From b08de33b0bf6cb866f430899ea7769faaa560622 Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Wed, 7 Nov 2018 10:02:24 +0100 Subject: [PATCH 01/26] fix es-es hstrings.php --- view/es-es/hstrings.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/view/es-es/hstrings.php b/view/es-es/hstrings.php index 2024504a1..a459e10dd 100644 --- a/view/es-es/hstrings.php +++ b/view/es-es/hstrings.php @@ -2,10 +2,10 @@ if(! function_exists("string_plural_select_es_es")) { function string_plural_select_es_es($n){ - return ($n != 1);; + return ($n != 1 ? 1 : 0); }} App::$rtl = 0; -App::$strings["plural_function_code"] = "(n != 1)"; +App::$strings["plural_function_code"] = "(n != 1 ? 1 : 0)"; App::$strings["Can view my channel stream and posts"] = "Pueden verse la actividad y publicaciones de mi canal"; App::$strings["Can send me their channel stream and posts"] = "Se me pueden enviar entradas y contenido de un canal"; App::$strings["Can view my default channel profile"] = "Puede verse mi perfil de canal predeterminado."; From eaf117cce19f0fd78f551fea27f382d3b8b49110 Mon Sep 17 00:00:00 2001 From: Max Kostikov Date: Wed, 7 Nov 2018 18:22:55 +0100 Subject: [PATCH 02/26] Added `If-Modified-Since` header support for better image caching and fixed absent 404 for photos --- Zotlabs/Module/Photo.php | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/Zotlabs/Module/Photo.php b/Zotlabs/Module/Photo.php index d76fca278..d3d82f035 100644 --- a/Zotlabs/Module/Photo.php +++ b/Zotlabs/Module/Photo.php @@ -10,7 +10,7 @@ require_once('include/photos.php'); class Photo extends \Zotlabs\Web\Controller { function init() { - + $prvcachecontrol = false; $streaming = null; $channel = null; @@ -32,6 +32,7 @@ class Photo extends \Zotlabs\Web\Controller { } $observer_xchan = get_observer_hash(); + $ismodified = $_SERVER['HTTP_IF_MODIFIED_SINCE']; if(isset($type)) { @@ -86,6 +87,7 @@ class Photo extends \Zotlabs\Web\Controller { if(intval($r[0]['os_storage'])) $data = file_get_contents($data); } + if(! $data) { $data = fetch_image_from_url($default,$mimetype); } @@ -179,8 +181,19 @@ class Photo extends \Zotlabs\Web\Controller { } } + } else { + http_status_exit(404,'not found'); } } + + header_remove('Pragma'); + + if($ismodified === gmdate("D, d M Y H:i:s", $modified) . " GMT") { + header_remove('Expires'); + header_remove('Cache-Control'); + header_remove('Set-Cookie'); + http_status_exit(304,'not modified'); + } if(! isset($data)) { if(isset($resolution)) { @@ -219,11 +232,6 @@ class Photo extends \Zotlabs\Web\Controller { } - if(function_exists('header_remove')) { - header_remove('Pragma'); - header_remove('pragma'); - } - header("Content-type: " . $mimetype); if($prvcachecontrol) { From 3f6cd5a6634481024853f7823043e6b6ea1e4784 Mon Sep 17 00:00:00 2001 From: Max Kostikov Date: Wed, 7 Nov 2018 19:52:38 +0100 Subject: [PATCH 03/26] Disable image caching if personal or group permissions enabled --- Zotlabs/Module/Photo.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/Zotlabs/Module/Photo.php b/Zotlabs/Module/Photo.php index d3d82f035..09c698b1a 100644 --- a/Zotlabs/Module/Photo.php +++ b/Zotlabs/Module/Photo.php @@ -128,9 +128,7 @@ class Photo extends \Zotlabs\Web\Controller { $photo = substr($photo,0,-2); // If viewing on a high-res screen, attempt to serve a higher resolution image: if ($resolution == 2 && ($cookie_value > 1)) - { $resolution = 1; - } } $r = q("SELECT uid, photo_usage FROM photo WHERE resource_id = '%s' AND imgscale = %d LIMIT 1", @@ -171,6 +169,8 @@ class Photo extends \Zotlabs\Web\Controller { $modified = strtotime($e[0]['edited']); if(intval($e[0]['os_storage'])) $streaming = $data; + if($e[0]['allow_cid'] != '' || $e[0]['allow_gid'] != '' || $e[0]['deny_gid'] != '' || $e[0]['deny_gid'] != '') + $prvcachecontrol = true; } else { if(! $allowed) { @@ -188,13 +188,13 @@ class Photo extends \Zotlabs\Web\Controller { header_remove('Pragma'); - if($ismodified === gmdate("D, d M Y H:i:s", $modified) . " GMT") { + if($ismodified === gmdate("D, d M Y H:i:s", $modified) . " GMT") { header_remove('Expires'); header_remove('Cache-Control'); header_remove('Set-Cookie'); - http_status_exit(304,'not modified'); - } - + http_status_exit(304,'not modified'); + } + if(! isset($data)) { if(isset($resolution)) { switch($resolution) { From 302f49baf2acc23e6ea5da9778eeb18ad97c444c Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Thu, 8 Nov 2018 10:12:33 +0100 Subject: [PATCH 04/26] provide a function to log to syslog --- include/text.php | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/include/text.php b/include/text.php index 15cc0ca8a..076c98407 100644 --- a/include/text.php +++ b/include/text.php @@ -633,6 +633,19 @@ function attribute_contains($attr, $s) { return false; } +/** + * @brief Log to syslog + * + * @param string $msg Message to log + * @param int $priority - compatible with syslog + */ +function hz_syslog($msg, $priority = LOG_INFO) { + openlog("hz-log", LOG_PID | LOG_PERROR, LOG_LOCAL0); + syslog($priority, $msg); + closelog(); +} + + /** * @brief Logging function for Hubzilla. * From e0a0570cc4409943d546ba114f5e9ba5e4aaa5d1 Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Thu, 8 Nov 2018 11:06:44 +0100 Subject: [PATCH 05/26] $data only contains the link to the image if the image is in os storage. The size is calculatet wrong in this case and the download fails. rely on filesize from the db for content-length --- Zotlabs/Module/Photo.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Zotlabs/Module/Photo.php b/Zotlabs/Module/Photo.php index 09c698b1a..de11b41c7 100644 --- a/Zotlabs/Module/Photo.php +++ b/Zotlabs/Module/Photo.php @@ -165,6 +165,7 @@ class Photo extends \Zotlabs\Web\Controller { if($exists && $allowed) { $data = dbunescbin($e[0]['content']); + $filesize = $e[0]['filesize']; $mimetype = $e[0]['mimetype']; $modified = strtotime($e[0]['edited']); if(intval($e[0]['os_storage'])) @@ -261,7 +262,7 @@ class Photo extends \Zotlabs\Web\Controller { } header("Last-Modified: " . gmdate("D, d M Y H:i:s", $modified) . " GMT"); - header("Content-Length: " . strlen($data)); + header("Content-Length: " . $filesize); // If it's a file resource, stream it. From dc0335d1d56f1d76fa170ef0b222560176e074b5 Mon Sep 17 00:00:00 2001 From: Max Kostikov Date: Thu, 8 Nov 2018 11:53:27 +0100 Subject: [PATCH 06/26] Correct "Content-Length:" calculation added --- Zotlabs/Module/Photo.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Zotlabs/Module/Photo.php b/Zotlabs/Module/Photo.php index de11b41c7..e218d1c53 100644 --- a/Zotlabs/Module/Photo.php +++ b/Zotlabs/Module/Photo.php @@ -262,7 +262,7 @@ class Photo extends \Zotlabs\Web\Controller { } header("Last-Modified: " . gmdate("D, d M Y H:i:s", $modified) . " GMT"); - header("Content-Length: " . $filesize); + header("Content-Length: " . (isset($filesize) ? $filesize : strlen($data))); // If it's a file resource, stream it. From 17cf824545a4e059183f0a43af9692a90100c55a Mon Sep 17 00:00:00 2001 From: Max Kostikov Date: Thu, 8 Nov 2018 18:00:18 +0100 Subject: [PATCH 07/26] Return image modification date using HTTP 'Last-Modified' and '304 Not Modified' on remote fetch for caching --- include/photo/photo_driver.php | 238 +++++++++++++++++++-------------- 1 file changed, 141 insertions(+), 97 deletions(-) diff --git a/include/photo/photo_driver.php b/include/photo/photo_driver.php index 2e2f5a758..911b97ade 100644 --- a/include/photo/photo_driver.php +++ b/include/photo/photo_driver.php @@ -570,122 +570,166 @@ function delete_thing_photo($url,$ob_hash) { -function import_xchan_photo($photo,$xchan,$thing = false) { +/** + * @brief fetches an photo from external site and prepares its miniatures. + * + * @param string $photo + * external URL to fetch base image + * @param string $xchan + * channel unique hash + * @param boolean $thing + * TRUE if this is a thing URL + * @param boolean $force + * TRUE if ignore image modification date check (force fetch) + * + * @return array of results + * * \e string \b 0 => local URL to full image + * * \e string \b 1 => local URL to standard thumbnail + * * \e string \b 2 => local URL to micro thumbnail + * * \e string \b 3 => image type + * * \e boolean \b 4 => TRUE if fetch failure + * * \e string \b 5 => modification date + */ - $flags = (($thing) ? PHOTO_THING : PHOTO_XCHAN); - $album = (($thing) ? 'Things' : 'Contact Photos'); +function import_xchan_photo($photo,$xchan,$thing = false,$force = false) { - logger('import_xchan_photo: updating channel photo from ' . $photo . ' for ' . $xchan, LOGGER_DEBUG); + $modified = ''; - if($thing) - $hash = photo_new_resource(); - else { - $r = q("select resource_id from photo where xchan = '%s' and photo_usage = %d and imgscale = 4 limit 1", - dbesc($xchan), - intval(PHOTO_XCHAN) - ); - if($r) { - $hash = $r[0]['resource_id']; - } - else { - $hash = photo_new_resource(); - } - } + $flags = (($thing) ? PHOTO_THING : PHOTO_XCHAN); + $album = (($thing) ? 'Things' : 'Contact Photos'); - $photo_failure = false; - $img_str = ''; + logger('import_xchan_photo: updating channel photo from ' . $photo . ' for ' . $xchan, LOGGER_DEBUG); - if($photo) { - $filename = basename($photo); + if($thing) { + $hash = photo_new_resource(); + } + else { + $r = q("select resource_id, edited, mimetype from photo where xchan = '%s' and photo_usage = %d and imgscale = 4 limit 1", + dbesc($xchan), + intval(PHOTO_XCHAN) + ); + if($r) { + $hash = $r[0]['resource_id']; + $modified = $r[0]['edited']; + $type = $r[0]['mimetype']; + } + else { + $hash = photo_new_resource(); + } + } - $result = z_fetch_url($photo,true); + $photo_failure = false; + $img_str = ''; - if($result['success']) { - $img_str = $result['body']; - $type = guess_image_type($photo, $result['header']); + if($photo) { + $filename = basename($photo); - $h = explode("\n",$result['header']); - if($h) { - foreach($h as $hl) { - if(stristr($hl,'content-type:')) { - if(! stristr($hl,'image/')) { - $photo_failure = true; - } - } - } - } - } - } - else { - $photo_failure = true; - } + if($force || $modified == '') { + $result = z_fetch_url($photo,true); + } + else { + $h = array('headers' => array("If-Modified-Since: " . gmdate("D, d M Y H:i:s", strtotime($modified . "Z")) . " GMT")); + $result = z_fetch_url($photo,true,0,$h); + } - if(! $photo_failure) { - $img = photo_factory($img_str, $type); - if($img->is_valid()) { - $width = $img->getWidth(); - $height = $img->getHeight(); - - if($width && $height) { - if(($width / $height) > 1.2) { - // crop out the sides - $margin = $width - $height; - $img->cropImage(300,($margin / 2),0,$height,$height); - } - elseif(($height / $width) > 1.2) { - // crop out the bottom - $margin = $height - $width; - $img->cropImage(300,0,0,$width,$width); + if($result['success']) { + $img_str = $result['body']; + $type = guess_image_type($photo, $result['header']); + $modified = gmdate('Y-m-d H:i:s', (preg_match('/last-modified: (.+) \S+/i', $result['header'], $o) ? strtotime($o[1] . 'Z') : time())); - } - else { - $img->scaleImageSquare(300); - } + $h = explode("\n",$result['header']); + if($h) { + foreach($h as $hl) { + if(stristr($hl,'content-type:')) { + if(! stristr($hl,'image/')) { + $photo_failure = true; + } + } + } + } + } + elseif($result['return_code'] = 304) { + $photo = z_root() . '/photo/' . $hash . '-4'; + $thumb = z_root() . '/photo/' . $hash . '-5'; + $micro = z_root() . '/photo/' . $hash . '-6'; + } + else { + $photo_failure = true; + } - } - else - $photo_failure = true; + } + else { + $photo_failure = true; + } - $p = array('xchan' => $xchan,'resource_id' => $hash, 'filename' => basename($photo), 'album' => $album, 'photo_usage' => $flags, 'imgscale' => 4); + if(! $photo_failure && $result['return_code'] != 304) { + $img = photo_factory($img_str, $type); + if($img->is_valid()) { + $width = $img->getWidth(); + $height = $img->getHeight(); - $r = $img->save($p); + if($width && $height) { + if(($width / $height) > 1.2) { + // crop out the sides + $margin = $width - $height; + $img->cropImage(300,($margin / 2),0,$height,$height); + } + elseif(($height / $width) > 1.2) { + // crop out the bottom + $margin = $height - $width; + $img->cropImage(300,0,0,$width,$width); - if($r === false) - $photo_failure = true; + } + else { + $img->scaleImageSquare(300); + } - $img->scaleImage(80); - $p['imgscale'] = 5; - - $r = $img->save($p); + } + else + $photo_failure = true; - if($r === false) - $photo_failure = true; - - $img->scaleImage(48); - $p['imgscale'] = 6; - - $r = $img->save($p); + $p = array('xchan' => $xchan,'resource_id' => $hash, 'filename' => basename($photo), 'album' => $album, 'photo_usage' => $flags, 'imgscale' => 4); - if($r === false) - $photo_failure = true; + $r = $img->save($p); - $photo = z_root() . '/photo/' . $hash . '-4'; - $thumb = z_root() . '/photo/' . $hash . '-5'; - $micro = z_root() . '/photo/' . $hash . '-6'; - } - else { - logger('import_xchan_photo: invalid image from ' . $photo); - $photo_failure = true; - } - } - if($photo_failure) { - $photo = z_root() . '/' . get_default_profile_photo(); - $thumb = z_root() . '/' . get_default_profile_photo(80); - $micro = z_root() . '/' . get_default_profile_photo(48); - $type = 'image/png'; - } + if($r === false) + $photo_failure = true; - return(array($photo,$thumb,$micro,$type,$photo_failure)); + $img->scaleImage(80); + $p['imgscale'] = 5; + + $r = $img->save($p); + + if($r === false) + $photo_failure = true; + + $img->scaleImage(48); + $p['imgscale'] = 6; + + $r = $img->save($p); + + if($r === false) + $photo_failure = true; + + $photo = z_root() . '/photo/' . $hash . '-4'; + $thumb = z_root() . '/photo/' . $hash . '-5'; + $micro = z_root() . '/photo/' . $hash . '-6'; + } + else { + logger('import_xchan_photo: invalid image from ' . $photo); + $photo_failure = true; + } + } + if($photo_failure) { + $default = get_default_profile_photo(); + $photo = z_root() . '/' . $default; + $thumb = z_root() . '/' . get_default_profile_photo(80); + $micro = z_root() . '/' . get_default_profile_photo(48); + $type = 'image/png'; + $modified = gmdate('Y-m-d H:i:s', filemtime($default)); + } + + return(array($photo,$thumb,$micro,$type,$photo_failure,$modified)); } From 098ec1abb46c70774a6c239f59c77df4b6437335 Mon Sep 17 00:00:00 2001 From: Max Kostikov Date: Thu, 8 Nov 2018 22:43:17 +0100 Subject: [PATCH 08/26] remove image type double guess by checking HTTP headers --- include/photo/photo_driver.php | 30 +++++++----------------------- 1 file changed, 7 insertions(+), 23 deletions(-) diff --git a/include/photo/photo_driver.php b/include/photo/photo_driver.php index 911b97ade..12465c794 100644 --- a/include/photo/photo_driver.php +++ b/include/photo/photo_driver.php @@ -485,11 +485,11 @@ function guess_image_type($filename, $headers = '') { $h = explode("\n",$headers); foreach ($h as $l) { list($k,$v) = array_map("trim", explode(":", trim($l), 2)); - $hdrs[$k] = $v; + $hdrs[strtolower($k)] = $v; } logger('Curl headers: '.var_export($hdrs, true), LOGGER_DEBUG); - if (array_key_exists('Content-Type', $hdrs)) - $type = $hdrs['Content-Type']; + if (array_key_exists('content-type', $hdrs)) + $type = $hdrs['content-type']; } if (is_null($type)){ @@ -637,16 +637,8 @@ function import_xchan_photo($photo,$xchan,$thing = false,$force = false) { $type = guess_image_type($photo, $result['header']); $modified = gmdate('Y-m-d H:i:s', (preg_match('/last-modified: (.+) \S+/i', $result['header'], $o) ? strtotime($o[1] . 'Z') : time())); - $h = explode("\n",$result['header']); - if($h) { - foreach($h as $hl) { - if(stristr($hl,'content-type:')) { - if(! stristr($hl,'image/')) { - $photo_failure = true; - } - } - } - } + if(is_null($type)) + $photo_failure = true; } elseif($result['return_code'] = 304) { $photo = z_root() . '/photo/' . $hash . '-4'; @@ -744,16 +736,8 @@ function import_channel_photo_from_url($photo,$aid,$uid) { $img_str = $result['body']; $type = guess_image_type($photo, $result['header']); - $h = explode("\n",$result['header']); - if($h) { - foreach($h as $hl) { - if(stristr($hl,'content-type:')) { - if(! stristr($hl,'image/')) { - $photo_failure = true; - } - } - } - } + if(is_null($type)) + $photo_failure = true; } } else { From 2c4bd9a3fe958ee2e4695f3971bf3bf3ccf6cddb Mon Sep 17 00:00:00 2001 From: Max Kostikov Date: Fri, 9 Nov 2018 10:03:58 +0100 Subject: [PATCH 09/26] Workaround for local resource path to photo from Diaspora --- include/network.php | 1 + 1 file changed, 1 insertion(+) diff --git a/include/network.php b/include/network.php index d37da05f7..baa8ec40d 100644 --- a/include/network.php +++ b/include/network.php @@ -1963,6 +1963,7 @@ function scrape_vcard($url) { } } + $ret['photo'] = (filter_var($ret['photo'], FILTER_VALIDATE_URL) ? $ret['photo'] : substr($ret['url'], 0, -1) . $ret['photo']); return $ret; } From 108a892a11d737a80c1736defd1b40ba81449812 Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Fri, 9 Nov 2018 05:31:55 -0500 Subject: [PATCH 10/26] Remove DNS check for database connection during installation. Causes friction with Docker deployment. --- include/dba/dba_driver.php | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/include/dba/dba_driver.php b/include/dba/dba_driver.php index 9533acc7f..ee0e06a91 100755 --- a/include/dba/dba_driver.php +++ b/include/dba/dba_driver.php @@ -173,14 +173,14 @@ abstract class dba_driver { return false; } - if(strlen($server) && ($server !== 'localhost') && ($server !== '127.0.0.1') && (! strpbrk($server,':;'))) { - if(! z_dns_check($server)) { - $this->error = sprintf( t('Cannot locate DNS info for database server \'%s\''), $server); - $this->connected = false; - $this->db = null; - return false; - } - } + // if(strlen($server) && ($server !== 'localhost') && ($server !== '127.0.0.1') && (! strpbrk($server,':;'))) { + // if(! z_dns_check($server)) { + // $this->error = sprintf( t('Cannot locate DNS info for database server \'%s\''), $server); + // $this->connected = false; + // $this->db = null; + // return false; + // } + // } return true; } @@ -468,7 +468,7 @@ function db_columns($table) { if(ACTIVE_DBTYPE === DBTYPE_POSTGRES) { $r = q("SELECT column_name as field FROM information_schema.columns WHERE table_schema = 'public' AND table_name = '%s'", dbesc($table) - ); + ); if($r) { return ids_to_array($r,'field'); } From dc59561a95f8354209f423a07bfd7fb3381f3633 Mon Sep 17 00:00:00 2001 From: Max Kostikov Date: Fri, 9 Nov 2018 22:17:11 +0100 Subject: [PATCH 11/26] Fixed timezone conversion --- Zotlabs/Module/Photo.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Zotlabs/Module/Photo.php b/Zotlabs/Module/Photo.php index e218d1c53..6d2c400a9 100644 --- a/Zotlabs/Module/Photo.php +++ b/Zotlabs/Module/Photo.php @@ -80,7 +80,7 @@ class Photo extends \Zotlabs\Web\Controller { intval(PHOTO_PROFILE) ); if($r) { - $modified = strtotime($r[0]['edited']); + $modified = strtotime($r[0]['edited'] . "Z"); $data = dbunescbin($r[0]['content']); $mimetype = $r[0]['mimetype']; } @@ -167,7 +167,7 @@ class Photo extends \Zotlabs\Web\Controller { $data = dbunescbin($e[0]['content']); $filesize = $e[0]['filesize']; $mimetype = $e[0]['mimetype']; - $modified = strtotime($e[0]['edited']); + $modified = strtotime($e[0]['edited'] . 'Z'); if(intval($e[0]['os_storage'])) $streaming = $data; if($e[0]['allow_cid'] != '' || $e[0]['allow_gid'] != '' || $e[0]['deny_gid'] != '' || $e[0]['deny_gid'] != '') @@ -193,7 +193,7 @@ class Photo extends \Zotlabs\Web\Controller { header_remove('Expires'); header_remove('Cache-Control'); header_remove('Set-Cookie'); - http_status_exit(304,'not modified'); + http_status_exit(304,'not modified'); } if(! isset($data)) { @@ -261,7 +261,7 @@ class Photo extends \Zotlabs\Web\Controller { } - header("Last-Modified: " . gmdate("D, d M Y H:i:s", $modified) . " GMT"); + header("Last-Modified: " . gmdate("D, d M Y H:i:s", $modified . "Z") . " GMT"); header("Content-Length: " . (isset($filesize) ? $filesize : strlen($data))); // If it's a file resource, stream it. From 32873ce70d7ee22fd95afa66f2c70637aaeef642 Mon Sep 17 00:00:00 2001 From: Max Kostikov Date: Fri, 9 Nov 2018 22:20:41 +0100 Subject: [PATCH 12/26] Preserve received image modification date on caching --- include/photo/photo_driver.php | 27 ++++++++++++++++----------- 1 file changed, 16 insertions(+), 11 deletions(-) diff --git a/include/photo/photo_driver.php b/include/photo/photo_driver.php index 12465c794..a4866bb60 100644 --- a/include/photo/photo_driver.php +++ b/include/photo/photo_driver.php @@ -350,8 +350,7 @@ abstract class photo_driver { $p['allow_gid'] = (($arr['allow_gid']) ? $arr['allow_gid'] : ''); $p['deny_cid'] = (($arr['deny_cid']) ? $arr['deny_cid'] : ''); $p['deny_gid'] = (($arr['deny_gid']) ? $arr['deny_gid'] : ''); - $p['created'] = (($arr['created']) ? $arr['created'] : datetime_convert()); - $p['edited'] = (($arr['edited']) ? $arr['edited'] : $p['created']); + $p['edited'] = (($arr['edited']) ? $arr['edited'] : datetime_convert()); $p['title'] = (($arr['title']) ? $arr['title'] : ''); $p['description'] = (($arr['description']) ? $arr['description'] : ''); $p['photo_usage'] = intval($arr['photo_usage']); @@ -365,13 +364,15 @@ abstract class photo_driver { if(! intval($p['imgscale'])) logger('save: ' . print_r($arr,true), LOGGER_DATA); - $x = q("select id from photo where resource_id = '%s' and uid = %d and xchan = '%s' and imgscale = %d limit 1", + $x = q("select id, created from photo where resource_id = '%s' and uid = %d and xchan = '%s' and imgscale = %d limit 1", dbesc($p['resource_id']), intval($p['uid']), dbesc($p['xchan']), intval($p['imgscale']) ); + if($x) { + $p['created'] = (($x['created']) ? $x['created'] : $p['edited']); $r = q("UPDATE photo set aid = %d, uid = %d, @@ -427,6 +428,7 @@ abstract class photo_driver { ); } else { + $p['created'] = (($arr['created']) ? $arr['created'] : $p['edited']); $r = q("INSERT INTO photo ( aid, uid, xchan, resource_id, created, edited, filename, mimetype, album, height, width, content, os_storage, filesize, imgscale, photo_usage, title, description, os_path, display_path, allow_cid, allow_gid, deny_cid, deny_gid ) VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d, %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' )", @@ -464,11 +466,6 @@ abstract class photo_driver { - - - - - /** * Guess image mimetype from filename or from Content-Type header * @@ -650,9 +647,8 @@ function import_xchan_photo($photo,$xchan,$thing = false,$force = false) { } } - else { + else $photo_failure = true; - } if(! $photo_failure && $result['return_code'] != 304) { $img = photo_factory($img_str, $type); @@ -680,7 +676,15 @@ function import_xchan_photo($photo,$xchan,$thing = false,$force = false) { else $photo_failure = true; - $p = array('xchan' => $xchan,'resource_id' => $hash, 'filename' => basename($photo), 'album' => $album, 'photo_usage' => $flags, 'imgscale' => 4); + $p = array( + 'xchan' => $xchan, + 'resource_id' => $hash, + 'filename' => basename($photo), + 'album' => $album, + 'photo_usage' => $flags, + 'imgscale' => 4, + 'edited' => $modified + ); $r = $img->save($p); @@ -721,6 +725,7 @@ function import_xchan_photo($photo,$xchan,$thing = false,$force = false) { $modified = gmdate('Y-m-d H:i:s', filemtime($default)); } + logger('HTTP code: ' . $result['return_code'] . '; modified: ' . $modified . '; failure: ' . ($photo_failure ? 'yes' : 'no') . '; URL: ' . $photo, LOGGER_DEBUG); return(array($photo,$thumb,$micro,$type,$photo_failure,$modified)); } From f7b00c62a4f9a13cf7737697b89df45342c55ea2 Mon Sep 17 00:00:00 2001 From: Max Kostikov Date: Sat, 10 Nov 2018 10:05:28 +0100 Subject: [PATCH 13/26] Remove unnecessary Zulu timezone mention --- Zotlabs/Module/Photo.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Zotlabs/Module/Photo.php b/Zotlabs/Module/Photo.php index 6d2c400a9..95e3404fb 100644 --- a/Zotlabs/Module/Photo.php +++ b/Zotlabs/Module/Photo.php @@ -261,7 +261,7 @@ class Photo extends \Zotlabs\Web\Controller { } - header("Last-Modified: " . gmdate("D, d M Y H:i:s", $modified . "Z") . " GMT"); + header("Last-Modified: " . gmdate("D, d M Y H:i:s", $modified) . " GMT"); header("Content-Length: " . (isset($filesize) ? $filesize : strlen($data))); // If it's a file resource, stream it. From d20759c1419ae905e70c7bc6b8acaf3e3918d210 Mon Sep 17 00:00:00 2001 From: Max Kostikov Date: Sat, 10 Nov 2018 11:11:23 +0100 Subject: [PATCH 14/26] Do not return default images from vCard --- include/network.php | 1 - 1 file changed, 1 deletion(-) diff --git a/include/network.php b/include/network.php index baa8ec40d..d37da05f7 100644 --- a/include/network.php +++ b/include/network.php @@ -1963,7 +1963,6 @@ function scrape_vcard($url) { } } - $ret['photo'] = (filter_var($ret['photo'], FILTER_VALIDATE_URL) ? $ret['photo'] : substr($ret['url'], 0, -1) . $ret['photo']); return $ret; } From fc5dc9717a707438de91b3c42a1edc3a39aa6022 Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Sat, 10 Nov 2018 11:31:06 +0100 Subject: [PATCH 15/26] fix shared_header img expanding to 100% width when sharing a share --- view/theme/redbasic/css/style.css | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/view/theme/redbasic/css/style.css b/view/theme/redbasic/css/style.css index ddf3d1295..01734558b 100644 --- a/view/theme/redbasic/css/style.css +++ b/view/theme/redbasic/css/style.css @@ -879,26 +879,25 @@ div.jGrowl div.jGrowl-notification { .shared_header img { border-radius: $radius; margin-right: 10px; + width: auto; } .tag1 { font-size : 0.9em !important; } + .tag2 { font-size : 1.0em !important; } - .tag3 { font-size : 1.1em !important; } - .tag4 { font-size : 1.2em !important; } - .tag5 { font-size : 1.3em !important; } @@ -918,12 +917,10 @@ div.jGrowl div.jGrowl-notification { font-size : 1.6em !important; } - .tag9 { font-size : 1.7em !important; } - .tag10 { font-size : 1.8em !important; } From d34423fce9c581bab03b7fa42721b84805d7be24 Mon Sep 17 00:00:00 2001 From: Max Kostikov Date: Sat, 10 Nov 2018 11:53:49 +0100 Subject: [PATCH 16/26] Fixed wrong value assign on compare with 0 --- include/photo/photo_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/photo/photo_driver.php b/include/photo/photo_driver.php index a4866bb60..cced7bf03 100644 --- a/include/photo/photo_driver.php +++ b/include/photo/photo_driver.php @@ -637,7 +637,7 @@ function import_xchan_photo($photo,$xchan,$thing = false,$force = false) { if(is_null($type)) $photo_failure = true; } - elseif($result['return_code'] = 304) { + elseif($result['return_code'] === 304) { $photo = z_root() . '/photo/' . $hash . '-4'; $thumb = z_root() . '/photo/' . $hash . '-5'; $micro = z_root() . '/photo/' . $hash . '-6'; From c6e14a696e7942c26319b57f197826018b427002 Mon Sep 17 00:00:00 2001 From: Max Kostikov Date: Sat, 10 Nov 2018 11:56:34 +0100 Subject: [PATCH 17/26] Fixed wrong value assign on compare with 0 --- include/photo/photo_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/photo/photo_driver.php b/include/photo/photo_driver.php index a4866bb60..cced7bf03 100644 --- a/include/photo/photo_driver.php +++ b/include/photo/photo_driver.php @@ -637,7 +637,7 @@ function import_xchan_photo($photo,$xchan,$thing = false,$force = false) { if(is_null($type)) $photo_failure = true; } - elseif($result['return_code'] = 304) { + elseif($result['return_code'] === 304) { $photo = z_root() . '/photo/' . $hash . '-4'; $thumb = z_root() . '/photo/' . $hash . '-5'; $micro = z_root() . '/photo/' . $hash . '-6'; From b57d296adccc54131df9b0271a29e385b2095454 Mon Sep 17 00:00:00 2001 From: Max Kostikov Date: Sat, 10 Nov 2018 20:35:14 +0100 Subject: [PATCH 18/26] Preserve photo modification date --- Zotlabs/Module/Photos.php | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/Zotlabs/Module/Photos.php b/Zotlabs/Module/Photos.php index 78bfb1f09..03fd8a53d 100644 --- a/Zotlabs/Module/Photos.php +++ b/Zotlabs/Module/Photos.php @@ -263,7 +263,8 @@ class Photos extends \Zotlabs\Web\Controller { $fsize = strlen($data); } - $x = q("update photo set content = '%s', filesize = %d, height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 0", + $x = q("update photo set edited = '%s', content = '%s', filesize = %d, height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 0", + dbesc(datetime_convert()), dbescbin($data), intval($fsize), intval($height), @@ -278,7 +279,8 @@ class Photos extends \Zotlabs\Web\Controller { $width = $ph->getWidth(); $height = $ph->getHeight(); - $x = q("update photo set content = '%s', height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 1", + $x = q("update photo set edited = '%s', content = '%s', height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 1", + dbesc(datetime_convert()), dbescbin($ph->imageString()), intval($height), intval($width), @@ -293,7 +295,8 @@ class Photos extends \Zotlabs\Web\Controller { $width = $ph->getWidth(); $height = $ph->getHeight(); - $x = q("update photo set content = '%s', height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 2", + $x = q("update photo set edited = '%s', content = '%s', height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 2", + dbesc(datetime_convert()), dbescbin($ph->imageString()), intval($height), intval($width), @@ -308,7 +311,8 @@ class Photos extends \Zotlabs\Web\Controller { $width = $ph->getWidth(); $height = $ph->getHeight(); - $x = q("update photo set content = '%s', height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 3", + $x = q("update photo set edited = '%s', content = '%s', height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 3", + dbesc(datetime_convert()), dbescbin($ph->imageString()), intval($height), intval($width), From a49cfa81425b24c4c2b52eec67dd82649cd1bf61 Mon Sep 17 00:00:00 2001 From: Max Kostikov Date: Sat, 10 Nov 2018 20:45:20 +0100 Subject: [PATCH 19/26] Update photo_driver.php --- include/photo/photo_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/photo/photo_driver.php b/include/photo/photo_driver.php index cced7bf03..4173d727e 100644 --- a/include/photo/photo_driver.php +++ b/include/photo/photo_driver.php @@ -637,7 +637,7 @@ function import_xchan_photo($photo,$xchan,$thing = false,$force = false) { if(is_null($type)) $photo_failure = true; } - elseif($result['return_code'] === 304) { + elseif($result['return_code'] == 304) { $photo = z_root() . '/photo/' . $hash . '-4'; $thumb = z_root() . '/photo/' . $hash . '-5'; $micro = z_root() . '/photo/' . $hash . '-6'; From c335719e8f16590cae1b8ac344b703e8fd862ca0 Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Sun, 11 Nov 2018 14:46:35 +0100 Subject: [PATCH 20/26] use the correct javascript function for this case --- view/tpl/activity_filter_widget.tpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/view/tpl/activity_filter_widget.tpl b/view/tpl/activity_filter_widget.tpl index 1eb11c10f..7d10100ba 100644 --- a/view/tpl/activity_filter_widget.tpl +++ b/view/tpl/activity_filter_widget.tpl @@ -17,7 +17,7 @@ From 7bd60adfbed67999fcb84c11e2eda90bc707b25c Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Mon, 12 Nov 2018 09:35:12 +0100 Subject: [PATCH 21/26] fix css issues in bbcode conversion and focus-light schema --- include/bbcode.php | 12 ++++++------ view/theme/redbasic/css/style.css | 5 ----- view/theme/redbasic/schema/Focus-Light.php | 3 ++- 3 files changed, 8 insertions(+), 12 deletions(-) diff --git a/include/bbcode.php b/include/bbcode.php index 137e25a9c..c5d6ef998 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -1198,24 +1198,24 @@ function bbcode($Text, $options = []) { // Images // [img]pathtoimage[/img] if (strpos($Text,'[/img]') !== false) { - $Text = preg_replace("/\[img\](.*?)\[\/img\]/ism", '' . t('Image/photo') . '', $Text); + $Text = preg_replace("/\[img\](.*?)\[\/img\]/ism", '' . t('Image/photo') . '', $Text); } if (strpos($Text,'[/zmg]') !== false) { - $Text = preg_replace("/\[zmg\](.*?)\[\/zmg\]/ism", '' . t('Image/photo') . '', $Text); + $Text = preg_replace("/\[zmg\](.*?)\[\/zmg\]/ism", '' . t('Image/photo') . '', $Text); } // [img float={left, right}]pathtoimage[/img] if (strpos($Text,'[/img]') !== false) { - $Text = preg_replace("/\[img float=left\](.*?)\[\/img\]/ism", '' . t('Image/photo') . '', $Text); + $Text = preg_replace("/\[img float=left\](.*?)\[\/img\]/ism", '' . t('Image/photo') . '', $Text); } if (strpos($Text,'[/img]') !== false) { - $Text = preg_replace("/\[img float=right\](.*?)\[\/img\]/ism", '' . t('Image/photo') . '', $Text); + $Text = preg_replace("/\[img float=right\](.*?)\[\/img\]/ism", '' . t('Image/photo') . '', $Text); } if (strpos($Text,'[/zmg]') !== false) { - $Text = preg_replace("/\[zmg float=left\](.*?)\[\/zmg\]/ism", '' . t('Image/photo') . '', $Text); + $Text = preg_replace("/\[zmg float=left\](.*?)\[\/zmg\]/ism", '' . t('Image/photo') . '', $Text); } if (strpos($Text,'[/zmg]') !== false) { - $Text = preg_replace("/\[zmg float=right\](.*?)\[\/zmg\]/ism", '' . t('Image/photo') . '', $Text); + $Text = preg_replace("/\[zmg float=right\](.*?)\[\/zmg\]/ism", '' . t('Image/photo') . '', $Text); } // [img=widthxheight]pathtoimage[/img] diff --git a/view/theme/redbasic/css/style.css b/view/theme/redbasic/css/style.css index 01734558b..f2c1b7a48 100644 --- a/view/theme/redbasic/css/style.css +++ b/view/theme/redbasic/css/style.css @@ -872,14 +872,9 @@ div.jGrowl div.jGrowl-notification { margin-left: 20px; } -.reshared-content img { - width: 100%; -} - .shared_header img { border-radius: $radius; margin-right: 10px; - width: auto; } .tag1 { diff --git a/view/theme/redbasic/schema/Focus-Light.php b/view/theme/redbasic/schema/Focus-Light.php index 14ee130d9..8a542d1b8 100644 --- a/view/theme/redbasic/schema/Focus-Light.php +++ b/view/theme/redbasic/schema/Focus-Light.php @@ -3,10 +3,11 @@ if (! $nav_bg) $nav_bg = "#f8f9fa"; if (! $nav_icon_colour) - $nav_icon_colour = "rgba(0, 0, 0, 0.5);"; + $nav_icon_colour = "rgba(0, 0, 0, 0.5)"; if (! $nav_active_icon_colour) $nav_active_icon_colour = "rgba(0, 0, 0, 0.7)"; if (! $radius) $radius = "4px"; if (! $banner_colour) $banner_colour = "rgba(0, 0, 0, 0.7)"; + From 4a6b45cf048f4561cbeecab9a487ce55cdc4ddfd Mon Sep 17 00:00:00 2001 From: zotlabs Date: Mon, 12 Nov 2018 11:13:36 -0800 Subject: [PATCH 22/26] enotify::format hook for superblock --- Zotlabs/Lib/Enotify.php | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/Zotlabs/Lib/Enotify.php b/Zotlabs/Lib/Enotify.php index cfb0bd344..25c96d9cc 100644 --- a/Zotlabs/Lib/Enotify.php +++ b/Zotlabs/Lib/Enotify.php @@ -825,7 +825,7 @@ class Enotify { // convert this logic into a json array just like the system notifications - return array( + $x = array( 'notify_link' => $item['llink'], 'name' => $item['author']['xchan_name'], 'url' => $item['author']['xchan_url'], @@ -835,9 +835,19 @@ class Enotify { 'b64mid' => ((in_array($item['verb'], [ACTIVITY_LIKE, ACTIVITY_DISLIKE])) ? 'b64.' . base64url_encode($item['thr_parent']) : 'b64.' . base64url_encode($item['mid'])), 'notify_id' => 'undefined', 'thread_top' => (($item['item_thread_top']) ? true : false), - 'message' => strip_tags(bbcode($itemem_text)) + 'message' => strip_tags(bbcode($itemem_text)), + // these are for the superblock addon + 'hash' => $item['author']['xchan_hash'], + 'uid' => local_channel(), + 'display' => true ); + call_hooks('enotify_format',$x); + if(! $x['display']) { + return []; + } + + return $x; } } From 6375f2d73a0c314e8de12071f1e604e59d8c76de Mon Sep 17 00:00:00 2001 From: Max Kostikov Date: Tue, 13 Nov 2018 11:25:14 +0100 Subject: [PATCH 23/26] Replace fetch_image_from_url() with z_fetch_url() --- Zotlabs/Module/Photo.php | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/Zotlabs/Module/Photo.php b/Zotlabs/Module/Photo.php index 95e3404fb..69685a257 100644 --- a/Zotlabs/Module/Photo.php +++ b/Zotlabs/Module/Photo.php @@ -89,11 +89,11 @@ class Photo extends \Zotlabs\Web\Controller { } if(! $data) { - $data = fetch_image_from_url($default,$mimetype); - } - if(! $mimetype) { + $x = z_fetch_url($default,true,0,[ 'novalidate' => true ]); + $data = $x['body']; $mimetype = 'image/png'; } + } else { @@ -200,19 +200,22 @@ class Photo extends \Zotlabs\Web\Controller { if(isset($resolution)) { switch($resolution) { case 4: - $data = fetch_image_from_url(z_root() . '/' . get_default_profile_photo(),$mimetype); + $default = z_root() . '/' . get_default_profile_photo(); break; case 5: - $data = fetch_image_from_url(z_root() . '/' . get_default_profile_photo(80),$mimetype); + $default = z_root() . '/' . get_default_profile_photo(80); break; case 6: - $data = fetch_image_from_url(z_root() . '/' . get_default_profile_photo(48),$mimetype); + $default = z_root() . '/' . get_default_profile_photo(48); break; default: killme(); // NOTREACHED break; } + $x = z_fetch_url($default,true,0,[ 'novalidate' => true ]); + $data = $x['body']; + $mimetype = 'image/png'; } } From b38ffef2be2ca4d53128768d3adb267985f4f856 Mon Sep 17 00:00:00 2001 From: Max Kostikov Date: Tue, 13 Nov 2018 11:25:46 +0100 Subject: [PATCH 24/26] Revert "Replace fetch_image_from_url() with z_fetch_url()" This reverts commit 6375f2d73a0c314e8de12071f1e604e59d8c76de --- Zotlabs/Module/Photo.php | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/Zotlabs/Module/Photo.php b/Zotlabs/Module/Photo.php index 69685a257..95e3404fb 100644 --- a/Zotlabs/Module/Photo.php +++ b/Zotlabs/Module/Photo.php @@ -89,11 +89,11 @@ class Photo extends \Zotlabs\Web\Controller { } if(! $data) { - $x = z_fetch_url($default,true,0,[ 'novalidate' => true ]); - $data = $x['body']; + $data = fetch_image_from_url($default,$mimetype); + } + if(! $mimetype) { $mimetype = 'image/png'; } - } else { @@ -200,22 +200,19 @@ class Photo extends \Zotlabs\Web\Controller { if(isset($resolution)) { switch($resolution) { case 4: - $default = z_root() . '/' . get_default_profile_photo(); + $data = fetch_image_from_url(z_root() . '/' . get_default_profile_photo(),$mimetype); break; case 5: - $default = z_root() . '/' . get_default_profile_photo(80); + $data = fetch_image_from_url(z_root() . '/' . get_default_profile_photo(80),$mimetype); break; case 6: - $default = z_root() . '/' . get_default_profile_photo(48); + $data = fetch_image_from_url(z_root() . '/' . get_default_profile_photo(48),$mimetype); break; default: killme(); // NOTREACHED break; } - $x = z_fetch_url($default,true,0,[ 'novalidate' => true ]); - $data = $x['body']; - $mimetype = 'image/png'; } } From 35e66770be6ca93c9090cdab221e6c33a410a569 Mon Sep 17 00:00:00 2001 From: "DM42.Net (Matt Dent)" Date: Tue, 13 Nov 2018 17:20:21 -0500 Subject: [PATCH 25/26] Filter search box before display --- include/text.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/text.php b/include/text.php index 076c98407..da18080dd 100644 --- a/include/text.php +++ b/include/text.php @@ -1075,7 +1075,7 @@ function micropro($contact, $redirect = false, $class = '', $mode = false) { function search($s,$id='search-box',$url='/search',$save = false) { return replace_macros(get_markup_template('searchbox.tpl'),array( - '$s' => $s, + '$s' => htmlspecialchars($s), '$id' => $id, '$action_url' => z_root() . $url, '$search_label' => t('Search'), From 31f4d9066b6bffcbe539f293bf814c418f1523cf Mon Sep 17 00:00:00 2001 From: zotlabs Date: Tue, 13 Nov 2018 14:23:56 -0800 Subject: [PATCH 26/26] xss in search --- Zotlabs/Module/Search.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Zotlabs/Module/Search.php b/Zotlabs/Module/Search.php index e520c671d..272bbdac1 100644 --- a/Zotlabs/Module/Search.php +++ b/Zotlabs/Module/Search.php @@ -6,7 +6,7 @@ class Search extends \Zotlabs\Web\Controller { function init() { if(x($_REQUEST,'search')) - \App::$data['search'] = $_REQUEST['search']; + \App::$data['search'] = escape_tags($_REQUEST['search']); } @@ -46,12 +46,12 @@ class Search extends \Zotlabs\Web\Controller { if(x(\App::$data,'search')) $search = trim(\App::$data['search']); else - $search = ((x($_GET,'search')) ? trim(rawurldecode($_GET['search'])) : ''); + $search = ((x($_GET,'search')) ? trim(escape_tags(rawurldecode($_GET['search']))) : ''); $tag = false; if(x($_GET,'tag')) { $tag = true; - $search = ((x($_GET,'tag')) ? trim(rawurldecode($_GET['tag'])) : ''); + $search = ((x($_GET,'tag')) ? trim(escape_tags(rawurldecode($_GET['tag']))) : ''); } $static = ((array_key_exists('static',$_REQUEST)) ? intval($_REQUEST['static']) : 0);