From ebc3666c6f9a14db7efba849c4837d45688f030f Mon Sep 17 00:00:00 2001 From: Mario Date: Fri, 15 Mar 2019 02:51:51 +0100 Subject: [PATCH 01/22] Cleanup and fixes --- Zotlabs/Lib/Activity.php | 18 +++++++++-------- Zotlabs/Zot6/HTTPSig.php | 3 ++- Zotlabs/Zot6/Zot6Handler.php | 3 +-- include/account.php | 38 +++++++++++++++++------------------- include/acl_selectors.php | 2 +- include/attach.php | 32 ++++++++++++------------------ include/channel.php | 2 +- include/nav.php | 11 +++++++---- include/taxonomy.php | 2 -- include/text.php | 17 +--------------- include/xchan.php | 1 + 11 files changed, 55 insertions(+), 74 deletions(-) diff --git a/Zotlabs/Lib/Activity.php b/Zotlabs/Lib/Activity.php index 9aaf6d866..e5a8e0075 100644 --- a/Zotlabs/Lib/Activity.php +++ b/Zotlabs/Lib/Activity.php @@ -2,6 +2,7 @@ namespace Zotlabs\Lib; +use Zotlabs\Daemon\Master; use Zotlabs\Zot6\HTTPSig; class Activity { @@ -868,7 +869,7 @@ class Activity { // Send an Accept back to them set_abconfig($channel['channel_id'],$person_obj['id'],'pubcrawl','their_follow_id', $their_follow_id); - \Zotlabs\Daemon\Master::Summon([ 'Notifier', 'permissions_accept', $contact['abook_id'] ]); + Master::Summon([ 'Notifier', 'permissions_accept', $contact['abook_id'] ]); return; case 'Accept': @@ -969,9 +970,9 @@ class Activity { if($my_perms && $automatic) { // send an Accept for this Follow activity - \Zotlabs\Daemon\Master::Summon([ 'Notifier', 'permissions_accept', $new_connection[0]['abook_id'] ]); + Master::Summon([ 'Notifier', 'permissions_accept', $new_connection[0]['abook_id'] ]); // Send back a Follow notification to them - \Zotlabs\Daemon\Master::Summon([ 'Notifier', 'permissions_create', $new_connection[0]['abook_id'] ]); + Master::Summon([ 'Notifier', 'permissions_create', $new_connection[0]['abook_id'] ]); } $clone = array(); @@ -1162,7 +1163,7 @@ class Activity { $photos = import_xchan_photo($icon,$url); $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s'", - dbescdate(datetime_convert('UTC','UTC',$arr['photo_updated'])), + dbescdate(datetime_convert('UTC','UTC',$photos[5])), dbesc($photos[0]), dbesc($photos[1]), dbesc($photos[2]), @@ -1406,7 +1407,7 @@ class Activity { if($parent) { if($s['owner_xchan'] === $channel['channel_hash']) { // We are the owner of this conversation, so send all received comments back downstream - Zotlabs\Daemon\Master::Summon(array('Notifier','comment-import',$x['item_id'])); + Master::Summon(array('Notifier','comment-import',$x['item_id'])); } $r = q("select * from item where id = %d limit 1", intval($x['item_id']) @@ -1790,7 +1791,7 @@ class Activity { $s['item_private'] = 1; set_iconfig($s,'activitypub','recips',$act->raw_recips); - + // @FIXME: $parent is not defined if($parent) { set_iconfig($s,'activitypub','rawmsg',$act->raw,1); } @@ -1921,10 +1922,11 @@ class Activity { if(is_array($x) && $x['item_id']) { + // @FIXME: $parent is not defined if($parent) { if($s['owner_xchan'] === $channel['channel_hash']) { // We are the owner of this conversation, so send all received comments back downstream - Zotlabs\Daemon\Master::Summon(array('Notifier','comment-import',$x['item_id'])); + Master::Summon(array('Notifier','comment-import',$x['item_id'])); } $r = q("select * from item where id = %d limit 1", intval($x['item_id']) @@ -2060,7 +2062,7 @@ class Activity { if($result['success']) { // if the message isn't already being relayed, notify others if(intval($parent_item['item_origin'])) - Zotlabs\Daemon\Master::Summon(array('Notifier','comment-import',$result['item_id'])); + Master::Summon(array('Notifier','comment-import',$result['item_id'])); sync_an_item($channel['channel_id'],$result['item_id']); } diff --git a/Zotlabs/Zot6/HTTPSig.php b/Zotlabs/Zot6/HTTPSig.php index 72785b1e9..d3a09b858 100644 --- a/Zotlabs/Zot6/HTTPSig.php +++ b/Zotlabs/Zot6/HTTPSig.php @@ -5,6 +5,7 @@ namespace Zotlabs\Zot6; use Zotlabs\Lib\ActivityStreams; use Zotlabs\Lib\Webfinger; use Zotlabs\Web\HTTPHeaders; +use Zotlabs\Lib\Libzot; /** * @brief Implements HTTP Signatures per draft-cavage-http-signatures-10. @@ -324,7 +325,7 @@ class HTTPSig { if($l['rel'] === 'http://purl.org/zot/protocol/6.0' && array_key_exists('href',$l) && $l['href'] !== EMPTY_STR) { $z = \Zotlabs\Lib\Zotfinger::exec($l['href']); if($z) { - $i = Zotlabs\Lib\Libzot::import_xchan($z['data']); + $i = Libzot::import_xchan($z['data']); if($i['success']) { $key['portable_id'] = $i['hash']; diff --git a/Zotlabs/Zot6/Zot6Handler.php b/Zotlabs/Zot6/Zot6Handler.php index 8f8957037..37ce11980 100644 --- a/Zotlabs/Zot6/Zot6Handler.php +++ b/Zotlabs/Zot6/Zot6Handler.php @@ -151,8 +151,7 @@ class Zot6Handler implements IHandler { /* * fetch the requested conversation */ - /// @FIXME $sender_hash is undefined - $messages = zot_feed($c[0]['channel_id'],$sender_hash, [ 'message_id' => $data['message_id'], 'encoding' => 'activitystreams' ]); + $messages = zot_feed($c[0]['channel_id'], $sender, [ 'message_id' => $data['message_id'], 'encoding' => 'activitystreams' ]); return (($messages) ? : [] ); } diff --git a/include/account.php b/include/account.php index 2ab99ce19..5f0c8737f 100644 --- a/include/account.php +++ b/include/account.php @@ -142,12 +142,10 @@ function create_account($arr) { $invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : ''); $email = ((x($arr,'email')) ? notags(punify(trim($arr['email']))) : ''); $password = ((x($arr,'password')) ? trim($arr['password']) : ''); - $password2 = ((x($arr,'password2')) ? trim($arr['password2']) : ''); $parent = ((x($arr,'parent')) ? intval($arr['parent']) : 0 ); $flags = ((x($arr,'account_flags')) ? intval($arr['account_flags']) : ACCOUNT_OK); $roles = ((x($arr,'account_roles')) ? intval($arr['account_roles']) : 0 ); $expires = ((x($arr,'expires')) ? intval($arr['expires']) : NULL_DATE); - $techlevel = ((array_key_exists('techlevel',$arr)) ? intval($arr['techlevel']) : intval(get_config('system','techlevel'))); $default_service_class = get_config('system','default_service_class'); @@ -264,9 +262,8 @@ function create_account($arr) { function verify_email_address($arr) { if(array_key_exists('resend',$arr)) { - $email = $arr['email']; $a = q("select * from account where account_email = '%s' limit 1", - dbesc($arr['email']) + dbesc($arr['email']) ); if(! ($a && ($a[0]['account_flags'] & ACCOUNT_UNVERIFIED))) { return false; @@ -285,7 +282,7 @@ function verify_email_address($arr) { else { $hash = random_string(24); - $r = q("INSERT INTO register ( hash, created, uid, password, lang ) VALUES ( '%s', '%s', %d, '%s', '%s' ) ", + q("INSERT INTO register ( hash, created, uid, password, lang ) VALUES ( '%s', '%s', %d, '%s', '%s' ) ", dbesc($hash), dbesc(datetime_convert()), intval($arr['account']['account_id']), @@ -304,7 +301,7 @@ function verify_email_address($arr) { '$email' => $arr['email'], '$uid' => $account['account_id'], '$hash' => $hash, - '$details' => $details + '$details' => '' ] ); @@ -318,9 +315,7 @@ function verify_email_address($arr) { pop_lang(); - if($res) - $delivered ++; - else + if(! $res) logger('send_reg_approval_email: failed to account_id: ' . $arr['account']['account_id']); return $res; @@ -442,16 +437,17 @@ function account_allow($hash) { if(! $account) return $ret; - $r = q("DELETE FROM register WHERE hash = '%s'", + q("DELETE FROM register WHERE hash = '%s'", dbesc($register[0]['hash']) ); - $r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d", + q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d", intval(ACCOUNT_BLOCKED), intval(ACCOUNT_BLOCKED), intval($register[0]['uid']) ); - $r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d", + + q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d", intval(ACCOUNT_PENDING), intval(ACCOUNT_PENDING), intval($register[0]['uid']) @@ -516,11 +512,11 @@ function account_deny($hash) { if(! $account) return false; - $r = q("DELETE FROM account WHERE account_id = %d", + q("DELETE FROM account WHERE account_id = %d", intval($register[0]['uid']) ); - $r = q("DELETE FROM register WHERE id = %d", + q("DELETE FROM register WHERE id = %d", dbesc($register[0]['id']) ); notice( sprintf(t('Registration revoked for %s'), $account[0]['account_email']) . EOL); @@ -551,21 +547,23 @@ function account_approve($hash) { if(! $account) return $ret; - $r = q("DELETE FROM register WHERE hash = '%s' and password = 'verify'", + q("DELETE FROM register WHERE hash = '%s' and password = 'verify'", dbesc($register[0]['hash']) ); - $r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d", + q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d", intval(ACCOUNT_BLOCKED), intval(ACCOUNT_BLOCKED), intval($register[0]['uid']) ); - $r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d", + + q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d", intval(ACCOUNT_PENDING), intval(ACCOUNT_PENDING), intval($register[0]['uid']) ); - $r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d", + + q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d", intval(ACCOUNT_UNVERIFIED), intval(ACCOUNT_UNVERIFIED), intval($register[0]['uid']) @@ -620,7 +618,7 @@ function downgrade_accounts() { foreach($r as $rr) { if(($basic) && ($rr['account_service_class']) && ($rr['account_service_class'] != $basic)) { - $x = q("UPDATE account set account_service_class = '%s', account_expires = '%s' + q("UPDATE account set account_service_class = '%s', account_expires = '%s' where account_id = %d", dbesc($basic), dbesc(NULL_DATE), @@ -631,7 +629,7 @@ function downgrade_accounts() { logger('downgrade_accounts: Account id ' . $rr['account_id'] . ' downgraded.'); } else { - $x = q("UPDATE account SET account_flags = (account_flags | %d) where account_id = %d", + q("UPDATE account SET account_flags = (account_flags | %d) where account_id = %d", intval(ACCOUNT_EXPIRED), intval($rr['account_id']) ); diff --git a/include/acl_selectors.php b/include/acl_selectors.php index c7a87afee..35e385058 100644 --- a/include/acl_selectors.php +++ b/include/acl_selectors.php @@ -84,7 +84,7 @@ function populate_acl($defaults = null,$show_jotnets = true, $emptyACL_descripti ); if($r) { foreach($r as $rv) { - $selected = (($single_group && 'vp.' . $rr['hash'] === $allow_gid[0]) ? ' selected = "selected" ' : ''); + $selected = (($single_group && 'vp.' . $rv['profile_guid'] === $allow_gid[0]) ? ' selected = "selected" ' : ''); $groups .= '' . "\r\n"; } } diff --git a/include/attach.php b/include/attach.php index 17a47d9ac..f6594b154 100644 --- a/include/attach.php +++ b/include/attach.php @@ -321,7 +321,6 @@ function attach_can_view_folder($uid,$ob_hash,$folder_hash) { $sql_extra = permissions_sql($uid,$ob_hash); $hash = $folder_hash; - $result = false; if(! $folder_hash) { return perm_is_allowed($uid,$ob_hash,'view_storage'); @@ -352,7 +351,7 @@ function attach_can_view_folder($uid,$ob_hash,$folder_hash) { * @param string $hash * @param string $observer_hash * @param int $rev (optional) revision default 0 - * @return associative array with everything except data + * @return array (associative) with everything except data * * \e boolean \b success boolean true or false * * \e string \b message (optional) only when success is false * * \e array \b data array of attach DB entry without data component @@ -1224,7 +1223,7 @@ function attach_mkdir($channel, $observer_hash, $arr = null) { $ret['success'] = true; // update the parent folder's lastmodified timestamp - $e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d", + q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d", dbesc($created), dbesc($arr['folder']), intval($channel_id) @@ -1270,8 +1269,6 @@ function attach_mkdirp($channel, $observer_hash, $arr = null) { $ret = array('success' => false); $channel_id = $channel['channel_id']; - $sql_options = ''; - $basepath = 'store/' . $channel['channel_address']; logger('basepath: ' . $basepath); @@ -1374,7 +1371,7 @@ function attach_change_permissions($channel_id, $resource, $allow_cid, $allow_gi } } - $x = q("update attach set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where hash = '%s' and uid = %d", + q("update attach set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where hash = '%s' and uid = %d", dbesc($allow_cid), dbesc($allow_gid), dbesc($deny_cid), @@ -1383,7 +1380,7 @@ function attach_change_permissions($channel_id, $resource, $allow_cid, $allow_gi intval($channel_id) ); if($r[0]['is_photo']) { - $x = q("update photo set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where resource_id = '%s' and uid = %d", + q("update photo set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where resource_id = '%s' and uid = %d", dbesc($allow_cid), dbesc($allow_gid), dbesc($deny_cid), @@ -1482,7 +1479,7 @@ function attach_delete($channel_id, $resource, $is_photo = 0) { } // delete from database - $z = q("DELETE FROM attach WHERE hash = '%s' AND uid = %d", + q("DELETE FROM attach WHERE hash = '%s' AND uid = %d", dbesc($resource), intval($channel_id) ); @@ -1493,7 +1490,7 @@ function attach_delete($channel_id, $resource, $is_photo = 0) { // update the parent folder's lastmodified timestamp - $e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d", + q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d", dbesc(datetime_convert()), dbesc($r[0]['folder']), intval($channel_id) @@ -1815,7 +1812,7 @@ function file_activity($channel_id, $object, $allow_cid, $allow_gid, $deny_cid, $u_jsonobject = json_encode($object); //we have got the relevant info - delete the old item before we create the new one - $z = q("DELETE FROM item WHERE obj_type = '%s' AND verb = '%s' AND mid = '%s'", + q("DELETE FROM item WHERE obj_type = '%s' AND verb = '%s' AND mid = '%s'", dbesc(ACTIVITY_OBJ_FILE), dbesc(ACTIVITY_POST), dbesc($y[0]['mid']) @@ -1946,7 +1943,6 @@ function attach_recursive_perms($arr_allow_cid, $arr_allow_gid, $arr_deny_cid, $ $ret = array(); $parent_arr = array(); $count_values = array(); - $poster = App::get_observer(); //lookup all channels in sharee group and add them to sharee $arr_allow_cid if($arr_allow_gid) { @@ -2351,7 +2347,6 @@ function attach_move($channel_id, $resource_id, $new_folder_hash) { if(! $n) return false; - $newdirname = $n[0]['filename']; $newalbumname = $n[0]['display_path']; $newstorepath = dbunescbin($n[0]['content']) . '/' . $resource_id; } @@ -2359,7 +2354,6 @@ function attach_move($channel_id, $resource_id, $new_folder_hash) { // root directory - $newdirname = EMPTY_STR; $newalbumname = EMPTY_STR; $newstorepath = 'store/' . $c['channel_address'] . '/' . $resource_id; } @@ -2428,7 +2422,7 @@ function attach_move($channel_id, $resource_id, $new_folder_hash) { } } - $t = q("update attach set content = '%s', folder = '%s', filename = '%s' where id = %d", + q("update attach set content = '%s', folder = '%s', filename = '%s' where id = %d", dbescbin($newstorepath), dbesc($new_folder_hash), dbesc($filename), @@ -2438,7 +2432,7 @@ function attach_move($channel_id, $resource_id, $new_folder_hash) { $x = attach_syspaths($channel_id,$resource_id); - $t1 = q("update attach set os_path = '%s', display_path = '%s' where id = %d", + q("update attach set os_path = '%s', display_path = '%s' where id = %d", dbesc($x['os_path']), dbesc($x['path']), intval($r[0]['id']) @@ -2446,7 +2440,7 @@ function attach_move($channel_id, $resource_id, $new_folder_hash) { if($r[0]['is_photo']) { - $t = q("update photo set album = '%s', filename = '%s', os_path = '%s', display_path = '%s' + q("update photo set album = '%s', filename = '%s', os_path = '%s', display_path = '%s' where resource_id = '%s' and uid = %d", dbesc($newalbumname), dbesc($filename), @@ -2456,7 +2450,7 @@ function attach_move($channel_id, $resource_id, $new_folder_hash) { intval($channel_id) ); - $t = q("update photo set content = '%s' where resource_id = '%s' and uid = %d and imgscale = 0", + q("update photo set content = '%s' where resource_id = '%s' and uid = %d and imgscale = 0", dbescbin($newstorepath), dbesc($resource_id), intval($channel_id) @@ -2587,12 +2581,12 @@ function attach_upgrade() { foreach($r as $rv) { $x = attach_syspaths($rv['uid'],$rv['hash']); if($x) { - $w = q("update attach set os_path = '%s', display_path = '%s' where id = %d", + q("update attach set os_path = '%s', display_path = '%s' where id = %d", dbesc($x['os_path']), dbesc($x['path']), intval($rv['id']) ); - $y = q("update photo set os_path = '%s', display_path = '%s' where uid = %d and resource_id = '%s'", + q("update photo set os_path = '%s', display_path = '%s' where uid = %d and resource_id = '%s'", dbesc($x['os_path']), dbesc($x['path']), intval($rv['uid']), diff --git a/include/channel.php b/include/channel.php index f705ba4d2..7646de151 100644 --- a/include/channel.php +++ b/include/channel.php @@ -1439,7 +1439,7 @@ function profile_edit_menu($uid) { * @param boolean $show_connect (optional) default true * @param mixed $zcard (optional) default false * - * @return HTML string suitable for sidebar inclusion + * @return string (HTML) suitable for sidebar inclusion * Exceptions: Returns empty string if passed $profile is wrong type or not populated */ function profile_sidebar($profile, $block = 0, $show_connect = true, $zcard = false) { diff --git a/include/nav.php b/include/nav.php index 58e13dd93..9baadc9b2 100644 --- a/include/nav.php +++ b/include/nav.php @@ -42,6 +42,10 @@ function nav($template = 'default') { require_once('include/conversation.php'); + $nav_apps = []; + $navbar_apps = []; + $channel_apps = []; + $channel_apps[] = channel_apps($is_owner, App::$profile['channel_address']); @@ -378,16 +382,15 @@ function channel_apps($is_owner = false, $nickname = null) { if(App::$is_sys) return ''; - if(! get_pconfig($uid, 'system', 'channelapps','1')) - return ''; - $channel = App::get_channel(); if($channel && is_null($nickname)) $nickname = $channel['channel_address']; $uid = ((App::$profile['profile_uid']) ? App::$profile['profile_uid'] : local_channel()); - $account_id = ((App::$profile['profile_uid']) ? App::$profile['channel_account_id'] : App::$channel['channel_account_id']); + + if(! get_pconfig($uid, 'system', 'channelapps','1')) + return; if($uid == local_channel()) { return; diff --git a/include/taxonomy.php b/include/taxonomy.php index 46d95458c..b0304de5b 100644 --- a/include/taxonomy.php +++ b/include/taxonomy.php @@ -543,8 +543,6 @@ function article_catblock($uid,$count = 0,$authors = '',$owner = '', $flags = 0, function dir_tagblock($link,$r) { $o = ''; - $observer = get_observer_hash(); - if(! $r) $r = App::$data['directory_keywords']; diff --git a/include/text.php b/include/text.php index ec3eb7b10..41603f6e4 100644 --- a/include/text.php +++ b/include/text.php @@ -20,7 +20,7 @@ define('RANDOM_STRING_TEXT', 0x01 ); /** * @brief This is our template processor. * - * @param string|SmartyEngine $s the string requiring macro substitution, + * @param string SmartyEngine $s the string requiring macro substitution, * or an instance of SmartyEngine * @param array $r key value pairs (search => replace) * @@ -2550,15 +2550,6 @@ function design_tools() { */ function website_portation_tools() { - $channel = App::get_channel(); - $sys = false; - - if(App::$is_sys && is_site_admin()) { - require_once('include/channel.php'); - $channel = get_sys_channel(); - $sys = true; - } - return replace_macros(get_markup_template('website_portation_tools.tpl'), [ '$title' => t('Import'), '$import_label' => t('Import website...'), @@ -2726,7 +2717,6 @@ function handle_tag(&$body, &$str_tags, $profile_uid, $tag, $in_network = true) $name = substr($tag,(($exclusive) ? 2 : 1)); $newname = $name; // make a copy that we can mess with - $tagcid = 0; $r = null; @@ -2785,14 +2775,9 @@ function handle_tag(&$body, &$str_tags, $profile_uid, $tag, $in_network = true) } - - - - $fn_results = []; $access_tag = EMPTY_STR; - // $r is set if we found something if($r) { diff --git a/include/xchan.php b/include/xchan.php index 4cbfb42c5..4fcdf9fce 100644 --- a/include/xchan.php +++ b/include/xchan.php @@ -1,6 +1,7 @@ Date: Thu, 14 Mar 2019 21:18:17 -0700 Subject: [PATCH 02/22] email_header_encode() producing lines of illegal length because header field length was not considered in length calculation. --- include/network.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/include/network.php b/include/network.php index 12f2ad4e9..3e8134a32 100644 --- a/include/network.php +++ b/include/network.php @@ -874,13 +874,16 @@ function xml2array($contents, $namespaces = true, $get_attributes=1, $priority = } -function email_header_encode($in_str, $charset = 'UTF-8') { +function email_header_encode($in_str, $charset = 'UTF-8', $header = 'Subject') { + + $out_str = $in_str; $need_to_convert = false; for($x = 0; $x < strlen($in_str); $x ++) { if((ord($in_str[$x]) == 0) || ((ord($in_str[$x]) > 128))) { $need_to_convert = true; + break; } } @@ -896,7 +899,7 @@ function email_header_encode($in_str, $charset = 'UTF-8') { // determine length of encoded text within chunks // and ensure length is even - $length = 75 - strlen($start) - strlen($end); + $length = 75 - strlen($start) - strlen($end) - (strlen($header) + 2); /* [EDIT BY danbrown AT php DOT net: The following From 769dd174bd3d87fd3494537b4f9429454654584b Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Fri, 15 Mar 2019 23:10:17 +0100 Subject: [PATCH 03/22] fix dreport redeliver --- Zotlabs/Module/Dreport.php | 15 +++++++++------ view/tpl/dreport.tpl | 8 ++++---- 2 files changed, 13 insertions(+), 10 deletions(-) diff --git a/Zotlabs/Module/Dreport.php b/Zotlabs/Module/Dreport.php index 2c125b7a9..1538ea278 100644 --- a/Zotlabs/Module/Dreport.php +++ b/Zotlabs/Module/Dreport.php @@ -16,17 +16,20 @@ class Dreport extends \Zotlabs\Web\Controller { $channel = \App::get_channel(); $mid = ((argc() > 1) ? argv(1) : ''); + $encoded_mid = ''; - if(strpos($mid,'b64.') === 0) + if(strpos($mid,'b64.') === 0) { + $encoded_mid = $mid; $mid = @base64url_decode(substr($mid,4)); - - + } if($mid === 'push') { $table = 'push'; $mid = ((argc() > 2) ? argv(2) : ''); - if(strpos($mid,'b64.') === 0) + if(strpos($mid,'b64.') === 0) { + $encoded_mid = $mid; $mid = @base64url_decode(substr($mid,4)); + } if($mid) { $i = q("select id from item where mid = '%s' and uid = %d and ( author_xchan = '%s' or ( owner_xchan = '%s' and item_wall = 1 )) ", @@ -40,7 +43,7 @@ class Dreport extends \Zotlabs\Web\Controller { } } sleep(3); - goaway(z_root() . '/dreport/' . urlencode($mid)); + goaway(z_root() . '/dreport/' . (($encoded_mid) ? $encoded_mid : $mid)); } if($mid === 'mail') { @@ -158,7 +161,7 @@ class Dreport extends \Zotlabs\Web\Controller { $o = replace_macros(get_markup_template('dreport.tpl'), array( '$title' => sprintf( t('Delivery report for %1$s'),basename($mid)) . '...', '$table' => $table, - '$mid' => urlencode($mid), + '$mid' => (($encoded_mid) ? $encoded_mid : $mid), '$options' => t('Options'), '$push' => t('Redeliver'), '$entries' => $entries diff --git a/view/tpl/dreport.tpl b/view/tpl/dreport.tpl index 1f5915609..a6b05b326 100644 --- a/view/tpl/dreport.tpl +++ b/view/tpl/dreport.tpl @@ -3,11 +3,11 @@ {{if $table == 'item'}}
- +
+ {{$push}} +
{{/if}}

{{$title}}

From 3c701e780c31a497c8c81ad0a66221e90b6078a4 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sat, 16 Mar 2019 15:23:17 -0700 Subject: [PATCH 04/22] use the php_eol constant for encoded subjects --- Zotlabs/Module/Dreport.php | 1 + include/network.php | 2 +- view/tpl/dreport.tpl | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/Zotlabs/Module/Dreport.php b/Zotlabs/Module/Dreport.php index 2c125b7a9..e45f49d7c 100644 --- a/Zotlabs/Module/Dreport.php +++ b/Zotlabs/Module/Dreport.php @@ -159,6 +159,7 @@ class Dreport extends \Zotlabs\Web\Controller { '$title' => sprintf( t('Delivery report for %1$s'),basename($mid)) . '...', '$table' => $table, '$mid' => urlencode($mid), + '$safe_mid' => urlencode(gen_link_id($mid)), '$options' => t('Options'), '$push' => t('Redeliver'), '$entries' => $entries diff --git a/include/network.php b/include/network.php index 3e8134a32..4ef976df0 100644 --- a/include/network.php +++ b/include/network.php @@ -895,7 +895,7 @@ function email_header_encode($in_str, $charset = 'UTF-8', $header = 'Subject') { // define start delimimter, end delimiter and spacer $end = "?="; $start = "=?" . $charset . "?B?"; - $spacer = $end . "\r\n " . $start; + $spacer = $end . PHP_EOL . " " . $start; // determine length of encoded text within chunks // and ensure length is even diff --git a/view/tpl/dreport.tpl b/view/tpl/dreport.tpl index 1f5915609..8e52f33bc 100644 --- a/view/tpl/dreport.tpl +++ b/view/tpl/dreport.tpl @@ -6,7 +6,7 @@ {{/if}} From a976f418e35a8f4651441a952c8f4c037cb8d2f9 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sat, 16 Mar 2019 15:28:21 -0700 Subject: [PATCH 05/22] use php_eol for all mail header generation --- Zotlabs/Lib/Enotify.php | 24 ++++++++++++------------ include/network.php | 4 ++-- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/Zotlabs/Lib/Enotify.php b/Zotlabs/Lib/Enotify.php index 5e5798cac..a7082f45a 100644 --- a/Zotlabs/Lib/Enotify.php +++ b/Zotlabs/Lib/Enotify.php @@ -754,9 +754,9 @@ class Enotify { // generate a multipart/alternative message header $messageHeader = $params['additionalMailHeader'] . - "From: $fromName <{$params['fromEmail']}>\n" . - "Reply-To: $fromName <{$params['replyTo']}>\n" . - "MIME-Version: 1.0\n" . + "From: $fromName <{$params['fromEmail']}>" . PHP_EOL . + "Reply-To: $fromName <{$params['replyTo']}>" . PHP_EOL . + "MIME-Version: 1.0" . PHP_EOL . "Content-Type: multipart/alternative; boundary=\"{$mimeBoundary}\""; // assemble the final multipart message body with the text and html types included @@ -764,15 +764,15 @@ class Enotify { $htmlBody = chunk_split(base64_encode($params['htmlVersion'])); $multipartMessageBody = - "--" . $mimeBoundary . "\n" . // plain text section - "Content-Type: text/plain; charset=UTF-8\n" . - "Content-Transfer-Encoding: base64\n\n" . - $textBody . "\n" . - "--" . $mimeBoundary . "\n" . // text/html section - "Content-Type: text/html; charset=UTF-8\n" . - "Content-Transfer-Encoding: base64\n\n" . - $htmlBody . "\n" . - "--" . $mimeBoundary . "--\n"; // message ending + "--" . $mimeBoundary . PHP_EOL . // plain text section + "Content-Type: text/plain; charset=UTF-8" . PHP_EOL . + "Content-Transfer-Encoding: base64" . PHP_EOL . PHP_EOL . + $textBody . PHP_EOL . + "--" . $mimeBoundary . PHP_EOL . // text/html section + "Content-Type: text/html; charset=UTF-8" . PHP_EOL . + "Content-Transfer-Encoding: base64" . PHP_EOL . PHP_EOL . + $htmlBody . PHP_EOL . + "--" . $mimeBoundary . "--" . PHP_EOL; // message ending // send the message $res = mail( diff --git a/include/network.php b/include/network.php index 4ef976df0..c754625cd 100644 --- a/include/network.php +++ b/include/network.php @@ -1799,8 +1799,8 @@ function z_mail($params) { $messageHeader = $params['additionalMailHeader'] . - "From: $fromName <{$params['fromEmail']}>\n" . - "Reply-To: $fromName <{$params['replyTo']}>\n" . + "From: $fromName <{$params['fromEmail']}>" . PHP_EOL . + "Reply-To: $fromName <{$params['replyTo']}>" . PHP_EOL . "Content-Type: text/plain; charset=UTF-8"; // send the message From e123f7c743f2f13a25f2dd1e4fa3e0409faf7cad Mon Sep 17 00:00:00 2001 From: Mario Date: Sun, 17 Mar 2019 21:42:14 +0100 Subject: [PATCH 06/22] add phpmd and phpcs to require-dev --- composer.json | 4 +- composer.lock | 159 +++++++++++++++++++++++++- vendor/composer/autoload_classmap.php | 5 + vendor/composer/autoload_static.php | 5 + 4 files changed, 171 insertions(+), 2 deletions(-) diff --git a/composer.json b/composer.json index e6cefa241..cb14083f0 100644 --- a/composer.json +++ b/composer.json @@ -49,7 +49,9 @@ "behat/mink-extension": "@stable", "behat/mink-goutte-driver": "@stable", "php-mock/php-mock-phpunit": "@stable", - "phpunit/dbunit": "@stable" + "phpunit/dbunit": "@stable", + "phpmd/phpmd": "^2.6", + "squizlabs/php_codesniffer": "*" }, "autoload" : { "psr-4" : { diff --git a/composer.lock b/composer.lock index c4fba0975..2631b8dac 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "fe5e71d7076eeddf1c174be4a5c052dd", + "content-hash": "8da1fe9aabe6c20d116a21f63fff8ac2", "packages": [ { "name": "blueimp/jquery-file-upload", @@ -2038,6 +2038,46 @@ ], "time": "2018-06-11T23:09:50+00:00" }, + { + "name": "pdepend/pdepend", + "version": "2.5.2", + "source": { + "type": "git", + "url": "https://github.com/pdepend/pdepend.git", + "reference": "9daf26d0368d4a12bed1cacae1a9f3a6f0adf239" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/pdepend/pdepend/zipball/9daf26d0368d4a12bed1cacae1a9f3a6f0adf239", + "reference": "9daf26d0368d4a12bed1cacae1a9f3a6f0adf239", + "shasum": "" + }, + "require": { + "php": ">=5.3.7", + "symfony/config": "^2.3.0|^3|^4", + "symfony/dependency-injection": "^2.3.0|^3|^4", + "symfony/filesystem": "^2.3.0|^3|^4" + }, + "require-dev": { + "phpunit/phpunit": "^4.8|^5.7", + "squizlabs/php_codesniffer": "^2.0.0" + }, + "bin": [ + "src/bin/pdepend" + ], + "type": "library", + "autoload": { + "psr-4": { + "PDepend\\": "src/main/php/PDepend" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "description": "Official version of pdepend to be handled with Composer", + "time": "2017-12-13T13:21:38+00:00" + }, { "name": "phar-io/manifest", "version": "1.0.3", @@ -2460,6 +2500,72 @@ ], "time": "2017-07-14T14:27:02+00:00" }, + { + "name": "phpmd/phpmd", + "version": "2.6.0", + "source": { + "type": "git", + "url": "https://github.com/phpmd/phpmd.git", + "reference": "4e9924b2c157a3eb64395460fcf56b31badc8374" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/phpmd/phpmd/zipball/4e9924b2c157a3eb64395460fcf56b31badc8374", + "reference": "4e9924b2c157a3eb64395460fcf56b31badc8374", + "shasum": "" + }, + "require": { + "ext-xml": "*", + "pdepend/pdepend": "^2.5", + "php": ">=5.3.9" + }, + "require-dev": { + "phpunit/phpunit": "^4.0", + "squizlabs/php_codesniffer": "^2.0" + }, + "bin": [ + "src/bin/phpmd" + ], + "type": "project", + "autoload": { + "psr-0": { + "PHPMD\\": "src/main/php" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Manuel Pichler", + "email": "github@manuel-pichler.de", + "homepage": "https://github.com/manuelpichler", + "role": "Project Founder" + }, + { + "name": "Other contributors", + "homepage": "https://github.com/phpmd/phpmd/graphs/contributors", + "role": "Contributors" + }, + { + "name": "Marc Würth", + "email": "ravage@bluewin.ch", + "homepage": "https://github.com/ravage84", + "role": "Project Maintainer" + } + ], + "description": "PHPMD is a spin-off project of PHP Depend and aims to be a PHP equivalent of the well known Java tool PMD.", + "homepage": "http://phpmd.org/", + "keywords": [ + "mess detection", + "mess detector", + "pdepend", + "phpmd", + "pmd" + ], + "time": "2017-01-20T14:41:10+00:00" + }, { "name": "phpspec/prophecy", "version": "1.8.0", @@ -3614,6 +3720,57 @@ "homepage": "https://github.com/sebastianbergmann/version", "time": "2016-10-03T07:35:21+00:00" }, + { + "name": "squizlabs/php_codesniffer", + "version": "3.4.0", + "source": { + "type": "git", + "url": "https://github.com/squizlabs/PHP_CodeSniffer.git", + "reference": "379deb987e26c7cd103a7b387aea178baec96e48" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/squizlabs/PHP_CodeSniffer/zipball/379deb987e26c7cd103a7b387aea178baec96e48", + "reference": "379deb987e26c7cd103a7b387aea178baec96e48", + "shasum": "" + }, + "require": { + "ext-simplexml": "*", + "ext-tokenizer": "*", + "ext-xmlwriter": "*", + "php": ">=5.4.0" + }, + "require-dev": { + "phpunit/phpunit": "^4.0 || ^5.0 || ^6.0 || ^7.0" + }, + "bin": [ + "bin/phpcs", + "bin/phpcbf" + ], + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "3.x-dev" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Greg Sherwood", + "role": "lead" + } + ], + "description": "PHP_CodeSniffer tokenizes PHP, JavaScript and CSS files and detects violations of a defined set of coding standards.", + "homepage": "http://www.squizlabs.com/php-codesniffer", + "keywords": [ + "phpcs", + "standards" + ], + "time": "2018-12-19T23:57:18+00:00" + }, { "name": "symfony/browser-kit", "version": "v4.2.1", diff --git a/vendor/composer/autoload_classmap.php b/vendor/composer/autoload_classmap.php index de9c63bdc..64d0c0cfb 100644 --- a/vendor/composer/autoload_classmap.php +++ b/vendor/composer/autoload_classmap.php @@ -380,6 +380,9 @@ return array( 'Psr\\Log\\LoggerInterface' => $vendorDir . '/psr/log/Psr/Log/LoggerInterface.php', 'Psr\\Log\\LoggerTrait' => $vendorDir . '/psr/log/Psr/Log/LoggerTrait.php', 'Psr\\Log\\NullLogger' => $vendorDir . '/psr/log/Psr/Log/NullLogger.php', + 'Psr\\Log\\Test\\DummyTest' => $vendorDir . '/psr/log/Psr/Log/Test/LoggerInterfaceTest.php', + 'Psr\\Log\\Test\\LoggerInterfaceTest' => $vendorDir . '/psr/log/Psr/Log/Test/LoggerInterfaceTest.php', + 'Psr\\Log\\Test\\TestLogger' => $vendorDir . '/psr/log/Psr/Log/Test/TestLogger.php', 'Ramsey\\Uuid\\BinaryUtils' => $vendorDir . '/ramsey/uuid/src/BinaryUtils.php', 'Ramsey\\Uuid\\Builder\\DefaultUuidBuilder' => $vendorDir . '/ramsey/uuid/src/Builder/DefaultUuidBuilder.php', 'Ramsey\\Uuid\\Builder\\DegradedUuidBuilder' => $vendorDir . '/ramsey/uuid/src/Builder/DegradedUuidBuilder.php', @@ -882,6 +885,7 @@ return array( 'Zotlabs\\Lib\\Verify' => $baseDir . '/Zotlabs/Lib/Verify.php', 'Zotlabs\\Lib\\Webfinger' => $baseDir . '/Zotlabs/Lib/Webfinger.php', 'Zotlabs\\Lib\\XConfig' => $baseDir . '/Zotlabs/Lib/XConfig.php', + 'Zotlabs\\Lib\\ZotURL' => $baseDir . '/Zotlabs/Lib/ZotURL.php', 'Zotlabs\\Lib\\Zotfinger' => $baseDir . '/Zotlabs/Lib/Zotfinger.php', 'Zotlabs\\Module\\Achievements' => $baseDir . '/Zotlabs/Module/Achievements.php', 'Zotlabs\\Module\\Acl' => $baseDir . '/Zotlabs/Module/Acl.php', @@ -961,6 +965,7 @@ return array( 'Zotlabs\\Module\\Home' => $baseDir . '/Zotlabs/Module/Home.php', 'Zotlabs\\Module\\Hostxrd' => $baseDir . '/Zotlabs/Module/Hostxrd.php', 'Zotlabs\\Module\\Hq' => $baseDir . '/Zotlabs/Module/Hq.php', + 'Zotlabs\\Module\\Id' => $baseDir . '/Zotlabs/Module/Id.php', 'Zotlabs\\Module\\Impel' => $baseDir . '/Zotlabs/Module/Impel.php', 'Zotlabs\\Module\\Import' => $baseDir . '/Zotlabs/Module/Import.php', 'Zotlabs\\Module\\Import_items' => $baseDir . '/Zotlabs/Module/Import_items.php', diff --git a/vendor/composer/autoload_static.php b/vendor/composer/autoload_static.php index d4daa13e6..0c60181b1 100644 --- a/vendor/composer/autoload_static.php +++ b/vendor/composer/autoload_static.php @@ -548,6 +548,9 @@ class ComposerStaticInit7b34d7e50a62201ec5d5e526a5b8b35d 'Psr\\Log\\LoggerInterface' => __DIR__ . '/..' . '/psr/log/Psr/Log/LoggerInterface.php', 'Psr\\Log\\LoggerTrait' => __DIR__ . '/..' . '/psr/log/Psr/Log/LoggerTrait.php', 'Psr\\Log\\NullLogger' => __DIR__ . '/..' . '/psr/log/Psr/Log/NullLogger.php', + 'Psr\\Log\\Test\\DummyTest' => __DIR__ . '/..' . '/psr/log/Psr/Log/Test/LoggerInterfaceTest.php', + 'Psr\\Log\\Test\\LoggerInterfaceTest' => __DIR__ . '/..' . '/psr/log/Psr/Log/Test/LoggerInterfaceTest.php', + 'Psr\\Log\\Test\\TestLogger' => __DIR__ . '/..' . '/psr/log/Psr/Log/Test/TestLogger.php', 'Ramsey\\Uuid\\BinaryUtils' => __DIR__ . '/..' . '/ramsey/uuid/src/BinaryUtils.php', 'Ramsey\\Uuid\\Builder\\DefaultUuidBuilder' => __DIR__ . '/..' . '/ramsey/uuid/src/Builder/DefaultUuidBuilder.php', 'Ramsey\\Uuid\\Builder\\DegradedUuidBuilder' => __DIR__ . '/..' . '/ramsey/uuid/src/Builder/DegradedUuidBuilder.php', @@ -1050,6 +1053,7 @@ class ComposerStaticInit7b34d7e50a62201ec5d5e526a5b8b35d 'Zotlabs\\Lib\\Verify' => __DIR__ . '/../..' . '/Zotlabs/Lib/Verify.php', 'Zotlabs\\Lib\\Webfinger' => __DIR__ . '/../..' . '/Zotlabs/Lib/Webfinger.php', 'Zotlabs\\Lib\\XConfig' => __DIR__ . '/../..' . '/Zotlabs/Lib/XConfig.php', + 'Zotlabs\\Lib\\ZotURL' => __DIR__ . '/../..' . '/Zotlabs/Lib/ZotURL.php', 'Zotlabs\\Lib\\Zotfinger' => __DIR__ . '/../..' . '/Zotlabs/Lib/Zotfinger.php', 'Zotlabs\\Module\\Achievements' => __DIR__ . '/../..' . '/Zotlabs/Module/Achievements.php', 'Zotlabs\\Module\\Acl' => __DIR__ . '/../..' . '/Zotlabs/Module/Acl.php', @@ -1129,6 +1133,7 @@ class ComposerStaticInit7b34d7e50a62201ec5d5e526a5b8b35d 'Zotlabs\\Module\\Home' => __DIR__ . '/../..' . '/Zotlabs/Module/Home.php', 'Zotlabs\\Module\\Hostxrd' => __DIR__ . '/../..' . '/Zotlabs/Module/Hostxrd.php', 'Zotlabs\\Module\\Hq' => __DIR__ . '/../..' . '/Zotlabs/Module/Hq.php', + 'Zotlabs\\Module\\Id' => __DIR__ . '/../..' . '/Zotlabs/Module/Id.php', 'Zotlabs\\Module\\Impel' => __DIR__ . '/../..' . '/Zotlabs/Module/Impel.php', 'Zotlabs\\Module\\Import' => __DIR__ . '/../..' . '/Zotlabs/Module/Import.php', 'Zotlabs\\Module\\Import_items' => __DIR__ . '/../..' . '/Zotlabs/Module/Import_items.php', From 136b2ae37f36d0b772166f7c8fac5a27b4b8a4d3 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sun, 17 Mar 2019 15:49:01 -0700 Subject: [PATCH 07/22] calling unserialize on array in util/service_class --- util/service_class | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/util/service_class b/util/service_class index 50f01afff..b8a1f2386 100755 --- a/util/service_class +++ b/util/service_class @@ -93,7 +93,12 @@ if($argc == 1) { if(is_array(App::$config['service_class']) && App::$config['service_class']) { foreach(App::$config['service_class'] as $class=>$props) { echo "$class:\n"; - $d = unserialize($props); + + $d = ((! is_array($props)) && (preg_match('|^a:[0-9]+:{.*}$|s', $props)) + ? unserialize($props) + : $props + ); + if(is_array($d) && $d) { foreach($d as $k => $v) { echo "\t$k = $v\n"; From 026b96b8f2aebff50f594aa2a184a60a66cc3fd4 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sun, 17 Mar 2019 17:56:29 -0700 Subject: [PATCH 08/22] clone systems apps to the extent possible, auto-configure imagick thumbnail binary during setup if possible --- Zotlabs/Module/Import.php | 3 ++ Zotlabs/Module/Setup.php | 6 +++ include/channel.php | 12 ++++++ include/import.php | 88 ++++++++++++++++++++++++++++++++++++++- 4 files changed, 108 insertions(+), 1 deletion(-) diff --git a/Zotlabs/Module/Import.php b/Zotlabs/Module/Import.php index 0daf28aa9..9d047ed7b 100644 --- a/Zotlabs/Module/Import.php +++ b/Zotlabs/Module/Import.php @@ -472,6 +472,9 @@ class Import extends \Zotlabs\Web\Controller { if(is_array($data['app'])) import_apps($channel,$data['app']); + if(is_array($data['sysapp'])) + import_sysapps($channel,$data['sysapp']); + if(is_array($data['chatroom'])) import_chatrooms($channel,$data['chatroom']); diff --git a/Zotlabs/Module/Setup.php b/Zotlabs/Module/Setup.php index ce0538099..c809ff5ec 100644 --- a/Zotlabs/Module/Setup.php +++ b/Zotlabs/Module/Setup.php @@ -732,6 +732,12 @@ class Setup extends \Zotlabs\Web\Controller { // install the standard theme set_config('system', 'allowed_themes', 'redbasic'); + // if imagick converter is installed, use it + if(@is_executable('/usr/bin/convert')) { + set_config('system','imagick_convert_path','/usr/bin/convert'); + } + + // Set a lenient list of ciphers if using openssl. Other ssl engines // (e.g. NSS used in RedHat) require different syntax, so hopefully // the default curl cipher list will work for most sites. If not, diff --git a/include/channel.php b/include/channel.php index 7646de151..654bbdb05 100644 --- a/include/channel.php +++ b/include/channel.php @@ -948,6 +948,18 @@ function identity_basic_export($channel_id, $sections = null) { } $ret['app'] = $r; } + $r = q("select * from app where app_channel = %d and app_system = 1", + intval($channel_id) + ); + if($r) { + for($x = 0; $x < count($r); $x ++) { + $r[$x]['term'] = q("select * from term where otype = %d and oid = %d", + intval(TERM_OBJ_APP), + intval($r[$x]['id']) + ); + } + $ret['sysapp'] = $r; + } } if(in_array('chatrooms',$sections)) { diff --git a/include/import.php b/include/import.php index f391400bd..8d1a19202 100644 --- a/include/import.php +++ b/include/import.php @@ -147,7 +147,9 @@ function import_config($channel, $configs) { foreach($configs as $config) { unset($config['id']); $config['uid'] = $channel['channel_id']; - + if($config['cat'] === 'system' && $config['k'] === 'import_system_apps') { + continue; + } create_table_from_array('pconfig', $config); } @@ -364,6 +366,9 @@ function import_apps($channel, $apps) { if($channel && $apps) { foreach($apps as $app) { + if(array_key_exists('app_system',$app) && intval($app['app_system'])) + continue; + $term = ((array_key_exists('term',$app) && is_array($app['term'])) ? $app['term'] : null); unset($app['id']); @@ -413,6 +418,9 @@ function sync_apps($channel, $apps) { $exists = false; $term = ((array_key_exists('term',$app)) ? $app['term'] : null); + if(array_key_exists('app_system',$app) && intval($app['app_system'])) + continue; + $x = q("select * from app where app_id = '%s' and app_channel = %d limit 1", dbesc($app['app_id']), intval($channel['channel_id']) @@ -504,6 +512,84 @@ function sync_apps($channel, $apps) { } } + + +/** + * @brief Import system apps. + * System apps from the original server may not exist on this system + * (e.g. apps associated with addons that are not installed here). + * Check the system apps that were provided in the import file to see if they + * exist here and if so, install them locally. Preserve categories that + * might have been added by this channel on the other server. + * Do not use any paths from the original as they will point to a different server. + * @param array $channel + * @param array $apps + */ +function import_sysapps($channel, $apps) { + + if($channel && $apps) { + + $sysapps = \Zotlabs\Lib\Apps::get_system_apps(false); + + foreach($apps as $app) { + + if(array_key_exists('app_system',$app) && (! intval($app['app_system']))) + continue; + + $term = ((array_key_exists('term',$app) && is_array($app['term'])) ? $app['term'] : null); + + foreach($sysapps as $sysapp) { + if($app['app_id'] === hash('whirlpool',$sysapp['app_name'])) { + // install this app on this server + $newapp = $sysapp; + $newapp['uid'] = $channel['channel_id']; + $newapp['guid'] = hash('whirlpool',$newapp['name']); + + $installed = q("select id from app where app_id = '%s' and app_channel = %d limit 1", + dbesc($newapp['guid']), + intval($channel['channel_id']) + ); + if($installed) { + break; + } + + $newapp['system'] = 1; + if($term) { + $s = EMPTY_STR; + foreach($term as $t) { + if($s) { + $s .= ','; + } + $s .= $t['term']; + } + $newapp['categories'] = $s; + } + \Zotlabs\Lib\Apps::app_install($channel['channel_id'],$newapp); + } + } + } + } +} + +/** + * @brief Sync system apps. + * + * @param array $channel + * @param array $apps + */ +function sync_sysapps($channel, $apps) { + + if($channel && $apps) { + + // we do not currently sync system apps + + } +} + + + + + /** * @brief Import chatrooms. * From ea9925f489602529891c0ed468cf35117e7ef454 Mon Sep 17 00:00:00 2001 From: Zot Date: Mon, 18 Mar 2019 09:35:53 +0100 Subject: [PATCH 09/22] clone systems apps to the extent possible, auto-configure imagick thumbnail binary during setup if possible --- Zotlabs/Lib/Enotify.php | 24 +++++------ Zotlabs/Module/Dreport.php | 3 +- Zotlabs/Module/Import.php | 3 ++ Zotlabs/Module/Setup.php | 6 +++ include/channel.php | 12 ++++++ include/import.php | 88 +++++++++++++++++++++++++++++++++++++- include/network.php | 6 +-- util/service_class | 7 ++- view/tpl/dreport.tpl | 2 +- 9 files changed, 132 insertions(+), 19 deletions(-) diff --git a/Zotlabs/Lib/Enotify.php b/Zotlabs/Lib/Enotify.php index 5e5798cac..a7082f45a 100644 --- a/Zotlabs/Lib/Enotify.php +++ b/Zotlabs/Lib/Enotify.php @@ -754,9 +754,9 @@ class Enotify { // generate a multipart/alternative message header $messageHeader = $params['additionalMailHeader'] . - "From: $fromName <{$params['fromEmail']}>\n" . - "Reply-To: $fromName <{$params['replyTo']}>\n" . - "MIME-Version: 1.0\n" . + "From: $fromName <{$params['fromEmail']}>" . PHP_EOL . + "Reply-To: $fromName <{$params['replyTo']}>" . PHP_EOL . + "MIME-Version: 1.0" . PHP_EOL . "Content-Type: multipart/alternative; boundary=\"{$mimeBoundary}\""; // assemble the final multipart message body with the text and html types included @@ -764,15 +764,15 @@ class Enotify { $htmlBody = chunk_split(base64_encode($params['htmlVersion'])); $multipartMessageBody = - "--" . $mimeBoundary . "\n" . // plain text section - "Content-Type: text/plain; charset=UTF-8\n" . - "Content-Transfer-Encoding: base64\n\n" . - $textBody . "\n" . - "--" . $mimeBoundary . "\n" . // text/html section - "Content-Type: text/html; charset=UTF-8\n" . - "Content-Transfer-Encoding: base64\n\n" . - $htmlBody . "\n" . - "--" . $mimeBoundary . "--\n"; // message ending + "--" . $mimeBoundary . PHP_EOL . // plain text section + "Content-Type: text/plain; charset=UTF-8" . PHP_EOL . + "Content-Transfer-Encoding: base64" . PHP_EOL . PHP_EOL . + $textBody . PHP_EOL . + "--" . $mimeBoundary . PHP_EOL . // text/html section + "Content-Type: text/html; charset=UTF-8" . PHP_EOL . + "Content-Transfer-Encoding: base64" . PHP_EOL . PHP_EOL . + $htmlBody . PHP_EOL . + "--" . $mimeBoundary . "--" . PHP_EOL; // message ending // send the message $res = mail( diff --git a/Zotlabs/Module/Dreport.php b/Zotlabs/Module/Dreport.php index 1538ea278..0fc36dc29 100644 --- a/Zotlabs/Module/Dreport.php +++ b/Zotlabs/Module/Dreport.php @@ -161,7 +161,8 @@ class Dreport extends \Zotlabs\Web\Controller { $o = replace_macros(get_markup_template('dreport.tpl'), array( '$title' => sprintf( t('Delivery report for %1$s'),basename($mid)) . '...', '$table' => $table, - '$mid' => (($encoded_mid) ? $encoded_mid : $mid), + '$mid' => urlencode($mid), + '$safe_mid' => urlencode(gen_link_id($mid)), '$options' => t('Options'), '$push' => t('Redeliver'), '$entries' => $entries diff --git a/Zotlabs/Module/Import.php b/Zotlabs/Module/Import.php index 0daf28aa9..9d047ed7b 100644 --- a/Zotlabs/Module/Import.php +++ b/Zotlabs/Module/Import.php @@ -472,6 +472,9 @@ class Import extends \Zotlabs\Web\Controller { if(is_array($data['app'])) import_apps($channel,$data['app']); + if(is_array($data['sysapp'])) + import_sysapps($channel,$data['sysapp']); + if(is_array($data['chatroom'])) import_chatrooms($channel,$data['chatroom']); diff --git a/Zotlabs/Module/Setup.php b/Zotlabs/Module/Setup.php index ce0538099..c809ff5ec 100644 --- a/Zotlabs/Module/Setup.php +++ b/Zotlabs/Module/Setup.php @@ -732,6 +732,12 @@ class Setup extends \Zotlabs\Web\Controller { // install the standard theme set_config('system', 'allowed_themes', 'redbasic'); + // if imagick converter is installed, use it + if(@is_executable('/usr/bin/convert')) { + set_config('system','imagick_convert_path','/usr/bin/convert'); + } + + // Set a lenient list of ciphers if using openssl. Other ssl engines // (e.g. NSS used in RedHat) require different syntax, so hopefully // the default curl cipher list will work for most sites. If not, diff --git a/include/channel.php b/include/channel.php index 7646de151..654bbdb05 100644 --- a/include/channel.php +++ b/include/channel.php @@ -948,6 +948,18 @@ function identity_basic_export($channel_id, $sections = null) { } $ret['app'] = $r; } + $r = q("select * from app where app_channel = %d and app_system = 1", + intval($channel_id) + ); + if($r) { + for($x = 0; $x < count($r); $x ++) { + $r[$x]['term'] = q("select * from term where otype = %d and oid = %d", + intval(TERM_OBJ_APP), + intval($r[$x]['id']) + ); + } + $ret['sysapp'] = $r; + } } if(in_array('chatrooms',$sections)) { diff --git a/include/import.php b/include/import.php index f391400bd..8d1a19202 100644 --- a/include/import.php +++ b/include/import.php @@ -147,7 +147,9 @@ function import_config($channel, $configs) { foreach($configs as $config) { unset($config['id']); $config['uid'] = $channel['channel_id']; - + if($config['cat'] === 'system' && $config['k'] === 'import_system_apps') { + continue; + } create_table_from_array('pconfig', $config); } @@ -364,6 +366,9 @@ function import_apps($channel, $apps) { if($channel && $apps) { foreach($apps as $app) { + if(array_key_exists('app_system',$app) && intval($app['app_system'])) + continue; + $term = ((array_key_exists('term',$app) && is_array($app['term'])) ? $app['term'] : null); unset($app['id']); @@ -413,6 +418,9 @@ function sync_apps($channel, $apps) { $exists = false; $term = ((array_key_exists('term',$app)) ? $app['term'] : null); + if(array_key_exists('app_system',$app) && intval($app['app_system'])) + continue; + $x = q("select * from app where app_id = '%s' and app_channel = %d limit 1", dbesc($app['app_id']), intval($channel['channel_id']) @@ -504,6 +512,84 @@ function sync_apps($channel, $apps) { } } + + +/** + * @brief Import system apps. + * System apps from the original server may not exist on this system + * (e.g. apps associated with addons that are not installed here). + * Check the system apps that were provided in the import file to see if they + * exist here and if so, install them locally. Preserve categories that + * might have been added by this channel on the other server. + * Do not use any paths from the original as they will point to a different server. + * @param array $channel + * @param array $apps + */ +function import_sysapps($channel, $apps) { + + if($channel && $apps) { + + $sysapps = \Zotlabs\Lib\Apps::get_system_apps(false); + + foreach($apps as $app) { + + if(array_key_exists('app_system',$app) && (! intval($app['app_system']))) + continue; + + $term = ((array_key_exists('term',$app) && is_array($app['term'])) ? $app['term'] : null); + + foreach($sysapps as $sysapp) { + if($app['app_id'] === hash('whirlpool',$sysapp['app_name'])) { + // install this app on this server + $newapp = $sysapp; + $newapp['uid'] = $channel['channel_id']; + $newapp['guid'] = hash('whirlpool',$newapp['name']); + + $installed = q("select id from app where app_id = '%s' and app_channel = %d limit 1", + dbesc($newapp['guid']), + intval($channel['channel_id']) + ); + if($installed) { + break; + } + + $newapp['system'] = 1; + if($term) { + $s = EMPTY_STR; + foreach($term as $t) { + if($s) { + $s .= ','; + } + $s .= $t['term']; + } + $newapp['categories'] = $s; + } + \Zotlabs\Lib\Apps::app_install($channel['channel_id'],$newapp); + } + } + } + } +} + +/** + * @brief Sync system apps. + * + * @param array $channel + * @param array $apps + */ +function sync_sysapps($channel, $apps) { + + if($channel && $apps) { + + // we do not currently sync system apps + + } +} + + + + + /** * @brief Import chatrooms. * diff --git a/include/network.php b/include/network.php index 3e8134a32..c754625cd 100644 --- a/include/network.php +++ b/include/network.php @@ -895,7 +895,7 @@ function email_header_encode($in_str, $charset = 'UTF-8', $header = 'Subject') { // define start delimimter, end delimiter and spacer $end = "?="; $start = "=?" . $charset . "?B?"; - $spacer = $end . "\r\n " . $start; + $spacer = $end . PHP_EOL . " " . $start; // determine length of encoded text within chunks // and ensure length is even @@ -1799,8 +1799,8 @@ function z_mail($params) { $messageHeader = $params['additionalMailHeader'] . - "From: $fromName <{$params['fromEmail']}>\n" . - "Reply-To: $fromName <{$params['replyTo']}>\n" . + "From: $fromName <{$params['fromEmail']}>" . PHP_EOL . + "Reply-To: $fromName <{$params['replyTo']}>" . PHP_EOL . "Content-Type: text/plain; charset=UTF-8"; // send the message diff --git a/util/service_class b/util/service_class index 50f01afff..b8a1f2386 100755 --- a/util/service_class +++ b/util/service_class @@ -93,7 +93,12 @@ if($argc == 1) { if(is_array(App::$config['service_class']) && App::$config['service_class']) { foreach(App::$config['service_class'] as $class=>$props) { echo "$class:\n"; - $d = unserialize($props); + + $d = ((! is_array($props)) && (preg_match('|^a:[0-9]+:{.*}$|s', $props)) + ? unserialize($props) + : $props + ); + if(is_array($d) && $d) { foreach($d as $k => $v) { echo "\t$k = $v\n"; diff --git a/view/tpl/dreport.tpl b/view/tpl/dreport.tpl index a6b05b326..89188891d 100644 --- a/view/tpl/dreport.tpl +++ b/view/tpl/dreport.tpl @@ -6,7 +6,7 @@
- {{$push}} + {{$push}}
{{/if}} From a086745ec021add5638a0527d4e8e14835591e93 Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Mon, 18 Mar 2019 13:19:24 +0100 Subject: [PATCH 10/22] ENT_COMPAT will only take care of double-quotes. Use double-quotes here to prevent XSS --- Zotlabs/Module/Connections.php | 2 +- Zotlabs/Module/Directory.php | 2 +- Zotlabs/Module/Photos.php | 4 ++-- Zotlabs/Module/Viewconnections.php | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Zotlabs/Module/Connections.php b/Zotlabs/Module/Connections.php index 967e9521d..8e3730875 100644 --- a/Zotlabs/Module/Connections.php +++ b/Zotlabs/Module/Connections.php @@ -329,7 +329,7 @@ class Connections extends \Zotlabs\Web\Controller { killme(); } else { - $o .= ""; + $o .= ''; $o .= replace_macros(get_markup_template('connections.tpl'),array( '$header' => t('Connections') . (($head) ? ': ' . $head : ''), '$tabs' => $tabs, diff --git a/Zotlabs/Module/Directory.php b/Zotlabs/Module/Directory.php index c29fa8326..04bcb7f0a 100644 --- a/Zotlabs/Module/Directory.php +++ b/Zotlabs/Module/Directory.php @@ -399,7 +399,7 @@ class Directory extends \Zotlabs\Web\Controller { $dirtitle = (($globaldir) ? t('Global Directory') : t('Local Directory')); - $o .= ""; + $o .= ''; $o .= replace_macros($tpl, array( '$search' => $search, '$desc' => t('Find'), diff --git a/Zotlabs/Module/Photos.php b/Zotlabs/Module/Photos.php index a761dbd14..161141c3b 100644 --- a/Zotlabs/Module/Photos.php +++ b/Zotlabs/Module/Photos.php @@ -848,7 +848,7 @@ class Photos extends \Zotlabs\Web\Controller { killme(); } else { - $o .= ""; + $o .= ''; $tpl = get_markup_template('photo_album.tpl'); $o .= replace_macros($tpl, array( '$photos' => $photos, @@ -1396,7 +1396,7 @@ class Photos extends \Zotlabs\Web\Controller { killme(); } else { - $o .= ""; + $o .= ''; $tpl = get_markup_template('photos_recent.tpl'); $o .= replace_macros($tpl, array( '$title' => t('Recent Photos'), diff --git a/Zotlabs/Module/Viewconnections.php b/Zotlabs/Module/Viewconnections.php index 0a5e86907..14a5ccb86 100644 --- a/Zotlabs/Module/Viewconnections.php +++ b/Zotlabs/Module/Viewconnections.php @@ -107,7 +107,7 @@ class Viewconnections extends \Zotlabs\Web\Controller { killme(); } else { - $o .= ""; + $o .= ''; $tpl = get_markup_template("viewcontact_template.tpl"); $o .= replace_macros($tpl, array( '$title' => t('View Connections'), From 2ec3e4a912777501f232d6255fe8ba5d0c147eee Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Mon, 18 Mar 2019 13:29:08 +0100 Subject: [PATCH 11/22] use urlencode --- Zotlabs/Module/Connections.php | 2 +- Zotlabs/Module/Directory.php | 2 +- Zotlabs/Module/Photos.php | 4 ++-- Zotlabs/Module/Viewconnections.php | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Zotlabs/Module/Connections.php b/Zotlabs/Module/Connections.php index 8e3730875..6a93b3462 100644 --- a/Zotlabs/Module/Connections.php +++ b/Zotlabs/Module/Connections.php @@ -329,7 +329,7 @@ class Connections extends \Zotlabs\Web\Controller { killme(); } else { - $o .= ''; + $o .= ""; $o .= replace_macros(get_markup_template('connections.tpl'),array( '$header' => t('Connections') . (($head) ? ': ' . $head : ''), '$tabs' => $tabs, diff --git a/Zotlabs/Module/Directory.php b/Zotlabs/Module/Directory.php index 04bcb7f0a..5448a4816 100644 --- a/Zotlabs/Module/Directory.php +++ b/Zotlabs/Module/Directory.php @@ -399,7 +399,7 @@ class Directory extends \Zotlabs\Web\Controller { $dirtitle = (($globaldir) ? t('Global Directory') : t('Local Directory')); - $o .= ''; + $o .= ""; $o .= replace_macros($tpl, array( '$search' => $search, '$desc' => t('Find'), diff --git a/Zotlabs/Module/Photos.php b/Zotlabs/Module/Photos.php index 161141c3b..3a6d77f00 100644 --- a/Zotlabs/Module/Photos.php +++ b/Zotlabs/Module/Photos.php @@ -848,7 +848,7 @@ class Photos extends \Zotlabs\Web\Controller { killme(); } else { - $o .= ''; + $o .= ""; $tpl = get_markup_template('photo_album.tpl'); $o .= replace_macros($tpl, array( '$photos' => $photos, @@ -1396,7 +1396,7 @@ class Photos extends \Zotlabs\Web\Controller { killme(); } else { - $o .= ''; + $o .= ""; $tpl = get_markup_template('photos_recent.tpl'); $o .= replace_macros($tpl, array( '$title' => t('Recent Photos'), diff --git a/Zotlabs/Module/Viewconnections.php b/Zotlabs/Module/Viewconnections.php index 14a5ccb86..30df0b9e4 100644 --- a/Zotlabs/Module/Viewconnections.php +++ b/Zotlabs/Module/Viewconnections.php @@ -107,7 +107,7 @@ class Viewconnections extends \Zotlabs\Web\Controller { killme(); } else { - $o .= ''; + $o .= ""; $tpl = get_markup_template("viewcontact_template.tpl"); $o .= replace_macros($tpl, array( '$title' => t('View Connections'), From 968c6ed8be580c1098587738fefa27b31dc4f5ef Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Mon, 18 Mar 2019 21:30:25 +0100 Subject: [PATCH 12/22] some more xss prevention --- Zotlabs/Module/Channel.php | 4 ++-- Zotlabs/Module/Display.php | 2 +- Zotlabs/Module/Hq.php | 2 +- Zotlabs/Module/Network.php | 18 +++++++++--------- Zotlabs/Module/Pubstream.php | 6 +++--- 5 files changed, 16 insertions(+), 16 deletions(-) diff --git a/Zotlabs/Module/Channel.php b/Zotlabs/Module/Channel.php index 5fdefd805..65eaee408 100644 --- a/Zotlabs/Module/Channel.php +++ b/Zotlabs/Module/Channel.php @@ -414,12 +414,12 @@ class Channel extends Controller { '$page' => ((App::$pager['page'] != 1) ? App::$pager['page'] : 1), '$search' => $search, '$xchan' => '', - '$order' => $order, + '$order' => (($order) ? urlencode($order) : ''),, '$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0), '$file' => '', '$cats' => (($category) ? urlencode($category) : ''), '$tags' => (($hashtags) ? urlencode($hashtags) : ''), - '$mid' => $mid, + '$mid' => (($mid) ? urlencode($mid) : ''),, '$verb' => '', '$net' => '', '$dend' => $datequery, diff --git a/Zotlabs/Module/Display.php b/Zotlabs/Module/Display.php index 04e5f9fce..258aac556 100644 --- a/Zotlabs/Module/Display.php +++ b/Zotlabs/Module/Display.php @@ -233,7 +233,7 @@ class Display extends \Zotlabs\Web\Controller { '$dbegin' => '', '$verb' => '', '$net' => '', - '$mid' => $mid + '$mid' => (($mid) ? urlencode($mid) : '') )); head_add_link([ diff --git a/Zotlabs/Module/Hq.php b/Zotlabs/Module/Hq.php index 3535ac71a..848fe3e25 100644 --- a/Zotlabs/Module/Hq.php +++ b/Zotlabs/Module/Hq.php @@ -194,7 +194,7 @@ class Hq extends \Zotlabs\Web\Controller { '$dbegin' => '', '$verb' => '', '$net' => '', - '$mid' => $mid + '$mid' => (($mid) ? urlencode($mid) : '') ]); } diff --git a/Zotlabs/Module/Network.php b/Zotlabs/Module/Network.php index 2019082ed..1c16e34ef 100644 --- a/Zotlabs/Module/Network.php +++ b/Zotlabs/Module/Network.php @@ -368,19 +368,19 @@ class Network extends \Zotlabs\Web\Controller { '$static' => $static, '$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0), '$page' => ((App::$pager['page'] != 1) ? App::$pager['page'] : 1), - '$search' => (($search) ? $search : ''), - '$xchan' => $xchan, + '$search' => (($search) ? urlencode($search) : ''), + '$xchan' => (($xchan) ? urlencode($xchan) : ''), '$order' => $order, - '$file' => $file, - '$cats' => urlencode($category), - '$tags' => urlencode($hashtags), + '$file' => (($file) ? urlencode($file) : ''), + '$cats' => (($category) ? urlencode($category) : ''), + '$tags' => (($hashtags) ? urlencode($hashtags) : ''), '$dend' => $datequery, '$mid' => '', - '$verb' => $verb, - '$net' => $net, + '$verb' => (($verb) ? urlencode($verb) : ''), + '$net' => (($net) ? urlencode($net) : ''), '$dbegin' => $datequery2, - '$pf' => (($pf) ? $pf : '0'), - '$unseen' => $unseen + '$pf' => (($pf) ? intval($pf) : 0), + '$unseen' => (($unseen) ? urlencode($unseen) : '') )); } diff --git a/Zotlabs/Module/Pubstream.php b/Zotlabs/Module/Pubstream.php index 94df29984..84ac42f72 100644 --- a/Zotlabs/Module/Pubstream.php +++ b/Zotlabs/Module/Pubstream.php @@ -149,11 +149,11 @@ class Pubstream extends \Zotlabs\Web\Controller { '$order' => 'comment', '$file' => '', '$cats' => '', - '$tags' => $hashtags, + '$tags' => (($hashtags) ? urlencode($hashtags) : ''), '$dend' => '', - '$mid' => $mid, + '$mid' => (($mid) ? urlencode($mid) : ''), '$verb' => '', - '$net' => $net, + '$net' => (($net) ? urlencode($net) : ''), '$dbegin' => '' )); } From d486b030896d1b4d798dc3ea1806e492cdd4983a Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Mon, 18 Mar 2019 21:58:18 +0100 Subject: [PATCH 13/22] fix typos --- Zotlabs/Module/Channel.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Zotlabs/Module/Channel.php b/Zotlabs/Module/Channel.php index 65eaee408..d4ef94e06 100644 --- a/Zotlabs/Module/Channel.php +++ b/Zotlabs/Module/Channel.php @@ -414,12 +414,12 @@ class Channel extends Controller { '$page' => ((App::$pager['page'] != 1) ? App::$pager['page'] : 1), '$search' => $search, '$xchan' => '', - '$order' => (($order) ? urlencode($order) : ''),, + '$order' => (($order) ? urlencode($order) : ''), '$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0), '$file' => '', '$cats' => (($category) ? urlencode($category) : ''), '$tags' => (($hashtags) ? urlencode($hashtags) : ''), - '$mid' => (($mid) ? urlencode($mid) : ''),, + '$mid' => (($mid) ? urlencode($mid) : ''), '$verb' => '', '$net' => '', '$dend' => $datequery, From b028667de17a122d3255b8db285866c66fda9fcf Mon Sep 17 00:00:00 2001 From: zotlabs Date: Mon, 18 Mar 2019 19:09:12 -0700 Subject: [PATCH 14/22] messagefilter enhancements, fix edge case in unsupported advisory privacy --- Zotlabs/Lib/MessageFilter.php | 16 +++++++++++++++- include/zot.php | 8 ++++++-- 2 files changed, 21 insertions(+), 3 deletions(-) diff --git a/Zotlabs/Lib/MessageFilter.php b/Zotlabs/Lib/MessageFilter.php index eb0fc3d2c..750d6d424 100644 --- a/Zotlabs/Lib/MessageFilter.php +++ b/Zotlabs/Lib/MessageFilter.php @@ -19,7 +19,7 @@ class MessageFilter { $lang = null; - if((strpos($incl,'lang=') !== false) || (strpos($excl,'lang=') !== false)) { + if((strpos($incl,'lang=') !== false) || (strpos($excl,'lang=') !== false) || (strpos($incl,'lang!=') !== false) || (strpos($excl,'lang!=') !== false)) { $lang = detect_language($text); } @@ -39,10 +39,17 @@ class MessageFilter { if((($t['ttype'] == TERM_HASHTAG) || ($t['ttype'] == TERM_COMMUNITYTAG)) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*'))) return false; } + elseif(substr($word,0,1) === '$' && $tags) { + foreach($tags as $t) + if(($t['ttype'] == TERM_CATEGORY) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*'))) + return false; + } elseif((strpos($word,'/') === 0) && preg_match($word,$text)) return false; elseif((strpos($word,'lang=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,5))) == 0)) return false; + elseif((strpos($word,'lang!=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,6))) != 0)) + return false; elseif(stristr($text,$word) !== false) return false; } @@ -60,10 +67,17 @@ class MessageFilter { if((($t['ttype'] == TERM_HASHTAG) || ($t['ttype'] == TERM_COMMUNITYTAG)) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*'))) return true; } + elseif(substr($word,0,1) === '$' && $tags) { + foreach($tags as $t) + if(($t['ttype'] == TERM_CATEGORY) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*'))) + return true; + } elseif((strpos($word,'/') === 0) && preg_match($word,$text)) return true; elseif((strpos($word,'lang=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,5))) == 0)) return true; + elseif((strpos($word,'lang!=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,6))) != 0)) + return true; elseif(stristr($text,$word) !== false) return true; } diff --git a/include/zot.php b/include/zot.php index c9c01103c..227d82a13 100644 --- a/include/zot.php +++ b/include/zot.php @@ -1712,13 +1712,17 @@ function allowed_public_recips($msg) { $condensed_recips[] = $rr['hash']; $results = array(); - $r = q("select channel_hash as hash from channel left join abook on abook_channel = channel_id where abook_xchan = '%s' and channel_removed = 0 ", + $r = q("select channel_hash as hash, channel_id from channel left join abook on abook_channel = channel_id where abook_xchan = '%s' and channel_removed = 0 ", dbesc($hash) ); if($r) { - foreach($r as $rr) + foreach($r as $rr) { + $cfg = get_abconfig($rr['channel_id'],$rr['hash'],'their_perms','view_stream'); + if((! $cfg) && $scope !== 'any connections') + continue; if(in_array($rr['hash'],$condensed_recips)) $results[] = array('hash' => $rr['hash']); + } } return $results; } From 8e1f02281046d13d34a720ab5b3af7044b25fa6a Mon Sep 17 00:00:00 2001 From: zotlabs Date: Mon, 18 Mar 2019 20:41:59 -0700 Subject: [PATCH 15/22] share encoding issue between hz and zap --- Zotlabs/Lib/Activity.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Zotlabs/Lib/Activity.php b/Zotlabs/Lib/Activity.php index e5a8e0075..5b9d356bb 100644 --- a/Zotlabs/Lib/Activity.php +++ b/Zotlabs/Lib/Activity.php @@ -527,6 +527,10 @@ class Activity { else return []; + if(strpos($i['body'],'[/share]') !== false) { + $i['obj'] = null; + } + if($i['obj']) { if(! is_array($i['obj'])) { $i['obj'] = json_decode($i['obj'],true); From fad26a49beb9d067ad101798f4c0b2b15dcb035c Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Tue, 19 Mar 2019 10:52:10 +0100 Subject: [PATCH 16/22] mysql: remove some unused indices and add thr_parent index. pgsql: sync indices with mysql indices after testing on hub.disroot.org and add thr_parent --- Zotlabs/Update/_1231.php | 73 +++++++++++++++++++++++++++++++++++++ boot.php | 2 +- install/schema_mysql.sql | 7 +--- install/schema_postgres.sql | 32 +++++++--------- 4 files changed, 89 insertions(+), 25 deletions(-) create mode 100644 Zotlabs/Update/_1231.php diff --git a/Zotlabs/Update/_1231.php b/Zotlabs/Update/_1231.php new file mode 100644 index 000000000..a685c5b28 --- /dev/null +++ b/Zotlabs/Update/_1231.php @@ -0,0 +1,73 @@ + Date: Wed, 20 Mar 2019 03:17:01 +0100 Subject: [PATCH 17/22] Video --- include/bbcode.php | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/include/bbcode.php b/include/bbcode.php index 7531bd774..bc11241f3 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -117,6 +117,26 @@ function tryzrlvideo($match) { return ''; } +function videowithopts($match) { + $link = $match[2]; + $zrl = is_matrix_url($link); + if($zrl) + $link = zid($link); + + $attributes = $match[1]; + + $poster = ""; + + preg_match("/poster='(.*?)'/ism", $attributes, $matches); + if ($matches[1] != "") + $poster = 'poster="' . (($zrl) ? zid($matches[1]) : $matches[1]) . '"'; + + return ''; +} + + + + // [noparse][i]italic[/i][/noparse] turns into // [noparse][ i ]italic[ /i ][/noparse], // to hide them from parser. @@ -1251,12 +1271,14 @@ function bbcode($Text, $options = []) { // html5 video and audio if (strpos($Text,'[/video]') !== false) { + $Text = preg_replace_callback("/\[video (.*?)\](.*?\.(ogg|ogv|oga|ogm|webm|mp4|mpeg|mpg))\[\/video\]/ism", 'videowithopts', $Text); $Text = preg_replace_callback("/\[video\](.*?\.(ogg|ogv|oga|ogm|webm|mp4|mpeg|mpg))\[\/video\]/ism", 'tryzrlvideo', $Text); } if (strpos($Text,'[/audio]') !== false) { $Text = preg_replace_callback("/\[audio\](.*?\.(ogg|ogv|oga|ogm|webm|mp4|mp3|opus|m4a))\[\/audio\]/ism", 'tryzrlaudio', $Text); } if (strpos($Text,'[/zvideo]') !== false) { + $Text = preg_replace_callback("/\[zvideo (.*?)\](.*?\.(ogg|ogv|oga|ogm|webm|mp4|mpeg|mpg))\[\/zvideo\]/ism", 'videowithopts', $Text); $Text = preg_replace_callback("/\[zvideo\](.*?\.(ogg|ogv|oga|ogm|webm|mp4|mpeg|mpg))\[\/zvideo\]/ism", 'tryzrlvideo', $Text); } if (strpos($Text,'[/zaudio]') !== false) { From b2b776169b147377b443ec26b2757b43a5f71fc1 Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Wed, 20 Mar 2019 14:02:18 +0100 Subject: [PATCH 18/22] just whitespace to trigger a new build test --- include/bbcode.php | 1 - 1 file changed, 1 deletion(-) diff --git a/include/bbcode.php b/include/bbcode.php index bc11241f3..36f943e46 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -1382,4 +1382,3 @@ function bbcode($Text, $options = []) { return $Text; } - From 75c3bda8665b78b9a44863b87c08d4f9e8a5b547 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 20 Mar 2019 16:09:34 -0700 Subject: [PATCH 19/22] hubzilla core issue #1356 , permissions not getting decrypted on follow --- include/follow.php | 1 + 1 file changed, 1 insertion(+) diff --git a/include/follow.php b/include/follow.php index db77a0160..1b35f1b32 100644 --- a/include/follow.php +++ b/include/follow.php @@ -119,6 +119,7 @@ function new_contact($uid,$url,$channel,$interactive = false, $confirm = false) if( array_key_exists('permissions',$j) && array_key_exists('data',$j['permissions'])) { $permissions = crypto_unencapsulate(array( 'data' => $j['permissions']['data'], + 'alg' => $j['permissions']['alg'], 'key' => $j['permissions']['key'], 'iv' => $j['permissions']['iv']), $channel['channel_prvkey']); From 322bc5dc87cebeeae470e11f011d363520ac4ed2 Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Thu, 21 Mar 2019 09:37:23 +0100 Subject: [PATCH 20/22] another whitespace to trigger tests --- include/nav.php | 1 - 1 file changed, 1 deletion(-) diff --git a/include/nav.php b/include/nav.php index 9baadc9b2..3e1acd306 100644 --- a/include/nav.php +++ b/include/nav.php @@ -183,7 +183,6 @@ function nav($template = 'default') { $search_form_action = 'search'; } - $nav['search'] = ['search', t('Search'), "", t('Search site @name, !forum, #tag, ?docs, content'), $search_form_action]; /** From aab515b16c99543ae173c41a2d62f160353cc0cf Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Thu, 21 Mar 2019 11:01:01 +0100 Subject: [PATCH 21/22] optimize autoload cache and update changelog --- CHANGELOG | 30 +++++++++++++++++++++++++++ vendor/composer/autoload_classmap.php | 4 +--- vendor/composer/autoload_static.php | 4 +--- 3 files changed, 32 insertions(+), 6 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index 0a57efa9d..eeba6c6d8 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,3 +1,33 @@ +Hubzilla 4.0.1 (2019-03-21) + - Fix permissions not getting decrypted on follow + - Add option to add a poster to the video bbcode + - Fix SQL performance issue with queries including thr_parent + - Fix share encoding issue between hz and zap + - Fix edge case in unsupported advisory privacy + - Messagefilter enhancements + - Fix XSS issues + - Clone systems apps to the extent possible + - Auto-configure imagick thumbnail binary during setup if possible + - Fix array not unserialized in util/service_class + - Add phpmd and phpcs to composer require-dev for code linting + - Fix issue with email encoding + - Fix signature issue for zot6 content imported from zotfeeds to hubzilla + - Find unregistered z6 clones on hubzilla sites + - Add zot6 to clonable networks + - Add owner permission checks to AS item fetch + - Perform zot6 discovery in import_author_xchan + - Fix authenticated fetches + - Port zot_record_preferred() from zap + + Addons: + - Pubcrawl: deliver comments to abook contacts and thread participants + - Pubcrawl: fix can_comment_on_post() + - Deliverynotice: do not save empty postopts + - Gravatar: fix URL and use z_fetch_url() + - Pubcrawl: improve SQL queries in pubcrawl_item_mod_init() + - Pubcrawl: fix authenticated item fetch + + Hubzilla 4.0 (2019-03-08) - Add CURLOPT_CONNECTTIMEOUT option - Allow parameters as final path argument in API router diff --git a/vendor/composer/autoload_classmap.php b/vendor/composer/autoload_classmap.php index 64d0c0cfb..ba7b1d85c 100644 --- a/vendor/composer/autoload_classmap.php +++ b/vendor/composer/autoload_classmap.php @@ -380,9 +380,6 @@ return array( 'Psr\\Log\\LoggerInterface' => $vendorDir . '/psr/log/Psr/Log/LoggerInterface.php', 'Psr\\Log\\LoggerTrait' => $vendorDir . '/psr/log/Psr/Log/LoggerTrait.php', 'Psr\\Log\\NullLogger' => $vendorDir . '/psr/log/Psr/Log/NullLogger.php', - 'Psr\\Log\\Test\\DummyTest' => $vendorDir . '/psr/log/Psr/Log/Test/LoggerInterfaceTest.php', - 'Psr\\Log\\Test\\LoggerInterfaceTest' => $vendorDir . '/psr/log/Psr/Log/Test/LoggerInterfaceTest.php', - 'Psr\\Log\\Test\\TestLogger' => $vendorDir . '/psr/log/Psr/Log/Test/TestLogger.php', 'Ramsey\\Uuid\\BinaryUtils' => $vendorDir . '/ramsey/uuid/src/BinaryUtils.php', 'Ramsey\\Uuid\\Builder\\DefaultUuidBuilder' => $vendorDir . '/ramsey/uuid/src/Builder/DefaultUuidBuilder.php', 'Ramsey\\Uuid\\Builder\\DegradedUuidBuilder' => $vendorDir . '/ramsey/uuid/src/Builder/DegradedUuidBuilder.php', @@ -1354,6 +1351,7 @@ return array( 'Zotlabs\\Update\\_1228' => $baseDir . '/Zotlabs/Update/_1228.php', 'Zotlabs\\Update\\_1229' => $baseDir . '/Zotlabs/Update/_1229.php', 'Zotlabs\\Update\\_1230' => $baseDir . '/Zotlabs/Update/_1230.php', + 'Zotlabs\\Update\\_1231' => $baseDir . '/Zotlabs/Update/_1231.php', 'Zotlabs\\Web\\Controller' => $baseDir . '/Zotlabs/Web/Controller.php', 'Zotlabs\\Web\\HTTPHeaders' => $baseDir . '/Zotlabs/Web/HTTPHeaders.php', 'Zotlabs\\Web\\HTTPSig' => $baseDir . '/Zotlabs/Web/HTTPSig.php', diff --git a/vendor/composer/autoload_static.php b/vendor/composer/autoload_static.php index 0c60181b1..37a73de45 100644 --- a/vendor/composer/autoload_static.php +++ b/vendor/composer/autoload_static.php @@ -548,9 +548,6 @@ class ComposerStaticInit7b34d7e50a62201ec5d5e526a5b8b35d 'Psr\\Log\\LoggerInterface' => __DIR__ . '/..' . '/psr/log/Psr/Log/LoggerInterface.php', 'Psr\\Log\\LoggerTrait' => __DIR__ . '/..' . '/psr/log/Psr/Log/LoggerTrait.php', 'Psr\\Log\\NullLogger' => __DIR__ . '/..' . '/psr/log/Psr/Log/NullLogger.php', - 'Psr\\Log\\Test\\DummyTest' => __DIR__ . '/..' . '/psr/log/Psr/Log/Test/LoggerInterfaceTest.php', - 'Psr\\Log\\Test\\LoggerInterfaceTest' => __DIR__ . '/..' . '/psr/log/Psr/Log/Test/LoggerInterfaceTest.php', - 'Psr\\Log\\Test\\TestLogger' => __DIR__ . '/..' . '/psr/log/Psr/Log/Test/TestLogger.php', 'Ramsey\\Uuid\\BinaryUtils' => __DIR__ . '/..' . '/ramsey/uuid/src/BinaryUtils.php', 'Ramsey\\Uuid\\Builder\\DefaultUuidBuilder' => __DIR__ . '/..' . '/ramsey/uuid/src/Builder/DefaultUuidBuilder.php', 'Ramsey\\Uuid\\Builder\\DegradedUuidBuilder' => __DIR__ . '/..' . '/ramsey/uuid/src/Builder/DegradedUuidBuilder.php', @@ -1522,6 +1519,7 @@ class ComposerStaticInit7b34d7e50a62201ec5d5e526a5b8b35d 'Zotlabs\\Update\\_1228' => __DIR__ . '/../..' . '/Zotlabs/Update/_1228.php', 'Zotlabs\\Update\\_1229' => __DIR__ . '/../..' . '/Zotlabs/Update/_1229.php', 'Zotlabs\\Update\\_1230' => __DIR__ . '/../..' . '/Zotlabs/Update/_1230.php', + 'Zotlabs\\Update\\_1231' => __DIR__ . '/../..' . '/Zotlabs/Update/_1231.php', 'Zotlabs\\Web\\Controller' => __DIR__ . '/../..' . '/Zotlabs/Web/Controller.php', 'Zotlabs\\Web\\HTTPHeaders' => __DIR__ . '/../..' . '/Zotlabs/Web/HTTPHeaders.php', 'Zotlabs\\Web\\HTTPSig' => __DIR__ . '/../..' . '/Zotlabs/Web/HTTPSig.php', From 9b696a872bf8712875dc0851b1873ec3353591be Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Thu, 21 Mar 2019 11:01:57 +0100 Subject: [PATCH 22/22] bump version --- boot.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/boot.php b/boot.php index cf421c1b4..118443df9 100755 --- a/boot.php +++ b/boot.php @@ -50,7 +50,7 @@ require_once('include/attach.php'); require_once('include/bbcode.php'); define ( 'PLATFORM_NAME', 'hubzilla' ); -define ( 'STD_VERSION', '4.1' ); +define ( 'STD_VERSION', '4.1.1' ); define ( 'ZOT_REVISION', '6.0a' ); define ( 'DB_UPDATE_VERSION', 1231 );