a few minor changes

2012-08-26 23:05:00 -07:00 · 2012-08-26 23:05:00 -07:00 · 5ff6e9348b
commit 5ff6e9348b
parent f0e299a97a
29 changed files with 303 additions and 509 deletions
--- a/INSTALL.txt
+++ b/INSTALL.txt
@ -32,7 +32,7 @@ link if your cert is self-signed).
 	- Apache with mod-rewrite enabled and "Options All" so you can use a 
 local .htaccess file
-	- PHP 5.2+. The later the better. PHP 5.3 is required for communications 
+	- PHP 5.3+. The later the better. PHP 5.3 is required for communications 
 with the Diaspora network and improved security.
 		- PHP *command line* access with register_argc_argv set to true in the 
--- a/boot.php
+++ b/boot.php
@ -359,7 +359,8 @@ function startup() {
 if(! class_exists('App')) {
 	class App {
-		public  $account;
+		public  $account = null;
 		public  $identity = null;
 		public  $language;
 		public  $module_loaded = false;
 		public  $query_string;
@ -487,10 +488,6 @@ if(! class_exists('App')) {
 			if(substr($this->cmd,0,1) === '~')
 				$this->cmd = 'profile/' . substr($this->cmd,1);
 			// Diaspora style profile url
 			if(substr($this->cmd,0,2) === 'u/')
 				$this->cmd = 'profile/' . substr($this->cmd,2);
 			/**
 			 *
@ -528,7 +525,7 @@ if(! class_exists('App')) {
 				$this->module = 'hostxrd';
 			}
-			if(strstr($this->cmd,'.well-known/zot-guid/')) {
+			if(strstr($this->cmd,'.well-known/zot-guid')) {
 				$this->argc -= 1;
 				array_shift($this->argv);
 				$this->argv[0] = 'zfinger';
@ -977,8 +974,14 @@ if(! function_exists('goaway')) {
 	}
 }
 function get_account_id() {
 	if(get_app()->account)
 		return intval(get_app()->account['account_id']);
 	return false;
 }
-// Returns the uid of locally logged in user or false.
+
 // Returns the entity id of locally logged in user or false.
 if(! function_exists('local_user')) {
 	function local_user() {
--- a/convert_innodb.sql
+++ b/convert_innodb.sql
@ -1,19 +0,0 @@
 ALTER TABLE `profile` DROP INDEX `pub_keywords` ; 
 ALTER TABLE `profile` DROP INDEX `prv_keywords` ;
 ALTER TABLE `item` DROP INDEX `title` ;
 ALTER TABLE `item` DROP INDEX `body` ;
 ALTER TABLE `item` DROP INDEX `allow_cid` ;
 ALTER TABLE `item` DROP INDEX `allow_gid` ;
 ALTER TABLE `item` DROP INDEX `deny_cid` ;
 ALTER TABLE `item` DROP INDEX `deny_gid` ;
 ALTER TABLE `item` DROP INDEX `tag` ;
 ALTER TABLE `item` DROP INDEX `file` ;
 SELECT CONCAT('ALTER TABLE ',table_schema,'.',table_name,' engine=InnoDB;') 
 FROM information_schema.tables 
 WHERE engine = 'MyISAM';
--- a/database.sql
+++ b/database.sql
@ -7,20 +7,21 @@ SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";
 CREATE TABLE IF NOT EXISTS `account` (
-  `account_id` int(11) NOT NULL AUTO_INCREMENT,
+  `account_id` int(10) unsigned NOT NULL AUTO_INCREMENT,
-  `account_parent` int(10) unsigned NOT NULL,
+  `account_parent` int(10) unsigned NOT NULL DEFAULT '0',
-  `account_salt` char(32) NOT NULL,
+  `account_default_entity` int(10) unsigned NOT NULL DEFAULT '0',
-  `account_password` char(255) NOT NULL,
+  `account_salt` char(32) NOT NULL DEFAULT '',
-  `account_email` char(255) NOT NULL,
+  `account_password` char(255) NOT NULL DEFAULT '',
  `account_email` char(255) NOT NULL DEFAULT '',
  `account_language` char(16) NOT NULL DEFAULT 'en',
  `account_created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
  `account_lastlog` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
-  `account_flags` int(10) unsigned NOT NULL,
+  `account_flags` int(10) unsigned NOT NULL DEFAULT '0',
-  `account_roles` int(10) unsigned NOT NULL,
+  `account_roles` int(10) unsigned NOT NULL DEFAULT '0',
-  `account_reset` char(255) NOT NULL,
+  `account_reset` char(255) NOT NULL DEFAULT '',
  `account_expires` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
  `account_expire_notified` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
-  `account_service_class` char(32) NOT NULL,
+  `account_service_class` char(32) NOT NULL DEFAULT '',
  PRIMARY KEY (`account_id`),
  KEY `account_email` (`account_email`),
  KEY `account_service_class` (`account_service_class`),
@ -28,7 +29,8 @@ CREATE TABLE IF NOT EXISTS `account` (
  KEY `account_flags` (`account_flags`),
  KEY `account_roles` (`account_roles`),
  KEY `account_lastlog` (`account_lastlog`),
-  KEY `account_expires` (`account_expires`)
+  KEY `account_expires` (`account_expires`),
  KEY `account_default_entity` (`account_default_entity`)
 ) ENGINE=MyISAM  DEFAULT CHARSET=utf8;
 CREATE TABLE IF NOT EXISTS `addon` (
@ -216,22 +218,23 @@ CREATE TABLE IF NOT EXISTS `deliverq` (
 CREATE TABLE IF NOT EXISTS `entity` (
  `entity_id` int(10) unsigned NOT NULL AUTO_INCREMENT,
-  `entity_account_id` int(10) unsigned NOT NULL,
+  `entity_account_id` int(10) unsigned NOT NULL DEFAULT '0',
-  `entity_name` char(255) NOT NULL,
+  `entity_primary` tinyint(1) unsigned NOT NULL DEFAULT '0',
-  `entity_address` char(255) NOT NULL,
+  `entity_name` char(255) NOT NULL DEFAULT '',
-  `entity_global_id` char(255) NOT NULL,
+  `entity_address` char(255) NOT NULL DEFAULT '',
-  `entity_timezone` char(128) NOT NULL,
+  `entity_global_id` char(255) NOT NULL DEFAULT '',
-  `entity_location` char(255) NOT NULL,
+  `entity_timezone` char(128) NOT NULL DEFAULT '',
-  `entity_theme` char(255) NOT NULL,
+  `entity_location` char(255) NOT NULL DEFAULT '',
  `entity_theme` char(255) NOT NULL DEFAULT '',
  `entity_pubkey` text NOT NULL,
  `entity_prvkey` text NOT NULL,
-  `entity_privacyflags` int(10) unsigned NOT NULL,
+  `entity_privacyflags` int(10) unsigned NOT NULL DEFAULT '0',
  `entity_notifyflags` int(10) unsigned NOT NULL DEFAULT '65535',
-  `entity_pageflags` int(10) unsigned NOT NULL,
+  `entity_pageflags` int(10) unsigned NOT NULL DEFAULT '0',
-  `entity_max_anon_mail` int(11) NOT NULL DEFAULT '10',
+  `entity_max_anon_mail` int(10) unsigned NOT NULL DEFAULT '10',
-  `entity_max_friend_req` int(11) NOT NULL DEFAULT '10',
+  `entity_max_friend_req` int(10) unsigned NOT NULL DEFAULT '10',
-  `entity_passwd_reset` char(255) NOT NULL,
+  `entity_passwd_reset` char(255) NOT NULL DEFAULT '',
-  `entity_default_gid` int(11) NOT NULL,
+  `entity_default_gid` int(10) unsigned NOT NULL DEFAULT '0',
  `entity_allow_cid` mediumtext NOT NULL,
  `entity_allow_gid` mediumtext NOT NULL,
  `entity_deny_cid` mediumtext NOT NULL,
@ -249,7 +252,8 @@ CREATE TABLE IF NOT EXISTS `entity` (
  KEY `entity_pageflags` (`entity_pageflags`),
  KEY `entity_max_anon_mail` (`entity_max_anon_mail`),
  KEY `entity_max_friend_req` (`entity_max_friend_req`),
-  KEY `entity_default_gid` (`entity_default_gid`)
+  KEY `entity_default_gid` (`entity_default_gid`),
  KEY `entity_primary` (`entity_primary`)
 ) ENGINE=MyISAM  DEFAULT CHARSET=utf8;
 CREATE TABLE IF NOT EXISTS `event` (
@ -421,15 +425,18 @@ CREATE TABLE IF NOT EXISTS `hook` (
 CREATE TABLE IF NOT EXISTS `hubloc` (
  `hubloc_id` int(10) unsigned NOT NULL AUTO_INCREMENT,
  `hubloc_guid` char(255) NOT NULL DEFAULT '',
-  `hubloc_primary` tinyint(3) unsigned NOT NULL DEFAULT '0',
+  `hubloc_guid_sig` char(255) NOT NULL,
  `hubloc_flags` int(10) unsigned NOT NULL DEFAULT '0',
  `hubloc_url` char(255) NOT NULL DEFAULT '',
  `hubloc_url_sig` char(255) NOT NULL,
  `hubloc_callback` char(255) NOT NULL DEFAULT '',
  `hubloc_sitekey` text NOT NULL,
  `hubloc_key` text NOT NULL,
  PRIMARY KEY (`hubloc_id`),
  KEY `hubloc_url` (`hubloc_url`),
-  KEY `hubloc_primary` (`hubloc_primary`),
+  KEY `hubloc_guid` (`hubloc_guid`),
-  KEY `hubloc_guid` (`hubloc_guid`)
+  KEY `hubloc_flags` (`hubloc_flags`),
  KEY `hubloc_guid_sig` (`hubloc_guid_sig`),
  KEY `hubloc_url_sig` (`hubloc_url_sig`)
 ) ENGINE=MyISAM DEFAULT CHARSET=utf8;
 CREATE TABLE IF NOT EXISTS `intro` (
--- a/include/account.php
+++ b/include/account.php
@ -102,7 +102,6 @@ function create_account($arr) {
 		return $result;
 	}
 	$email_result = check_account_email($email);
 	if($email_result['error']) {
@ -142,7 +141,7 @@ function create_account($arr) {
 		return($result);
 	}
-	$r = q("select * from account where account_email = '%s' and password = '%s' limit 1",
+	$r = q("select * from account where account_email = '%s' and account_password = '%s' limit 1",
 		dbesc($email),
 		dbesc($password_encoded)
 	);
@ -153,34 +152,26 @@ function create_account($arr) {
 		logger('create_account: could not retrieve newly created account');
 	}
-	$result['success'] = true;
+	// Set the parent record to the current record_id if no parent was provided
 	if(! $parent) {
 		$r = q("update account set account_parent = %d where account_id = %d limit 1",
 			intval($result['account']['account_id']),
 			intval($result['account']['account_id'])
 		);
 		if(! $r) {
 			logger('create_account: failed to set parent');
 		}
 		$result['account']['parent'] = $result['account']['account_id'];
 	}
 	$result['success']  = true;
 	$result['email']    = $email;
 	$result['password'] = $password;
 	return $result;
 }
 /**
 * Verify login credentials
 *
 * Returns account record on success, null on failure
 *
 */
 function account_verify_password($email,$pass) {
 	$r = q("select * from account where email = '%s'",
 		dbesc($email)
 	);
 	if(! ($r && count($r)))
 		return null;
 	foreach($r as $record) {
 		if(hash('whirlpool',$record['account_salt'] . $pass) === $record['account_password']) {
 			return $record;
 		}
 	}
 	return null;
 }
 function send_reg_approval_email($arr) {
--- a/include/auth.php
+++ b/include/auth.php
@ -20,12 +20,36 @@ function nuke_session() {
 	unset($_SESSION['page_flags']);
 }
 /**
 * Verify login credentials
 *
 * Returns account record on success, null on failure
 *
 */
 function account_verify_password($email,$pass) {
 	$r = q("select * from account where account_email = '%s'",
 		dbesc($email)
 	);
 	if(! ($r && count($r)))
 		return null;
 	foreach($r as $record) {
 		if(($record['account_flags'] == ACCOUNT_OK) || ($record['account_flags'] == ACCOUNT_UNVERIFIED)
 			&& (hash('whirlpool',$record['account_salt'] . $pass) === $record['account_password'])) {
 			return $record;
 		}
 	}
 	return null;
 }
 // login/logout 
 if((isset($_SESSION)) && (x($_SESSION,'authenticated')) && ((! (x($_POST,'auth-params'))) || ($_POST['auth-params'] !== 'login'))) {
 	if(((x($_POST,'auth-params')) && ($_POST['auth-params'] === 'logout')) || ($a->module === 'logout')) {
@ -59,6 +83,14 @@ if((isset($_SESSION)) && (x($_SESSION,'authenticated')) && ((! (x($_POST,'auth-p
 			goaway(z_root());
 		}
 		$r = q("select * from account where account_id = %d limit 1",
 			intval($_SESSION['account_id'])
 		);
 		if(count($r) && (($r[0]['account_flags'] == ACCOUNT_OK) || ($r[0]['account_flags'] == ACCOUNT_UNVERIFIED)))
 			get_app()->account = $r[0];
 		else
 			$_SESSION['account_id'] = 0;
 		$r = q("SELECT `user`.*, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey` 
 		FROM `user` WHERE `uid` = %d AND `blocked` = 0 AND `account_expired` = 0 AND `verified` = 1 LIMIT 1",
 			intval($_SESSION['uid'])
@ -80,43 +112,6 @@ else {
 	if((x($_POST,'password')) && strlen($_POST['password']))
 		$encrypted = hash('whirlpool',trim($_POST['password']));
 	else {
 		if((x($_POST,'openid_url')) && strlen($_POST['openid_url']) ||
 		   (x($_POST,'username')) && strlen($_POST['username'])) {
 			$noid = get_config('system','no_openid');
 			$openid_url = trim((strlen($_POST['openid_url'])?$_POST['openid_url']:$_POST['username']) );
 			// validate_url alters the calling parameter
 			$temp_string = $openid_url;
 			// if it's an email address or doesn't resolve to a URL, fail.
 			if(($noid) || (strpos($temp_string,'@')) || (! validate_url($temp_string))) {
 				$a = get_app();
 				notice( t('Login failed.') . EOL);
 				goaway(z_root());
 				// NOTREACHED
 			}
 			// Otherwise it's probably an openid.
                        try {
 			require_once('library/openid.php');
 			$openid = new LightOpenID;
 			$openid->identity = $openid_url;
 			$_SESSION['openid'] = $openid_url;
 			$a = get_app();
 			$openid->returnUrl = $a->get_baseurl(true) . '/openid'; 
                        goaway($openid->authUrl());
                        } catch (Exception $e) {
                            notice( t('We encountered a problem while logging in with the OpenID you provided. Please check the correct spelling of the ID.').'<br /><br >'. t('The error message was:').' '.$e->getMessage());
                        }
 			// NOTREACHED
 		}
 	}
 	if((x($_POST,'auth-params')) && $_POST['auth-params'] === 'login') {
@ -144,6 +139,18 @@ else {
 		}
 		else {
 			get_app()->account = account_verify_password($_POST['username'],$_POST['password']);
 			if(get_app()->account) {
 				$_SESSION['account_id'] = get_app()->account['account_id'];
 			}
 			else {
 				notice( t('Failed authentication') . EOL);
 			}
 			logger('authenticate: ' . print_r(get_app()->account,true));
 			// process normal login request
 			$r = q("SELECT `user`.*, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey`  
--- a/include/conversation.php
+++ b/include/conversation.php
@ -344,12 +344,6 @@ function prepare_threads_body($a, $items, $cmnt_tpl, $page_writeable, $mode, $pr
 	$total_children = $nb_items;
 	foreach($items as $item) {
 		// prevent private email reply to public conversation from leaking.
 		if($item['network'] === NETWORK_MAIL && local_user() != $item['uid']) {
 			// Don't count it as a visible item
 			$nb_items--;
 			continue;
 		}
 		if($item['verb'] === ACTIVITY_LIKE || $item['verb'] === ACTIVITY_DISLIKE) {
 			$nb_items --;
@ -406,15 +400,13 @@ function prepare_threads_body($a, $items, $cmnt_tpl, $page_writeable, $mode, $pr
 		$sp = false;
 		$profile_link = best_link_url($item,$sp);
 		if($profile_link === 'mailbox')
 			$profile_link = '';
 		if($sp)
 			$sparkle = ' sparkle';
 		else
 			$profile_link = zrl($profile_link);					
 		$normalised = normalise_link((strlen($item['author-link'])) ? $item['author-link'] : $item['url']);
-		if(($normalised != 'mailbox') && (x($a->contacts,$normalised)))
+		if(x($a->contacts,$normalised))
 			$profile_avatar = $a->contacts[$normalised]['thumb'];
 		else
 			$profile_avatar = (((strlen($item['author-avatar'])) && $diff_author) ? $item['author-avatar'] : $a->get_cached_avatar_image($thumb));
@ -762,10 +754,6 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional') {
 				else
 					$nickname = $a->user['nickname'];
 				// prevent private email from leaking.
 				if($item['network'] === NETWORK_MAIL && local_user() != $item['uid'])
 						continue;
 				$profile_name   = ((strlen($item['author-name']))   ? $item['author-name']   : $item['name']);
 				if($item['author-link'] && (! $item['author-name']))
 					$profile_name = $item['author-link'];
@ -774,15 +762,13 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional') {
 				$sp = false;
 				$profile_link = best_link_url($item,$sp);
 				if($profile_link === 'mailbox')
 					$profile_link = '';
 				if($sp)
 					$sparkle = ' sparkle';
 				else
 					$profile_link = zrl($profile_link);					
 				$normalised = normalise_link((strlen($item['author-link'])) ? $item['author-link'] : $item['url']);
-				if(($normalised != 'mailbox') && (x($a->contacts[$normalised])))
+				if(x($a->contacts,$normalised))
 					$profile_avatar = $a->contacts[$normalised]['thumb'];
 				else
 					$profile_avatar = ((strlen($item['author-avatar'])) ? $a->get_cached_avatar_image($item['author-avatar']) : $item['thumb']);
@ -955,10 +941,6 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional') {
 				}
 				else {
 					// prevent private email reply to public conversation from leaking.
 					if($item['network'] === NETWORK_MAIL && local_user() != $item['uid'])
 							continue;
 					$comments_seen ++;
 					$comment_lastcollapsed  = false;
 					$comment_firstcollapsed = false;
@ -1146,15 +1128,13 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional') {
 				$sp = false;
 				$profile_link = best_link_url($item,$sp);
 				if($profile_link === 'mailbox')
 					$profile_link = '';
 				if($sp)
 					$sparkle = ' sparkle';
 				else
 					$profile_link = zrl($profile_link);					
 				$normalised = normalise_link((strlen($item['author-link'])) ? $item['author-link'] : $item['url']);
-				if(($normalised != 'mailbox') && (x($a->contacts,$normalised)))
+				if(x($a->contacts,$normalised))
 					$profile_avatar = $a->contacts[$normalised]['thumb'];
 				else
 					$profile_avatar = (((strlen($item['author-avatar'])) && $diff_author) ? $item['author-avatar'] : $a->get_cached_avatar_image($thumb));
@ -1346,8 +1326,6 @@ function item_photo_menu($item){
 	$sparkle = false;
    $profile_link = best_link_url($item,$sparkle,$ssl_state);
 	if($profile_link === 'mailbox')
 		$profile_link = '';
 	if($sparkle) {
 		$cid = intval(basename($profile_link));
@ -1504,27 +1482,6 @@ function status_editor($a,$x, $notes_cid = 0, $popup=false) {
 	$jotplugins = '';
 	$jotnets = '';
 	$mail_disabled = ((function_exists('imap_open') && (! get_config('system','imap_disabled'))) ? 0 : 1);
 	$mail_enabled = false;
 	$pubmail_enabled = false;
 	if(($x['is_owner']) && (! $mail_disabled)) {
 		$r = q("SELECT * FROM `mailacct` WHERE `uid` = %d AND `server` != '' LIMIT 1",
 			intval(local_user())
 		);
 		if(count($r)) {
 			$mail_enabled = true;
 			if(intval($r[0]['pubmail']))
 				$pubmail_enabled = true;
 		}
 	}
 	if($mail_enabled) {
 		$selected = (($pubmail_enabled) ? ' checked="checked" ' : '');
 		$jotnets .= '<div class="profile-jot-net"><input type="checkbox" name="pubmail_enable"' . $selected . ' value="1" /> ' . t("Post to Email") . '</div>';
 	}
 	call_hooks('jot_tool', $jotplugins);
 	call_hooks('jot_networks', $jotnets);
@ -1565,7 +1522,6 @@ function status_editor($a,$x, $notes_cid = 0, $popup=false) {
 		'$defloc' => $x['default_location'],
 		'$visitor' => $x['visitor'],
 		'$pvisit' => (($notes_cid) ? 'none' : $x['visitor']),
 		'$emailcc' => t('CC: email addresses'),
 		'$public' => t('Public post'),
 		'$jotnets' => $jotnets,
 		'$emtitle' => t('Example: bob@example.com, mary@example.com'),
--- a/include/crypto.php
+++ b/include/crypto.php
@ -3,8 +3,6 @@
 require_once('library/ASNValue.class.php');
 require_once('library/asn1.php');
 // supported algorithms are 'sha256', 'sha1'
 function rsa_sign($data,$key,$alg = 'sha256') {
 	$sig = '';
--- a/include/identity.php
+++ b/include/identity.php
@ -3,11 +3,44 @@
 require_once('include/zot.php');
 require_once('include/crypto.php');
 function identity_check_service_class($account_id) {
 	$ret = array('success' => false, $message => '');
 	$r = q("select count(entity_id) as total from entity were entity_account_id = %d ",
 		intval($account_id)
 	);
 	if(! ($r && count($r))) {
 		$ret['message'] = t('Unable to obtain identity information from database');
 		return $ret;
 	} 
 	if(! service_class_allows($account_id,'total_identities',$r[0]['total'])) {
 		$result['message'] .= upgrade_message();
 		return $result;
 	}
 	$ret['success'] = true;
 	return $ret;
 }
 // Required: name, nickname, account_id
 // optional: pageflags
 function create_identity($arr) {
-	$ret = array('success' => false, 'message' => '');
+	$ret = array('success' => false);
-	$nick = trim($_POST['nickname']);
+
-	$name = escape_tags($_POST['name']);
+	if(! $arr['account_id']) {
 		$ret['message'] = t('No account identifier');
 		return $ret;
 	}
 	$nick = trim($arr['nickname']);
 	$name = escape_tags($arr['name']);
 	$pageflags = ((x($arr,'pageflags')) ? intval($arr['pageflags']) : PAGE_NORMAL);
 	if(check_webbie(array($nick)) !== $nick) {
 		$ret['message'] = t('Nickname has unsupported characters or is already being used on this site.');
@ -24,7 +57,7 @@ function create_identity($arr) {
 		entity_pubkey, entity_pageflags )
 		values ( %d, %d, '%s', '%s', '%s', '%s', '%s', %d ) ",
-		intval(local_user()),
+		intval($arr['account_id']),
 		intval($primary),
 		dbesc($name),
 		dbesc($nick),
@ -36,44 +69,53 @@ function create_identity($arr) {
 	$r = q("select * from entity where entity_account_id = %d 
 		and entity_global_id = '%s' limit 1",
-		intval(local_user()),
+		intval($arr['account_id']),
 		dbesc($guid)
 	);
 	if(! ($r && count($r))) {
 		$ret['message'] = t('Unable to retrieve created identity');
 		return $ret;
 	}
 	$ret['entity'] = $r[0];
 	set_default_login_identity($arr['account_id'],$ret['entity']['entity_id'],false);
 	// Create a verified hub location pointing to this site.
 	$r = q("insert into hubloc ( hubloc_guid, hubloc_guid_sig, hubloc_flags, 
 		hubloc_url, hubloc_url_sig, hubloc_callback, hubloc_sitekey )
 		values ( '%s', '%s', %d, '%s', '%s', '%s', '%s' )",
 		dbesc($ret['entity']['entity_global_id']),
 		dbesc(base64url_encode(rsa_sign($ret['entity']['entity_global_id'],$ret['entity']['entity_prvkey']))),
 		intval(($primary) ? HUBLOC_FLAGS_PRIMARY : 0),
 		dbesc(z_root()),
 		dbesc(base64url_encode(rsa_sign(z_root(),$ret['entity']['entity_prvkey']))),
 		dbesc(z_root() . '/post'),
 		dbesc(get_config('system','pubkey'))
 	);
 	if(! $r)
 		logger('create_identity: Unable to store hub location');
 	$ret['success'] = true;
 	return $ret;
 }
 // set default identity for account_id to identity_id
 // if $force is false only do this if there is no current default
-
+function set_default_login_identity($account_id,$entity_id,$force = true) {
-
+	$r = q("select account_default_entity from account where account_id = %d limit 1",
-
+		intval($account_id)
-
+	);
-class simple_identity {
+	if(($r) && (count($r)) && ((! intval($r[0]['account_default_entity'])) || $force)) {
-
+		$r = q("update account set account_default_entity = %d where account_id = %d limit 1",
-	private $identity_uid;
+			intval($entity_id),
-	private $identity_name;
+			intval($account_id)
 	private $identity_url;
 	private $identity_photo;
 	function __construct($uid = '',$name = '',$url = '',$photo = '') {
 		$this->identity_uid    = $uid;
 		$this->identity_name   = $name;
 		$this->identity_url    = $url;
 		$this->identity_photo  = $photo;
 	}
 	function to_array() {
 		return array(
 			'zuid'  => $this->identity_uid,
 			'name'  => $this->identity_name,
 			'url'   => $this->identity_url,
 			'photo' => $this->identity_photo
 		);
 	}
 }
--- a/include/items.php
+++ b/include/items.php
@ -3338,7 +3338,6 @@ function fix_private_photos($s, $uid, $item = null, $cid = 0) {
 			// Only embed locally hosted photos
 			$replace = false;
 			$i = basename($image);
 			$i = str_replace(array('.jpg','.png'),array('',''),$i);
 			$x = strpos($i,'-');
 			if($x) {
--- a/include/notifier.php
+++ b/include/notifier.php
@ -439,25 +439,6 @@ function notifier_run($argv, $argc){
 	logger('notifier: slaps: ' . print_r($slaps,true), LOGGER_DATA);
 	// If this is a public message and pubmail is set on the parent, include all your email contacts
 	$mail_disabled = ((function_exists('imap_open') && (! get_config('system','imap_disabled'))) ? 0 : 1);
 	if(! $mail_disabled) {
 		if((! strlen($target_item['allow_cid'])) && (! strlen($target_item['allow_gid'])) 
 			&& (! strlen($target_item['deny_cid'])) && (! strlen($target_item['deny_gid'])) 
 			&& (intval($target_item['pubmail']))) {
 			$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `network` = '%s'",
 				intval($uid),
 				dbesc(NETWORK_MAIL)
 			);
 			if(count($r)) {
 				foreach($r as $rr)
 					$recipients[] = $rr['id'];
 			}
 		}
 	}
 	if($followup)
 		$recip_str = $parent['contact-id'];
 	else
--- a/include/text.php
+++ b/include/text.php
@ -1152,7 +1152,7 @@ function generate_user_guid() {
-function base64url_encode($s, $strip_padding = false) {
+function base64url_encode($s, $strip_padding = true) {
 	$s = strtr(base64_encode($s),'+/','-_');
--- a/include/user.php
+++ b/include/user.php
@ -219,8 +219,8 @@ function create_user($arr) {
 			t('default'),
 			1,
 			dbesc($username),
-			dbesc($a->get_baseurl() . "/photo/profile/{$newuid}.jpg"),
+			dbesc($a->get_baseurl() . "/photo/profile/{$newuid}"),
-			dbesc($a->get_baseurl() . "/photo/avatar/{$newuid}.jpg"),
+			dbesc($a->get_baseurl() . "/photo/avatar/{$newuid}"),
 			intval($publish),
 			intval($netpublish)
@ -239,9 +239,9 @@ function create_user($arr) {
 			datetime_convert(),
 			dbesc($username),
 			dbesc($nickname),
-			dbesc($a->get_baseurl() . "/photo/profile/{$newuid}.jpg"),
+			dbesc($a->get_baseurl() . "/photo/profile/{$newuid}"),
-			dbesc($a->get_baseurl() . "/photo/avatar/{$newuid}.jpg"),
+			dbesc($a->get_baseurl() . "/photo/avatar/{$newuid}"),
-			dbesc($a->get_baseurl() . "/photo/micro/{$newuid}.jpg"),
+			dbesc($a->get_baseurl() . "/photo/micro/{$newuid}"),
 			dbesc($a->get_baseurl() . "/profile/$nickname"),
 			dbesc(normalise_link($a->get_baseurl() . "/profile/$nickname")),
 			dbesc($a->get_baseurl() . "/dfrn_request/$nickname"),
--- a/include/zot.php
+++ b/include/zot.php
@ -2,15 +2,15 @@
 /**
 *
- * @function zot_new_uid($entity_id)
+ * @function zot_new_uid($entity_nick)
- * @entity_id = integer id of controlling entity
+ * @entity_id = unique nickname of controlling entity
 * @returns string
 *
 */
-function zot_new_uid($entity_id) {
+function zot_new_uid($entity_nick) {
-	$rawstr = z_root() . '/' . $entity_id . '.' . mt_rand();
+	$rawstr = z_root() . '/' . $entity_nick . '.' . mt_rand();
-	return(base64url_encode(hash('whirlpool',$rawstr,true),true) . '.' . mt_rand());
+	return(base64url_encode(hash('whirlpool',$rawstr,true),true));
 }
@ -63,7 +63,9 @@ function zot_notify($entity,$url) {
 	$x = z_post_url($url, array(
 		'type' => 'notify',
 		'guid' => $entity['entity_global_id'],
 		'guid_sig' => base64url_encode($guid,$entity['prvkey']),
 		'hub' => z_root(),
 		'hub_sig' => base64url_encode(z_root,$entity['prvkey']), 
 		'callback' => '/post', 
 		'spec' => ZOT_REVISION)
 	);
@ -73,12 +75,15 @@ function zot_notify($entity,$url) {
 function zot_gethub($arr) {
-	if((x($arr,'hub')) && (x($arr,'guid'))) {
+	if((x($arr,'guid')) && (x($arr,'guid_sig')) && (x($arr,'hub')) && (x($arr,'hub_sig'))) {
 		$r = q("select * from hubloc 
-				where hubloc_guid = '%s' and hubloc_url = '%s' 
+				where hubloc_guid = '%s' and hubloc_guid_sig = '%s' 
 				and hubloc_url = '%s' and hubloc_url_sig = '%s'
 				limit 1",
 			dbesc($arr['guid']),
-			dbesc($arr['hub'])
+			dbesc($arr['guid_sig']),
 			dbesc($arr['hub']),
 			dbesc($arr['hub_sig'])
 		);
 		if($r && count($r))
 			return $r[0];
@ -95,13 +100,19 @@ function zot_register_hub($arr) {
 			if($record->hub && count($record->hub)) {
 				foreach($record->hub as $h) {
 					// store any hubs we don't know about
-					if( ! zot_gethub(array('hub' => $h->url, 'guid' => $arr['guid']))) {
+					if( ! zot_gethub(
-						$r = q("insert into hubloc (hubloc_guid, hubloc_flags, hubloc_url, 
+							array('guid' => $arr['guid'],
-								hubloc_callback, hubloc_sitekey, hubloc_key)
+								'guid_sig' => $arr['guid_sig'],
-							values ( '%s', %d, '%s', '%s', '%s', '%s' )",
+								'hub' => $h->url, 
 								'hub_sig' => $h->url_sig))) {
 						$r = q("insert into hubloc (hubloc_guid, hubloc_guid_sig, hubloc_flags, hubloc_url, 
 								hubloc_url_sig, hubloc_callback, hubloc_sitekey, hubloc_key)
 							values ( '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s' )",
 							dbesc($arr['guid']),
 							dbesc($arr['guid_sig']),
 							intval((($h->primary) ? HUBLOC_FLAGS_PRIMARY : 0) | HUBLOC_FLAGS_UNVERIFIED ),
 							dbesc($h->url),
 							dbesc($h->url_sig),
 							dbesc($h->callback),
 							dbesc($h->sitekey),
 							dbesc($record->key)
--- a/mod/editpost.php
+++ b/mod/editpost.php
@ -58,30 +58,6 @@ function editpost_content(&$a) {
 	$jotplugins = '';
 	$jotnets = '';
 	$mail_disabled = ((function_exists('imap_open') && (! get_config('system','imap_disabled'))) ? 0 : 1);
 	$mail_enabled = false;
 	$pubmail_enabled = false;
 	if(! $mail_disabled) {
 		$r = q("SELECT * FROM `mailacct` WHERE `uid` = %d AND `server` != '' LIMIT 1",
 			intval(local_user())
 		);
 		if(count($r)) {
 			$mail_enabled = true;
 			if(intval($r[0]['pubmail']))
 				$pubmail_enabled = true;
 		}
 	}
 	if($mail_enabled) {
       $selected = (($pubmail_enabled) ? ' checked="checked" ' : '');
 		$jotnets .= '<div class="profile-jot-net"><input type="checkbox" name="pubmail_enable"' . $selected . ' value="1" /> '
          	. t("Post to Email") . '</div>';
 	}
 	call_hooks('jot_tool', $jotplugins);
 	call_hooks('jot_networks', $jotnets);
@ -110,7 +86,6 @@ function editpost_content(&$a) {
 		'$defloc' => $a->user['default-location'],
 		'$visitor' => 'none',
 		'$pvisit' => 'none',
 		'$emailcc' => t('CC: email addresses'),
 		'$public' => t('Public post'),
 		'$jotnets' => $jotnets,
 		'$title' => $itm[0]['title'],
--- a/mod/item.php
+++ b/mod/item.php
@ -38,7 +38,7 @@ function item_post(&$a) {
 	}
 	call_hooks('post_local_start', $_REQUEST);
-//	logger('postinput ' . file_get_contents('php://input'));
+
 	logger('postvars ' . print_r($_REQUEST,true), LOGGER_DATA);
 	$api_source = ((x($_REQUEST,'api_source') && $_REQUEST['api_source']) ? true : false);
@ -191,11 +191,9 @@ function item_post(&$a) {
 		$verb              = $orig_post['verb'];
 		$emailcc           = $orig_post['emailcc'];
 		$app			   = $orig_post['app'];
 //		$categories        = $orig_post['file'];
 		$title             = escape_tags(trim($_REQUEST['title']));
 		$body              = escape_tags(trim($_REQUEST['body']));
 		$private           = $orig_post['private'];
 		$pubmail_enable    = $orig_post['pubmail'];
 	}
 	else {
@ -235,11 +233,6 @@ function item_post(&$a) {
 		logger('detected language: ' . $language);
 		$private = ((strlen($str_group_allow) || strlen($str_contact_allow) || strlen($str_group_deny) || strlen($str_contact_deny)) ? 1 : 0);
 		// If this is a comment, set the permissions from the parent.
@ -261,21 +254,6 @@ function item_post(&$a) {
 			$str_group_deny    = $parent_item['deny_gid'];
 		}
 		$pubmail_enable    = ((x($_REQUEST,'pubmail_enable') && intval($_REQUEST['pubmail_enable']) && (! $private)) ? 1 : 0);
 		// if using the API, we won't see pubmail_enable - figure out if it should be set
 		if($api_source && $profile_uid && $profile_uid == local_user() && (! $private)) {
 			$mail_disabled = ((function_exists('imap_open') && (! get_config('system','imap_disabled'))) ? 0 : 1);
 			if(! $mail_disabled) {
 				$r = q("SELECT * FROM `mailacct` WHERE `uid` = %d AND `server` != '' LIMIT 1",
 					intval(local_user())
 				);
 				if(count($r) && intval($r[0]['pubmail']))
 					$pubmail_enabled = true;
 			}
 		}
 		if(! strlen($body)) {
 			if($preview)
 				killme();
@ -585,7 +563,6 @@ function item_post(&$a) {
 	$datarray['deny_cid']      = $str_contact_deny;
 	$datarray['deny_gid']      = $str_group_deny;
 	$datarray['private']       = $private;
 	$datarray['pubmail']       = $pubmail_enable;
 	$datarray['attach']        = $attachments;
 	$datarray['thr-parent']    = $thr_parent;
 	$datarray['postopts']      = '';
@ -683,8 +660,8 @@ function item_post(&$a) {
 	$r = q("INSERT INTO `item` (`uid`,`type`,`wall`,`gravity`,`contact-id`,`owner-name`,`owner-link`,`owner-avatar`, 
 		`author-name`, `author-link`, `author-avatar`, `created`, `edited`, `commented`, `received`, `changed`, `uri`, `thr-parent`, `title`, `body`, `app`, `lang`, `location`, `coord`, 
-		`inform`, `verb`, `postopts`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid`, `private`, `pubmail`, `attach`,`origin`, `moderated`)
+		`inform`, `verb`, `postopts`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid`, `private`, `attach`,`origin`, `moderated`)
-		VALUES( %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d, %d )",
+		VALUES( %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, '%s', %d, %d )",
 		intval($datarray['uid']),
 		dbesc($datarray['type']),
 		intval($datarray['wall']),
@ -717,7 +694,6 @@ function item_post(&$a) {
 		dbesc($datarray['deny_cid']),
 		dbesc($datarray['deny_gid']),
 		intval($datarray['private']),
 		intval($datarray['pubmail']),
 		dbesc($datarray['attach']),
 		intval($datarray['origin']),
 		intval($datarray['moderated'])
@ -852,31 +828,6 @@ function item_post(&$a) {
 	call_hooks('post_local_end', $datarray);
 	if(strlen($emailcc) && $profile_uid == local_user()) {
 		$erecips = explode(',', $emailcc);
 		if(count($erecips)) {
 			foreach($erecips as $recip) {
 				$addr = trim($recip);
 				if(! strlen($addr))
 					continue;
 				$disclaimer = '<hr />' . sprintf( t('This message was sent to you by %s, a member of the Friendica social network.'),$a->user['username']) 
 					. '<br />';
 				$disclaimer .= sprintf( t('You may visit them online at %s'), $a->get_baseurl() . '/profile/' . $a->user['nickname']) . EOL;
 				$disclaimer .= t('Please contact the sender by replying to this post if you do not wish to receive these messages.') . EOL; 
 				$subject  = email_header_encode('[Friendica]' . ' ' . sprintf( t('%s posted an update.'),$a->user['username']),'UTF-8');
 				$headers  = 'From: ' . email_header_encode($a->user['username'],'UTF-8') . ' <' . $a->user['email'] . '>' . "\n";
 				$headers .= 'MIME-Version: 1.0' . "\n";
 				$headers .= 'Content-Type: text/html; charset=UTF-8' . "\n";
 				$headers .= 'Content-Transfer-Encoding: 8bit' . "\n\n";
 				$link = '<a href="' . $a->get_baseurl() . '/profile/' . $a->user['nickname'] . '"><img src="' . $author['thumb'] . '" alt="' . $a->user['username'] . '" /></a><br /><br />';
 				$html    = prepare_body($datarray);
 				$message = '<html><body>' . $link . $html . $disclaimer . '</body></html>';
 				@mail($addr, $subject, $message, $headers);
 			}
 		}
 	}
 	// This is a real juggling act on shared hosting services which kill your processes
 	// e.g. dreamhost. We used to start delivery to our native delivery agents in the background
 	// and then run our plugin delivery from the foreground. We're now doing plugin delivery first,
--- a/mod/msearch.php
+++ b/mod/msearch.php
@ -28,7 +28,7 @@ function msearch_post(&$a) {
 			$results[] = array(
 				'name' => $rr['name'], 
 				'url' => $a->get_baseurl() . '/profile/' . $rr['nickname'], 
-				'photo' => $a->get_baseurl() . '/photo/avatar/' . $rr['uid'] . '.jpg',
+				'photo' => $a->get_baseurl() . '/photo/avatar/' . $rr['uid'],
 				'tags' => str_replace(array(',','  '),array(' ',' '),$rr['pub_keywords'])
 			);
 	}
--- a/mod/photo.php
+++ b/mod/photo.php
@ -5,44 +5,20 @@ require_once('include/Photo.php');
 function photo_init(&$a) {
 	// To-Do:
 	// - checking with realpath
 	// - checking permissions
 	/*
 	$cache = get_config('system','itemcache');
        if (($cache != '') and is_dir($cache)) {
 		$cachefile = $cache."/".$a->argc."-".$a->argv[1]."-".$a->argv[2]."-".$a->argv[3];
 		if (file_exists($cachefile)) {
 			$data = file_get_contents($cachefile);
 			if(function_exists('header_remove')) {
 				header_remove('Pragma');
 				header_remove('pragma');
 			}
 			header("Content-type: image/jpeg");
 			header("Expires: " . gmdate("D, d M Y H:i:s", time() + (3600*24)) . " GMT");
 			header("Cache-Control: max-age=" . (3600*24));
 			echo $data;
 			killme();
 			// NOTREACHED
 		}
 	}*/
 	$prvcachecontrol = false;
-	switch($a->argc) {
+	switch(argc()) {
 		case 4:
-			$person = $a->argv[3];
+			$person = argv(3);
-			$customres = intval($a->argv[2]);
+			$customres = intval(argv(2));
-			$type = $a->argv[1];
+			$type = argv(1);
 			break;
 		case 3:
-			$person = $a->argv[2];
+			$person = argv(2);
-			$type = $a->argv[1];
+			$type = argv(1);
 			break;
 		case 2:
-			$photo = $a->argv[1];
+			$photo = argv(1);
 			break;
 		case 1:
 		default:
@ -76,7 +52,7 @@ function photo_init(&$a) {
 				break;
 		}
-		$uid = str_replace(array('.jpg','.png'),array('',''), $person);
+		$uid = $person;
 		$r = q("SELECT * FROM `photo` WHERE `scale` = %d AND `uid` = %d AND `profile` = 1 LIMIT 1",
 			intval($resolution),
--- a/mod/photos.php
+++ b/mod/photos.php
@ -36,7 +36,7 @@ function photos_init(&$a) {
 			$o .= '<div class="vcard">';
 			$o .= '<div class="fn">' . $a->data['user']['username'] . '</div>';
-			$o .= '<div id="profile-photo-wrapper"><img class="photo" style="width: 175px; height: 175px;" src="' . $a->get_cached_avatar_image($a->get_baseurl() . '/photo/profile/' . $a->data['user']['uid'] . '.jpg') . '" alt="' . $a->data['user']['username'] . '" /></div>';
+			$o .= '<div id="profile-photo-wrapper"><img class="photo" style="width: 175px; height: 175px;" src="' . $a->get_cached_avatar_image($a->get_baseurl() . '/photo/profile/' . $a->data['user']['uid']) . '" alt="' . $a->data['user']['username'] . '" /></div>';
 			$o .= '</div>';
 			$albums_visible = ((intval($a->data['user']['hidewall']) && (! local_user()) && (! remote_user())) ? false : true);	
--- a/mod/ping.php
+++ b/mod/ping.php
@ -18,6 +18,8 @@ function ping_init(&$a) {
 	$result['events_today'] = 0;
 	$result['birthdays'] = 0;
 	$result['birthdays_today'] = 0;
 	$result['all_events'] = 0;
 	$result['all_events_today'] = 0;
 	$result['notice'] = array();
 	$result['info'] = array();
@ -166,9 +168,9 @@ function ping_init(&$a) {
 	);
 	if($events && count($events)) {
-		$result['events'] = intval($events[0]['total']);
+		$result['all_events'] = intval($events[0]['total']);
-		if($result['events']) {
+		if($result['all_events']) {
 			$str_now = datetime_convert('UTC',$a->timezone,'now','Y-m-d');
 			foreach($events as $x) {
 				$bd = false;
@ -176,10 +178,15 @@ function ping_init(&$a) {
 					$result['birthdays'] ++;
 					$bd = true;
 				}
 				else {
 					$result['events'] ++;
 				}
 				if(datetime_convert('UTC',((intval($x['adjust'])) ? $a->timezone : 'UTC'), $x['start'],'Y-m-d') === $str_now) {
-					$result['events_today'] ++;
+					$result['all_events_today'] ++;
 					if($bd)
 						$result['birthdays_today'] ++;
 					else
 						$result['events_today'] ++;
 				}
 			}
 		}
--- a/mod/settings.php
+++ b/mod/settings.php
@ -176,77 +176,6 @@ function settings_post(&$a) {
 		check_form_security_token_redirectOnErr('/settings/connectors', 'settings_connectors');
 		if(x($_POST, 'imap-submit')) {
 			$mail_server       = ((x($_POST,'mail_server')) ? $_POST['mail_server'] : '');
 			$mail_port         = ((x($_POST,'mail_port')) ? $_POST['mail_port'] : '');
 			$mail_ssl          = ((x($_POST,'mail_ssl')) ? strtolower(trim($_POST['mail_ssl'])) : '');
 			$mail_user         = ((x($_POST,'mail_user')) ? $_POST['mail_user'] : '');
 			$mail_pass         = ((x($_POST,'mail_pass')) ? trim($_POST['mail_pass']) : '');
 			$mail_action       = ((x($_POST,'mail_action')) ? trim($_POST['mail_action']) : '');
 			$mail_movetofolder = ((x($_POST,'mail_movetofolder')) ? trim($_POST['mail_movetofolder']) : '');
 			$mail_replyto      = ((x($_POST,'mail_replyto')) ? $_POST['mail_replyto'] : '');
 			$mail_pubmail      = ((x($_POST,'mail_pubmail')) ? $_POST['mail_pubmail'] : '');
 			$mail_disabled = ((function_exists('imap_open') && (! get_config('system','imap_disabled'))) ? 0 : 1);
 			if(get_config('system','dfrn_only'))
 				$mail_disabled = 1;
 			if(! $mail_disabled) {
 				$failed = false;
 				$r = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1",
 					intval(local_user())
 				);
 				if(! count($r)) {
 					q("INSERT INTO `mailacct` (`uid`) VALUES (%d)",
 						intval(local_user())
 					);
 				}
 				if(strlen($mail_pass)) {
 					$pass = '';
 					openssl_public_encrypt($mail_pass,$pass,$a->user['pubkey']);
 					q("UPDATE `mailacct` SET `pass` = '%s' WHERE `uid` = %d LIMIT 1",
 						dbesc(bin2hex($pass)),
 						intval(local_user())
 					);
 				}
 				$r = q("UPDATE `mailacct` SET `server` = '%s', `port` = %d, `ssltype` = '%s', `user` = '%s',
 					`action` = %d, `movetofolder` = '%s',
 					`mailbox` = 'INBOX', `reply_to` = '%s', `pubmail` = %d WHERE `uid` = %d LIMIT 1",
 					dbesc($mail_server),
 					intval($mail_port),
 					dbesc($mail_ssl),
 					dbesc($mail_user),
 					intval($mail_action),
 					dbesc($mail_movetofolder),
 					dbesc($mail_replyto),
 					intval($mail_pubmail),
 					intval(local_user())
 				);
 				$r = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1",
 					intval(local_user())
 				);
 				if(count($r)) {
 					$eacct = $r[0];
 					require_once('include/email.php');
 					$mb = construct_mailbox_name($eacct);
 					if(strlen($eacct['server'])) {
 						$dcrpass = '';
 						openssl_private_decrypt(hex2bin($eacct['pass']),$dcrpass,$a->user['prvkey']);
 						$mbox = email_connect($mb,$mail_user,$dcrpass);
 						unset($dcrpass);
 						if(! $mbox) {
 							$failed = true;
 							notice( t('Failed to connect with email account using the settings provided.') . EOL);
 						}
 					}
 				}
 				if(! $failed)
 					info( t('Email settings updated.') . EOL);
 			}
 		}
 		call_hooks('connector_settings_post', $_POST);
 		return;
 	}
--- a/mod/xrd.php
+++ b/mod/xrd.php
@ -39,7 +39,7 @@ function xrd_init(&$a) {
 		'$atom'        => $a->get_baseurl() . '/dfrn_poll/'     . $r[0]['nickname'],
 		'$zot_post'    => $a->get_baseurl() . '/post/'          . $r[0]['nickname'],
 		'$poco_url'    => $a->get_baseurl() . '/poco/'          . $r[0]['nickname'],
-		'$photo'       => $a->get_baseurl() . '/photo/profile/' . $r[0]['uid']      . '.jpg',
+		'$photo'       => $a->get_baseurl() . '/photo/profile/' . $r[0]['uid'],
 		'$dspr'        => $dspr,
 		'$salmon'      => $a->get_baseurl() . '/salmon/'        . $r[0]['nickname'],
 		'$salmen'      => $a->get_baseurl() . '/salmon/'        . $r[0]['nickname'] . '/mention',
--- a/mod/zentity.php
+++ b/mod/zentity.php
@ -61,7 +61,7 @@ function zentity_post(&$a) {
 	$arr = $_POST;
-	if(($uid = intval(local_user())) == 0) {
+	if(($arr['account_id'] = get_account_id()) === false) {
 		notice( t('Permission denied.') . EOL );
 		return;
 	}
@ -84,44 +84,13 @@ function zentity_post(&$a) {
 function zentity_content(&$a) {
-
+	if(! get_account_id()) {
-	if((! local_user()) && ($a->config['register_policy'] == REGISTER_CLOSED)) {
+		notice( t('Permission denied.') . EOL);
 		notice("Permission denied." . EOL);
 		return;
 	}
-	$max_dailies = intval(get_config('system','max_daily_registrations'));
+	$name         = ((x($_REQUEST,'name'))         ? $_REQUEST['name']         :  "" );
-	if($max_dailies) {
+	$nickname     = ((x($_REQUEST,'nickname'))     ? $_REQUEST['nickname']     :  "" );
 		$r = q("select count(*) as total from account where account_created > UTC_TIMESTAMP - INTERVAL 1 day");
 		if($r && $r[0]['total'] >= $max_dailies) {
 			logger('max daily registrations exceeded.');
 			notice( t('This site has exceeded the number of allowed daily account registrations. Please try again tomorrow.') . EOL);
 			return;
 		}
 	}
 	// Configurable terms of service link
 	$tosurl = get_config('system','tos_url');
 	if(! $tosurl)
 		$tosurl = $a->get_baseurl() . '/help/TermsOfService';
 	$toslink = '<a href="' . $tosurl . '" >' . t('Terms of Service') . '</a>';
 	// Configurable whether to restrict age or not - default is based on international legal requirements
 	// This can be relaxed if you are on a restricted server that does not share with public servers
 	if(get_config('system','no_age_restriction')) 
 		$label_tos = sprintf( t('I accept the %s for this website'), $toslink);
 	else
 		$label_tos = 
 	$email        = ((x($_REQUEST,'email'))        ? $_REQUEST['email']        :  "" );
 	$password     = ((x($_REQUEST,'password'))     ? $_REQUEST['password']     :  "" );
 	$password2    = ((x($_REQUEST,'password2'))    ? $_REQUEST['password2']    :  "" );
 	$invite_code  = ((x($_REQUEST,'invite_code'))  ? $_REQUEST['invite_code']  :  "" );
 	$o = replace_macros(get_markup_template('zentity.tpl'), array(
--- a/mod/zfinger.php
+++ b/mod/zfinger.php
@ -4,23 +4,33 @@ function zfinger_init(&$a) {
 	require_once('include/zot.php');
-	$ret = array('success' => false, 'message' => '');
+	$ret = array('success' => false);
-	if(argc() > 1) {
+
-		$zguid = argv(1);
+	$zguid = ((x($_REQUEST,'guid')) ? $_REQUEST['guid'] : '');
 	$zaddr = ((x($_REQUEST,'address')) ? $_REQUEST['address'] : '');
 	$r = null;
 	if(strlen($zguid)) {
 		$r = q("select * from entity where entity_global_id = '%s' limit 1",
 			dbesc($zguid)
 		);
 			if(! ($r && count($r))) {
 				$ret['message'] = 'Item not found.';
 				json_return_and_die($ret);
 	}
 	elseif(strlen($zaddr)) {
 		$r = q("select * from entity where entity_address = '%s' limit 1",
 			dbesc($zaddr)
 		);
 	}
 	else {
 		$ret['message'] = 'Invalid request';
 		json_return_and_die($ret);
 	}
 	if(! ($r && count($r))) {
 		$ret['message'] = 'Item not found.';
 		json_return_and_die($ret);
 	}
 	$e = $r[0];
 	$ret['success'] = true;
@ -28,7 +38,10 @@ function zfinger_init(&$a) {
 	// Communication details
 	$ret['guid'] = $e['entity_global_id'];
-		$ret['key']  = $e['pubkey'];
+	$ret['guid_sig'] = base64url_encode($e['entity_global_id'],$e['entity_prvkey']);
 	$ret['key']  = $e['entity_pubkey'];
 	$ret['name'] = $e['entity_name'];
 	$ret['address'] = $e['entity_address'];
 	// array of (verified) hubs this entity uses
@ -40,6 +53,7 @@ function zfinger_init(&$a) {
 				$ret['hubs'][] = array(
 					'primary'  => (($hub['hubloc_flags'] & HUBLOC_FLAGS_PRIMARY) ? true : false),
 					'url'      => $hub['hubloc_url'],
 					'url_sig'  => base64url_encode($hub['hubloc_url'],$e['entity_prvkey']),
 					'callback' => $hub['hubloc_callback'],
 					'sitekey'  => $hub['hubloc_sitekey']
 				);
@ -53,6 +67,3 @@ function zfinger_init(&$a) {
 	json_return_and_die($ret);
 }
 	$ret['message'] = 'Item not found.';
 	json_return_and_die($ret);
 }
--- a/version.inc
+++ b/version.inc
@ -1 +1 @@
-2012-08-23.55
+2012-08-26.58
--- a/view/php/mod_zentity.php
+++ b/view/php/mod_zentity.php
@ -0,0 +1,3 @@
 <?php
 $a->page['template'] = 'full';
--- a/view/php/theme_init.php
+++ b/view/php/theme_init.php
@ -12,12 +12,12 @@ head_add_css('library/jslider/bin/jquery.slider.min.css');
 head_add_js('js/jquery.js');
-head_add_js('js/jquery.textinputsjs');
+head_add_js('js/jquery.textinputs.js');
 head_add_js('js/fk.autocomplete.js');
 head_add_js('library/fancybox/jquery.fancybox-1.3.4.pack.js');
 head_add_js('library/jquery.timeago.js');
 head_add_js('library/jquery.divgrow/jquery.divgrow-1.3.1.js');
-head_add_js('library/tiptip/jquery/tipTip.minified.js');
+head_add_js('library/tiptip/jquery.tipTip.minified.js');
 head_add_js('library/jgrowl/jquery.jgrowl_minimized.js');
 head_add_js('library/tinymce/jscripts/tiny_mce/tiny_mce_src.js');
 head_add_js('js/acl.js');
--- a/view/tpl/jot.tpl
+++ b/view/tpl/jot.tpl
@ -70,8 +70,6 @@
 		<div id="profile-jot-acl-wrapper" style="width:auto;height:auto;overflow:auto;">
 			$acl
 			<hr style="clear:both"/>
 			<div id="profile-jot-email-label">$emailcc</div><input type="text" name="emailcc" id="profile-jot-email" title="$emtitle" />
 			<div id="profile-jot-email-end"></div>
 			$jotnets
 		</div>
 	</div>
--- a/view/tpl/profile_vcard.tpl
+++ b/view/tpl/profile_vcard.tpl
@ -31,7 +31,6 @@
 	{{ if $homepage }}<dl class="homepage"><dt class="homepage-label">$homepage</dt><dd class="homepage-url"><a href="$profile.homepage" target="external-link">$profile.homepage</a></dd></dl>{{ endif }}
 	{{ inc diaspora_vcard.tpl }}{{ endinc }}
 	<div id="profile-extra-links">
 		<ul>
`@ -1152,7 +1152,7 @@ function generate_user_guid() {`



	`function base64url_encode($s, $strip_padding = false) {`	`function base64url_encode($s, $strip_padding = true) {`

	`$s = strtr(base64_encode($s),'+/','-_');`	`$s = strtr(base64_encode($s),'+/','-_');`