intval($item_id)
);
if($r) {
xchan_query($r);
$sync_item = fetch_post_tags($r);
$z = q("select * from event where event_hash = '%s' and uid = %d limit 1",
dbesc($r[0]['resource_id']),
intval($channel['channel_id'])
);
if($z) {
build_sync_packet($channel['channel_id'],array('event_item' => array(encode_item($sync_item[0],true)),'event' => $z));
}
}
}
\Zotlabs\Daemon\Master::Summon(array('Notifier','event',$item_id));
killme();
}
function get() {
if(argc() > 2 && argv(1) == 'ical') {
$event_id = argv(2);
require_once('include/security.php');
$sql_extra = permissions_sql(local_channel());
$r = q("select * from event where event_hash = '%s' $sql_extra limit 1",
dbesc($event_id)
);
if($r) {
header('Content-type: text/calendar');
header('content-disposition: attachment; filename="' . t('event') . '-' . $event_id . '.ics"' );
echo ical_wrapper($r);
killme();
}
else {
notice( t('Event not found.') . EOL );
return;
}
}
if(! local_channel()) {
notice( t('Permission denied.') . EOL);
return;
}
if((argc() > 2) && (argv(1) === 'ignore') && intval(argv(2))) {
$r = q("update event set dismissed = 1 where id = %d and uid = %d",
intval(argv(2)),
intval(local_channel())
);
}
if((argc() > 2) && (argv(1) === 'unignore') && intval(argv(2))) {
$r = q("update event set dismissed = 0 where id = %d and uid = %d",
intval(argv(2)),
intval(local_channel())
);
}
$channel = \App::get_channel();
$mode = 'view';
$export = false;
$ignored = ((x($_REQUEST,'ignored')) ? " and dismissed = " . intval($_REQUEST['ignored']) . " " : '');
if(argc() > 1) {
if(argc() > 2 && argv(1) === 'add') {
$mode = 'add';
$item_id = intval(argv(2));
}
if(argc() > 2 && argv(1) === 'drop') {
$mode = 'drop';
$event_id = argv(2);
}
if(argc() <= 2 && argv(1) === 'export') {
$export = true;
}
if(argc() > 2 && intval(argv(1)) && intval(argv(2))) {
$mode = 'view';
}
if(argc() <= 2) {
$mode = 'view';
$event_id = argv(1);
}
}
if($mode === 'add') {
event_addtocal($item_id,local_channel());
killme();
}
if($mode == 'view') {
/* edit/create form */
if($event_id) {
$r = q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1",
dbesc($event_id),
intval(local_channel())
);
if(count($r))
$orig_event = $r[0];
}
$channel = \App::get_channel();
if (argv(1) === 'json'){
if (x($_GET,'start')) $start = $_GET['start'];
if (x($_GET,'end')) $finish = $_GET['end'];
}
$start = datetime_convert('UTC','UTC',$start);
$finish = datetime_convert('UTC','UTC',$finish);
$adjust_start = datetime_convert('UTC', date_default_timezone_get(), $start);
$adjust_finish = datetime_convert('UTC', date_default_timezone_get(), $finish);
if (x($_GET,'id')){
$r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan, item.id as item_id
from event left join item on item.resource_id = event.event_hash
where item.resource_type = 'event' and event.uid = %d and event.id = %d limit 1",
intval(local_channel()),
intval($_GET['id'])
);
}
elseif($export) {
$r = q("SELECT * from event where uid = %d and dtstart > '%s' and dtend > dtstart",
intval(local_channel()),
dbesc(NULL_DATE)
);
}
else {
// fixed an issue with "nofinish" events not showing up in the calendar.
// There's still an issue if the finish date crosses the end of month.
// Noting this for now - it will need to be fixed here and in Friendica.
// Ultimately the finish date shouldn't be involved in the query.
$r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan, item.id as item_id
from event left join item on event.event_hash = item.resource_id
where item.resource_type = 'event' and event.uid = %d and event.uid = item.uid $ignored
AND (( event.adjust = 0 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' )
OR ( event.adjust = 1 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' )) ",
intval(local_channel()),
dbesc($start),
dbesc($finish),
dbesc($adjust_start),
dbesc($adjust_finish)
);
}
if($r && ! $export) {
xchan_query($r);
$r = fetch_post_tags($r,true);
$r = sort_by_date($r);
}
$events = [];
if($r) {
foreach($r as $rr) {
$start = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtstart'], 'c') : datetime_convert('UTC','UTC',$rr['dtstart'],'c'));
if ($rr['nofinish']){
$end = null;
} else {
$end = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtend'], 'c') : datetime_convert('UTC','UTC',$rr['dtend'],'c'));
// give a fake end to birthdays so they get crammed into a
// single day on the calendar
if($rr['etype'] === 'birthday')
$end = null;
}
$catsenabled = feature_enabled(local_channel(),'categories');
$categories = '';
if($catsenabled){
if($rr['term']) {
$cats = get_terms_oftype($rr['term'], TERM_CATEGORY);
foreach ($cats as $cat) {
if(strlen($categories))
$categories .= ', ';
$categories .= $cat['term'];
}
}
}
$allDay = false;
// allDay event rules
if(!strpos($start, 'T') && !strpos($end, 'T'))
$allDay = true;
if(strpos($start, 'T00:00:00') && strpos($end, 'T00:00:00'))
$allDay = true;
$edit = ((local_channel() && $rr['author_xchan'] == get_observer_hash()) ? array(z_root().'/events/'.$rr['event_hash'].'?expandform=1',t('Edit event'),'','') : false);
$drop = array(z_root().'/events/drop/'.$rr['event_hash'],t('Delete event'),'','');
$events[] = array(
'calendar_id' => 'channel_calendar',
'rw' => true,
'id'=>$rr['id'],
'uri' => $rr['event_hash'],
'start'=> $start,
'end' => $end,
'drop' => $drop,
'allDay' => $allDay,
'title' => htmlentities($rr['summary'], ENT_COMPAT, 'UTF-8', false),
'editable' => $edit ? true : false,
'item'=>$rr,
'plink' => [$rr['plink'], t('Link to source')],
'description' => htmlentities($rr['description'], ENT_COMPAT, 'UTF-8', false),
'location' => htmlentities($rr['location'], ENT_COMPAT, 'UTF-8', false),
'allow_cid' => expand_acl($rr['allow_cid']),
'allow_gid' => expand_acl($rr['allow_gid']),
'deny_cid' => expand_acl($rr['deny_cid']),
'deny_gid' => expand_acl($rr['deny_gid']),
'categories' => $categories
);
}
}
if($export) {
header('Content-type: text/calendar');
header('content-disposition: attachment; filename="' . t('calendar') . '-' . $channel['channel_address'] . '.ics"' );
echo ical_wrapper($r);
killme();
}
if (\App::$argv[1] === 'json'){
json_return_and_die($events);
}
}
if($mode === 'drop' && $event_id) {
$r = q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1",
dbesc($event_id),
intval(local_channel())
);
$sync_event = $r[0];
if($r) {
$r = q("delete from event where event_hash = '%s' and uid = %d",
dbesc($event_id),
intval(local_channel())
);
if($r) {
$r = q("update item set resource_type = '', resource_id = '' where resource_type = 'event' and resource_id = '%s' and uid = %d",
dbesc($event_id),
intval(local_channel())
);
$sync_event['event_deleted'] = 1;
build_sync_packet(0,array('event' => array($sync_event)));
killme();
}
notice( t('Failed to remove event' ) . EOL);
killme();
}
}
}
}

20
Zotlabs/Module/Connections.php
View File

@ -127,6 +127,20 @@ class Connections extends \Zotlabs\Web\Controller {
$unblocked = true;
}
switch($_REQUEST['order']) {
case 'name_desc':
$sql_order = 'xchan_name DESC';
break;
case 'connected':
$sql_order = 'abook_created';
break;
case 'connected_desc':
$sql_order = 'abook_created DESC';
break;
default:
$sql_order = 'xchan_name';
}
$search = ((x($_REQUEST,'search')) ? notags(trim($_REQUEST['search'])) : '');
$tabs = array(
@ -233,7 +247,7 @@ class Connections extends \Zotlabs\Web\Controller {
}
$r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash
WHERE abook_channel = %d and abook_self = 0 and xchan_deleted = 0 and xchan_orphan = 0 $sql_extra $sql_extra2 ORDER BY xchan_name LIMIT %d OFFSET %d ",
WHERE abook_channel = %d and abook_self = 0 and xchan_deleted = 0 and xchan_orphan = 0 $sql_extra $sql_extra2 ORDER BY $sql_order LIMIT %d OFFSET %d ",
intval(local_channel()),
intval(App::$pager['itemspage']),
intval(App::$pager['start'])
@ -307,7 +321,7 @@ class Connections extends \Zotlabs\Web\Controller {
'ignore_hover' => t('Ignore connection'),
'ignore' => ((! $rr['abook_ignored']) ? t('Ignore') : false),
'recent_label' => t('Recent activity'),
'recentlink' => z_root() . '/network/?f=&cid=' . intval($rr['abook_id']),
'recentlink' => z_root() . '/network/?f=&cid=' . intval($rr['abook_id']) . '&name=' . $rr['xchan_name'],
'oneway' => $oneway
);
}
@ -329,7 +343,7 @@ class Connections extends \Zotlabs\Web\Controller {
killme();
}
else {
$o .= "<script> var page_query = '" . escape_tags($_GET['q']) . "'; var extra_args = '" . extra_query_args() . "' ; </script>";
$o .= "<script> var page_query = '" . escape_tags(urlencode($_GET['q'])) . "'; var extra_args = '" . extra_query_args() . "' ; </script>";
$o .= replace_macros(get_markup_template('connections.tpl'),array(
'$header' => t('Connections') . (($head) ? ': ' . $head : ''),
'$tabs' => $tabs,

2
Zotlabs/Module/Connedit.php
View File

@ -848,7 +848,7 @@ class Connedit extends \Zotlabs\Web\Controller {
$locstr = unpunify($contact['xchan_url']);
$clone_warn = '';
$clonable = (in_array($contact['xchan_network'],['zot','rss']) ? true : false);
$clonable = (in_array($contact['xchan_network'],['zot', 'zot6', 'rss']) ? true : false);
if(! $clonable) {
$clone_warn = '<strong>';
$clone_warn .= ((intval($contact['abook_not_here']))

75
Zotlabs/Module/Cover_photo.php
View File

@ -48,6 +48,32 @@ class Cover_photo extends \Zotlabs\Web\Controller {
$channel = \App::get_channel();
check_form_security_token_redirectOnErr('/cover_photo', 'cover_photo');
// Remove cover photo
if(isset($_POST['remove'])) {
$r = q("SELECT resource_id FROM photo WHERE photo_usage = %d AND uid = %d LIMIT 1",
intval(PHOTO_COVER),
intval(local_channel())
);
if($r) {
q("update photo set photo_usage = %d where photo_usage = %d and uid = %d",
intval(PHOTO_NORMAL),
intval(PHOTO_COVER),
intval(local_channel())
);
$sync = attach_export_data($channel,$r[0]['resource_id']);
if($sync)
build_sync_packet($channel['channel_id'],array('file' => array($sync)));
}
// Update directory in background
\Zotlabs\Daemon\Master::Summon(array('Directory',$channel['channel_id']));
goaway(z_root() . '/cover_photo');
}
if((array_key_exists('cropfinal',$_POST)) && ($_POST['cropfinal'] == 1)) {
@ -106,7 +132,7 @@ class Cover_photo extends \Zotlabs\Web\Controller {
if(file_exists($tmp_name)) {
$base_image = $r[0];
$gis = getimagesize($tmp_name);
logger('gis: ' . print_r($gis,true));
logger('gis: ' . print_r($gis,true), LOGGER_DEBUG);
$base_image['width'] = $gis[0];
$base_image['height'] = $gis[1];
$base_image['content'] = @file_get_contents($tmp_name);
@ -167,25 +193,18 @@ logger('gis: ' . print_r($gis,true));
'filename' => $base_image['filename'],
'album' => t('Cover Photos'),
'os_path' => $base_image['os_path'],
'display_path' => $base_image['display_path']
'display_path' => $base_image['display_path'],
'photo_usage' => PHOTO_COVER
];
$p['imgscale'] = 7;
$p['photo_usage'] = PHOTO_COVER;
$r1 = $im->save($p);
$r1 = $im->storeThumbnail($p, PHOTO_RES_COVER_1200);
$im->doScaleImage(850,310);
$p['imgscale'] = 8;
$r2 = $im->save($p);
$r2 = $im->storeThumbnail($p, PHOTO_RES_COVER_850);
$im->doScaleImage(425,160);
$p['imgscale'] = 9;
$r3 = $im->save($p);
$r3 = $im->storeThumbnail($p, PHOTO_RES_COVER_425);
if($r1 === false || $r2 === false || $r3 === false) {
// if one failed, delete them all so we can start over.
notice( t('Image resize failed.') . EOL );
@ -193,13 +212,28 @@ logger('gis: ' . print_r($gis,true));
dbesc($base_image['resource_id']),
local_channel()
);
$x = q("SELECT content FROM photo WHERE resource_id = '%s' AND uid = %d AND os_storage = 1 AND imgscale >= 7",
dbesc($base_image['resource_id']),
local_channel()
);
if($x) {
foreach($x as $xx) {
@unlink(dbunescbin($xx['content']));
}
}
return;
}
$channel = \App::get_channel();
$this->send_cover_photo_activity($channel,$base_image,$profile);
$sync = attach_export_data($channel,$base_image['resource_id']);
if($sync)
build_sync_packet($channel['channel_id'],array('file' => array($sync)));
// Update directory in background
\Zotlabs\Daemon\Master::Summon(array('Directory',$channel['channel_id']));
}
else
notice( t('Unable to process image') . EOL);
@ -215,7 +249,7 @@ logger('gis: ' . print_r($gis,true));
require_once('include/attach.php');
$res = attach_store(\App::get_channel(), get_observer_hash(), '', array('album' => t('Cover Photos'), 'hash' => $hash));
$res = attach_store(\App::get_channel(), get_observer_hash(), '', array('album' => t('Cover Photos'), 'hash' => $hash, 'nosync' => true));
logger('attach_store: ' . print_r($res,true));
@ -393,6 +427,7 @@ logger('gis: ' . print_r($gis,true));
'$lbl_profiles' => t('Select a profile:'),
'$title' => t('Change Cover Photo'),
'$submit' => t('Upload'),
'$remove' => t('Remove'),
'$profiles' => $profiles,
'$embedPhotos' => t('Use a photo from your albums'),
'$embedPhotosModalTitle' => t('Use a photo from your albums'),

40
Zotlabs/Module/Directory.php
View File

@ -103,8 +103,14 @@ class Directory extends \Zotlabs\Web\Controller {
$suggest = (local_channel() && x($_REQUEST,'suggest')) ? $_REQUEST['suggest'] : '';
if($suggest) {
$r = suggestion_query(local_channel(),get_observer_hash());
// the directory options have no effect in suggestion mode
$globaldir = 1;
$safe_mode = 1;
$type = 0;
$r = suggestion_query(local_channel(),get_observer_hash(),0,60);
if(! $r) {
notice( t('No default suggestions were found.') . EOL);
@ -212,12 +218,17 @@ class Directory extends \Zotlabs\Web\Controller {
if($j) {
if($j['results']) {
$results = $j['results'];
if($suggest) {
$results = self::reorder_results($results,$addresses);
}
$entries = array();
$photo = 'thumb';
foreach($j['results'] as $rr) {
foreach($results as $rr) {
$profile_link = chanlink_url($rr['url']);
@ -399,7 +410,7 @@ class Directory extends \Zotlabs\Web\Controller {
$dirtitle = (($globaldir) ? t('Global Directory') : t('Local Directory'));
$o .= "<script> var page_query = '" . escape_tags($_GET['q']) . "'; var extra_args = '" . extra_query_args() . "' ; divmore_height = " . intval($maxheight) . "; </script>";
$o .= "<script> var page_query = '" . escape_tags(urlencode($_GET['q'])) . "'; var extra_args = '" . extra_query_args() . "' ; divmore_height = " . intval($maxheight) . "; </script>";
$o .= replace_macros($tpl, array(
'$search' => $search,
'$desc' => t('Find'),
@ -438,5 +449,22 @@ class Directory extends \Zotlabs\Web\Controller {
return $o;
}
static public function reorder_results($results,$suggests) {
if(! $suggests)
return $results;
$out = [];
foreach($suggests as $k => $v) {
foreach($results as $rv) {
if($k == $rv['address']) {
$out[intval($v)] = $rv;
break;
}
}
}
return $out;
}
}

8
Zotlabs/Module/Dirsearch.php
View File

@ -116,12 +116,12 @@ class Dirsearch extends \Zotlabs\Web\Controller {
$sql_extra .= $this->dir_query_build($joiner,'xchan_name',$name);
if($address)
$sql_extra .= $this->dir_query_build($joiner,'xchan_addr',$address);
if($city)
$sql_extra .= $this->dir_query_build($joiner,'xprof_locale',$city);
if($locale)
$sql_extra .= $this->dir_query_build($joiner,'xprof_locale',$locale);
if($region)
$sql_extra .= $this->dir_query_build($joiner,'xprof_region',$region);
if($post)
$sql_extra .= $this->dir_query_build($joiner,'xprof_postcode',$post);
if($postcode)
$sql_extra .= $this->dir_query_build($joiner,'xprof_postcode',$postcode);
if($country)
$sql_extra .= $this->dir_query_build($joiner,'xprof_country',$country);
if($gender)

7
Zotlabs/Module/Display.php
View File

@ -175,6 +175,11 @@ class Display extends \Zotlabs\Web\Controller {
return '';
}
}
if ($target_item['item_type'] == ITEM_TYPE_CUSTOM) {
call_hooks('item_custom_display',$target_item);
notice( t('Page not found.') . EOL);
return '';
}
$static = ((array_key_exists('static',$_REQUEST)) ? intval($_REQUEST['static']) : 0);
@ -233,7 +238,7 @@ class Display extends \Zotlabs\Web\Controller {
'$dbegin' => '',
'$verb' => '',
'$net' => '',
'$mid' => $mid
'$mid' => (($mid) ? urlencode($mid) : '')
));
head_add_link([

14
Zotlabs/Module/Dreport.php
View File

@ -16,17 +16,20 @@ class Dreport extends \Zotlabs\Web\Controller {
$channel = \App::get_channel();
$mid = ((argc() > 1) ? argv(1) : '');
$encoded_mid = '';
if(strpos($mid,'b64.') === 0)
if(strpos($mid,'b64.') === 0) {
$encoded_mid = $mid;
$mid = @base64url_decode(substr($mid,4));
}
if($mid === 'push') {
$table = 'push';
$mid = ((argc() > 2) ? argv(2) : '');
if(strpos($mid,'b64.') === 0)
if(strpos($mid,'b64.') === 0) {
$encoded_mid = $mid;
$mid = @base64url_decode(substr($mid,4));
}
if($mid) {
$i = q("select id from item where mid = '%s' and uid = %d and ( author_xchan = '%s' or ( owner_xchan = '%s' and item_wall = 1 )) ",
@ -40,7 +43,7 @@ class Dreport extends \Zotlabs\Web\Controller {
}
}
sleep(3);
goaway(z_root() . '/dreport/' . urlencode($mid));
goaway(z_root() . '/dreport/' . (($encoded_mid) ? $encoded_mid : $mid));
}
if($mid === 'mail') {
@ -159,6 +162,7 @@ class Dreport extends \Zotlabs\Web\Controller {
'$title' => sprintf( t('Delivery report for %1$s'),basename($mid)) . '...',
'$table' => $table,
'$mid' => urlencode($mid),
'$safe_mid' => urlencode(gen_link_id($mid)),
'$options' => t('Options'),
'$push' => t('Redeliver'),
'$entries' => $entries

3
Zotlabs/Module/Editpost.php
View File

@ -45,7 +45,8 @@ class Editpost extends \Zotlabs\Web\Controller {
}
if($itm[0]['resource_type'] === 'event' && $itm[0]['resource_id']) {
goaway(z_root() . '/events/' . $itm[0]['resource_id'] . '?expandform=1');
goaway(z_root() . '/cdav/calendar/' . $itm[0]['resource_id']);
//goaway(z_root() . '/events/' . $itm[0]['resource_id'] . '?expandform=1');
}
$owner_uid = $itm[0]['uid'];

50
Zotlabs/Module/Embedphotos.php
View File

@ -41,24 +41,44 @@ class Embedphotos extends \Zotlabs\Web\Controller {
json_return_and_die(array('errormsg' => 'Error retrieving link ' . $href, 'status' => false));
}
$resource_id = array_pop(explode('/', $href));
$r = q("SELECT obj from item where resource_type = 'photo' and resource_id = '%s' limit 1",
dbesc($resource_id)
);
if (!$r) {
json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false));
}
$obj = json_decode($r[0]['obj'], true);
if (x($obj, 'body')) {
$photolink = $obj['body'];
} elseif (x($obj, 'bbcode')) {
$photolink = $obj['bbcode'];
} else {
json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false));
}
json_return_and_die(array('status' => true, 'photolink' => $photolink, 'resource_id' => $resource_id));
$x = self::photolink($resource_id);
if($x)
json_return_and_die(array('status' => true, 'photolink' => $x, 'resource_id' => $resource_id));
json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false));
}
}
protected static function photolink($resource) {
$channel = \App::get_channel();
$output = EMPTY_STR;
if($channel) {
$resolution = ((feature_enabled($channel['channel_id'],'large_photos')) ? 2 : 3);
$r = q("select mimetype, height, width from photo where resource_id = '%s' and $resolution = %d and uid = %d limit 1",
dbesc($resource),
intval($resolution),
intval($channel['channel_id'])
);
if(! $r)
return $output;
if($r[0]['mimetype'] === 'image/jpeg')
$ext = '.jpg';
elseif($r[0]['mimetype'] === 'image/png')
$ext = '.png';
elseif($r[0]['mimetype'] === 'image/gif')
$ext = '.gif';
else
$ext = EMPTY_STR;
$output = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $resource . ']' .
'[zmg=' . $r[0]['width'] . 'x' . $r[0]['height'] . ']' . z_root() . '/photo/' . $resource . '-' . $resolution . $ext . '[/zmg][/zrl]';
return $output;
}
}
/**
* @brief Get photos from an album.
*

13
Zotlabs/Module/Getfile.php
View File

@ -35,7 +35,6 @@ class Getfile extends \Zotlabs\Web\Controller {
$sig = $_POST['signature'];
$resource = $_POST['resource'];
$revision = intval($_POST['revision']);
$resolution = (-1);
if(! $hash)
killme();
@ -81,9 +80,14 @@ class Getfile extends \Zotlabs\Web\Controller {
killme();
}
if(substr($resource,-2,1) == '-') {
if(isset($_POST['resolution']))
$resolution = intval($_POST['resolution']);
elseif(substr($resource,-2,1) == '-') {
$resolution = intval(substr($resource,-1,1));
$resource = substr($resource,0,-2);
}
else {
$resolution = (-1);
}
$slop = intval(get_pconfig($channel['channel_id'],'system','getfile_time_slop'));
@ -106,9 +110,10 @@ class Getfile extends \Zotlabs\Web\Controller {
}
if($resolution > 0) {
$r = q("select * from photo where resource_id = '%s' and uid = %d limit 1",
$r = q("SELECT * FROM photo WHERE resource_id = '%s' AND uid = %d AND imgscale = %d LIMIT 1",
dbesc($resource),
intval($channel['channel_id'])
intval($channel['channel_id']),
$resolution
);
if($r) {
header('Content-type: ' . $r[0]['mimetype']);

2
Zotlabs/Module/Hq.php
View File

@ -194,7 +194,7 @@ class Hq extends \Zotlabs\Web\Controller {
'$dbegin' => '',
'$verb' => '',
'$net' => '',
'$mid' => $mid
'$mid' => (($mid) ? urlencode($mid) : '')
]);
}

86
Zotlabs/Module/Import.php
View File

@ -8,6 +8,8 @@ require_once('include/import.php');
require_once('include/perm_upgrade.php');
require_once('library/urlify/URLify.php');
use Zotlabs\Lib\Libzot;
/**
* @brief Module for channel import.
@ -228,13 +230,45 @@ class Import extends \Zotlabs\Web\Controller {
);
// reset the original primary hubloc if it is being seized
if($seize) {
$r = q("update hubloc set hubloc_primary = 0 where hubloc_primary = 1 and hubloc_hash = '%s' and hubloc_url != '%s' ",
dbesc($channel['channel_hash']),
dbesc(z_root())
);
}
// create a new zot6 hubloc if we have got a channel_portable_id
if($channel['channel_portable_id']) {
$r = hubloc_store_lowlevel(
[
'hubloc_guid' => $channel['channel_guid'],
'hubloc_guid_sig' => 'sha256.' . $channel['channel_guid_sig'],
'hubloc_hash' => $channel['channel_portable_id'],
'hubloc_addr' => channel_reddress($channel),
'hubloc_network' => 'zot6',
'hubloc_primary' => (($seize) ? 1 : 0),
'hubloc_url' => z_root(),
'hubloc_url_sig' => 'sha256.' . base64url_encode(rsa_sign(z_root(),$channel['channel_prvkey'])),
'hubloc_host' => \App::get_hostname(),
'hubloc_callback' => z_root() . '/zot',
'hubloc_sitekey' => get_config('system','pubkey'),
'hubloc_updated' => datetime_convert(),
'hubloc_id_url' => channel_url($channel),
'hubloc_site_id' => Libzot::make_xchan_hash(z_root(),get_config('system','pubkey'))
]
);
// reset the original primary hubloc if it is being seized
if($seize) {
$r = q("update hubloc set hubloc_primary = 0 where hubloc_primary = 1 and hubloc_hash = '%s' and hubloc_url != '%s' ",
dbesc($channel['channel_portable_id']),
dbesc(z_root())
);
}
}
}
logger('import step 5');
@ -246,8 +280,9 @@ class Import extends \Zotlabs\Web\Controller {
// replace any existing xchan we may have on this site if we're seizing control
$r = q("delete from xchan where xchan_hash = '%s'",
dbesc($channel['channel_hash'])
$r = q("delete from xchan where ( xchan_hash = '%s' or xchan_hash = '%s' ) ",
dbesc($channel['channel_hash']),
dbesc($channel['channel_portable_id'])
);
$r = xchan_store_lowlevel(
@ -269,6 +304,30 @@ class Import extends \Zotlabs\Web\Controller {
'xchan_name_date' => datetime_convert()
]
);
if($channel['channel_portable_id']) {
$r = xchan_store_lowlevel(
[
'xchan_hash' => \Zotlabs\Lib\Libzot::make_xchan_hash($channel['channel_guid'],$channel['channel_pubkey']),
'xchan_guid' => $channel['channel_guid'],
'xchan_guid_sig' => 'sha256.' . $channel['channel_guid_sig'],
'xchan_pubkey' => $channel['channel_pubkey'],
'xchan_photo_l' => z_root() . "/photo/profile/l/" . $channel['channel_id'],
'xchan_photo_m' => z_root() . "/photo/profile/m/" . $channel['channel_id'],
'xchan_photo_s' => z_root() . "/photo/profile/s/" . $channel['channel_id'],
'xchan_addr' => channel_reddress($channel),
'xchan_url' => z_root() . '/channel/' . $channel['channel_address'],
'xchan_connurl' => z_root() . '/poco/' . $channel['channel_address'],
'xchan_follow' => z_root() . '/follow?f=&url=%s',
'xchan_name' => $channel['channel_name'],
'xchan_network' => 'zot6',
'xchan_photo_date' => datetime_convert(),
'xchan_name_date' => datetime_convert()
]
);
}
}
logger('import step 6');
@ -278,10 +337,20 @@ class Import extends \Zotlabs\Web\Controller {
if($xchans) {
foreach($xchans as $xchan) {
$hash = make_xchan_hash($xchan['xchan_guid'],$xchan['xchan_guid_sig']);
if($xchan['xchan_network'] === 'zot' && $hash !== $xchan['xchan_hash']) {
logger('forged xchan: ' . print_r($xchan,true));
continue;
if($xchan['xchan_network'] === 'zot') {
$hash = make_xchan_hash($xchan['xchan_guid'],$xchan['xchan_guid_sig']);
if($hash !== $xchan['xchan_hash']) {
logger('forged xchan: ' . print_r($xchan,true));
continue;
}
}
if($xchan['xchan_network'] === 'zot6') {
$zhash = \Zotlabs\Lib\Libzot::make_xchan_hash($xchan['xchan_guid'],$xchan['xchan_pubkey']);
if($zhash !== $xchan['xchan_hash']) {
logger('forged xchan: ' . print_r($xchan,true));
continue;
}
}
if(! array_key_exists('xchan_hidden',$xchan)) {
@ -472,6 +541,9 @@ class Import extends \Zotlabs\Web\Controller {
if(is_array($data['app']))
import_apps($channel,$data['app']);
if(is_array($data['sysapp']))
import_sysapps($channel,$data['sysapp']);
if(is_array($data['chatroom']))
import_chatrooms($channel,$data['chatroom']);

83
Zotlabs/Module/Item.php
View File

@ -40,56 +40,78 @@ class Item extends Controller {
function init() {
if(Libzot::is_zot_request()) {
if (Libzot::is_zot_request()) {
$conversation = false;
$item_id = argv(1);
if(! $item_id)
if (! $item_id)
http_status_exit(404, 'Not found');
$portable_id = EMPTY_STR;
$item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 ";
$i = null;
// do we have the item (at all)?
$r = q("select * from item where mid = '%s' $item_normal limit 1",
dbesc(z_root() . '/item/' . $item_id)
);
if (! $r) {
http_status_exit(404,'Not found');
}
// process an authenticated fetch
$sigdata = HTTPSig::verify(EMPTY_STR);
if($sigdata['portable_id'] && $sigdata['header_valid']) {
$portable_id = $sigdata['portable_id'];
observer_auth($portable_id);
// first see if we have a copy of this item's parent owned by the current signer
// include xchans for all zot-like networks - these will have the same guid and public key
$x = q("select * from xchan where xchan_hash = '%s'",
dbesc($sigdata['portable_id'])
);
if ($x) {
$xchans = q("select xchan_hash from xchan where xchan_hash = '%s' OR ( xchan_guid = '%s' AND xchan_pubkey = '%s' ) ",
dbesc($sigdata['portable_id']),
dbesc($x[0]['xchan_guid']),
dbesc($x[0]['xchan_pubkey'])
);
if ($xchans) {
$hashes = ids_to_querystr($xchans,'xchan_hash',true);
$i = q("select id as item_id from item where mid = '%s' $item_normal and owner_xchan in ( " . protect_sprintf($hashes) . " ) limit 1",
dbesc($r[0]['parent_mid'])
);
}
}
}
$item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 ";
// if we don't have a parent id belonging to the signer see if we can obtain one as a visitor that we have permission to access
$sql_extra = item_permissions_sql(0);
$r = q("select * from item where mid = '%s' $item_normal $sql_extra limit 1",
dbesc(z_root() . '/item/' . $item_id)
);
if(! $r) {
$r = q("select * from item where mid = '%s' $item_normal limit 1",
dbesc(z_root() . '/item/' . $item_id)
if (! $i) {
$i = q("select id as item_id from item where mid = '%s' $item_normal $sql_extra limit 1",
dbesc($r[0]['parent_mid'])
);
if($r) {
http_status_exit(403, 'Forbidden');
}
http_status_exit(404, 'Not found');
}
$items = q("select parent as item_id from item where mid = '%s' and uid = %d $item_normal $sql_extra ",
dbesc($r[0]['parent_mid']),
intval($r[0]['uid'])
);
if(! $items) {
http_status_exit(404, 'Not found');
if(! $i) {
http_status_exit(403,'Forbidden');
}
$r = $items;
$parents_str = ids_to_querystr($r,'item_id');
$parents_str = ids_to_querystr($i,'item_id');
$items = q("SELECT item.*, item.id AS item_id FROM item WHERE item.parent IN ( %s ) $item_normal $sql_extra ",
$items = q("SELECT item.*, item.id AS item_id FROM item WHERE item.parent IN ( %s ) $item_normal ",
dbesc($parents_str)
);
@ -97,9 +119,8 @@ class Item extends Controller {
http_status_exit(404, 'Not found');
}
$r = $items;
xchan_query($r,true);
$items = fetch_post_tags($r,true);
xchan_query($items,true);
$items = fetch_post_tags($items,true);
$observer = App::get_observer();
$parent = $items[0];
@ -145,7 +166,7 @@ class Item extends Controller {
if(! perm_is_allowed($chan['channel_id'],get_observer_hash(),'view_stream'))
http_status_exit(403, 'Forbidden');
$i = Activity::encode_item_collection($nitems,'conversation/' . $item_id,'OrderedCollection',( defined('NOMADIC') ? false : true));
$i = Activity::encode_item_collection($nitems,'conversation/' . $item_id,'OrderedCollection');
if($portable_id) {
ThreadListener::store(z_root() . '/item/' . $item_id,$portable_id);
}

6
Zotlabs/Module/Like.php
View File

@ -491,7 +491,7 @@ class Like extends \Zotlabs\Web\Controller {
$arr['item_flags'] = $item_flags;
$arr['item_wall'] = $item_wall;
$arr['parent_mid'] = (($extended_like) ? $mid : $item['mid']);
$arr['parent_mid'] = (($extended_like) ? $arr['mid'] : $item['mid']);
$arr['owner_xchan'] = (($extended_like) ? $ch[0]['xchan_hash'] : $thread_owner['xchan_hash']);
$arr['author_xchan'] = $observer['xchan_hash'];
@ -546,7 +546,7 @@ class Like extends \Zotlabs\Web\Controller {
dbesc($observer['xchan_hash']),
dbesc($ch[0]['channel_hash']),
intval($post_id),
dbesc($mid),
dbesc($arr['mid']),
dbesc($activity),
dbesc(($tgttype)? $tgttype : $objtype),
dbesc($obj_id),
@ -555,7 +555,7 @@ class Like extends \Zotlabs\Web\Controller {
$r = q("select * from likes where liker = '%s' and likee = '%s' and i_mid = '%s' and verb = '%s' and target_type = '%s' and target_id = '%s' ",
dbesc($observer['xchan_hash']),
dbesc($ch[0]['channel_hash']),
dbesc($mid),
dbesc($arr['mid']),
dbesc($activity),
dbesc(($tgttype)? $tgttype : $objtype),
dbesc($obj_id)

45
Zotlabs/Module/Linkinfo.php
View File

@ -69,6 +69,14 @@ class Linkinfo extends \Zotlabs\Web\Controller {
killme();
}
if(stripos($type,'video/') !== false) {
$thumb = self::get_video_poster($url);
if($thumb) {
if ($zrl)
echo $br . '[zvideo poster=\'' . $thumb . '\']' . $url . '[/zvideo]' . $br;
else
echo $br . '[video poster=\'' . $thumb . '\']' . $url . '[/video]' . $br;
killme();
}
if($zrl)
echo $br . '[zvideo]' . $url . '[/zvideo]' . $br;
else
@ -216,7 +224,42 @@ class Linkinfo extends \Zotlabs\Web\Controller {
return($complete);
}
public static function get_video_poster($url) {
if(strpos($url,z_root() . '/cloud/') === false) {
return EMPTY_STR;
}
$m = parse_url($url,PHP_URL_PATH);
if($m) {
// strip leading '/cloud/'
$m = substr($m,7);
}
$nick = substr($m,0,strpos($m,'/'));
$p = substr($m,strpos($m,'/')+1);
// get the channel to check permissions
$u = channelx_by_nick($nick);
if($u && $p) {
$sql_extra = permissions_sql(intval($u['channel_id']));
$r = q("select hash, content from attach where display_path = '%s' and uid = %d and os_storage = 1 $sql_extra limit 1",
dbesc($p),
intval($u['channel_id'])
);
if($r) {
$path = dbunescbin($r[0]['content']);
if($path && @file_exists($path . '.thumb')) {
return z_root() . '/poster/' . $nick . '/' . $r[0]['hash'];
}
}
}
return EMPTY_STR;
}
public static function parseurl_getsiteinfo($url) {
$siteinfo = array();

4
Zotlabs/Module/Magic.php
View File

@ -169,8 +169,8 @@ class Magic extends \Zotlabs\Web\Controller {
$token = $j['token'];
}
$x = strpbrk($dest,'?&');
$args = (($x) ? '&owt=' . $token : '?f=&owt=' . $token) . (($delegate) ? '&delegate=1' : '');
$strp = strpbrk($dest,'?&');
$args = (($strp) ? '&owt=' . $token : '?f=&owt=' . $token) . (($delegate) ? '&delegate=1' : '');
goaway($dest . $args);
}
}

18
Zotlabs/Module/Network.php
View File

@ -368,19 +368,19 @@ class Network extends \Zotlabs\Web\Controller {
'$static' => $static,
'$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0),
'$page' => ((App::$pager['page'] != 1) ? App::$pager['page'] : 1),
'$search' => (($search) ? $search : ''),
'$xchan' => $xchan,
'$search' => (($search) ? urlencode($search) : ''),
'$xchan' => (($xchan) ? urlencode($xchan) : ''),
'$order' => $order,
'$file' => $file,
'$cats' => urlencode($category),
'$tags' => urlencode($hashtags),
'$file' => (($file) ? urlencode($file) : ''),
'$cats' => (($category) ? urlencode($category) : ''),
'$tags' => (($hashtags) ? urlencode($hashtags) : ''),
'$dend' => $datequery,
'$mid' => '',
'$verb' => $verb,
'$net' => $net,
'$verb' => (($verb) ? urlencode($verb) : ''),
'$net' => (($net) ? urlencode($net) : ''),
'$dbegin' => $datequery2,
'$pf' => (($pf) ? $pf : '0'),
'$unseen' => $unseen
'$pf' => (($pf) ? intval($pf) : 0),
'$unseen' => (($unseen) ? urlencode($unseen) : '')
));
}

2
Zotlabs/Module/Oep.php
View File

@ -456,7 +456,7 @@ class Oep extends \Zotlabs\Web\Controller {
if(preg_match('|//(.*?)/(.*?)/(.*?)/album/|',$url,$matches)) {
$chn = $matches[3];
$res = hex2bin(basename($url));
$res = basename($url);
}
if(! ($chn && $res))

26
Zotlabs/Module/Owa.php
View File

@ -30,12 +30,29 @@ class Owa extends \Zotlabs\Web\Controller {
$keyId = $sigblock['keyId'];
if($keyId) {
// Hubzilla connections can have both zot and zot6 hublocs
// The connections will usually be zot so match those first
$r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash
where ( hubloc_addr = '%s' or hubloc_id_url = '%s' ) ",
where ( hubloc_addr = '%s' or hubloc_id_url = '%s' ) and hubloc_network = 'zot' ",
dbesc(str_replace('acct:','',$keyId)),
dbesc($keyId)
);
if(! $r) {
// If nothing was found, try searching on any network
if (! $r) {
$r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash
where ( hubloc_addr = '%s' or hubloc_id_url = '%s' )",
dbesc(str_replace('acct:','',$keyId)),
dbesc($keyId)
);
}
// If nothing was found on any network, use network discovery and create a new record
if (! $r) {
$found = discover_by_webbie(str_replace('acct:','',$keyId));
if($found) {
$r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash
@ -45,7 +62,8 @@ class Owa extends \Zotlabs\Web\Controller {
);
}
}
if($r) {
if ($r) {
foreach($r as $hubloc) {
$verified = \Zotlabs\Web\HTTPSig::verify(file_get_contents('php://input'),$hubloc['xchan_pubkey']);
if($verified && $verified['header_signed'] && $verified['header_valid']) {
@ -53,7 +71,7 @@ class Owa extends \Zotlabs\Web\Controller {
logger('OWA success: ' . $hubloc['hubloc_addr'],LOGGER_DATA);
$ret['success'] = true;
$token = random_string(32);
\Zotlabs\Lib\Verify::create('owt',0,$token,$hubloc['hubloc_addr']);
\Zotlabs\Lib\Verify::create('owt',0,$token,$hubloc['hubloc_network'] . ',' . $hubloc['hubloc_addr']);
$result = '';
openssl_public_encrypt($token,$result,$hubloc['xchan_pubkey']);
$ret['encrypted_token'] = base64url_encode($result);

116
Zotlabs/Module/Photo.php
View File

@ -40,7 +40,7 @@ class Photo extends \Zotlabs\Web\Controller {
call_hooks('cache_mode_hook', $cache_mode);
$observer_xchan = get_observer_hash();
$ismodified = $_SERVER['HTTP_IF_MODIFIED_SINCE'];
$cachecontrol = '';
if(isset($type)) {
@ -68,39 +68,44 @@ class Photo extends \Zotlabs\Web\Controller {
}
}
$modified = filemtime($default);
$default = z_root() . '/' . $default;
$uid = $person;
$data = '';
$d = [ 'imgscale' => $resolution, 'channel_id' => $uid, 'default' => $default, 'data' => '', 'mimetype' => '' ];
call_hooks('get_profile_photo',$d);
$resolution = $d['imgscale'];
$uid = $d['channel_id'];
$default = $d['default'];
$data = $d['data'];
$mimetype = $d['mimetype'];
$r = q("SELECT * FROM photo WHERE imgscale = %d AND uid = %d AND photo_usage = %d LIMIT 1",
intval($resolution),
intval($uid),
intval(PHOTO_PROFILE)
);
if($r) {
$modified = strtotime($r[0]['edited'] . "Z");
$mimetype = $r[0]['mimetype'];
if(intval($r[0]['os_storage']))
$data = file_get_contents(dbunescbin($r[0]['content']));
else
$data = dbunescbin($r[0]['content']);
}
if(! $data) {
$r = q("SELECT * FROM photo WHERE imgscale = %d AND uid = %d AND photo_usage = %d LIMIT 1",
intval($resolution),
intval($uid),
intval(PHOTO_PROFILE)
);
if($r) {
$modified = strtotime($r[0]['edited'] . "Z");
$data = dbunescbin($r[0]['content']);
$mimetype = $r[0]['mimetype'];
}
if(intval($r[0]['os_storage']))
$data = file_get_contents($data);
$d = [ 'imgscale' => $resolution, 'channel_id' => $uid, 'default' => $default, 'data' => '', 'mimetype' => '' ];
call_hooks('get_profile_photo',$d);
$resolution = $d['imgscale'];
$uid = $d['channel_id'];
$default = $d['default'];
$data = $d['data'];
$mimetype = $d['mimetype'];
$modified = 0;
}
if(! $data) {
$x = z_fetch_url($default,true,0,[ 'novalidate' => true ]);
$x = z_fetch_url(z_root() . '/' . $default, true, 0, [ 'novalidate' => true ]);
$data = ($x['success'] ? $x['body'] : EMPTY_STR);
$mimetype = 'image/png';
$modified = filemtime($default);
}
$cachecontrol = ', must-revalidate';
}
else {
@ -157,18 +162,19 @@ class Photo extends \Zotlabs\Web\Controller {
$allowed = (-1);
if($u === PHOTO_CACHE) {
// Validate cache
$cache = array(
'resid' => $photo,
'status' => false
);
if($cache_mode['on'])
if($cache_mode['on']) {
$cache = array(
'resid' => $photo,
'status' => false
);
call_hooks('cache_url_hook', $cache);
if(! $cache['status']) {
$url = htmlspecialchars_decode($r[0]['display_path']);
if(strpos(z_root(),'https:') !== false && strpos($url,'https:') === false)
$url = z_root() . '/sslify/' . $filename . '?f=&url=' . urlencode($url);
header("Location: " . $url);
killme();
if(! $cache['status']) {
$url = htmlspecialchars_decode($r[0]['display_path']);
// SSLify if needed
if(strpos(z_root(),'https:') !== false && strpos($url,'https:') === false)
$url = z_root() . '/sslify/' . $filename . '?f=&url=' . urlencode($url);
goaway($url);
}
}
}
}
@ -213,38 +219,23 @@ class Photo extends \Zotlabs\Web\Controller {
http_status_exit(404,'not found');
}
if(! $data)
killme();
$etag = md5($data . $modified);
if($modified == 0)
$modified = time();
header_remove('Pragma');
if($ismodified === gmdate("D, d M Y H:i:s", $modified) . " GMT") {
if($_SERVER['HTTP_IF_NONE_MATCH'] === $etag || $_SERVER['HTTP_IF_MODIFIED_SINCE'] === gmdate("D, d M Y H:i:s", $modified) . " GMT") {
header_remove('Expires');
header_remove('Cache-Control');
header_remove('Set-Cookie');
http_status_exit(304,'not modified');
}
if(! isset($data)) {
if(isset($resolution)) {
switch($resolution) {
case 4:
$default = get_default_profile_photo();
break;
case 5:
$default = get_default_profile_photo(80);
break;
case 6:
$default = get_default_profile_photo(48);
break;
default:
killme();
// NOTREACHED
break;
}
$x = z_fetch_url(z_root() . '/' . $default,true,0,[ 'novalidate' => true ]);
$data = ($x['success'] ? $x['body'] : EMPTY_STR);
$mimetype = 'image/png';
}
}
if(isset($res) && intval($res) && $res < 500) {
$ph = photo_factory($data, $mimetype);
if($ph->is_valid()) {
@ -281,12 +272,13 @@ class Photo extends \Zotlabs\Web\Controller {
$maxage = $expires - time();
header("Expires: " . gmdate("D, d M Y H:i:s", $expires) . " GMT");
header("Cache-Control: max-age=" . $maxage);
header("Cache-Control: max-age=" . $maxage . $cachecontrol);
}
header("Content-type: " . $mimetype);
header("Last-Modified: " . gmdate("D, d M Y H:i:s", $modified) . " GMT");
header("ETag: " . $etag);
header("Content-Length: " . (isset($filesize) ? $filesize : strlen($data)));
// If it's a file resource, stream it.

116
Zotlabs/Module/Photos.php
View File

@ -239,95 +239,53 @@ class Photos extends \Zotlabs\Web\Controller {
intval($page_owner_uid)
);
if(count($r)) {
$d = (($r[0]['os_storage']) ? @file_get_contents(dbunescbin($r[0]['content'])) : dbunescbin($r[0]['content']));
$ph = photo_factory($d, $r[0]['mimetype']);
$ph = photo_factory(@file_get_contents(dbunescbin($r[0]['content'])), $r[0]['mimetype']);
if($ph->is_valid()) {
$rotate_deg = ( (intval($_POST['rotate']) == 1) ? 270 : 90 );
$ph->rotate($rotate_deg);
$width = $ph->getWidth();
$height = $ph->getHeight();
if(intval($r[0]['os_storage'])) {
@file_put_contents($r[0]['content'],$ph->imageString());
$data = $r[0]['content'];
$fsize = @filesize($r[0]['content']);
q("update attach set filesize = %d where hash = '%s' and uid = %d",
intval($fsize),
dbesc($resource_id),
intval($page_owner_uid)
);
}
else {
$data = $ph->imageString();
$fsize = strlen($data);
}
$x = q("update photo set edited = '%s', content = '%s', filesize = %d, height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 0",
dbesc(datetime_convert()),
dbescbin($data),
intval($fsize),
intval($height),
intval($width),
$edited = datetime_convert();
q("update attach set filesize = %d, edited = '%s' where hash = '%s' and uid = %d",
strlen($ph->imageString()),
dbescdate($edited),
dbesc($resource_id),
intval($page_owner_uid)
);
$ph->saveImage(dbunescbin($r[0]['content']));
$arr = [
'aid' => get_account_id(),
'uid' => intval($page_owner_uid),
'resource_id' => dbesc($resource_id),
'filename' => $r[0]['filename'],
'imgscale' => 0,
'album' => $r[0]['album'],
'os_path' => $r[0]['os_path'],
'os_storage' => 1,
'os_syspath' => dbunescbin($r[0]['content']),
'display_path' => $r[0]['display_path'],
'photo_usage' => PHOTO_NORMAL,
'edited' => dbescdate($edited)
];
$ph->save($arr);
unset($arr['os_syspath']);
if($width > 1024 || $height > 1024)
$ph->scaleImage(1024);
$width = $ph->getWidth();
$height = $ph->getHeight();
$data = $ph->imageString();
$fsize = strlen($data);
$x = q("update photo set edited = '%s', content = '%s', filesize = %d, height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 1",
dbesc(datetime_convert()),
dbescbin($data),
intval($fsize),
intval($height),
intval($width),
dbesc($resource_id),
intval($page_owner_uid)
);
$ph->storeThumbnail($arr, PHOTO_RES_1024);
if($width > 640 || $height > 640)
$ph->scaleImage(640);
$width = $ph->getWidth();
$height = $ph->getHeight();
$data = $ph->imageString();
$fsize = strlen($data);
$x = q("update photo set edited = '%s', content = '%s', filesize = %d, height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 2",
dbesc(datetime_convert()),
dbescbin($data),
intval($fsize),
intval($height),
intval($width),
dbesc($resource_id),
intval($page_owner_uid)
);
$ph->storeThumbnail($arr, PHOTO_RES_640);
if($width > 320 || $height > 320)
$ph->scaleImage(320);
$width = $ph->getWidth();
$height = $ph->getHeight();
$data = $ph->imageString();
$fsize = strlen($data);
$x = q("update photo set edited = '%s', content = '%s', filesize = %d, height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 3",
dbesc(datetime_convert()),
dbescbin($data),
intval($fsize),
intval($height),
intval($width),
dbesc($resource_id),
intval($page_owner_uid)
);
$ph->storeThumbnail($arr, PHOTO_RES_320);
}
}
}
@ -848,7 +806,7 @@ class Photos extends \Zotlabs\Web\Controller {
killme();
}
else {
$o .= "<script> var page_query = '" . escape_tags($_GET['q']) . "'; var extra_args = '" . extra_query_args() . "' ; </script>";
$o .= "<script> var page_query = '" . escape_tags(urlencode($_GET['q'])) . "'; var extra_args = '" . extra_query_args() . "' ; </script>";
$tpl = get_markup_template('photo_album.tpl');
$o .= replace_macros($tpl, array(
'$photos' => $photos,
@ -1396,7 +1354,7 @@ class Photos extends \Zotlabs\Web\Controller {
killme();
}
else {
$o .= "<script> var page_query = '" . escape_tags($_GET['q']) . "'; var extra_args = '" . extra_query_args() . "' ; </script>";
$o .= "<script> var page_query = '" . escape_tags(urlencode($_GET['q'])) . "'; var extra_args = '" . extra_query_args() . "' ; </script>";
$tpl = get_markup_template('photos_recent.tpl');
$o .= replace_macros($tpl, array(
'$title' => t('Recent Photos'),

2
Zotlabs/Module/Ping.php
View File

@ -447,7 +447,7 @@ class Ping extends \Zotlabs\Web\Controller {
$when = day_translate(datetime_convert('UTC', (($rr['adjust']) ? date_default_timezone_get() : 'UTC'), $rr['dtstart'], $bd_format)) . (($today) ? ' ' . t('[today]') : '');
$result[] = array(
'notify_link' => z_root() . '/events', /// @FIXME this takes you to an edit page and it may not be yours, we really want to just view the single event --> '/events/event/' . $rr['event_hash'],
'notify_link' => z_root() . '/cdav/calendar/' . $rr['event_hash'],
'name' => $rr['xchan_name'],
'addr' => $rr['xchan_addr'],
'url' => $rr['xchan_url'],

37
Zotlabs/Module/Poster.php Normal file
View File

@ -0,0 +1,37 @@
<?php
namespace Zotlabs\Module;
use Zotlabs\Web\Controller;
require_once('include/security.php');
class Poster extends Controller {
function init() {
$nick = argv(1);
$hash = argv(2);
if(! ($nick && $hash)) {
return;
}
$u = channelx_by_nick($nick);
$sql_extra = permissions_sql(intval($u['channel_id']));
$r = q("select content from attach where hash = '%s' and uid = %d and os_storage = 1 $sql_extra limit 1",
dbesc($hash),
intval($u['channel_id'])
);
if($r) {
$path = dbunescbin($r[0]['content']);
if($path && @file_exists($path . '.thumb')) {
header('Content-Type: image/jpeg');
echo file_get_contents($path . '.thumb');
killme();
}
}
}
}

90
Zotlabs/Module/Profile_photo.php
View File

@ -52,14 +52,39 @@ class Profile_photo extends \Zotlabs\Web\Controller {
return;
}
$channel = \App::get_channel();
check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo');
// Remove cover photo
if(isset($_POST['remove'])) {
$r = q("SELECT resource_id FROM photo WHERE photo_usage = %d AND uid = %d LIMIT 1",
intval(PHOTO_PROFILE),
intval(local_channel())
);
if($r) {
q("update photo set photo_usage = %d where photo_usage = %d and uid = %d",
intval(PHOTO_NORMAL),
intval(PHOTO_PROFILE),
intval(local_channel())
);
$sync = attach_export_data($channel,$r[0]['resource_id']);
if($sync)
build_sync_packet($channel['channel_id'],array('file' => array($sync)));
}
$_SESSION['reload_avatar'] = true;
goaway(z_root() . '/profiles');
}
if((array_key_exists('cropfinal',$_POST)) && (intval($_POST['cropfinal']) == 1)) {
// logger('crop: ' . print_r($_POST,true));
// phase 2 - we have finished cropping
if(argc() != 2) {
@ -119,39 +144,48 @@ class Profile_photo extends \Zotlabs\Web\Controller {
'filename' => $base_image['filename'],
'album' => t('Profile Photos'),
'os_path' => $base_image['os_path'],
'display_path' => $base_image['display_path']
'display_path' => $base_image['display_path'],
'photo_usage' => PHOTO_PROFILE,
'edited' => dbescdate($base_image['edited'])
];
$p['imgscale'] = PHOTO_RES_PROFILE_300;
$p['photo_usage'] = (($is_default_profile) ? PHOTO_PROFILE : PHOTO_NORMAL);
$r1 = $im->save($p);
$r1 = $im->storeThumbnail($p, PHOTO_RES_PROFILE_300);
$im->scaleImage(80);
$p['imgscale'] = PHOTO_RES_PROFILE_80;
$r2 = $im->save($p);
$r2 = $im->storeThumbnail($p, PHOTO_RES_PROFILE_80);
$im->scaleImage(48);
$p['imgscale'] = PHOTO_RES_PROFILE_48;
$r3 = $im->save($p);
$r3 = $im->storeThumbnail($p, PHOTO_RES_PROFILE_48);
if($r1 === false || $r2 === false || $r3 === false) {
// if one failed, delete them all so we can start over.
notice( t('Image resize failed.') . EOL );
$x = q("delete from photo where resource_id = '%s' and uid = %d and imgscale in ( %d, %d, %d ) ",
$x = q("delete from photo where resource_id = '%s' and uid = %d and imgscale in ( %d, %d, %d )",
dbesc($base_image['resource_id']),
local_channel(),
intval(PHOTO_RES_PROFILE_300),
intval(PHOTO_RES_PROFILE_80),
intval(PHOTO_RES_PROFILE_48)
);
$x = q("SELECT content FROM photo WHERE resource_id = '%s' AND uid = %d AND os_storage = 1 AND imgscale IN ( %d, %d, %d )",
dbesc($base_image['resource_id']),
local_channel(),
intval(PHOTO_RES_PROFILE_300),
intval(PHOTO_RES_PROFILE_80),
intval(PHOTO_RES_PROFILE_48)
);
if($x) {
foreach($x as $xx) {
@unlink(dbunescbin($xx['content']));
}
}
return;
}
$channel = \App::get_channel();
// If setting for the default profile, unset the profile photo flag from any other photos I own
if($is_default_profile) {
@ -198,7 +232,7 @@ class Profile_photo extends \Zotlabs\Web\Controller {
$r = q("UPDATE xchan set xchan_photo_mimetype = '%s', xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s'
where xchan_hash = '%s'",
dbesc($im->getType()),
dbesc(datetime_convert()),
dbescdate($base_image['edited']),
dbesc(z_root() . '/photo/profile/l/' . $channel['channel_id']),
dbesc(z_root() . '/photo/profile/m/' . $channel['channel_id']),
dbesc(z_root() . '/photo/profile/s/' . $channel['channel_id']),
@ -245,7 +279,7 @@ class Profile_photo extends \Zotlabs\Web\Controller {
else {
require_once('include/attach.php');
$res = attach_store(\App::get_channel(), get_observer_hash(), '', array('album' => t('Profile Photos'), 'hash' => $hash));
$res = attach_store(\App::get_channel(), get_observer_hash(), '', array('album' => t('Profile Photos'), 'hash' => $hash, 'nosync' => true));
logger('attach_store: ' . print_r($res,true));
}
@ -353,20 +387,23 @@ class Profile_photo extends \Zotlabs\Web\Controller {
if($havescale) {
// unset any existing profile photos
$r = q("UPDATE photo SET photo_usage = %d WHERE photo_usage = %d AND uid = %d",
$x = q("UPDATE photo SET photo_usage = %d WHERE photo_usage = %d AND uid = %d",
intval(PHOTO_NORMAL),
intval(PHOTO_PROFILE),
intval(local_channel()));
$r = q("UPDATE photo SET photo_usage = %d WHERE uid = %d AND resource_id = '%s'",
intval(local_channel())
);
$edited = datetime_convert();
$x = q("UPDATE photo SET photo_usage = %d, edited = '%s' WHERE uid = %d AND resource_id = '%s' AND imgscale > 0",
intval(PHOTO_PROFILE),
dbescdate($edited),
intval(local_channel()),
dbesc($resource_id)
);
);
$r = q("UPDATE xchan set xchan_photo_date = '%s'
where xchan_hash = '%s'",
dbesc(datetime_convert()),
$x = q("UPDATE xchan SET xchan_photo_date = '%s' WHERE xchan_hash = '%s'",
dbescdate($edited),
dbesc($channel['xchan_hash'])
);
@ -376,8 +413,10 @@ class Profile_photo extends \Zotlabs\Web\Controller {
if($sync)
build_sync_packet($channel['channel_id'],array('file' => array($sync)));
$_SESSION['reload_avatar'] = true;
\Zotlabs\Daemon\Master::Summon(array('Directory',local_channel()));
goaway(z_root() . '/profiles');
}
@ -457,6 +496,7 @@ class Profile_photo extends \Zotlabs\Web\Controller {
'$lbl_profiles' => t('Select a profile:'),
'$title' => (($importing) ? t('Use Photo for Profile') : t('Change Profile Photo')),
'$submit' => (($importing) ? t('Use') : t('Upload')),
'$remove' => t('Remove'),
'$profiles' => $profiles,
'$single' => ((count($profiles) == 1) ? true : false),
'$profile0' => $profiles[0],

6
Zotlabs/Module/Pubstream.php
View File

@ -149,11 +149,11 @@ class Pubstream extends \Zotlabs\Web\Controller {
'$order' => 'comment',
'$file' => '',
'$cats' => '',
'$tags' => $hashtags,
'$tags' => (($hashtags) ? urlencode($hashtags) : ''),
'$dend' => '',
'$mid' => $mid,
'$mid' => (($mid) ? urlencode($mid) : ''),
'$verb' => '',
'$net' => $net,
'$net' => (($net) ? urlencode($net) : ''),
'$dbegin' => ''
));
}

8
Zotlabs/Module/React.php
View File

@ -59,6 +59,14 @@ class React extends \Zotlabs\Web\Controller {
$n['body'] = "\n\n[zmg=32x32]" . z_root() . '/images/emoji/' . $emoji . '.png[/zmg]' . "\n\n";
$n['author_xchan'] = $channel['channel_hash'];
$n['tgt_type'] = 'Image';
$n['target'] = [
'type' => 'Image',
'name' => $emoji,
'url' => z_root() . '/images/emoji/' . $emoji . '.png'
];
$x = item_store($n);
retain_item($postid);

12
Zotlabs/Module/Register.php
View File

@ -1,10 +1,11 @@
<?php
namespace Zotlabs\Module;
require_once('include/channel.php');
use Zotlabs\Web\Controller;
require_once('include/security.php');
class Register extends \Zotlabs\Web\Controller {
class Register extends Controller {
function init() {
@ -39,7 +40,9 @@ class Register extends \Zotlabs\Web\Controller {
function post() {
check_form_security_token_redirectOnErr('/register', 'register');
$max_dailies = intval(get_config('system','max_daily_registrations'));
if($max_dailies) {
$r = q("select count(account_id) as total from account where account_created > %s - INTERVAL %s",
@ -269,7 +272,8 @@ class Register extends \Zotlabs\Web\Controller {
require_once('include/bbcode.php');
$o = replace_macros(get_markup_template('register.tpl'), array(
'$form_security_token' => get_form_security_token("register"),
'$title' => t('Registration'),
'$reg_is' => $registration_is,
'$registertext' => bbcode(get_config('system','register_text')),

2
Zotlabs/Module/Settings/Calendar.php
View File

@ -36,7 +36,7 @@ class Calendar {
'$rpath' => $rpath,
'$action_url' => 'settings/' . $module,
'$form_security_token' => get_form_security_token('settings_' . $module),
'$title' => t('CalDAV Settings'),
'$title' => t('Calendar Settings'),
'$features' => process_module_features_get(local_channel(), $features),
'$submit' => t('Submit')
));

69
Zotlabs/Module/Setup.php
View File

@ -39,12 +39,12 @@ class Setup extends \Zotlabs\Web\Controller {
ini_set('display_errors', '1');
// $baseurl/setup/testrewrite to test if rewrite in .htaccess is working
if (argc() == 2 && argv(1) == "testrewrite") {
if(argc() == 2 && argv(1) == 'testrewrite') {
echo 'ok';
killme();
}
if (x($_POST, 'pass')) {
if(x($_POST, 'pass')) {
$this->install_wizard_pass = intval($_POST['pass']);
} else {
$this->install_wizard_pass = 1;
@ -63,7 +63,6 @@ class Setup extends \Zotlabs\Web\Controller {
return;
// implied break;
case 3:
$urlpath = \App::get_path();
$dbhost = trim($_POST['dbhost']);
$dbport = intval(trim($_POST['dbport']));
$dbuser = trim($_POST['dbuser']);
@ -89,7 +88,6 @@ class Setup extends \Zotlabs\Web\Controller {
return;
// implied break;
case 4:
$urlpath = \App::get_path();
$dbhost = trim($_POST['dbhost']);
$dbport = intval(trim($_POST['dbport']));
$dbuser = trim($_POST['dbuser']);
@ -162,7 +160,6 @@ class Setup extends \Zotlabs\Web\Controller {
*
* @return string parsed HTML output
*/
function get() {
$o = '';
@ -213,10 +210,10 @@ class Setup extends \Zotlabs\Web\Controller {
}
if(x(\App::$data, 'txt') && strlen(\App::$data['txt'])) {
$db_return_text .= $this->manual_config($a);
$db_return_text .= $this->manual_config();
}
if ($db_return_text != "") {
if($db_return_text != '') {
$tpl = get_markup_template('install.tpl');
return replace_macros($tpl, array(
'$title' => $install_title,
@ -242,7 +239,7 @@ class Setup extends \Zotlabs\Web\Controller {
$this->check_keys($checks);
if (x($_POST, 'phpath'))
if(x($_POST, 'phpath'))
$phpath = notags(trim($_POST['phpath']));
$this->check_php($phpath, $checks);
@ -278,7 +275,6 @@ class Setup extends \Zotlabs\Web\Controller {
$dbtype = intval(trim($_POST['dbtype']));
$phpath = trim($_POST['phpath']);
$adminmail = trim($_POST['adminmail']);
$siteurl = trim($_POST['siteurl']);
$tpl = get_markup_template('install_db.tpl');
$o .= replace_macros($tpl, array(
@ -320,7 +316,6 @@ class Setup extends \Zotlabs\Web\Controller {
$phpath = trim($_POST['phpath']);
$adminmail = trim($_POST['adminmail']);
$siteurl = trim($_POST['siteurl']);
$timezone = ((x($_POST,'timezone')) ? ($_POST['timezone']) : 'America/Los_Angeles');
@ -363,12 +358,12 @@ class Setup extends \Zotlabs\Web\Controller {
* @param string $help optional help string
*/
function check_add(&$checks, $title, $status, $required, $help = '') {
$checks[] = array(
$checks[] = [
'title' => $title,
'status' => $status,
'required' => $required,
'help' => $help
);
];
}
/**
@ -380,12 +375,12 @@ class Setup extends \Zotlabs\Web\Controller {
function check_php(&$phpath, &$checks) {
$help = '';
if(version_compare(PHP_VERSION, '5.5') < 0) {
$help .= t('PHP version 5.5 or greater is required.');
$this->check_add($checks, t('PHP version'), false, false, $help);
if(version_compare(PHP_VERSION, '7.1') < 0) {
$help .= t('PHP version 7.1 or greater is required.');
$this->check_add($checks, t('PHP version'), false, true, $help);
}
if (strlen($phpath)) {
if(strlen($phpath)) {
$passed = file_exists($phpath);
}
elseif(function_exists('shell_exec')) {
@ -419,6 +414,7 @@ class Setup extends \Zotlabs\Web\Controller {
$result = trim(shell_exec($cmd));
else
$help .= t('Unable to check command line PHP, as shell_exec() is disabled. This is required.') . EOL;
$passed2 = (($result == $str) ? true : false);
if(!$passed2) {
$help .= t('The command line version of PHP on your system does not have "register_argc_argv" enabled.'). EOL;
@ -445,14 +441,14 @@ class Setup extends \Zotlabs\Web\Controller {
$result = getPhpiniUploadLimits();
if($result['post_max_size'] < 4194304 || $result['max_upload_filesize'] < 4194304) {
$mem_warning = '<strong>' .t('This is not sufficient to upload larger images or files. You should be able to upload at least 4 MB at once.') . '</strong>';
}
$mem_warning = '<strong>' .t('This is not sufficient to upload larger images or files. You should be able to upload at least 4 MB at once.') . '</strong>';
}
$help = sprintf(t('Your max allowed total upload size is set to %s. Maximum size of one file to upload is set to %s. You are allowed to upload up to %d files at once.'),
userReadableSize($result['post_max_size']),
userReadableSize($result['max_upload_filesize']),
$result['max_file_uploads']
);
$help .= $mem_warning;
$help .= $mem_warning;
$help .= '<br><br>' . t('You can adjust these settings in the server php.ini file.');
$this->check_add($checks, t('PHP upload limits'), true, false, $help);
@ -467,7 +463,7 @@ class Setup extends \Zotlabs\Web\Controller {
$help = '';
$res = false;
if (function_exists('openssl_pkey_new')) {
if(function_exists('openssl_pkey_new')) {
$res = openssl_pkey_new(array(
'digest_alg' => 'sha1',
'private_key_bits' => 4096,
@ -477,7 +473,7 @@ class Setup extends \Zotlabs\Web\Controller {
// Get private key
if (! $res) {
if(! $res) {
$help .= t('Error: the "openssl_pkey_new" function on this system is not able to generate encryption keys'). EOL;
$help .= t('If running under Windows, please see "http://www.php.net/manual/en/openssl.installation.php".');
}
@ -508,7 +504,7 @@ class Setup extends \Zotlabs\Web\Controller {
$this->check_add($ck_funcs, t('zip PHP module'), true, true);
if(function_exists('apache_get_modules')){
if (! in_array('mod_rewrite', apache_get_modules())) {
if(! in_array('mod_rewrite', apache_get_modules())) {
$this->check_add($ck_funcs, t('Apache mod_rewrite module'), false, true, t('Error: Apache webserver mod-rewrite module is required but not installed.'));
} else {
$this->check_add($ck_funcs, t('Apache mod_rewrite module'), true, true);
@ -577,7 +573,7 @@ class Setup extends \Zotlabs\Web\Controller {
$fname = '.htconfig.php';
if((file_exists($fname) && is_writable($fname)) ||
if((file_exists($fname) && is_writable($fname)) ||
(! (file_exists($fname) && is_writable('.')))) {
$this->check_add($checks, t('.htconfig.php is writable'), $status, true, $help);
return;
@ -643,7 +639,7 @@ class Setup extends \Zotlabs\Web\Controller {
$url = z_root() . '/setup/testrewrite';
if (function_exists('curl_init')){
if(function_exists('curl_init')){
$test = z_fetch_url($url);
if(! $test['success']) {
if(strstr($url,'https://')) {
@ -666,14 +662,13 @@ class Setup extends \Zotlabs\Web\Controller {
$help .= t('If your certificate is not recognized, members of other sites (who may themselves have valid certificates) will get a warning message on their own site complaining about security issues.') . EOL;
$help .= t('This can cause usability issues elsewhere (not just on your own site) so we must insist on this requirement.') .EOL;
$help .= t('Providers are available that issue free certificates which are browser-valid.'). EOL;
$help .= t('If you are confident that the certificate is valid and signed by a trusted authority, check to see if you have failed to install an intermediate cert. These are not normally required by browsers, but are required for server-to-server communications.') . EOL;
$this->check_add($checks, t('SSL certificate validation'), false, true, $help);
}
}
if ((! $test['success']) || ($test['body'] != "ok")) {
if((! $test['success']) || ($test['body'] != "ok")) {
$status = false;
$help = t('Url rewrite in .htaccess is not working. Check your server configuration.'.'Test: '.var_export($test,true));
}
@ -687,10 +682,9 @@ class Setup extends \Zotlabs\Web\Controller {
/**
* @brief
*
* @param App &$a
* @return string with paresed HTML
*/
function manual_config(&$a) {
function manual_config() {
$data = htmlspecialchars(\App::$data['txt'], ENT_COMPAT, 'UTF-8');
$o = t('The database configuration file ".htconfig.php" could not be written. Please use the enclosed text to create a configuration file in your web server root.');
$o .= "<textarea rows=\"24\" cols=\"80\" >$data</textarea>";
@ -700,14 +694,19 @@ class Setup extends \Zotlabs\Web\Controller {
function load_database_rem($v, $i){
$l = trim($i);
if (strlen($l)>1 && ($l[0]=="-" || ($l[0]=="/" && $l[1]=="*"))){
if(strlen($l)>1 && ($l[0]=="-" || ($l[0]=="/" && $l[1]=="*"))){
return $v;
} else {
return $v."\n".$i;
}
}
/**
* @brief Executes the SQL install script and create database tables.
*
* @param dba_driver $db (unused)
* @return boolean|string false on success or error message as string
*/
function load_database($db) {
$str = file_get_contents(\DBA::$dba->get_install_script());
$arr = explode(';', $str);
@ -733,6 +732,12 @@ class Setup extends \Zotlabs\Web\Controller {
// install the standard theme
set_config('system', 'allowed_themes', 'redbasic');
// if imagick converter is installed, use it
if(@is_executable('/usr/bin/convert')) {
set_config('system','imagick_convert_path','/usr/bin/convert');
}
// Set a lenient list of ciphers if using openssl. Other ssl engines
// (e.g. NSS used in RedHat) require different syntax, so hopefully
// the default curl cipher list will work for most sites. If not,
@ -767,12 +772,12 @@ class Setup extends \Zotlabs\Web\Controller {
/**
* @brief
*
* @param unknown $v
* @param array $v
* @param array $c
* @return array
*/
static private function check_passed($v, $c) {
if ($c['required'])
if($c['required'])
$v = $v && $c['status'];
return $v;

2
Zotlabs/Module/Subthread.php
View File

@ -33,7 +33,7 @@ class Subthread extends \Zotlabs\Web\Controller {
if(! $i) {
$i = q("select * from item where id = %d and uid = %d",
intval($postid),
intval($item_id),
intval($sys['channel_id'])
);

2
Zotlabs/Module/Tagger.php
View File

@ -69,7 +69,7 @@ class Tagger extends \Zotlabs\Web\Controller {
$post_type = t('photo');
break;
case 'event':
$targgettype = ACTIVITY_OBJ_EVENT;
$targettype = ACTIVITY_OBJ_EVENT;
$post_type = t('event');
break;
default:

2
Zotlabs/Module/Viewconnections.php
View File

@ -107,7 +107,7 @@ class Viewconnections extends \Zotlabs\Web\Controller {
killme();
}
else {
$o .= "<script> var page_query = '" . escape_tags($_GET['q']) . "'; var extra_args = '" . extra_query_args() . "' ; </script>";
$o .= "<script> var page_query = '" . escape_tags(urlencode($_GET['q'])) . "'; var extra_args = '" . extra_query_args() . "' ; </script>";
$tpl = get_markup_template("viewcontact_template.tpl");
$o .= replace_macros($tpl, array(
'$title' => t('View Connections'),

2
Zotlabs/Module/Viewsrc.php
View File

@ -25,7 +25,7 @@ class Viewsrc extends \Zotlabs\Web\Controller {
notice( t('Item not found.') . EOL);
}
$item_normal = item_normal();
$item_normal = item_normal_search();
if(local_channel() && $item_id) {
$r = q("select id, mid, item_flags, mimetype, item_obscured, body, llink, plink from item where uid in (%d , %d) and id = %d $item_normal limit 1",

21
Zotlabs/Module/Wall_attach.php
View File

@ -96,9 +96,26 @@ class Wall_attach extends \Zotlabs\Web\Controller {
$s = "\n\n" . $r['body'] . "\n\n";
}
else {
$s = "\n\n" . '[attachment]' . $r['data']['hash'] . ',' . $r['data']['revision'] . '[/attachment]' . "\n";
if(strpos($r['data']['filetype'],'video') === 0) {
// give a wee bit of time for the background thumbnail processor to do its thing
// or else we'll never see a video poster
sleep(3);
$url = z_root() . '/cloud/' . $channel['channel_address'] . '/' . $r['data']['display_path'];
$thumb = Linkinfo::get_video_poster($url);
if($thumb) {
$s = "\n\n" . '[zvideo poster=\'' . $thumb . '\']' . $url . '[/zvideo]' . "\n\n";
}
else {
$s = "\n\n" . '[zvideo]' . $url . '[/zvideo]' . "\n\n";
}
}
if(strpos($r['data']['filetype'],'audio') === 0) {
$url = z_root() . '/cloud/' . $channel['channel_address'] . '/' . $r['data']['display_path'];
echo "\n\n" . '[zaudio]' . $url . '[/zaudio]' . "\n\n";
}
$s .= "\n\n" . '[attachment]' . $r['data']['hash'] . ',' . $r['data']['revision'] . '[/attachment]' . "\n";
}
$sync = attach_export_data($channel,$r['data']['hash']);
if($sync) {

2
Zotlabs/Module/Wfinger.php
View File

@ -128,7 +128,7 @@ class Wfinger extends \Zotlabs\Web\Controller {
'http://webfinger.net/ns/name' => $r[0]['channel_name'],
'http://xmlns.com/foaf/0.1/name' => $r[0]['channel_name'],
'https://w3id.org/security/v1#publicKeyPem' => $r[0]['xchan_pubkey'],
'http://purl.org/zot/federation' => 'zot'
'http://purl.org/zot/federation' => 'zot,zot6'
];
foreach($aliases as $alias)

8
Zotlabs/Module/Wiki.php
View File

@ -293,9 +293,9 @@ class Wiki extends Controller {
}
//$wikiheaderName = urldecode($wikiUrlName);
$wikiheaderName = NativeWiki::name_decode($wikiUrlName);
$wikiheaderName = escape_tags(NativeWiki::name_decode($wikiUrlName));
//$wikiheaderPage = urldecode($pageUrlName);
$wikiheaderPage = NativeWiki::name_decode($pageUrlName);
$wikiheaderPage = escape_tags(NativeWiki::name_decode($pageUrlName));
$renamePage = (($wikiheaderPage === 'Home') ? '' : t('Rename page'));
$sharePage = t('Share');
@ -373,13 +373,13 @@ class Wiki extends Controller {
$placeholder = t('Short description of your changes (optional)');
$zrl = urlencode( z_root() . '/wiki/' . argv(1) . '/' . NativeWiki::name_encode($wikiUrlName) . '/' . NativeWiki::name_encode($pageUrlName) );
$zrl = z_root() . '/wiki/' . argv(1) . '/' . NativeWiki::name_encode($wikiUrlName) . '/' . NativeWiki::name_encode($pageUrlName);
$o .= replace_macros(get_markup_template('wiki.tpl'),array(
'$wikiheaderName' => $wikiheaderName,
'$wikiheaderPage' => $wikiheaderPage,
'$renamePage' => $renamePage,
'$sharePage' => $sharePage,
'$shareLink' => '#^[zrl=' . $zrl . ']' . '[ ' . $owner['channel_name'] . ' ] ' . $wikiheaderName . ' - ' . $wikiheaderPage . '[/zrl]',
'$shareLink' => urlencode('#^[zrl=' . $zrl . ']' . '[ ' . $owner['channel_name'] . ' ] ' . $wikiheaderName . ' - ' . $wikiheaderPage . '[/zrl]'),
'$showPageControls' => $showPageControls,
'$editOrSourceLabel' => (($showPageControls) ? t('Edit') : t('Source')),
'$tools_label' => 'Page Tools',

40
Zotlabs/Photo/PhotoDriver.php
View File

@ -448,6 +448,7 @@ abstract class PhotoDriver {
$p['width'] = (($arr['width']) ? $arr['width'] : $this->getWidth());
$p['height'] = (($arr['height']) ? $arr['height'] : $this->getHeight());
$p['expires'] = (($arr['expires']) ? $arr['expires'] : gmdate('Y-m-d H:i:s', time() + get_config('system', 'photo_cache_time', 86400)));
$p['profile'] = ((array_key_exists('profile', $arr)) ? intval($arr['profile']) : 0);
if(! intval($p['imgscale']))
logger('save: ' . print_r($arr, true), LOGGER_DATA);
@ -481,18 +482,49 @@ abstract class PhotoDriver {
allow_gid = '%s',
deny_cid = '%s',
deny_gid = '%s',
expires = '%s'
expires = '%s',
profile = %d
where id = %d",
intval($p['aid']), intval($p['uid']), dbesc($p['xchan']), dbesc($p['resource_id']), dbescdate($p['created']), dbescdate($p['edited']), dbesc(basename($p['filename'])), dbesc($p['mimetype']), dbesc($p['album']), intval($p['height']), intval($p['width']), (intval($p['os_storage']) ? dbescbin($p['os_syspath']) : dbescbin($this->imageString())), intval($p['os_storage']), (intval($p['os_storage']) ? @filesize($p['os_syspath']) : strlen($this->imageString())), intval($p['imgscale']), intval($p['photo_usage']), dbesc($p['title']), dbesc($p['description']), dbesc($p['os_path']), dbesc($p['display_path']), dbesc($p['allow_cid']), dbesc($p['allow_gid']), dbesc($p['deny_cid']), dbesc($p['deny_gid']), dbescdate($p['expires']), intval($x[0]['id']));
intval($p['aid']), intval($p['uid']), dbesc($p['xchan']), dbesc($p['resource_id']), dbescdate($p['created']), dbescdate($p['edited']), dbesc(basename($p['filename'])), dbesc($p['mimetype']), dbesc($p['album']), intval($p['height']), intval($p['width']), (intval($p['os_storage']) ? dbescbin($p['os_syspath']) : dbescbin($this->imageString())), intval($p['os_storage']), (intval($p['os_storage']) ? @filesize($p['os_syspath']) : strlen($this->imageString())), intval($p['imgscale']), intval($p['photo_usage']), dbesc($p['title']), dbesc($p['description']), dbesc($p['os_path']), dbesc($p['display_path']), dbesc($p['allow_cid']), dbesc($p['allow_gid']), dbesc($p['deny_cid']), dbesc($p['deny_gid']), dbescdate($p['expires']), intval($p['profile']), intval($x[0]['id']));
} else {
$p['created'] = (($arr['created']) ? $arr['created'] : $p['edited']);
$r = q("INSERT INTO photo
( aid, uid, xchan, resource_id, created, edited, filename, mimetype, album, height, width, content, os_storage, filesize, imgscale, photo_usage, title, description, os_path, display_path, allow_cid, allow_gid, deny_cid, deny_gid, expires )
VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d, %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' )", intval($p['aid']), intval($p['uid']), dbesc($p['xchan']), dbesc($p['resource_id']), dbescdate($p['created']), dbescdate($p['edited']), dbesc(basename($p['filename'])), dbesc($p['mimetype']), dbesc($p['album']), intval($p['height']), intval($p['width']), (intval($p['os_storage']) ? dbescbin($p['os_syspath']) : dbescbin($this->imageString())), intval($p['os_storage']), (intval($p['os_storage']) ? @filesize($p['os_syspath']) : strlen($this->imageString())), intval($p['imgscale']), intval($p['photo_usage']), dbesc($p['title']), dbesc($p['description']), dbesc($p['os_path']), dbesc($p['display_path']), dbesc($p['allow_cid']), dbesc($p['allow_gid']), dbesc($p['deny_cid']), dbesc($p['deny_gid']), dbescdate($p['expires']));
( aid, uid, xchan, resource_id, created, edited, filename, mimetype, album, height, width, content, os_storage, filesize, imgscale, photo_usage, title, description, os_path, display_path, allow_cid, allow_gid, deny_cid, deny_gid, expires, profile )
VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d, %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d)", intval($p['aid']), intval($p['uid']), dbesc($p['xchan']), dbesc($p['resource_id']), dbescdate($p['created']), dbescdate($p['edited']), dbesc(basename($p['filename'])), dbesc($p['mimetype']), dbesc($p['album']), intval($p['height']), intval($p['width']), (intval($p['os_storage']) ? dbescbin($p['os_syspath']) : dbescbin($this->imageString())), intval($p['os_storage']), (intval($p['os_storage']) ? @filesize($p['os_syspath']) : strlen($this->imageString())), intval($p['imgscale']), intval($p['photo_usage']), dbesc($p['title']), dbesc($p['description']), dbesc($p['os_path']), dbesc($p['display_path']), dbesc($p['allow_cid']), dbesc($p['allow_gid']), dbesc($p['deny_cid']), dbesc($p['deny_gid']), dbescdate($p['expires']), intval($p['profile']));
}
logger('Photo save imgscale ' . $p['imgscale'] . ' returned ' . intval($r));
return $r;
}
/**
* @brief Stores thumbnail to database or filesystem.
*
* @param array $arr
* @param scale int
* @return boolean|array
*/
public function storeThumbnail($arr, $scale = 0) {
$arr['imgscale'] = $scale;
if(boolval(get_config('system','filesystem_storage_thumbnails', 0)) && $scale > 0) {
$channel = \App::get_channel();
$arr['os_storage'] = 1;
$arr['os_syspath'] = 'store/' . $channel['channel_address'] . '/' . $arr['os_path'] . '-' . $scale;
if(! $this->saveImage($arr['os_syspath']))
return false;
}
else
$arr['os_storage'] = 0;
if(! $this->save($arr)) {
if(array_key_exists('os_syspath', $arr))
@unlink($arr['os_syspath']);
return false;
}
return true;
}
}

16
Zotlabs/Render/SmartyInterface.php
View File

@ -2,7 +2,10 @@
namespace Zotlabs\Render;
class SmartyInterface extends \Smarty {
use Smarty;
use App;
class SmartyInterface extends Smarty {
public $filename;
@ -16,26 +19,27 @@ class SmartyInterface extends \Smarty {
// The order is thus very important here
$template_dirs = array('theme' => "view/theme/$thname/tpl/");
if( x(\App::$theme_info,"extends") )
if ( x(App::$theme_info,"extends") ) {
$template_dirs = $template_dirs + array('extends' => "view/theme/" . \App::$theme_info["extends"] . "/tpl/");
}
$template_dirs = $template_dirs + array('base' => 'view/tpl/');
$this->setTemplateDir($template_dirs);
$basecompiledir = \App::$config['system']['smarty3_folder'];
$basecompiledir = App::$config['system']['smarty3_folder'];
$this->setCompileDir($basecompiledir.'/compiled/');
$this->setConfigDir($basecompiledir.'/config/');
$this->setCacheDir($basecompiledir.'/cache/');
$this->left_delimiter = \App::get_template_ldelim('smarty3');
$this->right_delimiter = \App::get_template_rdelim('smarty3');
$this->left_delimiter = App::get_template_ldelim('smarty3');
$this->right_delimiter = App::get_template_rdelim('smarty3');
// Don't report errors so verbosely
$this->error_reporting = E_ALL & (~E_NOTICE);
}
function parsed($template = '') {
if($template) {
if ($template) {
return $this->fetch('string:' . $template);
}
return $this->fetch('file:' . $this->filename);

63
Zotlabs/Render/SmartyTemplate.php
View File

@ -2,28 +2,33 @@
namespace Zotlabs\Render;
use App;
class SmartyTemplate implements TemplateEngine {
static $name ="smarty3";
public function __construct(){
public function __construct() {
// Cannot use get_config() here because it is called during installation when there is no DB.
// FIXME: this may leak private information such as system pathnames.
$basecompiledir = ((array_key_exists('smarty3_folder',\App::$config['system']))
? \App::$config['system']['smarty3_folder'] : '');
if (!$basecompiledir) $basecompiledir = str_replace('Zotlabs','',dirname(__dir__)) . "/" . TEMPLATE_BUILD_PATH;
if (!is_dir($basecompiledir)) {
$basecompiledir = ((array_key_exists('smarty3_folder', App::$config['system']))
? App::$config['system']['smarty3_folder'] : '');
if (! $basecompiledir) {
$basecompiledir = str_replace('Zotlabs','',dirname(__dir__)) . "/" . TEMPLATE_BUILD_PATH;
}
if (! is_dir($basecompiledir)) {
@os_mkdir(TEMPLATE_BUILD_PATH, STORAGE_DEFAULT_PERMISSIONS, true);
if (!is_dir($basecompiledir)) {
if (! is_dir($basecompiledir)) {
echo "<b>ERROR:</b> folder <tt>$basecompiledir</tt> does not exist."; killme();
}
}
if(!is_writable($basecompiledir)){
if (! is_writable($basecompiledir)) {
echo "<b>ERROR:</b> folder <tt>$basecompiledir</tt> must be writable by webserver."; killme();
}
\App::$config['system']['smarty3_folder'] = $basecompiledir;
App::$config['system']['smarty3_folder'] = $basecompiledir;
}
// TemplateEngine interface
@ -31,18 +36,18 @@ class SmartyTemplate implements TemplateEngine {
public function replace_macros($s, $r) {
$template = '';
// these are available for use in all templates
// macro or macros available for use in all templates
$r['$z_baseurl'] = z_root();
$r['$z_server_role'] = \Zotlabs\Lib\System::get_server_role();
$r['$z_techlevel'] = get_account_techlevel();
if(gettype($s) === 'string') {
if (gettype($s) === 'string') {
$template = $s;
$s = new SmartyInterface();
}
foreach($r as $key=>$value) {
if($key[0] === '$') {
foreach ($r as $key=>$value) {
if ($key[0] === '$') {
$key = substr($key, 1);
}
$s->assign($key, $value);
@ -50,32 +55,32 @@ class SmartyTemplate implements TemplateEngine {
return $s->parsed($template);
}
public function get_markup_template($file, $root=''){
public function get_markup_template($file, $root = '') {
$template_file = theme_include($file, $root);
if($template_file) {
if ($template_file) {
$template = new SmartyInterface();
$template->filename = $template_file;
return $template;
}
return "";
return EMPTY_STR;
}
public function get_intltext_template($file, $root='') {
public function get_intltext_template($file, $root = '') {
$lang = \App::$language;
if ($root != '' && substr($root,-1) != '/' ) {
$root .= '/';
}
foreach (Array(
$root."view/$lang/$file",
$root."view/en/$file",
''
) as $template_file) {
if (is_file($template_file)) { break; }
}
if ($template_file=='') {$template_file = theme_include($file,$root);}
if($template_file) {
$lang = App::$language;
if ($root != '' && substr($root,-1) != '/' ) {
$root .= '/';
}
foreach ( [ $root . "view/$lang/$file", $root . "view/en/$file", '' ] as $template_file) {
if (is_file($template_file)) {
break;
}
}
if ($template_file == '') {
$template_file = theme_include($file,$root);
}
if ($template_file) {
$template = new SmartyInterface();
$template->filename = $template_file;
return $template;

73
Zotlabs/Update/_1231.php Normal file
View File

@ -0,0 +1,73 @@
<?php
namespace Zotlabs\Update;
class _1231 {
function run() {
q("START TRANSACTION");
if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) {
$r1 = q("DROP INDEX item_uid");
$r2 = q("DROP INDEX item_aid");
$r3 = q("DROP INDEX item_restrict");
$r4 = q("DROP INDEX item_flags");
$r5 = q("DROP INDEX item_private");
$r6 = q("DROP INDEX item_starred");
$r7 = q("DROP INDEX item_thread_top");
$r8 = q("DROP INDEX item_retained");
$r9 = q("DROP INDEX item_deleted");
$r10 = q("DROP INDEX item_type");
$r11 = q("DROP INDEX item_hidden");
$r12 = q("DROP INDEX item_unpublished");
$r13 = q("DROP INDEX item_delayed");
$r14 = q("DROP INDEX item_pending_remove");
$r15 = q("DROP INDEX item_blocked");
$r16 = q("DROP INDEX item_unseen");
$r17 = q("DROP INDEX item_relay");
$r18 = q("DROP INDEX item_verified");
$r19 = q("DROP INDEX item_notshown");
$r20 = q("create index item_uid_item_type on item (uid, item_type)");
$r21 = q("create index item_uid_item_thread_top on item (uid, item_thread_top)");
$r22 = q("create index item_uid_item_blocked on item (uid, item_blocked)");
$r23 = q("create index item_uid_item_wall on item (uid, item_wall)");
$r24 = q("create index item_uid_item_starred on item (uid, item_starred)");
$r25 = q("create index item_uid_item_retained on item (uid, item_retained)");
$r26 = q("create index item_uid_item_private on item (uid, item_private)");
$r27 = q("create index item_uid_resource_type on item (uid, resource_type)");
$r28 = q("create index item_item_deleted_item_pending_remove_changed on item (item_deleted, item_pending_remove, changed)");
$r29 = q("create index item_item_pending_remove_changed on item (item_pending_remove, changed)");
$r30 = q("create index item_thr_parent on item (thr_parent)");
$r = (
$r1 && $r2 && $r3 && $r4 && $r5 && $r6 && $r7 && $r8 && $r9 && $r10 && $r11 && $r12 && $r13 && $r14
&& $r15 && $r16 && $r17 && $r18 && $r19 && $r20 && $r21 && $r22 && $r23 && $r24 && $r25 && $r26
&& $r27 && $r28 && $r29 && $r30
);
}
else {
$r1 = q("ALTER TABLE item DROP INDEX item_unseen");
$r2 = q("ALTER TABLE item DROP INDEX item_relay");
$r3 = q("ALTER TABLE item DROP INDEX item_verified");
$r4 = q("ALTER TABLE item DROP INDEX item_notshown");
$r5 = q("ALTER TABLE item ADD INDEX thr_parent (thr_parent)");
$r = ($r1 && $r2 && $r3 && $r4 && $r5);
}
if($r) {
q("COMMIT");
return UPDATE_SUCCESS;
}
q("ROLLBACK");
return UPDATE_FAILED;
}
}

47
Zotlabs/Update/_1232.php Normal file
View File

@ -0,0 +1,47 @@
<?php
namespace Zotlabs\Update;
class _1232 {
function run() {
if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) {
return UPDATE_SUCCESS;
}
else {
q("START TRANSACTION");
$r = q("ALTER TABLE channel
DROP channel_r_stream,
DROP channel_r_profile,
DROP channel_r_photos,
DROP channel_r_abook,
DROP channel_w_stream,
DROP channel_w_wall,
DROP channel_w_tagwall,
DROP channel_w_comment,
DROP channel_w_mail,
DROP channel_w_photos,
DROP channel_w_chat,
DROP channel_a_delegate,
DROP channel_r_storage,
DROP channel_w_storage,
DROP channel_r_pages,
DROP channel_w_pages,
DROP channel_a_republish,
DROP channel_w_like"
);
}
if($r) {
q("COMMIT");
return UPDATE_SUCCESS;
}
q("ROLLBACK");
return UPDATE_FAILED;
}
}

38
Zotlabs/Update/_1233.php Normal file
View File

@ -0,0 +1,38 @@
<?php
namespace Zotlabs\Update;
class _1233 {
function run() {
q("START TRANSACTION");
if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) {
$r1 = q("DROP INDEX item_uid_mid");
$r2 = q("create index item_uid_mid on item (uid, mid)");
$r3 = q("create index xchan_photo_m on xchan (xchan_photo_m)");
$r = ($r1 && $r2 && $r3);
}
else {
$r1 = q("ALTER TABLE item DROP INDEX uid_mid");
$r2 = q("ALTER TABLE item ADD INDEX uid_mid (uid, mid)");
$r3 = q("ALTER TABLE xchan ADD INDEX xchan_photo_m (xchan_photo_m)");
$r = ($r1 && $r2 && $r3);
}
if($r) {
q("COMMIT");
return UPDATE_SUCCESS;
}
q("ROLLBACK");
return UPDATE_FAILED;
}
}

26
Zotlabs/Update/_1234.php Normal file
View File

@ -0,0 +1,26 @@
<?php
namespace Zotlabs\Update;
class _1234 {
function run() {
q("START TRANSACTION");
$r = q("DELETE FROM app WHERE app_name = '%s' OR app_name = '%s'",
dbesc('Events'),
dbesc('CalDAV')
);
if($r) {
q("COMMIT");
return UPDATE_SUCCESS;
}
q("ROLLBACK");
return UPDATE_FAILED;
}
}

23
Zotlabs/Widget/Cdav.php
View File

@ -22,7 +22,7 @@ class Cdav {
$o = '';
if(argc() == 2 && argv(1) === 'calendar') {
if(argc() <= 3 && argv(1) === 'calendar') {
$caldavBackend = new \Sabre\CalDAV\Backend\PDO($pdo);
@ -57,7 +57,7 @@ class Cdav {
$switch = get_pconfig(local_channel(), 'cdav_calendar', $sabrecal['id'][0]);
$color = (($sabrecal['{http://apple.com/ns/ical/}calendar-color']) ? $sabrecal['{http://apple.com/ns/ical/}calendar-color'] : '#3a87ad');
$color = (($sabrecal['{http://apple.com/ns/ical/}calendar-color']) ? $sabrecal['{http://apple.com/ns/ical/}calendar-color'] : '#6cad39');
$editable = (($sabrecal['share-access'] == 2) ? 'false' : 'true'); // false/true must be string since we're passing it to javascript
@ -113,10 +113,22 @@ class Cdav {
}
}
$channel_calendars[] = [
'ownernick' => $channel['channel_address'],
'displayname' => $channel['channel_name'],
'calendarid' => 'channel_calendar',
'json_source' => '/channel_calendar/json',
'color' => '#3a87ad',
'editable' => true,
'switch' => get_pconfig(local_channel(), 'cdav_calendar', 'channel_calendar')
];
$o .= replace_macros(get_markup_template('cdav_widget_calendar.tpl'), [
'$my_calendars_label' => t('My Calendars'),
'$channel_calendars_label' => t('Channel Calendar'),
'$channel_calendars' => $channel_calendars,
'$my_calendars_label' => t('CalDAV Calendars'),
'$my_calendars' => $my_calendars,
'$shared_calendars_label' => t('Shared Calendars'),
'$shared_calendars_label' => t('Shared CalDAV Calendars'),
'$shared_calendars' => $shared_calendars,
'$sharee_options' => $sharee_options,
'$access_options' => $access_options,
@ -124,10 +136,11 @@ class Cdav {
'$share' => t('Share'),
'$edit_label' => t('Calendar name and color'),
'$edit' => t('Edit'),
'$create_label' => t('Create new calendar'),
'$create_label' => t('Create new CalDAV calendar'),
'$create' => t('Create'),
'$create_placeholder' => t('Calendar Name'),
'$tools_label' => t('Calendar Tools'),
'$tools_options_label' => [t('Channel Calendars'), t('CalDAV Calendars')],
'$import_label' => t('Import calendar'),
'$import_placeholder' => t('Select a calendar to import to'),
'$upload' => t('Upload'),

6
Zotlabs/Widget/Suggestions.php
View File

@ -2,6 +2,8 @@
namespace Zotlabs\Widget;
use Zotlabs\Lib\Apps;
require_once('include/socgraph.php');
@ -9,9 +11,9 @@ class Suggestions {
function widget($arr) {
if((! local_channel()) || (! feature_enabled(local_channel(),'suggest')))
return '';
if((! local_channel()) || (! Apps::system_app_installed(local_channel(), 'Suggest Channels')))
return EMPTY_STR;
$r = suggestion_query(local_channel(),get_observer_hash(),0,20);

3
Zotlabs/Zot6/HTTPSig.php
View File

@ -5,6 +5,7 @@ namespace Zotlabs\Zot6;
use Zotlabs\Lib\ActivityStreams;
use Zotlabs\Lib\Webfinger;
use Zotlabs\Web\HTTPHeaders;
use Zotlabs\Lib\Libzot;
/**
* @brief Implements HTTP Signatures per draft-cavage-http-signatures-10.
@ -324,7 +325,7 @@ class HTTPSig {
if($l['rel'] === 'http://purl.org/zot/protocol/6.0' && array_key_exists('href',$l) && $l['href'] !== EMPTY_STR) {
$z = \Zotlabs\Lib\Zotfinger::exec($l['href']);
if($z) {
$i = Zotlabs\Lib\Libzot::import_xchan($z['data']);
$i = Libzot::import_xchan($z['data']);
if($i['success']) {
$key['portable_id'] = $i['hash'];

3
Zotlabs/Zot6/Zot6Handler.php
View File

@ -151,8 +151,7 @@ class Zot6Handler implements IHandler {
/*
* fetch the requested conversation
*/
/// @FIXME $sender_hash is undefined
$messages = zot_feed($c[0]['channel_id'],$sender_hash, [ 'message_id' => $data['message_id'], 'encoding' => 'activitystreams' ]);
$messages = zot_feed($c[0]['channel_id'], $sender, [ 'message_id' => $data['message_id'], 'encoding' => 'activitystreams' ]);
return (($messages) ? : [] );
}

6
app/caldav.apd → app/calendar.apd
View File

@ -1,6 +1,6 @@
version: 2
version: 1
url: $baseurl/cdav/calendar, $baseurl/settings/calendar
requires: local_channel
name: CalDAV
name: Calendar
photo: icon:calendar
categories: Productivity, Personal
categories: Productivity, nav_featured_app

6
app/events.apd
View File

@ -1,6 +0,0 @@
version: 2
url: $baseurl/events, $baseurl/settings/events
requires: local_channel
name: Events
photo: icon:calendar
categories: nav_featured_app, Productivity

BIN
app/events.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 4.0 KiB

13
boot.php
View File

@ -50,10 +50,10 @@ require_once('include/attach.php');
require_once('include/bbcode.php');
define ( 'PLATFORM_NAME', 'hubzilla' );
define ( 'STD_VERSION', '4.1' );
define ( 'STD_VERSION', '4.3' );
define ( 'ZOT_REVISION', '6.0a' );
define ( 'DB_UPDATE_VERSION', 1230 );
define ( 'DB_UPDATE_VERSION', 1234 );
define ( 'PROJECT_BASE', __DIR__ );
@ -467,7 +467,7 @@ define ( 'NAMESPACE_YMEDIA', 'http://search.yahoo.com/mrss/' );
define ( 'ACTIVITYSTREAMS_JSONLD_REV', 'https://www.w3.org/ns/activitystreams' );
define ( 'ZOT_APSCHEMA_REV', '/apschema/v1.3' );
define ( 'ZOT_APSCHEMA_REV', '/apschema/v1.4' );
/**
* activity stream defines
*/
@ -1507,12 +1507,13 @@ function fix_system_urls($oldurl, $newurl) {
dbesc($rv['xchan_hash'])
);
$y = q("update hubloc set hubloc_addr = '%s', hubloc_url = '%s', hubloc_url_sig = '%s', hubloc_host = '%s', hubloc_callback = '%s' where hubloc_hash = '%s' and hubloc_url = '%s'",
$y = q("update hubloc set hubloc_addr = '%s', hubloc_url = '%s', hubloc_id_url = '%s', hubloc_url_sig = '%s', hubloc_host = '%s', hubloc_callback = '%s' where hubloc_hash = '%s' and hubloc_url = '%s'",
dbesc($channel_address . '@' . $rhs),
dbesc($newurl),
dbesc(base64url_encode(rsa_sign($newurl,$c[0]['channel_prvkey']))),
dbesc(str_replace($oldurl,$newurl,$rv['hubloc_id_url'])),
dbesc(($rv['hubloc_network'] === 'zot6') ? \Zotlabs\Lib\Libzot::sign($newurl,$c[0]['channel_prvkey']) : base64url_encode(rsa_sign($newurl,$c[0]['channel_prvkey']))),
dbesc($newhost),
dbesc($newurl . '/post'),
dbesc(($rv['hubloc_network'] === 'zot6') ? $newurl . '/zot' : $newurl . '/post'),
dbesc($rv['xchan_hash']),
dbesc($oldurl)
);

6
composer.json
View File

@ -39,7 +39,7 @@
"lukasreschke/id3parser": "^0.0.1",
"smarty/smarty": "~3.1",
"ramsey/uuid": "^3.8",
"twbs/bootstrap": "4.1.3",
"twbs/bootstrap": "^4.3.1",
"blueimp/jquery-file-upload": "^9.25",
"desandro/imagesloaded": "^4.1"
},
@ -49,7 +49,9 @@
"behat/mink-extension": "@stable",
"behat/mink-goutte-driver": "@stable",
"php-mock/php-mock-phpunit": "@stable",
"phpunit/dbunit": "@stable"
"phpunit/dbunit": "@stable",
"phpmd/phpmd": "^2.6",
"squizlabs/php_codesniffer": "*"
},
"autoload" : {
"psr-4" : {

192
composer.lock generated
View File

@ -4,20 +4,20 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
"content-hash": "fe5e71d7076eeddf1c174be4a5c052dd",
"content-hash": "f4dce457cd65f92a26d8197617f2f560",
"packages": [
{
"name": "blueimp/jquery-file-upload",
"version": "v9.28.0",
"version": "v9.30.0",
"source": {
"type": "git",
"url": "https://github.com/vkhramtsov/jQuery-File-Upload.git",
"reference": "ff5accfe2e5c4a522777faa980a90cf86a636d1d"
"reference": "1fceec556879403e5c1ae32a7c448aa12b8c3558"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/vkhramtsov/jQuery-File-Upload/zipball/ff5accfe2e5c4a522777faa980a90cf86a636d1d",
"reference": "ff5accfe2e5c4a522777faa980a90cf86a636d1d",
"url": "https://api.github.com/repos/vkhramtsov/jQuery-File-Upload/zipball/1fceec556879403e5c1ae32a7c448aa12b8c3558",
"reference": "1fceec556879403e5c1ae32a7c448aa12b8c3558",
"shasum": ""
},
"type": "library",
@ -59,7 +59,7 @@
"upload",
"widget"
],
"time": "2018-11-13T05:41:39+00:00"
"time": "2019-04-22T09:21:57+00:00"
},
{
"name": "bshaffer/oauth2-server-php",
@ -861,16 +861,16 @@
},
{
"name": "sabre/vobject",
"version": "4.1.6",
"version": "4.2.0",
"source": {
"type": "git",
"url": "https://github.com/sabre-io/vobject.git",
"reference": "122cacbdea2c6133ac04db86ec05854beef75adf"
"reference": "bd500019764e434ff65872d426f523e7882a0739"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/sabre-io/vobject/zipball/122cacbdea2c6133ac04db86ec05854beef75adf",
"reference": "122cacbdea2c6133ac04db86ec05854beef75adf",
"url": "https://api.github.com/repos/sabre-io/vobject/zipball/bd500019764e434ff65872d426f523e7882a0739",
"reference": "bd500019764e434ff65872d426f523e7882a0739",
"shasum": ""
},
"require": {
@ -879,8 +879,7 @@
"sabre/xml": ">=1.5 <3.0"
},
"require-dev": {
"phpunit/phpunit": "> 4.8.35, <6.0.0",
"sabre/cs": "^1.0.0"
"phpunit/phpunit": "> 4.8.35, <6.0.0"
},
"suggest": {
"hoa/bench": "If you would like to run the benchmark scripts"
@ -954,7 +953,7 @@
"xCal",
"xCard"
],
"time": "2018-04-20T07:22:50+00:00"
"time": "2019-02-19T13:05:37+00:00"
},
{
"name": "sabre/xml",
@ -1207,16 +1206,16 @@
},
{
"name": "twbs/bootstrap",
"version": "v4.1.3",
"version": "v4.3.1",
"source": {
"type": "git",
"url": "https://github.com/twbs/bootstrap.git",
"reference": "3b558734382ce58b51e5fc676453bfd53bba9201"
"reference": "8fa0d3010112dca5dd6dd501173415856001ba8b"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/twbs/bootstrap/zipball/3b558734382ce58b51e5fc676453bfd53bba9201",
"reference": "3b558734382ce58b51e5fc676453bfd53bba9201",
"url": "https://api.github.com/repos/twbs/bootstrap/zipball/8fa0d3010112dca5dd6dd501173415856001ba8b",
"reference": "8fa0d3010112dca5dd6dd501173415856001ba8b",
"shasum": ""
},
"replace": {
@ -1254,7 +1253,7 @@
"sass",
"web"
],
"time": "2018-07-24T15:54:34+00:00"
"time": "2019-02-13T16:01:40+00:00"
}
],
"packages-dev": [
@ -2038,6 +2037,46 @@
],
"time": "2018-06-11T23:09:50+00:00"
},
{
"name": "pdepend/pdepend",
"version": "2.5.2",
"source": {
"type": "git",
"url": "https://github.com/pdepend/pdepend.git",
"reference": "9daf26d0368d4a12bed1cacae1a9f3a6f0adf239"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/pdepend/pdepend/zipball/9daf26d0368d4a12bed1cacae1a9f3a6f0adf239",
"reference": "9daf26d0368d4a12bed1cacae1a9f3a6f0adf239",
"shasum": ""
},
"require": {
"php": ">=5.3.7",
"symfony/config": "^2.3.0|^3|^4",
"symfony/dependency-injection": "^2.3.0|^3|^4",
"symfony/filesystem": "^2.3.0|^3|^4"
},
"require-dev": {
"phpunit/phpunit": "^4.8|^5.7",
"squizlabs/php_codesniffer": "^2.0.0"
},
"bin": [
"src/bin/pdepend"
],
"type": "library",
"autoload": {
"psr-4": {
"PDepend\\": "src/main/php/PDepend"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"BSD-3-Clause"
],
"description": "Official version of pdepend to be handled with Composer",
"time": "2017-12-13T13:21:38+00:00"
},
{
"name": "phar-io/manifest",
"version": "1.0.3",
@ -2460,6 +2499,72 @@
],
"time": "2017-07-14T14:27:02+00:00"
},
{
"name": "phpmd/phpmd",
"version": "2.6.0",
"source": {
"type": "git",
"url": "https://github.com/phpmd/phpmd.git",
"reference": "4e9924b2c157a3eb64395460fcf56b31badc8374"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/phpmd/phpmd/zipball/4e9924b2c157a3eb64395460fcf56b31badc8374",
"reference": "4e9924b2c157a3eb64395460fcf56b31badc8374",
"shasum": ""
},
"require": {
"ext-xml": "*",
"pdepend/pdepend": "^2.5",
"php": ">=5.3.9"
},
"require-dev": {
"phpunit/phpunit": "^4.0",
"squizlabs/php_codesniffer": "^2.0"
},
"bin": [
"src/bin/phpmd"
],
"type": "project",
"autoload": {
"psr-0": {
"PHPMD\\": "src/main/php"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"BSD-3-Clause"
],
"authors": [
{
"name": "Manuel Pichler",
"email": "github@manuel-pichler.de",
"homepage": "https://github.com/manuelpichler",
"role": "Project Founder"
},
{
"name": "Other contributors",
"homepage": "https://github.com/phpmd/phpmd/graphs/contributors",
"role": "Contributors"
},
{
"name": "Marc Würth",
"email": "ravage@bluewin.ch",
"homepage": "https://github.com/ravage84",
"role": "Project Maintainer"
}
],
"description": "PHPMD is a spin-off project of PHP Depend and aims to be a PHP equivalent of the well known Java tool PMD.",
"homepage": "http://phpmd.org/",
"keywords": [
"mess detection",
"mess detector",
"pdepend",
"phpmd",
"pmd"
],
"time": "2017-01-20T14:41:10+00:00"
},
{
"name": "phpspec/prophecy",
"version": "1.8.0",
@ -3614,6 +3719,57 @@
"homepage": "https://github.com/sebastianbergmann/version",
"time": "2016-10-03T07:35:21+00:00"
},
{
"name": "squizlabs/php_codesniffer",
"version": "3.4.0",
"source": {
"type": "git",
"url": "https://github.com/squizlabs/PHP_CodeSniffer.git",
"reference": "379deb987e26c7cd103a7b387aea178baec96e48"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/squizlabs/PHP_CodeSniffer/zipball/379deb987e26c7cd103a7b387aea178baec96e48",
"reference": "379deb987e26c7cd103a7b387aea178baec96e48",
"shasum": ""
},
"require": {
"ext-simplexml": "*",
"ext-tokenizer": "*",
"ext-xmlwriter": "*",
"php": ">=5.4.0"
},
"require-dev": {
"phpunit/phpunit": "^4.0 || ^5.0 || ^6.0 || ^7.0"
},
"bin": [
"bin/phpcs",
"bin/phpcbf"
],
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "3.x-dev"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"BSD-3-Clause"
],
"authors": [
{
"name": "Greg Sherwood",
"role": "lead"
}
],
"description": "PHP_CodeSniffer tokenizes PHP, JavaScript and CSS files and detects violations of a defined set of coding standards.",
"homepage": "http://www.squizlabs.com/php-codesniffer",
"keywords": [
"phpcs",
"standards"
],
"time": "2018-12-19T23:57:18+00:00"
},
{
"name": "symfony/browser-kit",
"version": "v4.2.1",

251
doc/admin/administrator_guide.md
View File

@ -1,4 +1,3 @@
### Overview
$Projectname is more than a simple web application. It is a
@ -17,48 +16,47 @@ such as XAMPP and WAMP are not officially supported at this time however
we welcome patches if you manage to get it working.
### Where to find more help
If you encounter problems or have issues not addressed in this documentation,
If you encounter problems or have issues not addressed in this documentation,
please let us know via the [Github issue
tracker](https://framagit.org/hubzilla/core/issues). Please be as clear as you
can about your operating environment and provide as much detail as possible
about any error messages you may see, so that we can prevent it from happening
in the future. Due to the large variety of operating systems and PHP platforms
in existence we may have only limited ability to debug your PHP installation or
acquire any missing modules * but we will do our best to solve any general code
acquire any missing modules, but we will do our best to solve any general code
issues.
### Before you begin
### Before you begin
#### Choose a domain name or subdomain name for your server
$Projectname can only be installed into the root of a domain or sub-domain, and can
$Projectname can only be installed into the root of a domain or sub-domain, and can
not be installed using alternate TCP ports.
#### Decide if you will use SSL and obtain an SSL certificate before software installation
You SHOULD use SSL. If you use SSL, you MUST use a "browser-valid" certificate.
You SHOULD use SSL. If you use SSL, you MUST use a "browser-valid" certificate.
*You MUST NOT use self-signed certificates!*
Please test your certificate prior to installation. A web tool for testing your
certificate is available at "http://www.digicert.com/help/". When visiting your
site for the first time, please use the SSL ("https://") URL if SSL is available.
This will avoid problems later. The installation routine will not allow you to
Please test your certificate prior to installation. A web tool for testing your
certificate is available at "http://www.digicert.com/help/". When visiting your
site for the first time, please use the SSL ("https://") URL if SSL is available.
This will avoid problems later. The installation routine will not allow you to
use a non browser-valid certificate.
This restriction is incorporated because public posts from you may contain
This restriction is incorporated because public posts from you may contain
references to images on your own hub. Other members viewing their stream on
other hubs will get warnings if your certificate is not trusted by their web
browser. This will confuse many people because this is a decentralised network
and they will get the warning about your hub while viewing their own hub and may
think their own hub has an issue. These warnings are very technical and scary to
and they will get the warning about your hub while viewing their own hub and may
think their own hub has an issue. These warnings are very technical and scary to
some folks, many of whom will not know how to proceed except to follow the browser
advice. This is disruptive to the community. That said, we recognise the issues
surrounding the current certificate infrastructure and agree there are many
problems, but that doesn't change the requirement.
problems, but that doesn't change the requirement.
Free "browser-valid" certificates are available from providers such as StartSSL
and LetsEncrypt.
and LetsEncrypt.
If you do NOT use SSL, there may be a delay of up to a minute for the initial
install script - while we check the SSL port to see if anything responds there.
@ -66,11 +64,11 @@ When communicating with new sites, $Projectname always attempts connection on th
SSL port first, before falling back to a less secure connection. If you do not
use SSL, your webserver MUST NOT listen on port 443 at all.
If you use LetsEncrypt to provide certificates and create a file under
.well-known/acme-challenge so that LetsEncrypt can verify your domain ownership,
please remove or rename the .well-known directory as soon as the certificate is
If you use LetsEncrypt to provide certificates and create a file under
.well-known/acme-challenge so that LetsEncrypt can verify your domain ownership,
please remove or rename the .well-known directory as soon as the certificate is
generated. $Projectname will provide its own handler for ".well-known" services when
it is installed, and an existing directory in this location may prevent some of
it is installed, and an existing directory in this location may prevent some of
these services from working correctly. This should not be a problem with Apache,
but may be an issue with nginx or other web server platforms.
@ -82,20 +80,20 @@ There are several ways to deploy a new hub.
* Automated deployment using an OpenShift virtual private server (VPS)
### Requirements
* Apache with mod-rewrite enabled and "AllowOverride All" so you can use a
* Apache with mod-rewrite enabled and "AllowOverride All" so you can use a
local .htaccess file. Some folks have successfully used nginx and lighttpd.
Example config scripts are available for these platforms in doc/install.
Apache and nginx have the most support.
Apache and nginx have the most support.
* PHP 5.5 or later.
* Note that on some shared hosting environments, the _command line_ version of
PHP might differ from the _webserver_ version
* PHP 7.1 or later.
* Note that on some shared hosting environments, the _command line_
version of PHP might differ from the _webserver_ version
* PHP *command line* access with register_argc_argv set to true in the
php.ini file * and with no hosting provider restrictions on the use of
* PHP *command line* access with register_argc_argv set to true in the
php.ini file * and with no hosting provider restrictions on the use of
exec() and proc_open().
* curl, gd (with at least jpeg and png support), mysqli, mbstring, mcrypt,
* curl, gd (with at least jpeg and png support), mysqli, mbstring, mcrypt, zip,
and openssl extensions. The imagick extension is not required but desirable.
* xml extension is required if you want webdav to work.
@ -106,7 +104,7 @@ PHP might differ from the _webserver_ version
* ability to schedule jobs with cron.
* Installation into a top-level domain or sub-domain (without a
* Installation into a top-level domain or sub-domain (without a
directory/path component in the URL) is REQUIRED.
### Manual Installation
@ -115,9 +113,9 @@ PHP might differ from the _webserver_ version
If you copy the directory tree to your webserver, make sure that you include the
hidden files like .htaccess.
If you are able to do so, we recommend using git to clone the source
repository rather than to use a packaged tar or zip file. This makes the
software much easier to update. The Linux command to clone the repository
If you are able to do so, we recommend using git to clone the source
repository rather than to use a packaged tar or zip file. This makes the
software much easier to update. The Linux command to clone the repository
into a directory "mywebsite" would be:
git clone https://framagit.org/hubzilla/core.git mywebsite
@ -126,7 +124,7 @@ and then you can pick up the latest changes at any time with:
git pull
make sure folders ``store/[data]/smarty3`` and ``store`` exist and are
make sure folders ``store/[data]/smarty3`` and ``store`` exist and are
writable by the webserver:
mkdir -p "store/[data]/smarty3"
@ -150,7 +148,7 @@ web-based administrative tools to function:
#### Official addons
##### Installation
Navigate to your website. Then you should clone the addon repository (separately). We'll give this repository a nickname of 'hzaddons'. You can pull in other hubzilla addon repositories by giving them different nicknames::
Navigate to your website. Then you should clone the addon repository (separately). We'll give this repository a nickname of 'hzaddons'. You can pull in other hubzilla addon repositories by giving them different nicknames:
cd mywebsite
util/add_addon_repo https://framagit.org/hubzilla/addons.git hzaddons
@ -161,9 +159,9 @@ For keeping the addon tree updated, you should be on your top level website dire
cd mywebsite
util/update_addon_repo hzaddons
Create searchable representations of the online documentation. You may do this
any time that the documentation is updated :
Create searchable representations of the online documentation. You may do this
any time that the documentation is updated :
cd mywebsite
util/importdoc
@ -203,45 +201,28 @@ We recommend the following addons be installed on all public sites:
Several web communities have begun to converge using common protocols. The protocols involved are somewhat limited in their abilities. The GNU-Social protocol for instance offers no privacy modes, and the Diaspora protocol is somewhat restrictive in what kinds of communications are allowed. All comments must be signed in a very unique manner by the original author. The ActivityPub protocol is also being considered and may be supported at a future date. No other existing protocol supports nomadic location as used by this project. This presents some support challenges as some features work with some networks and don't work with others. Nevertheless the federation protocols allow connections to be made to a much larger community of people worldwide. They are provided as addons.
> diaspora - The Diaspora Protocol used by Diaspora and Friendica. You should enable 'Diaspora Statistics' (statistics) first to enable all the available features.
* diaspora - The Diaspora Protocol used by Diaspora and Friendica. You should enable 'Diaspora Statistics' (statistics) first to enable all the available features.
> gnusoc - The GNU-Social Protocol, used by GNU-Social, Mastodon and several other communities. This addon requires you first install the 'pubsubhubbub' service (also an addon).
* gnusoc - The GNU-Social Protocol, used by GNU-Social, Mastodon and several other communities. This addon requires you first install the 'pubsubhubbub' service (also an addon).
Each member of your site must choose whether or not to allow these protocols individually as they may conflict with several desirable core features and abilities of this software (such as channel migration and cloning). They do this from their 'Settings -> Feature/Addon Settings' page. The administrator may also set the following:
util/config system.diaspora_allowed 1
util/config system.gnusoc_allowed 1
and enable these protocols automatically for all newly created channels.
### Techlevels
We've implemented several different mechanisms in order to reduce the apparent complexity and learning curve presented to new members. At the same time, we do not wish to limit any functionality for people who are able to grasp some slightly advanced technical technical features. The first mechanism was to move several features to an optional 'Features' page where they could be enabled at will; with the default interface kept somewhat lean.
The problem we had now is that the number of features began to grow dramatically, and the Feature page is daunting in possibilities. There are also features present which probably should not be available to all members, but may be extremely useful to those with technical backgrounds.
The techlevels seeeks to remedy this by grouping features within different levels of technical ability; starting at 0 (uncomfortable with technology), and up to 5 (Unix wizard or equivalent).
When a new member registers, their account is provided a techlevel setting of 0. On the account settings page they may change this to any available level. A higher level opens more advanced features and possible interactions.
The account administrator may also lock a particular level, lock a maximum level, or change/re-arrange the features available to any level. Those with the minimum level are typically not very exploratory and are unlikely to discover the advanced modes. This is by design. Those that look around and desire more interactions will find them. In the absence of administrator defaults they may choose any level. As they look at the features available to the level in question, it is generally expected that they will discover some features are beyond their comprehension and it is hoped they will back off to a level where the interface and features are comfortable to their skill level.
and enable these protocols automatically for all newly created channels.
### Service Classes
Service classes allow you to set limits on system resources by limiting what individual
accounts can do, including file storage and top-level post limits. Define custom service
classes according to your needs in the `.htconfig.php` file. For example, create
accounts can do, including file storage and top-level post limits. Define custom service
classes according to your needs in the `.htconfig.php` file. For example, create
a _standard_ and _premium_ class using the following lines:
// Service classes
App::$config['system']['default_service_class']='standard'; // this is the default service class that is attached to every new account
// configuration for standard service class
App::$config['service_class']['standard'] =
array('photo_upload_limit'=>2097152, // total photo storage limit per channel (here 2MB)
@ -251,7 +232,7 @@ a _standard_ and _premium_ class using the following lines:
'total_channels' =>100, // number of channels the user can add, other users can still add this channel, even if the limit is reached
'attach_upload_limit' =>2097152, // total attachment storage limit per channel (here 2MB)
'chatters_inroom' =>20);
// configuration for premium service class
App::$config['service_class']['premium'] =
array('photo_upload_limit'=>20000000000, // total photo storage limit per channel (here 20GB)
@ -262,7 +243,7 @@ a _standard_ and _premium_ class using the following lines:
'attach_upload_limit' =>20000000000, // total attachment storage limit per channel (here 20GB)
'chatters_inroom' =>100);
To apply a service class to an existing account, use the command line utility from the
To apply a service class to an existing account, use the command line utility from the
web root:
`util/service_class`
@ -298,11 +279,11 @@ set the account that owns channel 'blogchan' to service class 'firstclass' (with
* access_tokens - maximum number of Guest Access Tokens per channel
### Theme management
#### Repo management example
#### Repo management example
1. Navigate to your hub web root
```
root@hub:/root# cd /var/www
root@hub:/root# cd /var/www
```
2. Add the theme repo and give it a name
@ -319,70 +300,136 @@ set the account that owns channel 'blogchan' to service class 'firstclass' (with
#### Keywords
There is a "tag cloud" of keywords that can appear on the channel directory page.
If you wish to hide these keywords, which are drawn from the directory server, you
There is a "tag cloud" of keywords that can appear on the channel directory page.
If you wish to hide these keywords, which are drawn from the directory server, you
can use the *config* tool:
util/config system disable_directory_keywords 1
If your hub is in the standalone mode because you do not wish to connect to the
global grid, you may instead ensure the the _directory_server_ system option is
If your hub is in the standalone mode because you do not wish to connect to the
global grid, you may instead ensure the the _directory_server_ system option is
empty:
util/config system directory_server ""
### Administration
#### Site Administration
Administration of the website is commonly done through the admin webpage located at /admin on your website. In order to access this page you must have administration rights to the server. Administration rights are granted to the first account to register on your site, **provided** the email address of that account exactly matches the email address you provided as the administrator's email address during setup.
Administration of the website is commonly done through the admin webpage located at /admin on your website. In order to access this page you must have administration rights to the server. Administration rights are granted to the first account to register on your site, **provided** the email address of that account exactly matches the email address you provided as the administrator's email address during setup.
There are several ways that this can fail and leave the system without an administrator account, for instance if the first account that was created provided a different email address than the administrator email address that was supplied during setup.
There are several ways that this can fail and leave the system without an administrator account, for instance if the first account that was created provided a different email address than the administrator email address that was supplied during setup.
For security reasons there is no web page or interface on the system which will give you administrator access. If you need to correct a situation where a system has no administrator account it **must** be done by editing the account table in the database. There is no other way. To do this, you will need to locate the entry in the account table which belongs to the desired administrator, and set 'account_roles' for that entry to 4096. You will then be able to access the admin page from your system's profile menu or directly via /admin .
A hub can have multiple admins and there is no limit to how administrators you can have. Repeat the above process for every account you wish to provide with administration rights.
A hub can have multiple admins and there is no limit to how administrators you can have. Repeat the above process for every account you wish to provide with administration rights.
### Troubleshooting
#### Log files
The system logfile is an extremely useful resource for tracking down things that go wrong. This can be enabled in the admin/log configuration page. A loglevel setting of LOGGER_DEBUG is preferred for stable production sites. Most things that go wrong with communications or storage are listed here. A setting of LOGGER_DATA provides [b]much[/b] more detail, but may fill your disk. In either case we recommend the use of logrotate on your operating system to cycle logs and discard older entries.
The system logfile is an extremely useful resource for tracking down
things that go wrong. This can be enabled in the admin/log
configuration page. A loglevel setting of `LOGGER_DEBUG` is preferred
for stable production sites. Most things that go wrong with
communications or storage are listed here. A setting of LOGGER_DATA
provides *much* more detail, but may fill your disk. In either
case we recommend the use of logrotate on your operating system to
cycle logs and discard older entries.
At the bottom of your .htconfig.php file are several lines (commented out) which enable PHP error logging. This reports issues with code syntax and executing the code and is the first place you should look for issues which result in a "white screen" or blank page. This is typically the result of code/syntax problems.
Database errors are reported to the system logfile, but we've found it useful to have a file in your top-level directory called dbfail.out which [b]only[/b] collects database related issues. If the file exists and is writable, database errors will be logged to it as well as to the system logfile.
At the bottom of your .htconfig.php file are several lines (commented
out) which enable PHP error logging. This reports issues with code
syntax and executing the code and is the first place you should look
for issues which result in a "white screen" or blank page. This is
typically the result of code/syntax problems. Database errors are
reported to the system logfile, but we've found it useful to have a
file in your top-level directory called dbfail.out which *only*
collects database related issues. If the file exists and is writable,
database errors will be logged to it as well as to the system logfile.
In the case of "500" errors, the issues may often be logged in your webserver logs, often /var/log/apache2/error.log or something similar. Consult your operating system documentation.
In the case of "500" errors, the issues may often be logged in your
webserver logs, often /var/log/apache2/error.log or something
similar. Consult your operating system documentation.
There are three different log facilities.
**The first is the database failure log**. This is only used if you create a file called specifically 'dbfail.out' in the root folder of your website and make it write-able by the web server. If we have any database failed queries, they are all reported here. They generally indicate typos in our queries, but also occur if the database server disconnects or tables get corrupted. On rare occasions we'll see race conditions in here where two processes tried to create an xchan or cache entry with the same ID. Any other errors (especially persistent errors) should be investigated.
**The first is the database failure log**. This is only used if you
create a file called specifically `dbfail.out` in the root folder of
your website and make it write-able by the web server. If we have
any database failed queries, they are all reported here. They
generally indicate typos in our queries, but also occur if the
database server disconnects or tables get corrupted. On rare
occasions we'll see race conditions in here where two processes
tried to create an xchan or cache entry with the same ID. Any other
errors (especially persistent errors) should be investigated.
**The second is the PHP error log**. This is created by the language processor and only reports issues in the language environment. Again these can be syntax errors or programming errors, but these generally are fatal and result in a "white screen of death"; e.g. PHP terminates. You should probably look at this file if something goes wrong that doesn't result in a white screen of death, but it isn't uncommon for this file to be empty for days on end.
**The second is the PHP error log**. This is created by the language
processor and only reports issues in the language environment. Again
these can be syntax errors or programming errors, but these
generally are fatal and result in a "white screen of death";
e.g. PHP terminates. You should probably look at this file if
something goes wrong that doesn't result in a white screen of death,
but it isn't uncommon for this file to be empty for days on end.
There are some lines at the bottom of the supplied .htconfig.php file; which if uncommented will enable a PHP error log (*extremely* useful for finding the source of white screen failures). This isn't done by default due to potential issues with logfile ownership and write permissions and the fact that there is no logfile rotation by default.
There are some lines at the bottom of the supplied `.htconfig.php`
file; which if uncommented will enable a PHP error log (*extremely*
useful for finding the source of white screen failures). This isn't
done by default due to potential issues with logfile ownership and
write permissions and the fact that there is no logfile rotation by
default.
**The third is the "application log"**. This is used by $Projectname to report what is going on in the program and usually reports any difficulties or unexpected data we received. It also occasionally reports "heartbeat" status messages to indicate that we reached a certain point in a script. **This** is the most important log file to us, as we create it ourself for the sole purpose of reporting the status of background tasks and anything that seems weird or out of place. It may not be fatal, but maybe just unexpected. If you're performing a task and there's a problem, let us know what is in this file when the problem occurred. (Please don't send me 100M dumps you'll only piss me off). Just a few relevant lines so I can rule out a few hundred thousand lines of code and concentrate on where the problem starts showing up.
**The third is the "application log"**. This is used by $Projectname
to report what is going on in the program and usually reports any
difficulties or unexpected data we received. It also occasionally
reports "heartbeat" status messages to indicate that we reached a
certain point in a script. **This** is the most important log file
to us, as we create it ourself for the sole purpose of reporting the
status of background tasks and anything that seems weird or out of
place. It may not be fatal, but maybe just unexpected. If you're
performing a task and there's a problem, let us know what is in this
file when the problem occurred. (Please don't send me 100M dumps
you'll only piss me off). Just a few relevant lines so I can rule
out a few hundred thousand lines of code and concentrate on where
the problem starts showing up.
These are your site logs, not mine. We report serious issues at any log level. I highly recommend 'DEBUG' log level for most sites - which provides a bit of additional info and doesn't create huge logfiles. When there's a problem which defies all attempts to track, you might wish to use DATA log level for a short period of time to capture all the detail of what structures we were dealing with at the time. This log level will use a lot of space so is recommended only for brief periods or for developer test sites.
These are your site logs, not mine. We report serious issues at any
log level. I highly recommend `DEBUG` log level for most sites - which
provides a bit of additional info and doesn't create huge
logfiles. When there's a problem which defies all attempts to track,
you might wish to use `DATA` log level for a short period of time to
capture all the detail of what structures we were dealing with at the
time. This log level will use a lot of space so is recommended only
for brief periods or for developer test sites.
I recommend configuring logrotate for both the php log and the application log. I usually have a look at dbfail.out every week or two, fix any issues reported and then starting over with a fresh file. Likewise with the PHP logfile. I refer to it once in a while to see if there's something that needs fixing.
I recommend configuring logrotate for both the php log and the
application log. I usually have a look at dbfail.out every week or
two, fix any issues reported and then starting over with a fresh
file. Likewise with the PHP logfile. I refer to it once in a while to
see if there's something that needs fixing.
If something goes wrong, and it's not a fatal error, I look at the
application logfile. Often I will
If something goes wrong, and it's not a fatal error, I look at the application logfile. Often I will
```
tail -f logfile.out
tail -f logfile.out
```
While repeating an operation that has problems. Often I'll insert extra logging statements in the code if there isn't any hint what's going wrong. Even something as simple as "got here" or printing out the value of a variable that might be suspect. You can do this too - in fact I encourage you to do so. Once you've found what you need to find, you can
While repeating an operation that has problems. Often I'll insert
extra logging statements in the code if there isn't any hint what's
going wrong. Even something as simple as "got here" or printing out
the value of a variable that might be suspect. You can do this too -
in fact I encourage you to do so. Once you've found what you need to
find, you can
```
git checkout file.php
```
To immediately clear out all the extra logging stuff you added. Use the information from this log and any detail you can provide from your investigation of the problem to file your bug report - unless your analysis points to the source of the problem. In that case, just fix it.
To immediately clear out all the extra logging stuff you added. Use
the information from this log and any detail you can provide from your
investigation of the problem to file your bug report - unless your
analysis points to the source of the problem. In that case, just fix
it.
##### Rotating log files
@ -390,13 +437,25 @@ To immediately clear out all the extra logging stuff you added. Use the informa
1. Create a directory in your web root called `log` with webserver write permissions
1. Go to the **logrot** admin settings and enter this folder name as well as the max size and number of retained log files.
#### Reporting issues
When reporting issues, please try to provide as much detail as may be necessary for developers to reproduce the issue and provide the complete text of all error messages.
We encourage you to try to the best of your abilities to use these logs combined with the source code in your possession to troubleshoot issues and find their cause. The community is often able to help, but only you have access to your site logfiles and it is considered a security risk to share them.
If a code issue has been uncovered, please report it on the project bugtracker (https://framagit.org/hubzilla/core/issues). Again provide as much detail as possible to avoid us going back and forth asking questions about your configuration or how to duplicate the problem, so that we can get right to the problem and figure out what to do about it. You are also welcome to offer your own solutions and submit patches. In fact we encourage this as we are all volunteers and have little spare time available. The more people that help, the easier the workload for everybody. It's OK if your solution isn't perfect. Every little bit helps and perhaps we can improve on it.
When reporting issues, please try to provide as much detail as may be
necessary for developers to reproduce the issue and provide the
complete text of all error messages.
We encourage you to try to the best of your abilities to use these
logs combined with the source code in your possession to troubleshoot
issues and find their cause. The community is often able to help, but
only you have access to your site logfiles and it is considered a
security risk to share them.
If a code issue has been uncovered, please report it on the project
bugtracker (https://framagit.org/hubzilla/core/issues). Again provide
as much detail as possible to avoid us going back and forth asking
questions about your configuration or how to duplicate the problem, so
that we can get right to the problem and figure out what to do about
it. You are also welcome to offer your own solutions and submit
patches. In fact we encourage this as we are all volunteers and have
little spare time available. The more people that help, the easier the
workload for everybody. It's OK if your solution isn't perfect. Every
little bit helps and perhaps we can improve on it.

4
doc/bugs.bb
View File

@ -21,7 +21,7 @@ If you get a blank white screen when doing something, this is almost always a co
[h3]I'm stumped. I can't figure out what is wrong.[/h3]
At this point it might be worthwhile discussing the issue on one of the online forums. There may be several of these and some may be more suited to your spoken language. At this time, the 'Hubzilla Support' channel (support@gravizot.de) is the recommended forum for discussing bugs.
At this point it might be worthwhile discussing the issue on one of the online forums. There may be several of these and some may be more suited to your spoken language. At this time, the 'Hubzilla Support' channel (support@zotadel.net) is the recommended forum for discussing bugs.
If community members with software engineering training/expertise can't help you right away, understand that they are volunteers and may have a lot of other work and demands on their time. At this point you need to file a bug report. You will need an account on framagit.org to do this. So register, and then visit https://framagit.org/hubzilla/core/issues . Create an issue here and provide all the same information that you provided online. Don't leave out anything.
@ -29,4 +29,4 @@ Then you wait. If it's a high profile issue, it may get fixed quickly. But nobod
Other people working to fix the problem may need to find out more, so do your homework and document what is happening and everything you've tried. Don't say "I did xyz and it didn't work." That doesn't tell us anything. Tell us precisely what steps you took and what you expected the result to be, and precisely what happened as a result. What page/URL were you looking at or what form were you filling in? If there were any error messages, don't say "there was an error message". Tell us exactly what the message said. Also tell us what hub you are using, what software version you're running and any other details that may be unique about your site configuration. It is understood that you might wish to keep some information and your connections private, however if you aren't willing to share the information other people need to reproduce/fix the problem, it may not get fixed.

3
doc/hidden_configs.bb
View File

@ -51,6 +51,7 @@ Options are:
[*= system.email_notify_icon_url ] URL of image (32x32) to display in email notifications (HTML bodies).
[*= system.expire_delivery_reports ] Expiration in days for delivery reports - default 10
[*= system.expire_limit ] Don't expire any more than this number of posts per channel per expiration run to keep from exhausting memory. Default 5000.
[*= system.filesystem_storage_thumbnails ] If '1', use filesystem instead SQL database to store thumbnails. Default is '0'. Introduced in 4.2
[*= system.hidden_version_siteinfo ] If true, do not report the software version on siteinfo pages (system.hide_version also hides the version on these pages, this setting *only* hides the version on siteinfo pages).
[*= system.hide_help ] Don't display help documentation link in nav bar
[*= system.hide_in_statistics ] Tell the red statistics servers to completely hide this hub in hub lists.
@ -79,7 +80,7 @@ Options are:
[*= system.startpage ] Set the default page to be taken to after a login for all channels at this website. Can be overwritten by user settings.
[*= system.sys_expire_days ] How many days to keep discovered public content from other sites
[*= system.taganyone ] Allow the @mention tagging of anyone whether you are connected or not.
[*= system.tempdir ] Place to store temporary files (currently unused), default is defined in the PHP configuration
[*= system.tempdir ] Place to store temporary files (currently unused), default is defined in the PHP configuration.
[*= system.tos_url ] Set an alternative link for the ToS location.
[*= system.transport_security_header ] if non-zero and SSL is being used, include a strict-transport-security header on webpages
[*= system.uploaddir ] Location to upload files (default is system.tempdir, currently used only by js_upload plugin)

38
include/account.php
View File

@ -142,12 +142,10 @@ function create_account($arr) {
$invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : '');
$email = ((x($arr,'email')) ? notags(punify(trim($arr['email']))) : '');
$password = ((x($arr,'password')) ? trim($arr['password']) : '');
$password2 = ((x($arr,'password2')) ? trim($arr['password2']) : '');
$parent = ((x($arr,'parent')) ? intval($arr['parent']) : 0 );
$flags = ((x($arr,'account_flags')) ? intval($arr['account_flags']) : ACCOUNT_OK);
$roles = ((x($arr,'account_roles')) ? intval($arr['account_roles']) : 0 );
$expires = ((x($arr,'expires')) ? intval($arr['expires']) : NULL_DATE);
$techlevel = ((array_key_exists('techlevel',$arr)) ? intval($arr['techlevel']) : intval(get_config('system','techlevel')));
$default_service_class = get_config('system','default_service_class');
@ -264,9 +262,8 @@ function create_account($arr) {
function verify_email_address($arr) {
if(array_key_exists('resend',$arr)) {
$email = $arr['email'];
$a = q("select * from account where account_email = '%s' limit 1",
dbesc($arr['email'])
dbesc($arr['email'])
);
if(! ($a && ($a[0]['account_flags'] & ACCOUNT_UNVERIFIED))) {
return false;
@ -285,7 +282,7 @@ function verify_email_address($arr) {
else {
$hash = random_string(24);
$r = q("INSERT INTO register ( hash, created, uid, password, lang ) VALUES ( '%s', '%s', %d, '%s', '%s' ) ",
q("INSERT INTO register ( hash, created, uid, password, lang ) VALUES ( '%s', '%s', %d, '%s', '%s' ) ",
dbesc($hash),
dbesc(datetime_convert()),
intval($arr['account']['account_id']),
@ -304,7 +301,7 @@ function verify_email_address($arr) {
'$email' => $arr['email'],
'$uid' => $account['account_id'],
'$hash' => $hash,
'$details' => $details
'$details' => ''
]
);
@ -318,9 +315,7 @@ function verify_email_address($arr) {
pop_lang();
if($res)
$delivered ++;
else
if(! $res)
logger('send_reg_approval_email: failed to account_id: ' . $arr['account']['account_id']);
return $res;
@ -442,16 +437,17 @@ function account_allow($hash) {
if(! $account)
return $ret;
$r = q("DELETE FROM register WHERE hash = '%s'",
q("DELETE FROM register WHERE hash = '%s'",
dbesc($register[0]['hash'])
);
$r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d",
q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d",
intval(ACCOUNT_BLOCKED),
intval(ACCOUNT_BLOCKED),
intval($register[0]['uid'])
);
$r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d",
q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d",
intval(ACCOUNT_PENDING),
intval(ACCOUNT_PENDING),
intval($register[0]['uid'])
@ -516,11 +512,11 @@ function account_deny($hash) {
if(! $account)
return false;
$r = q("DELETE FROM account WHERE account_id = %d",
q("DELETE FROM account WHERE account_id = %d",
intval($register[0]['uid'])
);
$r = q("DELETE FROM register WHERE id = %d",
q("DELETE FROM register WHERE id = %d",
dbesc($register[0]['id'])
);
notice( sprintf(t('Registration revoked for %s'), $account[0]['account_email']) . EOL);
@ -551,21 +547,23 @@ function account_approve($hash) {
if(! $account)
return $ret;
$r = q("DELETE FROM register WHERE hash = '%s' and password = 'verify'",
q("DELETE FROM register WHERE hash = '%s' and password = 'verify'",
dbesc($register[0]['hash'])
);
$r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d",
q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d",
intval(ACCOUNT_BLOCKED),
intval(ACCOUNT_BLOCKED),
intval($register[0]['uid'])
);
$r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d",
q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d",
intval(ACCOUNT_PENDING),
intval(ACCOUNT_PENDING),
intval($register[0]['uid'])
);
$r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d",
q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d",
intval(ACCOUNT_UNVERIFIED),
intval(ACCOUNT_UNVERIFIED),
intval($register[0]['uid'])
@ -620,7 +618,7 @@ function downgrade_accounts() {
foreach($r as $rr) {
if(($basic) && ($rr['account_service_class']) && ($rr['account_service_class'] != $basic)) {
$x = q("UPDATE account set account_service_class = '%s', account_expires = '%s'
q("UPDATE account set account_service_class = '%s', account_expires = '%s'
where account_id = %d",
dbesc($basic),
dbesc(NULL_DATE),
@ -631,7 +629,7 @@ function downgrade_accounts() {
logger('downgrade_accounts: Account id ' . $rr['account_id'] . ' downgraded.');
}
else {
$x = q("UPDATE account SET account_flags = (account_flags | %d) where account_id = %d",
q("UPDATE account SET account_flags = (account_flags | %d) where account_id = %d",
intval(ACCOUNT_EXPIRED),
intval($rr['account_id'])
);

2
include/acl_selectors.php
View File

@ -84,7 +84,7 @@ function populate_acl($defaults = null,$show_jotnets = true, $emptyACL_descripti
);
if($r) {
foreach($r as $rv) {
$selected = (($single_group && 'vp.' . $rr['hash'] === $allow_gid[0]) ? ' selected = "selected" ' : '');
$selected = (($single_group && 'vp.' . $rv['profile_guid'] === $allow_gid[0]) ? ' selected = "selected" ' : '');
$groups .= '<option id="' . 'vp' . $rv['id'] . '" value="' . 'vp.' . $rv['profile_guid'] . '"' . $selected . '>' . t('Profile','acl') . ' ' . $rv['profile_name'] . '</option>' . "\r\n";
}
}

22
include/api_zot.php
View File

@ -6,6 +6,8 @@
api_register_func('api/export/basic','api_export_basic', true);
api_register_func('api/red/channel/export/basic','api_export_basic', true);
api_register_func('api/z/1.0/channel/export/basic','api_export_basic', true);
api_register_func('api/red/item/export/page','api_item_export_page', true);
api_register_func('api/z/1.0/item/export/page','api_item_export_page', true);
api_register_func('api/red/channel/list','api_channel_list', true);
api_register_func('api/z/1.0/channel/list','api_channel_list', true);
api_register_func('api/red/channel/stream','api_channel_stream', true);
@ -80,6 +82,26 @@
json_return_and_die(identity_basic_export(api_user(),$sections));
}
function api_item_export_page($type) {
if(api_user() === false) {
logger('api_item_export_page: no user');
return false;
}
$page = intval($_REQUEST['page']);
$records = intval($_REQUEST['records']);
if(! $records) {
$records = 50;
}
if(! $_REQUEST['since'])
$start = NULL_DATE;
else {
$start = datetime_convert(date_default_timezone_get(),'UTC', $_REQUEST['since']);
}
$finish = datetime_convert(date_default_timezone_get(),'UTC', (($_REQUEST['until']) ? $_REQUEST['until'] : 'now'));
json_return_and_die(channel_export_items_page(api_user(),$start,$finish,$page,$records));
}
function api_network_stream($type) {
if(api_user() === false) {

43
include/attach.php
View File

@ -321,7 +321,6 @@ function attach_can_view_folder($uid,$ob_hash,$folder_hash) {
$sql_extra = permissions_sql($uid,$ob_hash);
$hash = $folder_hash;
$result = false;
if(! $folder_hash) {
return perm_is_allowed($uid,$ob_hash,'view_storage');
@ -352,7 +351,7 @@ function attach_can_view_folder($uid,$ob_hash,$folder_hash) {
* @param string $hash
* @param string $observer_hash
* @param int $rev (optional) revision default 0
* @return associative array with everything except data
* @return array (associative) with everything except data
* * \e boolean \b success boolean true or false
* * \e string \b message (optional) only when success is false
* * \e array \b data array of attach DB entry without data component
@ -1224,7 +1223,7 @@ function attach_mkdir($channel, $observer_hash, $arr = null) {
$ret['success'] = true;
// update the parent folder's lastmodified timestamp
$e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d",
q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d",
dbesc($created),
dbesc($arr['folder']),
intval($channel_id)
@ -1270,8 +1269,6 @@ function attach_mkdirp($channel, $observer_hash, $arr = null) {
$ret = array('success' => false);
$channel_id = $channel['channel_id'];
$sql_options = '';
$basepath = 'store/' . $channel['channel_address'];
logger('basepath: ' . $basepath);
@ -1374,7 +1371,7 @@ function attach_change_permissions($channel_id, $resource, $allow_cid, $allow_gi
}
}
$x = q("update attach set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where hash = '%s' and uid = %d",
q("update attach set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where hash = '%s' and uid = %d",
dbesc($allow_cid),
dbesc($allow_gid),
dbesc($deny_cid),
@ -1383,7 +1380,7 @@ function attach_change_permissions($channel_id, $resource, $allow_cid, $allow_gi
intval($channel_id)
);
if($r[0]['is_photo']) {
$x = q("update photo set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where resource_id = '%s' and uid = %d",
q("update photo set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where resource_id = '%s' and uid = %d",
dbesc($allow_cid),
dbesc($allow_gid),
dbesc($deny_cid),
@ -1482,7 +1479,7 @@ function attach_delete($channel_id, $resource, $is_photo = 0) {
}
// delete from database
$z = q("DELETE FROM attach WHERE hash = '%s' AND uid = %d",
q("DELETE FROM attach WHERE hash = '%s' AND uid = %d",
dbesc($resource),
intval($channel_id)
);
@ -1493,7 +1490,7 @@ function attach_delete($channel_id, $resource, $is_photo = 0) {
// update the parent folder's lastmodified timestamp
$e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d",
q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d",
dbesc(datetime_convert()),
dbesc($r[0]['folder']),
intval($channel_id)
@ -1524,6 +1521,17 @@ function attach_drop_photo($channel_id,$resource) {
if($x) {
drop_item($x[0]['id'],false,(($x[0]['item_hidden']) ? DROPITEM_NORMAL : DROPITEM_PHASE1),true);
}
$r = q("SELECT content FROM photo WHERE resource_id = '%s' AND uid = %d AND os_storage = 1",
dbesc($resource),
intval($channel_id)
);
if($r) {
foreach($r as $i) {
@unlink(dbunescbin($i['content']));
}
}
q("DELETE FROM photo WHERE uid = %d AND resource_id = '%s'",
intval($channel_id),
dbesc($resource)
@ -1815,7 +1823,7 @@ function file_activity($channel_id, $object, $allow_cid, $allow_gid, $deny_cid,
$u_jsonobject = json_encode($object);
//we have got the relevant info - delete the old item before we create the new one
$z = q("DELETE FROM item WHERE obj_type = '%s' AND verb = '%s' AND mid = '%s'",
q("DELETE FROM item WHERE obj_type = '%s' AND verb = '%s' AND mid = '%s'",
dbesc(ACTIVITY_OBJ_FILE),
dbesc(ACTIVITY_POST),
dbesc($y[0]['mid'])
@ -1946,7 +1954,6 @@ function attach_recursive_perms($arr_allow_cid, $arr_allow_gid, $arr_deny_cid, $
$ret = array();
$parent_arr = array();
$count_values = array();
$poster = App::get_observer();
//lookup all channels in sharee group and add them to sharee $arr_allow_cid
if($arr_allow_gid) {
@ -2351,7 +2358,6 @@ function attach_move($channel_id, $resource_id, $new_folder_hash) {
if(! $n)
return false;
$newdirname = $n[0]['filename'];
$newalbumname = $n[0]['display_path'];
$newstorepath = dbunescbin($n[0]['content']) . '/' . $resource_id;
}
@ -2359,7 +2365,6 @@ function attach_move($channel_id, $resource_id, $new_folder_hash) {
// root directory
$newdirname = EMPTY_STR;
$newalbumname = EMPTY_STR;
$newstorepath = 'store/' . $c['channel_address'] . '/' . $resource_id;
}
@ -2428,7 +2433,7 @@ function attach_move($channel_id, $resource_id, $new_folder_hash) {
}
}
$t = q("update attach set content = '%s', folder = '%s', filename = '%s' where id = %d",
q("update attach set content = '%s', folder = '%s', filename = '%s' where id = %d",
dbescbin($newstorepath),
dbesc($new_folder_hash),
dbesc($filename),
@ -2438,7 +2443,7 @@ function attach_move($channel_id, $resource_id, $new_folder_hash) {
$x = attach_syspaths($channel_id,$resource_id);
$t1 = q("update attach set os_path = '%s', display_path = '%s' where id = %d",
q("update attach set os_path = '%s', display_path = '%s' where id = %d",
dbesc($x['os_path']),
dbesc($x['path']),
intval($r[0]['id'])
@ -2446,7 +2451,7 @@ function attach_move($channel_id, $resource_id, $new_folder_hash) {
if($r[0]['is_photo']) {
$t = q("update photo set album = '%s', filename = '%s', os_path = '%s', display_path = '%s'
q("update photo set album = '%s', filename = '%s', os_path = '%s', display_path = '%s'
where resource_id = '%s' and uid = %d",
dbesc($newalbumname),
dbesc($filename),
@ -2456,7 +2461,7 @@ function attach_move($channel_id, $resource_id, $new_folder_hash) {
intval($channel_id)
);
$t = q("update photo set content = '%s' where resource_id = '%s' and uid = %d and imgscale = 0",
q("update photo set content = '%s' where resource_id = '%s' and uid = %d and imgscale = 0",
dbescbin($newstorepath),
dbesc($resource_id),
intval($channel_id)
@ -2587,12 +2592,12 @@ function attach_upgrade() {
foreach($r as $rv) {
$x = attach_syspaths($rv['uid'],$rv['hash']);
if($x) {
$w = q("update attach set os_path = '%s', display_path = '%s' where id = %d",
q("update attach set os_path = '%s', display_path = '%s' where id = %d",
dbesc($x['os_path']),
dbesc($x['path']),
intval($rv['id'])
);
$y = q("update photo set os_path = '%s', display_path = '%s' where uid = %d and resource_id = '%s'",
q("update photo set os_path = '%s', display_path = '%s' where uid = %d and resource_id = '%s'",
dbesc($x['os_path']),
dbesc($x['path']),
intval($rv['uid']),

57
include/bbcode.php
View File

@ -87,12 +87,11 @@ function nakedoembed($match) {
$strip_url = strip_escaped_zids($url);
$o = oembed_fetch_url($strip_url);
if ($o['type'] == 'error')
return str_replace($url,$strip_url,$match[0]);
return '[embed]' . $strip_url . '[/embed]';
// this function no longer performs oembed on naked links
// because they author may have created naked links intentionally.
// Now it just strips zids on naked links.
return str_replace($url,$strip_url,$match[0]);
}
function tryzrlaudio($match) {
@ -117,6 +116,26 @@ function tryzrlvideo($match) {
return '<video ' . $poster . ' controls="controls" preload="none" src="' . str_replace(' ','%20',$link) . '" style="width:100%; max-width:' . App::$videowidth . 'px"><a href="' . str_replace(' ','%20',$link) . '">' . $link . '</a></video>';
}
function videowithopts($match) {
$link = $match[2];
$zrl = is_matrix_url($link);
if($zrl)
$link = zid($link);
$attributes = $match[1];
$poster = "";
preg_match("/poster='(.*?)'/ism", $attributes, $matches);
if ($matches[1] != "")
$poster = 'poster="' . (($zrl) ? zid($matches[1]) : $matches[1]) . '"';
return '<video ' . $poster . ' controls="controls" preload="none" src="' . str_replace(' ','%20',$link) . '" style="width:100%; max-width:' . App::$videowidth . 'px"><a href="' . str_replace(' ','%20',$link) . '">' . $link . '</a></video>';
}
// [noparse][i]italic[/i][/noparse] turns into
// [noparse][ i ]italic[ /i ][/noparse],
// to hide them from parser.
@ -966,17 +985,22 @@ function bbcode($Text, $options = []) {
// leave open the posibility of [map=something]
// this is replaced in prepare_body() which has knowledge of the item location
if (strpos($Text,'[/map]') !== false) {
$Text = preg_replace_callback("/\[map\](.*?)\[\/map\]/ism", 'bb_map_location', $Text);
if ($cache) {
$Text = str_replace([ '[map]','[/map]' ], [ '','' ], $Text);
$Text = preg_replace('/\[map=(.*?)\]/ism','$1',$Text);
}
if (strpos($Text,'[map=') !== false) {
$Text = preg_replace_callback("/\[map=(.*?)\]/ism", 'bb_map_coords', $Text);
else {
if (strpos($Text,'[/map]') !== false) {
$Text = preg_replace_callback("/\[map\](.*?)\[\/map\]/ism", 'bb_map_location', $Text);
}
if (strpos($Text,'[map=') !== false) {
$Text = preg_replace_callback("/\[map=(.*?)\]/ism", 'bb_map_coords', $Text);
}
if (strpos($Text,'[map]') !== false) {
$Text = preg_replace("/\[map\]/", '<div class="map"></div>', $Text);
}
}
if (strpos($Text,'[map]') !== false) {
$Text = preg_replace("/\[map\]/", '<div class="map"></div>', $Text);
}
// Check for bold text
if (strpos($Text,'[b]') !== false) {
$Text = preg_replace("(\[b\](.*?)\[\/b\])ism", '<strong>$1</strong>', $Text);
@ -1251,12 +1275,14 @@ function bbcode($Text, $options = []) {
// html5 video and audio
if (strpos($Text,'[/video]') !== false) {
$Text = preg_replace_callback("/\[video (.*?)\](.*?\.(ogg|ogv|oga|ogm|webm|mp4|mpeg|mpg))\[\/video\]/ism", 'videowithopts', $Text);
$Text = preg_replace_callback("/\[video\](.*?\.(ogg|ogv|oga|ogm|webm|mp4|mpeg|mpg))\[\/video\]/ism", 'tryzrlvideo', $Text);
}
if (strpos($Text,'[/audio]') !== false) {
$Text = preg_replace_callback("/\[audio\](.*?\.(ogg|ogv|oga|ogm|webm|mp4|mp3|opus|m4a))\[\/audio\]/ism", 'tryzrlaudio', $Text);
}
if (strpos($Text,'[/zvideo]') !== false) {
$Text = preg_replace_callback("/\[zvideo (.*?)\](.*?\.(ogg|ogv|oga|ogm|webm|mp4|mpeg|mpg))\[\/zvideo\]/ism", 'videowithopts', $Text);
$Text = preg_replace_callback("/\[zvideo\](.*?\.(ogg|ogv|oga|ogm|webm|mp4|mpeg|mpg))\[\/zvideo\]/ism", 'tryzrlvideo', $Text);
}
if (strpos($Text,'[/zaudio]') !== false) {
@ -1360,4 +1386,3 @@ function bbcode($Text, $options = []) {
return $Text;
}

124
include/channel.php
View File

@ -873,6 +873,13 @@ function identity_basic_export($channel_id, $sections = null) {
$ret['abook'][$x]['abconfig'] = $abconfig;
translate_abook_perms_outbound($ret['abook'][$x]);
}
// pick up the zot6 xchan and hublocs also
if($ret['channel']['channel_portable_id']) {
$xchans[] = $ret['channel']['channel_portable_id'];
}
stringify_array_elms($xchans);
}
@ -948,6 +955,18 @@ function identity_basic_export($channel_id, $sections = null) {
}
$ret['app'] = $r;
}
$r = q("select * from app where app_channel = %d and app_system = 1",
intval($channel_id)
);
if($r) {
for($x = 0; $x < count($r); $x ++) {
$r[$x]['term'] = q("select * from term where otype = %d and oid = %d",
intval(TERM_OBJ_APP),
intval($r[$x]['id'])
);
}
$ret['sysapp'] = $r;
}
}
if(in_array('chatrooms',$sections)) {
@ -1080,6 +1099,7 @@ function identity_basic_export($channel_id, $sections = null) {
return $ret;
}
/**
* @brief Export items for a year, or a month of a year.
*
@ -1102,34 +1122,14 @@ function identity_export_year($channel_id, $year, $month = 0) {
else
$target_month = '01';
$ret = array();
$ch = channelx_by_n($channel_id);
if($ch) {
$ret['relocate'] = [ 'channel_address' => $ch['channel_address'], 'url' => z_root()];
}
$mindate = datetime_convert('UTC', 'UTC', $year . '-' . $target_month . '-01 00:00:00');
if($month && $month < 12)
$maxdate = datetime_convert('UTC', 'UTC', $year . '-' . $target_month_plus . '-01 00:00:00');
else
$maxdate = datetime_convert('UTC', 'UTC', $year+1 . '-01-01 00:00:00');
$r = q("select * from item where ( item_wall = 1 or item_type != %d ) and item_deleted = 0 and uid = %d and created >= '%s' and created < '%s' and resource_type = '' order by created",
intval(ITEM_TYPE_POST),
intval($channel_id),
dbesc($mindate),
dbesc($maxdate)
);
return channel_export_items_date($channel_id,$mindate,$maxdate);
if($r) {
$ret['item'] = array();
xchan_query($r);
$r = fetch_post_tags($r, true);
foreach($r as $rr)
$ret['item'][] = encode_item($rr, true);
}
return $ret;
}
/**
@ -1142,7 +1142,8 @@ function identity_export_year($channel_id, $year, $month = 0) {
* @param string $finish
* @return array
*/
function channel_export_items($channel_id, $start, $finish) {
function channel_export_items_date($channel_id, $start, $finish) {
if(! $start)
return array();
@ -1179,6 +1180,71 @@ function channel_export_items($channel_id, $start, $finish) {
}
/**
* @brief Export items with pagination
*
*
* @param int $channel_id The channel ID
* @param int $page
* @param int $limit (default 50)
* @return array
*/
function channel_export_items_page($channel_id, $start, $finish, $page = 0, $limit = 50) {
if(intval($page) < 1) {
$page = 0;
}
if(intval($limit) < 1) {
$limit = 1;
}
if(intval($limit) > 5000) {
$limit = 5000;
}
if(! $start)
$start = NULL_DATE;
else
$start = datetime_convert('UTC', 'UTC', $start);
$finish = datetime_convert('UTC', 'UTC', (($finish) ? $finish : 'now'));
if($finish < $start)
return [];
$offset = intval($limit) * intval($page);
$ret = [];
$ch = channelx_by_n($channel_id);
if($ch) {
$ret['relocate'] = [ 'channel_address' => $ch['channel_address'], 'url' => z_root()];
}
$r = q("select * from item where ( item_wall = 1 or item_type != %d ) and item_deleted = 0 and uid = %d and resource_type = '' and created >= '%s' and created <= '%s' order by created limit %d offset %d",
intval(ITEM_TYPE_POST),
intval($channel_id),
dbesc($start),
dbesc($finish),
intval($limit),
intval($offset)
);
if($r) {
$ret['item'] = array();
xchan_query($r);
$r = fetch_post_tags($r, true);
foreach($r as $rr)
$ret['item'][] = encode_item($rr, true);
}
return $ret;
}
/**
* @brief Loads a profile into the App structure.
*
@ -1392,7 +1458,7 @@ function profile_edit_menu($uid) {
* @param boolean $show_connect (optional) default true
* @param mixed $zcard (optional) default false
*
* @return HTML string suitable for sidebar inclusion
* @return string (HTML) suitable for sidebar inclusion
* Exceptions: Returns empty string if passed $profile is wrong type or not populated
*/
function profile_sidebar($profile, $block = 0, $show_connect = true, $zcard = false) {
@ -1753,13 +1819,16 @@ function zid_init() {
call_hooks('zid_init', $arr);
if(! local_channel()) {
$r = q("select * from hubloc where hubloc_addr = '%s' order by hubloc_connected desc limit 1",
$r = q("select * from hubloc where hubloc_addr = '%s' order by hubloc_connected desc",
dbesc($tmp_str)
);
if(! $r) {
Master::Summon(array('Gprobe',bin2hex($tmp_str)));
}
if($r && remote_channel() && remote_channel() === $r[0]['hubloc_hash'])
if($r) {
$r = zot_record_preferred($r);
}
if($r && remote_channel() && remote_channel() === $r['hubloc_hash'])
return;
logger('Not authenticated. Invoking reverse magic-auth for ' . $tmp_str);
@ -1767,8 +1836,8 @@ function zid_init() {
$query = App::$query_string;
$query = str_replace(array('?zid=','&zid='),array('?rzid=','&rzid='),$query);
$dest = '/' . $query;
if($r && ($r[0]['hubloc_url'] != z_root()) && (! strstr($dest,'/magic')) && (! strstr($dest,'/rmagic'))) {
goaway($r[0]['hubloc_url'] . '/magic' . '?f=&rev=1&owa=1&bdest=' . bin2hex(z_root() . $dest));
if($r && ($r['hubloc_url'] != z_root()) && (! strstr($dest,'/magic')) && (! strstr($dest,'/rmagic'))) {
goaway($r['hubloc_url'] . '/magic' . '?f=&rev=1&owa=1&bdest=' . bin2hex(z_root() . $dest));
}
else
logger('No hubloc found.');
@ -1789,6 +1858,7 @@ function zat_init() {
);
if($r) {
$xchan = atoken_xchan($r[0]);
atoken_create_xchan($xchan);
atoken_login($xchan);
}
}

33
include/connections.php
View File

@ -373,19 +373,46 @@ function contact_remove($channel_id, $abook_id) {
if(intval($abook['abook_self']))
return false;
$r = q("select id from item where (owner_xchan = '%s' or author_xchan = '%s') and uid = %d and item_retained = 0 and item_starred = 0",
$r = q("select id, parent from item where (owner_xchan = '%s' or author_xchan = '%s') and uid = %d and item_retained = 0 and item_starred = 0",
dbesc($abook['abook_xchan']),
dbesc($abook['abook_xchan']),
intval($channel_id)
);
if($r) {
$already_saved = [];
foreach($r as $rr) {
$x = q("select uid from term where otype = %d and oid = %d and ttype = %d limit 1",
$w = $x = $y = null;
// optimise so we only process newly seen parent items
if (in_array($rr['parent'],$already_saved)) {
continue;
}
// if this isn't the parent, fetch the parent's item_retained and item_starred to see if the conversation
// should be retained
if($rr['id'] != $rr['parent']) {
$w = q("select id, item_retained, item_starred from item where id = %d",
intval($rr['parent'])
);
if($w) {
// see if the conversation was filed
$x = q("select uid from term where otype = %d and oid = %d and ttype = %d limit 1",
intval(TERM_OBJ_POST),
intval($w[0]['id']),
intval(TERM_FILE)
);
if (intval($w[0]['item_retained']) || intval($w[0]['item_starred']) || $x) {
$already_saved[] = $rr['parent'];
continue;
}
}
}
// see if this item was filed
$y = q("select uid from term where otype = %d and oid = %d and ttype = %d limit 1",
intval(TERM_OBJ_POST),
intval($rr['id']),
intval(TERM_FILE)
);
if($x) {
if ($y) {
continue;
}
drop_item($rr['id'],false);

25
include/dba/dba_driver.php
View File

@ -485,3 +485,28 @@ function db_columns($table) {
return [];
}
function db_indexes($table) {
if($table) {
if(ACTIVE_DBTYPE === DBTYPE_POSTGRES) {
$r = q("SELECT indexname from pg_indexes where tablename = '%s'",
dbesc($table)
);
if($r) {
return ids_to_array($r,'indexname');
}
}
else {
$r = q("show index from %s",
dbesc($table)
);
if($r) {
return ids_to_array($r,'Key_name');
}
}
}
return [];
}

20
include/dba/dba_pdo.php
View File

@ -19,7 +19,7 @@ class dba_pdo extends dba_driver {
$this->driver_dbtype = $scheme;
if(strpbrk($server,':;')) {
$dsn = $server;
$dsn = $this->driver_dbtype . ':unix_socket=' . trim($server, ':;');
}
else {
$dsn = $this->driver_dbtype . ':host=' . $server . (intval($port) ? ';port=' . $port : '');
@ -161,23 +161,17 @@ class dba_pdo extends dba_driver {
}
function unescapebin($str) {
if($this->driver_dbtype === 'pgsql' && (! is_null($str))) {
$x = '';
while(! feof($str)) {
$x .= fread($str,8192);
if($this->driver_dbtype === 'pgsql') {
if(gettype($str) === 'resource') {
$str = stream_get_contents($str);
}
if(substr($x,0,2) === '\\x') {
$x = hex2bin(substr($x,2));
if(substr($str,0,2) === '\\x') {
$str = hex2bin(substr($str,2));
}
return $x;
}
else {
return $str;
}
return $str;
}
function getdriver() {
return 'pdo';
}

15
include/event.php
View File

@ -4,8 +4,11 @@
* @brief Event related functions.
*/
use Sabre\VObject;
use Zotlabs\Lib\Activity;
use Ramsey\Uuid\Uuid;
use Ramsey\Uuid\Exception\UnsatisfiedDependencyException;
@ -65,7 +68,7 @@ function format_event_html($ev) {
}
function format_event_obj($jobject) {
$event = array();
$event = [];
$object = json_decode($jobject,true);
@ -1046,6 +1049,7 @@ function event_store_item($arr, $event) {
'location' => $arr['location'],
'adjust' => $arr['adjust'],
'content' => format_event_bbcode($arr),
'attachment' => Activity::encode_attachment($r[0]),
'author' => array(
'name' => $r[0]['xchan_name'],
'address' => $r[0]['xchan_addr'],
@ -1159,7 +1163,7 @@ function event_store_item($arr, $event) {
$item_arr['item_thread_top'] = $item_thread_top;
$attach = array(array(
'href' => z_root() . '/events/ical/' . urlencode($event['event_hash']),
'href' => z_root() . '/channel_calendar/ical/' . urlencode($event['event_hash']),
'length' => 0,
'type' => 'text/calendar',
'title' => t('event') . '-' . $event['event_hash'],
@ -1181,7 +1185,7 @@ function event_store_item($arr, $event) {
// otherwise we'll fallback to /display/$message_id
if($wall)
$item_arr['plink'] = z_root() . '/channel/' . $z[0]['channel_address'] . '/?f=&mid=' . urlencode($item_arr['mid']);
$item_arr['plink'] = z_root() . '/channel/' . $z[0]['channel_address'] . '/?f=&mid=' . gen_link_id($item_arr['mid']);
else
$item_arr['plink'] = z_root() . '/display/' . gen_link_id($item_arr['mid']);
@ -1200,6 +1204,7 @@ function event_store_item($arr, $event) {
'location' => $arr['location'],
'adjust' => $arr['adjust'],
'content' => format_event_bbcode($arr),
'attachment' => Activity::encode_attachment($item_arr),
'author' => array(
'name' => $x[0]['xchan_name'],
'address' => $x[0]['xchan_addr'],
@ -1279,6 +1284,10 @@ function cdav_principal($uri) {
}
function cdav_perms($needle, $haystack, $check_rw = false) {
if($needle == 'channel_calendar')
return true;
foreach ($haystack as $item) {
if($check_rw) {
if(is_array($item['id'])) {

18
include/features.php
View File

@ -79,7 +79,7 @@ function get_features($filtered = true, $level = (-1)) {
'calendar' => [
t('CalDAV'),
t('Calendar'),
[
'cal_first_day',
@ -167,6 +167,14 @@ function get_features($filtered = true, $level = (-1)) {
t('Ability to mark special posts with a star indicator'),
false,
get_config('feature_lock','star_posts'),
],
[
'reply_to',
t('Reply on comment'),
t('Ability to reply on selected comment'),
false,
get_config('feature_lock','reply_to'),
]
],
@ -360,14 +368,6 @@ function get_features($filtered = true, $level = (-1)) {
get_config('feature_lock','personal_tab')
],
[
'suggest',
t('Suggest Channels'),
t('Show friend and connection suggestions'),
false,
get_config('feature_lock','suggest')
],
[
'network_list_mode',
t('Use blog/list mode'),

16
include/follow.php
View File

@ -119,6 +119,7 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
if( array_key_exists('permissions',$j) && array_key_exists('data',$j['permissions'])) {
$permissions = crypto_unencapsulate(array(
'data' => $j['permissions']['data'],
'alg' => $j['permissions']['alg'],
'key' => $j['permissions']['key'],
'iv' => $j['permissions']['iv']),
$channel['channel_prvkey']);
@ -141,7 +142,7 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
$sql_options = (($protocol) ? " and xchan_network = '" . dbesc($protocol) . "' " : '');
$r = q("select * from xchan where xchan_hash = '%s' or xchan_url = '%s' $sql_options limit 1",
$r = q("select * from xchan where xchan_hash = '%s' or xchan_url = '%s' $sql_options ",
dbesc($url),
dbesc($url)
);
@ -168,18 +169,19 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
}
if($wf || $d) {
$r = q("select * from xchan where xchan_hash = '%s' or xchan_url = '%s' limit 1",
$r = q("select * from xchan where xchan_hash = '%s' or xchan_url = '%s'",
dbesc(($wf) ? $wf : $url),
dbesc($url)
);
}
}
$xchan = zot_record_preferred($r,'xchan_network');
// if discovery was a success we should have an xchan record in $r
if($r) {
$xchan = $r[0];
$xchan_hash = $r[0]['xchan_hash'];
if($xchan) {
$xchan_hash = $xchan['xchan_hash'];
$their_perms = 0;
}
}
@ -190,9 +192,9 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false)
return $result;
}
$allowed = (($is_zot || in_array($r[0]['xchan_network'],['rss','zot6'])) ? 1 : 0);
$allowed = (($is_zot || in_array($xchan['xchan_network'],['rss','zot6'])) ? 1 : 0);
$x = array('channel_id' => $uid, 'follow_address' => $url, 'xchan' => $r[0], 'allowed' => $allowed, 'singleton' => 0);
$x = array('channel_id' => $uid, 'follow_address' => $url, 'xchan' => $xchan, 'allowed' => $allowed, 'singleton' => 0);
call_hooks('follow_allow',$x);

3
include/html2bbcode.php
View File

@ -219,8 +219,7 @@ function html2bbcode($message)
$message = $doc->saveHTML();
// I'm removing something really disturbing
// Don't know exactly what it is
// I'm removing the UTF-8 encoding of a NO-BREAK SPACE codepoint
$message = str_replace(chr(194).chr(160), ' ', $message);
$message = str_replace("&nbsp;", " ", $message);

38
include/hubloc.php
View File

@ -305,3 +305,41 @@ function ping_site($url) {
return $ret;
}
function z6_discover() {
// find unregistered zot6 clone hublocs
$c = q("select channel_hash, channel_portable_id from channel where channel_deleted = '%s'",
dbesc(NULL_DATE)
);
if ($c) {
foreach ($c as $entry) {
$q1 = q("select * from hubloc left join site on hubloc_url = site_url where hubloc_deleted = 0 and site_dead = 0 and hubloc_hash = '%s' and hubloc_url != '%s'",
dbesc($entry['channel_hash']),
dbesc(z_root())
);
if (! $q1) {
// channel has no zot clones
continue;
}
// does this particular server have a zot6 clone registered on our site for this channel?
foreach ($q1 as $q) {
$q2 = q("select * from hubloc left join site on hubloc_url = site_url where hubloc_deleted = 0 and site_dead = 0 and hubloc_hash = '%s' and hubloc_url = '%s'",
dbesc($entry['channel_portable_id']),
dbesc($q['hubloc_url'])
);
if ($q2) {
continue;
}
// zot6 hubloc not found.
if(strpos($q['site_project'],'hubzilla') !== false && version_compare($q['site_version'],'4.0') >= 0) {
// probe and store results - only for zot6 (over-ride the zot default)
discover_by_webbie($q['hubloc_addr'],'zot6');
}
}
}
}
}

142
include/import.php
View File

@ -94,7 +94,8 @@ function import_channel($channel, $account_id, $seize, $newname = '') {
'channel_w_comment', 'channel_w_mail', 'channel_w_like', 'channel_w_tagwall',
'channel_w_chat', 'channel_w_storage', 'channel_w_pages', 'channel_a_republish',
'channel_a_delegate', 'perm_limits', 'channel_password', 'channel_salt',
'channel_moved', 'channel_removed', 'channel_deleted', 'channel_system'
'channel_moved', 'channel_removed', 'channel_deleted', 'channel_system',
'channel_r_photos', 'channel_w_photos'
];
$clean = array();
@ -147,7 +148,9 @@ function import_config($channel, $configs) {
foreach($configs as $config) {
unset($config['id']);
$config['uid'] = $channel['channel_id'];
if($config['cat'] === 'system' && $config['k'] === 'import_system_apps') {
continue;
}
create_table_from_array('pconfig', $config);
}
@ -364,6 +367,9 @@ function import_apps($channel, $apps) {
if($channel && $apps) {
foreach($apps as $app) {
if(array_key_exists('app_system',$app) && intval($app['app_system']))
continue;
$term = ((array_key_exists('term',$app) && is_array($app['term'])) ? $app['term'] : null);
unset($app['id']);
@ -413,6 +419,9 @@ function sync_apps($channel, $apps) {
$exists = false;
$term = ((array_key_exists('term',$app)) ? $app['term'] : null);
if(array_key_exists('app_system',$app) && intval($app['app_system']))
continue;
$x = q("select * from app where app_id = '%s' and app_channel = %d limit 1",
dbesc($app['app_id']),
intval($channel['channel_id'])
@ -504,6 +513,84 @@ function sync_apps($channel, $apps) {
}
}
/**
* @brief Import system apps.
* System apps from the original server may not exist on this system
* (e.g. apps associated with addons that are not installed here).
* Check the system apps that were provided in the import file to see if they
* exist here and if so, install them locally. Preserve categories that
* might have been added by this channel on the other server.
* Do not use any paths from the original as they will point to a different server.
* @param array $channel
* @param array $apps
*/
function import_sysapps($channel, $apps) {
if($channel && $apps) {
$sysapps = \Zotlabs\Lib\Apps::get_system_apps(false);
foreach($apps as $app) {
if(array_key_exists('app_system',$app) && (! intval($app['app_system'])))
continue;
$term = ((array_key_exists('term',$app) && is_array($app['term'])) ? $app['term'] : null);
foreach($sysapps as $sysapp) {
if($app['app_id'] === hash('whirlpool',$sysapp['app_name'])) {
// install this app on this server
$newapp = $sysapp;
$newapp['uid'] = $channel['channel_id'];
$newapp['guid'] = hash('whirlpool',$newapp['name']);
$installed = q("select id from app where app_id = '%s' and app_channel = %d limit 1",
dbesc($newapp['guid']),
intval($channel['channel_id'])
);
if($installed) {
break;
}
$newapp['system'] = 1;
if($term) {
$s = EMPTY_STR;
foreach($term as $t) {
if($s) {
$s .= ',';
}
$s .= $t['term'];
}
$newapp['categories'] = $s;
}
\Zotlabs\Lib\Apps::app_install($channel['channel_id'],$newapp);
}
}
}
}
}
/**
* @brief Sync system apps.
*
* @param array $channel
* @param array $apps
*/
function sync_sysapps($channel, $apps) {
if($channel && $apps) {
// we do not currently sync system apps
}
}
/**
* @brief Import chatrooms.
*
@ -1069,6 +1156,9 @@ function sync_files($channel, $files) {
require_once('include/attach.php');
if($channel && $files) {
$limit = service_class_fetch($channel['channel_id'], 'attach_upload_limit');
foreach($files as $f) {
if(! $f)
continue;
@ -1189,6 +1279,17 @@ function sync_files($channel, $files) {
}
else {
logger('sync_files attach does not exists: ' . print_r($att,true), LOGGER_DEBUG);
if($limit !== false) {
$r = q("select sum(filesize) as total from attach where aid = %d ",
intval($channel['channel_account_id'])
);
if(($r) && (($r[0]['total'] + $att['filesize']) > $limit)) {
logger('service class limit exceeded');
continue;
}
}
create_table_from_array('attach',$att);
}
@ -1245,6 +1346,7 @@ function sync_files($channel, $files) {
logger('attachment store failed',LOGGER_NORMAL,LOG_ERR);
}
if($f['photo']) {
foreach($f['photo'] as $p) {
unset($p['id']);
$p['aid'] = $channel['channel_account_id'];
@ -1266,6 +1368,7 @@ function sync_files($channel, $files) {
dbesc($p['resource_id']),
intval($channel['channel_id'])
);
$update_xchan = $p['edited'];
}
// same for cover photos
@ -1285,19 +1388,20 @@ function sync_files($channel, $files) {
else
$p['content'] = (($p['content'])? base64_decode($p['content']) : '');
if(intval($p['imgscale']) && (! $p['content'])) {
if(intval($p['imgscale']) && (! empty($p['content']))) {
$time = datetime_convert();
$parr = array('hash' => $channel['channel_hash'],
$parr = array(
'hash' => $channel['channel_hash'],
'time' => $time,
'resource' => $att['hash'],
'resource' => $p['resource_id'],
'revision' => 0,
'signature' => base64url_encode(rsa_sign($channel['channel_hash'] . '.' . $time, $channel['channel_prvkey'])),
'resolution' => $p['imgscale']
'resolution' => intval($p['imgscale'])
);
$stored_image = $newfname . '-' . intval($p['imgscale']);
$stored_image = $newfname . '-' . $p['imgscale'];
$fp = fopen($stored_image,'w');
if(! $fp) {
@ -1306,7 +1410,6 @@ function sync_files($channel, $files) {
}
$redirects = 0;
$headers = [];
$headers['Accept'] = 'application/x-zot+json' ;
$headers['Sigtoken'] = random_string();
@ -1314,8 +1417,17 @@ function sync_files($channel, $files) {
$x = z_post_url($fetch_url,$parr,$redirects,[ 'filep' => $fp, 'headers' => $headers]);
fclose($fp);
$p['content'] = file_get_contents($stored_image);
unlink($stored_image);
// Override remote hub thumbnails storage settings
if(! boolval(get_config('system','filesystem_storage_thumbnails', 0))) {
$p['os_storage'] = 0;
$p['content'] = file_get_contents($stored_image);
@unlink($stored_image);
}
else {
$p['os_storage'] = 1;
$p['content'] = $stored_image;
}
}
if(!isset($p['display_path']))
@ -1347,6 +1459,16 @@ function sync_files($channel, $files) {
create_table_from_array('photo',$p, [ 'content' ] );
}
}
}
// Set xchan photo date to prevent thumbnails fetch for clones on profile update packet recieve
if(isset($update_xchan)) {
$x = q("UPDATE xchan SET xchan_photo_date = '%s' WHERE xchan_hash = '%s'",
dbescdate($update_xchan),
dbesc($channel['channel_hash'])
);
}
\Zotlabs\Daemon\Master::Summon([ 'Thumbnail' , $att['hash'] ]);

38
include/items.php
View File

@ -763,11 +763,11 @@ function get_item_elements($x,$allow_code = false) {
// check the supplied signature against the supplied content.
// Note that we will purify the content which could change it.
$r = q("select xchan_pubkey from xchan where xchan_hash = '%s' limit 1",
$r = q("select xchan_pubkey, xchan_network from xchan where xchan_hash = '%s' limit 1",
dbesc($arr['author_xchan'])
);
if($r) {
if($r[0]['xchan_pubkey']) {
if($r[0]['xchan_pubkey'] && $r[0]['xchan_network'] === 'zot') {
if(rsa_verify($x['body'],base64url_decode($arr['sig']),$r[0]['xchan_pubkey'])) {
$arr['item_verified'] = 1;
}
@ -914,6 +914,16 @@ function import_author_xchan($x) {
if(array_key_exists('network',$x) && $x['network'] === 'zot')
return $y;
// perform zot6 discovery
if($x['url']) {
$y = discover_by_webbie($x['url'],'zot6');
if($y) {
return $y;
}
}
if($x['network'] === 'rss') {
$y = import_author_rss($x);
}
@ -1920,11 +1930,21 @@ function item_store($arr, $allow_exec = false, $deliver = true) {
if($parent_deleted)
$arr['item_deleted'] = 1;
$r = q("SELECT id FROM item WHERE mid = '%s' AND uid = %d and revision = %d LIMIT 1",
dbesc($arr['mid']),
intval($arr['uid']),
intval($arr['revision'])
);
if($arr['uuid']) {
$r = q("SELECT id FROM item WHERE uuid = '%s' AND uid = %d and revision = %d LIMIT 1",
dbesc($arr['uuid']),
intval($arr['uid']),
intval($arr['revision'])
);
}
else {
$r = q("SELECT id FROM item WHERE mid = '%s' AND uid = %d and revision = %d LIMIT 1",
dbesc($arr['mid']),
intval($arr['uid']),
intval($arr['revision'])
);
}
if($r) {
logger('duplicate item ignored. ' . print_r($arr,true));
$ret['message'] = 'duplicate post.';
@ -4258,7 +4278,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
if($arr['mid'])
$sql_options .= " and parent_mid = '" . dbesc($arr['mid']) . "' ";
$sql_extra = " AND item.parent IN ( SELECT parent FROM item WHERE item_thread_top = 1 $sql_options $item_normal ) ";
$sql_extra = " AND item.parent IN ( SELECT parent FROM item WHERE $item_uids and item_thread_top = 1 $sql_options $item_normal ) ";
if($arr['since_id'])
$sql_extra .= " and item.id > " . $since_id . " ";
@ -4688,7 +4708,7 @@ function sync_an_item($channel_id,$item_id) {
if($r) {
xchan_query($r);
$sync_item = fetch_post_tags($r);
build_sync_packet($channel_d,array('item' => array(encode_item($sync_item[0],true))));
build_sync_packet($channel_id, array('item' => array(encode_item($sync_item[0],true))));
}
}

Some files were not shown because too many files have changed in this diff Show More