harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch '1.12RC'

Browse Source
This commit is contained in:
redmatrix 2016-08-22 20:05:25 -07:00
commit b89c869e7c
121 changed files with 29761 additions and 27620 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
CHANGELOG
View File

@ -1,3 +1,28 @@
Hubzilla 1.12
- extensible permissions so you can create a new permission rule such as "can write to my wiki" or "can see me naked".
- guest access tokens can do anything you let them, including create posts and administer your channel
- ACLs can be set on files and directories prior to creation.
- ACL tool can now be used in multiple forms within a page
- a myriad of new drag/drop features (drop files or photos into /cloud or a post, or drop link into a post or comment, etc.)
- multiple file uploads
- improvements to website import
- UNO replaced with extensible server roles
- select bbcode elements (such as baseurl) supported in wiki pages
- addons:
Diaspora Protocol - additional updates to maintain compatibility with 0.6.0.0 and stop showing likes as wall-to-wall comments (except when the liker does not have any Diaspora protocol ability)
Cdav - continued improvements to the web UI
Pong - the classic pong game
Dfedfix - removed, no longer needed
Openid - moved from core to addon
- bugfixes
unable to delete privacy groups
weird display interaction with code blocks and escaped base64 content containing 8 - O
workaround WordPress oembeds which are almost completely javascript and therefore filtered
restrict oembed cache url to 254 chars to avoid spurious failures caching google map urls
"Page not found" appeared twice
birthdays weren't being automatically added to event calendar
some iCal entries had malformed descriptions
Hubzilla 1.10
Wiki:
Lots of enhanced functionality, usability improvements, and bugfixes from v1.8

10
Zotlabs/Daemon/Cron.php
View File

@ -64,12 +64,16 @@ class Cron {
// delete expired access tokens
q("delete from atoken where atoken_expires != '%s' && atoken_expires < %s",
$r = q("select atoken_id from atoken where atoken_expires != '%s' && atoken_expires < %s",
dbesc(NULL_DATE),
db_utcnow()
);
if($r) {
require_once('include/security.php');
foreach($r as $rr) {
atoken_delete($rr['atoken_id']);
}
}
// Ensure that every channel pings a directory server once a month. This way we can discover
// channels and sites that quietly vanished and prevent the directory from accumulating stale

4
Zotlabs/Lib/System.php
View File

@ -43,8 +43,8 @@ class System {
static public function get_server_role() {
if(UNO)
return 'basic';
if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['server_role'])
return \App::$config['system']['server_role'];
return 'pro';
}

3
Zotlabs/Lib/ThreadItem.php
View File

@ -245,10 +245,11 @@ class ThreadItem {
);
}
$server_role = get_config('system','server_role');
$has_bookmarks = false;
if(is_array($item['term'])) {
foreach($item['term'] as $t) {
if(!UNO && $t['ttype'] == TERM_BOOKMARK)
if(($server_role != 'basic') && ($t['ttype'] == TERM_BOOKMARK))
$has_bookmarks = true;
}
}

55
Zotlabs/Module/Acl.php
View File

@ -58,7 +58,24 @@ class Acl extends \Zotlabs\Web\Controller {
if( (! local_channel()) && (! ($type == 'x' || $type == 'c')))
killme();
$permitted = [];
if(in_array($type, [ 'm', 'a', 'c' ])) {
// These queries require permission checking. We'll create a simple array of xchan_hash for those with
// the requisite permissions which we can check against.
$x = q("select xchan from abconfig where chan = %d and cat = 'their_perms' and k = '%s' and v = 1",
intval(local_channel()),
dbesc(($type === 'm') ? 'post_mail' : 'tag_deliver')
);
$permitted = ids_to_array($x,'xchan');
}
if($search) {
$sql_extra = " AND `name` LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " ";
$sql_extra2 = "AND ( xchan_name LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " OR xchan_addr LIKE " . protect_sprintf( "'%" . dbesc($search) . ((strpos($search,'@') === false) ? "%@%'" : "%'")) . ") ";
@ -87,13 +104,13 @@ class Acl extends \Zotlabs\Web\Controller {
if($type == '' || $type == 'g') {
$r = q("SELECT `groups`.`id`, `groups`.`hash`, `groups`.`gname`
FROM `groups`,`group_member`
WHERE `groups`.`deleted` = 0 AND `groups`.`uid` = %d
AND `group_member`.`gid`=`groups`.`id`
$r = q("SELECT groups.id, groups.hash, groups.gname
FROM groups,group_member
WHERE groups.deleted = 0 AND groups.uid = %d
AND group_member.gid=groups.id
$sql_extra
GROUP BY `groups`.`id`
ORDER BY `groups`.`gname`
GROUP BY groups.id
ORDER BY groups.gname
LIMIT %d OFFSET %d",
intval(local_channel()),
intval($count),
@ -156,7 +173,7 @@ class Acl extends \Zotlabs\Web\Controller {
}
$r = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, abook_flags, abook_self
$r = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, xchan_pubforum, abook_flags, abook_self
FROM abook left join xchan on abook_xchan = xchan_hash
WHERE (abook_channel = %d $extra_channels_sql) AND abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc" ,
intval(local_channel())
@ -221,16 +238,24 @@ class Acl extends \Zotlabs\Web\Controller {
}
}
elseif($type == 'm') {
$r = q("SELECT xchan_hash as hash, xchan_name as name, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url
$r = array();
$z = q("SELECT xchan_hash as hash, xchan_name as name, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url
FROM abook left join xchan on abook_xchan = xchan_hash
WHERE abook_channel = %d and ( (abook_their_perms = null) or (abook_their_perms & %d )>0)
WHERE abook_channel = %d
and xchan_deleted = 0
$sql_extra3
ORDER BY `xchan_name` ASC ",
intval(local_channel()),
intval(PERMS_W_MAIL)
ORDER BY xchan_name ASC ",
intval(local_channel())
);
if($z) {
foreach($z as $zz) {
if(in_array($zz['hash'],$permitted)) {
$r[] = $zz;
}
}
}
}
elseif($type == 'a') {
@ -274,7 +299,7 @@ class Acl extends \Zotlabs\Web\Controller {
if(strpos($g['hash'],'/') && $type != 'a')
continue;
if(($g['abook_their_perms'] & PERMS_W_TAGWALL) && $type == 'c' && (! $noforums)) {
if(in_array($g['hash'],$permitted) && $type == 'c' && (! $noforums)) {
$contacts[] = array(
"type" => "c",
"photo" => "images/twopeople.png",

3
Zotlabs/Module/Channel.php
View File

@ -133,6 +133,7 @@ class Channel extends \Zotlabs\Web\Controller {
'nickname' => \App::$profile['channel_address'],
'lockstate' => (((strlen(\App::$profile['channel_allow_cid'])) || (strlen(\App::$profile['channel_allow_gid'])) || (strlen(\App::$profile['channel_deny_cid'])) || (strlen(\App::$profile['channel_deny_gid']))) ? 'lock' : 'unlock'),
'acl' => (($is_owner) ? populate_acl($channel_acl,true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post') : ''),
'permissions' => (($is_owner) ? $channel_acl : ''),
'showacl' => (($is_owner) ? 'yes' : ''),
'bang' => '',
'visitor' => (($is_owner || $observer) ? true : false),
@ -363,4 +364,4 @@ class Channel extends \Zotlabs\Web\Controller {
return $o;
}
}
}

13
Zotlabs/Module/Chat.php
View File

@ -218,14 +218,13 @@ class Chat extends \Zotlabs\Web\Controller {
notice( t('Feature disabled.') . EOL);
return $o;
}
$acl = new \Zotlabs\Access\AccessList($channel);
$channel_acl = $acl->get();
$lockstate = (($channel_acl['allow_cid'] || $channel_acl['allow_gid'] || $channel_acl['deny_cid'] || $channel_acl['deny_gid']) ? 'lock' : 'unlock');
require_once('include/acl_selectors.php');
$chatroom_new = '';
if(local_channel()) {
$chatroom_new = replace_macros(get_markup_template('chatroom_new.tpl'),array(
@ -234,12 +233,16 @@ class Chat extends \Zotlabs\Web\Controller {
'$chat_expire' => array('chat_expire',t('Expiration of chats (minutes)'),120,''),
'$permissions' => t('Permissions'),
'$acl' => populate_acl($channel_acl,false),
'$allow_cid' => acl2json($channel_acl['allow_cid']),
'$allow_gid' => acl2json($channel_acl['allow_gid']),
'$deny_cid' => acl2json($channel_acl['deny_cid']),
'$deny_gid' => acl2json($channel_acl['deny_gid']),
'$lockstate' => $lockstate,
'$submit' => t('Submit')
));
}
$rooms = Zlib\Chatroom::roomlist(\App::$profile['profile_uid']);
$o .= replace_macros(get_markup_template('chatrooms.tpl'), array(

33
Zotlabs/Module/Connedit.php
View File

@ -137,11 +137,16 @@ class Connedit extends \Zotlabs\Web\Controller {
$new_friend = false;
// only store a record and notify the directory if the rating changed
if(! $is_self) {
$signed = $orig_record[0]['abook_xchan'] . '.' . $rating . '.' . $rating_text;
$sig = base64url_encode(rsa_sign($signed,$channel['channel_prvkey']));
$rated = ((intval($rating) || strlen($rating_text)) ? true : false);
$record = 0;
$z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1",
dbesc($channel['channel_hash']),
@ -149,17 +154,20 @@ class Connedit extends \Zotlabs\Web\Controller {
);
if($z) {
$record = $z[0]['xlink_id'];
$w = q("update xlink set xlink_rating = '%d', xlink_rating_text = '%s', xlink_sig = '%s', xlink_updated = '%s'
where xlink_id = %d",
intval($rating),
dbesc($rating_text),
dbesc($sig),
dbesc(datetime_convert()),
intval($record)
);
if(($z[0]['xlink_rating'] != $rating) || ($z[0]['xlink_rating_text'] != $rating_text)) {
$record = $z[0]['xlink_id'];
$w = q("update xlink set xlink_rating = '%d', xlink_rating_text = '%s', xlink_sig = '%s', xlink_updated = '%s'
where xlink_id = %d",
intval($rating),
dbesc($rating_text),
dbesc($sig),
dbesc(datetime_convert()),
intval($record)
);
}
}
else {
elseif($rated) {
// only create a record if there's something to save
$w = q("insert into xlink ( xlink_xchan, xlink_link, xlink_rating, xlink_rating_text, xlink_sig, xlink_updated, xlink_static ) values ( '%s', '%s', %d, '%s', '%s', '%s', 1 ) ",
dbesc($channel['channel_hash']),
dbesc($orig_record[0]['abook_xchan']),
@ -304,9 +312,6 @@ class Connedit extends \Zotlabs\Web\Controller {
call_hooks('accept_follow', $arr);
}
if(! is_null($autoperms))
set_pconfig(local_channel(),'system','autoperms',(($autoperms) ? $abook_my_perms : 0));
$this->connedit_clone($a);
if(($_REQUEST['pending']) && (!$_REQUEST['done']))

1
Zotlabs/Module/Display.php
View File

@ -65,6 +65,7 @@ class Display extends \Zotlabs\Web\Controller {
'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
'acl' => populate_acl($channel_acl),
'permissions' => $channel_acl,
'bang' => '',
'visitor' => true,
'profile_uid' => local_channel(),

1
Zotlabs/Module/Editwebpage.php
View File

@ -151,6 +151,7 @@ class Editwebpage extends \Zotlabs\Web\Controller {
'post_id' => $post_id,
'visitor' => ($is_owner) ? true : false,
'acl' => populate_acl($itm[0],false,\Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_pages')),
'permissions' => $itm[0],
'showacl' => ($is_owner) ? true : false,
'mimetype' => $mimetype,
'mimeselect' => true,

12
Zotlabs/Module/Embedphotos.php
View File

@ -39,9 +39,9 @@ class Embedphotos extends \Zotlabs\Web\Controller {
json_return_and_die(array('errormsg' => 'Error retrieving link ' . $href, 'status' => false));
}
$resource_id = array_pop(explode("/", $href));
$r = q("SELECT obj from item where resource_type = 'photo' and resource_id = '%s' limit 1",
dbesc($resource_id)
);
$r = q("SELECT obj,body from item where resource_type = 'photo' and resource_id = '%s' limit 1",
dbesc($resource_id)
);
if(!$r) {
json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false));
}
@ -50,7 +50,9 @@ class Embedphotos extends \Zotlabs\Web\Controller {
$photolink = $obj['body'];
} elseif (x($obj,'bbcode')) {
$photolink = $obj['bbcode'];
} else {
} elseif ($r[0]['body'] !== '') {
$photolink = $r[0]['body'];
} else {
json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false));
}
json_return_and_die(array('status' => true, 'photolink' => $photolink));
@ -83,7 +85,7 @@ function embedphotos_widget_album($args) {
return '';
if($args['album'])
$album = $args['album'];
$album = (($args['album'] === '/') ? '' : $args['album'] );
if($args['title'])
$title = $args['title'];

12
Zotlabs/Module/Events.php
View File

@ -435,6 +435,10 @@ class Events extends \Zotlabs\Web\Controller {
$acl = new \Zotlabs\Access\AccessList($channel);
$perm_defaults = $acl->get();
$permissions = ((x($orig_event)) ? $orig_event : $perm_defaults);
//print_r(acl2json($permissions['allow_gid'])); killme();
$tpl = get_markup_template('event_form.tpl');
@ -467,10 +471,16 @@ class Events extends \Zotlabs\Web\Controller {
'$sh_checked' => $sh_checked,
'$share' => array('share', t('Share this event'), $sh_checked, '', array(t('No'),t('Yes'))),
'$preview' => t('Preview'),
'$permissions' => t('Permission settings'),
'$perms_label' => t('Permission settings'),
// populating the acl dialog was a permission description from view_stream because Cal.php, which
// displays events, says "since we don't currently have an event permission - use the stream permission"
'$acl' => (($orig_event['event_xchan']) ? '' : populate_acl(((x($orig_event)) ? $orig_event : $perm_defaults), false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'))),
'$allow_cid' => acl2json($permissions['allow_cid']),
'$allow_gid' => acl2json($permissions['allow_gid']),
'$deny_cid' => acl2json($permissions['deny_cid']),
'$deny_gid' => acl2json($permissions['deny_gid']),
'$submit' => t('Submit'),
'$advanced' => t('Advanced Options')

45
Zotlabs/Module/File_upload.php Normal file
View File

@ -0,0 +1,45 @@
<?php
namespace Zotlabs\Module;
require_once('include/attach.php');
require_once('include/channel.php');
require_once('include/photos.php');
class File_upload extends \Zotlabs\Web\Controller {
function post() {
// logger('file upload: ' . print_r($_REQUEST,true));
$channel = (($_REQUEST['channick']) ? get_channel_by_nick($_REQUEST['channick']) : null);
if(! $channel) {
logger('channel not found');
killme();
}
$_REQUEST['source'] = 'file_upload';
if($channel['channel_id'] != local_channel()) {
$_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']);
$_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']);
$_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']);
$_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']);
}
if($_REQUEST['filename']) {
$_REQUEST['allow_cid'] = perms2str($_REQUEST['contact_allow']);
$_REQUEST['allow_gid'] = perms2str($_REQUEST['group_allow']);
$_REQUEST['deny_cid'] = perms2str($_REQUEST['contact_deny']);
$_REQUEST['deny_gid'] = perms2str($_REQUEST['group_deny']);
$r = attach_mkdir($channel,get_observer_hash(),$_REQUEST);
}
else {
$r = attach_store($channel,get_observer_hash(), '', $_REQUEST);
}
goaway(z_root() . '/' . $_REQUEST['return_url']);
}
}

8
Zotlabs/Module/Filestorage.php
View File

@ -141,7 +141,7 @@ class Filestorage extends \Zotlabs\Web\Controller {
// Encode path that is used for link so it's a valid URL
// Keep slashes as slashes, otherwise mod_rewrite doesn't work correctly
$encoded_path = str_replace('%2F', '/', rawurlencode($cloudpath));
$o = replace_macros(get_markup_template('attach_edit.tpl'), array(
'$header' => t('Edit file permissions'),
'$file' => $f,
@ -151,6 +151,10 @@ class Filestorage extends \Zotlabs\Web\Controller {
'$channelnick' => $channel['channel_address'],
'$permissions' => t('Permissions'),
'$aclselect' => $aclselect_e,
'$allow_cid' => acl2json($f['allow_cid']),
'$allow_gid' => acl2json($f['allow_gid']),
'$deny_cid' => acl2json($f['deny_cid']),
'$deny_gid' => acl2json($f['deny_gid']),
'$lockstate' => $lockstate,
'$permset' => t('Set/edit permissions'),
'$recurse' => array('recurse', t('Include all files and sub folders'), 0, '', array(t('No'), t('Yes'))),
@ -161,7 +165,7 @@ class Filestorage extends \Zotlabs\Web\Controller {
'$submit' => t('Submit'),
'$attach_btn_title' => t('Share this file'),
'$link_btn_title' => t('Show URL to this file'),
'$notify' => array('notify', t('Notify your contacts about this file'), 0, '', array(t('No'), t('Yes')))
'$notify' => array('notify', t('Notify your contacts about this file'), 0, '', array(t('No'), t('Yes'))),
));
echo $o;

4
Zotlabs/Module/Impel.php
View File

@ -88,7 +88,11 @@ class Impel extends \Zotlabs\Web\Controller {
foreach($j['items'] as $it) {
$mitem = array();
$mitem['mitem_link'] = str_replace('[channelurl]',z_root() . '/channel/' . $channel['channel_address'],$it['link']);
$mitem['mitem_link'] = str_replace('[pageurl]',z_root() . '/page/' . $channel['channel_address'],$it['link']);
$mitem['mitem_link'] = str_replace('[cloudurl]',z_root() . '/cloud/' . $channel['channel_address'],$it['link']);
$mitem['mitem_link'] = str_replace('[baseurl]',z_root(),$it['link']);
$mitem['mitem_desc'] = escape_tags($it['desc']);
$mitem['mitem_order'] = intval($it['order']);
if(is_array($it['flags'])) {

2
Zotlabs/Module/Like.php
View File

@ -496,6 +496,8 @@ class Like extends \Zotlabs\Web\Controller {
$arr['deny_gid'] = $deny_gid;
$arr['item_private'] = $private;
call_hooks('post_local',$arr);
$post = item_store($arr);
$post_id = $post['item_id'];

6
Zotlabs/Module/Menu.php
View File

@ -65,7 +65,7 @@ class Menu extends \Zotlabs\Web\Controller {
function get() {
function get() {
$uid = local_channel();
@ -81,7 +81,7 @@ class Menu extends \Zotlabs\Web\Controller {
if(argc() == 1) {
$channel = (($sys) ? $sys : \App::get_channel());
// list menus
$x = menu_list($uid);
@ -89,7 +89,7 @@ class Menu extends \Zotlabs\Web\Controller {
for($y = 0; $y < count($x); $y ++) {
$m = menu_fetch($x[$y]['menu_name'],$uid,get_observer_hash());
if($m)
$x[$y]['element'] = '[element]' . base64url_encode(json_encode(menu_element($m))) . '[/element]';
$x[$y]['element'] = '[element]' . base64url_encode(json_encode(menu_element($channel,$m))) . '[/element]';
$x[$y]['bookmark'] = (($x[$y]['menu_flags'] & MENU_BOOKMARK) ? true : false);
}
}

10
Zotlabs/Module/Mitem.php
View File

@ -147,12 +147,16 @@ class Mitem extends \Zotlabs\Web\Controller {
else {
$display = (($r) ? 'none' : 'block');
}
$create = replace_macros(get_markup_template('mitemedit.tpl'), array(
'$menu_id' => \App::$data['menu']['menu_id'],
'$permissions' => t('Menu Item Permissions'),
'$permdesc' => t("\x28click to open/close\x29"),
'$aclselect' => populate_acl($acl->get(),false),
'$allow_cid' => acl2json($acl->get()['allow_cid']),
'$allow_gid' => acl2json($acl->get()['allow_gid']),
'$deny_cid' => acl2json($acl->get()['deny_cid']),
'$deny_gid' => acl2json($acl->get()['deny_gid']),
'$mitem_desc' => array('mitem_desc', t('Link Name'), '', 'Visible name of the link','*'),
'$mitem_link' => array('mitem_link', t('Link or Submenu Target'), '', t('Enter URL of the link or select a menu name to create a submenu'), '*', 'list="menu-names"'),
'$usezid' => array('usezid', t('Use magic-auth if available'), true, '', array(t('No'), t('Yes'))),
@ -226,6 +230,10 @@ class Mitem extends \Zotlabs\Web\Controller {
'$permissions' => t('Menu Item Permissions'),
'$permdesc' => t("\x28click to open/close\x29"),
'$aclselect' => populate_acl($mitem,false),
'$allow_cid' => acl2json($mitem['allow_cid']),
'$allow_gid' => acl2json($mitem['allow_gid']),
'$deny_cid' => acl2json($mitem['deny_cid']),
'$deny_gid' => acl2json($mitem['deny_gid']),
'$mitem_id' => intval(argv(2)),
'$mitem_desc' => array('mitem_desc', t('Link text'), $mitem['mitem_desc'], '','*'),
'$mitem_link' => array('mitem_link', t('Link or Submenu Target'), $mitem['mitem_link'], 'Enter URL of the link or select a menu name to create a submenu', '*', 'list="menu-names"'),

1
Zotlabs/Module/Network.php
View File

@ -170,6 +170,7 @@ class Network extends \Zotlabs\Web\Controller {
'nickname' => $channel['channel_address'],
'lockstate' => (($private_editing || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
'acl' => populate_acl((($private_editing) ? $def_acl : $channel_acl), true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post'),
'permissions' => (($private_editing) ? $def_acl : $channel_acl),
'bang' => (($private_editing) ? '!' : ''),
'visitor' => true,
'profile_uid' => local_channel(),

10
Zotlabs/Module/Photos.php
View File

@ -668,6 +668,10 @@ class Photos extends \Zotlabs\Web\Controller {
'$selname' => $selname,
'$permissions' => t('Permissions'),
'$aclselect' => $aclselect,
'$allow_cid' => acl2json($channel_acl['allow_cid']),
'$allow_gid' => acl2json($channel_acl['allow_gid']),
'$deny_cid' => acl2json($channel_acl['deny_cid']),
'$deny_gid' => acl2json($channel_acl['deny_gid']),
'$lockstate' => $lockstate,
'$uploader' => $ret['addon_text'],
'$default' => (($ret['default_upload']) ? true : false),
@ -1016,7 +1020,7 @@ class Photos extends \Zotlabs\Web\Controller {
// FIXME - remove this when we move to conversation module
$r = $r[0]['children'];
$edit = null;
if($can_post) {
$album_e = $ph[0]['album'];
@ -1042,6 +1046,10 @@ class Photos extends \Zotlabs\Web\Controller {
'tag_label' => t('Add a Tag'),
'permissions' => t('Permissions'),
'aclselect' => $aclselect_e,
'allow_cid' => acl2json($ph[0]['allow_cid']),
'allow_gid' => acl2json($ph[0]['allow_gid']),
'deny_cid' => acl2json($ph[0]['deny_cid']),
'deny_gid' => acl2json($ph[0]['deny_gid']),
'lockstate' => $lockstate[0],
'help_tags' => t('Example: @bob, @Barbara_Jensen, @jim@example.com'),
'item_id' => ((count($linked_items)) ? $link_item['id'] : 0),

2
Zotlabs/Module/Rate.php
View File

@ -43,7 +43,7 @@ class Rate extends \Zotlabs\Web\Controller {
}
function post() {
function post() {
if(! local_channel())
return;

11
Zotlabs/Module/Register.php
View File

@ -151,7 +151,7 @@ class Register extends \Zotlabs\Web\Controller {
$new_channel = false;
$next_page = 'new_channel';
if(get_config('system','auto_channel_create') || UNO) {
if(get_config('system','auto_channel_create') || get_config('system','server_role') == 'basic') {
$new_channel = auto_channel_create($result['account']['account_id']);
if($new_channel['success']) {
$channel_id = $new_channel['channel']['channel_id'];
@ -234,9 +234,12 @@ class Register extends \Zotlabs\Web\Controller {
$privacy_role = ((x($_REQUEST,'permissions_role')) ? $_REQUEST['permissions_role'] : "");
$role = array('permissions_role' , t('Channel role and privacy'), ($privacy_role) ? $privacy_role : 'social', t('Select a channel role with your privacy requirements.') . ' <a href="help/roles" target="_blank">' . t('Read more about roles') . '</a>',get_roles());
$tos = array('tos', $label_tos, '', '', array(t('no'),t('yes')));
$auto_create = ((UNO) || (get_config('system','auto_channel_create')) ? true : false);
$default_role = ((UNO) ? 'social' : get_config('system','default_permissions_role'));
$server_role = get_config('system','server_role');
$auto_create = (($server_role == 'basic') || (get_config('system','auto_channel_create')) ? true : false);
$default_role = (($server_role == 'basic') ? 'social' : get_config('system','default_permissions_role'));
require_once('include/bbcode.php');

2
Zotlabs/Module/Rpost.php
View File

@ -116,6 +116,7 @@ class Rpost extends \Zotlabs\Web\Controller {
'nickname' => $channel['channel_address'],
'lockstate' => (($acl->is_private()) ? 'lock' : 'unlock'),
'acl' => populate_acl($channel_acl, true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post'),
'permissions' => $channel_acl,
'bang' => '',
'visitor' => true,
'profile_uid' => local_channel(),
@ -125,6 +126,7 @@ class Rpost extends \Zotlabs\Web\Controller {
'source' => ((x($_REQUEST,'source')) ? strip_tags($_REQUEST['source']) : ''),
'return_path' => 'rpost/return',
'bbco_autocomplete' => 'bbcode',
'editor_autocomplete'=> true,
'bbcode' => true
);

138
Zotlabs/Module/Settings.php
View File

@ -2,7 +2,7 @@
namespace Zotlabs\Module; /** @file */
require_once('include/zot.php');
require_once('include/security.php');
class Settings extends \Zotlabs\Web\Controller {
@ -21,10 +21,7 @@ class Settings extends \Zotlabs\Web\Controller {
// We are setting these values - don't use the argc(), argv() functions here
\App::$argc = 2;
\App::$argv[] = 'channel';
}
}
}
@ -38,7 +35,7 @@ class Settings extends \Zotlabs\Web\Controller {
$channel = \App::get_channel();
logger('mod_settings: ' . print_r($_REQUEST,true));
// logger('mod_settings: ' . print_r($_REQUEST,true));
if((argc() > 1) && (argv(1) === 'oauth') && x($_POST,'remove')){
@ -167,7 +164,23 @@ class Settings extends \Zotlabs\Web\Controller {
dbesc($expires)
);
}
$atoken_xchan = substr($channel['channel_hash'],0,16) . '.' . $name;
$all_perms = \Zotlabs\Access\Permissions::Perms();
if($all_perms) {
foreach($all_perms as $perm => $desc) {
if(array_key_exists('perms_' . $perm, $_POST)) {
set_abconfig($channel['channel_id'],$atoken_xchan,'my_perms',$perm,intval($_POST['perms_' . $perm]));
}
else {
set_abconfig($channel['channel_id'],$atoken_xchan,'my_perms',$perm,0);
}
}
}
info( t('Token saved.') . EOL);
return;
}
@ -273,7 +286,7 @@ class Settings extends \Zotlabs\Web\Controller {
$email = ((x($_POST,'email')) ? trim(notags($_POST['email'])) : '');
$account = \App::get_account();
if($email != $account['account_email']) {
if(! valid_email($email))
if(! valid_email($email))
$errs[] = t('Not valid email.');
$adm = trim(get_config('system','admin_email'));
if(($adm) && (strcasecmp($email,$adm) == 0)) {
@ -363,10 +376,10 @@ class Settings extends \Zotlabs\Web\Controller {
intval(local_channel())
);
$global_perms = get_perms();
$global_perms = \Zotlabs\Access\Permissions::Perms();
foreach($global_perms as $k => $v) {
$set_perms .= ', ' . $v[0] . ' = ' . intval($_POST[$k]) . ' ';
\Zotlabs\Access\PermissionLimits::Set(local_channel(),$k,intval($_POST[$k]));
}
$acl = new \Zotlabs\Access\AccessList($channel);
$acl->set_from_array($_POST);
@ -381,8 +394,8 @@ class Settings extends \Zotlabs\Web\Controller {
intval(local_channel())
);
}
else {
$role_permissions = get_role_perms($_POST['permissions_role']);
else {
$role_permissions = \Zotlabs\Access\PermissionRoles::role_perms($_POST['permissions_role']);
if(! $role_permissions) {
notice('Permissions category could not be found.');
return;
@ -422,19 +435,24 @@ class Settings extends \Zotlabs\Web\Controller {
);
}
$r = q("update abook set abook_my_perms = %d where abook_channel = %d and abook_self = 1",
intval((array_key_exists('perms_accept',$role_permissions)) ? $role_permissions['perms_accept'] : 0),
intval(local_channel())
);
set_pconfig(local_channel(),'system','autoperms',(($role_permissions['perms_auto']) ? intval($role_permissions['perms_accept']) : 0));
foreach($role_permissions as $p => $v) {
if(strpos($p,'channel_') !== false) {
$set_perms .= ', ' . $p . ' = ' . intval($v) . ' ';
$x = \Zotlabs\Access\Permissions::FilledPerms($role_permissions['perms_connect']);
foreach($x as $k => $v) {
set_abconfig(local_channel(),$channel['channel_hash'],'my_perms',$k, $v);
if($role_permissions['perms_auto']) {
set_pconfig(local_channel(),'autoperms',$k,$v);
}
if($p === 'directory_publish') {
$publish = intval($v);
else {
del_pconfig(local_channel(),'autoperms',$k);
}
}
if($role_permissions['limits']) {
foreach($role_permissions['limits'] as $k => $v) {
\Zotlabs\Access\PermissionLimits::Set(local_channel(),$k,$v);
}
}
if(array_key_exists('directory_publish',$role_permissions)) {
$publish = intval($role_permissions['directory_publish']);
}
}
@ -763,6 +781,8 @@ class Settings extends \Zotlabs\Web\Controller {
if((argc() > 1) && (argv(1) === 'tokens')) {
$atoken = null;
$atoken_xchan = '';
if(argc() > 2) {
$id = argv(2);
@ -771,23 +791,56 @@ class Settings extends \Zotlabs\Web\Controller {
intval(local_channel())
);
if($atoken)
if($atoken) {
$atoken = $atoken[0];
$atoken_xchan = substr($channel['channel_hash'],0,16) . '.' . $atoken['atoken_name'];
}
if($atoken && argc() > 3 && argv(3) === 'drop') {
$r = q("delete from atoken where atoken_id = %d",
intval($id)
);
atoken_delete($id);
$atoken = null;
$atoken_xchan = '';
}
}
$t = q("select * from atoken where atoken_uid = %d",
intval(local_channel())
);
$desc = t('Use this form to create temporary access identifiers to share things with non-members. These identities may be used in Access Control Lists and visitors may login using these credentials to access the private content.');
$desc = t('Use this form to create temporary access identifiers to share things with non-members. These identities may be used in Access Control Lists and visitors may login using these credentials to access private content.');
$desc2 = t('You may also provide <em>dropbox</em> style access links to friends and associates by adding the Login Password to any specific site URL as shown. Examples:');
$global_perms = \Zotlabs\Access\Permissions::Perms();
$existing = get_all_perms(local_channel(),(($atoken_xchan) ? $atoken_xchan : ''));
if($atoken_xchan) {
$theirs = q("select * from abconfig where chan = %d and xchan = '%s' and cat = 'their_perms'",
intval(local_channel()),
dbesc($atoken_xchan)
);
$their_perms = array();
if($theirs) {
foreach($theirs as $t) {
$their_perms[$t['k']] = $t['v'];
}
}
}
foreach($global_perms as $k => $v) {
$thisperm = get_abconfig(local_channel(),$contact['abook_xchan'],'my_perms',$k);
//fixme
$checkinherited = \Zotlabs\Access\PermissionLimits::Get(local_channel(),$k);
if($existing[$k])
$thisperm = "1";
$perms[] = array('perms_' . $k, $v, ((array_key_exists($k,$their_perms)) ? intval($their_perms[$k]) : ''),$thisperm, 1, (($checkinherited & PERMS_SPECIFIC) ? '' : '1'), '', $checkinherited);
}
$tpl = get_markup_template("settings_tokens.tpl");
$o .= replace_macros($tpl, array(
'$form_security_token' => get_form_security_token("settings_tokens"),
@ -801,6 +854,13 @@ class Settings extends \Zotlabs\Web\Controller {
'$name' => array('name', t('Login Name') . ' <span class="required">*</span>', (($atoken) ? $atoken['atoken_name'] : ''),''),
'$token'=> array('token', t('Login Password') . ' <span class="required">*</span>',(($atoken) ? $atoken['atoken_token'] : autoname(8)), ''),
'$expires'=> array('expires', t('Expires (yyyy-mm-dd)'), (($atoken['atoken_expires'] && $atoken['atoken_expires'] != NULL_DATE) ? datetime_convert('UTC',date_default_timezone_get(),$atoken['atoken_expires']) : ''), ''),
'$them' => t('Their Settings'),
'$me' => t('My Settings'),
'$perms' => $perms,
'$inherited' => t('inherited'),
'$notself' => '1',
'$permlbl' => t('Individual Permissions'),
'$permnote' => t('Some permissions may be inherited from your channel\'s <a href="settings"><strong>privacy settings</strong></a>, which have higher priority than individual settings. You can <strong>not</strong> change those settings here.'),
'$submit' => t('Submit')
));
return $o;
@ -963,11 +1023,7 @@ class Settings extends \Zotlabs\Web\Controller {
return $o;
}
if(argv(1) === 'channel') {
require_once('include/acl_selectors.php');
@ -984,9 +1040,8 @@ class Settings extends \Zotlabs\Web\Controller {
$channel = \App::get_channel();
$global_perms = get_perms();
$global_perms = \Zotlabs\Access\Permissions::Perms();
$permiss = array();
$perm_opts = array(
@ -1000,19 +1055,18 @@ class Settings extends \Zotlabs\Web\Controller {
array( t('Anybody on the internet'), PERMS_PUBLIC)
);
$limits = \Zotlabs\Access\PermissionLimits::Get(local_channel());
foreach($global_perms as $k => $perm) {
$options = array();
foreach($perm_opts as $opt) {
if((! $perm[2]) && $opt[1] == PERMS_PUBLIC)
continue;
$options[$opt[1]] = $opt[0];
}
$permiss[] = array($k,$perm[3],$channel[$perm[0]],$perm[4],$options);
$permiss[] = array($k,$perm,$limits[$k],'',$options);
}
// logger('permiss: ' . print_r($permiss,true));
//logger('permiss: ' . print_r($permiss,true));
@ -1166,6 +1220,10 @@ class Settings extends \Zotlabs\Web\Controller {
'$permissions' => t('Default Post and Publish Permissions'),
'$permdesc' => t("\x28click to open/close\x29"),
'$aclselect' => populate_acl($perm_defaults, false, \Zotlabs\Lib\PermissionDescription::fromDescription(t('Use my default audience setting for the type of object published'))),
'$allow_cid' => acl2json($perm_defaults['allow_cid']),
'$allow_gid' => acl2json($perm_defaults['allow_gid']),
'$deny_cid' => acl2json($perm_defaults['deny_cid']),
'$deny_gid' => acl2json($perm_defaults['deny_gid']),
'$suggestme' => $suggestme,
'$group_select' => $group_select,
'$role' => array('permissions_role' , t('Channel permissions category:'), $permissions_role, '', get_roles()),
@ -1228,7 +1286,7 @@ class Settings extends \Zotlabs\Web\Controller {
call_hooks('settings_form',$o);
$o .= '</form>' . "\r\n";
//$o .= '</form>' . "\r\n";
return $o;
}

24
Zotlabs/Module/Setup.php
View File

@ -101,7 +101,7 @@ class Setup extends \Zotlabs\Web\Controller {
$timezone = notags(trim($_POST['timezone']));
$adminmail = notags(trim($_POST['adminmail']));
$siteurl = notags(trim($_POST['siteurl']));
$advanced = ((intval($_POST['advanced'])) ? 1 : 0);
$advanced = ((intval($_POST['advanced'])) ? 'pro' : 'basic');
if($siteurl != z_root()) {
$test = z_fetch_url($siteurl."/setup/testrewrite");
@ -124,17 +124,17 @@ class Setup extends \Zotlabs\Web\Controller {
$tpl = get_intltext_template('htconfig.tpl');
$txt = replace_macros($tpl,array(
'$dbhost' => $dbhost,
'$dbport' => $dbport,
'$dbuser' => $dbuser,
'$dbpass' => $dbpass,
'$dbdata' => $dbdata,
'$dbtype' => $dbtype,
'$uno' => 1 - $advanced,
'$timezone' => $timezone,
'$siteurl' => $siteurl,
'$site_id' => random_string(),
'$phpath' => $phpath,
'$dbhost' => $dbhost,
'$dbport' => $dbport,
'$dbuser' => $dbuser,
'$dbpass' => $dbpass,
'$dbdata' => $dbdata,
'$dbtype' => $dbtype,
'$server_role' => $advanced,
'$timezone' => $timezone,
'$siteurl' => $siteurl,
'$site_id' => random_string(),
'$phpath' => $phpath,
'$adminmail' => $adminmail
));

8
Zotlabs/Module/Thing.php
View File

@ -312,6 +312,10 @@ class Thing extends \Zotlabs\Web\Controller {
'$imgurl' => $r[0]['obj_imgurl'],
'$permissions' => t('Permissions'),
'$aclselect' => populate_acl($channel_acl,false),
'$allow_cid' => acl2json($channel_acl['allow_cid']),
'$allow_gid' => acl2json($channel_acl['allow_gid']),
'$deny_cid' => acl2json($channel_acl['deny_cid']),
'$deny_gid' => acl2json($channel_acl['deny_gid']),
'$lockstate' => $lockstate,
'$submit' => t('Submit')
));
@ -358,6 +362,10 @@ class Thing extends \Zotlabs\Web\Controller {
'$img_lbl' => t('URL for photo of thing (optional)'),
'$permissions' => t('Permissions'),
'$aclselect' => populate_acl($channel_acl,false),
'$allow_cid' => acl2json($channel_acl['allow_cid']),
'$allow_gid' => acl2json($channel_acl['allow_gid']),
'$deny_cid' => acl2json($channel_acl['deny_cid']),
'$deny_gid' => acl2json($channel_acl['deny_gid']),
'$lockstate' => $lockstate,
'$submit' => t('Submit')
));

186
Zotlabs/Module/Webpages.php
View File

@ -45,7 +45,29 @@ class Webpages extends \Zotlabs\Web\Controller {
$observer = \App::get_observer();
$channel = \App::get_channel();
switch ($_SESSION['action']) {
case 'import':
$_SESSION['action'] = null;
$o .= replace_macros(get_markup_template('webpage_import.tpl'), array(
'$title' => t('Import Webpage Elements'),
'$importbtn' => t('Import selected'),
'$action' => 'import',
'$pages' => $_SESSION['pages'],
'$layouts' => $_SESSION['layouts'],
'$blocks' => $_SESSION['blocks'],
));
return $o;
case 'importselected':
$_SESSION['action'] = null;
break;
default :
$_SESSION['action'] = null;
break;
}
if(\App::$is_sys && is_site_admin()) {
$sys = get_sys_channel();
if($sys && intval($sys['channel_id'])) {
@ -105,6 +127,7 @@ class Webpages extends \Zotlabs\Web\Controller {
'nickname' => \App::$profile['channel_address'],
'lockstate' => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
'acl' => (($is_owner) ? populate_acl($channel_acl,false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_pages')) : ''),
'permissions' => (($is_owner) ? $channel_acl : ''),
'showacl' => (($is_owner) ? true : false),
'visitor' => true,
'hide_location' => true,
@ -209,4 +232,165 @@ class Webpages extends \Zotlabs\Web\Controller {
return $o;
}
function post() {
$action = $_REQUEST['action'];
if( $action ){
switch ($action) {
case 'scan':
// the state of this variable tracks whether website files have been scanned (null, true, false)
$cloud = null;
// Website files are to be imported from an uploaded zip file
if(($_FILES) && array_key_exists('zip_file',$_FILES) && isset($_POST['w_upload'])) {
$source = $_FILES["zip_file"]["tmp_name"];
$type = $_FILES["zip_file"]["type"];
$okay = false;
$accepted_types = array('application/zip', 'application/x-zip-compressed', 'multipart/x-zip', 'application/x-compressed');
foreach ($accepted_types as $mime_type) {
if ($mime_type == $type) {
$okay = true;
break;
}
}
if(!$okay) {
notice( t('Invalid file type.') . EOL);
return;
}
$zip = new \ZipArchive();
if ($zip->open($source) === true) {
$tmp_folder_name = random_string(5);
$website = dirname($source) . '/' . $tmp_folder_name;
$zip->extractTo($website); // change this to the correct site path
$zip->close();
@unlink($source); // delete the compressed file now that the content has been extracted
$cloud = false;
} else {
notice( t('Error opening zip file') . EOL);
return null;
}
}
// Website files are to be imported from the channel cloud files
if (($_POST) && array_key_exists('path',$_POST) && isset($_POST['cloudsubmit'])) {
$channel = \App::get_channel();
$dirpath = get_dirpath_by_cloudpath($channel, $_POST['path']);
if(!$dirpath) {
notice( t('Invalid folder path.') . EOL);
return null;
}
$cloud = true;
}
// If the website files were uploaded or specified in the cloud files, then $cloud
// should be either true or false
if ($cloud !== null) {
require_once('include/import.php');
$elements = [];
if($cloud) {
$path = $_POST['path'];
} else {
$path = $website;
}
$elements['pages'] = scan_webpage_elements($path, 'page', $cloud);
$elements['layouts'] = scan_webpage_elements($path, 'layout', $cloud);
$elements['blocks'] = scan_webpage_elements($path, 'block', $cloud);
$_SESSION['blocks'] = $elements['blocks'];
$_SESSION['layouts'] = $elements['layouts'];
$_SESSION['pages'] = $elements['pages'];
if(!(empty($elements['pages']) && empty($elements['blocks']) && empty($elements['layouts']))) {
//info( t('Webpages elements detected.') . EOL);
$_SESSION['action'] = 'import';
} else {
notice( t('No webpage elements detected.') . EOL);
$_SESSION['action'] = null;
}
}
// If the website elements were imported from a zip file, delete the temporary decompressed files
if ($cloud === false && $website && $elements) {
rrmdir($website); // Delete the temporary decompressed files
}
break;
case 'importselected':
require_once('include/import.php');
$channel = \App::get_channel();
// Import layout first so that pages that reference new layouts will find
// the mid of layout items in the database
// Obtain the user-selected layouts to import and import them
$checkedlayouts = $_POST['layout'];
$layouts = [];
if (!empty($checkedlayouts)) {
foreach ($checkedlayouts as $name) {
foreach ($_SESSION['layouts'] as &$layout) {
if ($layout['name'] === $name) {
$layout['import'] = 1;
$layoutstoimport[] = $layout;
}
}
}
foreach ($layoutstoimport as $elementtoimport) {
$layouts[] = import_webpage_element($elementtoimport, $channel, 'layout');
}
}
$_SESSION['import_layouts'] = $layouts;
// Obtain the user-selected blocks to import and import them
$checkedblocks = $_POST['block'];
$blocks = [];
if (!empty($checkedblocks)) {
foreach ($checkedblocks as $name) {
foreach ($_SESSION['blocks'] as &$block) {
if ($block['name'] === $name) {
$block['import'] = 1;
$blockstoimport[] = $block;
}
}
}
foreach ($blockstoimport as $elementtoimport) {
$blocks[] = import_webpage_element($elementtoimport, $channel, 'block');
}
}
$_SESSION['import_blocks'] = $blocks;
// Obtain the user-selected pages to import and import them
$checkedpages = $_POST['page'];
$pages = [];
if (!empty($checkedpages)) {
foreach ($checkedpages as $pagelink) {
foreach ($_SESSION['pages'] as &$page) {
if ($page['pagelink'] === $pagelink) {
$page['import'] = 1;
$pagestoimport[] = $page;
}
}
}
foreach ($pagestoimport as $elementtoimport) {
$pages[] = import_webpage_element($elementtoimport, $channel, 'page');
}
}
$_SESSION['import_pages'] = $pages;
if(!(empty($_SESSION['import_pages']) && empty($_SESSION['import_blocks']) && empty($_SESSION['import_layouts']))) {
info( t('Import complete.') . EOL);
}
break;
default :
break;
}
}
}
}

22
Zotlabs/Module/Wiki.php
View File

@ -74,11 +74,16 @@ class Wiki extends \Zotlabs\Web\Controller {
// Initialize the ACL to the channel default permissions
$x = array(
'lockstate' => (( $local_observer['channel_allow_cid'] ||
$local_observer['channel_allow_gid'] ||
$local_observer['channel_deny_cid'] ||
$local_observer['channel_deny_gid'])
? 'lock' : 'unlock'),
$local_observer['channel_allow_gid'] ||
$local_observer['channel_deny_cid'] ||
$local_observer['channel_deny_gid'])
? 'lock' : 'unlock'
),
'acl' => populate_acl($channel_acl),
'allow_cid' => acl2json($channel_acl['allow_cid']),
'allow_gid' => acl2json($channel_acl['allow_gid']),
'deny_cid' => acl2json($channel_acl['deny_cid']),
'deny_gid' => acl2json($channel_acl['deny_gid']),
'bang' => ''
);
} else {
@ -142,8 +147,8 @@ class Wiki extends \Zotlabs\Web\Controller {
}
$content = ($p['content'] !== '' ? htmlspecialchars_decode($p['content'],ENT_COMPAT) : '"# New page\n"');
// Render the Markdown-formatted page content in HTML
require_once('library/markdown.php');
$html = wiki_generate_toc(purify_html(Markdown(json_decode($content))));
require_once('library/markdown.php');
$html = wiki_generate_toc(purify_html(Markdown(wiki_bbcode(json_decode($content)))));
$renderedContent = wiki_convert_links($html,argv(0).'/'.argv(1).'/'.$wikiUrlName);
$hide_editor = false;
$showPageControls = $wiki_editor;
@ -186,6 +191,10 @@ class Wiki extends \Zotlabs\Web\Controller {
'$page' => $pageUrlName,
'$lockstate' => $x['lockstate'],
'$acl' => $x['acl'],
'$allow_cid' => $x['allow_cid'],
'$allow_gid' => $x['allow_gid'],
'$deny_cid' => $x['deny_cid'],
'$deny_gid' => $x['deny_gid'],
'$bang' => $x['bang'],
'$content' => $content,
'$renderedContent' => $renderedContent,
@ -221,6 +230,7 @@ class Wiki extends \Zotlabs\Web\Controller {
$content = $_POST['content'];
$resource_id = $_POST['resource_id'];
require_once('library/markdown.php');
$content = wiki_bbcode($content);
$html = wiki_generate_toc(purify_html(Markdown($content)));
$w = wiki_get_wiki($resource_id);
$wikiURL = argv(0).'/'.argv(1).'/'.$w['urlName'];

32
Zotlabs/Storage/Browser.php
View File

@ -274,6 +274,22 @@ class Browser extends DAV\Browser\Plugin {
// SimpleCollection, we won't need to show the panel either.
if (get_class($node) === 'Sabre\\DAV\\SimpleCollection')
return;
require_once('include/acl_selectors.php');
$aclselect = null;
$lockstate = '';
if($this->auth->owner_id) {
$channel = channelx_by_n($this->auth->owner_id);
if($channel) {
$acl = new \Zotlabs\Access\AccessList($channel);
$channel_acl = $acl->get();
$lockstate = (($acl->is_private()) ? 'lock' : 'unlock');
$aclselect = ((local_channel() == $this->auth->owner_id) ? populate_acl($channel_acl,false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_storage')) : '');
}
}
// Storage and quota for the account (all channels of the owner of this directory)!
$limit = engr_units_to_bytes(service_class_fetch($owner, 'attach_upload_limit'));
@ -293,7 +309,6 @@ class Browser extends DAV\Browser\Plugin {
userReadableSize($limit),
round($used / $limit, 1) * 100);
}
// prepare quota for template
$quota = array();
$quota['used'] = $used;
@ -301,12 +316,25 @@ class Browser extends DAV\Browser\Plugin {
$quota['desc'] = $quotaDesc;
$quota['warning'] = ((($limit) && ((round($used / $limit, 1) * 100) >= 90)) ? t('WARNING:') : ''); // 10485760 bytes = 100MB
$path = trim(str_replace('cloud/' . $this->auth->owner_nick, '', $path),'/');
$output .= replace_macros(get_markup_template('cloud_actionspanel.tpl'), array(
'$folder_header' => t('Create new folder'),
'$folder_submit' => t('Create'),
'$upload_header' => t('Upload file'),
'$upload_submit' => t('Upload'),
'$quota' => $quota
'$quota' => $quota,
'$channick' => $this->auth->owner_nick,
'$aclselect' => $aclselect,
'$allow_cid' => acl2json($channel_acl['allow_cid']),
'$allow_gid' => acl2json($channel_acl['allow_gid']),
'$deny_cid' => acl2json($channel_acl['deny_cid']),
'$deny_gid' => acl2json($channel_acl['deny_gid']),
'$lockstate' => $lockstate,
'$return_url' => \App::$cmd,
'$path' => $path,
'$folder' => find_folder_hash_by_path($this->auth->owner_id, $path),
'$dragdroptext' => t('Drop files here to immediately upload')
));
}

85
boot.php
View File

@ -44,10 +44,10 @@ require_once('include/account.php');
define ( 'PLATFORM_NAME', 'hubzilla' );
define ( 'STD_VERSION', '1.10' );
define ( 'STD_VERSION', '1.12' );
define ( 'ZOT_REVISION', '1.1' );
define ( 'DB_UPDATE_VERSION', 1180 );
define ( 'DB_UPDATE_VERSION', 1181 );
/**
@ -602,15 +602,22 @@ function sys_boot() {
@include('.htconfig.php');
if(! defined('UNO'))
define('UNO', 0);
if(array_key_exists('default_timezone',get_defined_vars())) {
App::$config['system']['timezone'] = $default_timezone;
}
$a->convert();
if(defined('UNO')) {
if(UNO)
App::$config['system']['server_role'] = 'basic';
else
App::$config['system']['server_role'] = 'pro';
}
if(! (array_key_exists('server_role',App::$config['system']) && App::$config['system']['server_role']))
App::$config['system']['server_role'] = 'pro';
App::$timezone = ((App::$config['system']['timezone']) ? App::$config['system']['timezone'] : 'UTC');
date_default_timezone_set(App::$timezone);
@ -633,7 +640,6 @@ function sys_boot() {
* Load configs from db. Overwrite configs from .htconfig.php
*/
load_config('config');
load_config('system');
load_config('feature');
@ -765,6 +771,7 @@ class App {
public static $pdl = null; // Comanche page description
private static $perms = null; // observer permissions
private static $widgets = array(); // widgets for this page
public static $config = array(); // config cache
public static $session = null;
public static $groups;
@ -774,7 +781,6 @@ class App {
public static $plugins_admin;
public static $module_loaded = false;
public static $query_string;
public static $config; // config cache
public static $page;
public static $profile;
public static $user;
@ -1551,6 +1557,9 @@ function check_config(&$a) {
load_hooks();
check_for_new_perms();
check_cron_broken();
}
@ -2440,6 +2449,67 @@ function cert_bad_email() {
}
function check_for_new_perms() {
$pregistered = get_config('system','perms');
$pcurrent = array_keys(\Zotlabs\Access\Permissions::Perms());
if(! $pregistered) {
set_config('system','perms',$pcurrent);
return;
}
$found_new_perm = false;
foreach($pcurrent as $p) {
if(! in_array($p,$pregistered)) {
$found_new_perm = true;
// for all channels
$c = q("select channel_id from channel where true");
if($c) {
foreach($c as $cc) {
// get the permission role
$r = q("select v from pconfig where uid = %d and cat = 'system' and k = 'permissions_role'",
intval($cc['uid'])
);
if($r) {
// get a list of connections
$x = q("select abook_xchan from abook where abook_channel = %d and abook_self = 0",
intval($cc['uid'])
);
// get the permissions role details
$rp = \Zotlabs\Access\PermissionRoles::role_perms($r[0]['v']);
if($rp) {
// set the channel limits if appropriate or 0
if(array_key_exists('limits',$rp) && array_key_exists($p,$rp['limits'])) {
\Zotlabs\Access\PermissionLimits::Set($cc['uid'],$p,$rp['limits'][$p]);
}
else {
\Zotlabs\Access\PermissionLimits::Set($cc['uid'],$p,0);
}
$set = ((array_key_exists('perms_connect',$rp) && array_key_exists($p,$rp['perms_connect'])) ? true : false);
// foreach connection set to the perms_connect value
if($x) {
foreach($x as $xx) {
set_abconfig($cc['uid'],$xx['abook_xchan'],'my_perms',$p,intval($set));
}
}
}
}
}
}
}
}
// We should probably call perms_refresh here, but this should get pushed in 24 hours and there is no urgency
if($found_new_perm)
set_config('system','perms',$pcurrent);
}
/**
* @brief Send warnings every 3-5 days if cron is not running.
*/
@ -2449,6 +2519,7 @@ function check_cron_broken() {
if((! $d) || ($d < datetime_convert('UTC','UTC','now - 4 hours'))) {
Zotlabs\Daemon\Master::Summon(array('Cron'));
set_config('system','lastcron',datetime_convert());
}
$t = get_config('system','lastcroncheck');

8
doc/context/en/webpages/help.html Normal file
View File

@ -0,0 +1,8 @@
<dl class="dl-horizontal">
<dt>General</dt>
<dd>You can create modular, identity-aware websites composed of shareable elements. </dd>
<dt>Pages</dt>
<dd>This page lists your "pages", which are assigned URLs where people can visit your site. The structure of pages are typically described by an associated <b>layout</b>, and their content is constructed from a collection of <b>blocks</b>.</dd>
<dt><a href='#' onclick='contextualHelpFocus("#website-import-tools", 1); return false;' title="Click to highlight element...">Website import tool</a></dt>
<dd>The website import tool allows you import multiple webpage elements (pages, layouts, blocks) either from an uploaded zip file or from an existing cloud files folder. <a target="_blank" href="help/webpages">Read more...</a></dd>
</dl>

94
doc/webpage-element-import.md Normal file
View File

@ -0,0 +1,94 @@
## <a href="#webpage-element-import"></a>Webpage element import
There are two methods of importing webpage elements: uploading a zip file or
referencing a local cloud files folder. Both methods require that the webpage
elements are specified using a specific folder structure. The import tool makes
it possible to import all the elements necessary to construct an entire website
or set of websites. The goal is to accommodate external development of webpages
as well as tools to simplify and automate deployment on a hub.
### Folder structure
Element definitions must be stored in the repo root under folders called
/pages/
/blocks/
/layouts/
Each element of these types must be defined in an individual subfolder using two files: one JSON-formatted file for the metadata and one plain text file for the element content.
### Page elements
Page element metadata is specified in a JSON-formatted file called `page.json` with the following properties:
* title
* pagelink
* mimetype
* layout
* contentfile
**Example**
Files:
/pages/my-page/page.json
/pages/my-page/my-page.bbcode
Content of `page.json`:
{
"title": "My Page",
"pagelink": "mypage",
"mimetype": "text/bbcode",
"layout": "my-layout",
"contentfile": "my-page.bbcode"
}
### Layout elements
Layout element metadata is specified in a JSON-formatted file called `layout.json` with the following properties:
* name
* description
* contentfile
**Example**
Files:
/layouts/my-layout/layout.json
/layouts/my-layout/my-layout.bbcode
Content of `layout.json`:
{
"name": "my-layout",
"description": "Layout for my project page",
"contentfile": "my-layout.bbcode"
}
### Block elements
Block element metadata is specified in a JSON-formatted file called `block.json` with the following properties:
* name
* title
* mimetype
* contentfile
**Example**
Files:
/blocks/my-block/block.json
/blocks/my-block/my-block.html
Content of `block.json`:
{
"name": "my-block",
"title": "",
"mimetype": "text/html",
"contentfile": "my-block.html"
}

3
doc/webpages.bb
View File

@ -9,6 +9,9 @@ The &quot;page link title&quot; box allows a user to specify the &quot;pagelinkt
Beneath the page creation box, a list of existing pages will appear with an &quot;edit&quot; link. Clicking this will take you to an editor, similar to that of the post editor, where you can make changes to your webpages.
See also:
[zrl=[baseurl]/help/webpage-element-import]Webpage element import tool[/zrl]
[b]Using Blocks[/b]

1
doc/Webpages.md → doc/webpages.md
View File

@ -13,4 +13,5 @@ Beneath the page creation box, a list of existing pages will appear with an "edi
If you are the admin of a site, you can specify a channel whose webpages we will use at key points around the site. Presently, the only place this is implemented is the home page. If you specify the channel "admin" and then the channel called "admin" creates a webpage called "home", we will display it's content on your websites home page. We expect this functionality to be extended to other areas in future.
#include doc/webpage-element-import.md;
#include doc/macros/main_footer.bb;

4
include/account.php
View File

@ -407,7 +407,7 @@ function account_allow($hash) {
pop_lang();
if(get_config('system','auto_channel_create') || UNO)
if(get_config('system','auto_channel_create') || get_config('system','server_role') === 'basic')
auto_channel_create($register[0]['uid']);
if ($res) {
@ -511,7 +511,7 @@ function account_approve($hash) {
if(get_config('system','auto_channel_create') || UNO)
if(get_config('system','auto_channel_create') || get_config('system','server_role') === 'basic')
auto_channel_create($register[0]['uid']);
else {
$_SESSION['login_return_url'] = 'new_channel';

2
include/api.php
View File

@ -13,7 +13,7 @@ require_once('include/api_auth.php');
/*
*
* Red API. Loosely based on and possibly compatible with a Twitter-Like API but all similarities end there.
* Hubzilla API. Loosely based on and possibly compatible with Twitter-Like (v1.0) API but all similarities end there.
*
*/

85
include/attach.php
View File

@ -577,7 +577,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) {
$pathname = filepath_macro($album);
}
}
else {
if(! $pathname) {
$pathname = filepath_macro($upload_path);
}
@ -1437,6 +1437,22 @@ logger('attach_hash: ' . $attachHash);
return $hash;
}
function find_folder_hash_by_path($channel_id, $path) {
$filename = end(explode('/', $path));
$r = q("SELECT hash FROM attach WHERE uid = %d AND filename = '%s' LIMIT 1",
intval($channel_id),
dbesc($filename)
);
$hash = '';
if($r && $r[0]['hash']) {
$hash = $r[0]['hash'];
}
return $hash;
}
/**
* @brief Returns the filename of an attachment in a given channel.
*
@ -1910,3 +1926,70 @@ function get_attach_binname($s) {
}
return $p;
}
function get_dirpath_by_cloudpath($channel, $path) {
// Warning: Do not edit the following line. The first symbol is UTF-8 &#65312;
$path = str_replace('@','@',notags(trim($path)));
$h = @parse_url($path);
if(! $h || !x($h, 'path')) {
return null;
}
if(substr($h['path'],-1,1) === '/') {
$h['path'] = substr($h['path'],0,-1);
}
if(substr($h['path'],0,1) === '/') {
$h['path'] = substr($h['path'],1);
}
$folders = explode('/', $h['path']);
$f = array_shift($folders);
$nick = $channel['channel_address'];
//check to see if the absolute path was provided (/cloud/channelname/path/to/folder)
if($f === 'cloud' ) {
$g = array_shift($folders);
if( $g !== $nick) {
// if nick does not follow "cloud", then the top level folder must be called "cloud"
// and the given path must be relative to "/cloud/channelname/".
$folders = array_unshift(array_unshift($folders, $g), $f);
}
} else {
array_unshift($folders, $f);
}
$clouddir = 'store/' . $nick . '/' ;
$subdir = '/';
$valid = true;
while($folders && $valid && is_dir($clouddir . $subdir) && is_readable($clouddir . $subdir)) {
$valid = false;
$f = array_shift($folders);
$items = array_diff(scandir($clouddir . $subdir), array('.', '..')); // hashed names
foreach($items as $item) {
$filename = find_filename_by_hash($channel['channel_id'], $item);
if($filename === $f) {
$subdir .= $item . '/';
$valid = true;
}
}
}
if(!$valid) {
return null;
} else {
return $clouddir . $subdir;
}
}
function get_filename_by_cloudname($cloudname, $channel, $storepath) {
$items = array_diff(scandir($storepath), array('.', '..')); // hashed names
foreach($items as $item) {
$filename = find_filename_by_hash($channel['channel_id'], $item);
if($filename === $cloudname) {
return $item;
}
}
return null;
}

1
include/auth.php
View File

@ -57,6 +57,7 @@ function account_verify_password($login, $pass) {
);
if($x) {
$ret['xchan'] = atoken_xchan($x[0]);
atoken_create_xchan($ret['xchan']);
return $ret;
}
}

2
include/bbcode.php
View File

@ -667,7 +667,7 @@ function bbcode($Text, $preserve_nl = false, $tryoembed = true, $cache = false)
}
// Remove bookmarks from UNO
if (UNO)
if (get_config('system','server_role') === 'basic')
$Text = str_replace('<span class="bookmark-identifier">#^</span>', '', $Text);
// Perform MAIL Search

20
include/channel.php
View File

@ -410,14 +410,6 @@ function create_identity($arr) {
set_pconfig($ret['channel']['channel_id'],'system','attach_path','%Y-%m');
}
// UNO: channel defaults, incl addons (addons specific pconfig will only work after the relevant addon is enabled by the admin). It's located here, so members can modify these defaults after the channel is created.
if(UNO) {
//diaspora protocol addon
set_pconfig($ret['channel']['channel_id'],'system','diaspora_allowed', '1');
set_pconfig($ret['channel']['channel_id'],'system','diaspora_public_comments', '1');
set_pconfig($ret['channel']['channel_id'],'system','prevent_tag_hijacking', '0');
}
// auto-follow any of the hub's pre-configured channel choices.
// Only do this if it's the first channel for this account;
// otherwise it could get annoying. Don't make this list too big
@ -625,19 +617,10 @@ function identity_basic_export($channel_id, $items = false) {
for($y = 0; $y < count($x); $y ++) {
$m = menu_fetch($x[$y]['menu_name'],$channel_id,$ret['channel']['channel_hash']);
if($m)
$ret['menu'][] = menu_element($m);
$ret['menu'][] = menu_element($ret['channel'],$m);
}
}
$x = menu_list($channel_id);
if($x) {
$ret['menu'] = array();
for($y = 0; $y < count($x); $y ++) {
$m = menu_fetch($x[$y]['menu_name'],$channel_id,$ret['channel']['channel_hash']);
if($m)
$ret['menu'][] = menu_element($m);
}
}
$addon = array('channel_id' => $channel_id,'data' => $ret);
call_hooks('identity_basic_export',$addon);
@ -1071,6 +1054,7 @@ function profile_sidebar($profile, $block = 0, $show_connect = true, $zcard = fa
$diaspora = array(
'podloc' => z_root(),
'guid' => $profile['channel_guid'] . str_replace('.','',App::get_hostname()),
'pubkey' => pemtorsa($profile['channel_pubkey']),
'searchable' => (($block) ? 'false' : 'true'),
'nickname' => $profile['channel_address'],
'fullname' => $profile['channel_name'],

6
include/connections.php
View File

@ -566,6 +566,7 @@ function contact_remove($channel_id, $abook_id) {
drop_item($rr['id'],false);
}
}
q("delete from abook where abook_id = %d and abook_channel = %d",
intval($abook['abook_id']),
@ -588,6 +589,11 @@ function contact_remove($channel_id, $abook_id) {
intval($channel_id)
);
$r = q("delete from abconfig where chan = %d and xchan = '%s'",
intval($channel_id),
dbesc($abook['abook_xchan'])
);
return true;
}

7
include/conversation.php
View File

@ -802,6 +802,7 @@ function conversation(&$a, $items, $mode, $update, $page_mode = 'traditional', $
continue;
}
$item['pagedrop'] = $page_dropping;
if($item['id'] == $item['parent']) {
@ -1253,6 +1254,10 @@ function status_editor($a, $x, $popup = false) {
'$visitor' => $x['visitor'],
'$lockstate' => $x['lockstate'],
'$acl' => $x['acl'],
'$allow_cid' => acl2json($x['permissions']['allow_cid']),
'$allow_gid' => acl2json($x['permissions']['allow_gid']),
'$deny_cid' => acl2json($x['permissions']['deny_cid']),
'$deny_gid' => acl2json($x['permissions']['deny_gid']),
'$mimeselect' => $mimeselect,
'$layoutselect' => $layoutselect,
'$showacl' => ((array_key_exists('showacl', $x)) ? $x['showacl'] : true),
@ -1705,7 +1710,7 @@ function profile_tabs($a, $is_owner = false, $nickname = null){
);
}
if(feature_enabled($uid,'wiki') && (! UNO)) {
if(feature_enabled($uid,'wiki') && (get_config('system','server_role') !== 'basic')) {
$tabs[] = array(
'label' => t('Wiki'),
'url' => z_root() . '/wiki/' . $nickname,

6
include/features.php
View File

@ -38,7 +38,9 @@ function get_feature_default($feature) {
function get_features($filtered = true) {
if(UNO && $filtered)
$server_role = get_config('system','server_role');
if($server_role === 'basic' && $filtered)
return array();
$arr = array(
@ -52,7 +54,7 @@ function get_features($filtered = true) {
array('advanced_profiles', t('Advanced Profiles'), t('Additional profile sections and selections'),false,get_config('feature_lock','advanced_profiles')),
array('profile_export', t('Profile Import/Export'), t('Save and load profile details across sites/channels'),false,get_config('feature_lock','profile_export')),
array('webpages', t('Web Pages'), t('Provide managed web pages on your channel'),false,get_config('feature_lock','webpages')),
array('wiki', t('Wiki'), t('Provide a wiki for your channel'),((UNO) ? false : true),get_config('feature_lock','wiki')),
array('wiki', t('Wiki'), t('Provide a wiki for your channel'),(($server_role === 'basic') ? false : true),get_config('feature_lock','wiki')),
array('hide_rating', t('Hide Rating'), t('Hide the rating buttons on your channel and profile pages. Note: People can still rate you somewhere else.'),false,get_config('feature_lock','hide_rating')),
array('private_notes', t('Private Notes'), t('Enables a tool to store notes and reminders (note: not encrypted)'),false,get_config('feature_lock','private_notes')),
array('nav_channel_select', t('Navigation Channel Select'), t('Change channels directly from within the navigation dropdown menu'),false,get_config('feature_lock','nav_channel_select')),

222
include/import.php
View File

@ -755,7 +755,11 @@ function import_menus($channel,$menus) {
foreach($menu['items'] as $it) {
$mitem = array();
$mitem['mitem_link'] = str_replace('[channelurl]',z_root() . '/channel/' . $channel['channel_address'],$it['link']);
$mitem['mitem_link'] = str_replace('[pageurl]',z_root() . '/page/' . $channel['channel_address'],$it['link']);
$mitem['mitem_link'] = str_replace('[cloudurl]',z_root() . '/cloud/' . $channel['channel_address'],$it['link']);
$mitem['mitem_link'] = str_replace('[baseurl]',z_root(),$it['link']);
$mitem['mitem_desc'] = escape_tags($it['desc']);
$mitem['mitem_order'] = intval($it['order']);
if(is_array($it['flags'])) {
@ -835,7 +839,12 @@ function sync_menus($channel,$menus) {
foreach($menu['items'] as $it) {
$mitem = array();
$mitem['mitem_link'] = str_replace('[channelurl]',z_root() . '/channel/' . $channel['channel_address'],$it['link']);
$mitem['mitem_link'] = str_replace('[pageurl]',z_root() . '/page/' . $channel['channel_address'],$it['link']);
$mitem['mitem_link'] = str_replace('[cloudurl]',z_root() . '/cloud/' . $channel['channel_address'],$it['link']);
$mitem['mitem_link'] = str_replace('[baseurl]',z_root(),$it['link']);
$mitem['mitem_desc'] = escape_tags($it['desc']);
$mitem['mitem_order'] = intval($it['order']);
if(is_array($it['flags'])) {
@ -1217,3 +1226,216 @@ function convert_oldfields(&$arr,$old,$new) {
unset($arr[$old]);
}
}
function scan_webpage_elements($path, $type, $cloud = false) {
$channel = \App::get_channel();
$dirtoscan = $path;
switch ($type) {
case 'page':
$dirtoscan .= '/pages/';
$json_filename = 'page.json';
break;
case 'layout':
$dirtoscan .= '/layouts/';
$json_filename = 'layout.json';
break;
case 'block':
$dirtoscan .= '/blocks/';
$json_filename = 'block.json';
break;
default :
return array();
}
if($cloud) {
$dirtoscan = get_dirpath_by_cloudpath($channel, $dirtoscan);
}
$elements = [];
if (is_dir($dirtoscan)) {
$dirlist = scandir($dirtoscan);
if ($dirlist) {
foreach ($dirlist as $element) {
if ($element === '.' || $element === '..') {
continue;
}
$folder = $dirtoscan . '/' . $element;
if (is_dir($folder)) {
if($cloud) {
$jsonfilepath = $folder . '/' . get_filename_by_cloudname($json_filename, $channel, $folder);
} else {
$jsonfilepath = $folder . '/' . $json_filename;
}
if (is_file($jsonfilepath)) {
$metadata = json_decode(file_get_contents($jsonfilepath), true);
if($cloud) {
$contentfilename = get_filename_by_cloudname($metadata['contentfile'], $channel, $folder);
$metadata['path'] = $folder . '/' . $contentfilename;
} else {
$contentfilename = $metadata['contentfile'];
$metadata['path'] = $folder . '/' . $contentfilename;
}
if ($metadata['contentfile'] === '') {
logger('Invalid ' . $type . ' content file');
return false;
}
$content = file_get_contents($folder . '/' . $contentfilename);
if (!$content) {
logger('Failed to get file content for ' . $metadata['contentfile']);
return false;
}
$elements[] = $metadata;
}
}
}
}
}
return $elements;
}
function import_webpage_element($element, $channel, $type) {
$arr = array(); // construct information for the webpage element item table record
switch ($type) {
//
// PAGES
//
case 'page':
$arr['item_type'] = ITEM_TYPE_WEBPAGE;
$namespace = 'WEBPAGE';
$name = $element['pagelink'];
if($name) {
require_once('library/urlify/URLify.php');
$name = strtolower(\URLify::transliterate($name));
}
$arr['title'] = $element['title'];
$arr['term'] = $element['term'];
$arr['layout_mid'] = ''; // by default there is no layout associated with the page
// If a layout was specified, find it in the database and get its info. If
// it does not exist, leave layout_mid empty
if($element['layout'] !== '') {
$liid = q("select iid from iconfig where k = 'PDL' and v = '%s' and cat = 'system'",
dbesc($element['layout'])
);
if($liid) {
$linfo = q("select mid from item where id = %d",
intval($liid[0]['iid'])
);
$arr['layout_mid'] = $linfo[0]['mid'];
}
}
break;
//
// LAYOUTS
//
case 'layout':
$arr['item_type'] = ITEM_TYPE_PDL;
$namespace = 'PDL';
$name = $element['name'];
$arr['title'] = $element['description'];
$arr['term'] = $element['term'];
break;
//
// BLOCKS
//
case 'block':
$arr['item_type'] = ITEM_TYPE_BLOCK;
$namespace = 'BUILDBLOCK';
$name = $element['name'];
$arr['title'] = $element['title'];
break;
default :
return null; // return null if invalid element type
}
$arr['uid'] = $channel['channel_id'];
$arr['aid'] = $channel['channel_account_id'];
// Check if an item already exists based on the name
$iid = q("select iid from iconfig where k = '" . $namespace . "' and v = '%s' and cat = 'system'",
dbesc($name)
);
if($iid) { // If the item does exist, get the item metadata
$iteminfo = q("select mid,created,edited from item where id = %d",
intval($iid[0]['iid'])
);
$arr['mid'] = $arr['parent_mid'] = $iteminfo[0]['mid'];
$arr['created'] = $iteminfo[0]['created'];
$arr['edited'] = (($element['edited']) ? datetime_convert('UTC', 'UTC', $element['edited']) : datetime_convert());
} else { // otherwise, generate the creation times and unique id
$arr['created'] = (($element['created']) ? datetime_convert('UTC', 'UTC', $element['created']) : datetime_convert());
$arr['edited'] = datetime_convert('UTC', 'UTC', '0000-00-00 00:00:00');
$arr['mid'] = $arr['parent_mid'] = item_message_id();
}
// Import the actual element content
$arr['body'] = file_get_contents($element['path']);
// The element owner is the channel importing the elements
$arr['owner_xchan'] = get_observer_hash();
// The author is either the owner or whomever was specified
$arr['author_xchan'] = (($element['author_xchan']) ? $element['author_xchan'] : get_observer_hash());
// Import mimetype if it is a valid mimetype for the element
$mimetypes = [ 'text/bbcode',
'text/html',
'text/markdown',
'text/plain',
'application/x-pdl',
'application/x-php'
];
// Blocks and pages can have any mimetype, but layouts must be text/bbcode
if((in_array($element['mimetype'], $mimetypes)) && ($type === 'page' || $type === 'block') ) {
$arr['mimetype'] = $element['mimetype'];
} else {
$arr['mimetype'] = 'text/bbcode';
}
// Verify ability to use html or php!!!
$execflag = false;
if ($arr['mimetype'] === 'application/x-php') {
$z = q("select account_id, account_roles, channel_pageflags from account "
. "left join channel on channel_account_id = account_id where channel_id = %d limit 1",
intval(local_channel())
);
if ($z && (($z[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($z[0]['channel_pageflags'] & PAGE_ALLOWCODE))) {
$execflag = true;
}
}
$z = q("select * from iconfig where v = '%s' and k = '%s' and cat = 'service' limit 1",
dbesc($name),
dbesc($namespace)
);
$i = q("select id, edited, item_deleted from item where mid = '%s' and uid = %d limit 1",
dbesc($arr['mid']),
intval(local_channel())
);
$remote_id = 0;
if ($z && $i) {
$remote_id = $z[0]['id'];
$arr['id'] = $i[0]['id'];
// don't update if it has the same timestamp as the original
if ($arr['edited'] > $i[0]['edited'])
$x = item_store_update($arr, $execflag);
} else {
if (($i) && (intval($i[0]['item_deleted']))) {
// was partially deleted already, finish it off
q("delete from item where mid = '%s' and uid = %d",
dbesc($arr['mid']),
intval(local_channel())
);
}
$x = item_store($arr, $execflag);
}
if ($x['success']) {
$item_id = $x['item_id'];
update_remote_id($channel, $item_id, $arr['item_type'], $name, $namespace, $remote_id, $arr['mid']);
$element['import_success'] = 1;
} else {
$element['import_success'] = 0;
}
return $element;
}

39
include/items.php
View File

@ -183,7 +183,7 @@ function is_item_normal($item) {
* This function examines the comment_policy attached to an item and decides if the current observer has
* sufficient privileges to comment. This will normally be called on a remote site where perm_is_allowed()
* will not be suitable because the post owner does not have a local channel_id.
* Generally we should look at the item - in particular the author['book_flags'] and see if ABOOK_FLAG_SELF is set.
* Generally we should look at the item - in particular the author['abook_flags'] and see if ABOOK_FLAG_SELF is set.
* If it is, you should be able to use perm_is_allowed( ... 'post_comments'), and if it isn't you need to call
* can_comment_on_post()
* We also check the comments_closed date/time on the item if this is set.
@ -224,8 +224,7 @@ function can_comment_on_post($observer_xchan, $item) {
case 'contacts':
case 'authenticated':
case '':
if(array_key_exists('owner',$item)) {
if(($item['owner']['abook_xchan']) && ($item['owner']['abook_their_perms'] & PERMS_W_COMMENT))
if(array_key_exists('owner',$item) && get_abconfig($item['uid'],$item['owner']['abook_xchan'],'their_perms','post_comments')) {
return true;
}
break;
@ -386,7 +385,7 @@ function post_activity_item($arr) {
return $ret;
}
$arr['public_policy'] = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope($channel['channel_r_stream'],true));
$arr['public_policy'] = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_stream'),true));
if($arr['public_policy'])
$arr['item_private'] = 1;
@ -422,7 +421,7 @@ function post_activity_item($arr) {
$arr['deny_cid'] = ((x($arr,'deny_cid')) ? $arr['deny_cid'] : $channel['channel_deny_cid']);
$arr['deny_gid'] = ((x($arr,'deny_gid')) ? $arr['deny_gid'] : $channel['channel_deny_gid']);
$arr['comment_policy'] = map_scope($channel['channel_w_comment']);
$arr['comment_policy'] = map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'post_comments'));
if ((! $arr['plink']) && (intval($arr['item_thread_top']))) {
$arr['plink'] = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . $arr['mid'];
@ -971,12 +970,12 @@ function encode_item($item,$mirror = false) {
// logger('encode_item: ' . print_r($item,true));
$r = q("select channel_r_stream, channel_w_comment from channel where channel_id = %d limit 1",
$r = q("select channel_id from channel where channel_id = %d limit 1",
intval($item['uid'])
);
if($r)
$comment_scope = $r[0]['channel_w_comment'];
$comment_scope = \Zotlabs\Access\PermissionLimits::Get($item['uid'],'post_comments');
else
$comment_scope = 0;
@ -990,9 +989,9 @@ function encode_item($item,$mirror = false) {
if(array_key_exists('item_obscured',$item) && intval($item['item_obscured'])) {
if($item['title'])
$item['title'] = crypto_unencapsulate(json_decode_plus($item['title']),$key);
$item['title'] = crypto_unencapsulate(json_decode($item['title'],true),$key);
if($item['body'])
$item['body'] = crypto_unencapsulate(json_decode_plus($item['body']),$key);
$item['body'] = crypto_unencapsulate(json_decode($item['body'],true),$key);
}
// If we're trying to backup an item so that it's recoverable or for export/imprt,
@ -1062,11 +1061,11 @@ function encode_item($item,$mirror = false) {
$x['owner'] = encode_item_xchan($item['owner']);
$x['author'] = encode_item_xchan($item['author']);
if($item['obj'])
$x['object'] = json_decode_plus($item['obj']);
$x['object'] = json_decode($item['obj'],true);
if($item['target'])
$x['target'] = json_decode_plus($item['target']);
$x['target'] = json_decode($item['target'],true);
if($item['attach'])
$x['attach'] = json_decode_plus($item['attach']);
$x['attach'] = json_decode($item['attach'],true);
if($y = encode_item_flags($item))
$x['flags'] = $y;
@ -1382,7 +1381,7 @@ function encode_mail($item,$extended = false) {
$x['to'] = encode_item_xchan($item['to']);
if($item['attach'])
$x['attach'] = json_decode_plus($item['attach']);
$x['attach'] = json_decode($item['attach'],true);
$x['flags'] = array();
@ -2390,7 +2389,7 @@ function tag_deliver($uid, $item_id) {
if(($item['obj_type'] == "") || ($item['obj_type'] !== ACTIVITY_OBJ_PERSON) || (! $item['obj']))
$poke_notify = false;
$obj = json_decode_plus($item['obj']);
$obj = json_decode($item['obj'],true);
if($obj) {
if($obj['id'] !== $u[0]['channel_hash'])
$poke_notify = false;
@ -2427,14 +2426,14 @@ function tag_deliver($uid, $item_id) {
if(($item['owner_xchan'] === $u[0]['channel_hash']) && (! get_pconfig($u[0]['channel_id'],'system','blocktags'))) {
logger('tag_deliver: community tag recipient: ' . $u[0]['channel_name']);
$j_tgt = json_decode_plus($item['target']);
$j_tgt = json_decode($item['target'],true);
if($j_tgt && $j_tgt['id']) {
$p = q("select * from item where mid = '%s' and uid = %d limit 1",
dbesc($j_tgt['id']),
intval($u[0]['channel_id'])
);
if($p) {
$j_obj = json_decode_plus($item['obj']);
$j_obj = json_decode($item['obj'],true);
logger('tag_deliver: tag object: ' . print_r($j_obj,true), LOGGER_DATA);
if($j_obj && $j_obj['id'] && $j_obj['title']) {
if(is_array($j_obj['link']))
@ -2519,7 +2518,7 @@ function tag_deliver($uid, $item_id) {
if(intval($item['item_obscured'])) {
$key = get_config('system','prvkey');
if($item['body'])
$body = crypto_unencapsulate(json_decode_plus($item['body']),$key);
$body = crypto_unencapsulate(json_decode($item['body'],true),$key);
}
else
$body = $item['body'];
@ -2762,7 +2761,7 @@ function start_delivery_chain($channel, $item, $item_id, $parent) {
$private = (($channel['channel_allow_cid'] || $channel['channel_allow_gid']
|| $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 1 : 0);
$new_public_policy = map_scope($channel['channel_r_stream'],true);
$new_public_policy = map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_stream'),true);
if((! $private) && $new_public_policy)
$private = 1;
@ -2807,7 +2806,7 @@ function start_delivery_chain($channel, $item, $item_id, $parent) {
dbesc($channel['channel_deny_gid']),
intval($private),
dbesc($new_public_policy),
dbesc(map_scope($channel['channel_w_comment'])),
dbesc(map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'post_comments'))),
dbesc($title),
dbesc($body),
intval($item_wall),
@ -2856,7 +2855,7 @@ function check_item_source($uid, $item) {
if(! $x)
return false;
if(! ($x[0]['abook_their_perms'] & PERMS_A_REPUBLISH))
if(! get_abconfig($uid,$item['owner_xchan'],'their_perms','republish'))
return false;
if($item['item_private'] && (! intval($x[0]['abook_feed'])))

10
include/menu.php
View File

@ -25,7 +25,7 @@ function menu_fetch($name,$uid,$observer_xchan) {
return null;
}
function menu_element($menu) {
function menu_element($channel,$menu) {
$arr = array();
$arr['type'] = 'menu';
@ -46,7 +46,12 @@ function menu_element($menu) {
$arr['items'] = array();
foreach($menu['items'] as $it) {
$entry = array();
$entry['link'] = str_replace(z_root() . '/channel/' . $channel['channel_address'],'[channelurl]',$it['mitem_link']);
$entry['link'] = str_replace(z_root() . '/page/' . $channel['channel_address'],'[pageurl]',$it['mitem_link']);
$entry['link'] = str_replace(z_root() . '/cloud/' . $channel['channel_address'],'[cloudurl]',$it['mitem_link']);
$entry['link'] = str_replace(z_root(),'[baseurl]',$it['mitem_link']);
$entry['desc'] = $it['mitem_desc'];
$entry['order'] = $it['mitem_order'];
if($it['mitem_flags']) {
@ -389,12 +394,13 @@ function menu_del_item($menu_id,$uid,$item_id) {
function menu_sync_packet($uid,$observer_hash,$menu_id,$delete = false) {
$r = menu_fetch_id($menu_id,$uid);
$c = channelx_by_n($uid);
if($r) {
$m = menu_fetch($r['menu_name'],$uid,$observer_hash);
if($m) {
if($delete)
$m['menu_delete'] = 1;
build_sync_packet($uid,array('menu' => array(menu_element($m))));
build_sync_packet($uid,array('menu' => array(menu_element($c,$m))));
}
}
}

20
include/nav.php
View File

@ -61,13 +61,15 @@ EOT;
'$banner' => $banner
));
$server_role = get_config('system','server_role');
$basic = (($server_role === 'basic') ? true : false);
// nav links: array of array('href', 'text', 'extra css classes', 'title')
$nav = Array();
/**
* Display login or logout
*/
*/
$nav['usermenu']=array();
$userinfo = null;
@ -76,7 +78,7 @@ EOT;
if(local_channel()) {
if($chans && count($chans) > 1 && feature_enabled(local_channel(),'nav_channel_select') && (! UNO))
if($chans && count($chans) > 1 && feature_enabled(local_channel(),'nav_channel_select') && (! $basic))
$nav['channels'] = $chans;
$nav['logout'] = Array('logout',t('Logout'), "", t('End this session'),'logout_nav_btn');
@ -84,7 +86,7 @@ EOT;
// user menu
$nav['usermenu'][] = Array('channel/' . $channel['channel_address'], t('Home'), "", t('Your posts and conversations'),'channel_nav_btn');
$nav['usermenu'][] = Array('profile/' . $channel['channel_address'], t('View Profile'), "", t('Your profile page'),'profile_nav_btn');
if(feature_enabled(local_channel(),'multi_profiles') && (! UNO))
if(feature_enabled(local_channel(),'multi_profiles') && (! $basic))
$nav['usermenu'][] = Array('profiles', t('Edit Profiles'),"", t('Manage/Edit profiles'),'profiles_nav_btn');
else
$nav['usermenu'][] = Array('profiles/' . $prof[0]['id'], t('Edit Profile'),"", t('Edit your profile'),'profiles_nav_btn');
@ -92,19 +94,19 @@ EOT;
$nav['usermenu'][] = Array('photos/' . $channel['channel_address'], t('Photos'), "", t('Your photos'),'photos_nav_btn');
$nav['usermenu'][] = Array('cloud/' . $channel['channel_address'],t('Files'),"",t('Your files'),'cloud_nav_btn');
if((! UNO) && feature_enabled(local_channel(),'ajaxchat'))
if((! $basic) && feature_enabled(local_channel(),'ajaxchat'))
$nav['usermenu'][] = Array('chat/' . $channel['channel_address'], t('Chat'),"",t('Your chatrooms'),'chat_nav_btn');
require_once('include/menu.php');
$has_bookmarks = menu_list_count(local_channel(),'',MENU_BOOKMARK) + menu_list_count(local_channel(),'',MENU_SYSTEM|MENU_BOOKMARK);
if(($has_bookmarks) && (! UNO)) {
if(($has_bookmarks) && (! $basic)) {
$nav['usermenu'][] = Array('bookmarks', t('Bookmarks'), "", t('Your bookmarks'),'bookmarks_nav_btn');
}
if(feature_enabled($channel['channel_id'],'webpages') && (! UNO))
if(feature_enabled($channel['channel_id'],'webpages') && (! $basic))
$nav['usermenu'][] = Array('webpages/' . $channel['channel_address'],t('Webpages'),"",t('Your webpages'),'webpages_nav_btn');
if(feature_enabled($channel['channel_id'],'wiki') && (! UNO))
if(feature_enabled($channel['channel_id'],'wiki') && (! $basic))
$nav['usermenu'][] = Array('wiki/' . $channel['channel_address'],t('Wiki'),"",t('Your wiki'),'wiki_nav_btn');
}
else {
@ -161,7 +163,7 @@ EOT;
$nav['help'] = array($help_url, t('Help'), "", t('Help and documentation'), 'help_nav_btn', $context_help, $enable_context_help);
}
if(! UNO)
if(! $basic)
$nav['apps'] = array('apps', t('Apps'), "", t('Applications, utilities, links, games'),'apps_nav_btn');
$nav['search'] = array('search', t('Search'), "", t('Search site @name, #tag, ?docs, content'));
@ -204,7 +206,7 @@ EOT;
$nav['all_events']['all']=array('events', t('See all events'), "", "");
$nav['all_events']['mark'] = array('', t('Mark all events seen'), '','');
if(! UNO)
if(! $basic)
$nav['manage'] = array('manage', t('Channel Manager'), "", t('Manage Your Channels'),'manage_nav_btn');
$nav['settings'] = array('settings', t('Settings'),"", t('Account/Channel Settings'),'settings_nav_btn');

13
include/network.php
View File

@ -1343,13 +1343,18 @@ function discover_by_webbie($webbie) {
$fullname = $vcard['fn'];
if($vcard['photo'] && (strpos($vcard['photo'],'http') !== 0))
$vcard['photo'] = $diaspora_base . '/' . $vcard['photo'];
if(($vcard['key']) && (! $pubkey))
$pubkey = $vcard['key'];
if(($vcard['public_key']) && (! $pubkey)) {
$diaspora_key = $vcard['public_key'];
if(strstr($diaspora_key,'RSA '))
$pubkey = rsatopem($diaspora_key);
else
$pubkey = $diaspora_key;
}
if(! $avatar)
$avatar = $vcard['photo'];
if($diaspora) {
if(($vcard['guid']) && (! $diaspora_guid))
$diaspora_guid = $vcard['guid'];
if(($vcard['uid']) && (! $diaspora_guid))
$diaspora_guid = $vcard['uid'];
if(($vcard['url']) && (! $diaspora_base))
$diaspora_base = $vcard['url'];

33
include/oembed.php
View File

@ -1,8 +1,10 @@
<?php /** @file */
use Zotlabs\Lib as Zlib;
require_once('include/hubloc.php');
function oembed_replacecb($matches){
$embedurl=$matches[1];
@ -130,6 +132,9 @@ function oembed_fetch_url($embedurl){
$txt = null;
// we should try to cache this and avoid a lookup on each render
$zrl = is_matrix_url($embedurl);
if($action !== 'block') {
$txt = Zlib\Cache::get('[' . App::$videowidth . '] ' . $embedurl);
@ -142,15 +147,11 @@ function oembed_fetch_url($embedurl){
$txt = "";
$furl = $embedurl;
$zrl = false;
if(local_channel()) {
require_once('include/hubloc.php');
$zrl = is_matrix_url($furl);
if($zrl)
$furl = zid($furl);
}
logger('local_channel: ' . local_channel());
if(local_channel() && $zrl)
$furl = zid($furl);
if ($action !== 'block') {
// try oembed autodiscovery
@ -215,12 +216,26 @@ function oembed_fetch_url($embedurl){
if($j->html != $orig) {
logger('oembed html was purified. original: ' . $orig . ' purified: ' . $j->html, LOGGER_DEBUG, LOG_INFO);
}
$orig_len = mb_strlen(preg_replace('/\s+/','',$orig));
$new_len = mb_strlen(preg_replace('/\s+/','',$j->html));
if(stripos($orig,'<script') || (! $new_len))
$j->type = 'error';
elseif($orig_len) {
$ratio = $new_len / $orig_len;
if($ratio < 0.5) {
$j->type = 'error';
logger('oembed html truncated: ' . $ratio, LOGGER_DEBUG, LOG_INFO);
}
}
}
}
$j->embedurl = $embedurl;
// logger('fetch return: ' . print_r($j,true));
// logger('fetch return: ' . print_r($j,true));
return $j;

572
include/permissions.php
View File

@ -1,4 +1,7 @@
<?php
require_once('include/security.php');
/**
* @file include/permissions.php
*
@ -67,7 +70,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
if($api)
return get_all_api_perms($uid,$api);
$global_perms = get_perms();
$global_perms = \Zotlabs\Access\Permissions::Perms();
// Save lots of individual lookups
@ -81,11 +84,13 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
$ret = array();
$abperms = (($uid && $observer_xchan) ? load_abconfig($uid,$observer_xchan,'my_perms') : array());
foreach($global_perms as $perm_name => $permission) {
// First find out what the channel owner declared permissions to be.
$channel_perm = $permission[0];
$channel_perm = \Zotlabs\Access\PermissionLimits::Get($uid,$perm_name);
if(! $channel_checked) {
$r = q("select * from channel where channel_id = %d limit 1",
@ -105,7 +110,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
// These take priority over all other settings.
if($observer_xchan) {
if($r[0][$channel_perm] & PERMS_AUTHED) {
if($channel_perm & PERMS_AUTHED) {
$ret[$perm_name] = true;
continue;
}
@ -117,10 +122,21 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
dbesc($observer_xchan)
);
if(! $x) {
// not in address book, see if they've got an xchan
$y = q("select xchan_network from xchan where xchan_hash = '%s' limit 1",
dbesc($observer_xchan)
);
// see if they've got a guest access token; these are treated as connections
$y = atoken_abook($uid,$observer_xchan);
if($y)
$x = array($y);
if(! $x) {
// not in address book and no guest token, see if they've got an xchan
// these *may* have individual (PERMS_SPECIFIC) permissions, but are not connections
$y = q("select xchan_network from xchan where xchan_hash = '%s' limit 1",
dbesc($observer_xchan)
);
if($y) {
$x = array(pseudo_abook($y[0]));
}
}
}
$abook_checked = true;
@ -136,7 +152,10 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
// Check if this is a write permission and they are being ignored
// This flag is only visible internally.
if(($x) && ($internal_use) && (! $global_perms[$perm_name][2]) && intval($x[0]['abook_ignored'])) {
$blocked_anon_perms = \Zotlabs\Access\Permissions::BlockedAnonPerms();
if(($x) && ($internal_use) && in_array($perm_name,$blocked_anon_perms) && intval($x[0]['abook_ignored'])) {
$ret[$perm_name] = false;
continue;
}
@ -154,7 +173,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
// if you've moved elsewhere, you will only have read only access
if(($observer_xchan) && ($r[0]['channel_hash'] === $observer_xchan)) {
if($r[0]['channel_moved'] && (! $permission[2]))
if($r[0]['channel_moved'] && (in_array($perm_name,$blocked_anon_perms)))
$ret[$perm_name] = false;
else
$ret[$perm_name] = true;
@ -163,7 +182,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
// Anybody at all (that wasn't blocked or ignored). They have permission.
if($r[0][$channel_perm] & PERMS_PUBLIC) {
if($channel_perm & PERMS_PUBLIC) {
$ret[$perm_name] = true;
continue;
}
@ -178,8 +197,8 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
// If we're still here, we have an observer, check the network.
if($r[0][$channel_perm] & PERMS_NETWORK) {
if(($x && $x[0]['xchan_network'] === 'zot') || ($y && $y[0]['xchan_network'] === 'zot')) {
if($channel_perm & PERMS_NETWORK) {
if($x && $x[0]['xchan_network'] === 'zot') {
$ret[$perm_name] = true;
continue;
}
@ -187,7 +206,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
// If PERMS_SITE is specified, find out if they've got an account on this hub
if($r[0][$channel_perm] & PERMS_SITE) {
if($channel_perm & PERMS_SITE) {
if(! $onsite_checked) {
$c = q("select channel_hash from channel where channel_hash = '%s' limit 1",
dbesc($observer_xchan)
@ -214,7 +233,7 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
// They are in your address book, but haven't been approved
if($r[0][$channel_perm] & PERMS_PENDING) {
if($channel_perm & PERMS_PENDING) {
$ret[$perm_name] = true;
continue;
}
@ -226,16 +245,27 @@ function get_all_perms($uid, $observer_xchan, $internal_use = true) {
// They're a contact, so they have permission
if($r[0][$channel_perm] & PERMS_CONTACTS) {
if($channel_perm & PERMS_CONTACTS) {
// it was a fake abook entry, not really a connection
if(array_key_exists('abook_pseudo',$x[0]) && intval($x[0]['abook_pseudo'])) {
$ret[$perm_name] = false;
continue;
}
$ret[$perm_name] = true;
continue;
}
// Permission granted to certain channels. Let's see if the observer is one of them
if($r[0][$channel_perm] & PERMS_SPECIFIC) {
if(($x[0]['abook_my_perms'] & $global_perms[$perm_name][1])) {
$ret[$perm_name] = true;
if($channel_perm & PERMS_SPECIFIC) {
if($abperms) {
foreach($abperms as $ab) {
if(($ab['cat'] == 'my_perms') && ($ab['k'] == $perm_name)) {
$ret[$perm_name] = (intval($ab['v']) ? true : false);
break;
}
}
continue;
}
}
@ -284,21 +314,23 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
if($arr['result'])
return true;
$global_perms = get_perms();
$global_perms = \Zotlabs\Access\Permissions::Perms();
// First find out what the channel owner declared permissions to be.
$channel_perm = $global_perms[$permission][0];
$channel_perm = \Zotlabs\Access\PermissionLimits::Get($uid,$permission);
$r = q("select %s, channel_pageflags, channel_moved, channel_hash from channel where channel_id = %d limit 1",
dbesc($channel_perm),
$r = q("select channel_pageflags, channel_moved, channel_hash from channel where channel_id = %d limit 1",
intval($uid)
);
if(! $r)
return false;
$blocked_anon_perms = \Zotlabs\Access\Permissions::BlockedAnonPerms();
if($observer_xchan) {
if($r[0][$channel_perm] & PERMS_AUTHED)
if($channel_perm & PERMS_AUTHED)
return true;
$x = q("select abook_my_perms, abook_blocked, abook_ignored, abook_pending, xchan_network from abook left join xchan on abook_xchan = xchan_hash
@ -312,16 +344,29 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
if(($x) && intval($x[0]['abook_blocked']))
return false;
if(($x) && (! $global_perms[$permission][2]) && intval($x[0]['abook_ignored']))
if(($x) && in_array($permission,$blocked_anon_perms) && intval($x[0]['abook_ignored']))
return false;
if(! $x) {
// not in address book, see if they've got an xchan
$y = q("select xchan_network from xchan where xchan_hash = '%s' limit 1",
dbesc($observer_xchan)
);
// see if they've got a guest access token
$y = atoken_abook($uid,$observer_xchan);
if($y)
$x = array($y);
if(! $x) {
// not in address book and no guest token, see if they've got an xchan
$y = q("select xchan_network from xchan where xchan_hash = '%s' limit 1",
dbesc($observer_xchan)
);
if($y) {
$x = array(pseudo_abook($y[0]));
}
}
}
$abperms = load_abconfig($uid,$observer_xchan,'my_perms');
}
// system is blocked to anybody who is not authenticated
@ -333,13 +378,13 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
// in which case you will have read_only access
if($r[0]['channel_hash'] === $observer_xchan) {
if($r[0]['channel_moved'] && (! $global_perms[$permission][2]))
if($r[0]['channel_moved'] && (in_array($permission,$blocked_anon_perms)))
return false;
else
return true;
}
if($r[0][$channel_perm] & PERMS_PUBLIC)
if($channel_perm & PERMS_PUBLIC)
return true;
// If it's an unauthenticated observer, we only need to see if PERMS_PUBLIC is set
@ -350,14 +395,14 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
// If we're still here, we have an observer, check the network.
if($r[0][$channel_perm] & PERMS_NETWORK) {
if($channel_perm & PERMS_NETWORK) {
if (($x && $x[0]['xchan_network'] === 'zot') || ($y && $y[0]['xchan_network'] === 'zot'))
return true;
}
// If PERMS_SITE is specified, find out if they've got an account on this hub
if($r[0][$channel_perm] & PERMS_SITE) {
if($channel_perm & PERMS_SITE) {
$c = q("select channel_hash from channel where channel_hash = '%s' limit 1",
dbesc($observer_xchan)
);
@ -376,7 +421,7 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
// They are in your address book, but haven't been approved
if($r[0][$channel_perm] & PERMS_PENDING) {
if($channel_perm & PERMS_PENDING) {
return true;
}
@ -386,15 +431,24 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
// They're a contact, so they have permission
if($r[0][$channel_perm] & PERMS_CONTACTS) {
if($channel_perm & PERMS_CONTACTS) {
// it was a fake abook entry, not really a connection
if(array_key_exists('abook_pseudo',$x[0]) && intval($x[0]['abook_pseudo'])) {
return false;
}
return true;
}
// Permission granted to certain channels. Let's see if the observer is one of them
if(($r) && $r[0][$channel_perm] & PERMS_SPECIFIC) {
if($x[0]['abook_my_perms'] & $global_perms[$permission][1])
return true;
if(($r) && ($channel_perm & PERMS_SPECIFIC)) {
if($abperms) {
foreach($abperms as $ab) {
if($ab['cat'] == 'my_perms' && $ab['k'] == $permission) {
return ((intval($ab['v'])) ? true : false);
}
}
}
}
// No permissions allowed.
@ -560,28 +614,28 @@ function get_role_perms($role) {
$ret['default_collection'] = false;
$ret['directory_publish'] = true;
$ret['online'] = true;
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = PERMS_SPECIFIC;
$ret['channel_w_wall'] = PERMS_SPECIFIC;
$ret['channel_w_tagwall'] = PERMS_SPECIFIC;
$ret['channel_w_comment'] = PERMS_SPECIFIC;
$ret['channel_w_mail'] = PERMS_SPECIFIC;
$ret['channel_w_chat'] = PERMS_SPECIFIC;
$ret['channel_a_delegate'] = PERMS_SPECIFIC;
$ret['channel_r_storage'] = PERMS_PUBLIC;
$ret['channel_w_storage'] = PERMS_SPECIFIC;
$ret['channel_r_pages'] = PERMS_PUBLIC;
$ret['channel_w_pages'] = PERMS_SPECIFIC;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_NETWORK;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'send_stream', 'post_wall', 'post_comments',
'post_mail', 'chat', 'post_like', 'republish' ];
$ret['limits'] = [
'view_stream' => PERMS_PUBLIC,
'view_profile' => PERMS_PUBLIC,
'view_contacts' => PERMS_PUBLIC,
'view_storage' => PERMS_PUBLIC,
'view_pages' => PERMS_PUBLIC,
'send_stream' => PERMS_SPECIFIC,
'post_wall' => PERMS_SPECIFIC,
'post_comments' => PERMS_SPECIFIC,
'post_mail' => PERMS_SPECIFIC,
'post_like' => PERMS_SPECIFIC,
'tag_deliver' => PERMS_SPECIFIC,
'chat' => PERMS_SPECIFIC,
'write_storage' => PERMS_SPECIFIC,
'write_pages' => PERMS_SPECIFIC,
'republish' => PERMS_SPECIFIC,
'delegate' => PERMS_SPECIFIC
];
break;
@ -590,28 +644,29 @@ function get_role_perms($role) {
$ret['default_collection'] = true;
$ret['directory_publish'] = true;
$ret['online'] = true;
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = PERMS_SPECIFIC;
$ret['channel_w_wall'] = PERMS_SPECIFIC;
$ret['channel_w_tagwall'] = PERMS_SPECIFIC;
$ret['channel_w_comment'] = PERMS_SPECIFIC;
$ret['channel_w_mail'] = PERMS_SPECIFIC;
$ret['channel_w_chat'] = PERMS_SPECIFIC;
$ret['channel_a_delegate'] = PERMS_SPECIFIC;
$ret['channel_r_storage'] = PERMS_PUBLIC;
$ret['channel_w_storage'] = PERMS_SPECIFIC;
$ret['channel_r_pages'] = PERMS_PUBLIC;
$ret['channel_w_pages'] = PERMS_SPECIFIC;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_SPECIFIC;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'send_stream', 'post_wall', 'post_comments',
'post_mail', 'chat', 'post_like' ];
$ret['limits'] = [
'view_stream' => PERMS_PUBLIC,
'view_profile' => PERMS_PUBLIC,
'view_contacts' => PERMS_PUBLIC,
'view_storage' => PERMS_PUBLIC,
'view_pages' => PERMS_PUBLIC,
'send_stream' => PERMS_SPECIFIC,
'post_wall' => PERMS_SPECIFIC,
'post_comments' => PERMS_SPECIFIC,
'post_mail' => PERMS_SPECIFIC,
'post_like' => PERMS_SPECIFIC,
'tag_deliver' => PERMS_SPECIFIC,
'chat' => PERMS_SPECIFIC,
'write_storage' => PERMS_SPECIFIC,
'write_pages' => PERMS_SPECIFIC,
'republish' => PERMS_SPECIFIC,
'delegate' => PERMS_SPECIFIC
];
break;
@ -620,28 +675,28 @@ function get_role_perms($role) {
$ret['default_collection'] = true;
$ret['directory_publish'] = false;
$ret['online'] = false;
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_SPECIFIC;
$ret['channel_w_stream'] = PERMS_SPECIFIC;
$ret['channel_w_wall'] = PERMS_SPECIFIC;
$ret['channel_w_tagwall'] = PERMS_SPECIFIC;
$ret['channel_w_comment'] = PERMS_SPECIFIC;
$ret['channel_w_mail'] = PERMS_SPECIFIC;
$ret['channel_w_chat'] = PERMS_SPECIFIC;
$ret['channel_a_delegate'] = PERMS_SPECIFIC;
$ret['channel_r_storage'] = PERMS_SPECIFIC;
$ret['channel_w_storage'] = PERMS_SPECIFIC;
$ret['channel_r_pages'] = PERMS_PUBLIC;
$ret['channel_w_pages'] = PERMS_SPECIFIC;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_SPECIFIC;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'send_stream', 'post_wall', 'post_comments',
'post_mail', 'post_like' ];
$ret['limits'] = [
'view_stream' => PERMS_PUBLIC,
'view_profile' => PERMS_PUBLIC,
'view_contacts' => PERMS_SPECIFIC,
'view_storage' => PERMS_SPECIFIC,
'view_pages' => PERMS_PUBLIC,
'send_stream' => PERMS_SPECIFIC,
'post_wall' => PERMS_SPECIFIC,
'post_comments' => PERMS_SPECIFIC,
'post_mail' => PERMS_SPECIFIC,
'post_like' => PERMS_SPECIFIC,
'tag_deliver' => PERMS_SPECIFIC,
'chat' => PERMS_SPECIFIC,
'write_storage' => PERMS_SPECIFIC,
'write_pages' => PERMS_SPECIFIC,
'republish' => PERMS_SPECIFIC,
'delegate' => PERMS_SPECIFIC
];
break;
@ -650,28 +705,28 @@ function get_role_perms($role) {
$ret['default_collection'] = false;
$ret['directory_publish'] = true;
$ret['online'] = false;
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE|PERMS_W_TAGWALL;
$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE|PERMS_W_TAGWALL;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = PERMS_SPECIFIC;
$ret['channel_w_wall'] = PERMS_SPECIFIC;
$ret['channel_w_tagwall'] = PERMS_SPECIFIC;
$ret['channel_w_comment'] = PERMS_SPECIFIC;
$ret['channel_w_mail'] = PERMS_SPECIFIC;
$ret['channel_w_chat'] = PERMS_SPECIFIC;
$ret['channel_a_delegate'] = PERMS_SPECIFIC;
$ret['channel_r_storage'] = PERMS_PUBLIC;
$ret['channel_w_storage'] = PERMS_SPECIFIC;
$ret['channel_r_pages'] = PERMS_PUBLIC;
$ret['channel_w_pages'] = PERMS_SPECIFIC;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_NETWORK;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'post_wall', 'post_comments', 'tag_deliver',
'post_mail', 'post_like' , 'republish', 'chat' ];
$ret['limits'] = [
'view_stream' => PERMS_PUBLIC,
'view_profile' => PERMS_PUBLIC,
'view_contacts' => PERMS_PUBLIC,
'view_storage' => PERMS_PUBLIC,
'view_pages' => PERMS_PUBLIC,
'send_stream' => PERMS_SPECIFIC,
'post_wall' => PERMS_SPECIFIC,
'post_comments' => PERMS_SPECIFIC,
'post_mail' => PERMS_SPECIFIC,
'post_like' => PERMS_SPECIFIC,
'tag_deliver' => PERMS_SPECIFIC,
'chat' => PERMS_SPECIFIC,
'write_storage' => PERMS_SPECIFIC,
'write_pages' => PERMS_SPECIFIC,
'republish' => PERMS_SPECIFIC,
'delegate' => PERMS_SPECIFIC
];
break;
@ -680,28 +735,28 @@ function get_role_perms($role) {
$ret['default_collection'] = true;
$ret['directory_publish'] = true;
$ret['online'] = false;
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE|PERMS_W_TAGWALL;
$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE|PERMS_W_TAGWALL;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = PERMS_SPECIFIC;
$ret['channel_w_wall'] = PERMS_SPECIFIC;
$ret['channel_w_tagwall'] = PERMS_SPECIFIC;
$ret['channel_w_comment'] = PERMS_SPECIFIC;
$ret['channel_w_mail'] = PERMS_SPECIFIC;
$ret['channel_w_chat'] = PERMS_SPECIFIC;
$ret['channel_a_delegate'] = PERMS_SPECIFIC;
$ret['channel_r_storage'] = PERMS_PUBLIC;
$ret['channel_w_storage'] = PERMS_SPECIFIC;
$ret['channel_r_pages'] = PERMS_PUBLIC;
$ret['channel_w_pages'] = PERMS_SPECIFIC;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_SPECIFIC;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'post_wall', 'post_comments', 'tag_deliver',
'post_mail', 'post_like' , 'chat' ];
$ret['limits'] = [
'view_stream' => PERMS_PUBLIC,
'view_profile' => PERMS_PUBLIC,
'view_contacts' => PERMS_PUBLIC,
'view_storage' => PERMS_PUBLIC,
'view_pages' => PERMS_PUBLIC,
'send_stream' => PERMS_SPECIFIC,
'post_wall' => PERMS_SPECIFIC,
'post_comments' => PERMS_SPECIFIC,
'post_mail' => PERMS_SPECIFIC,
'post_like' => PERMS_SPECIFIC,
'tag_deliver' => PERMS_SPECIFIC,
'chat' => PERMS_SPECIFIC,
'write_storage' => PERMS_SPECIFIC,
'write_pages' => PERMS_SPECIFIC,
'republish' => PERMS_SPECIFIC,
'delegate' => PERMS_SPECIFIC
];
break;
@ -710,28 +765,29 @@ function get_role_perms($role) {
$ret['default_collection'] = true;
$ret['directory_publish'] = false;
$ret['online'] = false;
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILEPERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_SPECIFIC;
$ret['channel_r_abook'] = PERMS_SPECIFIC;
$ret['channel_w_stream'] = PERMS_SPECIFIC;
$ret['channel_w_wall'] = PERMS_SPECIFIC;
$ret['channel_w_tagwall'] = PERMS_SPECIFIC;
$ret['channel_w_comment'] = PERMS_SPECIFIC;
$ret['channel_w_mail'] = PERMS_SPECIFIC;
$ret['channel_w_chat'] = PERMS_SPECIFIC;
$ret['channel_a_delegate'] = PERMS_SPECIFIC;
$ret['channel_r_storage'] = PERMS_SPECIFIC;
$ret['channel_w_storage'] = PERMS_SPECIFIC;
$ret['channel_r_pages'] = PERMS_SPECIFIC;
$ret['channel_w_pages'] = PERMS_SPECIFIC;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_SPECIFIC;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'post_wall', 'post_comments',
'post_mail', 'post_like' , 'chat' ];
$ret['limits'] = [
'view_stream' => PERMS_PUBLIC,
'view_profile' => PERMS_SPECIFIC,
'view_contacts' => PERMS_SPECIFIC,
'view_storage' => PERMS_SPECIFIC,
'view_pages' => PERMS_SPECIFIC,
'send_stream' => PERMS_SPECIFIC,
'post_wall' => PERMS_SPECIFIC,
'post_comments' => PERMS_SPECIFIC,
'post_mail' => PERMS_SPECIFIC,
'post_like' => PERMS_SPECIFIC,
'tag_deliver' => PERMS_SPECIFIC,
'chat' => PERMS_SPECIFIC,
'write_storage' => PERMS_SPECIFIC,
'write_pages' => PERMS_SPECIFIC,
'republish' => PERMS_SPECIFIC,
'delegate' => PERMS_SPECIFIC
];
break;
@ -740,28 +796,29 @@ function get_role_perms($role) {
$ret['default_collection'] = false;
$ret['directory_publish'] = true;
$ret['online'] = false;
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = PERMS_SPECIFIC;
$ret['channel_w_wall'] = PERMS_SPECIFIC;
$ret['channel_w_tagwall'] = PERMS_SPECIFIC;
$ret['channel_w_comment'] = PERMS_SPECIFIC;
$ret['channel_w_mail'] = PERMS_SPECIFIC;
$ret['channel_w_chat'] = PERMS_SPECIFIC;
$ret['channel_a_delegate'] = PERMS_SPECIFIC;
$ret['channel_r_storage'] = PERMS_PUBLIC;
$ret['channel_w_storage'] = PERMS_SPECIFIC;
$ret['channel_r_pages'] = PERMS_PUBLIC;
$ret['channel_w_pages'] = PERMS_SPECIFIC;
$ret['channel_a_republish'] = PERMS_NETWORK;
$ret['channel_w_like'] = PERMS_NETWORK;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'send_stream', 'post_wall', 'post_comments',
'post_mail', 'post_like' , 'republish' ];
$ret['limits'] = [
'view_stream' => PERMS_PUBLIC,
'view_profile' => PERMS_PUBLIC,
'view_contacts' => PERMS_PUBLIC,
'view_storage' => PERMS_PUBLIC,
'view_pages' => PERMS_PUBLIC,
'send_stream' => PERMS_SPECIFIC,
'post_wall' => PERMS_SPECIFIC,
'post_comments' => PERMS_SPECIFIC,
'post_mail' => PERMS_SPECIFIC,
'post_like' => PERMS_SPECIFIC,
'tag_deliver' => PERMS_SPECIFIC,
'chat' => PERMS_SPECIFIC,
'write_storage' => PERMS_SPECIFIC,
'write_pages' => PERMS_SPECIFIC,
'republish' => PERMS_SPECIFIC,
'delegate' => PERMS_SPECIFIC
];
break;
@ -770,28 +827,28 @@ function get_role_perms($role) {
$ret['default_collection'] = true;
$ret['directory_publish'] = false;
$ret['online'] = false;
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = PERMS_SPECIFIC;
$ret['channel_w_wall'] = PERMS_SPECIFIC;
$ret['channel_w_tagwall'] = PERMS_SPECIFIC;
$ret['channel_w_comment'] = PERMS_SPECIFIC;
$ret['channel_w_mail'] = PERMS_SPECIFIC;
$ret['channel_w_chat'] = PERMS_SPECIFIC;
$ret['channel_a_delegate'] = PERMS_SPECIFIC;
$ret['channel_r_storage'] = PERMS_PUBLIC;
$ret['channel_w_storage'] = PERMS_SPECIFIC;
$ret['channel_r_pages'] = PERMS_PUBLIC;
$ret['channel_w_pages'] = PERMS_SPECIFIC;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_NETWORK;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'send_stream', 'post_wall', 'post_comments',
'post_mail', 'post_like' , 'republish' ];
$ret['limits'] = [
'view_stream' => PERMS_PUBLIC,
'view_profile' => PERMS_PUBLIC,
'view_contacts' => PERMS_PUBLIC,
'view_storage' => PERMS_PUBLIC,
'view_pages' => PERMS_PUBLIC,
'send_stream' => PERMS_SPECIFIC,
'post_wall' => PERMS_SPECIFIC,
'post_comments' => PERMS_SPECIFIC,
'post_mail' => PERMS_SPECIFIC,
'post_like' => PERMS_SPECIFIC,
'tag_deliver' => PERMS_SPECIFIC,
'chat' => PERMS_SPECIFIC,
'write_storage' => PERMS_SPECIFIC,
'write_pages' => PERMS_SPECIFIC,
'republish' => PERMS_SPECIFIC,
'delegate' => PERMS_SPECIFIC
];
break;
@ -800,26 +857,29 @@ function get_role_perms($role) {
$ret['default_collection'] = false;
$ret['directory_publish'] = true;
$ret['online'] = false;
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_R_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = PERMS_SPECIFIC;
$ret['channel_w_wall'] = PERMS_SPECIFIC;
$ret['channel_w_tagwall'] = PERMS_SPECIFIC;
$ret['channel_w_comment'] = PERMS_SPECIFIC;
$ret['channel_w_mail'] = PERMS_SPECIFIC;
$ret['channel_w_chat'] = PERMS_SPECIFIC;
$ret['channel_a_delegate'] = PERMS_SPECIFIC;
$ret['channel_r_storage'] = PERMS_PUBLIC;
$ret['channel_w_storage'] = PERMS_SPECIFIC;
$ret['channel_r_pages'] = PERMS_PUBLIC;
$ret['channel_w_pages'] = PERMS_SPECIFIC;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_NETWORK;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'post_like' , 'republish' ];
$ret['limits'] = [
'view_stream' => PERMS_PUBLIC,
'view_profile' => PERMS_PUBLIC,
'view_contacts' => PERMS_PUBLIC,
'view_storage' => PERMS_PUBLIC,
'view_pages' => PERMS_PUBLIC,
'send_stream' => PERMS_SPECIFIC,
'post_wall' => PERMS_SPECIFIC,
'post_comments' => PERMS_SPECIFIC,
'post_mail' => PERMS_SPECIFIC,
'post_like' => PERMS_SPECIFIC,
'tag_deliver' => PERMS_SPECIFIC,
'chat' => PERMS_SPECIFIC,
'write_storage' => PERMS_SPECIFIC,
'write_pages' => PERMS_SPECIFIC,
'republish' => PERMS_SPECIFIC,
'delegate' => PERMS_SPECIFIC
];
break;
@ -828,28 +888,30 @@ function get_role_perms($role) {
$ret['default_collection'] = false;
$ret['directory_publish'] = true;
$ret['online'] = false;
$ret['perms_follow'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|PERMS_R_STORAGE|PERMS_W_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE|PERMS_W_TAGWALL;
$ret['perms_accept'] = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_ABOOK
|PERMS_W_STREAM|PERMS_W_WALL|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT
|PERMS_R_STORAGE|PERMS_W_STORAGE|PERMS_R_PAGES|PERMS_A_REPUBLISH|PERMS_W_LIKE|PERMS_W_TAGWALL;
$ret['channel_r_stream'] = PERMS_PUBLIC;
$ret['channel_r_profile'] = PERMS_PUBLIC;
$ret['channel_r_abook'] = PERMS_PUBLIC;
$ret['channel_w_stream'] = PERMS_SPECIFIC;
$ret['channel_w_wall'] = PERMS_SPECIFIC;
$ret['channel_w_tagwall'] = PERMS_SPECIFIC;
$ret['channel_w_comment'] = PERMS_SPECIFIC;
$ret['channel_w_mail'] = PERMS_SPECIFIC;
$ret['channel_w_chat'] = PERMS_SPECIFIC;
$ret['channel_a_delegate'] = PERMS_SPECIFIC;
$ret['channel_r_storage'] = PERMS_PUBLIC;
$ret['channel_w_storage'] = PERMS_SPECIFIC;
$ret['channel_r_pages'] = PERMS_PUBLIC;
$ret['channel_w_pages'] = PERMS_SPECIFIC;
$ret['channel_a_republish'] = PERMS_SPECIFIC;
$ret['channel_w_like'] = PERMS_NETWORK;
$ret['perms_connect'] = [
'view_stream', 'view_profile', 'view_contacts', 'view_storage',
'view_pages', 'write_storage', 'write_pages', 'post_wall', 'post_comments', 'tag_deliver',
'post_mail', 'post_like' , 'republish', 'chat' ];
$ret['limits'] = [
'view_stream' => PERMS_PUBLIC,
'view_profile' => PERMS_PUBLIC,
'view_contacts' => PERMS_PUBLIC,
'view_storage' => PERMS_PUBLIC,
'view_pages' => PERMS_PUBLIC,
'send_stream' => PERMS_SPECIFIC,
'post_wall' => PERMS_SPECIFIC,
'post_comments' => PERMS_SPECIFIC,
'post_mail' => PERMS_SPECIFIC,
'post_like' => PERMS_SPECIFIC,
'tag_deliver' => PERMS_SPECIFIC,
'chat' => PERMS_SPECIFIC,
'write_storage' => PERMS_SPECIFIC,
'write_pages' => PERMS_SPECIFIC,
'republish' => PERMS_SPECIFIC,
'delegate' => PERMS_SPECIFIC
];
break;

102
include/security.php
View File

@ -108,6 +108,7 @@ function atoken_xchan($atoken) {
'xchan_name' => $atoken['atoken_name'],
'xchan_addr' => t('guest:') . $atoken['atoken_name'] . '@' . \App::get_hostname(),
'xchan_network' => 'unknown',
'xchan_url' => z_root(),
'xchan_hidden' => 1,
'xchan_photo_mimetype' => 'image/jpeg',
'xchan_photo_l' => get_default_profile_photo(300),
@ -119,6 +120,105 @@ function atoken_xchan($atoken) {
return null;
}
function atoken_delete($atoken_id) {
$r = q("select * from atoken where atoken_id = %d",
intval($atoken_id)
);
if(! $r)
return;
$c = q("select channel_id, channel_hash from channel where channel_id = %d",
intval($r[0]['atoken_uid'])
);
if(! $c)
return;
$atoken_xchan = substr($c[0]['channel_hash'],0,16) . '.' . $r[0]['atoken_name'];
q("delete from atoken where atoken_id = %d",
intval($atoken_id)
);
q("delete from abconfig where chan = %d and xchan = '%s'",
intval($c[0]['channel_id']),
dbesc($atoken_xchan)
);
}
// in order for atoken logins to create content (such as posts) they need a stored xchan.
// we'll create one on the first atoken_login; it can't really ever go away but perhaps
// @fixme we should set xchan_deleted if it's expired or removed
function atoken_create_xchan($xchan) {
$r = q("select xchan_hash from xchan where xchan_hash = '%s'",
dbesc($xchan['xchan_hash'])
);
if($r)
return;
$r = q("insert into xchan ( xchan_hash, xchan_guid, xchan_addr, xchan_url, xchan_name, xchan_network, xchan_photo_mimetype, xchan_photo_l, xchan_photo_m, xchan_photo_s )
values ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s') ",
dbesc($xchan['xchan_hash']),
dbesc($xchan['xchan_hash']),
dbesc($xchan['xchan_addr']),
dbesc($xchan['xchan_url']),
dbesc($xchan['xchan_name']),
dbesc($xchan['xchan_network']),
dbesc($xchan['xchan_photo_mimetype']),
dbesc($xchan['xchan_photo_l']),
dbesc($xchan['xchan_photo_m']),
dbesc($xchan['xchan_photo_s'])
);
return true;
}
function atoken_abook($uid,$xchan_hash) {
if(substr($xchan_hash,16,1) != '.')
return false;
$r = q("select channel_hash from channel where channel_id = %d limit 1",
intval($uid)
);
if(! $r)
return false;
$x = q("select * from atoken where atoken_uid = %d and atoken_name = '%s'",
intval($uid),
dbesc(substr($xchan_hash,17))
);
if($x) {
$xchan = atoken_xchan($x[0]);
$xchan['abook_blocked'] = 0;
$xchan['abook_ignored'] = 0;
$xchan['abook_pending'] = 0;
return $xchan;
}
return false;
}
function pseudo_abook($xchan) {
if(! $xchan)
return false;
// set abook_pseudo to flag that we aren't really connected.
$xchan['abook_pseudo'] = 1;
$xchan['abook_blocked'] = 0;
$xchan['abook_ignored'] = 0;
$xchan['abook_pending'] = 0;
return $xchan;
}
/**
@ -395,7 +495,7 @@ function public_permissions_sql($observer_hash) {
* In this implementation, a security token is reusable (if the user submits a form, goes back and resubmits the form, maybe with small changes;
* or if the security token is used for ajax-calls that happen several times), but only valid for a certain amout of time (3hours).
* The "typename" seperates the security tokens of different types of forms. This could be relevant in the following case:
* A security token is used to protekt a link from CSRF (e.g. the "delete this profile"-link).
* A security token is used to protekt a link from CSRF (e.g. the "delete this profile"-link).
* If the new page contains by any chance external elements, then the used security token is exposed by the referrer.
* Actually, important actions should not be triggered by Links / GET-Requests at all, but somethimes they still are,
* so this mechanism brings in some damage control (the attacker would be able to forge a request to a form of this type, but not to forms of other types).

62
include/text.php
View File

@ -1179,6 +1179,7 @@ function smilies($s, $sample = false) {
$s = preg_replace_callback('{<(pre|code)>.*?</\1>}ism', 'smile_shield', $s);
$s = preg_replace_callback('/<[a-z]+ .*?>/ism', 'smile_shield', $s);
$params = list_smilies();
$params['string'] = $s;
@ -1192,6 +1193,7 @@ function smilies($s, $sample = false) {
$s = str_replace($params['texts'],$params['icons'],$params['string']);
}
$s = preg_replace_callback('/<!--base64:(.*?)-->/ism', 'smile_unshield', $s);
return $s;
@ -1204,11 +1206,11 @@ function smilies($s, $sample = false) {
* @return string
*/
function smile_shield($m) {
return '<!--base64:' . base64url_encode($m[0]) . '-->';
return '<!--base64:' . base64special_encode($m[0]) . '-->';
}
function smile_unshield($m) {
return base64url_decode($m[1]);
return base64special_decode($m[1]);
}
/**
@ -1603,7 +1605,9 @@ function prepare_text($text, $content_type = 'text/bbcode', $cache = false) {
$s = bbcode($text,false,true,$cache);
else
$s = smilies(bbcode($text,false,true,$cache));
$s = zidify_links($s);
break;
}
@ -1853,6 +1857,26 @@ function base64url_decode($s) {
return base64_decode(strtr($s,'-_','+/'));
}
function base64special_encode($s, $strip_padding = true) {
$s = strtr(base64_encode($s),'+/',',.');
if($strip_padding)
$s = str_replace('=','',$s);
return $s;
}
function base64special_decode($s) {
if(is_array($s)) {
logger('base64url_decode: illegal input: ' . print_r(debug_backtrace(), true));
return $s;
}
return base64_decode(strtr($s,',.','+/'));
}
/**
* @ Return a div to clear floats.
*
@ -2250,6 +2274,34 @@ function design_tools() {
));
}
/**
* @brief Creates website import tools menu
*
* @return string
*/
function website_import_tools() {
$channel = App::get_channel();
$sys = false;
if(App::$is_sys && is_site_admin()) {
require_once('include/channel.php');
$channel = get_sys_channel();
$sys = true;
}
return replace_macros(get_markup_template('website_import_tools.tpl'), array(
'$title' => t('Import'),
'$import_label' => t('Import website...'),
'$import_placeholder' => t('Select folder to import'),
'$file_upload_text' => t('Import from a zipped folder:'),
'$file_import_text' => t('Import from cloud files:'),
'$desc' => t('/cloud/channel/path/to/folder'),
'$hint' => t('Enter path to website files'),
'$select' => t('Select folder'),
));
}
/* case insensitive in_array() */
function in_arrayi($needle, $haystack) {
@ -2803,6 +2855,12 @@ function expand_acl($s) {
return $ret;
}
function acl2json($s) {
$s = expand_acl($s);
$s = json_encode($s);
return $s;
}
// When editing a webpage - a dropdown is needed to select a page layout
// On submit, the pdl_select value (which is the mid of an item with item_type = ITEM_TYPE_PDL) is stored in

18
include/widgets.php
View File

@ -595,7 +595,7 @@ function widget_settings_menu($arr) {
}
// IF can go away when UNO export and import is fully functional
if(! UNO) {
if(get_config('system','server_role') !== 'basic') {
$tabs[] = array(
'label' => t('Export channel'),
'url' => z_root() . '/uexport',
@ -609,7 +609,7 @@ function widget_settings_menu($arr) {
'selected' => ((argv(1) === 'oauth') ? 'active' : ''),
);
if(! UNO) {
if(get_config('system','server_role') !== 'basic') {
$tabs[] = array(
'label' => t('Guest Access Tokens'),
'url' => z_root() . '/settings/tokens',
@ -779,6 +779,20 @@ function widget_design_tools($arr) {
return design_tools();
}
function widget_website_import_tools($arr) {
// mod menu doesn't load a profile. For any modules which load a profile, check it.
// otherwise local_channel() is sufficient for permissions.
if(App::$profile['profile_uid'])
if((App::$profile['profile_uid'] != local_channel()) && (! App::$is_sys))
return '';
if(! local_channel())
return '';
return website_import_tools();
}
function widget_findpeople($arr) {
return findpeople_widget();

39
include/wiki.php
View File

@ -495,6 +495,12 @@ function wiki_convert_links($s, $wikiURL) {
return $s;
}
/**
* Replace the instances of the string [toc] with a list element that will be populated by
* a table of contents by the JavaScript library
* @param string $s
* @return string
*/
function wiki_generate_toc($s) {
if (strpos($s,'[toc]') !== false) {
@ -505,6 +511,39 @@ function wiki_generate_toc($s) {
return $s;
}
/**
* Converts a select set of bbcode tags. Much of the code is copied from include/bbcode.php
* @param string $s
* @return string
*/
function wiki_bbcode($s) {
$s = str_replace(array('[baseurl]', '[sitename]'), array(z_root(), get_config('system', 'sitename')), $s);
$observer = App::get_observer();
if ($observer) {
$s1 = '<span class="bb_observer" title="' . t('Different viewers will see this text differently') . '">';
$s2 = '</span>';
$obsBaseURL = $observer['xchan_connurl'];
$obsBaseURL = preg_replace("/\/poco\/.*$/", '', $obsBaseURL);
$s = str_replace('[observer.baseurl]', $obsBaseURL, $s);
$s = str_replace('[observer.url]', $observer['xchan_url'], $s);
$s = str_replace('[observer.name]', $s1 . $observer['xchan_name'] . $s2, $s);
$s = str_replace('[observer.address]', $s1 . $observer['xchan_addr'] . $s2, $s);
$s = str_replace('[observer.webname]', substr($observer['xchan_addr'], 0, strpos($observer['xchan_addr'], '@')), $s);
$s = str_replace('[observer.photo]', '', $s);
} else {
$s = str_replace('[observer.baseurl]', '', $s);
$s = str_replace('[observer.url]', '', $s);
$s = str_replace('[observer.name]', '', $s);
$s = str_replace('[observer.address]', '', $s);
$s = str_replace('[observer.webname]', '', $s);
$s = str_replace('[observer.photo]', '', $s);
}
return $s;
}
// This function is derived from
// http://stackoverflow.com/questions/32068537/generate-table-of-contents-from-markdown-in-php
function wiki_toc($content) {

214
include/zot.php
View File

@ -12,6 +12,7 @@ require_once('include/crypto.php');
require_once('include/items.php');
require_once('include/hubloc.php');
require_once('include/queue_fn.php');
require_once('include/perm_upgrade.php');
/**
@ -388,10 +389,7 @@ function zot_refresh($them, $channel = null, $force = false) {
if(! $x['success'])
return false;
$their_perms = 0;
if($channel) {
$global_perms = get_perms();
if($j['permissions']['data']) {
$permissions = crypto_unencapsulate(array(
'data' => $j['permissions']['data'],
@ -408,15 +406,10 @@ function zot_refresh($them, $channel = null, $force = false) {
$connected_set = false;
if($permissions && is_array($permissions)) {
$old_read_stream_perm = get_abconfig($channel['channel_id'],$x['hash'],'their_perms','view_stream');
foreach($permissions as $k => $v) {
// The connected permission means you are in their address book
if($k === 'connected') {
$connected_set = intval($v);
continue;
}
if(($v) && (array_key_exists($k,$global_perms))) {
$their_perms = $their_perms | intval($global_perms[$k][1]);
}
set_abconfig($channel['channel_id'],$x['hash'],'their_perms',$k,$v);
}
}
@ -443,36 +436,19 @@ function zot_refresh($them, $channel = null, $force = false) {
if(substr($r[0]['abook_dob'],5) == substr($next_birthday,5))
$next_birthday = $r[0]['abook_dob'];
$current_abook_connected = (intval($r[0]['abook_unconnected']) ? 0 : 1);
$y = q("update abook set abook_their_perms = %d, abook_dob = '%s'
$y = q("update abook set abook_dob = '%s'
where abook_xchan = '%s' and abook_channel = %d
and abook_self = 0 ",
intval($their_perms),
dbescdate($next_birthday),
dbesc($x['hash']),
intval($channel['channel_id'])
);
// if(($connected_set === 0 || $connected_set === 1) && ($connected_set !== $current_abook_unconnected)) {
// if they are in your address book but you aren't in theirs, and/or this does not
// match your current connected state setting, toggle it.
/** @FIXME uncoverted to postgres */
/** @FIXME when this was enabled, all contacts became unconnected. Currently disabled intentionally */
// $y1 = q("update abook set abook_unconnected = 1
// where abook_xchan = '%s' and abook_channel = %d
// and abook_self = 0 limit 1",
// dbesc($x['hash']),
// intval($channel['channel_id'])
// );
// }
if(! $y)
logger('abook update failed');
else {
// if we were just granted read stream permission and didn't have it before, try to pull in some posts
if((! ($r[0]['abook_their_perms'] & PERMS_R_STREAM)) && ($their_perms & PERMS_R_STREAM))
if((! $old_read_stream_perm) && (intval($permissions['view_stream'])))
Zotlabs\Daemon\Master::Summon(array('Onepoll',$r[0]['abook_id']));
}
}
@ -480,15 +456,32 @@ function zot_refresh($them, $channel = null, $force = false) {
// new connection
$my_perms = null;
$automatic = false;
$role = get_pconfig($channel['channel_id'],'system','permissions_role');
if($role) {
$xx = get_role_perms($role);
if($xx['perms_auto'])
$default_perms = $xx['perms_accept'];
$xx = \Zotlabs\Access\PermissionRoles::role_perms($role);
if($xx['perms_auto']) {
$automatic = true;
$default_perms = $xx['perms_connect'];
$my_perms = \Zotlabs\Access\Permissions::FilledPerms($default_perms);
}
}
if(! $default_perms)
$default_perms = intval(get_pconfig($channel['channel_id'],'system','autoperms'));
if(! $my_perms) {
$m = \Zotlabs\Access\Permissions::FilledAutoperms($channel['channel_id']);
if($m) {
$automatic = true;
$my_perms = $m;
}
}
if($my_perms) {
foreach($my_perms as $k => $v) {
set_abconfig($channel['channel_id'],$x['hash'],'my_perms',$k,$v);
}
}
// Keep original perms to check if we need to notify them
$previous_perms = get_all_perms($channel['channel_id'],$x['hash']);
@ -498,17 +491,15 @@ function zot_refresh($them, $channel = null, $force = false) {
if($closeness === false)
$closeness = 80;
$y = q("insert into abook ( abook_account, abook_channel, abook_closeness, abook_xchan, abook_their_perms, abook_my_perms, abook_created, abook_updated, abook_dob, abook_pending ) values ( %d, %d, %d, '%s', %d, %d, '%s', '%s', '%s', %d )",
$y = q("insert into abook ( abook_account, abook_channel, abook_closeness, abook_xchan, abook_created, abook_updated, abook_dob, abook_pending ) values ( %d, %d, %d, '%s', '%s', '%s', '%s', %d )",
intval($channel['channel_account_id']),
intval($channel['channel_id']),
intval($closeness),
dbesc($x['hash']),
intval($their_perms),
intval($default_perms),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
dbesc($next_birthday),
intval(($default_perms) ? 0 : 1)
intval(($automatic) ? 0 : 1)
);
if($y) {
@ -523,7 +514,7 @@ function zot_refresh($them, $channel = null, $force = false) {
);
if($new_connection) {
if($new_perms != $previous_perms)
if(! \Zotlabs\Access\Permissions::PermsCompare($new_perms,$previous_perms))
Zotlabs\Daemon\Master::Summon(array('Notifier','permission_create',$new_connection[0]['abook_id']));
Zotlabs\Lib\Enotify::submit(array(
'type' => NOTIFY_INTRO,
@ -532,9 +523,9 @@ function zot_refresh($them, $channel = null, $force = false) {
'link' => z_root() . '/connedit/' . $new_connection[0]['abook_id'],
));
if($their_perms & PERMS_R_STREAM) {
if(($channel['channel_w_stream'] & PERMS_PENDING)
|| (! intval($new_connection[0]['abook_pending'])) )
if(intval($permissions['view_stream'])) {
if(intval(get_pconfig($channel['channel_id'],'perm_limits','send_stream') & PERMS_PENDING)
|| (! intval($new_connection[0]['abook_pending'])))
Zotlabs\Daemon\Master::Summon(array('Onepoll',$new_connection[0]['abook_id']));
}
@ -1371,8 +1362,8 @@ function public_recips($msg) {
if($msg['message']['type'] === 'activity') {
if(! get_config('system','disable_discover_tab'))
$include_sys = true;
$col = 'channel_w_stream';
$field = PERMS_W_STREAM;
$perm = 'send_stream';
if(array_key_exists('flags',$msg['message']) && in_array('thread_parent', $msg['message']['flags'])) {
// check mention recipient permissions on top level posts only
$check_mentions = true;
@ -1404,65 +1395,30 @@ function public_recips($msg) {
// contains the tag. we'll solve that further below.
if($msg['notify']['sender']['guid_sig'] != $msg['message']['owner']['guid_sig']) {
$col = 'channel_w_comment';
$field = PERMS_W_COMMENT;
$perm = 'post_comments';
}
}
}
elseif($msg['message']['type'] === 'mail') {
$col = 'channel_w_mail';
$field = PERMS_W_MAIL;
elseif($msg['message']['type'] === 'mail')
$perm = 'post_mail';
$r = array();
$c = q("select channel_id, channel_hash from channel where channel_removed = 0");
if($c) {
foreach($c as $cc) {
if(perm_is_allowed($cc['channel_id'],$msg['notify']['sender']['hash'],$perm)) {
$r[] = [ 'hash' => $cc['channel_hash'] ];
}
}
}
if(! $col)
return NULL;
$col = dbesc($col);
// First find those channels who are accepting posts from anybody, or at least
// something greater than just their connections.
if($msg['notify']['sender']['url'] === z_root()) {
$sql = " where (( " . $col . " & " . intval(PERMS_NETWORK) . " ) > 0
or ( " . $col . " & " . intval(PERMS_SITE) . " ) > 0
or ( " . $col . " & " . intval(PERMS_PUBLIC) . ") > 0
or ( " . $col . " & " . intval(PERMS_AUTHED) . ") > 0 ) ";
} else {
$sql = " where ( " . $col . " = " . intval(PERMS_NETWORK) . "
or " . $col . " = " . intval(PERMS_PUBLIC) . "
or " . $col . " = " . intval(PERMS_AUTHED) . " ) ";
}
$r = q("select channel_hash as hash from channel $sql or channel_hash = '%s'
and channel_removed = 0 ",
dbesc($msg['notify']['sender']['hash'])
);
if(! $r)
$r = array();
// Now we have to get a bit dirty. Find every channel that has the sender in their connections (abook)
// and is allowing this sender at least at a high level.
$x = q("select channel_hash as hash from channel left join abook on abook_channel = channel_id
where abook_xchan = '%s' and channel_removed = 0
and (( " . $col . " = " . intval(PERMS_SPECIFIC) . " and ( abook_my_perms & " . intval($field) . " ) > 0 )
OR " . $col . " = " . intval(PERMS_PENDING) . "
OR ( " . $col . " = " . intval(PERMS_CONTACTS) . " and abook_pending = 0 )) ",
dbesc($msg['notify']['sender']['hash'])
);
if(! $x)
$x = array();
$r = array_merge($r,$x);
//logger('message: ' . print_r($msg['message'],true));
// logger('message: ' . print_r($msg['message'],true));
if($include_sys && array_key_exists('public_scope',$msg['message']) && $msg['message']['public_scope'] === 'public') {
$sys = get_sys_channel();
if($sys)
$r[] = array('hash' => $sys['channel_hash']);
$r[] = [ 'hash' => $sys['channel_hash'] ];
}
// look for any public mentions on this site
@ -1943,9 +1899,9 @@ function remove_community_tag($sender, $arr, $uid) {
$i = $r[0];
if($i['target'])
$i['target'] = json_decode_plus($i['target']);
$i['target'] = json_decode($i['target'],true);
if($i['object'])
$i['object'] = json_decode_plus($i['object']);
$i['object'] = json_decode($i['object'],true);
if(! ($i['target'] && $i['object'])) {
logger('remove_community_tag: no target/object');
@ -2298,7 +2254,7 @@ function check_location_move($sender_hash,$locations) {
if(! $locations)
return;
if(! UNO)
if(get_config('system','server_role') !== 'basic')
return;
if(count($locations) != 1)
@ -2976,7 +2932,7 @@ function import_site($arr, $pubkey) {
*/
function build_sync_packet($uid = 0, $packet = null, $groups_changed = false) {
if(UNO)
if(get_config('system','server_role') === 'basic')
return;
logger('build_sync_packet');
@ -2998,6 +2954,14 @@ function build_sync_packet($uid = 0, $packet = null, $groups_changed = false) {
$channel = $r[0];
translate_channel_perms_outbound($channel);
if($packet && array_key_exists('abook',$packet) && $packet['abook']) {
for($x = 0; $x < count($packet['abook']); $x ++) {
translate_abook_perms_outbound($packet['abook'][$x]);
}
}
if(intval($channel['channel_removed']))
return;
@ -3116,12 +3080,13 @@ function build_sync_packet($uid = 0, $packet = null, $groups_changed = false) {
*/
function process_channel_sync_delivery($sender, $arr, $deliveries) {
if(UNO)
if(get_config('system','server_role') === 'basic')
return;
require_once('include/import.php');
/** @FIXME this will sync red structures (channel, pconfig and abook). Eventually we need to make this application agnostic. */
/** @FIXME this will sync red structures (channel, pconfig and abook).
Eventually we need to make this application agnostic. */
$result = array();
@ -3194,6 +3159,8 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
if(array_key_exists('channel',$arr) && is_array($arr['channel']) && count($arr['channel'])) {
translate_channel_perms_inbound($arr['channel']);
if(array_key_exists('channel_pageflags',$arr['channel']) && intval($arr['channel']['channel_pageflags'])) {
// These flags cannot be sync'd.
// remove the bits from the incoming flags.
@ -3207,7 +3174,15 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
}
$disallowed = array('channel_id','channel_account_id','channel_primary','channel_prvkey', 'channel_address', 'channel_notifyflags', 'channel_removed', 'channel_deleted', 'channel_system');
$disallowed = [
'channel_id', 'channel_account_id', 'channel_primary', 'channel_prvkey',
'channel_address', 'channel_notifyflags', 'channel_removed', 'channel_deleted',
'channel_system', 'channel_r_stream', 'channel_r_profile', 'channel_r_abook',
'channel_r_storage', 'channel_r_pages', 'channel_w_stream', 'channel_w_wall',
'channel_w_comment', 'channel_w_mail', 'channel_w_like', 'channel_w_tagwall',
'channel_w_chat', 'channel_w_storage', 'channel_w_pages', 'channel_a_republish',
'channel_a_delegate'
];
$clean = array();
foreach($arr['channel'] as $k => $v) {
@ -3243,6 +3218,8 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
foreach($arr['abook'] as $abook) {
$abconfig = null;
if(array_key_exists('abconfig',$abook) && is_array($abook['abconfig']) && count($abook['abconfig']))
@ -3337,6 +3314,12 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
}
}
// This will set abconfig vars if the sender is using old-style fixed permissions
// using the raw abook record as passed to us. New-style permissions will fall through
// and be set using abconfig
translate_abook_perms_inbound($channel,$abook);
if($abconfig) {
// @fixme does not handle sync of del_abconfig
foreach($abconfig as $abc) {
@ -3725,6 +3708,8 @@ function zotinfo($arr) {
}
}
$ztarget_hash = (($ztarget && $zsig) ? make_xchan_hash($ztarget,$zsig) : '' );
$r = null;
if(strlen($zhash)) {
@ -3800,13 +3785,25 @@ function zotinfo($arr) {
if($role === 'forum' || $role === 'repository') {
$public_forum = true;
}
else {
elseif($ztarget_hash) {
// check if it has characteristics of a public forum based on custom permissions.
$t = q("select abook_my_perms from abook where abook_channel = %d and abook_self = 1 limit 1",
intval($e['channel_id'])
$t = q("select * from abconfig where abconfig.cat = 'my_perms' and abconfig.chan = %d and abconfig.xchan = '%s' and abconfig.k in ('tag_deliver', 'send_stream') ",
intval($e['channel_id']),
dbesc($ztarget_hash)
);
if(($t) && (($t[0]['abook_my_perms'] & PERMS_W_TAGWALL) && (! ($t[0]['abook_my_perms'] & PERMS_W_STREAM))))
$public_forum = true;
$ch = 0;
if($t) {
foreach($t as $tt) {
if($tt['k'] == 'tag_deliver' && $tt['v'] == 1)
$ch ++;
if($tt['k'] == 'send_stream' && $tt['v'] == 0)
$ch ++;
}
if($ch == 2)
$public_forum = true;
}
}
@ -3894,9 +3891,6 @@ function zotinfo($arr) {
$ret['follow_url'] = z_root() . '/follow?f=&url=%s';
$ztarget_hash = (($ztarget && $zsig)
? make_xchan_hash($ztarget,$zsig)
: '' );
$permissions = get_all_perms($e['channel_id'],$ztarget_hash,false);

10
install/htconfig.sample.php
View File

@ -19,8 +19,6 @@ $db_pass = 'mysqlpassword';
$db_data = 'mysqldatabasename';
$db_type = 0; // use 1 for postgres, 0 for mysql
define( 'UNO', 0 );
/*
* Notice: Many of the following settings will be available in the admin panel
* after a successful site install. Once they are set in the admin panel, they
@ -46,6 +44,14 @@ App::$config['system']['sitename'] = "Hubzilla";
App::$config['system']['location_hash'] = 'if the auto install failed, put a unique random string here';
// Choices are 'basic', 'standard', and 'pro'.
// basic sets up the sevrer for basic social networking and removes "complicated" features
// standard provides most desired features except e-commerce
// pro gives you access to everything
App::$config['system']['server_role'] = 'pro';
// These lines set additional security headers to be sent with all responses
// You may wish to set transport_security_header to 0 if your server already sends
// this header. content_security_policy may need to be disabled if you wish to

2
library/asn1.php
View File

@ -159,7 +159,7 @@ class ASN_BASE {
}
$length = $tempLength;
}
$data = substr($string, $p, $length);
$data = substr($string, $p, intval($length));
$parsed[] = self::parseASNData($type, $data, $level, $maxLevels);
$p = $p + $length;
}

4
library/bootstrap/css/bootstrap-theme.css vendored
View File

@ -1,6 +1,6 @@
/*!
* Bootstrap v3.3.5 (http://getbootstrap.com)
* Copyright 2011-2015 Twitter, Inc.
* Bootstrap v3.3.7 (http://getbootstrap.com)
* Copyright 2011-2016 Twitter, Inc.
* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
*/
.btn-default,

7
library/bootstrap/css/bootstrap-theme.min.css vendored
View File

File diff suppressed because one or more lines are too long

105
library/bootstrap/css/bootstrap.css vendored
View File

@ -1,6 +1,6 @@
/*!
* Bootstrap v3.3.5 (http://getbootstrap.com)
* Copyright 2011-2015 Twitter, Inc.
* Bootstrap v3.3.7 (http://getbootstrap.com)
* Copyright 2011-2016 Twitter, Inc.
* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
*/
/*! normalize.css v3.0.3 | MIT License | github.com/necolas/normalize.css */
@ -279,10 +279,10 @@ th {
-moz-osx-font-smoothing: grayscale;
}
.glyphicon-asterisk:before {
content: "\2a";
content: "\002a";
}
.glyphicon-plus:before {
content: "\2b";
content: "\002b";
}
.glyphicon-euro:before,
.glyphicon-eur:before {
@ -1106,7 +1106,6 @@ a:focus {
text-decoration: underline;
}
a:focus {
outline: thin dotted;
outline: 5px auto -webkit-focus-ring-color;
outline-offset: -2px;
}
@ -2537,7 +2536,6 @@ select[size] {
input[type="file"]:focus,
input[type="radio"]:focus,
input[type="checkbox"]:focus {
outline: thin dotted;
outline: 5px auto -webkit-focus-ring-color;
outline-offset: -2px;
}
@ -2582,6 +2580,10 @@ output {
.form-control::-webkit-input-placeholder {
color: #999;
}
.form-control::-ms-expand {
background-color: transparent;
border: 0;
}
.form-control[disabled],
.form-control[readonly],
fieldset[disabled] .form-control {
@ -2988,7 +2990,7 @@ select[multiple].input-lg {
}
@media (min-width: 768px) {
.form-horizontal .form-group-lg .control-label {
padding-top: 14.333333px;
padding-top: 11px;
font-size: 18px;
}
}
@ -3025,7 +3027,6 @@ select[multiple].input-lg {
.btn.focus,
.btn:active.focus,
.btn.active.focus {
outline: thin dotted;
outline: 5px auto -webkit-focus-ring-color;
outline-offset: -2px;
}
@ -3096,9 +3097,6 @@ fieldset[disabled] a.btn {
.open > .dropdown-toggle.btn-default {
background-image: none;
}
.btn-default.disabled,
.btn-default[disabled],
fieldset[disabled] .btn-default,
.btn-default.disabled:hover,
.btn-default[disabled]:hover,
fieldset[disabled] .btn-default:hover,
@ -3107,13 +3105,7 @@ fieldset[disabled] .btn-default:hover,
fieldset[disabled] .btn-default:focus,
.btn-default.disabled.focus,
.btn-default[disabled].focus,
fieldset[disabled] .btn-default.focus,
.btn-default.disabled:active,
.btn-default[disabled]:active,
fieldset[disabled] .btn-default:active,
.btn-default.disabled.active,
.btn-default[disabled].active,
fieldset[disabled] .btn-default.active {
fieldset[disabled] .btn-default.focus {
background-color: #fff;
border-color: #ccc;
}
@ -3162,9 +3154,6 @@ fieldset[disabled] .btn-default.active {
.open > .dropdown-toggle.btn-primary {
background-image: none;
}
.btn-primary.disabled,
.btn-primary[disabled],
fieldset[disabled] .btn-primary,
.btn-primary.disabled:hover,
.btn-primary[disabled]:hover,
fieldset[disabled] .btn-primary:hover,
@ -3173,13 +3162,7 @@ fieldset[disabled] .btn-primary:hover,
fieldset[disabled] .btn-primary:focus,
.btn-primary.disabled.focus,
.btn-primary[disabled].focus,
fieldset[disabled] .btn-primary.focus,
.btn-primary.disabled:active,
.btn-primary[disabled]:active,
fieldset[disabled] .btn-primary:active,
.btn-primary.disabled.active,
.btn-primary[disabled].active,
fieldset[disabled] .btn-primary.active {
fieldset[disabled] .btn-primary.focus {
background-color: #337ab7;
border-color: #2e6da4;
}
@ -3228,9 +3211,6 @@ fieldset[disabled] .btn-primary.active {
.open > .dropdown-toggle.btn-success {
background-image: none;
}
.btn-success.disabled,
.btn-success[disabled],
fieldset[disabled] .btn-success,
.btn-success.disabled:hover,
.btn-success[disabled]:hover,
fieldset[disabled] .btn-success:hover,
@ -3239,13 +3219,7 @@ fieldset[disabled] .btn-success:hover,
fieldset[disabled] .btn-success:focus,
.btn-success.disabled.focus,
.btn-success[disabled].focus,
fieldset[disabled] .btn-success.focus,
.btn-success.disabled:active,
.btn-success[disabled]:active,
fieldset[disabled] .btn-success:active,
.btn-success.disabled.active,
.btn-success[disabled].active,
fieldset[disabled] .btn-success.active {
fieldset[disabled] .btn-success.focus {
background-color: #5cb85c;
border-color: #4cae4c;
}
@ -3294,9 +3268,6 @@ fieldset[disabled] .btn-success.active {
.open > .dropdown-toggle.btn-info {
background-image: none;
}
.btn-info.disabled,
.btn-info[disabled],
fieldset[disabled] .btn-info,
.btn-info.disabled:hover,
.btn-info[disabled]:hover,
fieldset[disabled] .btn-info:hover,
@ -3305,13 +3276,7 @@ fieldset[disabled] .btn-info:hover,
fieldset[disabled] .btn-info:focus,
.btn-info.disabled.focus,
.btn-info[disabled].focus,
fieldset[disabled] .btn-info.focus,
.btn-info.disabled:active,
.btn-info[disabled]:active,
fieldset[disabled] .btn-info:active,
.btn-info.disabled.active,
.btn-info[disabled].active,
fieldset[disabled] .btn-info.active {
fieldset[disabled] .btn-info.focus {
background-color: #5bc0de;
border-color: #46b8da;
}
@ -3360,9 +3325,6 @@ fieldset[disabled] .btn-info.active {
.open > .dropdown-toggle.btn-warning {
background-image: none;
}
.btn-warning.disabled,
.btn-warning[disabled],
fieldset[disabled] .btn-warning,
.btn-warning.disabled:hover,
.btn-warning[disabled]:hover,
fieldset[disabled] .btn-warning:hover,
@ -3371,13 +3333,7 @@ fieldset[disabled] .btn-warning:hover,
fieldset[disabled] .btn-warning:focus,
.btn-warning.disabled.focus,
.btn-warning[disabled].focus,
fieldset[disabled] .btn-warning.focus,
.btn-warning.disabled:active,
.btn-warning[disabled]:active,
fieldset[disabled] .btn-warning:active,
.btn-warning.disabled.active,
.btn-warning[disabled].active,
fieldset[disabled] .btn-warning.active {
fieldset[disabled] .btn-warning.focus {
background-color: #f0ad4e;
border-color: #eea236;
}
@ -3426,9 +3382,6 @@ fieldset[disabled] .btn-warning.active {
.open > .dropdown-toggle.btn-danger {
background-image: none;
}
.btn-danger.disabled,
.btn-danger[disabled],
fieldset[disabled] .btn-danger,
.btn-danger.disabled:hover,
.btn-danger[disabled]:hover,
fieldset[disabled] .btn-danger:hover,
@ -3437,13 +3390,7 @@ fieldset[disabled] .btn-danger:hover,
fieldset[disabled] .btn-danger:focus,
.btn-danger.disabled.focus,
.btn-danger[disabled].focus,
fieldset[disabled] .btn-danger.focus,
.btn-danger.disabled:active,
.btn-danger[disabled]:active,
fieldset[disabled] .btn-danger:active,
.btn-danger.disabled.active,
.btn-danger[disabled].active,
fieldset[disabled] .btn-danger.active {
fieldset[disabled] .btn-danger.focus {
background-color: #d9534f;
border-color: #d43f3a;
}
@ -3817,6 +3764,7 @@ tbody.collapse.in {
border-radius: 0;
}
.btn-group-vertical > .btn:first-child:not(:last-child) {
border-top-left-radius: 4px;
border-top-right-radius: 4px;
border-bottom-right-radius: 0;
border-bottom-left-radius: 0;
@ -3824,6 +3772,7 @@ tbody.collapse.in {
.btn-group-vertical > .btn:last-child:not(:first-child) {
border-top-left-radius: 0;
border-top-right-radius: 0;
border-bottom-right-radius: 4px;
border-bottom-left-radius: 4px;
}
.btn-group-vertical > .btn-group:not(:first-child):not(:last-child) > .btn {
@ -3881,6 +3830,9 @@ tbody.collapse.in {
width: 100%;
margin-bottom: 0;
}
.input-group .form-control:focus {
z-index: 3;
}
.input-group-lg > .form-control,
.input-group-lg > .input-group-addon,
.input-group-lg > .input-group-btn > .btn {
@ -4792,7 +4744,7 @@ fieldset[disabled] .navbar-inverse .btn-link:focus {
.pagination > li > span:hover,
.pagination > li > a:focus,
.pagination > li > span:focus {
z-index: 3;
z-index: 2;
color: #23527c;
background-color: #eee;
border-color: #ddd;
@ -4803,7 +4755,7 @@ fieldset[disabled] .navbar-inverse .btn-link:focus {
.pagination > .active > span:hover,
.pagination > .active > a:focus,
.pagination > .active > span:focus {
z-index: 2;
z-index: 3;
color: #fff;
cursor: default;
background-color: #337ab7;
@ -5024,6 +4976,8 @@ a.badge:focus {
}
.container .jumbotron,
.container-fluid .jumbotron {
padding-right: 15px;
padding-left: 15px;
border-radius: 6px;
}
.jumbotron .container {
@ -5978,7 +5932,6 @@ button.close {
opacity: .5;
}
.modal-header {
min-height: 16.42857143px;
padding: 15px;
border-bottom: 1px solid #e5e5e5;
}
@ -6371,6 +6324,7 @@ button.close {
color: #fff;
text-align: center;
text-shadow: 0 1px 2px rgba(0, 0, 0, .6);
background-color: rgba(0, 0, 0, 0);
filter: alpha(opacity=50);
opacity: .5;
}
@ -6484,16 +6438,16 @@ button.close {
.carousel-control .icon-next {
width: 30px;
height: 30px;
margin-top: -15px;
margin-top: -10px;
font-size: 30px;
}
.carousel-control .glyphicon-chevron-left,
.carousel-control .icon-prev {
margin-left: -15px;
margin-left: -10px;
}
.carousel-control .glyphicon-chevron-right,
.carousel-control .icon-next {
margin-right: -15px;
margin-right: -10px;
}
.carousel-caption {
right: 20%;
@ -6532,6 +6486,8 @@ button.close {
.pager:after,
.panel-body:before,
.panel-body:after,
.modal-header:before,
.modal-header:after,
.modal-footer:before,
.modal-footer:after {
display: table;
@ -6551,6 +6507,7 @@ button.close {
.navbar-collapse:after,
.pager:after,
.panel-body:after,
.modal-header:after,
.modal-footer:after {
clear: both;
}

7
library/bootstrap/css/bootstrap.min.css vendored
View File

File diff suppressed because one or more lines are too long

118
library/bootstrap/js/bootstrap.js vendored
View File

@ -1,6 +1,6 @@
/*!
* Bootstrap v3.3.5 (http://getbootstrap.com)
* Copyright 2011-2015 Twitter, Inc.
* Bootstrap v3.3.7 (http://getbootstrap.com)
* Copyright 2011-2016 Twitter, Inc.
* Licensed under the MIT license
*/
@ -11,16 +11,16 @@ if (typeof jQuery === 'undefined') {
+function ($) {
'use strict';
var version = $.fn.jquery.split(' ')[0].split('.')
if ((version[0] < 2 && version[1] < 9) || (version[0] == 1 && version[1] == 9 && version[2] < 1)) {
throw new Error('Bootstrap\'s JavaScript requires jQuery version 1.9.1 or higher')
if ((version[0] < 2 && version[1] < 9) || (version[0] == 1 && version[1] == 9 && version[2] < 1) || (version[0] > 3)) {
throw new Error('Bootstrap\'s JavaScript requires jQuery version 1.9.1 or higher, but lower than version 4')
}
}(jQuery);
/* ========================================================================
* Bootstrap: transition.js v3.3.5
* Bootstrap: transition.js v3.3.7
* http://getbootstrap.com/javascript/#transitions
* ========================================================================
* Copyright 2011-2015 Twitter, Inc.
* Copyright 2011-2016 Twitter, Inc.
* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
* ======================================================================== */
@ -77,10 +77,10 @@ if (typeof jQuery === 'undefined') {
}(jQuery);
/* ========================================================================
* Bootstrap: alert.js v3.3.5
* Bootstrap: alert.js v3.3.7
* http://getbootstrap.com/javascript/#alerts
* ========================================================================
* Copyright 2011-2015 Twitter, Inc.
* Copyright 2011-2016 Twitter, Inc.
* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
* ======================================================================== */
@ -96,7 +96,7 @@ if (typeof jQuery === 'undefined') {
$(el).on('click', dismiss, this.close)
}
Alert.VERSION = '3.3.5'
Alert.VERSION = '3.3.7'
Alert.TRANSITION_DURATION = 150
@ -109,7 +109,7 @@ if (typeof jQuery === 'undefined') {
selector = selector && selector.replace(/.*(?=#[^\s]*$)/, '') // strip for ie7
}
var $parent = $(selector)
var $parent = $(selector === '#' ? [] : selector)
if (e) e.preventDefault()
@ -172,10 +172,10 @@ if (typeof jQuery === 'undefined') {
}(jQuery);
/* ========================================================================
* Bootstrap: button.js v3.3.5
* Bootstrap: button.js v3.3.7
* http://getbootstrap.com/javascript/#buttons
* ========================================================================
* Copyright 2011-2015 Twitter, Inc.
* Copyright 2011-2016 Twitter, Inc.
* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
* ======================================================================== */
@ -192,7 +192,7 @@ if (typeof jQuery === 'undefined') {
this.isLoading = false
}
Button.VERSION = '3.3.5'
Button.VERSION = '3.3.7'
Button.DEFAULTS = {
loadingText: 'loading...'
@ -214,10 +214,10 @@ if (typeof jQuery === 'undefined') {
if (state == 'loadingText') {
this.isLoading = true
$el.addClass(d).attr(d, d)
$el.addClass(d).attr(d, d).prop(d, true)
} else if (this.isLoading) {
this.isLoading = false
$el.removeClass(d).removeAttr(d)
$el.removeClass(d).removeAttr(d).prop(d, false)
}
}, this), 0)
}
@ -281,10 +281,15 @@ if (typeof jQuery === 'undefined') {
$(document)
.on('click.bs.button.data-api', '[data-toggle^="button"]', function (e) {
var $btn = $(e.target)
if (!$btn.hasClass('btn')) $btn = $btn.closest('.btn')
var $btn = $(e.target).closest('.btn')
Plugin.call($btn, 'toggle')
if (!($(e.target).is('input[type="radio"]') || $(e.target).is('input[type="checkbox"]'))) e.preventDefault()
if (!($(e.target).is('input[type="radio"], input[type="checkbox"]'))) {
// Prevent double click on radios, and the double selections (so cancellation) on checkboxes
e.preventDefault()
// The target component still receive the focus
if ($btn.is('input,button')) $btn.trigger('focus')
else $btn.find('input:visible,button:visible').first().trigger('focus')
}
})
.on('focus.bs.button.data-api blur.bs.button.data-api', '[data-toggle^="button"]', function (e) {
$(e.target).closest('.btn').toggleClass('focus', /^focus(in)?$/.test(e.type))
@ -293,10 +298,10 @@ if (typeof jQuery === 'undefined') {
}(jQuery);
/* ========================================================================
* Bootstrap: carousel.js v3.3.5
* Bootstrap: carousel.js v3.3.7
* http://getbootstrap.com/javascript/#carousel
* ========================================================================
* Copyright 2011-2015 Twitter, Inc.
* Copyright 2011-2016 Twitter, Inc.
* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
* ======================================================================== */
@ -324,7 +329,7 @@ if (typeof jQuery === 'undefined') {
.on('mouseleave.bs.carousel', $.proxy(this.cycle, this))
}
Carousel.VERSION = '3.3.5'
Carousel.VERSION = '3.3.7'
Carousel.TRANSITION_DURATION = 600
@ -531,13 +536,14 @@ if (typeof jQuery === 'undefined') {
}(jQuery);
/* ========================================================================
* Bootstrap: collapse.js v3.3.5
* Bootstrap: collapse.js v3.3.7
* http://getbootstrap.com/javascript/#collapse
* ========================================================================
* Copyright 2011-2015 Twitter, Inc.
* Copyright 2011-2016 Twitter, Inc.
* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
* ======================================================================== */
/* jshint latedef: false */
+function ($) {
'use strict';
@ -561,7 +567,7 @@ if (typeof jQuery === 'undefined') {
if (this.options.toggle) this.toggle()
}
Collapse.VERSION = '3.3.5'
Collapse.VERSION = '3.3.7'
Collapse.TRANSITION_DURATION = 350
@ -743,10 +749,10 @@ if (typeof jQuery === 'undefined') {
}(jQuery);
/* ========================================================================
* Bootstrap: dropdown.js v3.3.5
* Bootstrap: dropdown.js v3.3.7
* http://getbootstrap.com/javascript/#dropdowns
* ========================================================================
* Copyright 2011-2015 Twitter, Inc.
* Copyright 2011-2016 Twitter, Inc.
* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
* ======================================================================== */
@ -763,7 +769,7 @@ if (typeof jQuery === 'undefined') {
$(element).on('click.bs.dropdown', this.toggle)
}
Dropdown.VERSION = '3.3.5'
Dropdown.VERSION = '3.3.7'
function getParent($this) {
var selector = $this.attr('data-target')
@ -795,7 +801,7 @@ if (typeof jQuery === 'undefined') {
if (e.isDefaultPrevented()) return
$this.attr('aria-expanded', 'false')
$parent.removeClass('open').trigger('hidden.bs.dropdown', relatedTarget)
$parent.removeClass('open').trigger($.Event('hidden.bs.dropdown', relatedTarget))
})
}
@ -829,7 +835,7 @@ if (typeof jQuery === 'undefined') {
$parent
.toggleClass('open')
.trigger('shown.bs.dropdown', relatedTarget)
.trigger($.Event('shown.bs.dropdown', relatedTarget))
}
return false
@ -909,10 +915,10 @@ if (typeof jQuery === 'undefined') {
}(jQuery);
/* ========================================================================
* Bootstrap: modal.js v3.3.5
* Bootstrap: modal.js v3.3.7
* http://getbootstrap.com/javascript/#modals
* ========================================================================
* Copyright 2011-2015 Twitter, Inc.
* Copyright 2011-2016 Twitter, Inc.
* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
* ======================================================================== */
@ -943,7 +949,7 @@ if (typeof jQuery === 'undefined') {
}
}
Modal.VERSION = '3.3.5'
Modal.VERSION = '3.3.7'
Modal.TRANSITION_DURATION = 300
Modal.BACKDROP_TRANSITION_DURATION = 150
@ -1050,7 +1056,9 @@ if (typeof jQuery === 'undefined') {
$(document)
.off('focusin.bs.modal') // guard against infinite focus loop
.on('focusin.bs.modal', $.proxy(function (e) {
if (this.$element[0] !== e.target && !this.$element.has(e.target).length) {
if (document !== e.target &&
this.$element[0] !== e.target &&
!this.$element.has(e.target).length) {
this.$element.trigger('focus')
}
}, this))
@ -1247,11 +1255,11 @@ if (typeof jQuery === 'undefined') {
}(jQuery);
/* ========================================================================
* Bootstrap: tooltip.js v3.3.5
* Bootstrap: tooltip.js v3.3.7
* http://getbootstrap.com/javascript/#tooltip
* Inspired by the original jQuery.tipsy by Jason Frame
* ========================================================================
* Copyright 2011-2015 Twitter, Inc.
* Copyright 2011-2016 Twitter, Inc.
* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
* ======================================================================== */
@ -1274,7 +1282,7 @@ if (typeof jQuery === 'undefined') {
this.init('tooltip', element, options)
}
Tooltip.VERSION = '3.3.5'
Tooltip.VERSION = '3.3.7'
Tooltip.TRANSITION_DURATION = 150
@ -1565,9 +1573,11 @@ if (typeof jQuery === 'undefined') {
function complete() {
if (that.hoverState != 'in') $tip.detach()
that.$element
.removeAttr('aria-describedby')
.trigger('hidden.bs.' + that.type)
if (that.$element) { // TODO: Check whether guarding this code with this `if` is really necessary.
that.$element
.removeAttr('aria-describedby')
.trigger('hidden.bs.' + that.type)
}
callback && callback()
}
@ -1610,7 +1620,10 @@ if (typeof jQuery === 'undefined') {
// width and height are missing in IE8, so compute them manually; see https://github.com/twbs/bootstrap/issues/14093
elRect = $.extend({}, elRect, { width: elRect.right - elRect.left, height: elRect.bottom - elRect.top })
}
var elOffset = isBody ? { top: 0, left: 0 } : $element.offset()
var isSvg = window.SVGElement && el instanceof window.SVGElement
// Avoid using $.offset() on SVGs since it gives incorrect results in jQuery 3.
// See https://github.com/twbs/bootstrap/issues/20280
var elOffset = isBody ? { top: 0, left: 0 } : (isSvg ? null : $element.offset())
var scroll = { scroll: isBody ? document.documentElement.scrollTop || document.body.scrollTop : $element.scrollTop() }
var outerDims = isBody ? { width: $(window).width(), height: $(window).height() } : null
@ -1726,6 +1739,7 @@ if (typeof jQuery === 'undefined') {
that.$tip = null
that.$arrow = null
that.$viewport = null
that.$element = null
})
}
@ -1762,10 +1776,10 @@ if (typeof jQuery === 'undefined') {
}(jQuery);
/* ========================================================================
* Bootstrap: popover.js v3.3.5
* Bootstrap: popover.js v3.3.7
* http://getbootstrap.com/javascript/#popovers
* ========================================================================
* Copyright 2011-2015 Twitter, Inc.
* Copyright 2011-2016 Twitter, Inc.
* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
* ======================================================================== */
@ -1782,7 +1796,7 @@ if (typeof jQuery === 'undefined') {
if (!$.fn.tooltip) throw new Error('Popover requires tooltip.js')
Popover.VERSION = '3.3.5'
Popover.VERSION = '3.3.7'
Popover.DEFAULTS = $.extend({}, $.fn.tooltip.Constructor.DEFAULTS, {
placement: 'right',
@ -1871,10 +1885,10 @@ if (typeof jQuery === 'undefined') {
}(jQuery);
/* ========================================================================
* Bootstrap: scrollspy.js v3.3.5
* Bootstrap: scrollspy.js v3.3.7
* http://getbootstrap.com/javascript/#scrollspy
* ========================================================================
* Copyright 2011-2015 Twitter, Inc.
* Copyright 2011-2016 Twitter, Inc.
* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
* ======================================================================== */
@ -1900,7 +1914,7 @@ if (typeof jQuery === 'undefined') {
this.process()
}
ScrollSpy.VERSION = '3.3.5'
ScrollSpy.VERSION = '3.3.7'
ScrollSpy.DEFAULTS = {
offset: 10
@ -2044,10 +2058,10 @@ if (typeof jQuery === 'undefined') {
}(jQuery);
/* ========================================================================
* Bootstrap: tab.js v3.3.5
* Bootstrap: tab.js v3.3.7
* http://getbootstrap.com/javascript/#tabs
* ========================================================================
* Copyright 2011-2015 Twitter, Inc.
* Copyright 2011-2016 Twitter, Inc.
* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
* ======================================================================== */
@ -2064,7 +2078,7 @@ if (typeof jQuery === 'undefined') {
// jscs:enable requireDollarBeforejQueryAssignment
}
Tab.VERSION = '3.3.5'
Tab.VERSION = '3.3.7'
Tab.TRANSITION_DURATION = 150
@ -2200,10 +2214,10 @@ if (typeof jQuery === 'undefined') {
}(jQuery);
/* ========================================================================
* Bootstrap: affix.js v3.3.5
* Bootstrap: affix.js v3.3.7
* http://getbootstrap.com/javascript/#affix
* ========================================================================
* Copyright 2011-2015 Twitter, Inc.
* Copyright 2011-2016 Twitter, Inc.
* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
* ======================================================================== */
@ -2229,7 +2243,7 @@ if (typeof jQuery === 'undefined') {
this.checkPosition()
}
Affix.VERSION = '3.3.5'
Affix.VERSION = '3.3.7'
Affix.RESET = 'affix affix-top affix-bottom'

8
library/bootstrap/js/bootstrap.min.js vendored
View File

File diff suppressed because one or more lines are too long

8311
util/hmessages.po
View File

File diff suppressed because it is too large Load Diff

6
view/css/conversation.css
View File

@ -40,6 +40,12 @@
resize: vertical;
}
#profile-jot-text.hover {
background-color: aliceblue;
opacity: 0.5;
box-shadow: inset 0 0px 7px #5cb85c;
}
.jot-attachment {
border: 0px;
padding: 10px;

13
view/css/mod_cloud.css
View File

@ -41,3 +41,16 @@
padding: 7px 10px;
width: 100%;
}
#cloud-drag-area.hover {
background-color: aliceblue;
opacity: 0.5;
box-shadow: inset 0 0px 7px #5cb85c;
}
.upload-progress-bar {
background: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVR42mOM2RFTDwAE2QHxFMHIIwAAAABJRU5ErkJggg==') repeat-y;
background-size: 0px;
padding: 0px !important;
height: 3px;
}

85
view/css/mod_webpages.css
View File

@ -34,3 +34,88 @@
.webpage-list-tool {
padding: 7px 10px;
}
.webpage-import-button {
background-color: green;
color: white;
}
.webpage-import-button:hover {
background-color: darkgreen;
}
/* SQUARED TWO */
.squaredTwo {
width: 28px;
height: 28px;
background: #fcfff4;
background: -webkit-linear-gradient(top, #fcfff4 0%, #dfe5d7 40%, #b3bead 100%);
background: -moz-linear-gradient(top, #fcfff4 0%, #dfe5d7 40%, #b3bead 100%);
background: -o-linear-gradient(top, #fcfff4 0%, #dfe5d7 40%, #b3bead 100%);
background: -ms-linear-gradient(top, #fcfff4 0%, #dfe5d7 40%, #b3bead 100%);
background: linear-gradient(top, #fcfff4 0%, #dfe5d7 40%, #b3bead 100%);
filter: progid:DXImageTransform.Microsoft.gradient( startColorstr='#fcfff4', endColorstr='#b3bead',GradientType=0 );
margin: 20px auto;
-webkit-box-shadow: inset 0px 1px 1px white, 0px 1px 3px rgba(0,0,0,0.5);
-moz-box-shadow: inset 0px 1px 1px white, 0px 1px 3px rgba(0,0,0,0.5);
box-shadow: inset 0px 1px 1px white, 0px 1px 3px rgba(0,0,0,0.5);
position: relative;
}
.squaredTwo label {
cursor: pointer;
position: absolute;
width: 20px;
height: 20px;
left: 4px;
top: 4px;
-webkit-box-shadow: inset 0px 1px 1px rgba(0,0,0,0.5), 0px 1px 0px rgba(255,255,255,1);
-moz-box-shadow: inset 0px 1px 1px rgba(0,0,0,0.5), 0px 1px 0px rgba(255,255,255,1);
box-shadow: inset 0px 1px 1px rgba(0,0,0,0.5), 0px 1px 0px rgba(255,255,255,1);
background: -webkit-linear-gradient(top, #222 0%, #45484d 100%);
background: -moz-linear-gradient(top, #222 0%, #45484d 100%);
background: -o-linear-gradient(top, #222 0%, #45484d 100%);
background: -ms-linear-gradient(top, #222 0%, #45484d 100%);
background: linear-gradient(top, #222 0%, #45484d 100%);
filter: progid:DXImageTransform.Microsoft.gradient( startColorstr='#222', endColorstr='#45484d',GradientType=0 );
}
.squaredTwo label:after {
-ms-filter: "progid:DXImageTransform.Microsoft.Alpha(Opacity=0)";
filter: alpha(opacity=0);
opacity: 0;
content: '';
position: absolute;
width: 9px;
height: 5px;
background: transparent;
top: 4px;
left: 4px;
border: 3px solid #fcfff4;
border-top: none;
border-right: none;
-webkit-transform: rotate(-45deg);
-moz-transform: rotate(-45deg);
-o-transform: rotate(-45deg);
-ms-transform: rotate(-45deg);
transform: rotate(-45deg);
}
.squaredTwo label:hover::after {
-ms-filter: "progid:DXImageTransform.Microsoft.Alpha(Opacity=30)";
filter: alpha(opacity=30);
opacity: 0.3;
}
.squaredTwo input[type=checkbox]:checked + label:after {
-ms-filter: "progid:DXImageTransform.Microsoft.Alpha(Opacity=100)";
filter: alpha(opacity=100);
opacity: 1;
}

10742
view/de/hmessages.po
View File

File diff suppressed because it is too large Load Diff

2447
view/de/hstrings.php
View File

File diff suppressed because it is too large Load Diff

8
view/de/htconfig.tpl
View File

@ -10,8 +10,6 @@ $db_pass = '{{$dbpass}}';
$db_data = '{{$dbdata}}';
$db_type = '{{$dbtype}}'; // an integer. 0 or unset for mysql, 1 for postgres
define( 'UNO', {{$uno}} );
/*
* Notice: Many of the following settings will be available in the admin panel
* after a successful site install. Once they are set in the admin panel, they
@ -36,6 +34,12 @@ App::$config['system']['baseurl'] = '{{$siteurl}}';
App::$config['system']['sitename'] = "Hubzilla";
App::$config['system']['location_hash'] = '{{$site_id}}';
// Choices are 'basic', 'standard', and 'pro'.
// basic sets up the sevrer for basic social networking and removes "complicated" features
// standard provides most desired features except e-commerce
// pro gives you access to everything
App::$config['system']['server_role'] = '{{$server_role}}';
// These lines set additional security headers to be sent with all responses
// You may wish to set transport_security_header to 0 if your server already sends

8
view/en-au/htconfig.tpl
View File

@ -10,8 +10,6 @@ $db_pass = '{{$dbpass}}';
$db_data = '{{$dbdata}}';
$db_type = '{{$dbtype}}'; // an integer. 0 or unset for mysql, 1 for postgres
define( 'UNO', {{$uno}} );
/*
* Notice: Many of the following settings will be available in the admin panel
* after a successful site install. Once they are set in the admin panel, they
@ -36,6 +34,12 @@ App::$config['system']['baseurl'] = '{{$siteurl}}';
App::$config['system']['sitename'] = "Hubzilla";
App::$config['system']['location_hash'] = '{{$site_id}}';
// Choices are 'basic', 'standard', and 'pro'.
// basic sets up the sevrer for basic social networking and removes "complicated" features
// standard provides most desired features except e-commerce
// pro gives you access to everything
App::$config['system']['server_role'] = '{{$server_role}}';
// These lines set additional security headers to be sent with all responses
// You may wish to set transport_security_header to 0 if your server already sends

10
view/en-gb/htconfig.tpl
View File

@ -10,8 +10,6 @@ $db_pass = '{{$dbpass}}';
$db_data = '{{$dbdata}}';
$db_type = '{{$dbtype}}'; // an integer. 0 or unset for mysql, 1 for postgres
define( 'UNO', {{$uno}} );
/*
* Notice: Many of the following settings will be available in the admin panel
* after a successful site install. Once they are set in the admin panel, they
@ -36,6 +34,14 @@ App::$config['system']['baseurl'] = '{{$siteurl}}';
App::$config['system']['sitename'] = "Hubzilla";
App::$config['system']['location_hash'] = '{{$site_id}}';
// Choices are 'basic', 'standard', and 'pro'.
// basic sets up the sevrer for basic social networking and removes "complicated" features
// standard provides most desired features except e-commerce
// pro gives you access to everything
App::$config['system']['server_role'] = '{{$server_role}}';
// These lines set additional security headers to be sent with all responses
// You may wish to set transport_security_header to 0 if your server already sends
// this header. content_security_policy may need to be disabled if you wish to

10
view/en/htconfig.tpl
View File

@ -10,8 +10,6 @@ $db_pass = '{{$dbpass}}';
$db_data = '{{$dbdata}}';
$db_type = '{{$dbtype}}'; // an integer. 0 or unset for mysql, 1 for postgres
define( 'UNO', {{$uno}} );
/*
* Notice: Many of the following settings will be available in the admin panel
* after a successful site install. Once they are set in the admin panel, they
@ -36,6 +34,14 @@ App::$config['system']['baseurl'] = '{{$siteurl}}';
App::$config['system']['sitename'] = "Hubzilla";
App::$config['system']['location_hash'] = '{{$site_id}}';
// Choices are 'basic', 'standard', and 'pro'.
// basic sets up the sevrer for basic social networking and removes "complicated" features
// standard provides most desired features except e-commerce
// pro gives you access to everything
App::$config['system']['server_role'] = '{{$server_role}}';
// These lines set additional security headers to be sent with all responses
// You may wish to set transport_security_header to 0 if your server already sends
// this header. content_security_policy may need to be disabled if you wish to

14016
view/es-es/hmessages.po
View File

File diff suppressed because it is too large Load Diff

2215
view/es-es/hstrings.php
View File

File diff suppressed because it is too large Load Diff

10
view/fr/htconfig.tpl
View File

@ -12,8 +12,6 @@ $db_pass = '{{$dbpass}}';
$db_data = '{{$dbdata}}';
$db_type = '{{$dbtype}}'; // an integer. 0 or unset for mysql, 1 for postgres
define( 'UNO', {{$uno}} );
/*
* Note: Plusieurs de ces réglages seront disponibles via le panneau d'administration
* après l'installation. Lorsque des modifications sont apportés à travers le panneau d'administration
@ -37,6 +35,14 @@ App::$config['system']['baseurl'] = '{{$siteurl}}';
App::$config['system']['sitename'] = "Hubzilla";
App::$config['system']['location_hash'] = '{{$site_id}}';
// Choices are 'basic', 'standard', and 'pro'.
// basic sets up the sevrer for basic social networking and removes "complicated" features
// standard provides most desired features except e-commerce
// pro gives you access to everything
App::$config['system']['server_role'] = '{{$server_role}}';
// These lines set additional security headers to be sent with all responses
// You may wish to set transport_security_header to 0 if your server already sends

10
view/it/htconfig.tpl
View File

@ -10,8 +10,6 @@ $db_pass = '{{$dbpass}}';
$db_data = '{{$dbdata}}';
$db_type = '{{$dbtype}}'; // an integer. 0 or unset for mysql, 1 for postgres
define( 'UNO', {{$uno}} );
/*
* Notice: Many of the following settings will be available in the admin panel
* after a successful site install. Once they are set in the admin panel, they
@ -36,6 +34,14 @@ App::$config['system']['baseurl'] = '{{$siteurl}}';
App::$config['system']['sitename'] = "Hubzilla";
App::$config['system']['location_hash'] = '{{$site_id}}';
// Choices are 'basic', 'standard', and 'pro'.
// basic sets up the sevrer for basic social networking and removes "complicated" features
// standard provides most desired features except e-commerce
// pro gives you access to everything
App::$config['system']['server_role'] = '{{$server_role}}';
// These lines set additional security headers to be sent with all responses
// You may wish to set transport_security_header to 0 if your server already sends
// this header. content_security_policy may need to be disabled if you wish to

95
view/js/acl.js
View File

@ -1,15 +1,17 @@
function ACL(backend_url, preset) {
function ACL(backend_url) {
that = this;
that.url = backend_url;
that.kp_timer = null;
if (preset === undefined) preset = [];
that.allow_cid = (preset[0] || []);
that.allow_gid = (preset[1] || []);
that.deny_cid = (preset[2] || []);
that.deny_gid = (preset[3] || []);
that.self = [];
that.allow_cid = [];
that.allow_gid = [];
that.deny_cid = [];
that.deny_gid = [];
that.group_uids = [];
that.info = $("#acl-info");
@ -21,11 +23,8 @@ function ACL(backend_url, preset) {
that.showlimited = $("#acl-showlimited");
that.acl_select = $("#acl-select");
that.preset = preset;
that.self = [];
// set the initial ACL lists in case the enclosing form gets submitted before the ajax loader completes.
that.on_submit();
//that.on_submit();
/*events*/
@ -47,6 +46,10 @@ function ACL(backend_url, preset) {
}
});
$(document).on('focus', '.acl-form', that.get_form_data);
$(document).on('click', '.acl-form', that.get_form_data);
$(document).on('click', '.acl-form-trigger', that.get_form_data);
$(document).on('click','.acl-button-show',that.on_button_show);
$(document).on('click','.acl-button-hide',that.on_button_hide);
@ -54,29 +57,50 @@ function ACL(backend_url, preset) {
/* startup! */
that.get(0,15000);
that.on_submit();
//that.on_submit();
});
}
// no longer called only on submit - call to update whenever a change occurs to the acl list.
ACL.prototype.get_form_data = function(event) {
form_id = $(this).data('form_id');
that.form_id = $('#' + form_id);
that.allow_cid = (that.form_id.data('allow_cid') || []);
that.allow_gid = (that.form_id.data('allow_gid') || []);
that.deny_cid = (that.form_id.data('deny_cid') || []);
that.deny_gid = (that.form_id.data('deny_gid') || []);
that.update_view();
that.on_submit();
}
// no longer called only on submit - call to update whenever a change occurs to the acl list.
ACL.prototype.on_submit = function() {
aclfields = $("#acl-fields").html("");
$('.acl-field').remove();
$(that.allow_gid).each(function(i,v) {
aclfields.append("<input type='hidden' name='group_allow[]' value='"+v+"'>");
that.form_id.append("<input class='acl-field' type='hidden' name='group_allow[]' value='"+v+"'>");
});
$(that.allow_cid).each(function(i,v) {
aclfields.append("<input type='hidden' name='contact_allow[]' value='"+v+"'>");
that.form_id.append("<input class='acl-field' type='hidden' name='contact_allow[]' value='"+v+"'>");
});
$(that.deny_gid).each(function(i,v) {
aclfields.append("<input type='hidden' name='group_deny[]' value='"+v+"'>");
that.form_id.append("<input class='acl-field' type='hidden' name='group_deny[]' value='"+v+"'>");
});
$(that.deny_cid).each(function(i,v) {
aclfields.append("<input type='hidden' name='contact_deny[]' value='"+v+"'>");
that.form_id.append("<input class='acl-field' type='hidden' name='contact_deny[]' value='"+v+"'>");
});
var formfields = $('.profile-jot-net input').serializeArray();
$.each(formfields, function(i, field) {
that.form_id.append("<input class='acl-field' type='hidden' name='"+field.name+"' value='"+field.value+"'>");
});
//areYouSure jquery plugin: recheck the form here
$('form').trigger('checkform.areYouSure');
};
ACL.prototype.search = function() {
@ -101,6 +125,7 @@ ACL.prototype.on_onlyme = function(event) {
that.deny_cid = [];
that.deny_gid = [];
that.update_view(event.target.value);
that.on_submit();
@ -126,14 +151,14 @@ ACL.prototype.on_showlimited = function(event) {
// preventDefault() isn't called here as we want state changes from update_view() to be applied to the radiobutton
event.stopPropagation();
if(that.preset[0].length === 0 && that.preset[1].length === 0 && that.preset[2].length === 0 && that.preset[3].length === 0) {
that.preset[0] = [that.self[0]];
if(that.allow_cid.length === 0 && that.allow_gid.length === 0 && that.deny_cid.length === 0 && that.deny_gid.length === 0) {
that.allow_cid = [that.self[0]];
}
that.allow_cid = (that.preset[0] || []);
that.allow_gid = (that.preset[1] || []);
that.deny_cid = (that.preset[2] || []);
that.deny_gid = (that.preset[3] || []);
that.allow_cid = (that.allow_cid || []);
that.allow_gid = (that.allow_gid || []);
that.deny_cid = (that.deny_cid || []);
that.deny_gid = (that.deny_gid || []);
that.update_view(event.target.value);
that.on_submit();
@ -239,13 +264,19 @@ ACL.prototype.set_deny = function(itemid) {
that.update_view();
};
ACL.prototype.update_select = function(preset) {
that.showall.prop('selected', preset === 'public');
that.onlyme.prop('selected', preset === 'onlyme');
that.showlimited.prop('selected', preset === 'limited');
ACL.prototype.update_select = function(set) {
that.showall.prop('selected', set === 'public');
that.onlyme.prop('selected', set === 'onlyme');
that.showlimited.prop('selected', set === 'limited');
};
ACL.prototype.update_view = function(value) {
if(that.form_id) {
that.form_id.data('allow_cid', that.allow_cid);
that.form_id.data('allow_gid', that.allow_gid);
that.form_id.data('deny_cid', that.deny_cid);
that.form_id.data('deny_gid', that.deny_gid);
}
if (that.allow_gid.length === 0 && that.allow_cid.length === 0 && that.deny_gid.length === 0 && that.deny_cid.length === 0) {
that.list.hide(); //hide acl-list
@ -259,8 +290,8 @@ ACL.prototype.update_view = function(value) {
}
// if value != 'onlyme' we should fall through this one
else if (that.allow_gid.length === 0 && that.allow_cid.length === 1 && that.allow_cid[0] === that.self[0] && that.deny_gid.length === 0 && that.deny_cid.length === 0 && value === 'onlyme') {
that.list.hide(); //hide acl-list if
else if (that.allow_gid.length === 0 && that.allow_cid.length === 1 && that.allow_cid[0] === that.self[0] && that.deny_gid.length === 0 && that.deny_cid.length === 0 && value !== 'limited') {
that.list.hide(); //hide acl-list
that.info.hide(); //show acl-info
that.update_select('onlyme');
@ -363,5 +394,5 @@ ACL.prototype.populate = function(data) {
$(el).attr('src', $(el).data("src"));
$(el).removeAttr("data-src");
});
that.update_view();
//that.update_view();
};

2
view/js/main.js
View File

@ -1015,8 +1015,6 @@ function filestorage(event, nick, id) {
$('#cloud-index-' + last_filestorage_id).removeClass('cloud-index-active');
$('#perms-panel-' + last_filestorage_id).hide().html('');
$('#file-edit-' + id).spin('tiny');
// What for do we need this here?
delete acl;
$.get('filestorage/' + nick + '/' + id + '/edit', function(data) {
$('#cloud-index-' + id).addClass('cloud-index-active');
$('#perms-panel-' + id).html(data).show();

216
view/js/mod_cloud.js Normal file
View File

@ -0,0 +1,216 @@
/**
* JavaScript for mod/cloud
*/
$(document).ready(function () {
// call initialization file
if (window.File && window.FileList && window.FileReader) {
UploadInit();
}
});
//
// initialize
function UploadInit() {
var fileselect = $("#files-upload");
var filedrag = $("#cloud-drag-area");
var submit = $("#upload-submit");
// is XHR2 available?
var xhr = new XMLHttpRequest();
if (xhr.upload) {
// file select
fileselect.attr("multiple", 'multiple');
fileselect.on("change", UploadFileSelectHandler);
// file submit
submit.on("click", fileselect, UploadFileSelectHandler);
// file drop
filedrag.on("dragover", DragDropUploadFileHover);
filedrag.on("dragleave", DragDropUploadFileHover);
filedrag.on("drop", DragDropUploadFileSelectHandler);
}
window.filesToUpload = 0;
window.fileUploadsCompleted = 0;
}
// file drag hover
function DragDropUploadFileHover(e) {
e.stopPropagation();
e.preventDefault();
e.currentTarget.className = (e.type == "dragover" ? "hover" : "");
}
// file selection via drag/drop
function DragDropUploadFileSelectHandler(e) {
// cancel event and hover styling
DragDropUploadFileHover(e);
// fetch FileList object
var files = e.target.files || e.originalEvent.dataTransfer.files;
$('.new-upload').remove();
// process all File objects
for (var i = 0, f; f = files[i]; i++) {
prepareHtml(f, i);
UploadFile(f, i);
}
}
// file selection via input
function UploadFileSelectHandler(e) {
// fetch FileList object
if(e.target.id === 'upload-submit') {
e.preventDefault();
var files = e.data[0].files;
}
if(e.target.id === 'files-upload') {
$('.new-upload').remove();
var files = e.target.files;
}
// process all File objects
for (var i = 0, f; f = files[i]; i++) {
if(e.target.id === 'files-upload')
prepareHtml(f, i);
if(e.target.id === 'upload-submit') {
UploadFile(f, i);
}
}
}
function prepareHtml(f, i) {
var num = i - 1;
$('#cloud-index #new-upload-progress-bar-' + num.toString()).after(
'<tr id="new-upload-' + i + '" class="new-upload">' +
'<td><i class="fa ' + getIconFromType(f.type) + '" title="' + f.type + '"></i></td>' +
'<td>' + f.name + '</td>' +
'<td id="upload-progress-' + i + '"></td><td></td><td></td><td></td><td></td>' +
'<td class="hidden-xs">' + formatSizeUnits(f.size) + '</td><td class="hidden-xs"></td>' +
'</tr>' +
'<tr id="new-upload-progress-bar-' + i + '" class="new-upload">' +
'<td id="upload-progress-bar-' + i + '" colspan="9" class="upload-progress-bar"></td>' +
'</tr>'
);
}
function formatSizeUnits(bytes){
if (bytes>=1000000000) {bytes=(bytes/1000000000).toFixed(2)+' GB';}
else if (bytes>=1000000) {bytes=(bytes/1000000).toFixed(2)+' MB';}
else if (bytes>=1000) {bytes=(bytes/1000).toFixed(2)+' KB';}
else if (bytes>1) {bytes=bytes+' bytes';}
else if (bytes==1) {bytes=bytes+' byte';}
else {bytes='0 byte';}
return bytes;
}
// this is basically a js port of include/text.php getIconFromType() function
function getIconFromType(type) {
var map = {
//Common file
'application/octet-stream': 'fa-file-o',
//Text
'text/plain': 'fa-file-text-o',
'application/msword': 'fa-file-word-o',
'application/pdf': 'fa-file-pdf-o',
'application/vnd.oasis.opendocument.text': 'fa-file-word-o',
'application/epub+zip': 'fa-book',
//Spreadsheet
'application/vnd.oasis.opendocument.spreadsheet': 'fa-file-excel-o',
'application/vnd.ms-excel': 'fa-file-excel-o',
//Image
'image/jpeg': 'fa-picture-o',
'image/png': 'fa-picture-o',
'image/gif': 'fa-picture-o',
'image/svg+xml': 'fa-picture-o',
//Archive
'application/zip': 'fa-file-archive-o',
'application/x-rar-compressed': 'fa-file-archive-o',
//Audio
'audio/mpeg': 'fa-file-audio-o',
'audio/mp3': 'fa-file-audio-o', //webkit browsers need that
'audio/wav': 'fa-file-audio-o',
'application/ogg': 'fa-file-audio-o',
'audio/ogg': 'fa-file-audio-o',
'audio/webm': 'fa-file-audio-o',
'audio/mp4': 'fa-file-audio-o',
//Video
'video/quicktime': 'fa-file-video-o',
'video/webm': 'fa-file-video-o',
'video/mp4': 'fa-file-video-o',
'video/x-matroska': 'fa-file-video-o'
};
var iconFromType = 'fa-file-o';
if (type in map) {
iconFromType = map[type];
}
return iconFromType;
}
// upload files
function UploadFile(file, idx) {
window.filesToUpload = window.filesToUpload + 1;
var xhr = new XMLHttpRequest();
xhr.withCredentials = true; // Include the SESSION cookie info for authentication
(xhr.upload || xhr).addEventListener('progress', function (e) {
var done = e.position || e.loaded;
var total = e.totalSize || e.total;
// Dynamically update the percentage complete displayed in the file upload list
$('#upload-progress-' + idx).html(Math.round(done / total * 100) + '%');
$('#upload-progress-bar-' + idx).css('background-size', Math.round(done / total * 100) + '%');
if(done == total) {
$('#upload-progress-' + idx).html('Processing...');
}
});
xhr.addEventListener('load', function (e) {
//we could possibly turn the filenames to real links here and add the delete and edit buttons to avoid page reload...
$('#upload-progress-' + idx).html('Ready!');
//console.log('xhr upload complete', e);
window.fileUploadsCompleted = window.fileUploadsCompleted + 1;
// When all the uploads have completed, refresh the page
if (window.filesToUpload > 0 && window.fileUploadsCompleted === window.filesToUpload) {
window.fileUploadsCompleted = window.filesToUpload = 0;
// After uploads complete, refresh browser window to display new files
window.location.href = window.location.href;
}
});
xhr.addEventListener('error', function (e) {
$('#upload-progress-' + idx).html('<span style="color: red;">ERROR</span>');
});
// POST to the entire cloud path
xhr.open('post', 'file_upload', true);
var formfields = $("#ajax-upload-files").serializeArray();
var data = new FormData();
$.each(formfields, function(i, field) {
data.append(field.name, field.value);
});
data.append('userfile', file);
xhr.send(data);
}

15
view/js/mod_filestorage.js
View File

@ -1,17 +1,4 @@
/**
* JavaScript used by mod/filestorage
*/
$(document).ready(function() {
$('#contact_allow, #contact_deny, #group_allow, #group_deny').change(function() {
var selstr;
$('#contact_allow option:selected, #contact_deny option:selected, #group_allow option:selected, #group_deny option:selected').each( function() {
selstr = $(this).text();
$('#jot-perms-icon').removeClass('fa-unlock').addClass('fa-lock');
$('#jot-public').hide();
});
if(selstr === null) {
$('#jot-perms-icon').removeClass('fa-lock').addClass('fa-unlock');
$('#jot-public').show();
}
}).trigger('change');
});

16
view/js/mod_photos.js
View File

@ -7,21 +7,7 @@ $(document).ready(function() {
$("#photo-edit-newtag").val('@' + data.name);
});
$('#id_body').bbco_autocomplete('bbcode');
$('#contact_allow, #contact_deny, #group_allow, #group_deny').change(function() {
var selstr;
$('#contact_allow option:selected, #contact_deny option:selected, #group_allow option:selected, #group_deny option:selected').each( function() {
selstr = $(this).text();
$('#jot-perms-icon').removeClass('fa-unlock').addClass('fa-lock');
$('#jot-public').hide();
});
if(selstr === null) {
$('#jot-perms-icon').removeClass('fa-lock').addClass('fa-unlock');
$('#jot-public').show();
}
}).trigger('change');
$('textarea').bbco_autocomplete('bbcode');
showHideBodyTextarea();
});

15
view/js/mod_webpages.js Normal file
View File

@ -0,0 +1,15 @@
$(document).ready(function() {
$("input[type=\"checkbox\"]").hide();
});
window.isChecked = true;
function checkedAll(isChecked) {
window.isChecked = !window.isChecked ;
var c = document.getElementsByTagName('input');
for (var i = 0; i < c.length; i++){
if (c[i].type == 'checkbox'){
c[i].checked = isChecked;
}
}
}

10
view/nb-no/htconfig.tpl
View File

@ -10,8 +10,6 @@ $db_pass = '{{$dbpass}}';
$db_data = '{{$dbdata}}';
$db_type = '{{$dbtype}}'; // an integer. 0 or unset for mysql, 1 for postgres
define( 'UNO', {{$uno}} );
/*
* Notice: Many of the following settings will be available in the admin panel
* after a successful site install. Once they are set in the admin panel, they
@ -36,6 +34,14 @@ App::$config['system']['baseurl'] = '{{$siteurl}}';
App::$config['system']['sitename'] = "Hubzilla";
App::$config['system']['location_hash'] = '{{$site_id}}';
// Choices are 'basic', 'standard', and 'pro'.
// basic sets up the sevrer for basic social networking and removes "complicated" features
// standard provides most desired features except e-commerce
// pro gives you access to everything
App::$config['system']['server_role'] = '{{$server_role}}';
// These lines set additional security headers to be sent with all responses
// You may wish to set transport_security_header to 0 if your server already sends
// this header. content_security_policy may need to be disabled if you wish to

13592
view/nl/hmessages.po
View File

File diff suppressed because it is too large Load Diff

2213
view/nl/hstrings.php
View File

File diff suppressed because it is too large Load Diff

1
view/pdl/mod_webpages.pdl
View File

@ -1,3 +1,4 @@
[region=aside]
[widget=design_tools][/widget]
[widget=website_import_tools][/widget]
[/region]

10
view/pt-br/htconfig.tpl
View File

@ -10,8 +10,6 @@ $db_pass = '{{$dbpass}}';
$db_data = '{{$dbdata}}';
$db_type = '{{$dbtype}}'; // an integer. 0 or unset for mysql, 1 for postgres
define( 'UNO', {{$uno}} );
/*
* Notice: Many of the following settings will be available in the admin panel
* after a successful site install. Once they are set in the admin panel, they
@ -36,6 +34,14 @@ App::$config['system']['baseurl'] = '{{$siteurl}}';
App::$config['system']['sitename'] = "Hubzilla";
App::$config['system']['location_hash'] = '{{$site_id}}';
// Choices are 'basic', 'standard', and 'pro'.
// basic sets up the sevrer for basic social networking and removes "complicated" features
// standard provides most desired features except e-commerce
// pro gives you access to everything
App::$config['system']['server_role'] = '{{$server_role}}';
// These lines set additional security headers to be sent with all responses
// You may wish to set transport_security_header to 0 if your server already sends
// this header. content_security_policy may need to be disabled if you wish to

9
view/ru/htconfig.tpl
View File

@ -10,8 +10,6 @@ $db_pass = '{{$dbpass}}';
$db_data = '{{$dbdata}}';
$db_type = '{{$dbtype}}'; // an integer. 0 or unset for mysql, 1 for postgres
define( 'UNO', {{$uno}} );
/*
* Notice: Many of the following settings will be available in the admin panel
* after a successful site install. Once they are set in the admin panel, they
@ -36,6 +34,13 @@ App::$config['system']['baseurl'] = '{{$siteurl}}';
App::$config['system']['sitename'] = "Hubzilla";
App::$config['system']['location_hash'] = '{{$site_id}}';
// Choices are 'basic', 'standard', and 'pro'.
// basic sets up the sevrer for basic social networking and removes "complicated" features
// standard provides most desired features except e-commerce
// pro gives you access to everything
App::$config['system']['server_role'] = '{{$server_role}}';
// Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED.
// Be certain to create your own personal account before setting
// REGISTER_CLOSED. 'register_text' (if set) will be displayed prominently on

9
view/sv/htconfig.tpl
View File

@ -10,8 +10,6 @@ $db_pass = '{{$dbpass}}';
$db_data = '{{$dbdata}}';
$db_type = '{{$dbtype}}'; // an integer. 0 or unset for mysql, 1 for postgres
define( 'UNO', {{$uno}} );
/*
* Notice: Many of the following settings will be available in the admin panel
* after a successful site install. Once they are set in the admin panel, they
@ -36,6 +34,13 @@ App::$config['system']['baseurl'] = '{{$siteurl}}';
App::$config['system']['sitename'] = "Hubzilla";
App::$config['system']['location_hash'] = '{{$site_id}}';
// Choices are 'basic', 'standard', and 'pro'.
// basic sets up the sevrer for basic social networking and removes "complicated" features
// standard provides most desired features except e-commerce
// pro gives you access to everything
App::$config['system']['server_role'] = '{{$server_role}}';
// Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED.
// Be certain to create your own personal account before setting
// REGISTER_CLOSED. 'register_text' (if set) will be displayed prominently on

43
view/theme/redbasic/schema/dark.css
View File

@ -3,6 +3,31 @@
background-color: transparent;
}
textarea, input, select
{
color: #BBB !important;
background: #333 !important;
border-color: #2B2B2B !important;
}
#profile-jot-submit-wrapper {
border-top: none;
padding: 10px 0;
}
#jot-title-wrap {
border-bottom: none;
margin-bottom: 5px;
}
optgroup {
color: #CCC !important;
}
option {
color: $link_colour !important;
}
.vcard, #contact-block, .widget {
background-color: transparent;
border: none;
@ -390,3 +415,21 @@ pre {
box-shadow: 0px 3px 3px #222;
}
.contextual-help-content-open {
background: $nav_bg;
top: 50px;
border-bottom: #555 1px solid;
box-shadow: 0px 3px 3px rgba(85,85,85,0.2);
}
.contextual-help-tool {
opacity: 0.5;
}
.contextual-help-tool:hover {
opacity: 1;
}
.contextual-help-tool i {
color: $link_colour;
}

7
view/theme/redbasic/schema/simple_black_on_white.css
View File

@ -290,3 +290,10 @@ pre {
-webkit-box-shadow: none;
box-shadow: none;
}
.contextual-help-content-open {
background: #FFF;
top: 50px;
}

52
view/theme/redbasic/schema/simple_green_on_black.css
View File

@ -3,6 +3,31 @@
background-color: transparent;
}
textarea, input, select
{
color: $font_colour !important;
background: $bgcolour !important;
border: 1px solid #143D12 !important;
}
#profile-jot-submit-wrapper {
border-top: none;
padding: 10px 0;
}
#jot-title-wrap {
border-bottom: none;
margin-bottom: 5px;
}
optgroup {
color: #32962D !important;
}
option {
color: $link_colour !important;
}
.vcard, #contact-block, .widget {
background-color: transparent;
border: none;
@ -153,22 +178,22 @@ input[type="submit"] {
color: #50f148 !important;
}
nav .dropdown-menu>li>a{
nav .dropdown-menu>li>a {
color: #50f148;
}
nav .dropdown-menu>li>a:hover,nav .dropdown-menu>li>a:focus{
nav .dropdown-menu>li>a:hover,nav .dropdown-menu>li>a:focus {
color: #50f148;
background-color: #143D12;
background-image: none;
}
nav .dropdown-menu .divider{
nav .dropdown-menu .divider {
background-color: #143D12;
}
nav .dropdown-menu>li>a:hover,nav .dropdown-menu>li>a:focus{
nav .dropdown-menu>li>a:hover,nav .dropdown-menu>li>a:focus {
color: #50f148;
background-color: #143D12;
background-image: none;
@ -339,3 +364,22 @@ pre {
-webkit-box-shadow: none;
box-shadow: none;
}
.contextual-help-content-open {
background: $nav_bg;
top: 50px;
border-bottom: #1C5419 1px solid;
box-shadow: 0px 3px 3px rgba(28,84,25,0.2);
}
.contextual-help-tool {
opacity: 0.5;
}
.contextual-help-tool:hover {
opacity: 1;
}
.contextual-help-tool i {
color: $link_colour;
}

44
view/theme/redbasic/schema/simple_white_on_black.css
View File

@ -3,6 +3,31 @@
background-color: transparent;
}
textarea, input, select
{
color: $font_colour !important;
background: $bgcolour !important;
border: 1px solid #FFF !important;
}
#profile-jot-submit-wrapper {
border-top: none;
padding: 10px 0;
}
#jot-title-wrap {
border-bottom: none;
margin-bottom: 5px;
}
optgroup {
color: #FFF !important;
}
option {
color: $link_colour !important;
}
.vcard, #contact-block, .widget {
background-color: transparent;
border: none;
@ -312,3 +337,22 @@ pre {
-webkit-box-shadow: none;
box-shadow: none;
}
.contextual-help-content-open {
background: $nav_bg;
top: 50px;
border-bottom: #FFF 1px solid;
box-shadow: 0px 3px 3px rgba(255,255,255,0.2);
}
.contextual-help-tool {
opacity: 0.5;
}
.contextual-help-tool:hover {
opacity: 1;
}
.contextual-help-tool i {
color: $link_colour;
}

6
view/tpl/acl_selector.tpl
View File

@ -1,3 +1,4 @@
<form>
<div class="modal" id="aclModal">
<div class="modal-dialog">
<div class="modal-content">
@ -59,14 +60,13 @@
</div><!-- /.modal-content -->
</div><!-- /.modal-dialog -->
</div><!-- /.modal -->
</form>
<script>
$('[data-toggle="popover"]').popover(); // Init the popover, if present
if(typeof acl=="undefined"){
acl = new ACL(
baseurl+"/acl",
[ {{$allowcid}},{{$allowgid}},{{$denycid}},{{$denygid}} ]
baseurl+"/acl"
);
}
</script>

6
view/tpl/attach_edit.tpl
View File

@ -1,4 +1,4 @@
<form action="filestorage/{{$channelnick}}/{{$file.id}}/edit" method="post" >
<form id="attach_edit_form_{{$file.id}}" action="filestorage/{{$channelnick}}/{{$file.id}}/edit" method="post" class="acl-form" data-form_id="attach_edit_form_{{$file.id}}" data-allow_cid='{{$allow_cid}}' data-allow_gid='{{$allow_gid}}' data-deny_cid='{{$deny_cid}}' data-deny_gid='{{$deny_gid}}'>
<input type="hidden" name="channelnick" value="{{$channelnick}}" />
<input type="hidden" name="filehash" value="{{$file.hash}}" />
<input type="hidden" name="uid" value="{{$uid}}" />
@ -16,15 +16,13 @@
</button>
</div>
<div id="attach-edit-perms" class="btn-group pull-right">
<button id="dbtn-acl" class="btn btn-default btn-xs" data-toggle="modal" data-target="#aclModal" title="{{$permset}}" onclick="return false;">
<button id="dbtn-acl" class="btn btn-default btn-xs" data-toggle="modal" data-target="#aclModal" title="{{$permset}}" type="button">
<i id="jot-perms-icon" class="fa fa-{{$lockstate}} jot-icons"></i>
</button>
<button id="dbtn-submit" class="btn btn-primary btn-xs" type="submit" name="submit">
{{$submit}}
</button>
</div>
{{$aclselect}}
<div id="link-code" class="form-group">
<label for="">{{$cpldesc}}</label>
<input type="text" class="form-control" id="linkpasteinput" name="cutpasteextlink" value="{{$cloudpath}}" onclick="this.select();"/>

6
view/tpl/chatroom_new.tpl
View File

@ -1,12 +1,12 @@
<div id="chatroom-new" class="section-content-tools-wrapper">
<form action="chat" method="post" >
<form id="chatroom-new-form" action="chat" method="post" class="acl-form" data-form_id="chatroom-new-form" data-allow_cid='{{$allow_cid}}' data-allow_gid='{{$allow_gid}}' data-deny_cid='{{$deny_cid}}' data-deny_gid='{{$deny_gid}}'>
{{include file="field_input.tpl" field=$name}}
{{include file="field_input.tpl" field=$chat_expire}}
{{$acl}}
<div class="btn-group pull-right">
<button id="dbtn-acl" class="btn btn-default" data-toggle="modal" data-target="#aclModal" title="{{$permissions}}" onclick="return false;" ><i id="jot-perms-icon" class="fa fa-{{$lockstate}}"></i></button>
<button id="dbtn-submit" class="btn btn-primary" type="submit" name="submit" value="{{$submit}}">{{$submit}}</button>
<button id="dbtn-submit" class="acl-submit btn btn-primary" type="submit" name="submit" value="{{$submit}}" data-formid="chatroom-new-form">{{$submit}}</button>
</div>
<div class="clear"></div>
</form>
</div>
{{$acl}}

2
view/tpl/chatrooms.tpl
View File

@ -1,7 +1,7 @@
<div class="generic-content-wrapper">
<div class="section-title-wrapper">
{{if $is_owner}}
<button type="button" class="btn btn-success btn-xs pull-right" onclick="openClose('chatroom-new');"><i class="fa fa-plus-circle"></i>&nbsp;{{$newroom}}</button>
<button type="button" class="btn btn-success btn-xs pull-right acl-form-trigger" onclick="openClose('chatroom-new');" data-form_id="chatroom-new-form"><i class="fa fa-plus-circle"></i>&nbsp;{{$newroom}}</button>
{{/if}}
<h2>{{$header}}</h2>
</div>

43
view/tpl/cloud_actionspanel.tpl
View File

@ -1,20 +1,43 @@
<div id="files-mkdir-tools" class="section-content-tools-wrapper">
<label for="files-mkdir">{{$folder_header}}</label>
<form method="post" action="">
<input type="hidden" name="sabreAction" value="mkcol">
<input id="files-mkdir" type="text" name="name" class="form-control form-group">
<button class="btn btn-primary btn-sm pull-right" type="submit" value="{{$folder_submit}}">{{$folder_submit}}</button>
<form id="mkdir-form" method="post" action="file_upload" class="acl-form" data-form_id="mkdir-form" data-allow_cid='{{$allow_cid}}' data-allow_gid='{{$allow_gid}}' data-deny_cid='{{$deny_cid}}' data-deny_gid='{{$deny_gid}}'>
<!--input type="hidden" name="sabreAction" value="mkcol"-->
<input type="hidden" name="folder" value="{{$folder}}" />
<input type="hidden" name="channick" value="{{$channick}}" />
<input type="hidden" name="return_url" value="{{$return_url}}" />
<input id="files-mkdir" type="text" name="filename" class="form-control form-group">
<div class="pull-right btn-group">
<div class="btn-group">
{{if $lockstate}}
<button class="btn btn-default btn-sm" data-toggle="modal" data-target="#aclModal" type="button">
<i class="jot-perms-icon fa fa-{{$lockstate}}"></i>
</button>
{{/if}}
<button class="btn btn-primary btn-sm pull-right" type="submit" value="{{$folder_submit}}">{{$folder_submit}}</button>
</div>
</div>
</form>
<div class="clear"></div>
</div>
<div id="files-upload-tools" class="section-content-tools-wrapper">
{{if $quota.limit || $quota.used}}<div class="{{if $quota.warning}}section-content-danger-wrapper{{else}}section-content-info-wrapper{{/if}}">{{if $quota.warning}}<strong>{{$quota.warning}} </strong>{{/if}}{{$quota.desc}}</div>{{/if}}
<label for="files-upload">{{$upload_header}}</label>
<form method="post" action="" enctype="multipart/form-data">
<input type="hidden" name="sabreAction" value="put">
<input class="form-group" id="files-upload" type="file" name="file">
<button class="btn btn-primary btn-sm pull-right" type="submit" value="{{$upload_submit}}">{{$upload_submit}}</button>
<!-- Name (optional): <input type="text" name="name"> we should rather provide a rename action in edit form-->
<form id="ajax-upload-files" method="post" action="file_upload" enctype="multipart/form-data" class="acl-form" data-form_id="ajax-upload-files" data-allow_cid='{{$allow_cid}}' data-allow_gid='{{$allow_gid}}' data-deny_cid='{{$deny_cid}}' data-deny_gid='{{$deny_gid}}'>
<input type="hidden" name="directory" value="{{$path}}" />
<input type="hidden" name="channick" value="{{$channick}}" />
<input type="hidden" name="return_url" value="{{$return_url}}" />
<label for="files-upload">{{$upload_header}}</label>
<input class="form-group pull-left" id="files-upload" type="file" name="userfile">
<div class="pull-right btn-group">
<div class="btn-group">
{{if $lockstate}}
<button class="btn btn-default btn-sm" data-toggle="modal" data-target="#aclModal" type="button">
<i class="jot-perms-icon fa fa-{{$lockstate}}"></i>
</button>
{{/if}}
<button id="upload-submit" class="btn btn-primary btn-sm pull-right" type="submit" name="submit" value="{{$upload_submit}}">{{$upload_submit}}</button>
</div>
</div>
</form>
<div class="clear"></div>
</div>
{{$aclselect}}

2
view/tpl/cloud_directory.tpl
View File

@ -18,6 +18,7 @@
<td class="hidden-xs"></td>
</tr>
{{/if}}
<tr id="new-upload-progress-bar--1"></tr> {{* this is needed to append the upload files in the right order *}}
{{foreach $entries as $item}}
<tr id="cloud-index-{{$item.attachId}}">
<td><i class="fa {{$item.iconFromType}}" title="{{$item.type}}"></i></td>
@ -38,6 +39,7 @@
<tr id="cloud-tools-{{$item.attachId}}">
<td id="perms-panel-{{$item.attachId}}" colspan="9"></td>
</tr>
{{/foreach}}
</table>
</div>

Some files were not shown because too many files have changed in this diff Show More