harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Some Doxygen comments and small cleanups.

Browse Source
This commit is contained in:
Klaus Weidenbach 2014-12-07 19:27:14 +01:00
parent f1367cb9f9
commit 63646a1440
6 changed files with 396 additions and 271 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

188
boot.php
View File

@ -27,7 +27,6 @@
* documented. * documented.
*/ */
require_once('include/config.php'); require_once('include/config.php');
require_once('include/network.php'); require_once('include/network.php');
require_once('include/plugin.php'); require_once('include/plugin.php');
@ -570,7 +569,7 @@ define ( 'ITEM_RSS', 0x8000); // Item comes from a feed. Use this t
define ( 'DBTYPE_MYSQL', 0 ); define ( 'DBTYPE_MYSQL', 0 );
define ( 'DBTYPE_POSTGRES', 1 ); define ( 'DBTYPE_POSTGRES', 1 );
/** /**
* *
* Reverse the effect of magic_quotes_gpc if it is enabled. * Reverse the effect of magic_quotes_gpc if it is enabled.
@ -614,10 +613,10 @@ function startup() {
} }
/** /**
*
* class: App * class: App
* *
* Our main application structure for the life of this page * @brief Our main application structure for the life of this page.
*
* Primarily deals with the URL that got us here * Primarily deals with the URL that got us here
* and tries to make some sense of it, and * and tries to make some sense of it, and
* stores our page contents and config storage * stores our page contents and config storage
@ -683,11 +682,15 @@ class App {
public $force_max_items = 0; public $force_max_items = 0;
public $theme_thread_allow = true; public $theme_thread_allow = true;
// An array for all theme-controllable parameters /**
// Mostly unimplemented yet. Only options 'template_engine' and * @brief An array for all theme-controllable parameters
// beyond are used. *
* Mostly unimplemented yet. Only options 'template_engine' and
private $theme = array( * beyond are used.
*
* @var array
*/
private $theme = array(
'sourcename' => '', 'sourcename' => '',
'videowidth' => 425, 'videowidth' => 425,
'videoheight' => 350, 'videoheight' => 350,
@ -697,9 +700,17 @@ class App {
'template_engine' => 'smarty3', 'template_engine' => 'smarty3',
); );
// array of registered template engines ('name'=>'class name') /**
* array of registered template engines ('name'=>'class name')
*
* @var array
*/
public $template_engines = array(); public $template_engines = array();
// array of instanced template engines ('name'=>'instance') /**
* array of instanced template engines ('name'=>'instance')
*
* @var array
*/
public $template_engine_instance = array(); public $template_engine_instance = array();
private $ldelim = array( private $ldelim = array(
@ -716,7 +727,9 @@ class App {
private $baseurl; private $baseurl;
private $path; private $path;
/**
* App constructor.
*/
function __construct() { function __construct() {
// we'll reset this after we read our config file // we'll reset this after we read our config file
date_default_timezone_set('UTC'); date_default_timezone_set('UTC');
@ -759,8 +772,8 @@ class App {
set_include_path("include/$this->hostname" . PATH_SEPARATOR . get_include_path()); set_include_path("include/$this->hostname" . PATH_SEPARATOR . get_include_path());
if((x($_SERVER,'QUERY_STRING')) && substr($_SERVER['QUERY_STRING'],0,2) === "q=") { if((x($_SERVER,'QUERY_STRING')) && substr($_SERVER['QUERY_STRING'], 0, 2) === "q=") {
$this->query_string = substr($_SERVER['QUERY_STRING'],2); $this->query_string = substr($_SERVER['QUERY_STRING'], 2);
// removing trailing / - maybe a nginx problem // removing trailing / - maybe a nginx problem
if (substr($this->query_string, 0, 1) == "/") if (substr($this->query_string, 0, 1) == "/")
$this->query_string = substr($this->query_string, 1); $this->query_string = substr($this->query_string, 1);
@ -770,8 +783,8 @@ class App {
// unix style "homedir" // unix style "homedir"
if(substr($this->cmd,0,1) === '~') if(substr($this->cmd, 0, 1) === '~')
$this->cmd = 'channel/' . substr($this->cmd,1); $this->cmd = 'channel/' . substr($this->cmd, 1);
/** /**
@ -855,7 +868,6 @@ class App {
} }
function set_baseurl($url) { function set_baseurl($url) {
if(is_array($this->config) if(is_array($this->config)
&& array_key_exists('system',$this->config) && array_key_exists('system',$this->config)
&& is_array($this->config['system']) && is_array($this->config['system'])
@ -888,7 +900,7 @@ class App {
} }
function set_path($p) { function set_path($p) {
$this->path = trim(trim($p),'/'); $this->path = trim(trim($p), '/');
} }
function get_path() { function get_path() {
@ -1030,6 +1042,7 @@ class App {
* return engine defined by theme, or default * return engine defined by theme, or default
* *
* @param string $name Template engine name * @param string $name Template engine name
*
* @return object Template Engine instance * @return object Template Engine instance
*/ */
function template_engine($name = ''){ function template_engine($name = ''){
@ -1056,6 +1069,11 @@ class App {
echo "template engine <tt>$template_engine</tt> is not registered!\n"; killme(); echo "template engine <tt>$template_engine</tt> is not registered!\n"; killme();
} }
/**
* @brief Returns the active template engine.
*
* @return string
*/
function get_template_engine() { function get_template_engine() {
return $this->theme['template_engine']; return $this->theme['template_engine'];
} }
@ -1097,9 +1115,13 @@ class App {
} // End App class } // End App class
// retrieve the App structure /**
// useful in functions which require it but don't get it passed to them * @brief Retrieve the App structure.
*
* Useful in functions which require it but don't get it passed to them
*
* @return App
*/
function get_app() { function get_app() {
global $a; global $a;
return $a; return $a;
@ -1117,7 +1139,8 @@ function get_app() {
* *
* @param string|array $s variable to check * @param string|array $s variable to check
* @param string $k key inside the array to check * @param string $k key inside the array to check
* @return bool *
* @return bool|int
*/ */
function x($s, $k = null) { function x($s, $k = null) {
if($k != null) { if($k != null) {
@ -1167,24 +1190,43 @@ function z_path() {
return $base; return $base;
} }
/**
* @brief Returns the baseurl.
*
* @see App::get_baseurl()
*
* @return string
*/
function z_root() { function z_root() {
global $a; global $a;
return $a->get_baseurl(); return $a->get_baseurl();
} }
/**
* @brief Return absolut URL for given $path.
*
* @param string $path
*
* @return string
*/
function absurl($path) { function absurl($path) {
if(strpos($path,'/') === 0) if(strpos($path, '/') === 0)
return z_path() . $path; return z_path() . $path;
return $path; return $path;
} }
function os_mkdir($path,$mode = 0777,$recursive = false) { function os_mkdir($path, $mode = 0777, $recursive = false) {
$oldumask = @umask(0); $oldumask = @umask(0);
@mkdir($path, $mode, $recursive); @mkdir($path, $mode, $recursive);
@umask($oldumask); @umask($oldumask);
} }
/**
* @brief Function to check if request was an AJAX (xmlhttprequest) request.
*
* @return boolean
*/
function is_ajax() { function is_ajax() {
return (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest'); return (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest');
} }
@ -1332,11 +1374,11 @@ function check_config(&$a) {
else else
$installed = array(); $installed = array();
$plugins = get_config('system','addon'); $plugins = get_config('system', 'addon');
$plugins_arr = array(); $plugins_arr = array();
if($plugins) if($plugins)
$plugins_arr = explode(',',str_replace(' ', '',$plugins)); $plugins_arr = explode(',', str_replace(' ', '', $plugins));
$a->plugins = $plugins_arr; $a->plugins = $plugins_arr;
@ -1344,7 +1386,7 @@ function check_config(&$a) {
if(count($installed)) { if(count($installed)) {
foreach($installed as $i) { foreach($installed as $i) {
if(! in_array($i['name'],$plugins_arr)) { if(! in_array($i['name'], $plugins_arr)) {
unload_plugin($i['name']); unload_plugin($i['name']);
} }
else { else {
@ -1355,7 +1397,7 @@ function check_config(&$a) {
if(count($plugins_arr)) { if(count($plugins_arr)) {
foreach($plugins_arr as $p) { foreach($plugins_arr as $p) {
if(! in_array($p,$installed_arr)) { if(! in_array($p, $installed_arr)) {
load_plugin($p); load_plugin($p);
} }
} }
@ -1365,7 +1407,7 @@ function check_config(&$a) {
} }
function fix_system_urls($oldurl,$newurl) { function fix_system_urls($oldurl, $newurl) {
require_once('include/crypto.php'); require_once('include/crypto.php');
@ -1456,7 +1498,7 @@ function login($register = false, $form_id = 'main-login', $hiddens=false) {
$a = get_app(); $a = get_app();
$o = ''; $o = '';
$reg = false; $reg = false;
$reglink = get_config('system','register_link'); $reglink = get_config('system', 'register_link');
if(! strlen($reglink)) if(! strlen($reglink))
$reglink = 'register'; $reglink = 'register';
@ -1472,7 +1514,7 @@ function login($register = false, $form_id = 'main-login', $hiddens=false) {
$tpl = get_markup_template("logout.tpl"); $tpl = get_markup_template("logout.tpl");
} }
else { else {
$a->page['htmlhead'] .= replace_macros(get_markup_template("login_head.tpl"),array( $a->page['htmlhead'] .= replace_macros(get_markup_template("login_head.tpl"), array(
'$baseurl' => $a->get_baseurl(true) '$baseurl' => $a->get_baseurl(true)
)); ));
@ -1501,16 +1543,17 @@ function login($register = false, $form_id = 'main-login', $hiddens=false) {
} }
// Used to end the current process, after saving session state. /**
* @brief Used to end the current process, after saving session state.
*/
function killme() { function killme() {
session_write_close(); session_write_close();
exit; exit;
} }
/**
// redirect to another URL and terminate this process. * @brief Redirect to another URL and terminate this process.
*/
function goaway($s) { function goaway($s) {
header("Location: $s"); header("Location: $s");
killme(); killme();
@ -1532,7 +1575,7 @@ function get_account_id() {
} }
/** /**
* @brief Returns the entity id of locally logged in user or false. * @brief Returns the entity id (channel_id) of locally logged in user or false.
* *
* Returns authenticated numeric channel_id if authenticated and connected to * Returns authenticated numeric channel_id if authenticated and connected to
* a channel or 0. Sometimes referred to as $uid in the code. * a channel or 0. Sometimes referred to as $uid in the code.
@ -1546,22 +1589,28 @@ function local_user() {
return false; return false;
} }
/**
// Returns contact id of authenticated site visitor or false * @brief Returns contact id (visitor_id) of authenticated site visitor or false.
*
* @return int|bool visitor_id or false
*/
function remote_user() { function remote_user() {
if((x($_SESSION,'authenticated')) && (x($_SESSION,'visitor_id'))) if((x($_SESSION, 'authenticated')) && (x($_SESSION, 'visitor_id')))
return $_SESSION['visitor_id']; return $_SESSION['visitor_id'];
return false; return false;
} }
/**
// contents of $s are displayed prominently on the page the next time * Contents of $s are displayed prominently on the page the next time
// a page is loaded. Usually used for errors or alerts. * a page is loaded. Usually used for errors or alerts.
*
* @param string $s Text to display
*/
function notice($s) { function notice($s) {
$a = get_app(); $a = get_app();
if(! x($_SESSION, 'sysmsg')) $_SESSION['sysmsg'] = array(); if(! x($_SESSION, 'sysmsg')) $_SESSION['sysmsg'] = array();
if($a->interactive) { if($a->interactive) {
// shameless plug, permission is denied and they have no identity. // shameless plug, permission is denied and they have no identity.
// There's a fairly good chance that they've not got zot. // There's a fairly good chance that they've not got zot.
@ -1572,7 +1621,13 @@ function notice($s) {
} }
} }
/**
* Contents of $s are displayed prominently on the page the next time a page is
* loaded. Usually used for information.
* For error and alerts use notice().
*
* @param string $s Text to display
*/
function info($s) { function info($s) {
$a = get_app(); $a = get_app();
if(! x($_SESSION, 'sysmsg_info')) $_SESSION['sysmsg_info'] = array(); if(! x($_SESSION, 'sysmsg_info')) $_SESSION['sysmsg_info'] = array();
@ -1736,13 +1791,19 @@ function current_theme(){
/** /**
* Return full URL to theme which is currently in effect. * @brief Return full URL to theme which is currently in effect.
*
* Provide a sane default if nothing is chosen or the specified theme does not exist. * Provide a sane default if nothing is chosen or the specified theme does not exist.
*
* @param bool $installing default false
*
* @return string
*/ */
function current_theme_url($installing = false) { function current_theme_url($installing = false) {
global $a; global $a;
$t = current_theme(); $t = current_theme();
$opts = ''; $opts = '';
$opts = (($a->profile_uid) ? '?f=&puid=' . $a->profile_uid : ''); $opts = (($a->profile_uid) ? '?f=&puid=' . $a->profile_uid : '');
$opts .= ((x($a->layout,'schema')) ? '&schema=' . $a->layout['schema'] : ''); $opts .= ((x($a->layout,'schema')) ? '&schema=' . $a->layout['schema'] : '');
@ -1761,10 +1822,12 @@ function current_theme_url($installing = false) {
*/ */
function is_site_admin() { function is_site_admin() {
$a = get_app(); $a = get_app();
if((intval($_SESSION['authenticated'])) if((intval($_SESSION['authenticated']))
&& (is_array($a->account)) && (is_array($a->account))
&& ($a->account['account_roles'] & ACCOUNT_ROLE_ADMIN)) && ($a->account['account_roles'] & ACCOUNT_ROLE_ADMIN))
return true; return true;
return false; return false;
} }
@ -1816,6 +1879,7 @@ function load_contact_links($uid) {
* *
* @param array $params mapped array with query parameters * @param array $params mapped array with query parameters
* @param string $name of parameter, default null * @param string $name of parameter, default null
*
* @return string * @return string
*/ */
function build_querystring($params, $name = null) { function build_querystring($params, $name = null) {
@ -1857,6 +1921,11 @@ function dba_timer() {
return microtime(true); return microtime(true);
} }
/**
* @brief Returns xchan_hash from the observer.
*
* @return string Empty if no observer, otherwise xchan_hash from observer
*/
function get_observer_hash() { function get_observer_hash() {
$observer = get_app()->get_observer(); $observer = get_app()->get_observer();
if(is_array($observer)) if(is_array($observer))
@ -1892,6 +1961,7 @@ function curPageURL() {
* *
* @param App $a global application object * @param App $a global application object
* @param string $navname * @param string $navname
*
* @return mixed * @return mixed
*/ */
function get_custom_nav(&$a, $navname) { function get_custom_nav(&$a, $navname) {
@ -2043,12 +2113,20 @@ function construct_page(&$a) {
); );
} }
/**
* @brief Returns RedMatrix's root directory.
*
* @return string
*/
function appdirpath() { function appdirpath() {
return dirname(__FILE__); return dirname(__FILE__);
} }
/**
* @brief Set a pageicon.
*
* @param string $icon
*/
function head_set_icon($icon) { function head_set_icon($icon) {
global $a; global $a;
@ -2056,6 +2134,11 @@ function head_set_icon($icon) {
// logger('head_set_icon: ' . $icon); // logger('head_set_icon: ' . $icon);
} }
/**
* @brief Get the pageicon.
*
* @return string absolut path to pageicon
*/
function head_get_icon() { function head_get_icon() {
global $a; global $a;
@ -2066,6 +2149,11 @@ function head_get_icon() {
return $icon; return $icon;
} }
/**
* @brief Return the Realm of the directory.
*
* @return string
*/
function get_directory_realm() { function get_directory_realm() {
if($x = get_config('system', 'directory_realm')) if($x = get_config('system', 'directory_realm'))
return $x; return $x;

38
include/Import/Importer.php
View File

@ -1,26 +1,28 @@
<?php /** @file */ <?php /** @file */
namespace Redmatrix\Import; namespace RedMatrix\Import;
/**
* @brief Class Import
*
* @package RedMatrix\Import
*/
class Import { class Import {
$credentials = null; private $credentials = null;
$itemlist = null;
$src_items = null;
$items = null; protected $itemlist = null;
protected $src_items = null;
protected $items = null;
function get_credentials() { function get_credentials() {
return $this->credentials;
} }
function get_itemlist() { function get_itemlist() {
return $this->itemlist;
} }
function get_item_ident($item) { function get_item_ident($item) {
} }
@ -43,19 +45,17 @@ class Import {
function convert_taxonomy($item_ident) { function convert_taxonomy($item_ident) {
} }
function convert_child($child) { function convert_child($child) {
} }
function store($item,$update = false) { function store($item, $update = false) {
} }
function run() { function run() {
$this->credentials = $this->get_credentials(); $this->credentials = $this->get_credentials();
$this->itemlist = $this->get_itemlist(); $this->itemlist = $this->get_itemlist();
if($this->itemlist) { if($this->itemlist) {
@ -77,18 +77,6 @@ class Import {
} }
$cnt ++; $cnt ++;
} }
} }
} }
} }

2
include/Import/refimport.php
View File

@ -13,8 +13,6 @@ require_once('include/hubloc.php');
// with a browser until all the posts had been imported. // with a browser until all the posts had been imported.
define('REDMATRIX_IMPORTCHANNEL','mike'); define('REDMATRIX_IMPORTCHANNEL','mike');
define('REFLECT_EXPORTUSERNAME','mike'); define('REFLECT_EXPORTUSERNAME','mike');
define('REFLECT_BLOGNAME','Diary and Other Rantings'); define('REFLECT_BLOGNAME','Diary and Other Rantings');

166
include/permissions.php
View File

@ -1,6 +1,19 @@
<?php /** @file */ <?php
/**
* @file incldue/permissions.php
*
* This file conntains functions to check and work with permissions.
*/
/**
* @brief Return an array with all available permissions.
*
* These are channel specific permissions.
* The list of available permissions can get manipulated by the <i>hook</i>
* <b>global_permissions</b>.
*
* @return array associative array containing all permissions
*/
function get_perms() { function get_perms() {
// thinking about making element[2] a bitmask instead of boolean so that we can provide a list of applicable selections // thinking about making element[2] a bitmask instead of boolean so that we can provide a list of applicable selections
@ -14,8 +27,8 @@ function get_perms() {
'view_profile' => array('channel_r_profile', intval(PERMS_R_PROFILE), true, t('Can view my default channel profile'), ''), 'view_profile' => array('channel_r_profile', intval(PERMS_R_PROFILE), true, t('Can view my default channel profile'), ''),
'view_photos' => array('channel_r_photos', intval(PERMS_R_PHOTOS), true, t('Can view my photo albums'), ''), 'view_photos' => array('channel_r_photos', intval(PERMS_R_PHOTOS), true, t('Can view my photo albums'), ''),
'view_contacts' => array('channel_r_abook', intval(PERMS_R_ABOOK), true, t('Can view my connections'), ''), 'view_contacts' => array('channel_r_abook', intval(PERMS_R_ABOOK), true, t('Can view my connections'), ''),
'view_storage' => array('channel_r_storage', intval(PERMS_R_STORAGE), true, t('Can view my file storage'), ''), 'view_storage' => array('channel_r_storage', intval(PERMS_R_STORAGE), true, t('Can view my file storage'), ''),
'view_pages' => array('channel_r_pages', intval(PERMS_R_PAGES), true, t('Can view my webpages'), ''), 'view_pages' => array('channel_r_pages', intval(PERMS_R_PAGES), true, t('Can view my webpages'), ''),
// Write permissions // Write permissions
'send_stream' => array('channel_w_stream', intval(PERMS_W_STREAM), false, t('Can send me their channel stream and posts'), ''), 'send_stream' => array('channel_w_stream', intval(PERMS_W_STREAM), false, t('Can send me their channel stream and posts'), ''),
@ -23,19 +36,20 @@ function get_perms() {
'post_comments' => array('channel_w_comment', intval(PERMS_W_COMMENT), false, t('Can comment on or like my posts'), ''), 'post_comments' => array('channel_w_comment', intval(PERMS_W_COMMENT), false, t('Can comment on or like my posts'), ''),
'post_mail' => array('channel_w_mail', intval(PERMS_W_MAIL), false, t('Can send me private mail messages'), ''), 'post_mail' => array('channel_w_mail', intval(PERMS_W_MAIL), false, t('Can send me private mail messages'), ''),
'post_photos' => array('channel_w_photos', intval(PERMS_W_PHOTOS), false, t('Can post photos to my photo albums'), ''), 'post_photos' => array('channel_w_photos', intval(PERMS_W_PHOTOS), false, t('Can post photos to my photo albums'), ''),
'post_like' => array('channel_w_like', intval(PERMS_W_LIKE), false, t('Can like/dislike stuff'), t('Profiles and things other than posts/comments')), 'post_like' => array('channel_w_like', intval(PERMS_W_LIKE), false, t('Can like/dislike stuff'), t('Profiles and things other than posts/comments')),
'tag_deliver' => array('channel_w_tagwall', intval(PERMS_W_TAGWALL), false, t('Can forward to all my channel contacts via post @mentions'), t('Advanced - useful for creating group forum channels')), 'tag_deliver' => array('channel_w_tagwall', intval(PERMS_W_TAGWALL), false, t('Can forward to all my channel contacts via post @mentions'), t('Advanced - useful for creating group forum channels')),
'chat' => array('channel_w_chat', intval(PERMS_W_CHAT), false, t('Can chat with me (when available)'), t('')), 'chat' => array('channel_w_chat', intval(PERMS_W_CHAT), false, t('Can chat with me (when available)'), t('')),
'write_storage' => array('channel_w_storage', intval(PERMS_W_STORAGE), false, t('Can write to my file storage'), ''), 'write_storage' => array('channel_w_storage', intval(PERMS_W_STORAGE), false, t('Can write to my file storage'), ''),
'write_pages' => array('channel_w_pages', intval(PERMS_W_PAGES), false, t('Can edit my webpages'), ''), 'write_pages' => array('channel_w_pages', intval(PERMS_W_PAGES), false, t('Can edit my webpages'), ''),
'republish' => array('channel_a_republish', intval(PERMS_A_REPUBLISH), false, t('Can source my public posts in derived channels'), t('Somewhat advanced - very useful in open communities')), 'republish' => array('channel_a_republish', intval(PERMS_A_REPUBLISH), false, t('Can source my public posts in derived channels'), t('Somewhat advanced - very useful in open communities')),
'delegate' => array('channel_a_delegate', intval(PERMS_A_DELEGATE), false, t('Can administer my channel resources'), t('Extremely advanced. Leave this alone unless you know what you are doing')), 'delegate' => array('channel_a_delegate', intval(PERMS_A_DELEGATE), false, t('Can administer my channel resources'), t('Extremely advanced. Leave this alone unless you know what you are doing')),
); );
$ret = array('global_permissions' => $global_perms); $ret = array('global_permissions' => $global_perms);
call_hooks('global_permissions',$ret); call_hooks('global_permissions', $ret);
return $ret['global_permissions']; return $ret['global_permissions'];
} }
@ -43,13 +57,13 @@ function get_perms() {
/** /**
* get_all_perms($uid,$observer_xchan) * get_all_perms($uid,$observer_xchan)
* *
* @param $uid : The channel_id associated with the resource owner * @param int $uid The channel_id associated with the resource owner
* @param $observer_xchan: The xchan_hash representing the observer * @param string $observer_xchan The xchan_hash representing the observer
* @param bool $internal_use (default true)
* *
* @returns: array of all permissions, key is permission name, value is true or false * @returns array of all permissions, key is permission name, value is true or false
*/ */
function get_all_perms($uid, $observer_xchan, $internal_use = true) {
function get_all_perms($uid,$observer_xchan,$internal_use = true) {
$global_perms = get_perms(); $global_perms = get_perms();
@ -85,7 +99,6 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
continue; continue;
} }
// Next we're going to check for blocked or ignored contacts. // Next we're going to check for blocked or ignored contacts.
// These take priority over all other settings. // These take priority over all other settings.
@ -94,7 +107,7 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
$ret[$perm_name] = true; $ret[$perm_name] = true;
continue; continue;
} }
if(! $abook_checked) { if(! $abook_checked) {
$x = q("select abook_my_perms, abook_flags, xchan_network from abook left join xchan on abook_xchan = xchan_hash $x = q("select abook_my_perms, abook_flags, xchan_network from abook left join xchan on abook_xchan = xchan_hash
where abook_channel = %d and abook_xchan = '%s' and not ( abook_flags & %d )>0 limit 1", where abook_channel = %d and abook_xchan = '%s' and not ( abook_flags & %d )>0 limit 1",
@ -105,7 +118,7 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
if(! $x) { if(! $x) {
// not in address book, see if they've got an xchan // not in address book, see if they've got an xchan
$y = q("select xchan_network from xchan where xchan_hash = '%s' limit 1", $y = q("select xchan_network from xchan where xchan_hash = '%s' limit 1",
dbesc($observer_xchan) dbesc($observer_xchan)
); );
} }
@ -113,7 +126,7 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
} }
// If they're blocked - they can't read or write // If they're blocked - they can't read or write
if(($x) && ($x[0]['abook_flags'] & ABOOK_FLAG_BLOCKED)) { if(($x) && ($x[0]['abook_flags'] & ABOOK_FLAG_BLOCKED)) {
$ret[$perm_name] = false; $ret[$perm_name] = false;
continue; continue;
@ -130,7 +143,7 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
// system is blocked to anybody who is not authenticated // system is blocked to anybody who is not authenticated
if((! $observer_xchan) && intval(get_config('system','block_public'))) { if((! $observer_xchan) && intval(get_config('system', 'block_public'))) {
$ret[$perm_name] = false; $ret[$perm_name] = false;
continue; continue;
} }
@ -177,14 +190,14 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
$onsite_checked = true; $onsite_checked = true;
} }
if($c) if($c)
$ret[$perm_name] = true; $ret[$perm_name] = true;
else else
$ret[$perm_name] = false; $ret[$perm_name] = false;
continue; continue;
} }
// From here on we require that the observer be a connection and // From here on we require that the observer be a connection and
// handle whether we're allowing any, approved or specific ones // handle whether we're allowing any, approved or specific ones
@ -226,7 +239,6 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
$ret[$perm_name] = false; $ret[$perm_name] = false;
continue; continue;
} }
$arr = array( $arr = array(
@ -235,11 +247,23 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
'permissions' => $ret); 'permissions' => $ret);
call_hooks('get_all_perms',$arr); call_hooks('get_all_perms',$arr);
return $arr['permissions']; return $arr['permissions'];
} }
/**
function perm_is_allowed($uid,$observer_xchan,$permission) { * @brief Checks if given permission is allowed for given observer on a channel.
*
* Checks if the given observer with the hash $observer_xchan has permission
* $permission on channel_id $uid.
* $permission is one defined in get_perms();
*
* @param int $uid The channel_id associated with the resource owner
* @param string $observer_xchan The xchan_hash representing the observer
* @param string $permission
* @return bool true if permission is allowed for observer on channel
*/
function perm_is_allowed($uid, $observer_xchan, $permission) {
$arr = array( $arr = array(
'channel_id' => $uid, 'channel_id' => $uid,
@ -247,7 +271,7 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
'permission' => $permission, 'permission' => $permission,
'result' => false); 'result' => false);
call_hooks('perm_is_allowed',$arr); call_hooks('perm_is_allowed', $arr);
if($arr['result']) if($arr['result'])
return true; return true;
@ -279,21 +303,21 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
if(($x) && ($x[0]['abook_flags'] & ABOOK_FLAG_BLOCKED)) if(($x) && ($x[0]['abook_flags'] & ABOOK_FLAG_BLOCKED))
return false; return false;
if(($x) && (! $global_perms[$permission][2]) && ($x[0]['abook_flags'] & ABOOK_FLAG_IGNORED)) if(($x) && (! $global_perms[$permission][2]) && ($x[0]['abook_flags'] & ABOOK_FLAG_IGNORED))
return false; return false;
if(! $x) { if(! $x) {
// not in address book, see if they've got an xchan // not in address book, see if they've got an xchan
$y = q("select xchan_network from xchan where xchan_hash = '%s' limit 1", $y = q("select xchan_network from xchan where xchan_hash = '%s' limit 1",
dbesc($observer_xchan) dbesc($observer_xchan)
); );
} }
} }
// system is blocked to anybody who is not authenticated // system is blocked to anybody who is not authenticated
if((! $observer_xchan) && intval(get_config('system','block_public'))) if((! $observer_xchan) && intval(get_config('system', 'block_public')))
return false; return false;
// Check if this $uid is actually the $observer_xchan // Check if this $uid is actually the $observer_xchan
@ -301,7 +325,6 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
if($r[0]['channel_hash'] === $observer_xchan) if($r[0]['channel_hash'] === $observer_xchan)
return true; return true;
if($r[0][$channel_perm] & PERMS_PUBLIC) if($r[0][$channel_perm] & PERMS_PUBLIC)
return true; return true;
@ -326,6 +349,7 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
); );
if($c) if($c)
return true; return true;
return false; return false;
} }
@ -361,25 +385,32 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
// No permissions allowed. // No permissions allowed.
return false; return false;
} }
// Check a simple array of observers against a permissions // Check a simple array of observers against a permissions
// return a simple array of those with permission // return a simple array of those with permission
function check_list_permissions($uid,$arr,$perm) { function check_list_permissions($uid, $arr, $perm) {
$result = array(); $result = array();
if($arr) if($arr)
foreach($arr as $x) foreach($arr as $x)
if(perm_is_allowed($uid,$x,$perm)) if(perm_is_allowed($uid, $x, $perm))
$result[] = $x; $result[] = $x;
return($result); return($result);
} }
/**
* @brief Sets site wide default permissions.
*
* @return array
*/
function site_default_perms() { function site_default_perms() {
$ret = array();
$typical = array( $typical = array(
'view_stream' => PERMS_PUBLIC, 'view_stream' => PERMS_PUBLIC,
'view_profile' => PERMS_PUBLIC, 'view_profile' => PERMS_PUBLIC,
@ -401,14 +432,14 @@ function site_default_perms() {
); );
$global_perms = get_perms(); $global_perms = get_perms();
$ret = array();
foreach($global_perms as $perm => $v) { foreach($global_perms as $perm => $v) {
$x = get_config('default_perms',$perm); $x = get_config('default_perms', $perm);
if($x === false) if($x === false)
$x = $typical[$perm]; $x = $typical[$perm];
$ret[$perm] = $x; $ret[$perm] = $x;
} }
return $ret; return $ret;
} }
@ -449,7 +480,7 @@ function get_role_perms($role) {
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE; |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC; $ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC; $ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_photos'] = PERMS_PUBLIC; $ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC; $ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = PERMS_CONTACTS; $ret['channel_w_stream'] = PERMS_CONTACTS;
$ret['channel_w_wall'] = PERMS_CONTACTS; $ret['channel_w_wall'] = PERMS_CONTACTS;
@ -465,9 +496,8 @@ function get_role_perms($role) {
$ret['channel_w_pages'] = 0; $ret['channel_w_pages'] = 0;
$ret['channel_a_republish'] = PERMS_SPECIFIC; $ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_NETWORK; $ret['channel_w_like'] = PERMS_NETWORK;
break;
break;
case 'social_restricted': case 'social_restricted':
$ret['perms_auto'] = false; $ret['perms_auto'] = false;
@ -482,7 +512,7 @@ function get_role_perms($role) {
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE; |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC; $ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC; $ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_photos'] = PERMS_PUBLIC; $ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC; $ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = PERMS_CONTACTS; $ret['channel_w_stream'] = PERMS_CONTACTS;
$ret['channel_w_wall'] = PERMS_CONTACTS; $ret['channel_w_wall'] = PERMS_CONTACTS;
@ -498,9 +528,8 @@ function get_role_perms($role) {
$ret['channel_w_pages'] = 0; $ret['channel_w_pages'] = 0;
$ret['channel_a_republish'] = PERMS_SPECIFIC; $ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_CONTACTS; $ret['channel_w_like'] = PERMS_CONTACTS;
break;
break;
case 'social_private': case 'social_private':
$ret['perms_auto'] = false; $ret['perms_auto'] = false;
@ -515,7 +544,7 @@ function get_role_perms($role) {
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE; |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC; $ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC; $ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_photos'] = PERMS_PUBLIC; $ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_CONTACTS; $ret['channel_r_abook'] = PERMS_CONTACTS;
$ret['channel_w_stream'] = PERMS_CONTACTS; $ret['channel_w_stream'] = PERMS_CONTACTS;
$ret['channel_w_wall'] = PERMS_CONTACTS; $ret['channel_w_wall'] = PERMS_CONTACTS;
@ -531,7 +560,7 @@ function get_role_perms($role) {
$ret['channel_w_pages'] = 0; $ret['channel_w_pages'] = 0;
$ret['channel_a_republish'] = PERMS_SPECIFIC; $ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_CONTACTS; $ret['channel_w_like'] = PERMS_CONTACTS;
break; break;
case 'forum': case 'forum':
@ -547,7 +576,7 @@ function get_role_perms($role) {
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE|PERMS_W_TAGWALL; |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE|PERMS_W_TAGWALL;
$ret['channel_r_stream'] = PERMS_PUBLIC; $ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC; $ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_photos'] = PERMS_PUBLIC; $ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC; $ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = 0; $ret['channel_w_stream'] = 0;
$ret['channel_w_wall'] = PERMS_CONTACTS; $ret['channel_w_wall'] = PERMS_CONTACTS;
@ -563,7 +592,7 @@ function get_role_perms($role) {
$ret['channel_w_pages'] = 0; $ret['channel_w_pages'] = 0;
$ret['channel_a_republish'] = PERMS_SPECIFIC; $ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_NETWORK; $ret['channel_w_like'] = PERMS_NETWORK;
break; break;
case 'forum_restricted': case 'forum_restricted':
@ -579,7 +608,7 @@ function get_role_perms($role) {
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE|PERMS_W_TAGWALL; |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE|PERMS_W_TAGWALL;
$ret['channel_r_stream'] = PERMS_PUBLIC; $ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC; $ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_photos'] = PERMS_PUBLIC; $ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC; $ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = 0; $ret['channel_w_stream'] = 0;
$ret['channel_w_wall'] = PERMS_CONTACTS; $ret['channel_w_wall'] = PERMS_CONTACTS;
@ -595,9 +624,8 @@ function get_role_perms($role) {
$ret['channel_w_pages'] = 0; $ret['channel_w_pages'] = 0;
$ret['channel_a_republish'] = PERMS_SPECIFIC; $ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_CONTACTS; $ret['channel_w_like'] = PERMS_CONTACTS;
break;
break;
case 'forum_private': case 'forum_private':
$ret['perms_auto'] = false; $ret['perms_auto'] = false;
@ -612,7 +640,7 @@ function get_role_perms($role) {
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE; |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC; $ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_CONTACTS; $ret['channel_r_profile'] = PERMS_CONTACTS;
$ret['channel_r_photos'] = PERMS_CONTACTS; $ret['channel_r_photos'] = PERMS_CONTACTS;
$ret['channel_r_abook'] = PERMS_CONTACTS; $ret['channel_r_abook'] = PERMS_CONTACTS;
$ret['channel_w_stream'] = 0; $ret['channel_w_stream'] = 0;
$ret['channel_w_wall'] = PERMS_CONTACTS; $ret['channel_w_wall'] = PERMS_CONTACTS;
@ -628,7 +656,7 @@ function get_role_perms($role) {
$ret['channel_w_pages'] = 0; $ret['channel_w_pages'] = 0;
$ret['channel_a_republish'] = PERMS_SPECIFIC; $ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_CONTACTS; $ret['channel_w_like'] = PERMS_CONTACTS;
break; break;
case 'feed': case 'feed':
@ -644,7 +672,7 @@ function get_role_perms($role) {
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE; |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC; $ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC; $ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_photos'] = PERMS_PUBLIC; $ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC; $ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = PERMS_CONTACTS; $ret['channel_w_stream'] = PERMS_CONTACTS;
$ret['channel_w_wall'] = PERMS_CONTACTS; $ret['channel_w_wall'] = PERMS_CONTACTS;
@ -660,11 +688,10 @@ function get_role_perms($role) {
$ret['channel_w_pages'] = 0; $ret['channel_w_pages'] = 0;
$ret['channel_a_republish'] = PERMS_NETWORK; $ret['channel_a_republish'] = PERMS_NETWORK;
$ret['channel_w_like'] = PERMS_NETWORK; $ret['channel_w_like'] = PERMS_NETWORK;
break; break;
case 'feed_restricted': case 'feed_restricted':
$ret['perms_auto'] = false; $ret['perms_auto'] = false;
$ret['default_collection'] = true; $ret['default_collection'] = true;
$ret['directory_publish'] = false; $ret['directory_publish'] = false;
@ -677,7 +704,7 @@ function get_role_perms($role) {
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE; |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC; $ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC; $ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_photos'] = PERMS_PUBLIC; $ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC; $ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = PERMS_CONTACTS; $ret['channel_w_stream'] = PERMS_CONTACTS;
$ret['channel_w_wall'] = PERMS_CONTACTS; $ret['channel_w_wall'] = PERMS_CONTACTS;
@ -693,7 +720,7 @@ function get_role_perms($role) {
$ret['channel_w_pages'] = 0; $ret['channel_w_pages'] = 0;
$ret['channel_a_republish'] = PERMS_SPECIFIC; $ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_NETWORK; $ret['channel_w_like'] = PERMS_NETWORK;
break; break;
case 'soapbox': case 'soapbox':
@ -707,7 +734,7 @@ function get_role_perms($role) {
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE; |PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC; $ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC; $ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_photos'] = PERMS_PUBLIC; $ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC; $ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = 0; $ret['channel_w_stream'] = 0;
$ret['channel_w_wall'] = 0; $ret['channel_w_wall'] = 0;
@ -723,7 +750,7 @@ function get_role_perms($role) {
$ret['channel_w_pages'] = 0; $ret['channel_w_pages'] = 0;
$ret['channel_a_republish'] = PERMS_SPECIFIC; $ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_NETWORK; $ret['channel_w_like'] = PERMS_NETWORK;
break; break;
case 'repository': case 'repository':
@ -755,14 +782,11 @@ function get_role_perms($role) {
$ret['channel_w_pages'] = PERMS_CONTACTS; $ret['channel_w_pages'] = PERMS_CONTACTS;
$ret['channel_a_republish'] = PERMS_SPECIFIC; $ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_NETWORK; $ret['channel_w_like'] = PERMS_NETWORK;
break; break;
default: default:
break; break;
} }
$x = get_config('system','role_perms'); $x = get_config('system','role_perms');
@ -775,7 +799,12 @@ function get_role_perms($role) {
return $ret; return $ret;
} }
/**
* @brief Creates a HTML select field with all available roles.
*
* @param string $current The current role
* @return string Returns the complete HTML code for this privacy-role-select field.
*/
function role_selector($current) { function role_selector($current) {
if(! $current) if(! $current)
@ -792,16 +821,17 @@ function role_selector($current) {
array('soapbox' => t('Celebrity/Soapbox'), 'repository' => t('Group Repository'))), array('soapbox' => t('Celebrity/Soapbox'), 'repository' => t('Group Repository'))),
'other' => array( t('Other'), 'other' => array( t('Other'),
array('custom' => t('Custom/Expert Mode')))); array('custom' => t('Custom/Expert Mode'))));
$o = '<select name="permissions_role" id="privacy-role-select">'; $o = '<select name="permissions_role" id="privacy-role-select">';
foreach($roles as $k => $v) { foreach($roles as $k => $v) {
$o .= '<optgroup label="'. htmlspecialchars($v[0]) . '" >'; $o .= '<optgroup label="'. htmlspecialchars($v[0]) . '">';
foreach($v[1] as $kk => $vv) { foreach($v[1] as $kk => $vv) {
$selected = (($kk === $current) ? ' selected="selected" ' : ''); $selected = (($kk === $current) ? ' selected="selected"' : '');
$o .= '<option value="' . $kk . '" ' . $selected . '>' . htmlspecialchars($vv) . '</option>'; $o .= '<option value="' . $kk . '"' . $selected . '>' . htmlspecialchars($vv) . '</option>';
} }
$o .= '</optgroup>'; $o .= '</optgroup>';
} }
$o .= '</select>'; $o .= '</select>';
return $o;
}
return $o;
}

115
include/security.php
View File

@ -1,12 +1,24 @@
<?php /** @file */ <?php
/**
* @file include/security.php
*
* Some security related functions.
*/
function authenticate_success($user_record, $login_initial = false, $interactive = false,$return = false,$update_lastlog = false) { /**
* @param int $user_record The account_id
* @param bool $login_initial default false
* @param bool $interactive default false
* @param bool $return
* @param bool $update_lastlog
*/
function authenticate_success($user_record, $login_initial = false, $interactive = false, $return = false, $update_lastlog = false) {
$a = get_app(); $a = get_app();
$_SESSION['addr'] = $_SERVER['REMOTE_ADDR']; $_SESSION['addr'] = $_SERVER['REMOTE_ADDR'];
if(x($user_record,'account_id')) { if(x($user_record, 'account_id')) {
$a->account = $user_record; $a->account = $user_record;
$_SESSION['account_id'] = $user_record['account_id']; $_SESSION['account_id'] = $user_record['account_id'];
$_SESSION['authenticated'] = 1; $_SESSION['authenticated'] = 1;
@ -39,7 +51,7 @@ function authenticate_success($user_record, $login_initial = false, $interactive
// might want to log success here // might want to log success here
} }
if($return || x($_SESSION,'workflow')) { if($return || x($_SESSION, 'workflow')) {
unset($_SESSION['workflow']); unset($_SESSION['workflow']);
return; return;
} }
@ -70,7 +82,13 @@ function authenticate_success($user_record, $login_initial = false, $interactive
/* else just return */ /* else just return */
} }
/**
* @brief Change to another channel with current logged-in account.
*
* @param int $change_channel The channel_id of the channel you want to change to
*
* @return bool|array false or channel record of the new channel
*/
function change_channel($change_channel) { function change_channel($change_channel) {
$ret = false; $ret = false;
@ -83,17 +101,17 @@ function change_channel($change_channel) {
); );
// It's not there. Is this an administrator, and is this the sys channel? // It's not there. Is this an administrator, and is this the sys channel?
if (is_developer()) { if (is_developer()) {
if (! $r) { if (! $r) {
if (is_site_admin()) { if (is_site_admin()) {
$r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel_id = %d and ( channel_pageflags & %d) and not (channel_pageflags & %d )>0 limit 1", $r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel_id = %d and ( channel_pageflags & %d) and not (channel_pageflags & %d )>0 limit 1",
intval($change_channel), intval($change_channel),
intval(PAGE_SYSTEM), intval(PAGE_SYSTEM),
intval(PAGE_REMOVED) intval(PAGE_REMOVED)
); );
}
} }
} }
}
if($r) { if($r) {
$hash = $r[0]['channel_hash']; $hash = $r[0]['channel_hash'];
@ -109,23 +127,28 @@ function change_channel($change_channel) {
); );
if($x) { if($x) {
$_SESSION['my_url'] = $x[0]['xchan_url']; $_SESSION['my_url'] = $x[0]['xchan_url'];
$_SESSION['my_address'] = $r[0]['channel_address'] . '@' . substr(get_app()->get_baseurl(),strpos(get_app()->get_baseurl(),'://')+3); $_SESSION['my_address'] = $r[0]['channel_address'] . '@' . substr(get_app()->get_baseurl(), strpos(get_app()->get_baseurl(), '://') + 3);
get_app()->set_observer($x[0]); get_app()->set_observer($x[0]);
get_app()->set_perms(get_all_perms(local_user(),$hash)); get_app()->set_perms(get_all_perms(local_user(), $hash));
} }
if(! is_dir('store/' . $r[0]['channel_address'])) if(! is_dir('store/' . $r[0]['channel_address']))
@os_mkdir('store/' . $r[0]['channel_address'], STORAGE_DEFAULT_PERMISSIONS,true); @os_mkdir('store/' . $r[0]['channel_address'], STORAGE_DEFAULT_PERMISSIONS,true);
} }
return $ret; return $ret;
} }
/**
* @brief Creates an addiontal SQL where statement to check permissions.
function permissions_sql($owner_id,$remote_verified = false,$groups = null) { *
* @param int $owner_id
* @param bool $remote_verified default false, not used at all
* @param string $groups this param is not used at all
*
* @return string additional SQL where statement
*/
function permissions_sql($owner_id, $remote_verified = false, $groups = null) {
if(defined('STATUSNET_PRIVACY_COMPATIBILITY')) if(defined('STATUSNET_PRIVACY_COMPATIBILITY'))
return ''; return '';
@ -142,8 +165,7 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
$sql = " AND allow_cid = '' $sql = " AND allow_cid = ''
AND allow_gid = '' AND allow_gid = ''
AND deny_cid = '' AND deny_cid = ''
AND deny_gid = '' AND deny_gid = ''
"; ";
/** /**
@ -162,7 +184,6 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
* done this and passed the groups into this function. * done this and passed the groups into this function.
*/ */
else { else {
$observer = get_observer_hash(); $observer = get_observer_hash();
if($observer) { if($observer) {
@ -191,7 +212,16 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
return $sql; return $sql;
} }
function item_permissions_sql($owner_id,$remote_verified = false,$groups = null) { /**
* @brief Creates an addiontal SQL where statement to check permissions for an item.
*
* @param int $owner_id
* @param bool $remote_verified default false, not used at all
* @param string $groups this param is not used at all
*
* @return string additional SQL where statement
*/
function item_permissions_sql($owner_id, $remote_verified = false, $groups = null) {
if(defined('STATUSNET_PRIVACY_COMPATIBILITY')) if(defined('STATUSNET_PRIVACY_COMPATIBILITY'))
return ''; return '';
@ -206,7 +236,6 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null)
*/ */
$sql = " AND item_private=0 "; $sql = " AND item_private=0 ";
/** /**
* Profile owner - everything is visible * Profile owner - everything is visible
@ -224,7 +253,6 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null)
* done this and passed the groups into this function. * done this and passed the groups into this function.
*/ */
else { else {
$observer = get_observer_hash(); $observer = get_observer_hash();
@ -250,12 +278,18 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null)
); );
} }
} }
return $sql; return $sql;
} }
/**
* @param string $observer_hash
*
* @return string additional SQL where statement
*/
function public_permissions_sql($observer_hash) { function public_permissions_sql($observer_hash) {
$observer = get_app()->get_observer(); //$observer = get_app()->get_observer();
$groups = init_groups_visitor($observer_hash); $groups = init_groups_visitor($observer_hash);
$gs = '<<>>'; // should be impossible to match $gs = '<<>>'; // should be impossible to match
@ -263,7 +297,7 @@ function public_permissions_sql($observer_hash) {
if(is_array($groups) && count($groups)) { if(is_array($groups) && count($groups)) {
foreach($groups as $g) foreach($groups as $g)
$gs .= '|<' . $g . '>'; $gs .= '|<' . $g . '>';
} }
$sql = ''; $sql = '';
if($observer_hash) { if($observer_hash) {
$regexop = db_getfunc('REGEXP'); $regexop = db_getfunc('REGEXP');
@ -341,11 +375,11 @@ function check_form_security_token_ForbiddenOnErr($typename = '', $formname = 'f
} }
} }
// Returns an array of group id's this contact is a member of. // Returns an array of group id's this contact is a member of.
// This array will only contain group id's related to the uid of this // This array will only contain group id's related to the uid of this
// DFRN contact. They are *not* neccessarily unique across the entire site. // DFRN contact. They are *not* neccessarily unique across the entire site.
if(! function_exists('init_groups_visitor')) { if(! function_exists('init_groups_visitor')) {
function init_groups_visitor($contact_id) { function init_groups_visitor($contact_id) {
$groups = array(); $groups = array();
@ -361,8 +395,6 @@ function init_groups_visitor($contact_id) {
// This is used to determine which uid have posts which are visible to the logged in user (from the API) for the // This is used to determine which uid have posts which are visible to the logged in user (from the API) for the
// public_timeline, and we can use this in a community page by making // public_timeline, and we can use this in a community page by making
// $perms = (PERMS_NETWORK|PERMS_PUBLIC) unless logged in. // $perms = (PERMS_NETWORK|PERMS_PUBLIC) unless logged in.
@ -382,19 +414,22 @@ function stream_perms_api_uids($perms = NULL ) {
intval($perms), intval($perms),
intval(PAGE_CENSORED|PAGE_SYSTEM|PAGE_REMOVED) intval(PAGE_CENSORED|PAGE_SYSTEM|PAGE_REMOVED)
); );
if($r) if($r) {
foreach($r as $rr) foreach($r as $rr)
if(! in_array($rr['channel_id'],$ret)) if(! in_array($rr['channel_id'], $ret))
$ret[] = $rr['channel_id']; $ret[] = $rr['channel_id'];
}
$str = ''; $str = '';
if($ret) if($ret) {
foreach($ret as $rr) { foreach($ret as $rr) {
if($str) if($str)
$str .= ','; $str .= ',';
$str .= intval($rr); $str .= intval($rr);
} }
}
logger('stream_perms_api_uids: ' . $str, LOGGER_DEBUG); logger('stream_perms_api_uids: ' . $str, LOGGER_DEBUG);
return $str; return $str;
} }
@ -409,19 +444,21 @@ function stream_perms_xchans($perms = NULL ) {
intval($perms), intval($perms),
intval(PAGE_CENSORED|PAGE_SYETEM|PAGE_REMOVED) intval(PAGE_CENSORED|PAGE_SYETEM|PAGE_REMOVED)
); );
if($r) if($r) {
foreach($r as $rr) foreach($r as $rr)
if(! in_array($rr['channel_hash'],$ret)) if(! in_array($rr['channel_hash'], $ret))
$ret[] = $rr['channel_hash']; $ret[] = $rr['channel_hash'];
}
$str = ''; $str = '';
if($ret) if($ret) {
foreach($ret as $rr) { foreach($ret as $rr) {
if($str) if($str)
$str .= ','; $str .= ',';
$str .= "'" . dbesc($rr) . "'"; $str .= "'" . dbesc($rr) . "'";
} }
}
logger('stream_perms_xchans: ' . $str, LOGGER_DEBUG); logger('stream_perms_xchans: ' . $str, LOGGER_DEBUG);
return $str; return $str;
} }

158
include/widgets.php
View File

@ -1,4 +1,9 @@
<?php /** @file */ <?php
/**
* @file include/widgets.php
*
* @brief This file contains the widgets.
*/
require_once('include/dir_fns.php'); require_once('include/dir_fns.php');
require_once('include/contact_widgets.php'); require_once('include/contact_widgets.php');
@ -6,7 +11,7 @@ require_once('include/contact_widgets.php');
function widget_profile($args) { function widget_profile($args) {
$a = get_app(); $a = get_app();
$block = (((get_config('system','block_public')) && (! local_user()) && (! remote_user())) ? true : false); $block = (((get_config('system', 'block_public')) && (! local_user()) && (! remote_user())) ? true : false);
return profile_sidebar($a->profile, $block, true); return profile_sidebar($a->profile, $block, true);
} }
@ -16,14 +21,15 @@ function widget_profile($args) {
function widget_tagcloud($args) { function widget_tagcloud($args) {
$o = ''; $o = '';
$tab = 0; //$tab = 0;
$a = get_app(); $a = get_app();
$uid = $a->profile_uid; $uid = $a->profile_uid;
$count = ((x($args,'count')) ? intval($args['count']) : 24); $count = ((x($args,'count')) ? intval($args['count']) : 24);
$flags = 0; $flags = 0;
$type = TERM_CATEGORY; $type = TERM_CATEGORY;
$r = tagadelic($uid,$count,$authors,$flags,ITEM_WEBPAGE,$type); // FIXME there exists no $authors variable
$r = tagadelic($uid, $count, $authors, $flags, ITEM_WEBPAGE, $type);
if($r) { if($r) {
$o = '<div class="tagblock widget"><h3>' . t('Categories') . '</h3><div class="tags" align="center">'; $o = '<div class="tagblock widget"><h3>' . t('Categories') . '</h3><div class="tags" align="center">';
@ -75,9 +81,8 @@ function widget_collections($args) {
return ''; return '';
break; break;
} }
return group_side($every, $each, $edit, $current, $abook_id, $wmode);
return group_side($every, $each, $edit, $current, $abook_id, $wmode);
} }
@ -93,7 +98,6 @@ function widget_appselect($arr) {
} }
function widget_suggestions($arr) { function widget_suggestions($arr) {
if((! local_user()) || (! feature_enabled(local_user(),'suggest'))) if((! local_user()) || (! feature_enabled(local_user(),'suggest')))
@ -114,16 +118,13 @@ function widget_suggestions($arr) {
// This will throw some entropy intot he situation so you won't // This will throw some entropy intot he situation so you won't
// be looking at the same two mug shots every time the widget runs // be looking at the same two mug shots every time the widget runs
$index = ((count($r) > 2) ? mt_rand(0,count($r) - 2) : 0); $index = ((count($r) > 2) ? mt_rand(0,count($r) - 2) : 0);
for($x = $index; $x <= ($index+1); $x ++) { for($x = $index; $x <= ($index+1); $x ++) {
$rr = $r[$x]; $rr = $r[$x];
if(! $rr['xchan_url']) if(! $rr['xchan_url'])
break; break;
$connlnk = z_root() . '/follow/?url=' . $rr['xchan_addr']; $connlnk = z_root() . '/follow/?url=' . $rr['xchan_addr'];
$arr[] = array( $arr[] = array(
@ -138,7 +139,6 @@ function widget_suggestions($arr) {
); );
} }
$o = replace_macros(get_markup_template('suggest_widget.tpl'),array( $o = replace_macros(get_markup_template('suggest_widget.tpl'),array(
'$title' => t('Suggestions'), '$title' => t('Suggestions'),
'$more' => t('See more...'), '$more' => t('See more...'),
@ -146,13 +146,13 @@ function widget_suggestions($arr) {
)); ));
return $o; return $o;
} }
function widget_follow($args) { function widget_follow($args) {
if(! local_user()) if(! local_user())
return ''; return '';
$a = get_app(); $a = get_app();
$uid =$a->channel['channel_id']; $uid =$a->channel['channel_id'];
$r = q("select count(*) as total from abook where abook_channel = %d and not (abook_flags & %d)>0 ", $r = q("select count(*) as total from abook where abook_channel = %d and not (abook_flags & %d)>0 ",
@ -163,10 +163,10 @@ function widget_follow($args) {
$total_channels = $r[0]['total']; $total_channels = $r[0]['total'];
$limit = service_class_fetch($uid,'total_channels'); $limit = service_class_fetch($uid,'total_channels');
if($limit !== false) { if($limit !== false) {
$abook_usage_message = sprintf( t("You have %1$.0f of %2$.0f allowed connections."), $total_channels, $limit); $abook_usage_message = sprintf( t("You have %1$.0f of %2$.0f allowed connections."), $total_channels, $limit);
} }
else { else {
$abook_usage_message = ''; $abook_usage_message = '';
} }
return replace_macros(get_markup_template('follow.tpl'),array( return replace_macros(get_markup_template('follow.tpl'),array(
'$connect' => t('Add New Connection'), '$connect' => t('Add New Connection'),
@ -175,7 +175,6 @@ function widget_follow($args) {
'$follow' => t('Connect'), '$follow' => t('Connect'),
'$abook_usage_message' => $abook_usage_message '$abook_usage_message' => $abook_usage_message
)); ));
} }
@ -192,6 +191,7 @@ function widget_notes($arr) {
'$text' => $text, '$text' => $text,
'$save' => t('Save'), '$save' => t('Save'),
)); ));
return $o; return $o;
} }
@ -228,8 +228,6 @@ function widget_savedsearch($arr) {
$search = ''; $search = '';
} }
$srchurl = $a->query_string; $srchurl = $a->query_string;
$srchurl = rtrim(preg_replace('/searchsave\=[^\&].*?(\&|$)/is','',$srchurl),'&'); $srchurl = rtrim(preg_replace('/searchsave\=[^\&].*?(\&|$)/is','',$srchurl),'&');
@ -240,7 +238,7 @@ function widget_savedsearch($arr) {
$srchurl = rtrim(preg_replace('/search\=[^\&].*?(\&|$)/is','',$srchurl),'&'); $srchurl = rtrim(preg_replace('/search\=[^\&].*?(\&|$)/is','',$srchurl),'&');
$srchurl = str_replace(array('?f=','&f='),array('',''),$srchurl); $srchurl = str_replace(array('?f=','&f='),array('',''),$srchurl);
$hasq = ((strpos($srchurl,'?') !== false) ? true : false); $hasq = ((strpos($srchurl,'?') !== false) ? true : false);
$o = ''; $o = '';
$r = q("select `tid`,`term` from `term` WHERE `uid` = %d and `type` = %d ", $r = q("select `tid`,`term` from `term` WHERE `uid` = %d and `type` = %d ",
@ -252,31 +250,28 @@ function widget_savedsearch($arr) {
if(count($r)) { if(count($r)) {
foreach($r as $rr) { foreach($r as $rr) {
$saved[] = array( $saved[] = array(
'id' => $rr['tid'], 'id' => $rr['tid'],
'term' => $rr['term'], 'term' => $rr['term'],
'dellink' => z_root() . '/' . $srchurl . (($hasq) ? '' : '?f=') . '&amp;searchremove=1&amp;search=' . urlencode($rr['term']), 'dellink' => z_root() . '/' . $srchurl . (($hasq) ? '' : '?f=') . '&amp;searchremove=1&amp;search=' . urlencode($rr['term']),
'srchlink' => z_root() . '/' . $srchurl . (($hasq) ? '' : '?f=') . '&amp;search=' . urlencode($rr['term']), 'srchlink' => z_root() . '/' . $srchurl . (($hasq) ? '' : '?f=') . '&amp;search=' . urlencode($rr['term']),
'displayterm' => htmlspecialchars($rr['term'], ENT_COMPAT,'UTF-8'), 'displayterm' => htmlspecialchars($rr['term'], ENT_COMPAT,'UTF-8'),
'encodedterm' => urlencode($rr['term']), 'encodedterm' => urlencode($rr['term']),
'delete' => t('Remove term'), 'delete' => t('Remove term'),
'selected' => ($search==$rr['term']), 'selected' => ($search==$rr['term']),
); );
} }
} }
$tpl = get_markup_template("saved_searches.tpl"); $tpl = get_markup_template("saved_searches.tpl");
$o = replace_macros($tpl, array( $o = replace_macros($tpl, array(
'$title' => t('Saved Searches'), '$title' => t('Saved Searches'),
'$add' => t('add'), '$add' => t('add'),
'$searchbox' => searchbox($search,'netsearch-box',$srchurl . (($hasq) ? '' : '?f='),true), '$searchbox' => searchbox($search, 'netsearch-box', $srchurl . (($hasq) ? '' : '?f='), true),
'$saved' => $saved, '$saved' => $saved,
)); ));
return $o; return $o;
} }
@ -306,7 +301,6 @@ function widget_filer($arr) {
'$all' => t('Everything'), '$all' => t('Everything'),
'$terms' => $terms, '$terms' => $terms,
'$base' => z_root() . '/' . $a->cmd '$base' => z_root() . '/' . $a->cmd
)); ));
} }
@ -327,7 +321,6 @@ function widget_archive($arr) {
if(! perm_is_allowed($uid,get_observer_hash(),'view_stream')) if(! perm_is_allowed($uid,get_observer_hash(),'view_stream'))
return ''; return '';
$wall = ((array_key_exists('wall', $arr)) ? intval($arr['wall']) : 0); $wall = ((array_key_exists('wall', $arr)) ? intval($arr['wall']) : 0);
$style = ((array_key_exists('style', $arr)) ? $arr['style'] : 'select'); $style = ((array_key_exists('style', $arr)) ? $arr['style'] : 'select');
$showend = ((get_pconfig($uid,'system','archive_show_end_date')) ? true : false); $showend = ((get_pconfig($uid,'system','archive_show_end_date')) ? true : false);
@ -336,10 +329,8 @@ function widget_archive($arr) {
if(! $visible_years) if(! $visible_years)
$visible_years = 5; $visible_years = 5;
$url = z_root() . '/' . $a->cmd; $url = z_root() . '/' . $a->cmd;
$ret = list_post_dates($uid,$wall,$mindate); $ret = list_post_dates($uid,$wall,$mindate);
if(! count($ret)) if(! count($ret))
@ -367,7 +358,7 @@ function widget_fullprofile($arr) {
if(! $a->profile['profile_uid']) if(! $a->profile['profile_uid'])
return; return;
$block = (((get_config('system','block_public')) && (! local_user()) && (! remote_user())) ? true : false); $block = (((get_config('system', 'block_public')) && (! local_user()) && (! remote_user())) ? true : false);
return profile_sidebar($a->profile, $block); return profile_sidebar($a->profile, $block);
} }
@ -375,41 +366,43 @@ function widget_fullprofile($arr) {
function widget_categories($arr) { function widget_categories($arr) {
$a = get_app(); $a = get_app();
if($a->profile['profile_uid'] && (! perm_is_allowed($a->profile['profile_uid'],get_observer_hash(),'view_stream'))) if($a->profile['profile_uid'] && (! perm_is_allowed($a->profile['profile_uid'],get_observer_hash(),'view_stream')))
return ''; return '';
$cat = ((x($_REQUEST,'cat')) ? htmlspecialchars($_REQUEST['cat'],ENT_COMPAT,'UTF-8') : ''); $cat = ((x($_REQUEST,'cat')) ? htmlspecialchars($_REQUEST['cat'],ENT_COMPAT,'UTF-8') : '');
$srchurl = $a->query_string; $srchurl = $a->query_string;
$srchurl = rtrim(preg_replace('/cat\=[^\&].*?(\&|$)/is','',$srchurl),'&'); $srchurl = rtrim(preg_replace('/cat\=[^\&].*?(\&|$)/is','',$srchurl),'&');
$srchurl = str_replace(array('?f=','&f='),array('',''),$srchurl); $srchurl = str_replace(array('?f=','&f='),array('',''),$srchurl);
return categories_widget($srchurl,$cat);
return categories_widget($srchurl, $cat);
} }
function widget_tagcloud_wall($arr) { function widget_tagcloud_wall($arr) {
$a = get_app(); $a = get_app();
if((! $a->profile['profile_uid']) || (! $a->profile['channel_hash'])) if((! $a->profile['profile_uid']) || (! $a->profile['channel_hash']))
return ''; return '';
if(! perm_is_allowed($a->profile['profile_uid'],get_observer_hash(),'view_stream')) if(! perm_is_allowed($a->profile['profile_uid'], get_observer_hash(), 'view_stream'))
return ''; return '';
$limit = ((array_key_exists('limit',$arr)) ? intval($arr['limit']) : 50); $limit = ((array_key_exists('limit', $arr)) ? intval($arr['limit']) : 50);
if(feature_enabled($a->profile['profile_uid'],'tagadelic')) if(feature_enabled($a->profile['profile_uid'], 'tagadelic'))
return tagblock('search',$a->profile['profile_uid'],$limit,$a->profile['channel_hash'],ITEM_WALL); return tagblock('search', $a->profile['profile_uid'], $limit, $a->profile['channel_hash'], ITEM_WALL);
return ''; return '';
} }
function widget_catcloud_wall($arr) { function widget_catcloud_wall($arr) {
$a = get_app(); $a = get_app();
if((! $a->profile['profile_uid']) || (! $a->profile['channel_hash'])) if((! $a->profile['profile_uid']) || (! $a->profile['channel_hash']))
return ''; return '';
if(! perm_is_allowed($a->profile['profile_uid'],get_observer_hash(),'view_stream')) if(! perm_is_allowed($a->profile['profile_uid'], get_observer_hash(), 'view_stream'))
return ''; return '';
$limit = ((array_key_exists('limit',$arr)) ? intval($arr['limit']) : 50); $limit = ((array_key_exists('limit',$arr)) ? intval($arr['limit']) : 50);
return catblock($a->profile['profile_uid'],$limit,$a->profile['channel_hash'],ITEM_WALL);
return ''; return catblock($a->profile['profile_uid'], $limit, $a->profile['channel_hash'], ITEM_WALL);
} }
@ -438,6 +431,7 @@ function widget_affinity($arr) {
call_hooks('main_slider',$arr); call_hooks('main_slider',$arr);
return $arr['html']; return $arr['html'];
} }
return ''; return '';
} }
@ -463,20 +457,19 @@ function widget_settings_menu($arr) {
if($abk) if($abk)
$abook_self_id = $abk[0]['abook_id']; $abook_self_id = $abk[0]['abook_id'];
$tabs = array( $tabs = array(
array( array(
'label' => t('Account settings'), 'label' => t('Account settings'),
'url' => $a->get_baseurl(true).'/settings/account', 'url' => $a->get_baseurl(true).'/settings/account',
'selected' => ((argv(1) === 'account') ? 'active' : ''), 'selected' => ((argv(1) === 'account') ? 'active' : ''),
), ),
array( array(
'label' => t('Channel settings'), 'label' => t('Channel settings'),
'url' => $a->get_baseurl(true).'/settings/channel', 'url' => $a->get_baseurl(true).'/settings/channel',
'selected' => ((argv(1) === 'channel') ? 'active' : ''), 'selected' => ((argv(1) === 'channel') ? 'active' : ''),
), ),
array( array(
'label' => t('Additional features'), 'label' => t('Additional features'),
'url' => $a->get_baseurl(true).'/settings/features', 'url' => $a->get_baseurl(true).'/settings/features',
@ -494,7 +487,7 @@ function widget_settings_menu($arr) {
'url' => $a->get_baseurl(true).'/settings/display', 'url' => $a->get_baseurl(true).'/settings/display',
'selected' => ((argv(1) === 'display') ? 'active' : ''), 'selected' => ((argv(1) === 'display') ? 'active' : ''),
), ),
array( array(
'label' => t('Connected apps'), 'label' => t('Connected apps'),
'url' => $a->get_baseurl(true) . '/settings/oauth', 'url' => $a->get_baseurl(true) . '/settings/oauth',
@ -512,7 +505,6 @@ function widget_settings_menu($arr) {
'url' => $a->get_baseurl(true) . '/uexport/complete', 'url' => $a->get_baseurl(true) . '/uexport/complete',
'selected' => '' 'selected' => ''
), ),
); );
if($role === false || $role === 'custom') { if($role === false || $role === 'custom') {
@ -529,7 +521,6 @@ function widget_settings_menu($arr) {
'url' => $a->get_baseurl(true) . '/connect/' . $channel['channel_address'], 'url' => $a->get_baseurl(true) . '/connect/' . $channel['channel_address'],
'selected' => '' 'selected' => ''
); );
} }
if(feature_enabled(local_user(),'channel_sources')) { if(feature_enabled(local_user(),'channel_sources')) {
@ -538,18 +529,14 @@ function widget_settings_menu($arr) {
'url' => $a->get_baseurl(true) . '/sources', 'url' => $a->get_baseurl(true) . '/sources',
'selected' => '' 'selected' => ''
); );
} }
$tabtpl = get_markup_template("generic_links_widget.tpl"); $tabtpl = get_markup_template("generic_links_widget.tpl");
return replace_macros($tabtpl, array( return replace_macros($tabtpl, array(
'$title' => t('Settings'), '$title' => t('Settings'),
'$class' => 'settings-widget', '$class' => 'settings-widget',
'$items' => $tabs, '$items' => $tabs,
)); ));
} }
@ -560,9 +547,7 @@ function widget_mailmenu($arr) {
$a = get_app(); $a = get_app();
return replace_macros(get_markup_template('message_side.tpl'), array( return replace_macros(get_markup_template('message_side.tpl'), array(
'$title' => t('Messages'), '$title' => t('Messages'),
'$tabs'=> array(), '$tabs'=> array(),
'$check'=>array( '$check'=>array(
'label' => t('Check Mail'), 'label' => t('Check Mail'),
'url' => $a->get_baseurl(true) . '/message', 'url' => $a->get_baseurl(true) . '/message',
@ -573,9 +558,7 @@ function widget_mailmenu($arr) {
'url' => $a->get_baseurl(true) . '/mail/new', 'url' => $a->get_baseurl(true) . '/mail/new',
'sel'=> (argv(1) == 'new'), 'sel'=> (argv(1) == 'new'),
) )
)); ));
} }
function widget_design_tools($arr) { function widget_design_tools($arr) {
@ -586,7 +569,7 @@ function widget_design_tools($arr) {
if($a->profile['profile_uid']) if($a->profile['profile_uid'])
if(($a->profile['profile_uid'] != local_user()) && (! $a->is_sys)) if(($a->profile['profile_uid'] != local_user()) && (! $a->is_sys))
return ''; return '';
if(! local_user()) if(! local_user())
return ''; return '';
@ -601,24 +584,25 @@ function widget_findpeople($arr) {
function widget_photo_albums($arr) { function widget_photo_albums($arr) {
$a = get_app(); $a = get_app();
if(! $a->profile['profile_uid']) if(! $a->profile['profile_uid'])
return ''; return '';
$channelx = channelx_by_n($a->profile['profile_uid']); $channelx = channelx_by_n($a->profile['profile_uid']);
if((! $channelx) || (! perm_is_allowed($a->profile['profile_uid'],get_observer_hash(),'view_photos'))) if((! $channelx) || (! perm_is_allowed($a->profile['profile_uid'], get_observer_hash(), 'view_photos')))
return ''; return '';
require_once('include/photos.php'); require_once('include/photos.php');
return photos_album_widget($channelx,$a->get_observer());
return photos_album_widget($channelx, $a->get_observer());
} }
function widget_vcard($arr) { function widget_vcard($arr) {
require_once ('include/Contact.php'); require_once ('include/Contact.php');
return vcard_from_xchan('',get_app()->get_observer()); return vcard_from_xchan('', get_app()->get_observer());
} }
/** /*
* The following directory widgets are only useful on the directory page * The following directory widgets are only useful on the directory page
*/ */
@ -631,21 +615,23 @@ function widget_dirsort($arr) {
} }
function widget_dirtags($arr) { function widget_dirtags($arr) {
return dir_tagblock(z_root() . '/directory',null); return dir_tagblock(z_root() . '/directory', null);
} }
function widget_menu_preview($arr) { function widget_menu_preview($arr) {
if(! get_app()->data['menu_item']) if(! get_app()->data['menu_item'])
return; return;
require_once('include/menu.php'); require_once('include/menu.php');
return menu_render(get_app()->data['menu_item']); return menu_render(get_app()->data['menu_item']);
} }
function widget_chatroom_list($arr) { function widget_chatroom_list($arr) {
$a = get_app(); $a = get_app();
require_once("include/chat.php"); require_once("include/chat.php");
$r = chatroom_list($a->profile['profile_uid']); $r = chatroom_list($a->profile['profile_uid']);
return replace_macros(get_markup_template('chatroomlist.tpl'),array( return replace_macros(get_markup_template('chatroomlist.tpl'), array(
'$header' => t('Chat Rooms'), '$header' => t('Chat Rooms'),
'$baseurl' => z_root(), '$baseurl' => z_root(),
'$nickname' => $a->profile['channel_address'], '$nickname' => $a->profile['channel_address'],
@ -658,7 +644,7 @@ function widget_bookmarkedchats($arr) {
if(! $h) if(! $h)
return; return;
$r = q("select * from xchat where xchat_xchan = '%s' group by xchat_url order by xchat_desc", $r = q("select * from xchat where xchat_xchan = '%s' group by xchat_url order by xchat_desc",
dbesc($h) dbesc($h)
); );
if($r) { if($r) {
for($x = 0; $x < count($r); $x ++) { for($x = 0; $x < count($r); $x ++) {
@ -692,17 +678,17 @@ function widget_suggestedchats($arr) {
} }
function widget_item($arr) { function widget_item($arr) {
// FIXME there is no $a here
$uid = $a->profile['profile_uid']; $uid = $a->profile['profile_uid'];
if((! $uid) || (! $arr['mid'])) if((! $uid) || (! $arr['mid']))
return ''; return '';
if(! perm_is_allowed($uid,get_observer_hash(),'view_pages')) if(! perm_is_allowed($uid, get_observer_hash(), 'view_pages'))
return ''; return '';
require_once('include/security.php'); require_once('include/security.php');
$sql_extra = item_permissions_sql($uid); $sql_extra = item_permissions_sql($uid);
$r = q("select * from item where mid = '%s' and uid = %d and item_restrict = " . intval(ITEM_WEBPAGE) . " $sql_extra limit 1", $r = q("select * from item where mid = '%s' and uid = %d and item_restrict = " . intval(ITEM_WEBPAGE) . " $sql_extra limit 1",
dbesc($arr['mid']), dbesc($arr['mid']),
intval($uid) intval($uid)
@ -712,11 +698,10 @@ function widget_item($arr) {
return ''; return '';
xchan_query($r); xchan_query($r);
$r = fetch_post_tags($r,true); $r = fetch_post_tags($r, true);
$o .= prepare_page($r[0]); $o = prepare_page($r[0]);
return $o; return $o;
} }
function widget_clock($arr) { function widget_clock($arr) {
@ -786,18 +771,17 @@ return $o;
* URL must be an http or https URL * URL must be an http or https URL
*/ */
function widget_photo($arr) { function widget_photo($arr) {
$style = $zrl = false; $style = $zrl = false;
$params = '';
if(array_key_exists('src',$arr) && isset($arr['src'])) if(array_key_exists('src', $arr) && isset($arr['src']))
$url = $arr['src']; $url = $arr['src'];
if(strpos($url,'http') !== 0) if(strpos($url,'http') !== 0)
return ''; return '';
if(array_key_exists('style',$arr) && isset($arr['style'])) if(array_key_exists('style', $arr) && isset($arr['style']))
$style = $arr['style']; $style = $arr['style'];
// ensure they can't sneak in an eval(js) function // ensure they can't sneak in an eval(js) function
@ -805,7 +789,7 @@ function widget_photo($arr) {
if(strpos($style,'(') !== false) if(strpos($style,'(') !== false)
return ''; return '';
if(array_key_exists('zrl',$arr) && isset($arr['zrl'])) if(array_key_exists('zrl', $arr) && isset($arr['zrl']))
$zrl = (($arr['zrl']) ? true : false); $zrl = (($arr['zrl']) ? true : false);
if($zrl) if($zrl)
@ -815,7 +799,7 @@ function widget_photo($arr) {
$o .= '<img ' . (($zrl) ? ' class="zrl" ' : '') $o .= '<img ' . (($zrl) ? ' class="zrl" ' : '')
. (($style) ? ' style="' . $style . '"' : '') . (($style) ? ' style="' . $style . '"' : '')
. ' src="' . $url . '" alt="' . t('photo/image') . '" />'; . ' src="' . $url . '" alt="' . t('photo/image') . '">';
$o .= '</div>'; $o .= '</div>';
@ -826,15 +810,15 @@ function widget_photo($arr) {
function widget_photo_rand($arr) { function widget_photo_rand($arr) {
require_once('include/photos.php'); require_once('include/photos.php');
$style = $zrl = false; $style = false;
$params = '';
if(array_key_exists('album',$arr) && isset($arr['album'])) if(array_key_exists('album', $arr) && isset($arr['album']))
$album = $arr['album']; $album = $arr['album'];
else else
$album = ''; $album = '';
$channel_id = 0; $channel_id = 0;
if(array_key_exists('channel_id',$arr) && intval($arr['channel_id'])) if(array_key_exists('channel_id', $arr) && intval($arr['channel_id']))
$channel_id = intval($arr['channel_id']); $channel_id = intval($arr['channel_id']);
if(! $channel_id) if(! $channel_id)
$channel_id = get_app()->profile_uid; $channel_id = get_app()->profile_uid;
@ -844,7 +828,7 @@ function widget_photo_rand($arr) {
$scale = ((array_key_exists('scale',$arr)) ? intval($arr['scale']) : 0); $scale = ((array_key_exists('scale',$arr)) ? intval($arr['scale']) : 0);
$ret = photos_list_photos(array('channel_id' => $channel_id),get_app()->get_observer(),$album); $ret = photos_list_photos(array('channel_id' => $channel_id),get_app()->get_observer(),$album);
$filtered = array(); $filtered = array();
if($ret['success'] && $ret['photos']) if($ret['success'] && $ret['photos'])
foreach($ret['photos'] as $p) foreach($ret['photos'] as $p)
@ -852,14 +836,14 @@ function widget_photo_rand($arr) {
$filtered[] = $p['src']; $filtered[] = $p['src'];
if($filtered) { if($filtered) {
$e = mt_rand(0,count($filtered)-1); $e = mt_rand(0, count($filtered) - 1);
$url = $filtered[$e]; $url = $filtered[$e];
} }
if(strpos($url,'http') !== 0) if(strpos($url, 'http') !== 0)
return ''; return '';
if(array_key_exists('style',$arr) && isset($arr['style'])) if(array_key_exists('style', $arr) && isset($arr['style']))
$style = $arr['style']; $style = $arr['style'];
// ensure they can't sneak in an eval(js) function // ensure they can't sneak in an eval(js) function
@ -873,7 +857,7 @@ function widget_photo_rand($arr) {
$o .= '<img class="zrl" ' $o .= '<img class="zrl" '
. (($style) ? ' style="' . $style . '"' : '') . (($style) ? ' style="' . $style . '"' : '')
. ' src="' . $url . '" alt="' . t('photo/image') . '" />'; . ' src="' . $url . '" alt="' . t('photo/image') . '">';
$o .= '</div>'; $o .= '</div>';
@ -913,10 +897,10 @@ function widget_random_block($arr) {
$o = '<div class="widget bblock">'; $o = '<div class="widget bblock">';
if($r[0]['title']) if($r[0]['title'])
$o .= '<h3>' . $r[0]['title'] . '</h3>'; $o .= '<h3>' . $r[0]['title'] . '</h3>';
$o .= prepare_text($r[0]['body'],$r[0]['mimetype']); $o .= prepare_text($r[0]['body'],$r[0]['mimetype']);
$o .= '</div>'; $o .= '</div>';
} }
return $o;
return $o;
} }