Hubzilla 2.0

Continuing to revise and rearrange content for clarity and reduced redundancy.

.gitignore

@@ -60,11 +60,13 @@ nbproject/
 .idea/
 
 
-# composer files (at the moment composer is not officially supported and only used to add SabreDAV, we should add these)
-composer.* 
-
-# When we include composer we should exclude vendor/
+## composer
+# locally installed composer binary
+composer.phar
+# vendor/ is managed by composer, no need to include in our repository
+# requires new deployment and needs discussion first
 #vendor/
-# Exclude at least some vendor test files, examples, etc.
-vendor/sabre/*/tests/
+# Exclude at least some vendor test files, examples, etc. so far
+vendor/**/tests/
+vendor/**/Test/
 vendor/sabre/*/examples/

.travis.yml

@@ -5,10 +5,6 @@ language: php
 php:
   # using major version aliases
 
-  # aliased to a recent 5.4.x version
-  - 5.4
-  # aliased to a recent 5.5.x version
-  - 5.5
   # aliased to a recent 5.6.x version
   - 5.6
   # aliased to a recent 7.x version
@@ -27,7 +23,6 @@ matrix:
 #    - php: hhvm
 #      env: DB=pgsql  # PDO driver for pgsql is unsupported by HHVM (3rd party install for support)
   allow_failures:
-    - php: 7.0
     - php: hhvm
 
 # execute any number of scripts before the test run, custom env's are available as variables
@@ -36,11 +31,14 @@ matrix:
 #  - if [[ "$DB" == "pgsql" ]]; then psql -c "create database hello_world_test;" -U postgres; fi
 #  - if [[ "$DB" == "mysql" ]]; then mysql -e "create database IF NOT EXISTS hello_world_test;" -uroot; fi
 
+install:
+  - composer require phpunit/phpunit
+
 # omitting "script:" will default to phpunit
 # use the $DB env variable to determine the phpunit.xml to use
-script: phpunit  tests/*php
+script: vendor/bin/phpunit  tests/unit/
 
 # configure notifications (email, IRC, campfire etc)
 notifications:
 #  irc: "irc.freenode.org#yourfavouriteroomfortravis"
-# a plugin/script to post to a hubzilla channel would be neat here
+# a plugin/script to post to a hubzilla channel would be neat here

CHANGELOG

@@ -1,3 +1,99 @@
+Hubzilla 2.0 (2016-12-23)
+	- Deprecate bb_iframe
+	- Note widget: resize the textarea to reveal full content
+	- Implement fixed left aside
+	- Implement lockview for wikilist
+	- Simplify wikilist widget
+	- Router error reporting
+	- Setup changes to check for shell_exec and exec functions
+	- Extensible permissions upgrade handling for channels with custom permission roles
+	- Allow plugins to cancel item_store() and item_store_update()
+	- ZOT version 1.2 provides negotiation of cryptographic algorithms
+	- Provide a fresh new look and cleaner layout and more relevant information to siteinfo
+	- Introduce highlight bbcode [hl]
+	- Implement wiki mimetypes markdown or bbcode
+	- Doc pages refactoring
+	- Update webpages and wiki context help
+	- Make a git commit when a new wiki page is created
+	- Prev-next navigation for mod_connedit to ease bulk connection edits
+	- Move the remote user homebutton to the user menu
+	- Do not render maps/locations for Diaspora destinations
+	- Provide 'per-page' caching for is_matrix_url() results to reduce duplicate queries
+	- Don't send notification for posts/comments on old conversations that were refetched after having expired
+	- Numerous wiki UI improvements
+	- Move twitter api to addon
+	- Cleanup and re-organise the voting and attendance buttons
+	- Reorganise emoticons
+	- Collapse navbar-collapse-1 if avatar menu is clicked.
+	- New display setting: static page update as opposed to live update
+	- Command line administrative channel connect utility
+	- Modernise chanview
+	- Implement edit activities to share post/comment edits with protocols which do not support them (e.g. Diaspora)
+	- Wiki export
+	- Numerous postgres compatibility fixes
+	- Remove requirement that imported profile photos be in the profile photos album
+	- Change event behaviour - share by default.
+	- Use PDO database driver exclusively (deprecate drivers that are separately maintained)
+	- Zot API re-write and extended
+
+	Bugfixes
+	- Fix z_fetch_url() incorrect variable
+	- Fix SQL error with app categories
+	- Fix do not show revert buttons if we do not have write perms
+	- Fix dropdown positions
+	- Fix do not increase opacity to more than 1
+	- Fix clone sync missing for some item delete operations
+	- Fix embed-image for fullscreen mode
+	- Fix attach_list_files()
+	- Fix full screen for embedded videos
+	- Fix the forum widget for forums with custom perms
+	- Fix issue #607 parens not recognised inside urls
+	- Fix pubsites: don't list dead sites
+	- Fix issue #596 silence headers already sent warning
+	- Fix missing plugins in zot-info
+	- Fix notification issue
+	- Fix issue #594 like of thing appears as profile owner like
+	- Fix export issue
+	- Fix checklist bbcode - only turn [] and [x] into checkboxes if it is found inside a checklist
+	- Fix wiki permissions issues
+	- Fix public calendar leaks connection information (birthdays) when view_contacts is not allowed
+	- Fix attach_rename: flaw in duplicate filename detection resulted in filename(1)(1)(1).ext
+	- Fix a fatal error with incorrect DB object access
+	- Provide /locs link on settings page if there is more than one hubloc for this channnel *that isn't deleted*.
+	- Fix issue #577 if connecting to a channel that is already pending, undo the pending and set connect permissions accordingly
+	- Fix issue #575, when 'nofinish' is set on an event, invalid date was generated/stored
+	- Fix bbcode event formatting issue
+	- Fix zot_finger from navbar people search looping
+	- Fix fromStandalonePermission()
+
+	Plugins
+	- GNU Social: removed from addons for security reasons - it might be re-implemented once it is properly reviewed
+	- Diaspora: missing item author when diaspora public comment received from relay
+	- Superblock: refactoring
+	- New addon: tripleaes for pro
+	- Cdav:  "if not exists" only supported starting with postgresql v. 9.5 debian stable has 9.4
+	- Rendezvous: added markers and members export tool at /rendezvous/[group_id]/export/{markers,members}
+	- Twitter: move twitter api to addon
+	- New addon: b2tbtn (back to top button)
+	- Diaspora: import public diaspora messages to sys if applicable
+	- Diaspora: try and handle singletons better and simplify the associated notifier decisions
+	- Rendezvous: add proximity alert feature to members to issue notification when member is within a specified distance.
+	- New addon: diaspora_reconnect to refriend diaspora/friendica connections from a clone or channel move
+	- Diaspora: change the logic for deciding between upstream and downstream message flow for notifier plugins
+	- Rendezvous: prompt member to share their location by activating the GPS control using a tooltip and pulsing visibility
+	- statistics_json: fix nodeinfo
+	- Rendezvous: restored the lost gps-icon.png and corrected the OpenStreetMap tile server URL to avoid insecure content warnings
+	- Rendezvous: use observer name if available
+	- std_embeds: missing backslash
+	- Diaspora: postgres fixes issue #31
+	- Rendezvous: added marker list with centering buttons and popup open.
+	- Rendezvous: added control to see list of members sharing their location, with buttons to pan the map to center them
+	- Diaspora: system level diaspora toggle
+	- Rendezvous: added control that displays members.
+	- Diaspora: rename diaspora2bb() to markdown_to_bb() in core
+	- Hubwall: remove illegal unescaped angle chars
+	- Rendezvous: Add control to delete member if not updated in over 14 minutes
+
 Hubzilla 1.14 (2016-10-13)
 	- New hook bbcode_filter
 	- Unify the various mail sending instance to enotify::send() and z_mail()

Zotlabs/Access/PermissionRoles.php

@@ -7,6 +7,9 @@ use Zotlabs\Lib as Zlib;
 
 class PermissionRoles {
 
+	static public function version() {
+		return 1;
+	}
 
 	static function role_perms($role) {
 
@@ -160,6 +163,7 @@ class PermissionRoles {
 				$ret['limits'] = PermissionLimits::Std_Limits();
 				break;
 
+			case 'custom':
 			default:
 				break;
 		}
@@ -174,7 +178,48 @@ class PermissionRoles {
 		return $ret;
 	}
 
+	static public function new_custom_perms($uid,$perm,$abooks) {
 
+		// set permissionlimits for this permission here, for example:
+
+		// if($perm === 'mynewperm')
+		//     \Zotlabs\Access\PermissionLimits::Set($uid,$perm,1);
+
+
+		// set autoperms here if applicable
+		// choices are to set to 0, 1, or the value of an existing perm
+
+		if(get_pconfig($uid,'system','autoperms')) {
+
+			$c = channelx_by_n($uid);
+			$value = 0;
+
+			// if($perm === 'mynewperm')
+			//	 $value = get_abconfig($uid,$c['channel_hash'],'autoperms','someexistingperm'));
+
+			if($c) {
+				set_abconfig($uid,$c['channel_hash'],'autoperms',$perm,$value);
+			}
+
+
+		}
+
+		// now set something for all existing connections.
+
+		if($abooks) {
+			foreach($abooks as $ab) {
+				switch($perm) {
+					// case 'mynewperm':
+					// choices are to set to 1, set to 0, or clone an existing perm
+					// set_abconfig($uid,$ab['abook_xchan'],'my_perms',$perm,
+					//		get_abconfig($uid,$ab['abook_xchan'],'my_perms','someexistingperm'));
+					
+					default:
+						break;
+				}
+			}
+		}
+	}
 
 
 	static public function roles() {

Zotlabs/Access/Permissions.php

@@ -10,9 +10,20 @@ class Permissions {
 	/**
 	 * Extensible permissions.
 	 * To add new permissions, add to the list of $perms below, with a simple description.
+	 *
 	 * Also visit PermissionRoles.php and add to the $ret['perms_connect'] property for any role
 	 * if this permission should be granted to new connections.
 	 *
+	 * Next look at PermissionRoles::new_custom_perms() and provide a handler for updating custom 
+	 * permission roles. You will want to set a default PermissionLimit for each channel and also
+	 * provide a sane default for any existing connections. You may or may not wish to provide a
+	 * default auto permission. If in doubt, leave this alone as custom permissions by definition
+	 * are the responsbility of the channel owner to manage. You just don't want to create any 
+	 * suprises or break things so you have an opportunity to provide sane settings. 
+	 *
+	 * Update the version here and in PermissionRoles
+	 *
+	 *
 	 * Permissions with 'view' in the name are considered read permissions. Anything
 	 * else requires authentication. Read permission limits are PERMS_PUBLIC and anything else
 	 * is given PERMS_SPECIFIC.
@@ -23,6 +34,11 @@ class Permissions {
 	 *
 	 */
 
+	static public function version() {
+		// This must match the version in PermissionRoles.php before permission updates can run.
+		return 1;
+	}
+
 
 	static public function Perms($filter = '') {
 

Zotlabs/Daemon/Master.php

@@ -24,8 +24,7 @@ class Master {
 	static public function Release($argc,$argv) {
 		cli_startup();
 		logger('Master: release: ' . print_r($argv,true), LOGGER_ALL,LOG_DEBUG);
-		require_once('Zotlabs/Daemon/' . $argv[0] . '.php');
 		$cls = '\\Zotlabs\\Daemon\\' . $argv[0];
 		$cls::run($argc,$argv);
 	}	
-}
+}

Zotlabs/Daemon/Notifier.php

@@ -4,6 +4,7 @@ namespace Zotlabs\Daemon;
 
 require_once('include/queue_fn.php');
 require_once('include/html2plain.php');
+require_once('include/conversation.php');
 
 /*
  * This file was at one time responsible for doing all deliveries, but this caused
@@ -120,7 +121,7 @@ class Notifier {
 			$normal_mode = false;
 			$mail = true;
 			$private = true;
-			$message = q("SELECT * FROM `mail` WHERE `id` = %d LIMIT 1",
+			$message = q("SELECT * FROM mail WHERE id = %d LIMIT 1",
 					intval($item_id)
 			);
 			if(! $message) {
@@ -371,12 +372,13 @@ class Notifier {
 				if(! $encoded_item['flags'])
 					$encoded_item['flags'] = array();
 				$encoded_item['flags'][] = 'relay';
+				$upstream = true;
 			}
 			else {
 				logger('notifier: normal distribution', LOGGER_DEBUG);
 				if($cmd === 'relay')
 					logger('notifier: owner relay');
-
+				$upstream = false;
 				// if our parent is a tag_delivery recipient, uplink to the original author causing
 				// a delivery fork. 
 	
@@ -445,6 +447,7 @@ class Notifier {
 
 		$narr = array(
 			'channel' => $channel,
+			'upstream' => $upstream,
 			'env_recips' => $env_recips,
 			'packet_recips' => $packet_recips,
 			'recipients' => $recipients,
@@ -488,7 +491,7 @@ class Notifier {
 		// Now we have collected recipients (except for external mentions, FIXME)
 		// Let's reduce this to a set of hubs.
 
-		$r = q("select * from hubloc where hubloc_hash in (" . implode(',',$recipients) . ") 
+		$r = q("select hubloc.*, site.site_crypto from hubloc left join site on site_url = hubloc_url where hubloc_hash in (" . implode(',',$recipients) . ") 
 			and hubloc_error = 0 and hubloc_deleted = 0"
 		);		
  
@@ -546,6 +549,7 @@ class Notifier {
 
 				$narr = array(
 					'channel' => $channel,
+					'upstream' => $upstream,
 					'env_recips' => $env_recips,
 					'packet_recips' => $packet_recips,
 					'recipients' => $recipients,
@@ -599,8 +603,8 @@ class Notifier {
 				$packet = zot_build_packet($channel,$packet_type,(($packet_recips) ? $packet_recips : null));
 			}
 			elseif($packet_type === 'request') {
-				$packet = zot_build_packet($channel,$packet_type,$env_recips,$hub['hubloc_sitekey'],$hash,
-					array('message_id' => $request_message_id)
+				$packet = zot_build_packet($channel,$packet_type,$env_recips,$hub['hubloc_sitekey'],$hub['site_crypto'],
+					$hash, array('message_id' => $request_message_id)
 				);
 			}
 
@@ -614,7 +618,7 @@ class Notifier {
 				));
 			}
 			else {
-				$packet = zot_build_packet($channel,'notify',$env_recips,(($private) ? $hub['hubloc_sitekey'] : null),$hash);	
+				$packet = zot_build_packet($channel,'notify',$env_recips,(($private) ? $hub['hubloc_sitekey'] : null), $hub['site_crypto'],$hash);	
 				queue_insert(array(
 					'hash'       => $hash,
 					'account_id' => $target_item['aid'],

Zotlabs/Daemon/Ratenotif.php

@@ -77,7 +77,7 @@ class Ratenotif {
 						continue;
 
 					$hash = random_string();
-					$n = zot_build_packet($channel,'notify',null,null,$hash);
+					$n = zot_build_packet($channel,'notify',null,null,'',$hash);
 
 					queue_insert(array(
 						'hash'       => $hash,

Zotlabs/Extend/Hook.php

@@ -10,7 +10,7 @@ class Hook {
 			$function = serialize($function);
 		}
 
-		$r = q("SELECT * FROM `hook` WHERE `hook` = '%s' AND `file` = '%s' AND `fn` = '%s' and priority = %d and hook_version = %d LIMIT 1",
+		$r = q("SELECT * FROM hook WHERE hook = '%s' AND file = '%s' AND fn = '%s' and priority = %d and hook_version = %d LIMIT 1",
 			dbesc($hook),
 			dbesc($file),
 			dbesc($function),
@@ -23,13 +23,13 @@ class Hook {
 		// To aid in upgrade and transition, remove old settings for any registered hooks that match in all respects except
 		// for priority or hook_version
 
-		$r = q("DELETE FROM `hook` where `hook` = '%s' and `file` = '%s' and `fn` = '%s'",
+		$r = q("DELETE FROM hook where hook = '%s' and file = '%s' and fn = '%s'",
 			dbesc($hook),
 			dbesc($file),
 			dbesc($function)
 		);
 
-		$r = q("INSERT INTO `hook` (`hook`, `file`, `fn`, `priority`, `hook_version`) VALUES ( '%s', '%s', '%s', %d, %d )",
+		$r = q("INSERT INTO hook (hook, file, fn, priority, hook_version) VALUES ( '%s', '%s', '%s', %d, %d )",
 			dbesc($hook),
 			dbesc($file),
 			dbesc($function),
@@ -44,7 +44,7 @@ class Hook {
 		if(is_array($function)) {
 			$function = serialize($function);
 		}
-		$r = q("DELETE FROM hook WHERE hook = '%s' AND `file` = '%s' AND `fn` = '%s' and priority = %d and hook_version = %d",
+		$r = q("DELETE FROM hook WHERE hook = '%s' AND file = '%s' AND fn = '%s' and priority = %d and hook_version = %d",
 			dbesc($hook),
 			dbesc($file),
 			dbesc($function),
@@ -60,7 +60,7 @@ class Hook {
 
 	static public function unregister_by_file($file) {
 
-		$r = q("DELETE FROM hook WHERE `file` = '%s' ",
+		$r = q("DELETE FROM hook WHERE file = '%s' ",
 			dbesc($file)
 		);
 

Zotlabs/Lib/AConfig.php

@@ -10,8 +10,8 @@ class AConfig {
 		return XConfig::Load('a_' . $account_id);
 	}
 
-	static public function Get($account_id,$family,$key) {
-		return XConfig::Get('a_' . $account_id,$family,$key);
+	static public function Get($account_id,$family,$key,$default = false) {
+		return XConfig::Get('a_' . $account_id,$family,$key, $default);
 	}
 
 	static public function Set($account_id,$family,$key,$value) {

Zotlabs/Lib/AbConfig.php

@@ -16,7 +16,7 @@ class AbConfig {
 	}
 
 
-	static public function Get($chan,$xhash,$family,$key) {
+	static public function Get($chan,$xhash,$family,$key, $default = false) {
 		$r = q("select * from abconfig where chan = %d and xchan = '%s' and cat = '%s' and k = '%s' limit 1",
 			intval($chan),
 			dbesc($xhash),
@@ -26,7 +26,7 @@ class AbConfig {
 		if($r) {
 			return ((preg_match('|^a:[0-9]+:{.*}$|s', $r[0]['v'])) ? unserialize($r[0]['v']) : $r[0]['v']);
 		}
-		return false;
+		return $default;
 	}
 
 

Zotlabs/Lib/Apps.php

@@ -68,7 +68,7 @@ class Apps {
 				if($id !== true) {
 					// if we already installed this app, but it changed, preserve any categories we created
 					$s = '';
-					$r = q("select * from term where otype = %d and oid = d",
+					$r = q("select * from term where otype = %d and oid = %d",
 						intval(TERM_OBJ_APP),
 						intval($id)
 					);
@@ -203,7 +203,7 @@ class Apps {
 	static public function translate_system_apps(&$arr) {
 		$apps = array(
 			'Site Admin' => t('Site Admin'),
-			'Bug Report' => t('Bug Report'),
+			'Report Bug' => t('Report Bug'),
 			'View Bookmarks' => t('View Bookmarks'),
 			'My Chatrooms' => t('My Chatrooms'),
 			'Connections' => t('Connections'),
@@ -359,7 +359,7 @@ class Apps {
 			if($r) {
 				if(! $r[0]['app_system']) {
 					if($app['categories'] && (! $app['term'])) {
-						$r[0]['term'] = q("select * from term where otype = %d and oid = d",
+						$r[0]['term'] = q("select * from term where otype = %d and oid = %d",
 							intval(TERM_OBJ_APP),
 							intval($r[0]['id'])
 						);

Zotlabs/Lib/Config.php

@@ -98,13 +98,13 @@ class Config {
 	 * @return mixed Return value or false on error or if not set
 	 */
 
-	static public function Get($family,$key) {
+	static public function Get($family,$key,$default = false) {
 		if((! array_key_exists($family, \App::$config)) || (! array_key_exists('config_loaded', \App::$config[$family])))
 			self::Load($family);
 
 		if(array_key_exists('config_loaded', \App::$config[$family])) {
 			if(! array_key_exists($key, \App::$config[$family])) {
-				return false;		
+				return $default;		
 			}
 			return ((! is_array(\App::$config[$family][$key])) && (preg_match('|^a:[0-9]+:{.*}$|s', \App::$config[$family][$key])) 
 				? unserialize(\App::$config[$family][$key])
@@ -112,7 +112,7 @@ class Config {
 			);
 		}
 
-		return false;
+		return $default;
 	}
 
 	/**

Zotlabs/Lib/Enotify.php

@@ -78,15 +78,12 @@ class Enotify {
 		$sender_email = get_config('system','from_email');
 		if(! $sender_email)
 			$sender_email = 'Administrator' . '@' . \App::get_hostname();
-
 	
 		$sender_name = get_config('system','from_email_name');
 		if(! $sender_name)
 			$sender_name = \Zotlabs\Lib\System::get_site_name();
 
 
-
-
 		$additional_mail_header = "";
 
 		if(array_key_exists('item', $params)) {
@@ -105,6 +102,10 @@ class Enotify {
 				$title = $params['item']['title'];
 				$body = $params['item']['body'];
 			}
+			if($params['item']['created'] < datetime_convert('UTC','UTC','now - 1 month')) {
+				logger('notification invoked for an old item which may have been refetched.',LOGGER_DEBUG,LOG_INFO);
+				return;
+			}
 		} 
 		else {
 			$title = $body = '';
@@ -216,6 +217,85 @@ class Enotify {
 		$hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '">' . $sitename . '</a>');
 	}
 
+	if ($params['type'] == NOTIFY_LIKE) {
+//		logger("notification: params = " . print_r($params, true), LOGGER_DEBUG);
+
+		$itemlink =  $params['link'];
+
+		// ignore like/unlike activity on posts - they probably require a separate notification preference
+
+		if (array_key_exists('item',$params) && (! activity_match($params['item']['verb'],ACTIVITY_LIKE))) {
+			logger('notification: not a like activity. Ignoring.');
+			pop_lang();
+			return;
+		}
+
+		$parent_mid = $params['parent_mid'];
+
+		// Check to see if there was already a notify for this post.
+		// If so don't create a second notification
+
+		$p = null;
+		$p = q("select id from notify where link = '%s' and uid = %d limit 1",
+			dbesc($params['link']),
+			intval($recip['channel_id'])
+		);
+		if ($p) {
+			logger('notification: like already notified');
+			pop_lang();
+			return;
+		}
+	
+
+		// if it's a post figure out who's post it is.
+
+		$p = null;
+
+		if($params['otype'] === 'item' && $parent_mid) {
+			$p = q("select * from item where mid = '%s' and uid = %d limit 1",
+				dbesc($parent_mid),
+				intval($recip['channel_id'])
+			);
+		}
+
+		xchan_query($p);
+
+
+		$item_post_type = item_post_type($p[0]);
+//		$private = $p[0]['item_private'];
+		$parent_id = $p[0]['id'];
+
+		$parent_item = $p[0];
+
+
+		// "your post"
+		if($p[0]['owner']['xchan_name'] == $p[0]['author']['xchan_name'] && intval($p[0]['item_wall']))
+			$dest_str = sprintf(t('%1$s, %2$s liked [zrl=%3$s]your %4$s[/zrl]'),
+				$recip['channel_name'],
+				'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
+				$itemlink,
+				$item_post_type);
+		else {
+			pop_lang();
+			return;
+		}
+
+		// Some mail softwares relies on subject field for threading.
+		// So, we cannot have different subjects for notifications of the same thread.
+		// Before this we have the name of the replier on the subject rendering 
+		// differents subjects for messages on the same thread.
+
+		$subject = sprintf( t('[$Projectname:Notify] Like received to conversation #%1$d by %2$s'), $parent_id, $sender['xchan_name']);
+		$preamble = sprintf( t('%1$s, %2$s liked an item/conversation you created.'), $recip['channel_name'], $sender['xchan_name']); 
+		$epreamble = $dest_str; 
+
+		$sitelink = t('Please visit %s to view and/or reply to the conversation.');
+		$tsitelink = sprintf( $sitelink, $siteurl );
+		$hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '">' . $sitename . '</a>');
+	}
+
+
+
 	if($params['type'] == NOTIFY_WALL) {
 		$subject = sprintf( t('[$Projectname:Notify] %s posted to your profile wall') , $sender['xchan_name']);
 
@@ -364,7 +444,7 @@ class Enotify {
 	do {
 		$dups = false;
 		$hash = random_string();
-		$r = q("SELECT `id` FROM `notify` WHERE `hash` = '%s' LIMIT 1",
+		$r = q("SELECT id FROM notify WHERE hash = '%s' LIMIT 1",
 			dbesc($hash));
 		if ($r)
 			$dups = true;
@@ -633,7 +713,7 @@ class Enotify {
 		call_hooks('email_send', $params);
 
 		if($params['sent']) {
-			logger("notification: enotify::send (addon) returns " . $params['result'], LOGGER_DEBUG);
+			logger("notification: enotify::send (addon) returns " . (($params['result']) ? 'success' : 'failure'), LOGGER_DEBUG);
 			return $params['result'];
 		}
 
@@ -676,7 +756,7 @@ class Enotify {
 			$multipartMessageBody,							// message body
 			$messageHeader									// message headers
 		);
-		logger("notification: enotify::send returns " . $res, LOGGER_DEBUG);
+		logger("notification: enotify::send returns " . (($res) ? 'success' : 'failure'), LOGGER_DEBUG);
 		return $res;
 	}
 

Zotlabs/Lib/IConfig.php

@@ -10,7 +10,7 @@ class IConfig {
 		return;
 	}
 
-	static public function Get(&$item, $family, $key) {
+	static public function Get(&$item, $family, $key, $default = false) {
 
 		$is_item = false;
 	
@@ -28,7 +28,7 @@ class IConfig {
 			$iid = $item;
 
 		if(! $iid)
-			return false;
+			return $default;
 
 		if(is_array($item) && array_key_exists('iconfig',$item) && is_array($item['iconfig'])) {
 			foreach($item['iconfig'] as $c) {
@@ -48,7 +48,7 @@ class IConfig {
 				$item['iconfig'][] = $r[0];
 			return $r[0]['v'];
 		}
-		return false;
+		return $default;
 
 	}
 

Zotlabs/Lib/PConfig.php

@@ -67,16 +67,16 @@ class PConfig {
 	 * @return mixed Stored value or false if it does not exist
 	 */
 
-	static public function Get($uid,$family,$key,$instore = false) {
+	static public function Get($uid,$family,$key,$default = false) {
 
 		if(is_null($uid) || $uid === false)
-			return false;
+			return $default;
 
 		if(! array_key_exists($uid, \App::$config))
 			self::Load($uid);
 
 		if((! array_key_exists($family, \App::$config[$uid])) || (! array_key_exists($key, \App::$config[$uid][$family])))
-			return false;
+			return $default;
 
 		return ((! is_array(\App::$config[$uid][$family][$key])) && (preg_match('|^a:[0-9]+:{.*}$|s', \App::$config[$uid][$family][$key])) 
 			? unserialize(\App::$config[$uid][$family][$key])
@@ -185,13 +185,17 @@ class PConfig {
 
 		$ret = false;
 
-		if(array_key_exists($key, \App::$config[$uid][$family]))
+		if(array_key_exists($uid,\App::$config) 
+			&& is_array(\App::$config['uid']) 
+			&& array_key_exists($family,\App::$config['uid']) 
+			&& array_key_exists($key, \App::$config[$uid][$family]))
 			unset(\App::$config[$uid][$family][$key]);
-			$ret = q("DELETE FROM pconfig WHERE uid = %d AND cat = '%s' AND k = '%s'",
-				intval($uid),
-				dbesc($family),
-				dbesc($key)
-			);
+			
+		$ret = q("DELETE FROM pconfig WHERE uid = %d AND cat = '%s' AND k = '%s'",
+			intval($uid),
+			dbesc($family),
+			dbesc($key)
+		);
 
 		return $ret;
 	}

Zotlabs/Lib/PermissionDescription.php

@@ -12,22 +12,25 @@ require_once("include/text.php");
  * permission settings for an item with an empty ACL.
  * i.e the caption, icon, and tooltip for the no-ACL option in the ACL dialog.
  */
-class PermissionDescription  {
+class PermissionDescription {
 
 	private $global_perm;
 	private $channel_perm;
 	private $fallback_description;
-	
+
 	/**
 	 * Constructor is private.
-	 * Use static methods fromGlobalPermission(), fromStandalonePermission(), or fromDescription()
-	 * to create instances.
+	 * Use static methods fromGlobalPermission(), fromStandalonePermission(),
+	 * or fromDescription() to create instances.
+	 *
+	 * @internal
+	 * @param int $global_perm
+	 * @param int $channel_perm
+	 * @param string $description (optional) default empty
 	 */
 	private function __construct($global_perm, $channel_perm, $description = '') {
-
 		$this->global_perm  = $global_perm;
 		$this->channel_perm = $channel_perm;
-		
 		$this->fallback_description = ($description  == '') ? t('Visible to your default audience') : $description;
 	}
 
@@ -43,23 +46,22 @@ class PermissionDescription  {
 		return new PermissionDescription('', 0x80000, $description);
 	}
 
-
 	/**
 	 * Use this method only if the interpretation of an empty ACL doesn't fall back to a global
 	 * default permission. You should pass one of the constants from boot.php - PERMS_PUBLIC,
 	 * PERMS_NETWORK etc.
-	 * 
+	 *
 	 * @param  integer $perm - a single enumerated constant permission - PERMS_PUBLIC, PERMS_NETWORK etc.
 	 * @return a new instance of PermissionDescription
 	 */
 	public static function fromStandalonePermission($perm) {
 
 		$result = new PermissionDescription('', $perm);
-		
-		$checkPerm = $this->get_permission_description();
-		if ($checkPerm == $this->fallback_description) {
+
+		$checkPerm = $result->get_permission_description();
+		if($checkPerm == $result->fallback_description) {
 			$result = null;
-			logger('null PermissionDescription from unknown standalone permission: ' . $perm ,LOGGER_DEBUG, LOG_ERROR);
+			logger('null PermissionDescription from unknown standalone permission: ' . $perm, LOGGER_DEBUG, LOG_ERR);
 		}
 
 		return $result;
@@ -67,9 +69,9 @@ class PermissionDescription  {
 
 	/**
 	 * This is the preferred way to create a PermissionDescription, as it provides the most details.
-	 * Use this method if you know an empty ACL will result in one of the global default permissions 
+	 * Use this method if you know an empty ACL will result in one of the global default permissions
 	 * being used, such as channel_r_stream (for which you would pass 'view_stream').
-	 * 
+	 *
 	 * @param  string $permname - a key for the global perms array from get_perms() in permissions.php,
 	 *         e.g. 'view_stream', 'view_profile', etc.
 	 * @return a new instance of PermissionDescription
@@ -80,19 +82,19 @@ class PermissionDescription  {
 
 		$global_perms = \Zotlabs\Access\Permissions::Perms();
 
-		if (array_key_exists($permname, $global_perms)) {
+		if(array_key_exists($permname, $global_perms)) {
 
-			$channelPerm = \Zotlabs\Access\PermissionLimits::Get(\App::$channel['channel_id'],$permname);
+			$channelPerm = \Zotlabs\Access\PermissionLimits::Get(\App::$channel['channel_id'], $permname);
 
 			$result = new PermissionDescription('', $channelPerm);
 		} else {
 			// The acl dialog can handle null arguments, but it shouldn't happen
-			logger('null PermissionDescription from unknown global permission: ' . $permname ,LOGGER_DEBUG, LOG_ERROR);
+			logger('null PermissionDescription from unknown global permission: ' . $permname, LOGGER_DEBUG, LOG_ERR);
 		}
+
 		return $result;
 	}
 
-
 	/**
 	 * Gets a localized description of the permission, or a generic message if the permission
 	 * is unknown.
@@ -101,8 +103,7 @@ class PermissionDescription  {
 	 */
 	public function get_permission_description() {
 
-		switch($this->channel_perm) {			
-
+		switch($this->channel_perm) {
 			case 0:              return t('Only me');
 			case PERMS_PUBLIC:   return t('Public');
 			case PERMS_NETWORK:  return t('Anybody in the $Projectname network');
@@ -117,19 +118,18 @@ class PermissionDescription  {
 
 	/**
 	 * Returns an icon css class name if an appropriate one is available, e.g. "fa-globe" for Public,
-	 * otherwise returns empty string. 
+	 * otherwise returns empty string.
 	 *
 	 * @return string icon css class name (often FontAwesome)
 	 */
 	public function get_permission_icon() {
 
-		switch($this->channel_perm) {			
-
+		switch($this->channel_perm) {
 			case 0:/* only me */ return 'fa-eye-slash';
 			case PERMS_PUBLIC:   return 'fa-globe';
 			case PERMS_NETWORK:  return 'fa-share-alt-square'; // fa-share-alt-square is very similiar to the hubzilla logo, but we should create our own logo class to use
-			case PERMS_SITE:     return 'fa-sitemap'; 
-			case PERMS_CONTACTS: return 'fa-group'; 
+			case PERMS_SITE:     return 'fa-sitemap';
+			case PERMS_CONTACTS: return 'fa-group';
 			case PERMS_SPECIFIC: return 'fa-list';
 			case PERMS_AUTHED:   return '';
 			case PERMS_PENDING:  return '';
@@ -137,7 +137,6 @@ class PermissionDescription  {
 		}
 	}
 
-
 	/**
 	 * Returns a localized description of where the permission came from, if this is known.
 	 * If it's not know, or if the permission is standalone and didn't come from a default
@@ -147,8 +146,7 @@ class PermissionDescription  {
 	*/
 	public function get_permission_origin_description() {
 
-		switch($this->global_perm) {			
-
+		switch($this->global_perm) {
 			case PERMS_R_STREAM:  return t('This is your default setting for the audience of your normal stream, and posts.');
 			case PERMS_R_PROFILE: return t('This is your default setting for who can view your default channel profile');
 			case PERMS_R_ABOOK:   return t('This is your default setting for who can view your connections');

Zotlabs/Lib/System.php

@@ -32,16 +32,30 @@ class System {
 	static public function get_notify_icon() {
 		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['email_notify_icon_url'])
 			return \App::$config['system']['email_notify_icon_url'];
-		return z_root() . '/images/hz-white-32.png';
+		return z_root() . DEFAULT_NOTIFY_ICON;
 	}
 
 	static public function get_site_icon() {
 		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['site_icon_url'])
 			return \App::$config['system']['site_icon_url'];
-		return z_root() . '/images/hz-32.png';
+		return z_root() . DEFAULT_PLATFORM_ICON ;
 	}
 
 
+	static public function get_project_link() {
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['project_link'])
+			return \App::$config['system']['project_link'];
+		return 'https://hubzilla.org';
+	}
+
+	static public function get_project_srclink() {
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['project_srclink'])
+			return \App::$config['system']['project_srclink'];
+		return 'https://github.com/redmatrix/hubzilla';
+	}
+
+
+
 	static public function get_server_role() {
 		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['server_role'])
 			return \App::$config['system']['server_role'];
@@ -54,5 +68,15 @@ class System {
 		return '0.0.0';
 	}
 
+	static public function compatible_project($p) {
 
+		if(get_directory_realm() != DIRECTORY_REALM)
+			return true;
+
+		foreach(['hubzilla','zap'] as $t) {
+			if(stristr($p,$t))
+				return true;
+		}
+		return false;
+	}
 }

Zotlabs/Lib/Techlevels.php

@@ -0,0 +1,21 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+
+class Techlevels {
+
+	static public function levels() {
+		$techlevels = [
+			'0' => t('Beginner/Basic'),
+			'1' => t('Novice - not skilled but willing to learn'),
+			'2' => t('Intermediate - somewhat comfortable'),
+			'3' => t('Advanced - very comfortable'),
+			'4' => t('Expert - I can write computer code'),			
+			'5' => t('Wizard - I probably know more than you do')
+		];
+		return $techlevels;
+	}
+
+}
+

Zotlabs/Lib/ThreadItem.php

@@ -44,7 +44,7 @@ class ThreadItem {
 				 * Only add those that will be displayed
 				 */
 
-				if((! visible_activity($item)) || array_key_exists('author_blocked',$item)) {
+				if((! visible_activity($item)) || array_key_exists('blocked',$item)) {
 					continue;
 				}
 
@@ -355,6 +355,10 @@ class ThreadItem {
 			'unverified' => $unverified,
 			'forged' => $forged,
 			'location' => $location,
+			'attend_label' => t('Attend'),
+			'attend_title' => t('Attendance Options'),
+			'vote_label' => t('Vote'),
+			'vote_title' => t('Voting Options'),
 			'indent' => $indent,
 			'owner_url' => $this->get_owner_url(),
 			'owner_photo' => $this->get_owner_photo(),

Zotlabs/Lib/ThreadStream.php

@@ -58,7 +58,7 @@ class ThreadStream {
 			case 'display':
 				// in this mode we set profile_owner after initialisation (from conversation()) and then 
 				// pull some trickery which allows us to re-invoke this function afterward
-				// it's an ugly hack so FIXME
+				// it's an ugly hack so @FIXME
 				$this->writable = perm_is_allowed($this->profile_owner,$ob_hash,'post_comments');
 				break;
 			case 'page':
@@ -160,9 +160,9 @@ class ThreadStream {
 			}
 			elseif(($this->observer) && (! $item->is_commentable())) {
 				if((array_key_exists('owner',$item->data)) && intval($item->data['owner']['abook_self']))
-					$item->set_commentable(perm_is_allowed($this->profile_owner,$this->observer['xchan_hash'],'post_comments'));
+					$item->set_commentable(perm_is_allowed($this->profile_owner,$ob_hash,'post_comments'));
 				else
-					$item->set_commentable(can_comment_on_post($this->observer['xchan_hash'],$item->data));
+					$item->set_commentable(can_comment_on_post($ob_hash,$item->data));
 			}
 		}
 		require_once('include/channel.php');

Zotlabs/Lib/XConfig.php

@@ -59,16 +59,16 @@ class XConfig {
 	 * @return mixed Stored $value or false if it does not exist
 	 */
 
-	static public function Get($xchan, $family, $key) {
+	static public function Get($xchan, $family, $key, $default = false) {
 
 		if(! $xchan)
-			return false;
+			return $default;
 
 		if(! array_key_exists($xchan, \App::$config))
 			load_xconfig($xchan);
 
 		if((! array_key_exists($family, \App::$config[$xchan])) || (! array_key_exists($key, \App::$config[$xchan][$family])))
-			return false;
+			return $default;
 
 		return ((! is_array(\App::$config[$xchan][$family][$key])) && (preg_match('|^a:[0-9]+:{.*}$|s', \App::$config[$xchan][$family][$key])) 
 			? unserialize(\App::$config[$xchan][$family][$key])

Zotlabs/Module/Acl.php

@@ -77,7 +77,7 @@ class Acl extends \Zotlabs\Web\Controller {
 
 
 		if($search) {
-			$sql_extra = " AND `name` LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " ";
+			$sql_extra = " AND groups.gname LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " ";
 			$sql_extra2 = "AND ( xchan_name LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " OR xchan_addr LIKE " . protect_sprintf( "'%" . dbesc($search) . ((strpos($search,'@') === false) ? "%@%'"  : "%'")) . ") ";
 	
 			// This horrible mess is needed because position also returns 0 if nothing is found. 
@@ -105,9 +105,9 @@ class Acl extends \Zotlabs\Web\Controller {
 		if($type == '' || $type == 'g') {
 	
 			$r = q("SELECT groups.id, groups.hash, groups.gname
-					FROM groups,group_member 
+					FROM groups, group_member 
 					WHERE groups.deleted = 0 AND groups.uid = %d 
-					AND group_member.gid=groups.id
+					AND group_member.gid = groups.id
 					$sql_extra
 					GROUP BY groups.id
 					ORDER BY groups.gname 

Zotlabs/Module/Admin.php

@@ -1,21 +1,20 @@
 <?php
-namespace Zotlabs\Module;
-
-
 /**
- * @file mod/admin.php
+ * @file Zotlabs/Module/Admin.php
  * @brief Hubzilla's admin controller.
  *
  * Controller for the /admin/ area.
  */
 
+namespace Zotlabs\Module;
+
 require_once('include/queue_fn.php');
 require_once('include/account.php');
 
 /**
- * @param App &$a
+ * @brief Admin area.
+ *
  */
-
 class Admin extends \Zotlabs\Web\Controller {
 
 	private $sm = null;
@@ -26,36 +25,35 @@ class Admin extends \Zotlabs\Web\Controller {
 
 	function post(){
 		logger('admin_post', LOGGER_DEBUG);
-	
+
 		if(! is_site_admin()) {
 			return;
 		}
 		if (argc() > 1) {
 			$this->sm->call('post');
 		}
-	
+
 		goaway(z_root() . '/admin' );
 	}
-	
+
 	/**
 	 * @return string
 	 */
 
 	function get() {
-	
+
 		logger('admin_content', LOGGER_DEBUG);
-	
+
 		if(! is_site_admin()) {
 			return login(false);
 		}
-	
-	
+
 		/*
 		 * Page content
 		 */
 
 		$o = '';
-	
+
 		if(argc() > 1) {
 			$o = $this->sm->call('get');
 			if($o === false) {
@@ -65,9 +63,9 @@ class Admin extends \Zotlabs\Web\Controller {
 		else {
 			$o = $this->admin_page_summary();
 		}
-	
+
 		if(is_ajax()) {
-			echo $o; 
+			echo $o;
 			killme();
 			return '';
 		}
@@ -75,16 +73,15 @@ class Admin extends \Zotlabs\Web\Controller {
 			return $o;
 		}
 	}
-	
-	
+
+
 	/**
 	 * @brief Returns content for Admin Summary Page.
 	 *
-	 * @param App &$a
 	 * @return string HTML from parsed admin_summary.tpl
 	 */
 	function admin_page_summary() {
-	
+
 		// list total user accounts, expirations etc.
 		$accounts = array();
 		$r = q("SELECT COUNT(*) AS total, COUNT(CASE WHEN account_expires > %s THEN 1 ELSE NULL END) AS expiring, COUNT(CASE WHEN account_expires < %s AND account_expires > '%s' THEN 1 ELSE NULL END) AS expired, COUNT(CASE WHEN (account_flags & %d)>0 THEN 1 ELSE NULL END) AS blocked FROM account",
@@ -99,11 +96,11 @@ class Admin extends \Zotlabs\Web\Controller {
 			$accounts['expired']  = array('label' => t('# expired accounts'), 'val' => $r[0]['expired']);
 			$accounts['expiring'] = array('label' => t('# expiring accounts'), 'val' => $r[0]['expiring']);
 		}
-	
+
 		// pending registrations
-		$r = q("SELECT COUNT(id) AS `count` FROM `register` WHERE `uid` != '0'");
-		$pending = $r[0]['count'];
-	
+		$r = q("SELECT COUNT(id) AS rtotal FROM register WHERE uid != '0'");
+		$pending = $r[0]['rtotal'];
+
 		// available channels, primary and clones
 		$channels = array();
 		$r = q("SELECT COUNT(*) AS total, COUNT(CASE WHEN channel_primary = 1 THEN 1 ELSE NULL END) AS main, COUNT(CASE WHEN channel_primary = 0 THEN 1 ELSE NULL END) AS clones FROM channel WHERE channel_removed = 0");
@@ -112,15 +109,15 @@ class Admin extends \Zotlabs\Web\Controller {
 			$channels['main']   = array('label' => t('# primary'), 'val' => $r[0]['main']);
 			$channels['clones'] = array('label' => t('# clones'), 'val' => $r[0]['clones']);
 		}
-	
+
 		// We can do better, but this is a quick queue status
 		$r = q("SELECT COUNT(outq_delivered) AS total FROM outq WHERE outq_delivered = 0");
 		$queue = (($r) ? $r[0]['total'] : 0);
 		$queues = array( 'label' => t('Message queues'), 'queue' => $queue );
-	
+
 		// If no plugins active return 0, otherwise list of plugin names
 		$plugins = (count(\App::$plugins) == 0) ? count(\App::$plugins) : \App::$plugins;
-	
+
 		// Could be extended to provide also other alerts to the admin
 		$alertmsg = '';
 		// annoy admin about upcoming unsupported PHP version
@@ -135,7 +132,6 @@ class Admin extends \Zotlabs\Web\Controller {
 
 		$upgrade = ((version_compare(STD_VERSION,$vmaster) < 0) ? t('Your software should be updated') : '');
 
-
 		$t = get_markup_template('admin_summary.tpl');
 		return replace_macros($t, array(
 			'$title' => t('Administration'),
@@ -150,10 +146,8 @@ class Admin extends \Zotlabs\Web\Controller {
 			'$vmaster'  => array( t('Repository version (master)'), $vmaster),
 			'$vdev'     => array( t('Repository version (dev)'), $vdev),
 			'$upgrade'  => $upgrade,
-			'$build' => get_config('system', 'db_version')
+			'$build'    => get_config('system', 'db_version')
 		));
 	}
-	
-	
-	
+
 }

Zotlabs/Module/Admin/Account_edit.php

@@ -29,6 +29,22 @@ class Account_edit {
 				info( sprintf( t('Password changed for account %d.'), $account_id). EOL);
 
 		}
+
+		$service_class = trim($_REQUEST['service_class']);
+		$account_level = intval(trim($_REQUEST['account_level']));
+		$account_language = trim($_REQUEST['account_language']);
+
+		$r = q("update account set account_service_class = '%s', account_level = %d, account_language = '%s' 
+			where account_id = %d",
+			dbesc($service_class),
+			intval($account_level),
+			dbesc($account_language),
+			intval($account_id)
+		);
+
+		if($r)
+			info( t('Account settings updated.') . EOL);
+
 		goaway(z_root() . '/admin/accounts');
 	}
 
@@ -46,11 +62,15 @@ class Account_edit {
 			return '';
 		}
 
+
 		$a = replace_macros(get_markup_template('admin_account_edit.tpl'), [
 			'$account' => $x[0],
 			'$title' => t('Account Edit'),
 			'$pass1' => [ 'pass1', t('New Password'), ' ','' ],
 			'$pass2' => [ 'pass2', t('New Password again'), ' ','' ],
+			'$account_level' => [ 'account_level', t('Technical skill level'), $x[0]['account_level'], '', \Zotlabs\Lib\Techlevels::levels() ],
+			'$account_language' => [ 'account_language' , t('Account language (for emails)'), $x[0]['account_language'], '', language_list() ],
+			'$service_class' => [ 'service_class', t('Service class'), $x[0]['account_service_class'], '' ],
 			'$submit' => t('Submit'),
 			]
 		);

Zotlabs/Module/Admin/Accounts.php

@@ -133,10 +133,9 @@ class Accounts {
 		$base = z_root() . '/admin/accounts?f=';
 		$odir = (($dir === 'asc') ? '0' : '1');
 	
-		$users = q("SELECT `account_id` , `account_email`, `account_lastlog`, `account_created`, `account_expires`, " . 			"`account_service_class`, ( account_flags & %d ) > 0 as `blocked`, " .
-				"(SELECT %s FROM channel as ch " .
-				"WHERE ch.channel_account_id = ac.account_id and ch.channel_removed = 0 ) as `channels` " .
-			"FROM account as ac where true $serviceclass order by $key $dir limit %d offset %d ",
+		$users = q("SELECT account_id , account_email, account_lastlog, account_created, account_expires, account_service_class, ( account_flags & %d ) > 0 as blocked, 
+			(SELECT %s FROM channel as ch WHERE ch.channel_account_id = ac.account_id and ch.channel_removed = 0 ) as channels FROM account as ac 
+			where true $serviceclass order by $key $dir limit %d offset %d ",
 			intval(ACCOUNT_BLOCKED),
 			db_concat('ch.channel_address', ' '),
 			intval(\App::$pager['itemspage']),

Zotlabs/Module/Admin/Channels.php

@@ -2,35 +2,36 @@
 
 namespace Zotlabs\Module\Admin;
 
-
+/**
+ * @brief Admin Module for Channels.
+ *
+ */
 class Channels {
 
-	
 	/**
-	 * @brief Channels admin page.
+	 * @brief Handle POST actions on channels admin page.
 	 *
-	 * @param App &$a
 	 */
 	function post() {
 
 		$channels = ( x($_POST, 'channel') ? $_POST['channel'] : Array() );
-	
+
 		check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels');
-		
+
 		$xor = db_getfunc('^');
-	
-		if (x($_POST,'page_channels_block')){
-			foreach($channels as $uid){
+
+		if(x($_POST, 'page_channels_block')) {
+			foreach($channels as $uid) {
 				q("UPDATE channel SET channel_pageflags = ( channel_pageflags $xor %d ) where channel_id = %d",
 					intval(PAGE_CENSORED),
 					intval( $uid )
 				);
-				\Zotlabs\Daemon\Master::Summon(array('Directory',$uid,'nopush'));
+				\Zotlabs\Daemon\Master::Summon(array('Directory', $uid, 'nopush'));
 			}
 			notice( sprintf( tt("%s channel censored/uncensored", "%s channels censored/uncensored", count($channels)), count($channels)) );
 		}
-		if (x($_POST,'page_channels_code')){
-			foreach($channels as $uid){
+		if(x($_POST, 'page_channels_code')) {
+			foreach($channels as $uid) {
 				q("UPDATE channel SET channel_pageflags = ( channel_pageflags $xor %d ) where channel_id = %d",
 					intval(PAGE_ALLOWCODE),
 					intval( $uid )
@@ -38,74 +39,71 @@ class Channels {
 			}
 			notice( sprintf( tt("%s channel code allowed/disallowed", "%s channels code allowed/disallowed", count($channels)), count($channels)) );
 		}
-		if (x($_POST,'page_channels_delete')){
-			foreach($channels as $uid){
-				channel_remove($uid,true);
+		if(x($_POST, 'page_channels_delete')) {
+			foreach($channels as $uid) {
+				channel_remove($uid, true);
 			}
 			notice( sprintf( tt("%s channel deleted", "%s channels deleted", count($channels)), count($channels)) );
 		}
-	
+
 		goaway(z_root() . '/admin/channels' );
 	}
-	
 
 	/**
-	 * @brief
+	 * @brief Generate channels admin page and handle single item operations.
 	 *
-	 * @return string
+	 * @return string with parsed HTML
 	 */
-
 	function get() {
 		if(argc() > 2) {
 			$uid = argv(3);
 			$channel = q("SELECT * FROM channel WHERE channel_id = %d",
 				intval($uid)
 			);
-	
+
 			if(! $channel) {
 				notice( t('Channel not found') . EOL);
 				goaway(z_root() . '/admin/channels' );
 			}
-	
+
 			switch(argv(2)) {
 				case "delete":{
 					check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't');
 					// delete channel
 					channel_remove($uid,true);
-					
+
 					notice( sprintf(t("Channel '%s' deleted"), $channel[0]['channel_name']) . EOL);
 				}; break;
-	
+
 				case "block":{
 					check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't');
-					$pflags = $channel[0]['channel_pageflags'] ^ PAGE_CENSORED; 
+					$pflags = $channel[0]['channel_pageflags'] ^ PAGE_CENSORED;
 					q("UPDATE channel SET channel_pageflags = %d where channel_id = %d",
 						intval($pflags),
 						intval( $uid )
 					);
 					\Zotlabs\Daemon\Master::Summon(array('Directory',$uid,'nopush'));
-	
+
 					notice( sprintf( (($pflags & PAGE_CENSORED) ? t("Channel '%s' censored"): t("Channel '%s' uncensored")) , $channel[0]['channel_name'] . ' (' . $channel[0]['channel_address'] . ')' ) . EOL);
 				}; break;
-	
+
 				case "code":{
 					check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't');
-					$pflags = $channel[0]['channel_pageflags'] ^ PAGE_ALLOWCODE; 
+					$pflags = $channel[0]['channel_pageflags'] ^ PAGE_ALLOWCODE;
 					q("UPDATE channel SET channel_pageflags = %d where channel_id = %d",
 						intval($pflags),
 						intval( $uid )
 					);
-	
+
 					notice( sprintf( (($pflags & PAGE_ALLOWCODE) ? t("Channel '%s' code allowed"): t("Channel '%s' code disallowed")) , $channel[0]['channel_name'] . ' (' . $channel[0]['channel_address'] . ')' ) . EOL);
 				}; break;
-	
-				default: 
+
+				default:
 					break;
 			}
 			goaway(z_root() . '/admin/channels' );
 		}
 
-
 		$key = (($_REQUEST['key']) ? dbesc($_REQUEST['key']) : 'channel_id');
 		$dir = 'asc';
 		if(array_key_exists('dir',$_REQUEST))
@@ -114,10 +112,8 @@ class Channels {
 		$base = z_root() . '/admin/channels?f=';
 		$odir = (($dir === 'asc') ? '0' : '1');
 
-
-	
 		/* get channels */
-	
+
 		$total = q("SELECT count(*) as total FROM channel where channel_removed = 0 and channel_system = 0");
 		if($total) {
 			\App::set_pager_total($total[0]['total']);
@@ -135,15 +131,15 @@ class Channels {
 					$channels[$x]['blocked'] = true;
 				else
 					$channels[$x]['blocked'] = false;
-	
+
 				if($channels[$x]['channel_pageflags'] & PAGE_ALLOWCODE)
 					$channels[$x]['allowcode'] = true;
 				else
 					$channels[$x]['allowcode'] = false;
 			}
 		}
-	
-		$t = get_markup_template("admin_channels.tpl");
+
+		$t = get_markup_template('admin_channels.tpl');
 		$o = replace_macros($t, array(
 			// strings //
 			'$title' => t('Administration'),
@@ -158,29 +154,23 @@ class Channels {
 			'$h_channels' => t('Channel'),
 			'$base' => $base,
 			'$odir' => $odir,
-			'$th_channels' => array( 
+			'$th_channels' => array(
 					[ t('UID'), 'channel_id' ],
 					[ t('Name'), 'channel_name' ],
 					[ t('Address'), 'channel_address' ]),
-	
+
 			'$confirm_delete_multi' => t('Selected channels will be deleted!\n\nEverything that was posted in these channels on this site will be permanently deleted!\n\nAre you sure?'),
 			'$confirm_delete' => t('The channel {0} will be deleted!\n\nEverything that was posted in this channel on this site will be permanently deleted!\n\nAre you sure?'),
-	
-			'$form_security_token' => get_form_security_token("admin_channels"),
-	
+
+			'$form_security_token' => get_form_security_token('admin_channels'),
+
 			// values //
 			'$baseurl' => z_root(),
 			'$channels' => $channels,
 		));
 		$o .= paginate($a);
-	
+
 		return $o;
 	}
-	
-
-
-
-
-
 
 }

Zotlabs/Module/Admin/Dbsync.php

@@ -42,7 +42,7 @@ class Dbsync {
 		}
 	
 		$failed = array();
-		$r = q("select * from config where `cat` = 'database' ");
+		$r = q("select * from config where cat = 'database' ");
 		if(count($r)) {
 			foreach($r as $rr) {
 				$upd = intval(substr($rr['k'],8));

Zotlabs/Module/Admin/Site.php

@@ -5,11 +5,9 @@ namespace Zotlabs\Module\Admin;
 
 class Site {
 
-	
 	/**
 	 * @brief POST handler for Admin Site Page.
 	 *
-	 * @param App &$a
 	 */
 	function post(){
 		if (!x($_POST, 'page_site')) {
@@ -17,38 +15,39 @@ class Site {
 		}
 
 		check_form_security_token_redirectOnErr('/admin/site', 'admin_site');
-	
+
 		$sitename 			=	((x($_POST,'sitename'))			? notags(trim($_POST['sitename']))			: '');
 		$server_role 		=	((x($_POST,'server_role'))		? notags(trim($_POST['server_role']))		: 'standard');
 
-		$banner				=	((x($_POST,'banner'))      		? trim($_POST['banner'])				: false);
+		$banner				=	((x($_POST,'banner'))			? trim($_POST['banner'])				: false);
 
 		$admininfo			=	((x($_POST,'admininfo'))		? trim($_POST['admininfo'])				: false);
+		$siteinfo			=	((x($_POST,'siteinfo'))		    ? trim($_POST['siteinfo'])				: '');
 		$language			=	((x($_POST,'language'))			? notags(trim($_POST['language']))			: '');
 		$theme				=	((x($_POST,'theme'))			? notags(trim($_POST['theme']))				: '');
 		$theme_mobile			=	((x($_POST,'theme_mobile'))		? notags(trim($_POST['theme_mobile']))			: '');
-	//	$site_channel			=	((x($_POST,'site_channel'))	? notags(trim($_POST['site_channel']))				: '');
+//		$site_channel			=	((x($_POST,'site_channel'))	? notags(trim($_POST['site_channel']))				: '');
 		$maximagesize		=	((x($_POST,'maximagesize'))		? intval(trim($_POST['maximagesize']))				:  0);
-	
+
 		$register_policy	=	((x($_POST,'register_policy'))	? intval(trim($_POST['register_policy']))	:  0);
-		
+
 		$access_policy	=	((x($_POST,'access_policy'))	? intval(trim($_POST['access_policy']))	:  0);
-		$invite_only        = ((x($_POST,'invite_only'))		? True	: False);
-		$abandon_days	    =	((x($_POST,'abandon_days'))	    ? intval(trim($_POST['abandon_days']))	    :  0);
-	
+		$invite_only	= ((x($_POST,'invite_only'))		? True	: False);
+		$abandon_days	=	((x($_POST,'abandon_days'))	    ? intval(trim($_POST['abandon_days']))	    :  0);
+
 		$register_text		=	((x($_POST,'register_text'))	? notags(trim($_POST['register_text']))		: '');
-		$frontpage		    =	((x($_POST,'frontpage'))	? notags(trim($_POST['frontpage']))		: '');
-		$mirror_frontpage   =	((x($_POST,'mirror_frontpage'))	? intval(trim($_POST['mirror_frontpage']))		: 0);
-		$directory_server   =   ((x($_POST,'directory_server')) ? trim($_POST['directory_server']) : '');
-		$allowed_sites        = ((x($_POST,'allowed_sites'))	? notags(trim($_POST['allowed_sites']))		: '');
-		$force_publish        = ((x($_POST,'publish_all'))		? True	: False);
-		$disable_discover_tab = ((x($_POST,'disable_discover_tab'))		? False	:	True);
-		$login_on_homepage    = ((x($_POST,'login_on_homepage'))		? True	:	False);
-		$enable_context_help    = ((x($_POST,'enable_context_help'))		? True	:	False);
+		$frontpage			=	((x($_POST,'frontpage'))	? notags(trim($_POST['frontpage']))		: '');
+		$mirror_frontpage	=	((x($_POST,'mirror_frontpage'))	? intval(trim($_POST['mirror_frontpage']))		: 0);
+		$directory_server	=	((x($_POST,'directory_server')) ? trim($_POST['directory_server']) : '');
+		$allowed_sites		=	((x($_POST,'allowed_sites'))	? notags(trim($_POST['allowed_sites']))		: '');
+		$force_publish		=	((x($_POST,'publish_all'))		? True	: False);
+		$disable_discover_tab =	((x($_POST,'disable_discover_tab'))		? False	:	True);
+		$login_on_homepage	=	((x($_POST,'login_on_homepage'))		? True	:	False);
+		$enable_context_help = ((x($_POST,'enable_context_help'))		? True	:	False);
 		$global_directory     = ((x($_POST,'directory_submit_url'))	? notags(trim($_POST['directory_submit_url']))	: '');
 		$no_community_page    = !((x($_POST,'no_community_page'))	? True	:	False);
 		$default_expire_days  = ((array_key_exists('default_expire_days',$_POST)) ? intval($_POST['default_expire_days']) : 0);
-	
+
 		$verifyssl         = ((x($_POST,'verifyssl'))        ? True : False);
 		$proxyuser         = ((x($_POST,'proxyuser'))        ? notags(trim($_POST['proxyuser']))  : '');
 		$proxy             = ((x($_POST,'proxy'))            ? notags(trim($_POST['proxy']))      : '');
@@ -62,11 +61,9 @@ class Site {
 		$techlevel_lock    = ((x($_POST,'techlock'))   ? intval($_POST['techlock'])   : 0);
 
 		$techlevel         = null;
-		if(array_key_exists('techlevel',$_POST))
+		if(array_key_exists('techlevel', $_POST))
 			$techlevel = intval($_POST['techlevel']);
 
-	
-
 		set_config('system', 'server_role', $server_role);
 		set_config('system', 'feed_contacts', $feed_contacts);
 		set_config('system', 'delivery_interval', $delivery_interval);
@@ -84,16 +81,16 @@ class Site {
 
 		if(! is_null($techlevel))
 			set_config('system', 'techlevel', $techlevel);
-	
+
 		if($directory_server)
 			set_config('system','directory_server',$directory_server);
-	
+
 		if ($banner == '') {
 			del_config('system', 'banner');
 		} else {
 			set_config('system', 'banner', $banner);
 		}
-	
+
 		if ($admininfo == ''){
 			del_config('system', 'admininfo');
 		} else {
@@ -101,6 +98,7 @@ class Site {
 			linkify_tags($a, $admininfo, local_channel());
 			set_config('system', 'admininfo', $admininfo);
 		}
+		set_config('system','siteinfo',$siteinfo);
 		set_config('system', 'language', $language);
 		set_config('system', 'theme', $theme);
 		if ( $theme_mobile === '---' ) {
@@ -110,9 +108,9 @@ class Site {
 		}
 	//	set_config('system','site_channel', $site_channel);
 		set_config('system','maximagesize', $maximagesize);
-	
+
 		set_config('system','register_policy', $register_policy);
-		set_config('system','invitation_only', $invite_only);	
+		set_config('system','invitation_only', $invite_only);
 		set_config('system','access_policy', $access_policy);
 		set_config('system','account_abandon_days', $abandon_days);
 		set_config('system','register_text', $register_text);
@@ -124,14 +122,14 @@ class Site {
 		} else {
 			set_config('system', 'directory_submit_url', $global_directory);
 		}
-	
+
 		set_config('system','no_community_page', $no_community_page);
 		set_config('system','no_utf', $no_utf);
 		set_config('system','verifyssl', $verifyssl);
 		set_config('system','proxyuser', $proxyuser);
 		set_config('system','proxy', $proxy);
 		set_config('system','curl_timeout', $timeout);
-	
+
 		info( t('Site settings updated.') . EOL);
 		goaway(z_root() . '/admin/site' );
 	}
@@ -139,15 +137,14 @@ class Site {
 	/**
 	 * @brief Admin page site.
 	 *
-	 * @return string
+	 * @return string with HTML
 	 */
-
 	function get() {
-	
+
 		/* Installed langs */
 		$lang_choices = array();
 		$langs = glob('view/*/hstrings.php');
-	
+
 		if(is_array($langs) && count($langs)) {
 			if(! in_array('view/en/hstrings.php',$langs))
 				$langs[] = 'view/en/';
@@ -157,7 +154,7 @@ class Site {
 				$lang_choices[$t[1]] = $t[1];
 			}
 		}
-	
+
 		/* Installed themes */
 		$theme_choices_mobile["---"] = t("Default");
 		$theme_choices = array();
@@ -184,13 +181,13 @@ class Site {
 				}
 			}
 		}
-	
+
 		$dir_choices = null;
 		$dirmode = get_config('system','directory_mode');
 		$realm = get_directory_realm();
-	
+
 		// directory server should not be set or settable unless we are a directory client
-	
+
 		if($dirmode == DIRECTORY_MODE_NORMAL) {
 			$x = q("select site_url from site where site_flags in (%d,%d) and site_realm = '%s'",
 				intval(DIRECTORY_MODE_SECONDARY),
@@ -204,25 +201,25 @@ class Site {
 				}
 			}
 		}
-	
+
 		/* Banner */
-	
+
 		$banner = get_config('system', 'banner');
-		if($banner === false) 
+		if($banner === false)
 			$banner = get_config('system','sitename');
-	
+
 		$banner = htmlspecialchars($banner);
-	
+
 		/* Admin Info */
 		$admininfo = get_config('system', 'admininfo');
-	
+
 		/* Register policy */
 		$register_choices = Array(
 			REGISTER_CLOSED  => t("No"),
 			REGISTER_APPROVE => t("Yes - with approval"),
 			REGISTER_OPEN    => t("Yes")
 		);
-	
+
 		/* Acess policy */
 		$access_choices = Array(
 			ACCESS_PRIVATE => t("My site is not a public server"),
@@ -230,36 +227,32 @@ class Site {
 			ACCESS_FREE => t("My site has free access only"),
 			ACCESS_TIERED => t("My site offers free accounts with optional paid upgrades")
 		);
-	
+
 		$discover_tab = get_config('system','disable_discover_tab');
 		// $disable public streams by default
 		if($discover_tab === false)
 			$discover_tab = 1;
 		// now invert the logic for the setting.
 		$discover_tab = (1 - $discover_tab);
-	
+
 		$server_roles = [
 			'basic'    => t('Basic/Minimal Social Networking'),
 			'standard' => t('Standard Configuration (default)'),
 			'pro'      => t('Professional')
 		];
 
-
 		$techlevels = [
 			'0' => t('Beginner/Basic'),
 			'1' => t('Novice - not skilled but willing to learn'),
 			'2' => t('Intermediate - somewhat comfortable'),
 			'3' => t('Advanced - very comfortable'),
-			'4' => t('Expert - I can write computer code'),			
+			'4' => t('Expert - I can write computer code'),
 			'5' => t('Wizard - I probably know more than you do')
 		];
 
-
-
-	
 		$homelogin = get_config('system','login_on_homepage');
 		$enable_context_help = get_config('system','enable_context_help');
-	
+
 		$t = get_markup_template("admin_site.tpl");
 		return replace_macros($t, array(
 			'$title' => t('Administration'),
@@ -269,7 +262,7 @@ class Site {
 			'$upload' => t('File upload'),
 			'$corporate' => t('Policies'),
 			'$advanced' => t('Advanced'),
-	
+
 			'$baseurl' => z_root(),
 			// name, label, value, help string, extra data...
 			'$sitename' 		=> array('sitename', t("Site name"), htmlspecialchars(get_config('system','sitename'), ENT_QUOTES, 'UTF-8'),''),
@@ -280,14 +273,14 @@ class Site {
 
 			'$techlock' => [ 'techlock', t('Lock the technical skill level setting'), get_config('system','techlevel_lock'), t('Members can set their own technical comfort level by default') ],
 
-
 			'$banner'			=> array('banner', t("Banner/Logo"), $banner, ""),
 			'$admininfo'		=> array('admininfo', t("Administrator Information"), $admininfo, t("Contact information for site administrators.  Displayed on siteinfo page.  BBCode can be used here")),
+			'$siteinfo'		=> array('siteinfo', t('Site Information'), get_config('system','siteinfo'), t("Publicly visible description of this site.  Displayed on siteinfo page.  BBCode can be used here")),
 			'$language' 		=> array('language', t("System language"), get_config('system','language'), "", $lang_choices),
 			'$theme' 			=> array('theme', t("System theme"), get_config('system','theme'), t("Default system theme - may be over-ridden by user profiles - <a href='#' id='cnftheme'>change theme settings</a>"), $theme_choices),
 			'$theme_mobile' 	=> array('theme_mobile', t("Mobile system theme"), get_config('system','mobile_theme'), t("Theme for mobile devices"), $theme_choices_mobile),
-	//		'$site_channel' 	=> array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")),
-			'$feed_contacts'    => array('feed_contacts', t('Allow Feeds as Connections'),get_config('system','feed_contacts'),t('(Heavy system resource usage)')), 
+//			'$site_channel' 	=> array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")),
+			'$feed_contacts'    => array('feed_contacts', t('Allow Feeds as Connections'),get_config('system','feed_contacts'),t('(Heavy system resource usage)')),
 			'$maximagesize'		=> array('maximagesize', t("Maximum image size"), intval(get_config('system','maximagesize')), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")),
 			'$register_policy'	=> array('register_policy', t("Does this site allow new member registration?"), get_config('system','register_policy'), "", $register_choices),
 			'$invite_only'		=> array('invite_only', t("Invitation only"), get_config('system','invitation_only'), t("Only allow new member registrations with an invitation code. Above register policy must be set to Yes.")),
@@ -302,9 +295,9 @@ class Site {
 			'$disable_discover_tab'	=> array('disable_discover_tab', t('Import Public Streams'), $discover_tab, t('Import and allow access to public content pulled from other sites. Warning: this content is unmoderated.')),
 			'$login_on_homepage'	=> array('login_on_homepage', t("Login on Homepage"),((intval($homelogin) || $homelogin === false) ? 1 : '') , t("Present a login box to visitors on the home page if no other content has been configured.")),
 			'$enable_context_help'	=> array('enable_context_help', t("Enable context help"),((intval($enable_context_help) === 1 || $enable_context_help === false) ? 1 : 0) , t("Display contextual help for the current page when the help button is pressed.")),
-	
+
 			'$directory_server' => (($dir_choices) ? array('directory_server', t("Directory Server URL"), get_config('system','directory_server'), t("Default directory server"), $dir_choices) : null),
-	
+
 			'$proxyuser'		=> array('proxyuser', t("Proxy user"), get_config('system','proxyuser'), ""),
 			'$proxy'			=> array('proxy', t("Proxy URL"), get_config('system','proxy'), ""),
 			'$timeout'			=> array('timeout', t("Network timeout"), (x(get_config('system','curl_timeout'))?get_config('system','curl_timeout'):60), t("Value is in seconds. Set to 0 for unlimited (not recommended).")),
@@ -316,8 +309,5 @@ class Site {
 			'$form_security_token' => get_form_security_token("admin_site"),
 		));
 	}
-	
-
-
 
 }

Zotlabs/Module/Api.php

@@ -3,10 +3,22 @@ namespace Zotlabs\Module;
 
 require_once('include/api.php');
 
-
-
 class Api extends \Zotlabs\Web\Controller {
 
+
+	function init() {
+		zot_api_init();
+
+		api_register_func('api/client/register', 'api_client_register', false);
+		api_register_func('api/oauth/request_token', 'api_oauth_request_token', false);
+		api_register_func('api/oauth/access_token', 'api_oauth_access_token', false);
+
+		$args = [];
+		call_hooks('api_register',$args);
+
+		return;
+	}
+
 	function post() {
 		if(! local_channel()) {
 			notice( t('Permission denied.') . EOL);
@@ -17,13 +29,13 @@ class Api extends \Zotlabs\Web\Controller {
 	
 	function get() {
 
-		if(\App::$cmd=='api/oauth/authorize'){
+		if(\App::$cmd === 'api/oauth/authorize'){
 	
 			/* 
 			 * api/oauth/authorize interact with the user. return a standard page
 			 */
 			
-			\App::$page['template'] = "minimal";
+			\App::$page['template'] = 'minimal';
 					
 			// get consumer/client from request token
 			try {
@@ -42,8 +54,8 @@ class Api extends \Zotlabs\Web\Controller {
 
 				$consumer = new OAuth1Consumer($app['client_id'], $app['pw'], $app['redirect_uri']);
 	
-				$verifier = md5($app['secret'].local_channel());
-				set_config("oauth", $verifier, local_channel());
+				$verifier = md5($app['secret'] . local_channel());
+				set_config('oauth', $verifier, local_channel());
 				
 				
 				if($consumer->callback_url != null) {
@@ -78,11 +90,11 @@ class Api extends \Zotlabs\Web\Controller {
 						
 			$tpl = get_markup_template('oauth_authorize.tpl');
 			$o = replace_macros($tpl, array(
-				'$title' => t('Authorize application connection'),
-				'$app' => $app,
+				'$title'     => t('Authorize application connection'),
+				'$app'       => $app,
 				'$authorize' => t('Do you want to authorize this application to access your posts and contacts, and/or create new posts for you?'),
-				'$yes'	=> t('Yes'),
-				'$no'	=> t('No'),
+				'$yes'	     => t('Yes'),
+				'$no'	     => t('No'),
 			));
 			
 			//echo "<pre>"; var_dump($app); killme();

Zotlabs/Module/Cal.php

@@ -109,7 +109,7 @@ class Cal extends \Zotlabs\Web\Controller {
 	
 			/* edit/create form */
 			if($event_id) {
-				$r = q("SELECT * FROM `event` WHERE event_hash = '%s' AND `uid` = %d LIMIT 1",
+				$r = q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1",
 					dbesc($event_id),
 					intval($channel['channel_id'])
 				);
@@ -209,6 +209,10 @@ class Cal extends \Zotlabs\Web\Controller {
 			$adjust_start = datetime_convert('UTC', date_default_timezone_get(), $start);
 			$adjust_finish = datetime_convert('UTC', date_default_timezone_get(), $finish);
 	
+
+			if(! perm_is_allowed(\App::$profile['uid'],get_observer_hash(),'view_contacts'))
+				$sql_extra .= " and etype != 'birthday' ";
+
 			if (x($_GET,'id')){
 			  	$r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan
 	                                from event left join item on resource_id = event_hash where resource_type = 'event' and event.uid = %d and event.id = %d $sql_extra limit 1",
@@ -224,7 +228,7 @@ class Cal extends \Zotlabs\Web\Controller {
 	
 				$r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan
 	                              from event left join item on event_hash = resource_id 
-					where resource_type = 'event' and event.uid = %d $ignored 
+					where resource_type = 'event' and event.uid = %d and event.uid = item.uid $ignored 
 					AND (( adjust = 0 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' ) 
 					OR  (  adjust = 1 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' )) $sql_extra ",
 					intval($channel['channel_id']),

Zotlabs/Module/Channel.php

@@ -1,6 +1,6 @@
 <?php
-namespace Zotlabs\Module;
 
+namespace Zotlabs\Module;
 
 require_once('include/contact_widgets.php');
 require_once('include/items.php');
@@ -10,6 +10,10 @@ require_once('include/conversation.php');
 require_once('include/acl_selectors.php');
 require_once('include/permissions.php');
 
+/**
+ * @brief Channel Controller
+ *
+ */
 class Channel extends \Zotlabs\Web\Controller {
 
 	function init() {
@@ -34,7 +38,7 @@ class Channel extends \Zotlabs\Web\Controller {
 
 		if((local_channel()) && (argc() > 2) && (argv(2) === 'view')) {
 			$which = $channel['channel_address'];
-			$profile = argv(1);		
+			$profile = argv(1);
 		}
 
 		\App::$page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" title="' . t('Posts and comments') . '" href="' . z_root() . '/feed/' . $which . '" />' . "\r\n" ;
@@ -48,12 +52,10 @@ class Channel extends \Zotlabs\Web\Controller {
 		// we start loading content
 
 		profile_load($which,$profile);
-
 	}
 
 	function get($update = 0, $load = false) {
 
-
 		if($load)
 			$_SESSION['loadtime'] = datetime_convert();
 
@@ -66,12 +68,13 @@ class Channel extends \Zotlabs\Web\Controller {
 		$datequery = ((x($_GET,'dend') && is_a_date_arg($_GET['dend'])) ? notags($_GET['dend']) : '');
 		$datequery2 = ((x($_GET,'dbegin') && is_a_date_arg($_GET['dbegin'])) ? notags($_GET['dbegin']) : '');
 
-		if(observer_prohibited(true)) {			
+		if(observer_prohibited(true)) {
 			return login();
 		}
 
 		$category = ((x($_REQUEST,'cat')) ? $_REQUEST['cat'] : '');
 		$hashtags = ((x($_REQUEST,'tag')) ? $_REQUEST['tag'] : '');
+		$static   = ((array_key_exists('static',$_REQUEST)) ? intval($_REQUEST['static']) : 0);
 
 		$groups = array();
 
@@ -108,15 +111,17 @@ class Channel extends \Zotlabs\Web\Controller {
 
 		if(! $update) {
 
+			$static = channel_manual_conv_update(\App::$profile['profile_uid']);
+
 			$o .= profile_tabs($a, $is_owner, \App::$profile['channel_address']);
 
 			$o .= common_friends_visitor_widget(\App::$profile['profile_uid']);
 
 			if($channel && $is_owner) {
 				$channel_acl = array(
-					'allow_cid' => $channel['channel_allow_cid'], 
-					'allow_gid' => $channel['channel_allow_gid'], 
-					'deny_cid' => $channel['channel_deny_cid'], 
+					'allow_cid' => $channel['channel_allow_cid'],
+					'allow_gid' => $channel['channel_allow_gid'],
+					'deny_cid' => $channel['channel_deny_cid'],
 					'deny_gid' => $channel['channel_deny_gid']
 				);
 			}
@@ -143,9 +148,9 @@ class Channel extends \Zotlabs\Web\Controller {
 					'bbco_autocomplete' => 'bbcode',
 					'bbcode' => true,
 					'jotnets' => true
-        		);
+				);
 
-        		$o .= status_editor($a,$x);
+				$o .= status_editor($a,$x);
 			}
 
 		}
@@ -168,12 +173,15 @@ class Channel extends \Zotlabs\Web\Controller {
 		$simple_update = (($update) ? " AND item_unseen = 1 " : '');
 
 		\App::$page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string) . '" title="oembed" />' . "\r\n";
-		
+
 		if($update && $_SESSION['loadtime'])
 			$simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' )  OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) ";
 		if($load)
 			$simple_update = '';
 
+		if($static && $simple_update)
+			$simple_update .= " and item_thread_top = 0 and author_xchan = '" . protect_sprintf(get_observer_hash()) . "' ";
+
 		if(($update) && (! $load)) {
 
 			if($mid) {
@@ -183,9 +191,9 @@ class Channel extends \Zotlabs\Web\Controller {
 					intval(\App::$profile['profile_uid'])
 				);
 				$_SESSION['loadtime'] = datetime_convert();
-			} 
+			}
 			else {
-				$r = q("SELECT distinct parent AS `item_id`, created from item
+				$r = q("SELECT distinct parent AS item_id, created from item
 					left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids )
 					WHERE uid = %d $item_normal
 					AND item_wall = 1 $simple_update
@@ -201,10 +209,10 @@ class Channel extends \Zotlabs\Web\Controller {
 		else {
 
 			if(x($category)) {
-			        $sql_extra .= protect_sprintf(term_query('item', $category, TERM_CATEGORY));
+				$sql_extra .= protect_sprintf(term_query('item', $category, TERM_CATEGORY));
 			}
 			if(x($hashtags)) {
-			        $sql_extra .= protect_sprintf(term_query('item', $hashtags, TERM_HASHTAG, TERM_COMMUNITYTAG));
+				$sql_extra .= protect_sprintf(term_query('item', $hashtags, TERM_HASHTAG, TERM_COMMUNITYTAG));
 			}
 
 			if($datequery) {
@@ -228,10 +236,9 @@ class Channel extends \Zotlabs\Web\Controller {
 					if (! $r) {
 						notice( t('Permission denied.') . EOL);
 					}
-
-				} 
+				}
 				else {
-					$r = q("SELECT distinct id AS item_id, created FROM item 
+					$r = q("SELECT distinct id AS item_id, created FROM item
 						left join abook on item.author_xchan = abook.abook_xchan
 						WHERE uid = %d $item_normal
 						AND item_wall = 1 and item_thread_top = 1
@@ -250,11 +257,11 @@ class Channel extends \Zotlabs\Web\Controller {
 		if($r) {
 
 			$parents_str = ids_to_querystr($r,'item_id');
- 
-			$items = q("SELECT `item`.*, `item`.`id` AS `item_id` 
-				FROM `item`
-				WHERE `item`.`uid` = %d $item_normal
-				AND `item`.`parent` IN ( %s )
+
+			$items = q("SELECT item.*, item.id AS item_id
+				FROM item
+				WHERE item.uid = %d $item_normal
+				AND item.parent IN ( %s )
 				$sql_extra ",
 				intval(\App::$profile['profile_uid']),
 				dbesc($parents_str)
@@ -270,8 +277,7 @@ class Channel extends \Zotlabs\Web\Controller {
 				notice( t('Permission denied.') . EOL);
 			}
 
-		} 
-		else {
+		} else {
 			$items = array();
 		}
 
@@ -285,7 +291,7 @@ class Channel extends \Zotlabs\Web\Controller {
 				$maxheight = 400;
 
 			$o .= '<div id="live-channel"></div>' . "\r\n";
-			$o .= "<script> var profile_uid = " . \App::$profile['profile_uid'] 
+			$o .= "<script> var profile_uid = " . \App::$profile['profile_uid']
 				. "; var netargs = '?f='; var profile_page = " . \App::$pager['page']
 				. "; divmore_height = " . intval($maxheight) . "; </script>\r\n";
 
@@ -304,6 +310,7 @@ class Channel extends \Zotlabs\Web\Controller {
 				'$nouveau' => '0',
 				'$wall' => '1',
 				'$fh' => '0',
+				'$static'  => $static,
 				'$page' => ((\App::$pager['page'] != 1) ? \App::$pager['page'] : 1),
 				'$search' => '',
 				'$order' => '',
@@ -317,7 +324,6 @@ class Channel extends \Zotlabs\Web\Controller {
 				'$dbegin' => $datequery2
 			));
 
-
 		}
 
 		$update_unseen = '';
@@ -325,10 +331,10 @@ class Channel extends \Zotlabs\Web\Controller {
 		if($page_mode === 'list') {
 
 			/**
-			 * in "list mode", only mark the parent item and any like activities as "seen". 
+			 * in "list mode", only mark the parent item and any like activities as "seen".
 			 * We won't distinguish between comment likes and post likes. The important thing
 			 * is that the number of unseen comments will be accurate. The SQL to separate the
-			 * comment likes could also get somewhat hairy. 
+			 * comment likes could also get somewhat hairy.
 			 */
 
 			if($parents_str) {
@@ -351,7 +357,7 @@ class Channel extends \Zotlabs\Web\Controller {
 
 		if($checkjs->disabled()) {
 			$o .= conversation($a,$items,'channel',$update,'traditional');
-		} 
+		}
 		else {
 			$o .= conversation($a,$items,'channel',$update,$page_mode);
 		}
@@ -362,7 +368,7 @@ class Channel extends \Zotlabs\Web\Controller {
 				\App::$page['title'] = $items[0]['title'] . " - " . \App::$page['title'];
 		}
 
-		if($mid) 
+		if($mid)
 			$o .= '<div id="content-complete"></div>';
 
 		return $o;

Zotlabs/Module/Chanview.php

@@ -58,7 +58,9 @@ class Chanview extends \Zotlabs\Web\Controller {
 				}
 				logger('mod_chanview: constructed address ' . print_r($matches,true)); 
 			}
-	
+
+			$r = null;
+
 			if($_REQUEST['address']) {
 				$j = \Zotlabs\Zot\Finger::run($_REQUEST['address'],null);
 				if($j['success']) {
@@ -66,40 +68,74 @@ class Chanview extends \Zotlabs\Web\Controller {
 					$r = q("select * from xchan where xchan_addr = '%s' limit 1",
 						dbesc($_REQUEST['address'])
 					);
-					if($r)
+					if($r) {
 						\App::$poi = $r[0];
+					}
+				}
+				if(! $r) {
+					if(discover_by_webbie($_REQUEST['address'])) {
+						$r = q("select * from xchan where xchan_addr = '%s' limit 1",
+							dbesc($_REQUEST['address'])
+						);
+						if($r) {
+							\App::$poi = $r[0];
+						}
+					}
 				}
 			}
 		}
 	
 		if(! \App::$poi) {
-	//		We don't know who this is, and we can't figure it out from the URL
-	//		On the plus side, there's a good chance we know somebody else at that 
-	//		hub so sending them there with a Zid will probably work anyway.
+
+			//		We don't know who this is, and we can't figure it out from the URL
+			//		On the plus side, there's a good chance we know somebody else at that 
+			//		hub so sending them there with a Zid will probably work anyway.
+
 			$url = ($_REQUEST['url']);
+			if(! $url) {
+				notice( t('Channel not found.') . EOL);
+				return;
+			}
 			if($observer)
 				$url = zid($url);
+
 		}
+
+		$is_zot = false;
 	
 		if (\App::$poi) {
-		$url = \App::$poi['xchan_url'];
-		if($observer)
-			$url = zid($url);
+			$url = \App::$poi['xchan_url'];
+			if(\App::$poi['xchan_network'] === 'zot') {
+				$is_zot = true;
+			}			
 		}
-		// let somebody over-ride the iframed viewport presentation
-		// or let's just declare this a failed experiment.
+
+		// We will load the chanview template if it's a foreign network, 
+		// just so that we can provide a connect button along with a profile
+		// photo. Chances are we can't load the remote profile into an iframe
+		// because of cross-domain security headers. So provide a link to
+		// the remote profile. 
+
+		// Zot channels will usually have a connect link.
+		// If it isn't zot, 'pro' members won't be able to use the connect
+		// button as it is a foreign network so just send them to the remote
+		// profile.  
+
 	
-	//	if((! local_channel()) || (get_pconfig(local_channel(),'system','chanview_full')))
-		
-		goaway($url);
-	
-	//	$o = replace_macros(get_markup_template('chanview.tpl'),array(
-	//		'$url' => $url,
-	//		'$full' => t('toggle full screen mode')
-	//	));
-	
-	//	return $o;
+		if($is_zot || \Zotlabs\Lib\System::get_server_role() === 'pro') {
+			if($is_zot && $observer) {
+				$url = zid($url);
+			}
+			goaway($url);
+		}
+		else {	
+			$o = replace_macros(get_markup_template('chanview.tpl'),array(
+				'$url' => $url,
+				'$full' => t('toggle full screen mode')
+			));
 	
+			return $o;
+		}
 	}
 	
 }

Zotlabs/Module/Cloud.php

@@ -1,7 +1,7 @@
 <?php
 namespace Zotlabs\Module;
 /**
- * @file mod/cloud.php
+ * @file Zotlabs/Module/Cloud.php
  * @brief Initialize Hubzilla's cloud (SabreDAV).
  *
  * Module for accessing the DAV storage area.
@@ -17,34 +17,35 @@ require_once('include/attach.php');
 
 
 /**
- * @brief Fires up the SabreDAV server.
+ * @brief Cloud Module.
  *
- * @param App &$a
  */
-
-
 class Cloud extends \Zotlabs\Web\Controller {
 
+	/**
+	 * @brief Fires up the SabreDAV server.
+	 *
+	 */
 	function init() {
-	
+
 		if (! is_dir('store'))
 			os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false);
-	
+
 		$which = null;
 		if (argc() > 1)
 			$which = argv(1);
-	
+
 		$profile = 0;
-	
+
 		\App::$page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . z_root() . '/feed/' . $which . '" />' . "\r\n";
-	
+
 		if ($which)
 			profile_load( $which, $profile);
-	
+
 		$auth = new \Zotlabs\Storage\BasicAuth();
-	
+
 		$ob_hash = get_observer_hash();
-	
+
 		if ($ob_hash) {
 			if (local_channel()) {
 				$channel = \App::get_channel();
@@ -57,40 +58,40 @@ class Cloud extends \Zotlabs\Web\Controller {
 			}
 			$auth->observer = $ob_hash;
 		}
-	
+
 		if ($_GET['davguest'])
 			$_SESSION['davguest'] = true;
-	
+
 		$_SERVER['QUERY_STRING'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['QUERY_STRING']);
 		$_SERVER['QUERY_STRING'] = strip_zids($_SERVER['QUERY_STRING']);
 		$_SERVER['QUERY_STRING'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism', '', $_SERVER['QUERY_STRING']);
-	
+
 		$_SERVER['REQUEST_URI'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['REQUEST_URI']);
 		$_SERVER['REQUEST_URI'] = strip_zids($_SERVER['REQUEST_URI']);
 		$_SERVER['REQUEST_URI'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism', '', $_SERVER['REQUEST_URI']);
-	
+
 		$rootDirectory = new \Zotlabs\Storage\Directory('/', $auth);
-	
+
 		// A SabreDAV server-object
 		$server = new SDAV\Server($rootDirectory);
 		// prevent overwriting changes each other with a lock backend
 		$lockBackend = new SDAV\Locks\Backend\File('store/[data]/locks');
 		$lockPlugin = new SDAV\Locks\Plugin($lockBackend);
-	
+
 		$server->addPlugin($lockPlugin);
-	
+
 		$is_readable = false;
-	
+
 		// provide a directory view for the cloud in Hubzilla
 		$browser = new \Zotlabs\Storage\Browser($auth);
 		$auth->setBrowserPlugin($browser);
-	
+
 		$server->addPlugin($browser);
-	
+
 		// Experimental QuotaPlugin
 	//	require_once('\Zotlabs\Storage/QuotaPlugin.php');
 	//	$server->addPlugin(new \Zotlabs\Storage\\QuotaPlugin($auth));
-	
+
 		ob_start();
 		// All we need to do now, is to fire up the server
 		$server->exec();
@@ -99,5 +100,5 @@ class Cloud extends \Zotlabs\Web\Controller {
 
 		killme();
 	}
-	
+
 }

Zotlabs/Module/Connect.php

@@ -29,7 +29,7 @@ class Connect extends \Zotlabs\Web\Controller {
 		profile_load($which,'');
 	}
 	
-		function post() {
+	function post() {
 	
 		if(! array_key_exists('channel', \App::$data))
 			return;
@@ -78,7 +78,7 @@ class Connect extends \Zotlabs\Web\Controller {
 	
 	
 	
-		function get() {
+	function get() {
 	
 		$edit = ((local_channel() && (local_channel() == \App::$data['channel']['channel_id'])) ? true : false);
 	

Zotlabs/Module/Connedit.php

@@ -41,11 +41,13 @@ class Connedit extends \Zotlabs\Web\Controller {
 			}
 		}
 	
+
 		$channel = \App::get_channel();
 		if($channel)
 			head_set_icon($channel['xchan_photo_s']);
 	
 	}
+
 	
 	/* @brief Evaluate posted values and set changes
 	 *
@@ -96,7 +98,7 @@ class Connedit extends \Zotlabs\Web\Controller {
 	
 		$profile_id = $_POST['profile_assign'];
 		if($profile_id) {
-			$r = q("SELECT profile_guid FROM profile WHERE profile_guid = '%s' AND `uid` = %d LIMIT 1",
+			$r = q("SELECT profile_guid FROM profile WHERE profile_guid = '%s' AND uid = %d LIMIT 1",
 				dbesc($profile_id),
 				intval(local_channel())
 			);
@@ -396,6 +398,7 @@ class Connedit extends \Zotlabs\Web\Controller {
 			return login();
 		}
 	
+		$section = ((array_key_exists('section',$_REQUEST)) ? $_REQUEST['section'] : '');
 		$channel = \App::get_channel();
 		$my_perms = get_channel_default_perms(local_channel());
 		$role = get_pconfig(local_channel(),'system','permissions_role');
@@ -448,7 +451,7 @@ class Connedit extends \Zotlabs\Web\Controller {
 	
 			}
 			if($cmd === 'resetphoto') {
-				q("update xchan set xchan_photo_date = '2001-01-01 00:00:00' where xchan_hash = '%s' limit 1",
+				q("update xchan set xchan_photo_date = '2001-01-01 00:00:00' where xchan_hash = '%s'",
 					dbesc($orig_record[0]['xchan_hash'])
 				);
 				$cmd = 'refresh';
@@ -521,11 +524,12 @@ class Connedit extends \Zotlabs\Web\Controller {
 			if($cmd === 'drop') {
 	
 	
-	// FIXME
-	// We need to send either a purge or a refresh packet to the other side (the channel being unfriended).
-	// The issue is that the abook DB record _may_ get destroyed when we call contact_remove. As the notifier runs
-	// in the background there could be a race condition preventing this packet from being sent in all cases.
-	// PLACEHOLDER
+				// @FIXME
+				// We need to send either a purge or a refresh packet to the other side (the channel being unfriended).
+				// The issue is that the abook DB record _may_ get destroyed when we call contact_remove. As the notifier
+				// runs in the background there could be a race condition preventing this packet from being sent in all
+				// cases.
+				// PLACEHOLDER
 	
 				contact_remove(local_channel(), $orig_record[0]['abook_id']);
 				build_sync_packet(0 /* use the current local_channel */,
@@ -545,9 +549,33 @@ class Connedit extends \Zotlabs\Web\Controller {
 	
 		if(\App::$poi) {
 	
+			$abook_prev = 0;
+			$abook_next = 0;
+
 			$contact_id = \App::$poi['abook_id'];
 			$contact = \App::$poi;
-	
+
+			$cn = q("SELECT abook_id, xchan_name from abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and abook_self = 0 order by xchan_name",
+				intval(local_channel())
+			);
+
+			if($cn) {
+				$pntotal = count($cn);
+
+				for($x = 0; $x < $pntotal; $x ++) {
+					if($cn[$x]['abook_id'] == $contact_id) {
+						if($x === 0)
+							$abook_prev = 0;
+						else
+							$abook_prev = $cn[$x - 1]['abook_id'];
+						if($x === $pntotal)
+							$abook_next = 0;
+						else
+							$abook_next = $cn[$x +1]['abook_id'];
+					}
+				}
+ 			}
+
 			$tools = array(
 	
 				'view' => array(
@@ -614,8 +642,10 @@ class Connedit extends \Zotlabs\Web\Controller {
 	
 			$self = false;
 	
-			if(intval($contact['abook_self']))
+			if(intval($contact['abook_self'])) {
 				$self = true;
+				$abook_prev = $abook_next = 0;
+			}
 	
 			$tpl = get_markup_template("abook_edit.tpl");
 	
@@ -750,6 +780,7 @@ class Connedit extends \Zotlabs\Web\Controller {
 				'$header'         => (($self) ? t('Connection Default Permissions') : sprintf( t('Connection: %s'),$contact['xchan_name'])),
 				'$autoperms'      => array('autoperms',t('Apply these permissions automatically'), ((get_pconfig(local_channel(),'system','autoperms')) ? 1 : 0), t('Connection requests will be approved without your interaction'), $yes_no),
 				'$addr'           => $contact['xchan_addr'],
+				'$section'        => $section,
 				'$addr_text'      => t('This connection\'s primary address is'),
 				'$loc_text'       => t('Available locations:'),
 				'$locstr'         => $locstr,
@@ -791,7 +822,8 @@ class Connedit extends \Zotlabs\Web\Controller {
 				'$multiprofs'     => $multiprofs,
 				'$contact_id'     => $contact['abook_id'],
 				'$name'           => $contact['xchan_name'],
-	
+				'$abook_prev'     => $abook_prev,
+				'$abook_next'     => $abook_next	
 			));
 	
 			$arr = array('contact' => $contact,'output' => $o);
@@ -800,9 +832,6 @@ class Connedit extends \Zotlabs\Web\Controller {
 	
 			return $arr['output'];
 	
-		}
-	
-	
+		}	
 	}
-	
 }

Zotlabs/Module/Contactgroup.php

@@ -23,7 +23,7 @@ class Contactgroup extends \Zotlabs\Web\Controller {
 	
 		if((argc() > 1) && (intval(argv(1)))) {
 	
-			$r = q("SELECT * FROM `groups` WHERE `id` = %d AND `uid` = %d AND `deleted` = 0 LIMIT 1",
+			$r = q("SELECT * FROM groups WHERE id = %d AND uid = %d AND deleted = 0 LIMIT 1",
 				intval(argv(1)),
 				intval(local_channel())
 			);

Zotlabs/Module/Cover_photo.php

@@ -88,7 +88,7 @@ class Cover_photo extends \Zotlabs\Web\Controller {
 			if($r) {
 	
 				$base_image = $r[0];
-				$base_image['content'] = (($r[0]['os_storage']) ? @file_get_contents($base_image['content']) : dbunescbin($base_image['content']));
+				$base_image['content'] = (($r[0]['os_storage']) ? @file_get_contents(dbunescbin($base_image['content'])) : dbunescbin($base_image['content']));
 			
 				$im = photo_factory($base_image['content'], $base_image['mimetype']);
 				if($im->is_valid()) {
@@ -309,7 +309,7 @@ class Cover_photo extends \Zotlabs\Web\Controller {
 					$havescale = true;
 			}
 	
-			$r = q("SELECT `content`, `mimetype`, resource_id, os_storage FROM photo WHERE id = %d and uid = %d limit 1",
+			$r = q("SELECT content, mimetype, resource_id, os_storage FROM photo WHERE id = %d and uid = %d limit 1",
 				intval($r[0]['id']),
 				intval(local_channel())
 	
@@ -320,7 +320,7 @@ class Cover_photo extends \Zotlabs\Web\Controller {
 			}
 	
 			if(intval($r[0]['os_storage']))
-				$data = @file_get_contents($r[0]['content']);
+				$data = @file_get_contents(dbunescbin($r[0]['content']));
 			else
 				$data = dbunescbin($r[0]['content']); 
 	

Zotlabs/Module/Dav.php

@@ -1,31 +1,26 @@
 <?php
-
-namespace Zotlabs\Module;
 /**
- * @file mod/dav.php
+ * @file Zotlabs/Module/Dav.php
  * @brief Initialize Hubzilla's cloud (SabreDAV).
  *
  * Module for accessing the DAV storage area from a DAV client.
  */
 
+namespace Zotlabs\Module;
+
 use \Sabre\DAV as SDAV;
 use \Zotlabs\Storage;
 
-// composer autoloader for SabreDAV
-require_once('vendor/autoload.php');
-
 require_once('include/attach.php');
 
-/**
- * @brief Fires up the SabreDAV server.
- *
- * @param App &$a
- */
-
 class Dav extends \Zotlabs\Web\Controller {
 
+	/**
+	 * @brief Fires up the SabreDAV server.
+	 *
+	 */
 	function init() {
-	
+
 		// workaround for HTTP-auth in CGI mode
 		if (x($_SERVER, 'REDIRECT_REMOTE_USER')) {
  			$userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)) ;
@@ -47,16 +42,16 @@ class Dav extends \Zotlabs\Web\Controller {
 
 		if (! is_dir('store'))
 			os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false);
-	
+
 		if (argc() > 1)
 			profile_load(argv(1),0);
-	
+
 
 		$auth = new \Zotlabs\Storage\BasicAuth();
 		$auth->setRealm(ucfirst(\Zotlabs\Lib\System::get_platform_name()) . ' ' . 'WebDAV');
 
 		$rootDirectory = new \Zotlabs\Storage\Directory('/', $auth);
-	
+
 		// A SabreDAV server-object
 		$server = new SDAV\Server($rootDirectory);
 
@@ -68,21 +63,20 @@ class Dav extends \Zotlabs\Web\Controller {
 		// prevent overwriting changes each other with a lock backend
 		$lockBackend = new SDAV\Locks\Backend\File('store/[data]/locks');
 		$lockPlugin = new SDAV\Locks\Plugin($lockBackend);
-	
+
 		$server->addPlugin($lockPlugin);
-	
+
 		// provide a directory view for the cloud in Hubzilla
 		$browser = new \Zotlabs\Storage\Browser($auth);
 		$auth->setBrowserPlugin($browser);
-	
+
 		// Experimental QuotaPlugin
-		// require_once('Zotlabs/Storage/QuotaPlugin.php');
 		// $server->addPlugin(new \Zotlabs\Storage\QuotaPlugin($auth));
-	
+
 		// All we need to do now, is to fire up the server
 		$server->exec();
-	
+
 		killme();
 	}
-	
+
 }

Zotlabs/Module/Directory.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace Zotlabs\Module;
 
 require_once('include/socgraph.php');

Zotlabs/Module/Dirsearch.php

@@ -12,7 +12,7 @@ class Dirsearch extends \Zotlabs\Web\Controller {
 	
 	}
 	
-		function get() {
+	function get() {
 	
 		$ret = array('success' => false);
 	
@@ -185,7 +185,7 @@ class Dirsearch extends \Zotlabs\Web\Controller {
 		else {
 			$qlimit = " LIMIT " . intval($perpage) . " OFFSET " . intval($startrec);
 			if($return_total) {
-				$r = q("SELECT COUNT(xchan_hash) AS `total` FROM xchan left join xprof on xchan_hash = xprof_hash where $logic $sql_extra and xchan_network = 'zot' and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0 $safesql ");
+				$r = q("SELECT COUNT(xchan_hash) AS total FROM xchan left join xprof on xchan_hash = xprof_hash where $logic $sql_extra and xchan_network = 'zot' and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0 $safesql ");
 				if($r) {
 					$ret['total_items'] = $r[0]['total'];
 				}
@@ -410,13 +410,13 @@ class Dirsearch extends \Zotlabs\Web\Controller {
 		$rand = db_getfunc('rand');
 		$realm = get_directory_realm();
 		if($realm == DIRECTORY_REALM) {
-			$r = q("select * from site where site_access != 0 and site_register !=0 and ( site_realm = '%s' or site_realm = '') and site_type = %d order by $rand",
+			$r = q("select * from site where site_access != 0 and site_register !=0 and ( site_realm = '%s' or site_realm = '') and site_type = %d and site_dead = 0 order by $rand",
 				dbesc($realm),
 				intval(SITE_TYPE_ZOT)
 			);
 		}
 		else {
-			$r = q("select * from site where site_access != 0 and site_register !=0 and site_realm = '%s' and site_type = %d order by $rand",
+			$r = q("select * from site where site_access != 0 and site_register !=0 and site_realm = '%s' and site_type = %d and site_dead = 0 order by $rand",
 				dbesc($realm),
 				intval(SITE_TYPE_ZOT)
 			);
@@ -457,6 +457,6 @@ class Dirsearch extends \Zotlabs\Web\Controller {
 			}
 		}
 		return $ret;
-	}		
-	
+	}
+
 }

Zotlabs/Module/Display.php

@@ -121,6 +121,8 @@ class Display extends \Zotlabs\Web\Controller {
 			 	return '';
 			}
 		}
+		
+		$static = ((array_key_exists('static',$_REQUEST)) ? intval($_REQUEST['static']) : 0);
 	
 	
 		$simple_update = (($update) ? " AND item_unseen = 1 " : '');
@@ -130,10 +132,13 @@ class Display extends \Zotlabs\Web\Controller {
 		if($load)
 			$simple_update = '';
 	
-	
+		if($static && $simple_update)
+			$simple_update .= " and item_thread_top = 0 and author_xchan = '" . protect_sprintf(get_observer_hash()) . "' ";
 	
 		if((! $update) && (! $load)) {
 	
+
+			$static  = ((local_channel()) ? channel_manual_conv_update(local_channel()) : 0);
 	
 			$o .= '<div id="live-display"></div>' . "\r\n";
 			$o .= "<script> var profile_uid = " . ((intval(local_channel())) ? local_channel() : (-1))
@@ -154,6 +159,7 @@ class Display extends \Zotlabs\Web\Controller {
 				'$fh' => '0',
 				'$nouveau' => '0',
 				'$wall' => '0',
+				'$static' => $static,
 				'$page' => ((\App::$pager['page'] != 1) ? \App::$pager['page'] : 1),
 				'$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0),
 				'$search' => '',
@@ -214,8 +220,8 @@ class Display extends \Zotlabs\Web\Controller {
 	
 					$r = q("SELECT * from item
 						WHERE mid = '%s'
-						AND (((( `item`.`allow_cid` = ''  AND `item`.`allow_gid` = '' AND `item`.`deny_cid`  = '' 
-						AND `item`.`deny_gid`  = '' AND item_private = 0 ) 
+						AND (((( item.allow_cid = ''  AND item.allow_gid = '' AND item.deny_cid  = '' 
+						AND item.deny_gid  = '' AND item_private = 0 ) 
 						and owner_xchan in ( " . stream_perms_xchans(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " ))
 						OR uid = %d )
 						$sql_extra )
@@ -258,8 +264,8 @@ class Display extends \Zotlabs\Web\Controller {
 	
 				$r = q("SELECT * from item
 					WHERE mid = '%s'
-					AND (((( `item`.`allow_cid` = ''  AND `item`.`allow_gid` = '' AND `item`.`deny_cid`  = '' 
-					AND `item`.`deny_gid`  = '' AND item_private = 0 ) 
+					AND (((( item.allow_cid = ''  AND item.allow_gid = '' AND item.deny_cid  = '' 
+					AND item.deny_gid  = '' AND item_private = 0 ) 
 					and owner_xchan in ( " . stream_perms_xchans(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " ))
 					OR uid = %d )
 					$sql_extra )
@@ -282,8 +288,8 @@ class Display extends \Zotlabs\Web\Controller {
 			$parents_str = ids_to_querystr($r,'id');
 			if($parents_str) {
 	
-				$items = q("SELECT `item`.*, `item`.`id` AS `item_id` 
-					FROM `item`
+				$items = q("SELECT item.*, item.id AS item_id 
+					FROM item
 					WHERE parent in ( %s ) $item_normal ",
 					dbesc($parents_str)
 				);
@@ -321,7 +327,7 @@ class Display extends \Zotlabs\Web\Controller {
 	/*
 		elseif((! $update) && (!  {
 			
-			$r = q("SELECT `id`, item_flags FROM `item` WHERE `id` = '%s' OR `mid` = '%s' LIMIT 1",
+			$r = q("SELECT id, item_flags FROM item WHERE id = '%s' OR mid = '%s' LIMIT 1",
 				dbesc($item_hash),
 				dbesc($item_hash)
 			);

Zotlabs/Module/Dreport.php

@@ -21,10 +21,11 @@ class Dreport extends \Zotlabs\Web\Controller {
 			$table = 'push';
 			$mid = ((argc() > 2) ? argv(2) : '');
 			if($mid) {	
-				$i = q("select id from item where mid = '%s' and author_xchan = '%s' and uid = %d",
+				$i = q("select id from item where mid = '%s' and uid = %d and ( author_xchan = '%s' or ( owner_xchan = '%s' and item_wall = 1 )) ",
 					dbesc($mid),
+					intval($channel['channel_id']),
 					dbesc($channel['channel_hash']),
-					intval($channel['channel_id'])
+					dbesc($channel['channel_hash'])
 				);
 				if($i) {
 					\Zotlabs\Daemon\Master::Summon([ 'Notifier', 'edit_post', $i[0]['id'] ]);
@@ -47,8 +48,9 @@ class Dreport extends \Zotlabs\Web\Controller {
 	
 		switch($table) {
 			case 'item':
-				$i = q("select id from item where mid = '%s' and author_xchan = '%s' ",
+				$i = q("select id from item where mid = '%s' and ( author_xchan = '%s' or ( owner_xchan = '%s' and item_wall = 1 )) ",
 					dbesc($mid),
+					dbesc($channel['channel_hash']),
 					dbesc($channel['channel_hash'])
 				);
 				break;

Zotlabs/Module/Editblock.php

@@ -80,7 +80,7 @@ class Editblock extends \Zotlabs\Web\Controller {
 			return;
 		}
 
-		$itm = q("SELECT * FROM `item` WHERE `id` = %d and uid = %s LIMIT 1",
+		$itm = q("SELECT * FROM item WHERE id = %d and uid = %s LIMIT 1",
 			intval($post_id),
 			intval($owner)
 		);

Zotlabs/Module/Editlayout.php

@@ -91,7 +91,7 @@ class Editlayout extends \Zotlabs\Web\Controller {
 			return;
 		}
 
-		$itm = q("SELECT * FROM `item` WHERE `id` = %d and uid = %s LIMIT 1",
+		$itm = q("SELECT * FROM item WHERE id = %d and uid = %s LIMIT 1",
 			intval($post_id),
 			intval($owner)
 		);

Zotlabs/Module/Editpost.php

@@ -25,7 +25,7 @@ class Editpost extends \Zotlabs\Web\Controller {
 			return;
 		}
 
-		$itm = q("SELECT * FROM `item` WHERE `id` = %d AND ( owner_xchan = '%s' OR author_xchan = '%s' ) LIMIT 1",
+		$itm = q("SELECT * FROM item WHERE id = %d AND ( owner_xchan = '%s' OR author_xchan = '%s' ) LIMIT 1",
 			intval($post_id),
 			dbesc(get_observer_hash()),
 			dbesc(get_observer_hash())
@@ -85,6 +85,7 @@ class Editpost extends \Zotlabs\Web\Controller {
 			'hide_voting' => true,
 			'hide_future' => true,
 			'hide_location' => true,
+			'parent' => (($itm[0]['mid'] === $itm[0]['parent_mid']) ? 0 : $itm[0]['parent']),
 			'mimetype' => $itm[0]['mimetype'],
 			'ptyp' => $itm[0]['obj_type'],
 			'body' => htmlspecialchars_decode(undo_post_tagging($itm[0]['body']),ENT_COMPAT),

Zotlabs/Module/Editwebpage.php

@@ -95,7 +95,7 @@ class Editwebpage extends \Zotlabs\Web\Controller {
 
 		$sql_extra = item_permissions_sql($owner);
 
-		$itm = q("SELECT * FROM `item` WHERE `id` = %d and uid = %s $sql_extra LIMIT 1",
+		$itm = q("SELECT * FROM item WHERE id = %d and uid = %s $sql_extra LIMIT 1",
 			intval($post_id),
 			intval($owner)
 		);

Zotlabs/Module/Embedphotos.php

@@ -1,99 +1,96 @@
 <?php
+
 namespace Zotlabs\Module;
 
 /**
+ * @brief
  *
- * This is the POST destination for the embedphotos button
- *
- */  
-
-
+ */
 class Embedphotos extends \Zotlabs\Web\Controller {
 
 	function get() {
-		
+
 	}
 
+	/**
+	 *
+	 * This is the POST destination for the embedphotos button
+	 *
+	 */
 	function post() {
-		
-    if (argc() > 1 && argv(1) === 'album') {
-        // API: /embedphotos/album
-        $name = (x($_POST,'name') ? $_POST['name'] : null );
-        if (!$name) {
-            json_return_and_die(array('errormsg' => 'Error retrieving album', 'status' => false));
-        }
-        $album = $this->embedphotos_widget_album(array('channel' => \App::get_channel(), 'album' => $name));
-        json_return_and_die(array('status' => true, 'content' => $album));
-
-    }
-    if (argc() > 1 && argv(1) === 'albumlist') {
-        // API: /embedphotos/albumlist
-        $album_list = $this->embedphotos_album_list($a);
-        json_return_and_die(array('status' => true, 'albumlist' => $album_list));
-
-    }
-    if (argc() > 1 && argv(1) === 'photolink') {
-        // API: /embedphotos/photolink
-        $href = (x($_POST,'href') ? $_POST['href'] : null );
-        if (!$href) {
-            json_return_and_die(array('errormsg' => 'Error retrieving link ' . $href, 'status' => false));
-        }
-        $resource_id = array_pop(explode("/", $href));
-        $r = q("SELECT obj,body from item where resource_type = 'photo' and resource_id = '%s' limit 1",
-						dbesc($resource_id)
-					);
-        if(!$r) {
-            json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false));
-        }
-        $obj = json_decode($r[0]['obj'], true);
-        if(x($obj,'body')) {
-            $photolink = $obj['body'];
-        } elseif (x($obj,'bbcode')) {
-            $photolink = $obj['bbcode'];
-        } elseif ($r[0]['body'] !== '') {
-						$photolink = $r[0]['body'];
-				}	else {
-            json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false));
-        }
-        json_return_and_die(array('status' => true, 'photolink' => $photolink));
-
-    }
+		if (argc() > 1 && argv(1) === 'album') {
+			// API: /embedphotos/album
+			$name = (x($_POST,'name') ? $_POST['name'] : null );
+			if(!$name) {
+				json_return_and_die(array('errormsg' => 'Error retrieving album', 'status' => false));
+			}
+			$album = $this->embedphotos_widget_album(array('channel' => \App::get_channel(), 'album' => $name));
+			json_return_and_die(array('status' => true, 'content' => $album));
+		}
+		if(argc() > 1 && argv(1) === 'albumlist') {
+			// API: /embedphotos/albumlist
+			$album_list = $this->embedphotos_album_list($a);
+			json_return_and_die(array('status' => true, 'albumlist' => $album_list));
+		}
+		if(argc() > 1 && argv(1) === 'photolink') {
+			// API: /embedphotos/photolink
+			$href = (x($_POST,'href') ? $_POST['href'] : null );
+			if(!$href) {
+				json_return_and_die(array('errormsg' => 'Error retrieving link ' . $href, 'status' => false));
+			}
+			$resource_id = array_pop(explode("/", $href));
+			$r = q("SELECT obj from item where resource_type = 'photo' and resource_id = '%s' limit 1",
+				dbesc($resource_id)
+			);
+			if(!$r) {
+				json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false));
+			}
+			$obj = json_decode($r[0]['obj'], true);
+			if(x($obj,'body')) {
+				$photolink = $obj['body'];
+			} elseif (x($obj,'bbcode')) {
+				$photolink = $obj['bbcode'];
+			} else {
+				json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false));
+			}
+			json_return_and_die(array('status' => true, 'photolink' => $photolink));
+		}
 	}
-	
-	
-/**
- * Copied from include/widgets.php::widget_album() with a modification to get the profile_uid from
- * the input array as in widget_item()
- * @param type $name
- * @return string
- */
-function embedphotos_widget_album($args) {
 
-    $channel_id = 0;
-    if(array_key_exists('channel',$args))
-            $channel = $args['channel'];
-            $channel_id = intval($channel['channel_id']);
-    if(! $channel_id)
-            $channel_id = \App::$profile_uid;
-    if(! $channel_id)
-            return '';
+	/**
+	 * Copied from include/widgets.php::widget_album() with a modification to get the profile_uid from
+	 * the input array as in widget_item()
+	 *
+	 * @param array $args
+	 * @return string with HTML
+	 */
+	function embedphotos_widget_album($args) {
+
+		$channel_id = 0;
+		if(array_key_exists('channel', $args))
+			$channel = $args['channel'];
+		$channel_id = intval($channel['channel_id']);
+		if(! $channel_id)
+			$channel_id = \App::$profile_uid;
+		if(! $channel_id)
+			return '';
+
 		$owner_uid = $channel_id;
-    require_once('include/security.php');
-    $sql_extra = permissions_sql($channel_id);
+		require_once('include/security.php');
+		$sql_extra = permissions_sql($channel_id);
 
-    if(! perm_is_allowed($channel_id,get_observer_hash(),'view_storage'))
-            return '';
+		if(! perm_is_allowed($channel_id,get_observer_hash(),'view_storage'))
+			return '';
 
-    if($args['album'])
-            $album = (($args['album'] === '/') ? '' : $args['album'] );
-    if($args['title'])
-            $title = $args['title'];
+		if($args['album'])
+			$album = $args['album'];
+		if($args['title'])
+			$title = $args['title'];
 
-		/** 
+		/**
 		 * This may return incorrect permissions if you have multiple directories of the same name.
 		 * It is a limitation of the photo table using a name for a photo album instead of a folder hash
 		 */
-
 		if($album) {
 			$x = q("select hash from attach where filename = '%s' and uid = %d limit 1",
 				dbesc($album),
@@ -109,34 +106,33 @@ function embedphotos_widget_album($args) {
 		$order = 'DESC';
 
 		$r = q("SELECT p.resource_id, p.id, p.filename, p.mimetype, p.imgscale, p.description, p.created FROM photo p INNER JOIN
-				(SELECT resource_id, max(imgscale) imgscale FROM photo WHERE uid = %d AND album = '%s' AND imgscale <= 4 AND photo_usage IN ( %d, %d ) $sql_extra GROUP BY resource_id) ph 
+				(SELECT resource_id, max(imgscale) imgscale FROM photo WHERE uid = %d AND album = '%s' AND imgscale <= 4 AND photo_usage IN ( %d, %d ) $sql_extra GROUP BY resource_id) ph
 				ON (p.resource_id = ph.resource_id AND p.imgscale = ph.imgscale)
-			ORDER BY created $order",
-			intval($owner_uid),
-			dbesc($album),
-			intval(PHOTO_NORMAL),
-			intval(PHOTO_PROFILE)
+				ORDER BY created $order",
+				intval($owner_uid),
+				dbesc($album),
+				intval(PHOTO_NORMAL),
+				intval(PHOTO_PROFILE)
 		);
 
 		$photos = array();
-			if(count($r)) {
-				$twist = 'rotright';
-				foreach($r as $rr) {
-	
-					if($twist == 'rotright')
-						$twist = 'rotleft';
-					else
-						$twist = 'rotright';
-					
-					$ext = $phototypes[$rr['mimetype']];
-	
-					$imgalt_e = $rr['filename'];
-					$desc_e = $rr['description'];
-	
-					$imagelink = (z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $rr['resource_id']
+		if(count($r)) {
+			$twist = 'rotright';
+			foreach($r as $rr) {
+				if($twist == 'rotright')
+					$twist = 'rotleft';
+				else
+					$twist = 'rotright';
+
+				$ext = $phototypes[$rr['mimetype']];
+
+				$imgalt_e = $rr['filename'];
+				$desc_e = $rr['description'];
+
+				$imagelink = (z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $rr['resource_id']
 					. (($_GET['order'] === 'posted') ? '?f=&order=posted' : ''));
-	
-					$photos[] = array(
+
+				$photos[] = array(
 						'id' => $rr['id'],
 						'twist' => ' ' . $twist . rand(2,4),
 						'link' => $imagelink,
@@ -148,8 +144,8 @@ function embedphotos_widget_album($args) {
 						'hash'=> $rr['resource_id'],
 						'unknown' => t('Unknown')
 					);
-				}
 			}
+		}
 
 		$tpl = get_markup_template('photo_album.tpl');
 		$o .= replace_macros($tpl, array(
@@ -165,18 +161,16 @@ function embedphotos_widget_album($args) {
 		));
 
 		return $o;
-}
+	}
 
-
-function embedphotos_album_list($a) {
-    $o = '';
-    require_once('include/photos.php');
-    $p = photos_albums_list(\App::get_channel(), \App::get_observer());
-    if ($p['success']) {
-        return $p['albums'];
-    } else {
-        return null;
-    }
-}
+	function embedphotos_album_list($a) {
+		require_once('include/photos.php');
+		$p = photos_albums_list(\App::get_channel(), \App::get_observer());
+		if($p['success']) {
+			return $p['albums'];
+		} else {
+			return null;
+		}
+	}
 
 }

Zotlabs/Module/Events.php

@@ -57,9 +57,6 @@ class Events extends \Zotlabs\Web\Controller {
 			$start = sprintf('%d-%d-%d %d:%d:0',$startyear,$startmonth,$startday,$starthour,$startminute);
 		}
 	
-		if($nofinish) {
-			$finish = NULL_DATE;
-		}
 	
 		if($finish_text) {
 			$finish = $finish_text;
@@ -67,6 +64,11 @@ class Events extends \Zotlabs\Web\Controller {
 		else {
 			$finish = sprintf('%d-%d-%d %d:%d:0',$finishyear,$finishmonth,$finishday,$finishhour,$finishminute);
 		}
+
+		if($nofinish) {
+			$finish = NULL_DATE;
+		}
+
 	
 		if($adjust) {
 			$start = datetime_convert(date_default_timezone_get(),'UTC',$start);
@@ -118,8 +120,10 @@ class Events extends \Zotlabs\Web\Controller {
 			goaway($onerror_url);
 		}
 	
-		$share = ((intval($_POST['distr'])) ? intval($_POST['distr']) : 0);
-	
+		//		$share = ((intval($_POST['distr'])) ? intval($_POST['distr']) : 0);
+
+		$share = 1;	
+
 		$channel = \App::get_channel();
 	
 		$acl = new \Zotlabs\Access\AccessList(false);
@@ -207,7 +211,6 @@ class Events extends \Zotlabs\Web\Controller {
 	
 		$event = event_store_event($datarray);
 	
-	
 		if($post_tags)	
 			$datarray['term'] = $post_tags;
 	
@@ -336,7 +339,7 @@ class Events extends \Zotlabs\Web\Controller {
 	
 			/* edit/create form */
 			if($event_id) {
-				$r = q("SELECT * FROM `event` WHERE event_hash = '%s' AND `uid` = %d LIMIT 1",
+				$r = q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1",
 					dbesc($event_id),
 					intval(local_channel())
 				);
@@ -438,8 +441,6 @@ class Events extends \Zotlabs\Web\Controller {
 
 			$permissions = ((x($orig_event)) ? $orig_event : $perm_defaults);
 
-			//print_r(acl2json($permissions['allow_gid'])); killme();
-	
 			$tpl = get_markup_template('event_form.tpl');
 	
 			$form = replace_macros($tpl,array(
@@ -467,9 +468,6 @@ class Events extends \Zotlabs\Web\Controller {
 				'$l_text' => (($event_id) ? t('Edit Location') : t('Location')),
 				'$l_orig' => $l_orig,
 				'$t_orig' => $t_orig,
-				'$sh_text' => t('Share this event'),
-				'$sh_checked' => $sh_checked,
-				'$share' => array('distr', t('Share this event'), $sh_checked, '', array(t('No'),t('Yes'))),
 				'$preview' => t('Preview'),
 				'$perms_label' => t('Permission settings'),
 				// populating the acl dialog was a permission description from view_stream because Cal.php, which
@@ -481,6 +479,8 @@ class Events extends \Zotlabs\Web\Controller {
 				'$deny_cid' => acl2json($permissions['deny_cid']),
 				'$deny_gid' => acl2json($permissions['deny_gid']),
 
+				'$lockstate' => (($acl->is_private()) ? 'lock' : 'unlock'),
+
 				'$submit' => t('Submit'),
 				'$advanced' => t('Advanced Options')
 	
@@ -545,8 +545,8 @@ class Events extends \Zotlabs\Web\Controller {
 				);
 			} elseif($export) {
 				$r = q("SELECT * from event where uid = %d
-					AND (( `adjust` = 0 AND ( `dtend` >= '%s' or nofinish = 1 ) AND `dtstart` <= '%s' ) 
-					OR  (  `adjust` = 1 AND ( `dtend` >= '%s' or nofinish = 1 ) AND `dtstart` <= '%s' )) ",
+					AND (( adjust = 0 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' ) 
+					OR  (  adjust = 1 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' )) ",
 					intval(local_channel()),
 					dbesc($start),
 					dbesc($finish),
@@ -559,10 +559,10 @@ class Events extends \Zotlabs\Web\Controller {
 				// There's still an issue if the finish date crosses the end of month.
 				// Noting this for now - it will need to be fixed here and in Friendica.
 				// Ultimately the finish date shouldn't be involved in the query. 
-	
+
 				$r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan
 	                              from event left join item on event_hash = resource_id 
-					where resource_type = 'event' and event.uid = %d $ignored 
+					where resource_type = 'event' and event.uid = %d and event.uid = item.uid $ignored 
 					AND (( adjust = 0 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' ) 
 					OR  (  adjust = 1 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' )) ",
 					intval(local_channel()),
@@ -571,7 +571,6 @@ class Events extends \Zotlabs\Web\Controller {
 					dbesc($adjust_start),
 					dbesc($adjust_finish)
 				);
-	
 			}
 	
 			$links = array();
@@ -609,6 +608,12 @@ class Events extends \Zotlabs\Web\Controller {
 						$end = null;
 					} else {
 						$end = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtend'], 'c') : datetime_convert('UTC','UTC',$rr['dtend'],'c'));
+
+						// give a fake end to birthdays so they get crammed into a 
+						// single day on the calendar
+
+						if($rr['etype'] === 'birthday')
+							$end = null;
 					}
 					
 					
@@ -694,7 +699,7 @@ class Events extends \Zotlabs\Web\Controller {
 		}
 	
 		if($mode === 'drop' && $event_id) {
-			$r = q("SELECT * FROM `event` WHERE event_hash = '%s' AND `uid` = %d LIMIT 1",
+			$r = q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1",
 				dbesc($event_id),
 				intval(local_channel())
 			);
@@ -702,7 +707,7 @@ class Events extends \Zotlabs\Web\Controller {
 			$sync_event = $r[0];
 	
 			if($r) {
-				$r = q("delete from event where event_hash = '%s' and uid = %d limit 1",
+				$r = q("delete from event where event_hash = '%s' and uid = %d",
 					dbesc($event_id),
 					intval(local_channel())
 				);

Zotlabs/Module/Fbrowser.php

@@ -32,7 +32,7 @@ class Fbrowser extends \Zotlabs\Web\Controller {
 				$sql_extra2 = " ORDER BY created DESC LIMIT 0, 10";
 				
 				if (\App::$argc==2){
-					$albums = q("SELECT distinct(`album`) AS `album` FROM `photo` WHERE `uid` = %d ",
+					$albums = q("SELECT distinct(album) AS album FROM photo WHERE uid = %d ",
 						intval(local_channel())
 					);
 					// anon functions only from 5.3.0... meglio tardi che mai..
@@ -43,14 +43,14 @@ class Fbrowser extends \Zotlabs\Web\Controller {
 				$album = "";
 				if (\App::$argc==3){
 					$album = hex2bin(\App::$argv[2]);
-					$sql_extra = sprintf("AND `album` = '%s' ",dbesc($album));
+					$sql_extra = sprintf("AND album = '%s' ",dbesc($album));
 					$sql_extra2 = "";
 					$path[]=array(z_root() . "/fbrowser/image/" . \App::$argv[2] . "/", $album);
 				}
 					
-				$r = q("SELECT `resource_id`, `id`, `filename`, type, min(`imgscale`) AS `hiq`,max(`imgscale`) AS `loq`, `description`  
-						FROM `photo` WHERE `uid` = %d $sql_extra
-						GROUP BY `resource_id` $sql_extra2",
+				$r = q("SELECT resource_id, id, filename, type, min(imgscale) AS hiq,max(imgscale) AS loq, description  
+						FROM photo WHERE uid = %d $sql_extra
+						GROUP BY resource_id $sql_extra2",
 					intval(local_channel())					
 				);
 				
@@ -70,7 +70,7 @@ class Fbrowser extends \Zotlabs\Web\Controller {
 				break;
 			case "file":
 				if (\App::$argc==2){
-					$files = q("SELECT id, filename, filetype FROM `attach` WHERE `uid` = %d ",
+					$files = q("SELECT id, filename, filetype FROM attach WHERE uid = %d ",
 						intval(local_channel())
 					);
 					

Zotlabs/Module/File_upload.php

@@ -12,7 +12,7 @@ class File_upload extends \Zotlabs\Web\Controller {
 
 		// logger('file upload: ' . print_r($_REQUEST,true));
 	
-		$channel = (($_REQUEST['channick']) ? get_channel_by_nick($_REQUEST['channick']) : null);
+		$channel = (($_REQUEST['channick']) ? channelx_by_nick($_REQUEST['channick']) : null);
 	
 		if(! $channel) {
 			logger('channel not found');

Zotlabs/Module/Filestorage.php

@@ -1,7 +1,7 @@
 <?php
 namespace Zotlabs\Module;
 /**
- * @file mod/filestorage.php
+ * @file Zotlabs/Module/Filestorage.php
  *
  */
 
@@ -16,43 +16,43 @@ require_once('include/attach.php');
 class Filestorage extends \Zotlabs\Web\Controller {
 
 	function post() {
-	
+
 		$channel_id = ((x($_POST, 'uid')) ? intval($_POST['uid']) : 0);
-	
+
 		if((! $channel_id) || (! local_channel()) || ($channel_id != local_channel())) {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}
-	
+
 		$recurse = ((x($_POST, 'recurse')) ? intval($_POST['recurse']) : 0);
 		$resource = ((x($_POST, 'filehash')) ? notags($_POST['filehash']) : '');
 		$notify = ((x($_POST, 'notify')) ? intval($_POST['notify']) : 0);
-	
+
 		if(! $resource) {
 			notice(t('Item not found.') . EOL);
 			return;
 		}
-	
+
 		$channel = \App::get_channel();
-	
+
 		$acl = new \Zotlabs\Access\AccessList($channel);
 		$acl->set_from_array($_REQUEST);
 		$x = $acl->get();
-	
+
 		$cloudPath = get_parent_cloudpath($channel_id, $channel['channel_address'], $resource);
-	
+
 		//get the object before permissions change so we can catch eventual former allowed members
 		$object = get_file_activity_object($channel_id, $resource, $cloudPath);
-	
+
 		attach_change_permissions($channel_id, $resource, $x['allow_cid'], $x['allow_gid'], $x['deny_cid'], $x['deny_gid'], $recurse, true);
-	
+
 		file_activity($channel_id, $object, $x['allow_cid'], $x['allow_gid'], $x['deny_cid'], $x['deny_gid'], 'post', $notify);
-	
+
 		goaway($cloudPath);
 	}
-	
+
 	function get() {
-	
+
 		if(argc() > 1)
 			$which = argv(1);
 		else {
@@ -60,7 +60,7 @@ class Filestorage extends \Zotlabs\Web\Controller {
 			\App::$error = 404;
 			return;
 		}
-	
+
 		$r = q("select * from channel where channel_address = '%s'",
 			dbesc($which)
 		);
@@ -68,32 +68,32 @@ class Filestorage extends \Zotlabs\Web\Controller {
 			$channel = $r[0];
 			$owner = intval($r[0]['channel_id']);
 		}
-	
+
 		$observer = \App::get_observer();
 		$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
-	
+
 		$perms = get_all_perms($owner, $ob_hash);
-	
+
 		if(! $perms['view_storage']) {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}
-	
+
 		// Since we have ACL'd files in the wild, but don't have ACL here yet, we
 		// need to return for anyone other than the owner, despite the perms check for now.
-	
+
 		$is_owner = (((local_channel()) && ($owner  == local_channel())) ? true : false);
 		if(! $is_owner) {
 			info( t('Permission Denied.') . EOL );
 			return;
 		}
-	
+
 		if(argc() > 3 && argv(3) === 'delete') {
 			if(! $perms['write_storage']) {
 				notice( t('Permission denied.') . EOL);
 				return;
 			}
-	
+
 			$file = intval(argv(2));
 			$r = q("SELECT hash FROM attach WHERE id = %d AND uid = %d LIMIT 1",
 				dbesc($file),
@@ -103,17 +103,17 @@ class Filestorage extends \Zotlabs\Web\Controller {
 				notice( t('File not found.') . EOL);
 				goaway(z_root() . '/cloud/' . $which);
 			}
-	
+
 			$f = $r[0];
 			$channel = \App::get_channel();
-	
+
 			$parentpath = get_parent_cloudpath($channel['channel_id'], $channel['channel_address'], $f['hash']);
-	
+
 			attach_delete($owner, $f['hash']);
-	
+
 			goaway($parentpath);
 		}
-	
+
 		if(argc() > 3 && argv(3) === 'edit') {
 			require_once('include/acl_selectors.php');
 			if(! $perms['write_storage']) {
@@ -121,23 +121,23 @@ class Filestorage extends \Zotlabs\Web\Controller {
 				return;
 			}
 			$file = intval(argv(2));
-	
+
 			$r = q("select id, uid, folder, filename, revision, flags, is_dir, os_storage, hash, allow_cid, allow_gid, deny_cid, deny_gid from attach where id = %d and uid = %d limit 1",
 				intval($file),
 				intval($owner)
 			);
-	
+
 			$f = $r[0];
 			$channel = \App::get_channel();
-	
+
 			$cloudpath = get_cloudpath($f) . (intval($f['is_dir']) ? '?f=&davguest=1' : '');
 			$parentpath = get_parent_cloudpath($channel['channel_id'], $channel['channel_address'], $f['hash']);
-	
+
 			$aclselect_e = populate_acl($f, false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_storage'));
 			$is_a_dir = (intval($f['is_dir']) ? true : false);
-	
-			$lockstate = (($f['allow_cid'] || $f['allow_gid'] || $f['deny_cid'] || $f['deny_gid']) ? 'lock' : 'unlock'); 
-	
+
+			$lockstate = (($f['allow_cid'] || $f['allow_gid'] || $f['deny_cid'] || $f['deny_gid']) ? 'lock' : 'unlock');
+
 			// Encode path that is used for link so it's a valid URL
 			// Keep slashes as slashes, otherwise mod_rewrite doesn't work correctly
 			$encoded_path = str_replace('%2F', '/', rawurlencode($cloudpath));
@@ -167,12 +167,12 @@ class Filestorage extends \Zotlabs\Web\Controller {
 				'$link_btn_title' => t('Show URL to this file'),
 				'$notify' => array('notify', t('Notify your contacts about this file'), 0, '', array(t('No'), t('Yes'))),
 			));
-	
+
 			echo $o;
 			killme();
 		}
-	
+
 		goaway(z_root() . '/cloud/' . $which);
 	}
-	
+
 }

Zotlabs/Module/Follow.php

@@ -20,9 +20,6 @@ class Follow extends \Zotlabs\Web\Controller {
 	
 		$channel = \App::get_channel();
 
-		// Warning: Do not edit the following line. The first symbol is UTF-8 ＠ 
-		$url = str_replace('@','@',$url);	
-
 		$result = new_contact($uid,$url,$channel,true,$confirm);
 		
 		if($result['success'] == false) {

Zotlabs/Module/Group.php

@@ -34,7 +34,7 @@ class Group extends \Zotlabs\Web\Controller {
 		if((argc() == 2) && (intval(argv(1)))) {
 			check_form_security_token_redirectOnErr('/group', 'group_edit');
 			
-			$r = q("SELECT * FROM `groups` WHERE `id` = %d AND `uid` = %d LIMIT 1",
+			$r = q("SELECT * FROM groups WHERE id = %d AND uid = %d LIMIT 1",
 				intval(argv(1)),
 				intval(local_channel())
 			);
@@ -48,7 +48,7 @@ class Group extends \Zotlabs\Web\Controller {
 			$public = intval($_POST['public']);
 	
 			if((strlen($groupname))  && (($groupname != $group['gname']) || ($public != $group['visible']))) {
-				$r = q("UPDATE `groups` SET `gname` = '%s', visible = %d  WHERE `uid` = %d AND `id` = %d",
+				$r = q("UPDATE groups SET gname = '%s', visible = %d  WHERE uid = %d AND id = %d",
 					dbesc($groupname),
 					intval($public),
 					intval(local_channel()),
@@ -101,7 +101,7 @@ class Group extends \Zotlabs\Web\Controller {
 			check_form_security_token_redirectOnErr('/group', 'group_drop', 't');
 			
 			if(intval(argv(2))) {
-				$r = q("SELECT `gname` FROM `groups` WHERE `id` = %d AND `uid` = %d LIMIT 1",
+				$r = q("SELECT gname FROM groups WHERE id = %d AND uid = %d LIMIT 1",
 					intval(argv(2)),
 					intval(local_channel())
 				);
@@ -133,7 +133,7 @@ class Group extends \Zotlabs\Web\Controller {
 		if((argc() > 1) && (intval(argv(1)))) {
 	
 			require_once('include/acl_selectors.php');
-			$r = q("SELECT * FROM `groups` WHERE `id` = %d AND `uid` = %d AND `deleted` = 0 LIMIT 1",
+			$r = q("SELECT * FROM groups WHERE id = %d AND uid = %d AND deleted = 0 LIMIT 1",
 				intval(argv(1)),
 				intval(local_channel())
 			);
@@ -212,7 +212,7 @@ class Group extends \Zotlabs\Web\Controller {
 				group_rmv_member(local_channel(),$group['gname'],$member['xchan_hash']);
 		}
 	
-		$r = q("SELECT abook.*, xchan.* FROM `abook` left join xchan on abook_xchan = xchan_hash WHERE `abook_channel` = %d AND abook_self = 0 and abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 order by xchan_name asc",
+		$r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d AND abook_self = 0 and abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 order by xchan_name asc",
 			intval(local_channel())
 		);
 	

Zotlabs/Module/Help.php

@@ -1,66 +1,100 @@
 <?php
 namespace Zotlabs\Module;
 
-
 require_once('include/help.php');
 
 /**
  * You can create local site resources in doc/Site.md and either link to doc/Home.md for the standard resources
  * or use our include mechanism to include it on your local page.
- *
+ *@code
  * #include doc/Home.md;
+ *@endcode
  *
- * The syntax is somewhat strict. 
- *
+ * The syntax is somewhat strict.
  */
-
 class Help extends \Zotlabs\Web\Controller {
 
 	function get() {
-
 		nav_set_selected('help');
-	
+
 		if($_REQUEST['search']) {
-		
 			$o .= '<div id="help-content" class="generic-content-wrapper">';
 			$o .= '<div class="section-title-wrapper">';
 			$o .= '<h2>' . t('Documentation Search') . ' - ' . htmlspecialchars($_REQUEST['search']) . '</h2>';
 			$o .= '</div>';
 			$o .= '<div class="section-content-wrapper">';
-	
+
 			$r = search_doc_files($_REQUEST['search']);
 			if($r) {
 				$o .= '<ul class="help-searchlist">';
 				foreach($r as $rr) {
 					$dirname = dirname($rr['v']);
 					$fname = basename($rr['v']);
-					$fname = substr($fname,0,strrpos($fname,'.'));
-					$path = trim(substr($dirname,4),'/');
-	
-					$o .= '<li><a href="help/' . (($path) ? $path . '/' : '') . $fname . '" >' . ucwords(str_replace('_',' ',notags($fname))) . '</a><br />'
-						. '<b><i>' . 'help/' . (($path) ? $path . '/' : '') . $fname . '</i></b><br />' .
-					'...' . str_replace('$Projectname',\Zotlabs\Lib\System::get_platform_name(),$rr['text']) . '...<br /><br /></li>';
-	
+					$fname = substr($fname, 0, strrpos($fname, '.'));
+					$path = trim(substr($dirname, 4), '/');
+
+					$o .= '<li><a href="help/' . (($path) ? $path . '/' : '') . $fname . '" >' . ucwords(str_replace('_',' ',notags($fname))) . '</a><br>'
+						. '<b><i>' . 'help/' . (($path) ? $path . '/' : '') . $fname . '</i></b><br>'
+						. '...' . str_replace('$Projectname', \Zotlabs\Lib\System::get_platform_name(), $rr['text']) . '...<br><br></li>';
 				}
 				$o .= '</ul>';
 				$o .= '</div>';
 				$o .= '</div>';
 			}
+
 			return $o;
 		}
-	
+                
+                
+                if(argc() > 2 && argv(argc()-2) === 'assets') {
+                        $path = '';
+                        for($x = 1; $x < argc(); $x ++) {
+                                if(strlen($path))
+                                        $path .= '/';
+                                $path .= argv($x);
+                        }
+                        $realpath = 'doc/' . $path;
+                         //Set the content-type header as appropriate
+                        $imageInfo = getimagesize($realpath);
+                        switch ($imageInfo[2]) {
+                            case IMAGETYPE_JPEG:
+                                header("Content-Type: image/jpeg");
+                                break;
+                            case IMAGETYPE_GIF:
+                                header("Content-Type: image/gif");
+                                break;
+                            case IMAGETYPE_PNG:
+                                header("Content-Type: image/png");
+                                break;
+                           default:
+                                break;
+                        }
+                        header("Content-Length: " . filesize($realpath));
 
-		$content =  get_help_content();
+                        // dump the picture and stop the script
+                        readfile($realpath);
+                        killme();
+                }
 
+		$headings = [
+			'about' => t('About'),
+			'member' => t('Members'),
+			'admin' => t('Administrators'),
+			'developer' => t('Developers'),
+			'tutorials' => t('Tutorials')
+		];
 
-		return replace_macros(get_markup_template("help.tpl"), array(
+		if(array_key_exists(argv(1), $headings))
+			$heading = $headings[argv(1)];
+
+                $content =  get_help_content();
+
+		return replace_macros(get_markup_template('help.tpl'), array(
 			'$title' => t('$Projectname Documentation'),
-			'$content' => $content
+			'$tocHeading' => t('Contents'),
+			'$content' => $content,
+			'$heading' => $heading
 		));
-	
 	}
-	
-	
-	
-	
+
 }

Zotlabs/Module/Import.php

@@ -77,23 +77,27 @@ class Import extends \Zotlabs\Web\Controller {
 	
 			$channelname = substr($old_address,0,strpos($old_address,'@'));
 			$servername  = substr($old_address,strpos($old_address,'@')+1);
-	
-			$scheme = 'https://';
-			$api_path = '/api/red/channel/export/basic?f=&channel=' . $channelname;
+
+			$api_path = probe_api_path($servername);
+			if(! $api_path) {
+				notice( t('Unable to download data from old server') . EOL);
+				return;
+			}
+
+			$api_path .= 'channel/export/basic?f=&channel=' . $channelname;
 			if($import_posts)
 				$api_path .= '&posts=1';
 			$binary = false;
 			$redirects = 0;
 			$opts = array('http_auth' => $email . ':' . $password);
-			$url = $scheme . $servername . $api_path;
-			$ret = z_fetch_url($url, $binary, $redirects, $opts);
-			if(! $ret['success'])
-				$ret = z_fetch_url('http://' . $servername . $api_path, $binary, $redirects, $opts);
-			if($ret['success'])
+			$ret = z_fetch_url($api_path, $binary, $redirects, $opts);
+			if($ret['success']) {
 				$data = $ret['body'];
-			else
+			}
+			else {
 				notice( t('Unable to download data from old server') . EOL);
-	
+				return;
+			}
 		}
 	
 		if(! $data) {
@@ -294,15 +298,8 @@ class Import extends \Zotlabs\Web\Controller {
 					);
 					if($r)
 						continue;
-	
-					dbesc_array($xchan);
-			
-					$r = dbq("INSERT INTO xchan (`" 
-						. implode("`, `", array_keys($xchan)) 
-						. "`) VALUES ('" 
-						. implode("', '", array_values($xchan)) 
-						. "')" );
-	
+
+					create_table_from_array('xchan',$xchan);	
 		
 					require_once('include/photo/photo_driver.php');
 					$photos = import_xchan_photo($xchan['xchan_photo_l'],$xchan['xchan_hash']);
@@ -382,13 +379,8 @@ class Import extends \Zotlabs\Web\Controller {
 							continue;
 					}
 	
-					dbesc_array($abook);
-					$r = dbq("INSERT INTO abook (`" 
-						. implode("`, `", array_keys($abook)) 
-						. "`) VALUES ('" 
-						. implode("', '", array_values($abook)) 
-						. "')" );
-	
+					create_table_from_array('abook',$abook);
+
 					$friends ++;
 					if(intval($abook['abook_feed']))
 						$feeds ++;
@@ -423,15 +415,11 @@ class Import extends \Zotlabs\Web\Controller {
 						unset($group['name']);
 					}
 					unset($group['id']);
-					$group['uid'] = $channel['channel_id'];					
-					dbesc_array($group);
-					$r = dbq("INSERT INTO groups (`" 
-						. implode("`, `", array_keys($group)) 
-						. "`) VALUES ('" 
-						. implode("', '", array_values($group)) 
-						. "')" );
+					$group['uid'] = $channel['channel_id'];
+
+					create_table_from_array('groups',$group);
 				}
-				$r = q("select * from `groups` where uid = %d",
+				$r = q("select * from groups where uid = %d",
 					intval($channel['channel_id'])
 				);
 				if($r) {
@@ -451,12 +439,7 @@ class Import extends \Zotlabs\Web\Controller {
 						if($x['old'] == $group_member['gid'])
 							$group_member['gid'] = $x['new'];
 					}
-					dbesc_array($group_member);
-					$r = dbq("INSERT INTO group_member (`" 
-						. implode("`, `", array_keys($group_member)) 
-						. "`) VALUES ('" 
-						. implode("', '", array_values($group_member)) 
-						. "')" );
+					create_table_from_array('group_member',$group_member);
 				}
 			}
 			logger('import step 9');

Zotlabs/Module/Invite.php

@@ -111,7 +111,7 @@ class Invite extends \Zotlabs\Web\Controller {
 				$invite_code = autoname(8) . rand(1000,9999);
 				$nmessage = str_replace('$invite_code',$invite_code,$message);
 	
-				$r = q("INSERT INTO `register` (`hash`,`created`) VALUES ('%s', '%s') ",
+				$r = q("INSERT INTO register (hash,created) VALUES ('%s', '%s') ",
 					dbesc($invite_code),
 					dbesc(datetime_convert())
 				);

Zotlabs/Module/Item.php

@@ -126,6 +126,8 @@ class Item extends \Zotlabs\Web\Controller {
 			$ret = $this->item_check_service_class($uid,(($_REQUEST['webpage'] == ITEM_TYPE_WEBPAGE) ? true : false));
 			if (!$ret['success']) { 
 				notice( t($ret['message']) . EOL) ;
+				if($api_source)
+					return ( [ 'success' => false, 'message' => 'service class exception' ] );	
 				if(x($_REQUEST,'return')) 
 					goaway(z_root() . "/" . $return_path );
 				killme();
@@ -156,13 +158,13 @@ class Item extends \Zotlabs\Web\Controller {
 				$obj_type = ACTIVITY_OBJ_COMMENT;
 	
 			if($parent) {
-				$r = q("SELECT * FROM `item` WHERE `id` = %d LIMIT 1",
+				$r = q("SELECT * FROM item WHERE id = %d LIMIT 1",
 					intval($parent)
 				);
 			}
 			elseif($parent_mid && $uid) {
 				// This is coming from an API source, and we are logged in
-				$r = q("SELECT * FROM `item` WHERE `mid` = '%s' AND `uid` = %d LIMIT 1",
+				$r = q("SELECT * FROM item WHERE mid = '%s' AND uid = %d LIMIT 1",
 					dbesc($parent_mid),
 					intval($uid)
 				);
@@ -172,7 +174,7 @@ class Item extends \Zotlabs\Web\Controller {
 				$parid = $r[0]['parent'];
 				$parent_mid = $r[0]['mid'];
 				if($r[0]['id'] != $r[0]['parent']) {
-					$r = q("SELECT * FROM `item` WHERE `id` = `parent` AND `parent` = %d LIMIT 1",
+					$r = q("SELECT * FROM item WHERE id = parent AND parent = %d LIMIT 1",
 						intval($parid)
 					);
 				}
@@ -180,6 +182,8 @@ class Item extends \Zotlabs\Web\Controller {
 	
 			if(($r === false) || (! count($r))) {
 				notice( t('Unable to locate original post.') . EOL);
+				if($api_source)
+					return ( [ 'success' => false, 'message' => 'invalid post id' ] );	
 				if(x($_REQUEST,'return')) 
 					goaway(z_root() . "/" . $return_path );
 				killme();
@@ -214,6 +218,8 @@ class Item extends \Zotlabs\Web\Controller {
 	
 			if(! $can_comment) {
 				notice( t('Permission denied.') . EOL) ;
+				if($api_source)
+					return ( [ 'success' => false, 'message' => 'permission denied' ] );	
 				if(x($_REQUEST,'return')) 
 					goaway(z_root() . "/" . $return_path );
 				killme();
@@ -222,6 +228,8 @@ class Item extends \Zotlabs\Web\Controller {
 		else {
 			if(! perm_is_allowed($profile_uid,$observer['xchan_hash'],($webpage) ? 'write_pages' : 'post_wall')) {
 				notice( t('Permission denied.') . EOL) ;
+				if($api_source)
+					return ( [ 'success' => false, 'message' => 'permission denied' ] );	
 				if(x($_REQUEST,'return')) 
 					goaway(z_root() . "/" . $return_path );
 				killme();
@@ -246,7 +254,7 @@ class Item extends \Zotlabs\Web\Controller {
 		$iconfig = null;
 	
 		if($post_id) {
-			$i = q("SELECT * FROM `item` WHERE `uid` = %d AND `id` = %d LIMIT 1",
+			$i = q("SELECT * FROM item WHERE uid = %d AND id = %d LIMIT 1",
 				intval($profile_uid),
 				intval($post_id)
 			);
@@ -276,6 +284,8 @@ class Item extends \Zotlabs\Web\Controller {
 	
 		if(! $channel) {
 			logger("mod_item: no channel.");
+			if($api_source)
+				return ( [ 'success' => false, 'message' => 'no channel' ] );	
 			if(x($_REQUEST,'return')) 
 				goaway(z_root() . "/" . $return_path );
 			killme();
@@ -291,6 +301,8 @@ class Item extends \Zotlabs\Web\Controller {
 		}
 		else {
 			logger("mod_item: no owner.");
+			if($api_source)
+				return ( [ 'success' => false, 'message' => 'no owner' ] );	
 			if(x($_REQUEST,'return')) 
 				goaway(z_root() . "/" . $return_path );
 			killme();
@@ -433,6 +445,8 @@ class Item extends \Zotlabs\Web\Controller {
 				if($preview)
 					killme();
 				info( t('Empty post discarded.') . EOL );
+				if($api_source)
+					return ( [ 'success' => false, 'message' => 'no content' ] );	
 				if(x($_REQUEST,'return')) 
 					goaway(z_root() . "/" . $return_path );
 				killme();
@@ -473,6 +487,8 @@ class Item extends \Zotlabs\Web\Controller {
 				}
 				else {
 					notice( t('Executable content type not permitted to this channel.') . EOL);
+					if($api_source)
+						return ( [ 'success' => false, 'message' => 'forbidden content type' ] );	
 					if(x($_REQUEST,'return')) 
 						goaway(z_root() . "/" . $return_path );
 					killme();
@@ -508,7 +524,7 @@ class Item extends \Zotlabs\Web\Controller {
 	//			$body = escape_tags(trim($body));
 	//			$body = str_replace("\n",'<br />', $body);
 	//			$body = preg_replace_callback('/\[share(.*?)\]/ism','\share_shield',$body);			
-	//			$body = diaspora2bb($body,true);
+	//			$body = markdown_to_bb($body,true);
 	//			$body = preg_replace_callback('/\[share(.*?)\]/ism','\share_unshield',$body);
 	//		}
 	
@@ -553,8 +569,8 @@ class Item extends \Zotlabs\Web\Controller {
 			$body = preg_replace_callback('/\[zrl(.*?)\[\/(zrl)\]/ism','\red_escape_codeblock',$body);
 	
 
-			$body = preg_replace_callback("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\+\,]+)/ism", 'nakedoembed', $body);
-			$body = preg_replace_callback("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\+\,]+)/ism", '\red_zrl_callback', $body);
+			$body = preg_replace_callback("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\+\,\(\)]+)/ism", 'nakedoembed', $body);
+			$body = preg_replace_callback("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\+\,\(\)]+)/ism", '\red_zrl_callback', $body);
 	
 			$body = preg_replace_callback('/\[\$b64zrl(.*?)\[\/(zrl)\]/ism','\red_unescape_codeblock',$body);
 			$body = preg_replace_callback('/\[\$b64url(.*?)\[\/(url)\]/ism','\red_unescape_codeblock',$body);
@@ -863,7 +879,8 @@ class Item extends \Zotlabs\Web\Controller {
 			logger('mod_item: post cancelled by plugin or duplicate suppressed.');
 			if($return_path)
 				goaway(z_root() . "/" . $return_path);
-	
+			if($api_source)
+				return ( [ 'success' => false, 'message' => 'operation cancelled' ] );	
 			$json = array('cancel' => 1);
 			$json['reload'] = z_root() . '/' . $_REQUEST['jsreload'];
 			echo json_encode($json);
@@ -901,6 +918,8 @@ class Item extends \Zotlabs\Web\Controller {
 	
 			$x = item_store_update($datarray,$execflag);
 			
+			item_create_edit_activity($x);			
+
 			if(! $parent) {
 				$r = q("select * from item where id = %d",
 					intval($post_id)
@@ -914,6 +933,10 @@ class Item extends \Zotlabs\Web\Controller {
 			if(! $nopush)
 				\Zotlabs\Daemon\Master::Summon(array('Notifier', 'edit_post', $post_id));
 	
+
+			if($api_source)
+				return($x);
+
 			if((x($_REQUEST,'return')) && strlen($return_path)) {
 				logger('return: ' . $return_path);
 				goaway(z_root() . "/" . $return_path );
@@ -988,8 +1011,11 @@ class Item extends \Zotlabs\Web\Controller {
 		else {
 			logger('mod_item: unable to retrieve post that was just stored.');
 			notice( t('System error. Post not saved.') . EOL);
-			goaway(z_root() . "/" . $return_path );
-			// NOTREACHED
+			if($return_path)
+				goaway(z_root() . "/" . $return_path );
+			if($api_source)
+				return ( [ 'success' => false, 'message' => 'system error' ] );
+			killme();
 		}
 		
 		if(($parent) && ($parent != $post_id)) {
@@ -1082,6 +1108,14 @@ class Item extends \Zotlabs\Web\Controller {
 				else {
 					// complex deletion that needs to propagate and be performed in phases
 					drop_item($i[0]['id'],true,DROPITEM_PHASE1);
+					$r = q("select * from item where id = %d",
+						intval($i[0]['id'])
+					);
+					if($r) {
+						xchan_query($r);
+						$sync_item = fetch_post_tags($r);
+						build_sync_packet($i[0]['uid'],array('item' => array(encode_item($sync_item[0],true))));
+					}
 					tag_deliver($i[0]['uid'],$i[0]['id']);
 				}
 			}

Zotlabs/Module/Like.php

@@ -226,7 +226,7 @@ class Like extends \Zotlabs\Web\Controller {
 				$z[0]['deleted'] = 1;
 				build_sync_packet($ch[0]['channel_id'],array('likes' => $z));
 	
-				q("delete from likes where id = %d limit 1",
+				q("delete from likes where id = %d",
 					intval($z[0]['id'])
 				);
 				if($z[0]['i_mid']) {

Zotlabs/Module/Linkinfo.php

@@ -13,7 +13,7 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 	
 		$text = null;
 		$str_tags = '';
-	
+		$process_oembed = true;	
 	
 		$br = "\n";
 	
@@ -22,6 +22,11 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 		else
 			$url = trim($_GET['url']);
 	
+		if(substr($url,0,1) === '!') {
+			$process_oembed = false;
+			$url = substr($url,1);
+		}
+
 		$url = strip_zids($url);
 	
 		if((substr($url,0,1) != '/') && (substr($url,0,4) != 'http'))
@@ -91,10 +96,12 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 			killme();
 		}
 	
-		$x = oembed_process($url);
-		if($x) {
-			echo $x;
-			killme();
+		if($process_oembed) {
+			$x = oembed_process($url);
+			if($x) {
+				echo $x;
+				killme();
+			}
 		}
 	
 		if($url && $title && $text) {

Zotlabs/Module/Lockview.php

@@ -102,7 +102,7 @@ class Lockview extends \Zotlabs\Web\Controller {
 		stringify_array_elms($deny_users,true);
 	
 		if(count($allowed_groups)) {
-			$r = q("SELECT gname FROM `groups` WHERE hash IN ( " . implode(', ', $allowed_groups) . " )");
+			$r = q("SELECT gname FROM groups WHERE hash IN ( " . implode(', ', $allowed_groups) . " )");
 			if($r)
 				foreach($r as $rr) 
 					$l[] = '<li><b>' . $rr['gname'] . '</b></li>';
@@ -121,7 +121,7 @@ class Lockview extends \Zotlabs\Web\Controller {
 			}
 		}
 		if(count($deny_groups)) {
-			$r = q("SELECT gname FROM `groups` WHERE hash IN ( " . implode(', ', $deny_groups) . " )");
+			$r = q("SELECT gname FROM groups WHERE hash IN ( " . implode(', ', $deny_groups) . " )");
 			if($r)
 				foreach($r as $rr) 
 					$l[] = '<li><b><strike>' . $rr['gname'] . '</strike></b></li>';

Zotlabs/Module/Locs.php

@@ -80,7 +80,7 @@ class Locs extends \Zotlabs\Web\Controller {
 	
 	
 	
-		function get() {
+	function get() {
 	
 	
 		if(! local_channel()) {

Zotlabs/Module/Mail.php

@@ -83,10 +83,24 @@ class Mail extends \Zotlabs\Web\Controller {
 		linkify_tags($a, $body, local_channel());
 	
 		if($preview) {
+			$mail = [
+				'mailbox' => 'outbox',
+				'id' => 0,
+				'mid' => 'M0',
+				'from_name' => $channel['xchan_name'],
+				'from_url' =>  $channel['xchan_url'],
+				'from_photo' => $channel['xchan_photo_s'],
+				'subject' => smilies(bbcode($subject)),
+				'body' => smilies(bbcode($body)),
+				'attachments' => '',
+				'can_recall' => false,
+				'is_recalled' => '',
+				'date' => datetime_convert('UTC',date_default_timezone_get(),$message['created'], 'c')
+			];
 			
-	
-	
-	
+			echo replace_macros(get_markup_template('mail_conv.tpl'), [ '$mail' => $mail ] );
+			killme();
+
 		}
 	
 		if(! $recipient) {

Zotlabs/Module/Manage.php

@@ -93,9 +93,9 @@ class Manage extends \Zotlabs\Web\Controller {
 						$channels[$x]['mail'] = intval($mails[0]['total']);
 			
 	
-					$events = q("SELECT etype, dtstart, adjust FROM `event`
-						WHERE `event`.`uid` = %d AND dtstart < '%s' AND dtstart > '%s' and `dismissed` = 0
-						ORDER BY `dtstart` ASC ",
+					$events = q("SELECT etype, dtstart, adjust FROM event
+						WHERE event.uid = %d AND dtstart < '%s' AND dtstart > '%s' and dismissed = 0
+						ORDER BY dtstart ASC ",
 						intval($channels[$x]['channel_id']),
 						dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + 7 days')),
 						dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days'))

Zotlabs/Module/Match.php

@@ -25,7 +25,7 @@ class Match extends \Zotlabs\Web\Controller {
 	
 		$o .= '<h2>' . t('Profile Match') . '</h2>';
 	
-		$r = q("SELECT `keywords` FROM `profile` WHERE `is_default` = 1 AND `uid` = %d LIMIT 1",
+		$r = q("SELECT keywords FROM profile WHERE is_default = 1 AND uid = %d LIMIT 1",
 			intval(local_channel())
 		);
 		if (! count($r))

Zotlabs/Module/Msearch.php

@@ -1,47 +0,0 @@
-<?php
-namespace Zotlabs\Module;
-
-
-class Msearch extends \Zotlabs\Web\Controller {
-
-	function post() {
-	
-		$perpage = (($_POST['n']) ? $_POST['n'] : 80);
-		$page = (($_POST['p']) ? intval($_POST['p'] - 1) : 0);
-		$startrec = (($page+1) * $perpage) - $perpage;
-	
-		$search = $_POST['s'];
-		if(! strlen($search))
-			killme();
-	
-		$r = q("SELECT COUNT(*) AS `total` FROM `profile` LEFT JOIN `user` ON `user`.`uid` = `profile`.`uid` WHERE `is_default` = 1 AND `user`.`hidewall` = 0 AND MATCH `keywords` AGAINST ('%s') ",
-			dbesc($search)
-		);
-		if(count($r))
-			$total = $r[0]['total'];
-	
-		$r = q("SELECT `keywords`, `username`, `nickname`, `user`.`uid` FROM `user` LEFT JOIN `profile` ON `user`.`uid` = `profile`.`uid` WHERE `is_default` = 1 AND `user`.`hidewall` = 0 AND MATCH `keywords` AGAINST ('%s') LIMIT %d , %d ",
-			dbesc($search),
-			intval($startrec),
-			intval($perpage)
-		);
-	
-		$results = array();
-		if(count($r)) {
-			foreach($r as $rr)
-				$results[] = array(
-					'name' => $rr['name'], 
-					'url' => z_root() . '/channel/' . $rr['nickname'], 
-					'photo' => z_root() . '/photo/avatar/' . $rr['uid'],
-					'tags' => str_replace(array(',','  '),array(' ',' '),$rr['keywords'])
-				);
-		}
-	
-		$output = array('total' => $total, 'items_page' => $perpage, 'page' => $page + 1, 'results' => $results);
-	
-		echo json_encode($output);
-	
-		killme();
-	
-	}
-}

Zotlabs/Module/Network.php

@@ -54,6 +54,7 @@ class Network extends \Zotlabs\Web\Controller {
 		$datequery  = ((x($_GET,'dend') && is_a_date_arg($_GET['dend'])) ? notags($_GET['dend']) : '');
 		$datequery2 = ((x($_GET,'dbegin') && is_a_date_arg($_GET['dbegin'])) ? notags($_GET['dbegin']) : '');
 		$nouveau    = ((x($_GET,'new')) ? intval($_GET['new']) : 0);
+		$static     = ((x($_GET,'static')) ? intval($_GET['static']) : 0); 
 		$gid        = ((x($_GET,'gid')) ? intval($_GET['gid']) : 0);
 		$category   = ((x($_REQUEST,'cat')) ? $_REQUEST['cat'] : '');
 		$hashtags   = ((x($_REQUEST,'tag')) ? $_REQUEST['tag'] : '');
@@ -186,6 +187,8 @@ class Network extends \Zotlabs\Web\Controller {
 	
 			$status_editor = status_editor($a,$x);
 			$o .= $status_editor;
+
+			$static = channel_manual_conv_update(local_channel());
 	
 		}
 	
@@ -201,7 +204,7 @@ class Network extends \Zotlabs\Web\Controller {
 	
 		$sql_nets = '';
 	
-		$sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE item_thread_top = 1 $sql_options ) ";
+		$sql_extra = " AND item.parent IN ( SELECT parent FROM item WHERE item_thread_top = 1 $sql_options ) ";
 	
 		if($group) {
 			$contact_str = '';
@@ -295,6 +298,7 @@ class Network extends \Zotlabs\Web\Controller {
 				'$fh'      => (($firehose) ? $firehose : '0'),
 				'$nouveau' => (($nouveau) ? $nouveau : '0'),
 				'$wall'    => '0',
+				'$static'  => $static, 
 				'$list'    => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0),
 				'$page'    => ((\App::$pager['page'] != 1) ? \App::$pager['page'] : 1),
 				'$search'  => (($search) ? $search : ''),
@@ -401,7 +405,8 @@ class Network extends \Zotlabs\Web\Controller {
 			$page_mode = 'client';
 	
 		$simple_update = (($update) ? " and item_unseen = 1 " : '');
-	
+
+
 		// This fixes a very subtle bug so I'd better explain it. You wake up in the morning or return after a day
 		// or three and look at your matrix page - after opening up your browser. The first page loads just as it
 		// should. All of a sudden a few seconds later, page 2 will get inserted at the beginning of the page
@@ -418,6 +423,9 @@ class Network extends \Zotlabs\Web\Controller {
 			$simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' )  OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) ";
 		if($load)
 			$simple_update = '';
+
+		if($static && $simple_update)
+			$simple_update .= " and item_thread_top = 0 and author_xchan = '" . protect_sprintf(get_observer_hash()) . "' ";	
 	
 		if($nouveau && $load) {
 			// "New Item View" - show all items unthreaded in reverse created date order

Zotlabs/Module/Notifications.php

@@ -1,70 +1,11 @@
 <?php
 namespace Zotlabs\Module;
 
+require_once('include/bbcode.php');
 
 class Notifications extends \Zotlabs\Web\Controller {
 
-	function post() {
-	
-		if(! local_channel()) {
-			goaway(z_root());
-		}
-		
-		$request_id = ((\App::$argc > 1) ? \App::$argv[1] : 0);
-		
-		if($request_id === "all")
-			return;
-	
-		if($request_id) {
-	
-			$r = q("SELECT * FROM `intro` WHERE `id` = %d  AND `uid` = %d LIMIT 1",
-				intval($request_id),
-				intval(local_channel())
-			);
-		
-			if(count($r)) {
-				$intro_id = $r[0]['id'];
-				$contact_id = $r[0]['contact-id'];
-			}
-			else {
-				notice( t('Invalid request identifier.') . EOL);
-				return;
-			}
-	
-			// If it is a friend suggestion, the contact is not a new friend but an existing friend
-			// that should not be deleted.
-	
-			$fid = $r[0]['fid'];
-	
-			if($_POST['submit'] == t('Discard')) {
-				$r = q("DELETE FROM `intro` WHERE `id` = %d", 
-					intval($intro_id)
-				);	
-				if(! $fid) {
-	
-					// The check for blocked and pending is in case the friendship was already approved
-					// and we just want to get rid of the now pointless notification
-	
-					$r = q("DELETE FROM `contact` WHERE `id` = %d AND `uid` = %d AND `self` = 0 AND `blocked` = 1 AND `pending` = 1", 
-						intval($contact_id),
-						intval(local_channel())
-					);
-				}
-				goaway(z_root() . '/notifications/intros');
-			}
-			if($_POST['submit'] == t('Ignore')) {
-				$r = q("UPDATE `intro` SET `ignore` = 1 WHERE `id` = %d",
-					intval($intro_id));
-				goaway(z_root() . '/notifications/intros');
-			}
-		}
-	}
-	
-	
-	
-	
-	
-		function get() {
+	function get() {
 	
 		if(! local_channel()) {
 			notice( t('Permission denied.') . EOL);
@@ -74,36 +15,32 @@ class Notifications extends \Zotlabs\Web\Controller {
 		nav_set_selected('notifications');		
 	
 		$o = '';
-	
-			$notif_tpl = get_markup_template('notifications.tpl');
+		
+		$r = q("SELECT * from notify where uid = %d and seen = 0 order by created desc",
+			intval(local_channel())
+		);
 			
-			$not_tpl = get_markup_template('notify.tpl');
-			require_once('include/bbcode.php');
-	
-			$r = q("SELECT * from notify where uid = %d and seen = 0 order by created desc",
-				intval(local_channel())
-			);
-			
-			if ($r > 0) {
-				$notifications_available =1;
-				foreach ($r as $it) {
-					$notif_content .= replace_macros($not_tpl,array(
-						'$item_link' => z_root().'/notify/view/'. $it['id'],
-						'$item_image' => $it['photo'],
-						'$item_text' => strip_tags(bbcode($it['msg'])),
-						'$item_when' => relative_date($it['created'])
-					));
-				}
-			} else {
-				$notif_content .= t('No more system notifications.');
+		if($r) {
+			$notifications_available = 1;
+			foreach ($r as $it) {
+				$notif_content .= replace_macros(get_markup_template('notify.tpl'),array(
+					'$item_link' => z_root().'/notify/view/'. $it['id'],
+					'$item_image' => $it['photo'],
+					'$item_text' => strip_tags(bbcode($it['msg'])),
+					'$item_when' => relative_date($it['created'])
+				));
 			}
+		}
+		else {
+			$notif_content .= t('No more system notifications.');
+		}
 			
-			$o .= replace_macros($notif_tpl,array(
-				'$notif_header' => t('System Notifications'),
-				'$notif_link_mark_seen' => t('Mark all system notifications seen'),
-				'$notif_content' => $notif_content,
-				'$notifications_available' => $notifications_available,
-			));
+		$o .= replace_macros(get_markup_template('notifications.tpl'),array(
+			'$notif_header' => t('System Notifications'),
+			'$notif_link_mark_seen' => t('Mark all system notifications seen'),
+			'$notif_content' => $notif_content,
+			'$notifications_available' => $notifications_available,
+		));
 	
 		return $o;
 	}

Zotlabs/Module/Photo.php

@@ -127,17 +127,7 @@ class Photo extends \Zotlabs\Web\Controller {
 				  }
 			}
 			
-			// If using resolution 1, make sure it exists before proceeding:
-			if($resolution == 1) {
-			    $r = q("SELECT uid FROM photo WHERE resource_id = '%s' AND imgscale = %d LIMIT 1",
-				   dbesc($photo),
-				   intval($resolution)
-				);
-			    if(! $r) {
-			      $resolution = 2;
-				}
-			}
-	
+
 			$r = q("SELECT uid FROM photo WHERE resource_id = '%s' AND imgscale = %d LIMIT 1",
 				dbesc($photo),
 				intval($resolution)
@@ -166,6 +156,14 @@ class Photo extends \Zotlabs\Web\Controller {
 					intval($resolution)
 				);
 	
+				$d = [ 'imgscale' => $resolution, 'resource_id' => $photo, 'photo' => $r, 'allowed' => $allowed ];
+				call_hooks('get_photo',$d);
+
+				$resolution = $d['imgscale'];
+				$photo      = $d['resource_id'];
+				$r          = $d['photo'];
+				$allowed    = $d['allowed'];
+
 				if($r && $allowed) {
 					$data = dbunescbin($r[0]['content']);
 					$mimetype = $r[0]['mimetype'];
@@ -183,7 +181,7 @@ class Photo extends \Zotlabs\Web\Controller {
 					// they won't have the photo link, so there's a reasonable chance that the person
 					// might be able to obtain permission to view it.
 	
-					$r = q("SELECT * FROM `photo` WHERE `resource_id` = '%s' AND `imgscale` = %d LIMIT 1",
+					$r = q("SELECT * FROM photo WHERE resource_id = '%s' AND imgscale = %d LIMIT 1",
 						dbesc($photo),
 						intval($resolution)
 					);
@@ -200,6 +198,9 @@ class Photo extends \Zotlabs\Web\Controller {
 			}
 		}
 	
+
+
+
 		if(! isset($data)) {
 			if(isset($resolution)) {
 				switch($resolution) {

Zotlabs/Module/Photos.php

@@ -195,7 +195,7 @@ class Photos extends \Zotlabs\Web\Controller {
 			if(! $ob_hash)
 				goaway(z_root() . '/' . $_SESSION['photo_return']);
 	
-			$r = q("SELECT `id`, `resource_id` FROM `photo` WHERE ( xchan = '%s' or `uid` = %d ) AND `resource_id` = '%s' LIMIT 1",
+			$r = q("SELECT id, resource_id FROM photo WHERE ( xchan = '%s' or uid = %d ) AND resource_id = '%s' LIMIT 1",
 				dbesc($ob_hash),
 				intval(local_channel()),
 				dbesc(\App::$argv[2])
@@ -241,12 +241,12 @@ class Photos extends \Zotlabs\Web\Controller {
 			   ( (intval($_POST['rotate']) == 1) || (intval($_POST['rotate']) == 2) )) {
 				logger('rotate');
 	
-				$r = q("select * from photo where `resource_id` = '%s' and uid = %d and imgscale = 0 limit 1",
+				$r = q("select * from photo where resource_id = '%s' and uid = %d and imgscale = 0 limit 1",
 					dbesc($resource_id),
 					intval($page_owner_uid)
 				);
 				if(count($r)) {
-					$d = (($r[0]['os_storage']) ? @file_get_contents($r[0]['content']) : dbunescbin($r[0]['content']));
+					$d = (($r[0]['os_storage']) ? @file_get_contents(dbunescbin($r[0]['content'])) : dbunescbin($r[0]['content']));
 					$ph = photo_factory($d, $r[0]['mimetype']);
 					if($ph->is_valid()) {
 						$rotate_deg = ( (intval($_POST['rotate']) == 1) ? 270 : 90 );
@@ -259,7 +259,7 @@ class Photos extends \Zotlabs\Web\Controller {
 							@file_put_contents($r[0]['content'],$ph->imageString());
 							$data = $r[0]['content'];
 							$fsize = @filesize($r[0]['content']);
-							q("update attach set filesize = %d where hash = '%s' and uid = %d limit 1",
+							q("update attach set filesize = %d where hash = '%s' and uid = %d",
 								intval($fsize),
 								dbesc($resource_id),
 								intval($page_owner_uid)
@@ -270,7 +270,7 @@ class Photos extends \Zotlabs\Web\Controller {
 							$fsize = strlen($data);
 						}
 	
-						$x = q("update photo set content = '%s', filesize = %d, height = %d, width = %d where `resource_id` = '%s' and uid = %d and imgscale = 0",
+						$x = q("update photo set content = '%s', filesize = %d, height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 0",
 							dbescbin($data),
 							intval($fsize),
 							intval($height),
@@ -285,7 +285,7 @@ class Photos extends \Zotlabs\Web\Controller {
 						$width  = $ph->getWidth();
 						$height = $ph->getHeight();
 	
-						$x = q("update photo set content = '%s', height = %d, width = %d where `resource_id` = '%s' and uid = %d and imgscale = 1",
+						$x = q("update photo set content = '%s', height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 1",
 							dbescbin($ph->imageString()),
 							intval($height),
 							intval($width),
@@ -300,7 +300,7 @@ class Photos extends \Zotlabs\Web\Controller {
 						$width  = $ph->getWidth();
 						$height = $ph->getHeight();
 	
-						$x = q("update photo set content = '%s', height = %d, width = %d where `resource_id` = '%s' and uid = %d and imgscale = 2",
+						$x = q("update photo set content = '%s', height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 2",
 							dbescbin($ph->imageString()),
 							intval($height),
 							intval($width),
@@ -315,7 +315,7 @@ class Photos extends \Zotlabs\Web\Controller {
 						$width  = $ph->getWidth();
 						$height = $ph->getHeight();
 	
-						$x = q("update photo set content = '%s', height = %d, width = %d where `resource_id` = '%s' and uid = %d and imgscale = 3",
+						$x = q("update photo set content = '%s', height = %d, width = %d where resource_id = '%s' and uid = %d and imgscale = 3",
 							dbescbin($ph->imageString()),
 							intval($height),
 							intval($width),
@@ -333,7 +333,7 @@ class Photos extends \Zotlabs\Web\Controller {
 			if($p) {
 				$ext = $phototypes[$p[0]['mimetype']];
 	
-				$r = q("UPDATE `photo` SET `description` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' WHERE `resource_id` = '%s' AND `uid` = %d",
+				$r = q("UPDATE photo SET description = '%s', allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' WHERE resource_id = '%s' AND uid = %d",
 					dbesc($desc),
 					dbesc($perm['allow_cid']),
 					dbesc($perm['allow_gid']),
@@ -367,7 +367,7 @@ class Photos extends \Zotlabs\Web\Controller {
 			}
 	
 			if($item_id) {
-				$r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1",
+				$r = q("SELECT * FROM item WHERE id = %d AND uid = %d LIMIT 1",
 					intval($item_id),
 					intval($page_owner_uid)
 				);
@@ -695,8 +695,8 @@ class Photos extends \Zotlabs\Web\Controller {
 			\App::$page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$cmd) . '" title="oembed" />' . "\r\n";
 	
 	
-			$r = q("SELECT `resource_id`, max(`imgscale`) AS `imgscale` FROM `photo` WHERE `uid` = %d AND `album` = '%s' 
-				AND `imgscale` <= 4 and photo_usage IN ( %d, %d ) and is_nsfw = %d $sql_extra GROUP BY `resource_id`",
+			$r = q("SELECT resource_id, max(imgscale) AS imgscale FROM photo WHERE uid = %d AND album = '%s' 
+				AND imgscale <= 4 and photo_usage IN ( %d, %d ) and is_nsfw = %d $sql_extra GROUP BY resource_id",
 				intval($owner_uid),
 				dbesc($album),
 				intval(PHOTO_NORMAL),
@@ -843,8 +843,8 @@ class Photos extends \Zotlabs\Web\Controller {
 	
 			// fetch image, item containing image, then comments
 	
-			$ph = q("SELECT id,aid,uid,xchan,resource_id,created,edited,title,`description`,album,filename,mimetype,height,width,filesize,imgscale,photo_usage,is_nsfw,allow_cid,allow_gid,deny_cid,deny_gid FROM `photo` WHERE `uid` = %d AND `resource_id` = '%s' 
-				$sql_extra ORDER BY `imgscale` ASC ",
+			$ph = q("SELECT id,aid,uid,xchan,resource_id,created,edited,title,description,album,filename,mimetype,height,width,filesize,imgscale,photo_usage,is_nsfw,allow_cid,allow_gid,deny_cid,deny_gid FROM photo WHERE uid = %d AND resource_id = '%s' 
+				$sql_extra ORDER BY imgscale ASC ",
 				intval($owner_uid),
 				dbesc($datum)
 			);
@@ -875,8 +875,8 @@ class Photos extends \Zotlabs\Web\Controller {
 				$order = 'DESC';
 	
 	
-			$prvnxt = q("SELECT `resource_id` FROM `photo` WHERE `album` = '%s' AND `uid` = %d AND `imgscale` = 0 
-				$sql_extra ORDER BY `created` $order ",
+			$prvnxt = q("SELECT resource_id FROM photo WHERE album = '%s' AND uid = %d AND imgscale = 0 
+				$sql_extra ORDER BY created $order ",
 				dbesc($ph[0]['album']),
 				intval($owner_uid)
 			); 
@@ -993,7 +993,7 @@ class Photos extends \Zotlabs\Web\Controller {
 				}
 	
 				if((local_channel()) && (local_channel() == $link_item['uid'])) {
-					q("UPDATE `item` SET item_unseen = 0 WHERE parent = %d and uid = %d and item_unseen = 1",
+					q("UPDATE item SET item_unseen = 0 WHERE parent = %d and uid = %d and item_unseen = 1",
 						intval($link_item['parent']),
 						intval(local_channel())
 					);
@@ -1283,8 +1283,8 @@ class Photos extends \Zotlabs\Web\Controller {
 			\App::$page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$cmd) . '" title="oembed" />' . "\r\n";
 	
 	
-		$r = q("SELECT `resource_id`, max(`imgscale`) AS `imgscale` FROM `photo` WHERE `uid` = %d 
-			and photo_usage in ( %d, %d ) and is_nsfw = %d $sql_extra GROUP BY `resource_id`",
+		$r = q("SELECT resource_id, max(imgscale) AS imgscale FROM photo WHERE uid = %d 
+			and photo_usage in ( %d, %d ) and is_nsfw = %d $sql_extra GROUP BY resource_id",
 			intval(\App::$data['channel']['channel_id']),
 			intval(PHOTO_NORMAL),
 			intval(PHOTO_PROFILE),

Zotlabs/Module/Ping.php

@@ -1,32 +1,27 @@
 <?php
-namespace Zotlabs\Module;
 
-/**
- * @file mod/ping.php
- *
- */
+namespace Zotlabs\Module;
 
 require_once('include/bbcode.php');
 
-
 /**
- * @brief do several updates when pinged.
+ * @brief Ping Controller.
  *
- * This function does several tasks. Whenever called it checks for new messages,
- * introductions, notifications, etc. and returns a json with the results.
- *
- * @param App &$a
- * @result JSON
  */
-
-
 class Ping extends \Zotlabs\Web\Controller {
 
+	/**
+	 * @brief do several updates when pinged.
+	 *
+	 * This function does several tasks. Whenever called it checks for new messages,
+	 * introductions, notifications, etc. and returns a json with the results.
+	 *
+	 * @result JSON
+	 */
 	function init() {
-	
 		$result = array();
 		$notifs = array();
-	
+
 		$result['notify'] = 0;
 		$result['home'] = 0;
 		$result['network'] = 0;
@@ -41,45 +36,45 @@ class Ping extends \Zotlabs\Web\Controller {
 		$result['all_events_today'] = 0;
 		$result['notice'] = array();
 		$result['info'] = array();
-	
+
 		$t0 = dba_timer();
-	
+
 		header("content-type: application/json");
-	
+
 		$vnotify = false;
-	
+
 		$item_normal = item_normal();
-	
-		if(local_channel())  {
+
+		if(local_channel()) {
 			$vnotify = get_pconfig(local_channel(),'system','vnotify');
 			$evdays = intval(get_pconfig(local_channel(),'system','evdays'));
 			$ob_hash = get_observer_hash();
 		}
-	
+
 		// if unset show all visual notification types
 		if($vnotify === false)
 			$vnotify = (-1);
 		if($evdays < 1)
 			$evdays = 3;
-	
+
 		/**
 		 * If you have several windows open to this site and switch to a different channel
-		 * in one of them, the others may get into a confused state showing you a page or options 
+		 * in one of them, the others may get into a confused state showing you a page or options
 		 * on that page which were only valid under the old identity. You session has changed.
 		 * Therefore we send a notification of this fact back to the browser where it is picked up
 		 * in javascript and which reloads the page it is on so that it is valid under the context
-		 * of the now current channel. 
+		 * of the now current channel.
 		 */
-	
+
 		$result['invalid'] = ((intval($_GET['uid'])) && (intval($_GET['uid']) != local_channel()) ? 1 : 0);
-	
+
 		/**
 		 * Send all system messages (alerts) to the browser.
 		 * Some are marked as informational and some represent
 		 * errors or serious notifications. These typically
 		 * will popup on the current page (no matter what page it is)
 		 */
-	
+
 		if(x($_SESSION, 'sysmsg')){
 			foreach ($_SESSION['sysmsg'] as $m){
 				$result['notice'][] = array('message' => $m);
@@ -96,17 +91,16 @@ class Ping extends \Zotlabs\Web\Controller {
 			$result['info'] = array();
 		if(! ($vnotify & VNOTIFY_ALERT))
 			$result['notice'] = array();
-	
-	
+
 		if(\App::$install) {
 			echo json_encode($result);
 			killme();
 		}
-	
+
 		/**
 		 * Update chat presence indication (if applicable)
 		 */
-	
+
 		if(get_observer_hash() && (! $result['invalid'])) {
 			$r = q("select cp_id, cp_room from chatpresence where cp_xchan = '%s' and cp_client = '%s' and cp_room = 0 limit 1",
 				dbesc(get_observer_hash()),
@@ -114,7 +108,7 @@ class Ping extends \Zotlabs\Web\Controller {
 			);
 			$basic_presence = false;
 			if($r) {
-				$basic_presence = true;	
+				$basic_presence = true;
 				q("update chatpresence set cp_last = '%s' where cp_id = %d",
 					dbesc(datetime_convert()),
 					intval($r[0]['cp_id'])
@@ -130,40 +124,39 @@ class Ping extends \Zotlabs\Web\Controller {
 				);
 			}
 		}
-	
+
 		/**
 		 * Chatpresence continued... if somebody hasn't pinged recently, they've most likely left the page
 		 * and shouldn't count as online anymore. We allow an expection for bots.
 		 */
-	
+
 		q("delete from chatpresence where cp_last < %s - INTERVAL %s and cp_client != 'auto' ",
 			db_utcnow(), db_quoteinterval('3 MINUTE')
-		); 
-	
+		);
+
 		if((! local_channel()) || ($result['invalid'])) {
 			echo json_encode($result);
 			killme();
 		}
-	
+
 		/**
 		 * Everything following is only permitted under the context of a locally authenticated site member.
 		 */
-	
-	
+
 		/**
 		 * Handle "mark all xyz notifications read" requests.
 		 */
-	
+
 		// mark all items read
 		if(x($_REQUEST, 'markRead') && local_channel()) {
 			switch($_REQUEST['markRead']) {
 				case 'network':
-					$r = q("update item set item_unseen = 0 where item_unseen = 1 and uid = %d", 
+					$r = q("update item set item_unseen = 0 where item_unseen = 1 and uid = %d",
 						intval(local_channel())
 					);
 					break;
 				case 'home':
-					$r = q("update item set item_unseen = 0 where item_unseen = 1 and item_wall = 1  and uid = %d", 
+					$r = q("update item set item_unseen = 0 where item_unseen = 1 and item_wall = 1  and uid = %d",
 						intval(local_channel())
 					);
 					break;
@@ -173,7 +166,7 @@ class Ping extends \Zotlabs\Web\Controller {
 					);
 					break;
 				case 'all_events':
-					$r = q("update event set `dismissed` = 1 where `dismissed` = 0 and uid = %d AND dtstart < '%s' AND dtstart > '%s' ",
+					$r = q("update event set dismissed = 1 where dismissed = 0 and uid = %d AND dtstart < '%s' AND dtstart > '%s' ",
 						intval(local_channel()),
 						dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')),
 						dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days'))
@@ -188,21 +181,18 @@ class Ping extends \Zotlabs\Web\Controller {
 					break;
 			}
 		}
-	
+
 		if(x($_REQUEST, 'markItemRead') && local_channel()) {
-			$r = q("update item set item_unseen = 0 where parent = %d and uid = %d", 
+			$r = q("update item set item_unseen = 0 where parent = %d and uid = %d",
 				intval($_REQUEST['markItemRead']),
 				intval(local_channel())
 			);
 		}
-	
-	
-	
+
 		/**
 		 * URL ping/something will return detail for "something", e.g. a json list with which to populate a notification
 		 * dropdown menu.
 		 */
-	
 		if(argc() > 1 && argv(1) === 'notify') {
 			$t = q("select count(*) as total from notify where uid = %d and seen = 0",
 				intval(local_channel())
@@ -212,8 +202,7 @@ class Ping extends \Zotlabs\Web\Controller {
 					and seen = 0 order by created desc limit 50",
 					intval(local_channel())
 				);
-			}
-			else {
+			} else {
 				$z1 = q("select * from notify where uid = %d
 					and seen = 0 order by created desc limit 50",
 					intval(local_channel())
@@ -225,62 +214,62 @@ class Ping extends \Zotlabs\Web\Controller {
 				);
 				$z = array_merge($z1,$z2);
 			}
-	
+
 			if(count($z)) {
 				foreach($z as $zz) {
 					$notifs[] = array(
-						'notify_link' => z_root() . '/notify/view/' . $zz['id'], 
+						'notify_link' => z_root() . '/notify/view/' . $zz['id'],
 						'name' => $zz['xname'],
 						'url' => $zz['url'],
 						'photo' => $zz['photo'],
-						'when' => relative_date($zz['created']), 
-						'hclass' => (($zz['seen']) ? 'notify-seen' : 'notify-unseen'), 
+						'when' => relative_date($zz['created']),
+						'hclass' => (($zz['seen']) ? 'notify-seen' : 'notify-unseen'),
 						'message' => strip_tags(bbcode($zz['msg']))
 					);
 				}
 			}
-	
+
 			echo json_encode(array('notify' => $notifs));
 			killme();
 		}
-	
+
 		if(argc() > 1 && argv(1) === 'messages') {
 			$channel = \App::get_channel();
-			$t = q("select mail.*, xchan.* from mail left join xchan on xchan_hash = from_xchan 
-				where channel_id = %d and mail_seen = 0 and mail_deleted = 0 
+			$t = q("select mail.*, xchan.* from mail left join xchan on xchan_hash = from_xchan
+				where channel_id = %d and mail_seen = 0 and mail_deleted = 0
 				and from_xchan != '%s' order by created desc limit 50",
 				intval(local_channel()),
 				dbesc($channel['channel_hash'])
 			);
-	
+
 			if($t) {
 				foreach($t as $zz) {
 					$notifs[] = array(
-						'notify_link' => z_root() . '/mail/' . $zz['id'], 
+						'notify_link' => z_root() . '/mail/' . $zz['id'],
 						'name' => $zz['xchan_name'],
 						'url' => $zz['xchan_url'],
 						'photo' => $zz['xchan_photo_s'],
-						'when' => relative_date($zz['created']), 
-						'hclass' => (intval($zz['mail_seen']) ? 'notify-seen' : 'notify-unseen'), 
+						'when' => relative_date($zz['created']),
+						'hclass' => (intval($zz['mail_seen']) ? 'notify-seen' : 'notify-unseen'),
 						'message' => t('sent you a private message'),
 					);
 				}
 			}
-	
+
 			echo json_encode(array('notify' => $notifs));
 			killme();
 		}
-	
+
 		if(argc() > 1 && (argv(1) === 'network' || argv(1) === 'home')) {
 			$result = array();
-	
+
 			$r = q("SELECT * FROM item
 				WHERE item_unseen = 1 and uid = %d $item_normal
 				and author_xchan != '%s' ORDER BY created DESC limit 300",
 				intval(local_channel()),
 				dbesc($ob_hash)
 			);
-	
+
 			if($r) {
 				xchan_query($r);
 				foreach($r as $item) {
@@ -289,18 +278,18 @@ class Ping extends \Zotlabs\Web\Controller {
 					$result[] = \Zotlabs\Lib\Enotify::format($item);
 				}
 			}
-	//		logger('ping (network||home): ' . print_r($result, true), LOGGER_DATA);
+//			logger('ping (network||home): ' . print_r($result, true), LOGGER_DATA);
 			echo json_encode(array('notify' => $result));
 			killme();
 		}
-	
+
 		if(argc() > 1 && (argv(1) === 'intros')) {
 			$result = array();
-	
+
 			$r = q("SELECT * FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and abook_pending = 1 and abook_self = 0 and abook_ignored = 0 and xchan_deleted = 0 and xchan_orphan = 0 ORDER BY abook_created DESC LIMIT 50",
 				intval(local_channel())
 			);
-	
+
 			if($r) {
 				foreach($r as $rr) {
 					$result[] = array(
@@ -308,8 +297,8 @@ class Ping extends \Zotlabs\Web\Controller {
 						'name' => $rr['xchan_name'],
 						'url' => $rr['xchan_url'],
 						'photo' => $rr['xchan_photo_s'],
-						'when' => relative_date($rr['abook_created']), 
-						'hclass' => ('notify-unseen'), 
+						'when' => relative_date($rr['abook_created']),
+						'hclass' => ('notify-unseen'),
 						'message' => t('added your channel')
 					);
 				}
@@ -318,40 +307,35 @@ class Ping extends \Zotlabs\Web\Controller {
 			echo json_encode(array('notify' => $result));
 			killme();
 		}
-	
+
 		if(argc() > 1 && (argv(1) === 'all_events')) {
 			$bd_format = t('g A l F d') ; // 8 AM Friday January 18
-	
+
 			$result = array();
-	
+
 			$r = q("SELECT * FROM event left join xchan on event_xchan = xchan_hash
-				WHERE `event`.`uid` = %d AND dtstart < '%s' AND dtstart > '%s' and `dismissed` = 0
+				WHERE event.uid = %d AND dtstart < '%s' AND dtstart > '%s' and dismissed = 0
 				and etype in ( 'event', 'birthday' )
-				ORDER BY `dtstart` DESC LIMIT 1000",
+				ORDER BY dtstart DESC LIMIT 1000",
 				intval(local_channel()),
 				dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')),
 				dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days'))
 			);
-	
+
 			if($r) {
 				foreach($r as $rr) {
-					if($rr['adjust'])
-						$md = datetime_convert('UTC', date_default_timezone_get(), $rr['dtstart'], 'Y/m');
-					else
-						$md = datetime_convert('UTC', 'UTC', $rr['dtstart'], 'Y/m');
-	
+
 					$strt = datetime_convert('UTC', (($rr['adjust']) ? date_default_timezone_get() : 'UTC'), $rr['dtstart']);
 					$today = ((substr($strt, 0, 10) === datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y-m-d')) ? true : false);
-					
 					$when = day_translate(datetime_convert('UTC', (($rr['adjust']) ? date_default_timezone_get() : 'UTC'), $rr['dtstart'], $bd_format)) . (($today) ?  ' ' . t('[today]') : '');
-	
+
 					$result[] = array(
-						'notify_link' => z_root() . '/events', // FIXME this takes you to an edit page and it may not be yours, we really want to just view the single event  --> '/events/event/' . $rr['event_hash'],
+						'notify_link' => z_root() . '/events', /// @FIXME this takes you to an edit page and it may not be yours, we really want to just view the single event  --> '/events/event/' . $rr['event_hash'],
 						'name'        => $rr['xchan_name'],
 						'url'         => $rr['xchan_url'],
 						'photo'       => $rr['xchan_photo_s'],
 						'when'        => $when,
-						'hclass'       => ('notify-unseen'), 
+						'hclass'       => ('notify-unseen'),
 						'message'     => t('posted an event')
 					);
 				}
@@ -360,13 +344,10 @@ class Ping extends \Zotlabs\Web\Controller {
 			echo json_encode(array('notify' => $result));
 			killme();
 		}
-	
-	
-	
+
 		/**
 		 * Normal ping - just the counts, no detail
 		 */
-	
 		if($vnotify & VNOTIFY_SYSTEM) {
 			$t = q("select count(*) as total from notify where uid = %d and seen = 0",
 				intval(local_channel())
@@ -374,9 +355,9 @@ class Ping extends \Zotlabs\Web\Controller {
 			if($t)
 				$result['notify'] = intval($t[0]['total']);
 		}
-	
+
 		$t1 = dba_timer();
-	
+
 		if($vnotify & (VNOTIFY_NETWORK|VNOTIFY_CHANNEL)) {
 			$r = q("SELECT id, item_wall FROM item
 				WHERE item_unseen = 1 and uid = %d
@@ -385,11 +366,11 @@ class Ping extends \Zotlabs\Web\Controller {
 				intval(local_channel()),
 				dbesc($ob_hash)
 			);
-	
-			if($r) {	
+
+			if($r) {
 				$arr = array('items' => $r);
 				call_hooks('network_ping', $arr);
-		
+
 				foreach ($r as $it) {
 					if(intval($it['item_wall']))
 						$result['home'] ++;
@@ -402,24 +383,23 @@ class Ping extends \Zotlabs\Web\Controller {
 			$result['network'] = 0;
 		if(! ($vnotify & VNOTIFY_CHANNEL))
 			$result['home'] = 0;
-	
-	
+
 		$t2 = dba_timer();
-	
+
 		if($vnotify & VNOTIFY_INTRO) {
 			$intr = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and abook_pending = 1 and abook_self = 0 and abook_ignored = 0 and xchan_deleted = 0 and xchan_orphan = 0 ",
 				intval(local_channel())
 			);
-	
+
 			$t3 = dba_timer();
-	
+
 			if($intr)
 				$result['intros'] = intval($intr[0]['total']);
 		}
-	
+
 		$t4 = dba_timer();
 		$channel = \App::get_channel();
-	
+
 		if($vnotify & VNOTIFY_MAIL) {
 			$mails = q("SELECT count(id) as total from mail
 				WHERE channel_id = %d AND mail_seen = 0 and from_xchan != '%s' ",
@@ -429,7 +409,7 @@ class Ping extends \Zotlabs\Web\Controller {
 			if($mails)
 				$result['mail'] = intval($mails[0]['total']);
 		}
-		
+
 		if($vnotify & VNOTIFY_REGISTER) {
 			if (\App::$config['system']['register_policy'] == REGISTER_APPROVE && is_site_admin()) {
 				$regs = q("SELECT count(account_id) as total from account where (account_flags & %d) > 0",
@@ -438,23 +418,23 @@ class Ping extends \Zotlabs\Web\Controller {
 				if($regs)
 					$result['register'] = intval($regs[0]['total']);
 			}
-		} 
-	
+		}
+
 		$t5 = dba_timer();
-	
+
 		if($vnotify & (VNOTIFY_EVENT|VNOTIFY_EVENTTODAY|VNOTIFY_BIRTHDAY)) {
-			$events = q("SELECT etype, dtstart, adjust FROM `event`
-				WHERE `event`.`uid` = %d AND dtstart < '%s' AND dtstart > '%s' and `dismissed` = 0
+			$events = q("SELECT etype, dtstart, adjust FROM event
+				WHERE event.uid = %d AND dtstart < '%s' AND dtstart > '%s' and dismissed = 0
 				and etype in ( 'event', 'birthday' )
-				ORDER BY `dtstart` ASC ",
+				ORDER BY dtstart ASC ",
 					intval(local_channel()),
 					dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')),
 					dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days'))
 			);
-	
+
 			if($events) {
 				$result['all_events'] = count($events);
-	
+
 				if($result['all_events']) {
 					$str_now = datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y-m-d');
 					foreach($events as $x) {
@@ -483,16 +463,15 @@ class Ping extends \Zotlabs\Web\Controller {
 			$result['all_events_today'] = $result['events_today'] = 0;
 		if(! ($vnotify & VNOTIFY_BIRTHDAY))
 			$result['birthdays'] = 0;
-	
-	
+
 		$x = json_encode($result);
-		
+
 		$t6 = dba_timer();
-	
-	//	logger('ping timer: ' . sprintf('%01.4f %01.4f %01.4f %01.4f %01.4f %01.4f',$t6 - $t5, $t5 - $t4, $t4 - $t3, $t3 - $t2, $t2 - $t1, $t1 - $t0));
-	
+
+//		logger('ping timer: ' . sprintf('%01.4f %01.4f %01.4f %01.4f %01.4f %01.4f',$t6 - $t5, $t5 - $t4, $t4 - $t3, $t3 - $t2, $t2 - $t1, $t1 - $t0));
+
 		echo $x;
 		killme();
 	}
-	
+
 }

Zotlabs/Module/Post.php

@@ -1,36 +1,34 @@
 <?php
-namespace Zotlabs\Module;
-
 /**
- * @file mod/post.php
+ * @file Zotlabs/Module/Post.php
  *
  * @brief Zot endpoint.
  *
  */
 
+namespace Zotlabs\Module;
+
 require_once('include/zot.php');
 
-
+/**
+ * @brief Post module.
+ *
+ */
 class Post extends \Zotlabs\Web\Controller {
 
 	function init() {
-	
-		if (array_key_exists('auth', $_REQUEST)) {
+		if(array_key_exists('auth', $_REQUEST)) {
 			$x = new \Zotlabs\Zot\Auth($_REQUEST);
+
 			exit;
 		}
-	
 	}
-	
-	
-		function post() {
-	
-		$z = new \Zotlabs\Zot\Receiver($_REQUEST['data'],get_config('system','prvkey'), new \Zotlabs\Zot\ZotHandler());
-		
+
+	function post() {
+		$z = new \Zotlabs\Zot\Receiver($_REQUEST['data'], get_config('system', 'prvkey'), new \Zotlabs\Zot\ZotHandler());
+
 		// notreached;
-	
 		exit;
-	
 	}
-	
+
 }

Zotlabs/Module/Profile_photo.php

@@ -98,7 +98,7 @@ class Profile_photo extends \Zotlabs\Web\Controller {
 			if($r) {
 	
 				$base_image = $r[0];
-				$base_image['content'] = (($r[0]['os_storage']) ? @file_get_contents($base_image['content']) : dbunescbin($base_image['content']));
+				$base_image['content'] = (($r[0]['os_storage']) ? @file_get_contents(dbunescbin($base_image['content'])) : dbunescbin($base_image['content']));
 			
 				$im = photo_factory($base_image['content'], $base_image['mimetype']);
 				if($im->is_valid()) {
@@ -149,7 +149,7 @@ class Profile_photo extends \Zotlabs\Web\Controller {
 	
 					if($is_default_profile) {
 						$r = q("UPDATE photo SET photo_usage = %d WHERE photo_usage = %d
-							AND resource_id != '%s' AND `uid` = %d",
+							AND resource_id != '%s' AND uid = %d",
 							intval(PHOTO_NORMAL),
 							intval(PHOTO_PROFILE),
 							dbesc($base_image['resource_id']),
@@ -205,15 +205,23 @@ class Profile_photo extends \Zotlabs\Web\Controller {
  	
 	
 		$hash = photo_new_resource();
+		$importing = false;
 		$smallest = 0;
 	
-		require_once('include/attach.php');
+
+		if($_REQUEST['importfile']) {
+			$hash = $_REQUEST['importfile'];
+			$importing = true;
+		}
+		else {
+			require_once('include/attach.php');
 	
-		$res = attach_store(\App::get_channel(), get_observer_hash(), '', array('album' => t('Profile Photos'), 'hash' => $hash));
+			$res = attach_store(\App::get_channel(), get_observer_hash(), '', array('album' => t('Profile Photos'), 'hash' => $hash));
 	
-		logger('attach_store: ' . print_r($res,true));
+			logger('attach_store: ' . print_r($res,true));
+		}
 	
-		if($res && intval($res['data']['is_photo'])) {
+		if(($res && intval($res['data']['is_photo'])) || $importing) {
 			$i = q("select * from photo where resource_id = '%s' and uid = %d order by imgscale",
 				dbesc($hash),
 				intval(local_channel())
@@ -235,7 +243,7 @@ class Profile_photo extends \Zotlabs\Web\Controller {
 			}
 		}
 	
-		$imagedata = (($os_storage) ? @file_get_contents($imagedata) : $imagedata);
+		$imagedata = (($os_storage) ? @file_get_contents(dbunescbin($imagedata)) : dbunescbin($imagedata));
 		$ph = photo_factory($imagedata, $filetype);
 	
 		if(! $ph->is_valid()) {
@@ -284,14 +292,17 @@ class Profile_photo extends \Zotlabs\Web\Controller {
 			// When using an existing photo, we don't have a dialogue to offer a choice of profiles,
 			// so it gets attached to the default
 
-			$p = q("select id from profile where is_default = 1 and uid = %d",
+			$c = q("select id, is_default from profile where uid = %d",
 				intval(local_channel())
 			);
-			if($p) {
-				$_REQUEST['profile'] = $p[0]['id'];
+
+			$multi_profiles = true;
+
+			if(($c) && (count($c) === 1) && (intval($c[0]['is_default']))) {
+				$_REQUEST['profile'] = $c[0]['id'];
+				$multi_profiles = false;
 			}
 
-	
 			$r = q("SELECT id, album, imgscale FROM photo WHERE uid = %d AND resource_id = '%s' ORDER BY imgscale ASC",
 				intval(local_channel()),
 				dbesc($resource_id)
@@ -308,7 +319,7 @@ class Profile_photo extends \Zotlabs\Web\Controller {
 	
 			// set an already loaded and cropped photo as profile photo
 	
-			if(($r[0]['album'] == t('Profile Photos')) && ($havescale)) {
+			if($havescale) {
 				// unset any existing profile photos
 				$r = q("UPDATE photo SET photo_usage = %d WHERE photo_usage = %d AND uid = %d",
 					intval(PHOTO_NORMAL),
@@ -343,7 +354,7 @@ class Profile_photo extends \Zotlabs\Web\Controller {
 			}
 	
 			if(intval($r[0]['os_storage']))
-				$data = @file_get_contents($r[0]['content']);
+				$data = @file_get_contents(dbunescbin($r[0]['content']));
 			else
 				$data = dbunescbin($r[0]['content']); 
 	
@@ -366,9 +377,15 @@ class Profile_photo extends \Zotlabs\Web\Controller {
 	            }
 	        }
 	 
-			$this->profile_photo_crop_ui_head($a, $ph, $hash, $smallest);
+			if($multi_profiles) {
+				\App::$data['importfile'] = $resource_id;
+			}
+			else {
+				$this->profile_photo_crop_ui_head($a, $ph, $hash, $smallest);
+			}
 
 			// falls through with App::$data['imagecrop'] set so we go straight to the cropping section
+
 		}
 	
 
@@ -377,6 +394,8 @@ class Profile_photo extends \Zotlabs\Web\Controller {
 		$profiles = q("select id, profile_name as name, is_default from profile where uid = %d order by id asc",
 			intval(local_channel())
 		);
+
+		$importing = ((array_key_exists('importfile',\App::$data)) ? true : false);
 	
 		if(! x(\App::$data,'imagecrop')) {
 	
@@ -384,10 +403,11 @@ class Profile_photo extends \Zotlabs\Web\Controller {
 	
 			$o .= replace_macros($tpl,array(
 				'$user' => \App::$channel['channel_address'],
+				'$importfile' => (($importing) ? \App::$data['importfile'] : ''),
 				'$lbl_upfile' => t('Upload File:'),
 				'$lbl_profiles' => t('Select a profile:'),
-				'$title' => t('Upload Profile Photo'),
-				'$submit' => t('Upload'),
+				'$title' => (($importing) ? t('Use Photo for Profile') : t('Upload Profile Photo')),
+				'$submit' => (($importing) ? t('Use') : t('Upload')),
 				'$profiles' => $profiles,
 				'$single' => ((count($profiles) == 1) ? true : false),
 				'$profile0' => $profiles[0],

Zotlabs/Module/Profiles.php

@@ -16,7 +16,7 @@ class Profiles extends \Zotlabs\Web\Controller {
 		}
 	
 		if((argc() > 2) && (argv(1) === "drop") && intval(argv(2))) {
-			$r = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d AND `is_default` = 0 LIMIT 1",
+			$r = q("SELECT * FROM profile WHERE id = %d AND uid = %d AND is_default = 0 LIMIT 1",
 				intval(argv(2)),
 				intval(local_channel())
 			);
@@ -31,12 +31,12 @@ class Profiles extends \Zotlabs\Web\Controller {
 	
 			// move every contact using this profile as their default to the user default
 	
-			$r = q("UPDATE abook SET abook_profile = (SELECT profile_guid AS FROM profile WHERE is_default = 1 AND uid = %d LIMIT 1) WHERE abook_profile = '%s' AND abook_channel = %d ",
+			$r = q("UPDATE abook SET abook_profile = (SELECT profile_guid FROM profile WHERE is_default = 1 AND uid = %d LIMIT 1) WHERE abook_profile = '%s' AND abook_channel = %d ",
 				intval(local_channel()),
 				dbesc($profile_guid),
 				intval(local_channel())
 			);
-			$r = q("DELETE FROM `profile` WHERE `id` = %d AND `uid` = %d",
+			$r = q("DELETE FROM profile WHERE id = %d AND uid = %d",
 				intval(argv(2)),
 				intval(local_channel())
 			);
@@ -61,16 +61,16 @@ class Profiles extends \Zotlabs\Web\Controller {
 			
 	//		check_form_security_token_redirectOnErr('/profiles', 'profile_new', 't');
 	
-			$r0 = q("SELECT `id` FROM `profile` WHERE `uid` = %d",
+			$r0 = q("SELECT id FROM profile WHERE uid = %d",
 				intval(local_channel()));
 			$num_profiles = count($r0);
 	
 			$name = t('Profile-') . ($num_profiles + 1);
 	
-			$r1 = q("SELECT `fullname`, `photo`, `thumb` FROM `profile` WHERE `uid` = %d AND `is_default` = 1 LIMIT 1",
+			$r1 = q("SELECT fullname, photo, thumb FROM profile WHERE uid = %d AND is_default = 1 LIMIT 1",
 				intval(local_channel()));
 			
-			$r2 = q("INSERT INTO `profile` (`aid`, `uid` , `profile_guid`, `profile_name` , `fullname`, `photo`, `thumb`)
+			$r2 = q("INSERT INTO profile (aid, uid , profile_guid, profile_name , fullname, photo, thumb)
 				VALUES ( %d, '%s', '%s', '%s', '%s', '%s', '%s' )",
 				intval(get_account_id()),
 				intval(local_channel()),
@@ -81,7 +81,7 @@ class Profiles extends \Zotlabs\Web\Controller {
 				dbesc($r1[0]['thumb'])
 			);
 	
-			$r3 = q("SELECT `id` FROM `profile` WHERE `uid` = %d AND `profile_name` = '%s' LIMIT 1",
+			$r3 = q("SELECT id FROM profile WHERE uid = %d AND profile_name = '%s' LIMIT 1",
 				intval(local_channel()),
 				dbesc($name)
 			);
@@ -97,12 +97,12 @@ class Profiles extends \Zotlabs\Web\Controller {
 			
 			check_form_security_token_redirectOnErr('/profiles', 'profile_clone', 't');
 	
-			$r0 = q("SELECT `id` FROM `profile` WHERE `uid` = %d",
+			$r0 = q("SELECT id FROM profile WHERE uid = %d",
 				intval(local_channel()));
 			$num_profiles = count($r0);
 	
 			$name = t('Profile-') . ($num_profiles + 1);
-			$r1 = q("SELECT * FROM `profile` WHERE `uid` = %d AND `id` = %d LIMIT 1",
+			$r1 = q("SELECT * FROM profile WHERE uid = %d AND id = %d LIMIT 1",
 				intval(local_channel()),
 				intval(\App::$argv[2])
 			);
@@ -117,15 +117,9 @@ class Profiles extends \Zotlabs\Web\Controller {
 			$r1[0]['profile_name'] = dbesc($name);
 			$r1[0]['profile_guid'] = dbesc(random_string());
 	
-			dbesc_array($r1[0]);
+			create_table_from_array('profile', $r1[0]);
 	
-			$r2 = dbq("INSERT INTO `profile` (`" 
-				. implode("`, `", array_keys($r1[0])) 
-				. "`) VALUES ('" 
-				. implode("', '", array_values($r1[0])) 
-				. "')" );
-	
-			$r3 = q("SELECT `id` FROM `profile` WHERE `uid` = %d AND `profile_name` = '%s' LIMIT 1",
+			$r3 = q("SELECT id FROM profile WHERE uid = %d AND profile_name = '%s' LIMIT 1",
 				intval(local_channel()),
 				dbesc($name)
 			);
@@ -143,7 +137,7 @@ class Profiles extends \Zotlabs\Web\Controller {
 	
 		if((argc() > 2) && (argv(1) === 'export')) {
 			
-			$r1 = q("SELECT * FROM `profile` WHERE `uid` = %d AND `id` = %d LIMIT 1",
+			$r1 = q("SELECT * FROM profile WHERE uid = %d AND id = %d LIMIT 1",
 				intval(local_channel()),
 				intval(argv(2))
 			);
@@ -181,7 +175,7 @@ class Profiles extends \Zotlabs\Web\Controller {
 				if($x)
 					$id = $x[0]['id'];
 			}
-			$r = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d LIMIT 1",
+			$r = q("SELECT * FROM profile WHERE id = %d AND uid = %d LIMIT 1",
 				intval($id),
 				intval(local_channel())
 			);
@@ -238,7 +232,7 @@ class Profiles extends \Zotlabs\Web\Controller {
 	
 	
 		if((argc() > 1) && (argv(1) !== "new") && intval(argv(1))) {
-			$orig = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d LIMIT 1",
+			$orig = q("SELECT * FROM profile WHERE id = %d AND uid = %d LIMIT 1",
 				intval(\App::$argv[1]),
 				intval(local_channel())
 			);
@@ -484,41 +478,41 @@ class Profiles extends \Zotlabs\Web\Controller {
 	
 			}			
 				
-			$r = q("UPDATE `profile` 
-				SET `profile_name` = '%s',
-				`fullname` = '%s',
-				`pdesc` = '%s',
-				`gender` = '%s',
-				`dob` = '%s',
-				`address` = '%s',
-				`locality` = '%s',
-				`region` = '%s',
-				`postal_code` = '%s',
-				`country_name` = '%s',
-				`marital` = '%s',
-				`partner` = '%s',
-				`howlong` = '%s',
-				`sexual` = '%s',
-				`homepage` = '%s',
-				`hometown` = '%s',
-				`politic` = '%s',
-				`religion` = '%s',
-				`keywords` = '%s',
-				`likes` = '%s',
-				`dislikes` = '%s',
-				`about` = '%s',
-				`interest` = '%s',
-				`contact` = '%s',
-				`channels` = '%s',
-				`music` = '%s',
-				`book` = '%s',
-				`tv` = '%s',
-				`film` = '%s',
-				`romance` = '%s',
-				`employment` = '%s',
-				`education` = '%s',
-				`hide_friends` = %d
-				WHERE `id` = %d AND `uid` = %d",
+			$r = q("UPDATE profile 
+				SET profile_name = '%s',
+				fullname = '%s',
+				pdesc = '%s',
+				gender = '%s',
+				dob = '%s',
+				address = '%s',
+				locality = '%s',
+				region = '%s',
+				postal_code = '%s',
+				country_name = '%s',
+				marital = '%s',
+				partner = '%s',
+				howlong = '%s',
+				sexual = '%s',
+				homepage = '%s',
+				hometown = '%s',
+				politic = '%s',
+				religion = '%s',
+				keywords = '%s',
+				likes = '%s',
+				dislikes = '%s',
+				about = '%s',
+				interest = '%s',
+				contact = '%s',
+				channels = '%s',
+				music = '%s',
+				book = '%s',
+				tv = '%s',
+				film = '%s',
+				romance = '%s',
+				employment = '%s',
+				education = '%s',
+				hide_friends = %d
+				WHERE id = %d AND uid = %d",
 				dbesc($profile_name),
 				dbesc($name),
 				dbesc($pdesc),
@@ -617,7 +611,7 @@ class Profiles extends \Zotlabs\Web\Controller {
 				if($x)
 					$id = $x[0]['id'];
 			}		
-			$r = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d LIMIT 1",
+			$r = q("SELECT * FROM profile WHERE id = %d AND uid = %d LIMIT 1",
 				intval($id),
 				intval(local_channel())
 			);
@@ -755,7 +749,7 @@ class Profiles extends \Zotlabs\Web\Controller {
 		}
 		else {
 	
-			$r = q("SELECT * FROM `profile` WHERE `uid` = %d",
+			$r = q("SELECT * FROM profile WHERE uid = %d",
 				local_channel());
 			if($r) {
 	

Zotlabs/Module/Profperm.php

@@ -55,7 +55,7 @@ class Profperm extends \Zotlabs\Web\Controller {
 	
 	
 		if((argc() > 1) && (intval(argv(1)))) {
-			$r = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d AND `is_default` = 0 LIMIT 1",
+			$r = q("SELECT * FROM profile WHERE id = %d AND uid = %d AND is_default = 0 LIMIT 1",
 				intval(argv(1)),
 				intval(local_channel())
 			);

Zotlabs/Module/Pubsites.php

@@ -36,7 +36,7 @@ class Pubsites extends \Zotlabs\Web\Controller {
 				$o .= '</tr>';
 				if($j['sites']) {
 					foreach($j['sites'] as $jj) {
-						if(! $jj['project'])
+						if(! \Zotlabs\Lib\System::compatible_project($jj['project']))
 							continue;
 						if(strpos($jj['version'],' ')) {
 							$x = explode(' ', $jj['version']);

Zotlabs/Module/Pubstream.php

@@ -21,8 +21,13 @@ class Pubstream extends \Zotlabs\Web\Controller {
 			return;
 	
 		$item_normal = item_normal();
+
+		$static = ((array_key_exists('static',$_REQUEST)) ? intval($_REQUEST['static']) : 0);
+
 	
 		if(! $update) {
+
+			$static  = ((local_channel()) ? channel_manual_conv_update(local_channel()) : 0);
 	
 			$maxheight = get_config('system','home_divmore_height');
 			if(! $maxheight)
@@ -49,6 +54,7 @@ class Pubstream extends \Zotlabs\Web\Controller {
 				'$nouveau' => '0',
 				'$wall'    => '0',
 				'$list'    => '0',
+				'$static'  => $static,
 				'$page'    => ((\App::$pager['page'] != 1) ? \App::$pager['page'] : 1),
 				'$search'  => '',
 				'$order'   => 'comment',
@@ -96,7 +102,10 @@ class Pubstream extends \Zotlabs\Web\Controller {
 			$simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' )  OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) ";
 		if($load)
 			$simple_update = '';
-	
+
+		if($static && $simple_update)
+            $simple_update .= " and item_thread_top = 0 and author_xchan = '" . protect_sprintf(get_observer_hash()) . "' ";
+
 		//logger('update: ' . $update . ' load: ' . $load);
 	
 		if($update) {

Zotlabs/Module/Regdir.php

@@ -54,8 +54,7 @@ class Regdir extends \Zotlabs\Web\Controller {
 		if ($url) {
 			$m = parse_url($url);
 	
-			if ((! $m) || ((! @dns_get_record($m['host'], DNS_A + DNS_CNAME + DNS_PTR)) && (! filter_var($m['host'], FILTER_VALIDATE_IP) ))) {
-	
+			if ((! $m) || (! z_dns_check($m['host']))) {
 				$result['message'] = 'unparseable url';
 				json_return_and_die($result);
 			}
@@ -71,7 +70,7 @@ class Regdir extends \Zotlabs\Web\Controller {
 			if(! $result['success'])
 				$valid = 0;
 	
-			q("update site set site_valid = %d where site_url = '%s' limit 1",
+			q("update site set site_valid = %d where site_url = '%s'",
 				intval($valid),
 				strtolower($url)
 			);

Zotlabs/Module/Search.php

@@ -53,6 +53,8 @@ class Search extends \Zotlabs\Web\Controller {
 			$tag = true;
 			$search = ((x($_GET,'tag')) ? trim(rawurldecode($_GET['tag'])) : '');
 		}
+
+		$static = ((array_key_exists('static',$_REQUEST)) ? intval($_REQUEST['static']) : 0);
 	
 		if((! local_channel()) || (! feature_enabled(local_channel(),'savedsearch')))
 			$o .= search($search,'search-box','/search',((local_channel()) ? true : false));
@@ -79,7 +81,7 @@ class Search extends \Zotlabs\Web\Controller {
 			return $o;
 	
 		if($tag) {
-			$sql_extra = sprintf(" AND `item`.`id` IN (select `oid` from term where otype = %d and ttype in ( %d , %d) and term = '%s') ",
+			$sql_extra = sprintf(" AND item.id IN (select oid from term where otype = %d and ttype in ( %d , %d) and term = '%s') ",
 				intval(TERM_OBJ_POST),
 				intval(TERM_HASHTAG),
 				intval(TERM_COMMUNITYTAG),
@@ -88,7 +90,7 @@ class Search extends \Zotlabs\Web\Controller {
 		}
 		else {
 			$regstr = db_getfunc('REGEXP');
-			$sql_extra = sprintf(" AND `item`.`body` $regstr '%s' ", dbesc(protect_sprintf(preg_quote($search))));
+			$sql_extra = sprintf(" AND item.body $regstr '%s' ", dbesc(protect_sprintf(preg_quote($search))));
 		}
 	
 		// Here is the way permissions work in the search module...
@@ -96,8 +98,12 @@ class Search extends \Zotlabs\Web\Controller {
 		// OR your own posts if you are a logged in member
 		// No items will be shown if the member has a blocked profile wall. 
 	
+
 		if((! $update) && (! $load)) {
 	
+			$static  = ((local_channel()) ? channel_manual_conv_update(local_channel()) : 0);
+
+
 			// This is ugly, but we can't pass the profile_uid through the session to the ajax updater,
 			// because browser prefetching might change it on us. We have to deliver it with the page.
 	
@@ -120,6 +126,7 @@ class Search extends \Zotlabs\Web\Controller {
 				'$fh' => '0',
 				'$nouveau' => '0',
 				'$wall' => '0',
+				'$static' => $static,
 				'$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0),
 				'$page' => ((\App::$pager['page'] != 1) ? \App::$pager['page'] : 1),
 				'$search' => (($tag) ? urlencode('#') : '') . $search,
@@ -165,8 +172,8 @@ class Search extends \Zotlabs\Web\Controller {
 				}
 				if(local_channel()) {
 					$r = q("SELECT $prefix mid, item.id as item_id, item.* from item
-						WHERE ((( `item`.`allow_cid` = ''  AND `item`.`allow_gid` = '' AND `item`.`deny_cid`  = '' AND `item`.`deny_gid`  = '' AND item_private = 0 ) 
-						OR ( `item`.`uid` = %d )) OR item.owner_xchan = '%s' )
+						WHERE ((( item.allow_cid = ''  AND item.allow_gid = '' AND item.deny_cid  = '' AND item.deny_gid  = '' AND item_private = 0 ) 
+						OR ( item.uid = %d )) OR item.owner_xchan = '%s' )
 						$item_normal
 						$sql_extra
 						$suffix $pager_sql ",
@@ -176,8 +183,8 @@ class Search extends \Zotlabs\Web\Controller {
 				}
 				if($r === null) {
 					$r = q("SELECT $prefix mid, item.id as item_id, item.* from item
-						WHERE (((( `item`.`allow_cid` = ''  AND `item`.`allow_gid` = '' AND `item`.`deny_cid`  = ''
-						AND `item`.`deny_gid`  = '' AND item_private = 0 )
+						WHERE (((( item.allow_cid = ''  AND item.allow_gid = '' AND item.deny_cid  = ''
+						AND item.deny_gid  = '' AND item_private = 0 )
 						and owner_xchan in ( " . stream_perms_xchans(($observer) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " ))
 							$pub_sql ) OR owner_xchan = '%s')
 						$item_normal

Zotlabs/Module/Settings/Account.php

@@ -101,15 +101,7 @@ class Account {
 	
 		$email      = \App::$account['account_email'];
 
-		$techlevels = [
-			'0' => t('Beginner/Basic'),
-			'1' => t('Novice - not skilled but willing to learn'),
-			'2' => t('Intermediate - somewhat comfortable'),
-			'3' => t('Advanced - very comfortable'),
-			'4' => t('Expert - I can write computer code'),			
-			'5' => t('Wizard - I probably know more than you do')
-		];
-
+		$techlevels = \Zotlabs\Lib\Techlevels::levels();
 
 		$def_techlevel = \App::$account['account_level'];
 		$techlock = get_config('system','techlevel_lock');

Zotlabs/Module/Settings/Channel.php

@@ -289,7 +289,7 @@ class Channel {
 		$yes_no = array(t('No'),t('Yes'));
 	
 	
-		$p = q("SELECT * FROM `profile` WHERE `is_default` = 1 AND `uid` = %d LIMIT 1",
+		$p = q("SELECT * FROM profile WHERE is_default = 1 AND uid = %d LIMIT 1",
 			intval(local_channel())
 		);
 		if(count($p))
@@ -319,7 +319,7 @@ class Channel {
 		foreach($global_perms as $k => $perm) {
 			$options = array();
 			foreach($perm_opts as $opt) {
-				if((! strstr($perm,'view')) && $opt[1] == PERMS_PUBLIC)
+				if((! strstr($k,'view')) && $opt[1] == PERMS_PUBLIC)
 					continue;
 				$options[$opt[1]] = $opt[0];
 			}
@@ -327,7 +327,7 @@ class Channel {
 		}
 	
 	
-		//logger('permiss: ' . print_r($permiss,true));
+		//		logger('permiss: ' . print_r($permiss,true));
 	
 	
 	
@@ -404,8 +404,11 @@ class Channel {
 			'$desc' => t('Your channel address is'),
 			'$nickname' => $nickname,
 			'$subdir' => $subdir,
+			'$davdesc' => t('Your files/photos are accessible via WebDAV at'),
+			'$davpath' => ((get_account_techlevel() > 3) ? z_root() . '/dav/' . $nickname : ''),
 			'$basepath' => \App::get_hostname()
 		));
+
 	
 		$stpl = get_markup_template('settings.tpl');
 	
@@ -515,6 +518,8 @@ class Channel {
 			'$notify7'  => array('notify7', t('You are tagged in a post'), ($notify & NOTIFY_TAGSELF), NOTIFY_TAGSELF, '', $yes_no),
 			'$notify8'  => array('notify8', t('You are poked/prodded/etc. in a post'), ($notify & NOTIFY_POKE), NOTIFY_POKE, '', $yes_no),
 			
+			'$notify9'  => array('notify9', t('Someone likes your post/comment'), ($notify & NOTIFY_LIKE), NOTIFY_LIKE, '', $yes_no),
+			
 	
 			'$lbl_vnot' 	=> t('Show visual notifications including:'),
 	

Zotlabs/Module/Settings/Display.php

@@ -28,6 +28,7 @@ class Display {
 		$title_tosource    = ((x($_POST,'title_tosource')) ? intval($_POST['title_tosource'])  : 0);		 
 		$channel_list_mode = ((x($_POST,'channel_list_mode')) ? intval($_POST['channel_list_mode']) : 0);
 		$network_list_mode = ((x($_POST,'network_list_mode')) ? intval($_POST['network_list_mode']) : 0);
+		$manual_update     = ((array_key_exists('manual_update',$_POST)) ? intval($_POST['manual_update']) : 0);
 	
 		$channel_divmore_height = ((x($_POST,'channel_divmore_height')) ? intval($_POST['channel_divmore_height']) : 400);
 		if($channel_divmore_height < 50)
@@ -61,6 +62,7 @@ class Display {
 		set_pconfig(local_channel(),'system','network_list_mode', $network_list_mode);
 		set_pconfig(local_channel(),'system','channel_divmore_height', $channel_divmore_height);
 		set_pconfig(local_channel(),'system','network_divmore_height', $network_divmore_height);
+		set_pconfig(local_channel(),'system','manual_conversation_update', $manual_update);
 	
 		$newschema = '';
 		if($theme == $existing_theme){
@@ -157,7 +159,7 @@ class Display {
 		$preload_images = (($preload_images===false)? '0': $preload_images); // default if not set: 0
 	
 		$user_scalable = get_pconfig(local_channel(),'system','user_scalable');
-		$user_scalable = (($user_scalable===false)? '1': $user_scalable); // default if not set: 1
+		$user_scalable = (($user_scalable===false)? '0': $user_scalable); // default if not set: 0
 			
 		$browser_update = intval(get_pconfig(local_channel(), 'system','update_interval'));
 		$browser_update = (($browser_update == 0) ? 80 : $browser_update / 1000); // default if not set: 40 seconds
@@ -204,6 +206,7 @@ class Display {
 			'$ajaxint'   => array('browser_update',  t("Update browser every xx seconds"), $browser_update, t('Minimum of 10 seconds, no maximum')),
 			'$itemspage'   => array('itemspage',  t("Maximum number of conversations to load at any time:"), $itemspage, t('Maximum of 100 items')),
 			'$nosmile'	=> array('nosmile', t("Show emoticons (smilies) as images"), 1-intval($nosmile), '', $yes_no),
+			'$manual_update'	=> array('manual_update', t('Manual conversation updates'), channel_manual_conv_update(local_channel()), t('Default is automatic, which may increase screen jumping'), $yes_no),
 			'$title_tosource'	=> array('title_tosource', t("Link post titles to source"), $title_tosource, '', $yes_no),
 			'$layout_editor' => t('System Page Layout Editor - (advanced)'),
 			'$theme_config' => $theme_config,
@@ -237,4 +240,4 @@ class Display {
 
 
 			
-}
+}

Zotlabs/Module/Settings/Featured.php

@@ -19,7 +19,7 @@ class Featured {
 	
 		$o = '';
 			
-		$r = q("SELECT * FROM `hook` WHERE `hook` = 'feature_settings' ");
+		$r = q("SELECT * FROM hook WHERE hook = 'feature_settings' ");
 		if(! $r)
 			$settings_addons = t('No feature settings configured');
 	

Zotlabs/Module/Settings/Tokens.php

@@ -115,6 +115,7 @@ class Tokens {
 		$desc2 = t('You may also provide <em>dropbox</em> style access links to friends and associates by adding the Login Password to any specific site URL as shown. Examples:');
 
 		$global_perms = \Zotlabs\Access\Permissions::Perms();
+		$their_perms = [];
 
 		$existing = get_all_perms(local_channel(),(($atoken_xchan) ? $atoken_xchan : ''));
 
@@ -123,7 +124,6 @@ class Tokens {
 				intval(local_channel()),
 				dbesc($atoken_xchan)
 			);
-			$their_perms = array();
 			if($theirs) {
 				foreach($theirs as $t) {
 					$their_perms[$t['k']] = $t['v'];

Zotlabs/Module/Setup.php

@@ -1,9 +1,9 @@
 <?php
 namespace Zotlabs\Module;
 /**
- * @file mod/setup.php
+ * @file Zotlabs/Module/Setup.php
  *
- * Controller for the initial setup/installation.
+ * @brief Controller for the initial setup/installation.
  *
  * @todo This setup module could need some love and improvements.
  */
@@ -13,51 +13,50 @@ namespace Zotlabs\Module;
  * @brief Initialisation for the setup module.
  *
  */
-
 class Setup extends \Zotlabs\Web\Controller {
 
 	private static $install_wizard_pass = 1;
 
-
+	/**
+	 * {@inheritDoc}
+	 * @see \\Zotlabs\\Web\\Controller::init()
+	 */
 	function init() {
-	
 		// Ensure that if somebody hasn't read the install documentation and doesn't have all
 		// the required modules or has a totally borked shared hosting provider and they can't
 		// figure out what the hell is going on - that we at least spit out an error message which
 		// we can inquire about when they write to tell us that our software doesn't work.
-	
+
 		// The worst thing we can do at this point is throw a white screen of death and rely on
 		// them knowing about servers and php modules and logfiles enough so that we can guess
 		// at the source of the problem. As ugly as it may be, we need to throw a technically worded
 		// PHP error message in their face. Once installation is complete application errors will
 		// throw a white screen because these error messages divulge information which can
 		// potentially be useful to hackers.
-	
+
 		error_reporting(E_ERROR | E_WARNING | E_PARSE );
 		ini_set('log_errors', '0');
 		ini_set('display_errors', '1');
-	
+
 		// $baseurl/setup/testrwrite to test if rewite in .htaccess is working
 		if (argc() == 2 && argv(1) == "testrewrite") {
 			echo 'ok';
 			killme();
 		}
-	
+
 		if (x($_POST, 'pass')) {
 			$this->install_wizard_pass = intval($_POST['pass']);
-		}
-		else {
+		} else {
 			$this->install_wizard_pass = 1;
 		}
 	}
-	
+
 	/**
 	 * @brief Handle the actions of the different setup steps.
 	 *
 	 */
-
 	function post() {
-	
+
 		switch($this->install_wizard_pass) {
 			case 1:
 			case 2:
@@ -77,15 +76,15 @@ class Setup extends \Zotlabs\Web\Controller {
 				$server_role = trim($_POST['server_role']);
 				if(! $server_role)
 					$server_role = 'standard';
-				
+
 				// $siteurl should not have a trailing slash
-	
+
 				$siteurl = rtrim($siteurl,'/');
-	
+
 				require_once('include/dba/dba_driver.php');
 
 				$db = \DBA::dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, $dbtype, true);
-	
+
 				if(! \DBA::$dba->connected) {
 					echo 'Database Connect failed: ' . \DBA::$dba->error;
 					killme();
@@ -107,7 +106,7 @@ class Setup extends \Zotlabs\Web\Controller {
 				$server_role = trim($_POST['server_role']);
 				if(! $server_role)
 					$server_role = 'standard';
-	
+
 				if($siteurl != z_root()) {
 					$test = z_fetch_url($siteurl."/setup/testrewrite");
 					if((! $test['success']) || ($test['body'] != 'ok'))  {
@@ -116,7 +115,7 @@ class Setup extends \Zotlabs\Web\Controller {
 						return;
 					}
 				}
-	
+
 				if(! \DBA::$dba->connected) {
 					// connect to db
 					$db = \DBA::dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, $dbtype, true);
@@ -126,7 +125,7 @@ class Setup extends \Zotlabs\Web\Controller {
 					echo 'CRITICAL: DB not connected.';
 					killme();
 				}
-	
+
 				$tpl = get_intltext_template('htconfig.tpl');
 				$txt = replace_macros($tpl,array(
 					'$dbhost'      => $dbhost,
@@ -142,33 +141,26 @@ class Setup extends \Zotlabs\Web\Controller {
 					'$phpath'      => $phpath,
 					'$adminmail' => $adminmail
 				));
-	
+
 				$result = file_put_contents('.htconfig.php', $txt);
 				if(! $result) {
 					\App::$data['txt'] = $txt;
 				}
-	
+
 				$errors = $this->load_database($db);
-	
+
 				if($errors)
 					\App::$data['db_failed'] = $errors;
 				else
 					\App::$data['db_installed'] = true;
-	
+
 				return;
 				// implied break;
 			default:
 				break;
 		}
 	}
-	
-	function get_db_errno() {
-		if(class_exists('mysqli'))
-			return mysqli_connect_errno();
-		else
-			return mysql_errno();
-	}
-	
+
 	/**
 	 * @brief Get output for the setup page.
 	 *
@@ -178,11 +170,11 @@ class Setup extends \Zotlabs\Web\Controller {
 	 */
 
 	function get() {
-	
+
 		$o = '';
 		$wizard_status = '';
 		$install_title = t('$Projectname Server - Setup');
-	
+
 		if(x(\App::$data, 'db_conn_failed')) {
 			$this->install_wizard_pass = 2;
 			$wizard_status =  t('Could not connect to database.');
@@ -193,7 +185,7 @@ class Setup extends \Zotlabs\Web\Controller {
 			if(\App::$data['url_error'])
 				$wizard_status .= ' ' . \App::$data['url_error'];
 		}
-	
+
 		if(x(\App::$data, 'db_create_failed')) {
 			$this->install_wizard_pass = 2;
 			$wizard_status =  t('Could not create table.');
@@ -211,7 +203,7 @@ class Setup extends \Zotlabs\Web\Controller {
 			$db_return_text .= $txt;
 		}
 		if(\DBA::$dba && \DBA::$dba->connected) {
-			$r = q("SELECT COUNT(*) as `total` FROM `account`");
+			$r = q("SELECT COUNT(*) as total FROM account");
 			if($r && count($r) && $r[0]['total']) {
 				$tpl = get_markup_template('install.tpl');
 				return replace_macros($tpl, array(
@@ -222,11 +214,11 @@ class Setup extends \Zotlabs\Web\Controller {
 				));
 			}
 		}
-	
+
 		if(x(\App::$data, 'txt') && strlen(\App::$data['txt'])) {
 			$db_return_text .= $this->manual_config($a);
 		}
-	
+
 		if ($db_return_text != "") {
 			$tpl = get_markup_template('install.tpl');
 			return replace_macros($tpl, array(
@@ -235,33 +227,33 @@ class Setup extends \Zotlabs\Web\Controller {
 				'$text' => $db_return_text . $this->what_next(),
 			));
 		}
-	
+
 		switch ($this->install_wizard_pass){
 			case 1: { // System check
-	
+
 				$checks = array();
-	
+
 				$this->check_funcs($checks);
-	
+
 				$this->check_htconfig($checks);
-	
+
 				$this->check_store($checks);
-	
+
 				$this->check_smarty3($checks);
-	
+
 				$this->check_keys($checks);
-	
+
 				if (x($_POST, 'phpath'))
 					$phpath = notags(trim($_POST['phpath']));
-	
+
 				$this->check_php($phpath, $checks);
-	
+
 				$this->check_phpconfig($checks);
-	
+
 				$this->check_htaccess($checks);
-	
+
 				$checkspassed = array_reduce($checks, "self::check_passed", true);
-	
+
 				$tpl = get_markup_template('install_checks.tpl');
 				$o .= replace_macros($tpl, array(
 					'$title' => $install_title,
@@ -276,9 +268,9 @@ class Setup extends \Zotlabs\Web\Controller {
 				));
 				return $o;
 			}; break;
-	
+
 			case 2: { // Database config
-	
+
 				$dbhost = ((x($_POST,'dbhost')) ? trim($_POST['dbhost']) : '127.0.0.1');
 				$dbuser = trim($_POST['dbuser']);
 				$dbport = intval(trim($_POST['dbport']));
@@ -288,7 +280,7 @@ class Setup extends \Zotlabs\Web\Controller {
 				$phpath = trim($_POST['phpath']);
 				$adminmail = trim($_POST['adminmail']);
 				$siteurl = trim($_POST['siteurl']);
-	
+
 				$tpl = get_markup_template('install_db.tpl');
 				$o .= replace_macros($tpl, array(
 					'$title' => $install_title,
@@ -296,24 +288,24 @@ class Setup extends \Zotlabs\Web\Controller {
 					'$info_01' => t('In order to install $Projectname we need to know how to connect to your database.'),
 					'$info_02' => t('Please contact your hosting provider or site administrator if you have questions about these settings.'),
 					'$info_03' => t('The database you specify below should already exist. If it does not, please create it before continuing.'),
-	
+
 					'$status' => $wizard_status,
-	
+
 					'$dbhost' => array('dbhost', t('Database Server Name'), $dbhost, t('Default is 127.0.0.1')),
 					'$dbport' => array('dbport', t('Database Port'), $dbport, t('Communication port number - use 0 for default')),
 					'$dbuser' => array('dbuser', t('Database Login Name'), $dbuser, ''),
 					'$dbpass' => array('dbpass', t('Database Login Password'), $dbpass, ''),
 					'$dbdata' => array('dbdata', t('Database Name'), $dbdata, ''),
 					'$dbtype' => array('dbtype', t('Database Type'), $dbtype, '', array( 0=>'MySQL', 1=>'PostgreSQL' )),
-	
+
 					'$adminmail' => array('adminmail', t('Site administrator email address'), $adminmail, t('Your account email address must match this in order to use the web admin panel.')),
 					'$siteurl' => array('siteurl', t('Website URL'), z_root(), t('Please use SSL (https) URL if available.')),
 					'$lbl_10' => t('Please select a default timezone for your website'),
-	
+
 					'$baseurl' => z_root(),
-	
+
 					'$phpath' => $phpath,
-	
+
 					'$submit' => t('Submit'),
 				));
 				return $o;
@@ -327,11 +319,11 @@ class Setup extends \Zotlabs\Web\Controller {
 				$dbdata = trim($_POST['dbdata']);
 				$dbtype = intval(trim($_POST['dbtype']));
 				$phpath = trim($_POST['phpath']);
-	
+
 				$adminmail = trim($_POST['adminmail']);
 				$siteurl = trim($_POST['siteurl']);
 				$timezone = ((x($_POST,'timezone')) ? ($_POST['timezone']) : 'America/Los_Angeles');
-	
+
 				$server_roles = [
 					'basic'    => t('Basic/Minimal Social Networking'),
 					'standard' => t('Standard Configuration (default)'),
@@ -343,7 +335,7 @@ class Setup extends \Zotlabs\Web\Controller {
 					'$title' => $install_title,
 					'$pass' => t('Site settings'),
 					'$status' => $wizard_status,
-	
+
 					'$dbhost' => $dbhost,
 					'$dbport' => $dbport,
 					'$dbuser' => $dbuser,
@@ -351,24 +343,24 @@ class Setup extends \Zotlabs\Web\Controller {
 					'$dbdata' => $dbdata,
 					'$phpath' => $phpath,
 					'$dbtype' => $dbtype,
-	
+
 					'$adminmail' => array('adminmail', t('Site administrator email address'), $adminmail, t('Your account email address must match this in order to use the web admin panel.')),
-	
+
 					'$siteurl' => array('siteurl', t('Website URL'), z_root(), t('Please use SSL (https) URL if available.')),
 
-					'$server_role' 		=> array('server_role', t("Server Configuration/Role"), 'standard','',$server_roles),
-	
+					'$server_role' => array('server_role', t("Server Configuration/Role"), 'standard','',$server_roles),
+
 					'$timezone' => array('timezone', t('Please select a default timezone for your website'), $timezone, '', get_timezones()),
-	
+
 					'$baseurl' => z_root(),
-	
+
 					'$submit' => t('Submit'),
 				));
 				return $o;
 			}; break;
 		}
 	}
-	
+
 	/**
 	 * @brief Add a check result to the array for output.
 	 *
@@ -376,7 +368,7 @@ class Setup extends \Zotlabs\Web\Controller {
 	 * @param string $title a title for the check
 	 * @param boolean $status
 	 * @param boolean $required
-	 * @param[optional] string $help optional help string
+	 * @param string $help optional help string
 	 */
 	function check_add(&$checks, $title, $status, $required, $help = '') {
 		$checks[] = array(
@@ -386,7 +378,7 @@ class Setup extends \Zotlabs\Web\Controller {
 			'help'     => $help
 		);
 	}
-	
+
 	/**
 	 * @brief Checks the PHP environment.
 	 *
@@ -395,7 +387,7 @@ class Setup extends \Zotlabs\Web\Controller {
 	 */
 	function check_php(&$phpath, &$checks) {
 		$help = '';
-	
+
 		if(version_compare(PHP_VERSION, '5.5') < 0) {
 			$help .= t('PHP version 5.5 or greater is required.');
 			$this->check_add($checks, t('PHP version'), false, false, $help);
@@ -403,15 +395,16 @@ class Setup extends \Zotlabs\Web\Controller {
 
 		if (strlen($phpath)) {
 			$passed = file_exists($phpath);
-		} else {
+		}
+		elseif(function_exists('shell_exec')) {
 			if(is_windows())
 				$phpath = trim(shell_exec('where php'));
 			else
 				$phpath = trim(shell_exec('which php'));
-	
+
 			$passed = strlen($phpath);
 		}
-	
+
 		if(!$passed) {
 			$help .= t('Could not find a command line version of PHP in the web server PATH.'). EOL;
 			$help .= t('If you don\'t have a command line version of PHP installed on server, you will not be able to run background polling via cron.') . EOL;
@@ -422,24 +415,28 @@ class Setup extends \Zotlabs\Web\Controller {
 			));
 			$phpath = '';
 		}
-	
+
 		$this->check_add($checks, t('Command line PHP').($passed?" (<tt>$phpath</tt>)":""), $passed, false, $help);
-	
+
 		if($passed) {
 			$str = autoname(8);
 			$cmd = "$phpath install/testargs.php $str";
-			$result = trim(shell_exec($cmd));
-			$passed2 = $result == $str;
 			$help = '';
+
+			if(function_exists('shell_exec'))
+				$result = trim(shell_exec($cmd));
+			else
+				$help .= t('Unable to check command line PHP, as shell_exec() is disabled. This is required.') . EOL;
+			$passed2 = (($result == $str) ? true : false);
 			if(!$passed2) {
 				$help .= t('The command line version of PHP on your system does not have "register_argc_argv" enabled.'). EOL;
 				$help .= t('This is required for message delivery to work.');
 			}
-	
+
 			$this->check_add($checks, t('PHP register_argc_argv'), $passed, true, $help);
 		}
 	}
-	
+
 	/**
 	 * @brief Some PHP configuration checks.
 	 *
@@ -450,20 +447,20 @@ class Setup extends \Zotlabs\Web\Controller {
 	 */
 	function check_phpconfig(&$checks) {
 		require_once 'include/environment.php';
-	
+
 		$help = '';
-	
+
 		$result = getPhpiniUploadLimits();
 		$help = sprintf(t('Your max allowed total upload size is set to %s. Maximum size of one file to upload is set to %s. You are allowed to upload up to %d files at once.'),
 				userReadableSize($result['post_max_size']),
 				userReadableSize($result['max_upload_filesize']),
 				$result['max_file_uploads']
 				);
-		$help .= '<br>' . t('You can adjust these settings in the servers php.ini.');
-	
+		$help .= '<br>' . t('You can adjust these settings in the server php.ini file.');
+
 		$this->check_add($checks, t('PHP upload limits'), true, false, $help);
 	}
-	
+
 	/**
 	 * @brief Check if the openssl implementation can generate keys.
 	 *
@@ -472,7 +469,7 @@ class Setup extends \Zotlabs\Web\Controller {
 	function check_keys(&$checks) {
 		$help = '';
 		$res = false;
-	
+
 		if (function_exists('openssl_pkey_new')) {
 			$res = openssl_pkey_new(array(
 					'digest_alg' => 'sha1',
@@ -480,17 +477,17 @@ class Setup extends \Zotlabs\Web\Controller {
 					'encrypt_key' => false)
 			);
 		}
-	
+
 		// Get private key
-	
+
 		if (! $res) {
 			$help .= t('Error: the "openssl_pkey_new" function on this system is not able to generate encryption keys'). EOL;
 			$help .= t('If running under Windows, please see "http://www.php.net/manual/en/openssl.installation.php".');
 		}
-	
+
 		$this->check_add($checks, t('Generate encryption keys'), $res, true, $help);
 	}
-	
+
 	/**
 	 * @brief Check for some PHP functions and modules.
 	 *
@@ -498,15 +495,15 @@ class Setup extends \Zotlabs\Web\Controller {
 	 */
 	function check_funcs(&$checks) {
 		$ck_funcs = array();
-	
+
 		// add check metadata, the real check is done bit later and return values set
 		$this->check_add($ck_funcs, t('libCurl PHP module'), true, true);
 		$this->check_add($ck_funcs, t('GD graphics PHP module'), true, true);
 		$this->check_add($ck_funcs, t('OpenSSL PHP module'), true, true);
-		$this->check_add($ck_funcs, t('mysqli or postgres PHP module'), true, true);
+		$this->check_add($ck_funcs, t('PDO database PHP module'), true, true);
 		$this->check_add($ck_funcs, t('mb_string PHP module'), true, true);
 		$this->check_add($ck_funcs, t('xml PHP module'), true, true);
-	
+
 		if(function_exists('apache_get_modules')){
 			if (! in_array('mod_rewrite', apache_get_modules())) {
 				$this->check_add($ck_funcs, t('Apache mod_rewrite module'), false, true, t('Error: Apache webserver mod-rewrite module is required but not installed.'));
@@ -514,13 +511,19 @@ class Setup extends \Zotlabs\Web\Controller {
 				$this->check_add($ck_funcs, t('Apache mod_rewrite module'), true, true);
 			}
 		}
-		if((! function_exists('proc_open')) || strstr(ini_get('disable_functions'),'proc_open')) {
-			$this->check_add($ck_funcs, t('proc_open'), false, true, t('Error: proc_open is required but is either not installed or has been disabled in php.ini'));
+		if((! function_exists('exec')) || strstr(ini_get('disable_functions'),'exec')) {
+			$this->check_add($ck_funcs, t('exec'), false, true, t('Error: exec is required but is either not installed or has been disabled in php.ini'));
 		}
 		else {
-			$this->check_add($ck_funcs, t('proc_open'), true, true);
+			$this->check_add($ck_funcs, t('exec'), true, true);
 		}
-	
+		if((! function_exists('shell_exec')) || strstr(ini_get('disable_functions'),'shell_exec')) {
+			$this->check_add($ck_funcs, t('shell_exec'), false, true, t('Error: shell_exec is required but is either not installed or has been disabled in php.ini'));
+		}
+		else {
+			$this->check_add($ck_funcs, t('shell_exec'), true, true);
+		}
+
 		if(! function_exists('curl_init')) {
 			$ck_funcs[0]['status'] = false;
 			$ck_funcs[0]['help'] = t('Error: libCURL PHP module required but not installed.');
@@ -533,9 +536,9 @@ class Setup extends \Zotlabs\Web\Controller {
 			$ck_funcs[2]['status'] = false;
 			$ck_funcs[2]['help'] = t('Error: openssl PHP module required but not installed.');
 		}
-		if(! function_exists('mysqli_connect') && !function_exists('pg_connect')) {
+		if(! class_exists('PDO')) {
 			$ck_funcs[3]['status'] = false;
-			$ck_funcs[3]['help'] = t('Error: mysqli or postgres PHP module required but neither are installed.');
+			$ck_funcs[3]['help'] = t('Error: PDO database PHP module required but not installed.');
 		}
 		if(! function_exists('mb_strlen')) {
 			$ck_funcs[4]['status'] = false;
@@ -545,10 +548,10 @@ class Setup extends \Zotlabs\Web\Controller {
 			$ck_funcs[6]['status'] = false;
 			$ck_funcs[6]['help'] = t('Error: xml PHP module required for DAV but not installed.');
 		}
-	
+
 		$checks = array_merge($checks, $ck_funcs);
 	}
-	
+
 	/**
 	 * @brief Check for .htconfig requirements.
 	 *
@@ -557,7 +560,7 @@ class Setup extends \Zotlabs\Web\Controller {
 	function check_htconfig(&$checks) {
 		$status = true;
 		$help = '';
-	
+
 		if( (file_exists('.htconfig.php') && !is_writable('.htconfig.php')) ||
 			(!file_exists('.htconfig.php') && !is_writable('.')) ) {
 				$status = false;
@@ -566,10 +569,10 @@ class Setup extends \Zotlabs\Web\Controller {
 				$help .= t('At the end of this procedure, we will give you a text to save in a file named .htconfig.php in your Red top folder.').EOL;
 				$help .= t('You can alternatively skip this procedure and perform a manual installation. Please see the file "install/INSTALL.txt" for instructions.').EOL;
 		}
-	
+
 		$this->check_add($checks, t('.htconfig.php is writable'), $status, false, $help);
 	}
-	
+
 	/**
 	 * @brief Checks for our templating engine Smarty3 requirements.
 	 *
@@ -578,18 +581,18 @@ class Setup extends \Zotlabs\Web\Controller {
 	function check_smarty3(&$checks) {
 		$status = true;
 		$help = '';
-	
+
 		if(! is_writable(TEMPLATE_BUILD_PATH) ) {
 			$status = false;
-			$help = t('Red uses the Smarty3 template engine to render its web views. Smarty3 compiles templates to PHP to speed up rendering.') .EOL;
+			$help = t('This software uses the Smarty3 template engine to render its web views. Smarty3 compiles templates to PHP to speed up rendering.') .EOL;
 			$help .= sprintf( t('In order to store these compiled templates, the web server needs to have write access to the directory %s under the top level web folder.'), TEMPLATE_BUILD_PATH) . EOL;
 			$help .= t('Please ensure that the user that your web server runs as (e.g. www-data) has write access to this folder.').EOL;
 			$help .= sprintf( t('Note: as a security measure, you should give the web server write access to %s only--not the template files (.tpl) that it contains.'), TEMPLATE_BUILD_PATH) . EOL;
 		}
-	
+
 		$this->check_add($checks, sprintf( t('%s is writable'), TEMPLATE_BUILD_PATH), $status, true, $help);
 	}
-	
+
 	/**
 	 * @brief Check for store directory.
 	 *
@@ -598,18 +601,18 @@ class Setup extends \Zotlabs\Web\Controller {
 	function check_store(&$checks) {
 		$status = true;
 		$help = '';
-	
+
 		@os_mkdir(TEMPLATE_BUILD_PATH, STORAGE_DEFAULT_PERMISSIONS, true);
-	
+
 		if(! is_writable('store')) {
 			$status = false;
-			$help = t('This software uses the store directory to save uploaded files. The web server needs to have write access to the store directory under the Red top level folder') . EOL;
+			$help = t('This software uses the store directory to save uploaded files. The web server needs to have write access to the store directory under the top level web folder') . EOL;
 			$help .= t('Please ensure that the user that your web server runs as (e.g. www-data) has write access to this folder.').EOL;
 		}
-	
+
 		$this->check_add($checks, t('store is writable'), $status, true, $help);
 	}
-	
+
 	/**
 	 * @brief Check URL rewrite und SSL certificate.
 	 *
@@ -620,9 +623,9 @@ class Setup extends \Zotlabs\Web\Controller {
 		$status = true;
 		$help = '';
 		$ssl_error = false;
-	
+
 		$url = z_root() . '/setup/testrewrite';
-	
+
 		if (function_exists('curl_init')){
 			$test = z_fetch_url($url);
 			if(! $test['success']) {
@@ -638,7 +641,7 @@ class Setup extends \Zotlabs\Web\Controller {
 						$ssl_error = true;
 					}
 				}
-	
+
 				if($ssl_error) {
 					$help = t('SSL certificate cannot be validated. Fix certificate or disable https access to this site.') . EOL;
 					$help .= t('If you have https access to your website or allow connections to TCP port 443 (the https: port), you MUST use a browser-valid certificate. You MUST NOT use self-signed certificates!') . EOL;
@@ -649,31 +652,35 @@ class Setup extends \Zotlabs\Web\Controller {
 
 					$help .= t('If you are confident that the certificate is valid and signed by a trusted authority, check to see if you have failed to install an intermediate cert. These are not normally required by browsers, but are required for server-to-server communications.') . EOL;
 
-	
 					$this->check_add($checks, t('SSL certificate validation'), false, true, $help);
 				}
 			}
-	
+
 			if ((! $test['success']) || ($test['body'] != "ok")) {
 				$status = false;
 				$help = t('Url rewrite in .htaccess is not working. Check your server configuration.'.'Test: '.var_export($test,true));
 			}
-	
+
 			$this->check_add($checks, t('Url rewrite is working'), $status, true, $help);
 		} else {
 			// cannot check modrewrite if libcurl is not installed
 		}
 	}
-	
-	
+
+	/**
+	 * @brief
+	 *
+	 * @param App &$a
+	 * @return string with paresed HTML
+	 */
 	function manual_config(&$a) {
 		$data = htmlspecialchars(\App::$data['txt'], ENT_COMPAT, 'UTF-8');
 		$o = t('The database configuration file ".htconfig.php" could not be written. Please use the enclosed text to create a configuration file in your web server root.');
 		$o .= "<textarea rows=\"24\" cols=\"80\" >$data</textarea>";
-	
+
 		return $o;
 	}
-	
+
 	function load_database_rem($v, $i){
 		$l = trim($i);
 		if (strlen($l)>1 && ($l[0]=="-" || ($l[0]=="/" && $l[1]=="*"))){
@@ -682,11 +689,11 @@ class Setup extends \Zotlabs\Web\Controller {
 			return $v."\n".$i;
 		}
 	}
-	
-	
+
+
 	function load_database($db) {
 		$str = file_get_contents(\DBA::$dba->get_install_script());
-		$arr = explode(';',$str);
+		$arr = explode(';', $str);
 		$errors = false;
 		foreach($arr as $a) {
 			if(strlen(trim($a))) {
@@ -696,21 +703,25 @@ class Setup extends \Zotlabs\Web\Controller {
 				}
 			}
 		}
-	
+
 		return $errors;
 	}
-	
+
+	/**
+	 * @brief
+	 *
+	 * @return string with parsed HTML
+	 */
 	function what_next() {
 		$a = get_app();
 		// install the standard theme
 		set_config('system', 'allowed_themes', 'redbasic');
-	
 
 		// Set a lenient list of ciphers if using openssl. Other ssl engines
 		// (e.g. NSS used in RedHat) require different syntax, so hopefully
 		// the default curl cipher list will work for most sites. If not,
 		// this can set via config. Many distros are now disabling RC4,
-		// but many Red sites still use it and are unable to change it.
+		// but many existing sites still use it and are unable to change it.
 		// We do not use SSL for encryption, only to protect session cookies.
 		// z_fetch_url() is also used to import shared links and other content
 		// so in theory most any cipher could show up and we should do our best
@@ -718,15 +729,15 @@ class Setup extends \Zotlabs\Web\Controller {
 		// weird SSL error which they can't do anything about. This does not affect
 		// the SSL server, but is only a client negotiation to find something workable.
 		// Hence it will not make your system susceptible to POODL or other nasties.
-	
+
 		$x = curl_version();
 		if(stristr($x['ssl_version'],'openssl'))
 			set_config('system','curl_ssl_ciphers','ALL:!eNULL');
-	
+
 		// Create a system channel
 		require_once ('include/channel.php');
 		create_sys_channel();
-	
+
 		$baseurl = z_root();
 		return
 			t('<h1>What next</h1>')
@@ -737,13 +748,18 @@ class Setup extends \Zotlabs\Web\Controller {
 			."</p>";
 	}
 
-
+	/**
+	 * @brief
+	 *
+	 * @param unknown $v
+	 * @param array $c
+	 * @return array
+	 */
 	static private function check_passed($v, $c) {
 		if ($c['required'])
 			$v = $v && $c['status'];
-	
+
 		return $v;
 	}
 
-	
 }

Zotlabs/Module/Siteinfo.php

@@ -15,63 +15,33 @@ class Siteinfo extends \Zotlabs\Web\Controller {
 	
 	function get() {
 	
-		if(! get_config('system','hidden_version_siteinfo')) {
-			$version = sprintf( t('Version %s'), \Zotlabs\Lib\System::get_project_version());
-			if(@is_dir('.git') && function_exists('shell_exec')) {
-				$commit = @shell_exec('git log -1 --format="%h"');
-				$tag = \Zotlabs\Lib\System::get_std_version(); // @shell_exec('git describe --tags --abbrev=0');
-			}
-			if(! isset($commit) || strlen($commit) > 16)
-				$commit = '';
-		}
-		else {
-		        $version = $commit = '';
-		}
+		$siteinfo = replace_macros(get_markup_template('siteinfo.tpl'),
+			[ 
+				'$title' => t('About this site'),
+				'$sitenametxt' => t('Site Name'),
+				'$sitename' => \Zotlabs\Lib\System::get_site_name(),
+				'$headline' => t('Site Information'),
+				'$site_about' => bbcode(get_config('system','siteinfo')),
+				'$admin_headline' => t('Administrator'),
+				'$admin_about' => bbcode(get_config('system','admininfo')),
+				'$terms' => t('Terms of Service'),
+				'$prj_header' => t('Software and Project information'),
+				'$prj_name' => t('This site is powered by $Projectname'),
+				'$prj_transport' => t('Federated and decentralised networking and identity services provided by Zot'),
+				'$transport_link' => '<a href="https://zotlabs.com">https://zotlabs.com</a>',
+				'$prj_version' => ((get_config('system','hidden_version_siteinfo')) ? '' : sprintf( t('Version %s'), \Zotlabs\Lib\System::get_project_version())),
+				'$prj_linktxt' => t('Project homepage'),
+				'$prj_srctxt' => t('Developer homepage'),
+				'$prj_link' => \Zotlabs\Lib\System::get_project_link(),
+				'$prj_src' => \Zotlabs\Lib\System::get_project_srclink(),
+			]
+		);
 
-		$plugins_list = implode(', ',visible_plugin_list());
+		call_hooks('about_hook', $siteinfo); 	
+
+		return $siteinfo;
 
-		if($plugins_list)
-	        $plugins_text = t('Installed plugins/addons/apps:');
-		else
-			$plugins_text = t('No installed plugins/addons/apps');
-	
-		$txt = get_config('system','admininfo');
-		$admininfo = bbcode($txt);
-	
-		if(file_exists('doc/site_donate.html'))
-			$donate .= file_get_contents('doc/site_donate.html');
-	
-		if(function_exists('sys_getloadavg'))
-			$loadavg = sys_getloadavg();
-	
-		$o = replace_macros(get_markup_template('siteinfo.tpl'), array(
-			'$title' => t('$Projectname'),
-			'$description' => t('This is a hub of $Projectname - a global cooperative network of decentralized privacy enhanced websites.'),
-			'$version' => $version,
-			'$tag_txt' => t('Tag: '),
-			'$tag' => $tag,
-			'$polled' => t('Last background fetch: '),
-			'$lastpoll' => get_poller_runtime(),
-			'$load_average' => t('Current load average: '),
-			'$loadavg_all' => $loadavg[0] . ', ' . $loadavg[1] . ', ' . $loadavg[2],		
-			'$commit' => $commit,
-			'$web_location' => t('Running at web location') . ' ' . z_root(),
-			'$visit' => t('Please visit <a href="http://hubzilla.org">hubzilla.org</a> to learn more about $Projectname.'),
-			'$bug_text' => t('Bug reports and issues: please visit'),
-			'$bug_link_url' => 'https://github.com/redmatrix/hubzilla/issues',
-			'$bug_link_text' => t('$projectname issues'),
-			'$contact' => t('Suggestions, praise, etc. - please email "redmatrix" at librelist - dot com'),
-			'$donate' => $donate,
-			'$adminlabel' => t('Site Administrators'),
-			'$admininfo' => $admininfo,
-			'$plugins_text' => $plugins_text,
-			'$plugins_list' => $plugins_list
-	        ));
-	
-		call_hooks('about_hook', $o); 	
-	
-		return $o;
-	
 	}
+
 	
 }

Zotlabs/Module/Snap.php

@@ -0,0 +1,105 @@
+<?php
+
+namespace Zotlabs\Module;
+
+/**
+ * @brief Initialize Hubzilla's cloud (SabreDAV).
+ *
+ * Module for accessing the DAV storage area from a DAV client.
+ */
+
+use \Sabre\DAV as SDAV;
+use \Zotlabs\Storage;
+
+// composer autoloader for SabreDAV
+require_once('vendor/autoload.php');
+
+
+/**
+ * @brief Fires up the SabreDAV server.
+ *
+ * @param App &$a
+ */
+
+class Snap extends \Zotlabs\Web\Controller {
+
+	function init() {
+	
+		// workaround for HTTP-auth in CGI mode
+		if (x($_SERVER, 'REDIRECT_REMOTE_USER')) {
+ 			$userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)) ;
+			if(strlen($userpass)) {
+			 	list($name, $password) = explode(':', $userpass);
+				$_SERVER['PHP_AUTH_USER'] = $name;
+				$_SERVER['PHP_AUTH_PW'] = $password;
+			}
+		}
+
+		if (x($_SERVER, 'HTTP_AUTHORIZATION')) {
+			$userpass = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"], 6)) ;
+			if(strlen($userpass)) {
+				list($name, $password) = explode(':', $userpass);
+				$_SERVER['PHP_AUTH_USER'] = $name;
+				$_SERVER['PHP_AUTH_PW'] = $password;
+			}
+		}
+	
+		if (! is_dir('store'))
+			os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false);
+	
+		$which = null;
+		if (argc() > 1)
+			$which = argv(1);
+	
+		$profile = 0;
+	
+		if($which)
+			profile_load( $which, $profile);
+		else
+			killme();	
+
+		if($_SERVER['PHP_AUTH_USER'] && $_SERVER['PHP_AUTH_USER'] !== $which)
+			killme();
+
+		if(local_channel()) {
+			$c = \App::get_channel();
+			if($c && $c['channel_address'] !== $which)
+				killme();
+		}
+
+		if(! in_array(strtolower($_SERVER['REQUEST_METHOD']),['propfind','get','head']))
+			killme(); 
+
+		$auth = new \Zotlabs\Storage\BasicAuth();
+		$auth->setRealm(ucfirst(\Zotlabs\Lib\System::get_platform_name()) . 'WebDAV');
+
+		$rootDirectory = new SDAV\FS\Directory("store");
+
+		// The server object is responsible for making sense out of the WebDAV protocol
+		$server = new SDAV\Server($rootDirectory);
+
+		$authPlugin = new \Sabre\DAV\Auth\Plugin($auth);
+		$server->addPlugin($authPlugin);
+
+		// If your server is not on your webroot, make sure the following line has the
+		// correct information
+		$server->setBaseUri('/snap');
+
+		// The lock manager is reponsible for making sure users don't overwrite
+		// each others changes.
+		$lockBackend = new SDAV\Locks\Backend\File('store/[data]/locks');
+		$lockPlugin = new SDAV\Locks\Plugin($lockBackend);
+		$server->addPlugin($lockPlugin);
+
+		// This ensures that we get a pretty index in the browser, but it is
+		// optional.
+
+//		$server->addPlugin(new SDAV\Browser\Plugin());
+
+		// All we need to do now, is to fire up the server
+		$server->exec();
+		killme();
+
+	}
+	
+}

Zotlabs/Module/Sslify.php

@@ -10,21 +10,16 @@ class Sslify extends \Zotlabs\Web\Controller {
 			$h = explode("\n",$x['header']);
 			foreach ($h as $l) {
 				list($k,$v) = array_map("trim", explode(":", trim($l), 2));
-				$hdrs[$k] = $v;
+				$hdrs[strtolower($k)] = $v;
 			}
-			if (array_key_exists('Content-Type', $hdrs))
-				$type = $hdrs['Content-Type'];
-		
-			header('Content-Type: ' . $type);
+			if (array_key_exists('content-type', $hdrs)) {
+				$type = $hdrs['content-type'];	
+				header('Content-Type: ' . $type);
+			}
+
 			echo $x['body'];
 			killme();
 		}
 		killme();
-		// for some reason when this fallback is in place - it gets triggered
-		// often, (creating mixed content exceptions) even though there is 
-		// nothing obvious missing on the page when we bypass it. 
-		goaway($_REQUEST['url']);
-	}
-	
-	
+	}	
 }

Zotlabs/Module/Tagrm.php

@@ -18,7 +18,7 @@ class Tagrm extends \Zotlabs\Web\Controller {
 		$tag =  ((x($_POST,'tag'))  ? trim($_POST['tag'])       : '');
 		$item = ((x($_POST,'item')) ? intval($_POST['item'])    : 0 );
 	
-		$r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1",
+		$r = q("SELECT * FROM item WHERE id = %d AND uid = %d LIMIT 1",
 			intval($item),
 			intval(local_channel())
 		);
@@ -67,7 +67,7 @@ class Tagrm extends \Zotlabs\Web\Controller {
 			$item = intval(argv(2));
 			$tag = argv(3);
 	
-			$r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1",
+			$r = q("SELECT * FROM item WHERE id = %d AND uid = %d LIMIT 1",
 				intval($item),
 				intval(local_channel())
 			);
@@ -107,7 +107,7 @@ class Tagrm extends \Zotlabs\Web\Controller {
 	
 			$item = intval(argv(2));
 	
-			$r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1",
+			$r = q("SELECT * FROM item WHERE id = %d AND uid = %d LIMIT 1",
 				intval($item),
 				intval(local_channel())
 			);

Zotlabs/Module/Tasks.php

@@ -45,7 +45,7 @@ class Tasks extends \Zotlabs\Web\Controller {
 	
 		if((argc() > 2) && (argv(1) === 'complete') && intval(argv(2))) {
 			$ret = array('success' => false);
-			$r = q("select * from event where `etype` = 'task' and uid = %d and id = %d limit 1",
+			$r = q("select * from event where etype = 'task' and uid = %d and id = %d limit 1",
 				intval(local_channel()),
 				intval(argv(2))
 			);

Zotlabs/Module/Thing.php

@@ -1,10 +1,10 @@
 <?php
-namespace Zotlabs\Module;
 /**
- * @file mod/thing.php
- * @brief
+ * @file Zotlabs/Module/Thing.php
  */
 
+namespace Zotlabs\Module;
+
 require_once('include/items.php');
 require_once('include/security.php');
 require_once('include/selectors.php');
@@ -14,72 +14,72 @@ require_once('include/acl_selectors.php');
 class Thing extends \Zotlabs\Web\Controller {
 
 	function init() {
-	
+
 		if(! local_channel())
 			return;
-	
+
 		$channel    = \App::get_channel();
-	
+
 		$term_hash = (($_REQUEST['term_hash']) ? $_REQUEST['term_hash'] : '');
-	
+
 		$name = escape_tags($_REQUEST['term']);
 		$verb = escape_tags($_REQUEST['verb']);
 		$activity = intval($_REQUEST['activity']);
 		$profile_guid = escape_tags($_REQUEST['profile_assign']);
 		$url = $_REQUEST['url'];
 		$photo = $_REQUEST['img'];
-	
+
 		$hash = random_string();
-	
+
 		$verbs = obj_verbs();
-	
+
 		/**
-		 * verbs: [0] = first person singular, e.g. "I want", [1] = 3rd person singular, e.g. "Bill wants" 
+		 * verbs: [0] = first person singular, e.g. "I want", [1] = 3rd person singular, e.g. "Bill wants"
 		 * We use the first person form when creating an activity, but the third person for use in activities
 		 * @FIXME There is no accounting for verb gender for languages where this is significant. We may eventually
 		 * require obj_verbs() to provide full conjugations and specify which form to use in the $_REQUEST params to this module.
 		 */
-	
+
 		$translated_verb = $verbs[$verb][1];
-	
+
 		/*
 		 * The site administrator can do things that normals cannot.
 		 * This is restricted because it will likely cause
 		 * an activitystreams protocol violation and the activity might
-		 * choke in some other network and result in unnecessary 
+		 * choke in some other network and result in unnecessary
 		 * support requests. It isn't because we're trying to be heavy-handed
-		 * about what you can and can't do. 
+		 * about what you can and can't do.
 		 */
-	
+
 		if(! $translated_verb) {
 			if(is_site_admin())
 				$translated_verb = $verb;
 		}
-	
+
 		/*
 		 * Things, objects: We do not provide definite (a, an) or indefinite (the) articles or singular/plural designators
-		 * That needs to be specified in your thing. e.g. Mike has "a carrot", Greg wants "balls", Bob likes "the Boston Red Sox".  
+		 * That needs to be specified in your thing. e.g. Mike has "a carrot", Greg wants "balls", Bob likes "the Boston Red Sox".
 		 */
-	
+
 		/*
 		 * Future work on this module might produce more complex activities with targets, e.g. Phillip likes Karen's moustache
 		 * and to describe other non-thing objects like channels, such as Karl wants Susan - where Susan represents a channel profile.
 		 */
-	 
+
 		if((! $name) || (! $translated_verb))
 			return;
-	
+
 		$acl = new \Zotlabs\Access\AccessList($channel);
-	
+
 		if(array_key_exists('contact_allow',$_REQUEST)
 			|| array_key_exists('group_allow',$_REQUEST)
 			|| array_key_exists('contact_deny',$_REQUEST)
 			|| array_key_exists('group_deny',$_REQUEST)) {
 			$acl->set_from_array($_REQUEST);
 		}
-	
+
 		$x = $acl->get();
-	 
+
 		if($term_hash) {
 			$t = q("select * from obj where obj_obj = '%s' and obj_channel = %d limit 1",
 				dbesc($term_hash),
@@ -97,7 +97,7 @@ class Thing extends \Zotlabs\Web\Controller {
 			}
 			else
 				$local_photo = $orig_record['obj_imgurl'];
-	
+
 			$r = q("update obj set obj_term = '%s', obj_url = '%s', obj_imgurl = '%s', obj_edited = '%s', allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where obj_obj = '%s' and obj_channel = %d ",
 				dbesc($name),
 				dbesc(($url) ? $url : z_root() . '/thing/' . $term_hash),
@@ -110,9 +110,9 @@ class Thing extends \Zotlabs\Web\Controller {
 				dbesc($term_hash),
 				intval(local_channel())
 			);
-	
+
 			info( t('Thing updated') . EOL);
-	
+
 			$r = q("select * from obj where obj_channel = %d and obj_obj = '%s' limit 1",
 				intval(local_channel()),
 				dbesc($term_hash)
@@ -120,31 +120,31 @@ class Thing extends \Zotlabs\Web\Controller {
 			if($r) {
 				build_sync_packet(0, array('obj' => $r));
 			}
-	
+
 			return;
 		}
-	
+
 		$sql = (($profile_guid) ? " and profile_guid = '" . dbesc($profile_guid) . "' " : " and is_default = 1 ");
 		$p = q("select profile_guid, is_default from profile where uid = %d $sql limit 1",
 			intval(local_channel())
 		);
-	
+
 		if($p)
 			$profile = $p[0];
 		else
 			return;
-	
+
 		$local_photo = null;
-	
+
 		if($photo) {
 			$arr = import_xchan_photo($photo,get_observer_hash(),true);
 			$local_photo = $arr[0];
 			$local_photo_type = $arr[3];
 		}
-	
+
 		$created = datetime_convert();
 		$url = (($url) ? $url : z_root() . '/thing/' . $hash);
-	
+
 		$r = q("insert into obj ( obj_page, obj_verb, obj_type, obj_channel, obj_obj, obj_term, obj_url, obj_imgurl, obj_created, obj_edited, allow_cid, allow_gid, deny_cid, deny_gid ) values ('%s','%s', %d, %d, '%s','%s','%s','%s','%s','%s','%s','%s','%s','%s') ",
 			dbesc($profile['profile_guid']),
 			dbesc($verb),
@@ -161,14 +161,14 @@ class Thing extends \Zotlabs\Web\Controller {
 			dbesc($x['deny_cid']),
 			dbesc($x['deny_gid'])
 		);
-	
+
 		if(! $r) {
 			notice( t('Object store: failed'));
 			return;
 		}
-	
+
 		info( t('Thing added'));
-		
+
 		$r = q("select * from obj where obj_channel = %d and obj_obj = '%s' limit 1",
 			intval(local_channel()),
 			dbesc($hash)
@@ -176,15 +176,15 @@ class Thing extends \Zotlabs\Web\Controller {
 		if($r) {
 			build_sync_packet(0, array('obj' => $r));
 		}
-	
+
 		if($activity) {
 			$arr = array();
 			$links = array(array('rel' => 'alternate','type' => 'text/html', 'href' => $url));
 			if($local_photo)
 				$links[] = array('rel' => 'photo', 'type' => $local_photo_type, 'href' => $local_photo);
-	
+
 			$objtype = ACTIVITY_OBJ_THING;
-	
+
 			$obj = json_encode(array(
 				'type'    => $objtype,
 				'id'      => $url,
@@ -192,28 +192,28 @@ class Thing extends \Zotlabs\Web\Controller {
 				'title'   => $name,
 				'content' => $name
 			));
-	
+
 			$bodyverb = str_replace('OBJ: ', '',t('OBJ: %1$s %2$s %3$s'));
-	
+
 			$arr['owner_xchan']  = $channel['channel_hash'];
 			$arr['author_xchan'] = $channel['channel_hash'];
-	
+
 			$arr['item_origin'] = 1;
 			$arr['item_wall'] = 1;
 			$arr['item_thread_top'] = 1;
-	
+
 			$ulink = '[zrl=' . $channel['xchan_url'] . ']' . $channel['channel_name'] . '[/zrl]';
 			$plink = '[zrl=' . $url . ']' . $name . '[/zrl]';
-	
+
 			$arr['body'] =  sprintf( $bodyverb, $ulink, $translated_verb, $plink );
-	
+
 			if($local_photo)
 				$arr['body'] .= "\n\n[zmg]" . $local_photo . "[/zmg]";
-	
+
 			$arr['verb'] = $verb;
 			$arr['obj_type'] = $objtype;
 			$arr['obj'] = $obj;
-	
+
 			if(! $profile['is_default']) {
 				$arr['item_private'] = true;
 				$str = '';
@@ -229,37 +229,37 @@ class Thing extends \Zotlabs\Web\Controller {
 				else
 					$arr['allow_cid'] = '<' . get_observer_hash() . '>';
 			}
-	
+
 			$ret = post_activity_item($arr);
 		}
 	}
-	
-	
+
+
 	function get() {
-	
+
 		// @FIXME one problem with things is we can't share them unless we provide the channel in the url
-		// so we can definitively lookup the owner. 
-	
+		// so we can definitively lookup the owner.
+
 		if(argc() == 2) {
-	
+
 			$r = q("select obj_channel from obj where obj_type = %d and obj_obj = '%s' limit 1",
 				intval(TERM_OBJ_THING),
 				dbesc(argv(1))
 			);
-			if($r) 
+			if($r)
 				$sql_extra = permissions_sql($r[0]['obj_channel']);
-	
+
 			$r = q("select * from obj where obj_type = %d and obj_obj = '%s' $sql_extra limit 1",
 				intval(TERM_OBJ_THING),
 				dbesc(argv(1))
 			);
-	
+
 			if($r) {
 				return replace_macros(get_markup_template('show_thing.tpl'), array(
 					'$header' => t('Show Thing'),
 					'$edit' => t('Edit'),
 					'$delete' => t('Delete'),
-					'$canedit' => ((local_channel() && local_channel() == $r[0]['obj_channel']) ? true : false), 
+					'$canedit' => ((local_channel() && local_channel() == $r[0]['obj_channel']) ? true : false),
 					'$thing' => $r[0] ));
 			}
 			else {
@@ -267,34 +267,34 @@ class Thing extends \Zotlabs\Web\Controller {
 				return;
 			}
 		}
-	
+
 		$channel = \App::get_channel();
-	
+
 		if(! (local_channel() && $channel)) {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}
-	
+
 		$acl = new \Zotlabs\Access\AccessList($channel);
 		$channel_acl = $acl->get();
-	
+
 		$lockstate = (($acl->is_private()) ? 'lock' : 'unlock');
-	
+
 		$thing_hash = '';
-	
+
 		if(argc() == 3 && argv(1) === 'edit') {
 			$thing_hash = argv(2);
-	
+
 			$r = q("select * from obj where obj_type = %d and obj_obj = '%s' limit 1",
 				intval(TERM_OBJ_THING),
 				dbesc($thing_hash)
 			);
-	
+
 			if((! $r) || ($r[0]['obj_channel'] != local_channel())) {
 				notice( t('Permission denied.') . EOL);
 				return '';
 			}
-	
+
 			$o .= replace_macros(get_markup_template('thing_edit.tpl'),array(
 				'$thing_hdr' => t('Edit Thing'),
 				'$multiprof' => feature_enabled(local_channel(),'multi_profiles'),
@@ -319,36 +319,36 @@ class Thing extends \Zotlabs\Web\Controller {
 				'$lockstate' => $lockstate,
 				'$submit' => t('Submit')
 			));
-	
+
 			return $o;
 		}
-	
+
 		if(argc() == 3 && argv(1) === 'drop') {
 			$thing_hash = argv(2);
-	
+
 			$r = q("select * from obj where obj_type = %d and obj_obj = '%s' limit 1",
 				intval(TERM_OBJ_THING),
 				dbesc($thing_hash)
 			);
-	
+
 			if((! $r) || ($r[0]['obj_channel'] != local_channel())) {
 				notice( t('Permission denied.') . EOL);
 				return '';
 			}
-	
+
 			$x = q("delete from obj where obj_obj = '%s' and obj_type = %d and obj_channel = %d",
 				dbesc($thing_hash),
 				intval(TERM_OBJ_THING),
 				intval(local_channel())
 			);
-	
+
 			$r[0]['obj_deleted'] = 1;
-	
+
 			build_sync_packet(0,array('obj' => $r));
-	
+
 			return $o;
 		}
-	
+
 		$o .= replace_macros(get_markup_template('thing_input.tpl'),array(
 			'$thing_hdr' => t('Add Thing to your Profile'),
 			'$multiprof' => feature_enabled(local_channel(),'multi_profiles'),
@@ -369,8 +369,8 @@ class Thing extends \Zotlabs\Web\Controller {
 			'$lockstate' => $lockstate,
 			'$submit' => t('Submit')
 		));
-	
+
 		return $o;
 	}
-	
+
 }

Zotlabs/Module/Wall_attach.php

@@ -12,15 +12,20 @@ class Wall_attach extends \Zotlabs\Web\Controller {
 	
 		$using_api = false;
 	
-		if(\App::$data['api_info'] && array_key_exists('media',$_FILES)) {
+		if($_REQUEST['api_source'] && array_key_exists('media',$_FILES)) {
 			$using_api = true;
-			$user_info = \App::$data['api_info'];
-			$nick = $user_info['screen_name'];
-			$channel = get_channel_by_nick($user_info['screen_name']);
 		}
-		elseif(argc() > 1)
-			$channel = get_channel_by_nick(argv(1));
-	
+
+		if($using_api) {
+			require_once('include/api.php');
+			if(api_user())
+				$channel = channelx_by_n(api_user());
+		}
+		else {
+			if(argc() > 1)
+				$channel = channelx_by_nick(argv(1));
+		}
+
 		if(! $channel)
 			killme();
 	

Zotlabs/Module/Wall_upload.php

@@ -17,16 +17,14 @@ class Wall_upload extends \Zotlabs\Web\Controller {
 	
 		if($using_api) {
 			require_once('include/api.php');
-			$user_info = api_get_user($a);
-			$nick = $user_info['screen_name'];
+			if(api_user())
+				$channel = channelx_by_n(api_user());
 		}
 		else {
 			if(argc() > 1)
-				$nick = argv(1);
+				$channel = channelx_by_nick(argv(1));
 		}
 	
-		$channel = (($nick) ? get_channel_by_nick($nick) : false);
-	
 		if(! $channel) {
 			if($using_api)
 				return;

Zotlabs/Module/Wiki.php

@@ -34,77 +34,134 @@ class Wiki extends \Zotlabs\Web\Controller {
 			notice( t('Not found') . EOL);
      		return;
  		}
-	
-		$tab = 'wiki';
-	
-	
+
 		require_once('include/wiki.php');
 		require_once('include/acl_selectors.php');
 		require_once('include/conversation.php');
+		require_once('include/bbcode.php');
 
 		// TODO: Combine the interface configuration into a unified object
 		// Something like $interface = array('new_page_button' => false, 'new_wiki_button' => false, ...)
 		$wiki_owner = false;
 		$showNewWikiButton = false;
-		$showCommitMsg = false;
-		$hidePageHistory = false;
 		$pageHistory = array();
 		$local_observer = null;
 		$resource_id = '';
 		
 		// init() should have forced the URL to redirect to /wiki/channel so assume argc() > 1
 		$nick = argv(1);
-		$channel = get_channel_by_nick($nick);  // The channel who owns the wikis being viewed
-		if(! $channel) {
-			notice('Invalid channel' . EOL);
+		$owner = channelx_by_nick($nick);  // The channel who owns the wikis being viewed
+		if(! $owner) {
+			notice( t('Invalid channel') . EOL);
 			goaway('/' . argv(0));
 		}
 		// Determine if the observer is the channel owner so the ACL dialog can be populated
-		if (local_channel() === intval($channel['channel_id'])) {
-			$local_observer = \App::get_channel();
+		if (local_channel() === intval($owner['channel_id'])) {
+
 			$wiki_owner = true;
 
 			// Obtain the default permission settings of the channel
-			$channel_acl = array(
-					'allow_cid' => $local_observer['channel_allow_cid'],
-					'allow_gid' => $local_observer['channel_allow_gid'],
-					'deny_cid' => $local_observer['channel_deny_cid'],
-					'deny_gid' => $local_observer['channel_deny_gid']
+			$owner_acl = array(
+					'allow_cid' => $owner['channel_allow_cid'],
+					'allow_gid' => $owner['channel_allow_gid'],
+					'deny_cid' => $owner['channel_deny_cid'],
+					'deny_gid' => $owner['channel_deny_gid']
 			);
 			// Initialize the ACL to the channel default permissions
 			$x = array(
-					'lockstate' => (( $local_observer['channel_allow_cid'] || 
-						$local_observer['channel_allow_gid'] || 
-						$local_observer['channel_deny_cid'] || 
-						$local_observer['channel_deny_gid'])
+					'lockstate' => (( $owner['channel_allow_cid'] || 
+						$owner['channel_allow_gid'] || 
+						$owner['channel_deny_cid'] || 
+						$owner['channel_deny_gid'])
 						? 'lock' : 'unlock'
 					),
-					'acl' => populate_acl($channel_acl),
-					'allow_cid' => acl2json($channel_acl['allow_cid']),
-					'allow_gid' => acl2json($channel_acl['allow_gid']),
-					'deny_cid' => acl2json($channel_acl['deny_cid']),
-					'deny_gid' => acl2json($channel_acl['deny_gid']),
+					'acl' => populate_acl($owner_acl),
+					'allow_cid' => acl2json($owner_acl['allow_cid']),
+					'allow_gid' => acl2json($owner_acl['allow_gid']),
+					'deny_cid' => acl2json($owner_acl['deny_cid']),
+					'deny_gid' => acl2json($owner_acl['deny_gid']),
 					'bang' => ''
 			);
 		} else {
 			// Not the channel owner 
-			$channel_acl = $x = array();
+			$owner_acl = $x = array();
+		}
+
+		$is_owner = ((local_channel()) && (local_channel() == \App::$profile['profile_uid']) ? true : false);
+		$o = profile_tabs($a, $is_owner, \App::$profile['channel_address']);
+
+		// Download a wiki
+		if((argc() > 3) && (argv(2) === 'download') && (argv(3) === 'wiki')) {
+
+			$resource_id = argv(4);
+
+			$w = wiki_get_wiki($resource_id);
+			if(!$w['path']) {
+				notice(t('Error retrieving wiki') . EOL);
+			}
+
+			$zip_folder_name = random_string(10);
+			$zip_folderpath = '/tmp/' . $zip_folder_name;
+			if(!mkdir($zip_folderpath, 0770, false)) {
+				logger('Error creating zip file export folder: ' . $zip_folderpath, LOGGER_NORMAL);
+				notice(t('Error creating zip file export folder') . EOL);
+			}
+
+			$zip_filename = $w['urlName'];
+			$zip_filepath = '/tmp/' . $zip_folder_name . '/' . $zip_filename;
+
+			// Generate the zip file
+			\Zotlabs\Lib\ExtendedZip::zipTree($w['path'], $zip_filepath, \ZipArchive::CREATE);
+
+			// Output the file for download
+
+			header('Content-disposition: attachment; filename="' . $zip_filename . '.zip"');
+			header('Content-Type: application/zip');
+
+			$success = readfile($zip_filepath);
+
+			if(!$success) {
+				logger('Error downloading wiki: ' . $resource_id);
+				notice(t('Error downloading wiki: ' . $resource_id) . EOL);
+			}
+
+			// delete temporary files
+			rrmdir($zip_folderpath);
+			killme();
+
 		}
 
 		switch (argc()) {
 			case 2:
-				// Configure page template
-				$wikiheaderName = t('Wiki');
-				$wikiheaderPage = t('Sandbox');
-				require_once('library/markdown.php');	
-				$content = t('"# Wiki Sandbox\n\nContent you **edit** and **preview** here *will not be saved*."');
-				$renderedContent = Markdown(json_decode($content));
-				$hide_editor = false;
-				$showPageControls = false;
-				$showNewWikiButton = $wiki_owner;
-				$showNewPageButton = false;
-				$hidePageHistory = true;
-				$showCommitMsg = false;
+				$wikis = wiki_list($owner, get_observer_hash());
+				if ($wikis) {
+					$o .= replace_macros(get_markup_template('wikilist.tpl'), array(
+						'$header' => t('Wikis'),
+						'$channel' => $owner['channel_address'],
+						'$wikis' => $wikis['wikis'],
+						// If the observer is the local channel owner, show the wiki controls
+						'$owner' => ((local_channel() && local_channel() === intval(\App::$profile['uid'])) ? true : false),
+						'$edit' => t('Edit'),
+						'$download' => t('Download'),
+						'$view' => t('View'),
+						'$create' => t('Create New'),
+						'$submit' => t('Submit'),
+						'$wikiName' => array('wikiName', t('Wiki name')),
+						'$mimeType' => array('mimeType', t('Content type'), '', '', ['text/markdown' => 'Markdown', 'text/bbcode' => 'BB Code']),
+						'$name' => t('Name'),
+						'$type' => t('Type'),
+						'$lockstate' => $x['lockstate'],
+						'$acl' => $x['acl'],
+						'$allow_cid' => $x['allow_cid'],
+						'$allow_gid' => $x['allow_gid'],
+						'$deny_cid' => $x['deny_cid'],
+						'$deny_gid' => $x['deny_gid'],
+						'$notify' => array('postVisible', t('Create a status post for this wiki'), '', '', array(t('No'), t('Yes')))
+					));
+
+					return $o;
+				}
+
 				break;
 			case 3:
 				// /wiki/channel/wiki -> No page was specified, so redirect to Home.md
@@ -115,20 +172,23 @@ class Wiki extends \Zotlabs\Web\Controller {
 				// Fetch the wiki info and determine observer permissions
 				$wikiUrlName = urlencode(argv(2));
 				$pageUrlName = urlencode(argv(3));
-				$w = wiki_exists_by_name($channel['channel_id'], $wikiUrlName);
+
+				$w = wiki_exists_by_name($owner['channel_id'], $wikiUrlName);
 				if(!$w['resource_id']) {
-					notice('Wiki not found' . EOL);
+					notice(t('Wiki not found') . EOL);
 					goaway('/'.argv(0).'/'.argv(1));
+					return; //not reached
 				}				
 				$resource_id = $w['resource_id'];
 				
 				if (!$wiki_owner) {
 					// Check for observer permissions
 					$observer_hash = get_observer_hash();
-					$perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash);
+					$perms = wiki_get_permissions($resource_id, intval($owner['channel_id']), $observer_hash);
 					if(!$perms['read']) {
-						notice('Permission denied.' . EOL);
+						notice(t('Permission denied.') . EOL);
 						goaway('/'.argv(0).'/'.argv(1));
+						return; //not reached
 					}
 					if($perms['write']) {
 						$wiki_editor = true;
@@ -140,69 +200,59 @@ class Wiki extends \Zotlabs\Web\Controller {
 				}
 				$wikiheaderName = urldecode($wikiUrlName);
 				$wikiheaderPage = urldecode($pageUrlName);
+				$renamePage = (($wikiheaderPage === 'Home') ? '' : t('Rename page'));
+
 				$p = wiki_get_page_content(array('resource_id' => $resource_id, 'pageUrlName' => $pageUrlName));
 				if(!$p['success']) {
-					notice('Error retrieving page content' . EOL);
+					notice(t('Error retrieving page content') . EOL);
 					goaway('/'.argv(0).'/'.argv(1).'/'.$wikiUrlName);
+					return; //not reached
 				}
-				$content = ($p['content'] !== '' ? htmlspecialchars_decode($p['content'],ENT_COMPAT) : '"# New page\n"');
+
+				$mimeType = $p['mimeType'];
+
+				$rawContent = (($p['mimeType'] == 'text/bbcode') ? htmlspecialchars_decode(json_decode($p['content']),ENT_COMPAT) : htmlspecialchars_decode($p['content'],ENT_COMPAT));
+				$content = ($p['content'] !== '' ? $rawContent : '"# New page\n"');
 				// Render the Markdown-formatted page content in HTML
-				require_once('library/markdown.php');
-				$html = wiki_generate_toc(purify_html(Markdown(wiki_bbcode(json_decode($content)))));
-				$renderedContent = wiki_convert_links($html,argv(0).'/'.argv(1).'/'.$wikiUrlName);
-				$hide_editor = false;
+				if($mimeType == 'text/bbcode') {
+					$renderedContent = wiki_convert_links(bbcode($content),argv(0).'/'.argv(1).'/'.$wikiUrlName);
+				}
+				else {
+					require_once('library/markdown.php');
+					$html = wiki_generate_toc(zidify_text(purify_html(Markdown(wiki_bbcode(json_decode($content))))));
+					$renderedContent = wiki_convert_links($html,argv(0).'/'.argv(1).'/'.$wikiUrlName);
+				}
 				$showPageControls = $wiki_editor;
-				$showNewWikiButton = $wiki_owner;
-				$showNewPageButton = $wiki_editor;
-				$hidePageHistory = false;
-				$showCommitMsg = true;
-				$pageHistory = wiki_page_history(array('resource_id' => $resource_id, 'pageUrlName' => $pageUrlName));
 				break;
 			default:	// Strip the extraneous URL components
-				goaway('/'.argv(0).'/'.argv(1).'/'.$wikiUrlName.'/'.$pageUrlName);
+				goaway('/' . argv(0) . '/' . argv(1) . '/' . $wikiUrlName . '/' . $pageUrlName);
+				return; //not reached
 		}
 		
 		$wikiModalID = random_string(3);
-		$wikiModal = replace_macros(
-			get_markup_template('generic_modal.tpl'), array(
-				'$id' => $wikiModalID,
-				'$title' => t('Revision Comparison'),
-				'$ok' => t('Revert'),
-				'$cancel' => t('Cancel')
-			)
-		);
+
+		$wikiModal = replace_macros(get_markup_template('generic_modal.tpl'), array(
+			'$id' => $wikiModalID,
+			'$title' => t('Revision Comparison'),
+			'$ok' => (($showPageControls) ? t('Revert') : ''),
+			'$cancel' => t('Cancel')
+		));
 				
-		$is_owner = ((local_channel()) && (local_channel() == \App::$profile['profile_uid']) ? true : false);
-		
-		$o .= profile_tabs($a, $is_owner, \App::$profile['channel_address']);
-
-
 		$o .= replace_macros(get_markup_template('wiki.tpl'),array(
 			'$wikiheaderName' => $wikiheaderName,
 			'$wikiheaderPage' => $wikiheaderPage,
-			'$hideEditor' => $hide_editor,
+			'$renamePage' => $renamePage,
 			'$showPageControls' => $showPageControls,
-			'$showNewWikiButton'=> $showNewWikiButton,
-			'$showNewPageButton'=> $showNewPageButton,
-			'$hidePageHistory' => $hidePageHistory,
-			'$showCommitMsg' => $showCommitMsg,
-			'$channel' => $channel['channel_address'],
+			'$editOrSourceLabel' => (($showPageControls) ? t('Edit') : t('Source')),
+			'$tools_label' => 'Page Tools',
+			'$channel' => $owner['channel_address'],
 			'$resource_id' => $resource_id,
 			'$page' => $pageUrlName,
-			'$lockstate' => $x['lockstate'],
-			'$acl' => $x['acl'],
-			'$allow_cid' => $x['allow_cid'],
-			'$allow_gid' => $x['allow_gid'],
-			'$deny_cid' => $x['deny_cid'],
-			'$deny_gid' => $x['deny_gid'],
-			'$bang' => $x['bang'],
+			'$mimeType' => $mimeType,
 			'$content' => $content,
 			'$renderedContent' => $renderedContent,
-			'$wikiName' => array('wikiName', t('Enter the name of your new wiki:'), '', ''),
-			'$pageName' => array('pageName', t('Enter the name of the new page:'), '', ''),
-			'$pageRename' => array('pageRename', t('Enter the new name:'), '', ''),
-			'$commitMsg' => array('commitMsg', '', '', '', '', 'placeholder="(optional) Enter a custom message when saving the page..."'),
-			'$pageHistory' => $pageHistory['history'],
+			'$pageRename' => array('pageRename', t('New page name'), '', ''),
+			'$commitMsg' => array('commitMsg', '', '', '', '', 'placeholder="Short description of your changes (optional)"'),
 			'$wikiModal' => $wikiModal,
 			'$wikiModalID' => $wikiModalID,
 			'$commit' => 'HEAD',
@@ -212,43 +262,63 @@ class Wiki extends \Zotlabs\Web\Controller {
 			'$embedPhotosModalOK' => t('OK'),
 			'$modalchooseimages' => t('Choose images to embed'),
 			'$modalchoosealbum' => t('Choose an album'),
-			'$modaldiffalbum' => t('Choose a different album...'),
+			'$modaldiffalbum' => t('Choose a different album'),
 			'$modalerrorlist' => t('Error getting album list'),
 			'$modalerrorlink' => t('Error getting photo link'),
 			'$modalerroralbum' => t('Error getting album'),
 		));
-		head_add_js('library/ace/ace.js');	// Ace Code Editor
+
+		if($p['mimeType'] != 'text/bbcode')
+			head_add_js('library/ace/ace.js');	// Ace Code Editor
+
 		return $o;
 	}
 
 	function post() {
 		require_once('include/wiki.php');
+		require_once('include/bbcode.php');
+
+		$nick = argv(1);
+		$owner = channelx_by_nick($nick);
+		$observer_hash = get_observer_hash();
+
+		if(! $owner) {
+			notice( t('Permission denied.') . EOL);
+			return;
+		}
+
 		
 		// /wiki/channel/preview
 		// Render mardown-formatted text in HTML for preview
 		if((argc() > 2) && (argv(2) === 'preview')) {
 			$content = $_POST['content'];
-			$resource_id = $_POST['resource_id']; 
-			require_once('library/markdown.php');
-			$content = wiki_bbcode($content);
-			$html = wiki_generate_toc(purify_html(Markdown($content)));
+			$resource_id = $_POST['resource_id'];
 			$w = wiki_get_wiki($resource_id);
 			$wikiURL = argv(0).'/'.argv(1).'/'.$w['urlName'];
-			$html = wiki_convert_links($html,$wikiURL);
+
+			$mimeType = $w['mimeType'];
+
+			if($mimeType == 'text/bbcode') {
+				$html = wiki_convert_links(bbcode($content),$wikiURL);
+			}
+			else {
+				require_once('library/markdown.php');
+				$content = wiki_bbcode($content);
+				$html = wiki_generate_toc(zidify_text(purify_html(Markdown($content))));
+				$html = wiki_convert_links($html,$wikiURL);
+			}
 			json_return_and_die(array('html' => $html, 'success' => true));
 		}
 		
 		// Create a new wiki
 		// /wiki/channel/create/wiki
 		if ((argc() > 3) && (argv(2) === 'create') && (argv(3) === 'wiki')) {
-			$nick = argv(1);
-			$channel = get_channel_by_nick($nick);
-			// Determine if observer has permission to create wiki
-			$observer_hash = get_observer_hash();
+
 			// Only the channel owner can create a wiki, at least until we create a 
 			// more detail permissions framework
-			if (local_channel() !== intval($channel['channel_id'])) {
-				goaway('/'.argv(0).'/'.$nick.'/');
+
+			if (local_channel() !== intval($owner['channel_id'])) {
+				goaway('/' . argv(0) . '/' . $nick . '/');
 			} 
 			$wiki = array(); 
 			// Generate new wiki info from input name
@@ -256,35 +326,37 @@ class Wiki extends \Zotlabs\Web\Controller {
 			$wiki['rawName'] = $_POST['wikiName'];
 			$wiki['htmlName'] = escape_tags($_POST['wikiName']);
 			$wiki['urlName'] = urlencode($_POST['wikiName']); 
+			$wiki['mimeType'] = $_POST['mimeType'];
+
 			if($wiki['urlName'] === '') {				
-				notice('Error creating wiki. Invalid name.');
+				notice( t('Error creating wiki. Invalid name.') . EOL);
 				goaway('/wiki');
 			}
+
 			// Get ACL for permissions
-			$acl = new \Zotlabs\Access\AccessList($channel);
+			$acl = new \Zotlabs\Access\AccessList($owner);
 			$acl->set_from_array($_POST);
-			$r = wiki_create_wiki($channel, $observer_hash, $wiki, $acl);
+			$r = wiki_create_wiki($owner, $observer_hash, $wiki, $acl);
 			if ($r['success']) {
 				$homePage = wiki_create_page('Home', $r['item']['resource_id']);
 				if(!$homePage['success']) {
-					notice('Wiki created, but error creating Home page.');
+					notice( t('Wiki created, but error creating Home page.'));
 					goaway('/wiki/'.$nick.'/'.$wiki['urlName']);
 				}
 				goaway('/wiki/'.$nick.'/'.$wiki['urlName'].'/'.$homePage['page']['urlName']);
 			} else {
-				notice('Error creating wiki');
+				notice(t('Error creating wiki'));
 				goaway('/wiki');
 			}
 		}
 
 		// Delete a wiki
 		if ((argc() > 3) && (argv(2) === 'delete') && (argv(3) === 'wiki')) {
-			$nick = argv(1);
-			$channel = get_channel_by_nick($nick);
+
 			// Only the channel owner can delete a wiki, at least until we create a 
 			// more detail permissions framework
-			if (local_channel() !== intval($channel['channel_id'])) {
-				logger('Wiki delete permission denied.' . EOL);
+			if (local_channel() !== intval($owner['channel_id'])) {
+				logger('Wiki delete permission denied.');
 				json_return_and_die(array('message' => 'Wiki delete permission denied.', 'success' => false));
 			} 
 			$resource_id = $_POST['resource_id']; 
@@ -297,27 +369,38 @@ class Wiki extends \Zotlabs\Web\Controller {
 			}
 		}
 
+
 		// Create a page
 		if ((argc() === 4) && (argv(2) === 'create') && (argv(3) === 'page')) {
-			$nick = argv(1);
+
 			$resource_id = $_POST['resource_id']; 
 			// Determine if observer has permission to create a page
-			$channel = get_channel_by_nick($nick);
-			if (local_channel() !== intval($channel['channel_id'])) {
-				$observer_hash = get_observer_hash();
-				$perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash);
-				if(!$perms['write']) {
-					logger('Wiki write permission denied. ' . EOL);
-					json_return_and_die(array('success' => false));					
-				}
+
+
+			$perms = wiki_get_permissions($resource_id, intval($owner['channel_id']), $observer_hash);
+			if(!$perms['write']) {
+				logger('Wiki write permission denied. ' . EOL);
+				json_return_and_die(array('success' => false));					
 			}
+
 			$name = $_POST['name']; //Get new page name
 			if(urlencode(escape_tags($_POST['name'])) === '') {				
 				json_return_and_die(array('message' => 'Error creating page. Invalid name.', 'success' => false));
 			}
 			$page = wiki_create_page($name, $resource_id);
 			if ($page['success']) {
-				json_return_and_die(array('url' => '/'.argv(0).'/'.argv(1).'/'.$page['wiki']['urlName'].'/'.urlencode($page['page']['urlName']), 'success' => true));
+				$ob = \App::get_observer();
+				$commit = wiki_git_commit(array(
+						'commit_msg' => t('New page created'), 
+						'resource_id' => $resource_id, 
+						'observer' => $ob,
+						'files' => array($page['page']['fileName'])
+						));
+				if($commit['success']) {
+					json_return_and_die(array('url' => '/'.argv(0).'/'.argv(1).'/'.$page['wiki']['urlName'].'/'.$page['page']['urlName'], 'success' => true));
+				} else {
+					json_return_and_die(array('message' => 'Error making git commit','url' => '/'.argv(0).'/'.argv(1).'/'.$page['wiki']['urlName'].'/'.urlencode($page['page']['urlName']),'success' => false));
+				}				
 			} else {
 				logger('Error creating page');
 				json_return_and_die(array('message' => 'Error creating page.', 'success' => false));
@@ -327,15 +410,13 @@ class Wiki extends \Zotlabs\Web\Controller {
 		// Fetch page list for a wiki
 		if ((argc() === 5) && (argv(2) === 'get') && (argv(3) === 'page') && (argv(4) === 'list')) {
 			$resource_id = $_POST['resource_id']; // resource_id for wiki in db
-			$channel = get_channel_by_nick(argv(1));
-			$observer_hash = get_observer_hash();
-			if (local_channel() !== intval($channel['channel_id'])) {
-				$perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash);
-				if(!$perms['read']) {
-					logger('Wiki read permission denied.' . EOL);
-					json_return_and_die(array('pages' => null, 'message' => 'Permission denied.', 'success' => false));					
-				}
+
+			$perms = wiki_get_permissions($resource_id, intval($owner['channel_id']), $observer_hash);
+			if(!$perms['read']) {
+				logger('Wiki read permission denied.' . EOL);
+				json_return_and_die(array('pages' => null, 'message' => 'Permission denied.', 'success' => false));					
 			}
+
 			$page_list_html = widget_wiki_pages(array(
 					'resource_id' => $resource_id, 
 					'refresh' => true, 
@@ -354,16 +435,12 @@ class Wiki extends \Zotlabs\Web\Controller {
 			if ($commitMsg === '') {
 				$commitMsg = 'Updated ' . $pageHtmlName;
 			}
-			$nick = argv(1);
-			$channel = get_channel_by_nick($nick);
+
 			// Determine if observer has permission to save content
-			if (local_channel() !== intval($channel['channel_id'])) {
-				$observer_hash = get_observer_hash();
-				$perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash);
-				if(!$perms['write']) {
-					logger('Wiki write permission denied. ' . EOL);
-					json_return_and_die(array('success' => false));					
-				}
+			$perms = wiki_get_permissions($resource_id, intval($owner['channel_id']), $observer_hash);
+			if(!$perms['write']) {
+				logger('Wiki write permission denied. ' . EOL);
+				json_return_and_die(array('success' => false));					
 			}
 			
 			$saved = wiki_save_page(array('resource_id' => $resource_id, 'pageUrlName' => $pageUrlName, 'content' => $content));
@@ -373,7 +450,7 @@ class Wiki extends \Zotlabs\Web\Controller {
 						'commit_msg' => $commitMsg, 
 						'resource_id' => $resource_id, 
 						'observer' => $ob,
-						'files' => array($pageUrlName.'.md')
+						'files' => array($saved['fileName'])
 						));
 				if($commit['success']) {
 					json_return_and_die(array('message' => 'Wiki git repo commit made', 'success' => true));
@@ -392,20 +469,19 @@ class Wiki extends \Zotlabs\Web\Controller {
 			$resource_id = $_POST['resource_id'];
 			$pageUrlName = $_POST['name'];
 			
-			$nick = argv(1);
-			$channel = get_channel_by_nick($nick);
+
 			// Determine if observer has permission to read content
-			if (local_channel() !== intval($channel['channel_id'])) {
-				$observer_hash = get_observer_hash();
-				$perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash);
-				if(!$perms['read']) {
-					logger('Wiki read permission denied.' . EOL);
-					json_return_and_die(array('historyHTML' => '', 'message' => 'Permission denied.', 'success' => false));
-				}
+
+			$perms = wiki_get_permissions($resource_id, intval($owner['channel_id']), $observer_hash);
+			if(!$perms['read']) {
+				logger('Wiki read permission denied.' . EOL);
+				json_return_and_die(array('historyHTML' => '', 'message' => 'Permission denied.', 'success' => false));
 			}
+
 			$historyHTML = widget_wiki_page_history(array(
-					'resource_id' => $resource_id,
-					'pageUrlName' => $pageUrlName
+				'resource_id' => $resource_id,
+				'pageUrlName' => $pageUrlName,
+				'permsWrite' => $perms['write']
 			));
 			json_return_and_die(array('historyHTML' => $historyHTML, 'message' => '', 'success' => true));
 		}
@@ -418,16 +494,13 @@ class Wiki extends \Zotlabs\Web\Controller {
 				json_return_and_die(array('message' => 'Cannot delete Home','success' => false));
 			}
 			// Determine if observer has permission to delete pages
-			$nick = argv(1);
-			$channel = get_channel_by_nick($nick);			
-			if (local_channel() !== intval($channel['channel_id'])) {
-				$observer_hash = get_observer_hash();
-				$perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash);
-				if(!$perms['write']) {
-					logger('Wiki write permission denied. ' . EOL);
-					json_return_and_die(array('success' => false));					
-				}
+
+			$perms = wiki_get_permissions($resource_id, intval($owner['channel_id']), $observer_hash);
+			if(!$perms['write']) {
+				logger('Wiki write permission denied. ' . EOL);
+				json_return_and_die(array('success' => false));					
 			}
+
 			$deleted = wiki_delete_page(array('resource_id' => $resource_id, 'pageUrlName' => $pageUrlName));
 			if($deleted['success']) {
 				$ob = \App::get_observer();
@@ -453,16 +526,13 @@ class Wiki extends \Zotlabs\Web\Controller {
 			$pageUrlName = $_POST['name'];
 			$commitHash = $_POST['commitHash'];
 			// Determine if observer has permission to revert pages
-			$nick = argv(1);
-			$channel = get_channel_by_nick($nick);			
-			if (local_channel() !== intval($channel['channel_id'])) {
-				$observer_hash = get_observer_hash();
-				$perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash);
-				if(!$perms['write']) {
-					logger('Wiki write permission denied.' . EOL);
-					json_return_and_die(array('success' => false));					
-				}
+
+			$perms = wiki_get_permissions($resource_id, intval($owner['channel_id']), $observer_hash);
+			if(!$perms['write']) {
+				logger('Wiki write permission denied.' . EOL);
+				json_return_and_die(array('success' => false));					
 			}
+
 			$reverted = wiki_revert_page(array('commitHash' => $commitHash, 'resource_id' => $resource_id, 'pageUrlName' => $pageUrlName));
 			if($reverted['success']) {
 				json_return_and_die(array('content' => $reverted['content'], 'message' => '', 'success' => true));					
@@ -478,16 +548,13 @@ class Wiki extends \Zotlabs\Web\Controller {
 			$compareCommit = $_POST['compareCommit'];
 			$currentCommit = $_POST['currentCommit'];
 			// Determine if observer has permission to revert pages
-			$nick = argv(1);
-			$channel = get_channel_by_nick($nick);			
-			if (local_channel() !== intval($channel['channel_id'])) {
-				$observer_hash = get_observer_hash();
-				$perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash);
-				if(!$perms['read']) {
-					logger('Wiki read permission denied.' . EOL);
-					json_return_and_die(array('success' => false));					
-				}
+
+			$perms = wiki_get_permissions($resource_id, intval($owner['channel_id']), $observer_hash);
+			if(!$perms['read']) {
+				logger('Wiki read permission denied.' . EOL);
+				json_return_and_die(array('success' => false));					
 			}
+
 			$compare = wiki_compare_page(array('currentCommit' => $currentCommit, 'compareCommit' => $compareCommit, 'resource_id' => $resource_id, 'pageUrlName' => $pageUrlName));
 			if($compare['success']) {
 				$diffHTML = '<table class="text-center" width="100%"><tr><td class="lead" width="50%">Current Revision</td><td class="lead" width="50%">Selected Revision</td></tr></table>' . $compare['diff'];
@@ -509,16 +576,13 @@ class Wiki extends \Zotlabs\Web\Controller {
 				json_return_and_die(array('message' => 'Error renaming page. Invalid name.', 'success' => false));
 			}
 			// Determine if observer has permission to rename pages
-			$nick = argv(1);
-			$channel = get_channel_by_nick($nick);			
-			if (local_channel() !== intval($channel['channel_id'])) {
-				$observer_hash = get_observer_hash();
-				$perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash);
-				if(!$perms['write']) {
-					logger('Wiki write permission denied. ' . EOL);
-					json_return_and_die(array('success' => false));					
-				}
+
+			$perms = wiki_get_permissions($resource_id, intval($owner['channel_id']), $observer_hash);
+			if(!$perms['write']) {
+				logger('Wiki write permission denied. ' . EOL);
+				json_return_and_die(array('success' => false));					
 			}
+
 			$renamed = wiki_rename_page(array('resource_id' => $resource_id, 'pageUrlName' => $pageUrlName, 'pageNewName' => $pageNewName));
 			if($renamed['success']) {
 				$ob = \App::get_observer();
@@ -526,7 +590,7 @@ class Wiki extends \Zotlabs\Web\Controller {
 						'commit_msg' => 'Renamed ' . urldecode($pageUrlName) . ' to ' . $renamed['page']['htmlName'], 
 						'resource_id' => $resource_id, 
 						'observer' => $ob,
-						'files' => array($pageUrlName . '.md', $renamed['page']['fileName']),
+						'files' => array($pageUrlName . substr($renamed['page']['fileName'], -3), $renamed['page']['fileName']),
 						'all' => true
 						));
 				if($commit['success']) {
@@ -539,7 +603,7 @@ class Wiki extends \Zotlabs\Web\Controller {
 			}
 		}
 
-		//notice('You must be authenticated.');
+		//notice( t('You must be authenticated.'));
 		json_return_and_die(array('message' => 'You must be authenticated.', 'success' => false));
 		
 	}

Zotlabs/Storage/BasicAuth.php

@@ -12,7 +12,7 @@ use Sabre\HTTP\ResponseInterface;
  * This class also contains some data which is not necessary for authentication
  * like timezone settings.
  *
- * @extends Sabre\DAV\Auth\Backend\AbstractBasic
+ * @extends \\Sabre\\DAV\\Auth\\Backend\\AbstractBasic
  *
  * @link http://github.com/friendica/red
  * @license http://opensource.org/licenses/mit-license.php The MIT License (MIT)
@@ -24,37 +24,37 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic {
 	 *
 	 * It is used for building path in filestorage/.
 	 *
-	 * @var string|null
+	 * @var string|null $channel_name
 	 */
 	protected $channel_name = null;
 	/**
-	 * channel_id of the current channel of the logged-in account.
+	 * @brief channel_id of the current channel of the logged-in account.
 	 *
-	 * @var int
+	 * @var int $channel_id
 	 */
 	public $channel_id = 0;
 	/**
-	 * channel_hash of the current channel of the logged-in account.
+	 * @brief channel_hash of the current channel of the logged-in account.
 	 *
-	 * @var string
+	 * @var string $channel_hash
 	 */
 	public $channel_hash = '';
 	/**
-	 * Set in mod/cloud.php to observer_hash.
+	 * @brief Set in mod/cloud.php to observer_hash.
 	 *
-	 * @var string
+	 * @var string $observer
 	 */
 	public $observer = '';
 	/**
 	 *
 	 * @see Browser::set_writeable()
-	 * @var \Sabre\DAV\Browser\Plugin
+	 * @var \\Sabre\\DAV\\Browser\\Plugin $browser
 	 */
 	public $browser;
 	/**
-	 * channel_id of the current visited path. Set in Directory::getDir().
+	 * @brief channel_id of the current visited path. Set in Directory::getDir().
 	 *
-	 * @var int
+	 * @var int $owner_id
 	 */
 	public $owner_id = 0;
 	/**
@@ -62,15 +62,15 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic {
 	 *
 	 * Used for creating the path in cloud/
 	 *
-	 * @var string
+	 * @var string $owner_nick
 	 */
 	public $owner_nick = '';
 	/**
 	 * Timezone from the visiting channel's channel_timezone.
 	 *
-	 * Used in @ref RedBrowser
+	 * Used in @ref Browser
 	 *
-	 * @var string
+	 * @var string $timezone
 	 */
 	protected $timezone = '';
 
@@ -82,7 +82,7 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic {
 	 * @brief Validates a username and password.
 	 *
 	 *
-	 * @see \Sabre\DAV\Auth\Backend\AbstractBasic::validateUserPass
+	 * @see \\Sabre\\DAV\\Auth\\Backend\\AbstractBasic::validateUserPass
 	 * @param string $username
 	 * @param string $password
 	 * @return bool
@@ -211,7 +211,7 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic {
 	 *
 	 * If nobody is currently logged in, this method should return null.
 	 *
-	 * @see \Sabre\DAV\Auth\Backend\AbstractBasic::getCurrentUser
+	 * @see \\Sabre\\DAV\\Auth\\Backend\\AbstractBasic::getCurrentUser
 	 * @return string|null
 	 */
 	public function getCurrentUser() {

Zotlabs/Storage/Browser.php

@@ -7,10 +7,10 @@ use Sabre\DAV;
 /**
  * @brief Provides a DAV frontend for the webbrowser.
  *
- * RedBrowser is a SabreDAV server-plugin to provide a view to the DAV storage
+ * Browser is a SabreDAV server-plugin to provide a view to the DAV storage
  * for the webbrowser.
  *
- * @extends \Sabre\DAV\Browser\Plugin
+ * @extends \\Sabre\\DAV\\Browser\\Plugin
  *
  * @link http://github.com/friendica/red
  * @license http://opensource.org/licenses/mit-license.php The MIT License (MIT)
@@ -19,13 +19,13 @@ class Browser extends DAV\Browser\Plugin {
 
 	/**
 	 * @see set_writeable()
-	 * @see \Sabre\DAV\Auth\Backend\BackendInterface
-	 * @var RedBasicAuth
+	 * @see \\Sabre\\DAV\\Auth\\Backend\\BackendInterface
+	 * @var BasicAuth $auth
 	 */
 	private $auth;
 
 	/**
-	 * @brief Constructor for RedBrowser class.
+	 * @brief Constructor for Browser class.
 	 *
 	 * $enablePost will be activated through set_writeable() in a later stage.
 	 * At the moment the write_storage permission is only valid for the whole
@@ -36,7 +36,7 @@ class Browser extends DAV\Browser\Plugin {
 	 * Disable assets with $enableAssets = false. Should get some thumbnail views
 	 * anyway.
 	 *
-	 * @param RedBasicAuth &$auth
+	 * @param BasicAuth &$auth
 	 */
 	public function __construct(&$auth) {
 		$this->auth = $auth;
@@ -95,7 +95,6 @@ class Browser extends DAV\Browser\Plugin {
 			'{DAV:}getlastmodified',
 			), 1);
 
-
 		$parent = $this->server->tree->getNodeForPath($path);
 
 		$parentpath = array();
@@ -263,10 +262,11 @@ class Browser extends DAV\Browser\Plugin {
 	 * @brief Creates a form to add new folders and upload files.
 	 *
 	 * @param \Sabre\DAV\INode $node
-	 * @param string &$output
+	 * @param[in,out] string &$output
+	 * @param string $path
 	 */
 	public function htmlActionsPanel(DAV\INode $node, &$output, $path) {
-		if (! $node instanceof DAV\ICollection)
+		if(! $node instanceof DAV\ICollection)
 			return;
 
 		// We also know fairly certain that if an object is a non-extended
@@ -278,9 +278,9 @@ class Browser extends DAV\Browser\Plugin {
 		$aclselect = null;
 		$lockstate = '';
 
-		if ($this->auth->owner_id) {
+		if($this->auth->owner_id) {
 			$channel = channelx_by_n($this->auth->owner_id);
-			if ($channel) {
+			if($channel) {
 				$acl = new \Zotlabs\Access\AccessList($channel);
 				$channel_acl = $acl->get();
 				$lockstate = (($acl->is_private()) ? 'lock' : 'unlock');
@@ -295,12 +295,12 @@ class Browser extends DAV\Browser\Plugin {
 			intval($this->auth->channel_account_id)
 		);
 		$used = $r[0]['total'];
-		if ($used) {
+		if($used) {
 			$quotaDesc = t('You are using %1$s of your available file storage.');
 			$quotaDesc = sprintf($quotaDesc,
 				userReadableSize($used));
 		}
-		if ($limit && $used) {
+		if($limit && $used) {
 			$quotaDesc = t('You are using %1$s of %2$s available file storage. (%3$s%)');
 			$quotaDesc = sprintf($quotaDesc,
 				userReadableSize($used),
@@ -355,7 +355,7 @@ class Browser extends DAV\Browser\Plugin {
 	 *
 	 * @param int $owner
 	 *  The owner_id
-	 * @param string $hash
+	 * @param string $parentHash
 	 *  The parent's folder hash
 	 * @param string $attachName
 	 *  The name of the attachment
@@ -373,6 +373,7 @@ class Browser extends DAV\Browser\Plugin {
 				$hash = $rr['hash'];
 			}
 		}
+
 		return $hash;
 	}
 

Zotlabs/Storage/Directory.php

@@ -9,9 +9,9 @@ use Sabre\DAV;
  *
  * A class that represents a directory.
  *
- * @extends \Sabre\DAV\Node
- * @implements \Sabre\DAV\ICollection
- * @implements \Sabre\DAV\IQuota
+ * @extends \\Sabre\\DAV\\Node
+ * @implements \\Sabre\\DAV\\ICollection
+ * @implements \\Sabre\\DAV\\IQuota
  *
  * @link http://github.com/friendica/red
  * @license http://opensource.org/licenses/mit-license.php The MIT License (MIT)
@@ -21,7 +21,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
 	/**
 	 * @brief The path inside /cloud
 	 *
-	 * @var string
+	 * @var string $red_path
 	 */
 	private $red_path;
 	private $folder_hash;
@@ -29,7 +29,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
 	 * @brief The full path as seen in the browser.
 	 * /cloud + $red_path
 	 * @todo I think this is not used anywhere, we always strip '/cloud' and only use it in debug
-	 * @var string
+	 * @var string $ext_path
 	 */
 	private $ext_path;
 	private $root_dir = '';
@@ -38,7 +38,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
 	 * @brief The real path on the filesystem.
 	 * The actual path in store/ with the hashed names.
 	 *
-	 * @var string
+	 * @var string $os_path
 	 */
 	private $os_path = '';
 
@@ -46,7 +46,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
 	 * @brief Sets up the directory node, expects a full path.
 	 *
 	 * @param string $ext_path a full path
-	 * @param RedBasicAuth &$auth_plugin
+	 * @param BasicAuth &$auth_plugin
 	 */
 	public function __construct($ext_path, &$auth_plugin) {
 //		$ext_path = urldecode($ext_path);
@@ -55,14 +55,14 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
 		// remove "/cloud" from the beginning of the path
 		$modulename = \App::$module;
 		$this->red_path = ((strpos($ext_path, '/' . $modulename) === 0) ? substr($ext_path, strlen($modulename) + 1) : $ext_path);
-		if (! $this->red_path) {
+		if(! $this->red_path) {
 			$this->red_path = '/';
 		}
 		$this->auth = $auth_plugin;
 		$this->folder_hash = '';
 		$this->getDir();
 
-		if ($this->auth->browser) {
+		if($this->auth->browser) {
 			$this->auth->browser->set_writeable();
 		}
 	}
@@ -76,8 +76,8 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
 	/**
 	 * @brief Returns an array with all the child nodes.
 	 *
-	 * @throw \Sabre\DAV\Exception\Forbidden
-	 * @return array \Sabre\DAV\INode[]
+	 * @throw "\Sabre\DAV\Exception\Forbidden"
+	 * @return array \\Sabre\\DAV\\INode[]
 	 */
 	public function getChildren() {
 		logger('children for ' . $this->ext_path, LOGGER_DATA);
@@ -98,8 +98,8 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
 	/**
 	 * @brief Returns a child by name.
 	 *
-	 * @throw \Sabre\DAV\Exception\Forbidden
-	 * @throw \Sabre\DAV\Exception\NotFound
+	 * @throw "\Sabre\DAV\Exception\Forbidden"
+	 * @throw "\Sabre\DAV\Exception\NotFound"
 	 * @param string $name
 	 */
 	public function getChild($name) {
@@ -141,7 +141,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
 	 *
 	 * @todo handle duplicate directory name
 	 *
-	 * @throw \Sabre\DAV\Exception\Forbidden
+	 * @throw "\Sabre\DAV\Exception\Forbidden"
 	 * @param string $name The new name of the directory.
 	 * @return void
 	 */
@@ -186,7 +186,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
 	 * After successful creation of the file, you may choose to return the ETag
 	 * of the new file here.
 	 *
-	 * @throw \Sabre\DAV\Exception\Forbidden
+	 * @throw "\Sabre\DAV\Exception\Forbidden"
 	 * @param string $name Name of the file
 	 * @param resource|string $data Initial payload
 	 * @return null|string ETag
@@ -244,8 +244,8 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
 			$deny_gid = $c[0]['channel_deny_gid'];
 		}
 
-		$r = q("INSERT INTO attach ( aid, uid, hash, creator, filename, folder, os_storage, filetype, filesize, revision, is_photo, content, created, edited, allow_cid, allow_gid, deny_cid, deny_gid )
-			VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ",
+		$r = q("INSERT INTO attach ( aid, uid, hash, creator, filename, folder, os_storage, filetype, filesize, revision, is_photo, content, created, edited, os_path, display_path, allow_cid, allow_gid, deny_cid, deny_gid )
+			VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ",
 			intval($c[0]['channel_account_id']),
 			intval($c[0]['channel_id']),
 			dbesc($hash),
@@ -260,6 +260,8 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
 			dbesc($f),
 			dbesc(datetime_convert()),
 			dbesc(datetime_convert()),
+			'', //TODO: use os_path
+			'', //TODO: use display_path
 			dbesc($allow_cid),
 			dbesc($allow_gid),
 			dbesc($deny_cid),
@@ -431,7 +433,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
 	/**
 	 * @todo add description of what this function does.
 	 *
-	 * @throw \Sabre\DAV\Exception\NotFound
+	 * @throw "\Sabre\DAV\Exception\NotFound"
 	 * @return void
 	 */
 	function getDir() {
@@ -557,13 +559,13 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
 
 
 	/**
-	 * @brief Array with all Directory and File DAV\Node items for the given path.
+	 * @brief Array with all Directory and File DAV\\Node items for the given path.
  	 *
 	 * @param string $file path to a directory
 	 * @param \Zotlabs\Storage\BasicAuth &$auth
-	 * @returns null|array \Sabre\DAV\INode[]
-	 * @throw \Sabre\DAV\Exception\Forbidden
-	 * @throw \Sabre\DAV\Exception\NotFound
+	 * @returns null|array \\Sabre\\DAV\\INode[]
+	 * @throw "\Sabre\DAV\Exception\Forbidden"
+	 * @throw "\Sabre\DAV\Exception\NotFound"
 	 */
 	function CollectionData($file, &$auth) {
 		$ret = array();
@@ -710,7 +712,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota {
 	 * @param BasicAuth &$auth
 	 * @param boolean $test (optional) enable test mode
 	 * @return File|Directory|boolean|null
-	 * @throw \Sabre\DAV\Exception\Forbidden
+	 * @throw "\Sabre\DAV\Exception\Forbidden"
 	 */
 	function FileData($file, &$auth, $test = false) {
 		logger($file . (($test) ? ' (test mode) ' : ''), LOGGER_DATA);

Zotlabs/Storage/File.php

@@ -9,8 +9,8 @@ use Sabre\DAV;
  *
  * It provides all functions to work with files in Red's cloud through DAV protocol.
  *
- * @extends \Sabre\DAV\Node
- * @implements \Sabre\DAV\IFile
+ * @extends \\Sabre\\DAV\\Node
+ * @implements \\Sabre\\DAV\\IFile
  *
  * @link http://github.com/friendica/red
  * @license http://opensource.org/licenses/mit-license.php The MIT License (MIT)
@@ -20,20 +20,20 @@ class File extends DAV\Node implements DAV\IFile {
 	/**
 	 * The file from attach table.
 	 *
-	 * @var array
-	 *  data
-	 *  flags
-	 *  filename (string)
-	 *  filetype (string)
+	 * @var array $data
+	 *  * data
+	 *  * flags
+	 *  * filename (string)
+	 *  * filetype (string)
 	 */
 	private $data;
 	/**
-	 * @see \Sabre\DAV\Auth\Backend\BackendInterface
-	 * @var \RedMatrix\RedDAV\RedBasicAuth
+	 * @see \\Sabre\\DAV\\Auth\\Backend\\BackendInterface
+	 * @var \\Zotlabs\\Storage\\BasicAuth $auth
 	 */
 	private $auth;
 	/**
-	 * @var string
+	 * @var string $name
 	 */
 	private $name;
 
@@ -65,8 +65,8 @@ class File extends DAV\Node implements DAV\IFile {
 	/**
 	 * @brief Renames the file.
 	 *
-	 * @throw Sabre\DAV\Exception\Forbidden
-	 * @param string $name The new name of the file.
+	 * @throw "\Sabre\DAV\Exception\Forbidden"
+	 * @param string $newName The new name of the file.
 	 * @return void
 	 */
 	public function setName($newName) {
@@ -95,7 +95,7 @@ class File extends DAV\Node implements DAV\IFile {
 		$ch = channelx_by_n($this->auth->owner_id);
 		if($ch) {
 			$sync = attach_export_data($ch,$this->data['hash']);
-			if($sync) 
+			if($sync)
 				build_sync_packet($ch['channel_id'],array('file' => array($sync)));
 		}
 	}
@@ -138,7 +138,7 @@ class File extends DAV\Node implements DAV\IFile {
 							$album = $f1[0]['filename'];
 							$direct = $f1[0];
 						}
-					}	
+					}
 					$fname = dbunescbin($d[0]['content']);
 					if(strpos($fname,'store') === false)
 						$f = 'store/' . $this->auth->owner_nick . '/' . $fname ;
@@ -151,11 +151,11 @@ class File extends DAV\Node implements DAV\IFile {
 					logger('filename: ' . $f . ' size: ' . $size, LOGGER_DEBUG);
 				}
 				$gis = @getimagesize($f);
-				logger('getimagesize: ' . print_r($gis,true), LOGGER_DATA); 
+				logger('getimagesize: ' . print_r($gis,true), LOGGER_DATA);
 				if(($gis) && ($gis[2] === IMAGETYPE_GIF || $gis[2] === IMAGETYPE_JPEG || $gis[2] === IMAGETYPE_PNG)) {
 					$is_photo = 1;
 				}
-			} 
+			}
 			else {
 				// this shouldn't happen any more
 				$r = q("UPDATE attach SET content = '%s' WHERE hash = '%s' AND uid = %d",
@@ -222,7 +222,7 @@ class File extends DAV\Node implements DAV\IFile {
 
 		$sync = attach_export_data($c[0],$this->data['hash']);
 
-		if($sync) 
+		if($sync)
 			build_sync_packet($c[0]['channel_id'],array('file' => array($sync)));
 
 	}
@@ -322,16 +322,16 @@ class File extends DAV\Node implements DAV\IFile {
 	 * This method checks the permissions and then calls attach_delete() function
 	 * to actually remove the file.
 	 *
-	 * @throw \Sabre\DAV\Exception\Forbidden
+	 * @throw "\Sabre\DAV\Exception\Forbidden"
 	 */
 	public function delete() {
 		logger('delete file ' . basename($this->name), LOGGER_DEBUG);
 
-		if ((! $this->auth->owner_id) || (! perm_is_allowed($this->auth->owner_id, $this->auth->observer, 'write_storage'))) {
+		if((! $this->auth->owner_id) || (! perm_is_allowed($this->auth->owner_id, $this->auth->observer, 'write_storage'))) {
 			throw new DAV\Exception\Forbidden('Permission denied.');
 		}
 
-		if ($this->auth->owner_id !== $this->auth->channel_id) {
+		if($this->auth->owner_id !== $this->auth->channel_id) {
 			if (($this->auth->observer !== $this->data['creator']) || intval($this->data['is_dir'])) {
 				throw new DAV\Exception\Forbidden('Permission denied.');
 			}
@@ -340,14 +340,14 @@ class File extends DAV\Node implements DAV\IFile {
 		if(get_pconfig($this->auth->owner_id,'system','os_delete_prohibit') && \App::$module == 'dav') {
 			throw new DAV\Exception\Forbidden('Permission denied.');
 		}
- 
+
 		attach_delete($this->auth->owner_id, $this->data['hash']);
 
 		$ch = channelx_by_n($this->auth->owner_id);
 		if($ch) {
-			$sync = attach_export_data($ch,$this->data['hash'],true);
-			if($sync) 
-				build_sync_packet($ch['channel_id'],array('file' => array($sync)));
+			$sync = attach_export_data($ch, $this->data['hash'], true);
+			if($sync)
+				build_sync_packet($ch['channel_id'], array('file' => array($sync)));
 		}
 	}
 }

Zotlabs/Web/Router.php

@@ -2,51 +2,53 @@
 
 namespace Zotlabs\Web;
 
-
+/**
+ *
+ * We have already parsed the server path into App::$argc and App::$argv
+ *
+ * App::$argv[0] is our module name. Let's call it 'foo'. We will load the
+ * Zotlabs/Module/Foo.php (object) or file mod/foo.php (procedural)
+ * and use it for handling our URL request to 'https://ourgreatwebsite.something/foo' .
+ * The module file contains a few functions that we call in various circumstances
+ * and in the following order:
+ * @code{.php}
+ * Object:
+ *    class Foo extends \Zotlabs\Web\Controller {
+ *        function init() { init function }
+ *        function post() { post function }
+ *        function get()  { normal page function }
+ *    }
+ *
+ * Procedual interface:
+ *        foo_init()
+ *        foo_post() (only called if there are $_POST variables)
+ *        foo_content() - the string return of this function contains our page body
+ * @endcode
+ * Modules which emit other serialisations besides HTML (XML,JSON, etc.) should do
+ * so within the module init and/or post functions and then invoke killme() to terminate
+ * further processing.
+ */
 class Router {
 
 	private $modname = '';
 	private $controller = null;
 
+	/**
+	 * @brief Router constructor
+	 *
+	 * @param[in,out] App &$a
+	 * @throws Exception module not found
+	 */
 	function __construct(&$a) {
 
-		/**
-		 *
-		 * We have already parsed the server path into App::$argc and App::$argv
-		 *
-		 * App::$argv[0] is our module name. Let's call it 'foo'. We will load the
-		 * Zotlabs/Module/Foo.php (object) or file mod/foo.php (procedural)
-		 * and use it for handling our URL request to 'https://ourgreatwebsite.something/foo' .
-		 * The module file contains a few functions that we call in various circumstances
-		 * and in the following order:
-		 *
-		 * Object:
-		 *    class Foo extends Zotlabs\Web\Controller {
-		 *        function init() { init function }
-		 *        function post() { post function }
-		 *        function get()  { normal page function }
-		 *    }
-		 *
-		 * Procedual interface:
-		 *        foo_init()
-		 *        foo_post() (only called if there are $_POST variables)
-		 *        foo_content() - the string return of this function contains our page body
-		 *
-		 * Modules which emit other serialisations besides HTML (XML,JSON, etc.) should do
-		 * so within the module init and/or post functions and then invoke killme() to terminate
-		 * further processing.
-		 */
-
 		$module = \App::$module;
 		$modname = "Zotlabs\\Module\\" . ucfirst($module);
 
 		if(strlen($module)) {
 
-			/**
-			 *
+			/*
 			 * We will always have a module name.
 			 * First see if we have a plugin which is masquerading as a module.
-			 *
 			 */
 
 			if(is_array(\App::$plugins) && in_array($module,\App::$plugins) && file_exists("addon/{$module}/{$module}.php")) {
@@ -66,7 +68,7 @@ class Router {
 				goaway(z_root());
 			}
 
-			/**
+			/*
 			 * If the site has a custom module to over-ride the standard module, use it.
 			 * Otherwise, look for the standard program module
 			 */
@@ -101,13 +103,13 @@ class Router {
 					}
 				}
 			}
-				
-			/**
-			 * This provides a place for plugins to register module handlers which don't otherwise exist 
-			 * on the system, or to completely over-ride an existing module. 
+
+			/*
+			 * This provides a place for plugins to register module handlers which don't otherwise exist
+			 * on the system, or to completely over-ride an existing module.
 			 * If the plugin sets 'installed' to true we won't throw a 404 error for the specified module even if
 			 * there is no specific module file or matching plugin name.
-			 * The plugin should catch at least one of the module hooks for this URL. 
+			 * The plugin should catch at least one of the module hooks for this URL.
 			 */
 
 			$x = array('module' => $module, 'installed' => \App::$module_loaded, 'controller' => $this->controller);
@@ -117,7 +119,7 @@ class Router {
 				$this->controller = $x['controller'];
 			}
 
-			/**
+			/*
 			 * The URL provided does not resolve to a valid module.
 			 *
 			 * On Dreamhost sites, quite often things go wrong for no apparent reason and they send us to '/internal_error.html'.
@@ -135,15 +137,21 @@ class Router {
 					killme();
 				}
 
-				logger("Module {$module} not found.", LOGGER_DEBUG, LOG_WARNING);
-
-				if((x($_SERVER, 'QUERY_STRING')) && ($_SERVER['QUERY_STRING'] === 'q=internal_error.html') && \App::$config['system']['dreamhost_error_hack']) {
-					logger('index.php: dreamhost_error_hack invoked. Original URI =' . $_SERVER['REQUEST_URI']);
+				if((x($_SERVER, 'QUERY_STRING')) 
+					&& ($_SERVER['QUERY_STRING'] === 'q=internal_error.html') 
+					&& \App::$config['system']['dreamhost_error_hack']) {
+					logger('index.php: dreamhost_error_hack invoked. Original URI =' . $_SERVER['REQUEST_URI'],LOGGER_DEBUG);
 					goaway(z_root() . $_SERVER['REQUEST_URI']);
 				}
 
-				logger('index.php: page not found: ' . $_SERVER['REQUEST_URI'] . ' ADDRESS: ' . $_SERVER['REMOTE_ADDR'] . ' QUERY: ' . $_SERVER['QUERY_STRING'], LOGGER_DEBUG);
-				header($_SERVER['SERVER_PROTOCOL'] . ' 404 ' . t('Not Found'));
+				if(get_config('system','log_404',true)) {
+					logger("Module {$module} not found.", LOGGER_DEBUG, LOG_WARNING);
+					logger('index.php: page not found: ' . $_SERVER['REQUEST_URI'] 
+						. ' ADDRESS: ' . $_SERVER['REMOTE_ADDR'] . ' QUERY: ' 
+						. $_SERVER['QUERY_STRING'], LOGGER_DEBUG);
+				}
+
+				header($_SERVER['SERVER_PROTOCOL'] . ' 404 Not Found');
 				$tpl = get_markup_template('404.tpl');
 				\App::$page['content'] = replace_macros($tpl, array(
 						'$message' => t('Page not found.')
@@ -157,7 +165,11 @@ class Router {
 		}
 	}
 
-
+	/**
+	 * @brief
+	 *
+	 * @param[in,out] App &$a
+	 */
 	function Dispatch(&$a) {
 
 		/**
@@ -168,14 +180,14 @@ class Router {
 			\App::$page['page_title'] = \App::$module;
 			$placeholder = '';
 
-			/**
+			/*
 			 * No theme has been specified when calling the module_init functions
 			 * For this reason, please restrict the use of templates to those which
 			 * do not provide any presentation details - as themes will not be able
 			 * to over-ride them.
 			 */
 
-			$arr = array('init' => true, 'replace' => false);		
+			$arr = array('init' => true, 'replace' => false);
 			call_hooks(\App::$module . '_mod_init', $arr);
 			if(! $arr['replace']) {
 				if($this->controller && method_exists($this->controller,'init')) {
@@ -187,7 +199,7 @@ class Router {
 				}
 			}
 
-			/**
+			/*
 			 * Do all theme initialisation here before calling any additional module functions.
 			 * The module_init function may have changed the theme.
 			 * Additionally any page with a Comanche template may alter the theme.
@@ -195,7 +207,7 @@ class Router {
 			 */
 
 
-			/**
+			/*
 			 * In case a page has overloaded a module, see if we already have a layout defined
 			 * otherwise, if a PDL file exists for this module, use it
 			 * The member may have also created a customised PDL that's stored in the config
@@ -203,7 +215,7 @@ class Router {
 
 			load_pdl($a);
 
-			/**
+			/*
 		 	 * load current theme info
 		 	 */
 
@@ -226,7 +238,7 @@ class Router {
 				}
 			}
 
-			if(($_SERVER['REQUEST_METHOD'] === 'POST') && (! \App::$error) && (! x($_POST, 'auth-params'))) {		
+			if(($_SERVER['REQUEST_METHOD'] === 'POST') && (! \App::$error) && (! x($_POST, 'auth-params'))) {
 				call_hooks(\App::$module . '_mod_post', $_POST);
 
 				if($this->controller && method_exists($this->controller,'post')) {
@@ -238,7 +250,7 @@ class Router {
 				}
 			}
 
-			if(! \App::$error)  {
+			if(! \App::$error) {
 				$arr = array('content' => \App::$page['content'], 'replace' => false);
 				call_hooks(\App::$module . '_mod_content', $arr);
 				\App::$page['content'] = $arr['content'];

Zotlabs/Web/SessionHandler.php

@@ -18,13 +18,13 @@ class SessionHandler implements \SessionHandlerInterface {
 	function read ($id) {
 
 		if($id) {
-			$r = q("SELECT `sess_data` FROM `session` WHERE `sid`= '%s'", dbesc($id));
+			$r = q("SELECT sess_data FROM session WHERE sid= '%s'", dbesc($id));
 
 			if($r) {
 				return $r[0]['sess_data'];
 			}
 			else {
-				q("INSERT INTO `session` (sess_data, sid, expire) values ('%s', '%s', '%s')",
+				q("INSERT INTO session (sess_data, sid, expire) values ('%s', '%s', '%s')",
 					dbesc(''),
 					dbesc($id),
 					dbesc(time() + 300)
@@ -59,8 +59,8 @@ class SessionHandler implements \SessionHandlerInterface {
 				$expire = time() + (60 * 60 * 24 * 1);
 		}
 
-		q("UPDATE `session`
-			SET `sess_data` = '%s', `expire` = '%s' WHERE `sid` = '%s'",
+		q("UPDATE session
+			SET sess_data = '%s', expire = '%s' WHERE sid = '%s'",
 			dbesc($data),
 			dbesc($expire),
 			dbesc($id)
@@ -76,7 +76,7 @@ class SessionHandler implements \SessionHandlerInterface {
 
 
 	function destroy ($id) {
-		q("DELETE FROM `session` WHERE `sid` = '%s'", dbesc($id));
+		q("DELETE FROM session WHERE sid = '%s'", dbesc($id));
 		return true;
 	}