harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[TASK] Update Doxyfile and fix Doxygen errors.

Browse Source 
Updated Doxyfile to include new folders.
Add a list for @hooks tags.
Fixed some parsing problems for Doxygen.
This commit is contained in:
Klaus Weidenbach 2016-10-02 00:41:25 +02:00
parent 6532972e61
commit 7b41839ea8
36 changed files with 1868 additions and 1786 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
Zotlabs/Module/Admin.php
View File

@ -1,21 +1,20 @@
<?php <?php
namespace Zotlabs\Module;
/** /**
* @file mod/admin.php * @file Zotlabs/Module/Admin.php
* @brief Hubzilla's admin controller. * @brief Hubzilla's admin controller.
* *
* Controller for the /admin/ area. * Controller for the /admin/ area.
*/ */
namespace Zotlabs\Module;
require_once('include/queue_fn.php'); require_once('include/queue_fn.php');
require_once('include/account.php'); require_once('include/account.php');
/** /**
* @param App &$a * @brief Admin area.
*
*/ */
class Admin extends \Zotlabs\Web\Controller { class Admin extends \Zotlabs\Web\Controller {
private $sm = null; private $sm = null;
@ -26,36 +25,35 @@ class Admin extends \Zotlabs\Web\Controller {
function post(){ function post(){
logger('admin_post', LOGGER_DEBUG); logger('admin_post', LOGGER_DEBUG);
if(! is_site_admin()) { if(! is_site_admin()) {
return; return;
} }
if (argc() > 1) { if (argc() > 1) {
$this->sm->call('post'); $this->sm->call('post');
} }
goaway(z_root() . '/admin' ); goaway(z_root() . '/admin' );
} }
/** /**
* @return string * @return string
*/ */
function get() { function get() {
logger('admin_content', LOGGER_DEBUG); logger('admin_content', LOGGER_DEBUG);
if(! is_site_admin()) { if(! is_site_admin()) {
return login(false); return login(false);
} }
/* /*
* Page content * Page content
*/ */
$o = ''; $o = '';
if(argc() > 1) { if(argc() > 1) {
$o = $this->sm->call('get'); $o = $this->sm->call('get');
if($o === false) { if($o === false) {
@ -65,9 +63,9 @@ class Admin extends \Zotlabs\Web\Controller {
else { else {
$o = $this->admin_page_summary(); $o = $this->admin_page_summary();
} }
if(is_ajax()) { if(is_ajax()) {
echo $o; echo $o;
killme(); killme();
return ''; return '';
} }
@ -75,16 +73,15 @@ class Admin extends \Zotlabs\Web\Controller {
return $o; return $o;
} }
} }
/** /**
* @brief Returns content for Admin Summary Page. * @brief Returns content for Admin Summary Page.
* *
* @param App &$a
* @return string HTML from parsed admin_summary.tpl * @return string HTML from parsed admin_summary.tpl
*/ */
function admin_page_summary() { function admin_page_summary() {
// list total user accounts, expirations etc. // list total user accounts, expirations etc.
$accounts = array(); $accounts = array();
$r = q("SELECT COUNT(*) AS total, COUNT(CASE WHEN account_expires > %s THEN 1 ELSE NULL END) AS expiring, COUNT(CASE WHEN account_expires < %s AND account_expires > '%s' THEN 1 ELSE NULL END) AS expired, COUNT(CASE WHEN (account_flags & %d)>0 THEN 1 ELSE NULL END) AS blocked FROM account", $r = q("SELECT COUNT(*) AS total, COUNT(CASE WHEN account_expires > %s THEN 1 ELSE NULL END) AS expiring, COUNT(CASE WHEN account_expires < %s AND account_expires > '%s' THEN 1 ELSE NULL END) AS expired, COUNT(CASE WHEN (account_flags & %d)>0 THEN 1 ELSE NULL END) AS blocked FROM account",
@ -99,11 +96,11 @@ class Admin extends \Zotlabs\Web\Controller {
$accounts['expired'] = array('label' => t('# expired accounts'), 'val' => $r[0]['expired']); $accounts['expired'] = array('label' => t('# expired accounts'), 'val' => $r[0]['expired']);
$accounts['expiring'] = array('label' => t('# expiring accounts'), 'val' => $r[0]['expiring']); $accounts['expiring'] = array('label' => t('# expiring accounts'), 'val' => $r[0]['expiring']);
} }
// pending registrations // pending registrations
$r = q("SELECT COUNT(id) AS rtotal FROM register WHERE uid != '0'"); $r = q("SELECT COUNT(id) AS rtotal FROM register WHERE uid != '0'");
$pending = $r[0]['rtotal']; $pending = $r[0]['rtotal'];
// available channels, primary and clones // available channels, primary and clones
$channels = array(); $channels = array();
$r = q("SELECT COUNT(*) AS total, COUNT(CASE WHEN channel_primary = 1 THEN 1 ELSE NULL END) AS main, COUNT(CASE WHEN channel_primary = 0 THEN 1 ELSE NULL END) AS clones FROM channel WHERE channel_removed = 0"); $r = q("SELECT COUNT(*) AS total, COUNT(CASE WHEN channel_primary = 1 THEN 1 ELSE NULL END) AS main, COUNT(CASE WHEN channel_primary = 0 THEN 1 ELSE NULL END) AS clones FROM channel WHERE channel_removed = 0");
@ -112,15 +109,15 @@ class Admin extends \Zotlabs\Web\Controller {
$channels['main'] = array('label' => t('# primary'), 'val' => $r[0]['main']); $channels['main'] = array('label' => t('# primary'), 'val' => $r[0]['main']);
$channels['clones'] = array('label' => t('# clones'), 'val' => $r[0]['clones']); $channels['clones'] = array('label' => t('# clones'), 'val' => $r[0]['clones']);
} }
// We can do better, but this is a quick queue status // We can do better, but this is a quick queue status
$r = q("SELECT COUNT(outq_delivered) AS total FROM outq WHERE outq_delivered = 0"); $r = q("SELECT COUNT(outq_delivered) AS total FROM outq WHERE outq_delivered = 0");
$queue = (($r) ? $r[0]['total'] : 0); $queue = (($r) ? $r[0]['total'] : 0);
$queues = array( 'label' => t('Message queues'), 'queue' => $queue ); $queues = array( 'label' => t('Message queues'), 'queue' => $queue );
// If no plugins active return 0, otherwise list of plugin names // If no plugins active return 0, otherwise list of plugin names
$plugins = (count(\App::$plugins) == 0) ? count(\App::$plugins) : \App::$plugins; $plugins = (count(\App::$plugins) == 0) ? count(\App::$plugins) : \App::$plugins;
// Could be extended to provide also other alerts to the admin // Could be extended to provide also other alerts to the admin
$alertmsg = ''; $alertmsg = '';
// annoy admin about upcoming unsupported PHP version // annoy admin about upcoming unsupported PHP version
@ -135,7 +132,6 @@ class Admin extends \Zotlabs\Web\Controller {
$upgrade = ((version_compare(STD_VERSION,$vmaster) < 0) ? t('Your software should be updated') : ''); $upgrade = ((version_compare(STD_VERSION,$vmaster) < 0) ? t('Your software should be updated') : '');
$t = get_markup_template('admin_summary.tpl'); $t = get_markup_template('admin_summary.tpl');
return replace_macros($t, array( return replace_macros($t, array(
'$title' => t('Administration'), '$title' => t('Administration'),
@ -150,10 +146,8 @@ class Admin extends \Zotlabs\Web\Controller {
'$vmaster' => array( t('Repository version (master)'), $vmaster), '$vmaster' => array( t('Repository version (master)'), $vmaster),
'$vdev' => array( t('Repository version (dev)'), $vdev), '$vdev' => array( t('Repository version (dev)'), $vdev),
'$upgrade' => $upgrade, '$upgrade' => $upgrade,
'$build' => get_config('system', 'db_version') '$build' => get_config('system', 'db_version')
)); ));
} }
} }

90
Zotlabs/Module/Admin/Channels.php
View File

@ -2,35 +2,36 @@
namespace Zotlabs\Module\Admin; namespace Zotlabs\Module\Admin;
/**
* @brief Admin Module for Channels.
*
*/
class Channels { class Channels {
/** /**
* @brief Channels admin page. * @brief Handle POST actions on channels admin page.
* *
* @param App &$a
*/ */
function post() { function post() {
$channels = ( x($_POST, 'channel') ? $_POST['channel'] : Array() ); $channels = ( x($_POST, 'channel') ? $_POST['channel'] : Array() );
check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels'); check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels');
$xor = db_getfunc('^'); $xor = db_getfunc('^');
if (x($_POST,'page_channels_block')){ if(x($_POST, 'page_channels_block')) {
foreach($channels as $uid){ foreach($channels as $uid) {
q("UPDATE channel SET channel_pageflags = ( channel_pageflags $xor %d ) where channel_id = %d", q("UPDATE channel SET channel_pageflags = ( channel_pageflags $xor %d ) where channel_id = %d",
intval(PAGE_CENSORED), intval(PAGE_CENSORED),
intval( $uid ) intval( $uid )
); );
\Zotlabs\Daemon\Master::Summon(array('Directory',$uid,'nopush')); \Zotlabs\Daemon\Master::Summon(array('Directory', $uid, 'nopush'));
} }
notice( sprintf( tt("%s channel censored/uncensored", "%s channels censored/uncensored", count($channels)), count($channels)) ); notice( sprintf( tt("%s channel censored/uncensored", "%s channels censored/uncensored", count($channels)), count($channels)) );
} }
if (x($_POST,'page_channels_code')){ if(x($_POST, 'page_channels_code')) {
foreach($channels as $uid){ foreach($channels as $uid) {
q("UPDATE channel SET channel_pageflags = ( channel_pageflags $xor %d ) where channel_id = %d", q("UPDATE channel SET channel_pageflags = ( channel_pageflags $xor %d ) where channel_id = %d",
intval(PAGE_ALLOWCODE), intval(PAGE_ALLOWCODE),
intval( $uid ) intval( $uid )
@ -38,74 +39,71 @@ class Channels {
} }
notice( sprintf( tt("%s channel code allowed/disallowed", "%s channels code allowed/disallowed", count($channels)), count($channels)) ); notice( sprintf( tt("%s channel code allowed/disallowed", "%s channels code allowed/disallowed", count($channels)), count($channels)) );
} }
if (x($_POST,'page_channels_delete')){ if(x($_POST, 'page_channels_delete')) {
foreach($channels as $uid){ foreach($channels as $uid) {
channel_remove($uid,true); channel_remove($uid, true);
} }
notice( sprintf( tt("%s channel deleted", "%s channels deleted", count($channels)), count($channels)) ); notice( sprintf( tt("%s channel deleted", "%s channels deleted", count($channels)), count($channels)) );
} }
goaway(z_root() . '/admin/channels' ); goaway(z_root() . '/admin/channels' );
} }
/** /**
* @brief * @brief Generate channels admin page and handle single item operations.
* *
* @return string * @return string with parsed HTML
*/ */
function get() { function get() {
if(argc() > 2) { if(argc() > 2) {
$uid = argv(3); $uid = argv(3);
$channel = q("SELECT * FROM channel WHERE channel_id = %d", $channel = q("SELECT * FROM channel WHERE channel_id = %d",
intval($uid) intval($uid)
); );
if(! $channel) { if(! $channel) {
notice( t('Channel not found') . EOL); notice( t('Channel not found') . EOL);
goaway(z_root() . '/admin/channels' ); goaway(z_root() . '/admin/channels' );
} }
switch(argv(2)) { switch(argv(2)) {
case "delete":{ case "delete":{
check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't'); check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't');
// delete channel // delete channel
channel_remove($uid,true); channel_remove($uid,true);
notice( sprintf(t("Channel '%s' deleted"), $channel[0]['channel_name']) . EOL); notice( sprintf(t("Channel '%s' deleted"), $channel[0]['channel_name']) . EOL);
}; break; }; break;
case "block":{ case "block":{
check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't'); check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't');
$pflags = $channel[0]['channel_pageflags'] ^ PAGE_CENSORED; $pflags = $channel[0]['channel_pageflags'] ^ PAGE_CENSORED;
q("UPDATE channel SET channel_pageflags = %d where channel_id = %d", q("UPDATE channel SET channel_pageflags = %d where channel_id = %d",
intval($pflags), intval($pflags),
intval( $uid ) intval( $uid )
); );
\Zotlabs\Daemon\Master::Summon(array('Directory',$uid,'nopush')); \Zotlabs\Daemon\Master::Summon(array('Directory',$uid,'nopush'));
notice( sprintf( (($pflags & PAGE_CENSORED) ? t("Channel '%s' censored"): t("Channel '%s' uncensored")) , $channel[0]['channel_name'] . ' (' . $channel[0]['channel_address'] . ')' ) . EOL); notice( sprintf( (($pflags & PAGE_CENSORED) ? t("Channel '%s' censored"): t("Channel '%s' uncensored")) , $channel[0]['channel_name'] . ' (' . $channel[0]['channel_address'] . ')' ) . EOL);
}; break; }; break;
case "code":{ case "code":{
check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't'); check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't');
$pflags = $channel[0]['channel_pageflags'] ^ PAGE_ALLOWCODE; $pflags = $channel[0]['channel_pageflags'] ^ PAGE_ALLOWCODE;
q("UPDATE channel SET channel_pageflags = %d where channel_id = %d", q("UPDATE channel SET channel_pageflags = %d where channel_id = %d",
intval($pflags), intval($pflags),
intval( $uid ) intval( $uid )
); );
notice( sprintf( (($pflags & PAGE_ALLOWCODE) ? t("Channel '%s' code allowed"): t("Channel '%s' code disallowed")) , $channel[0]['channel_name'] . ' (' . $channel[0]['channel_address'] . ')' ) . EOL); notice( sprintf( (($pflags & PAGE_ALLOWCODE) ? t("Channel '%s' code allowed"): t("Channel '%s' code disallowed")) , $channel[0]['channel_name'] . ' (' . $channel[0]['channel_address'] . ')' ) . EOL);
}; break; }; break;
default: default:
break; break;
} }
goaway(z_root() . '/admin/channels' ); goaway(z_root() . '/admin/channels' );
} }
$key = (($_REQUEST['key']) ? dbesc($_REQUEST['key']) : 'channel_id'); $key = (($_REQUEST['key']) ? dbesc($_REQUEST['key']) : 'channel_id');
$dir = 'asc'; $dir = 'asc';
if(array_key_exists('dir',$_REQUEST)) if(array_key_exists('dir',$_REQUEST))
@ -114,10 +112,8 @@ class Channels {
$base = z_root() . '/admin/channels?f='; $base = z_root() . '/admin/channels?f=';
$odir = (($dir === 'asc') ? '0' : '1'); $odir = (($dir === 'asc') ? '0' : '1');
/* get channels */ /* get channels */
$total = q("SELECT count(*) as total FROM channel where channel_removed = 0 and channel_system = 0"); $total = q("SELECT count(*) as total FROM channel where channel_removed = 0 and channel_system = 0");
if($total) { if($total) {
\App::set_pager_total($total[0]['total']); \App::set_pager_total($total[0]['total']);
@ -135,15 +131,15 @@ class Channels {
$channels[$x]['blocked'] = true; $channels[$x]['blocked'] = true;
else else
$channels[$x]['blocked'] = false; $channels[$x]['blocked'] = false;
if($channels[$x]['channel_pageflags'] & PAGE_ALLOWCODE) if($channels[$x]['channel_pageflags'] & PAGE_ALLOWCODE)
$channels[$x]['allowcode'] = true; $channels[$x]['allowcode'] = true;
else else
$channels[$x]['allowcode'] = false; $channels[$x]['allowcode'] = false;
} }
} }
$t = get_markup_template("admin_channels.tpl"); $t = get_markup_template('admin_channels.tpl');
$o = replace_macros($t, array( $o = replace_macros($t, array(
// strings // // strings //
'$title' => t('Administration'), '$title' => t('Administration'),
@ -158,29 +154,23 @@ class Channels {
'$h_channels' => t('Channel'), '$h_channels' => t('Channel'),
'$base' => $base, '$base' => $base,
'$odir' => $odir, '$odir' => $odir,
'$th_channels' => array( '$th_channels' => array(
[ t('UID'), 'channel_id' ], [ t('UID'), 'channel_id' ],
[ t('Name'), 'channel_name' ], [ t('Name'), 'channel_name' ],
[ t('Address'), 'channel_address' ]), [ t('Address'), 'channel_address' ]),
'$confirm_delete_multi' => t('Selected channels will be deleted!\n\nEverything that was posted in these channels on this site will be permanently deleted!\n\nAre you sure?'), '$confirm_delete_multi' => t('Selected channels will be deleted!\n\nEverything that was posted in these channels on this site will be permanently deleted!\n\nAre you sure?'),
'$confirm_delete' => t('The channel {0} will be deleted!\n\nEverything that was posted in this channel on this site will be permanently deleted!\n\nAre you sure?'), '$confirm_delete' => t('The channel {0} will be deleted!\n\nEverything that was posted in this channel on this site will be permanently deleted!\n\nAre you sure?'),
'$form_security_token' => get_form_security_token("admin_channels"), '$form_security_token' => get_form_security_token('admin_channels'),
// values // // values //
'$baseurl' => z_root(), '$baseurl' => z_root(),
'$channels' => $channels, '$channels' => $channels,
)); ));
$o .= paginate($a); $o .= paginate($a);
return $o; return $o;
} }
} }

109
Zotlabs/Module/Admin/Site.php
View File

@ -5,11 +5,9 @@ namespace Zotlabs\Module\Admin;
class Site { class Site {
/** /**
* @brief POST handler for Admin Site Page. * @brief POST handler for Admin Site Page.
* *
* @param App &$a
*/ */
function post(){ function post(){
if (!x($_POST, 'page_site')) { if (!x($_POST, 'page_site')) {
@ -17,38 +15,38 @@ class Site {
} }
check_form_security_token_redirectOnErr('/admin/site', 'admin_site'); check_form_security_token_redirectOnErr('/admin/site', 'admin_site');
$sitename = ((x($_POST,'sitename')) ? notags(trim($_POST['sitename'])) : ''); $sitename = ((x($_POST,'sitename')) ? notags(trim($_POST['sitename'])) : '');
$server_role = ((x($_POST,'server_role')) ? notags(trim($_POST['server_role'])) : 'standard'); $server_role = ((x($_POST,'server_role')) ? notags(trim($_POST['server_role'])) : 'standard');
$banner = ((x($_POST,'banner')) ? trim($_POST['banner']) : false); $banner = ((x($_POST,'banner')) ? trim($_POST['banner']) : false);
$admininfo = ((x($_POST,'admininfo')) ? trim($_POST['admininfo']) : false); $admininfo = ((x($_POST,'admininfo')) ? trim($_POST['admininfo']) : false);
$language = ((x($_POST,'language')) ? notags(trim($_POST['language'])) : ''); $language = ((x($_POST,'language')) ? notags(trim($_POST['language'])) : '');
$theme = ((x($_POST,'theme')) ? notags(trim($_POST['theme'])) : ''); $theme = ((x($_POST,'theme')) ? notags(trim($_POST['theme'])) : '');
$theme_mobile = ((x($_POST,'theme_mobile')) ? notags(trim($_POST['theme_mobile'])) : ''); $theme_mobile = ((x($_POST,'theme_mobile')) ? notags(trim($_POST['theme_mobile'])) : '');
// $site_channel = ((x($_POST,'site_channel')) ? notags(trim($_POST['site_channel'])) : ''); // $site_channel = ((x($_POST,'site_channel')) ? notags(trim($_POST['site_channel'])) : '');
$maximagesize = ((x($_POST,'maximagesize')) ? intval(trim($_POST['maximagesize'])) : 0); $maximagesize = ((x($_POST,'maximagesize')) ? intval(trim($_POST['maximagesize'])) : 0);
$register_policy = ((x($_POST,'register_policy')) ? intval(trim($_POST['register_policy'])) : 0); $register_policy = ((x($_POST,'register_policy')) ? intval(trim($_POST['register_policy'])) : 0);
$access_policy = ((x($_POST,'access_policy')) ? intval(trim($_POST['access_policy'])) : 0); $access_policy = ((x($_POST,'access_policy')) ? intval(trim($_POST['access_policy'])) : 0);
$invite_only = ((x($_POST,'invite_only')) ? True : False); $invite_only = ((x($_POST,'invite_only')) ? True : False);
$abandon_days = ((x($_POST,'abandon_days')) ? intval(trim($_POST['abandon_days'])) : 0); $abandon_days = ((x($_POST,'abandon_days')) ? intval(trim($_POST['abandon_days'])) : 0);
$register_text = ((x($_POST,'register_text')) ? notags(trim($_POST['register_text'])) : ''); $register_text = ((x($_POST,'register_text')) ? notags(trim($_POST['register_text'])) : '');
$frontpage = ((x($_POST,'frontpage')) ? notags(trim($_POST['frontpage'])) : ''); $frontpage = ((x($_POST,'frontpage')) ? notags(trim($_POST['frontpage'])) : '');
$mirror_frontpage = ((x($_POST,'mirror_frontpage')) ? intval(trim($_POST['mirror_frontpage'])) : 0); $mirror_frontpage = ((x($_POST,'mirror_frontpage')) ? intval(trim($_POST['mirror_frontpage'])) : 0);
$directory_server = ((x($_POST,'directory_server')) ? trim($_POST['directory_server']) : ''); $directory_server = ((x($_POST,'directory_server')) ? trim($_POST['directory_server']) : '');
$allowed_sites = ((x($_POST,'allowed_sites')) ? notags(trim($_POST['allowed_sites'])) : ''); $allowed_sites = ((x($_POST,'allowed_sites')) ? notags(trim($_POST['allowed_sites'])) : '');
$force_publish = ((x($_POST,'publish_all')) ? True : False); $force_publish = ((x($_POST,'publish_all')) ? True : False);
$disable_discover_tab = ((x($_POST,'disable_discover_tab')) ? False : True); $disable_discover_tab = ((x($_POST,'disable_discover_tab')) ? False : True);
$login_on_homepage = ((x($_POST,'login_on_homepage')) ? True : False); $login_on_homepage = ((x($_POST,'login_on_homepage')) ? True : False);
$enable_context_help = ((x($_POST,'enable_context_help')) ? True : False); $enable_context_help = ((x($_POST,'enable_context_help')) ? True : False);
$global_directory = ((x($_POST,'directory_submit_url')) ? notags(trim($_POST['directory_submit_url'])) : ''); $global_directory = ((x($_POST,'directory_submit_url')) ? notags(trim($_POST['directory_submit_url'])) : '');
$no_community_page = !((x($_POST,'no_community_page')) ? True : False); $no_community_page = !((x($_POST,'no_community_page')) ? True : False);
$default_expire_days = ((array_key_exists('default_expire_days',$_POST)) ? intval($_POST['default_expire_days']) : 0); $default_expire_days = ((array_key_exists('default_expire_days',$_POST)) ? intval($_POST['default_expire_days']) : 0);
$verifyssl = ((x($_POST,'verifyssl')) ? True : False); $verifyssl = ((x($_POST,'verifyssl')) ? True : False);
$proxyuser = ((x($_POST,'proxyuser')) ? notags(trim($_POST['proxyuser'])) : ''); $proxyuser = ((x($_POST,'proxyuser')) ? notags(trim($_POST['proxyuser'])) : '');
$proxy = ((x($_POST,'proxy')) ? notags(trim($_POST['proxy'])) : ''); $proxy = ((x($_POST,'proxy')) ? notags(trim($_POST['proxy'])) : '');
@ -62,11 +60,9 @@ class Site {
$techlevel_lock = ((x($_POST,'techlock')) ? intval($_POST['techlock']) : 0); $techlevel_lock = ((x($_POST,'techlock')) ? intval($_POST['techlock']) : 0);
$techlevel = null; $techlevel = null;
if(array_key_exists('techlevel',$_POST)) if(array_key_exists('techlevel', $_POST))
$techlevel = intval($_POST['techlevel']); $techlevel = intval($_POST['techlevel']);
set_config('system', 'server_role', $server_role); set_config('system', 'server_role', $server_role);
set_config('system', 'feed_contacts', $feed_contacts); set_config('system', 'feed_contacts', $feed_contacts);
set_config('system', 'delivery_interval', $delivery_interval); set_config('system', 'delivery_interval', $delivery_interval);
@ -84,16 +80,16 @@ class Site {
if(! is_null($techlevel)) if(! is_null($techlevel))
set_config('system', 'techlevel', $techlevel); set_config('system', 'techlevel', $techlevel);
if($directory_server) if($directory_server)
set_config('system','directory_server',$directory_server); set_config('system','directory_server',$directory_server);
if ($banner == '') { if ($banner == '') {
del_config('system', 'banner'); del_config('system', 'banner');
} else { } else {
set_config('system', 'banner', $banner); set_config('system', 'banner', $banner);
} }
if ($admininfo == ''){ if ($admininfo == ''){
del_config('system', 'admininfo'); del_config('system', 'admininfo');
} else { } else {
@ -110,9 +106,9 @@ class Site {
} }
// set_config('system','site_channel', $site_channel); // set_config('system','site_channel', $site_channel);
set_config('system','maximagesize', $maximagesize); set_config('system','maximagesize', $maximagesize);
set_config('system','register_policy', $register_policy); set_config('system','register_policy', $register_policy);
set_config('system','invitation_only', $invite_only); set_config('system','invitation_only', $invite_only);
set_config('system','access_policy', $access_policy); set_config('system','access_policy', $access_policy);
set_config('system','account_abandon_days', $abandon_days); set_config('system','account_abandon_days', $abandon_days);
set_config('system','register_text', $register_text); set_config('system','register_text', $register_text);
@ -124,14 +120,14 @@ class Site {
} else { } else {
set_config('system', 'directory_submit_url', $global_directory); set_config('system', 'directory_submit_url', $global_directory);
} }
set_config('system','no_community_page', $no_community_page); set_config('system','no_community_page', $no_community_page);
set_config('system','no_utf', $no_utf); set_config('system','no_utf', $no_utf);
set_config('system','verifyssl', $verifyssl); set_config('system','verifyssl', $verifyssl);
set_config('system','proxyuser', $proxyuser); set_config('system','proxyuser', $proxyuser);
set_config('system','proxy', $proxy); set_config('system','proxy', $proxy);
set_config('system','curl_timeout', $timeout); set_config('system','curl_timeout', $timeout);
info( t('Site settings updated.') . EOL); info( t('Site settings updated.') . EOL);
goaway(z_root() . '/admin/site' ); goaway(z_root() . '/admin/site' );
} }
@ -139,15 +135,14 @@ class Site {
/** /**
* @brief Admin page site. * @brief Admin page site.
* *
* @return string * @return string with HTML
*/ */
function get() { function get() {
/* Installed langs */ /* Installed langs */
$lang_choices = array(); $lang_choices = array();
$langs = glob('view/*/hstrings.php'); $langs = glob('view/*/hstrings.php');
if(is_array($langs) && count($langs)) { if(is_array($langs) && count($langs)) {
if(! in_array('view/en/hstrings.php',$langs)) if(! in_array('view/en/hstrings.php',$langs))
$langs[] = 'view/en/'; $langs[] = 'view/en/';
@ -157,7 +152,7 @@ class Site {
$lang_choices[$t[1]] = $t[1]; $lang_choices[$t[1]] = $t[1];
} }
} }
/* Installed themes */ /* Installed themes */
$theme_choices_mobile["---"] = t("Default"); $theme_choices_mobile["---"] = t("Default");
$theme_choices = array(); $theme_choices = array();
@ -184,13 +179,13 @@ class Site {
} }
} }
} }
$dir_choices = null; $dir_choices = null;
$dirmode = get_config('system','directory_mode'); $dirmode = get_config('system','directory_mode');
$realm = get_directory_realm(); $realm = get_directory_realm();
// directory server should not be set or settable unless we are a directory client // directory server should not be set or settable unless we are a directory client
if($dirmode == DIRECTORY_MODE_NORMAL) { if($dirmode == DIRECTORY_MODE_NORMAL) {
$x = q("select site_url from site where site_flags in (%d,%d) and site_realm = '%s'", $x = q("select site_url from site where site_flags in (%d,%d) and site_realm = '%s'",
intval(DIRECTORY_MODE_SECONDARY), intval(DIRECTORY_MODE_SECONDARY),
@ -204,25 +199,25 @@ class Site {
} }
} }
} }
/* Banner */ /* Banner */
$banner = get_config('system', 'banner'); $banner = get_config('system', 'banner');
if($banner === false) if($banner === false)
$banner = get_config('system','sitename'); $banner = get_config('system','sitename');
$banner = htmlspecialchars($banner); $banner = htmlspecialchars($banner);
/* Admin Info */ /* Admin Info */
$admininfo = get_config('system', 'admininfo'); $admininfo = get_config('system', 'admininfo');
/* Register policy */ /* Register policy */
$register_choices = Array( $register_choices = Array(
REGISTER_CLOSED => t("No"), REGISTER_CLOSED => t("No"),
REGISTER_APPROVE => t("Yes - with approval"), REGISTER_APPROVE => t("Yes - with approval"),
REGISTER_OPEN => t("Yes") REGISTER_OPEN => t("Yes")
); );
/* Acess policy */ /* Acess policy */
$access_choices = Array( $access_choices = Array(
ACCESS_PRIVATE => t("My site is not a public server"), ACCESS_PRIVATE => t("My site is not a public server"),
@ -230,36 +225,32 @@ class Site {
ACCESS_FREE => t("My site has free access only"), ACCESS_FREE => t("My site has free access only"),
ACCESS_TIERED => t("My site offers free accounts with optional paid upgrades") ACCESS_TIERED => t("My site offers free accounts with optional paid upgrades")
); );
$discover_tab = get_config('system','disable_discover_tab'); $discover_tab = get_config('system','disable_discover_tab');
// $disable public streams by default // $disable public streams by default
if($discover_tab === false) if($discover_tab === false)
$discover_tab = 1; $discover_tab = 1;
// now invert the logic for the setting. // now invert the logic for the setting.
$discover_tab = (1 - $discover_tab); $discover_tab = (1 - $discover_tab);
$server_roles = [ $server_roles = [
'basic' => t('Basic/Minimal Social Networking'), 'basic' => t('Basic/Minimal Social Networking'),
'standard' => t('Standard Configuration (default)'), 'standard' => t('Standard Configuration (default)'),
'pro' => t('Professional') 'pro' => t('Professional')
]; ];
$techlevels = [ $techlevels = [
'0' => t('Beginner/Basic'), '0' => t('Beginner/Basic'),
'1' => t('Novice - not skilled but willing to learn'), '1' => t('Novice - not skilled but willing to learn'),
'2' => t('Intermediate - somewhat comfortable'), '2' => t('Intermediate - somewhat comfortable'),
'3' => t('Advanced - very comfortable'), '3' => t('Advanced - very comfortable'),
'4' => t('Expert - I can write computer code'), '4' => t('Expert - I can write computer code'),
'5' => t('Wizard - I probably know more than you do') '5' => t('Wizard - I probably know more than you do')
]; ];
$homelogin = get_config('system','login_on_homepage'); $homelogin = get_config('system','login_on_homepage');
$enable_context_help = get_config('system','enable_context_help'); $enable_context_help = get_config('system','enable_context_help');
$t = get_markup_template("admin_site.tpl"); $t = get_markup_template("admin_site.tpl");
return replace_macros($t, array( return replace_macros($t, array(
'$title' => t('Administration'), '$title' => t('Administration'),
@ -269,7 +260,7 @@ class Site {
'$upload' => t('File upload'), '$upload' => t('File upload'),
'$corporate' => t('Policies'), '$corporate' => t('Policies'),
'$advanced' => t('Advanced'), '$advanced' => t('Advanced'),
'$baseurl' => z_root(), '$baseurl' => z_root(),
// name, label, value, help string, extra data... // name, label, value, help string, extra data...
'$sitename' => array('sitename', t("Site name"), htmlspecialchars(get_config('system','sitename'), ENT_QUOTES, 'UTF-8'),''), '$sitename' => array('sitename', t("Site name"), htmlspecialchars(get_config('system','sitename'), ENT_QUOTES, 'UTF-8'),''),
@ -280,14 +271,13 @@ class Site {
'$techlock' => [ 'techlock', t('Lock the technical skill level setting'), get_config('system','techlevel_lock'), t('Members can set their own technical comfort level by default') ], '$techlock' => [ 'techlock', t('Lock the technical skill level setting'), get_config('system','techlevel_lock'), t('Members can set their own technical comfort level by default') ],
'$banner' => array('banner', t("Banner/Logo"), $banner, ""), '$banner' => array('banner', t("Banner/Logo"), $banner, ""),
'$admininfo' => array('admininfo', t("Administrator Information"), $admininfo, t("Contact information for site administrators. Displayed on siteinfo page. BBCode can be used here")), '$admininfo' => array('admininfo', t("Administrator Information"), $admininfo, t("Contact information for site administrators. Displayed on siteinfo page. BBCode can be used here")),
'$language' => array('language', t("System language"), get_config('system','language'), "", $lang_choices), '$language' => array('language', t("System language"), get_config('system','language'), "", $lang_choices),
'$theme' => array('theme', t("System theme"), get_config('system','theme'), t("Default system theme - may be over-ridden by user profiles - <a href='#' id='cnftheme'>change theme settings</a>"), $theme_choices), '$theme' => array('theme', t("System theme"), get_config('system','theme'), t("Default system theme - may be over-ridden by user profiles - <a href='#' id='cnftheme'>change theme settings</a>"), $theme_choices),
'$theme_mobile' => array('theme_mobile', t("Mobile system theme"), get_config('system','mobile_theme'), t("Theme for mobile devices"), $theme_choices_mobile), '$theme_mobile' => array('theme_mobile', t("Mobile system theme"), get_config('system','mobile_theme'), t("Theme for mobile devices"), $theme_choices_mobile),
// '$site_channel' => array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")), // '$site_channel' => array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")),
'$feed_contacts' => array('feed_contacts', t('Allow Feeds as Connections'),get_config('system','feed_contacts'),t('(Heavy system resource usage)')), '$feed_contacts' => array('feed_contacts', t('Allow Feeds as Connections'),get_config('system','feed_contacts'),t('(Heavy system resource usage)')),
'$maximagesize' => array('maximagesize', t("Maximum image size"), intval(get_config('system','maximagesize')), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")), '$maximagesize' => array('maximagesize', t("Maximum image size"), intval(get_config('system','maximagesize')), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")),
'$register_policy' => array('register_policy', t("Does this site allow new member registration?"), get_config('system','register_policy'), "", $register_choices), '$register_policy' => array('register_policy', t("Does this site allow new member registration?"), get_config('system','register_policy'), "", $register_choices),
'$invite_only' => array('invite_only', t("Invitation only"), get_config('system','invitation_only'), t("Only allow new member registrations with an invitation code. Above register policy must be set to Yes.")), '$invite_only' => array('invite_only', t("Invitation only"), get_config('system','invitation_only'), t("Only allow new member registrations with an invitation code. Above register policy must be set to Yes.")),
@ -302,9 +292,9 @@ class Site {
'$disable_discover_tab' => array('disable_discover_tab', t('Import Public Streams'), $discover_tab, t('Import and allow access to public content pulled from other sites. Warning: this content is unmoderated.')), '$disable_discover_tab' => array('disable_discover_tab', t('Import Public Streams'), $discover_tab, t('Import and allow access to public content pulled from other sites. Warning: this content is unmoderated.')),
'$login_on_homepage' => array('login_on_homepage', t("Login on Homepage"),((intval($homelogin) || $homelogin === false) ? 1 : '') , t("Present a login box to visitors on the home page if no other content has been configured.")), '$login_on_homepage' => array('login_on_homepage', t("Login on Homepage"),((intval($homelogin) || $homelogin === false) ? 1 : '') , t("Present a login box to visitors on the home page if no other content has been configured.")),
'$enable_context_help' => array('enable_context_help', t("Enable context help"),((intval($enable_context_help) === 1 || $enable_context_help === false) ? 1 : 0) , t("Display contextual help for the current page when the help button is pressed.")), '$enable_context_help' => array('enable_context_help', t("Enable context help"),((intval($enable_context_help) === 1 || $enable_context_help === false) ? 1 : 0) , t("Display contextual help for the current page when the help button is pressed.")),
'$directory_server' => (($dir_choices) ? array('directory_server', t("Directory Server URL"), get_config('system','directory_server'), t("Default directory server"), $dir_choices) : null), '$directory_server' => (($dir_choices) ? array('directory_server', t("Directory Server URL"), get_config('system','directory_server'), t("Default directory server"), $dir_choices) : null),
'$proxyuser' => array('proxyuser', t("Proxy user"), get_config('system','proxyuser'), ""), '$proxyuser' => array('proxyuser', t("Proxy user"), get_config('system','proxyuser'), ""),
'$proxy' => array('proxy', t("Proxy URL"), get_config('system','proxy'), ""), '$proxy' => array('proxy', t("Proxy URL"), get_config('system','proxy'), ""),
'$timeout' => array('timeout', t("Network timeout"), (x(get_config('system','curl_timeout'))?get_config('system','curl_timeout'):60), t("Value is in seconds. Set to 0 for unlimited (not recommended).")), '$timeout' => array('timeout', t("Network timeout"), (x(get_config('system','curl_timeout'))?get_config('system','curl_timeout'):60), t("Value is in seconds. Set to 0 for unlimited (not recommended).")),
@ -316,8 +306,5 @@ class Site {
'$form_security_token' => get_form_security_token("admin_site"), '$form_security_token' => get_form_security_token("admin_site"),
)); ));
} }
} }

53
Zotlabs/Module/Channel.php
View File

@ -1,6 +1,6 @@
<?php <?php
namespace Zotlabs\Module;
namespace Zotlabs\Module;
require_once('include/contact_widgets.php'); require_once('include/contact_widgets.php');
require_once('include/items.php'); require_once('include/items.php');
@ -10,6 +10,10 @@ require_once('include/conversation.php');
require_once('include/acl_selectors.php'); require_once('include/acl_selectors.php');
require_once('include/permissions.php'); require_once('include/permissions.php');
/**
* @brief Channel Controller
*
*/
class Channel extends \Zotlabs\Web\Controller { class Channel extends \Zotlabs\Web\Controller {
function init() { function init() {
@ -34,7 +38,7 @@ class Channel extends \Zotlabs\Web\Controller {
if((local_channel()) && (argc() > 2) && (argv(2) === 'view')) { if((local_channel()) && (argc() > 2) && (argv(2) === 'view')) {
$which = $channel['channel_address']; $which = $channel['channel_address'];
$profile = argv(1); $profile = argv(1);
} }
\App::$page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" title="' . t('Posts and comments') . '" href="' . z_root() . '/feed/' . $which . '" />' . "\r\n" ; \App::$page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" title="' . t('Posts and comments') . '" href="' . z_root() . '/feed/' . $which . '" />' . "\r\n" ;
@ -48,12 +52,10 @@ class Channel extends \Zotlabs\Web\Controller {
// we start loading content // we start loading content
profile_load($which,$profile); profile_load($which,$profile);
} }
function get($update = 0, $load = false) { function get($update = 0, $load = false) {
if($load) if($load)
$_SESSION['loadtime'] = datetime_convert(); $_SESSION['loadtime'] = datetime_convert();
@ -66,7 +68,7 @@ class Channel extends \Zotlabs\Web\Controller {
$datequery = ((x($_GET,'dend') && is_a_date_arg($_GET['dend'])) ? notags($_GET['dend']) : ''); $datequery = ((x($_GET,'dend') && is_a_date_arg($_GET['dend'])) ? notags($_GET['dend']) : '');
$datequery2 = ((x($_GET,'dbegin') && is_a_date_arg($_GET['dbegin'])) ? notags($_GET['dbegin']) : ''); $datequery2 = ((x($_GET,'dbegin') && is_a_date_arg($_GET['dbegin'])) ? notags($_GET['dbegin']) : '');
if(observer_prohibited(true)) { if(observer_prohibited(true)) {
return login(); return login();
} }
@ -114,9 +116,9 @@ class Channel extends \Zotlabs\Web\Controller {
if($channel && $is_owner) { if($channel && $is_owner) {
$channel_acl = array( $channel_acl = array(
'allow_cid' => $channel['channel_allow_cid'], 'allow_cid' => $channel['channel_allow_cid'],
'allow_gid' => $channel['channel_allow_gid'], 'allow_gid' => $channel['channel_allow_gid'],
'deny_cid' => $channel['channel_deny_cid'], 'deny_cid' => $channel['channel_deny_cid'],
'deny_gid' => $channel['channel_deny_gid'] 'deny_gid' => $channel['channel_deny_gid']
); );
} }
@ -143,9 +145,9 @@ class Channel extends \Zotlabs\Web\Controller {
'bbco_autocomplete' => 'bbcode', 'bbco_autocomplete' => 'bbcode',
'bbcode' => true, 'bbcode' => true,
'jotnets' => true 'jotnets' => true
); );
$o .= status_editor($a,$x); $o .= status_editor($a,$x);
} }
} }
@ -168,7 +170,7 @@ class Channel extends \Zotlabs\Web\Controller {
$simple_update = (($update) ? " AND item_unseen = 1 " : ''); $simple_update = (($update) ? " AND item_unseen = 1 " : '');
\App::$page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string) . '" title="oembed" />' . "\r\n"; \App::$page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string) . '" title="oembed" />' . "\r\n";
if($update && $_SESSION['loadtime']) if($update && $_SESSION['loadtime'])
$simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) "; $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) ";
if($load) if($load)
@ -183,7 +185,7 @@ class Channel extends \Zotlabs\Web\Controller {
intval(\App::$profile['profile_uid']) intval(\App::$profile['profile_uid'])
); );
$_SESSION['loadtime'] = datetime_convert(); $_SESSION['loadtime'] = datetime_convert();
} }
else { else {
$r = q("SELECT distinct parent AS item_id, created from item $r = q("SELECT distinct parent AS item_id, created from item
left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids ) left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids )
@ -201,10 +203,10 @@ class Channel extends \Zotlabs\Web\Controller {
else { else {
if(x($category)) { if(x($category)) {
$sql_extra .= protect_sprintf(term_query('item', $category, TERM_CATEGORY)); $sql_extra .= protect_sprintf(term_query('item', $category, TERM_CATEGORY));
} }
if(x($hashtags)) { if(x($hashtags)) {
$sql_extra .= protect_sprintf(term_query('item', $hashtags, TERM_HASHTAG, TERM_COMMUNITYTAG)); $sql_extra .= protect_sprintf(term_query('item', $hashtags, TERM_HASHTAG, TERM_COMMUNITYTAG));
} }
if($datequery) { if($datequery) {
@ -228,10 +230,9 @@ class Channel extends \Zotlabs\Web\Controller {
if (! $r) { if (! $r) {
notice( t('Permission denied.') . EOL); notice( t('Permission denied.') . EOL);
} }
}
}
else { else {
$r = q("SELECT distinct id AS item_id, created FROM item $r = q("SELECT distinct id AS item_id, created FROM item
left join abook on item.author_xchan = abook.abook_xchan left join abook on item.author_xchan = abook.abook_xchan
WHERE uid = %d $item_normal WHERE uid = %d $item_normal
AND item_wall = 1 and item_thread_top = 1 AND item_wall = 1 and item_thread_top = 1
@ -250,8 +251,8 @@ class Channel extends \Zotlabs\Web\Controller {
if($r) { if($r) {
$parents_str = ids_to_querystr($r,'item_id'); $parents_str = ids_to_querystr($r,'item_id');
$items = q("SELECT item.*, item.id AS item_id $items = q("SELECT item.*, item.id AS item_id
FROM item FROM item
WHERE item.uid = %d $item_normal WHERE item.uid = %d $item_normal
AND item.parent IN ( %s ) AND item.parent IN ( %s )
@ -270,8 +271,7 @@ class Channel extends \Zotlabs\Web\Controller {
notice( t('Permission denied.') . EOL); notice( t('Permission denied.') . EOL);
} }
} } else {
else {
$items = array(); $items = array();
} }
@ -285,7 +285,7 @@ class Channel extends \Zotlabs\Web\Controller {
$maxheight = 400; $maxheight = 400;
$o .= '<div id="live-channel"></div>' . "\r\n"; $o .= '<div id="live-channel"></div>' . "\r\n";
$o .= "<script> var profile_uid = " . \App::$profile['profile_uid'] $o .= "<script> var profile_uid = " . \App::$profile['profile_uid']
. "; var netargs = '?f='; var profile_page = " . \App::$pager['page'] . "; var netargs = '?f='; var profile_page = " . \App::$pager['page']
. "; divmore_height = " . intval($maxheight) . "; </script>\r\n"; . "; divmore_height = " . intval($maxheight) . "; </script>\r\n";
@ -317,7 +317,6 @@ class Channel extends \Zotlabs\Web\Controller {
'$dbegin' => $datequery2 '$dbegin' => $datequery2
)); ));
} }
$update_unseen = ''; $update_unseen = '';
@ -325,10 +324,10 @@ class Channel extends \Zotlabs\Web\Controller {
if($page_mode === 'list') { if($page_mode === 'list') {
/** /**
* in "list mode", only mark the parent item and any like activities as "seen". * in "list mode", only mark the parent item and any like activities as "seen".
* We won't distinguish between comment likes and post likes. The important thing * We won't distinguish between comment likes and post likes. The important thing
* is that the number of unseen comments will be accurate. The SQL to separate the * is that the number of unseen comments will be accurate. The SQL to separate the
* comment likes could also get somewhat hairy. * comment likes could also get somewhat hairy.
*/ */
if($parents_str) { if($parents_str) {
@ -351,7 +350,7 @@ class Channel extends \Zotlabs\Web\Controller {
if($checkjs->disabled()) { if($checkjs->disabled()) {
$o .= conversation($a,$items,'channel',$update,'traditional'); $o .= conversation($a,$items,'channel',$update,'traditional');
} }
else { else {
$o .= conversation($a,$items,'channel',$update,$page_mode); $o .= conversation($a,$items,'channel',$update,$page_mode);
} }
@ -362,7 +361,7 @@ class Channel extends \Zotlabs\Web\Controller {
\App::$page['title'] = $items[0]['title'] . " - " . \App::$page['title']; \App::$page['title'] = $items[0]['title'] . " - " . \App::$page['title'];
} }
if($mid) if($mid)
$o .= '<div id="content-complete"></div>'; $o .= '<div id="content-complete"></div>';
return $o; return $o;

51
Zotlabs/Module/Cloud.php
View File

@ -1,7 +1,7 @@
<?php <?php
namespace Zotlabs\Module; namespace Zotlabs\Module;
/** /**
* @file mod/cloud.php * @file Zotlabs/Module/Cloud.php
* @brief Initialize Hubzilla's cloud (SabreDAV). * @brief Initialize Hubzilla's cloud (SabreDAV).
* *
* Module for accessing the DAV storage area. * Module for accessing the DAV storage area.
@ -17,34 +17,35 @@ require_once('include/attach.php');
/** /**
* @brief Fires up the SabreDAV server. * @brief Cloud Module.
* *
* @param App &$a
*/ */
class Cloud extends \Zotlabs\Web\Controller { class Cloud extends \Zotlabs\Web\Controller {
/**
* @brief Fires up the SabreDAV server.
*
*/
function init() { function init() {
if (! is_dir('store')) if (! is_dir('store'))
os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false); os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false);
$which = null; $which = null;
if (argc() > 1) if (argc() > 1)
$which = argv(1); $which = argv(1);
$profile = 0; $profile = 0;
\App::$page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . z_root() . '/feed/' . $which . '" />' . "\r\n"; \App::$page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . z_root() . '/feed/' . $which . '" />' . "\r\n";
if ($which) if ($which)
profile_load( $which, $profile); profile_load( $which, $profile);
$auth = new \Zotlabs\Storage\BasicAuth(); $auth = new \Zotlabs\Storage\BasicAuth();
$ob_hash = get_observer_hash(); $ob_hash = get_observer_hash();
if ($ob_hash) { if ($ob_hash) {
if (local_channel()) { if (local_channel()) {
$channel = \App::get_channel(); $channel = \App::get_channel();
@ -57,40 +58,40 @@ class Cloud extends \Zotlabs\Web\Controller {
} }
$auth->observer = $ob_hash; $auth->observer = $ob_hash;
} }
if ($_GET['davguest']) if ($_GET['davguest'])
$_SESSION['davguest'] = true; $_SESSION['davguest'] = true;
$_SERVER['QUERY_STRING'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['QUERY_STRING']); $_SERVER['QUERY_STRING'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['QUERY_STRING']);
$_SERVER['QUERY_STRING'] = strip_zids($_SERVER['QUERY_STRING']); $_SERVER['QUERY_STRING'] = strip_zids($_SERVER['QUERY_STRING']);
$_SERVER['QUERY_STRING'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism', '', $_SERVER['QUERY_STRING']); $_SERVER['QUERY_STRING'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism', '', $_SERVER['QUERY_STRING']);
$_SERVER['REQUEST_URI'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['REQUEST_URI']); $_SERVER['REQUEST_URI'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['REQUEST_URI']);
$_SERVER['REQUEST_URI'] = strip_zids($_SERVER['REQUEST_URI']); $_SERVER['REQUEST_URI'] = strip_zids($_SERVER['REQUEST_URI']);
$_SERVER['REQUEST_URI'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism', '', $_SERVER['REQUEST_URI']); $_SERVER['REQUEST_URI'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism', '', $_SERVER['REQUEST_URI']);
$rootDirectory = new \Zotlabs\Storage\Directory('/', $auth); $rootDirectory = new \Zotlabs\Storage\Directory('/', $auth);
// A SabreDAV server-object // A SabreDAV server-object
$server = new SDAV\Server($rootDirectory); $server = new SDAV\Server($rootDirectory);
// prevent overwriting changes each other with a lock backend // prevent overwriting changes each other with a lock backend
$lockBackend = new SDAV\Locks\Backend\File('store/[data]/locks'); $lockBackend = new SDAV\Locks\Backend\File('store/[data]/locks');
$lockPlugin = new SDAV\Locks\Plugin($lockBackend); $lockPlugin = new SDAV\Locks\Plugin($lockBackend);
$server->addPlugin($lockPlugin); $server->addPlugin($lockPlugin);
$is_readable = false; $is_readable = false;
// provide a directory view for the cloud in Hubzilla // provide a directory view for the cloud in Hubzilla
$browser = new \Zotlabs\Storage\Browser($auth); $browser = new \Zotlabs\Storage\Browser($auth);
$auth->setBrowserPlugin($browser); $auth->setBrowserPlugin($browser);
$server->addPlugin($browser); $server->addPlugin($browser);
// Experimental QuotaPlugin // Experimental QuotaPlugin
// require_once('\Zotlabs\Storage/QuotaPlugin.php'); // require_once('\Zotlabs\Storage/QuotaPlugin.php');
// $server->addPlugin(new \Zotlabs\Storage\\QuotaPlugin($auth)); // $server->addPlugin(new \Zotlabs\Storage\\QuotaPlugin($auth));
ob_start(); ob_start();
// All we need to do now, is to fire up the server // All we need to do now, is to fire up the server
$server->exec(); $server->exec();
@ -99,5 +100,5 @@ class Cloud extends \Zotlabs\Web\Controller {
killme(); killme();
} }
} }

36
Zotlabs/Module/Dav.php
View File

@ -1,13 +1,13 @@
<?php <?php
namespace Zotlabs\Module;
/** /**
* @file mod/dav.php * @file Zotlabs/Module/Dav.php
* @brief Initialize Hubzilla's cloud (SabreDAV). * @brief Initialize Hubzilla's cloud (SabreDAV).
* *
* Module for accessing the DAV storage area from a DAV client. * Module for accessing the DAV storage area from a DAV client.
*/ */
namespace Zotlabs\Module;
use \Sabre\DAV as SDAV; use \Sabre\DAV as SDAV;
use \Zotlabs\Storage; use \Zotlabs\Storage;
@ -16,16 +16,14 @@ require_once('vendor/autoload.php');
require_once('include/attach.php'); require_once('include/attach.php');
/**
* @brief Fires up the SabreDAV server.
*
* @param App &$a
*/
class Dav extends \Zotlabs\Web\Controller { class Dav extends \Zotlabs\Web\Controller {
/**
* @brief Fires up the SabreDAV server.
*
*/
function init() { function init() {
// workaround for HTTP-auth in CGI mode // workaround for HTTP-auth in CGI mode
if (x($_SERVER, 'REDIRECT_REMOTE_USER')) { if (x($_SERVER, 'REDIRECT_REMOTE_USER')) {
$userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)) ; $userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)) ;
@ -47,16 +45,16 @@ class Dav extends \Zotlabs\Web\Controller {
if (! is_dir('store')) if (! is_dir('store'))
os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false); os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false);
if (argc() > 1) if (argc() > 1)
profile_load(argv(1),0); profile_load(argv(1),0);
$auth = new \Zotlabs\Storage\BasicAuth(); $auth = new \Zotlabs\Storage\BasicAuth();
$auth->setRealm(ucfirst(\Zotlabs\Lib\System::get_platform_name()) . ' ' . 'WebDAV'); $auth->setRealm(ucfirst(\Zotlabs\Lib\System::get_platform_name()) . ' ' . 'WebDAV');
$rootDirectory = new \Zotlabs\Storage\Directory('/', $auth); $rootDirectory = new \Zotlabs\Storage\Directory('/', $auth);
// A SabreDAV server-object // A SabreDAV server-object
$server = new SDAV\Server($rootDirectory); $server = new SDAV\Server($rootDirectory);
@ -68,21 +66,21 @@ class Dav extends \Zotlabs\Web\Controller {
// prevent overwriting changes each other with a lock backend // prevent overwriting changes each other with a lock backend
$lockBackend = new SDAV\Locks\Backend\File('store/[data]/locks'); $lockBackend = new SDAV\Locks\Backend\File('store/[data]/locks');
$lockPlugin = new SDAV\Locks\Plugin($lockBackend); $lockPlugin = new SDAV\Locks\Plugin($lockBackend);
$server->addPlugin($lockPlugin); $server->addPlugin($lockPlugin);
// provide a directory view for the cloud in Hubzilla // provide a directory view for the cloud in Hubzilla
$browser = new \Zotlabs\Storage\Browser($auth); $browser = new \Zotlabs\Storage\Browser($auth);
$auth->setBrowserPlugin($browser); $auth->setBrowserPlugin($browser);
// Experimental QuotaPlugin // Experimental QuotaPlugin
// require_once('Zotlabs/Storage/QuotaPlugin.php'); // require_once('Zotlabs/Storage/QuotaPlugin.php');
// $server->addPlugin(new \Zotlabs\Storage\QuotaPlugin($auth)); // $server->addPlugin(new \Zotlabs\Storage\QuotaPlugin($auth));
// All we need to do now, is to fire up the server // All we need to do now, is to fire up the server
$server->exec(); $server->exec();
killme(); killme();
} }
} }

216
Zotlabs/Module/Embedphotos.php
View File

@ -1,97 +1,96 @@
<?php <?php
namespace Zotlabs\Module; namespace Zotlabs\Module;
/** /**
* @brief
* *
* This is the POST destination for the embedphotos button */
*
*/
class Embedphotos extends \Zotlabs\Web\Controller { class Embedphotos extends \Zotlabs\Web\Controller {
function get() { function get() {
} }
/**
*
* This is the POST destination for the embedphotos button
*
*/
function post() { function post() {
if (argc() > 1 && argv(1) === 'album') {
if (argc() > 1 && argv(1) === 'album') { // API: /embedphotos/album
// API: /embedphotos/album $name = (x($_POST,'name') ? $_POST['name'] : null );
$name = (x($_POST,'name') ? $_POST['name'] : null ); if(!$name) {
if (!$name) { json_return_and_die(array('errormsg' => 'Error retrieving album', 'status' => false));
json_return_and_die(array('errormsg' => 'Error retrieving album', 'status' => false)); }
} $album = $this->embedphotos_widget_album(array('channel' => \App::get_channel(), 'album' => $name));
$album = $this->embedphotos_widget_album(array('channel' => \App::get_channel(), 'album' => $name)); json_return_and_die(array('status' => true, 'content' => $album));
json_return_and_die(array('status' => true, 'content' => $album)); }
if(argc() > 1 && argv(1) === 'albumlist') {
} // API: /embedphotos/albumlist
if (argc() > 1 && argv(1) === 'albumlist') { $album_list = $this->embedphotos_album_list($a);
// API: /embedphotos/albumlist json_return_and_die(array('status' => true, 'albumlist' => $album_list));
$album_list = $this->embedphotos_album_list($a); }
json_return_and_die(array('status' => true, 'albumlist' => $album_list)); if(argc() > 1 && argv(1) === 'photolink') {
// API: /embedphotos/photolink
} $href = (x($_POST,'href') ? $_POST['href'] : null );
if (argc() > 1 && argv(1) === 'photolink') { if(!$href) {
// API: /embedphotos/photolink json_return_and_die(array('errormsg' => 'Error retrieving link ' . $href, 'status' => false));
$href = (x($_POST,'href') ? $_POST['href'] : null ); }
if (!$href) { $resource_id = array_pop(explode("/", $href));
json_return_and_die(array('errormsg' => 'Error retrieving link ' . $href, 'status' => false)); $r = q("SELECT obj from item where resource_type = 'photo' and resource_id = '%s' limit 1",
} dbesc($resource_id)
$resource_id = array_pop(explode("/", $href)); );
$r = q("SELECT obj from item where resource_type = 'photo' and resource_id = '%s' limit 1", if(!$r) {
dbesc($resource_id) json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false));
); }
if(!$r) { $obj = json_decode($r[0]['obj'], true);
json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false)); if(x($obj,'body')) {
} $photolink = $obj['body'];
$obj = json_decode($r[0]['obj'], true); } elseif (x($obj,'bbcode')) {
if(x($obj,'body')) { $photolink = $obj['bbcode'];
$photolink = $obj['body']; } else {
} elseif (x($obj,'bbcode')) { json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false));
$photolink = $obj['bbcode']; }
} else { json_return_and_die(array('status' => true, 'photolink' => $photolink));
json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false)); }
}
json_return_and_die(array('status' => true, 'photolink' => $photolink));
}
} }
/**
* Copied from include/widgets.php::widget_album() with a modification to get the profile_uid from
* the input array as in widget_item()
* @param type $name
* @return string
*/
function embedphotos_widget_album($args) {
$channel_id = 0; /**
if(array_key_exists('channel',$args)) * Copied from include/widgets.php::widget_album() with a modification to get the profile_uid from
$channel = $args['channel']; * the input array as in widget_item()
$channel_id = intval($channel['channel_id']); *
if(! $channel_id) * @param array $args
$channel_id = \App::$profile_uid; * @return string with HTML
if(! $channel_id) */
return ''; function embedphotos_widget_album($args) {
$channel_id = 0;
if(array_key_exists('channel', $args))
$channel = $args['channel'];
$channel_id = intval($channel['channel_id']);
if(! $channel_id)
$channel_id = \App::$profile_uid;
if(! $channel_id)
return '';
$owner_uid = $channel_id; $owner_uid = $channel_id;
require_once('include/security.php'); require_once('include/security.php');
$sql_extra = permissions_sql($channel_id); $sql_extra = permissions_sql($channel_id);
if(! perm_is_allowed($channel_id,get_observer_hash(),'view_storage')) if(! perm_is_allowed($channel_id,get_observer_hash(),'view_storage'))
return ''; return '';
if($args['album']) if($args['album'])
$album = $args['album']; $album = $args['album'];
if($args['title']) if($args['title'])
$title = $args['title']; $title = $args['title'];
/** /**
* This may return incorrect permissions if you have multiple directories of the same name. * This may return incorrect permissions if you have multiple directories of the same name.
* It is a limitation of the photo table using a name for a photo album instead of a folder hash * It is a limitation of the photo table using a name for a photo album instead of a folder hash
*/ */
if($album) { if($album) {
$x = q("select hash from attach where filename = '%s' and uid = %d limit 1", $x = q("select hash from attach where filename = '%s' and uid = %d limit 1",
dbesc($album), dbesc($album),
@ -107,34 +106,33 @@ function embedphotos_widget_album($args) {
$order = 'DESC'; $order = 'DESC';
$r = q("SELECT p.resource_id, p.id, p.filename, p.mimetype, p.imgscale, p.description, p.created FROM photo p INNER JOIN $r = q("SELECT p.resource_id, p.id, p.filename, p.mimetype, p.imgscale, p.description, p.created FROM photo p INNER JOIN
(SELECT resource_id, max(imgscale) imgscale FROM photo WHERE uid = %d AND album = '%s' AND imgscale <= 4 AND photo_usage IN ( %d, %d ) $sql_extra GROUP BY resource_id) ph (SELECT resource_id, max(imgscale) imgscale FROM photo WHERE uid = %d AND album = '%s' AND imgscale <= 4 AND photo_usage IN ( %d, %d ) $sql_extra GROUP BY resource_id) ph
ON (p.resource_id = ph.resource_id AND p.imgscale = ph.imgscale) ON (p.resource_id = ph.resource_id AND p.imgscale = ph.imgscale)
ORDER BY created $order", ORDER BY created $order",
intval($owner_uid), intval($owner_uid),
dbesc($album), dbesc($album),
intval(PHOTO_NORMAL), intval(PHOTO_NORMAL),
intval(PHOTO_PROFILE) intval(PHOTO_PROFILE)
); );
$photos = array(); $photos = array();
if(count($r)) { if(count($r)) {
$twist = 'rotright'; $twist = 'rotright';
foreach($r as $rr) { foreach($r as $rr) {
if($twist == 'rotright')
if($twist == 'rotright') $twist = 'rotleft';
$twist = 'rotleft'; else
else $twist = 'rotright';
$twist = 'rotright';
$ext = $phototypes[$rr['mimetype']];
$ext = $phototypes[$rr['mimetype']];
$imgalt_e = $rr['filename'];
$imgalt_e = $rr['filename']; $desc_e = $rr['description'];
$desc_e = $rr['description'];
$imagelink = (z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $rr['resource_id']
$imagelink = (z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $rr['resource_id']
. (($_GET['order'] === 'posted') ? '?f=&order=posted' : '')); . (($_GET['order'] === 'posted') ? '?f=&order=posted' : ''));
$photos[] = array( $photos[] = array(
'id' => $rr['id'], 'id' => $rr['id'],
'twist' => ' ' . $twist . rand(2,4), 'twist' => ' ' . $twist . rand(2,4),
'link' => $imagelink, 'link' => $imagelink,
@ -146,8 +144,8 @@ function embedphotos_widget_album($args) {
'hash'=> $rr['resource_id'], 'hash'=> $rr['resource_id'],
'unknown' => t('Unknown') 'unknown' => t('Unknown')
); );
}
} }
}
$tpl = get_markup_template('photo_album.tpl'); $tpl = get_markup_template('photo_album.tpl');
$o .= replace_macros($tpl, array( $o .= replace_macros($tpl, array(
@ -163,18 +161,16 @@ function embedphotos_widget_album($args) {
)); ));
return $o; return $o;
} }
function embedphotos_album_list($a) {
function embedphotos_album_list($a) { require_once('include/photos.php');
$o = ''; $p = photos_albums_list(\App::get_channel(), \App::get_observer());
require_once('include/photos.php'); if($p['success']) {
$p = photos_albums_list(\App::get_channel(), \App::get_observer()); return $p['albums'];
if ($p['success']) { } else {
return $p['albums']; return null;
} else { }
return null; }
}
}
} }

74
Zotlabs/Module/Filestorage.php
View File

@ -1,7 +1,7 @@
<?php <?php
namespace Zotlabs\Module; namespace Zotlabs\Module;
/** /**
* @file mod/filestorage.php * @file Zotlabs/Module/Filestorage.php
* *
*/ */
@ -16,43 +16,43 @@ require_once('include/attach.php');
class Filestorage extends \Zotlabs\Web\Controller { class Filestorage extends \Zotlabs\Web\Controller {
function post() { function post() {
$channel_id = ((x($_POST, 'uid')) ? intval($_POST['uid']) : 0); $channel_id = ((x($_POST, 'uid')) ? intval($_POST['uid']) : 0);
if((! $channel_id) || (! local_channel()) || ($channel_id != local_channel())) { if((! $channel_id) || (! local_channel()) || ($channel_id != local_channel())) {
notice( t('Permission denied.') . EOL); notice( t('Permission denied.') . EOL);
return; return;
} }
$recurse = ((x($_POST, 'recurse')) ? intval($_POST['recurse']) : 0); $recurse = ((x($_POST, 'recurse')) ? intval($_POST['recurse']) : 0);
$resource = ((x($_POST, 'filehash')) ? notags($_POST['filehash']) : ''); $resource = ((x($_POST, 'filehash')) ? notags($_POST['filehash']) : '');
$notify = ((x($_POST, 'notify')) ? intval($_POST['notify']) : 0); $notify = ((x($_POST, 'notify')) ? intval($_POST['notify']) : 0);
if(! $resource) { if(! $resource) {
notice(t('Item not found.') . EOL); notice(t('Item not found.') . EOL);
return; return;
} }
$channel = \App::get_channel(); $channel = \App::get_channel();
$acl = new \Zotlabs\Access\AccessList($channel); $acl = new \Zotlabs\Access\AccessList($channel);
$acl->set_from_array($_REQUEST); $acl->set_from_array($_REQUEST);
$x = $acl->get(); $x = $acl->get();
$cloudPath = get_parent_cloudpath($channel_id, $channel['channel_address'], $resource); $cloudPath = get_parent_cloudpath($channel_id, $channel['channel_address'], $resource);
//get the object before permissions change so we can catch eventual former allowed members //get the object before permissions change so we can catch eventual former allowed members
$object = get_file_activity_object($channel_id, $resource, $cloudPath); $object = get_file_activity_object($channel_id, $resource, $cloudPath);
attach_change_permissions($channel_id, $resource, $x['allow_cid'], $x['allow_gid'], $x['deny_cid'], $x['deny_gid'], $recurse, true); attach_change_permissions($channel_id, $resource, $x['allow_cid'], $x['allow_gid'], $x['deny_cid'], $x['deny_gid'], $recurse, true);
file_activity($channel_id, $object, $x['allow_cid'], $x['allow_gid'], $x['deny_cid'], $x['deny_gid'], 'post', $notify); file_activity($channel_id, $object, $x['allow_cid'], $x['allow_gid'], $x['deny_cid'], $x['deny_gid'], 'post', $notify);
goaway($cloudPath); goaway($cloudPath);
} }
function get() { function get() {
if(argc() > 1) if(argc() > 1)
$which = argv(1); $which = argv(1);
else { else {
@ -60,7 +60,7 @@ class Filestorage extends \Zotlabs\Web\Controller {
\App::$error = 404; \App::$error = 404;
return; return;
} }
$r = q("select * from channel where channel_address = '%s'", $r = q("select * from channel where channel_address = '%s'",
dbesc($which) dbesc($which)
); );
@ -68,32 +68,32 @@ class Filestorage extends \Zotlabs\Web\Controller {
$channel = $r[0]; $channel = $r[0];
$owner = intval($r[0]['channel_id']); $owner = intval($r[0]['channel_id']);
} }
$observer = \App::get_observer(); $observer = \App::get_observer();
$ob_hash = (($observer) ? $observer['xchan_hash'] : ''); $ob_hash = (($observer) ? $observer['xchan_hash'] : '');
$perms = get_all_perms($owner, $ob_hash); $perms = get_all_perms($owner, $ob_hash);
if(! $perms['view_storage']) { if(! $perms['view_storage']) {
notice( t('Permission denied.') . EOL); notice( t('Permission denied.') . EOL);
return; return;
} }
// Since we have ACL'd files in the wild, but don't have ACL here yet, we // Since we have ACL'd files in the wild, but don't have ACL here yet, we
// need to return for anyone other than the owner, despite the perms check for now. // need to return for anyone other than the owner, despite the perms check for now.
$is_owner = (((local_channel()) && ($owner == local_channel())) ? true : false); $is_owner = (((local_channel()) && ($owner == local_channel())) ? true : false);
if(! $is_owner) { if(! $is_owner) {
info( t('Permission Denied.') . EOL ); info( t('Permission Denied.') . EOL );
return; return;
} }
if(argc() > 3 && argv(3) === 'delete') { if(argc() > 3 && argv(3) === 'delete') {
if(! $perms['write_storage']) { if(! $perms['write_storage']) {
notice( t('Permission denied.') . EOL); notice( t('Permission denied.') . EOL);
return; return;
} }
$file = intval(argv(2)); $file = intval(argv(2));
$r = q("SELECT hash FROM attach WHERE id = %d AND uid = %d LIMIT 1", $r = q("SELECT hash FROM attach WHERE id = %d AND uid = %d LIMIT 1",
dbesc($file), dbesc($file),
@ -103,17 +103,17 @@ class Filestorage extends \Zotlabs\Web\Controller {
notice( t('File not found.') . EOL); notice( t('File not found.') . EOL);
goaway(z_root() . '/cloud/' . $which); goaway(z_root() . '/cloud/' . $which);
} }
$f = $r[0]; $f = $r[0];
$channel = \App::get_channel(); $channel = \App::get_channel();
$parentpath = get_parent_cloudpath($channel['channel_id'], $channel['channel_address'], $f['hash']); $parentpath = get_parent_cloudpath($channel['channel_id'], $channel['channel_address'], $f['hash']);
attach_delete($owner, $f['hash']); attach_delete($owner, $f['hash']);
goaway($parentpath); goaway($parentpath);
} }
if(argc() > 3 && argv(3) === 'edit') { if(argc() > 3 && argv(3) === 'edit') {
require_once('include/acl_selectors.php'); require_once('include/acl_selectors.php');
if(! $perms['write_storage']) { if(! $perms['write_storage']) {
@ -121,23 +121,23 @@ class Filestorage extends \Zotlabs\Web\Controller {
return; return;
} }
$file = intval(argv(2)); $file = intval(argv(2));
$r = q("select id, uid, folder, filename, revision, flags, is_dir, os_storage, hash, allow_cid, allow_gid, deny_cid, deny_gid from attach where id = %d and uid = %d limit 1", $r = q("select id, uid, folder, filename, revision, flags, is_dir, os_storage, hash, allow_cid, allow_gid, deny_cid, deny_gid from attach where id = %d and uid = %d limit 1",
intval($file), intval($file),
intval($owner) intval($owner)
); );
$f = $r[0]; $f = $r[0];
$channel = \App::get_channel(); $channel = \App::get_channel();
$cloudpath = get_cloudpath($f) . (intval($f['is_dir']) ? '?f=&davguest=1' : ''); $cloudpath = get_cloudpath($f) . (intval($f['is_dir']) ? '?f=&davguest=1' : '');
$parentpath = get_parent_cloudpath($channel['channel_id'], $channel['channel_address'], $f['hash']); $parentpath = get_parent_cloudpath($channel['channel_id'], $channel['channel_address'], $f['hash']);
$aclselect_e = populate_acl($f, false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_storage')); $aclselect_e = populate_acl($f, false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_storage'));
$is_a_dir = (intval($f['is_dir']) ? true : false); $is_a_dir = (intval($f['is_dir']) ? true : false);
$lockstate = (($f['allow_cid'] || $f['allow_gid'] || $f['deny_cid'] || $f['deny_gid']) ? 'lock' : 'unlock'); $lockstate = (($f['allow_cid'] || $f['allow_gid'] || $f['deny_cid'] || $f['deny_gid']) ? 'lock' : 'unlock');
// Encode path that is used for link so it's a valid URL // Encode path that is used for link so it's a valid URL
// Keep slashes as slashes, otherwise mod_rewrite doesn't work correctly // Keep slashes as slashes, otherwise mod_rewrite doesn't work correctly
$encoded_path = str_replace('%2F', '/', rawurlencode($cloudpath)); $encoded_path = str_replace('%2F', '/', rawurlencode($cloudpath));
@ -167,12 +167,12 @@ class Filestorage extends \Zotlabs\Web\Controller {
'$link_btn_title' => t('Show URL to this file'), '$link_btn_title' => t('Show URL to this file'),
'$notify' => array('notify', t('Notify your contacts about this file'), 0, '', array(t('No'), t('Yes'))), '$notify' => array('notify', t('Notify your contacts about this file'), 0, '', array(t('No'), t('Yes'))),
)); ));
echo $o; echo $o;
killme(); killme();
} }
goaway(z_root() . '/cloud/' . $which); goaway(z_root() . '/cloud/' . $which);
} }
} }

38
Zotlabs/Module/Help.php
View File

@ -1,66 +1,56 @@
<?php <?php
namespace Zotlabs\Module; namespace Zotlabs\Module;
require_once('include/help.php'); require_once('include/help.php');
/** /**
* You can create local site resources in doc/Site.md and either link to doc/Home.md for the standard resources * You can create local site resources in doc/Site.md and either link to doc/Home.md for the standard resources
* or use our include mechanism to include it on your local page. * or use our include mechanism to include it on your local page.
* *@code
* #include doc/Home.md; * #include doc/Home.md;
*@endcode
* *
* The syntax is somewhat strict. * The syntax is somewhat strict.
*
*/ */
class Help extends \Zotlabs\Web\Controller { class Help extends \Zotlabs\Web\Controller {
function get() { function get() {
nav_set_selected('help'); nav_set_selected('help');
if($_REQUEST['search']) { if($_REQUEST['search']) {
$o .= '<div id="help-content" class="generic-content-wrapper">'; $o .= '<div id="help-content" class="generic-content-wrapper">';
$o .= '<div class="section-title-wrapper">'; $o .= '<div class="section-title-wrapper">';
$o .= '<h2>' . t('Documentation Search') . ' - ' . htmlspecialchars($_REQUEST['search']) . '</h2>'; $o .= '<h2>' . t('Documentation Search') . ' - ' . htmlspecialchars($_REQUEST['search']) . '</h2>';
$o .= '</div>'; $o .= '</div>';
$o .= '<div class="section-content-wrapper">'; $o .= '<div class="section-content-wrapper">';
$r = search_doc_files($_REQUEST['search']); $r = search_doc_files($_REQUEST['search']);
if($r) { if($r) {
$o .= '<ul class="help-searchlist">'; $o .= '<ul class="help-searchlist">';
foreach($r as $rr) { foreach($r as $rr) {
$dirname = dirname($rr['v']); $dirname = dirname($rr['v']);
$fname = basename($rr['v']); $fname = basename($rr['v']);
$fname = substr($fname,0,strrpos($fname,'.')); $fname = substr($fname, 0, strrpos($fname, '.'));
$path = trim(substr($dirname,4),'/'); $path = trim(substr($dirname, 4), '/');
$o .= '<li><a href="help/' . (($path) ? $path . '/' : '') . $fname . '" >' . ucwords(str_replace('_',' ',notags($fname))) . '</a><br />' $o .= '<li><a href="help/' . (($path) ? $path . '/' : '') . $fname . '" >' . ucwords(str_replace('_',' ',notags($fname))) . '</a><br>'
. '<b><i>' . 'help/' . (($path) ? $path . '/' : '') . $fname . '</i></b><br />' . . '<b><i>' . 'help/' . (($path) ? $path . '/' : '') . $fname . '</i></b><br>'
'...' . str_replace('$Projectname',\Zotlabs\Lib\System::get_platform_name(),$rr['text']) . '...<br /><br /></li>'; . '...' . str_replace('$Projectname', \Zotlabs\Lib\System::get_platform_name(), $rr['text']) . '...<br><br></li>';
} }
$o .= '</ul>'; $o .= '</ul>';
$o .= '</div>'; $o .= '</div>';
$o .= '</div>'; $o .= '</div>';
} }
return $o; return $o;
} }
$content = get_help_content(); $content = get_help_content();
return replace_macros(get_markup_template('help.tpl'), array(
return replace_macros(get_markup_template("help.tpl"), array(
'$title' => t('$Projectname Documentation'), '$title' => t('$Projectname Documentation'),
'$content' => $content '$content' => $content
)); ));
} }
} }

207
Zotlabs/Module/Ping.php
View File

@ -1,32 +1,27 @@
<?php <?php
namespace Zotlabs\Module;
/** namespace Zotlabs\Module;
* @file mod/ping.php
*
*/
require_once('include/bbcode.php'); require_once('include/bbcode.php');
/** /**
* @brief do several updates when pinged. * @brief Ping Controller.
* *
* This function does several tasks. Whenever called it checks for new messages,
* introductions, notifications, etc. and returns a json with the results.
*
* @param App &$a
* @result JSON
*/ */
class Ping extends \Zotlabs\Web\Controller { class Ping extends \Zotlabs\Web\Controller {
/**
* @brief do several updates when pinged.
*
* This function does several tasks. Whenever called it checks for new messages,
* introductions, notifications, etc. and returns a json with the results.
*
* @result JSON
*/
function init() { function init() {
$result = array(); $result = array();
$notifs = array(); $notifs = array();
$result['notify'] = 0; $result['notify'] = 0;
$result['home'] = 0; $result['home'] = 0;
$result['network'] = 0; $result['network'] = 0;
@ -41,45 +36,45 @@ class Ping extends \Zotlabs\Web\Controller {
$result['all_events_today'] = 0; $result['all_events_today'] = 0;
$result['notice'] = array(); $result['notice'] = array();
$result['info'] = array(); $result['info'] = array();
$t0 = dba_timer(); $t0 = dba_timer();
header("content-type: application/json"); header("content-type: application/json");
$vnotify = false; $vnotify = false;
$item_normal = item_normal(); $item_normal = item_normal();
if(local_channel()) { if(local_channel()) {
$vnotify = get_pconfig(local_channel(),'system','vnotify'); $vnotify = get_pconfig(local_channel(),'system','vnotify');
$evdays = intval(get_pconfig(local_channel(),'system','evdays')); $evdays = intval(get_pconfig(local_channel(),'system','evdays'));
$ob_hash = get_observer_hash(); $ob_hash = get_observer_hash();
} }
// if unset show all visual notification types // if unset show all visual notification types
if($vnotify === false) if($vnotify === false)
$vnotify = (-1); $vnotify = (-1);
if($evdays < 1) if($evdays < 1)
$evdays = 3; $evdays = 3;
/** /**
* If you have several windows open to this site and switch to a different channel * If you have several windows open to this site and switch to a different channel
* in one of them, the others may get into a confused state showing you a page or options * in one of them, the others may get into a confused state showing you a page or options
* on that page which were only valid under the old identity. You session has changed. * on that page which were only valid under the old identity. You session has changed.
* Therefore we send a notification of this fact back to the browser where it is picked up * Therefore we send a notification of this fact back to the browser where it is picked up
* in javascript and which reloads the page it is on so that it is valid under the context * in javascript and which reloads the page it is on so that it is valid under the context
* of the now current channel. * of the now current channel.
*/ */
$result['invalid'] = ((intval($_GET['uid'])) && (intval($_GET['uid']) != local_channel()) ? 1 : 0); $result['invalid'] = ((intval($_GET['uid'])) && (intval($_GET['uid']) != local_channel()) ? 1 : 0);
/** /**
* Send all system messages (alerts) to the browser. * Send all system messages (alerts) to the browser.
* Some are marked as informational and some represent * Some are marked as informational and some represent
* errors or serious notifications. These typically * errors or serious notifications. These typically
* will popup on the current page (no matter what page it is) * will popup on the current page (no matter what page it is)
*/ */
if(x($_SESSION, 'sysmsg')){ if(x($_SESSION, 'sysmsg')){
foreach ($_SESSION['sysmsg'] as $m){ foreach ($_SESSION['sysmsg'] as $m){
$result['notice'][] = array('message' => $m); $result['notice'][] = array('message' => $m);
@ -96,17 +91,16 @@ class Ping extends \Zotlabs\Web\Controller {
$result['info'] = array(); $result['info'] = array();
if(! ($vnotify & VNOTIFY_ALERT)) if(! ($vnotify & VNOTIFY_ALERT))
$result['notice'] = array(); $result['notice'] = array();
if(\App::$install) { if(\App::$install) {
echo json_encode($result); echo json_encode($result);
killme(); killme();
} }
/** /**
* Update chat presence indication (if applicable) * Update chat presence indication (if applicable)
*/ */
if(get_observer_hash() && (! $result['invalid'])) { if(get_observer_hash() && (! $result['invalid'])) {
$r = q("select cp_id, cp_room from chatpresence where cp_xchan = '%s' and cp_client = '%s' and cp_room = 0 limit 1", $r = q("select cp_id, cp_room from chatpresence where cp_xchan = '%s' and cp_client = '%s' and cp_room = 0 limit 1",
dbesc(get_observer_hash()), dbesc(get_observer_hash()),
@ -114,7 +108,7 @@ class Ping extends \Zotlabs\Web\Controller {
); );
$basic_presence = false; $basic_presence = false;
if($r) { if($r) {
$basic_presence = true; $basic_presence = true;
q("update chatpresence set cp_last = '%s' where cp_id = %d", q("update chatpresence set cp_last = '%s' where cp_id = %d",
dbesc(datetime_convert()), dbesc(datetime_convert()),
intval($r[0]['cp_id']) intval($r[0]['cp_id'])
@ -130,40 +124,39 @@ class Ping extends \Zotlabs\Web\Controller {
); );
} }
} }
/** /**
* Chatpresence continued... if somebody hasn't pinged recently, they've most likely left the page * Chatpresence continued... if somebody hasn't pinged recently, they've most likely left the page
* and shouldn't count as online anymore. We allow an expection for bots. * and shouldn't count as online anymore. We allow an expection for bots.
*/ */
q("delete from chatpresence where cp_last < %s - INTERVAL %s and cp_client != 'auto' ", q("delete from chatpresence where cp_last < %s - INTERVAL %s and cp_client != 'auto' ",
db_utcnow(), db_quoteinterval('3 MINUTE') db_utcnow(), db_quoteinterval('3 MINUTE')
); );
if((! local_channel()) || ($result['invalid'])) { if((! local_channel()) || ($result['invalid'])) {
echo json_encode($result); echo json_encode($result);
killme(); killme();
} }
/** /**
* Everything following is only permitted under the context of a locally authenticated site member. * Everything following is only permitted under the context of a locally authenticated site member.
*/ */
/** /**
* Handle "mark all xyz notifications read" requests. * Handle "mark all xyz notifications read" requests.
*/ */
// mark all items read // mark all items read
if(x($_REQUEST, 'markRead') && local_channel()) { if(x($_REQUEST, 'markRead') && local_channel()) {
switch($_REQUEST['markRead']) { switch($_REQUEST['markRead']) {
case 'network': case 'network':
$r = q("update item set item_unseen = 0 where item_unseen = 1 and uid = %d", $r = q("update item set item_unseen = 0 where item_unseen = 1 and uid = %d",
intval(local_channel()) intval(local_channel())
); );
break; break;
case 'home': case 'home':
$r = q("update item set item_unseen = 0 where item_unseen = 1 and item_wall = 1 and uid = %d", $r = q("update item set item_unseen = 0 where item_unseen = 1 and item_wall = 1 and uid = %d",
intval(local_channel()) intval(local_channel())
); );
break; break;
@ -188,21 +181,18 @@ class Ping extends \Zotlabs\Web\Controller {
break; break;
} }
} }
if(x($_REQUEST, 'markItemRead') && local_channel()) { if(x($_REQUEST, 'markItemRead') && local_channel()) {
$r = q("update item set item_unseen = 0 where parent = %d and uid = %d", $r = q("update item set item_unseen = 0 where parent = %d and uid = %d",
intval($_REQUEST['markItemRead']), intval($_REQUEST['markItemRead']),
intval(local_channel()) intval(local_channel())
); );
} }
/** /**
* URL ping/something will return detail for "something", e.g. a json list with which to populate a notification * URL ping/something will return detail for "something", e.g. a json list with which to populate a notification
* dropdown menu. * dropdown menu.
*/ */
if(argc() > 1 && argv(1) === 'notify') { if(argc() > 1 && argv(1) === 'notify') {
$t = q("select count(*) as total from notify where uid = %d and seen = 0", $t = q("select count(*) as total from notify where uid = %d and seen = 0",
intval(local_channel()) intval(local_channel())
@ -212,8 +202,7 @@ class Ping extends \Zotlabs\Web\Controller {
and seen = 0 order by created desc limit 50", and seen = 0 order by created desc limit 50",
intval(local_channel()) intval(local_channel())
); );
} } else {
else {
$z1 = q("select * from notify where uid = %d $z1 = q("select * from notify where uid = %d
and seen = 0 order by created desc limit 50", and seen = 0 order by created desc limit 50",
intval(local_channel()) intval(local_channel())
@ -225,62 +214,62 @@ class Ping extends \Zotlabs\Web\Controller {
); );
$z = array_merge($z1,$z2); $z = array_merge($z1,$z2);
} }
if(count($z)) { if(count($z)) {
foreach($z as $zz) { foreach($z as $zz) {
$notifs[] = array( $notifs[] = array(
'notify_link' => z_root() . '/notify/view/' . $zz['id'], 'notify_link' => z_root() . '/notify/view/' . $zz['id'],
'name' => $zz['xname'], 'name' => $zz['xname'],
'url' => $zz['url'], 'url' => $zz['url'],
'photo' => $zz['photo'], 'photo' => $zz['photo'],
'when' => relative_date($zz['created']), 'when' => relative_date($zz['created']),
'hclass' => (($zz['seen']) ? 'notify-seen' : 'notify-unseen'), 'hclass' => (($zz['seen']) ? 'notify-seen' : 'notify-unseen'),
'message' => strip_tags(bbcode($zz['msg'])) 'message' => strip_tags(bbcode($zz['msg']))
); );
} }
} }
echo json_encode(array('notify' => $notifs)); echo json_encode(array('notify' => $notifs));
killme(); killme();
} }
if(argc() > 1 && argv(1) === 'messages') { if(argc() > 1 && argv(1) === 'messages') {
$channel = \App::get_channel(); $channel = \App::get_channel();
$t = q("select mail.*, xchan.* from mail left join xchan on xchan_hash = from_xchan $t = q("select mail.*, xchan.* from mail left join xchan on xchan_hash = from_xchan
where channel_id = %d and mail_seen = 0 and mail_deleted = 0 where channel_id = %d and mail_seen = 0 and mail_deleted = 0
and from_xchan != '%s' order by created desc limit 50", and from_xchan != '%s' order by created desc limit 50",
intval(local_channel()), intval(local_channel()),
dbesc($channel['channel_hash']) dbesc($channel['channel_hash'])
); );
if($t) { if($t) {
foreach($t as $zz) { foreach($t as $zz) {
$notifs[] = array( $notifs[] = array(
'notify_link' => z_root() . '/mail/' . $zz['id'], 'notify_link' => z_root() . '/mail/' . $zz['id'],
'name' => $zz['xchan_name'], 'name' => $zz['xchan_name'],
'url' => $zz['xchan_url'], 'url' => $zz['xchan_url'],
'photo' => $zz['xchan_photo_s'], 'photo' => $zz['xchan_photo_s'],
'when' => relative_date($zz['created']), 'when' => relative_date($zz['created']),
'hclass' => (intval($zz['mail_seen']) ? 'notify-seen' : 'notify-unseen'), 'hclass' => (intval($zz['mail_seen']) ? 'notify-seen' : 'notify-unseen'),
'message' => t('sent you a private message'), 'message' => t('sent you a private message'),
); );
} }
} }
echo json_encode(array('notify' => $notifs)); echo json_encode(array('notify' => $notifs));
killme(); killme();
} }
if(argc() > 1 && (argv(1) === 'network' || argv(1) === 'home')) { if(argc() > 1 && (argv(1) === 'network' || argv(1) === 'home')) {
$result = array(); $result = array();
$r = q("SELECT * FROM item $r = q("SELECT * FROM item
WHERE item_unseen = 1 and uid = %d $item_normal WHERE item_unseen = 1 and uid = %d $item_normal
and author_xchan != '%s' ORDER BY created DESC limit 300", and author_xchan != '%s' ORDER BY created DESC limit 300",
intval(local_channel()), intval(local_channel()),
dbesc($ob_hash) dbesc($ob_hash)
); );
if($r) { if($r) {
xchan_query($r); xchan_query($r);
foreach($r as $item) { foreach($r as $item) {
@ -289,18 +278,18 @@ class Ping extends \Zotlabs\Web\Controller {
$result[] = \Zotlabs\Lib\Enotify::format($item); $result[] = \Zotlabs\Lib\Enotify::format($item);
} }
} }
// logger('ping (network||home): ' . print_r($result, true), LOGGER_DATA); // logger('ping (network||home): ' . print_r($result, true), LOGGER_DATA);
echo json_encode(array('notify' => $result)); echo json_encode(array('notify' => $result));
killme(); killme();
} }
if(argc() > 1 && (argv(1) === 'intros')) { if(argc() > 1 && (argv(1) === 'intros')) {
$result = array(); $result = array();
$r = q("SELECT * FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and abook_pending = 1 and abook_self = 0 and abook_ignored = 0 and xchan_deleted = 0 and xchan_orphan = 0 ORDER BY abook_created DESC LIMIT 50", $r = q("SELECT * FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and abook_pending = 1 and abook_self = 0 and abook_ignored = 0 and xchan_deleted = 0 and xchan_orphan = 0 ORDER BY abook_created DESC LIMIT 50",
intval(local_channel()) intval(local_channel())
); );
if($r) { if($r) {
foreach($r as $rr) { foreach($r as $rr) {
$result[] = array( $result[] = array(
@ -308,8 +297,8 @@ class Ping extends \Zotlabs\Web\Controller {
'name' => $rr['xchan_name'], 'name' => $rr['xchan_name'],
'url' => $rr['xchan_url'], 'url' => $rr['xchan_url'],
'photo' => $rr['xchan_photo_s'], 'photo' => $rr['xchan_photo_s'],
'when' => relative_date($rr['abook_created']), 'when' => relative_date($rr['abook_created']),
'hclass' => ('notify-unseen'), 'hclass' => ('notify-unseen'),
'message' => t('added your channel') 'message' => t('added your channel')
); );
} }
@ -318,12 +307,12 @@ class Ping extends \Zotlabs\Web\Controller {
echo json_encode(array('notify' => $result)); echo json_encode(array('notify' => $result));
killme(); killme();
} }
if(argc() > 1 && (argv(1) === 'all_events')) { if(argc() > 1 && (argv(1) === 'all_events')) {
$bd_format = t('g A l F d') ; // 8 AM Friday January 18 $bd_format = t('g A l F d') ; // 8 AM Friday January 18
$result = array(); $result = array();
$r = q("SELECT * FROM event left join xchan on event_xchan = xchan_hash $r = q("SELECT * FROM event left join xchan on event_xchan = xchan_hash
WHERE event.uid = %d AND dtstart < '%s' AND dtstart > '%s' and dismissed = 0 WHERE event.uid = %d AND dtstart < '%s' AND dtstart > '%s' and dismissed = 0
and etype in ( 'event', 'birthday' ) and etype in ( 'event', 'birthday' )
@ -332,26 +321,25 @@ class Ping extends \Zotlabs\Web\Controller {
dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')), dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')),
dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days')) dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days'))
); );
if($r) { if($r) {
foreach($r as $rr) { foreach($r as $rr) {
if($rr['adjust']) if($rr['adjust'])
$md = datetime_convert('UTC', date_default_timezone_get(), $rr['dtstart'], 'Y/m'); $md = datetime_convert('UTC', date_default_timezone_get(), $rr['dtstart'], 'Y/m');
else else
$md = datetime_convert('UTC', 'UTC', $rr['dtstart'], 'Y/m'); $md = datetime_convert('UTC', 'UTC', $rr['dtstart'], 'Y/m');
$strt = datetime_convert('UTC', (($rr['adjust']) ? date_default_timezone_get() : 'UTC'), $rr['dtstart']); $strt = datetime_convert('UTC', (($rr['adjust']) ? date_default_timezone_get() : 'UTC'), $rr['dtstart']);
$today = ((substr($strt, 0, 10) === datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y-m-d')) ? true : false); $today = ((substr($strt, 0, 10) === datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y-m-d')) ? true : false);
$when = day_translate(datetime_convert('UTC', (($rr['adjust']) ? date_default_timezone_get() : 'UTC'), $rr['dtstart'], $bd_format)) . (($today) ? ' ' . t('[today]') : ''); $when = day_translate(datetime_convert('UTC', (($rr['adjust']) ? date_default_timezone_get() : 'UTC'), $rr['dtstart'], $bd_format)) . (($today) ? ' ' . t('[today]') : '');
$result[] = array( $result[] = array(
'notify_link' => z_root() . '/events', // FIXME this takes you to an edit page and it may not be yours, we really want to just view the single event --> '/events/event/' . $rr['event_hash'], 'notify_link' => z_root() . '/events', /// @FIXME this takes you to an edit page and it may not be yours, we really want to just view the single event --> '/events/event/' . $rr['event_hash'],
'name' => $rr['xchan_name'], 'name' => $rr['xchan_name'],
'url' => $rr['xchan_url'], 'url' => $rr['xchan_url'],
'photo' => $rr['xchan_photo_s'], 'photo' => $rr['xchan_photo_s'],
'when' => $when, 'when' => $when,
'hclass' => ('notify-unseen'), 'hclass' => ('notify-unseen'),
'message' => t('posted an event') 'message' => t('posted an event')
); );
} }
@ -360,13 +348,10 @@ class Ping extends \Zotlabs\Web\Controller {
echo json_encode(array('notify' => $result)); echo json_encode(array('notify' => $result));
killme(); killme();
} }
/** /**
* Normal ping - just the counts, no detail * Normal ping - just the counts, no detail
*/ */
if($vnotify & VNOTIFY_SYSTEM) { if($vnotify & VNOTIFY_SYSTEM) {
$t = q("select count(*) as total from notify where uid = %d and seen = 0", $t = q("select count(*) as total from notify where uid = %d and seen = 0",
intval(local_channel()) intval(local_channel())
@ -374,9 +359,9 @@ class Ping extends \Zotlabs\Web\Controller {
if($t) if($t)
$result['notify'] = intval($t[0]['total']); $result['notify'] = intval($t[0]['total']);
} }
$t1 = dba_timer(); $t1 = dba_timer();
if($vnotify & (VNOTIFY_NETWORK|VNOTIFY_CHANNEL)) { if($vnotify & (VNOTIFY_NETWORK|VNOTIFY_CHANNEL)) {
$r = q("SELECT id, item_wall FROM item $r = q("SELECT id, item_wall FROM item
WHERE item_unseen = 1 and uid = %d WHERE item_unseen = 1 and uid = %d
@ -385,11 +370,11 @@ class Ping extends \Zotlabs\Web\Controller {
intval(local_channel()), intval(local_channel()),
dbesc($ob_hash) dbesc($ob_hash)
); );
if($r) { if($r) {
$arr = array('items' => $r); $arr = array('items' => $r);
call_hooks('network_ping', $arr); call_hooks('network_ping', $arr);
foreach ($r as $it) { foreach ($r as $it) {
if(intval($it['item_wall'])) if(intval($it['item_wall']))
$result['home'] ++; $result['home'] ++;
@ -402,24 +387,23 @@ class Ping extends \Zotlabs\Web\Controller {
$result['network'] = 0; $result['network'] = 0;
if(! ($vnotify & VNOTIFY_CHANNEL)) if(! ($vnotify & VNOTIFY_CHANNEL))
$result['home'] = 0; $result['home'] = 0;
$t2 = dba_timer(); $t2 = dba_timer();
if($vnotify & VNOTIFY_INTRO) { if($vnotify & VNOTIFY_INTRO) {
$intr = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and abook_pending = 1 and abook_self = 0 and abook_ignored = 0 and xchan_deleted = 0 and xchan_orphan = 0 ", $intr = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and abook_pending = 1 and abook_self = 0 and abook_ignored = 0 and xchan_deleted = 0 and xchan_orphan = 0 ",
intval(local_channel()) intval(local_channel())
); );
$t3 = dba_timer(); $t3 = dba_timer();
if($intr) if($intr)
$result['intros'] = intval($intr[0]['total']); $result['intros'] = intval($intr[0]['total']);
} }
$t4 = dba_timer(); $t4 = dba_timer();
$channel = \App::get_channel(); $channel = \App::get_channel();
if($vnotify & VNOTIFY_MAIL) { if($vnotify & VNOTIFY_MAIL) {
$mails = q("SELECT count(id) as total from mail $mails = q("SELECT count(id) as total from mail
WHERE channel_id = %d AND mail_seen = 0 and from_xchan != '%s' ", WHERE channel_id = %d AND mail_seen = 0 and from_xchan != '%s' ",
@ -429,7 +413,7 @@ class Ping extends \Zotlabs\Web\Controller {
if($mails) if($mails)
$result['mail'] = intval($mails[0]['total']); $result['mail'] = intval($mails[0]['total']);
} }
if($vnotify & VNOTIFY_REGISTER) { if($vnotify & VNOTIFY_REGISTER) {
if (\App::$config['system']['register_policy'] == REGISTER_APPROVE && is_site_admin()) { if (\App::$config['system']['register_policy'] == REGISTER_APPROVE && is_site_admin()) {
$regs = q("SELECT count(account_id) as total from account where (account_flags & %d) > 0", $regs = q("SELECT count(account_id) as total from account where (account_flags & %d) > 0",
@ -438,10 +422,10 @@ class Ping extends \Zotlabs\Web\Controller {
if($regs) if($regs)
$result['register'] = intval($regs[0]['total']); $result['register'] = intval($regs[0]['total']);
} }
} }
$t5 = dba_timer(); $t5 = dba_timer();
if($vnotify & (VNOTIFY_EVENT|VNOTIFY_EVENTTODAY|VNOTIFY_BIRTHDAY)) { if($vnotify & (VNOTIFY_EVENT|VNOTIFY_EVENTTODAY|VNOTIFY_BIRTHDAY)) {
$events = q("SELECT etype, dtstart, adjust FROM event $events = q("SELECT etype, dtstart, adjust FROM event
WHERE event.uid = %d AND dtstart < '%s' AND dtstart > '%s' and dismissed = 0 WHERE event.uid = %d AND dtstart < '%s' AND dtstart > '%s' and dismissed = 0
@ -451,10 +435,10 @@ class Ping extends \Zotlabs\Web\Controller {
dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')), dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')),
dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days')) dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days'))
); );
if($events) { if($events) {
$result['all_events'] = count($events); $result['all_events'] = count($events);
if($result['all_events']) { if($result['all_events']) {
$str_now = datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y-m-d'); $str_now = datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y-m-d');
foreach($events as $x) { foreach($events as $x) {
@ -483,16 +467,15 @@ class Ping extends \Zotlabs\Web\Controller {
$result['all_events_today'] = $result['events_today'] = 0; $result['all_events_today'] = $result['events_today'] = 0;
if(! ($vnotify & VNOTIFY_BIRTHDAY)) if(! ($vnotify & VNOTIFY_BIRTHDAY))
$result['birthdays'] = 0; $result['birthdays'] = 0;
$x = json_encode($result); $x = json_encode($result);
$t6 = dba_timer(); $t6 = dba_timer();
// logger('ping timer: ' . sprintf('%01.4f %01.4f %01.4f %01.4f %01.4f %01.4f',$t6 - $t5, $t5 - $t4, $t4 - $t3, $t3 - $t2, $t2 - $t1, $t1 - $t0)); // logger('ping timer: ' . sprintf('%01.4f %01.4f %01.4f %01.4f %01.4f %01.4f',$t6 - $t5, $t5 - $t4, $t4 - $t3, $t3 - $t2, $t2 - $t1, $t1 - $t0));
echo $x; echo $x;
killme(); killme();
} }
} }

30
Zotlabs/Module/Post.php
View File

@ -1,36 +1,34 @@
<?php <?php
namespace Zotlabs\Module;
/** /**
* @file mod/post.php * @file Zotlabs/Module/Post.php
* *
* @brief Zot endpoint. * @brief Zot endpoint.
* *
*/ */
namespace Zotlabs\Module;
require_once('include/zot.php'); require_once('include/zot.php');
/**
* @brief Post module.
*
*/
class Post extends \Zotlabs\Web\Controller { class Post extends \Zotlabs\Web\Controller {
function init() { function init() {
if(array_key_exists('auth', $_REQUEST)) {
if (array_key_exists('auth', $_REQUEST)) {
$x = new \Zotlabs\Zot\Auth($_REQUEST); $x = new \Zotlabs\Zot\Auth($_REQUEST);
exit; exit;
} }
} }
function post() {
function post() { $z = new \Zotlabs\Zot\Receiver($_REQUEST['data'], get_config('system', 'prvkey'), new \Zotlabs\Zot\ZotHandler());
$z = new \Zotlabs\Zot\Receiver($_REQUEST['data'],get_config('system','prvkey'), new \Zotlabs\Zot\ZotHandler());
// notreached; // notreached;
exit; exit;
} }
} }

251
Zotlabs/Module/Setup.php
View File

@ -1,9 +1,9 @@
<?php <?php
namespace Zotlabs\Module; namespace Zotlabs\Module;
/** /**
* @file mod/setup.php * @file Zotlabs/Module/Setup.php
* *
* Controller for the initial setup/installation. * @brief Controller for the initial setup/installation.
* *
* @todo This setup module could need some love and improvements. * @todo This setup module could need some love and improvements.
*/ */
@ -13,51 +13,50 @@ namespace Zotlabs\Module;
* @brief Initialisation for the setup module. * @brief Initialisation for the setup module.
* *
*/ */
class Setup extends \Zotlabs\Web\Controller { class Setup extends \Zotlabs\Web\Controller {
private static $install_wizard_pass = 1; private static $install_wizard_pass = 1;
/**
* {@inheritDoc}
* @see \\Zotlabs\\Web\\Controller::init()
*/
function init() { function init() {
// Ensure that if somebody hasn't read the install documentation and doesn't have all // Ensure that if somebody hasn't read the install documentation and doesn't have all
// the required modules or has a totally borked shared hosting provider and they can't // the required modules or has a totally borked shared hosting provider and they can't
// figure out what the hell is going on - that we at least spit out an error message which // figure out what the hell is going on - that we at least spit out an error message which
// we can inquire about when they write to tell us that our software doesn't work. // we can inquire about when they write to tell us that our software doesn't work.
// The worst thing we can do at this point is throw a white screen of death and rely on // The worst thing we can do at this point is throw a white screen of death and rely on
// them knowing about servers and php modules and logfiles enough so that we can guess // them knowing about servers and php modules and logfiles enough so that we can guess
// at the source of the problem. As ugly as it may be, we need to throw a technically worded // at the source of the problem. As ugly as it may be, we need to throw a technically worded
// PHP error message in their face. Once installation is complete application errors will // PHP error message in their face. Once installation is complete application errors will
// throw a white screen because these error messages divulge information which can // throw a white screen because these error messages divulge information which can
// potentially be useful to hackers. // potentially be useful to hackers.
error_reporting(E_ERROR | E_WARNING | E_PARSE ); error_reporting(E_ERROR | E_WARNING | E_PARSE );
ini_set('log_errors', '0'); ini_set('log_errors', '0');
ini_set('display_errors', '1'); ini_set('display_errors', '1');
// $baseurl/setup/testrwrite to test if rewite in .htaccess is working // $baseurl/setup/testrwrite to test if rewite in .htaccess is working
if (argc() == 2 && argv(1) == "testrewrite") { if (argc() == 2 && argv(1) == "testrewrite") {
echo 'ok'; echo 'ok';
killme(); killme();
} }
if (x($_POST, 'pass')) { if (x($_POST, 'pass')) {
$this->install_wizard_pass = intval($_POST['pass']); $this->install_wizard_pass = intval($_POST['pass']);
} } else {
else {
$this->install_wizard_pass = 1; $this->install_wizard_pass = 1;
} }
} }
/** /**
* @brief Handle the actions of the different setup steps. * @brief Handle the actions of the different setup steps.
* *
*/ */
function post() { function post() {
switch($this->install_wizard_pass) { switch($this->install_wizard_pass) {
case 1: case 1:
case 2: case 2:
@ -77,15 +76,15 @@ class Setup extends \Zotlabs\Web\Controller {
$server_role = trim($_POST['server_role']); $server_role = trim($_POST['server_role']);
if(! $server_role) if(! $server_role)
$server_role = 'standard'; $server_role = 'standard';
// $siteurl should not have a trailing slash // $siteurl should not have a trailing slash
$siteurl = rtrim($siteurl,'/'); $siteurl = rtrim($siteurl,'/');
require_once('include/dba/dba_driver.php'); require_once('include/dba/dba_driver.php');
$db = \DBA::dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, $dbtype, true); $db = \DBA::dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, $dbtype, true);
if(! \DBA::$dba->connected) { if(! \DBA::$dba->connected) {
echo 'Database Connect failed: ' . \DBA::$dba->error; echo 'Database Connect failed: ' . \DBA::$dba->error;
killme(); killme();
@ -107,7 +106,7 @@ class Setup extends \Zotlabs\Web\Controller {
$server_role = trim($_POST['server_role']); $server_role = trim($_POST['server_role']);
if(! $server_role) if(! $server_role)
$server_role = 'standard'; $server_role = 'standard';
if($siteurl != z_root()) { if($siteurl != z_root()) {
$test = z_fetch_url($siteurl."/setup/testrewrite"); $test = z_fetch_url($siteurl."/setup/testrewrite");
if((! $test['success']) || ($test['body'] != 'ok')) { if((! $test['success']) || ($test['body'] != 'ok')) {
@ -116,7 +115,7 @@ class Setup extends \Zotlabs\Web\Controller {
return; return;
} }
} }
if(! \DBA::$dba->connected) { if(! \DBA::$dba->connected) {
// connect to db // connect to db
$db = \DBA::dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, $dbtype, true); $db = \DBA::dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, $dbtype, true);
@ -126,7 +125,7 @@ class Setup extends \Zotlabs\Web\Controller {
echo 'CRITICAL: DB not connected.'; echo 'CRITICAL: DB not connected.';
killme(); killme();
} }
$tpl = get_intltext_template('htconfig.tpl'); $tpl = get_intltext_template('htconfig.tpl');
$txt = replace_macros($tpl,array( $txt = replace_macros($tpl,array(
'$dbhost' => $dbhost, '$dbhost' => $dbhost,
@ -142,33 +141,33 @@ class Setup extends \Zotlabs\Web\Controller {
'$phpath' => $phpath, '$phpath' => $phpath,
'$adminmail' => $adminmail '$adminmail' => $adminmail
)); ));
$result = file_put_contents('.htconfig.php', $txt); $result = file_put_contents('.htconfig.php', $txt);
if(! $result) { if(! $result) {
\App::$data['txt'] = $txt; \App::$data['txt'] = $txt;
} }
$errors = $this->load_database($db); $errors = $this->load_database($db);
if($errors) if($errors)
\App::$data['db_failed'] = $errors; \App::$data['db_failed'] = $errors;
else else
\App::$data['db_installed'] = true; \App::$data['db_installed'] = true;
return; return;
// implied break; // implied break;
default: default:
break; break;
} }
} }
function get_db_errno() { function get_db_errno() {
if(class_exists('mysqli')) if(class_exists('mysqli'))
return mysqli_connect_errno(); return mysqli_connect_errno();
else else
return mysql_errno(); return mysql_errno();
} }
/** /**
* @brief Get output for the setup page. * @brief Get output for the setup page.
* *
@ -176,13 +175,12 @@ class Setup extends \Zotlabs\Web\Controller {
* *
* @return string parsed HTML output * @return string parsed HTML output
*/ */
function get() { function get() {
$o = ''; $o = '';
$wizard_status = ''; $wizard_status = '';
$install_title = t('$Projectname Server - Setup'); $install_title = t('$Projectname Server - Setup');
if(x(\App::$data, 'db_conn_failed')) { if(x(\App::$data, 'db_conn_failed')) {
$this->install_wizard_pass = 2; $this->install_wizard_pass = 2;
$wizard_status = t('Could not connect to database.'); $wizard_status = t('Could not connect to database.');
@ -193,7 +191,7 @@ class Setup extends \Zotlabs\Web\Controller {
if(\App::$data['url_error']) if(\App::$data['url_error'])
$wizard_status .= ' ' . \App::$data['url_error']; $wizard_status .= ' ' . \App::$data['url_error'];
} }
if(x(\App::$data, 'db_create_failed')) { if(x(\App::$data, 'db_create_failed')) {
$this->install_wizard_pass = 2; $this->install_wizard_pass = 2;
$wizard_status = t('Could not create table.'); $wizard_status = t('Could not create table.');
@ -222,11 +220,11 @@ class Setup extends \Zotlabs\Web\Controller {
)); ));
} }
} }
if(x(\App::$data, 'txt') && strlen(\App::$data['txt'])) { if(x(\App::$data, 'txt') && strlen(\App::$data['txt'])) {
$db_return_text .= $this->manual_config($a); $db_return_text .= $this->manual_config($a);
} }
if ($db_return_text != "") { if ($db_return_text != "") {
$tpl = get_markup_template('install.tpl'); $tpl = get_markup_template('install.tpl');
return replace_macros($tpl, array( return replace_macros($tpl, array(
@ -235,33 +233,33 @@ class Setup extends \Zotlabs\Web\Controller {
'$text' => $db_return_text . $this->what_next(), '$text' => $db_return_text . $this->what_next(),
)); ));
} }
switch ($this->install_wizard_pass){ switch ($this->install_wizard_pass){
case 1: { // System check case 1: { // System check
$checks = array(); $checks = array();
$this->check_funcs($checks); $this->check_funcs($checks);
$this->check_htconfig($checks); $this->check_htconfig($checks);
$this->check_store($checks); $this->check_store($checks);
$this->check_smarty3($checks); $this->check_smarty3($checks);
$this->check_keys($checks); $this->check_keys($checks);
if (x($_POST, 'phpath')) if (x($_POST, 'phpath'))
$phpath = notags(trim($_POST['phpath'])); $phpath = notags(trim($_POST['phpath']));
$this->check_php($phpath, $checks); $this->check_php($phpath, $checks);
$this->check_phpconfig($checks); $this->check_phpconfig($checks);
$this->check_htaccess($checks); $this->check_htaccess($checks);
$checkspassed = array_reduce($checks, "self::check_passed", true); $checkspassed = array_reduce($checks, "self::check_passed", true);
$tpl = get_markup_template('install_checks.tpl'); $tpl = get_markup_template('install_checks.tpl');
$o .= replace_macros($tpl, array( $o .= replace_macros($tpl, array(
'$title' => $install_title, '$title' => $install_title,
@ -276,9 +274,9 @@ class Setup extends \Zotlabs\Web\Controller {
)); ));
return $o; return $o;
}; break; }; break;
case 2: { // Database config case 2: { // Database config
$dbhost = ((x($_POST,'dbhost')) ? trim($_POST['dbhost']) : '127.0.0.1'); $dbhost = ((x($_POST,'dbhost')) ? trim($_POST['dbhost']) : '127.0.0.1');
$dbuser = trim($_POST['dbuser']); $dbuser = trim($_POST['dbuser']);
$dbport = intval(trim($_POST['dbport'])); $dbport = intval(trim($_POST['dbport']));
@ -288,7 +286,7 @@ class Setup extends \Zotlabs\Web\Controller {
$phpath = trim($_POST['phpath']); $phpath = trim($_POST['phpath']);
$adminmail = trim($_POST['adminmail']); $adminmail = trim($_POST['adminmail']);
$siteurl = trim($_POST['siteurl']); $siteurl = trim($_POST['siteurl']);
$tpl = get_markup_template('install_db.tpl'); $tpl = get_markup_template('install_db.tpl');
$o .= replace_macros($tpl, array( $o .= replace_macros($tpl, array(
'$title' => $install_title, '$title' => $install_title,
@ -296,24 +294,24 @@ class Setup extends \Zotlabs\Web\Controller {
'$info_01' => t('In order to install $Projectname we need to know how to connect to your database.'), '$info_01' => t('In order to install $Projectname we need to know how to connect to your database.'),
'$info_02' => t('Please contact your hosting provider or site administrator if you have questions about these settings.'), '$info_02' => t('Please contact your hosting provider or site administrator if you have questions about these settings.'),
'$info_03' => t('The database you specify below should already exist. If it does not, please create it before continuing.'), '$info_03' => t('The database you specify below should already exist. If it does not, please create it before continuing.'),
'$status' => $wizard_status, '$status' => $wizard_status,
'$dbhost' => array('dbhost', t('Database Server Name'), $dbhost, t('Default is 127.0.0.1')), '$dbhost' => array('dbhost', t('Database Server Name'), $dbhost, t('Default is 127.0.0.1')),
'$dbport' => array('dbport', t('Database Port'), $dbport, t('Communication port number - use 0 for default')), '$dbport' => array('dbport', t('Database Port'), $dbport, t('Communication port number - use 0 for default')),
'$dbuser' => array('dbuser', t('Database Login Name'), $dbuser, ''), '$dbuser' => array('dbuser', t('Database Login Name'), $dbuser, ''),
'$dbpass' => array('dbpass', t('Database Login Password'), $dbpass, ''), '$dbpass' => array('dbpass', t('Database Login Password'), $dbpass, ''),
'$dbdata' => array('dbdata', t('Database Name'), $dbdata, ''), '$dbdata' => array('dbdata', t('Database Name'), $dbdata, ''),
'$dbtype' => array('dbtype', t('Database Type'), $dbtype, '', array( 0=>'MySQL', 1=>'PostgreSQL' )), '$dbtype' => array('dbtype', t('Database Type'), $dbtype, '', array( 0=>'MySQL', 1=>'PostgreSQL' )),
'$adminmail' => array('adminmail', t('Site administrator email address'), $adminmail, t('Your account email address must match this in order to use the web admin panel.')), '$adminmail' => array('adminmail', t('Site administrator email address'), $adminmail, t('Your account email address must match this in order to use the web admin panel.')),
'$siteurl' => array('siteurl', t('Website URL'), z_root(), t('Please use SSL (https) URL if available.')), '$siteurl' => array('siteurl', t('Website URL'), z_root(), t('Please use SSL (https) URL if available.')),
'$lbl_10' => t('Please select a default timezone for your website'), '$lbl_10' => t('Please select a default timezone for your website'),
'$baseurl' => z_root(), '$baseurl' => z_root(),
'$phpath' => $phpath, '$phpath' => $phpath,
'$submit' => t('Submit'), '$submit' => t('Submit'),
)); ));
return $o; return $o;
@ -327,11 +325,11 @@ class Setup extends \Zotlabs\Web\Controller {
$dbdata = trim($_POST['dbdata']); $dbdata = trim($_POST['dbdata']);
$dbtype = intval(trim($_POST['dbtype'])); $dbtype = intval(trim($_POST['dbtype']));
$phpath = trim($_POST['phpath']); $phpath = trim($_POST['phpath']);
$adminmail = trim($_POST['adminmail']); $adminmail = trim($_POST['adminmail']);
$siteurl = trim($_POST['siteurl']); $siteurl = trim($_POST['siteurl']);
$timezone = ((x($_POST,'timezone')) ? ($_POST['timezone']) : 'America/Los_Angeles'); $timezone = ((x($_POST,'timezone')) ? ($_POST['timezone']) : 'America/Los_Angeles');
$server_roles = [ $server_roles = [
'basic' => t('Basic/Minimal Social Networking'), 'basic' => t('Basic/Minimal Social Networking'),
'standard' => t('Standard Configuration (default)'), 'standard' => t('Standard Configuration (default)'),
@ -343,7 +341,7 @@ class Setup extends \Zotlabs\Web\Controller {
'$title' => $install_title, '$title' => $install_title,
'$pass' => t('Site settings'), '$pass' => t('Site settings'),
'$status' => $wizard_status, '$status' => $wizard_status,
'$dbhost' => $dbhost, '$dbhost' => $dbhost,
'$dbport' => $dbport, '$dbport' => $dbport,
'$dbuser' => $dbuser, '$dbuser' => $dbuser,
@ -351,24 +349,24 @@ class Setup extends \Zotlabs\Web\Controller {
'$dbdata' => $dbdata, '$dbdata' => $dbdata,
'$phpath' => $phpath, '$phpath' => $phpath,
'$dbtype' => $dbtype, '$dbtype' => $dbtype,
'$adminmail' => array('adminmail', t('Site administrator email address'), $adminmail, t('Your account email address must match this in order to use the web admin panel.')), '$adminmail' => array('adminmail', t('Site administrator email address'), $adminmail, t('Your account email address must match this in order to use the web admin panel.')),
'$siteurl' => array('siteurl', t('Website URL'), z_root(), t('Please use SSL (https) URL if available.')), '$siteurl' => array('siteurl', t('Website URL'), z_root(), t('Please use SSL (https) URL if available.')),
'$server_role' => array('server_role', t("Server Configuration/Role"), 'standard','',$server_roles), '$server_role' => array('server_role', t("Server Configuration/Role"), 'standard','',$server_roles),
'$timezone' => array('timezone', t('Please select a default timezone for your website'), $timezone, '', get_timezones()), '$timezone' => array('timezone', t('Please select a default timezone for your website'), $timezone, '', get_timezones()),
'$baseurl' => z_root(), '$baseurl' => z_root(),
'$submit' => t('Submit'), '$submit' => t('Submit'),
)); ));
return $o; return $o;
}; break; }; break;
} }
} }
/** /**
* @brief Add a check result to the array for output. * @brief Add a check result to the array for output.
* *
@ -376,7 +374,7 @@ class Setup extends \Zotlabs\Web\Controller {
* @param string $title a title for the check * @param string $title a title for the check
* @param boolean $status * @param boolean $status
* @param boolean $required * @param boolean $required
* @param[optional] string $help optional help string * @param string $help optional help string
*/ */
function check_add(&$checks, $title, $status, $required, $help = '') { function check_add(&$checks, $title, $status, $required, $help = '') {
$checks[] = array( $checks[] = array(
@ -386,7 +384,7 @@ class Setup extends \Zotlabs\Web\Controller {
'help' => $help 'help' => $help
); );
} }
/** /**
* @brief Checks the PHP environment. * @brief Checks the PHP environment.
* *
@ -395,7 +393,7 @@ class Setup extends \Zotlabs\Web\Controller {
*/ */
function check_php(&$phpath, &$checks) { function check_php(&$phpath, &$checks) {
$help = ''; $help = '';
if(version_compare(PHP_VERSION, '5.5') < 0) { if(version_compare(PHP_VERSION, '5.5') < 0) {
$help .= t('PHP version 5.5 or greater is required.'); $help .= t('PHP version 5.5 or greater is required.');
$this->check_add($checks, t('PHP version'), false, false, $help); $this->check_add($checks, t('PHP version'), false, false, $help);
@ -408,10 +406,10 @@ class Setup extends \Zotlabs\Web\Controller {
$phpath = trim(shell_exec('where php')); $phpath = trim(shell_exec('where php'));
else else
$phpath = trim(shell_exec('which php')); $phpath = trim(shell_exec('which php'));
$passed = strlen($phpath); $passed = strlen($phpath);
} }
if(!$passed) { if(!$passed) {
$help .= t('Could not find a command line version of PHP in the web server PATH.'). EOL; $help .= t('Could not find a command line version of PHP in the web server PATH.'). EOL;
$help .= t('If you don\'t have a command line version of PHP installed on server, you will not be able to run background polling via cron.') . EOL; $help .= t('If you don\'t have a command line version of PHP installed on server, you will not be able to run background polling via cron.') . EOL;
@ -422,9 +420,9 @@ class Setup extends \Zotlabs\Web\Controller {
)); ));
$phpath = ''; $phpath = '';
} }
$this->check_add($checks, t('Command line PHP').($passed?" (<tt>$phpath</tt>)":""), $passed, false, $help); $this->check_add($checks, t('Command line PHP').($passed?" (<tt>$phpath</tt>)":""), $passed, false, $help);
if($passed) { if($passed) {
$str = autoname(8); $str = autoname(8);
$cmd = "$phpath install/testargs.php $str"; $cmd = "$phpath install/testargs.php $str";
@ -435,11 +433,11 @@ class Setup extends \Zotlabs\Web\Controller {
$help .= t('The command line version of PHP on your system does not have "register_argc_argv" enabled.'). EOL; $help .= t('The command line version of PHP on your system does not have "register_argc_argv" enabled.'). EOL;
$help .= t('This is required for message delivery to work.'); $help .= t('This is required for message delivery to work.');
} }
$this->check_add($checks, t('PHP register_argc_argv'), $passed, true, $help); $this->check_add($checks, t('PHP register_argc_argv'), $passed, true, $help);
} }
} }
/** /**
* @brief Some PHP configuration checks. * @brief Some PHP configuration checks.
* *
@ -450,9 +448,9 @@ class Setup extends \Zotlabs\Web\Controller {
*/ */
function check_phpconfig(&$checks) { function check_phpconfig(&$checks) {
require_once 'include/environment.php'; require_once 'include/environment.php';
$help = ''; $help = '';
$result = getPhpiniUploadLimits(); $result = getPhpiniUploadLimits();
$help = sprintf(t('Your max allowed total upload size is set to %s. Maximum size of one file to upload is set to %s. You are allowed to upload up to %d files at once.'), $help = sprintf(t('Your max allowed total upload size is set to %s. Maximum size of one file to upload is set to %s. You are allowed to upload up to %d files at once.'),
userReadableSize($result['post_max_size']), userReadableSize($result['post_max_size']),
@ -460,10 +458,10 @@ class Setup extends \Zotlabs\Web\Controller {
$result['max_file_uploads'] $result['max_file_uploads']
); );
$help .= '<br>' . t('You can adjust these settings in the servers php.ini.'); $help .= '<br>' . t('You can adjust these settings in the servers php.ini.');
$this->check_add($checks, t('PHP upload limits'), true, false, $help); $this->check_add($checks, t('PHP upload limits'), true, false, $help);
} }
/** /**
* @brief Check if the openssl implementation can generate keys. * @brief Check if the openssl implementation can generate keys.
* *
@ -472,7 +470,7 @@ class Setup extends \Zotlabs\Web\Controller {
function check_keys(&$checks) { function check_keys(&$checks) {
$help = ''; $help = '';
$res = false; $res = false;
if (function_exists('openssl_pkey_new')) { if (function_exists('openssl_pkey_new')) {
$res = openssl_pkey_new(array( $res = openssl_pkey_new(array(
'digest_alg' => 'sha1', 'digest_alg' => 'sha1',
@ -480,17 +478,17 @@ class Setup extends \Zotlabs\Web\Controller {
'encrypt_key' => false) 'encrypt_key' => false)
); );
} }
// Get private key // Get private key
if (! $res) { if (! $res) {
$help .= t('Error: the "openssl_pkey_new" function on this system is not able to generate encryption keys'). EOL; $help .= t('Error: the "openssl_pkey_new" function on this system is not able to generate encryption keys'). EOL;
$help .= t('If running under Windows, please see "http://www.php.net/manual/en/openssl.installation.php".'); $help .= t('If running under Windows, please see "http://www.php.net/manual/en/openssl.installation.php".');
} }
$this->check_add($checks, t('Generate encryption keys'), $res, true, $help); $this->check_add($checks, t('Generate encryption keys'), $res, true, $help);
} }
/** /**
* @brief Check for some PHP functions and modules. * @brief Check for some PHP functions and modules.
* *
@ -498,7 +496,7 @@ class Setup extends \Zotlabs\Web\Controller {
*/ */
function check_funcs(&$checks) { function check_funcs(&$checks) {
$ck_funcs = array(); $ck_funcs = array();
// add check metadata, the real check is done bit later and return values set // add check metadata, the real check is done bit later and return values set
$this->check_add($ck_funcs, t('libCurl PHP module'), true, true); $this->check_add($ck_funcs, t('libCurl PHP module'), true, true);
$this->check_add($ck_funcs, t('GD graphics PHP module'), true, true); $this->check_add($ck_funcs, t('GD graphics PHP module'), true, true);
@ -506,7 +504,7 @@ class Setup extends \Zotlabs\Web\Controller {
$this->check_add($ck_funcs, t('mysqli or postgres PHP module'), true, true); $this->check_add($ck_funcs, t('mysqli or postgres PHP module'), true, true);
$this->check_add($ck_funcs, t('mb_string PHP module'), true, true); $this->check_add($ck_funcs, t('mb_string PHP module'), true, true);
$this->check_add($ck_funcs, t('xml PHP module'), true, true); $this->check_add($ck_funcs, t('xml PHP module'), true, true);
if(function_exists('apache_get_modules')){ if(function_exists('apache_get_modules')){
if (! in_array('mod_rewrite', apache_get_modules())) { if (! in_array('mod_rewrite', apache_get_modules())) {
$this->check_add($ck_funcs, t('Apache mod_rewrite module'), false, true, t('Error: Apache webserver mod-rewrite module is required but not installed.')); $this->check_add($ck_funcs, t('Apache mod_rewrite module'), false, true, t('Error: Apache webserver mod-rewrite module is required but not installed.'));
@ -520,7 +518,7 @@ class Setup extends \Zotlabs\Web\Controller {
else { else {
$this->check_add($ck_funcs, t('proc_open'), true, true); $this->check_add($ck_funcs, t('proc_open'), true, true);
} }
if(! function_exists('curl_init')) { if(! function_exists('curl_init')) {
$ck_funcs[0]['status'] = false; $ck_funcs[0]['status'] = false;
$ck_funcs[0]['help'] = t('Error: libCURL PHP module required but not installed.'); $ck_funcs[0]['help'] = t('Error: libCURL PHP module required but not installed.');
@ -545,10 +543,10 @@ class Setup extends \Zotlabs\Web\Controller {
$ck_funcs[6]['status'] = false; $ck_funcs[6]['status'] = false;
$ck_funcs[6]['help'] = t('Error: xml PHP module required for DAV but not installed.'); $ck_funcs[6]['help'] = t('Error: xml PHP module required for DAV but not installed.');
} }
$checks = array_merge($checks, $ck_funcs); $checks = array_merge($checks, $ck_funcs);
} }
/** /**
* @brief Check for .htconfig requirements. * @brief Check for .htconfig requirements.
* *
@ -557,7 +555,7 @@ class Setup extends \Zotlabs\Web\Controller {
function check_htconfig(&$checks) { function check_htconfig(&$checks) {
$status = true; $status = true;
$help = ''; $help = '';
if( (file_exists('.htconfig.php') && !is_writable('.htconfig.php')) || if( (file_exists('.htconfig.php') && !is_writable('.htconfig.php')) ||
(!file_exists('.htconfig.php') && !is_writable('.')) ) { (!file_exists('.htconfig.php') && !is_writable('.')) ) {
$status = false; $status = false;
@ -566,10 +564,10 @@ class Setup extends \Zotlabs\Web\Controller {
$help .= t('At the end of this procedure, we will give you a text to save in a file named .htconfig.php in your Red top folder.').EOL; $help .= t('At the end of this procedure, we will give you a text to save in a file named .htconfig.php in your Red top folder.').EOL;
$help .= t('You can alternatively skip this procedure and perform a manual installation. Please see the file "install/INSTALL.txt" for instructions.').EOL; $help .= t('You can alternatively skip this procedure and perform a manual installation. Please see the file "install/INSTALL.txt" for instructions.').EOL;
} }
$this->check_add($checks, t('.htconfig.php is writable'), $status, false, $help); $this->check_add($checks, t('.htconfig.php is writable'), $status, false, $help);
} }
/** /**
* @brief Checks for our templating engine Smarty3 requirements. * @brief Checks for our templating engine Smarty3 requirements.
* *
@ -578,7 +576,7 @@ class Setup extends \Zotlabs\Web\Controller {
function check_smarty3(&$checks) { function check_smarty3(&$checks) {
$status = true; $status = true;
$help = ''; $help = '';
if(! is_writable(TEMPLATE_BUILD_PATH) ) { if(! is_writable(TEMPLATE_BUILD_PATH) ) {
$status = false; $status = false;
$help = t('Red uses the Smarty3 template engine to render its web views. Smarty3 compiles templates to PHP to speed up rendering.') .EOL; $help = t('Red uses the Smarty3 template engine to render its web views. Smarty3 compiles templates to PHP to speed up rendering.') .EOL;
@ -586,10 +584,10 @@ class Setup extends \Zotlabs\Web\Controller {
$help .= t('Please ensure that the user that your web server runs as (e.g. www-data) has write access to this folder.').EOL; $help .= t('Please ensure that the user that your web server runs as (e.g. www-data) has write access to this folder.').EOL;
$help .= sprintf( t('Note: as a security measure, you should give the web server write access to %s only--not the template files (.tpl) that it contains.'), TEMPLATE_BUILD_PATH) . EOL; $help .= sprintf( t('Note: as a security measure, you should give the web server write access to %s only--not the template files (.tpl) that it contains.'), TEMPLATE_BUILD_PATH) . EOL;
} }
$this->check_add($checks, sprintf( t('%s is writable'), TEMPLATE_BUILD_PATH), $status, true, $help); $this->check_add($checks, sprintf( t('%s is writable'), TEMPLATE_BUILD_PATH), $status, true, $help);
} }
/** /**
* @brief Check for store directory. * @brief Check for store directory.
* *
@ -598,18 +596,18 @@ class Setup extends \Zotlabs\Web\Controller {
function check_store(&$checks) { function check_store(&$checks) {
$status = true; $status = true;
$help = ''; $help = '';
@os_mkdir(TEMPLATE_BUILD_PATH, STORAGE_DEFAULT_PERMISSIONS, true); @os_mkdir(TEMPLATE_BUILD_PATH, STORAGE_DEFAULT_PERMISSIONS, true);
if(! is_writable('store')) { if(! is_writable('store')) {
$status = false; $status = false;
$help = t('This software uses the store directory to save uploaded files. The web server needs to have write access to the store directory under the Red top level folder') . EOL; $help = t('This software uses the store directory to save uploaded files. The web server needs to have write access to the store directory under the Red top level folder') . EOL;
$help .= t('Please ensure that the user that your web server runs as (e.g. www-data) has write access to this folder.').EOL; $help .= t('Please ensure that the user that your web server runs as (e.g. www-data) has write access to this folder.').EOL;
} }
$this->check_add($checks, t('store is writable'), $status, true, $help); $this->check_add($checks, t('store is writable'), $status, true, $help);
} }
/** /**
* @brief Check URL rewrite und SSL certificate. * @brief Check URL rewrite und SSL certificate.
* *
@ -620,9 +618,9 @@ class Setup extends \Zotlabs\Web\Controller {
$status = true; $status = true;
$help = ''; $help = '';
$ssl_error = false; $ssl_error = false;
$url = z_root() . '/setup/testrewrite'; $url = z_root() . '/setup/testrewrite';
if (function_exists('curl_init')){ if (function_exists('curl_init')){
$test = z_fetch_url($url); $test = z_fetch_url($url);
if(! $test['success']) { if(! $test['success']) {
@ -638,7 +636,7 @@ class Setup extends \Zotlabs\Web\Controller {
$ssl_error = true; $ssl_error = true;
} }
} }
if($ssl_error) { if($ssl_error) {
$help = t('SSL certificate cannot be validated. Fix certificate or disable https access to this site.') . EOL; $help = t('SSL certificate cannot be validated. Fix certificate or disable https access to this site.') . EOL;
$help .= t('If you have https access to your website or allow connections to TCP port 443 (the https: port), you MUST use a browser-valid certificate. You MUST NOT use self-signed certificates!') . EOL; $help .= t('If you have https access to your website or allow connections to TCP port 443 (the https: port), you MUST use a browser-valid certificate. You MUST NOT use self-signed certificates!') . EOL;
@ -649,31 +647,35 @@ class Setup extends \Zotlabs\Web\Controller {
$help .= t('If you are confident that the certificate is valid and signed by a trusted authority, check to see if you have failed to install an intermediate cert. These are not normally required by browsers, but are required for server-to-server communications.') . EOL; $help .= t('If you are confident that the certificate is valid and signed by a trusted authority, check to see if you have failed to install an intermediate cert. These are not normally required by browsers, but are required for server-to-server communications.') . EOL;
$this->check_add($checks, t('SSL certificate validation'), false, true, $help); $this->check_add($checks, t('SSL certificate validation'), false, true, $help);
} }
} }
if ((! $test['success']) || ($test['body'] != "ok")) { if ((! $test['success']) || ($test['body'] != "ok")) {
$status = false; $status = false;
$help = t('Url rewrite in .htaccess is not working. Check your server configuration.'.'Test: '.var_export($test,true)); $help = t('Url rewrite in .htaccess is not working. Check your server configuration.'.'Test: '.var_export($test,true));
} }
$this->check_add($checks, t('Url rewrite is working'), $status, true, $help); $this->check_add($checks, t('Url rewrite is working'), $status, true, $help);
} else { } else {
// cannot check modrewrite if libcurl is not installed // cannot check modrewrite if libcurl is not installed
} }
} }
/**
* @brief
*
* @param App &$a
* @return string with paresed HTML
*/
function manual_config(&$a) { function manual_config(&$a) {
$data = htmlspecialchars(\App::$data['txt'], ENT_COMPAT, 'UTF-8'); $data = htmlspecialchars(\App::$data['txt'], ENT_COMPAT, 'UTF-8');
$o = t('The database configuration file ".htconfig.php" could not be written. Please use the enclosed text to create a configuration file in your web server root.'); $o = t('The database configuration file ".htconfig.php" could not be written. Please use the enclosed text to create a configuration file in your web server root.');
$o .= "<textarea rows=\"24\" cols=\"80\" >$data</textarea>"; $o .= "<textarea rows=\"24\" cols=\"80\" >$data</textarea>";
return $o; return $o;
} }
function load_database_rem($v, $i){ function load_database_rem($v, $i){
$l = trim($i); $l = trim($i);
if (strlen($l)>1 && ($l[0]=="-" || ($l[0]=="/" && $l[1]=="*"))){ if (strlen($l)>1 && ($l[0]=="-" || ($l[0]=="/" && $l[1]=="*"))){
@ -682,11 +684,11 @@ class Setup extends \Zotlabs\Web\Controller {
return $v."\n".$i; return $v."\n".$i;
} }
} }
function load_database($db) { function load_database($db) {
$str = file_get_contents(\DBA::$dba->get_install_script()); $str = file_get_contents(\DBA::$dba->get_install_script());
$arr = explode(';',$str); $arr = explode(';', $str);
$errors = false; $errors = false;
foreach($arr as $a) { foreach($arr as $a) {
if(strlen(trim($a))) { if(strlen(trim($a))) {
@ -696,15 +698,19 @@ class Setup extends \Zotlabs\Web\Controller {
} }
} }
} }
return $errors; return $errors;
} }
/**
* @brief
*
* @return string with parsed HTML
*/
function what_next() { function what_next() {
$a = get_app(); $a = get_app();
// install the standard theme // install the standard theme
set_config('system', 'allowed_themes', 'redbasic'); set_config('system', 'allowed_themes', 'redbasic');
// Set a lenient list of ciphers if using openssl. Other ssl engines // Set a lenient list of ciphers if using openssl. Other ssl engines
// (e.g. NSS used in RedHat) require different syntax, so hopefully // (e.g. NSS used in RedHat) require different syntax, so hopefully
@ -718,15 +724,15 @@ class Setup extends \Zotlabs\Web\Controller {
// weird SSL error which they can't do anything about. This does not affect // weird SSL error which they can't do anything about. This does not affect
// the SSL server, but is only a client negotiation to find something workable. // the SSL server, but is only a client negotiation to find something workable.
// Hence it will not make your system susceptible to POODL or other nasties. // Hence it will not make your system susceptible to POODL or other nasties.
$x = curl_version(); $x = curl_version();
if(stristr($x['ssl_version'],'openssl')) if(stristr($x['ssl_version'],'openssl'))
set_config('system','curl_ssl_ciphers','ALL:!eNULL'); set_config('system','curl_ssl_ciphers','ALL:!eNULL');
// Create a system channel // Create a system channel
require_once ('include/channel.php'); require_once ('include/channel.php');
create_sys_channel(); create_sys_channel();
$baseurl = z_root(); $baseurl = z_root();
return return
t('<h1>What next</h1>') t('<h1>What next</h1>')
@ -737,13 +743,18 @@ class Setup extends \Zotlabs\Web\Controller {
."</p>"; ."</p>";
} }
/**
* @brief
*
* @param unknown $v
* @param array $c
* @return array
*/
static private function check_passed($v, $c) { static private function check_passed($v, $c) {
if ($c['required']) if ($c['required'])
$v = $v && $c['status']; $v = $v && $c['status'];
return $v; return $v;
} }
} }

158
Zotlabs/Module/Thing.php
View File

@ -1,10 +1,10 @@
<?php <?php
namespace Zotlabs\Module;
/** /**
* @file mod/thing.php * @file Zotlabs/Module/Thing.php
* @brief
*/ */
namespace Zotlabs\Module;
require_once('include/items.php'); require_once('include/items.php');
require_once('include/security.php'); require_once('include/security.php');
require_once('include/selectors.php'); require_once('include/selectors.php');
@ -14,72 +14,72 @@ require_once('include/acl_selectors.php');
class Thing extends \Zotlabs\Web\Controller { class Thing extends \Zotlabs\Web\Controller {
function init() { function init() {
if(! local_channel()) if(! local_channel())
return; return;
$channel = \App::get_channel(); $channel = \App::get_channel();
$term_hash = (($_REQUEST['term_hash']) ? $_REQUEST['term_hash'] : ''); $term_hash = (($_REQUEST['term_hash']) ? $_REQUEST['term_hash'] : '');
$name = escape_tags($_REQUEST['term']); $name = escape_tags($_REQUEST['term']);
$verb = escape_tags($_REQUEST['verb']); $verb = escape_tags($_REQUEST['verb']);
$activity = intval($_REQUEST['activity']); $activity = intval($_REQUEST['activity']);
$profile_guid = escape_tags($_REQUEST['profile_assign']); $profile_guid = escape_tags($_REQUEST['profile_assign']);
$url = $_REQUEST['url']; $url = $_REQUEST['url'];
$photo = $_REQUEST['img']; $photo = $_REQUEST['img'];
$hash = random_string(); $hash = random_string();
$verbs = obj_verbs(); $verbs = obj_verbs();
/** /**
* verbs: [0] = first person singular, e.g. "I want", [1] = 3rd person singular, e.g. "Bill wants" * verbs: [0] = first person singular, e.g. "I want", [1] = 3rd person singular, e.g. "Bill wants"
* We use the first person form when creating an activity, but the third person for use in activities * We use the first person form when creating an activity, but the third person for use in activities
* @FIXME There is no accounting for verb gender for languages where this is significant. We may eventually * @FIXME There is no accounting for verb gender for languages where this is significant. We may eventually
* require obj_verbs() to provide full conjugations and specify which form to use in the $_REQUEST params to this module. * require obj_verbs() to provide full conjugations and specify which form to use in the $_REQUEST params to this module.
*/ */
$translated_verb = $verbs[$verb][1]; $translated_verb = $verbs[$verb][1];
/* /*
* The site administrator can do things that normals cannot. * The site administrator can do things that normals cannot.
* This is restricted because it will likely cause * This is restricted because it will likely cause
* an activitystreams protocol violation and the activity might * an activitystreams protocol violation and the activity might
* choke in some other network and result in unnecessary * choke in some other network and result in unnecessary
* support requests. It isn't because we're trying to be heavy-handed * support requests. It isn't because we're trying to be heavy-handed
* about what you can and can't do. * about what you can and can't do.
*/ */
if(! $translated_verb) { if(! $translated_verb) {
if(is_site_admin()) if(is_site_admin())
$translated_verb = $verb; $translated_verb = $verb;
} }
/* /*
* Things, objects: We do not provide definite (a, an) or indefinite (the) articles or singular/plural designators * Things, objects: We do not provide definite (a, an) or indefinite (the) articles or singular/plural designators
* That needs to be specified in your thing. e.g. Mike has "a carrot", Greg wants "balls", Bob likes "the Boston Red Sox". * That needs to be specified in your thing. e.g. Mike has "a carrot", Greg wants "balls", Bob likes "the Boston Red Sox".
*/ */
/* /*
* Future work on this module might produce more complex activities with targets, e.g. Phillip likes Karen's moustache * Future work on this module might produce more complex activities with targets, e.g. Phillip likes Karen's moustache
* and to describe other non-thing objects like channels, such as Karl wants Susan - where Susan represents a channel profile. * and to describe other non-thing objects like channels, such as Karl wants Susan - where Susan represents a channel profile.
*/ */
if((! $name) || (! $translated_verb)) if((! $name) || (! $translated_verb))
return; return;
$acl = new \Zotlabs\Access\AccessList($channel); $acl = new \Zotlabs\Access\AccessList($channel);
if(array_key_exists('contact_allow',$_REQUEST) if(array_key_exists('contact_allow',$_REQUEST)
|| array_key_exists('group_allow',$_REQUEST) || array_key_exists('group_allow',$_REQUEST)
|| array_key_exists('contact_deny',$_REQUEST) || array_key_exists('contact_deny',$_REQUEST)
|| array_key_exists('group_deny',$_REQUEST)) { || array_key_exists('group_deny',$_REQUEST)) {
$acl->set_from_array($_REQUEST); $acl->set_from_array($_REQUEST);
} }
$x = $acl->get(); $x = $acl->get();
if($term_hash) { if($term_hash) {
$t = q("select * from obj where obj_obj = '%s' and obj_channel = %d limit 1", $t = q("select * from obj where obj_obj = '%s' and obj_channel = %d limit 1",
dbesc($term_hash), dbesc($term_hash),
@ -97,7 +97,7 @@ class Thing extends \Zotlabs\Web\Controller {
} }
else else
$local_photo = $orig_record['obj_imgurl']; $local_photo = $orig_record['obj_imgurl'];
$r = q("update obj set obj_term = '%s', obj_url = '%s', obj_imgurl = '%s', obj_edited = '%s', allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where obj_obj = '%s' and obj_channel = %d ", $r = q("update obj set obj_term = '%s', obj_url = '%s', obj_imgurl = '%s', obj_edited = '%s', allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where obj_obj = '%s' and obj_channel = %d ",
dbesc($name), dbesc($name),
dbesc(($url) ? $url : z_root() . '/thing/' . $term_hash), dbesc(($url) ? $url : z_root() . '/thing/' . $term_hash),
@ -110,9 +110,9 @@ class Thing extends \Zotlabs\Web\Controller {
dbesc($term_hash), dbesc($term_hash),
intval(local_channel()) intval(local_channel())
); );
info( t('Thing updated') . EOL); info( t('Thing updated') . EOL);
$r = q("select * from obj where obj_channel = %d and obj_obj = '%s' limit 1", $r = q("select * from obj where obj_channel = %d and obj_obj = '%s' limit 1",
intval(local_channel()), intval(local_channel()),
dbesc($term_hash) dbesc($term_hash)
@ -120,31 +120,31 @@ class Thing extends \Zotlabs\Web\Controller {
if($r) { if($r) {
build_sync_packet(0, array('obj' => $r)); build_sync_packet(0, array('obj' => $r));
} }
return; return;
} }
$sql = (($profile_guid) ? " and profile_guid = '" . dbesc($profile_guid) . "' " : " and is_default = 1 "); $sql = (($profile_guid) ? " and profile_guid = '" . dbesc($profile_guid) . "' " : " and is_default = 1 ");
$p = q("select profile_guid, is_default from profile where uid = %d $sql limit 1", $p = q("select profile_guid, is_default from profile where uid = %d $sql limit 1",
intval(local_channel()) intval(local_channel())
); );
if($p) if($p)
$profile = $p[0]; $profile = $p[0];
else else
return; return;
$local_photo = null; $local_photo = null;
if($photo) { if($photo) {
$arr = import_xchan_photo($photo,get_observer_hash(),true); $arr = import_xchan_photo($photo,get_observer_hash(),true);
$local_photo = $arr[0]; $local_photo = $arr[0];
$local_photo_type = $arr[3]; $local_photo_type = $arr[3];
} }
$created = datetime_convert(); $created = datetime_convert();
$url = (($url) ? $url : z_root() . '/thing/' . $hash); $url = (($url) ? $url : z_root() . '/thing/' . $hash);
$r = q("insert into obj ( obj_page, obj_verb, obj_type, obj_channel, obj_obj, obj_term, obj_url, obj_imgurl, obj_created, obj_edited, allow_cid, allow_gid, deny_cid, deny_gid ) values ('%s','%s', %d, %d, '%s','%s','%s','%s','%s','%s','%s','%s','%s','%s') ", $r = q("insert into obj ( obj_page, obj_verb, obj_type, obj_channel, obj_obj, obj_term, obj_url, obj_imgurl, obj_created, obj_edited, allow_cid, allow_gid, deny_cid, deny_gid ) values ('%s','%s', %d, %d, '%s','%s','%s','%s','%s','%s','%s','%s','%s','%s') ",
dbesc($profile['profile_guid']), dbesc($profile['profile_guid']),
dbesc($verb), dbesc($verb),
@ -161,14 +161,14 @@ class Thing extends \Zotlabs\Web\Controller {
dbesc($x['deny_cid']), dbesc($x['deny_cid']),
dbesc($x['deny_gid']) dbesc($x['deny_gid'])
); );
if(! $r) { if(! $r) {
notice( t('Object store: failed')); notice( t('Object store: failed'));
return; return;
} }
info( t('Thing added')); info( t('Thing added'));
$r = q("select * from obj where obj_channel = %d and obj_obj = '%s' limit 1", $r = q("select * from obj where obj_channel = %d and obj_obj = '%s' limit 1",
intval(local_channel()), intval(local_channel()),
dbesc($hash) dbesc($hash)
@ -176,15 +176,15 @@ class Thing extends \Zotlabs\Web\Controller {
if($r) { if($r) {
build_sync_packet(0, array('obj' => $r)); build_sync_packet(0, array('obj' => $r));
} }
if($activity) { if($activity) {
$arr = array(); $arr = array();
$links = array(array('rel' => 'alternate','type' => 'text/html', 'href' => $url)); $links = array(array('rel' => 'alternate','type' => 'text/html', 'href' => $url));
if($local_photo) if($local_photo)
$links[] = array('rel' => 'photo', 'type' => $local_photo_type, 'href' => $local_photo); $links[] = array('rel' => 'photo', 'type' => $local_photo_type, 'href' => $local_photo);
$objtype = ACTIVITY_OBJ_THING; $objtype = ACTIVITY_OBJ_THING;
$obj = json_encode(array( $obj = json_encode(array(
'type' => $objtype, 'type' => $objtype,
'id' => $url, 'id' => $url,
@ -192,28 +192,28 @@ class Thing extends \Zotlabs\Web\Controller {
'title' => $name, 'title' => $name,
'content' => $name 'content' => $name
)); ));
$bodyverb = str_replace('OBJ: ', '',t('OBJ: %1$s %2$s %3$s')); $bodyverb = str_replace('OBJ: ', '',t('OBJ: %1$s %2$s %3$s'));
$arr['owner_xchan'] = $channel['channel_hash']; $arr['owner_xchan'] = $channel['channel_hash'];
$arr['author_xchan'] = $channel['channel_hash']; $arr['author_xchan'] = $channel['channel_hash'];
$arr['item_origin'] = 1; $arr['item_origin'] = 1;
$arr['item_wall'] = 1; $arr['item_wall'] = 1;
$arr['item_thread_top'] = 1; $arr['item_thread_top'] = 1;
$ulink = '[zrl=' . $channel['xchan_url'] . ']' . $channel['channel_name'] . '[/zrl]'; $ulink = '[zrl=' . $channel['xchan_url'] . ']' . $channel['channel_name'] . '[/zrl]';
$plink = '[zrl=' . $url . ']' . $name . '[/zrl]'; $plink = '[zrl=' . $url . ']' . $name . '[/zrl]';
$arr['body'] = sprintf( $bodyverb, $ulink, $translated_verb, $plink ); $arr['body'] = sprintf( $bodyverb, $ulink, $translated_verb, $plink );
if($local_photo) if($local_photo)
$arr['body'] .= "\n\n[zmg]" . $local_photo . "[/zmg]"; $arr['body'] .= "\n\n[zmg]" . $local_photo . "[/zmg]";
$arr['verb'] = $verb; $arr['verb'] = $verb;
$arr['obj_type'] = $objtype; $arr['obj_type'] = $objtype;
$arr['obj'] = $obj; $arr['obj'] = $obj;
if(! $profile['is_default']) { if(! $profile['is_default']) {
$arr['item_private'] = true; $arr['item_private'] = true;
$str = ''; $str = '';
@ -229,37 +229,37 @@ class Thing extends \Zotlabs\Web\Controller {
else else
$arr['allow_cid'] = '<' . get_observer_hash() . '>'; $arr['allow_cid'] = '<' . get_observer_hash() . '>';
} }
$ret = post_activity_item($arr); $ret = post_activity_item($arr);
} }
} }
function get() { function get() {
// @FIXME one problem with things is we can't share them unless we provide the channel in the url // @FIXME one problem with things is we can't share them unless we provide the channel in the url
// so we can definitively lookup the owner. // so we can definitively lookup the owner.
if(argc() == 2) { if(argc() == 2) {
$r = q("select obj_channel from obj where obj_type = %d and obj_obj = '%s' limit 1", $r = q("select obj_channel from obj where obj_type = %d and obj_obj = '%s' limit 1",
intval(TERM_OBJ_THING), intval(TERM_OBJ_THING),
dbesc(argv(1)) dbesc(argv(1))
); );
if($r) if($r)
$sql_extra = permissions_sql($r[0]['obj_channel']); $sql_extra = permissions_sql($r[0]['obj_channel']);
$r = q("select * from obj where obj_type = %d and obj_obj = '%s' $sql_extra limit 1", $r = q("select * from obj where obj_type = %d and obj_obj = '%s' $sql_extra limit 1",
intval(TERM_OBJ_THING), intval(TERM_OBJ_THING),
dbesc(argv(1)) dbesc(argv(1))
); );
if($r) { if($r) {
return replace_macros(get_markup_template('show_thing.tpl'), array( return replace_macros(get_markup_template('show_thing.tpl'), array(
'$header' => t('Show Thing'), '$header' => t('Show Thing'),
'$edit' => t('Edit'), '$edit' => t('Edit'),
'$delete' => t('Delete'), '$delete' => t('Delete'),
'$canedit' => ((local_channel() && local_channel() == $r[0]['obj_channel']) ? true : false), '$canedit' => ((local_channel() && local_channel() == $r[0]['obj_channel']) ? true : false),
'$thing' => $r[0] )); '$thing' => $r[0] ));
} }
else { else {
@ -267,34 +267,34 @@ class Thing extends \Zotlabs\Web\Controller {
return; return;
} }
} }
$channel = \App::get_channel(); $channel = \App::get_channel();
if(! (local_channel() && $channel)) { if(! (local_channel() && $channel)) {
notice( t('Permission denied.') . EOL); notice( t('Permission denied.') . EOL);
return; return;
} }
$acl = new \Zotlabs\Access\AccessList($channel); $acl = new \Zotlabs\Access\AccessList($channel);
$channel_acl = $acl->get(); $channel_acl = $acl->get();
$lockstate = (($acl->is_private()) ? 'lock' : 'unlock'); $lockstate = (($acl->is_private()) ? 'lock' : 'unlock');
$thing_hash = ''; $thing_hash = '';
if(argc() == 3 && argv(1) === 'edit') { if(argc() == 3 && argv(1) === 'edit') {
$thing_hash = argv(2); $thing_hash = argv(2);
$r = q("select * from obj where obj_type = %d and obj_obj = '%s' limit 1", $r = q("select * from obj where obj_type = %d and obj_obj = '%s' limit 1",
intval(TERM_OBJ_THING), intval(TERM_OBJ_THING),
dbesc($thing_hash) dbesc($thing_hash)
); );
if((! $r) || ($r[0]['obj_channel'] != local_channel())) { if((! $r) || ($r[0]['obj_channel'] != local_channel())) {
notice( t('Permission denied.') . EOL); notice( t('Permission denied.') . EOL);
return ''; return '';
} }
$o .= replace_macros(get_markup_template('thing_edit.tpl'),array( $o .= replace_macros(get_markup_template('thing_edit.tpl'),array(
'$thing_hdr' => t('Edit Thing'), '$thing_hdr' => t('Edit Thing'),
'$multiprof' => feature_enabled(local_channel(),'multi_profiles'), '$multiprof' => feature_enabled(local_channel(),'multi_profiles'),
@ -319,36 +319,36 @@ class Thing extends \Zotlabs\Web\Controller {
'$lockstate' => $lockstate, '$lockstate' => $lockstate,
'$submit' => t('Submit') '$submit' => t('Submit')
)); ));
return $o; return $o;
} }
if(argc() == 3 && argv(1) === 'drop') { if(argc() == 3 && argv(1) === 'drop') {
$thing_hash = argv(2); $thing_hash = argv(2);
$r = q("select * from obj where obj_type = %d and obj_obj = '%s' limit 1", $r = q("select * from obj where obj_type = %d and obj_obj = '%s' limit 1",
intval(TERM_OBJ_THING), intval(TERM_OBJ_THING),
dbesc($thing_hash) dbesc($thing_hash)
); );
if((! $r) || ($r[0]['obj_channel'] != local_channel())) { if((! $r) || ($r[0]['obj_channel'] != local_channel())) {
notice( t('Permission denied.') . EOL); notice( t('Permission denied.') . EOL);
return ''; return '';
} }
$x = q("delete from obj where obj_obj = '%s' and obj_type = %d and obj_channel = %d", $x = q("delete from obj where obj_obj = '%s' and obj_type = %d and obj_channel = %d",
dbesc($thing_hash), dbesc($thing_hash),
intval(TERM_OBJ_THING), intval(TERM_OBJ_THING),
intval(local_channel()) intval(local_channel())
); );
$r[0]['obj_deleted'] = 1; $r[0]['obj_deleted'] = 1;
build_sync_packet(0,array('obj' => $r)); build_sync_packet(0,array('obj' => $r));
return $o; return $o;
} }
$o .= replace_macros(get_markup_template('thing_input.tpl'),array( $o .= replace_macros(get_markup_template('thing_input.tpl'),array(
'$thing_hdr' => t('Add Thing to your Profile'), '$thing_hdr' => t('Add Thing to your Profile'),
'$multiprof' => feature_enabled(local_channel(),'multi_profiles'), '$multiprof' => feature_enabled(local_channel(),'multi_profiles'),
@ -369,8 +369,8 @@ class Thing extends \Zotlabs\Web\Controller {
'$lockstate' => $lockstate, '$lockstate' => $lockstate,
'$submit' => t('Submit') '$submit' => t('Submit')
)); ));
return $o; return $o;
} }
} }

32
Zotlabs/Storage/BasicAuth.php
View File

@ -12,7 +12,7 @@ use Sabre\HTTP\ResponseInterface;
* This class also contains some data which is not necessary for authentication * This class also contains some data which is not necessary for authentication
* like timezone settings. * like timezone settings.
* *
* @extends Sabre\DAV\Auth\Backend\AbstractBasic * @extends \\Sabre\\DAV\\Auth\\Backend\\AbstractBasic
* *
* @link http://github.com/friendica/red * @link http://github.com/friendica/red
* @license http://opensource.org/licenses/mit-license.php The MIT License (MIT) * @license http://opensource.org/licenses/mit-license.php The MIT License (MIT)
@ -24,37 +24,37 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic {
* *
* It is used for building path in filestorage/. * It is used for building path in filestorage/.
* *
* @var string|null * @var string|null $channel_name
*/ */
protected $channel_name = null; protected $channel_name = null;
/** /**
* channel_id of the current channel of the logged-in account. * @brief channel_id of the current channel of the logged-in account.
* *
* @var int * @var int $channel_id
*/ */
public $channel_id = 0; public $channel_id = 0;
/** /**
* channel_hash of the current channel of the logged-in account. * @brief channel_hash of the current channel of the logged-in account.
* *
* @var string * @var string $channel_hash
*/ */
public $channel_hash = ''; public $channel_hash = '';
/** /**
* Set in mod/cloud.php to observer_hash. * @brief Set in mod/cloud.php to observer_hash.
* *
* @var string * @var string $observer
*/ */
public $observer = ''; public $observer = '';
/** /**
* *
* @see Browser::set_writeable() * @see Browser::set_writeable()
* @var \Sabre\DAV\Browser\Plugin * @var \\Sabre\\DAV\\Browser\\Plugin $browser
*/ */
public $browser; public $browser;
/** /**
* channel_id of the current visited path. Set in Directory::getDir(). * @brief channel_id of the current visited path. Set in Directory::getDir().
* *
* @var int * @var int $owner_id
*/ */
public $owner_id = 0; public $owner_id = 0;
/** /**
@ -62,15 +62,15 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic {
* *
* Used for creating the path in cloud/ * Used for creating the path in cloud/
* *
* @var string * @var string $owner_nick
*/ */
public $owner_nick = ''; public $owner_nick = '';
/** /**
* Timezone from the visiting channel's channel_timezone. * Timezone from the visiting channel's channel_timezone.
* *
* Used in @ref RedBrowser * Used in @ref Browser
* *
* @var string * @var string $timezone
*/ */
protected $timezone = ''; protected $timezone = '';
@ -82,7 +82,7 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic {
* @brief Validates a username and password. * @brief Validates a username and password.
* *
* *
* @see \Sabre\DAV\Auth\Backend\AbstractBasic::validateUserPass * @see \\Sabre\\DAV\\Auth\\Backend\\AbstractBasic::validateUserPass
* @param string $username * @param string $username
* @param string $password * @param string $password
* @return bool * @return bool
@ -211,7 +211,7 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic {
* *
* If nobody is currently logged in, this method should return null. * If nobody is currently logged in, this method should return null.
* *
* @see \Sabre\DAV\Auth\Backend\AbstractBasic::getCurrentUser * @see \\Sabre\\DAV\\Auth\\Backend\\AbstractBasic::getCurrentUser
* @return string|null * @return string|null
*/ */
public function getCurrentUser() { public function getCurrentUser() {

29
Zotlabs/Storage/Browser.php
View File

@ -7,10 +7,10 @@ use Sabre\DAV;
/** /**
* @brief Provides a DAV frontend for the webbrowser. * @brief Provides a DAV frontend for the webbrowser.
* *
* RedBrowser is a SabreDAV server-plugin to provide a view to the DAV storage * Browser is a SabreDAV server-plugin to provide a view to the DAV storage
* for the webbrowser. * for the webbrowser.
* *
* @extends \Sabre\DAV\Browser\Plugin * @extends \\Sabre\\DAV\\Browser\\Plugin
* *
* @link http://github.com/friendica/red * @link http://github.com/friendica/red
* @license http://opensource.org/licenses/mit-license.php The MIT License (MIT) * @license http://opensource.org/licenses/mit-license.php The MIT License (MIT)
@ -19,13 +19,13 @@ class Browser extends DAV\Browser\Plugin {
/** /**
* @see set_writeable() * @see set_writeable()
* @see \Sabre\DAV\Auth\Backend\BackendInterface * @see \\Sabre\\DAV\\Auth\\Backend\\BackendInterface
* @var RedBasicAuth * @var BasicAuth $auth
*/ */
private $auth; private $auth;
/** /**
* @brief Constructor for RedBrowser class. * @brief Constructor for Browser class.
* *
* $enablePost will be activated through set_writeable() in a later stage. * $enablePost will be activated through set_writeable() in a later stage.
* At the moment the write_storage permission is only valid for the whole * At the moment the write_storage permission is only valid for the whole
@ -36,7 +36,7 @@ class Browser extends DAV\Browser\Plugin {
* Disable assets with $enableAssets = false. Should get some thumbnail views * Disable assets with $enableAssets = false. Should get some thumbnail views
* anyway. * anyway.
* *
* @param RedBasicAuth &$auth * @param BasicAuth &$auth
*/ */
public function __construct(&$auth) { public function __construct(&$auth) {
$this->auth = $auth; $this->auth = $auth;
@ -95,7 +95,6 @@ class Browser extends DAV\Browser\Plugin {
'{DAV:}getlastmodified', '{DAV:}getlastmodified',
), 1); ), 1);
$parent = $this->server->tree->getNodeForPath($path); $parent = $this->server->tree->getNodeForPath($path);
$parentpath = array(); $parentpath = array();
@ -263,10 +262,11 @@ class Browser extends DAV\Browser\Plugin {
* @brief Creates a form to add new folders and upload files. * @brief Creates a form to add new folders and upload files.
* *
* @param \Sabre\DAV\INode $node * @param \Sabre\DAV\INode $node
* @param string &$output * @param[in,out] string &$output
* @param string $path
*/ */
public function htmlActionsPanel(DAV\INode $node, &$output, $path) { public function htmlActionsPanel(DAV\INode $node, &$output, $path) {
if (! $node instanceof DAV\ICollection) if(! $node instanceof DAV\ICollection)
return; return;
// We also know fairly certain that if an object is a non-extended // We also know fairly certain that if an object is a non-extended
@ -278,9 +278,9 @@ class Browser extends DAV\Browser\Plugin {
$aclselect = null; $aclselect = null;
$lockstate = ''; $lockstate = '';
if ($this->auth->owner_id) { if($this->auth->owner_id) {
$channel = channelx_by_n($this->auth->owner_id); $channel = channelx_by_n($this->auth->owner_id);
if ($channel) { if($channel) {
$acl = new \Zotlabs\Access\AccessList($channel); $acl = new \Zotlabs\Access\AccessList($channel);
$channel_acl = $acl->get(); $channel_acl = $acl->get();
$lockstate = (($acl->is_private()) ? 'lock' : 'unlock'); $lockstate = (($acl->is_private()) ? 'lock' : 'unlock');
@ -295,12 +295,12 @@ class Browser extends DAV\Browser\Plugin {
intval($this->auth->channel_account_id) intval($this->auth->channel_account_id)
); );
$used = $r[0]['total']; $used = $r[0]['total'];
if ($used) { if($used) {
$quotaDesc = t('You are using %1$s of your available file storage.'); $quotaDesc = t('You are using %1$s of your available file storage.');
$quotaDesc = sprintf($quotaDesc, $quotaDesc = sprintf($quotaDesc,
userReadableSize($used)); userReadableSize($used));
} }
if ($limit && $used) { if($limit && $used) {
$quotaDesc = t('You are using %1$s of %2$s available file storage. (%3$s&#37;)'); $quotaDesc = t('You are using %1$s of %2$s available file storage. (%3$s&#37;)');
$quotaDesc = sprintf($quotaDesc, $quotaDesc = sprintf($quotaDesc,
userReadableSize($used), userReadableSize($used),
@ -355,7 +355,7 @@ class Browser extends DAV\Browser\Plugin {
* *
* @param int $owner * @param int $owner
* The owner_id * The owner_id
* @param string $hash * @param string $parentHash
* The parent's folder hash * The parent's folder hash
* @param string $attachName * @param string $attachName
* The name of the attachment * The name of the attachment
@ -373,6 +373,7 @@ class Browser extends DAV\Browser\Plugin {
$hash = $rr['hash']; $hash = $rr['hash'];
} }
} }
return $hash; return $hash;
} }

42
Zotlabs/Storage/Directory.php
View File

@ -9,9 +9,9 @@ use Sabre\DAV;
* *
* A class that represents a directory. * A class that represents a directory.
* *
* @extends \Sabre\DAV\Node * @extends \\Sabre\\DAV\\Node
* @implements \Sabre\DAV\ICollection * @implements \\Sabre\\DAV\\ICollection
* @implements \Sabre\DAV\IQuota * @implements \\Sabre\\DAV\\IQuota
* *
* @link http://github.com/friendica/red * @link http://github.com/friendica/red
* @license http://opensource.org/licenses/mit-license.php The MIT License (MIT) * @license http://opensource.org/licenses/mit-license.php The MIT License (MIT)
@ -21,7 +21,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
/** /**
* @brief The path inside /cloud * @brief The path inside /cloud
* *
* @var string * @var string $red_path
*/ */
private $red_path; private $red_path;
private $folder_hash; private $folder_hash;
@ -29,7 +29,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
* @brief The full path as seen in the browser. * @brief The full path as seen in the browser.
* /cloud + $red_path * /cloud + $red_path
* @todo I think this is not used anywhere, we always strip '/cloud' and only use it in debug * @todo I think this is not used anywhere, we always strip '/cloud' and only use it in debug
* @var string * @var string $ext_path
*/ */
private $ext_path; private $ext_path;
private $root_dir = ''; private $root_dir = '';
@ -38,7 +38,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
* @brief The real path on the filesystem. * @brief The real path on the filesystem.
* The actual path in store/ with the hashed names. * The actual path in store/ with the hashed names.
* *
* @var string * @var string $os_path
*/ */
private $os_path = ''; private $os_path = '';
@ -46,7 +46,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
* @brief Sets up the directory node, expects a full path. * @brief Sets up the directory node, expects a full path.
* *
* @param string $ext_path a full path * @param string $ext_path a full path
* @param RedBasicAuth &$auth_plugin * @param BasicAuth &$auth_plugin
*/ */
public function __construct($ext_path, &$auth_plugin) { public function __construct($ext_path, &$auth_plugin) {
// $ext_path = urldecode($ext_path); // $ext_path = urldecode($ext_path);
@ -55,14 +55,14 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
// remove "/cloud" from the beginning of the path // remove "/cloud" from the beginning of the path
$modulename = \App::$module; $modulename = \App::$module;
$this->red_path = ((strpos($ext_path, '/' . $modulename) === 0) ? substr($ext_path, strlen($modulename) + 1) : $ext_path); $this->red_path = ((strpos($ext_path, '/' . $modulename) === 0) ? substr($ext_path, strlen($modulename) + 1) : $ext_path);
if (! $this->red_path) { if(! $this->red_path) {
$this->red_path = '/'; $this->red_path = '/';
} }
$this->auth = $auth_plugin; $this->auth = $auth_plugin;
$this->folder_hash = ''; $this->folder_hash = '';
$this->getDir(); $this->getDir();
if ($this->auth->browser) { if($this->auth->browser) {
$this->auth->browser->set_writeable(); $this->auth->browser->set_writeable();
} }
} }
@ -76,8 +76,8 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
/** /**
* @brief Returns an array with all the child nodes. * @brief Returns an array with all the child nodes.
* *
* @throw \Sabre\DAV\Exception\Forbidden * @throw "\Sabre\DAV\Exception\Forbidden"
* @return array \Sabre\DAV\INode[] * @return array \\Sabre\\DAV\\INode[]
*/ */
public function getChildren() { public function getChildren() {
logger('children for ' . $this->ext_path, LOGGER_DATA); logger('children for ' . $this->ext_path, LOGGER_DATA);
@ -98,8 +98,8 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
/** /**
* @brief Returns a child by name. * @brief Returns a child by name.
* *
* @throw \Sabre\DAV\Exception\Forbidden * @throw "\Sabre\DAV\Exception\Forbidden"
* @throw \Sabre\DAV\Exception\NotFound * @throw "\Sabre\DAV\Exception\NotFound"
* @param string $name * @param string $name
*/ */
public function getChild($name) { public function getChild($name) {
@ -141,7 +141,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
* *
* @todo handle duplicate directory name * @todo handle duplicate directory name
* *
* @throw \Sabre\DAV\Exception\Forbidden * @throw "\Sabre\DAV\Exception\Forbidden"
* @param string $name The new name of the directory. * @param string $name The new name of the directory.
* @return void * @return void
*/ */
@ -186,7 +186,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
* After successful creation of the file, you may choose to return the ETag * After successful creation of the file, you may choose to return the ETag
* of the new file here. * of the new file here.
* *
* @throw \Sabre\DAV\Exception\Forbidden * @throw "\Sabre\DAV\Exception\Forbidden"
* @param string $name Name of the file * @param string $name Name of the file
* @param resource|string $data Initial payload * @param resource|string $data Initial payload
* @return null|string ETag * @return null|string ETag
@ -431,7 +431,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
/** /**
* @todo add description of what this function does. * @todo add description of what this function does.
* *
* @throw \Sabre\DAV\Exception\NotFound * @throw "\Sabre\DAV\Exception\NotFound"
* @return void * @return void
*/ */
function getDir() { function getDir() {
@ -557,13 +557,13 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
/** /**
* @brief Array with all Directory and File DAV\Node items for the given path. * @brief Array with all Directory and File DAV\\Node items for the given path.
* *
* @param string $file path to a directory * @param string $file path to a directory
* @param \Zotlabs\Storage\BasicAuth &$auth * @param \Zotlabs\Storage\BasicAuth &$auth
* @returns null|array \Sabre\DAV\INode[] * @returns null|array \\Sabre\\DAV\\INode[]
* @throw \Sabre\DAV\Exception\Forbidden * @throw "\Sabre\DAV\Exception\Forbidden"
* @throw \Sabre\DAV\Exception\NotFound * @throw "\Sabre\DAV\Exception\NotFound"
*/ */
function CollectionData($file, &$auth) { function CollectionData($file, &$auth) {
$ret = array(); $ret = array();
@ -710,7 +710,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
* @param BasicAuth &$auth * @param BasicAuth &$auth
* @param boolean $test (optional) enable test mode * @param boolean $test (optional) enable test mode
* @return File|Directory|boolean|null * @return File|Directory|boolean|null
* @throw \Sabre\DAV\Exception\Forbidden * @throw "\Sabre\DAV\Exception\Forbidden"
*/ */
function FileData($file, &$auth, $test = false) { function FileData($file, &$auth, $test = false) {
logger($file . (($test) ? ' (test mode) ' : ''), LOGGER_DATA); logger($file . (($test) ? ' (test mode) ' : ''), LOGGER_DATA);

48
Zotlabs/Storage/File.php
View File

@ -9,8 +9,8 @@ use Sabre\DAV;
* *
* It provides all functions to work with files in Red's cloud through DAV protocol. * It provides all functions to work with files in Red's cloud through DAV protocol.
* *
* @extends \Sabre\DAV\Node * @extends \\Sabre\\DAV\\Node
* @implements \Sabre\DAV\IFile * @implements \\Sabre\\DAV\\IFile
* *
* @link http://github.com/friendica/red * @link http://github.com/friendica/red
* @license http://opensource.org/licenses/mit-license.php The MIT License (MIT) * @license http://opensource.org/licenses/mit-license.php The MIT License (MIT)
@ -20,20 +20,20 @@ class File extends DAV\Node implements DAV\IFile {
/** /**
* The file from attach table. * The file from attach table.
* *
* @var array * @var array $data
* data * * data
* flags * * flags
* filename (string) * * filename (string)
* filetype (string) * * filetype (string)
*/ */
private $data; private $data;
/** /**
* @see \Sabre\DAV\Auth\Backend\BackendInterface * @see \\Sabre\\DAV\\Auth\\Backend\\BackendInterface
* @var \RedMatrix\RedDAV\RedBasicAuth * @var \\Zotlabs\\Storage\\BasicAuth $auth
*/ */
private $auth; private $auth;
/** /**
* @var string * @var string $name
*/ */
private $name; private $name;
@ -65,8 +65,8 @@ class File extends DAV\Node implements DAV\IFile {
/** /**
* @brief Renames the file. * @brief Renames the file.
* *
* @throw Sabre\DAV\Exception\Forbidden * @throw "\Sabre\DAV\Exception\Forbidden"
* @param string $name The new name of the file. * @param string $newName The new name of the file.
* @return void * @return void
*/ */
public function setName($newName) { public function setName($newName) {
@ -95,7 +95,7 @@ class File extends DAV\Node implements DAV\IFile {
$ch = channelx_by_n($this->auth->owner_id); $ch = channelx_by_n($this->auth->owner_id);
if($ch) { if($ch) {
$sync = attach_export_data($ch,$this->data['hash']); $sync = attach_export_data($ch,$this->data['hash']);
if($sync) if($sync)
build_sync_packet($ch['channel_id'],array('file' => array($sync))); build_sync_packet($ch['channel_id'],array('file' => array($sync)));
} }
} }
@ -138,7 +138,7 @@ class File extends DAV\Node implements DAV\IFile {
$album = $f1[0]['filename']; $album = $f1[0]['filename'];
$direct = $f1[0]; $direct = $f1[0];
} }
} }
$fname = dbunescbin($d[0]['content']); $fname = dbunescbin($d[0]['content']);
if(strpos($fname,'store') === false) if(strpos($fname,'store') === false)
$f = 'store/' . $this->auth->owner_nick . '/' . $fname ; $f = 'store/' . $this->auth->owner_nick . '/' . $fname ;
@ -151,11 +151,11 @@ class File extends DAV\Node implements DAV\IFile {
logger('filename: ' . $f . ' size: ' . $size, LOGGER_DEBUG); logger('filename: ' . $f . ' size: ' . $size, LOGGER_DEBUG);
} }
$gis = @getimagesize($f); $gis = @getimagesize($f);
logger('getimagesize: ' . print_r($gis,true), LOGGER_DATA); logger('getimagesize: ' . print_r($gis,true), LOGGER_DATA);
if(($gis) && ($gis[2] === IMAGETYPE_GIF || $gis[2] === IMAGETYPE_JPEG || $gis[2] === IMAGETYPE_PNG)) { if(($gis) && ($gis[2] === IMAGETYPE_GIF || $gis[2] === IMAGETYPE_JPEG || $gis[2] === IMAGETYPE_PNG)) {
$is_photo = 1; $is_photo = 1;
} }
} }
else { else {
// this shouldn't happen any more // this shouldn't happen any more
$r = q("UPDATE attach SET content = '%s' WHERE hash = '%s' AND uid = %d", $r = q("UPDATE attach SET content = '%s' WHERE hash = '%s' AND uid = %d",
@ -222,7 +222,7 @@ class File extends DAV\Node implements DAV\IFile {
$sync = attach_export_data($c[0],$this->data['hash']); $sync = attach_export_data($c[0],$this->data['hash']);
if($sync) if($sync)
build_sync_packet($c[0]['channel_id'],array('file' => array($sync))); build_sync_packet($c[0]['channel_id'],array('file' => array($sync)));
} }
@ -322,16 +322,16 @@ class File extends DAV\Node implements DAV\IFile {
* This method checks the permissions and then calls attach_delete() function * This method checks the permissions and then calls attach_delete() function
* to actually remove the file. * to actually remove the file.
* *
* @throw \Sabre\DAV\Exception\Forbidden * @throw "\Sabre\DAV\Exception\Forbidden"
*/ */
public function delete() { public function delete() {
logger('delete file ' . basename($this->name), LOGGER_DEBUG); logger('delete file ' . basename($this->name), LOGGER_DEBUG);
if ((! $this->auth->owner_id) || (! perm_is_allowed($this->auth->owner_id, $this->auth->observer, 'write_storage'))) { if((! $this->auth->owner_id) || (! perm_is_allowed($this->auth->owner_id, $this->auth->observer, 'write_storage'))) {
throw new DAV\Exception\Forbidden('Permission denied.'); throw new DAV\Exception\Forbidden('Permission denied.');
} }
if ($this->auth->owner_id !== $this->auth->channel_id) { if($this->auth->owner_id !== $this->auth->channel_id) {
if (($this->auth->observer !== $this->data['creator']) || intval($this->data['is_dir'])) { if (($this->auth->observer !== $this->data['creator']) || intval($this->data['is_dir'])) {
throw new DAV\Exception\Forbidden('Permission denied.'); throw new DAV\Exception\Forbidden('Permission denied.');
} }
@ -340,14 +340,14 @@ class File extends DAV\Node implements DAV\IFile {
if(get_pconfig($this->auth->owner_id,'system','os_delete_prohibit') && \App::$module == 'dav') { if(get_pconfig($this->auth->owner_id,'system','os_delete_prohibit') && \App::$module == 'dav') {
throw new DAV\Exception\Forbidden('Permission denied.'); throw new DAV\Exception\Forbidden('Permission denied.');
} }
attach_delete($this->auth->owner_id, $this->data['hash']); attach_delete($this->auth->owner_id, $this->data['hash']);
$ch = channelx_by_n($this->auth->owner_id); $ch = channelx_by_n($this->auth->owner_id);
if($ch) { if($ch) {
$sync = attach_export_data($ch,$this->data['hash'],true); $sync = attach_export_data($ch, $this->data['hash'], true);
if($sync) if($sync)
build_sync_packet($ch['channel_id'],array('file' => array($sync))); build_sync_packet($ch['channel_id'], array('file' => array($sync)));
} }
} }
} }

98
Zotlabs/Web/Router.php
View File

@ -2,51 +2,53 @@
namespace Zotlabs\Web; namespace Zotlabs\Web;
/**
*
* We have already parsed the server path into App::$argc and App::$argv
*
* App::$argv[0] is our module name. Let's call it 'foo'. We will load the
* Zotlabs/Module/Foo.php (object) or file mod/foo.php (procedural)
* and use it for handling our URL request to 'https://ourgreatwebsite.something/foo' .
* The module file contains a few functions that we call in various circumstances
* and in the following order:
* @code{.php}
* Object:
* class Foo extends \Zotlabs\Web\Controller {
* function init() { init function }
* function post() { post function }
* function get() { normal page function }
* }
*
* Procedual interface:
* foo_init()
* foo_post() (only called if there are $_POST variables)
* foo_content() - the string return of this function contains our page body
* @endcode
* Modules which emit other serialisations besides HTML (XML,JSON, etc.) should do
* so within the module init and/or post functions and then invoke killme() to terminate
* further processing.
*/
class Router { class Router {
private $modname = ''; private $modname = '';
private $controller = null; private $controller = null;
/**
* @brief Router constructor
*
* @param[in,out] App &$a
* @throws Exception module not found
*/
function __construct(&$a) { function __construct(&$a) {
/**
*
* We have already parsed the server path into App::$argc and App::$argv
*
* App::$argv[0] is our module name. Let's call it 'foo'. We will load the
* Zotlabs/Module/Foo.php (object) or file mod/foo.php (procedural)
* and use it for handling our URL request to 'https://ourgreatwebsite.something/foo' .
* The module file contains a few functions that we call in various circumstances
* and in the following order:
*
* Object:
* class Foo extends Zotlabs\Web\Controller {
* function init() { init function }
* function post() { post function }
* function get() { normal page function }
* }
*
* Procedual interface:
* foo_init()
* foo_post() (only called if there are $_POST variables)
* foo_content() - the string return of this function contains our page body
*
* Modules which emit other serialisations besides HTML (XML,JSON, etc.) should do
* so within the module init and/or post functions and then invoke killme() to terminate
* further processing.
*/
$module = \App::$module; $module = \App::$module;
$modname = "Zotlabs\\Module\\" . ucfirst($module); $modname = "Zotlabs\\Module\\" . ucfirst($module);
if(strlen($module)) { if(strlen($module)) {
/** /*
*
* We will always have a module name. * We will always have a module name.
* First see if we have a plugin which is masquerading as a module. * First see if we have a plugin which is masquerading as a module.
*
*/ */
if(is_array(\App::$plugins) && in_array($module,\App::$plugins) && file_exists("addon/{$module}/{$module}.php")) { if(is_array(\App::$plugins) && in_array($module,\App::$plugins) && file_exists("addon/{$module}/{$module}.php")) {
@ -66,7 +68,7 @@ class Router {
goaway(z_root()); goaway(z_root());
} }
/** /*
* If the site has a custom module to over-ride the standard module, use it. * If the site has a custom module to over-ride the standard module, use it.
* Otherwise, look for the standard program module * Otherwise, look for the standard program module
*/ */
@ -101,13 +103,13 @@ class Router {
} }
} }
} }
/** /*
* This provides a place for plugins to register module handlers which don't otherwise exist * This provides a place for plugins to register module handlers which don't otherwise exist
* on the system, or to completely over-ride an existing module. * on the system, or to completely over-ride an existing module.
* If the plugin sets 'installed' to true we won't throw a 404 error for the specified module even if * If the plugin sets 'installed' to true we won't throw a 404 error for the specified module even if
* there is no specific module file or matching plugin name. * there is no specific module file or matching plugin name.
* The plugin should catch at least one of the module hooks for this URL. * The plugin should catch at least one of the module hooks for this URL.
*/ */
$x = array('module' => $module, 'installed' => \App::$module_loaded, 'controller' => $this->controller); $x = array('module' => $module, 'installed' => \App::$module_loaded, 'controller' => $this->controller);
@ -117,7 +119,7 @@ class Router {
$this->controller = $x['controller']; $this->controller = $x['controller'];
} }
/** /*
* The URL provided does not resolve to a valid module. * The URL provided does not resolve to a valid module.
* *
* On Dreamhost sites, quite often things go wrong for no apparent reason and they send us to '/internal_error.html'. * On Dreamhost sites, quite often things go wrong for no apparent reason and they send us to '/internal_error.html'.
@ -157,7 +159,11 @@ class Router {
} }
} }
/**
* @brief
*
* @param[in,out] App &$a
*/
function Dispatch(&$a) { function Dispatch(&$a) {
/** /**
@ -168,14 +174,14 @@ class Router {
\App::$page['page_title'] = \App::$module; \App::$page['page_title'] = \App::$module;
$placeholder = ''; $placeholder = '';
/** /*
* No theme has been specified when calling the module_init functions * No theme has been specified when calling the module_init functions
* For this reason, please restrict the use of templates to those which * For this reason, please restrict the use of templates to those which
* do not provide any presentation details - as themes will not be able * do not provide any presentation details - as themes will not be able
* to over-ride them. * to over-ride them.
*/ */
$arr = array('init' => true, 'replace' => false); $arr = array('init' => true, 'replace' => false);
call_hooks(\App::$module . '_mod_init', $arr); call_hooks(\App::$module . '_mod_init', $arr);
if(! $arr['replace']) { if(! $arr['replace']) {
if($this->controller && method_exists($this->controller,'init')) { if($this->controller && method_exists($this->controller,'init')) {
@ -187,7 +193,7 @@ class Router {
} }
} }
/** /*
* Do all theme initialisation here before calling any additional module functions. * Do all theme initialisation here before calling any additional module functions.
* The module_init function may have changed the theme. * The module_init function may have changed the theme.
* Additionally any page with a Comanche template may alter the theme. * Additionally any page with a Comanche template may alter the theme.
@ -195,7 +201,7 @@ class Router {
*/ */
/** /*
* In case a page has overloaded a module, see if we already have a layout defined * In case a page has overloaded a module, see if we already have a layout defined
* otherwise, if a PDL file exists for this module, use it * otherwise, if a PDL file exists for this module, use it
* The member may have also created a customised PDL that's stored in the config * The member may have also created a customised PDL that's stored in the config
@ -203,7 +209,7 @@ class Router {
load_pdl($a); load_pdl($a);
/** /*
* load current theme info * load current theme info
*/ */
@ -226,7 +232,7 @@ class Router {
} }
} }
if(($_SERVER['REQUEST_METHOD'] === 'POST') && (! \App::$error) && (! x($_POST, 'auth-params'))) { if(($_SERVER['REQUEST_METHOD'] === 'POST') && (! \App::$error) && (! x($_POST, 'auth-params'))) {
call_hooks(\App::$module . '_mod_post', $_POST); call_hooks(\App::$module . '_mod_post', $_POST);
if($this->controller && method_exists($this->controller,'post')) { if($this->controller && method_exists($this->controller,'post')) {
@ -238,7 +244,7 @@ class Router {
} }
} }
if(! \App::$error) { if(! \App::$error) {
$arr = array('content' => \App::$page['content'], 'replace' => false); $arr = array('content' => \App::$page['content'], 'replace' => false);
call_hooks(\App::$module . '_mod_content', $arr); call_hooks(\App::$module . '_mod_content', $arr);
\App::$page['content'] = $arr['content']; \App::$page['content'] = $arr['content'];

24
Zotlabs/Web/SubModule.php
View File

@ -2,23 +2,28 @@
namespace Zotlabs\Web; namespace Zotlabs\Web;
/*
* @brief
*
*/
class SubModule { class SubModule {
private $controller = false; private $controller = false;
/** /**
* @brief Submodule constructor.
*
* Initiate sub-modules. By default the submodule name is in argv(1), though this is configurable. * Initiate sub-modules. By default the submodule name is in argv(1), though this is configurable.
* Example: Given a URL path such as /admin/plugins, and the Admin module initiates sub-modules. * Example: Given a URL path such as /admin/plugins, and the Admin module initiates sub-modules.
* This means we'll look for a class Plugins in Zotlabs/Module/Admin/Plugins.php * This means we'll look for a class Plugins in Zotlabs/Module/Admin/Plugins.php
* The specific methods and calling parameters are up to the top level module controller logic. * The specific methods and calling parameters are up to the top level module controller logic.
* *
* **If** you were to provide sub-module support on the photos module, you would probably use * **If** you were to provide sub-module support on the photos module, you would probably use
* $whicharg = 2, as photos are typically called with a URL path of /photos/channel_address/submodule_name * $whicharg = 2, as photos are typically called with a URL path of /photos/channel_address/submodule_name
* where submodule_name might be something like album or image. * where submodule_name might be something like album or image.
*
* @param int $whicharg
*/ */
function __construct($whicharg = 1) { function __construct($whicharg = 1) {
if(argc() < ($whicharg + 1)) if(argc() < ($whicharg + 1))
@ -31,13 +36,20 @@ class SubModule {
} }
} }
/**
* @brief
*
* @param string $method
* @return boolean|mixed
*/
function call($method) { function call($method) {
if(! $this->controller) if(! $this->controller)
return false; return false;
if(method_exists($this->controller,$method))
if(method_exists($this->controller, $method))
return $this->controller->$method(); return $this->controller->$method();
return false; return false;
} }
} }

40
Zotlabs/Zot/Finger.php
View File

@ -2,7 +2,10 @@
namespace Zotlabs\Zot; namespace Zotlabs\Zot;
/**
* @brief Finger
*
*/
class Finger { class Finger {
static private $token; static private $token;
@ -19,25 +22,25 @@ class Finger {
* *
* @return zotinfo array (with 'success' => true) or array('success' => false); * @return zotinfo array (with 'success' => true) or array('success' => false);
*/ */
static public function run($webbie, $channel = null, $autofallback = true) { static public function run($webbie, $channel = null, $autofallback = true) {
$ret = array('success' => false); $ret = array('success' => false);
self::$token = random_string(); self::$token = random_string();
if (strpos($webbie,'@') === false) { if (strpos($webbie, '@') === false) {
$address = $webbie; $address = $webbie;
$host = \App::get_hostname(); $host = \App::get_hostname();
} else { } else {
$address = substr($webbie,0,strpos($webbie,'@')); $address = substr($webbie, 0, strpos($webbie, '@'));
$host = substr($webbie,strpos($webbie,'@')+1); $host = substr($webbie, strpos($webbie, '@')+1);
} }
$xchan_addr = $address . '@' . $host; $xchan_addr = $address . '@' . $host;
if ((! $address) || (! $xchan_addr)) { if ((! $address) || (! $xchan_addr)) {
logger('zot_finger: no address :' . $webbie); logger('zot_finger: no address :' . $webbie);
return $ret; return $ret;
} }
@ -53,16 +56,16 @@ class Finger {
dbesc($xchan_addr) dbesc($xchan_addr)
); );
if ($r) { if($r) {
$url = $r[0]['hubloc_url']; $url = $r[0]['hubloc_url'];
if ($r[0]['hubloc_network'] && $r[0]['hubloc_network'] !== 'zot') { if($r[0]['hubloc_network'] && $r[0]['hubloc_network'] !== 'zot') {
logger('zot_finger: alternate network: ' . $webbie); logger('zot_finger: alternate network: ' . $webbie);
logger('url: '.$url.', net: '.var_export($r[0]['hubloc_network'],true), LOGGER_DATA, LOG_DEBUG); logger('url: '.$url.', net: '.var_export($r[0]['hubloc_network'], true), LOGGER_DATA, LOG_DEBUG);
return $ret; return $ret;
} }
} } else {
else {
$url = 'https://' . $host; $url = 'https://' . $host;
} }
@ -88,13 +91,12 @@ class Finger {
$result = z_post_url('http://' . $host . $rhs,$postvars); $result = z_post_url('http://' . $host . $rhs,$postvars);
} }
} }
} } else {
else {
$rhs .= '?f=&address=' . urlencode($address) . '&token=' . self::$token; $rhs .= '?f=&address=' . urlencode($address) . '&token=' . self::$token;
$result = z_fetch_url($url . $rhs); $result = z_fetch_url($url . $rhs);
if ((! $result['success']) && ($autofallback)) { if((! $result['success']) && ($autofallback)) {
if ($https) { if($https) {
logger('zot_finger: https failed. falling back to http'); logger('zot_finger: https failed. falling back to http');
$result = z_fetch_url('http://' . $host . $rhs); $result = z_fetch_url('http://' . $host . $rhs);
} }
@ -103,23 +105,25 @@ class Finger {
if(! $result['success']) { if(! $result['success']) {
logger('zot_finger: no results'); logger('zot_finger: no results');
return $ret; return $ret;
} }
$x = json_decode($result['body'],true); $x = json_decode($result['body'], true);
if($x) { if($x) {
$signed_token = ((is_array($x) && array_key_exists('signed_token',$x)) ? $x['signed_token'] : null); $signed_token = ((is_array($x) && array_key_exists('signed_token', $x)) ? $x['signed_token'] : null);
if($signed_token) { if($signed_token) {
$valid = rsa_verify('token.' . self::$token,base64url_decode($signed_token),$x['key']); $valid = rsa_verify('token.' . self::$token, base64url_decode($signed_token), $x['key']);
if(! $valid) { if(! $valid) {
logger('invalid signed token: ' . $url . $rhs, LOGGER_NORMAL, LOG_ERR); logger('invalid signed token: ' . $url . $rhs, LOGGER_NORMAL, LOG_ERR);
return $ret; return $ret;
} }
} }
else { else {
logger('No signed token from ' . $url . $rhs, LOGGER_NORMAL, LOG_WARNING); logger('No signed token from ' . $url . $rhs, LOGGER_NORMAL, LOG_WARNING);
// after 2017-01-01 this will be a hard error unless you over-ride it. // after 2017-01-01 this will be a hard error unless you over-ride it.
if((time() > 1483228800) && (! get_config('system','allow_unsigned_zotfinger'))) if((time() > 1483228800) && (! get_config('system', 'allow_unsigned_zotfinger')))
return $ret; return $ret;
} }
} }

1
include/Import/Importer.php
View File

@ -5,7 +5,6 @@ namespace Hubzilla\Import;
/** /**
* @brief Class Import * @brief Class Import
* *
* @package Hubzilla\Import
*/ */
class Import { class Import {

73
include/acl_selectors.php
View File

@ -1,17 +1,24 @@
<?php /** @file */ <?php
/** /**
* * @file include/acl_selectors.php
*
* @package acl_selectors
*/ */
/** /**
* @package acl_selectors * @brief
*
* @param string $selname
* @param string $selclass
* @param mixed $preselected
* @param number $size
* @return string
*/ */
function group_select($selname, $selclass, $preselected = false, $size = 4) {
function group_select($selname,$selclass,$preselected = false,$size = 4) {
$o = ''; $o = '';
$o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\" >\r\n"; $o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\">\r\n";
$r = q("SELECT * FROM groups WHERE deleted = 0 AND uid = %d ORDER BY gname ASC", $r = q("SELECT * FROM groups WHERE deleted = 0 AND uid = %d ORDER BY gname ASC",
intval(local_channel()) intval(local_channel())
@ -34,19 +41,17 @@ function group_select($selname,$selclass,$preselected = false,$size = 4) {
$o .= "<option value=\"{$rr['id']}\" $selected title=\"{$rr['name']}\" >$trimmed</option>\r\n"; $o .= "<option value=\"{$rr['id']}\" $selected title=\"{$rr['name']}\" >$trimmed</option>\r\n";
} }
} }
$o .= "</select>\r\n"; $o .= "</select>\r\n";
call_hooks(App::$module . '_post_' . $selname, $o); call_hooks(App::$module . '_post_' . $selname, $o);
return $o; return $o;
} }
function contact_select($selname, $selclass, $preselected = false, $size = 4, $privmail = false, $celeb = false, $privatenet = false, $tabindex = null) { function contact_select($selname, $selclass, $preselected = false, $size = 4, $privmail = false, $celeb = false, $privatenet = false, $tabindex = null) {
$o = ''; $o = '';
// When used for private messages, we limit correspondence to mutual DFRN/Friendica friends and the selector // When used for private messages, we limit correspondence to mutual DFRN/Friendica friends and the selector
@ -54,17 +59,17 @@ function contact_select($selname, $selclass, $preselected = false, $size = 4, $p
$sql_extra = ''; $sql_extra = '';
$tabindex = ($tabindex > 0 ? "tabindex=\"$tabindex\"" : ""); $tabindex = ($tabindex > 0 ? 'tabindex="$tabindex"' : '');
if($privmail) if($privmail)
$o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"$size\" $tabindex >\r\n"; $o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"$size\" $tabindex >\r\n";
else else
$o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\" $tabindex >\r\n"; $o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\" $tabindex>\r\n";
$r = q("SELECT abook_id, xchan_name, xchan_url, xchan_photo_s from abook left join xchan on abook_xchan = xchan_hash $r = q("SELECT abook_id, xchan_name, xchan_url, xchan_photo_s from abook left join xchan on abook_xchan = xchan_hash
where abook_self = 0 and abook_channel = %d where abook_self = 0 and abook_channel = %d
$sql_extra $sql_extra
ORDER BY xchan_name ASC ", ORDER BY xchan_name ASC",
intval(local_channel()) intval(local_channel())
); );
@ -78,15 +83,14 @@ function contact_select($selname, $selclass, $preselected = false, $size = 4, $p
if($r) { if($r) {
foreach($r as $rr) { foreach($r as $rr) {
if((is_array($preselected)) && in_array($rr['id'], $preselected)) if((is_array($preselected)) && in_array($rr['id'], $preselected))
$selected = " selected=\"selected\" "; $selected = ' selected="selected" ';
else else
$selected = ''; $selected = '';
$trimmed = mb_substr($rr['xchan_name'],0,20); $trimmed = mb_substr($rr['xchan_name'], 0, 20);
$o .= "<option value=\"{$rr['abook_id']}\" $selected title=\"{$rr['xchan_name']}|{$rr['xchan_url']}\" >$trimmed</option>\r\n"; $o .= "<option value=\"{$rr['abook_id']}\" $selected title=\"{$rr['xchan_name']}|{$rr['xchan_url']}\" >$trimmed</option>\r\n";
} }
} }
$o .= "</select>\r\n"; $o .= "</select>\r\n";
@ -98,13 +102,13 @@ function contact_select($selname, $selclass, $preselected = false, $size = 4, $p
function fixacl(&$item) { function fixacl(&$item) {
$item = str_replace(array('<','>'),array('',''),$item); $item = str_replace(array('<', '>'), array('', ''), $item);
} }
/** /**
* Builds a modal dialog for editing permissions, using acl_selector.tpl as the template. * Builds a modal dialog for editing permissions, using acl_selector.tpl as the template.
* *
* @param array $default Optional access control list for the initial state of the dialog. * @param array $defaults Optional access control list for the initial state of the dialog.
* @param boolean $show_jotnets Whether plugins for federated networks should be included in the permissions dialog * @param boolean $show_jotnets Whether plugins for federated networks should be included in the permissions dialog
* @param PermissionDescription $emptyACL_description - An optional description for the permission implied by selecting an empty ACL. Preferably an instance of PermissionDescription. * @param PermissionDescription $emptyACL_description - An optional description for the permission implied by selecting an empty ACL. Preferably an instance of PermissionDescription.
* @param string $dialog_description Optional message to include at the top of the dialog. E.g. "Warning: Post permissions cannot be changed once sent". * @param string $dialog_description Optional message to include at the top of the dialog. E.g. "Warning: Post permissions cannot be changed once sent".
@ -118,16 +122,15 @@ function populate_acl($defaults = null,$show_jotnets = true, $emptyACL_descripti
$allow_cid = $allow_gid = $deny_cid = $deny_gid = false; $allow_cid = $allow_gid = $deny_cid = $deny_gid = false;
$showall_origin = ''; $showall_origin = '';
$showall_icon = 'fa-globe'; $showall_icon = 'fa-globe';
$role = get_pconfig(local_channel(),'system','permissions_role'); $role = get_pconfig(local_channel(), 'system', 'permissions_role');
if(! $emptyACL_description) { if(! $emptyACL_description) {
$showall_caption = t('Visible to your default audience'); $showall_caption = t('Visible to your default audience');
} else if (is_a($emptyACL_description, '\\Zotlabs\\Lib\\PermissionDescription')) { } else if(is_a($emptyACL_description, '\\Zotlabs\\Lib\\PermissionDescription')) {
$showall_caption = $emptyACL_description->get_permission_description(); $showall_caption = $emptyACL_description->get_permission_description();
$showall_origin = (($role === 'custom') ? $emptyACL_description->get_permission_origin_description() : ''); $showall_origin = (($role === 'custom') ? $emptyACL_description->get_permission_origin_description() : '');
$showall_icon = $emptyACL_description->get_permission_icon(); $showall_icon = $emptyACL_description->get_permission_icon();
} else { } else {
// For backwards compatibility we still accept a string... for now! // For backwards compatibility we still accept a string... for now!
$showall_caption = $emptyACL_description; $showall_caption = $emptyACL_description;
@ -135,7 +138,7 @@ function populate_acl($defaults = null,$show_jotnets = true, $emptyACL_descripti
if(is_array($defaults)) { if(is_array($defaults)) {
$allow_cid = ((strlen($defaults['allow_cid'])) $allow_cid = ((strlen($defaults['allow_cid']))
? explode('><', $defaults['allow_cid']) : array() ); ? explode('><', $defaults['allow_cid']) : array() );
$allow_gid = ((strlen($defaults['allow_gid'])) $allow_gid = ((strlen($defaults['allow_gid']))
? explode('><', $defaults['allow_gid']) : array() ); ? explode('><', $defaults['allow_gid']) : array() );
@ -169,9 +172,9 @@ function populate_acl($defaults = null,$show_jotnets = true, $emptyACL_descripti
'$select_label' => t('Who can see this?'), '$select_label' => t('Who can see this?'),
'$custom' => t('Custom selection'), '$custom' => t('Custom selection'),
'$showlimitedDesc' => t('Select "Show" to allow viewing. "Don\'t show" lets you override and limit the scope of "Show".'), '$showlimitedDesc' => t('Select "Show" to allow viewing. "Don\'t show" lets you override and limit the scope of "Show".'),
'$show' => t("Show"), '$show' => t('Show'),
'$hide' => t("Don't show"), '$hide' => t("Don't show"),
'$search' => t("Search"), '$search' => t('Search'),
'$allowcid' => json_encode($allow_cid), '$allowcid' => json_encode($allow_cid),
'$allowgid' => json_encode($allow_gid), '$allowgid' => json_encode($allow_gid),
'$denycid' => json_encode($deny_cid), '$denycid' => json_encode($deny_cid),
@ -183,20 +186,19 @@ function populate_acl($defaults = null,$show_jotnets = true, $emptyACL_descripti
)); ));
return $o; return $o;
} }
/** /**
* Returns a string that's suitable for passing as the $dialog_description argument to a * Returns a string that's suitable for passing as the $dialog_description argument to a
* populate_acl() call for wall posts or network posts. * populate_acl() call for wall posts or network posts.
* *
* This string is needed in 3 different files, and our .po translation system currently * This string is needed in 3 different files, and our .po translation system currently
* cannot be used as a string table (because the value is always the key in english) so * cannot be used as a string table (because the value is always the key in english) so
* I've centralized the value here (making this function name the "key") until we have a * I've centralized the value here (making this function name the "key") until we have a
* better way. * better way.
* *
* @return string Description to present to user in modal permissions dialog * @return string Description to present to user in modal permissions dialog
*/ */
function get_post_aclDialogDescription() { function get_post_aclDialogDescription() {
// I'm trying to make two points in this description text - warn about finality of wall // I'm trying to make two points in this description text - warn about finality of wall
@ -212,4 +214,3 @@ function get_post_aclDialogDescription() {
return sprintf($description, $emphasisOpen, $emphasisClose); return sprintf($description, $emphasisOpen, $emphasisClose);
} }

283
include/attach.php
View File

@ -159,7 +159,6 @@ function attach_count_files($channel_id, $observer, $hash = '', $filename = '',
intval($channel_id) intval($channel_id)
); );
$ret['success'] = ((is_array($r)) ? true : false); $ret['success'] = ((is_array($r)) ? true : false);
$ret['results'] = ((is_array($r)) ? count($r) : false); $ret['results'] = ((is_array($r)) ? count($r) : false);
@ -226,7 +225,8 @@ function attach_list_files($channel_id, $observer, $hash = '', $filename = '', $
* This could exhaust memory so most useful only when immediately sending the data. * This could exhaust memory so most useful only when immediately sending the data.
* *
* @param string $hash * @param string $hash
* @param int $rev Revision * @param string $observer_hash
* @param int $rev (optional) Revision default 0
* @return array * @return array
*/ */
function attach_by_hash($hash, $observer_hash, $rev = 0) { function attach_by_hash($hash, $observer_hash, $rev = 0) {
@ -285,7 +285,7 @@ function attach_by_hash($hash, $observer_hash, $rev = 0) {
function attach_can_view_folder($uid,$ob_hash,$folder_hash) { function attach_can_view_folder($uid,$ob_hash,$folder_hash) {
$sql_extra = permissions_sql($uid,$ob_hash); $sql_extra = permissions_sql($uid,$ob_hash);
$hash = $folder_hash; $hash = $folder_hash;
$result = false; $result = false;
do { do {
@ -295,9 +295,10 @@ function attach_can_view_folder($uid,$ob_hash,$folder_hash) {
); );
if(! $r) if(! $r)
return false; return false;
$hash = $r[0]['folder']; $hash = $r[0]['folder'];
} } while($hash);
while($hash);
return true; return true;
} }
@ -308,8 +309,9 @@ function attach_can_view_folder($uid,$ob_hash,$folder_hash) {
* Returns the entire attach structure excluding data. * Returns the entire attach structure excluding data.
* *
* @see attach_by_hash() * @see attach_by_hash()
* @param $hash * @param string $hash
* @param $rev revision default 0 * @param string $observer_hash
* @param int $rev (optional) revision default 0
* @return associative array with everything except data * @return associative array with everything except data
* * \e boolean \b success boolean true or false * * \e boolean \b success boolean true or false
* * \e string \b message (optional) only when success is false * * \e string \b message (optional) only when success is false
@ -335,12 +337,12 @@ function attach_by_hash_nodata($hash, $observer_hash, $rev = 0) {
return $ret; return $ret;
} }
if(! perm_is_allowed($r[0]['uid'],$observer_hash,'view_storage')) { if(! perm_is_allowed($r[0]['uid'], $observer_hash, 'view_storage')) {
$ret['message'] = t('Permission denied.'); $ret['message'] = t('Permission denied.');
return $ret; return $ret;
} }
$sql_extra = permissions_sql($r[0]['uid'],$observer_hash); $sql_extra = permissions_sql($r[0]['uid'], $observer_hash);
// Now we'll see if we can access the attachment // Now we'll see if we can access the attachment
@ -355,14 +357,13 @@ function attach_by_hash_nodata($hash, $observer_hash, $rev = 0) {
} }
if($r[0]['folder']) { if($r[0]['folder']) {
$x = attach_can_view_folder($r[0]['uid'],$observer_hash,$r[0]['folder']); $x = attach_can_view_folder($r[0]['uid'], $observer_hash, $r[0]['folder']);
if(! $x) { if(! $x) {
$ret['message'] = t('Permission denied.'); $ret['message'] = t('Permission denied.');
return $ret; return $ret;
} }
} }
$ret['success'] = true; $ret['success'] = true;
$ret['data'] = $r[0]; $ret['data'] = $r[0];
@ -378,25 +379,18 @@ function attach_by_hash_nodata($hash, $observer_hash, $rev = 0) {
* @note Requires an input field \e userfile and does not accept multiple files * @note Requires an input field \e userfile and does not accept multiple files
* in one request. * in one request.
* *
* @param array $channel channel array of owner * @note A lot going on in this function, and some of it is old cruft and some is new cruft
* @param string $observer_hash hash of current observer
* @param string $options (optional) one of update, replace, revision
* @param array $arr (optional) associative array
*/
/**
* A lot going on in this function, and some of it is old cruft and some is new cruft
* and the entire thing probably needs to be refactored. It started out just storing * and the entire thing probably needs to be refactored. It started out just storing
* files, before we had DAV. It was made extensible to do extra stuff like edit an * files, before we had DAV. It was made extensible to do extra stuff like edit an
* existing file or optionally store a separate revision using $options to choose between different * existing file or optionally store a separate revision using $options to choose between different
* storage models. Along the way we moved from * storage models. Along the way we moved from
* DB data storage to file system storage. * DB data storage to file system storage.
* Then DAV came along and used different upload methods depending on whether the * Then DAV came along and used different upload methods depending on whether the
* file was stored as a DAV directory object or updated as a file object. One of these * file was stored as a DAV directory object or updated as a file object. One of these
* is essentially an update and the other is basically an upload, but doesn't use the traditional PHP * is essentially an update and the other is basically an upload, but doesn't use the traditional PHP
* upload workflow. * upload workflow.
* Then came hubzilla and we tried to merge photo functionality with the file storage. Most of * Then came hubzilla and we tried to merge photo functionality with the file storage. Most of
* that integration occurs within this function. * that integration occurs within this function.
* This required overlap with the old photo_upload stuff and photo albums were * This required overlap with the old photo_upload stuff and photo albums were
* completely different concepts from directories which needed to be reconciled somehow. * completely different concepts from directories which needed to be reconciled somehow.
* The old revision stuff is kind of orphaned currently. There's new revision stuff for photos * The old revision stuff is kind of orphaned currently. There's new revision stuff for photos
@ -404,13 +398,18 @@ function attach_by_hash_nodata($hash, $observer_hash, $rev = 0) {
* That's where it sits currently. I repeat it needs to be refactored, and this note is here * That's where it sits currently. I repeat it needs to be refactored, and this note is here
* for future explorers and those who may be doing that work to understand where it came * for future explorers and those who may be doing that work to understand where it came
* from and got to be the monstrosity of tangled unrelated code that it currently is. * from and got to be the monstrosity of tangled unrelated code that it currently is.
*
* @param array $channel channel array of owner
* @param string $observer_hash hash of current observer
* @param string $options (optional) one of update, replace, revision
* @param array $arr (optional) associative array
* @return void|array
*/ */
function attach_store($channel, $observer_hash, $options = '', $arr = null) { function attach_store($channel, $observer_hash, $options = '', $arr = null) {
require_once('include/photos.php'); require_once('include/photos.php');
call_hooks('photo_upload_begin',$arr); call_hooks('photo_upload_begin', $arr);
$ret = array('success' => false); $ret = array('success' => false);
$channel_id = $channel['channel_id']; $channel_id = $channel['channel_id'];
@ -441,7 +440,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
return $ret; return $ret;
} }
$str_group_allow = perms2str($arr['group_allow']); $str_group_allow = perms2str($arr['group_allow']);
$str_contact_allow = perms2str($arr['contact_allow']); $str_contact_allow = perms2str($arr['contact_allow']);
$str_group_deny = perms2str($arr['group_deny']); $str_group_deny = perms2str($arr['group_deny']);
$str_contact_deny = perms2str($arr['contact_deny']); $str_contact_deny = perms2str($arr['contact_deny']);
@ -458,7 +457,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
$remove_when_processed = true; $remove_when_processed = true;
if($options === 'import') { if($options === 'import') {
$src = $arr['src']; $src = $arr['src'];
$filename = $arr['filename']; $filename = $arr['filename'];
$filesize = @filesize($src); $filesize = @filesize($src);
@ -485,17 +484,15 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
elseif($options !== 'update') { elseif($options !== 'update') {
$f = array('src' => '', 'filename' => '', 'filesize' => 0, 'type' => ''); $f = array('src' => '', 'filename' => '', 'filesize' => 0, 'type' => '');
call_hooks('photo_upload_file',$f); call_hooks('photo_upload_file',$f);
call_hooks('attach_upload_file',$f); call_hooks('attach_upload_file',$f);
if (x($f,'src') && x($f,'filesize')) { if (x($f,'src') && x($f,'filesize')) {
$src = $f['src']; $src = $f['src'];
$filename = $f['filename']; $filename = $f['filename'];
$filesize = $f['filesize']; $filesize = $f['filesize'];
$type = $f['type']; $type = $f['type'];
} else {
} else {
if(! x($_FILES,'userfile')) { if(! x($_FILES,'userfile')) {
$ret['message'] = t('No source file.'); $ret['message'] = t('No source file.');
return $ret; return $ret;
@ -543,12 +540,10 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
$hash = $x[0]['hash']; $hash = $x[0]['hash'];
} }
$def_extension = ''; $def_extension = '';
$is_photo = 0; $is_photo = 0;
$gis = @getimagesize($src); $gis = @getimagesize($src);
logger('getimagesize: ' . print_r($gis,true), LOGGER_DATA); logger('getimagesize: ' . print_r($gis,true), LOGGER_DATA);
if(($gis) && ($gis[2] === IMAGETYPE_GIF || $gis[2] === IMAGETYPE_JPEG || $gis[2] === IMAGETYPE_PNG)) { if(($gis) && ($gis[2] === IMAGETYPE_GIF || $gis[2] === IMAGETYPE_JPEG || $gis[2] === IMAGETYPE_PNG)) {
$is_photo = 1; $is_photo = 1;
if($gis[2] === IMAGETYPE_GIF) if($gis[2] === IMAGETYPE_GIF)
@ -557,7 +552,6 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
$def_extension = '.jpg'; $def_extension = '.jpg';
if($gis[2] === IMAGETYPE_PNG) if($gis[2] === IMAGETYPE_PNG)
$def_extension = '.png'; $def_extension = '.png';
} }
$pathname = ''; $pathname = '';
@ -607,7 +601,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
} }
else { else {
$folder_hash = ((($arr) && array_key_exists('folder',$arr)) ? $arr['folder'] : ''); $folder_hash = ((($arr) && array_key_exists('folder',$arr)) ? $arr['folder'] : '');
} }
if((! $options) || ($options === 'import')) { if((! $options) || ($options === 'import')) {
@ -654,8 +648,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
} }
if($found) if($found)
$x++; $x++;
} } while($found);
while($found);
$filename = $basename . '(' . $x . ')' . $ext; $filename = $basename . '(' . $x . ')' . $ext;
} }
else else
@ -702,7 +695,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
if($folder_hash) { if($folder_hash) {
$curr = find_folder_hash_by_attach_hash($channel_id,$folder_hash,true); $curr = find_folder_hash_by_attach_hash($channel_id,$folder_hash,true);
if($curr) if($curr)
$os_relpath .= $curr . '/'; $os_relpath .= $curr . '/';
$os_relpath .= $folder_hash . '/'; $os_relpath .= $folder_hash . '/';
} }
@ -765,7 +758,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
); );
} }
elseif($options === 'update') { elseif($options === 'update') {
$r = q("update attach set filename = '%s', filetype = '%s', folder = '%s', edited = '%s', os_storage = %d, is_photo = %d, os_path = '%s', $r = q("update attach set filename = '%s', filetype = '%s', folder = '%s', edited = '%s', os_storage = %d, is_photo = %d, os_path = '%s',
allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where id = %d and uid = %d", allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where id = %d and uid = %d",
dbesc((array_key_exists('filename',$arr)) ? $arr['filename'] : $x[0]['filename']), dbesc((array_key_exists('filename',$arr)) ? $arr['filename'] : $x[0]['filename']),
dbesc((array_key_exists('filetype',$arr)) ? $arr['filetype'] : $x[0]['filetype']), dbesc((array_key_exists('filetype',$arr)) ? $arr['filetype'] : $x[0]['filetype']),
@ -783,7 +776,6 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
); );
} }
else { else {
$r = q("INSERT INTO attach ( aid, uid, hash, creator, filename, filetype, folder, filesize, revision, os_storage, is_photo, content, created, edited, os_path, allow_cid, allow_gid,deny_cid, deny_gid ) $r = q("INSERT INTO attach ( aid, uid, hash, creator, filename, filetype, folder, filesize, revision, os_storage, is_photo, content, created, edited, os_path, allow_cid, allow_gid,deny_cid, deny_gid )
VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', %d, %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ", VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', %d, %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ",
intval($channel['channel_account_id']), intval($channel['channel_account_id']),
@ -869,7 +861,6 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
return $ret; return $ret;
} }
$ret['success'] = true; $ret['success'] = true;
$ret['data'] = $r[0]; $ret['data'] = $r[0];
if(! $is_photo) { if(! $is_photo) {
@ -880,7 +871,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
if($dosync) { if($dosync) {
$sync = attach_export_data($channel,$hash); $sync = attach_export_data($channel,$hash);
if($sync) if($sync)
build_sync_packet($channel['channel_id'],array('file' => array($sync))); build_sync_packet($channel['channel_id'],array('file' => array($sync)));
} }
@ -998,7 +989,7 @@ function attach_mkdir($channel, $observer_hash, $arr = null) {
intval($channel['channel_id']) intval($channel['channel_id'])
); );
if($r) { if($r) {
if(array_key_exists('force',$arr) && intval($arr['force']) if(array_key_exists('force',$arr) && intval($arr['force'])
&& (intval($r[0]['is_dir']))) { && (intval($r[0]['is_dir']))) {
$ret['success'] = true; $ret['success'] = true;
$r = q("select * from attach where id = %d limit 1", $r = q("select * from attach where id = %d limit 1",
@ -1150,7 +1141,7 @@ function attach_mkdirp($channel, $observer_hash, $arr = null) {
if(! $p) if(! $p)
continue; continue;
$arx = array( $arx = array(
'filename' => $p, 'filename' => $p,
'folder' => $current_parent, 'folder' => $current_parent,
'force' => 1 'force' => 1
); );
@ -1163,7 +1154,7 @@ function attach_mkdirp($channel, $observer_hash, $arr = null) {
if(array_key_exists('deny_gid',$arr)) if(array_key_exists('deny_gid',$arr))
$arx['deny_gid'] = $arr['deny_gid']; $arx['deny_gid'] = $arr['deny_gid'];
$x = attach_mkdir($channel, $observer_hash, $arx); $x = attach_mkdir($channel, $observer_hash, $arx);
if($x['success']) { if($x['success']) {
$current_parent = $x['data']['hash']; $current_parent = $x['data']['hash'];
} }
@ -1177,26 +1168,22 @@ function attach_mkdirp($channel, $observer_hash, $arr = null) {
$ret['data'] = $x['data']; $ret['data'] = $x['data'];
} }
return $ret; return $ret;
} }
/** /**
* @brief Changes permissions of a file. * @brief Changes permissions of a file.
* *
* @param int $channel_id * @param int $channel_id The id of the channel
* @param array $resource * @param array $resource
* @param string $allow_cid * @param string $allow_cid
* @param string $allow_gid * @param string $allow_gid
* @param string $deny_cid * @param string $deny_cid
* @param string $deny_gid * @param string $deny_gid
* @param boolean $recurse (optional) default false * @param boolean $recurse (optional) default false
* @param boolean $sync (optional) default false
*/ */
function attach_change_permissions($channel_id, $resource, $allow_cid, $allow_gid, $deny_cid, $deny_gid, $recurse = false, $sync = false) { function attach_change_permissions($channel_id, $resource, $allow_cid, $allow_gid, $deny_cid, $deny_gid, $recurse = false, $sync = false) {
@ -1248,7 +1235,7 @@ function attach_change_permissions($channel_id, $resource, $allow_cid, $allow_gi
if($sync) { if($sync) {
$data = attach_export_data($channel,$resource); $data = attach_export_data($channel,$resource);
if($data) if($data)
build_sync_packet($channel['channel_id'],array('file' => array($data))); build_sync_packet($channel['channel_id'],array('file' => array($data)));
} }
} }
@ -1263,6 +1250,7 @@ function attach_change_permissions($channel_id, $resource, $allow_cid, $allow_gi
* The id of the channel * The id of the channel
* @param string $resource * @param string $resource
* The hash to delete * The hash to delete
* @param int $is_photo (optional) default 0
* @return void * @return void
*/ */
function attach_delete($channel_id, $resource, $is_photo = 0) { function attach_delete($channel_id, $resource, $is_photo = 0) {
@ -1337,7 +1325,7 @@ function attach_delete($channel_id, $resource, $is_photo = 0) {
dbesc($resource) dbesc($resource)
); );
} }
// update the parent folder's lastmodified timestamp // update the parent folder's lastmodified timestamp
$e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d", $e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d",
dbesc(datetime_convert()), dbesc(datetime_convert()),
@ -1425,6 +1413,7 @@ function get_parent_cloudpath($channel_id, $channel_name, $attachHash) {
$parentFullPath = $parentName . '/' . $parentFullPath; $parentFullPath = $parentName . '/' . $parentFullPath;
} }
} while ($parentHash); } while ($parentHash);
$parentFullPath = z_root() . '/cloud/' . $channel_name . '/' . $parentFullPath; $parentFullPath = z_root() . '/cloud/' . $channel_name . '/' . $parentFullPath;
return $parentFullPath; return $parentFullPath;
@ -1437,11 +1426,14 @@ function get_parent_cloudpath($channel_id, $channel_name, $attachHash) {
* The id of the channel * The id of the channel
* @param string $attachHash * @param string $attachHash
* The hash of the attachment * The hash of the attachment
* @param boolean $recurse
* (optional) default false
* @return string * @return string
*/ */
function find_folder_hash_by_attach_hash($channel_id, $attachHash, $recurse = false) { function find_folder_hash_by_attach_hash($channel_id, $attachHash, $recurse = false) {
logger('attach_hash: ' . $attachHash); logger('attach_hash: ' . $attachHash);
$r = q("SELECT folder FROM attach WHERE uid = %d AND hash = '%s' LIMIT 1", $r = q("SELECT folder FROM attach WHERE uid = %d AND hash = '%s' LIMIT 1",
intval($channel_id), intval($channel_id),
dbesc($attachHash) dbesc($attachHash)
@ -1449,10 +1441,11 @@ logger('attach_hash: ' . $attachHash);
$hash = ''; $hash = '';
if($r && $r[0]['folder']) { if($r && $r[0]['folder']) {
if($recurse) if($recurse)
$hash = find_folder_hash_by_attach_hash($channel_id,$r[0]['folder'],true) . '/' . $r[0]['folder']; $hash = find_folder_hash_by_attach_hash($channel_id,$r[0]['folder'],true) . '/' . $r[0]['folder'];
else else
$hash = $r[0]['folder']; $hash = $r[0]['folder'];
} }
return $hash; return $hash;
} }
@ -1569,7 +1562,7 @@ function file_activity($channel_id, $object, $allow_cid, $allow_gid, $deny_cid,
$arr = array(); $arr = array();
$arr['aid'] = get_account_id(); $arr['aid'] = get_account_id();
$arr['uid'] = $channel_id; $arr['uid'] = $channel_id;
$arr['item_wall'] = 1; $arr['item_wall'] = 1;
$arr['item_origin'] = 1; $arr['item_origin'] = 1;
$arr['item_unseen'] = 1; $arr['item_unseen'] = 1;
$arr['author_xchan'] = $poster['xchan_hash']; $arr['author_xchan'] = $poster['xchan_hash'];
@ -1732,11 +1725,11 @@ function get_file_activity_object($channel_id, $hash, $cloudpath) {
/** /**
* @brief Returns array of channels which have recursive permission for a file * @brief Returns array of channels which have recursive permission for a file
* *
* @param $arr_allow_cid * @param array $arr_allow_cid
* @param $arr_allow_gid * @param array $arr_allow_gid
* @param $arr_deny_cid * @param array $arr_deny_cid
* @param $arr_deny_gid * @param array $arr_deny_gid
* @param $folder_hash * @param string $folder_hash
*/ */
function recursive_activity_recipients($arr_allow_cid, $arr_allow_gid, $arr_deny_cid, $arr_deny_gid, $folder_hash) { function recursive_activity_recipients($arr_allow_cid, $arr_allow_gid, $arr_deny_cid, $arr_deny_gid, $folder_hash) {
@ -1931,50 +1924,53 @@ function attach_export_data($channel, $resource_id, $deleted = false) {
} }
return $ret; return $ret;
} }
/* strip off 'store/nickname/' from the provided path */ /**
* @brief Strip off 'store/nickname/' from the provided path
*
* @param string $s
* @return string
*/
function get_attach_binname($s) { function get_attach_binname($s) {
$p = $s; $p = $s;
if(strpos($s,'store/') === 0) { if(strpos($s, 'store/') === 0) {
$p = substr($s,6); $p = substr($s, 6);
$p = substr($p,strpos($p,'/')+1); $p = substr($p, strpos($p, '/')+1);
} }
return $p; return $p;
} }
function get_dirpath_by_cloudpath($channel, $path) { function get_dirpath_by_cloudpath($channel, $path) {
$path = notags(trim($path));
$path = notags(trim($path));
$h = @parse_url($path); $h = @parse_url($path);
if(! $h || !x($h, 'path')) { if(! $h || !x($h, 'path')) {
return null; return null;
} }
if(substr($h['path'],-1,1) === '/') { if(substr($h['path'], -1, 1) === '/') {
$h['path'] = substr($h['path'],0,-1); $h['path'] = substr($h['path'], 0, -1);
} }
if(substr($h['path'],0,1) === '/') { if(substr($h['path'],0,1) === '/') {
$h['path'] = substr($h['path'],1); $h['path'] = substr($h['path'], 1);
} }
$folders = explode('/', $h['path']); $folders = explode('/', $h['path']);
$f = array_shift($folders); $f = array_shift($folders);
$nick = $channel['channel_address']; $nick = $channel['channel_address'];
//check to see if the absolute path was provided (/cloud/channelname/path/to/folder) //check to see if the absolute path was provided (/cloud/channelname/path/to/folder)
if($f === 'cloud' ) { if($f === 'cloud' ) {
$g = array_shift($folders); $g = array_shift($folders);
if( $g !== $nick) { if( $g !== $nick) {
// if nick does not follow "cloud", then the top level folder must be called "cloud" // if nick does not follow "cloud", then the top level folder must be called "cloud"
// and the given path must be relative to "/cloud/channelname/". // and the given path must be relative to "/cloud/channelname/".
$folders = array_unshift(array_unshift($folders, $g), $f); $folders = array_unshift(array_unshift($folders, $g), $f);
} }
} else { } else {
array_unshift($folders, $f); array_unshift($folders, $f);
} }
@ -1998,8 +1994,6 @@ function get_dirpath_by_cloudpath($channel, $path) {
} else { } else {
return $clouddir . $subdir; return $clouddir . $subdir;
} }
} }
function get_filename_by_cloudname($cloudname, $channel, $storepath) { function get_filename_by_cloudname($cloudname, $channel, $storepath) {
@ -2013,66 +2007,74 @@ function get_filename_by_cloudname($cloudname, $channel, $storepath) {
return null; return null;
} }
/**
// recursively copy a directory into cloud files * @brief recursively copy a directory into cloud files
function copy_folder_to_cloudfiles($channel, $observer_hash, $srcpath, $cloudpath) *
{ * @param array $channel
if (!is_dir($srcpath) || !is_readable($srcpath)) { * @param string $observer_hash
logger('Error reading source path: ' . $srcpath, LOGGER_NORMAL); * @param string $srcpath
* @param string $cloudpath
* @return boolean
*/
function copy_folder_to_cloudfiles($channel, $observer_hash, $srcpath, $cloudpath) {
if (!is_dir($srcpath) || !is_readable($srcpath)) {
logger('Error reading source path: ' . $srcpath, LOGGER_NORMAL);
return false;
}
$nodes = array_diff(scandir($srcpath), array('.', '..'));
foreach ($nodes as $node) {
$clouddir = $cloudpath . '/' . $node; // Sub-folder in cloud files destination
$nodepath = $srcpath . '/' . $node; // Sub-folder in source path
if(is_dir($nodepath)) {
$x = attach_mkdirp($channel, $observer_hash, array('pathname' => $clouddir));
if(!$x['success']) {
logger('Error creating cloud path: ' . $clouddir, LOGGER_NORMAL);
return false; return false;
}
// Recursively call this function where the source and destination are the subfolders
$success = copy_folder_to_cloudfiles($channel, $observer_hash, $nodepath, $clouddir);
if(!$success) {
logger('Error copying contents of folder: ' . $nodepath, LOGGER_NORMAL);
return false;
}
} elseif(is_file($nodepath) && is_readable($nodepath)) {
$x = attach_store($channel, $observer_hash, 'import', array(
'directory' => $cloudpath,
'src' => $nodepath,
'filename' => $node,
'filesize' => @filesize($nodepath),
'preserve_original' => true
));
if(!$x['success']) {
logger('Error copying file: ' . $nodepath, LOGGER_NORMAL);
logger('Return value: ' . json_encode($x), LOGGER_NORMAL);
return false;
}
} else {
logger('Error scanning source path', LOGGER_NORMAL);
return false;
} }
$nodes = array_diff(scandir($srcpath), array('.', '..')); }
foreach ($nodes as $node) {
$clouddir = $cloudpath . '/' . $node; // Sub-folder in cloud files destination
$nodepath = $srcpath . '/' . $node; // Sub-folder in source path
if(is_dir($nodepath)) {
$x = attach_mkdirp($channel, $observer_hash, array('pathname' => $clouddir));
if(!$x['success']) {
logger('Error creating cloud path: ' . $clouddir, LOGGER_NORMAL);
return false;
}
// Recursively call this function where the source and destination are the subfolders
$success = copy_folder_to_cloudfiles($channel, $observer_hash, $nodepath, $clouddir);
if(!$success) {
logger('Error copying contents of folder: ' . $nodepath, LOGGER_NORMAL);
return false;
}
} elseif (is_file($nodepath) && is_readable($nodepath)) {
$x = attach_store($channel, $observer_hash, 'import',
array(
'directory' => $cloudpath,
'src' => $nodepath,
'filename' => $node,
'filesize' => @filesize($nodepath),
'preserve_original' => true)
);
if(!$x['success']) {
logger('Error copying file: ' . $nodepath , LOGGER_NORMAL);
logger('Return value: ' . json_encode($x), LOGGER_NORMAL);
return false;
}
} else {
logger('Error scanning source path', LOGGER_NORMAL);
return false;
}
}
return true; return true;
} }
/** /**
* attach_move()
* This function performs an in place directory-to-directory move of a stored attachment or photo. * This function performs an in place directory-to-directory move of a stored attachment or photo.
* The data is physically moved in the store/nickname storage location and the paths adjusted * The data is physically moved in the store/nickname storage location and the paths adjusted
* in the attach structure (and if applicable the photo table). The new 'album name' is recorded * in the attach structure (and if applicable the photo table). The new 'album name' is recorded
* for photos and will show up immediately there. * for photos and will show up immediately there.
* This takes a channel_id, attach.hash of the file to move (this is the same as a photo resource_id), and * This takes a channel_id, attach.hash of the file to move (this is the same as a photo resource_id), and
* the attach.hash of the new parent folder, which must already exist. If $new_folder_hash is blank or empty, * the attach.hash of the new parent folder, which must already exist. If $new_folder_hash is blank or empty,
* the file is relocated to the root of the channel's storage area. * the file is relocated to the root of the channel's storage area.
* *
* @fixme: this operation is currently not synced to clones !! * @fixme: this operation is currently not synced to clones !!
*
* @param int $channel_id
* @param int $resource_id
* @param string $new_folder_hash
* @return void|boolean
*/ */
function attach_move($channel_id, $resource_id, $new_folder_hash) {
function attach_move($channel_id,$resource_id,$new_folder_hash) {
$c = channelx_by_n($channel_id); $c = channelx_by_n($channel_id);
if(! $c) if(! $c)
@ -2086,7 +2088,7 @@ function attach_move($channel_id,$resource_id,$new_folder_hash) {
return false; return false;
$oldstorepath = $r[0]['content']; $oldstorepath = $r[0]['content'];
if($new_folder_hash) { if($new_folder_hash) {
$n = q("select * from attach where hash = '%s' and uid = %d limit 1", $n = q("select * from attach where hash = '%s' and uid = %d limit 1",
dbesc($new_folder_hash), dbesc($new_folder_hash),
@ -2094,6 +2096,7 @@ function attach_move($channel_id,$resource_id,$new_folder_hash) {
); );
if(! $n) if(! $n)
return; return;
$newdirname = $n[0]['filename']; $newdirname = $n[0]['filename'];
$newstorepath = $n[0]['content'] . '/' . $resource_id; $newstorepath = $n[0]['content'] . '/' . $resource_id;
} }
@ -2115,7 +2118,7 @@ function attach_move($channel_id,$resource_id,$new_folder_hash) {
if($s) { if($s) {
$overwrite = get_pconfig($channel_id,'system','overwrite_dup_files'); $overwrite = get_pconfig($channel_id,'system','overwrite_dup_files');
if($overwrite) { if($overwrite) {
// @fixme /// @fixme
return; return;
} }
else { else {
@ -2147,7 +2150,7 @@ function attach_move($channel_id,$resource_id,$new_folder_hash) {
} }
if($found) if($found)
$x++; $x++;
} }
while($found); while($found);
$filename = $basename . '(' . $x . ')' . $ext; $filename = $basename . '(' . $x . ')' . $ext;
} }
@ -2179,7 +2182,6 @@ function attach_move($channel_id,$resource_id,$new_folder_hash) {
} }
return true; return true;
} }
@ -2191,7 +2193,7 @@ function attach_folder_select_list($channel_id) {
$out = []; $out = [];
$out[''] = '/'; $out[''] = '/';
if($r) { if($r) {
foreach($r as $rv) { foreach($r as $rv) {
$x = attach_folder_rpaths($r,$rv); $x = attach_folder_rpaths($r,$rv);
@ -2199,6 +2201,7 @@ function attach_folder_select_list($channel_id) {
$out[$x[0]] = $x[1]; $out[$x[0]] = $x[1];
} }
} }
return $out; return $out;
} }
@ -2223,11 +2226,11 @@ function attach_folder_rpaths($all_folders,$that_folder) {
break; break;
} }
} }
if(! $found) if(! $found)
$error = true; $error = true;
} }
while((! $found) && (! $error) && ($parent_hash != '')); while((! $found) && (! $error) && ($parent_hash != ''));
} }
return (($error) ? false : [ $current_hash , $path ]);
return (($error) ? false : [ $current_hash , $path ]);
} }

187
include/channel.php
View File

@ -182,7 +182,7 @@ function create_identity($arr) {
return $ret; return $ret;
} }
$ret = identity_check_service_class($arr['account_id']); $ret = identity_check_service_class($arr['account_id']);
if (!$ret['success']) { if (!$ret['success']) {
return $ret; return $ret;
} }
// save this for auto_friending // save this for auto_friending
@ -236,13 +236,13 @@ function create_identity($arr) {
$publish = intval($role_permissions['directory_publish']); $publish = intval($role_permissions['directory_publish']);
$primary = true; $primary = true;
if(array_key_exists('primary', $arr)) if(array_key_exists('primary', $arr))
$primary = intval($arr['primary']); $primary = intval($arr['primary']);
$expire = 0; $expire = 0;
$r = q("insert into channel ( channel_account_id, channel_primary, $r = q("insert into channel ( channel_account_id, channel_primary,
channel_name, channel_address, channel_guid, channel_guid_sig, channel_name, channel_address, channel_guid, channel_guid_sig,
channel_hash, channel_prvkey, channel_pubkey, channel_pageflags, channel_system, channel_expire_days, channel_timezone ) channel_hash, channel_prvkey, channel_pubkey, channel_pageflags, channel_system, channel_expire_days, channel_timezone )
values ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s' ) ", values ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s' ) ",
@ -262,7 +262,7 @@ function create_identity($arr) {
dbesc(App::$timezone) dbesc(App::$timezone)
); );
$r = q("select * from channel where channel_account_id = %d $r = q("select * from channel where channel_account_id = %d
and channel_guid = '%s' limit 1", and channel_guid = '%s' limit 1",
intval($arr['account_id']), intval($arr['account_id']),
dbesc($guid) dbesc($guid)
@ -291,7 +291,7 @@ function create_identity($arr) {
// Create a verified hub location pointing to this site. // Create a verified hub location pointing to this site.
$r = q("insert into hubloc ( hubloc_guid, hubloc_guid_sig, hubloc_hash, hubloc_addr, hubloc_primary, $r = q("insert into hubloc ( hubloc_guid, hubloc_guid_sig, hubloc_hash, hubloc_addr, hubloc_primary,
hubloc_url, hubloc_url_sig, hubloc_host, hubloc_callback, hubloc_sitekey, hubloc_network ) hubloc_url, hubloc_url_sig, hubloc_host, hubloc_callback, hubloc_sitekey, hubloc_network )
values ( '%s', '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s' )", values ( '%s', '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s' )",
dbesc($guid), dbesc($guid),
@ -392,11 +392,11 @@ function create_identity($arr) {
intval($newuid) intval($newuid)
); );
} }
} }
} }
// Create a group with yourself as a member. This allows somebody to use it // Create a group with yourself as a member. This allows somebody to use it
// right away as a default group for new contacts. // right away as a default group for new contacts.
require_once('include/group.php'); require_once('include/group.php');
group_add($newuid, t('Friends')); group_add($newuid, t('Friends'));
@ -422,7 +422,7 @@ function create_identity($arr) {
set_pconfig($ret['channel']['channel_id'],'system','photo_path', '%Y-%m'); set_pconfig($ret['channel']['channel_id'],'system','photo_path', '%Y-%m');
set_pconfig($ret['channel']['channel_id'],'system','attach_path','%Y-%m'); set_pconfig($ret['channel']['channel_id'],'system','attach_path','%Y-%m');
} }
// auto-follow any of the hub's pre-configured channel choices. // auto-follow any of the hub's pre-configured channel choices.
// Only do this if it's the first channel for this account; // Only do this if it's the first channel for this account;
// otherwise it could get annoying. Don't make this list too big // otherwise it could get annoying. Don't make this list too big
@ -494,7 +494,7 @@ function identity_basic_export($channel_id, $items = false) {
$ret = array(); $ret = array();
// use constants here as otherwise we will have no idea if we can import from a site // use constants here as otherwise we will have no idea if we can import from a site
// with a non-standard platform and version. // with a non-standard platform and version.
$ret['compatibility'] = array('project' => PLATFORM_NAME, 'version' => STD_VERSION, 'database' => DB_UPDATE_VERSION, 'server_role' => Zotlabs\Lib\System::get_server_role()); $ret['compatibility'] = array('project' => PLATFORM_NAME, 'version' => STD_VERSION, 'database' => DB_UPDATE_VERSION, 'server_role' => Zotlabs\Lib\System::get_server_role());
@ -503,7 +503,7 @@ function identity_basic_export($channel_id, $items = false) {
); );
if($r) { if($r) {
translate_channel_perms_outbound($r[0]); translate_channel_perms_outbound($r[0]);
$ret['channel'] = $r[0]; $ret['channel'] = $r[0];
$ret['relocate'] = [ 'channel_address' => $r[0]['channel_address'], 'url' => z_root()]; $ret['relocate'] = [ 'channel_address' => $r[0]['channel_address'], 'url' => z_root()];
} }
@ -526,7 +526,7 @@ function identity_basic_export($channel_id, $items = false) {
if($abconfig) if($abconfig)
$ret['abook'][$x]['abconfig'] = $abconfig; $ret['abook'][$x]['abconfig'] = $abconfig;
translate_abook_perms_outbound($ret['abook'][$x]); translate_abook_perms_outbound($ret['abook'][$x]);
} }
stringify_array_elms($xchans); stringify_array_elms($xchans);
} }
@ -534,7 +534,7 @@ function identity_basic_export($channel_id, $items = false) {
$r = q("select * from xchan where xchan_hash in ( " . implode(',',$xchans) . " ) "); $r = q("select * from xchan where xchan_hash in ( " . implode(',',$xchans) . " ) ");
if($r) if($r)
$ret['xchan'] = $r; $ret['xchan'] = $r;
$r = q("select * from hubloc where hubloc_hash in ( " . implode(',',$xchans) . " ) "); $r = q("select * from hubloc where hubloc_hash in ( " . implode(',',$xchans) . " ) ");
if($r) if($r)
$ret['hubloc'] = $r; $ret['hubloc'] = $r;
@ -578,7 +578,6 @@ function identity_basic_export($channel_id, $items = false) {
if($r) if($r)
$ret['term'] = $r; $ret['term'] = $r;
// add psuedo-column obj_baseurl to aid in relocations // add psuedo-column obj_baseurl to aid in relocations
$r = q("select obj.*, '%s' as obj_baseurl from obj where obj_channel = %d", $r = q("select obj.*, '%s' as obj_baseurl from obj where obj_channel = %d",
@ -608,7 +607,6 @@ function identity_basic_export($channel_id, $items = false) {
if($r) if($r)
$ret['chatroom'] = $r; $ret['chatroom'] = $r;
$r = q("select * from event where uid = %d", $r = q("select * from event where uid = %d",
intval($channel_id) intval($channel_id)
); );
@ -625,7 +623,7 @@ function identity_basic_export($channel_id, $items = false) {
foreach($r as $rr) foreach($r as $rr)
$ret['event_item'][] = encode_item($rr,true); $ret['event_item'][] = encode_item($rr,true);
} }
$x = menu_list($channel_id); $x = menu_list($channel_id);
if($x) { if($x) {
$ret['menu'] = array(); $ret['menu'] = array();
@ -636,12 +634,10 @@ function identity_basic_export($channel_id, $items = false) {
} }
} }
$addon = array('channel_id' => $channel_id,'data' => $ret); $addon = array('channel_id' => $channel_id,'data' => $ret);
call_hooks('identity_basic_export',$addon); call_hooks('identity_basic_export',$addon);
$ret = $addon['data']; $ret = $addon['data'];
if(! $items) if(! $items)
return $ret; return $ret;
@ -659,11 +655,10 @@ function identity_basic_export($channel_id, $items = false) {
if($r) { if($r) {
for($x = 0; $x < count($r); $x ++) { for($x = 0; $x < count($r); $x ++) {
$r[$x]['subject'] = base64url_decode(str_rot47($r[$x]['subject'])); $r[$x]['subject'] = base64url_decode(str_rot47($r[$x]['subject']));
} }
$ret['conv'] = $r; $ret['conv'] = $r;
} }
$r = q("select * from mail where mail.uid = %d", $r = q("select * from mail where mail.uid = %d",
intval($channel_id) intval($channel_id)
); );
@ -680,15 +675,15 @@ function identity_basic_export($channel_id, $items = false) {
/** @warning this may run into memory limits on smaller systems */ /** @warning this may run into memory limits on smaller systems */
/** export three months of posts. If you want to export and import all posts you have to start with /** export three months of posts. If you want to export and import all posts you have to start with
* the first year and export/import them in ascending order. * the first year and export/import them in ascending order.
* *
* Don't export linked resource items. we'll have to pull those out separately. * Don't export linked resource items. we'll have to pull those out separately.
*/ */
$r = q("select * from item where item_wall = 1 and item_deleted = 0 and uid = %d and created > %s - INTERVAL %s and resource_type = '' order by created", $r = q("select * from item where item_wall = 1 and item_deleted = 0 and uid = %d and created > %s - INTERVAL %s and resource_type = '' order by created",
intval($channel_id), intval($channel_id),
db_utcnow(), db_utcnow(),
db_quoteinterval('3 MONTH') db_quoteinterval('3 MONTH')
); );
if($r) { if($r) {
@ -730,7 +725,7 @@ function identity_export_year($channel_id,$year,$month = 0) {
$r = q("select * from item where ( item_wall = 1 or item_type != %d ) and item_deleted = 0 and uid = %d and created >= '%s' and created < '%s' and resource_type = '' order by created", $r = q("select * from item where ( item_wall = 1 or item_type != %d ) and item_deleted = 0 and uid = %d and created >= '%s' and created < '%s' and resource_type = '' order by created",
intval(ITEM_TYPE_POST), intval(ITEM_TYPE_POST),
intval($channel_id), intval($channel_id),
dbesc($mindate), dbesc($mindate),
dbesc($maxdate) dbesc($maxdate)
); );
@ -745,16 +740,24 @@ function identity_export_year($channel_id,$year,$month = 0) {
return $ret; return $ret;
} }
// export items within an arbitrary date range. Date/time is in UTC. /**
* @brief Export items within an arbitrary date range.
function channel_export_items($channel_id,$start,$finish) { *
* Date/time is in UTC.
*
* @param int $channel_id The channel ID
* @param string $start
* @param string $finish
* @return array
*/
function channel_export_items($channel_id, $start, $finish) {
if(! $start) if(! $start)
return array(); return array();
else else
$start = datetime_convert('UTC','UTC',$start); $start = datetime_convert('UTC', 'UTC', $start);
$finish = datetime_convert('UTC','UTC',(($finish) ? $finish : 'now')); $finish = datetime_convert('UTC', 'UTC', (($finish) ? $finish : 'now'));
if($finish < $start) if($finish < $start)
return array(); return array();
@ -768,16 +771,16 @@ function channel_export_items($channel_id,$start,$finish) {
$r = q("select * from item where ( item_wall = 1 or item_type != %d ) and item_deleted = 0 and uid = %d and created >= '%s' and created < '%s' and resource_type = '' order by created", $r = q("select * from item where ( item_wall = 1 or item_type != %d ) and item_deleted = 0 and uid = %d and created >= '%s' and created < '%s' and resource_type = '' order by created",
intval(ITEM_TYPE_POST), intval(ITEM_TYPE_POST),
intval($channel_id), intval($channel_id),
dbesc($start), dbesc($start),
dbesc($finish) dbesc($finish)
); );
if($r) { if($r) {
$ret['item'] = array(); $ret['item'] = array();
xchan_query($r); xchan_query($r);
$r = fetch_post_tags($r,true); $r = fetch_post_tags($r, true);
foreach($r as $rr) foreach($r as $rr)
$ret['item'][] = encode_item($rr,true); $ret['item'][] = encode_item($rr, true);
} }
return $ret; return $ret;
@ -792,7 +795,7 @@ function channel_export_items($channel_id,$start,$finish) {
* *
* Permissions of the current observer are checked. If a restricted profile is available * Permissions of the current observer are checked. If a restricted profile is available
* to the current observer, that will be loaded instead of the channel default profile. * to the current observer, that will be loaded instead of the channel default profile.
* *
* The channel owner can set $profile to a valid profile_guid to preview that profile. * The channel owner can set $profile to a valid profile_guid to preview that profile.
* *
* The channel default theme is also selected for use, unless over-riden elsewhere. * The channel default theme is also selected for use, unless over-riden elsewhere.
@ -866,7 +869,6 @@ function profile_load($nickname, $profile = '') {
intval($p[0]['profile_uid']) intval($p[0]['profile_uid'])
); );
if($q) { if($q) {
$extra_fields = array(); $extra_fields = array();
require_once('include/channel.php'); require_once('include/channel.php');
@ -985,7 +987,6 @@ function profile_edit_menu($uid) {
} }
return $ret; return $ret;
} }
/** /**
@ -997,6 +998,7 @@ function profile_edit_menu($uid) {
* @param array $profile * @param array $profile
* @param int $block * @param int $block
* @param boolean $show_connect * @param boolean $show_connect
* @param mixed $zcard
* *
* @return HTML string suitable for sidebar inclusion * @return HTML string suitable for sidebar inclusion
* Exceptions: Returns empty string if passed $profile is wrong type or not populated * Exceptions: Returns empty string if passed $profile is wrong type or not populated
@ -1032,7 +1034,7 @@ function profile_sidebar($profile, $block = 0, $show_connect = true, $zcard = fa
$connect_url = rconnect_url($profile['uid'],get_observer_hash()); $connect_url = rconnect_url($profile['uid'],get_observer_hash());
$connect = (($connect_url) ? t('Connect') : ''); $connect = (($connect_url) ? t('Connect') : '');
if($connect_url) if($connect_url)
$connect_url = sprintf($connect_url,urlencode(channel_reddress($profile))); $connect_url = sprintf($connect_url,urlencode(channel_reddress($profile)));
// premium channel - over-ride // premium channel - over-ride
@ -1163,7 +1165,6 @@ function advanced_profile(&$a) {
} }
$tpl = get_markup_template('profile_advanced.tpl'); $tpl = get_markup_template('profile_advanced.tpl');
$profile = array(); $profile = array();
@ -1198,12 +1199,12 @@ function advanced_profile(&$a) {
if((substr(App::$profile['dob'],5,2) === '00') || (substr(App::$profile['dob'],8,2) === '00')) if((substr(App::$profile['dob'],5,2) === '00') || (substr(App::$profile['dob'],8,2) === '00'))
$val = substr(App::$profile['dob'],0,4); $val = substr(App::$profile['dob'],0,4);
$year_bd_format = t('j F, Y'); $year_bd_format = t('j F, Y');
$short_bd_format = t('j F'); $short_bd_format = t('j F');
if(! $val) { if(! $val) {
$val = ((intval(App::$profile['dob'])) $val = ((intval(App::$profile['dob']))
? day_translate(datetime_convert('UTC','UTC',App::$profile['dob'] . ' 00:00 +00:00',$year_bd_format)) ? day_translate(datetime_convert('UTC','UTC',App::$profile['dob'] . ' 00:00 +00:00',$year_bd_format))
: day_translate(datetime_convert('UTC','UTC','2001-' . substr(App::$profile['dob'],5) . ' 00:00 +00:00',$short_bd_format))); : day_translate(datetime_convert('UTC','UTC','2001-' . substr(App::$profile['dob'],5) . ' 00:00 +00:00',$short_bd_format)));
} }
@ -1248,7 +1249,7 @@ function advanced_profile(&$a) {
if($txt = prepare_text(App::$profile['channels'])) $profile['channels'] = array( t('My other channels:'), $txt); if($txt = prepare_text(App::$profile['channels'])) $profile['channels'] = array( t('My other channels:'), $txt);
if($txt = prepare_text(App::$profile['music'])) $profile['music'] = array( t('Musical interests:'), $txt); if($txt = prepare_text(App::$profile['music'])) $profile['music'] = array( t('Musical interests:'), $txt);
if($txt = prepare_text(App::$profile['book'])) $profile['book'] = array( t('Books, literature:'), $txt); if($txt = prepare_text(App::$profile['book'])) $profile['book'] = array( t('Books, literature:'), $txt);
if($txt = prepare_text(App::$profile['tv'])) $profile['tv'] = array( t('Television:'), $txt); if($txt = prepare_text(App::$profile['tv'])) $profile['tv'] = array( t('Television:'), $txt);
@ -1256,7 +1257,7 @@ function advanced_profile(&$a) {
if($txt = prepare_text(App::$profile['film'])) $profile['film'] = array( t('Film/dance/culture/entertainment:'), $txt); if($txt = prepare_text(App::$profile['film'])) $profile['film'] = array( t('Film/dance/culture/entertainment:'), $txt);
if($txt = prepare_text(App::$profile['romance'])) $profile['romance'] = array( t('Love/Romance:'), $txt); if($txt = prepare_text(App::$profile['romance'])) $profile['romance'] = array( t('Love/Romance:'), $txt);
if($txt = prepare_text(App::$profile['employment'])) $profile['employment'] = array( t('Work/employment:'), $txt); if($txt = prepare_text(App::$profile['employment'])) $profile['employment'] = array( t('Work/employment:'), $txt);
if($txt = prepare_text(App::$profile['education'])) $profile['education'] = array( t('School/education:'), $txt ); if($txt = prepare_text(App::$profile['education'])) $profile['education'] = array( t('School/education:'), $txt );
@ -1275,7 +1276,7 @@ function advanced_profile(&$a) {
$things = get_things(App::$profile['profile_guid'],App::$profile['profile_uid']); $things = get_things(App::$profile['profile_guid'],App::$profile['profile_uid']);
// logger('mod_profile: things: ' . print_r($things,true), LOGGER_DATA); // logger('mod_profile: things: ' . print_r($things,true), LOGGER_DATA);
return replace_macros($tpl, array( return replace_macros($tpl, array(
'$title' => t('Profile'), '$title' => t('Profile'),
@ -1403,7 +1404,8 @@ function zid($s,$address = '') {
$mine = get_my_url(); $mine = get_my_url();
$myaddr = (($address) ? $address : get_my_address()); $myaddr = (($address) ? $address : get_my_address());
/** @FIXME checking against our own channel url is no longer reliable. We may have a lot /**
* @FIXME checking against our own channel url is no longer reliable. We may have a lot
* of urls attached to out channel. Should probably match against our site, since we * of urls attached to out channel. Should probably match against our site, since we
* will not need to remote authenticate on our own site anyway. * will not need to remote authenticate on our own site anyway.
*/ */
@ -1426,8 +1428,8 @@ function zid($s,$address = '') {
// Used from within PCSS themes to set theme parameters. If there's a // Used from within PCSS themes to set theme parameters. If there's a
// puid request variable, that is the "page owner" and normally their theme // puid request variable, that is the "page owner" and normally their theme
// settings take precedence; unless a local user sets the "always_my_theme" // settings take precedence; unless a local user sets the "always_my_theme"
// system pconfig, which means they don't want to see anybody else's theme // system pconfig, which means they don't want to see anybody else's theme
// settings except their own while on this site. // settings except their own while on this site.
function get_theme_uid() { function get_theme_uid() {
@ -1619,7 +1621,7 @@ function get_profile_fields_advanced($filter = 0) {
* The channel to disable notifications for * The channel to disable notifications for
* @returns int * @returns int
* Current notification flag value. Send this to notifications_on() to restore the channel settings when finished * Current notification flag value. Send this to notifications_on() to restore the channel settings when finished
* with the activity requiring notifications_off(); * with the activity requiring notifications_off();
*/ */
function notifications_off($channel_id) { function notifications_off($channel_id) {
$r = q("select channel_notifyflags from channel where channel_id = %d limit 1", $r = q("select channel_notifyflags from channel where channel_id = %d limit 1",
@ -1633,18 +1635,18 @@ function notifications_off($channel_id) {
} }
function notifications_on($channel_id,$value) { function notifications_on($channel_id, $value) {
$x = q("update channel set channel_notifyflags = %d where channel_id = %d", $x = q("update channel set channel_notifyflags = %d where channel_id = %d",
intval($value), intval($value),
intval($channel_id) intval($channel_id)
); );
return $x; return $x;
} }
function get_channel_default_perms($uid) { function get_channel_default_perms($uid) {
$ret = []; $ret = [];
$r = q("select abook_xchan from abook where abook_channel = %d and abook_self = 1 limit 1", $r = q("select abook_xchan from abook where abook_channel = %d and abook_self = 1 limit 1",
@ -1666,7 +1668,6 @@ function get_channel_default_perms($uid) {
function profiles_build_sync($channel_id) { function profiles_build_sync($channel_id) {
$r = q("select * from profile where uid = %d", $r = q("select * from profile where uid = %d",
intval($channel_id) intval($channel_id)
); );
@ -1713,7 +1714,6 @@ function auto_channel_create($account_id) {
$arr['nickname'] = check_webbie(array($arr['nickname'], $arr['nickname'] . mt_rand(1000,9999))); $arr['nickname'] = check_webbie(array($arr['nickname'], $arr['nickname'] . mt_rand(1000,9999)));
return create_identity($arr); return create_identity($arr);
} }
function get_cover_photo($channel_id,$format = 'bbcode', $res = PHOTO_RES_COVER_1200) { function get_cover_photo($channel_id,$format = 'bbcode', $res = PHOTO_RES_COVER_1200) {
@ -1748,18 +1748,24 @@ function get_cover_photo($channel_id,$format = 'bbcode', $res = PHOTO_RES_COVER_
break; break;
} }
return $output; return $output;
} }
function get_zcard($channel,$observer_hash = '',$args = array()) { /**
* @brief
*
* @param array $channel
* @param string $observer_hash
* @param array $args
* @return string
*/
function get_zcard($channel, $observer_hash = '', $args = array()) {
logger('get_zcard'); logger('get_zcard');
$maxwidth = (($args['width']) ? intval($args['width']) : 0); $maxwidth = (($args['width']) ? intval($args['width']) : 0);
$maxheight = (($args['height']) ? intval($args['height']) : 0); $maxheight = (($args['height']) ? intval($args['height']) : 0);
if(($maxwidth > 1200) || ($maxwidth < 1)) if(($maxwidth > 1200) || ($maxwidth < 1))
$maxwidth = 1200; $maxwidth = 1200;
@ -1767,25 +1773,22 @@ function get_zcard($channel,$observer_hash = '',$args = array()) {
$width = 425; $width = 425;
$size = 'hz_small'; $size = 'hz_small';
$cover_size = PHOTO_RES_COVER_425; $cover_size = PHOTO_RES_COVER_425;
$pphoto = array('mimetype' => $channel['xchan_photo_mimetype'], 'width' => 80 , 'height' => 80, 'href' => $channel['xchan_photo_m']); $pphoto = array('mimetype' => $channel['xchan_photo_mimetype'], 'width' => 80 , 'height' => 80, 'href' => $channel['xchan_photo_m']);
} } elseif($maxwidth <= 900) {
elseif($maxwidth <= 900) {
$width = 900; $width = 900;
$size = 'hz_medium'; $size = 'hz_medium';
$cover_size = PHOTO_RES_COVER_850; $cover_size = PHOTO_RES_COVER_850;
$pphoto = array('mimetype' => $channel['xchan_photo_mimetype'], 'width' => 160 , 'height' => 160, 'href' => $channel['xchan_photo_l']); $pphoto = array('mimetype' => $channel['xchan_photo_mimetype'], 'width' => 160 , 'height' => 160, 'href' => $channel['xchan_photo_l']);
} } elseif($maxwidth <= 1200) {
elseif($maxwidth <= 1200) {
$width = 1200; $width = 1200;
$size = 'hz_large'; $size = 'hz_large';
$cover_size = PHOTO_RES_COVER_1200; $cover_size = PHOTO_RES_COVER_1200;
$pphoto = array('mimetype' => $channel['xchan_photo_mimetype'], 'width' => 300 , 'height' => 300, 'href' => $channel['xchan_photo_l']); $pphoto = array('mimetype' => $channel['xchan_photo_mimetype'], 'width' => 300 , 'height' => 300, 'href' => $channel['xchan_photo_l']);
} }
// $scale = (float) $maxwidth / $width; // $scale = (float) $maxwidth / $width;
// $translate = intval(($scale / 1.0) * 100); // $translate = intval(($scale / 1.0) * 100);
$channel['channel_addr'] = channel_reddress($channel); $channel['channel_addr'] = channel_reddress($channel);
$zcard = array('chan' => $channel); $zcard = array('chan' => $channel);
@ -1798,12 +1801,11 @@ function get_zcard($channel,$observer_hash = '',$args = array()) {
if($r) { if($r) {
$cover = $r[0]; $cover = $r[0];
$cover['href'] = z_root() . '/photo/' . $r[0]['resource_id'] . '-' . $r[0]['imgscale']; $cover['href'] = z_root() . '/photo/' . $r[0]['resource_id'] . '-' . $r[0]['imgscale'];
} } else {
else {
$cover = $pphoto; $cover = $pphoto;
} }
$o .= replace_macros(get_markup_template('zcard.tpl'),array( $o .= replace_macros(get_markup_template('zcard.tpl'), array(
'$maxwidth' => $maxwidth, '$maxwidth' => $maxwidth,
'$scale' => $scale, '$scale' => $scale,
'$translate' => $translate, '$translate' => $translate,
@ -1811,21 +1813,19 @@ function get_zcard($channel,$observer_hash = '',$args = array()) {
'$cover' => $cover, '$cover' => $cover,
'$pphoto' => $pphoto, '$pphoto' => $pphoto,
'$zcard' => $zcard '$zcard' => $zcard
)); ));
return $o; return $o;
} }
function get_zcard_embed($channel,$observer_hash = '',$args = array()) { function get_zcard_embed($channel, $observer_hash = '', $args = array()) {
logger('get_zcard_embed'); logger('get_zcard_embed');
$maxwidth = (($args['width']) ? intval($args['width']) : 0); $maxwidth = (($args['width']) ? intval($args['width']) : 0);
$maxheight = (($args['height']) ? intval($args['height']) : 0); $maxheight = (($args['height']) ? intval($args['height']) : 0);
if(($maxwidth > 1200) || ($maxwidth < 1)) if(($maxwidth > 1200) || ($maxwidth < 1))
$maxwidth = 1200; $maxwidth = 1200;
@ -1860,11 +1860,10 @@ function get_zcard_embed($channel,$observer_hash = '',$args = array()) {
if($r) { if($r) {
$cover = $r[0]; $cover = $r[0];
$cover['href'] = z_root() . '/photo/' . $r[0]['resource_id'] . '-' . $r[0]['imgscale']; $cover['href'] = z_root() . '/photo/' . $r[0]['resource_id'] . '-' . $r[0]['imgscale'];
} } else {
else {
$cover = $pphoto; $cover = $pphoto;
} }
$o .= replace_macros(get_markup_template('zcard_embed.tpl'),array( $o .= replace_macros(get_markup_template('zcard_embed.tpl'),array(
'$maxwidth' => $maxwidth, '$maxwidth' => $maxwidth,
'$scale' => $scale, '$scale' => $scale,
@ -1873,36 +1872,62 @@ function get_zcard_embed($channel,$observer_hash = '',$args = array()) {
'$cover' => $cover, '$cover' => $cover,
'$pphoto' => $pphoto, '$pphoto' => $pphoto,
'$zcard' => $zcard '$zcard' => $zcard
)); ));
return $o; return $o;
} }
/**
* @brief
*
* @param string $nick
* @return mixed
*/
function channelx_by_nick($nick) { function channelx_by_nick($nick) {
$r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_address = '%s' and channel_removed = 0 LIMIT 1", $r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_address = '%s' and channel_removed = 0 LIMIT 1",
dbesc($nick) dbesc($nick)
); );
return(($r) ? $r[0] : false); return(($r) ? $r[0] : false);
} }
/**
* @brief
*
* @param string $hash
* @return mixed
*/
function channelx_by_hash($hash) { function channelx_by_hash($hash) {
$r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_hash = '%s' and channel_removed = 0 LIMIT 1", $r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_hash = '%s' and channel_removed = 0 LIMIT 1",
dbesc($hash) dbesc($hash)
); );
return(($r) ? $r[0] : false); return(($r) ? $r[0] : false);
} }
/**
* @brief
*
* @param int $id
* @return mixed
*/
function channelx_by_n($id) { function channelx_by_n($id) {
$r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_id = %d and channel_removed = 0 LIMIT 1", $r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_id = %d and channel_removed = 0 LIMIT 1",
dbesc($id) dbesc($id)
); );
return(($r) ? $r[0] : false); return(($r) ? $r[0] : false);
} }
/**
* @brief
*
* @param string $channel
* @return string
*/
function channel_reddress($channel) { function channel_reddress($channel) {
if(! ($channel && array_key_exists('channel_address',$channel))) if(! ($channel && array_key_exists('channel_address', $channel)))
return ''; return '';
return strtolower($channel['channel_address'] . '@' . App::get_hostname()); return strtolower($channel['channel_address'] . '@' . App::get_hostname());
} }

4
include/config.php
View File

@ -1,5 +1,4 @@
<?php <?php
/** /**
* @file include/config.php * @file include/config.php
* @brief Arbitrary configuration storage. * @brief Arbitrary configuration storage.
@ -7,7 +6,6 @@
* Arrays get stored as serialized strings. * Arrays get stored as serialized strings.
* Booleans are stored as integer 0/1. * Booleans are stored as integer 0/1.
* *
* - <b>config</b> is used for hub specific configurations. It overrides the * - <b>config</b> is used for hub specific configurations. It overrides the
* configurations from .htconfig file. The storage is of size TEXT. * configurations from .htconfig file. The storage is of size TEXT.
* - <b>pconfig</b> is used for channel specific configurations and takes a * - <b>pconfig</b> is used for channel specific configurations and takes a
@ -26,7 +24,7 @@
* - get_config() and set_config() can also be done through the command line tool * - get_config() and set_config() can also be done through the command line tool
* @ref util/config.md "util/config" * @ref util/config.md "util/config"
* - get_pconfig() and set_pconfig() can also be done through the command line tool * - get_pconfig() and set_pconfig() can also be done through the command line tool
* @ref util/pconfig.md "util/pconfig" and takes a channel_id as first argument. * @ref util/pconfig.md "util/pconfig" and takes a channel_id as first argument.
* *
*/ */

24
include/datetime.php
View File

@ -92,8 +92,8 @@ function datetime_convert($from = 'UTC', $to = 'UTC', $s = 'now', $fmt = "Y-m-d
// Slight hackish adjustment so that 'zero' datetime actually returns what is intended // Slight hackish adjustment so that 'zero' datetime actually returns what is intended
// otherwise we end up with -0001-11-30 ... // otherwise we end up with -0001-11-30 ...
// add 32 days so that we at least get year 00, and then hack around the fact that // add 32 days so that we at least get year 00, and then hack around the fact that
// months and days always start with 1. // months and days always start with 1.
// if(substr($s,0,10) == '0000-00-00') { // if(substr($s,0,10) == '0000-00-00') {
// $d = new DateTime($s . ' + 32 days', new DateTimeZone('UTC')); // $d = new DateTime($s . ' + 32 days', new DateTimeZone('UTC'));
@ -195,7 +195,7 @@ function timesel($format, $h, $m, $id='timepicker') {
/** /**
* @brief Returns a datetime selector. * @brief Returns a datetime selector.
* *
* @param $format * @param string $format
* format string, e.g. 'ymd' or 'mdy'. Not currently supported * format string, e.g. 'ymd' or 'mdy'. Not currently supported
* @param $min * @param $min
* unix timestamp of minimum date * unix timestamp of minimum date
@ -203,6 +203,7 @@ function timesel($format, $h, $m, $id='timepicker') {
* unix timestap of maximum date * unix timestap of maximum date
* @param $default * @param $default
* unix timestamp of default date * unix timestamp of default date
* @param string $label
* @param string $id * @param string $id
* id and name of datetimepicker (defaults to "datetimepicker") * id and name of datetimepicker (defaults to "datetimepicker")
* @param boolean $pickdate * @param boolean $pickdate
@ -214,8 +215,9 @@ function timesel($format, $h, $m, $id='timepicker') {
* @param $maxfrom * @param $maxfrom
* set maximum date from picker with id $maxfrom (none by default) * set maximum date from picker with id $maxfrom (none by default)
* @param boolean $required default false * @param boolean $required default false
* @param int $first_day (optional) default 0
* @return string Parsed HTML output. * @return string Parsed HTML output.
* *
* @todo Once browser support is better this could probably be replaced with * @todo Once browser support is better this could probably be replaced with
* native HTML5 date picker. * native HTML5 date picker.
*/ */
@ -239,10 +241,10 @@ function datetimesel($format, $min, $max, $default, $label, $id = 'datetimepicke
if(!$picktime) $pickers .= ',timepicker: false, closeOnDateSelect:true'; if(!$picktime) $pickers .= ',timepicker: false, closeOnDateSelect:true';
$extra_js = ''; $extra_js = '';
if($minfrom != '') if($minfrom != '')
$extra_js .= "\$('#id_$minfrom').data('xdsoft_datetimepicker').setOptions({onChangeDateTime: function (currentDateTime) { \$('#id_$id').data('xdsoft_datetimepicker').setOptions({minDate: currentDateTime})}})"; $extra_js .= "\$('#id_$minfrom').data('xdsoft_datetimepicker').setOptions({onChangeDateTime: function (currentDateTime) { \$('#id_$id').data('xdsoft_datetimepicker').setOptions({minDate: currentDateTime})}})";
if($maxfrom != '') if($maxfrom != '')
$extra_js .= "\$('#id_$maxfrom').data('xdsoft_datetimepicker').setOptions({onChangeDateTime: function (currentDateTime) { \$('#id_$id').data('xdsoft_datetimepicker').setOptions({maxDate: currentDateTime})}})"; $extra_js .= "\$('#id_$maxfrom').data('xdsoft_datetimepicker').setOptions({onChangeDateTime: function (currentDateTime) { \$('#id_$id').data('xdsoft_datetimepicker').setOptions({maxDate: currentDateTime})}})";
$readable_format = $dateformat; $readable_format = $dateformat;
@ -276,7 +278,7 @@ function datetimesel($format, $min, $max, $default, $label, $id = 'datetimepicke
*/ */
function relative_date($posted_date, $format = null) { function relative_date($posted_date, $format = null) {
$localtime = datetime_convert('UTC', date_default_timezone_get(), $posted_date); $localtime = datetime_convert('UTC', date_default_timezone_get(), $posted_date);
$abs = strtotime($localtime); $abs = strtotime($localtime);
@ -340,7 +342,7 @@ function plural_dates($k,$n) {
return; return;
} }
} }
@ -512,7 +514,7 @@ function cal($y = 0, $m = 0, $links = false, $class='') {
/** /**
* @brief Return the next birthday, converted from the owner's timezone to UTC. * @brief Return the next birthday, converted from the owner's timezone to UTC.
* *
* This makes it globally portable. * This makes it globally portable.
* If the provided birthday lacks a month and or day, return an empty string. * If the provided birthday lacks a month and or day, return an empty string.
* A missing year is acceptable. * A missing year is acceptable.
@ -554,7 +556,7 @@ function update_birthdays() {
require_once('include/event.php'); require_once('include/event.php');
require_once('include/permissions.php'); require_once('include/permissions.php');
$r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash
WHERE abook_dob > %s + interval %s and abook_dob < %s + interval %s", WHERE abook_dob > %s + interval %s and abook_dob < %s + interval %s",
db_utcnow(), db_quoteinterval('7 day'), db_utcnow(), db_quoteinterval('7 day'),
db_utcnow(), db_quoteinterval('14 day') db_utcnow(), db_quoteinterval('14 day')
@ -572,7 +574,7 @@ function update_birthdays() {
$ev['dtend'] = datetime_convert('UTC', 'UTC', $rr['abook_dob'] . ' + 1 day '); $ev['dtend'] = datetime_convert('UTC', 'UTC', $rr['abook_dob'] . ' + 1 day ');
$ev['adjust'] = intval(feature_enabled($rr['abook_channel'],'smart_birthdays')); $ev['adjust'] = intval(feature_enabled($rr['abook_channel'],'smart_birthdays'));
$ev['summary'] = sprintf( t('%1$s\'s birthday'), $rr['xchan_name']); $ev['summary'] = sprintf( t('%1$s\'s birthday'), $rr['xchan_name']);
$ev['description'] = sprintf( t('Happy Birthday %1$s'), $ev['description'] = sprintf( t('Happy Birthday %1$s'),
'[zrl=' . $rr['xchan_url'] . ']' . $rr['xchan_name'] . '[/zrl]') ; '[zrl=' . $rr['xchan_url'] . ']' . $rr['xchan_name'] . '[/zrl]') ;
$ev['etype'] = 'birthday'; $ev['etype'] = 'birthday';

103
include/help.php
View File

@ -1,11 +1,17 @@
<?php <?php
/**
* @brief
*
* @param string $tocpath
* @return string|unknown
*/
function get_help_content($tocpath = false) { function get_help_content($tocpath = false) {
global $lang; global $lang;
$doctype = 'markdown'; $doctype = 'markdown';
$text = ''; $text = '';
$path = (($tocpath !== false) ? $tocpath : ''); $path = (($tocpath !== false) ? $tocpath : '');
@ -25,7 +31,7 @@ function get_help_content($tocpath = false) {
\App::$page['title'] = t('Help:') . ' ' . ucwords(str_replace('-',' ',notags($title))); \App::$page['title'] = t('Help:') . ' ' . ucwords(str_replace('-',' ',notags($title)));
$text = load_doc_file('doc/' . $path . '.md'); $text = load_doc_file('doc/' . $path . '.md');
if(! $text) { if(! $text) {
$text = load_doc_file('doc/' . $path . '.bb'); $text = load_doc_file('doc/' . $path . '.bb');
if($text) if($text)
@ -51,16 +57,16 @@ function get_help_content($tocpath = false) {
$text = load_doc_file('doc/main.bb'); $text = load_doc_file('doc/main.bb');
\App::$page['title'] = t('Help'); \App::$page['title'] = t('Help');
} }
if(! $text) { if(! $text) {
header($_SERVER["SERVER_PROTOCOL"] . ' 404 ' . t('Not Found')); header($_SERVER["SERVER_PROTOCOL"] . ' 404 ' . t('Not Found'));
$tpl = get_markup_template("404.tpl"); $tpl = get_markup_template("404.tpl");
return replace_macros($tpl, array( return replace_macros($tpl, array(
'$message' => t('Page not found.' ) '$message' => t('Page not found.')
)); ));
} }
} }
if($doctype === 'html') if($doctype === 'html')
$content = $text; $content = $text;
if($doctype === 'markdown') { if($doctype === 'markdown') {
@ -74,30 +80,30 @@ function get_help_content($tocpath = false) {
require_once('include/bbcode.php'); require_once('include/bbcode.php');
$content = bbcode($text); $content = bbcode($text);
// bbcode retargets external content to new windows. This content is internal. // bbcode retargets external content to new windows. This content is internal.
$content = str_replace(' target="_blank"','',$content); $content = str_replace(' target="_blank"', '', $content);
} }
$content = preg_replace_callback("/#include (.*?)\;/ism", 'preg_callback_help_include', $content); $content = preg_replace_callback("/#include (.*?)\;/ism", 'preg_callback_help_include', $content);
return translate_projectname($content); return translate_projectname($content);
} }
function preg_callback_help_include($matches) { function preg_callback_help_include($matches) {
if($matches[1]) { if($matches[1]) {
$include = str_replace($matches[0],load_doc_file($matches[1]),$matches[0]); $include = str_replace($matches[0],load_doc_file($matches[1]),$matches[0]);
if(preg_match('/\.bb$/', $matches[1]) || preg_match('/\.txt$/', $matches[1])) { if(preg_match('/\.bb$/', $matches[1]) || preg_match('/\.txt$/', $matches[1])) {
require_once('include/bbcode.php'); require_once('include/bbcode.php');
$include = bbcode($include); $include = bbcode($include);
$include = str_replace(' target="_blank"','',$include); $include = str_replace(' target="_blank"','',$include);
} }
elseif(preg_match('/\.md$/', $matches[1])) { elseif(preg_match('/\.md$/', $matches[1])) {
require_once('library/markdown.php'); require_once('library/markdown.php');
$include = Markdown($include); $include = Markdown($include);
} }
return $include; return $include;
} }
} }
@ -110,10 +116,10 @@ function load_doc_file($s) {
$d = dirname($s); $d = dirname($s);
$c = find_doc_file("$d/$lang/$b"); $c = find_doc_file("$d/$lang/$b");
if($c) if($c)
return $c; return $c;
$c = find_doc_file($s); $c = find_doc_file($s);
if($c) if($c)
return $c; return $c;
return ''; return '';
} }
@ -125,6 +131,12 @@ function find_doc_file($s) {
return ''; return '';
} }
/**
* @brief
*
* @param string $s
* @return number|mixed|unknown|boolean
*/
function search_doc_files($s) { function search_doc_files($s) {
$itemspage = get_pconfig(local_channel(),'system','itemspage'); $itemspage = get_pconfig(local_channel(),'system','itemspage');
@ -133,21 +145,21 @@ function search_doc_files($s) {
$regexop = db_getfunc('REGEXP'); $regexop = db_getfunc('REGEXP');
$r = q("select iconfig.v, item.* from item left join iconfig on item.id = iconfig.iid $r = q("select iconfig.v, item.* from item left join iconfig on item.id = iconfig.iid
where iconfig.cat = 'system' and iconfig.k = 'docfile' and where iconfig.cat = 'system' and iconfig.k = 'docfile' and
body $regexop '%s' and item_type = %d $pager_sql", body $regexop '%s' and item_type = %d $pager_sql",
dbesc($s), dbesc($s),
intval(ITEM_TYPE_DOC) intval(ITEM_TYPE_DOC)
); );
$r = fetch_post_tags($r,true); $r = fetch_post_tags($r, true);
for($x = 0; $x < count($r); $x ++) { for($x = 0; $x < count($r); $x ++) {
$position = stripos($r[$x]['body'], $s); $position = stripos($r[$x]['body'], $s);
$dislen = 300; $dislen = 300;
$start = $position-floor($dislen/2); $start = $position-floor($dislen/2);
if ( $start < 0) { if ( $start < 0) {
$start = 0; $start = 0;
} }
$r[$x]['text'] = substr($r[$x]['body'], $start, $dislen); $r[$x]['text'] = substr($r[$x]['body'], $start, $dislen);
@ -159,43 +171,50 @@ function search_doc_files($s) {
} }
} }
} }
if(stristr($r[$x]['v'],$s)) if(stristr($r[$x]['v'], $s))
$r[$x]['rank'] ++; $r[$x]['rank'] ++;
$r[$x]['rank'] += substr_count(strtolower($r[$x]['text']),strtolower($s)); $r[$x]['rank'] += substr_count(strtolower($r[$x]['text']), strtolower($s));
// bias the results to the observer's native language // bias the results to the observer's native language
if($r[$x]['lang'] === \App::$language) if($r[$x]['lang'] === \App::$language)
$r[$x]['rank'] = $r[$x]['rank'] + 10; $r[$x]['rank'] = $r[$x]['rank'] + 10;
} }
usort($r,'doc_rank_sort'); usort($r,'doc_rank_sort');
return $r; return $r;
} }
function doc_rank_sort($s1,$s2) { function doc_rank_sort($s1, $s2) {
if($s1['rank'] == $s2['rank']) if($s1['rank'] == $s2['rank'])
return 0; return 0;
return (($s1['rank'] < $s2['rank']) ? 1 : (-1)); return (($s1['rank'] < $s2['rank']) ? 1 : (-1));
} }
/**
* @brief
*
* @return string
*/
function load_context_help() { function load_context_help() {
$path = App::$cmd; $path = App::$cmd;
$args = App::$argv; $args = App::$argv;
$lang = App::$language; $lang = App::$language;
if(! isset($lang) || !is_dir('doc/context/' . $lang . '/')) { if(! isset($lang) || !is_dir('doc/context/' . $lang . '/')) {
$lang = 'en'; $lang = 'en';
} }
while($path) { while($path) {
$context_help = load_doc_file('doc/context/' . $lang . '/' . $path . '/help.html'); $context_help = load_doc_file('doc/context/' . $lang . '/' . $path . '/help.html');
if(!$context_help) { if(!$context_help) {
// Fallback to English if the translation is absent // Fallback to English if the translation is absent
$context_help = load_doc_file('doc/context/en/' . $path . '/help.html'); $context_help = load_doc_file('doc/context/en/' . $path . '/help.html');
} }
if($context_help) if($context_help)
break; break;
array_pop($args); array_pop($args);
$path = implode($args,'/'); $path = implode($args,'/');
} }
@ -203,7 +222,12 @@ function load_context_help() {
return $context_help; return $context_help;
} }
/**
* @brief
*
* @param string $s
* @return void|boolean[]|number[]|string[]|unknown[]
*/
function store_doc_file($s) { function store_doc_file($s) {
if(is_dir($s)) if(is_dir($s))
@ -215,10 +239,9 @@ function store_doc_file($s) {
$item['aid'] = 0; $item['aid'] = 0;
$item['uid'] = $sys['channel_id']; $item['uid'] = $sys['channel_id'];
if(strpos($s, '.md'))
if(strpos($s,'.md'))
$mimetype = 'text/markdown'; $mimetype = 'text/markdown';
elseif(strpos($s,'.html')) elseif(strpos($s, '.html'))
$mimetype = 'text/html'; $mimetype = 'text/html';
else else
$mimetype = 'text/bbcode'; $mimetype = 'text/bbcode';
@ -227,12 +250,12 @@ function store_doc_file($s) {
$item['body'] = html2plain(prepare_text(file_get_contents($s),$mimetype, true)); $item['body'] = html2plain(prepare_text(file_get_contents($s),$mimetype, true));
$item['mimetype'] = 'text/plain'; $item['mimetype'] = 'text/plain';
$item['plink'] = z_root() . '/' . str_replace('doc','help',$s); $item['plink'] = z_root() . '/' . str_replace('doc','help',$s);
$item['owner_xchan'] = $item['author_xchan'] = $sys['channel_hash']; $item['owner_xchan'] = $item['author_xchan'] = $sys['channel_hash'];
$item['item_type'] = ITEM_TYPE_DOC; $item['item_type'] = ITEM_TYPE_DOC;
$r = q("select item.* from item left join iconfig on item.id = iconfig.iid $r = q("select item.* from item left join iconfig on item.id = iconfig.iid
where iconfig.cat = 'system' and iconfig.k = 'docfile' and where iconfig.cat = 'system' and iconfig.k = 'docfile' and
iconfig.v = '%s' and item_type = %d limit 1", iconfig.v = '%s' and item_type = %d limit 1",
dbesc($s), dbesc($s),
@ -252,6 +275,4 @@ function store_doc_file($s) {
} }
return $x; return $x;
} }

96
include/items.php
View File

@ -3,9 +3,6 @@
* @file include/items.php * @file include/items.php
*/ */
// uncertain if this line is needed and why
use Sabre\HTTP\URLUtil;
use Zotlabs\Lib as Zlib; use Zotlabs\Lib as Zlib;
require_once('include/bbcode.php'); require_once('include/bbcode.php');
@ -66,6 +63,7 @@ function collect_recipients($item, &$private_envelope) {
if($recipients && $deny) if($recipients && $deny)
$recipients = array_diff($recipients,$deny); $recipients = array_diff($recipients,$deny);
$private_envelope = true; $private_envelope = true;
} }
else { else {
@ -116,7 +114,7 @@ function collect_recipients($item, &$private_envelope) {
// Add the authors of any posts in this thread, if they are known to us. // Add the authors of any posts in this thread, if they are known to us.
// This is specifically designed to forward wall-to-wall posts to the original author, // This is specifically designed to forward wall-to-wall posts to the original author,
// in case they aren't a connection but have permission to write on our wall. // in case they aren't a connection but have permission to write on our wall.
// This is important for issue tracker channels. It should be a no-op for most channels. // This is important for issue tracker channels. It should be a no-op for most channels.
// Whether or not they will accept the delivery is not determined here, but should // Whether or not they will accept the delivery is not determined here, but should
// be taken into account by zot:process_delivery() // be taken into account by zot:process_delivery()
@ -131,7 +129,6 @@ function collect_recipients($item, &$private_envelope) {
} }
} }
} }
} }
@ -173,19 +170,19 @@ function comments_are_now_closed($item) {
} }
function item_normal() { function item_normal() {
return " and item.item_hidden = 0 and item.item_type = 0 and item.item_deleted = 0 return " and item.item_hidden = 0 and item.item_type = 0 and item.item_deleted = 0
and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_pending_remove = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_pending_remove = 0
and item.item_blocked = 0 "; and item.item_blocked = 0 ";
} }
/** /**
* @brief * @brief
* *
* This is a compatibility function primarily for plugins, because * This is a compatibility function primarily for plugins, because
* in earlier DB schemas this was a much simpler single integer compare * in earlier DB schemas this was a much simpler single integer compare
* *
* @param array $item
*/ */
function is_item_normal($item) { function is_item_normal($item) {
if(intval($item['item_hidden']) || intval($item['item_type']) || intval($item['item_deleted']) if(intval($item['item_hidden']) || intval($item['item_type']) || intval($item['item_deleted'])
@ -193,8 +190,7 @@ function is_item_normal($item) {
|| intval($item['item_blocked'])) || intval($item['item_blocked']))
return false; return false;
return true; return true;
} }
/** /**
@ -236,7 +232,7 @@ function can_comment_on_post($observer_xchan, $item) {
case 'public': case 'public':
// We don't really allow or support public comments yet, but anonymous // We don't really allow or support public comments yet, but anonymous
// folks won't ever reach this point (as $observer_xchan will be empty). // folks won't ever reach this point (as $observer_xchan will be empty).
// This means the viewer has an xchan and we can identify them. // This means the viewer has an xchan and we can identify them.
return true; return true;
break; break;
case 'any connections': case 'any connections':
@ -481,7 +477,7 @@ function validate_item_elements($message,$arr) {
if(! array_key_exists('created',$arr)) if(! array_key_exists('created',$arr))
$result['message'] = 'missing created, possible author/owner lookup failure'; $result['message'] = 'missing created, possible author/owner lookup failure';
if((! $arr['mid']) || (! $arr['parent_mid'])) if((! $arr['mid']) || (! $arr['parent_mid']))
$result['message'] = 'missing message-id or parent message-id'; $result['message'] = 'missing message-id or parent message-id';
if(array_key_exists('flags',$message) && in_array('relay',$message['flags']) && $arr['mid'] === $arr['parent_mid']) if(array_key_exists('flags',$message) && in_array('relay',$message['flags']) && $arr['mid'] === $arr['parent_mid'])
@ -495,10 +491,6 @@ function validate_item_elements($message,$arr) {
} }
/** /**
* @brief Limit lenght on imported system messages. * @brief Limit lenght on imported system messages.
* *
@ -652,7 +644,6 @@ function get_item_elements($x,$allow_code = false) {
if(mb_strlen($arr['title']) > 255) if(mb_strlen($arr['title']) > 255)
$arr['title'] = mb_substr($arr['title'],0,255); $arr['title'] = mb_substr($arr['title'],0,255);
$arr['app'] = (($x['app']) ? htmlspecialchars($x['app'], ENT_COMPAT,'UTF-8',false) : ''); $arr['app'] = (($x['app']) ? htmlspecialchars($x['app'], ENT_COMPAT,'UTF-8',false) : '');
$arr['route'] = (($x['route']) ? htmlspecialchars($x['route'], ENT_COMPAT,'UTF-8',false) : ''); $arr['route'] = (($x['route']) ? htmlspecialchars($x['route'], ENT_COMPAT,'UTF-8',false) : '');
$arr['mid'] = (($x['message_id']) ? htmlspecialchars($x['message_id'], ENT_COMPAT,'UTF-8',false) : ''); $arr['mid'] = (($x['message_id']) ? htmlspecialchars($x['message_id'], ENT_COMPAT,'UTF-8',false) : '');
@ -714,7 +705,7 @@ function get_item_elements($x,$allow_code = false) {
// hub and verify that they are legit - or else we're going to toss the post. We only need to do this // hub and verify that they are legit - or else we're going to toss the post. We only need to do this
// once, and after that your hub knows them. Sure some info is in the post, but it's only a transit identifier // once, and after that your hub knows them. Sure some info is in the post, but it's only a transit identifier
// and not enough info to be able to look you up from your hash - which is the only thing stored with the post. // and not enough info to be able to look you up from your hash - which is the only thing stored with the post.
$xchan_hash = import_author_xchan($x['author']); $xchan_hash = import_author_xchan($x['author']);
if($xchan_hash) if($xchan_hash)
$arr['author_xchan'] = $xchan_hash; $arr['author_xchan'] = $xchan_hash;
@ -1057,7 +1048,6 @@ function encode_item($item,$mirror = false) {
$x['item_blocked'] = $item['item_blocked']; $x['item_blocked'] = $item['item_blocked'];
} }
$x['message_id'] = $item['mid']; $x['message_id'] = $item['mid'];
$x['message_top'] = $item['parent_mid']; $x['message_top'] = $item['parent_mid'];
$x['message_parent'] = $item['thr_parent']; $x['message_parent'] = $item['thr_parent'];
@ -1078,9 +1068,9 @@ function encode_item($item,$mirror = false) {
$x['longlat'] = $item['coord']; $x['longlat'] = $item['coord'];
$x['signature'] = $item['sig']; $x['signature'] = $item['sig'];
$x['route'] = $item['route']; $x['route'] = $item['route'];
$x['owner'] = encode_item_xchan($item['owner']); $x['owner'] = encode_item_xchan($item['owner']);
$x['author'] = encode_item_xchan($item['author']); $x['author'] = encode_item_xchan($item['author']);
if($item['obj']) if($item['obj'])
$x['object'] = json_decode($item['obj'],true); $x['object'] = json_decode($item['obj'],true);
if($item['target']) if($item['target'])
@ -1237,7 +1227,7 @@ function decode_item_meta($meta) {
$ret[] = array('cat' => escape_tags($m['family']),'k' => escape_tags($m['key']),'v' => $m['value'],'sharing' => $m['sharing']); $ret[] = array('cat' => escape_tags($m['family']),'k' => escape_tags($m['key']),'v' => $m['value'],'sharing' => $m['sharing']);
} }
} }
return $ret; return $ret;
} }
/** /**
@ -1530,6 +1520,8 @@ function get_profile_elements($x) {
* *
* @param array $arr * @param array $arr
* @param boolean $allow_exec (optional) default false * @param boolean $allow_exec (optional) default false
* @param boolean $deliver (optional) default true
*
* @return array * @return array
* * \e boolean \b success * * \e boolean \b success
* * \e int \b item_id * * \e int \b item_id
@ -1662,7 +1654,7 @@ function item_store($arr, $allow_exec = false, $deliver = true) {
// otherwise, just preserve the original timestamp. // otherwise, just preserve the original timestamp.
$arr['received'] = ((x($arr,'received') !== false) ? datetime_convert('UTC','UTC',$arr['received']) : datetime_convert()); $arr['received'] = ((x($arr,'received') !== false) ? datetime_convert('UTC','UTC',$arr['received']) : datetime_convert());
$arr['changed'] = ((x($arr,'changed') !== false) ? datetime_convert('UTC','UTC',$arr['changed']) : datetime_convert()); $arr['changed'] = ((x($arr,'changed') !== false) ? datetime_convert('UTC','UTC',$arr['changed']) : datetime_convert());
} }
$arr['location'] = ((x($arr,'location')) ? notags(trim($arr['location'])) : ''); $arr['location'] = ((x($arr,'location')) ? notags(trim($arr['location'])) : '');
@ -1681,7 +1673,7 @@ function item_store($arr, $allow_exec = false, $deliver = true) {
$arr['public_policy'] = ((x($arr,'public_policy')) ? notags(trim($arr['public_policy'])) : '' ); $arr['public_policy'] = ((x($arr,'public_policy')) ? notags(trim($arr['public_policy'])) : '' );
$arr['comment_policy'] = ((x($arr,'comment_policy')) ? notags(trim($arr['comment_policy'])) : 'contacts' ); $arr['comment_policy'] = ((x($arr,'comment_policy')) ? notags(trim($arr['comment_policy'])) : 'contacts' );
if(! array_key_exists('item_unseen',$arr)) if(! array_key_exists('item_unseen',$arr))
$arr['item_unseen'] = 1; $arr['item_unseen'] = 1;
@ -2334,10 +2326,10 @@ function send_status_notifications($post_id,$item) {
// check for an unfollow thread activity - we should probably decode the obj and check the id // check for an unfollow thread activity - we should probably decode the obj and check the id
// but it will be extremely rare for this to be wrong. // but it will be extremely rare for this to be wrong.
if(($xx['verb'] === ACTIVITY_UNFOLLOW) if(($xx['verb'] === ACTIVITY_UNFOLLOW)
&& ($xx['obj_type'] === ACTIVITY_OBJ_NOTE || $xx['obj_type'] === ACTIVITY_OBJ_PHOTO) && ($xx['obj_type'] === ACTIVITY_OBJ_NOTE || $xx['obj_type'] === ACTIVITY_OBJ_PHOTO)
&& ($xx['parent'] != $xx['id'])) && ($xx['parent'] != $xx['id']))
$unfollowed = true; $unfollowed = true;
} }
if($xx['id'] == $xx['parent']) { if($xx['id'] == $xx['parent']) {
$parent = $xx['parent']; $parent = $xx['parent'];
@ -2560,7 +2552,7 @@ function tag_deliver($uid, $item_id) {
if($mention) { if($mention) {
logger('tag_deliver: mention found for ' . $u[0]['channel_name']); logger('tag_deliver: mention found for ' . $u[0]['channel_name']);
$r = q("update item set item_mentionsme = 1 where id = %d", $r = q("update item set item_mentionsme = 1 where id = %d",
intval($item_id) intval($item_id)
); );
@ -2849,7 +2841,7 @@ function start_delivery_chain($channel, $item, $item_id, $parent) {
$title = $item['title']; $title = $item['title'];
$body = $item['body']; $body = $item['body'];
$r = q("update item set item_uplink = %d, item_nocomment = %d, item_obscured = %d, item_flags = %d, owner_xchan = '%s', allow_cid = '%s', allow_gid = '%s', $r = q("update item set item_uplink = %d, item_nocomment = %d, item_obscured = %d, item_flags = %d, owner_xchan = '%s', allow_cid = '%s', allow_gid = '%s',
deny_cid = '%s', deny_gid = '%s', item_private = %d, public_policy = '%s', comment_policy = '%s', title = '%s', body = '%s', item_wall = %d, item_origin = %d where id = %d", deny_cid = '%s', deny_gid = '%s', item_private = %d, public_policy = '%s', comment_policy = '%s', title = '%s', body = '%s', item_wall = %d, item_origin = %d where id = %d",
intval($item_uplink), intval($item_uplink),
intval($item_nocomment), intval($item_nocomment),
@ -3344,7 +3336,7 @@ function item_expire($uid,$days) {
AND item_starred = 0 AND item_starred = 0
$sql_extra $item_normal LIMIT $expire_limit ", $sql_extra $item_normal LIMIT $expire_limit ",
intval($uid), intval($uid),
db_utcnow(), db_utcnow(),
db_quoteinterval(intval($days).' DAY') db_quoteinterval(intval($days).' DAY')
); );
@ -3737,7 +3729,7 @@ function fetch_post_tags($items,$link = false) {
); );
$imeta = q("select * from iconfig where iid in ( %s )", $imeta = q("select * from iconfig where iid in ( %s )",
dbesc($tag_finder_str) dbesc($tag_finder_str)
); );
} }
@ -3870,7 +3862,7 @@ function zot_feed($uid,$observer_hash,$arr) {
unset($r[$x]); unset($r[$x]);
} }
} }
$parents_str = ids_to_querystr($r,'parent'); $parents_str = ids_to_querystr($r,'parent');
$sys_query = ((is_sys_channel($uid)) ? $sql_extra : ''); $sys_query = ((is_sys_channel($uid)) ? $sql_extra : '');
$item_normal = item_normal(); $item_normal = item_normal();
@ -3934,9 +3926,9 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
if($arr['mid']) if($arr['mid'])
$sql_options .= " and parent_mid = '" . dbesc($arr['mid']) . "' "; $sql_options .= " and parent_mid = '" . dbesc($arr['mid']) . "' ";
$sql_extra = " AND item.parent IN ( SELECT parent FROM item WHERE item_thread_top = 1 $sql_options $item_normal ) "; $sql_extra = " AND item.parent IN ( SELECT parent FROM item WHERE item_thread_top = 1 $sql_options $item_normal ) ";
if($arr['since_id']) if($arr['since_id'])
$sql_extra .= " and item.id > " . $since_id . " "; $sql_extra .= " and item.id > " . $since_id . " ";
@ -4188,7 +4180,7 @@ function update_remote_id($channel,$post_id,$webpage,$pagetitle,$namespace,$remo
if(! $post_id) if(! $post_id)
return; return;
if($webpage == ITEM_TYPE_WEBPAGE) if($webpage == ITEM_TYPE_WEBPAGE)
$page_type = 'WEBPAGE'; $page_type = 'WEBPAGE';
elseif($webpage == ITEM_TYPE_BLOCK) elseif($webpage == ITEM_TYPE_BLOCK)
@ -4339,7 +4331,7 @@ function send_profile_photo_activity($channel,$photo,$profile) {
$ptext = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $photo['resource_id'] . ']' . t('profile photo') . '[/zrl]'; $ptext = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $photo['resource_id'] . ']' . t('profile photo') . '[/zrl]';
$ltext = '[zrl=' . z_root() . '/profile/' . $channel['channel_address'] . ']' . '[zmg=150x150]' . z_root() . '/photo/' . $photo['resource_id'] . '-4[/zmg][/zrl]'; $ltext = '[zrl=' . z_root() . '/profile/' . $channel['channel_address'] . ']' . '[zmg=150x150]' . z_root() . '/photo/' . $photo['resource_id'] . '-4[/zmg][/zrl]';
$arr['body'] = sprintf($t,$channel['channel_name'],$ptext) . "\n\n" . $ltext; $arr['body'] = sprintf($t,$channel['channel_name'],$ptext) . "\n\n" . $ltext;
@ -4381,11 +4373,11 @@ function sync_an_item($channel_id,$item_id) {
function fix_attached_photo_permissions($uid,$xchan_hash,$body, function fix_attached_photo_permissions($uid,$xchan_hash,$body,
$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny) { $str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny) {
if(get_pconfig($uid,'system','force_public_uploads')) { if(get_pconfig($uid,'system','force_public_uploads')) {
$str_contact_allow = $str_group_allow = $str_contact_deny = $str_group_deny = ''; $str_contact_allow = $str_group_allow = $str_contact_deny = $str_group_deny = '';
} }
$match = null; $match = null;
// match img and zmg image links // match img and zmg image links
if(preg_match_all("/\[[zi]mg(.*?)\](.*?)\[\/[zi]mg\]/",$body,$match)) { if(preg_match_all("/\[[zi]mg(.*?)\](.*?)\[\/[zi]mg\]/",$body,$match)) {
@ -4402,7 +4394,7 @@ function fix_attached_photo_permissions($uid,$xchan_hash,$body,
if(! strlen($image_uri)) if(! strlen($image_uri))
continue; continue;
$srch = '<' . $xchan_hash . '>'; $srch = '<' . $xchan_hash . '>';
$r = q("select folder from attach where hash = '%s' and uid = %d limit 1", $r = q("select folder from attach where hash = '%s' and uid = %d limit 1",
dbesc($image_uri), dbesc($image_uri),
intval($uid) intval($uid)
@ -4419,15 +4411,15 @@ function fix_attached_photo_permissions($uid,$xchan_hash,$body,
$str_group_deny = $f[0]['deny_gid']; $str_group_deny = $f[0]['deny_gid'];
} }
} }
$r = q("SELECT id FROM photo $r = q("SELECT id FROM photo
WHERE allow_cid = '%s' AND allow_gid = '' AND deny_cid = '' AND deny_gid = '' WHERE allow_cid = '%s' AND allow_gid = '' AND deny_cid = '' AND deny_gid = ''
AND resource_id = '%s' AND uid = %d LIMIT 1", AND resource_id = '%s' AND uid = %d LIMIT 1",
dbesc($srch), dbesc($srch),
dbesc($image_uri), dbesc($image_uri),
intval($uid) intval($uid)
); );
if($r) { if($r) {
$r = q("UPDATE photo SET allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' $r = q("UPDATE photo SET allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s'
WHERE resource_id = '%s' AND uid = %d ", WHERE resource_id = '%s' AND uid = %d ",
@ -4438,9 +4430,9 @@ function fix_attached_photo_permissions($uid,$xchan_hash,$body,
dbesc($image_uri), dbesc($image_uri),
intval($uid) intval($uid)
); );
// also update the linked item (which is probably invisible) // also update the linked item (which is probably invisible)
$r = q("select id from item $r = q("select id from item
WHERE allow_cid = '%s' AND allow_gid = '' AND deny_cid = '' AND deny_gid = '' WHERE allow_cid = '%s' AND allow_gid = '' AND deny_cid = '' AND deny_gid = ''
AND resource_id = '%s' and resource_type = 'photo' AND uid = %d LIMIT 1", AND resource_id = '%s' and resource_type = 'photo' AND uid = %d LIMIT 1",
@ -4450,7 +4442,7 @@ function fix_attached_photo_permissions($uid,$xchan_hash,$body,
); );
if($r) { if($r) {
$private = (($str_contact_allow || $str_group_allow || $str_contact_deny || $str_group_deny) ? true : false); $private = (($str_contact_allow || $str_group_allow || $str_contact_deny || $str_group_deny) ? true : false);
$r = q("UPDATE item SET allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d $r = q("UPDATE item SET allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d
WHERE id = %d AND uid = %d", WHERE id = %d AND uid = %d",
dbesc($str_contact_allow), dbesc($str_contact_allow),
@ -4476,23 +4468,23 @@ function fix_attached_photo_permissions($uid,$xchan_hash,$body,
intval($r[0]['id']), intval($r[0]['id']),
intval($uid) intval($uid)
); );
} }
} }
} }
} }
} }
} }
function fix_attached_file_permissions($channel,$observer_hash,$body, function fix_attached_file_permissions($channel,$observer_hash,$body,
$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny) { $str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny) {
if(get_pconfig($channel['channel_id'],'system','force_public_uploads')) { if(get_pconfig($channel['channel_id'],'system','force_public_uploads')) {
$str_contact_allow = $str_group_allow = $str_contact_deny = $str_group_deny = ''; $str_contact_allow = $str_group_allow = $str_contact_deny = $str_group_deny = '';
} }
$match = false; $match = false;
if(preg_match_all("/\[attachment\](.*?)\[\/attachment\]/",$body,$match)) { if(preg_match_all("/\[attachment\](.*?)\[\/attachment\]/",$body,$match)) {
$attaches = $match[1]; $attaches = $match[1];
if($attaches) { if($attaches) {

128
include/network.php
View File

@ -30,12 +30,12 @@ function get_capath() {
* * \b filep => stream resource to write body to. header and body are not returned when using this option. * * \b filep => stream resource to write body to. header and body are not returned when using this option.
* * \b custom => custom request method: e.g. 'PUT', 'DELETE' * * \b custom => custom request method: e.g. 'PUT', 'DELETE'
* * \b cookiejar => cookie file (write) * * \b cookiejar => cookie file (write)
* * \B cookiefile => cookie file (read) * * \b cookiefile => cookie file (read)
* *
* @return array an associative array with: * @return array an associative array with:
* * \e int \b return_code => HTTP return code or 0 if timeout or failure * * \e int \b return_code => HTTP return code or 0 if timeout or failure
* * \e boolean \b success => boolean true (if HTTP 2xx result) or false * * \e boolean \b success => boolean true (if HTTP 2xx result) or false
* * \e string \b header => HTTP headers * * \e string \b header => HTTP headers
* * \e string \b body => fetched content * * \e string \b body => fetched content
*/ */
function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) { function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) {
@ -43,7 +43,7 @@ function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) {
$ret = array('return_code' => 0, 'success' => false, 'header' => "", 'body' => ""); $ret = array('return_code' => 0, 'success' => false, 'header' => "", 'body' => "");
$ch = @curl_init($url); $ch = @curl_init($url);
if(($redirects > 8) || (! $ch)) if(($redirects > 8) || (! $ch))
return $ret; return $ret;
@curl_setopt($ch, CURLOPT_HEADER, true); @curl_setopt($ch, CURLOPT_HEADER, true);
@ -64,7 +64,7 @@ function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) {
if(x($opts,'upload')) if(x($opts,'upload'))
@curl_setopt($ch, CURLOPT_UPLOAD, $opts['upload']); @curl_setopt($ch, CURLOPT_UPLOAD, $opts['upload']);
if(x($opts,'infile')) if(x($opts,'infile'))
@curl_setopt($ch, CURLOPT_INFILE, $opts['infile']); @curl_setopt($ch, CURLOPT_INFILE, $opts['infile']);
@ -104,7 +104,7 @@ function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) {
if(x($opts,'cookie')) if(x($opts,'cookie'))
@curl_setopt($ch, CURLOPT_COOKIE, $opts['cookie']); @curl_setopt($ch, CURLOPT_COOKIE, $opts['cookie']);
@curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, @curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,
((x($opts,'novalidate') && intval($opts['novalidate'])) ? false : true)); ((x($opts,'novalidate') && intval($opts['novalidate'])) ? false : true));
$prx = get_config('system','proxy'); $prx = get_config('system','proxy');
@ -179,10 +179,10 @@ function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) {
* @param string $url * @param string $url
* URL to post * URL to post
* @param mixed $params * @param mixed $params
* The full data to post in a HTTP "POST" operation. This parameter can * The full data to post in a HTTP "POST" operation. This parameter can
* either be passed as a urlencoded string like 'para1=val1&para2=val2&...' * either be passed as a urlencoded string like 'para1=val1&para2=val2&...'
* or as an array with the field name as key and field data as value. If value * or as an array with the field name as key and field data as value. If value
* is an array, the Content-Type header will be set to multipart/form-data. * is an array, the Content-Type header will be set to multipart/form-data.
* @param int $redirects = 0 * @param int $redirects = 0
* internal use, recursion counter * internal use, recursion counter
* @param array $opts (optional parameters) * @param array $opts (optional parameters)
@ -209,7 +209,7 @@ function z_post_url($url,$params, $redirects = 0, $opts = array()) {
$ret = array('return_code' => 0, 'success' => false, 'header' => "", 'body' => ""); $ret = array('return_code' => 0, 'success' => false, 'header' => "", 'body' => "");
$ch = curl_init($url); $ch = curl_init($url);
if(($redirects > 8) || (! $ch)) if(($redirects > 8) || (! $ch))
return $ret; return $ret;
@curl_setopt($ch, CURLOPT_HEADER, true); @curl_setopt($ch, CURLOPT_HEADER, true);
@ -232,7 +232,7 @@ function z_post_url($url,$params, $redirects = 0, $opts = array()) {
if(x($opts,'headers')) { if(x($opts,'headers')) {
@curl_setopt($ch, CURLOPT_HTTPHEADER, $opts['headers']); @curl_setopt($ch, CURLOPT_HTTPHEADER, $opts['headers']);
} }
if(x($opts,'nobody')) if(x($opts,'nobody'))
@curl_setopt($ch, CURLOPT_NOBODY, $opts['nobody']); @curl_setopt($ch, CURLOPT_NOBODY, $opts['nobody']);
@ -265,7 +265,7 @@ function z_post_url($url,$params, $redirects = 0, $opts = array()) {
if(x($opts,'cookie')) if(x($opts,'cookie'))
@curl_setopt($ch, CURLOPT_COOKIE, $opts['cookie']); @curl_setopt($ch, CURLOPT_COOKIE, $opts['cookie']);
@curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, @curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,
((x($opts,'novalidate') && intval($opts['novalidate'])) ? false : true)); ((x($opts,'novalidate') && intval($opts['novalidate'])) ? false : true));
$prx = get_config('system','proxy'); $prx = get_config('system','proxy');
@ -379,8 +379,8 @@ function json_return_and_die($x, $content_type = 'application/json') {
// Generic XML return // Generic XML return
// Outputs a basic dfrn XML status structure to STDOUT, with a <status> variable // Outputs a basic dfrn XML status structure to STDOUT, with a <status> variable
// of $st and an optional text <message> of $message and terminates the current process. // of $st and an optional text <message> of $message and terminates the current process.
function xml_status($st, $message = '') { function xml_status($st, $message = '') {
@ -399,7 +399,7 @@ function xml_status($st, $message = '') {
/** /**
* @brief Send HTTP status header * @brief Send HTTP status header
* *
* @param int $val * @param int $val
* integer HTTP status result value * integer HTTP status result value
@ -413,7 +413,7 @@ function http_status($val, $msg = '') {
if ($val >= 200 && $val < 300) if ($val >= 200 && $val < 300)
$msg = (($msg) ? $msg : 'OK'); $msg = (($msg) ? $msg : 'OK');
logger('http_status_exit ' . $val . ' ' . $msg); logger('http_status_exit ' . $val . ' ' . $msg);
header($_SERVER['SERVER_PROTOCOL'] . ' ' . $val . ' ' . $msg); header($_SERVER['SERVER_PROTOCOL'] . ' ' . $val . ' ' . $msg);
} }
@ -486,14 +486,14 @@ function convert_xml_element_to_array($xml_element, &$recursion_depth=0) {
function validate_url(&$url) { function validate_url(&$url) {
// no naked subdomains (allow localhost for tests) // no naked subdomains (allow localhost for tests)
if(strpos($url,'.') === false && strpos($url,'/localhost/') === false) if(strpos($url,'.') === false && strpos($url,'/localhost/') === false)
return false; return false;
if(substr($url,0,4) != 'http') if(substr($url,0,4) != 'http')
$url = 'http://' . $url; $url = 'http://' . $url;
$h = @parse_url($url); $h = @parse_url($url);
if(($h) && (@dns_get_record($h['host'], DNS_A + DNS_CNAME + DNS_PTR) || filter_var($h['host'], FILTER_VALIDATE_IP) )) { if(($h) && (@dns_get_record($h['host'], DNS_A + DNS_CNAME + DNS_PTR) || filter_var($h['host'], FILTER_VALIDATE_IP) )) {
return true; return true;
} }
@ -552,7 +552,7 @@ function allowed_url($url) {
foreach($allowed as $a) { foreach($allowed as $a) {
$pat = strtolower(trim($a)); $pat = strtolower(trim($a));
if(($fnmatch && fnmatch($pat,$host)) || ($pat == $host)) { if(($fnmatch && fnmatch($pat,$host)) || ($pat == $host)) {
$found = true; $found = true;
break; break;
} }
} }
@ -575,14 +575,14 @@ function allowed_email($email) {
$str_allowed = get_config('system','allowed_email'); $str_allowed = get_config('system','allowed_email');
$str_not_allowed = get_config('system','not_allowed_email'); $str_not_allowed = get_config('system','not_allowed_email');
if(! $str_allowed && ! $str_not_allowed) if(! $str_allowed && ! $str_not_allowed)
return true; return true;
$return = false; $return = false;
$found_allowed = false; $found_allowed = false;
$found_not_allowed = false; $found_not_allowed = false;
$fnmatch = function_exists('fnmatch'); $fnmatch = function_exists('fnmatch');
$allowed = explode(',',$str_allowed); $allowed = explode(',',$str_allowed);
@ -591,7 +591,7 @@ function allowed_email($email) {
foreach($allowed as $a) { foreach($allowed as $a) {
$pat = strtolower(trim($a)); $pat = strtolower(trim($a));
if(($fnmatch && fnmatch($pat,$email)) || ($pat == $domain)) { if(($fnmatch && fnmatch($pat,$email)) || ($pat == $domain)) {
$found_allowed = true; $found_allowed = true;
break; break;
} }
} }
@ -603,16 +603,16 @@ function allowed_email($email) {
foreach($not_allowed as $na) { foreach($not_allowed as $na) {
$pat = strtolower(trim($na)); $pat = strtolower(trim($na));
if(($fnmatch && fnmatch($pat,$email)) || ($pat == $domain)) { if(($fnmatch && fnmatch($pat,$email)) || ($pat == $domain)) {
$found_not_allowed = true; $found_not_allowed = true;
break; break;
} }
} }
} }
if ($found_allowed) { if ($found_allowed) {
$return = true; $return = true;
} elseif (!$str_allowed && !$found_not_allowed) { } elseif (!$str_allowed && !$found_not_allowed) {
$return = true; $return = true;
} }
return $return; return $return;
} }
@ -652,7 +652,7 @@ function scale_external_images($s, $include_link = true, $scale_replace = false)
foreach($matches as $mtch) { foreach($matches as $mtch) {
logger('scale_external_image: ' . $mtch[2] . ' ' . $mtch[3]); logger('scale_external_image: ' . $mtch[2] . ' ' . $mtch[3]);
if(substr($mtch[1],0,1) == '=') { if(substr($mtch[1],0,1) == '=') {
$owidth = intval(substr($mtch[2],1)); $owidth = intval(substr($mtch[2],1));
if(intval($owidth) > 0 && intval($owidth) < 1024) if(intval($owidth) > 0 && intval($owidth) < 1024)
@ -686,7 +686,7 @@ function scale_external_images($s, $include_link = true, $scale_replace = false)
$type = guess_image_type($mtch[3],$i['header']); $type = guess_image_type($mtch[3],$i['header']);
if(strpos($type,'image') === false) if(strpos($type,'image') === false)
continue; continue;
if($i['success']) { if($i['success']) {
$ph = photo_factory($i['body'], $type); $ph = photo_factory($i['body'], $type);
if($ph->is_valid()) { if($ph->is_valid()) {
@ -700,7 +700,7 @@ function scale_external_images($s, $include_link = true, $scale_replace = false)
$new_height = $ph->getHeight(); $new_height = $ph->getHeight();
logger('scale_external_images: ' . $orig_width . '->' . $new_width . 'w ' . $orig_height . '->' . $new_height . 'h' . ' match: ' . $mtch[0], LOGGER_DEBUG); logger('scale_external_images: ' . $orig_width . '->' . $new_width . 'w ' . $orig_height . '->' . $new_height . 'h' . ' match: ' . $mtch[0], LOGGER_DEBUG);
$s = str_replace($mtch[0],'[' . $tag . '=' . $new_width . 'x' . $new_height. ']' . $scaled . '[/' . $tag . ']' $s = str_replace($mtch[0],'[' . $tag . '=' . $new_width . 'x' . $new_height. ']' . $scaled . '[/' . $tag . ']'
. "\n" . (($include_link) . "\n" . (($include_link)
? '[zrl=' . $mtch[2] . ']' . t('view full size') . '[/zrl]' . "\n" ? '[zrl=' . $mtch[2] . ']' . t('view full size') . '[/zrl]' . "\n"
: ''),$s); : ''),$s);
logger('scale_external_images: new string: ' . $s, LOGGER_DEBUG); logger('scale_external_images: new string: ' . $s, LOGGER_DEBUG);
@ -728,7 +728,7 @@ function scale_external_images($s, $include_link = true, $scale_replace = false)
* Return: The parsed XML in an array form. Use print_r() to see the resulting array structure. * Return: The parsed XML in an array form. Use print_r() to see the resulting array structure.
* Examples: $array = xml2array(file_get_contents('feed.xml')); * Examples: $array = xml2array(file_get_contents('feed.xml'));
* $array = xml2array(file_get_contents('feed.xml', true, 1, 'attribute')); * $array = xml2array(file_get_contents('feed.xml', true, 1, 'attribute'));
*/ */
function xml2array($contents, $namespaces = true, $get_attributes=1, $priority = 'attribute') { function xml2array($contents, $namespaces = true, $get_attributes=1, $priority = 'attribute') {
if(!$contents) return array(); if(!$contents) return array();
@ -752,7 +752,7 @@ function xml2array($contents, $namespaces = true, $get_attributes=1, $priority =
return array(); return array();
} }
xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, "UTF-8"); xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, "UTF-8");
// http://minutillo.com/steve/weblog/2004/6/17/php-xml-and-character-encodings-a-tale-of-sadness-rage-and-data-loss // http://minutillo.com/steve/weblog/2004/6/17/php-xml-and-character-encodings-a-tale-of-sadness-rage-and-data-loss
xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, 0); xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, 0);
xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, 1); xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, 1);
@ -786,7 +786,7 @@ function xml2array($contents, $namespaces = true, $get_attributes=1, $priority =
$result = array(); $result = array();
$attributes_data = array(); $attributes_data = array();
if(isset($value)) { if(isset($value)) {
if($priority == 'tag') $result = $value; if($priority == 'tag') $result = $value;
else $result['value'] = $value; // Put the value in a assoc array if we are in the 'Attribute' mode else $result['value'] = $value; // Put the value in a assoc array if we are in the 'Attribute' mode
@ -802,7 +802,7 @@ function xml2array($contents, $namespaces = true, $get_attributes=1, $priority =
// See tag status and do the needed. // See tag status and do the needed.
if($namespaces && strpos($tag,':')) { if($namespaces && strpos($tag,':')) {
$namespc = substr($tag,0,strrpos($tag,':')); $namespc = substr($tag,0,strrpos($tag,':'));
$tag = strtolower(substr($tag,strlen($namespc)+1)); $tag = strtolower(substr($tag,strlen($namespc)+1));
$result['@namespace'] = $namespc; $result['@namespace'] = $namespc;
} }
@ -825,7 +825,7 @@ function xml2array($contents, $namespaces = true, $get_attributes=1, $priority =
} else { // This section will make the value an array if multiple tags with the same name appear together } else { // This section will make the value an array if multiple tags with the same name appear together
$current[$tag] = array($current[$tag],$result); // This will combine the existing item and the new item together to make an array $current[$tag] = array($current[$tag],$result); // This will combine the existing item and the new item together to make an array
$repeated_tag_index[$tag.'_'.$level] = 2; $repeated_tag_index[$tag.'_'.$level] = 2;
if(isset($current[$tag.'_attr'])) { // The attribute of the last(0th) tag must be moved as well if(isset($current[$tag.'_attr'])) { // The attribute of the last(0th) tag must be moved as well
$current[$tag]['0_attr'] = $current[$tag.'_attr']; $current[$tag]['0_attr'] = $current[$tag.'_attr'];
unset($current[$tag.'_attr']); unset($current[$tag.'_attr']);
@ -848,7 +848,7 @@ function xml2array($contents, $namespaces = true, $get_attributes=1, $priority =
// ...push the new element into that array. // ...push the new element into that array.
$current[$tag][$repeated_tag_index[$tag.'_'.$level]] = $result; $current[$tag][$repeated_tag_index[$tag.'_'.$level]] = $result;
if($priority == 'tag' and $get_attributes and $attributes_data) { if($priority == 'tag' and $get_attributes and $attributes_data) {
$current[$tag][$repeated_tag_index[$tag.'_'.$level] . '_attr'] = $attributes_data; $current[$tag][$repeated_tag_index[$tag.'_'.$level] . '_attr'] = $attributes_data;
} }
@ -859,11 +859,11 @@ function xml2array($contents, $namespaces = true, $get_attributes=1, $priority =
$repeated_tag_index[$tag.'_'.$level] = 1; $repeated_tag_index[$tag.'_'.$level] = 1;
if($priority == 'tag' and $get_attributes) { if($priority == 'tag' and $get_attributes) {
if(isset($current[$tag.'_attr'])) { // The attribute of the last(0th) tag must be moved as well if(isset($current[$tag.'_attr'])) { // The attribute of the last(0th) tag must be moved as well
$current[$tag]['0_attr'] = $current[$tag.'_attr']; $current[$tag]['0_attr'] = $current[$tag.'_attr'];
unset($current[$tag.'_attr']); unset($current[$tag.'_attr']);
} }
if($attributes_data) { if($attributes_data) {
$current[$tag][$repeated_tag_index[$tag.'_'.$level] . '_attr'] = $attributes_data; $current[$tag][$repeated_tag_index[$tag.'_'.$level] . '_attr'] = $attributes_data;
} }
@ -876,9 +876,9 @@ function xml2array($contents, $namespaces = true, $get_attributes=1, $priority =
$current = &$parent[$level-1]; $current = &$parent[$level-1];
} }
} }
return($xml_array); return($xml_array);
} }
function email_header_encode($in_str, $charset = 'UTF-8') { function email_header_encode($in_str, $charset = 'UTF-8') {
@ -1128,7 +1128,7 @@ function discover_by_webbie($webbie) {
$diaspora = false; $diaspora = false;
$gnusoc = false; $gnusoc = false;
$dfrn = false; $dfrn = false;
$has_salmon = false; $has_salmon = false;
$salmon_key = false; $salmon_key = false;
$atom_feed = false; $atom_feed = false;
@ -1144,7 +1144,7 @@ function discover_by_webbie($webbie) {
if(array_key_exists('rel',$link)) { if(array_key_exists('rel',$link)) {
// If we discover zot - don't search further; grab the info and get out of // If we discover zot - don't search further; grab the info and get out of
// here. // here.
if($link['rel'] === PROTOCOL_ZOT) { if($link['rel'] === PROTOCOL_ZOT) {
logger('discover_by_webbie: zot found for ' . $webbie, LOGGER_DEBUG); logger('discover_by_webbie: zot found for ' . $webbie, LOGGER_DEBUG);
@ -1204,11 +1204,11 @@ function discover_by_webbie($webbie) {
$pubkey = ''; $pubkey = '';
if(is_array($x)) { if(is_array($x)) {
if(array_key_exists('address',$x)) if(array_key_exists('address',$x))
$address = $x['address']; $address = $x['address'];
if(array_key_exists('location',$x)) if(array_key_exists('location',$x))
$location = $x['location']; $location = $x['location'];
if(array_key_exists('nickname',$x)) if(array_key_exists('nickname',$x))
$nickname = $x['nickname']; $nickname = $x['nickname'];
} }
@ -1216,16 +1216,16 @@ function discover_by_webbie($webbie) {
$probe_old = true; $probe_old = true;
if((! $dfrn) && (! $has_salmon)) if((! $dfrn) && (! $has_salmon))
$probe_old = true; $probe_old = true;
if($probe_old) { if($probe_old) {
$y = old_webfinger($webbie); $y = old_webfinger($webbie);
if($y) { if($y) {
logger('old_webfinger: ' . print_r($x,true)); logger('old_webfinger: ' . print_r($x,true));
foreach($y as $link) { foreach($y as $link) {
if($link['@attributes']['rel'] === NAMESPACE_DFRN) if($link['@attributes']['rel'] === NAMESPACE_DFRN)
$dfrn = unamp($link['@attributes']['href']); $dfrn = unamp($link['@attributes']['href']);
if($link['@attributes']['rel'] === 'salmon') if($link['@attributes']['rel'] === 'salmon')
$notify = unamp($link['@attributes']['href']); $notify = unamp($link['@attributes']['href']);
if($link['@attributes']['rel'] === NAMESPACE_FEED) if($link['@attributes']['rel'] === NAMESPACE_FEED)
@ -1344,7 +1344,7 @@ function discover_by_webbie($webbie) {
if($vcard['fn']) if($vcard['fn'])
$fullname = $vcard['fn']; $fullname = $vcard['fn'];
if($vcard['photo'] && (strpos($vcard['photo'],'http') !== 0)) if($vcard['photo'] && (strpos($vcard['photo'],'http') !== 0))
$vcard['photo'] = $diaspora_base . '/' . $vcard['photo']; $vcard['photo'] = $diaspora_base . '/' . $vcard['photo'];
if(($vcard['public_key']) && (! $pubkey)) { if(($vcard['public_key']) && (! $pubkey)) {
$diaspora_key = $vcard['public_key']; $diaspora_key = $vcard['public_key'];
if(strstr($diaspora_key,'RSA ')) if(strstr($diaspora_key,'RSA '))
@ -1358,7 +1358,7 @@ function discover_by_webbie($webbie) {
if(($vcard['uid']) && (! $diaspora_guid)) if(($vcard['uid']) && (! $diaspora_guid))
$diaspora_guid = $vcard['uid']; $diaspora_guid = $vcard['uid'];
if(($vcard['url']) && (! $diaspora_base)) if(($vcard['url']) && (! $diaspora_base))
$diaspora_base = $vcard['url']; $diaspora_base = $vcard['url'];
@ -1372,7 +1372,7 @@ function discover_by_webbie($webbie) {
if(($profile) && (! $location)) if(($profile) && (! $location))
$location = $profile; $location = $profile;
if($location) { if($location) {
$m = parse_url($location); $m = parse_url($location);
$base = $m['scheme'] . '://' . $m['host']; $base = $m['scheme'] . '://' . $m['host'];
$host = $m['host']; $host = $m['host'];
@ -1407,7 +1407,7 @@ function discover_by_webbie($webbie) {
// if we have everything we need, let's create the records // if we have everything we need, let's create the records
if($network && $address && $fullname && $pubkey && $location) { if($network && $address && $fullname && $pubkey && $location) {
$r = q("select * from xchan where xchan_hash = '%s' limit 1", $r = q("select * from xchan where xchan_hash = '%s' limit 1",
dbesc($address) dbesc($address)
); );
@ -1493,7 +1493,7 @@ function webfinger_rfc7033($webbie,$zot = false) {
// We could have a number of URL aliases and webbies // We could have a number of URL aliases and webbies
// make an executive decision about the most likely "best" of each // make an executive decision about the most likely "best" of each
// by comparing against some examples from known networks we're likely to encounter. // by comparing against some examples from known networks we're likely to encounter.
// Otherwise we have to store every alias that we may ever encounter and // Otherwise we have to store every alias that we may ever encounter and
// validate every URL we ever find against every possible alias // validate every URL we ever find against every possible alias
// @fixme pump.io is going to be a real bugger since it doesn't return subject or aliases // @fixme pump.io is going to be a real bugger since it doesn't return subject or aliases
@ -1564,7 +1564,7 @@ function match_webfinger_location($s,$h) {
return $s; return $s;
return ''; return '';
} }
@ -1935,7 +1935,7 @@ function format_and_send_email($sender,$xchan,$item) {
)); ));
$sender_name = t('Administrator'); $sender_name = t('Administrator');
$hostname = App::get_hostname(); $hostname = App::get_hostname();
if(strpos($hostname,':')) if(strpos($hostname,':'))
$hostname = substr($hostname,0,strpos($hostname,':')); $hostname = substr($hostname,0,strpos($hostname,':'));
@ -1964,7 +1964,7 @@ function do_delivery($deliveries) {
if(! (is_array($deliveries) && count($deliveries))) if(! (is_array($deliveries) && count($deliveries)))
return; return;
$interval = ((get_config('system','delivery_interval') !== false) $interval = ((get_config('system','delivery_interval') !== false)
? intval(get_config('system','delivery_interval')) : 2 ); ? intval(get_config('system','delivery_interval')) : 2 );
$deliveries_per_process = intval(get_config('system','delivery_batch_count')); $deliveries_per_process = intval(get_config('system','delivery_batch_count'));
@ -1993,7 +1993,7 @@ function do_delivery($deliveries) {
if($deliver) if($deliver)
Zotlabs\Daemon\Master::Summon(array('Deliver',$deliver)); Zotlabs\Daemon\Master::Summon(array('Deliver',$deliver));
} }
@ -2002,7 +2002,7 @@ function get_site_info() {
$register_policy = Array('REGISTER_CLOSED', 'REGISTER_APPROVE', 'REGISTER_OPEN'); $register_policy = Array('REGISTER_CLOSED', 'REGISTER_APPROVE', 'REGISTER_OPEN');
$directory_mode = Array('DIRECTORY_MODE_NORMAL', 'DIRECTORY_MODE_PRIMARY', 'DIRECTORY_MODE_SECONDARY', 256 => 'DIRECTORY_MODE_STANDALONE'); $directory_mode = Array('DIRECTORY_MODE_NORMAL', 'DIRECTORY_MODE_PRIMARY', 'DIRECTORY_MODE_SECONDARY', 256 => 'DIRECTORY_MODE_STANDALONE');
$sql_extra = ''; $sql_extra = '';
$r = q("select * from channel left join account on account_id = channel_account_id where ( account_roles & 4096 )>0 and account_default_channel = channel_id"); $r = q("select * from channel left join account on account_id = channel_account_id where ( account_roles & 4096 )>0 and account_default_channel = channel_id");
@ -2053,7 +2053,7 @@ function get_site_info() {
else { else {
$version = $commit = ''; $version = $commit = '';
} }
//Statistics //Statistics
$channels_total_stat = intval(get_config('system','channels_total_stat')); $channels_total_stat = intval(get_config('system','channels_total_stat'));
$channels_active_halfyear_stat = intval(get_config('system','channels_active_halfyear_stat')); $channels_active_halfyear_stat = intval(get_config('system','channels_active_halfyear_stat'));
@ -2073,7 +2073,7 @@ function get_site_info() {
} }
$data = Array( $data = Array(
'version' => $version, 'version' => $version,
'version_tag' => $tag, 'version_tag' => $tag,
@ -2190,7 +2190,7 @@ function deliverable_singleton($channel_id,$xchan) {
function get_repository_version($branch = 'master') { function get_repository_version($branch = 'master') {
$path = "https://raw.githubusercontent.com/redmatrix/hubzilla/$branch/boot.php"; $path = "https://raw.githubusercontent.com/redmatrix/hubzilla/$branch/boot.php";
$x = z_fetch_url($path); $x = z_fetch_url($path);
if($x['success']) { if($x['success']) {
$y = preg_match('/define(.*?)STD_VERSION(.*?)([0-9.].*)\'/',$x['body'],$matches); $y = preg_match('/define(.*?)STD_VERSION(.*?)([0-9.].*)\'/',$x['body'],$matches);
@ -2199,7 +2199,7 @@ function get_repository_version($branch = 'master') {
} }
return '?.?'; return '?.?';
} }
function network_to_name($s) { function network_to_name($s) {
@ -2270,7 +2270,7 @@ function z_mail($params) {
return $params['result']; return $params['result'];
} }
$fromName = email_header_encode(html_entity_decode($params['fromName'],ENT_QUOTES,'UTF-8'),'UTF-8'); $fromName = email_header_encode(html_entity_decode($params['fromName'],ENT_QUOTES,'UTF-8'),'UTF-8');
$messageSubject = email_header_encode(html_entity_decode($params['messageSubject'],ENT_QUOTES,'UTF-8'),'UTF-8'); $messageSubject = email_header_encode(html_entity_decode($params['messageSubject'],ENT_QUOTES,'UTF-8'),'UTF-8');
$messageHeader = $messageHeader =

96
include/photos.php
View File

@ -45,7 +45,7 @@ function photo_upload($channel, $observer, $args) {
if(array_key_exists('deliver',$args)) if(array_key_exists('deliver',$args))
$deliver = intval($args['deliver']); $deliver = intval($args['deliver']);
// Set to default channel permissions. If the parent directory (album) has permissions set, // Set to default channel permissions. If the parent directory (album) has permissions set,
// use those instead. If we have specific permissions supplied, they take precedence over // use those instead. If we have specific permissions supplied, they take precedence over
// all other settings. 'allow_cid' being passed from an external source takes priority over channel settings. // all other settings. 'allow_cid' being passed from an external source takes priority over channel settings.
// ...messy... needs re-factoring once the photos/files integration stabilises // ...messy... needs re-factoring once the photos/files integration stabilises
@ -55,9 +55,9 @@ function photo_upload($channel, $observer, $args) {
$acl->set($args['directory']); $acl->set($args['directory']);
if(array_key_exists('allow_cid',$args)) if(array_key_exists('allow_cid',$args))
$acl->set($args); $acl->set($args);
if( (array_key_exists('group_allow',$args)) if( (array_key_exists('group_allow',$args))
|| (array_key_exists('contact_allow',$args)) || (array_key_exists('contact_allow',$args))
|| (array_key_exists('group_deny',$args)) || (array_key_exists('group_deny',$args))
|| (array_key_exists('contact_deny',$args))) { || (array_key_exists('contact_deny',$args))) {
$acl->set_from_array($args); $acl->set_from_array($args);
} }
@ -103,7 +103,7 @@ function photo_upload($channel, $observer, $args) {
$type = $_FILES['userfile']['type']; $type = $_FILES['userfile']['type'];
} }
if (! $type) if (! $type)
$type=guess_image_type($filename); $type=guess_image_type($filename);
logger('photo_upload: received file: ' . $filename . ' as ' . $src . ' ('. $type . ') ' . $filesize . ' bytes', LOGGER_DEBUG); logger('photo_upload: received file: ' . $filename . ' as ' . $src . ' ('. $type . ') ' . $filesize . ' bytes', LOGGER_DEBUG);
@ -176,7 +176,7 @@ function photo_upload($channel, $observer, $args) {
$errors = false; $errors = false;
$p = array('aid' => $account_id, 'uid' => $channel_id, 'xchan' => $visitor, 'resource_id' => $photo_hash, $p = array('aid' => $account_id, 'uid' => $channel_id, 'xchan' => $visitor, 'resource_id' => $photo_hash,
'filename' => $filename, 'album' => $album, 'imgscale' => 0, 'photo_usage' => PHOTO_NORMAL, 'filename' => $filename, 'album' => $album, 'imgscale' => 0, 'photo_usage' => PHOTO_NORMAL,
'allow_cid' => $ac['allow_cid'], 'allow_gid' => $ac['allow_gid'], 'allow_cid' => $ac['allow_cid'], 'allow_gid' => $ac['allow_gid'],
'deny_cid' => $ac['deny_cid'], 'deny_gid' => $ac['deny_gid'], 'deny_cid' => $ac['deny_cid'], 'deny_gid' => $ac['deny_gid'],
'os_storage' => $os_storage, 'os_path' => $args['os_path'] 'os_storage' => $os_storage, 'os_path' => $args['os_path']
@ -220,8 +220,8 @@ function photo_upload($channel, $observer, $args) {
); );
if(! $r1) if(! $r1)
$errors = true; $errors = true;
if(($width > 640 || $height > 640) && (! $errors)) if(($width > 640 || $height > 640) && (! $errors))
$ph->scaleImage(640); $ph->scaleImage(640);
$p['imgscale'] = 2; $p['imgscale'] = 2;
@ -236,7 +236,7 @@ function photo_upload($channel, $observer, $args) {
if(! $r2) if(! $r2)
$errors = true; $errors = true;
if(($width > 320 || $height > 320) && (! $errors)) if(($width > 320 || $height > 320) && (! $errors))
$ph->scaleImage(320); $ph->scaleImage(320);
$p['imgscale'] = 3; $p['imgscale'] = 3;
@ -304,8 +304,8 @@ function photo_upload($channel, $observer, $args) {
$summary = (($args['body']) ? $args['body'] : '') . '[footer]' . $activity_format . '[/footer]'; $summary = (($args['body']) ? $args['body'] : '') . '[footer]' . $activity_format . '[/footer]';
$obj_body = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $photo_hash . ']' $obj_body = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $photo_hash . ']'
. $tag . z_root() . "/photo/{$photo_hash}-{$scale}." . $ph->getExt() . '[/zmg]' . $tag . z_root() . "/photo/{$photo_hash}-{$scale}." . $ph->getExt() . '[/zmg]'
. '[/zrl]'; . '[/zrl]';
// Create item object // Create item object
@ -361,7 +361,7 @@ function photo_upload($channel, $observer, $args) {
$item['uid'] = $channel['channel_id']; $item['uid'] = $channel['channel_id'];
item_store_update($item,false,$deliver); item_store_update($item,false,$deliver);
continue; continue;
} }
} }
else { else {
$item['aid'] = $channel['channel_account_id']; $item['aid'] = $channel['channel_account_id'];
@ -381,7 +381,7 @@ function photo_upload($channel, $observer, $args) {
$arr['aid'] = $account_id; $arr['aid'] = $account_id;
$arr['uid'] = $channel_id; $arr['uid'] = $channel_id;
$arr['mid'] = $mid; $arr['mid'] = $mid;
$arr['parent_mid'] = $mid; $arr['parent_mid'] = $mid;
$arr['item_hidden'] = $item_hidden; $arr['item_hidden'] = $item_hidden;
$arr['resource_type'] = 'photo'; $arr['resource_type'] = 'photo';
$arr['resource_id'] = $photo_hash; $arr['resource_id'] = $photo_hash;
@ -407,10 +407,10 @@ function photo_upload($channel, $observer, $args) {
// this one is tricky because the item and the photo have the same permissions, those of the photo. // this one is tricky because the item and the photo have the same permissions, those of the photo.
// Use the channel read_stream permissions to get the correct public_policy for the item and recalculate the // Use the channel read_stream permissions to get the correct public_policy for the item and recalculate the
// private flag accordingly. This may cause subtle bugs due to custom permissions roles. We want to use // private flag accordingly. This may cause subtle bugs due to custom permissions roles. We want to use
// public policy when federating items to other sites, but should probably ignore them when accessing the item // public policy when federating items to other sites, but should probably ignore them when accessing the item
// in the photos pages - using the photos permissions instead. We need the public policy to keep the photo // in the photos pages - using the photos permissions instead. We need the public policy to keep the photo
// linked item from leaking into the feed when somebody has a channel with read_stream restrictions. // linked item from leaking into the feed when somebody has a channel with read_stream restrictions.
$arr['public_policy'] = map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_stream'),true); $arr['public_policy'] = map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_stream'),true);
if($arr['public_policy']) if($arr['public_policy'])
@ -421,7 +421,7 @@ function photo_upload($channel, $observer, $args) {
$result = item_store($arr,false,$deliver); $result = item_store($arr,false,$deliver);
$item_id = $result['item_id']; $item_id = $result['item_id'];
if($visible && $deliver) if($visible && $deliver)
Zotlabs\Daemon\Master::Summon(array('Notifier', 'wall-new', $item_id)); Zotlabs\Daemon\Master::Summon(array('Notifier', 'wall-new', $item_id));
} }
@ -443,9 +443,12 @@ function photo_upload($channel, $observer, $args) {
* *
* @param array $channel * @param array $channel
* @param array $observer * @param array $observer
* @param array $sort_key (optional) default album
* @param array $direction (optional) default asc
*
* @return bool|array false if no view_storage permission or an array * @return bool|array false if no view_storage permission or an array
* * success (bool) * * \e boolean \b success
* * albums (array) * * \e array \b albums
*/ */
function photos_albums_list($channel, $observer, $sort_key = 'album', $direction = 'asc') { function photos_albums_list($channel, $observer, $sort_key = 'album', $direction = 'asc') {
@ -455,14 +458,11 @@ function photos_albums_list($channel, $observer, $sort_key = 'album', $direction
if(! perm_is_allowed($channel_id, $observer_xchan, 'view_storage')) if(! perm_is_allowed($channel_id, $observer_xchan, 'view_storage'))
return false; return false;
$sql_extra = permissions_sql($channel_id,$observer_xchan); $sql_extra = permissions_sql($channel_id,$observer_xchan);
$sort_key = dbesc($sort_key); $sort_key = dbesc($sort_key);
$direction = dbesc($direction); $direction = dbesc($direction);
$albums = q("SELECT count( distinct resource_id ) as total, album from photo where uid = %d and photo_usage IN ( %d, %d ) $sql_extra group by album order by $sort_key $direction", $albums = q("SELECT count( distinct resource_id ) as total, album from photo where uid = %d and photo_usage IN ( %d, %d ) $sql_extra group by album order by $sort_key $direction",
intval($channel_id), intval($channel_id),
intval(PHOTO_NORMAL), intval(PHOTO_NORMAL),
@ -479,8 +479,8 @@ function photos_albums_list($channel, $observer, $sort_key = 'album', $direction
foreach($albums as $k => $album) { foreach($albums as $k => $album) {
$entry = array( $entry = array(
'text' => (($album['album']) ? $album['album'] : '/'), 'text' => (($album['album']) ? $album['album'] : '/'),
'total' => $album['total'], 'total' => $album['total'],
'url' => z_root() . '/photos/' . $channel['channel_address'] . '/album/' . bin2hex($album['album']), 'url' => z_root() . '/photos/' . $channel['channel_address'] . '/album/' . bin2hex($album['album']),
'urlencode' => urlencode($album['album']), 'urlencode' => urlencode($album['album']),
'bin2hex' => bin2hex($album['album']) 'bin2hex' => bin2hex($album['album'])
); );
@ -506,7 +506,7 @@ function photos_album_widget($channelx,$observer,$sortkey = 'album',$direction =
'$title' => t('Photo Albums'), '$title' => t('Photo Albums'),
'$albums' => $albums['albums'], '$albums' => $albums['albums'],
'$baseurl' => z_root(), '$baseurl' => z_root(),
'$upload' => ((perm_is_allowed($channelx['channel_id'],(($observer) ? $observer['xchan_hash'] : ''),'write_storage')) '$upload' => ((perm_is_allowed($channelx['channel_id'],(($observer) ? $observer['xchan_hash'] : ''),'write_storage'))
? t('Upload New Photos') : '') ? t('Upload New Photos') : '')
)); ));
} }
@ -533,7 +533,7 @@ function photos_list_photos($channel, $observer, $album = '') {
$sql_extra = permissions_sql($channel_id); $sql_extra = permissions_sql($channel_id);
if($album) if($album)
$sql_extra .= " and album = '" . protect_sprintf(dbesc($album)) . "' "; $sql_extra .= " and album = '" . protect_sprintf(dbesc($album)) . "' ";
$ret = array('success' => false); $ret = array('success' => false);
@ -647,7 +647,7 @@ function photos_create_item($channel, $creator_hash, $photo, $visible = false) {
$arr['aid'] = $channel['channel_account_id']; $arr['aid'] = $channel['channel_account_id'];
$arr['uid'] = $channel['channel_id']; $arr['uid'] = $channel['channel_id'];
$arr['mid'] = $mid; $arr['mid'] = $mid;
$arr['parent_mid'] = $mid; $arr['parent_mid'] = $mid;
$arr['item_wall'] = 1; $arr['item_wall'] = 1;
$arr['item_origin'] = 1; $arr['item_origin'] = 1;
$arr['item_thread_top'] = 1; $arr['item_thread_top'] = 1;
@ -663,9 +663,9 @@ function photos_create_item($channel, $creator_hash, $photo, $visible = false) {
$arr['deny_gid'] = $photo['deny_gid']; $arr['deny_gid'] = $photo['deny_gid'];
$arr['plink'] = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . $arr['mid']; $arr['plink'] = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . $arr['mid'];
$arr['body'] = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $photo['resource_id'] . ']' $arr['body'] = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $photo['resource_id'] . ']'
. '[zmg]' . z_root() . '/photo/' . $photo['resource_id'] . '-' . $photo['imgscale'] . '[/zmg]' . '[zmg]' . z_root() . '/photo/' . $photo['resource_id'] . '-' . $photo['imgscale'] . '[/zmg]'
. '[/zrl]'; . '[/zrl]';
$result = item_store($arr); $result = item_store($arr);
@ -710,39 +710,39 @@ function gps2Num($coordPart) {
} }
function profile_photo_set_profile_perms($uid, $profileid = 0) { function profile_photo_set_profile_perms($uid, $profileid = 0) {
$allowcid = ''; $allowcid = '';
if($profileid) { if($profileid) {
$r = q("SELECT photo, profile_guid, id, is_default, uid $r = q("SELECT photo, profile_guid, id, is_default, uid
FROM profile WHERE uid = %d and ( profile.id = %d OR profile.profile_guid = '%s') LIMIT 1", FROM profile WHERE uid = %d and ( profile.id = %d OR profile.profile_guid = '%s') LIMIT 1",
intval($uid), intval($uid),
intval($profileid), intval($profileid),
dbesc($profileid) dbesc($profileid)
); );
} }
else { else {
logger('Resetting permissions on default-profile-photo for user'.local_channel()); logger('Resetting permissions on default-profile-photo for user'.local_channel());
$r = q("SELECT photo, profile_guid, id, is_default, uid FROM profile $r = q("SELECT photo, profile_guid, id, is_default, uid FROM profile
WHERE profile.uid = %d AND is_default = 1 LIMIT 1", WHERE profile.uid = %d AND is_default = 1 LIMIT 1",
intval($uid) intval($uid)
); //If no profile is given, we update the default profile ); //If no profile is given, we update the default profile
} }
if(! $r) if(! $r)
return; return;
$profile = $r[0]; $profile = $r[0];
if($profile['id'] && $profile['photo']) { if($profile['id'] && $profile['photo']) {
preg_match("@\w*(?=-\d*$)@i", $profile['photo'], $resource_id); preg_match("@\w*(?=-\d*$)@i", $profile['photo'], $resource_id);
$resource_id = $resource_id[0]; $resource_id = $resource_id[0];
if (! intval($profile['is_default'])) { if (! intval($profile['is_default'])) {
$r0 = q("SELECT channel_hash FROM channel WHERE channel_id = %d LIMIT 1", $r0 = q("SELECT channel_hash FROM channel WHERE channel_id = %d LIMIT 1",
intval($uid) intval($uid)
); );
//Should not be needed in future. Catches old int-profile-ids. //Should not be needed in future. Catches old int-profile-ids.
$r1 = q("SELECT abook.abook_xchan FROM abook WHERE abook_profile = '%d' ", $r1 = q("SELECT abook.abook_xchan FROM abook WHERE abook_profile = '%d' ",
intval($profile['id']) intval($profile['id'])
); );
$r2 = q("SELECT abook.abook_xchan FROM abook WHERE abook_profile = '%s'", $r2 = q("SELECT abook.abook_xchan FROM abook WHERE abook_profile = '%s'",
@ -750,27 +750,27 @@ function profile_photo_set_profile_perms($uid, $profileid = 0) {
); );
$allowcid = "<" . $r0[0]['channel_hash'] . ">"; $allowcid = "<" . $r0[0]['channel_hash'] . ">";
foreach ($r1 as $entry) { foreach ($r1 as $entry) {
$allowcid .= "<" . $entry['abook_xchan'] . ">"; $allowcid .= "<" . $entry['abook_xchan'] . ">";
} }
foreach ($r2 as $entry) { foreach ($r2 as $entry) {
$allowcid .= "<" . $entry['abook_xchan'] . ">"; $allowcid .= "<" . $entry['abook_xchan'] . ">";
} }
q("UPDATE photo SET allow_cid = '%s' WHERE resource_id = '%s' AND uid = %d", q("UPDATE photo SET allow_cid = '%s' WHERE resource_id = '%s' AND uid = %d",
dbesc($allowcid), dbesc($allowcid),
dbesc($resource_id), dbesc($resource_id),
intval($uid) intval($uid)
); );
} }
else { else {
//Reset permissions on default profile picture to public //Reset permissions on default profile picture to public
q("UPDATE photo SET allow_cid = '' WHERE photo_usage = %d AND uid = %d", q("UPDATE photo SET allow_cid = '' WHERE photo_usage = %d AND uid = %d",
intval(PHOTO_PROFILE), intval(PHOTO_PROFILE),
intval($uid) intval($uid)
); );
} }
} }
return; return;
} }

46
include/plugin.php
View File

@ -143,7 +143,7 @@ function reload_plugins() {
if(file_exists($fname)) { if(file_exists($fname)) {
$t = @filemtime($fname); $t = @filemtime($fname);
foreach($installed as $i) { foreach($installed as $i) {
if(($i['aname'] == $pl) && ($i['tstamp'] != $t)) { if(($i['aname'] == $pl) && ($i['tstamp'] != $t)) {
logger('Reloading plugin: ' . $i['aname']); logger('Reloading plugin: ' . $i['aname']);
@include_once($fname); @include_once($fname);
@ -205,7 +205,7 @@ function register_hook($hook, $file, $function, $priority = 0) {
/** /**
* @brief unregisters a hook. * @brief unregisters a hook.
* *
* @param string $hook the name of the hook * @param string $hook the name of the hook
* @param string $file the name of the file that hooks into * @param string $file the name of the file that hooks into
* @param string $function the name of the function that the hook called * @param string $function the name of the function that the hook called
@ -224,7 +224,7 @@ function unregister_hook($hook, $file, $function) {
// //
// It might not be obvious but themes can manually add hooks to the App::$hooks // It might not be obvious but themes can manually add hooks to the App::$hooks
// array in their theme_init() and use this to customise the app behaviour. // array in their theme_init() and use this to customise the app behaviour.
// UPDATE: use insert_hook($hookname,$function_name) to do this // UPDATE: use insert_hook($hookname,$function_name) to do this
// //
@ -248,20 +248,22 @@ function load_hooks() {
/** /**
* @brief Inserts a hook into a page request. * @brief Inserts a hook into a page request.
* *
* Insert a short-lived hook into the running page request. * Insert a short-lived hook into the running page request.
* Hooks are normally persistent so that they can be called * Hooks are normally persistent so that they can be called
* across asynchronous processes such as delivery and poll * across asynchronous processes such as delivery and poll
* processes. * processes.
* *
* insert_hook lets you attach a hook callback immediately * insert_hook lets you attach a hook callback immediately
* which will not persist beyond the life of this page request * which will not persist beyond the life of this page request
* or the current process. * or the current process.
* *
* @param string $hook * @param string $hook
* name of hook to attach callback * name of hook to attach callback
* @param string $fn * @param string $fn
* function name of callback handler * function name of callback handler
*/ * @param int $version (optional) default 0
* @param int $priority (optional) default 0
*/
function insert_hook($hook, $fn, $version = 0, $priority = 0) { function insert_hook($hook, $fn, $version = 0, $priority = 0) {
if(! is_array(App::$hooks)) if(! is_array(App::$hooks))
@ -293,7 +295,7 @@ function call_hooks($name, &$data = null) {
$hook[1] = unserialize($hook[1]); $hook[1] = unserialize($hook[1]);
} }
elseif(strpos($hook[1],'::')) { elseif(strpos($hook[1],'::')) {
// We shouldn't need to do this, but it appears that PHP // We shouldn't need to do this, but it appears that PHP
// isn't able to directly execute a string variable with a class // isn't able to directly execute a string variable with a class
// method in the manner we are attempting it, so we'll // method in the manner we are attempting it, so we'll
// turn it into an array. // turn it into an array.
@ -306,10 +308,10 @@ function call_hooks($name, &$data = null) {
$func($data); $func($data);
else else
$func($a, $data); $func($a, $data);
} }
else { else {
// Don't do any DB write calls if we're currently logging a possibly failed DB call. // Don't do any DB write calls if we're currently logging a possibly failed DB call.
if(! DBA::$logging) { if(! DBA::$logging) {
// The hook should be removed so we don't process it. // The hook should be removed so we don't process it.
q("DELETE FROM hook WHERE hook = '%s' AND file = '%s' AND fn = '%s'", q("DELETE FROM hook WHERE hook = '%s' AND file = '%s' AND fn = '%s'",
@ -370,7 +372,7 @@ function get_plugin_info($plugin){
} else { } else {
$info[$k][] = array('name' => $v); $info[$k][] = array('name' => $v);
} }
} }
else { else {
$info[$k] = $v; $info[$k] = $v;
} }
@ -407,8 +409,8 @@ function check_plugin_versions($info) {
if(array_key_exists('serverroles',$info)) { if(array_key_exists('serverroles',$info)) {
$role = \Zotlabs\Lib\System::get_server_role(); $role = \Zotlabs\Lib\System::get_server_role();
if(! ( if(! (
stristr($info['serverroles'],'*') stristr($info['serverroles'],'*')
|| stristr($info['serverroles'],'any') || stristr($info['serverroles'],'any')
|| stristr($info['serverroles'],$role))) { || stristr($info['serverroles'],$role))) {
logger('serverrole limit: ' . $info['name'],LOGGER_NORMAL,LOG_WARNING); logger('serverrole limit: ' . $info['name'],LOGGER_NORMAL,LOG_WARNING);
return false; return false;
@ -426,7 +428,7 @@ function check_plugin_versions($info) {
if(! $test) if(! $test)
continue; continue;
if(! in_array($test,App::$plugins)) if(! in_array($test,App::$plugins))
$found = false; $found = false;
} }
} }
if(! $found) if(! $found)
@ -583,11 +585,11 @@ function format_css_if_exists($source) {
/* /*
* This basically calculates the baseurl. We have other functions to do that, but * This basically calculates the baseurl. We have other functions to do that, but
* there was an issue with script paths and mixed-content whose details are arcane * there was an issue with script paths and mixed-content whose details are arcane
* and perhaps lost in the message archives. The short answer is that we're ignoring * and perhaps lost in the message archives. The short answer is that we're ignoring
* the URL which we are "supposed" to use, and generating script paths relative to * the URL which we are "supposed" to use, and generating script paths relative to
* the URL which we are currently using; in order to ensure they are found and aren't * the URL which we are currently using; in order to ensure they are found and aren't
* blocked due to mixed content issues. * blocked due to mixed content issues.
*/ */
function script_path() { function script_path() {
@ -599,7 +601,7 @@ function script_path() {
$scheme = 'https'; $scheme = 'https';
else else
$scheme = 'http'; $scheme = 'http';
// Some proxy setups may require using http_host // Some proxy setups may require using http_host
if(intval(App::$config['system']['script_path_use_http_host'])) if(intval(App::$config['system']['script_path_use_http_host']))
@ -631,7 +633,7 @@ function head_remove_js($src, $priority = 0) {
} }
// We should probably try to register main.js with a high priority, but currently we handle it // We should probably try to register main.js with a high priority, but currently we handle it
// separately and put it at the end of the html head block in case any other javascript is // separately and put it at the end of the html head block in case any other javascript is
// added outside the head_add_js construct. // added outside the head_add_js construct.
function head_get_js() { function head_get_js() {
@ -640,7 +642,7 @@ function head_get_js() {
if(App::$js_sources) { if(App::$js_sources) {
ksort(App::$js_sources,SORT_NUMERIC); ksort(App::$js_sources,SORT_NUMERIC);
foreach(App::$js_sources as $sources) { foreach(App::$js_sources as $sources) {
if(count($sources)) { if(count($sources)) {
foreach($sources as $source) { foreach($sources as $source) {
if($src === 'main.js') if($src === 'main.js')
continue; continue;
@ -655,7 +657,7 @@ function head_get_js() {
function head_get_main_js() { function head_get_main_js() {
$str = ''; $str = '';
$sources = array('main.js'); $sources = array('main.js');
if(count($sources)) if(count($sources))
foreach($sources as $source) foreach($sources as $source)
$str .= format_js_if_exists($source,true); $str .= format_js_if_exists($source,true);
return $str; return $str;

84
include/security.php
View File

@ -2,11 +2,12 @@
/** /**
* @file include/security.php * @file include/security.php
* *
* Some security related functions. * @brief Some security related functions.
*/ */
/** /**
* @param int $user_record The account_id * @param int $user_record The account_id
* @param array $channel
* @param bool $login_initial default false * @param bool $login_initial default false
* @param bool $interactive default false * @param bool $interactive default false
* @param bool $return * @param bool $return
@ -27,8 +28,8 @@ function authenticate_success($user_record, $channel = null, $login_initial = fa
$uid_to_load = $channel['channel_id']; $uid_to_load = $channel['channel_id'];
if(! $uid_to_load) { if(! $uid_to_load) {
$uid_to_load = (((x($_SESSION,'uid')) && (intval($_SESSION['uid']))) $uid_to_load = (((x($_SESSION,'uid')) && (intval($_SESSION['uid'])))
? intval($_SESSION['uid']) ? intval($_SESSION['uid'])
: intval(App::$account['account_default_channel']) : intval(App::$account['account_default_channel'])
); );
} }
@ -89,21 +90,28 @@ function authenticate_success($user_record, $channel = null, $login_initial = fa
function atoken_login($atoken) { function atoken_login($atoken) {
if(! $atoken) if(! $atoken)
return false; return false;
$_SESSION['authenticated'] = 1; $_SESSION['authenticated'] = 1;
$_SESSION['visitor_id'] = $atoken['xchan_hash']; $_SESSION['visitor_id'] = $atoken['xchan_hash'];
$_SESSION['atoken'] = $atoken['atoken_id']; $_SESSION['atoken'] = $atoken['atoken_id'];
\App::set_observer($atoken); \App::set_observer($atoken);
return true; return true;
} }
/**
* @brief
*
* @param array $atoken
* @return array|null
*/
function atoken_xchan($atoken) { function atoken_xchan($atoken) {
$c = channelx_by_n($atoken['atoken_uid']); $c = channelx_by_n($atoken['atoken_uid']);
if($c) { if($c) {
return [ return [
'atoken_id' => $atoken['atoken_id'], 'atoken_id' => $atoken['atoken_id'],
'xchan_hash' => substr($c['channel_hash'],0,16) . '.' . $atoken['atoken_name'], 'xchan_hash' => substr($c['channel_hash'],0,16) . '.' . $atoken['atoken_name'],
'xchan_name' => $atoken['atoken_name'], 'xchan_name' => $atoken['atoken_name'],
'xchan_addr' => t('guest:') . $atoken['atoken_name'] . '@' . \App::get_hostname(), 'xchan_addr' => t('guest:') . $atoken['atoken_name'] . '@' . \App::get_hostname(),
@ -114,9 +122,9 @@ function atoken_xchan($atoken) {
'xchan_photo_l' => get_default_profile_photo(300), 'xchan_photo_l' => get_default_profile_photo(300),
'xchan_photo_m' => get_default_profile_photo(80), 'xchan_photo_m' => get_default_profile_photo(80),
'xchan_photo_s' => get_default_profile_photo(48) 'xchan_photo_s' => get_default_profile_photo(48)
]; ];
} }
return null; return null;
} }
@ -133,7 +141,7 @@ function atoken_delete($atoken_id) {
); );
if(! $c) if(! $c)
return; return;
$atoken_xchan = substr($c[0]['channel_hash'],0,16) . '.' . $r[0]['atoken_name']; $atoken_xchan = substr($c[0]['channel_hash'],0,16) . '.' . $r[0]['atoken_name'];
q("delete from atoken where atoken_id = %d", q("delete from atoken where atoken_id = %d",
@ -145,12 +153,16 @@ function atoken_delete($atoken_id) {
); );
} }
/**
* @brief
// in order for atoken logins to create content (such as posts) they need a stored xchan. *
// we'll create one on the first atoken_login; it can't really ever go away but perhaps * In order for atoken logins to create content (such as posts) they need a stored xchan.
// @fixme we should set xchan_deleted if it's expired or removed * we'll create one on the first atoken_login; it can't really ever go away but perhaps
* @fixme we should set xchan_deleted if it's expired or removed
*
* @param array $xchan
* @return void|boolean
*/
function atoken_create_xchan($xchan) { function atoken_create_xchan($xchan) {
$r = q("select xchan_hash from xchan where xchan_hash = '%s'", $r = q("select xchan_hash from xchan where xchan_hash = '%s'",
@ -159,7 +171,7 @@ function atoken_create_xchan($xchan) {
if($r) if($r)
return; return;
$r = q("insert into xchan ( xchan_hash, xchan_guid, xchan_addr, xchan_url, xchan_name, xchan_network, xchan_photo_mimetype, xchan_photo_l, xchan_photo_m, xchan_photo_s ) $r = q("insert into xchan ( xchan_hash, xchan_guid, xchan_addr, xchan_url, xchan_name, xchan_network, xchan_photo_mimetype, xchan_photo_l, xchan_photo_m, xchan_photo_s )
values ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s') ", values ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s') ",
dbesc($xchan['xchan_hash']), dbesc($xchan['xchan_hash']),
dbesc($xchan['xchan_hash']), dbesc($xchan['xchan_hash']),
@ -202,12 +214,11 @@ function atoken_abook($uid,$xchan_hash) {
} }
return false; return false;
} }
function pseudo_abook($xchan) { function pseudo_abook($xchan) {
if(! $xchan) if(! $xchan)
return false; return false;
// set abook_pseudo to flag that we aren't really connected. // set abook_pseudo to flag that we aren't really connected.
@ -216,8 +227,8 @@ function pseudo_abook($xchan) {
$xchan['abook_blocked'] = 0; $xchan['abook_blocked'] = 0;
$xchan['abook_ignored'] = 0; $xchan['abook_ignored'] = 0;
$xchan['abook_pending'] = 0; $xchan['abook_pending'] = 0;
return $xchan; return $xchan;
} }
@ -228,7 +239,6 @@ function pseudo_abook($xchan) {
* *
* @return bool|array false or channel record of the new channel * @return bool|array false or channel record of the new channel
*/ */
function change_channel($change_channel) { function change_channel($change_channel) {
$ret = false; $ret = false;
@ -260,7 +270,7 @@ function change_channel($change_channel) {
date_default_timezone_set($r[0]['channel_timezone']); date_default_timezone_set($r[0]['channel_timezone']);
$ret = $r[0]; $ret = $r[0];
} }
$x = q("select * from xchan where xchan_hash = '%s' limit 1", $x = q("select * from xchan where xchan_hash = '%s' limit 1",
dbesc($hash) dbesc($hash)
); );
if($x) { if($x) {
@ -275,7 +285,6 @@ function change_channel($change_channel) {
$arr = [ 'channel_id' => $change_channel, 'chanx' => $ret ]; $arr = [ 'channel_id' => $change_channel, 'chanx' => $ret ];
call_hooks('change_channel', $arr); call_hooks('change_channel', $arr);
} }
return $ret; return $ret;
@ -285,11 +294,11 @@ function change_channel($change_channel) {
* @brief Creates an additional SQL where statement to check permissions. * @brief Creates an additional SQL where statement to check permissions.
* *
* @param int $owner_id * @param int $owner_id
* @param bool $remote_observer - if unset use current observer * @param bool $remote_observer (optional) use current observer if unset
* @param $table (optional)
* *
* @return string additional SQL where statement * @return string additional SQL where statement
*/ */
function permissions_sql($owner_id, $remote_observer = null, $table = '') { function permissions_sql($owner_id, $remote_observer = null, $table = '') {
$local_channel = local_channel(); $local_channel = local_channel();
@ -303,11 +312,10 @@ function permissions_sql($owner_id, $remote_observer = null, $table = '') {
if($table) if($table)
$table .= '.'; $table .= '.';
$sql = " AND {$table}allow_cid = ''
$sql = " AND {$table}allow_cid = '' AND {$table}allow_gid = ''
AND {$table}allow_gid = '' AND {$table}deny_cid = ''
AND {$table}deny_cid = '' AND {$table}deny_gid = ''
AND {$table}deny_gid = ''
"; ";
/** /**
@ -319,7 +327,7 @@ function permissions_sql($owner_id, $remote_observer = null, $table = '') {
} }
/** /**
* Authenticated visitor. Unless pre-verified, * Authenticated visitor. Unless pre-verified,
* check that the contact belongs to this $owner_id * check that the contact belongs to this $owner_id
* and load the groups the visitor belongs to. * and load the groups the visitor belongs to.
* If pre-verified, the caller is expected to have already * If pre-verified, the caller is expected to have already
@ -358,7 +366,7 @@ function permissions_sql($owner_id, $remote_observer = null, $table = '') {
* @brief Creates an addiontal SQL where statement to check permissions for an item. * @brief Creates an addiontal SQL where statement to check permissions for an item.
* *
* @param int $owner_id * @param int $owner_id
* @param bool $remote_observer, use current observer if unset * @param bool $remote_observer (optional) use current observer if unset
* *
* @return string additional SQL where statement * @return string additional SQL where statement
*/ */
@ -379,7 +387,7 @@ function item_permissions_sql($owner_id, $remote_observer = null) {
*/ */
if(($local_channel) && ($local_channel == $owner_id)) { if(($local_channel) && ($local_channel == $owner_id)) {
$sql = ''; $sql = '';
} }
/** /**
@ -425,7 +433,7 @@ function item_permissions_sql($owner_id, $remote_observer = null) {
/** /**
* Remote visitors also need to be checked against the public_scope parameter if item_private is set. * Remote visitors also need to be checked against the public_scope parameter if item_private is set.
* This function checks the various permutations of that field for any which apply to this observer. * This function checks the various permutations of that field for any which apply to this observer.
* *
*/ */
@ -448,9 +456,9 @@ function scopes_sql($uid,$observer) {
$str .= " or public_policy = 'contacts' ) "; $str .= " or public_policy = 'contacts' ) ";
return $str; return $str;
} }
@ -500,7 +508,7 @@ function public_permissions_sql($observer_hash) {
* If the new page contains by any chance external elements, then the used security token is exposed by the referrer. * If the new page contains by any chance external elements, then the used security token is exposed by the referrer.
* Actually, important actions should not be triggered by Links / GET-Requests at all, but somethimes they still are, * Actually, important actions should not be triggered by Links / GET-Requests at all, but somethimes they still are,
* so this mechanism brings in some damage control (the attacker would be able to forge a request to a form of this type, but not to forms of other types). * so this mechanism brings in some damage control (the attacker would be able to forge a request to a form of this type, but not to forms of other types).
*/ */
function get_form_security_token($typename = '') { function get_form_security_token($typename = '') {
$timestamp = time(); $timestamp = time();
@ -561,13 +569,13 @@ function init_groups_visitor($contact_id) {
// This is used to determine which uid have posts which are visible to the logged in user (from the API) for the // This is used to determine which uid have posts which are visible to the logged in user (from the API) for the
// public_timeline, and we can use this in a community page by making // public_timeline, and we can use this in a community page by making
// $perms = (PERMS_NETWORK|PERMS_PUBLIC) unless logged in. // $perms = (PERMS_NETWORK|PERMS_PUBLIC) unless logged in.
// Collect uids of everybody on this site who has opened their posts to everybody on this site (or greater visibility) // Collect uids of everybody on this site who has opened their posts to everybody on this site (or greater visibility)
// We always include yourself if logged in because you can always see your own posts // We always include yourself if logged in because you can always see your own posts
// resolving granular permissions for the observer against every person and every post on the site // resolving granular permissions for the observer against every person and every post on the site
// will likely be too expensive. // will likely be too expensive.
// Returns a string list of comma separated channel_ids suitable for direct inclusion in a SQL query // Returns a string list of comma separated channel_ids suitable for direct inclusion in a SQL query
function stream_perms_api_uids($perms = NULL, $limit = 0, $rand = 0 ) { function stream_perms_api_uids($perms = NULL, $limit = 0, $rand = 0 ) {

565
include/text.php
View File

File diff suppressed because it is too large Load Diff

95
include/widgets.php
View File

@ -126,7 +126,7 @@ function widget_suggestions($arr) {
// Get two random entries from the top 20 returned. // Get two random entries from the top 20 returned.
// We'll grab the first one and the one immediately following. // We'll grab the first one and the one immediately following.
// This will throw some entropy intot he situation so you won't // This will throw some entropy intot he situation so you won't
// be looking at the same two mug shots every time the widget runs // be looking at the same two mug shots every time the widget runs
$index = ((count($r) > 2) ? mt_rand(0,count($r) - 2) : 0); $index = ((count($r) > 2) ? mt_rand(0,count($r) - 2) : 0);
@ -169,7 +169,7 @@ function widget_follow($args) {
intval($uid) intval($uid)
); );
if($r) if($r)
$total_channels = $r[0]['total']; $total_channels = $r[0]['total'];
$limit = service_class_fetch($uid,'total_channels'); $limit = service_class_fetch($uid,'total_channels');
if($limit !== false) { if($limit !== false) {
$abook_usage_message = sprintf( t("You have %1$.0f of %2$.0f allowed connections."), $total_channels, $limit); $abook_usage_message = sprintf( t("You have %1$.0f of %2$.0f allowed connections."), $total_channels, $limit);
@ -212,7 +212,7 @@ function widget_savedsearch($arr) {
$search = ((x($_GET,'netsearch')) ? $_GET['netsearch'] : ''); $search = ((x($_GET,'netsearch')) ? $_GET['netsearch'] : '');
if(! $search) if(! $search)
$search = ((x($_GET,'search')) ? $_GET['search'] : ''); $search = ((x($_GET,'search')) ? $_GET['search'] : '');
if(x($_GET,'searchsave') && $search) { if(x($_GET,'searchsave') && $search) {
$r = q("select * from term where uid = %d and ttype = %d and term = '%s' limit 1", $r = q("select * from term where uid = %d and ttype = %d and term = '%s' limit 1",
intval(local_channel()), intval(local_channel()),
@ -252,7 +252,7 @@ function widget_savedsearch($arr) {
$hasamp = ((strpos($srchurl,'&') !== false) ? true : false); $hasamp = ((strpos($srchurl,'&') !== false) ? true : false);
if(($hasamp) && (! $hasq)) if(($hasamp) && (! $hasq))
$srchurl = substr($srchurl,0,strpos($srchurl,'&')) . '?f=&' . substr($srchurl,strpos($srchurl,'&')+1); $srchurl = substr($srchurl,0,strpos($srchurl,'&')) . '?f=&' . substr($srchurl,strpos($srchurl,'&')+1);
$o = ''; $o = '';
@ -292,7 +292,7 @@ function widget_savedsearch($arr) {
function widget_sitesearch($arr) { function widget_sitesearch($arr) {
$search = ((x($_GET,'search')) ? $_GET['search'] : ''); $search = ((x($_GET,'search')) ? $_GET['search'] : '');
$srchurl = App::$query_string; $srchurl = App::$query_string;
$srchurl = rtrim(preg_replace('/search\=[^\&].*?(\&|$)/is','',$srchurl),'&'); $srchurl = rtrim(preg_replace('/search\=[^\&].*?(\&|$)/is','',$srchurl),'&');
@ -304,7 +304,7 @@ function widget_sitesearch($arr) {
$hasamp = ((strpos($srchurl,'&') !== false) ? true : false); $hasamp = ((strpos($srchurl,'&') !== false) ? true : false);
if(($hasamp) && (! $hasq)) if(($hasamp) && (! $hasq))
$srchurl = substr($srchurl,0,strpos($srchurl,'&')) . '?f=&' . substr($srchurl,strpos($srchurl,'&')+1); $srchurl = substr($srchurl,0,strpos($srchurl,'&')) . '?f=&' . substr($srchurl,strpos($srchurl,'&')+1);
$o = ''; $o = '';
@ -554,7 +554,7 @@ function widget_affinity($arr) {
)); ));
$arr = array('html' => $x); $arr = array('html' => $x);
call_hooks('main_slider',$arr); call_hooks('main_slider',$arr);
return $arr['html']; return $arr['html'];
} }
return ''; return '';
@ -802,10 +802,10 @@ function widget_design_tools($arr) {
// mod menu doesn't load a profile. For any modules which load a profile, check it. // mod menu doesn't load a profile. For any modules which load a profile, check it.
// otherwise local_channel() is sufficient for permissions. // otherwise local_channel() is sufficient for permissions.
if(App::$profile['profile_uid']) if(App::$profile['profile_uid'])
if((App::$profile['profile_uid'] != local_channel()) && (! App::$is_sys)) if((App::$profile['profile_uid'] != local_channel()) && (! App::$is_sys))
return ''; return '';
if(! local_channel()) if(! local_channel())
return ''; return '';
@ -817,10 +817,10 @@ function widget_website_portation_tools($arr) {
// mod menu doesn't load a profile. For any modules which load a profile, check it. // mod menu doesn't load a profile. For any modules which load a profile, check it.
// otherwise local_channel() is sufficient for permissions. // otherwise local_channel() is sufficient for permissions.
if(App::$profile['profile_uid']) if(App::$profile['profile_uid'])
if((App::$profile['profile_uid'] != local_channel()) && (! App::$is_sys)) if((App::$profile['profile_uid'] != local_channel()) && (! App::$is_sys))
return ''; return '';
if(! local_channel()) if(! local_channel())
return ''; return '';
@ -841,7 +841,7 @@ function widget_photo_albums($arr) {
return ''; return '';
require_once('include/photos.php'); require_once('include/photos.php');
$sortkey = ((array_key_exists('sortkey',$arr)) ? $arr['sortkey'] : 'album'); $sortkey = ((array_key_exists('sortkey',$arr)) ? $arr['sortkey'] : 'album');
$direction = ((array_key_exists('direction',$arr)) ? $arr['direction'] : 'asc'); $direction = ((array_key_exists('direction',$arr)) ? $arr['direction'] : 'asc');
return photos_album_widget($channelx, App::get_observer(),$sortkey,$direction); return photos_album_widget($channelx, App::get_observer(),$sortkey,$direction);
} }
@ -901,7 +901,7 @@ function widget_wiki_list($arr) {
require_once("include/wiki.php"); require_once("include/wiki.php");
$channel = null; $channel = null;
if (argc() < 2 && local_channel()) { if (argc() < 2 && local_channel()) {
// This should not occur because /wiki should redirect to /wiki/channel ... // This should not occur because /wiki should redirect to /wiki/channel ...
$channel = \App::get_channel(); $channel = \App::get_channel();
} else { } else {
@ -996,9 +996,9 @@ function widget_suggestedchats($arr) {
if(! feature_enabled(App::$profile['profile_uid'],'ajaxchat')) if(! feature_enabled(App::$profile['profile_uid'],'ajaxchat'))
return ''; return '';
// There are reports that this tool does not ever remove chatrooms on dead sites, // There are reports that this tool does not ever remove chatrooms on dead sites,
// and also will happily link to private chats which you cannot enter. // and also will happily link to private chats which you cannot enter.
// For those reasons, it will be disabled until somebody decides it's worth // For those reasons, it will be disabled until somebody decides it's worth
// fixing and comes up with a plan for doing so. // fixing and comes up with a plan for doing so.
return ''; return '';
@ -1044,7 +1044,7 @@ function widget_item($arr) {
if($arr['title']) { if($arr['title']) {
$r = q("select item.* from item left join iconfig on item.id = iconfig.iid $r = q("select item.* from item left join iconfig on item.id = iconfig.iid
where item.uid = %d and iconfig.cat = 'system' and iconfig.v = '%s' where item.uid = %d and iconfig.cat = 'system' and iconfig.v = '%s'
and iconfig.k = 'WEBPAGE' and item_type = %d $sql_options $revision limit 1", and iconfig.k = 'WEBPAGE' and item_type = %d $sql_options $revision limit 1",
intval($channel_id), intval($channel_id),
dbesc($arr['title']), dbesc($arr['title']),
@ -1108,7 +1108,7 @@ function showtime(){
// timeValue += ((seconds < 10) ? ":0" : ":") + seconds // timeValue += ((seconds < 10) ? ":0" : ":") + seconds
if(! military) if(! military)
timeValue += (hours >= 12) ? " P.M." : " A.M." timeValue += (hours >= 12) ? " P.M." : " A.M."
$('.clockface').html(timeValue) $('.clockface').html(timeValue)
timerID = setTimeout("showtime()",1000) timerID = setTimeout("showtime()",1000)
timerRunning = true timerRunning = true
} }
@ -1124,17 +1124,16 @@ return $o;
} }
/** /**
* @function widget_photo($arr) * @brief Widget to display a single photo.
* widget to display a single photo. *
* @param array $arr; * @param array $arr associative array with
* 'src' => URL of photo * * \e string \b src URL of photo; URL must be an http or https URL
* 'zrl' => true or false, use zid in url * * \e boolean \b zrl use zid in URL
* 'style' => CSS string * * \e string \b style CSS string
* URL must be an http or https URL *
* @return string with parsed HTML
*/ */
function widget_photo($arr) { function widget_photo($arr) {
$style = $zrl = false; $style = $zrl = false;
@ -1142,7 +1141,7 @@ function widget_photo($arr) {
if(array_key_exists('src', $arr) && isset($arr['src'])) if(array_key_exists('src', $arr) && isset($arr['src']))
$url = $arr['src']; $url = $arr['src'];
if(strpos($url,'http') !== 0) if(strpos($url, 'http') !== 0)
return ''; return '';
if(array_key_exists('style', $arr) && isset($arr['style'])) if(array_key_exists('style', $arr) && isset($arr['style']))
@ -1150,7 +1149,7 @@ function widget_photo($arr) {
// ensure they can't sneak in an eval(js) function // ensure they can't sneak in an eval(js) function
if(strpbrk($style,'(\'"<>') !== false) if(strpbrk($style, '(\'"<>') !== false)
$style = ''; $style = '';
if(array_key_exists('zrl', $arr) && isset($arr['zrl'])) if(array_key_exists('zrl', $arr) && isset($arr['zrl']))
@ -1161,8 +1160,8 @@ function widget_photo($arr) {
$o = '<div class="widget">'; $o = '<div class="widget">';
$o .= '<img ' . (($zrl) ? ' class="zrl" ' : '') $o .= '<img ' . (($zrl) ? ' class="zrl" ' : '')
. (($style) ? ' style="' . $style . '"' : '') . (($style) ? ' style="' . $style . '"' : '')
. ' src="' . $url . '" alt="' . t('photo/image') . '">'; . ' src="' . $url . '" alt="' . t('photo/image') . '">';
$o .= '</div>'; $o .= '</div>';
@ -1175,7 +1174,7 @@ function widget_cover_photo($arr) {
require_once('include/channel.php'); require_once('include/channel.php');
$o = ''; $o = '';
if(App::$module == 'channel' && $_REQUEST['mid']) if(App::$module == 'channel' && $_REQUEST['mid'])
return ''; return '';
@ -1191,7 +1190,7 @@ function widget_cover_photo($arr) {
if(array_key_exists('style', $arr) && isset($arr['style'])) if(array_key_exists('style', $arr) && isset($arr['style']))
$style = $arr['style']; $style = $arr['style'];
else else
$style = 'width:100%; height: auto;'; $style = 'width:100%; height: auto;';
// ensure they can't sneak in an eval(js) function // ensure they can't sneak in an eval(js) function
@ -1273,8 +1272,8 @@ function widget_photo_rand($arr) {
$o = '<div class="widget">'; $o = '<div class="widget">';
$o .= '<img class="zrl" ' $o .= '<img class="zrl" '
. (($style) ? ' style="' . $style . '"' : '') . (($style) ? ' style="' . $style . '"' : '')
. ' src="' . $url . '" alt="' . t('photo/image') . '">'; . ' src="' . $url . '" alt="' . t('photo/image') . '">';
$o .= '</div>'; $o .= '</div>';
@ -1304,7 +1303,7 @@ function widget_random_block($arr) {
$randfunc = db_getfunc('RAND'); $randfunc = db_getfunc('RAND');
$r = q("select item.* from item left join iconfig on item.id = iconfig.iid $r = q("select item.* from item left join iconfig on item.id = iconfig.iid
where item.uid = %d and iconfig.cat = 'system' and iconfig.v like '%s' and iconfig.k = 'BUILDBLOCK' and where item.uid = %d and iconfig.cat = 'system' and iconfig.v like '%s' and iconfig.k = 'BUILDBLOCK' and
item_type = %d $sql_options order by $randfunc limit 1", item_type = %d $sql_options order by $randfunc limit 1",
intval($channel_id), intval($channel_id),
dbesc('%' . $contains . '%'), dbesc('%' . $contains . '%'),
@ -1413,7 +1412,7 @@ function widget_forums($arr) {
/** /**
* We used to try and find public forums with custom permissions by checking to see if * We used to try and find public forums with custom permissions by checking to see if
* send_stream was false and tag_deliver was true. However with the newer extensible * send_stream was false and tag_deliver was true. However with the newer extensible
* permissions infrastructure this makes for a very complicated query. Now we're only * permissions infrastructure this makes for a very complicated query. Now we're only
* checking channels that report themselves specifically as pubforums * checking channels that report themselves specifically as pubforums
*/ */
@ -1440,11 +1439,11 @@ function widget_forums($arr) {
/** /**
* @FIXME * @FIXME
* This SQL makes the counts correct when you get forum posts arriving from different routes/sources * This SQL makes the counts correct when you get forum posts arriving from different routes/sources
* (like personal channels). However the network query for these posts doesn't yet include this * (like personal channels). However the network query for these posts doesn't yet include this
* correction and it makes the SQL for that query pretty hairy so this is left as a future exercise. * correction and it makes the SQL for that query pretty hairy so this is left as a future exercise.
* It may make more sense in that query to look for the mention in the body rather than another join, * It may make more sense in that query to look for the mention in the body rather than another join,
* but that makes it very inefficient. * but that makes it very inefficient.
* *
$r = q("select sum(item_unseen) as unseen from item left join term on oid = id where otype = %d and owner_xchan != '%s' and item.uid = %d and url = '%s' and ttype = %d $perms_sql ", $r = q("select sum(item_unseen) as unseen from item left join term on oid = id where otype = %d and owner_xchan != '%s' and item.uid = %d and url = '%s' and ttype = %d $perms_sql ",
intval(TERM_OBJ_POST), intval(TERM_OBJ_POST),
dbesc($r1[$x]['xchan_hash']), dbesc($r1[$x]['xchan_hash']),
@ -1457,7 +1456,7 @@ function widget_forums($arr) {
* *
* end @FIXME * end @FIXME
*/ */
} }
if($r1) { if($r1) {
@ -1471,7 +1470,7 @@ function widget_forums($arr) {
} }
$o .= '</ul></div>'; $o .= '</ul></div>';
} }
return $o; return $o;
} }
@ -1489,7 +1488,7 @@ function widget_tasklist($arr) {
$(".tasklist-tasks").html(data.html); $(".tasklist-tasks").html(data.html);
}); });
} }
</script>'; </script>';
$o .= '<div class="widget">' . '<h3>' . t('Tasks') . '</h3><div class="tasklist-tasks">'; $o .= '<div class="widget">' . '<h3>' . t('Tasks') . '</h3><div class="tasklist-tasks">';
$o .= '</div><form id="tasklist-new-form" action="" ><input id="tasklist-new-summary" type="text" name="summary" value="" /></form>'; $o .= '</div><form id="tasklist-new-form" action="" ><input id="tasklist-new-summary" type="text" name="summary" value="" /></form>';
@ -1516,7 +1515,7 @@ function widget_helpindex($arr) {
if(argc() > 2) { if(argc() > 2) {
$path = ''; $path = '';
for($x = 1; $x < argc(); $x ++) { for($x = 1; $x < argc(); $x ++) {
$path .= argv($x) . '/'; $path .= argv($x) . '/';
$y = get_help_content($path . 'sitetoc'); $y = get_help_content($path . 'sitetoc');
if(! $y) if(! $y)
$y = get_help_content($path . 'toc'); $y = get_help_content($path . 'toc');
@ -1590,7 +1589,7 @@ function widget_admin($arr) {
call_hooks('admin_aside',$arr); call_hooks('admin_aside',$arr);
$o .= replace_macros(get_markup_template('admin_aside.tpl'), array( $o .= replace_macros(get_markup_template('admin_aside.tpl'), array(
'$admin' => $aside, '$admin' => $aside,
'$admtxt' => t('Admin'), '$admtxt' => t('Admin'),
'$plugadmtxt' => t('Plugin Features'), '$plugadmtxt' => t('Plugin Features'),
'$plugins' => $plugins, '$plugins' => $plugins,
@ -1620,7 +1619,7 @@ function widget_album($args) {
if($args['title']) if($args['title'])
$title = $args['title']; $title = $args['title'];
/** /**
* This may return incorrect permissions if you have multiple directories of the same name. * This may return incorrect permissions if you have multiple directories of the same name.
* It is a limitation of the photo table using a name for a photo album instead of a folder hash * It is a limitation of the photo table using a name for a photo album instead of a folder hash
*/ */
@ -1640,7 +1639,7 @@ function widget_album($args) {
$order = 'DESC'; $order = 'DESC';
$r = q("SELECT p.resource_id, p.id, p.filename, p.mimetype, p.imgscale, p.description, p.created FROM photo p INNER JOIN $r = q("SELECT p.resource_id, p.id, p.filename, p.mimetype, p.imgscale, p.description, p.created FROM photo p INNER JOIN
(SELECT resource_id, max(imgscale) imgscale FROM photo WHERE uid = %d AND album = '%s' AND imgscale <= 4 AND photo_usage IN ( %d, %d ) $sql_extra GROUP BY resource_id) ph (SELECT resource_id, max(imgscale) imgscale FROM photo WHERE uid = %d AND album = '%s' AND imgscale <= 4 AND photo_usage IN ( %d, %d ) $sql_extra GROUP BY resource_id) ph
ON (p.resource_id = ph.resource_id AND p.imgscale = ph.imgscale) ON (p.resource_id = ph.resource_id AND p.imgscale = ph.imgscale)
ORDER BY created $order ", ORDER BY created $order ",
intval($owner_uid), intval($owner_uid),
@ -1648,7 +1647,7 @@ function widget_album($args) {
intval(PHOTO_NORMAL), intval(PHOTO_NORMAL),
intval(PHOTO_PROFILE) intval(PHOTO_PROFILE)
); );
//edit album name //edit album name
$album_edit = null; $album_edit = null;
@ -1661,7 +1660,7 @@ function widget_album($args) {
$twist = 'rotleft'; $twist = 'rotleft';
else else
$twist = 'rotright'; $twist = 'rotright';
$ext = $phototypes[$rr['mimetype']]; $ext = $phototypes[$rr['mimetype']];
$imgalt_e = $rr['filename']; $imgalt_e = $rr['filename'];

183
include/zot.php
View File

@ -176,7 +176,7 @@ function zot_zot($url, $data) {
* @param boolean $autofallback * @param boolean $autofallback
* fallback/failover to http if https connection cannot be established. Default is true. * fallback/failover to http if https connection cannot be established. Default is true.
* *
* @return array see z_post_url() and \ref mod/zfinger.php * @return array see z_post_url() and \ref Zotlabs::Zot::Finger "\\Zotlabs\\Zot\\Finger"
*/ */
function zot_finger($webbie, $channel = null, $autofallback = true) { function zot_finger($webbie, $channel = null, $autofallback = true) {
@ -301,7 +301,7 @@ function zot_refresh($them, $channel = null, $force = false) {
// if they re-installed the server we could end up with the wrong record - pointing to the old install. // if they re-installed the server we could end up with the wrong record - pointing to the old install.
// We'll order by reverse id to try and pick off the newest one first and hopefully end up with the // We'll order by reverse id to try and pick off the newest one first and hopefully end up with the
// correct hubloc. If this doesn't work we may have to re-write this section to try them all. // correct hubloc. If this doesn't work we may have to re-write this section to try them all.
if(array_key_exists('xchan_addr',$them) && $them['xchan_addr']) { if(array_key_exists('xchan_addr',$them) && $them['xchan_addr']) {
$r = q("select hubloc_url, hubloc_primary from hubloc where hubloc_addr = '%s' order by hubloc_id desc", $r = q("select hubloc_url, hubloc_primary from hubloc where hubloc_addr = '%s' order by hubloc_id desc",
@ -522,7 +522,7 @@ function zot_refresh($them, $channel = null, $force = false) {
'to_xchan' => $channel['channel_hash'], 'to_xchan' => $channel['channel_hash'],
'link' => z_root() . '/connedit/' . $new_connection[0]['abook_id'], 'link' => z_root() . '/connedit/' . $new_connection[0]['abook_id'],
)); ));
if(intval($permissions['view_stream'])) { if(intval($permissions['view_stream'])) {
if(intval(get_pconfig($channel['channel_id'],'perm_limits','send_stream') & PERMS_PENDING) if(intval(get_pconfig($channel['channel_id'],'perm_limits','send_stream') & PERMS_PENDING)
|| (! intval($new_connection[0]['abook_pending']))) || (! intval($new_connection[0]['abook_pending'])))
@ -535,7 +535,7 @@ function zot_refresh($them, $channel = null, $force = false) {
if($default_group) { if($default_group) {
require_once('include/group.php'); require_once('include/group.php');
$g = group_rec_byhash($channel['channel_id'],$default_group); $g = group_rec_byhash($channel['channel_id'],$default_group);
if($g) if($g)
group_add_member($channel['channel_id'],'',$x['hash'],$g['id']); group_add_member($channel['channel_id'],'',$x['hash'],$g['id']);
} }
@ -571,11 +571,12 @@ function zot_refresh($them, $channel = null, $force = false) {
* * \e string \b guid_sig => guid signed with conversant's private key * * \e string \b guid_sig => guid signed with conversant's private key
* * \e string \b url => URL of the origination hub of this communication * * \e string \b url => URL of the origination hub of this communication
* * \e string \b url_sig => URL signed with conversant's private key * * \e string \b url_sig => URL signed with conversant's private key
* @param boolean $multiple (optional) default false
* *
* @returns array|null null if site is blacklisted or not found, otherwise an * @returns array|null null if site is blacklisted or not found, otherwise an
* array with an hubloc record * array with an hubloc record
*/ */
function zot_gethub($arr,$multiple = false) { function zot_gethub($arr, $multiple = false) {
if($arr['guid'] && $arr['guid_sig'] && $arr['url'] && $arr['url_sig']) { if($arr['guid'] && $arr['guid_sig'] && $arr['url'] && $arr['url_sig']) {
@ -586,7 +587,7 @@ function zot_gethub($arr,$multiple = false) {
$limit = (($multiple) ? '' : ' limit 1 '); $limit = (($multiple) ? '' : ' limit 1 ');
$sitekey = ((array_key_exists('sitekey',$arr) && $arr['sitekey']) ? " and hubloc_sitekey = '" . protect_sprintf($arr['sitekey']) . "' " : ''); $sitekey = ((array_key_exists('sitekey',$arr) && $arr['sitekey']) ? " and hubloc_sitekey = '" . protect_sprintf($arr['sitekey']) . "' " : '');
$r = q("select * from hubloc $r = q("select * from hubloc
where hubloc_guid = '%s' and hubloc_guid_sig = '%s' where hubloc_guid = '%s' and hubloc_guid_sig = '%s'
and hubloc_url = '%s' and hubloc_url_sig = '%s' and hubloc_url = '%s' and hubloc_url_sig = '%s'
@ -754,15 +755,15 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) {
if(intval($r[0]['xchan_pubforum']) != intval($arr['public_forum'])) if(intval($r[0]['xchan_pubforum']) != intval($arr['public_forum']))
$pubforum_changed = 1; $pubforum_changed = 1;
if(($r[0]['xchan_name_date'] != $arr['name_updated']) if(($r[0]['xchan_name_date'] != $arr['name_updated'])
|| ($r[0]['xchan_connurl'] != $arr['connections_url']) || ($r[0]['xchan_connurl'] != $arr['connections_url'])
|| ($r[0]['xchan_addr'] != $arr['address']) || ($r[0]['xchan_addr'] != $arr['address'])
|| ($r[0]['xchan_follow'] != $arr['follow_url']) || ($r[0]['xchan_follow'] != $arr['follow_url'])
|| ($r[0]['xchan_connpage'] != $arr['connect_url']) || ($r[0]['xchan_connpage'] != $arr['connect_url'])
|| ($r[0]['xchan_url'] != $arr['url']) || ($r[0]['xchan_url'] != $arr['url'])
|| $hidden_changed || $adult_changed || $deleted_changed || $pubforum_changed ) { || $hidden_changed || $adult_changed || $deleted_changed || $pubforum_changed ) {
$rup = q("update xchan set xchan_name = '%s', xchan_name_date = '%s', xchan_connurl = '%s', xchan_follow = '%s', $rup = q("update xchan set xchan_name = '%s', xchan_name_date = '%s', xchan_connurl = '%s', xchan_follow = '%s',
xchan_connpage = '%s', xchan_hidden = %d, xchan_selfcensored = %d, xchan_deleted = %d, xchan_pubforum = %d, xchan_connpage = '%s', xchan_hidden = %d, xchan_selfcensored = %d, xchan_deleted = %d, xchan_pubforum = %d,
xchan_addr = '%s', xchan_url = '%s' where xchan_hash = '%s'", xchan_addr = '%s', xchan_url = '%s' where xchan_hash = '%s'",
dbesc(($arr['name']) ? $arr['name'] : '-'), dbesc(($arr['name']) ? $arr['name'] : '-'),
dbesc($arr['name_updated']), dbesc($arr['name_updated']),
@ -1022,12 +1023,12 @@ function zot_process_response($hub, $arr, $outq) {
} }
} }
// we have a more descriptive delivery report, so discard the per hub 'queued' report. // we have a more descriptive delivery report, so discard the per hub 'queued' report.
q("delete from dreport where dreport_queue = '%s' ", q("delete from dreport where dreport_queue = '%s' ",
dbesc($outq['outq_hash']) dbesc($outq['outq_hash'])
); );
// update the timestamp for this site // update the timestamp for this site
q("update site set site_dead = 0, site_update = '%s' where site_url = '%s'", q("update site set site_dead = 0, site_update = '%s' where site_url = '%s'",
@ -1068,7 +1069,7 @@ function zot_fetch($arr) {
// set $multiple param on zot_gethub() to return all matching hubs // set $multiple param on zot_gethub() to return all matching hubs
// This allows us to recover from re-installs when a redundant (but invalid) hubloc for // This allows us to recover from re-installs when a redundant (but invalid) hubloc for
// this identity is widely dispersed throughout the network. // this identity is widely dispersed throughout the network.
$ret_hubs = zot_gethub($arr['sender'],true); $ret_hubs = zot_gethub($arr['sender'],true);
if(! $ret_hubs) { if(! $ret_hubs) {
@ -1080,7 +1081,7 @@ function zot_fetch($arr) {
$data = array( $data = array(
'type' => 'pickup', 'type' => 'pickup',
'url' => z_root(), 'url' => z_root(),
'callback_sig' => base64url_encode(rsa_sign(z_root() . '/post',get_config('system','prvkey'))), 'callback_sig' => base64url_encode(rsa_sign(z_root() . '/post',get_config('system','prvkey'))),
'callback' => z_root() . '/post', 'callback' => z_root() . '/post',
'secret' => $arr['secret'], 'secret' => $arr['secret'],
'secret_sig' => base64url_encode(rsa_sign($arr['secret'],get_config('system','prvkey'))) 'secret_sig' => base64url_encode(rsa_sign($arr['secret'],get_config('system','prvkey')))
@ -1091,7 +1092,7 @@ function zot_fetch($arr) {
$fetch = zot_zot($url,$datatosend); $fetch = zot_zot($url,$datatosend);
$result = zot_import($fetch, $arr['sender']['url']); $result = zot_import($fetch, $arr['sender']['url']);
if($result) if($result)
return $result; return $result;
} }
@ -1195,7 +1196,7 @@ function zot_import($arr, $sender_url) {
if($recip_arr) { if($recip_arr) {
stringify_array_elms($recip_arr); stringify_array_elms($recip_arr);
$recips = implode(',',$recip_arr); $recips = implode(',',$recip_arr);
$r = q("select channel_hash as hash from channel where channel_hash in ( " . $recips . " ) $r = q("select channel_hash as hash from channel where channel_hash in ( " . $recips . " )
and channel_removed = 0 "); and channel_removed = 0 ");
} }
@ -1403,7 +1404,7 @@ function public_recips($msg) {
$perm = 'post_mail'; $perm = 'post_mail';
$r = array(); $r = array();
$c = q("select channel_id, channel_hash from channel where channel_removed = 0"); $c = q("select channel_id, channel_hash from channel where channel_removed = 0");
if($c) { if($c) {
foreach($c as $cc) { foreach($c as $cc) {
@ -1432,7 +1433,7 @@ function public_recips($msg) {
if(($tag['type'] === 'mention') && (strpos($tag['url'],z_root()) !== false)) { if(($tag['type'] === 'mention') && (strpos($tag['url'],z_root()) !== false)) {
$address = basename($tag['url']); $address = basename($tag['url']);
if($address) { if($address) {
$z = q("select channel_hash as hash from channel where channel_address = '%s' $z = q("select channel_hash as hash from channel where channel_address = '%s'
and channel_removed = 0 limit 1", and channel_removed = 0 limit 1",
dbesc($address) dbesc($address)
); );
@ -1605,12 +1606,12 @@ function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $
/** /**
* @FIXME: Somehow we need to block normal message delivery from our clones, as the delivered * @FIXME: Somehow we need to block normal message delivery from our clones, as the delivered
* message doesn't have ACL information in it as the cloned copy does. That copy * message doesn't have ACL information in it as the cloned copy does. That copy
* will normally arrive first via sync delivery, but this isn't guaranteed. * will normally arrive first via sync delivery, but this isn't guaranteed.
* There's a chance the current delivery could take place before the cloned copy arrives * There's a chance the current delivery could take place before the cloned copy arrives
* hence the item could have the wrong ACL and *could* be used in subsequent deliveries or * hence the item could have the wrong ACL and *could* be used in subsequent deliveries or
* access checks. So far all attempts at identifying this situation precisely * access checks. So far all attempts at identifying this situation precisely
* have caused issues with delivery of relayed comments. * have caused issues with delivery of relayed comments.
*/ */
// if(($d['hash'] === $sender['hash']) && ($sender['url'] !== z_root()) && (! $relay)) { // if(($d['hash'] === $sender['hash']) && ($sender['url'] !== z_root()) && (! $relay)) {
@ -1743,7 +1744,7 @@ function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $
intval($channel['channel_id']), intval($channel['channel_id']),
dbesc($arr['owner_xchan']) dbesc($arr['owner_xchan'])
); );
$abook = (($ab) ? $ab[0] : null); $abook = (($ab) ? $ab[0] : null);
if(intval($arr['item_deleted'])) { if(intval($arr['item_deleted'])) {
@ -1757,7 +1758,7 @@ function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $
$arr['uid'] = $channel['channel_id']; $arr['uid'] = $channel['channel_id'];
$item_id = delete_imported_item($sender,$arr,$channel['channel_id'],$relay); $item_id = delete_imported_item($sender,$arr,$channel['channel_id'],$relay);
$DR->update(($item_id) ? 'deleted' : 'delete_failed'); $DR->update(($item_id) ? 'deleted' : 'delete_failed');
$result[] = $DR->get(); $result[] = $DR->get();
if($relay && $item_id) { if($relay && $item_id) {
@ -1779,7 +1780,7 @@ function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $
$item_id = $r[0]['id']; $item_id = $r[0]['id'];
if(intval($r[0]['item_deleted'])) { if(intval($r[0]['item_deleted'])) {
// It was deleted locally. // It was deleted locally.
$DR->update('update ignored'); $DR->update('update ignored');
$result[] = $DR->get(); $result[] = $DR->get();
@ -1806,8 +1807,8 @@ function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $
$result[] = $DR->get(); $result[] = $DR->get();
// We need this line to ensure wall-to-wall comments are relayed (by falling through to the relay bit), // We need this line to ensure wall-to-wall comments are relayed (by falling through to the relay bit),
// and at the same time not relay any other relayable posts more than once, because to do so is very wasteful. // and at the same time not relay any other relayable posts more than once, because to do so is very wasteful.
if(! intval($r[0]['item_origin'])) if(! intval($r[0]['item_origin']))
continue; continue;
} }
@ -1821,7 +1822,7 @@ function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $
if(check_item_source($arr['uid'], $arr)) if(check_item_source($arr['uid'], $arr))
call_hooks('post_local', $arr); call_hooks('post_local', $arr);
$item_id = 0; $item_id = 0;
if(($arr['mid'] == $arr['parent_mid']) && (! post_is_importable($arr,$abook))) { if(($arr['mid'] == $arr['parent_mid']) && (! post_is_importable($arr,$abook))) {
@ -1934,9 +1935,11 @@ function remove_community_tag($sender, $arr, $uid) {
* @brief Just calls item_store_update() and logs result. * @brief Just calls item_store_update() and logs result.
* *
* @see item_store_update() * @see item_store_update()
*
* @param array $sender (unused) * @param array $sender (unused)
* @param array $item * @param array $item
* @param int $uid (unused) * @param array $orig
* @param int $uid
*/ */
function update_imported_item($sender, $item, $orig, $uid) { function update_imported_item($sender, $item, $orig, $uid) {
@ -1957,7 +1960,7 @@ function update_imported_item($sender, $item, $orig, $uid) {
// because event_addtocal will parse the body to get the 'new' event details // because event_addtocal will parse the body to get the 'new' event details
if($orig['resource_type'] === 'event') { if($orig['resource_type'] === 'event') {
$res = event_addtocal($orig['id'],$uid); $res = event_addtocal($orig['id'], $uid);
if(! $res) if(! $res)
logger('update event: failed'); logger('update event: failed');
} }
@ -2232,15 +2235,15 @@ function process_location_delivery($sender,$arr,$deliveries) {
/** /**
* @brief checks for a moved UNO channel and sets the channel_moved flag * @brief checks for a moved UNO channel and sets the channel_moved flag
* *
* Currently the effect of this flag is to turn the channel into 'read-only' mode. * Currently the effect of this flag is to turn the channel into 'read-only' mode.
* New content will not be processed (there was still an issue with blocking the * New content will not be processed (there was still an issue with blocking the
* ability to post comments as of 10-Mar-2016). * ability to post comments as of 10-Mar-2016).
* We do not physically remove the channel at this time. The hub admin may choose * We do not physically remove the channel at this time. The hub admin may choose
* to do so, but is encouraged to allow a grace period of several days in case there * to do so, but is encouraged to allow a grace period of several days in case there
* are any issues migrating content. This packet will generally be received by the * are any issues migrating content. This packet will generally be received by the
* original site when the basic channel import has been processed. * original site when the basic channel import has been processed.
* *
* This will only be executed on the UNO system which is the old location * This will only be executed on the UNO system which is the old location
* if a new location is reported and there is only one location record. * if a new location is reported and there is only one location record.
* The rest of the hubloc syncronisation will be handled within * The rest of the hubloc syncronisation will be handled within
@ -2252,7 +2255,7 @@ function process_location_delivery($sender,$arr,$deliveries) {
function check_location_move($sender_hash,$locations) { function check_location_move($sender_hash,$locations) {
if(! $locations) if(! $locations)
return; return;
if(get_config('system','server_role') !== 'basic') if(get_config('system','server_role') !== 'basic')
return; return;
@ -2275,13 +2278,13 @@ function check_location_move($sender_hash,$locations) {
dbesc($sender_hash) dbesc($sender_hash)
); );
// federation plugins may wish to notify connections // federation plugins may wish to notify connections
// of the move on singleton networks // of the move on singleton networks
$arr = array('channel' => $r[0],'locations' => $locations); $arr = array('channel' => $r[0],'locations' => $locations);
call_hooks('location_move',$arr); call_hooks('location_move',$arr);
} }
} }
@ -2536,7 +2539,7 @@ function zot_encode_locations($channel) {
foreach($x as $hub) { foreach($x as $hub) {
// if this is a local channel that has been deleted, the hubloc is no good - make sure it is marked deleted // if this is a local channel that has been deleted, the hubloc is no good - make sure it is marked deleted
// so that nobody tries to use it. // so that nobody tries to use it.
if(intval($channel['channel_removed']) && $hub['hubloc_url'] === z_root()) if(intval($channel['channel_removed']) && $hub['hubloc_url'] === z_root())
$hub['hubloc_deleted'] = 1; $hub['hubloc_deleted'] = 1;
@ -3090,7 +3093,7 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
require_once('include/import.php'); require_once('include/import.php');
/** @FIXME this will sync red structures (channel, pconfig and abook). /** @FIXME this will sync red structures (channel, pconfig and abook).
Eventually we need to make this application agnostic. */ Eventually we need to make this application agnostic. */
$result = array(); $result = array();
@ -3181,15 +3184,15 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
$arr['channel']['channel_pageflags'] = $arr['channel']['channel_pageflags'] - 0x1000; $arr['channel']['channel_pageflags'] = $arr['channel']['channel_pageflags'] - 0x1000;
} }
$disallowed = [ $disallowed = [
'channel_id', 'channel_account_id', 'channel_primary', 'channel_prvkey', 'channel_id', 'channel_account_id', 'channel_primary', 'channel_prvkey',
'channel_address', 'channel_notifyflags', 'channel_removed', 'channel_deleted', 'channel_address', 'channel_notifyflags', 'channel_removed', 'channel_deleted',
'channel_system', 'channel_r_stream', 'channel_r_profile', 'channel_r_abook', 'channel_system', 'channel_r_stream', 'channel_r_profile', 'channel_r_abook',
'channel_r_storage', 'channel_r_pages', 'channel_w_stream', 'channel_w_wall', 'channel_r_storage', 'channel_r_pages', 'channel_w_stream', 'channel_w_wall',
'channel_w_comment', 'channel_w_mail', 'channel_w_like', 'channel_w_tagwall', 'channel_w_comment', 'channel_w_mail', 'channel_w_like', 'channel_w_tagwall',
'channel_w_chat', 'channel_w_storage', 'channel_w_pages', 'channel_a_republish', 'channel_w_chat', 'channel_w_storage', 'channel_w_pages', 'channel_a_republish',
'channel_a_delegate' 'channel_a_delegate'
]; ];
$clean = array(); $clean = array();
@ -3226,7 +3229,7 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
foreach($arr['abook'] as $abook) { foreach($arr['abook'] as $abook) {
$abconfig = null; $abconfig = null;
@ -3503,7 +3506,7 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
foreach($profile as $k => $v) { foreach($profile as $k => $v) {
if(in_array($k,$disallowed)) if(in_array($k,$disallowed))
continue; continue;
if($k === 'name') if($k === 'name')
$clean['fullname'] = $v; $clean['fullname'] = $v;
elseif($k === 'with') elseif($k === 'with')
@ -3514,7 +3517,7 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
$clean[$k] = $v; $clean[$k] = $v;
/** /**
* @TODO * @TODO
* We also need to import local photos if a custom photo is selected * We also need to import local photos if a custom photo is selected
*/ */
} }
@ -3716,18 +3719,18 @@ function zotinfo($arr) {
} }
} }
$ztarget_hash = (($ztarget && $zsig) ? make_xchan_hash($ztarget,$zsig) : '' ); $ztarget_hash = (($ztarget && $zsig) ? make_xchan_hash($ztarget,$zsig) : '' );
$r = null; $r = null;
if(strlen($zhash)) { if(strlen($zhash)) {
$r = q("select channel.*, xchan.* from channel left join xchan on channel_hash = xchan_hash $r = q("select channel.*, xchan.* from channel left join xchan on channel_hash = xchan_hash
where channel_hash = '%s' limit 1", where channel_hash = '%s' limit 1",
dbesc($zhash) dbesc($zhash)
); );
} }
elseif(strlen($zguid) && strlen($zguid_sig)) { elseif(strlen($zguid) && strlen($zguid_sig)) {
$r = q("select channel.*, xchan.* from channel left join xchan on channel_hash = xchan_hash $r = q("select channel.*, xchan.* from channel left join xchan on channel_hash = xchan_hash
where channel_guid = '%s' and channel_guid_sig = '%s' limit 1", where channel_guid = '%s' and channel_guid_sig = '%s' limit 1",
dbesc($zguid), dbesc($zguid),
dbesc($zguid_sig) dbesc($zguid_sig)
@ -3746,7 +3749,7 @@ function zotinfo($arr) {
/** /**
* The special address '[system]' will return a system channel if one has been defined, * The special address '[system]' will return a system channel if one has been defined,
* Or the first valid channel we find if there are no system channels. * Or the first valid channel we find if there are no system channels.
* *
* This is used by magic-auth if we have no prior communications with this site - and * This is used by magic-auth if we have no prior communications with this site - and
* returns an identity on this site which we can use to create a valid hub record so that * returns an identity on this site which we can use to create a valid hub record so that
@ -3761,7 +3764,7 @@ function zotinfo($arr) {
$r = q("select channel.*, xchan.* from channel left join xchan on channel_hash = xchan_hash $r = q("select channel.*, xchan.* from channel left join xchan on channel_hash = xchan_hash
where channel_removed = 0 order by channel_id limit 1"); where channel_removed = 0 order by channel_id limit 1");
} }
} }
} }
else { else {
$ret['message'] = 'Invalid request'; $ret['message'] = 'Invalid request';
@ -3786,7 +3789,7 @@ function zotinfo($arr) {
if($deleted || $censored || $sys_channel) if($deleted || $censored || $sys_channel)
$searchable = false; $searchable = false;
$public_forum = false; $public_forum = false;
$role = get_pconfig($e['channel_id'],'system','permissions_role'); $role = get_pconfig($e['channel_id'],'system','permissions_role');
@ -3819,14 +3822,14 @@ function zotinfo($arr) {
if($p) { if($p) {
if(! intval($p[0]['publish'])) if(! intval($p[0]['publish']))
$searchable = false; $searchable = false;
$profile['description'] = $p[0]['pdesc']; $profile['description'] = $p[0]['pdesc'];
$profile['birthday'] = $p[0]['dob']; $profile['birthday'] = $p[0]['dob'];
if(($profile['birthday'] != '0000-00-00') && (($bd = z_birthday($p[0]['dob'],$e['channel_timezone'])) !== '')) if(($profile['birthday'] != '0000-00-00') && (($bd = z_birthday($p[0]['dob'],$e['channel_timezone'])) !== ''))
$profile['next_birthday'] = $bd; $profile['next_birthday'] = $bd;
if($age = age($p[0]['dob'],$e['channel_timezone'],'')) if($age = age($p[0]['dob'],$e['channel_timezone'],''))
$profile['age'] = $age; $profile['age'] = $age;
$profile['gender'] = $p[0]['gender']; $profile['gender'] = $p[0]['gender'];
$profile['marital'] = $p[0]['marital']; $profile['marital'] = $p[0]['marital'];
@ -3879,14 +3882,14 @@ function zotinfo($arr) {
$ret['adult_content'] = $adult_channel; $ret['adult_content'] = $adult_channel;
$ret['public_forum'] = $public_forum; $ret['public_forum'] = $public_forum;
if($deleted) if($deleted)
$ret['deleted'] = $deleted; $ret['deleted'] = $deleted;
if(intval($e['channel_removed'])) if(intval($e['channel_removed']))
$ret['deleted_locally'] = true; $ret['deleted_locally'] = true;
// premium or other channel desiring some contact with potential followers before connecting. // premium or other channel desiring some contact with potential followers before connecting.
// This is a template - %s will be replaced with the follow_url we discover for the return channel. // This is a template - %s will be replaced with the follow_url we discover for the return channel.
if($special_channel) if($special_channel)
$ret['connect_url'] = z_root() . '/connect/' . $e['channel_address']; $ret['connect_url'] = z_root() . '/connect/' . $e['channel_address'];
// This is a template for our follow url, %s will be replaced with a webbie // This is a template for our follow url, %s will be replaced with a webbie
@ -3962,7 +3965,7 @@ function zotinfo($arr) {
$ret['site']['access_policy'] = 'tiered'; $ret['site']['access_policy'] = 'tiered';
$ret['site']['accounts'] = account_total(); $ret['site']['accounts'] = account_total();
require_once('include/channel.php'); require_once('include/channel.php');
$ret['site']['channels'] = channel_total(); $ret['site']['channels'] = channel_total();
@ -4003,7 +4006,7 @@ function check_zotinfo($channel,$locations,&$ret) {
// This function will likely expand as we find more things to detect and fix. // This function will likely expand as we find more things to detect and fix.
// 1. Because magic-auth is reliant on it, ensure that the system channel has a valid hubloc // 1. Because magic-auth is reliant on it, ensure that the system channel has a valid hubloc
// Force this to be the case if anything is found to be wrong with it. // Force this to be the case if anything is found to be wrong with it.
// @FIXME ensure that the system channel exists in the first place and has an xchan // @FIXME ensure that the system channel exists in the first place and has an xchan
@ -4023,9 +4026,9 @@ function check_zotinfo($channel,$locations,&$ret) {
logger('System channel locations are not valid. Attempting repair.'); logger('System channel locations are not valid. Attempting repair.');
// Don't trust any existing records. Just get rid of them, but only do this // Don't trust any existing records. Just get rid of them, but only do this
// for the sys channel as normal channels will be trickier. // for the sys channel as normal channels will be trickier.
q("delete from hubloc where hubloc_hash = '%s'", q("delete from hubloc where hubloc_hash = '%s'",
dbesc($channel['channel_hash']) dbesc($channel['channel_hash'])
); );
@ -4082,7 +4085,7 @@ function delivery_report_is_storable($dr) {
return false; return false;
// is the recipient one of our connections, or do we want to store every report? // is the recipient one of our connections, or do we want to store every report?
$r = explode(' ', $dr['recipient']); $r = explode(' ', $dr['recipient']);
$rxchan = $r[0]; $rxchan = $r[0];
@ -4093,15 +4096,15 @@ function delivery_report_is_storable($dr) {
// We always add ourself as a recipient to private and relayed posts // We always add ourself as a recipient to private and relayed posts
// So if a remote site says they can't find us, that's no big surprise // So if a remote site says they can't find us, that's no big surprise
// and just creates a lot of extra report noise // and just creates a lot of extra report noise
if(($dr['location'] !== z_root()) && ($dr['sender'] === $rxchan) && ($dr['status'] === 'recipient_not_found')) if(($dr['location'] !== z_root()) && ($dr['sender'] === $rxchan) && ($dr['status'] === 'recipient_not_found'))
return false; return false;
// If you have a private post with a recipient list, every single site is going to report // If you have a private post with a recipient list, every single site is going to report
// back a failed delivery for anybody on that list that isn't local to them. We're only // back a failed delivery for anybody on that list that isn't local to them. We're only
// concerned about this if we have a local hubloc record which says we expected them to // concerned about this if we have a local hubloc record which says we expected them to
// have a channel on that site. // have a channel on that site.
$r = q("select hubloc_id from hubloc where hubloc_hash = '%s' and hubloc_url = '%s'", $r = q("select hubloc_id from hubloc where hubloc_hash = '%s' and hubloc_url = '%s'",
dbesc($rxchan), dbesc($rxchan),
dbesc($dr['location']) dbesc($dr['location'])
@ -4131,7 +4134,7 @@ function update_hub_connected($hub,$sitekey = '') {
* Any hub with the same URL and a different sitekey cannot be valid. * Any hub with the same URL and a different sitekey cannot be valid.
* Get rid of them (mark them deleted). There's a good chance they were re-installs. * Get rid of them (mark them deleted). There's a good chance they were re-installs.
*/ */
q("update hubloc set hubloc_deleted = 1, hubloc_error = 1 where hubloc_url = '%s' and hubloc_sitekey != '%s' ", q("update hubloc set hubloc_deleted = 1, hubloc_error = 1 where hubloc_url = '%s' and hubloc_sitekey != '%s' ",
dbesc($hub['hubloc_url']), dbesc($hub['hubloc_url']),
dbesc($sitekey) dbesc($sitekey)
@ -4142,7 +4145,7 @@ function update_hub_connected($hub,$sitekey = '') {
$sitekey = $hub['sitekey']; $sitekey = $hub['sitekey'];
} }
// $sender['sitekey'] is a new addition to the protocol to distinguish // $sender['sitekey'] is a new addition to the protocol to distinguish
// hublocs coming from re-installed sites. Older sites will not provide // hublocs coming from re-installed sites. Older sites will not provide
// this field and we have to still mark them valid, since we can't tell // this field and we have to still mark them valid, since we can't tell
// if this hubloc has the same sitekey as the packet we received. // if this hubloc has the same sitekey as the packet we received.
@ -4165,7 +4168,7 @@ function update_hub_connected($hub,$sitekey = '') {
if(intval($hub['hubloc_error'])) { if(intval($hub['hubloc_error'])) {
q("update hubloc set hubloc_error = 0 where hubloc_id = %d and hubloc_sitekey = '%s' ", q("update hubloc set hubloc_error = 0 where hubloc_id = %d and hubloc_sitekey = '%s' ",
intval($hub['hubloc_id']), intval($hub['hubloc_id']),
dbesc($sitekey) dbesc($sitekey)
); );
if(intval($r[0]['hubloc_orphancheck'])) { if(intval($r[0]['hubloc_orphancheck'])) {
q("update hubloc set hubloc_orhpancheck = 0 where hubloc_id = %d and hubloc_sitekey = '%s' ", q("update hubloc set hubloc_orhpancheck = 0 where hubloc_id = %d and hubloc_sitekey = '%s' ",
@ -4177,7 +4180,7 @@ function update_hub_connected($hub,$sitekey = '') {
dbesc($hub['hubloc_hash']) dbesc($hub['hubloc_hash'])
); );
} }
return $hub['hubloc_url']; return $hub['hubloc_url'];
} }
@ -4190,7 +4193,7 @@ function zot_reply_ping() {
// This will let us know if any important communication details // This will let us know if any important communication details
// that we may have stored are no longer valid, regardless of xchan details. // that we may have stored are no longer valid, regardless of xchan details.
logger('POST: got ping send pong now back: ' . z_root() , LOGGER_DEBUG ); logger('POST: got ping send pong now back: ' . z_root() , LOGGER_DEBUG );
$ret['success'] = true; $ret['success'] = true;
$ret['site'] = array(); $ret['site'] = array();
$ret['site']['url'] = z_root(); $ret['site']['url'] = z_root();
@ -4264,7 +4267,7 @@ function zot_reply_pickup($data) {
/* /*
* If we made it to here, the signatures verify, but we still don't know if the tracking ID is valid. * If we made it to here, the signatures verify, but we still don't know if the tracking ID is valid.
* It wouldn't be an error if the tracking ID isn't found, because we may have sent this particular * It wouldn't be an error if the tracking ID isn't found, because we may have sent this particular
* queue item with another pickup (after the tracking ID for the other pickup was verified). * queue item with another pickup (after the tracking ID for the other pickup was verified).
*/ */
$r = q("select outq_posturl from outq where outq_hash = '%s' and outq_posturl = '%s' limit 1", $r = q("select outq_posturl from outq where outq_hash = '%s' and outq_posturl = '%s' limit 1",
@ -4304,7 +4307,7 @@ function zot_reply_pickup($data) {
} }
else else
$ret['pickup'][] = array('notify' => json_decode($rr['outq_notify'],true),'message' => $x); $ret['pickup'][] = array('notify' => json_decode($rr['outq_notify'],true),'message' => $x);
remove_queue_item($rr['outq_hash']); remove_queue_item($rr['outq_hash']);
} }
} }
@ -4326,7 +4329,7 @@ function zot_reply_auth_check($data,$encrypted_packet) {
* Requestor visits /magic/?dest=somewhere on their own site with a browser * Requestor visits /magic/?dest=somewhere on their own site with a browser
* magic redirects them to $destsite/post [with auth args....] * magic redirects them to $destsite/post [with auth args....]
* $destsite sends an auth_check packet to originator site * $destsite sends an auth_check packet to originator site
* The auth_check packet is handled here by the originator's site * The auth_check packet is handled here by the originator's site
* - the browser session is still waiting * - the browser session is still waiting
* inside $destsite/post for everything to verify * inside $destsite/post for everything to verify
* If everything checks out we'll return a token to $destsite * If everything checks out we'll return a token to $destsite
@ -4348,9 +4351,9 @@ function zot_reply_auth_check($data,$encrypted_packet) {
// garbage collect any old unused notifications // garbage collect any old unused notifications
// This was and should be 10 minutes but my hosting provider has time lag between the DB and // This was and should be 10 minutes but my hosting provider has time lag between the DB and
// the web server. We should probably convert this to webserver time rather than DB time so // the web server. We should probably convert this to webserver time rather than DB time so
// that the different clocks won't affect it and allow us to keep the time short. // that the different clocks won't affect it and allow us to keep the time short.
Zotlabs\Zot\Verify::purge('auth','30 MINUTE'); Zotlabs\Zot\Verify::purge('auth','30 MINUTE');
@ -4361,7 +4364,7 @@ function zot_reply_auth_check($data,$encrypted_packet) {
// We created a unique hash in mod/magic.php when we invoked remote auth, and stored it in // We created a unique hash in mod/magic.php when we invoked remote auth, and stored it in
// the verify table. It is now coming back to us as 'secret' and is signed by a channel at the other end. // the verify table. It is now coming back to us as 'secret' and is signed by a channel at the other end.
// First verify their signature. We will have obtained a zot-info packet from them as part of the sender // First verify their signature. We will have obtained a zot-info packet from them as part of the sender
// verification. // verification.
if ((! $y) || (! rsa_verify($data['secret'], base64url_decode($data['secret_sig']),$y[0]['xchan_pubkey']))) { if ((! $y) || (! rsa_verify($data['secret'], base64url_decode($data['secret_sig']),$y[0]['xchan_pubkey']))) {
logger('mod_zot: auth_check: sender not found or secret_sig invalid.'); logger('mod_zot: auth_check: sender not found or secret_sig invalid.');
@ -4434,7 +4437,7 @@ function zot_reply_purge($sender,$recipients) {
if ($recipients) { if ($recipients) {
// basically this means "unfriend" // basically this means "unfriend"
foreach ($recipients as $recip) { foreach ($recipients as $recip) {
$r = q("select channel.*,xchan.* from channel $r = q("select channel.*,xchan.* from channel
left join xchan on channel_hash = xchan_hash left join xchan on channel_hash = xchan_hash
where channel_guid = '%s' and channel_guid_sig = '%s' limit 1", where channel_guid = '%s' and channel_guid_sig = '%s' limit 1",
dbesc($recip['guid']), dbesc($recip['guid']),
@ -4451,13 +4454,13 @@ function zot_reply_purge($sender,$recipients) {
} }
} }
$ret['success'] = true; $ret['success'] = true;
} }
else { else {
// Unfriend everybody - basically this means the channel has committed suicide // Unfriend everybody - basically this means the channel has committed suicide
$arr = $sender; $arr = $sender;
$sender_hash = make_xchan_hash($arr['guid'],$arr['guid_sig']); $sender_hash = make_xchan_hash($arr['guid'],$arr['guid_sig']);
remove_all_xchan_resources($sender_hash); remove_all_xchan_resources($sender_hash);
$ret['success'] = true; $ret['success'] = true;
} }
@ -4472,7 +4475,7 @@ function zot_reply_refresh($sender,$recipients) {
// remote channel info (such as permissions or photo or something) // remote channel info (such as permissions or photo or something)
// has been updated. Grab a fresh copy and sync it. // has been updated. Grab a fresh copy and sync it.
// The difference between refresh and force_refresh is that // The difference between refresh and force_refresh is that
// force_refresh unconditionally creates a directory update record, // force_refresh unconditionally creates a directory update record,
// even if no changes were detected upon processing. // even if no changes were detected upon processing.
@ -4481,7 +4484,7 @@ function zot_reply_refresh($sender,$recipients) {
// This would be a permissions update, typically for one connection // This would be a permissions update, typically for one connection
foreach ($recipients as $recip) { foreach ($recipients as $recip) {
$r = q("select channel.*,xchan.* from channel $r = q("select channel.*,xchan.* from channel
left join xchan on channel_hash = xchan_hash left join xchan on channel_hash = xchan_hash
where channel_guid = '%s' and channel_guid_sig = '%s' limit 1", where channel_guid = '%s' and channel_guid_sig = '%s' limit 1",
dbesc($recip['guid']), dbesc($recip['guid']),
@ -4489,17 +4492,17 @@ function zot_reply_refresh($sender,$recipients) {
); );
$x = zot_refresh(array( $x = zot_refresh(array(
'xchan_guid' => $sender['guid'], 'xchan_guid' => $sender['guid'],
'xchan_guid_sig' => $sender['guid_sig'], 'xchan_guid_sig' => $sender['guid_sig'],
'hubloc_url' => $sender['url'] 'hubloc_url' => $sender['url']
), $r[0], (($msgtype === 'force_refresh') ? true : false)); ), $r[0], (($msgtype === 'force_refresh') ? true : false));
} }
} }
else { else {
// system wide refresh // system wide refresh
$x = zot_refresh(array( $x = zot_refresh(array(
'xchan_guid' => $sender['guid'], 'xchan_guid' => $sender['guid'],
'xchan_guid_sig' => $sender['guid_sig'], 'xchan_guid_sig' => $sender['guid_sig'],
'hubloc_url' => $sender['url'] 'hubloc_url' => $sender['url']
), null, (($msgtype === 'force_refresh') ? true : false)); ), null, (($msgtype === 'force_refresh') ? true : false));
@ -4522,7 +4525,7 @@ function zot_reply_notify($data) {
if($async) { if($async) {
// add to receive queue // add to receive queue
// qreceive_add($data); // qreceive_add($data);
} }
else { else {
$x = zot_fetch($data); $x = zot_fetch($data);
$ret['delivery_report'] = $x; $ret['delivery_report'] = $x;

6
util/Doxyfile
View File

@ -1,8 +1,8 @@
INPUT = README.md index.php boot.php mod/ include/ util/ view/ version.inc INPUT = README.md index.php boot.php include/ install/ util/ view/ Zotlabs/
RECURSIVE = YES RECURSIVE = YES
PROJECT_NAME = "The Hubzilla" PROJECT_NAME = "The Hubzilla"
PROJECT_LOGO = images/rm-64.png PROJECT_LOGO = images/rm-64.png
EXCLUDE = .htconfig.php library/ doc/ vendor/ .git/ util/zotsh/easywebdav/ EXCLUDE = .htconfig.php library/ doc/ store/ vendor/ .git/ util/zotsh/easywebdav/ util/generate-hooks-index/
EXCLUDE_PATTERNS = *smarty3* *strings.php *.out *test* EXCLUDE_PATTERNS = *smarty3* *strings.php *.out *test*
OUTPUT_DIRECTORY = doc OUTPUT_DIRECTORY = doc
GENERATE_HTML = YES GENERATE_HTML = YES
@ -21,3 +21,5 @@ ALIASES += "fixme=\xrefitem fixme \"Fixme\" \"Fixme List\""
ALIASES += "FIXME=\fixme" ALIASES += "FIXME=\fixme"
ALIASES += "TODO=\todo" ALIASES += "TODO=\todo"
ALIASES += "BUG=\bug" ALIASES += "BUG=\bug"
ALIASES += "hooks=\xrefitem hooks \"Hooks\" \"Hooks List\""
ALIASES += "HOOKS=\hooks"