harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #727 from dawnbreak/docu

Browse Source 
Some Doxygen comments and small cleanups.
This commit is contained in:
Thomas Willingham
2014-12-08 13:19:46 +00:00
parent 88cfdb864c 63646a1440
commit a007426965
6 changed files with 396 additions and 271 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
include/Import/Importer.php
View File

@@ -1,26 +1,28 @@
<?php /** @file */
namespace Redmatrix\Import;
namespace RedMatrix\Import;
/**
* @brief Class Import
*
* @package RedMatrix\Import
*/
class Import {
$credentials = null;
$itemlist = null;
$src_items = null;
private $credentials = null;
$items = null;
protected $itemlist = null;
protected $src_items = null;
protected $items = null;
function get_credentials() {
return $this->credentials;
}
function get_itemlist() {
return $this->itemlist;
}
function get_item_ident($item) {
}
@@ -43,19 +45,17 @@ class Import {
function convert_taxonomy($item_ident) {
}
function convert_child($child) {
}
function store($item,$update = false) {
function store($item, $update = false) {
}
function run() {
$this->credentials = $this->get_credentials();
$this->itemlist = $this->get_itemlist();
if($this->itemlist) {
@@ -77,18 +77,6 @@ class Import {
}
$cnt ++;
}
}
}
}

2
include/Import/refimport.php
View File

@@ -13,8 +13,6 @@ require_once('include/hubloc.php');
// with a browser until all the posts had been imported.
define('REDMATRIX_IMPORTCHANNEL','mike');
define('REFLECT_EXPORTUSERNAME','mike');
define('REFLECT_BLOGNAME','Diary and Other Rantings');

166
include/permissions.php
View File

@@ -1,6 +1,19 @@
<?php /** @file */
<?php
/**
* @file incldue/permissions.php
*
* This file conntains functions to check and work with permissions.
*/
/**
* @brief Return an array with all available permissions.
*
* These are channel specific permissions.
* The list of available permissions can get manipulated by the <i>hook</i>
* <b>global_permissions</b>.
*
* @return array associative array containing all permissions
*/
function get_perms() {
// thinking about making element[2] a bitmask instead of boolean so that we can provide a list of applicable selections
@@ -14,8 +27,8 @@ function get_perms() {
'view_profile' => array('channel_r_profile', intval(PERMS_R_PROFILE), true, t('Can view my default channel profile'), ''),
'view_photos' => array('channel_r_photos', intval(PERMS_R_PHOTOS), true, t('Can view my photo albums'), ''),
'view_contacts' => array('channel_r_abook', intval(PERMS_R_ABOOK), true, t('Can view my connections'), ''),
'view_storage' => array('channel_r_storage', intval(PERMS_R_STORAGE), true, t('Can view my file storage'), ''),
'view_pages' => array('channel_r_pages', intval(PERMS_R_PAGES), true, t('Can view my webpages'), ''),
'view_storage' => array('channel_r_storage', intval(PERMS_R_STORAGE), true, t('Can view my file storage'), ''),
'view_pages' => array('channel_r_pages', intval(PERMS_R_PAGES), true, t('Can view my webpages'), ''),
// Write permissions
'send_stream' => array('channel_w_stream', intval(PERMS_W_STREAM), false, t('Can send me their channel stream and posts'), ''),
@@ -23,19 +36,20 @@ function get_perms() {
'post_comments' => array('channel_w_comment', intval(PERMS_W_COMMENT), false, t('Can comment on or like my posts'), ''),
'post_mail' => array('channel_w_mail', intval(PERMS_W_MAIL), false, t('Can send me private mail messages'), ''),
'post_photos' => array('channel_w_photos', intval(PERMS_W_PHOTOS), false, t('Can post photos to my photo albums'), ''),
'post_like' => array('channel_w_like', intval(PERMS_W_LIKE), false, t('Can like/dislike stuff'), t('Profiles and things other than posts/comments')),
'post_like' => array('channel_w_like', intval(PERMS_W_LIKE), false, t('Can like/dislike stuff'), t('Profiles and things other than posts/comments')),
'tag_deliver' => array('channel_w_tagwall', intval(PERMS_W_TAGWALL), false, t('Can forward to all my channel contacts via post @mentions'), t('Advanced - useful for creating group forum channels')),
'chat' => array('channel_w_chat', intval(PERMS_W_CHAT), false, t('Can chat with me (when available)'), t('')),
'write_storage' => array('channel_w_storage', intval(PERMS_W_STORAGE), false, t('Can write to my file storage'), ''),
'write_pages' => array('channel_w_pages', intval(PERMS_W_PAGES), false, t('Can edit my webpages'), ''),
'write_storage' => array('channel_w_storage', intval(PERMS_W_STORAGE), false, t('Can write to my file storage'), ''),
'write_pages' => array('channel_w_pages', intval(PERMS_W_PAGES), false, t('Can edit my webpages'), ''),
'republish' => array('channel_a_republish', intval(PERMS_A_REPUBLISH), false, t('Can source my public posts in derived channels'), t('Somewhat advanced - very useful in open communities')),
'republish' => array('channel_a_republish', intval(PERMS_A_REPUBLISH), false, t('Can source my public posts in derived channels'), t('Somewhat advanced - very useful in open communities')),
'delegate' => array('channel_a_delegate', intval(PERMS_A_DELEGATE), false, t('Can administer my channel resources'), t('Extremely advanced. Leave this alone unless you know what you are doing')),
'delegate' => array('channel_a_delegate', intval(PERMS_A_DELEGATE), false, t('Can administer my channel resources'), t('Extremely advanced. Leave this alone unless you know what you are doing')),
);
$ret = array('global_permissions' => $global_perms);
call_hooks('global_permissions',$ret);
call_hooks('global_permissions', $ret);
return $ret['global_permissions'];
}
@@ -43,13 +57,13 @@ function get_perms() {
/**
* get_all_perms($uid,$observer_xchan)
*
* @param $uid : The channel_id associated with the resource owner
* @param $observer_xchan: The xchan_hash representing the observer
* @param int $uid The channel_id associated with the resource owner
* @param string $observer_xchan The xchan_hash representing the observer
* @param bool $internal_use (default true)
*
* @returns: array of all permissions, key is permission name, value is true or false
* @returns array of all permissions, key is permission name, value is true or false
*/
function get_all_perms($uid,$observer_xchan,$internal_use = true) {
function get_all_perms($uid, $observer_xchan, $internal_use = true) {
$global_perms = get_perms();
@@ -85,7 +99,6 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
continue;
}
// Next we're going to check for blocked or ignored contacts.
// These take priority over all other settings.
@@ -94,7 +107,7 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
$ret[$perm_name] = true;
continue;
}
if(! $abook_checked) {
$x = q("select abook_my_perms, abook_flags, xchan_network from abook left join xchan on abook_xchan = xchan_hash
where abook_channel = %d and abook_xchan = '%s' and not ( abook_flags & %d )>0 limit 1",
@@ -105,7 +118,7 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
if(! $x) {
// not in address book, see if they've got an xchan
$y = q("select xchan_network from xchan where xchan_hash = '%s' limit 1",
dbesc($observer_xchan)
dbesc($observer_xchan)
);
}
@@ -113,7 +126,7 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
}
// If they're blocked - they can't read or write
if(($x) && ($x[0]['abook_flags'] & ABOOK_FLAG_BLOCKED)) {
$ret[$perm_name] = false;
continue;
@@ -130,7 +143,7 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
// system is blocked to anybody who is not authenticated
if((! $observer_xchan) && intval(get_config('system','block_public'))) {
if((! $observer_xchan) && intval(get_config('system', 'block_public'))) {
$ret[$perm_name] = false;
continue;
}
@@ -177,14 +190,14 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
$onsite_checked = true;
}
if($c)
$ret[$perm_name] = true;
else
$ret[$perm_name] = false;
continue;
}
}
// From here on we require that the observer be a connection and
// handle whether we're allowing any, approved or specific ones
@@ -226,7 +239,6 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
$ret[$perm_name] = false;
continue;
}
$arr = array(
@@ -235,11 +247,23 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
'permissions' => $ret);
call_hooks('get_all_perms',$arr);
return $arr['permissions'];
}
function perm_is_allowed($uid,$observer_xchan,$permission) {
/**
* @brief Checks if given permission is allowed for given observer on a channel.
*
* Checks if the given observer with the hash $observer_xchan has permission
* $permission on channel_id $uid.
* $permission is one defined in get_perms();
*
* @param int $uid The channel_id associated with the resource owner
* @param string $observer_xchan The xchan_hash representing the observer
* @param string $permission
* @return bool true if permission is allowed for observer on channel
*/
function perm_is_allowed($uid, $observer_xchan, $permission) {
$arr = array(
'channel_id' => $uid,
@@ -247,7 +271,7 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
'permission' => $permission,
'result' => false);
call_hooks('perm_is_allowed',$arr);
call_hooks('perm_is_allowed', $arr);
if($arr['result'])
return true;
@@ -279,21 +303,21 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
if(($x) && ($x[0]['abook_flags'] & ABOOK_FLAG_BLOCKED))
return false;
if(($x) && (! $global_perms[$permission][2]) && ($x[0]['abook_flags'] & ABOOK_FLAG_IGNORED))
return false;
if(! $x) {
// not in address book, see if they've got an xchan
$y = q("select xchan_network from xchan where xchan_hash = '%s' limit 1",
dbesc($observer_xchan)
dbesc($observer_xchan)
);
}
}
// system is blocked to anybody who is not authenticated
if((! $observer_xchan) && intval(get_config('system','block_public')))
if((! $observer_xchan) && intval(get_config('system', 'block_public')))
return false;
// Check if this $uid is actually the $observer_xchan
@@ -301,7 +325,6 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
if($r[0]['channel_hash'] === $observer_xchan)
return true;
if($r[0][$channel_perm] & PERMS_PUBLIC)
return true;
@@ -326,6 +349,7 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
);
if($c)
return true;
return false;
}
@@ -361,25 +385,32 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
// No permissions allowed.
return false;
return false;
}
// Check a simple array of observers against a permissions
// return a simple array of those with permission
function check_list_permissions($uid,$arr,$perm) {
function check_list_permissions($uid, $arr, $perm) {
$result = array();
if($arr)
foreach($arr as $x)
if(perm_is_allowed($uid,$x,$perm))
if(perm_is_allowed($uid, $x, $perm))
$result[] = $x;
return($result);
}
/**
* @brief Sets site wide default permissions.
*
* @return array
*/
function site_default_perms() {
$ret = array();
$typical = array(
'view_stream' => PERMS_PUBLIC,
'view_profile' => PERMS_PUBLIC,
@@ -401,14 +432,14 @@ function site_default_perms() {
);
$global_perms = get_perms();
$ret = array();
foreach($global_perms as $perm => $v) {
$x = get_config('default_perms',$perm);
$x = get_config('default_perms', $perm);
if($x === false)
$x = $typical[$perm];
$ret[$perm] = $x;
}
return $ret;
}
@@ -449,7 +480,7 @@ function get_role_perms($role) {
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = PERMS_CONTACTS;
$ret['channel_w_wall'] = PERMS_CONTACTS;
@@ -465,9 +496,8 @@ function get_role_perms($role) {
$ret['channel_w_pages'] = 0;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_NETWORK;
break;
break;
case 'social_restricted':
$ret['perms_auto'] = false;
@@ -482,7 +512,7 @@ function get_role_perms($role) {
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = PERMS_CONTACTS;
$ret['channel_w_wall'] = PERMS_CONTACTS;
@@ -498,9 +528,8 @@ function get_role_perms($role) {
$ret['channel_w_pages'] = 0;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_CONTACTS;
break;
break;
case 'social_private':
$ret['perms_auto'] = false;
@@ -515,7 +544,7 @@ function get_role_perms($role) {
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_CONTACTS;
$ret['channel_w_stream'] = PERMS_CONTACTS;
$ret['channel_w_wall'] = PERMS_CONTACTS;
@@ -531,7 +560,7 @@ function get_role_perms($role) {
$ret['channel_w_pages'] = 0;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_CONTACTS;
break;
case 'forum':
@@ -547,7 +576,7 @@ function get_role_perms($role) {
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE|PERMS_W_TAGWALL;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = 0;
$ret['channel_w_wall'] = PERMS_CONTACTS;
@@ -563,7 +592,7 @@ function get_role_perms($role) {
$ret['channel_w_pages'] = 0;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_NETWORK;
break;
case 'forum_restricted':
@@ -579,7 +608,7 @@ function get_role_perms($role) {
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE|PERMS_W_TAGWALL;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = 0;
$ret['channel_w_wall'] = PERMS_CONTACTS;
@@ -595,9 +624,8 @@ function get_role_perms($role) {
$ret['channel_w_pages'] = 0;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_CONTACTS;
break;
break;
case 'forum_private':
$ret['perms_auto'] = false;
@@ -612,7 +640,7 @@ function get_role_perms($role) {
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_CONTACTS;
$ret['channel_r_photos'] = PERMS_CONTACTS;
$ret['channel_r_photos'] = PERMS_CONTACTS;
$ret['channel_r_abook'] = PERMS_CONTACTS;
$ret['channel_w_stream'] = 0;
$ret['channel_w_wall'] = PERMS_CONTACTS;
@@ -628,7 +656,7 @@ function get_role_perms($role) {
$ret['channel_w_pages'] = 0;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_CONTACTS;
break;
case 'feed':
@@ -644,7 +672,7 @@ function get_role_perms($role) {
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = PERMS_CONTACTS;
$ret['channel_w_wall'] = PERMS_CONTACTS;
@@ -660,11 +688,10 @@ function get_role_perms($role) {
$ret['channel_w_pages'] = 0;
$ret['channel_a_republish'] = PERMS_NETWORK;
$ret['channel_w_like'] = PERMS_NETWORK;
break;
case 'feed_restricted':
$ret['perms_auto'] = false;
$ret['default_collection'] = true;
$ret['directory_publish'] = false;
@@ -677,7 +704,7 @@ function get_role_perms($role) {
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = PERMS_CONTACTS;
$ret['channel_w_wall'] = PERMS_CONTACTS;
@@ -693,7 +720,7 @@ function get_role_perms($role) {
$ret['channel_w_pages'] = 0;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_NETWORK;
break;
case 'soapbox':
@@ -707,7 +734,7 @@ function get_role_perms($role) {
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_photos'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = 0;
$ret['channel_w_wall'] = 0;
@@ -723,7 +750,7 @@ function get_role_perms($role) {
$ret['channel_w_pages'] = 0;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_NETWORK;
break;
case 'repository':
@@ -755,14 +782,11 @@ function get_role_perms($role) {
$ret['channel_w_pages'] = PERMS_CONTACTS;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_NETWORK;
break;
default:
break;
}
$x = get_config('system','role_perms');
@@ -775,7 +799,12 @@ function get_role_perms($role) {
return $ret;
}
/**
* @brief Creates a HTML select field with all available roles.
*
* @param string $current The current role
* @return string Returns the complete HTML code for this privacy-role-select field.
*/
function role_selector($current) {
if(! $current)
@@ -792,16 +821,17 @@ function role_selector($current) {
array('soapbox' => t('Celebrity/Soapbox'), 'repository' => t('Group Repository'))),
'other' => array( t('Other'),
array('custom' => t('Custom/Expert Mode'))));
$o = '<select name="permissions_role" id="privacy-role-select">';
foreach($roles as $k => $v) {
$o .= '<optgroup label="'. htmlspecialchars($v[0]) . '" >';
$o .= '<optgroup label="'. htmlspecialchars($v[0]) . '">';
foreach($v[1] as $kk => $vv) {
$selected = (($kk === $current) ? ' selected="selected" ' : '');
$o .= '<option value="' . $kk . '" ' . $selected . '>' . htmlspecialchars($vv) . '</option>';
$selected = (($kk === $current) ? ' selected="selected"' : '');
$o .= '<option value="' . $kk . '"' . $selected . '>' . htmlspecialchars($vv) . '</option>';
}
$o .= '</optgroup>';
}
$o .= '</select>';
return $o;
}
return $o;
}

115
include/security.php
View File

@@ -1,12 +1,24 @@
<?php /** @file */
<?php
/**
* @file include/security.php
*
* Some security related functions.
*/
function authenticate_success($user_record, $login_initial = false, $interactive = false,$return = false,$update_lastlog = false) {
/**
* @param int $user_record The account_id
* @param bool $login_initial default false
* @param bool $interactive default false
* @param bool $return
* @param bool $update_lastlog
*/
function authenticate_success($user_record, $login_initial = false, $interactive = false, $return = false, $update_lastlog = false) {
$a = get_app();
$_SESSION['addr'] = $_SERVER['REMOTE_ADDR'];
if(x($user_record,'account_id')) {
if(x($user_record, 'account_id')) {
$a->account = $user_record;
$_SESSION['account_id'] = $user_record['account_id'];
$_SESSION['authenticated'] = 1;
@@ -39,7 +51,7 @@ function authenticate_success($user_record, $login_initial = false, $interactive
// might want to log success here
}
if($return || x($_SESSION,'workflow')) {
if($return || x($_SESSION, 'workflow')) {
unset($_SESSION['workflow']);
return;
}
@@ -70,7 +82,13 @@ function authenticate_success($user_record, $login_initial = false, $interactive
/* else just return */
}
/**
* @brief Change to another channel with current logged-in account.
*
* @param int $change_channel The channel_id of the channel you want to change to
*
* @return bool|array false or channel record of the new channel
*/
function change_channel($change_channel) {
$ret = false;
@@ -83,17 +101,17 @@ function change_channel($change_channel) {
);
// It's not there. Is this an administrator, and is this the sys channel?
if (is_developer()) {
if (! $r) {
if (is_site_admin()) {
$r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel_id = %d and ( channel_pageflags & %d) and not (channel_pageflags & %d )>0 limit 1",
intval($change_channel),
intval(PAGE_SYSTEM),
intval(PAGE_REMOVED)
);
if (is_developer()) {
if (! $r) {
if (is_site_admin()) {
$r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel_id = %d and ( channel_pageflags & %d) and not (channel_pageflags & %d )>0 limit 1",
intval($change_channel),
intval(PAGE_SYSTEM),
intval(PAGE_REMOVED)
);
}
}
}
}
if($r) {
$hash = $r[0]['channel_hash'];
@@ -109,23 +127,28 @@ function change_channel($change_channel) {
);
if($x) {
$_SESSION['my_url'] = $x[0]['xchan_url'];
$_SESSION['my_address'] = $r[0]['channel_address'] . '@' . substr(get_app()->get_baseurl(),strpos(get_app()->get_baseurl(),'://')+3);
$_SESSION['my_address'] = $r[0]['channel_address'] . '@' . substr(get_app()->get_baseurl(), strpos(get_app()->get_baseurl(), '://') + 3);
get_app()->set_observer($x[0]);
get_app()->set_perms(get_all_perms(local_user(),$hash));
get_app()->set_perms(get_all_perms(local_user(), $hash));
}
if(! is_dir('store/' . $r[0]['channel_address']))
@os_mkdir('store/' . $r[0]['channel_address'], STORAGE_DEFAULT_PERMISSIONS,true);
}
return $ret;
}
function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
/**
* @brief Creates an addiontal SQL where statement to check permissions.
*
* @param int $owner_id
* @param bool $remote_verified default false, not used at all
* @param string $groups this param is not used at all
*
* @return string additional SQL where statement
*/
function permissions_sql($owner_id, $remote_verified = false, $groups = null) {
if(defined('STATUSNET_PRIVACY_COMPATIBILITY'))
return '';
@@ -142,8 +165,7 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
$sql = " AND allow_cid = ''
AND allow_gid = ''
AND deny_cid = ''
AND deny_gid = ''
AND deny_gid = ''
";
/**
@@ -162,7 +184,6 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
* done this and passed the groups into this function.
*/
else {
$observer = get_observer_hash();
if($observer) {
@@ -191,7 +212,16 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
return $sql;
}
function item_permissions_sql($owner_id,$remote_verified = false,$groups = null) {
/**
* @brief Creates an addiontal SQL where statement to check permissions for an item.
*
* @param int $owner_id
* @param bool $remote_verified default false, not used at all
* @param string $groups this param is not used at all
*
* @return string additional SQL where statement
*/
function item_permissions_sql($owner_id, $remote_verified = false, $groups = null) {
if(defined('STATUSNET_PRIVACY_COMPATIBILITY'))
return '';
@@ -206,7 +236,6 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null)
*/
$sql = " AND item_private=0 ";
/**
* Profile owner - everything is visible
@@ -224,7 +253,6 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null)
* done this and passed the groups into this function.
*/
else {
$observer = get_observer_hash();
@@ -250,12 +278,18 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null)
);
}
}
return $sql;
}
/**
* @param string $observer_hash
*
* @return string additional SQL where statement
*/
function public_permissions_sql($observer_hash) {
$observer = get_app()->get_observer();
//$observer = get_app()->get_observer();
$groups = init_groups_visitor($observer_hash);
$gs = '<<>>'; // should be impossible to match
@@ -263,7 +297,7 @@ function public_permissions_sql($observer_hash) {
if(is_array($groups) && count($groups)) {
foreach($groups as $g)
$gs .= '|<' . $g . '>';
}
}
$sql = '';
if($observer_hash) {
$regexop = db_getfunc('REGEXP');
@@ -341,11 +375,11 @@ function check_form_security_token_ForbiddenOnErr($typename = '', $formname = 'f
}
}
// Returns an array of group id's this contact is a member of.
// This array will only contain group id's related to the uid of this
// DFRN contact. They are *not* neccessarily unique across the entire site.
if(! function_exists('init_groups_visitor')) {
function init_groups_visitor($contact_id) {
$groups = array();
@@ -361,8 +395,6 @@ function init_groups_visitor($contact_id) {
// This is used to determine which uid have posts which are visible to the logged in user (from the API) for the
// public_timeline, and we can use this in a community page by making
// $perms = (PERMS_NETWORK|PERMS_PUBLIC) unless logged in.
@@ -382,19 +414,22 @@ function stream_perms_api_uids($perms = NULL ) {
intval($perms),
intval(PAGE_CENSORED|PAGE_SYSTEM|PAGE_REMOVED)
);
if($r)
if($r) {
foreach($r as $rr)
if(! in_array($rr['channel_id'],$ret))
if(! in_array($rr['channel_id'], $ret))
$ret[] = $rr['channel_id'];
}
$str = '';
if($ret)
if($ret) {
foreach($ret as $rr) {
if($str)
$str .= ',';
$str .= intval($rr);
}
}
logger('stream_perms_api_uids: ' . $str, LOGGER_DEBUG);
return $str;
}
@@ -409,19 +444,21 @@ function stream_perms_xchans($perms = NULL ) {
intval($perms),
intval(PAGE_CENSORED|PAGE_SYETEM|PAGE_REMOVED)
);
if($r)
if($r) {
foreach($r as $rr)
if(! in_array($rr['channel_hash'],$ret))
if(! in_array($rr['channel_hash'], $ret))
$ret[] = $rr['channel_hash'];
}
$str = '';
if($ret)
if($ret) {
foreach($ret as $rr) {
if($str)
$str .= ',';
$str .= "'" . dbesc($rr) . "'";
}
}
logger('stream_perms_xchans: ' . $str, LOGGER_DEBUG);
return $str;
}

158
include/widgets.php
View File

@@ -1,4 +1,9 @@
<?php /** @file */
<?php
/**
* @file include/widgets.php
*
* @brief This file contains the widgets.
*/
require_once('include/dir_fns.php');
require_once('include/contact_widgets.php');
@@ -6,7 +11,7 @@ require_once('include/contact_widgets.php');
function widget_profile($args) {
$a = get_app();
$block = (((get_config('system','block_public')) && (! local_user()) && (! remote_user())) ? true : false);
$block = (((get_config('system', 'block_public')) && (! local_user()) && (! remote_user())) ? true : false);
return profile_sidebar($a->profile, $block, true);
}
@@ -16,14 +21,15 @@ function widget_profile($args) {
function widget_tagcloud($args) {
$o = '';
$tab = 0;
//$tab = 0;
$a = get_app();
$uid = $a->profile_uid;
$count = ((x($args,'count')) ? intval($args['count']) : 24);
$flags = 0;
$type = TERM_CATEGORY;
$r = tagadelic($uid,$count,$authors,$flags,ITEM_WEBPAGE,$type);
// FIXME there exists no $authors variable
$r = tagadelic($uid, $count, $authors, $flags, ITEM_WEBPAGE, $type);
if($r) {
$o = '<div class="tagblock widget"><h3>' . t('Categories') . '</h3><div class="tags" align="center">';
@@ -75,9 +81,8 @@ function widget_collections($args) {
return '';
break;
}
return group_side($every, $each, $edit, $current, $abook_id, $wmode);
return group_side($every, $each, $edit, $current, $abook_id, $wmode);
}
@@ -93,7 +98,6 @@ function widget_appselect($arr) {
}
function widget_suggestions($arr) {
if((! local_user()) || (! feature_enabled(local_user(),'suggest')))
@@ -114,16 +118,13 @@ function widget_suggestions($arr) {
// This will throw some entropy intot he situation so you won't
// be looking at the same two mug shots every time the widget runs
$index = ((count($r) > 2) ? mt_rand(0,count($r) - 2) : 0);
for($x = $index; $x <= ($index+1); $x ++) {
$rr = $r[$x];
if(! $rr['xchan_url'])
break;
$connlnk = z_root() . '/follow/?url=' . $rr['xchan_addr'];
$arr[] = array(
@@ -138,7 +139,6 @@ function widget_suggestions($arr) {
);
}
$o = replace_macros(get_markup_template('suggest_widget.tpl'),array(
'$title' => t('Suggestions'),
'$more' => t('See more...'),
@@ -146,13 +146,13 @@ function widget_suggestions($arr) {
));
return $o;
}
function widget_follow($args) {
if(! local_user())
return '';
$a = get_app();
$uid =$a->channel['channel_id'];
$r = q("select count(*) as total from abook where abook_channel = %d and not (abook_flags & %d)>0 ",
@@ -163,10 +163,10 @@ function widget_follow($args) {
$total_channels = $r[0]['total'];
$limit = service_class_fetch($uid,'total_channels');
if($limit !== false) {
$abook_usage_message = sprintf( t("You have %1$.0f of %2$.0f allowed connections."), $total_channels, $limit);
$abook_usage_message = sprintf( t("You have %1$.0f of %2$.0f allowed connections."), $total_channels, $limit);
}
else {
$abook_usage_message = '';
$abook_usage_message = '';
}
return replace_macros(get_markup_template('follow.tpl'),array(
'$connect' => t('Add New Connection'),
@@ -175,7 +175,6 @@ function widget_follow($args) {
'$follow' => t('Connect'),
'$abook_usage_message' => $abook_usage_message
));
}
@@ -192,6 +191,7 @@ function widget_notes($arr) {
'$text' => $text,
'$save' => t('Save'),
));
return $o;
}
@@ -228,8 +228,6 @@ function widget_savedsearch($arr) {
$search = '';
}
$srchurl = $a->query_string;
$srchurl = rtrim(preg_replace('/searchsave\=[^\&].*?(\&|$)/is','',$srchurl),'&');
@@ -240,7 +238,7 @@ function widget_savedsearch($arr) {
$srchurl = rtrim(preg_replace('/search\=[^\&].*?(\&|$)/is','',$srchurl),'&');
$srchurl = str_replace(array('?f=','&f='),array('',''),$srchurl);
$hasq = ((strpos($srchurl,'?') !== false) ? true : false);
$o = '';
$r = q("select `tid`,`term` from `term` WHERE `uid` = %d and `type` = %d ",
@@ -252,31 +250,28 @@ function widget_savedsearch($arr) {
if(count($r)) {
foreach($r as $rr) {
$saved[] = array(
'id' => $rr['tid'],
'term' => $rr['term'],
'term' => $rr['term'],
'dellink' => z_root() . '/' . $srchurl . (($hasq) ? '' : '?f=') . '&amp;searchremove=1&amp;search=' . urlencode($rr['term']),
'srchlink' => z_root() . '/' . $srchurl . (($hasq) ? '' : '?f=') . '&amp;search=' . urlencode($rr['term']),
'displayterm' => htmlspecialchars($rr['term'], ENT_COMPAT,'UTF-8'),
'encodedterm' => urlencode($rr['term']),
'delete' => t('Remove term'),
'selected' => ($search==$rr['term']),
'encodedterm' => urlencode($rr['term']),
'delete' => t('Remove term'),
'selected' => ($search==$rr['term']),
);
}
}
}
$tpl = get_markup_template("saved_searches.tpl");
$o = replace_macros($tpl, array(
'$title' => t('Saved Searches'),
'$add' => t('add'),
'$searchbox' => searchbox($search,'netsearch-box',$srchurl . (($hasq) ? '' : '?f='),true),
'$searchbox' => searchbox($search, 'netsearch-box', $srchurl . (($hasq) ? '' : '?f='), true),
'$saved' => $saved,
));
return $o;
}
@@ -306,7 +301,6 @@ function widget_filer($arr) {
'$all' => t('Everything'),
'$terms' => $terms,
'$base' => z_root() . '/' . $a->cmd
));
}
@@ -327,7 +321,6 @@ function widget_archive($arr) {
if(! perm_is_allowed($uid,get_observer_hash(),'view_stream'))
return '';
$wall = ((array_key_exists('wall', $arr)) ? intval($arr['wall']) : 0);
$style = ((array_key_exists('style', $arr)) ? $arr['style'] : 'select');
$showend = ((get_pconfig($uid,'system','archive_show_end_date')) ? true : false);
@@ -336,10 +329,8 @@ function widget_archive($arr) {
if(! $visible_years)
$visible_years = 5;
$url = z_root() . '/' . $a->cmd;
$ret = list_post_dates($uid,$wall,$mindate);
if(! count($ret))
@@ -367,7 +358,7 @@ function widget_fullprofile($arr) {
if(! $a->profile['profile_uid'])
return;
$block = (((get_config('system','block_public')) && (! local_user()) && (! remote_user())) ? true : false);
$block = (((get_config('system', 'block_public')) && (! local_user()) && (! remote_user())) ? true : false);
return profile_sidebar($a->profile, $block);
}
@@ -375,41 +366,43 @@ function widget_fullprofile($arr) {
function widget_categories($arr) {
$a = get_app();
if($a->profile['profile_uid'] && (! perm_is_allowed($a->profile['profile_uid'],get_observer_hash(),'view_stream')))
return '';
$cat = ((x($_REQUEST,'cat')) ? htmlspecialchars($_REQUEST['cat'],ENT_COMPAT,'UTF-8') : '');
$srchurl = $a->query_string;
$srchurl = rtrim(preg_replace('/cat\=[^\&].*?(\&|$)/is','',$srchurl),'&');
$srchurl = str_replace(array('?f=','&f='),array('',''),$srchurl);
return categories_widget($srchurl,$cat);
return categories_widget($srchurl, $cat);
}
function widget_tagcloud_wall($arr) {
$a = get_app();
if((! $a->profile['profile_uid']) || (! $a->profile['channel_hash']))
return '';
if(! perm_is_allowed($a->profile['profile_uid'],get_observer_hash(),'view_stream'))
if(! perm_is_allowed($a->profile['profile_uid'], get_observer_hash(), 'view_stream'))
return '';
$limit = ((array_key_exists('limit',$arr)) ? intval($arr['limit']) : 50);
if(feature_enabled($a->profile['profile_uid'],'tagadelic'))
return tagblock('search',$a->profile['profile_uid'],$limit,$a->profile['channel_hash'],ITEM_WALL);
$limit = ((array_key_exists('limit', $arr)) ? intval($arr['limit']) : 50);
if(feature_enabled($a->profile['profile_uid'], 'tagadelic'))
return tagblock('search', $a->profile['profile_uid'], $limit, $a->profile['channel_hash'], ITEM_WALL);
return '';
}
function widget_catcloud_wall($arr) {
$a = get_app();
if((! $a->profile['profile_uid']) || (! $a->profile['channel_hash']))
return '';
if(! perm_is_allowed($a->profile['profile_uid'],get_observer_hash(),'view_stream'))
if(! perm_is_allowed($a->profile['profile_uid'], get_observer_hash(), 'view_stream'))
return '';
$limit = ((array_key_exists('limit',$arr)) ? intval($arr['limit']) : 50);
return catblock($a->profile['profile_uid'],$limit,$a->profile['channel_hash'],ITEM_WALL);
return '';
return catblock($a->profile['profile_uid'], $limit, $a->profile['channel_hash'], ITEM_WALL);
}
@@ -438,6 +431,7 @@ function widget_affinity($arr) {
call_hooks('main_slider',$arr);
return $arr['html'];
}
return '';
}
@@ -463,20 +457,19 @@ function widget_settings_menu($arr) {
if($abk)
$abook_self_id = $abk[0]['abook_id'];
$tabs = array(
array(
'label' => t('Account settings'),
'url' => $a->get_baseurl(true).'/settings/account',
'selected' => ((argv(1) === 'account') ? 'active' : ''),
),
array(
'label' => t('Channel settings'),
'url' => $a->get_baseurl(true).'/settings/channel',
'selected' => ((argv(1) === 'channel') ? 'active' : ''),
),
array(
'label' => t('Additional features'),
'url' => $a->get_baseurl(true).'/settings/features',
@@ -494,7 +487,7 @@ function widget_settings_menu($arr) {
'url' => $a->get_baseurl(true).'/settings/display',
'selected' => ((argv(1) === 'display') ? 'active' : ''),
),
array(
'label' => t('Connected apps'),
'url' => $a->get_baseurl(true) . '/settings/oauth',
@@ -512,7 +505,6 @@ function widget_settings_menu($arr) {
'url' => $a->get_baseurl(true) . '/uexport/complete',
'selected' => ''
),
);
if($role === false || $role === 'custom') {
@@ -529,7 +521,6 @@ function widget_settings_menu($arr) {
'url' => $a->get_baseurl(true) . '/connect/' . $channel['channel_address'],
'selected' => ''
);
}
if(feature_enabled(local_user(),'channel_sources')) {
@@ -538,18 +529,14 @@ function widget_settings_menu($arr) {
'url' => $a->get_baseurl(true) . '/sources',
'selected' => ''
);
}
$tabtpl = get_markup_template("generic_links_widget.tpl");
return replace_macros($tabtpl, array(
'$title' => t('Settings'),
'$class' => 'settings-widget',
'$items' => $tabs,
));
}
@@ -560,9 +547,7 @@ function widget_mailmenu($arr) {
$a = get_app();
return replace_macros(get_markup_template('message_side.tpl'), array(
'$title' => t('Messages'),
'$tabs'=> array(),
'$check'=>array(
'label' => t('Check Mail'),
'url' => $a->get_baseurl(true) . '/message',
@@ -573,9 +558,7 @@ function widget_mailmenu($arr) {
'url' => $a->get_baseurl(true) . '/mail/new',
'sel'=> (argv(1) == 'new'),
)
));
}
function widget_design_tools($arr) {
@@ -586,7 +569,7 @@ function widget_design_tools($arr) {
if($a->profile['profile_uid'])
if(($a->profile['profile_uid'] != local_user()) && (! $a->is_sys))
return '';
return '';
if(! local_user())
return '';
@@ -601,24 +584,25 @@ function widget_findpeople($arr) {
function widget_photo_albums($arr) {
$a = get_app();
if(! $a->profile['profile_uid'])
return '';
$channelx = channelx_by_n($a->profile['profile_uid']);
if((! $channelx) || (! perm_is_allowed($a->profile['profile_uid'],get_observer_hash(),'view_photos')))
if((! $channelx) || (! perm_is_allowed($a->profile['profile_uid'], get_observer_hash(), 'view_photos')))
return '';
require_once('include/photos.php');
return photos_album_widget($channelx,$a->get_observer());
return photos_album_widget($channelx, $a->get_observer());
}
function widget_vcard($arr) {
require_once ('include/Contact.php');
return vcard_from_xchan('',get_app()->get_observer());
return vcard_from_xchan('', get_app()->get_observer());
}
/**
/*
* The following directory widgets are only useful on the directory page
*/
@@ -631,21 +615,23 @@ function widget_dirsort($arr) {
}
function widget_dirtags($arr) {
return dir_tagblock(z_root() . '/directory',null);
return dir_tagblock(z_root() . '/directory', null);
}
function widget_menu_preview($arr) {
if(! get_app()->data['menu_item'])
return;
require_once('include/menu.php');
return menu_render(get_app()->data['menu_item']);
}
function widget_chatroom_list($arr) {
$a = get_app();
require_once("include/chat.php");
$r = chatroom_list($a->profile['profile_uid']);
return replace_macros(get_markup_template('chatroomlist.tpl'),array(
return replace_macros(get_markup_template('chatroomlist.tpl'), array(
'$header' => t('Chat Rooms'),
'$baseurl' => z_root(),
'$nickname' => $a->profile['channel_address'],
@@ -658,7 +644,7 @@ function widget_bookmarkedchats($arr) {
if(! $h)
return;
$r = q("select * from xchat where xchat_xchan = '%s' group by xchat_url order by xchat_desc",
dbesc($h)
dbesc($h)
);
if($r) {
for($x = 0; $x < count($r); $x ++) {
@@ -692,17 +678,17 @@ function widget_suggestedchats($arr) {
}
function widget_item($arr) {
// FIXME there is no $a here
$uid = $a->profile['profile_uid'];
if((! $uid) || (! $arr['mid']))
return '';
if(! perm_is_allowed($uid,get_observer_hash(),'view_pages'))
if(! perm_is_allowed($uid, get_observer_hash(), 'view_pages'))
return '';
require_once('include/security.php');
$sql_extra = item_permissions_sql($uid);
$r = q("select * from item where mid = '%s' and uid = %d and item_restrict = " . intval(ITEM_WEBPAGE) . " $sql_extra limit 1",
dbesc($arr['mid']),
intval($uid)
@@ -712,11 +698,10 @@ function widget_item($arr) {
return '';
xchan_query($r);
$r = fetch_post_tags($r,true);
$r = fetch_post_tags($r, true);
$o .= prepare_page($r[0]);
$o = prepare_page($r[0]);
return $o;
}
function widget_clock($arr) {
@@ -786,18 +771,17 @@ return $o;
* URL must be an http or https URL
*/
function widget_photo($arr) {
$style = $zrl = false;
$params = '';
if(array_key_exists('src',$arr) && isset($arr['src']))
if(array_key_exists('src', $arr) && isset($arr['src']))
$url = $arr['src'];
if(strpos($url,'http') !== 0)
return '';
if(array_key_exists('style',$arr) && isset($arr['style']))
if(array_key_exists('style', $arr) && isset($arr['style']))
$style = $arr['style'];
// ensure they can't sneak in an eval(js) function
@@ -805,7 +789,7 @@ function widget_photo($arr) {
if(strpos($style,'(') !== false)
return '';
if(array_key_exists('zrl',$arr) && isset($arr['zrl']))
if(array_key_exists('zrl', $arr) && isset($arr['zrl']))
$zrl = (($arr['zrl']) ? true : false);
if($zrl)
@@ -815,7 +799,7 @@ function widget_photo($arr) {
$o .= '<img ' . (($zrl) ? ' class="zrl" ' : '')
. (($style) ? ' style="' . $style . '"' : '')
. ' src="' . $url . '" alt="' . t('photo/image') . '" />';
. ' src="' . $url . '" alt="' . t('photo/image') . '">';
$o .= '</div>';
@@ -826,15 +810,15 @@ function widget_photo($arr) {
function widget_photo_rand($arr) {
require_once('include/photos.php');
$style = $zrl = false;
$params = '';
if(array_key_exists('album',$arr) && isset($arr['album']))
$style = false;
if(array_key_exists('album', $arr) && isset($arr['album']))
$album = $arr['album'];
else
$album = '';
$channel_id = 0;
if(array_key_exists('channel_id',$arr) && intval($arr['channel_id']))
if(array_key_exists('channel_id', $arr) && intval($arr['channel_id']))
$channel_id = intval($arr['channel_id']);
if(! $channel_id)
$channel_id = get_app()->profile_uid;
@@ -844,7 +828,7 @@ function widget_photo_rand($arr) {
$scale = ((array_key_exists('scale',$arr)) ? intval($arr['scale']) : 0);
$ret = photos_list_photos(array('channel_id' => $channel_id),get_app()->get_observer(),$album);
$filtered = array();
if($ret['success'] && $ret['photos'])
foreach($ret['photos'] as $p)
@@ -852,14 +836,14 @@ function widget_photo_rand($arr) {
$filtered[] = $p['src'];
if($filtered) {
$e = mt_rand(0,count($filtered)-1);
$e = mt_rand(0, count($filtered) - 1);
$url = $filtered[$e];
}
if(strpos($url,'http') !== 0)
if(strpos($url, 'http') !== 0)
return '';
if(array_key_exists('style',$arr) && isset($arr['style']))
if(array_key_exists('style', $arr) && isset($arr['style']))
$style = $arr['style'];
// ensure they can't sneak in an eval(js) function
@@ -873,7 +857,7 @@ function widget_photo_rand($arr) {
$o .= '<img class="zrl" '
. (($style) ? ' style="' . $style . '"' : '')
. ' src="' . $url . '" alt="' . t('photo/image') . '" />';
. ' src="' . $url . '" alt="' . t('photo/image') . '">';
$o .= '</div>';
@@ -913,10 +897,10 @@ function widget_random_block($arr) {
$o = '<div class="widget bblock">';
if($r[0]['title'])
$o .= '<h3>' . $r[0]['title'] . '</h3>';
$o .= prepare_text($r[0]['body'],$r[0]['mimetype']);
$o .= '</div>';
}
return $o;
return $o;
}