From cdc52ba88418f4289f8712ade232e429242f82e7 Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 12 Jan 2015 16:27:27 -0800 Subject: [PATCH 01/12] change deletion behaviour of linked photo items. Previously deleting the visible item in the conversation deleted the photo as well. Now photos must be deleted in the photos module. Deleting the linked item removes any attached conversation elements (likes, etc.) and sets the conversation item to hidden. This may create an issue in the future if we move the photo tags, title, or other photo elements to the linked item rather than the photo. Noting here so this can potentially be discovered and remembered at that time. --- include/items.php | 40 ++++++++++++---------------------------- mod/photos.php | 2 +- 2 files changed, 13 insertions(+), 29 deletions(-) diff --git a/include/items.php b/include/items.php index 4c533aedc..e9e78acc5 100755 --- a/include/items.php +++ b/include/items.php @@ -3939,7 +3939,7 @@ function drop_items($items) { // $stage = 1 => set deleted flag on the item and perform intial notifications // $stage = 2 => perform low level delete at a later stage -function drop_item($id,$interactive = true,$stage = DROPITEM_NORMAL) { +function drop_item($id,$interactive = true,$stage = DROPITEM_NORMAL,$force = false) { $a = get_app(); @@ -3959,6 +3959,8 @@ function drop_item($id,$interactive = true,$stage = DROPITEM_NORMAL) { $item = $r[0]; + $linked_item = (($item['resource_id']) ? true : false); + $ok_to_delete = false; // system deletion @@ -3980,10 +3982,11 @@ function drop_item($id,$interactive = true,$stage = DROPITEM_NORMAL) { // hook calls a remote process which loops. We'll delete it properly in a second. $r = q("UPDATE item SET item_restrict = ( item_restrict | %d ) WHERE id = %d", - intval(ITEM_DELETED), + intval(($linked_item && ! $force) ? ITEM_HIDDEN : ITEM_DELETED), intval($item['id']) ); + $arr = array('item' => $item, 'interactive' => $interactive, 'stage' => $stage); call_hooks('drop_item', $arr ); @@ -3995,10 +3998,10 @@ function drop_item($id,$interactive = true,$stage = DROPITEM_NORMAL) { ); if($items) { foreach($items as $i) - delete_item_lowlevel($i,$stage); + delete_item_lowlevel($i,$stage,$force); } else - delete_item_lowlevel($item,$stage); + delete_item_lowlevel($item,$stage,$force); if(! $interactive) return 1; @@ -4030,8 +4033,9 @@ function drop_item($id,$interactive = true,$stage = DROPITEM_NORMAL) { // It merely destroys all resources associated with an item. // Please do not use without a suitable wrapper. -function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) { +function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL,$force = false) { + $linked_item = (($item['resource_id']) ? true : false); switch($stage) { case DROPITEM_PHASE2: @@ -4047,7 +4051,7 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) { case DROPITEM_PHASE1: $r = q("UPDATE item SET item_restrict = ( item_restrict | %d ), changed = '%s', edited = '%s' WHERE id = %d", - intval(ITEM_DELETED), + intval(($linked_item && ! $force) ? ITEM_HIDDEN : ITEM_DELETED), dbesc(datetime_convert()), dbesc(datetime_convert()), intval($item['id']) @@ -4058,7 +4062,7 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) { default: $r = q("UPDATE item SET item_restrict = ( item_restrict | %d ), body = '', title = '', changed = '%s', edited = '%s' WHERE id = %d", - intval(ITEM_DELETED), + intval(($linked_item && ! $force) ? ITEM_HIDDEN : ITEM_DELETED), dbesc(datetime_convert()), dbesc(datetime_convert()), intval($item['id']) @@ -4074,25 +4078,6 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) { intval($item['uid']) ); - // If item is a link to a photo/event resource, nuke all the associated photos/events - // This only applies to photos uploaded from the photos page. Photos inserted into a post do not - // generate a resource_id and therefore aren't intimately linked to the item. - - if(strlen($item['resource_id'])) { - if($item['resource_type'] === 'event') { - q("delete from event where event_hash = '%s' and uid = %d", - dbesc($item['resource_id']), - intval($item['uid']) - ); - } - elseif($item['resource_type'] === 'photo') { - q("DELETE FROM `photo` WHERE `resource_id` = '%s' AND `uid` = %d ", - dbesc($item['resource_id']), - intval($item['uid']) - ); - } - } - // network deletion request. Keep the message structure so that we can deliver delete notifications. // Come back after several days (or perhaps a month) to do the lowlevel delete (DROPITEM_PHASE2). @@ -4115,8 +4100,7 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) { intval(TERM_OBJ_POST) ); -// FIXME remove notifications for this item - + // FIXME remove notifications for this item return true; } diff --git a/mod/photos.php b/mod/photos.php index df9880c8d..92a2d8e24 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -140,7 +140,7 @@ function photos_post(&$a) { ); if($r) { foreach($r as $i) { - drop_item($i['id'],false); + drop_item($i['id'],false,DROPITEM_PHASE1,true /* force removal of linked items */); if(! $item_restrict) proc_run('php','include/notifier.php','drop',$i['id']); } From 66cef7531a182dcf122ddb2ea695628b4d083bd8 Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 12 Jan 2015 16:36:10 -0800 Subject: [PATCH 02/12] don't wipe out the item body of a linked item to a photo when doing a normal delete and not forced --- include/items.php | 25 ++++++++++++++++++------- 1 file changed, 18 insertions(+), 7 deletions(-) diff --git a/include/items.php b/include/items.php index e9e78acc5..dd9dbc7f9 100755 --- a/include/items.php +++ b/include/items.php @@ -4060,13 +4060,24 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL,$force = false) { case DROPITEM_NORMAL: default: - $r = q("UPDATE item SET item_restrict = ( item_restrict | %d ), body = '', title = '', - changed = '%s', edited = '%s' WHERE id = %d", - intval(($linked_item && ! $force) ? ITEM_HIDDEN : ITEM_DELETED), - dbesc(datetime_convert()), - dbesc(datetime_convert()), - intval($item['id']) - ); + if($linked_item && ! $force) { + $r = q("UPDATE item SET item_restrict = ( item_restrict | %d ), + changed = '%s', edited = '%s' WHERE id = %d", + intval(ITEM_HIDDEN), + dbesc(datetime_convert()), + dbesc(datetime_convert()), + intval($item['id']) + ); + } + else { + $r = q("UPDATE item SET item_restrict = ( item_restrict | %d ), body = '', title = '', + changed = '%s', edited = '%s' WHERE id = %d", + intval(ITEM_DELETED), + dbesc(datetime_convert()), + dbesc(datetime_convert()), + intval($item['id']) + ); + } break; } From 2f9fe0280ecb2dcf2bb5b5fe9eed6a6651856647 Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 12 Jan 2015 17:20:28 -0800 Subject: [PATCH 03/12] document the pros and cons of the not-yet written hassle-free connection auto-permission setting. --- mod/connedit.php | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/mod/connedit.php b/mod/connedit.php index 3f31134cd..5c36c3184 100644 --- a/mod/connedit.php +++ b/mod/connedit.php @@ -55,6 +55,15 @@ function connedit_post(&$a) { if(! $contact_id) return; + // TODO if configured for hassle-free permissions, we'll post the form with ajax as soon as the + // connection enable is toggled to a special autopost url and set permissions immediately, leaving + // the other form elements alone pending a manual submit of the form. The downside is that there + // will be a window of opportunity when the permissions have been set but before you've had a chance + // to review and possibly restrict them. The upside is we won't have to warn you that your connection + // can't do anything until you save the bloody form. + + $autopost = (((argc() > 2) && (argv(2) === 'auto')) ? true : false); + $orig_record = q("SELECT * FROM abook WHERE abook_id = %d AND abook_channel = %d LIMIT 1", intval($contact_id), intval(local_user()) From 1b3e52af2dc4f2872c666784b284a5ba0a8de61d Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 12 Jan 2015 18:33:39 -0800 Subject: [PATCH 04/12] theme toggle issue when viewing mod/cloud of another channel --- include/RedDAV/RedBrowser.php | 9 +++++++++ mod/cloud.php | 9 --------- mod/dav.php | 9 --------- 3 files changed, 9 insertions(+), 18 deletions(-) diff --git a/include/RedDAV/RedBrowser.php b/include/RedDAV/RedBrowser.php index 709f6339b..ddeed74be 100644 --- a/include/RedDAV/RedBrowser.php +++ b/include/RedDAV/RedBrowser.php @@ -267,6 +267,15 @@ class RedBrowser extends DAV\Browser\Plugin { get_app()->page['content'] = $html; load_pdl(get_app()); + + $theme_info_file = "view/theme/" . current_theme() . "/php/theme.php"; + if (file_exists($theme_info_file)){ + require_once($theme_info_file); + if (function_exists(str_replace('-', '_', current_theme()) . '_init')) { + $func = str_replace('-', '_', current_theme()) . '_init'; + $func($a); + } + } construct_page(get_app()); } diff --git a/mod/cloud.php b/mod/cloud.php index abeae88eb..3643e599c 100644 --- a/mod/cloud.php +++ b/mod/cloud.php @@ -41,15 +41,6 @@ if(! defined('TRINIDAD')) { * @param App &$a */ function cloud_init(&$a) { - // call ($currenttheme)_init since we're operating outside of index.php - $theme_info_file = "view/theme/" . current_theme() . "/php/theme.php"; - if (file_exists($theme_info_file)){ - require_once($theme_info_file); - if (function_exists(str_replace('-', '_', current_theme()) . '_init')) { - $func = str_replace('-', '_', current_theme()) . '_init'; - $func($a); - } - } require_once('include/reddav.php'); diff --git a/mod/dav.php b/mod/dav.php index 1bff5ffbc..e3719cb93 100644 --- a/mod/dav.php +++ b/mod/dav.php @@ -37,15 +37,6 @@ if (x($_SERVER, 'HTTP_AUTHORIZATION')) { * @param App &$a */ function dav_init(&$a) { - // call ($currenttheme)_init since we're operating outside of index.php - $theme_info_file = "view/theme/" . current_theme() . "/php/theme.php"; - if (file_exists($theme_info_file)){ - require_once($theme_info_file); - if (function_exists(str_replace('-', '_', current_theme()) . '_init')) { - $func = str_replace('-', '_', current_theme()) . '_init'; - $func($a); - } - } require_once('include/reddav.php'); From 2fc0d641393a56f056e50af65c82147a6a392f85 Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 12 Jan 2015 19:29:43 -0800 Subject: [PATCH 05/12] uninitialised theme parent in mod/cloud --- include/RedDAV/RedBrowser.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/RedDAV/RedBrowser.php b/include/RedDAV/RedBrowser.php index ddeed74be..9ea2b9808 100644 --- a/include/RedDAV/RedBrowser.php +++ b/include/RedDAV/RedBrowser.php @@ -273,7 +273,7 @@ class RedBrowser extends DAV\Browser\Plugin { require_once($theme_info_file); if (function_exists(str_replace('-', '_', current_theme()) . '_init')) { $func = str_replace('-', '_', current_theme()) . '_init'; - $func($a); + $func(get_app()); } } construct_page(get_app()); From 93735df2c78b249d5735834c190dc91bad336172 Mon Sep 17 00:00:00 2001 From: Stefan Parviainen Date: Tue, 13 Jan 2015 17:54:40 +0100 Subject: [PATCH 06/12] Allow tags in mail, many profile fields, and admin info --- include/identity.php | 14 +------------- include/text.php | 2 +- mod/admin.php | 2 ++ mod/item.php | 2 +- mod/mail.php | 3 +++ mod/photos.php | 2 +- mod/profiles.php | 16 ++++++++++++++++ mod/siteinfo.php | 3 ++- 8 files changed, 27 insertions(+), 17 deletions(-) diff --git a/include/identity.php b/include/identity.php index 2f400520f..d98f39cb7 100644 --- a/include/identity.php +++ b/include/identity.php @@ -1205,21 +1205,9 @@ function advanced_profile(&$a) { if($txt = prepare_text($a->profile['dislikes'])) $profile['dislikes'] = array( t('Dislikes:'), $txt); - if($txt = prepare_text($a->profile['contact'])) $profile['contact'] = array( t('Contact information and Social Networks:'), $txt); - // Support tags in the other channels field (probably want to restrict it to channels only?) - $txt = $a->profile['channels']; - $matches = get_tags($txt); - $access_tag = ''; - $str_tags = ''; - foreach($matches as $m) { - $success = handle_tag($a, $txt, $access_tag, $str_tags, $a->profile_uid, $m); // Use uid of the profile maker - } - - if($txt = prepare_text($txt)) { - $profile['channels'] = array( t('My other channels:'), $txt); - } + if($txt = prepare_text($a->profile['channels'])) $profile['channels'] = array( t('My other channels:'), $txt); if($txt = prepare_text($a->profile['music'])) $profile['music'] = array( t('Musical interests:'), $txt); diff --git a/include/text.php b/include/text.php index 035c092a6..6b579e35c 100644 --- a/include/text.php +++ b/include/text.php @@ -2351,7 +2351,7 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag) { return array('replaced' => $replaced, 'termtype' => $termtype, 'term' => $newname, 'url' => $url, 'contact' => $r[0]); } -function linkify_tags($a, &$body, $uid, $profile_uid) { +function linkify_tags($a, &$body, $uid) { $str_tags = ''; $tagged = array(); $result = array(); diff --git a/mod/admin.php b/mod/admin.php index 74a373738..1503bf18e 100644 --- a/mod/admin.php +++ b/mod/admin.php @@ -288,6 +288,8 @@ function admin_page_site_post(&$a){ del_config('system','admininfo'); } else { + require_once('include/text.php'); + linkify_tags($a, $admininfo, local_user()); set_config('system','admininfo', $admininfo); } set_config('system','language', $language); diff --git a/mod/item.php b/mod/item.php index 7a14a8ae9..e1855732e 100644 --- a/mod/item.php +++ b/mod/item.php @@ -576,7 +576,7 @@ function item_post(&$a) { // Look for tags and linkify them - $results = linkify_tags($a, $body, $uid, $profile_uid); + $results = linkify_tags($a, $body, ($uid) ? $uid : $profile_uid); // Set permissions based on tag replacements set_linkified_perms($results, $str_contact_allow, $str_group_allow, $profile_uid, $parent_item); diff --git a/mod/mail.php b/mod/mail.php index 6c778b956..37679aebf 100644 --- a/mod/mail.php +++ b/mod/mail.php @@ -83,6 +83,9 @@ function mail_post(&$a) { // $body = fix_mce_lf($body); // } + require_once('include/text.php'); + linkify_tags($a, $body, local_user()); + if(! $recipient) { notice('No recipient found.'); $a->argc = 2; diff --git a/mod/photos.php b/mod/photos.php index df9880c8d..3a7ef2d71 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -354,7 +354,7 @@ function photos_post(&$a) { require_once('include/text.php'); $profile_uid = $a->profile['profile_uid']; - $results = linkify_tags($a, $rawtags, local_user(), $profile_uid); + $results = linkify_tags($a, $rawtags, (local_user()) ? local_user() : $profile_uid); $success = $results['success']; $post_tags = array(); diff --git a/mod/profiles.php b/mod/profiles.php index fa6a6e35c..11cd86645 100644 --- a/mod/profiles.php +++ b/mod/profiles.php @@ -296,6 +296,22 @@ function profiles_post(&$a) { $work = fix_mce_lf(escape_tags(trim($_POST['work']))); $education = fix_mce_lf(escape_tags(trim($_POST['education']))); + require_once('include/text.php'); + linkify_tags($a, $likes, local_user()); + linkify_tags($a, $dislikes, local_user()); + linkify_tags($a, $about, local_user()); + linkify_tags($a, $interest, local_user()); + linkify_tags($a, $interest, local_user()); + linkify_tags($a, $contact, local_user()); + linkify_tags($a, $channels, local_user()); + linkify_tags($a, $music, local_user()); + linkify_tags($a, $book, local_user()); + linkify_tags($a, $tv, local_user()); + linkify_tags($a, $film, local_user()); + linkify_tags($a, $romance, local_user()); + linkify_tags($a, $work, local_user()); + linkify_tags($a, $education, local_user()); + $hide_friends = (($_POST['hide_friends'] == 1) ? 1: 0); $with = ((x($_POST,'with')) ? escape_tags(trim($_POST['with'])) : ''); diff --git a/mod/siteinfo.php b/mod/siteinfo.php index 01804e62a..1f3cd4479 100644 --- a/mod/siteinfo.php +++ b/mod/siteinfo.php @@ -126,7 +126,8 @@ function siteinfo_content(&$a) { else $plugins_text = t('No installed plugins/addons/apps'); - $admininfo = bbcode(get_config('system','admininfo')); + $txt = get_config('system','admininfo'); + $admininfo = bbcode($txt); if(file_exists('doc/site_donate.html')) $donate .= file_get_contents('doc/site_donate.html'); From 47a2668b30de34f1f08983ba485a630a89a9dd1e Mon Sep 17 00:00:00 2001 From: Stefan Parviainen Date: Tue, 13 Jan 2015 18:23:52 +0100 Subject: [PATCH 07/12] Allow tags in event description and location --- mod/events.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/mod/events.php b/mod/events.php index e016311d5..28a816ea4 100755 --- a/mod/events.php +++ b/mod/events.php @@ -75,6 +75,10 @@ function events_post(&$a) { $location = escape_tags(trim($_POST['location'])); $type = 'event'; + require_once('include/text.php'); + linkify_tags($a, $desc, local_user()); + linkify_tags($a, $location, local_user()); + $action = ($event_hash == '') ? 'new' : "event/" . $event_hash; $onerror_url = $a->get_baseurl() . "/events/" . $action . "?summary=$summary&description=$desc&location=$location&start=$start_text&finish=$finish_text&adjust=$adjust&nofinish=$nofinish"; if(strcmp($finish,$start) < 0 && !$nofinish) { From e528483d8150b1495e96de5309ed383a5fd6e09b Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 13 Jan 2015 14:42:54 -0800 Subject: [PATCH 08/12] hide friends broken, add parameter for item search by verb --- mod/channel.php | 1 + mod/display.php | 1 + mod/home.php | 1 + mod/network.php | 1 + mod/profiles.php | 4 ++-- mod/search.php | 1 + view/tpl/build_query.tpl | 2 ++ 7 files changed, 9 insertions(+), 2 deletions(-) diff --git a/mod/channel.php b/mod/channel.php index e819de0e0..c8ac83baf 100644 --- a/mod/channel.php +++ b/mod/channel.php @@ -286,6 +286,7 @@ function channel_content(&$a, $update = 0, $load = false) { '$cats' => (($category) ? $category : ''), '$tags' => (($hashtags) ? $hashtags : ''), '$mid' => $mid, + '$verb' => '', '$dend' => $datequery, '$dbegin' => $datequery2 )); diff --git a/mod/display.php b/mod/display.php index 7d7f4ca13..f14aca6da 100644 --- a/mod/display.php +++ b/mod/display.php @@ -136,6 +136,7 @@ function display_content(&$a, $update = 0, $load = false) { '$tags' => '', '$dend' => '', '$dbegin' => '', + '$verb' => '', '$mid' => $item_hash )); diff --git a/mod/home.php b/mod/home.php index b2538795f..e82aab385 100644 --- a/mod/home.php +++ b/mod/home.php @@ -144,6 +144,7 @@ function home_content(&$a, $update = 0, $load = false) { '$tags' => '', '$dend' => '', '$mid' => '', + '$verb' => '', '$dbegin' => '' )); } diff --git a/mod/network.php b/mod/network.php index d444dbd59..894ea9c10 100644 --- a/mod/network.php +++ b/mod/network.php @@ -251,6 +251,7 @@ function network_content(&$a, $update = 0, $load = false) { '$tags' => $hashtags, '$dend' => $datequery, '$mid' => '', + '$verb' => '', '$dbegin' => $datequery2 )); } diff --git a/mod/profiles.php b/mod/profiles.php index fa6a6e35c..a426b7aa1 100644 --- a/mod/profiles.php +++ b/mod/profiles.php @@ -296,7 +296,7 @@ function profiles_post(&$a) { $work = fix_mce_lf(escape_tags(trim($_POST['work']))); $education = fix_mce_lf(escape_tags(trim($_POST['education']))); - $hide_friends = (($_POST['hide_friends'] == 1) ? 1: 0); + $hide_friends = ((intval($_POST['hide_friends'])) ? 1: 0); $with = ((x($_POST,'with')) ? escape_tags(trim($_POST['with'])) : ''); @@ -605,7 +605,7 @@ function profiles_content(&$a) { $opt_tpl = get_markup_template("profile_hide_friends.tpl"); $hide_friends = replace_macros($opt_tpl,array('$field' => array( - 'hide-friends', + 'hide_friends', t('Hide your contact/friend list from viewers of this profile?'), $r[0]['hide_friends'], '', diff --git a/mod/search.php b/mod/search.php index 6df9d631a..2ea6ad86f 100644 --- a/mod/search.php +++ b/mod/search.php @@ -109,6 +109,7 @@ function search_content(&$a,$update = 0, $load = false) { '$cats' => '', '$tags' => '', '$mid' => '', + '$verb' => '', '$dend' => '', '$dbegin' => '' )); diff --git a/view/tpl/build_query.tpl b/view/tpl/build_query.tpl index 8110b70b1..62f81b618 100755 --- a/view/tpl/build_query.tpl +++ b/view/tpl/build_query.tpl @@ -26,6 +26,7 @@ var bParam_dend = "{{$dend}}"; var bParam_dbegin = "{{$dbegin}}"; var bParam_mid = "{{$mid}}"; + var bParam_verb = "{{$verb}}"; function buildCmd() { var udargs = ((page_load) ? "/load" : ""); @@ -51,6 +52,7 @@ if(bParam_dend != "") bCmd = bCmd + "&dend=" + bParam_dend; if(bParam_dbegin != "") bCmd = bCmd + "&dbegin=" + bParam_dbegin; if(bParam_mid != "") bCmd = bCmd + "&mid=" + bParam_mid; + if(bParam_verb != "") bCmd = bCmd + "&verb=" + bParam_verb; if(bParam_page != 1) bCmd = bCmd + "&page=" + bParam_page; return(bCmd); } From 98acefe22837a916d9a2330ceec250b0572b65d2 Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 13 Jan 2015 18:12:04 -0800 Subject: [PATCH 09/12] revert recent 3.0 changes to mod/cloud so we can work on this completely in another branch and not destabilise core --- mod/cloud.php | 51 ++++++++++++++++++++------------------------------- 1 file changed, 20 insertions(+), 31 deletions(-) diff --git a/mod/cloud.php b/mod/cloud.php index 3643e599c..ad85eba34 100644 --- a/mod/cloud.php +++ b/mod/cloud.php @@ -3,7 +3,7 @@ * @file mod/cloud.php * @brief Initialize RedMatrix's cloud (SabreDAV). * - * Module for accessing the DAV storage area from a web client. + * Module for accessing the DAV storage area. */ use Sabre\DAV; @@ -12,28 +12,24 @@ use RedMatrix\RedDAV; // composer autoloader for SabreDAV require_once('vendor/autoload.php'); -if(! defined('TRINIDAD')) { - // workaround for HTTP-auth in CGI mode - if (x($_SERVER, 'REDIRECT_REMOTE_USER')) { - $userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)) ; - if(strlen($userpass)) { - list($name, $password) = explode(':', $userpass); - $_SERVER['PHP_AUTH_USER'] = $name; - $_SERVER['PHP_AUTH_PW'] = $password; - } - } - - if (x($_SERVER, 'HTTP_AUTHORIZATION')) { - $userpass = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"], 6)) ; - if(strlen($userpass)) { - list($name, $password) = explode(':', $userpass); - $_SERVER['PHP_AUTH_USER'] = $name; - $_SERVER['PHP_AUTH_PW'] = $password; - } +// workaround for HTTP-auth in CGI mode +if (x($_SERVER, 'REDIRECT_REMOTE_USER')) { + $userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)) ; + if(strlen($userpass)) { + list($name, $password) = explode(':', $userpass); + $_SERVER['PHP_AUTH_USER'] = $name; + $_SERVER['PHP_AUTH_PW'] = $password; } } - +if (x($_SERVER, 'HTTP_AUTHORIZATION')) { + $userpass = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"], 6)) ; + if(strlen($userpass)) { + list($name, $password) = explode(':', $userpass); + $_SERVER['PHP_AUTH_USER'] = $name; + $_SERVER['PHP_AUTH_PW'] = $password; + } +} /** * @brief Fires up the SabreDAV server. @@ -41,7 +37,6 @@ if(! defined('TRINIDAD')) { * @param App &$a */ function cloud_init(&$a) { - require_once('include/reddav.php'); if (! is_dir('store')) @@ -121,19 +116,13 @@ function cloud_init(&$a) { } if ((! $auth->observer) && (! $isapublic_file) && (! $davguest)) { - if(defined('TRINIDAD')) { + try { + $auth->Authenticate($server, t('RedMatrix - Guests: Username: {your email address}, Password: +++')); + } + catch (Exception $e) { logger('mod_cloud: auth exception' . $e->getMessage()); http_status_exit($e->getHTTPCode(), $e->getMessage()); } - else { - try { - $auth->Authenticate($server, t('RedMatrix channel')); - } - catch (Exception $e) { - logger('mod_cloud: auth exception' . $e->getMessage()); - http_status_exit($e->getHTTPCode(), $e->getMessage()); - } - } } require_once('include/RedDAV/RedBrowser.php'); From dfdef0af0d045bdb0eb6e5ed557579966891e1a0 Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 13 Jan 2015 18:30:30 -0800 Subject: [PATCH 10/12] provide a setting to control ALLOWCODE permissions at the channel level - it isn't always appropriate to apply this to all channels in an account. --- boot.php | 2 +- include/text.php | 8 ++++---- mod/impel.php | 4 ++-- mod/item.php | 4 ++-- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/boot.php b/boot.php index 0fe811093..1de8bcc41 100755 --- a/boot.php +++ b/boot.php @@ -221,7 +221,7 @@ define ( 'PAGE_NORMAL', 0x0000 ); define ( 'PAGE_HIDDEN', 0x0001 ); define ( 'PAGE_AUTOCONNECT', 0x0002 ); define ( 'PAGE_APPLICATION', 0x0004 ); - +define ( 'PAGE_ALLOWCODE', 0x0008 ); define ( 'PAGE_PREMIUM', 0x0010 ); define ( 'PAGE_ADULT', 0x0020 ); define ( 'PAGE_CENSORED', 0x0040 ); // Site admin has blocked this channel from appearing in casual search results and site feeds diff --git a/include/text.php b/include/text.php index 6b579e35c..18ef22d28 100644 --- a/include/text.php +++ b/include/text.php @@ -92,10 +92,10 @@ function z_input_filter($channel_id,$s,$type = 'text/bbcode') { return escape_tags($s); if($type == 'text/plain') return escape_tags($s); - $r = q("select account_id, account_roles from account left join channel on channel_account_id = account_id where channel_id = %d limit 1", + $r = q("select account_id, account_roles, channel_pageflags from account left join channel on channel_account_id = account_id where channel_id = %d limit 1", intval($channel_id) ); - if($r && ($r[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE)) { + if($r && (($r[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($r[0]['channel_pageflags'] & PAGE_ALLOWCODE))) { if(local_user() && (get_account_id() == $r[0]['account_id'])) { return $s; } @@ -1584,13 +1584,13 @@ function mimetype_select($channel_id, $current = 'text/bbcode') { 'text/plain' ); - $r = q("select account_id, account_roles from account left join channel on account_id = channel_account_id where + $r = q("select account_id, account_roles, channel_pageflags from account left join channel on account_id = channel_account_id where channel_id = %d limit 1", intval($channel_id) ); if($r) { - if($r[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) { + if(($r[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($r[0]['channel_pageflags'] & PAGE_ALLOWCODE)) { if(local_user() && get_account_id() == $r[0]['account_id']) $x[] = 'application/x-php'; } diff --git a/mod/impel.php b/mod/impel.php index 1c7541bef..60e80ff9f 100644 --- a/mod/impel.php +++ b/mod/impel.php @@ -75,11 +75,11 @@ function impel_init(&$a) { $execflag = false; if($arr['mimetype'] === 'application/x-php') { - $z = q("select account_id, account_roles from account left join channel on channel_account_id = account_id where channel_id = %d limit 1", + $z = q("select account_id, account_roles, channel_pageflags from account left join channel on channel_account_id = account_id where channel_id = %d limit 1", intval(local_user()) ); - if($z && ($z[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE)) { + if($z && (($z[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($z[0]['channel_pageflags'] & PAGE_ALLOWCODE))) { $execflag = true; } } diff --git a/mod/item.php b/mod/item.php index e1855732e..bc8cfd047 100644 --- a/mod/item.php +++ b/mod/item.php @@ -449,10 +449,10 @@ function item_post(&$a) { $execflag = false; if($mimetype === 'application/x-php') { - $z = q("select account_id, account_roles from account left join channel on channel_account_id = account_id where channel_id = %d limit 1", + $z = q("select account_id, account_roles, channel_pageflags from account left join channel on channel_account_id = account_id where channel_id = %d limit 1", intval($profile_uid) ); - if($z && ($z[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE)) { + if($z && (($z[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($z[0]['channel_pageflags'] & PAGE_ALLOWCODE))) { if($uid && (get_account_id() == $z[0]['account_id'])) { $execflag = true; } From a93f2b1b8fe55033aa68b80c7c6fb2ef1d1fb7ef Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 13 Jan 2015 18:41:11 -0800 Subject: [PATCH 11/12] now that's useful... --- mod/network.php | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/mod/network.php b/mod/network.php index 894ea9c10..65332e3f6 100644 --- a/mod/network.php +++ b/mod/network.php @@ -47,7 +47,7 @@ function network_content(&$a, $update = 0, $load = false) { $gid = ((x($_GET,'gid')) ? intval($_GET['gid']) : 0); $category = ((x($_REQUEST,'cat')) ? $_REQUEST['cat'] : ''); $hashtags = ((x($_REQUEST,'tag')) ? $_REQUEST['tag'] : ''); - + $verb = ((x($_REQUEST,'verb')) ? $_REQUEST['verb'] : ''); $search = (($_GET['search']) ? $_GET['search'] : ''); if($search) { @@ -251,7 +251,7 @@ function network_content(&$a, $update = 0, $load = false) { '$tags' => $hashtags, '$dend' => $datequery, '$mid' => '', - '$verb' => '', + '$verb' => $verb, '$dbegin' => $datequery2 )); } @@ -280,6 +280,12 @@ function network_content(&$a, $update = 0, $load = false) { } } + if($verb) { + $sql_extra .= sprintf(" AND item.verb like '%s' ", + dbesc(protect_sprintf('%' . $verb . '%')) + ); + } + if(strlen($file)) { $sql_extra .= term_query('item',$file,TERM_FILE); } From 7090b58f68251b8c4b39332f2ea051e95ead3df3 Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 13 Jan 2015 20:54:27 -0800 Subject: [PATCH 12/12] check mentions against the appropriate xchan_url and not a hard-coded /channel/ string --- include/items.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/include/items.php b/include/items.php index dd9dbc7f9..5812efa90 100755 --- a/include/items.php +++ b/include/items.php @@ -2673,7 +2673,7 @@ function tag_deliver($uid,$item_id) { * Fetch stuff we need - a channel and an item */ - $u = q("select * from channel where channel_id = %d limit 1", + $u = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_id = %d limit 1", intval($uid) ); if(! $u) @@ -2811,7 +2811,7 @@ function tag_deliver($uid,$item_id) { if($terms) logger('tag_deliver: post mentions: ' . print_r($terms,true), LOGGER_DATA); - $link = normalise_link($a->get_baseurl() . '/channel/' . $u[0]['channel_address']); + $link = normalise_link($u[0]['xchan_url']); if($terms) { foreach($terms as $term) { @@ -2952,7 +2952,7 @@ function tgroup_check($uid,$item) { if(! perm_is_allowed($uid,$item['author_xchan'],'tag_deliver')) return false; - $u = q("select * from channel where channel_id = %d limit 1", + $u = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_id = %d limit 1", intval($uid) ); @@ -2964,7 +2964,7 @@ function tgroup_check($uid,$item) { if($terms) logger('tgroup_check: post mentions: ' . print_r($terms,true), LOGGER_DATA); - $link = normalise_link($a->get_baseurl() . '/channel/' . $u[0]['channel_address']); + $link = normalise_link($u[0]['xchan_url']); if($terms) { foreach($terms as $term) {