Merge branch '1.10RC'

Update DE translation strings

.gitignore

@@ -14,6 +14,8 @@
 *.rej
 # OSX .DS_Store files
 .DS_Store
+# version scripts (repo master only) 
+.version*
 Thumbs.db
 
 

.homeinstall/README.md

@@ -2,7 +2,10 @@
 
 Run hubzilla-setup.sh for an unattended installation of hubzilla.
 
-The script is known to work with Debian stable (Jessie).
+The script is known to work with Debian 8.3 stable (Jessie)
+
++ Home-PC (Debian-8.3.0-amd64)
++ DigitalOcean droplet (Debian 8.3 x64 / 512 MB Memory / 20 GB Disk / NYC3)
 
 # Step-by-Step Overwiew
 
@@ -19,13 +22,20 @@ Software
 + Fresh installation of Debian on your mini-pc
 + Router with open ports 80 and 443 for your Debian
 
-## The basic steps
+## The basic steps (quick overview)
 
 + Register your own domain (for example at selfHOST) or a free subdomain (for example at freeDNS)
-+ Clone hubzilla to /var/www/html
-+ Copy hubzilla-config.txt and hubzilla-setup.sh to your Debian (future hub)
-+ Edit hubzilla-config.txt. Enter your values there: db pass, domain, values for dyn DNS
-+ Run hubzilla-setup.sh as root ... wait, wait, wait until the script is finised
++ Log on to your new debian (server)
+  - apt-get install git
+  - mkdir -p /var/www/html
+  - cd /var/www/html
+  - git clone https://github.com/redmatrix/hubzilla.git .
+  - cp .homeinstall/hubzilla-config.txt.template .homeinstall/hubzilla-config.txt
+  - nano .homeinstall/hubzilla-config.txt
+    - Enter your values there: db pass, domain, values for dyn DNS
+  - hubzilla-setup.sh as root
+    - ... wait, wait, wait until the script is finised
+  - reboot
 + Open your domain with a browser and step throught the initial configuration of hubzilla.
 
 # Step-by-Step in Detail
@@ -76,6 +86,8 @@ There are two way to get a domain
 
 ### Method 1: Get yourself an own Domain (recommended)
 
+...for example at selfHOST.de
+
 ### Method 2 Register a (free) Subdomain
 
 Register a free subdomain for example at
@@ -118,8 +130,12 @@ Clone hubzilla from git ("git pull" will update it later)
 Change to the install script
 
     cd html/.homeinstall/
+    
+Copy the template file
+    
+    cp hubzilla-config.txt.template hubzilla-config.txt
 
-Change the file "hubzilla-config.txt". Enter your values there.
+Change the file "hubzilla-config.txt". Read the instructions there and enter your values.
 
     nano hubzilla-config.txt
 
@@ -146,10 +162,3 @@ Leave db type "MySQL" untouched.
 
 Follow the instructions in the next pages.
 
-# The Script explained
-
-This chapter shows you
-
-- What the script does exactly
-- Explanations on technical details. May be this will encourage you to play with bash scripts?
-

.homeinstall/hubzilla-setup.sh

@@ -224,6 +224,19 @@ function print_warn {
     echo -e '\e[0m'
 }
 
+function stop_hubzilla {
+    if [ -d /etc/apache2 ]
+    then
+        print_info "stopping apache webserver..."
+        service apache2 stop
+    fi
+    if [ -f /etc/init.d/mysql ]
+    then
+        print_info "stopping mysql db..."
+        /etc/init.d/mysql stop
+    fi
+}
+
 function install_apache {
     print_info "installing apache..."
     nocheck_install "apache2 apache2-utils"
@@ -236,7 +249,7 @@ function install_curl {
 
 function install_sendmail {
     print_info "installing sendmail..."
-    nocheck_install "sendmail"
+    nocheck_install "sendmail sendmail-bin"
 }
 
 function install_php {
@@ -561,7 +574,8 @@ function install_hubzilla {
     chmod -R 777 store
     touch .htconfig.php
     chmod ou+w .htconfig.php
-    cd ..
+    install_hubzilla_plugins
+    cd /var/www/
     chown -R www-data:www-data html
 	chown root:www-data /var/www/html/
 	chown root:www-data /var/www/html/.htaccess
@@ -575,6 +589,73 @@ function install_hubzilla {
     print_info "installed hubzilla"
 }
 
+function install_hubzilla_plugins {
+    print_info "installing hubzilla plugins..."
+    cd /var/www/html
+    plugin_install=.homeinstall/plugin_install.txt
+    theme_install=.homeinstall/theme_install.txt
+    # overwrite script to update the plugin and themes
+    rm -f $plugins_update
+    echo "cd /var/www/html" >> $plugins_update
+    ###################
+    # write plugin file
+    if [ ! -f "$plugin_install" ]
+    then
+        echo "# To install a plugin" >> $plugin_install
+        echo "# 1. add the plugin in a new line and run" >> $plugin_install
+        echo "# 2. run" >> $plugin_install
+        echo "#   cd /var/www/html/.homeinstall" >> $plugin_install
+        echo "#   ./hubzilla-setup.sh" >> $plugin_install
+        echo "https://gitlab.com/zot/ownmapp.git ownMapp" >> $plugin_install
+        echo "https://gitlab.com/zot/hubzilla-chess.git chess" >> $plugin_install
+    fi
+    # install plugins
+    while read -r line; do
+        [[ "$line" =~ ^#.*$ ]] && continue
+        p_url=$(echo $line | awk -F' ' '{print $1}')
+        p_name=$(echo $line | awk -F' ' '{print $2}')
+        # basic check of format
+	    if [ ${#p_url} -ge 1 ] && [ ${#p_name} -ge 1 ]
+	    then
+            # install addon
+            util/add_addon_repo $line
+            util/update_addon_repo $p_name # not sure if this line is neccessary
+            echo "util/update_addon_repo $p_name" >> $plugins_update
+        else
+            print_info "skipping installation of a plugin from file $plugin_install - something wrong with format in line: $line"
+	    fi
+    done < "$plugin_install"
+    ###################
+    # write theme file
+    if [ ! -f "$theme_install" ]
+    then
+        echo "# To install a theme" >> $theme_install
+        echo "# 1. add the theme in a new line and run" >> $theme_install
+        echo "# 2. run" >> $theme_install
+        echo "#   cd /var/www/html/.homeinstall" >> $theme_install
+        echo "#   ./hubzilla-setup.sh" >> $theme_install
+        echo "https://github.com/DeadSuperHero/hubzilla-themes.git DeadSuperHeroThemes" >> $theme_install
+
+    fi
+    # install plugins
+    while read -r line; do
+        [[ "$line" =~ ^#.*$ ]] && continue
+        p_url=$(echo $line | awk -F' ' '{print $1}')
+        p_name=$(echo $line | awk -F' ' '{print $2}')
+        # basic check of format
+	    if [ ${#p_url} -ge 1 ] && [ ${#p_name} -ge 1 ]
+	    then
+            # install addon
+            util/add_theme_repo $line
+            util/update_theme_repo $p_name # not sure if this line is neccessary
+            echo "util/update_theme_repo $p_name" >> $plugins_update
+        else
+            print_info "skipping installation of a theme from file $theme_install - something wrong with format in line: $line"
+	    fi
+    done < "$theme_install"
+    print_info "installed hubzilla plugins and themes"
+}
+
 function rewrite_to_https {
     print_info "configuring apache to redirect http to httpS ..."
     htaccessfile=/var/www/html/.htaccess
@@ -762,6 +843,7 @@ echo "echo \"\$(date) - updating hubhilla core...\"" >> /var/www/$hubzilladaily
 echo "git -C /var/www/html/ pull" >> /var/www/$hubzilladaily
 echo "echo \"\$(date) - updating hubhilla addons...\"" >> /var/www/$hubzilladaily
 echo "git -C /var/www/html/addon/ pull" >> /var/www/$hubzilladaily
+echo "bash /var/www/html/$plugins_update" >> /var/www/$hubzilladaily
 echo "chown -R www-data:www-data /var/www/html/ # make all accessable for the webserver" >> /var/www/$hubzilladaily
 echo "chown root:www-data /var/www/html/.htaccess" >> /var/www/$hubzilladaily
 echo "chmod 0644 /var/www/html/.htaccess # www-data can read but not write it" >> /var/www/$hubzilladaily
@@ -827,6 +909,7 @@ source $configfile
 selfhostdir=/etc/selfhost
 selfhostscript=selfhost-updater.sh
 hubzilladaily=hubzilla-daily.sh
+plugins_update=.homeinstall/plugins_update.sh
 snapshotconfig=/etc/rsnapshot_hubzilla.conf
 snapshotconfig_external_device=/etc/rsnapshot_hubzilla_external_device.conf
 backup_mount_point=/media/hubzilla_backup
@@ -836,6 +919,7 @@ sslconf=/etc/apache2/sites-available/default-ssl.conf
 #set -x    # activate debugging from here
 
 check_config
+stop_hubzilla
 update_upgrade
 install_curl
 install_sendmail

.openshift/action_hooks/deploy

@@ -181,6 +181,7 @@ echo "chmod done, permissions set to 777 on poller script."
 # to make Hubzilla on OpenShift a more pleasant experience 
 echo "Changing default configuration to conserve space and autocreate a social private channel upon account registration"
 cd ${OPENSHIFT_REPO_DIR}
+util/config system auto_channel_create
 util/config system default_permissions_role social_private
 util/config system workflow_channel_next channel
 util/config system expire_delivery_reports 3
@@ -196,22 +197,22 @@ echo "Try to add or update Hubzilla addons"
 cd ${OPENSHIFT_REPO_DIR}
 util/add_addon_repo https://github.com/redmatrix/hubzilla-addons.git HubzillaAddons 
 
-# Hubzilla themes
-echo "Try to add or update Hubzilla themes"
+# Hubzilla themes - unofficial repo
+echo "Try to add or update Hubzilla themes - unofficial repo"
 cd ${OPENSHIFT_REPO_DIR}
-util/add_theme_repo https://github.com/DeadSuperHero/hubzilla-themes.git DeadSuperHeroThemes 
+util/add_theme_repo https://github.com/DeadSuperHero/hubzilla-themes.git DeadSuperHeroThemes insecure
 
-# Hubzilla ownMapp
-echo "Try to add or update Hubzilla ownMapp"
+# Hubzilla ownMapp - unofficial repo
+echo "Try to add or update Hubzilla ownMapp - unofficial repo"
 cd ${OPENSHIFT_REPO_DIR}
-util/add_addon_repo https://gitlab.com/zot/ownmapp.git ownMapp
+util/add_addon_repo https://gitlab.com/zot/ownmapp.git ownMapp insecure
 
-# Hubzilla Chess
-echo "Try to add or update Hubzilla chess "
+# Hubzilla Chess - unofficial repo
+echo "Try to add or update Hubzilla chess - unofficial repo"
 cd ${OPENSHIFT_REPO_DIR}
-util/add_addon_repo https://gitlab.com/zot/hubzilla-chess.git Chess
+util/add_addon_repo https://gitlab.com/zot/hubzilla-chess.git Chess insecure
 
-# Hubzilla Hubsites
-echo "Try to add or update Hubzilla Hubsites"
+# Hubzilla Hubsites - unofficial repo
+echo "Try to add or update Hubzilla Hubsites - unofficial repo"
 cd ${OPENSHIFT_REPO_DIR}
-util/add_addon_repo https://gitlab.com/zot/hubsites.git Hubsites
+util/add_addon_repo https://gitlab.com/zot/hubsites.git Hubsites insecure

CHANGELOG

@@ -1,3 +1,245 @@
+Hubzilla 1.10
+	Wiki:
+		Lots of enhanced functionality, usability improvements, and bugfixes from v1.8
+		Turned into an optional feature (default on) but disabled in UNO
+	Sync: 
+		Items are now relocated (links patched) when syncing to clones
+	Access Tokens:
+		New feature - allows members to create access controlled guest logins and create/share 'dropbox' style links to protected resources.
+	UI:
+		Use icons instead of iconic text constructs
+		Only request geolocation permission when creating a post, not on page load
+		provide 'redeliver' option on Delivery Report page for when things really stuff up
+		CalDAV/CardDAV management pages with heaps of functionality 
+	Lib:
+		z_fetch_url() updated to accept different request methods and request bodies
+		item_store(), item_store_update() now return the stored items
+		vcard microformat changes to remain spec compliant
+		microformat meta tags added to post/comments
+		AbConfig API changed to use channel_id rather than channel_hash, which was overly complicated to use
+		SuperCurl class added to provide a framework for re-use of obscure CURL options
+		Allow absolute links to CSS/JS files on CDN
+		Add Let'sEncrypt intermediate cert to lib in case you forget to install it on the server
+		Update fullcalendar and jquery (3.1) libs
+		Update sabre/dav to 3.2.0
+		Change content export from a month/year system to begin/end
+		Use streaming I/O for delivering large photos
+		Allow multiple App description files in a single plugin directory
+		optimise a couple of troublesome/inefficient SQL queries
+		avoid sending clone sync packets to dead sites
+	Resolved Issues:
+		channel home page not providing content to clients with javascript disabled
+		Replace '@' obfuscation with html entity rather than the unicode look-alike
+		xchan_query() failing to detect duplicates, resulting in inefficient queries
+		issues with 'use existing photo' for profile photo
+		layout editor "list all layouts" returned empty
+		oembed - better detect video file URLs so they aren't loaded into memory.
+		handcrafted bbcode tables could end up with way too much whitespace due to CRLF translation 
+		refresh permissions whitescreen in 1.8
+		force immediate profile photo update on local site
+		regression: 'save bookmarks' post action missing
+
+Hubzilla 1.8
+	Administration:
+		Cleanup and resolve some edge cases with addon repository manager
+		Provide sort field and direction on all fields of account and channel administration tables
+		Rename 'user' administration to account administration to reflect its true purpose
+		'safemode' tool to quickly disable and re-enable addons during a hypothetical upgrade crisis
+	Security:
+		Edited comments to private posts could lose their privacy settings under some circumstances
+		Provide zot-finger signatures to prevent a possible but rare exploit involving DNS spoofing and phishing
+	ACL selections:
+		Various improvements to the ACL editor to further simplify the concepts and make it more intuitive
+	Chat:
+		Notifications of chatroom activity using standard browser notification interfaces.
+	Themes:
+		Allow a theme:schema string to represent a valid theme name. This fixes issues with setting schemas on site themes.
+	Pubsites:
+		Show server role (identify UNO or basic sites as opposed to hubzilla pro) and link to statistics
+	Documentation:
+		Clarify privacy rights of commenters w/r/t conversation owners, as this policy is network dependent.
+	Wiki (Git backed):
+		Brand new feature. We'll call it experimental until it has undergone a bit more testing. 
+	Account Cloning:
+		Regression on clone channel creation created a new channel name each time.
+		New issue (fixed) with directory creation on cloned file content
+	Content Rendering:
+		Add inline code (in addition to the existing code blocks) to BBcode
+		Add emoji reactions
+		Add emojis as extended smilies with auto-complete support
+		Emoji added as feature so it can be enabled/disabled and locked
+		Ability to configure the standard reactions available on a site basis
+		Disable 'convenience' ajax autoload on pgdn key, as it could lead to premature memory exhaustion
+	Photos:
+		Change album sort ordering, allow widgets and plugins to define other orderings
+	Apps:
+		Synchronise app list with changes to system apps
+		Preserve existing app categories on app updates/edits
+		Regression: fixed translated system app names
+	Architecture:
+		Provide autoloaded class files and libraries for plugins.
+		Further refactoring of session driver to sort out some cookie anomolies
+		Experimental PDO database driver
+		Creation of Daemon Master class and port all daemon (background task) interfaces to use it
+		Create separate class for each of 'Cron', 'Cron daily', and 'Cron weekly'.
+		Always run a Cron maintenance task if not run in the last four hours 
+		Refactor the template classes
+		Refactor the ConversationItem mess into ThreadItem and ThreadStream
+		Refactor Apps, Enotify, and Chat library code
+		Refactor the various Config libraries (Config, PConfig, XConfig, AConfig, AbConfig, and IConfig)
+		Created WebServer class for top level
+		Remove mcrypt dependencies (deprecated in PHP 7.1)
+		Remove all reserved (including merely 'not recommended') words as DB table column names
+		Provide mutex lock on DB logging to prevent recursion under rare failure modes. 
+	Bugfixes:
+		Remove db_close function on page end - not needed and will not work with persistent DB connections.
+		Undefined ref_session_write
+		Some session functions needed to be static to work with CalDAV/CardDAV
+		CLI interface: argc and argv were reversed
+		HTML entities double encoded in edited titles
+		Prevent delivering to empty recipients
+		Sabre library setting some security headers for SAML after we've emitted HTML content
+		Always initialise miniApp (caused obscure warning message if not set)
+		Block 'sys' channels from being 'random profile' candidates
+		DB update failed email could be sent in the wrong language under rare circumstances
+		Openid remote authentication used incorrect namespace
+		URL attached to profile "things" was not linked, always showing the "thing" manage page
+		New connection wasn't added to default privacy group when "auto-accept" was enabled
+		Regression: iconfig sharing wasn't working properly
+	Plugins:
+		CalDAV/CardDAV plugin provided
+		Issue sending Diaspora 'like' activities from sources that did not propagate the DCV
+		Allow 'superblock' to work across API calls from third party clients
+		statistics.json: use 'zot' as protocol 
+		Issues fixed during testing of ability to follow Diaspora tags
+		Parse issue with Diaspora reshare content
+		Chess: moved to main repo, ported to 1.8
+
+Hubzilla 1.6
+	Cleanup and standardise the interfaces to the "jot" editor
+	Router re-written to support calling class object methods as controllers
+	All existing modules (160+) re-written as object classes
+	Plugin hook interface adapted to call static class methods
+	Context help improved dramatically with content for the most accessed pages.
+	Reverted a compatibility change to support GNU-social events. We copied their feed format and their feed format is wrong (XML namespace collisions).
+	Provide a querystring attribute to CSS/JS resources to avoid caching issues when our code changes (which is often). 
+	Fix javascript detection and allow either positive or negative detection.
+	Refactor the plugin hook registration procedure, provide 'unregister all' ability.
+	Fix RSD (Real Simple Discovery) which has been broken for some time.
+	Update smarty library to 3.1.29
+	Update jquery.textcomplete to 1.3.4
+	Update font-awesome to 4.6.1
+	Update SabreDAV to 3.0 (PHP version requirements prevent us from pushing it further at this time)
+	Help text added to cmdline utilities config and pconfig
+	Reworking of the database logging facility to avoid the rare but troublesome recursion when the log facility needed to query the DB internally to obtain config parameters. 
+	Implement singleton delivery (emulate nomadic identity to singleton networks and services)
+	Fix empty album name in photo activities when photo is stored in top level folder.
+	Allow engineering units to be used in service class data size restrictions (400M, 1G, etc.)
+	Lots of work on bbcode auto-completion
+	Admin interface provided to manage external resource repositories
+ 	Oembed security reworked. Now all sources are filtered by default unless blocked.
+	Remove the date-string version and use only STD_VERSION
+	Add categories and categorisation filtering and the ability to edit all apps (including system apps) for a given channel 
+	Ensure the ability to translate names of all system apps (except those provided in addons)
+	Provide ability to add categories to content from channel sources
+	Lots of work on the presentation of the ACL widget to enhance usability and intuitiveness
+	Allow somebody to follow a channel from a pasted redress containing a Unicode lookalike of the @ sign.
+	Add conditional syntax to Comanche (if/then/else)
+	Convert Comanche to an object class
+	Removed IE6 compatibility code
+	Explicitly close DB on shutdown/exit instead of allowing it to close naturally
+	Allowed delayed publish of webpages
+	Show current repository versions of master and dev on admin page and warn if your installation has fallen behind master
+	Provide some extra security checks to import data and files to prevent mischief
+	Block CalDAV/CardDAV namespace reserved words from being used as a channel nickname/redress since Sabre is somewhat inflexible in this regard
+	Plugins:
+		Diaspora 
+			markdown translator work needed to eradicate the Diaspora Comment Virus.    
+			upgrade all inbound paths with the most recent protocol changes (several of these)
+			convert 'diaspora_meta' (Diaspora Comment Virus) to iconfig and eradicate from sites with Diaspora disabled
+			implement social relay and allow following tags
+			upgrade statistics.json to NodeInfo. Currently hubzilla sites are tagged as 'redmatrix' because the NodeInfo schema lacks extensibility and project names are used to designate protocol compatibility rather than protocol names.
+		Std-embeds
+			New addon to allow a handful of corporate providers to run unfiltered embed code (youtube, vimeo, soundcloud) 
+		Various:
+			upgrade font-awesome icons and adapt a few addons to Objects and the new hook interface and new controller interface
+			
+Hubzilla 1.4
+	[This list may appear brief, but encompasses a huge amount of re-writing and re-factoring
+	of the internal code structure to gain long-term performance and stability and provide a standard
+	interface to alternate protocol federation plugins which were made possible by the UNO configuration.
+	UNO is a configuration of hubzilla introduced in 1.3 with reduced complexity and which provides 
+	improved protocol federation potential to other networks by virtue of removing nomadic identity 
+	(which is not possible to model or work around using other network protocols).]  
+
+	Implement channel move operation for UNO configuration
+	Remove bookmark references in UNO (which has no bookmarks by default)
+	UI cleanup profiles/chat/manage
+	Refactor webfinger probes and salmon backend for GNU-social federation
+	SECURITY: DAV authentication exploit
+	Context help added
+	More help pages
+	Provide 'posts only' feed
+	Refactor App to remove globals
+	Refactor Session to remove globals
+	provide a fullscreen mode for selected modules and functions
+	Regression: some addon routes broken
+	fix "remember me"
+	Autocomplete tool extended to bbcode/comanche
+	Clone sync of file/photo updates
+	system rename (e.g. http to https or DNS name change) missing some connection photos
+	calendar module not blocked to public whhen block_public enabled
+	Use timeago.js in reshare content so that timestamps will be correct on federated reshares
+	Rework detection of JavaScript to avoid reload penalty under normal operation
+	Changed primary directory server to a hubzilla server
+	Plugins:
+		Diaspora - switch to alternate XML parser to avoid storing compound objects	
+		GNU-Social - Huge amounts of work, federation somewhat working now, several issues remain
+		Friendica - Initial federation work (not yet published)
+		
+Hubzilla 1.3
+	Admin Security configuration page created which consolidates several previously hidden settings:
+		Communication white/black lists
+		Channel white/black lists
+		OEmbed white/black lists
+	Admin Profile Fields page created which manages the availability and order of standard profile fields and allows new fields to be created/managed
+	"Poke" module reworked - page UI updated and "poke basic" setting introduced which limits the available poke "verbs".
+	"Mood" module UI reworked
+	"profile_photo" module UI reworked
+	"cover_photo" module UI reworked
+	"new_channel" module UI reworked
+	"register" module UI reworked
+	"pubsites" module UI reworked
+	item-meta ("iconfig") created which implements arbitrary storage for item metadata for plugins
+	abook-meta ("abconfig") created which implements arbitrary storage for connection metadata for plugins
+	"Strict transport security header" made optional as it conflicts with some existing Apache/nginx configurations 
+	"Hubzilla UNO" (Hubzilla with radically simplified and locked site settings) implemented as an install configuration. 
+	.well-known directory conflict worked out to support LetsEncrypt cert ownership checks without disrupting webfinger and other internal uses of .well-known
+	Lots of work on 'zcards' which are self-contained HTML representations of a channel including cover photos, profile photos, and some text information
+	Long standing bug uncovered which failed to properly restrict the lower time limit for public feed requests
+	A number of fixes to "readmore" to fix page jumping
+	Bugfix: persons other than the channel owner who have permission to upload photos to a channel could not do so if the js_upload plugin/addon was enabled
+	Siteinfo incorrectly identifying secondary directory servers
+	Allow admin to set and lock features when UNO is configured 
+	Atom feeds: alter how events are formatted to be compatible with GNU-social
+	Allow guest/visitor access to view personal calendar
+	Moved several more classes to "composer format" and provided an autoloader.
+	Bugfix: require existing password to change password
+	Bugfix: allow relative_date() to be translated to Polish which has more than two plural forms. 
+	Plugin API: add "requires" keyword to module header to indicate dependent addons
+	ActivityStreams improvements and cleanup: photo and file activities
+	UI cleanup for editing profile when multiple profiles enabled
+	Removed the "markdown" feature as there are numerous issues and no maintainer.
+	Provide "footer" bbcode to ease theming of post footer content
+	Bugfix: install issues caused by composer code refactor and typo in postgres load file 
+	Plugins:
+		keepout - "block public on steroids"
+		pubsubhubbub - provides PuSH support to Atom feeds, required for GNU-social federation
+		GNUsocial protocol - under development
+		Diaspora protocol - some work to ease migration to the new signing format
+		Diaspost - disabled; numerous issues and no maintainer
+		smileybutton - theme work and fixed compatibility with other jot-tools plugins
+		
 
 Hubzilla 1.2
 	Provide extra HTTP security headers (several of them).

LICENSE

@@ -1,4 +1,4 @@
-Copyright (c) 2010-2016 Hubzilla
+Copyright (c) 2010-2016 the Hubzilla Community
 All rights reserved.
 
 Permission is hereby granted, free of charge, to any person obtaining a copy

README.md

@@ -3,26 +3,29 @@
 Hubzilla - Community Server
 ===========================
 
-Help us redefine the web - using integrated and united community websites. 
---------------------------------------------------------------------------
+Groupware re-imagined and re-invented. 
+--------------------------------------
+
+Connect and link decentralised web communities. 
+-----------------------------------------------
 
 <p align="center" markdown="1">
 <em><a href="https://github.com/redmatrix/hubzilla/blob/master/install/INSTALL.txt">Installing Hubzilla</a></em> 
 </p>
 
-**What are Hubs?**
+**What are Hubz?**
 
-Hubs are independent general-purpose websites that not only connect with their associated members and viewers, but also connect together to exchange personal communications and other information with each other.  
+Hubz are independent general-purpose websites that not only connect with their associated members and viewers, but also connect together to exchange personal communications and other information with each other.  
 This allows hub members on any hub to securely and privately share anything; with anybody, on any hub - anywhere; or share stuff publicly with anybody on the internet if desired. 
 
-**Hubzilla** is the server software which makes this possible. It is a sophisticated and unique combination of an open source content management system and a decentralised identity, communications, and permissions framework and protocol suite, built using common webserver technology (PHP/MySQL/Apache, although Mariadb or Postgres and Nginx could also be used - we're pretty easy). The end result is a level of systems integration, privacy control, and communications features that you wouldn't think are possible in either a content management system or a decentralised communications network. It also brings a new level of cooperation and privacy to the web and introduces the concept of personally owned "single sign-on" to web services across the entire internet. 
+**Hubzilla** is the server software which makes this possible. It is a sophisticated and unique combination of an open source content management system and a decentralised identity, communications, and permissions framework and protocol suite, built using common webserver technology (PHP/MySQL/Apache and popular variants). The end result is a level of systems integration, privacy control, and communications features that you wouldn't think are possible in either a content management system or a decentralised communications network. It also brings a new level of cooperation and privacy to the web and introduces the concept of personally owned "single sign-on" to web services across the entire internet. 
 
-Hubzilla hubs are
+Hubzilla hubz are
 
 * decentralised
 * inherently social
-* optionally inter-networked with other hubs
-* privacy-enabled (privacy exclusions work across the entire internet to any registered identity on any compatible hubs)
+* optionally inter-networked with other hubz
+* privacy-enabled (privacy exclusions work across the entire internet to any registered identity on any compatible hubz)
 
 Possible website applications include
 
@@ -44,4 +47,16 @@ Possible website applications include
 <em><a href="https://github.com/redmatrix/hubzilla/blob/master/install/INSTALL.txt">Installing Hubzilla</a></em> 
 </p>
 
+**Who Are We and What Are Our Principles?**
+
+The Hubzilla community is powered by passionate volunteers creating an open source **commons** of decentralised services which are highly integrated and can rival the feature set of centralised providers. We are open to sponsorship and donations to cover expenses and compensate for our time and energy, however the project core is basically non-profit and is not designed for the purpose of commercial gain or exploitation. 
+
+Some sites may include monetisation strategies such as subscriptions and *freemium* models where members pay for resources they consume beyond a basic level. The project community supports such monetisation initiatives (nobody should be forced to pay "out of pocket" to provide a service to others), but we maintain the **commons** to provide open and free access of the software to all. 
+
+The software is not designed for data collection of its members or providing advertising. We don't have a need or desire for these things and feel that software built around these goals is poorly designed and represents compromised principles and ethics. 
+
+As a project, we are inclusive of all beliefs and cultures and do what we are able to provide an environment that is free from hostility and harrassment. Whether or not we succeed in this endaevour requires constant vigilance and help from all members of the community, working together to build an inter-networking tool with amazing potential. 
+
+
+
 [![Build Status](https://travis-ci.org/redmatrix/hubzilla.svg)](https://travis-ci.org/redmatrix/hubzilla)

Zotlabs/Daemon/Checksites.php

@@ -0,0 +1,55 @@
+<?php /** @file */
+
+namespace Zotlabs\Daemon;
+
+require_once('include/zot.php');
+require_once('include/hubloc.php');
+
+
+class Checksites {
+
+	static public function run($argc,$argv) {
+
+		logger('checksites: start');
+	
+		if(($argc > 1) && ($argv[1]))
+			$site_id = $argv[1];
+
+		if($site_id)
+			$sql_options = " and site_url = '" . dbesc($argv[1]) . "' ";
+
+		$days = intval(get_config('system','sitecheckdays'));
+		if($days < 1)
+			$days = 30;
+
+		$r = q("select * from site where site_dead = 0 and site_update < %s - INTERVAL %s and site_type = %d $sql_options ",
+			db_utcnow(), db_quoteinterval($days . ' DAY'),
+			intval(SITE_TYPE_ZOT)
+		);
+
+		if(! $r)
+			return;
+
+		foreach($r as $rr) {
+			if(! strcasecmp($rr['site_url'],z_root()))
+				continue;
+
+			$x = ping_site($rr['site_url']);
+			if($x['success']) {
+				logger('checksites: ' . $rr['site_url']);
+				q("update site set site_update = '%s' where site_url = '%s' ",
+					dbesc(datetime_convert()),
+					dbesc($rr['site_url'])
+				);
+			}
+			else {
+				logger('marking dead site: ' . $x['message']);
+				q("update site set site_dead = 1 where site_url = '%s' ",
+					dbesc($rr['site_url'])
+				);
+			}
+		}
+
+		return;
+	}
+}

Zotlabs/Daemon/Cli_suggest.php

@@ -0,0 +1,14 @@
+<?php /** @file */
+
+namespace Zotlabs\Daemon;
+
+require_once('include/socgraph.php');
+
+class Cli_suggest {
+
+	static public function run($argc,$argv) {
+
+		update_suggestions();
+
+	}
+}

Zotlabs/Daemon/Cron.php

@@ -0,0 +1,201 @@
+<?php /** @file */
+
+namespace Zotlabs\Daemon;
+
+class Cron {
+
+	static public function run($argc,$argv) {
+
+		$maxsysload = intval(get_config('system','maxloadavg'));
+		if($maxsysload < 1)
+			$maxsysload = 50;
+		if(function_exists('sys_getloadavg')) {
+			$load = sys_getloadavg();
+			if(intval($load[0]) > $maxsysload) {
+				logger('system: load ' . $load . ' too high. Cron deferred to next scheduled run.');
+				return;
+			}
+		}
+
+		// Check for a lockfile.  If it exists, but is over an hour old, it's stale.  Ignore it.
+		$lockfile = 'store/[data]/cron';
+		if((file_exists($lockfile)) && (filemtime($lockfile) > (time() - 3600)) 
+			&& (! get_config('system','override_cron_lockfile'))) {
+			logger("cron: Already running");
+			return;
+		}
+	
+		// Create a lockfile.  Needs two vars, but $x doesn't need to contain anything.
+		file_put_contents($lockfile, $x);
+
+		logger('cron: start');
+	
+		// run queue delivery process in the background
+
+		Master::Summon(array('Queue'));
+
+		Master::Summon(array('Poller'));
+
+		// maintenance for mod sharedwithme - check for updated items and remove them
+
+		require_once('include/sharedwithme.php');
+		apply_updates();
+	
+		// expire any expired mail
+
+		q("delete from mail where expires != '%s' and expires < %s ",
+			dbesc(NULL_DATE),
+			db_utcnow()
+		);
+
+		// expire any expired items
+
+		$r = q("select id from item where expires != '%s' and expires < %s 
+			and item_deleted = 0 ",
+			dbesc(NULL_DATE),
+			db_utcnow()
+		);
+		if($r) {
+			require_once('include/items.php');
+			foreach($r as $rr)
+				drop_item($rr['id'],false);
+		}
+
+
+		// delete expired access tokens
+
+		q("delete from atoken where atoken_expires != '%s' && atoken_expires < %s",
+			dbesc(NULL_DATE),
+			db_utcnow()
+		);
+
+
+
+		// Ensure that every channel pings a directory server once a month. This way we can discover
+		// channels and sites that quietly vanished and prevent the directory from accumulating stale
+		// or dead entries.
+
+		$r = q("select channel_id from channel where channel_dirdate < %s - INTERVAL %s",
+			db_utcnow(), 
+			db_quoteinterval('30 DAY')
+		);
+		if($r) {
+			foreach($r as $rr) {
+				Master::Summon(array('Directory',$rr['channel_id'],'force'));
+				if($interval)
+					@time_sleep_until(microtime(true) + (float) $interval);
+			}
+		}
+
+		// publish any applicable items that were set to be published in the future
+		// (time travel posts). Restrict to items that have come of age in the last
+		// couple of days to limit the query to something reasonable. 
+
+		$r = q("select id from item where item_delayed = 1 and created <= %s  and created > '%s' ",
+			db_utcnow(),
+			dbesc(datetime_convert('UTC','UTC','now - 2 days'))
+		);
+		if($r) {
+			foreach($r as $rr) {
+				$x = q("update item set item_delayed = 0 where id = %d",
+					intval($rr['id'])
+				);
+				if($x) {
+					$z = q("select * from item where id = %d",
+						intval($message_id)
+					);
+					if($z) {
+						xchan_query($z);
+						$sync_item = fetch_post_tags($z);
+						build_sync_packet($sync_item[0]['uid'],
+							[ 
+								'item' => [ encode_item($sync_item[0],true) ]
+							]
+						);
+					}
+					Master::Summon(array('Notifier','wall-new',$rr['id']));
+				}
+			}
+		}
+
+		$abandon_days = intval(get_config('system','account_abandon_days'));
+		if($abandon_days < 1)
+			$abandon_days = 0;
+
+	
+		// once daily run birthday_updates and then expire in background
+
+		// FIXME: add birthday updates, both locally and for xprof for use
+		// by directory servers
+
+		$d1 = intval(get_config('system','last_expire_day'));
+		$d2 = intval(datetime_convert('UTC','UTC','now','d'));
+
+		// Allow somebody to staggger daily activities if they have more than one site on their server,
+		// or if it happens at an inconvenient (busy) hour.
+
+		$h1 = intval(get_config('system','cron_hour'));
+		$h2 = intval(datetime_convert('UTC','UTC','now','G'));
+
+
+		if(($d2 != $d1) && ($h1 == $h2)) {
+			Master::Summon(array('Cron_daily'));
+		}
+
+		// update any photos which didn't get imported properly
+		// This should be rare
+
+		$r = q("select xchan_photo_l, xchan_hash from xchan where xchan_photo_l != '' and xchan_photo_m = '' 
+			and xchan_photo_date < %s - INTERVAL %s",
+			db_utcnow(), 
+			db_quoteinterval('1 DAY')
+		);
+		if($r) {
+			require_once('include/photo/photo_driver.php');
+			foreach($r as $rr) {
+				$photos = import_xchan_photo($rr['xchan_photo_l'],$rr['xchan_hash']);
+				$x = q("update xchan set xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s'
+					where xchan_hash = '%s'",
+					dbesc($photos[0]),
+					dbesc($photos[1]),
+					dbesc($photos[2]),
+					dbesc($photos[3]),
+					dbesc($rr['xchan_hash'])
+				);
+			}
+		}
+
+
+		// pull in some public posts
+
+		if(! get_config('system','disable_discover_tab'))
+			Master::Summon(array('Externals'));
+
+		$generation = 0;
+
+		$restart    = false;
+
+		if(($argc > 1) && ($argv[1] == 'restart')) {
+			$restart = true;
+			$generation = intval($argv[2]);
+			if(! $generation)
+				killme();		
+		}
+
+		reload_plugins();
+
+		$d = datetime_convert();
+
+		// TODO check to see if there are any cronhooks before wasting a process
+
+		if(! $restart)
+			Master::Summon(array('Cronhooks'));
+
+		set_config('system','lastcron',datetime_convert());
+
+		//All done - clear the lockfile	
+		@unlink($lockfile);
+
+		return;
+	}
+}

Zotlabs/Daemon/Cron_daily.php

@@ -0,0 +1,90 @@
+<?php /** @file */
+
+namespace Zotlabs\Daemon;
+
+class Cron_daily {
+
+	static public function run($argc,$argv) {
+
+		logger('cron_daily: start');
+
+		/**
+		 * Cron Daily
+		 *
+		 */
+
+
+		require_once('include/dir_fns.php');
+		check_upstream_directory();
+
+
+		// Fire off the Cron_weekly process if it's the correct day.
+ 
+		$d3 = intval(datetime_convert('UTC','UTC','now','N'));
+		if($d3 == 7) {
+			Master::Summon(array('Cron_weekly'));
+		}
+
+		// once daily run birthday_updates and then expire in background
+
+		// FIXME: add birthday updates, both locally and for xprof for use
+		// by directory servers
+
+		update_birthdays();
+
+		// expire any read notifications over a month old
+
+		q("delete from notify where seen = 1 and created < %s - INTERVAL %s",
+			db_utcnow(), db_quoteinterval('30 DAY')
+		);
+
+		//update statistics in config
+		require_once('include/statistics_fns.php');
+		update_channels_total_stat();
+		update_channels_active_halfyear_stat();
+		update_channels_active_monthly_stat();
+		update_local_posts_stat();
+
+
+		// expire old delivery reports
+
+		$keep_reports = intval(get_config('system','expire_delivery_reports'));
+		if($keep_reports === 0)
+			$keep_reports = 10;
+
+		q("delete from dreport where dreport_time < %s - INTERVAL %s",
+			db_utcnow(),
+			db_quoteinterval($keep_reports . ' DAY')
+		);
+
+		// expire any expired accounts
+		downgrade_accounts();
+
+		// If this is a directory server, request a sync with an upstream
+		// directory at least once a day, up to once every poll interval. 
+		// Pull remote changes and push local changes.
+		// potential issue: how do we keep from creating an endless update loop? 
+
+		$dirmode = get_config('system','directory_mode');
+
+		if($dirmode == DIRECTORY_MODE_SECONDARY || $dirmode == DIRECTORY_MODE_PRIMARY) {
+			require_once('include/dir_fns.php');
+			sync_directories($dirmode);
+		}
+
+
+		Master::Summon(array('Expire'));
+		Master::Summon(array('Cli_suggest'));
+
+		require_once('include/hubloc.php');
+		remove_obsolete_hublocs();
+
+		call_hooks('cron_daily',datetime_convert());
+
+		set_config('system','last_expire_day',$d2);
+
+		/**
+		 * End Cron Daily
+		 */
+	}
+}

Zotlabs/Daemon/Cron_weekly.php

@@ -0,0 +1,48 @@
+<?php
+
+namespace Zotlabs\Daemon;
+
+class Cron_weekly {
+
+	static public function run($argc,$argv) {		
+
+		/**
+		 * Cron Weekly
+		 * 
+		 * Actions in the following block are executed once per day only on Sunday (once per week).
+		 *
+		 */
+
+		call_hooks('cron_weekly',datetime_convert());
+
+		z_check_cert();
+
+		require_once('include/hubloc.php');
+		prune_hub_reinstalls();
+	
+		mark_orphan_hubsxchans();
+
+
+		// get rid of really old poco records
+
+		q("delete from xlink where xlink_updated < %s - INTERVAL %s and xlink_static = 0 ",
+			db_utcnow(), db_quoteinterval('14 DAY')
+		);
+
+		$dirmode = intval(get_config('system','directory_mode'));
+		if($dirmode === DIRECTORY_MODE_SECONDARY || $dirmode === DIRECTORY_MODE_PRIMARY) {
+			logger('regdir: ' . print_r(z_fetch_url(get_directory_primary() . '/regdir?f=&url=' . urlencode(z_root()) . '&realm=' . urlencode(get_directory_realm())),true));
+		}
+
+		// Check for dead sites
+		Master::Summon(array('Checksites'));
+			
+		// update searchable doc indexes
+		Master::Summon(array('Importdoc'));
+
+		/**
+		 * End Cron Weekly
+		 */
+
+	}
+}

Zotlabs/Daemon/Cronhooks.php

@@ -0,0 +1,17 @@
+<?php /** @file */
+
+namespace Zotlabs\Daemon;
+
+class Cronhooks {
+
+	static public function run($argc,$argv){
+
+		logger('cronhooks: start');
+	
+		$d = datetime_convert();
+
+		call_hooks('cron', $d);
+
+		return;
+	}
+}

Zotlabs/Daemon/CurlAuth.php

@@ -0,0 +1,55 @@
+<?php
+
+namespace Zotlabs\Daemon;
+
+// generate a curl compatible cookie file with an authenticated session for the given channel_id. 
+// If this file is then used with curl and the destination url is sent through zid() or manually 
+// manipulated to add a zid, it should allow curl to provide zot magic-auth across domains.
+
+// Handles expiration of stale cookies currently by deleting them and rewriting the file.  
+
+class CurlAuth {
+
+	static public function run($argc,$argv) {
+
+		if($argc != 2)
+			killme();
+
+		\App::$session->start();
+
+		$_SESSION['authenticated'] = 1;
+		$_SESSION['uid'] = $argv[1];
+
+		$x = session_id();
+
+		$f = 'store/[data]/cookie_' . $argv[1];
+		$c = 'store/[data]/cookien_' . $argv[1];
+
+		$e = file_exists($f);
+
+		$output = '';
+
+		if($e) {
+			$lines = file($f);
+			if($lines) {
+				foreach($lines as $line) {
+					if(strlen($line) > 0 && $line[0] != '#' && substr_count($line, "\t") == 6) {
+						$tokens = explode("\t", $line);
+						$tokens = array_map('trim', $tokens);
+						if($tokens[4] > time()) {
+							$output .= $line . "\n";
+						}
+					}
+					else
+						$output .= $line;
+				}
+			}
+		}
+		$t = time() + (24 * 3600);
+		file_put_contents($f, $output . 'HttpOnly_' . \App::get_hostname() . "\tFALSE\t/\tTRUE\t$t\tPHPSESSID\t" . $x, (($e) ? FILE_APPEND : 0));
+
+		file_put_contents($c,$x);
+
+		killme();
+	}
+}

Zotlabs/Daemon/Deliver.php

@@ -0,0 +1,85 @@
+<?php /** @file */
+
+namespace Zotlabs\Daemon;
+
+require_once('include/zot.php');
+require_once('include/queue_fn.php');
+
+
+class Deliver {
+	
+	static public function run($argc,$argv) {
+
+		if($argc < 2)
+			return;
+
+		logger('deliver: invoked: ' . print_r($argv,true), LOGGER_DATA);
+
+		for($x = 1; $x < $argc; $x ++) {
+
+			if(! $argv[$x])
+				continue;
+
+			$dresult = null;
+			$r = q("select * from outq where outq_hash = '%s' limit 1",
+				dbesc($argv[$x])
+			);
+			if($r) {
+
+				$notify = json_decode($r[0]['outq_notify'],true);
+
+				// Messages without an outq_msg will need to go via the web, even if it's a
+				// local delivery. This includes conversation requests and refresh packets.
+
+				if(($r[0]['outq_posturl'] === z_root() . '/post') && ($r[0]['outq_msg'])) {
+					logger('deliver: local delivery', LOGGER_DEBUG);
+
+					// local delivery
+					// we should probably batch these and save a few delivery processes
+
+					if($r[0]['outq_msg']) {
+						$m = json_decode($r[0]['outq_msg'],true);
+						if(array_key_exists('message_list',$m)) {
+							foreach($m['message_list'] as $mm) {
+								$msg = array('body' => json_encode(array('success' => true, 'pickup' => array(array('notify' => $notify,'message' => $mm)))));
+								zot_import($msg,z_root());
+							}
+						}	
+						else {	
+							$msg = array('body' => json_encode(array('success' => true, 'pickup' => array(array('notify' => $notify,'message' => $m)))));
+							$dresult = zot_import($msg,z_root());
+						}
+
+						remove_queue_item($r[0]['outq_hash']);
+
+						if($dresult && is_array($dresult)) {
+							foreach($dresult as $xx) {
+								if(is_array($xx) && array_key_exists('message_id',$xx)) {
+									if(delivery_report_is_storable($xx)) {
+										q("insert into dreport ( dreport_mid, dreport_site, dreport_recip, dreport_result, dreport_time, dreport_xchan ) values ( '%s', '%s','%s','%s','%s','%s' ) ",
+											dbesc($xx['message_id']),
+											dbesc($xx['location']),
+											dbesc($xx['recipient']),
+											dbesc($xx['status']),
+											dbesc(datetime_convert($xx['date'])),
+											dbesc($xx['sender'])
+										);
+									}
+								}
+							}
+						}
+
+						q("delete from dreport where dreport_queue = '%s'",
+							dbesc($argv[$x])
+						);
+					}
+				}
+
+				// otherwise it's a remote delivery - call queue_deliver() with the $immediate flag
+
+				queue_deliver($r[0],true);
+
+			}
+		}
+	}
+}

Zotlabs/Daemon/Deliver_hooks.php

@@ -0,0 +1,24 @@
+<?php
+
+namespace Zotlabs\Daemon;
+
+require_once('include/zot.php');
+
+class Deliver_hooks {
+
+	static public function run($argc,$argv) {
+
+		if($argc < 2)
+			return;
+
+
+		$r = q("select * from item where id = '%d'",
+			intval($argv[1])
+		);
+		if($r)
+			call_hooks('notifier_normal',$r[0]);
+
+	}
+}
+
+

Zotlabs/Daemon/Directory.php

@@ -0,0 +1,100 @@
+<?php
+
+namespace Zotlabs\Daemon;
+
+require_once('include/zot.php');
+require_once('include/dir_fns.php');
+require_once('include/queue_fn.php');
+
+
+class Directory {
+
+	static public function run($argc,$argv){
+
+		if($argc < 2)
+			return;
+
+		$force = false;
+		$pushall = true;
+
+		if($argc > 2) {
+			if($argv[2] === 'force')
+				$force = true;
+			if($argv[2] === 'nopush')
+				$pushall = false;
+		}	
+
+		logger('directory update', LOGGER_DEBUG);
+
+		$dirmode = get_config('system','directory_mode');
+		if($dirmode === false)
+			$dirmode = DIRECTORY_MODE_NORMAL;
+
+		$x = q("select * from channel where channel_id = %d limit 1",
+			intval($argv[1])
+		);
+		if(! $x)
+			return;
+
+		$channel = $x[0];
+
+		if($dirmode != DIRECTORY_MODE_NORMAL) {
+
+			// this is an in-memory update and we don't need to send a network packet.
+
+			local_dir_update($argv[1],$force);
+
+			q("update channel set channel_dirdate = '%s' where channel_id = %d",
+				dbesc(datetime_convert()),
+				intval($channel['channel_id'])
+			);
+
+			// Now update all the connections
+			if($pushall) 
+				Master::Summon(array('Notifier','refresh_all',$channel['channel_id']));
+
+			return;
+		}
+
+		// otherwise send the changes upstream
+
+		$directory = find_upstream_directory($dirmode);
+		$url = $directory['url'] . '/post';
+
+		// ensure the upstream directory is updated
+
+		$packet = zot_build_packet($channel,(($force) ? 'force_refresh' : 'refresh'));
+		$z = zot_zot($url,$packet);
+
+		// re-queue if unsuccessful
+
+		if(! $z['success']) {
+
+			/** @FIXME we aren't updating channel_dirdate if we have to queue
+			 * the directory packet. That means we'll try again on the next poll run.
+			 */
+
+			$hash = random_string();
+
+			queue_insert(array(
+				'hash'       => $hash,
+				'account_id' => $channel['channel_account_id'],
+				'channel_id' => $channel['channel_id'],
+				'posturl'    => $url,
+				'notify'     => $packet,
+			));
+
+		}
+		else {
+			q("update channel set channel_dirdate = '%s' where channel_id = %d",
+				dbesc(datetime_convert()),
+				intval($channel['channel_id'])
+			);
+		}
+
+		// Now update all the connections
+		if($pushall)
+			Master::Summon(array('Notifier','refresh_all',$channel['channel_id']));
+
+	}
+}

Zotlabs/Daemon/Expire.php

@@ -0,0 +1,93 @@
+<?php
+
+namespace Zotlabs\Daemon;
+
+
+class Expire {
+
+	static public function run($argc,$argv){
+
+		cli_startup();
+
+		// perform final cleanup on previously delete items
+
+		$r = q("select id from item where item_deleted = 1 and item_pending_remove = 0 and changed < %s - INTERVAL %s",
+			db_utcnow(), db_quoteinterval('10 DAY')
+		);
+		if ($r) {
+			foreach ($r as $rr) {
+				drop_item($rr['id'], false, DROPITEM_PHASE2);
+			}
+		}
+
+		// physically remove anything that has been deleted for more than two months
+		/** @FIXME - this is a wretchedly inefficient query */
+
+		$r = q("delete from item where item_pending_remove = 1 and changed < %s - INTERVAL %s",
+			db_utcnow(), db_quoteinterval('36 DAY')
+		);
+
+		/** @FIXME make this optional as it could have a performance impact on large sites */
+
+		if (intval(get_config('system', 'optimize_items')))
+			q("optimize table item");
+
+		logger('expire: start', LOGGER_DEBUG);
+
+		$site_expire = get_config('system', 'default_expire_days');
+
+		logger('site_expire: ' . $site_expire);
+
+		$r = q("SELECT channel_id, channel_system, channel_address, channel_expire_days from channel where true");
+
+		if ($r) {
+			foreach ($r as $rr) {
+
+				// expire the sys channel separately
+				if (intval($rr['channel_system']))
+					continue;
+
+				// service class default (if non-zero) over-rides the site default
+
+				$service_class_expire = service_class_fetch($rr['channel_id'], 'expire_days');
+				if (intval($service_class_expire))
+					$channel_expire = $service_class_expire;
+				else
+					$channel_expire = $site_expire;
+	
+				if (intval($channel_expire) && (intval($channel_expire) < intval($rr['channel_expire_days'])) ||
+					intval($rr['channel_expire_days'] == 0)) {
+					$expire_days = $channel_expire;
+				} else {
+					$expire_days = $rr['channel_expire_days'];
+				}
+
+				// if the site or service class expiration is non-zero and less than person expiration, use that
+				logger('Expire: ' . $rr['channel_address'] . ' interval: ' . $expire_days, LOGGER_DEBUG);
+				item_expire($rr['channel_id'], $expire_days);
+			}
+		}
+
+		$x = get_sys_channel();
+		if ($x) {
+
+			// this should probably just fetch the channel_expire_days from the sys channel,
+			// but there's no convenient way to set it.
+
+			$expire_days = get_config('system', 'sys_expire_days');
+			if ($expire_days === false)
+				$expire_days = 30;
+
+			if (intval($site_expire) && (intval($site_expire) < intval($expire_days))) {
+				$expire_days = $site_expire;
+			}
+
+			logger('Expire: sys interval: ' . $expire_days, LOGGER_DEBUG);
+	
+			if ($expire_days)
+				item_expire($x['channel_id'], $expire_days);
+
+			logger('Expire: sys: done', LOGGER_DEBUG);
+		}
+	}
+}

Zotlabs/Daemon/Externals.php

@@ -0,0 +1,98 @@
+<?php /** @file */
+
+namespace Zotlabs\Daemon;
+
+require_once('include/zot.php');
+require_once('include/channel.php');
+
+
+class Externals {
+
+	static public function run($argc,$argv){
+
+		$total = 0;
+		$attempts = 0;
+
+		logger('externals: startup', LOGGER_DEBUG);
+
+		// pull in some public posts
+
+
+		while($total == 0 && $attempts < 3) {
+			$arr = array('url' => '');
+			call_hooks('externals_url_select',$arr);
+
+			if($arr['url']) {
+				$url = $arr['url'];
+			} 
+			else {
+				$randfunc = db_getfunc('RAND');
+
+				// fixme this query does not deal with directory realms. 
+
+				$r = q("select site_url, site_pull from site where site_url != '%s' and site_flags != %d and site_type = %d and site_dead = 0 order by $randfunc limit 1",
+					dbesc(z_root()),
+					intval(DIRECTORY_MODE_STANDALONE),
+					intval(SITE_TYPE_ZOT)
+				);
+				if($r)
+					$url = $r[0]['site_url'];
+			}
+
+			$blacklisted = false;
+
+			if(! check_siteallowed($url)) {
+				logger('blacklisted site: ' . $url);
+				$blacklisted = true;
+			}
+
+			$attempts ++;
+
+			// make sure we can eventually break out if somebody blacklists all known sites
+
+			if($blacklisted) {
+				if($attempts > 20)
+					break;
+				$attempts --;
+				continue;
+			}
+
+			if($url) {
+				if($r[0]['site_pull'] !== NULL_DATE)
+					$mindate = urlencode(datetime_convert('','',$r[0]['site_pull'] . ' - 1 day'));
+				else {
+					$days = get_config('externals','since_days');
+					if($days === false)
+						$days = 15;
+					$mindate = urlencode(datetime_convert('','','now - ' . intval($days) . ' days'));
+				}
+
+				$feedurl = $url . '/zotfeed?f=&mindate=' . $mindate;
+
+				logger('externals: pulling public content from ' . $feedurl, LOGGER_DEBUG);
+
+				$x = z_fetch_url($feedurl);
+				if(($x) && ($x['success'])) {
+
+					q("update site set site_pull = '%s' where site_url = '%s'",
+						dbesc(datetime_convert()),
+						dbesc($url)
+					);
+
+					$j = json_decode($x['body'],true);
+					if($j['success'] && $j['messages']) {
+						$sys = get_sys_channel();
+						foreach($j['messages'] as $message) {
+							// on these posts, clear any route info. 
+							$message['route'] = '';
+							$results = process_delivery(array('hash' => 'undefined'), get_item_elements($message),
+								array(array('hash' => $sys['xchan_hash'])), false, true);
+							$total ++;
+						}
+						logger('externals: import_public_posts: ' . $total . ' messages imported', LOGGER_DEBUG);
+					}
+				}
+			}
+		}
+	}
+}

Zotlabs/Daemon/Gprobe.php

@@ -0,0 +1,33 @@
+<?php /** @file */
+
+namespace Zotlabs\Daemon;
+
+require_once('include/zot.php');
+
+// performs zot_finger on $argv[1], which is a hex_encoded webbie/reddress
+
+class Gprobe {
+	static public function run($argc,$argv) {
+
+		if($argc != 2)
+			return;
+
+		$url = hex2bin($argv[1]);
+
+		if(! strpos($url,'@'))
+			return;
+
+		$r = q("select * from xchan where xchan_addr = '%s' limit 1",
+			dbesc($url)
+		);
+
+		if(! $r) {
+			$j = \Zotlabs\Zot\Finger::run($url,null);
+			if($j['success']) {
+				$y = import_xchan($j);
+			}
+		}
+
+		return;
+	}
+}

Zotlabs/Daemon/Importdoc.php

@@ -0,0 +1,35 @@
+<?php
+
+namespace Zotlabs\Daemon;
+
+
+class Importdoc {
+
+	static public function run($argc,$argv) {
+
+		require_once('include/help.php');
+
+		self::update_docs_dir('doc/*');
+
+	}
+
+	static public function update_docs_dir($s) {
+		$f = basename($s);
+		$d = dirname($s);
+		if($s === 'doc/html')
+			return;
+		$files = glob("$d/$f");
+		if($files) {
+			foreach($files as $fi) {
+				if($fi === 'doc/html')
+					continue;
+				if(is_dir($fi))
+					self::update_docs_dir("$fi/*");
+				else
+					store_doc_file($fi);
+			}
+		}
+	}
+}
+
+

Zotlabs/Daemon/Master.php

@@ -0,0 +1,31 @@
+<?php
+
+namespace Zotlabs\Daemon;
+
+if(array_search( __file__ , get_included_files()) === 0) {
+
+	require_once('include/cli_startup.php');
+	array_shift($argv);
+	$argc = count($argv);
+
+	if($argc)
+		Master::Release($argc,$argv);
+	killme();
+}
+
+
+
+class Master {
+
+	static public function Summon($arr) {
+		proc_run('php','Zotlabs/Daemon/Master.php',$arr);
+	}
+
+	static public function Release($argc,$argv) {
+		cli_startup();
+		logger('Master: release: ' . print_r($argv,true), LOGGER_ALL,LOG_DEBUG);
+		require_once('Zotlabs/Daemon/' . $argv[0] . '.php');
+		$cls = '\\Zotlabs\\Daemon\\' . $argv[0];
+		$cls::run($argc,$argv);
+	}	
+}

Zotlabs/Daemon/Notifier.php

@@ -0,0 +1,663 @@
+<?php /** @file */
+
+namespace Zotlabs\Daemon;
+
+require_once('include/queue_fn.php');
+require_once('include/html2plain.php');
+
+/*
+ * This file was at one time responsible for doing all deliveries, but this caused
+ * big problems on shared hosting systems, where the process might get killed by the 
+ * hosting provider and nothing would get delivered. 
+ * It now only delivers one message under certain cases, and invokes a queued
+ * delivery mechanism (include/deliver.php) to deliver individual contacts at 
+ * controlled intervals.
+ * This has a much better chance of surviving random processes getting killed
+ * by the hosting provider. 
+ *
+ * The basic flow is:
+ *   Identify the type of message
+ *   Collect any information that needs to be sent
+ *   Convert it into a suitable generic format for sending
+ *   Figure out who the recipients are and if we need to relay 
+ *       through a conversation owner
+ *   Once we know what recipients are involved, collect a list of 
+ *       destination sites
+ *   Build and store a queue item for each unique site and invoke
+ *       a delivery process for each site or a small number of sites (1-3)
+ *       and add a slight delay between each delivery invocation if desired (usually)
+ *   
+ */
+
+/*
+ * The notifier is typically called with:
+ *
+ *		Zotlabs\Daemon\Master::Summon(array('Notifier', COMMAND, ITEM_ID));
+ *
+ * where COMMAND is one of the following:
+ *
+ *		activity				(in diaspora.php, dfrn_confirm.php, profiles.php)
+ *		comment-import			(in diaspora.php, items.php)
+ *		comment-new				(in item.php)
+ *		drop					(in diaspora.php, items.php, photos.php)
+ *		edit_post				(in item.php)
+ *		event					(in events.php)
+ *		expire					(in items.php)
+ *		like					(in like.php, poke.php)
+ *		mail					(in message.php)
+ *		tag						(in photos.php, poke.php, tagger.php)
+ *		tgroup					(in items.php)
+ *		wall-new				(in photos.php, item.php)
+ *
+ * and ITEM_ID is the id of the item in the database that needs to be sent to others.
+ *
+ * ZOT 
+ *       permission_create      abook_id
+ *       permission_update      abook_id
+ *       refresh_all            channel_id
+ *       purge_all              channel_id
+ *       expire                 channel_id
+ *       relay					item_id (item was relayed to owner, we will deliver it as owner)
+ *       single_activity        item_id (deliver to a singleton network from the appropriate clone)
+ *       single_mail            mail_id (deliver to a singleton network from the appropriate clone)
+ *       location               channel_id
+ *       request                channel_id            xchan_hash             message_id
+ *       rating                 xlink_id
+ *
+ */
+
+
+require_once('include/zot.php');
+require_once('include/queue_fn.php');
+require_once('include/datetime.php');
+require_once('include/items.php');
+require_once('include/bbcode.php');
+require_once('include/channel.php');
+
+
+class Notifier {
+
+	static public function run($argc,$argv){
+
+		if($argc < 3)
+			return;
+
+		logger('notifier: invoked: ' . print_r($argv,true), LOGGER_DEBUG);
+
+		$cmd = $argv[1];
+
+		$item_id = $argv[2];
+
+		$extra = (($argc > 3) ? $argv[3] : null);
+
+		if(! $item_id)
+			return;
+
+		$sys = get_sys_channel();
+
+		$deliveries = array();
+
+		$dead_hubs = array();
+
+		$dh = q("select site_url from site where site_dead = 1");
+		if($dh) {
+			foreach($dh as $dead) {
+				$dead_hubs[] = $dead['site_url'];
+			}
+		}
+
+
+		$request = false;
+		$mail = false;
+		$top_level = false;
+		$location  = false;
+		$recipients = array();
+		$url_recipients = array();
+		$normal_mode = true;
+		$packet_type = 'undefined';
+
+		if($cmd === 'mail' || $cmd === 'single_mail') {
+			$normal_mode = false;
+			$mail = true;
+			$private = true;
+			$message = q("SELECT * FROM `mail` WHERE `id` = %d LIMIT 1",
+					intval($item_id)
+			);
+			if(! $message) {
+				return;
+			}
+			xchan_mail_query($message[0]);
+			$uid = $message[0]['channel_id'];
+			$recipients[] = $message[0]['from_xchan']; // include clones
+			$recipients[] = $message[0]['to_xchan'];
+			$item = $message[0];
+
+			$encoded_item = encode_mail($item);
+
+			$s = q("select * from channel where channel_id = %d limit 1",
+				intval($item['channel_id'])
+			);
+			if($s)
+				$channel = $s[0];
+
+		}
+		elseif($cmd === 'request') {
+			$channel_id = $item_id;
+			$xchan = $argv[3];
+			$request_message_id = $argv[4];
+
+			$s = q("select * from channel where channel_id = %d limit 1",
+				intval($channel_id)
+			);
+			if($s)
+				$channel = $s[0];
+
+			$private = true;
+			$recipients[] = $xchan;
+			$packet_type = 'request';
+			$normal_mode = false;
+		}
+		elseif($cmd == 'permission_update' || $cmd == 'permission_create') {
+			// Get the (single) recipient	
+			$r = q("select * from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d and abook_self = 0",
+				intval($item_id)
+			);
+			if($r) {
+				$uid = $r[0]['abook_channel'];
+				// Get the sender
+				$channel = channelx_by_n($uid);
+				if($channel) {
+					$perm_update = array('sender' => $channel, 'recipient' => $r[0], 'success' => false, 'deliveries' => '');	
+
+					if($cmd == 'permission_create')
+						call_hooks('permissions_create',$perm_update);
+					else
+						call_hooks('permissions_update',$perm_update);
+
+					if($perm_update['success']) {
+						if($perm_update['deliveries']) {
+							$deliveries[] = $perm_update['deliveries'];
+							do_delivery($deliveries);
+						}
+						return;				
+					}
+					else {
+						$recipients[] = $r[0]['abook_xchan'];
+						$private = false;
+						$packet_type = 'refresh';
+						$packet_recips = array(array('guid' => $r[0]['xchan_guid'],'guid_sig' => $r[0]['xchan_guid_sig'],'hash' => $r[0]['xchan_hash']));
+					}
+				}
+			}
+		}
+		elseif($cmd === 'refresh_all') {
+			logger('notifier: refresh_all: ' . $item_id);
+			$uid = $item_id;
+			$channel = channelx_by_n($item_id);
+			$r = q("select abook_xchan from abook where abook_channel = %d",
+				intval($item_id)
+			);
+			if($r) {
+				foreach($r as $rr) {
+					$recipients[] = $rr['abook_xchan'];
+				}
+			}
+			$private = false;
+			$packet_type = 'refresh';
+		}
+		elseif($cmd === 'location') {
+			logger('notifier: location: ' . $item_id);
+			$s = q("select * from channel where channel_id = %d limit 1",
+				intval($item_id)
+			);
+			if($s)
+				$channel = $s[0];
+			$uid = $item_id;
+			$recipients = array();
+			$r = q("select abook_xchan from abook where abook_channel = %d",
+				intval($item_id)
+			);
+			if($r) {
+				foreach($r as $rr) {
+					$recipients[] = $rr['abook_xchan'];
+				}
+			}
+
+			$encoded_item = array('locations' => zot_encode_locations($channel),'type' => 'location', 'encoding' => 'zot');
+			$target_item = array('aid' => $channel['channel_account_id'],'uid' => $channel['channel_id']);
+			$private = false;
+			$packet_type = 'location';
+			$location = true;
+		}
+		elseif($cmd === 'purge_all') {
+			logger('notifier: purge_all: ' . $item_id);
+			$s = q("select * from channel where channel_id = %d limit 1",
+				intval($item_id)
+			);
+			if($s)
+				$channel = $s[0];
+			$uid = $item_id;
+			$recipients = array();
+			$r = q("select abook_xchan from abook where abook_channel = %d",
+				intval($item_id)
+			);
+			if($r) {
+				foreach($r as $rr) {
+					$recipients[] = $rr['abook_xchan'];
+				}
+			}
+			$private = false;
+			$packet_type = 'purge';
+		}
+		else {
+
+			// Normal items
+
+			// Fetch the target item
+
+			$r = q("SELECT * FROM item WHERE id = %d and parent != 0 LIMIT 1",
+				intval($item_id)
+			);
+
+			if(! $r)
+				return;
+
+			xchan_query($r);
+
+			$r = fetch_post_tags($r);
+		
+			$target_item = $r[0];
+			$deleted_item = false;
+
+			if(intval($target_item['item_deleted'])) {
+				logger('notifier: target item ITEM_DELETED', LOGGER_DEBUG);
+				$deleted_item = true;
+			}
+
+			if(intval($target_item['item_type']) != ITEM_TYPE_POST) {
+				logger('notifier: target item not forwardable: type ' . $target_item['item_type'], LOGGER_DEBUG);
+				return;
+			}
+
+			// Check for non published items, but allow an exclusion for transmitting hidden file activities
+
+			if(intval($target_item['item_unpublished']) || intval($target_item['item_delayed']) || 
+				( intval($target_item['item_hidden']) && ($target_item['obj_type'] !== ACTIVITY_OBJ_FILE))) {
+				logger('notifier: target item not published, so not forwardable', LOGGER_DEBUG);
+				return;
+			}
+
+			if(strpos($target_item['postopts'],'nodeliver') !== false) {
+				logger('notifier: target item is undeliverable', LOGGER_DEBUG);
+				return;
+			}
+
+			$s = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_id = %d limit 1",
+				intval($target_item['uid'])
+			);
+			if($s)
+				$channel = $s[0];
+
+			if($channel['channel_hash'] !== $target_item['author_xchan'] && $channel['channel_hash'] !== $target_item['owner_xchan']) {
+				logger("notifier: Sending channel {$channel['channel_hash']} is not owner {$target_item['owner_xchan']} or author {$target_item['author_xchan']}", LOGGER_NORMAL, LOG_WARNING);
+				return;
+			}
+
+
+			if($target_item['id'] == $target_item['parent']) {
+				$parent_item = $target_item;
+				$top_level_post = true;
+			}
+			else {
+				// fetch the parent item
+				$r = q("SELECT * from item where id = %d order by id asc",
+					intval($target_item['parent'])
+				);
+
+				if(! $r)
+					return;
+
+				if(strpos($r[0]['postopts'],'nodeliver') !== false) {
+					logger('notifier: target item is undeliverable', LOGGER_DEBUG, LOG_NOTICE);
+					return;
+				}
+
+				xchan_query($r);
+				$r = fetch_post_tags($r);
+		
+				$parent_item = $r[0];
+				$top_level_post = false;
+			}
+
+			// avoid looping of discover items 12/4/2014
+
+			if($sys && $parent_item['uid'] == $sys['channel_id'])
+				return;
+
+			$encoded_item = encode_item($target_item);
+		
+			// Send comments to the owner to re-deliver to everybody in the conversation
+			// We only do this if the item in question originated on this site. This prevents looping.
+			// To clarify, a site accepting a new comment is responsible for sending it to the owner for relay.
+			// Relaying should never be initiated on a post that arrived from elsewhere.  
+
+			// We should normally be able to rely on ITEM_ORIGIN, but start_delivery_chain() incorrectly set this
+			// flag on comments for an extended period. So we'll also call comment_local_origin() which looks at
+			// the hostname in the message_id and provides a second (fallback) opinion. 
+
+			$relay_to_owner = (((! $top_level_post) && (intval($target_item['item_origin'])) && comment_local_origin($target_item)) ? true : false);
+
+
+
+			$uplink = false;
+
+			// $cmd === 'relay' indicates the owner is sending it to the original recipients
+			// don't allow the item in the relay command to relay to owner under any circumstances, it will loop
+
+			logger('notifier: relay_to_owner: ' . (($relay_to_owner) ? 'true' : 'false'), LOGGER_DATA, LOG_DEBUG);
+			logger('notifier: top_level_post: ' . (($top_level_post) ? 'true' : 'false'), LOGGER_DATA, LOG_DEBUG);
+
+			// tag_deliver'd post which needs to be sent back to the original author
+
+			if(($cmd === 'uplink') && intval($parent_item['item_uplink']) && (! $top_level_post)) {
+				logger('notifier: uplink');			
+				$uplink = true;
+			} 
+
+			if(($relay_to_owner || $uplink) && ($cmd !== 'relay')) {
+				logger('notifier: followup relay', LOGGER_DEBUG);
+				$recipients = array(($uplink) ? $parent_item['source_xchan'] : $parent_item['owner_xchan']);
+				$private = true;
+				if(! $encoded_item['flags'])
+					$encoded_item['flags'] = array();
+				$encoded_item['flags'][] = 'relay';
+			}
+			else {
+				logger('notifier: normal distribution', LOGGER_DEBUG);
+				if($cmd === 'relay')
+					logger('notifier: owner relay');
+
+				// if our parent is a tag_delivery recipient, uplink to the original author causing
+				// a delivery fork. 
+	
+				if(($parent_item) && intval($parent_item['item_uplink']) && (! $top_level_post) && ($cmd !== 'uplink')) {
+					// don't uplink a relayed post to the relay owner
+					if($parent_item['source_xchan'] !== $parent_item['owner_xchan']) {
+						logger('notifier: uplinking this item');
+						Master::Summon(array('Notifier','uplink',$item_id));
+					}
+				}
+
+				$private = false;
+				$recipients = collect_recipients($parent_item,$private);
+
+				// FIXME add any additional recipients such as mentions, etc.
+
+				// don't send deletions onward for other people's stuff
+				// TODO verify this is needed - copied logic from same place in old code
+
+				if(intval($target_item['item_deleted']) && (! intval($target_item['item_wall']))) {
+					logger('notifier: ignoring delete notification for non-wall item', LOGGER_NORMAL, LOG_NOTICE);
+					return;
+				}
+			}
+
+		}
+
+		$walltowall = (($top_level_post && $channel['xchan_hash'] === $target_item['author_xchan']) ? true : false); 
+
+		// Generic delivery section, we have an encoded item and recipients
+		// Now start the delivery process
+
+		$x = $encoded_item;
+		$x['title'] = 'private';
+		$x['body'] = 'private';
+		logger('notifier: encoded item: ' . print_r($x,true), LOGGER_DATA, LOG_DEBUG);
+
+		stringify_array_elms($recipients);
+		if(! $recipients)
+			return;
+
+//	logger('notifier: recipients: ' . print_r($recipients,true), LOGGER_NORMAL, LOG_DEBUG);
+
+		$env_recips = (($private) ? array() : null);
+
+		$details = q("select xchan_hash, xchan_instance_url, xchan_network, xchan_addr, xchan_guid, xchan_guid_sig from xchan where xchan_hash in (" . implode(',',$recipients) . ")");
+
+
+		$recip_list = array();
+
+		if($details) {
+			foreach($details as $d) {
+
+				$recip_list[] = $d['xchan_addr'] . ' (' . $d['xchan_hash'] . ')'; 
+				if($private)
+					$env_recips[] = array('guid' => $d['xchan_guid'],'guid_sig' => $d['xchan_guid_sig'],'hash' => $d['xchan_hash']);
+
+				if($d['xchan_network'] === 'mail' && $normal_mode) {
+					$delivery_options = get_xconfig($d['xchan_hash'],'system','delivery_mode');
+					if(! $delivery_options)
+						format_and_send_email($channel,$d,$target_item);
+				}
+			}
+		}
+
+
+		$narr = array(
+			'channel' => $channel,
+			'env_recips' => $env_recips,
+			'packet_recips' => $packet_recips,
+			'recipients' => $recipients,
+			'item' => $item,
+			'target_item' => $target_item,
+			'top_level_post' => $top_level_post,
+			'private' => $private,
+			'relay_to_owner' => $relay_to_owner,
+			'uplink' => $uplink,
+			'cmd' => $cmd,
+			'mail' => $mail,
+			'single' => (($cmd === 'single_mail' || $cmd === 'single_activity') ? true : false),
+			'location' => $location,
+			'request' => $request,
+			'normal_mode' => $normal_mode,
+			'packet_type' => $packet_type,
+			'walltowall' => $walltowall,
+			'queued' => array()
+		);
+
+		call_hooks('notifier_process', $narr);
+		if($narr['queued']) {
+			foreach($narr['queued'] as $pq)
+				$deliveries[] = $pq;
+		}
+
+		// notifier_process can alter the recipient list
+
+		$recipients    = $narr['recipients'];
+		$env_recips    = $narr['env_recips'];
+		$packet_recips = $narr['packet_recips'];
+
+		if(($private) && (! $env_recips)) {
+			// shouldn't happen
+			logger('notifier: private message with no envelope recipients.' . print_r($argv,true), LOGGER_NORMAL, LOG_NOTICE);
+		}
+	
+		logger('notifier: recipients (may be delivered to more if public): ' . print_r($recip_list,true), LOGGER_DEBUG);
+	
+
+		// Now we have collected recipients (except for external mentions, FIXME)
+		// Let's reduce this to a set of hubs.
+
+		$r = q("select * from hubloc where hubloc_hash in (" . implode(',',$recipients) . ") 
+			and hubloc_error = 0 and hubloc_deleted = 0"
+		);		
+ 
+
+		if(! $r) {
+			logger('notifier: no hubs', LOGGER_NORMAL, LOG_NOTICE);
+			return;
+		}
+
+		$hubs = $r;
+
+
+
+		/**
+		 * Reduce the hubs to those that are unique. For zot hubs, we need to verify uniqueness by the sitekey, since it may have been 
+		 * a re-install which has not yet been detected and pruned.
+		 * For other networks which don't have or require sitekeys, we'll have to use the URL
+		 */
+
+
+		$hublist = array(); // this provides an easily printable list for the logs
+		$dhubs   = array(); // delivery hubs where we store our resulting unique array
+		$keys    = array(); // array of keys to check uniquness for zot hubs
+		$urls    = array(); // array of urls to check uniqueness of hubs from other networks
+
+
+		foreach($hubs as $hub) {
+			if(in_array($hub['hubloc_url'],$dead_hubs)) {
+				logger('skipping dead hub: ' . $hub['hubloc_url'], LOGGER_DEBUG, LOG_INFO);
+				continue;
+			}
+
+			if($hub['hubloc_network'] == 'zot') {
+				if(! in_array($hub['hubloc_sitekey'],$keys)) {
+					$hublist[] = $hub['hubloc_host'];
+					$dhubs[] = $hub;
+					$keys[] = $hub['hubloc_sitekey'];
+				}
+			}
+			else {
+				if(! in_array($hub['hubloc_url'],$urls)) {
+					$hublist[] = $hub['hubloc_host'];
+					$dhubs[] = $hub;
+					$urls[] = $hub['hubloc_url'];
+				}
+			}
+		}
+
+		logger('notifier: will notify/deliver to these hubs: ' . print_r($hublist,true), LOGGER_DEBUG, LOG_DEBUG);
+
+
+		foreach($dhubs as $hub) {
+
+			if($hub['hubloc_network'] !== 'zot') {
+
+				$narr = array(
+					'channel' => $channel,
+					'env_recips' => $env_recips,
+					'packet_recips' => $packet_recips,
+					'recipients' => $recipients,
+					'item' => $item,
+					'target_item' => $target_item,
+					'hub' => $hub,
+					'top_level_post' => $top_level_post,
+					'private' => $private,
+					'relay_to_owner' => $relay_to_owner,
+					'uplink' => $uplink,
+					'cmd' => $cmd,
+					'mail' => $mail,
+					'single' => (($cmd === 'single_mail' || $cmd === 'single_activity') ? true : false),
+					'location' => $location,
+					'request' => $request,
+					'normal_mode' => $normal_mode,
+					'packet_type' => $packet_type,
+					'walltowall' => $walltowall,
+					'queued' => array()
+				);
+
+
+				call_hooks('notifier_hub',$narr);
+				if($narr['queued']) {
+					foreach($narr['queued'] as $pq)
+						$deliveries[] = $pq;
+				}
+				continue;
+
+			}
+
+			// singleton deliveries by definition 'not got zot'.
+			// Single deliveries are other federated networks (plugins) and we're essentially 
+			// delivering only to those that have this site url in their abook_instance
+			// and only from within a sync operation. This means if you post from a clone,
+			// and a connection is connected to one of your other clones; assuming that hub
+			// is running it will receive a sync packet. On receipt of this sync packet it
+			// will invoke a delivery to those connections which are connected to just that
+			// hub instance. 
+
+			if($cmd === 'single_mail' || $cmd === 'single_activity') {
+				continue;
+			}
+
+			// default: zot protocol
+
+			$hash = random_string();
+			$packet = null;
+
+			if($packet_type === 'refresh' || $packet_type === 'purge') {
+				$packet = zot_build_packet($channel,$packet_type,(($packet_recips) ? $packet_recips : null));
+			}
+			elseif($packet_type === 'request') {
+				$packet = zot_build_packet($channel,$packet_type,$env_recips,$hub['hubloc_sitekey'],$hash,
+					array('message_id' => $request_message_id)
+				);
+			}
+
+			if($packet) {
+				queue_insert(array(
+					'hash'       => $hash,
+					'account_id' => $channel['channel_account_id'],
+					'channel_id' => $channel['channel_id'],
+					'posturl'    => $hub['hubloc_callback'],
+					'notify'     => $packet
+				));
+			}
+			else {
+				$packet = zot_build_packet($channel,'notify',$env_recips,(($private) ? $hub['hubloc_sitekey'] : null),$hash);	
+				queue_insert(array(
+					'hash'       => $hash,
+					'account_id' => $target_item['aid'],
+					'channel_id' => $target_item['uid'],
+					'posturl'    => $hub['hubloc_callback'],
+					'notify'     => $packet,
+					'msg'        => json_encode($encoded_item)
+				));
+
+				// only create delivery reports for normal undeleted items
+				if(is_array($target_item) && array_key_exists('postopts',$target_item) && (! $target_item['item_deleted']) && (! get_config('system','disable_dreport'))) {
+					q("insert into dreport ( dreport_mid, dreport_site, dreport_recip, dreport_result, dreport_time, dreport_xchan, dreport_queue ) values ( '%s','%s','%s','%s','%s','%s','%s' ) ",
+						dbesc($target_item['mid']),
+						dbesc($hub['hubloc_host']),
+						dbesc($hub['hubloc_host']),
+						dbesc('queued'),
+						dbesc(datetime_convert()),
+						dbesc($channel['channel_hash']),
+						dbesc($hash)
+					);
+				}
+			}
+
+			$deliveries[] = $hash;	
+		}
+	
+		if($normal_mode) {
+			$x = q("select * from hook where hook = 'notifier_normal'");
+			if($x)
+				Master::Summon(array('Deliver_hooks',$target_item['id']));
+
+		}
+
+		if($deliveries)
+			do_delivery($deliveries);
+
+		logger('notifier: basic loop complete.', LOGGER_DEBUG);
+
+		call_hooks('notifier_end',$target_item);
+
+		logger('notifer: complete.');
+		return;
+
+	}
+}
+

Zotlabs/Daemon/Onedirsync.php

@@ -0,0 +1,76 @@
+<?php /** @file */
+
+namespace Zotlabs\Daemon;
+
+require_once('include/zot.php');
+require_once('include/dir_fns.php');
+
+
+class Onedirsync {
+
+	static public function run($argc,$argv) {
+
+		logger('onedirsync: start ' . intval($argv[1]));
+	
+		if(($argc > 1) && (intval($argv[1])))
+			$update_id = intval($argv[1]);
+
+		if(! $update_id) {
+			logger('onedirsync: no update');
+			return;
+		}
+	
+		$r = q("select * from updates where ud_id = %d limit 1",
+			intval($update_id)
+		);
+
+		if(! $r)
+			return;
+		if(($r[0]['ud_flags'] & UPDATE_FLAGS_UPDATED) || (! $r[0]['ud_addr']))
+			return;
+
+		// Have we probed this channel more recently than the other directory server
+		// (where we received this update from) ?
+		// If we have, we don't need to do anything except mark any older entries updated
+
+		$x = q("select * from updates where ud_addr = '%s' and ud_date > '%s' and ( ud_flags & %d )>0 order by ud_date desc limit 1",
+			dbesc($r[0]['ud_addr']),
+			dbesc($r[0]['ud_date']),
+			intval(UPDATE_FLAGS_UPDATED)
+		);
+		if($x) {
+			$y = q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and ( ud_flags & %d ) = 0 and ud_date != '%s'",
+				intval(UPDATE_FLAGS_UPDATED),
+				dbesc($r[0]['ud_addr']),
+				intval(UPDATE_FLAGS_UPDATED),
+				dbesc($x[0]['ud_date'])
+			);
+			return;
+		}
+
+		// ignore doing an update if this ud_addr refers to a known dead hubloc
+
+		$h = q("select * from hubloc where hubloc_addr = '%s' limit 1",
+			dbesc($r[0]['ud_addr'])
+		);
+		if(($h) && ($h[0]['hubloc_status'] & HUBLOC_OFFLINE)) {
+			$y = q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and ( ud_flags & %d ) = 0 ",
+				intval(UPDATE_FLAGS_UPDATED),
+				dbesc($r[0]['ud_addr']),
+				intval(UPDATE_FLAGS_UPDATED)
+			);
+
+			return;
+		}
+
+		// we might have to pull this out some day, but for now update_directory_entry() 
+		// runs zot_finger() and is kind of zot specific
+
+		if($h && $h[0]['hubloc_network'] !== 'zot')
+			return;
+
+		update_directory_entry($r[0]);		
+
+		return;
+	}
+}

Zotlabs/Daemon/Onepoll.php

@@ -0,0 +1,152 @@
+<?php /** @file */
+
+namespace Zotlabs\Daemon;
+
+require_once('include/zot.php');
+require_once('include/socgraph.php');
+
+
+class Onepoll {
+
+	static public function run($argc,$argv) {
+
+		logger('onepoll: start');
+	
+		if(($argc > 1) && (intval($argv[1])))
+			$contact_id = intval($argv[1]);
+
+		if(! $contact_id) {
+			logger('onepoll: no contact');
+			return;
+		}
+
+		$d = datetime_convert();
+
+		$contacts = q("SELECT abook.*, xchan.*, account.*
+			FROM abook LEFT JOIN account on abook_account = account_id left join xchan on xchan_hash = abook_xchan 
+			where abook_id = %d
+			and abook_pending = 0 and abook_archived = 0 and abook_blocked = 0 and abook_ignored = 0
+			AND (( account_flags = %d ) OR ( account_flags = %d )) limit 1",
+			intval($contact_id),
+			intval(ACCOUNT_OK),
+			intval(ACCOUNT_UNVERIFIED)
+		);	
+
+		if(! $contacts) {
+			logger('onepoll: abook_id not found: ' . $contact_id);
+			return;
+		}
+
+		$contact = $contacts[0];
+
+		$t = $contact['abook_updated'];
+
+		$importer_uid = $contact['abook_channel'];
+		
+		$r = q("SELECT * from channel left join xchan on channel_hash = xchan_hash where channel_id = %d limit 1",
+			intval($importer_uid)
+		);
+
+		if(! $r)
+			return;
+
+		$importer = $r[0];
+
+		logger("onepoll: poll: ({$contact['id']}) IMPORTER: {$importer['xchan_name']}, CONTACT: {$contact['xchan_name']}");
+
+		$last_update = ((($contact['abook_updated'] === $contact['abook_created']) || ($contact['abook_updated'] === NULL_DATE))	
+			? datetime_convert('UTC','UTC','now - 7 days')
+			: datetime_convert('UTC','UTC',$contact['abook_updated'] . ' - 2 days')
+		);
+
+		if($contact['xchan_network'] === 'rss') {
+			logger('onepoll: processing feed ' . $contact['xchan_name'], LOGGER_DEBUG);
+			handle_feed($importer['channel_id'],$contact_id,$contact['xchan_hash']);
+			q("update abook set abook_connected = '%s' where abook_id = %d",
+				dbesc(datetime_convert()),
+				intval($contact['abook_id'])
+			);
+			return;
+		}
+	
+		if($contact['xchan_network'] !== 'zot')
+			return;
+
+		// update permissions
+
+		$x = zot_refresh($contact,$importer);
+
+		$responded = false;
+		$updated   = datetime_convert();
+		$connected = datetime_convert();
+		if(! $x) {
+			// mark for death by not updating abook_connected, this is caught in include/poller.php
+			q("update abook set abook_updated = '%s' where abook_id = %d",
+				dbesc($updated),
+				intval($contact['abook_id'])
+			);
+		}
+		else {
+			q("update abook set abook_updated = '%s', abook_connected = '%s' where abook_id = %d",
+				dbesc($updated),
+				dbesc($connected),
+				intval($contact['abook_id'])
+			);
+			$responded = true;
+		}
+
+		if(! $responded)
+			return;
+
+		if($contact['xchan_connurl']) {
+			$fetch_feed = true;
+			$x = null;
+
+			if(! ($contact['abook_their_perms'] & PERMS_R_STREAM ))
+				$fetch_feed = false;
+
+			if($fetch_feed) {
+
+				$feedurl = str_replace('/poco/','/zotfeed/',$contact['xchan_connurl']);		
+				$feedurl .= '?f=&mindate=' . urlencode($last_update);
+
+				$x = z_fetch_url($feedurl);
+
+				logger('feed_update: ' . print_r($x,true), LOGGER_DATA);
+
+			}
+
+			if(($x) && ($x['success'])) {
+				$total = 0;
+				logger('onepoll: feed update ' . $contact['xchan_name'] . ' ' . $feedurl);
+
+				$j = json_decode($x['body'],true);
+				if($j['success'] && $j['messages']) {
+					foreach($j['messages'] as $message) {
+						$results = process_delivery(array('hash' => $contact['xchan_hash']), get_item_elements($message),
+							array(array('hash' => $importer['xchan_hash'])), false);
+						logger('onepoll: feed_update: process_delivery: ' . print_r($results,true), LOGGER_DATA);
+						$total ++;
+					}
+					logger("onepoll: $total messages processed");
+				}
+			}
+		}
+			
+
+		// update the poco details for this connection
+
+		if($contact['xchan_connurl']) {	
+			$r = q("SELECT xlink_id from xlink 
+				where xlink_xchan = '%s' and xlink_updated > %s - INTERVAL %s and xlink_static = 0 limit 1",
+				intval($contact['xchan_hash']),
+				db_utcnow(), db_quoteinterval('1 DAY')
+			);
+			if(! $r) {
+				poco_load($contact['xchan_hash'],$contact['xchan_connurl']);
+			}
+		}
+
+		return;
+	}
+}

Zotlabs/Daemon/Poller.php

@@ -0,0 +1,202 @@
+<?php /** @file */
+
+namespace Zotlabs\Daemon;
+
+class Poller {
+
+	static public function run($argc,$argv) {
+
+		$maxsysload = intval(get_config('system','maxloadavg'));
+		if($maxsysload < 1)
+			$maxsysload = 50;
+		if(function_exists('sys_getloadavg')) {
+			$load = sys_getloadavg();
+			if(intval($load[0]) > $maxsysload) {
+				logger('system: load ' . $load . ' too high. Poller deferred to next scheduled run.');
+				return;
+			}
+		}
+
+		$interval = intval(get_config('system','poll_interval'));
+		if(! $interval) 
+			$interval = ((get_config('system','delivery_interval') === false) ? 3 : intval(get_config('system','delivery_interval')));
+
+		// Check for a lockfile.  If it exists, but is over an hour old, it's stale.  Ignore it.
+		$lockfile = 'store/[data]/poller';
+		if((file_exists($lockfile)) && (filemtime($lockfile) > (time() - 3600)) 
+			&& (! get_config('system','override_poll_lockfile'))) {
+			logger("poller: Already running");
+			return;
+		}
+	
+		// Create a lockfile.  Needs two vars, but $x doesn't need to contain anything.
+		file_put_contents($lockfile, $x);
+
+		logger('poller: start');
+	
+		$manual_id  = 0;
+		$generation = 0;
+
+		$force      = false;
+		$restart    = false;
+
+		if(($argc > 1) && ($argv[1] == 'force'))
+			$force = true;
+
+		if(($argc > 1) && ($argv[1] == 'restart')) {
+			$restart = true;
+			$generation = intval($argv[2]);
+			if(! $generation)
+				killme();		
+		}
+
+		if(($argc > 1) && intval($argv[1])) {
+			$manual_id = intval($argv[1]);
+			$force     = true;
+		}
+
+
+		$sql_extra = (($manual_id) ? " AND abook_id = " . intval($manual_id) . " " : "");
+
+		reload_plugins();
+
+		$d = datetime_convert();
+
+		// Only poll from those with suitable relationships
+
+		$abandon_sql = (($abandon_days) 
+			? sprintf(" AND account_lastlog > %s - INTERVAL %s ", db_utcnow(), db_quoteinterval(intval($abandon_days).' DAY')) 
+			: '' 
+		);
+
+		$randfunc = db_getfunc('RAND');
+	
+		$contacts = q("SELECT * FROM abook LEFT JOIN xchan on abook_xchan = xchan_hash 
+			LEFT JOIN account on abook_account = account_id
+			where abook_self = 0
+			$sql_extra 
+			AND (( account_flags = %d ) OR ( account_flags = %d )) $abandon_sql ORDER BY $randfunc",
+			intval(ACCOUNT_OK),
+			intval(ACCOUNT_UNVERIFIED)     // FIXME
+
+		);
+
+		if($contacts) {
+
+			foreach($contacts as $contact) {
+
+				$update  = false;
+
+				$t = $contact['abook_updated'];
+				$c = $contact['abook_connected'];
+
+				if(intval($contact['abook_feed'])) {
+					$min = service_class_fetch($contact['abook_channel'],'minimum_feedcheck_minutes');
+					if(! $min)
+						$min = intval(get_config('system','minimum_feedcheck_minutes'));
+					if(! $min)
+						$min = 60;
+					$x = datetime_convert('UTC','UTC',"now - $min minutes");
+					if($c < $x) {
+						Master::Summon(array('Onepoll',$contact['abook_id']));
+						if($interval)
+							@time_sleep_until(microtime(true) + (float) $interval);
+					}
+					continue;
+				}
+
+
+				if($contact['xchan_network'] !== 'zot')
+					continue;
+
+				if($c == $t) {
+					if(datetime_convert('UTC','UTC', 'now') > datetime_convert('UTC','UTC', $t . " + 1 day"))
+						$update = true;
+				}
+				else {
+	
+					// if we've never connected with them, start the mark for death countdown from now
+	
+					if($c == NULL_DATE) {
+						$r = q("update abook set abook_connected = '%s'  where abook_id = %d",
+							dbesc(datetime_convert()),
+							intval($contact['abook_id'])
+						);
+						$c = datetime_convert();
+						$update = true;
+					}
+
+					// He's dead, Jim
+
+					if(strcmp(datetime_convert('UTC','UTC', 'now'),datetime_convert('UTC','UTC', $c . " + 30 day")) > 0) {	
+						$r = q("update abook set abook_archived = 1 where abook_id = %d",
+							intval($contact['abook_id'])
+						);
+						$update = false;
+						continue;
+					}
+
+					if(intval($contact['abook_archived'])) {
+						$update = false;
+						continue;
+					}
+
+					// might be dead, so maybe don't poll quite so often
+	
+					// recently deceased, so keep up the regular schedule for 3 days
+ 
+					if((strcmp(datetime_convert('UTC','UTC', 'now'),datetime_convert('UTC','UTC', $c . " + 3 day")) > 0)
+					 && (strcmp(datetime_convert('UTC','UTC', 'now'),datetime_convert('UTC','UTC', $t . " + 1 day")) > 0))
+						$update = true;
+
+					// After that back off and put them on a morphine drip
+
+					if(strcmp(datetime_convert('UTC','UTC', 'now'),datetime_convert('UTC','UTC', $t . " + 2 day")) > 0) {	
+						$update = true;
+					}
+
+				}
+
+				if(intval($contact['abook_pending']) || intval($contact['abook_archived']) || intval($contact['abook_ignored']) || intval($contact['abook_blocked']))
+					continue;
+
+				if((! $update) && (! $force))
+						continue;
+
+				Master::Summon(array('Onepoll',$contact['abook_id']));
+				if($interval)
+					@time_sleep_until(microtime(true) + (float) $interval);
+
+			}
+		}
+
+		if($dirmode == DIRECTORY_MODE_SECONDARY || $dirmode == DIRECTORY_MODE_PRIMARY) {
+			$r = q("SELECT u.ud_addr, u.ud_id, u.ud_last FROM updates AS u INNER JOIN (SELECT ud_addr, max(ud_id) AS ud_id FROM updates WHERE ( ud_flags & %d ) = 0 AND ud_addr != '' AND ( ud_last = '%s' OR ud_last > %s - INTERVAL %s ) GROUP BY ud_addr) AS s ON s.ud_id = u.ud_id ",
+				intval(UPDATE_FLAGS_UPDATED),
+				dbesc(NULL_DATE),
+				db_utcnow(), db_quoteinterval('7 DAY')
+			);
+			if($r) {
+				foreach($r as $rr) {
+
+					// If they didn't respond when we attempted before, back off to once a day
+					// After 7 days we won't bother anymore
+
+					if($rr['ud_last'] != NULL_DATE)
+						if($rr['ud_last'] > datetime_convert('UTC','UTC', 'now - 1 day'))
+							continue;
+					Master::Summon(array('Onedirsync',$rr['ud_id']));
+					if($interval)
+						@time_sleep_until(microtime(true) + (float) $interval);
+				}
+			}
+		}	
+
+		set_config('system','lastpoll',datetime_convert());
+
+		//All done - clear the lockfile	
+		@unlink($lockfile);
+
+		return;
+	}
+}

Zotlabs/Daemon/Queue.php

@@ -0,0 +1,90 @@
+<?php /** @file */
+
+namespace Zotlabs\Daemon;
+
+require_once('include/queue_fn.php');
+require_once('include/zot.php');
+
+class Queue {
+
+	static public function run($argc,$argv) {
+
+		require_once('include/items.php');
+		require_once('include/bbcode.php');
+
+		if(argc() > 1)
+			$queue_id = argv(1);
+		else
+			$queue_id = 0;
+
+		logger('queue: start');
+
+		// delete all queue items more than 3 days old
+		// but first mark these sites dead if we haven't heard from them in a month
+
+		$r = q("select outq_posturl from outq where outq_created < %s - INTERVAL %s",
+			db_utcnow(), db_quoteinterval('3 DAY')
+		);
+		if($r) {
+			foreach($r as $rr) {
+				$site_url = '';
+				$h = parse_url($rr['outq_posturl']);
+				$desturl = $h['scheme'] . '://' . $h['host'] . (($h['port']) ? ':' . $h['port'] : '');
+				q("update site set site_dead = 1 where site_dead = 0 and site_url = '%s' and site_update < %s - INTERVAL %s",
+					dbesc($desturl),
+					db_utcnow(), db_quoteinterval('1 MONTH')
+				);
+			}
+		}
+
+		$r = q("DELETE FROM outq WHERE outq_created < %s - INTERVAL %s",
+			db_utcnow(), db_quoteinterval('3 DAY')
+		);
+
+		if($queue_id) {
+			$r = q("SELECT * FROM outq WHERE outq_hash = '%s' LIMIT 1",
+				dbesc($queue_id)
+			);
+		}
+		else {
+
+			// For the first 12 hours we'll try to deliver every 15 minutes
+			// After that, we'll only attempt delivery once per hour. 
+			// This currently only handles the default queue drivers ('zot' or '') which we will group by posturl 
+			// so that we don't start off a thousand deliveries for a couple of dead hubs.
+			// The zot driver will deliver everything destined for a single hub once contact is made (*if* contact is made).
+			// Other drivers will have to do something different here and may need their own query.
+	
+			// Note: this requires some tweaking as new posts to long dead hubs once a day will keep them in the 
+			// "every 15 minutes" category. We probably need to prioritise them when inserted into the queue
+			// or just prior to this query based on recent and long-term delivery history. If we have good reason to believe
+			// the site is permanently down, there's no reason to attempt delivery at all, or at most not more than once 
+			// or twice a day. 
+	
+			// FIXME: can we sort postgres on outq_priority and maintain the 'distinct' ?
+			// The order by max(outq_priority) might be a dodgy query because of the group by.
+			// The desired result is to return a sequence in the order most likely to be delivered in this run.
+			// If a hub has already been sitting in the queue for a few days, they should be delivered last;
+			// hence every failure should drop them further down the priority list.
+ 
+			if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) {
+				$prefix = 'DISTINCT ON (outq_posturl)';
+				$suffix = 'ORDER BY outq_posturl';
+			} else {
+				$prefix = '';
+				$suffix = 'GROUP BY outq_posturl ORDER BY max(outq_priority)';
+			}
+			$r = q("SELECT $prefix * FROM outq WHERE outq_delivered = 0 and (( outq_created > %s - INTERVAL %s and outq_updated < %s - INTERVAL %s ) OR ( outq_updated < %s - INTERVAL %s )) $suffix",
+				db_utcnow(), db_quoteinterval('12 HOUR'),
+				db_utcnow(), db_quoteinterval('15 MINUTE'),
+				db_utcnow(), db_quoteinterval('1 HOUR')
+			);
+		}
+		if(! $r)
+			return;
+
+		foreach($r as $rr) {
+			queue_deliver($rr);
+		}
+	}
+}

Zotlabs/Daemon/README.md

@@ -0,0 +1,43 @@
+Daemon (background) Processes
+=============================
+
+
+This directory provides background tasks which are executed by a 
+command-line process and detached from normal web processing.
+
+Background tasks are invoked by calling
+
+
+	Zotlabs\Daemon\Master::Summon([ $cmd, $arg1, $argn... ]); 
+
+The Master class loads the desired command file and passes the arguments.
+
+
+To create a background task 'Foo' use the following template.
+
+	<?php
+	
+	namespace Zotlabs\Daemon;
+	
+	class Foo {
+	
+		static public function run($argc,$argv) {
+			// do something
+		}
+	}
+
+
+The Master class "summons" the command by creating an executable script
+from the provided arguments, then it invokes "Release" to execute the script
+detached from web processing. This process calls the static::run() function
+with any command line arguments using the traditional argc, argv format. 
+
+Please note: These are *real* $argc, $argv variables passed from the command
+line, and not the parsed argc() and argv() functions/variables which were 
+obtained from parsing path components of the request URL by web processes.
+
+Background processes do not emit displayable output except through logs. They 
+should also not make any assumptions about their HTML and web environment 
+(as they do not have a web environment), particularly with respect to global
+variables such as $_SERVER, $_REQUEST, $_GET, $_POST, $_COOKIES, and $_SESSION.
+

Zotlabs/Daemon/Ratenotif.php

@@ -0,0 +1,113 @@
+<?php
+
+namespace Zotlabs\Daemon;
+
+require_once('include/zot.php');
+require_once('include/queue_fn.php');
+
+
+class Ratenotif {
+
+	static public function run($argc,$argv) {
+
+		require_once("datetime.php");
+		require_once('include/items.php');
+
+		if($argc < 3)
+			return;
+
+
+		logger('ratenotif: invoked: ' . print_r($argv,true), LOGGER_DEBUG);
+
+		$cmd = $argv[1];
+
+		$item_id = $argv[2];
+
+
+		if($cmd === 'rating') {
+			$r = q("select * from xlink where xlink_id = %d and xlink_static = 1 limit 1",
+				intval($item_id)
+			);
+			if(! $r) {
+				logger('rating not found');
+				return;
+			}
+
+			$encoded_item = array(
+				'type' => 'rating', 
+				'encoding' => 'zot',
+				'target' => $r[0]['xlink_link'],
+				'rating' => intval($r[0]['xlink_rating']),
+				'rating_text' => $r[0]['xlink_rating_text'],
+				'signature' => $r[0]['xlink_sig'],
+				'edited' => $r[0]['xlink_updated']
+			);
+		}
+
+		$channel = channelx_by_hash($r[0]['xlink_xchan']);
+		if(! $channel) {
+			logger('no channel');
+			return;
+		}
+
+
+		$primary = get_directory_primary();
+	
+		if(! $primary)
+			return;
+
+
+		$interval = ((get_config('system','delivery_interval') !== false) 
+			? intval(get_config('system','delivery_interval')) : 2 );
+
+		$deliveries_per_process = intval(get_config('system','delivery_batch_count'));
+
+		if($deliveries_per_process <= 0)
+			$deliveries_per_process = 1;
+
+		$deliver = array();
+
+		$x = z_fetch_url($primary . '/regdir');
+		if($x['success']) {
+			$j = json_decode($x['body'],true);
+			if($j && $j['success'] && is_array($j['directories'])) {
+
+				foreach($j['directories'] as $h) {
+					if($h == z_root())
+						continue;
+
+					$hash = random_string();
+					$n = zot_build_packet($channel,'notify',null,null,$hash);
+
+					queue_insert(array(
+						'hash'       => $hash,
+						'account_id' => $channel['channel_account_id'],
+						'channel_id' => $channel['channel_id'],
+						'posturl'    => $h . '/post',
+						'notify'     => $n,
+						'msg'        => json_encode($encoded_item)
+					));
+
+					$deliver[] = $hash;
+	
+					if(count($deliver) >= $deliveries_per_process) {
+						Master::Summon(array('Deliver',$deliver));
+						$deliver = array();
+						if($interval)
+							@time_sleep_until(microtime(true) + (float) $interval);
+					}
+				}
+	
+				// catch any stragglers
+	
+				if(count($deliver)) {
+					Master::Summon(array('Deliver',$deliver));
+				}
+			}
+		}
+		
+		logger('ratenotif: complete.');
+		return;
+
+	}
+}

Zotlabs/Extend/Hook.php

@@ -0,0 +1,107 @@
+<?php
+
+namespace Zotlabs\Extend;
+
+
+class Hook {
+
+	static public function register($hook,$file,$function,$version = 1,$priority = 0) {
+		if(is_array($function)) {
+			$function = serialize($function);
+		}
+
+		$r = q("SELECT * FROM `hook` WHERE `hook` = '%s' AND `file` = '%s' AND `fn` = '%s' and priority = %d and hook_version = %d LIMIT 1",
+			dbesc($hook),
+			dbesc($file),
+			dbesc($function),
+			intval($priority),
+			intval($version)
+		);
+		if($r)
+			return true;
+
+		// To aid in upgrade and transition, remove old settings for any registered hooks that match in all respects except
+		// for priority or hook_version
+
+		$r = q("DELETE FROM `hook` where `hook` = '%s' and `file` = '%s' and `fn` = '%s'",
+			dbesc($hook),
+			dbesc($file),
+			dbesc($function)
+		);
+
+		$r = q("INSERT INTO `hook` (`hook`, `file`, `fn`, `priority`, `hook_version`) VALUES ( '%s', '%s', '%s', %d, %d )",
+			dbesc($hook),
+			dbesc($file),
+			dbesc($function),
+			intval($priority),
+			intval($version)
+		);
+
+		return $r;
+	}
+
+	static public function unregister($hook,$file,$function,$version = 1,$priority = 0) {
+		if(is_array($function)) {
+			$function = serialize($function);
+		}
+		$r = q("DELETE FROM hook WHERE hook = '%s' AND `file` = '%s' AND `fn` = '%s' and priority = %d and hook_version = %d",
+			dbesc($hook),
+			dbesc($file),
+			dbesc($function),
+			intval($priority),
+			intval($version)
+		);
+
+		return $r;
+	}
+
+	// unregister all hooks with this file component. 
+	// Useful for addon upgrades where you want to clean out old interfaces.
+
+	static public function unregister_by_file($file) {
+
+		$r = q("DELETE FROM hook WHERE `file` = '%s' ",
+			dbesc($file)
+		);
+
+		return $r;
+	}
+
+
+	/**
+	 * @brief Inserts a hook into a page request.
+	 *
+	 * Insert a short-lived hook into the running page request.
+	 * Hooks are normally persistent so that they can be called
+	 * across asynchronous processes such as delivery and poll
+	 * processes.
+	 *
+	 * insert_hook lets you attach a hook callback immediately
+	 * which will not persist beyond the life of this page request
+	 * or the current process.
+	 *
+	 * @param string $hook
+	 *     name of hook to attach callback
+	 * @param string $fn
+	 *     function name of callback handler
+	 * @param int $version
+	 *     hook interface version, 0 uses two callback params, 1 uses one callback param
+	 * @param int $priority
+	 *     currently not implemented in this function, would require the hook array to be resorted
+	 */
+
+	static public function insert($hook, $fn, $version = 0, $priority = 0) {
+		if(is_array($fn)) {
+			$fn = serialize($fn);
+		}
+
+		if(! is_array(App::$hooks))
+			App::$hooks = array();
+
+		if(! array_key_exists($hook, App::$hooks))
+			App::$hooks[$hook] = array();
+
+		App::$hooks[$hook][] = array('', $fn, $priority, $version);
+	}
+
+}

Zotlabs/Lib/AConfig.php

@@ -0,0 +1,25 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+// account configuration storage is built on top of the under-utilised xconfig
+
+class AConfig {
+
+	static public function Load($account_id) {
+		return XConfig::Load('a_' . $account_id);
+	}
+
+	static public function Get($account_id,$family,$key) {
+		return XConfig::Get('a_' . $account_id,$family,$key);
+	}
+
+	static public function Set($account_id,$family,$key,$value) {
+		return XConfig::Get('a_' . $account_id,$family,$key,$value);
+	}
+
+	static public function Delete($account_id,$family,$key) {
+		return XConfig::Delete('a_' . $account_id,$family,$key);
+	}
+
+}

Zotlabs/Lib/AbConfig.php

@@ -0,0 +1,75 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+
+class AbConfig {
+
+	static public function Load($chan,$xhash,$family = '') {
+		if($family)
+			$where = sprintf(" and family = '%s' ",dbesc($family));
+		$r = q("select * from abconfig where chan = %d and xchan = '%s' $where",
+			intval($chan),
+			dbesc($xhash)
+		);
+		return $r;
+	}
+
+
+	static public function Get($chan,$xhash,$family,$key) {
+		$r = q("select * from abconfig where chan = %d and xchan = '%s' and cat = '%s' and k = '%s' limit 1",
+			intval($chan),
+			dbesc($xhash),
+			dbesc($family),
+			dbesc($key)		
+		);
+		if($r) {
+			return ((preg_match('|^a:[0-9]+:{.*}$|s', $r[0]['v'])) ? unserialize($r[0]['v']) : $r[0]['v']);
+		}
+		return false;
+	}
+
+
+	static public function Set($chan,$xhash,$family,$key,$value) {
+
+		$dbvalue = ((is_array($value))  ? serialize($value) : $value);
+		$dbvalue = ((is_bool($dbvalue)) ? intval($dbvalue)  : $dbvalue);
+
+		if(self::Get($chan,$xhash,$family,$key) === false) {
+			$r = q("insert into abconfig ( chan, xchan, cat, k, v ) values ( %d, '%s', '%s', '%s', '%s' ) ",
+				intval($chan),
+				dbesc($xhash),
+				dbesc($family),
+				dbesc($key),
+				dbesc($dbvalue)		
+			);
+		}
+		else {
+			$r = q("update abconfig set v = '%s' where chan = %d and xchan = '%s' and cat = '%s' and k = '%s' ",
+				dbesc($dbvalue),		
+				dbesc($chan),
+				dbesc($xhash),
+				dbesc($family),
+				dbesc($key)
+			);
+		}
+	
+		if($r)
+			return $value;
+		return false;
+	}
+
+
+	static public function Delete($chan,$xhash,$family,$key) {
+
+		$r = q("delete from abconfig where chan = %d and xchan = '%s' and cat = '%s' and k = '%s' ",
+			intval($chan),
+			dbesc($xhash),
+			dbesc($family),
+			dbesc($key)
+		);
+
+		return $r;
+	}
+
+}

Zotlabs/Lib/Apps.php

@@ -0,0 +1,709 @@
+<?php /** @file */
+
+namespace Zotlabs\Lib;
+
+/**
+ * Apps
+ *
+ */
+
+require_once('include/plugin.php');
+require_once('include/channel.php');
+
+
+class Apps {
+
+	static public $installed_system_apps = null;
+
+	static public function get_system_apps($translate = true) {
+
+		$ret = array();
+		if(is_dir('apps'))
+			$files = glob('apps/*.apd');
+		else
+			$files = glob('app/*.apd');
+		if($files) {
+			foreach($files as $f) {
+				$x = self::parse_app_description($f,$translate);
+				if($x) {
+					$ret[] = $x;
+				}
+			}
+		}
+		$files = glob('addon/*/*.apd');
+		if($files) {
+			foreach($files as $f) {
+				$path = explode('/',$f);
+				$plugin = $path[1];
+				if(plugin_is_installed($plugin)) {
+					$x = self::parse_app_description($f,$translate);
+					if($x) {
+						$ret[] = $x;
+					}
+				}
+			}
+		}
+
+		return $ret;
+
+	}
+
+
+	static public function import_system_apps() {
+		if(! local_channel())
+			return;
+		$apps = self::get_system_apps(false);
+
+
+		self::$installed_system_apps = q("select * from app where app_system = 1 and app_channel = %d",
+			intval(local_channel())
+		);
+
+		if($apps) {
+			foreach($apps as $app) {
+				$id = self::check_install_system_app($app);
+				// $id will be boolean true or false to install an app, or an integer id to update an existing app
+				if($id === false)
+					continue;
+				if($id !== true) {
+					// if we already installed this app, but it changed, preserve any categories we created
+					$s = '';
+					$r = q("select * from term where otype = %d and oid = d",
+						intval(TERM_OBJ_APP),
+						intval($id)
+					);
+					if($r) {
+						foreach($r as $t) {
+							if($s)
+								$s .= ',';
+							$s .= $t['term'];
+						}
+						$app['categories'] = $s;
+					}
+				}
+				$app['uid'] = local_channel();
+				$app['guid'] = hash('whirlpool',$app['name']);
+				$app['system'] = 1;
+				self::app_install(local_channel(),$app);
+			}
+		}					
+	}
+
+	/**
+	 * Install the system app if no system apps have been installed, or if a new system app 
+	 * is discovered, or if the version of a system app changes.
+	 */
+
+	static public function check_install_system_app($app) {
+		if((! is_array(self::$installed_system_apps)) || (! count(self::$installed_system_apps))) {
+			return true;
+		}
+		$notfound = true;
+		foreach(self::$installed_system_apps as $iapp) {
+			if($iapp['app_id'] == hash('whirlpool',$app['name'])) {
+				$notfound = false;
+				if($iapp['app_version'] != $app['version']) {
+					return intval($iapp['app_id']);
+				}
+			}
+		}
+		return $notfound;
+	}
+
+
+	static public function app_name_compare($a,$b) {
+		return strcmp($a['name'],$b['name']);
+	}
+
+
+	static public function parse_app_description($f,$translate = true) {
+		$ret = array();
+
+		$baseurl = z_root();
+		$channel = \App::get_channel();
+		$address = (($channel) ? $channel['channel_address'] : '');
+		
+		//future expansion
+
+		$observer = \App::get_observer();
+	
+
+		$lines = @file($f);
+		if($lines) {
+			foreach($lines as $x) {
+				if(preg_match('/^([a-zA-Z].*?):(.*?)$/ism',$x,$matches)) {
+					$ret[$matches[1]] = trim(str_replace(array('$baseurl','$nick'),array($baseurl,$address),$matches[2]));
+				}
+			}
+		}	
+
+
+		if(! $ret['photo'])
+			$ret['photo'] = $baseurl . '/' . get_default_profile_photo(80);
+
+		$ret['type'] = 'system';
+
+		foreach($ret as $k => $v) {
+			if(strpos($v,'http') === 0)
+				$ret[$k] = zid($v);
+		}
+
+		if(array_key_exists('desc',$ret))
+			$ret['desc'] = str_replace(array('\'','"'),array('&#39;','&dquot;'),$ret['desc']);
+
+		if(array_key_exists('target',$ret))
+			$ret['target'] = str_replace(array('\'','"'),array('&#39;','&dquot;'),$ret['target']);
+
+		if(array_key_exists('version',$ret))
+			$ret['version'] = str_replace(array('\'','"'),array('&#39;','&dquot;'),$ret['version']);
+
+
+		if(array_key_exists('requires',$ret)) {
+			$requires = explode(',',$ret['requires']);
+			foreach($requires as $require) {
+				$require = trim(strtolower($require));
+				switch($require) {
+					case 'nologin':
+						if(local_channel())
+							unset($ret);
+						break;
+					case 'admin':
+						if(! is_site_admin())
+							unset($ret);
+						break;
+					case 'local_channel':
+						if(! local_channel())
+							unset($ret);
+						break;
+					case 'public_profile':
+						if(! is_public_profile())
+							unset($ret);
+						break;
+					case 'observer':
+						if(! $observer)
+							unset($ret);
+						break;
+					default:
+						if(! (local_channel() && feature_enabled(local_channel(),$require)))
+							unset($ret);
+						break;
+
+				}
+			}
+		}
+		if($ret) {
+			if($translate)
+				self::translate_system_apps($ret);
+			return $ret;
+		}
+		return false;
+	}	
+
+
+	static public function translate_system_apps(&$arr) {
+		$apps = array(
+			'Site Admin' => t('Site Admin'),
+			'Bug Report' => t('Bug Report'),
+			'View Bookmarks' => t('View Bookmarks'),
+			'My Chatrooms' => t('My Chatrooms'),
+			'Connections' => t('Connections'),
+			'Firefox Share' => t('Firefox Share'),
+			'Remote Diagnostics' => t('Remote Diagnostics'),
+			'Suggest Channels' => t('Suggest Channels'),
+			'Login' => t('Login'),
+			'Channel Manager' => t('Channel Manager'), 
+			'Grid' => t('Grid'), 
+			'Settings' => t('Settings'),
+			'Files' => t('Files'),
+			'Webpages' => t('Webpages'),
+			'Wiki' => t('Wiki'),
+			'Channel Home' => t('Channel Home'), 
+			'View Profile' => t('View Profile'),
+			'Photos' => t('Photos'), 
+			'Events' => t('Events'), 
+			'Directory' => t('Directory'), 
+			'Help' => t('Help'),
+			'Mail' => t('Mail'),
+			'Mood' => t('Mood'),
+			'Poke' => t('Poke'),
+			'Chat' => t('Chat'),
+			'Search' => t('Search'),
+			'Probe' => t('Probe'),
+			'Suggest' => t('Suggest'),
+			'Random Channel' => t('Random Channel'),
+			'Invite' => t('Invite'),
+			'Features' => t('Features'),
+			'Language' => t('Language'),
+			'Post' => t('Post'),
+			'Profile Photo' => t('Profile Photo')
+		);
+
+		if(array_key_exists($arr['name'],$apps))
+			$arr['name'] = $apps[$arr['name']];
+
+	}
+
+
+	// papp is a portable app
+
+	static public function app_render($papp,$mode = 'view') {
+
+		/**
+		 * modes:
+		 *    view: normal mode for viewing an app via bbcode from a conversation or page
+		 *       provides install/update button if you're logged in locally
+		 *    list: normal mode for viewing an app on the app page
+		 *       no buttons are shown
+		 *    edit: viewing the app page in editing mode provides a delete button
+		 */
+
+		$installed = false;
+
+		if(! $papp)
+			return;
+
+		if(! $papp['photo'])
+			$papp['photo'] = z_root() . '/' . get_default_profile_photo(80);
+
+		self::translate_system_apps($papp);
+
+		$papp['papp'] = self::papp_encode($papp);
+
+		if(! strstr($papp['url'],'://'))
+			$papp['url'] = z_root() . ((strpos($papp['url'],'/') === 0) ? '' : '/') . $papp['url'];
+
+		foreach($papp as $k => $v) {
+			if(strpos($v,'http') === 0 && $k != 'papp')
+				$papp[$k] = zid($v);
+			if($k === 'desc')
+				$papp['desc'] = str_replace(array('\'','"'),array('&#39;','&dquot;'),$papp['desc']);
+
+			if($k === 'requires') {
+				$requires = explode(',',$v);
+				foreach($requires as $require) {
+					$require = trim(strtolower($require));
+					switch($require) {
+						case 'nologin':
+							if(local_channel())
+								return '';
+							break;
+						case 'admin':
+							if(! is_site_admin())
+								return '';
+							break;
+						case 'local_channel':
+							if(! local_channel())
+								return '';
+							break;
+						case 'public_profile':
+							if(! is_public_profile())
+								return '';
+							break;
+						case 'observer':
+							$observer = \App::get_observer();
+							if(! $observer)
+								return '';
+							break;
+						default:
+							if(! (local_channel() && feature_enabled(local_channel(),$require)))
+								return '';
+							break;
+
+					}
+				}
+			}
+		}
+
+		$hosturl = '';
+
+		if(local_channel()) {
+			$installed = self::app_installed(local_channel(),$papp);
+			$hosturl = z_root() . '/';
+		}
+		elseif(remote_channel()) {
+			$observer = \App::get_observer();
+			if($observer && $observer['xchan_network'] === 'zot') {
+				// some folks might have xchan_url redirected offsite, use the connurl
+				$x = parse_url($observer['xchan_connurl']);
+				if($x) {
+					$hosturl = $x['scheme'] . '://' . $x['host'] . '/';
+				}
+			} 
+		}
+
+		$install_action = (($installed) ? t('Update') : t('Install'));
+
+		return replace_macros(get_markup_template('app.tpl'),array(
+			'$app' => $papp,
+			'$hosturl' => $hosturl,
+			'$purchase' => (($papp['page'] && (! $installed)) ? t('Purchase') : ''),
+			'$install' => (($hosturl && $mode == 'view') ? $install_action : ''),
+			'$edit' => ((local_channel() && $installed && $mode == 'edit') ? t('Edit') : ''),
+			'$delete' => ((local_channel() && $installed && $mode == 'edit') ? t('Delete') : '')
+		));
+	}
+
+	static public function app_install($uid,$app) {
+		$app['uid'] = $uid;
+
+		if(self::app_installed($uid,$app))
+			$x = self::app_update($app);
+		else
+			$x = self::app_store($app);
+
+		if($x['success']) {
+			$r = q("select * from app where app_id = '%s' and app_channel = %d limit 1",
+				dbesc($x['app_id']),
+				intval($uid)
+			);
+			if($r) {
+				if(! $r[0]['app_system']) {
+					if($app['categories'] && (! $app['term'])) {
+						$r[0]['term'] = q("select * from term where otype = %d and oid = d",
+							intval(TERM_OBJ_APP),
+							intval($r[0]['id'])
+						);
+						build_sync_packet($uid,array('app' => $r[0]));
+					}
+				}
+			}
+			return $x['app_id'];
+		}
+		return false;
+	}
+
+	static public function app_destroy($uid,$app) {
+
+
+		if($uid && $app['guid']) {
+
+			$x = q("select * from app where app_id = '%s' and app_channel = %d limit 1",
+				dbesc($app['guid']),
+				intval($uid)
+			);
+			if($x) {
+				$x[0]['app_deleted'] = 1;
+				q("delete from term where otype = %d and oid = %d",
+					intval(TERM_OBJ_APP),
+					intval($x[0]['id'])
+				);
+				if($x[0]['app_system']) {
+					$r = q("update app set app_deleted = 1 where app_id = '%s' and app_channel = %d",
+						dbesc($app['guid']),
+						intval($uid)
+					);
+				}
+				else {
+					$r = q("delete from app where app_id = '%s' and app_channel = %d",
+						dbesc($app['guid']),
+						intval($uid)
+					);
+
+					// we don't sync system apps - they may be completely different on the other system
+					build_sync_packet($uid,array('app' => $x));
+				}
+			}
+		}
+	}
+
+
+	static public function app_installed($uid,$app) {
+
+		$r = q("select id from app where app_id = '%s' and app_version = '%s' and app_channel = %d limit 1",
+			dbesc((array_key_exists('guid',$app)) ? $app['guid'] : ''), 
+			dbesc((array_key_exists('version',$app)) ? $app['version'] : ''), 
+			intval($uid)
+		);
+		return(($r) ? true : false);
+
+	}
+
+
+	static public function app_list($uid, $deleted = false, $cat = '') {
+		if($deleted) 
+			$sql_extra = " and app_deleted = 1 ";
+		else
+			$sql_extra = " and app_deleted = 0 ";
+
+		if($cat) {
+			$r = q("select oid from term where otype = %d and term = '%s'",
+				intval(TERM_OBJ_APP),
+				dbesc($cat)
+			);
+			if(! $r)
+				return $r;
+			$sql_extra .= " and app.id in ( ";
+			$s = '';
+			foreach($r as $rr) {
+				if($s)
+					$s .= ',';
+				$s .= intval($rr['oid']);
+			}
+			$sql_extra .= $s . ') ';
+		}
+
+		$r = q("select * from app where app_channel = %d $sql_extra order by app_name asc",
+			intval($uid)
+		);
+		if($r) {
+			for($x = 0; $x < count($r); $x ++) {
+				if(! $r[$x]['app_system'])
+					$r[$x]['type'] = 'personal';
+				$r[$x]['term'] = q("select * from term where otype = %d and oid = %d",
+					intval(TERM_OBJ_APP),
+					intval($r[$x]['id'])
+				);
+			}
+		}
+		return($r);
+	}
+
+
+	static public function app_decode($s) {
+		$x = base64_decode(str_replace(array('<br />',"\r","\n",' '),array('','','',''),$s));
+		return json_decode($x,true);
+	}
+
+
+	static public function app_store($arr) {
+
+		// logger('app_store: ' . print_r($arr,true));
+
+		$darray = array();
+		$ret = array('success' => false);
+
+		$darray['app_url']     = ((x($arr,'url')) ? $arr['url'] : '');
+		$darray['app_channel'] = ((x($arr,'uid')) ? $arr['uid'] : 0);
+
+		if((! $darray['app_url']) || (! $darray['app_channel']))
+			return $ret;
+
+		if($arr['photo'] && ! strstr($arr['photo'],z_root())) {
+			$x = import_xchan_photo($arr['photo'],get_observer_hash(),true);
+			$arr['photo'] = $x[1];
+		}
+
+
+		$darray['app_id']       = ((x($arr,'guid'))     ? $arr['guid'] : random_string(). '.' . \App::get_hostname());
+		$darray['app_sig']      = ((x($arr,'sig'))      ? $arr['sig'] : '');
+		$darray['app_author']   = ((x($arr,'author'))   ? $arr['author'] : get_observer_hash());
+		$darray['app_name']     = ((x($arr,'name'))     ? escape_tags($arr['name']) : t('Unknown'));
+		$darray['app_desc']     = ((x($arr,'desc'))     ? escape_tags($arr['desc']) : '');
+		$darray['app_photo']    = ((x($arr,'photo'))    ? $arr['photo'] : z_root() . '/' . get_default_profile_photo(80));
+		$darray['app_version']  = ((x($arr,'version'))  ? escape_tags($arr['version']) : '');
+		$darray['app_addr']     = ((x($arr,'addr'))     ? escape_tags($arr['addr']) : '');
+		$darray['app_price']    = ((x($arr,'price'))    ? escape_tags($arr['price']) : '');
+		$darray['app_page']     = ((x($arr,'page'))     ? escape_tags($arr['page']) : '');
+		$darray['app_requires'] = ((x($arr,'requires')) ? escape_tags($arr['requires']) : '');
+		$darray['app_system']   = ((x($arr,'system'))   ? intval($arr['system']) : 0);
+		$darray['app_deleted']  = ((x($arr,'deleted'))  ? intval($arr['deleted']) : 0);
+
+		$created = datetime_convert();
+
+		$r = q("insert into app ( app_id, app_sig, app_author, app_name, app_desc, app_url, app_photo, app_version, app_channel, app_addr, app_price, app_page, app_requires, app_created, app_edited, app_system, app_deleted ) values ( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s', %d, %d )",
+			dbesc($darray['app_id']),
+			dbesc($darray['app_sig']),
+			dbesc($darray['app_author']),
+			dbesc($darray['app_name']),
+			dbesc($darray['app_desc']),
+			dbesc($darray['app_url']),
+			dbesc($darray['app_photo']),
+			dbesc($darray['app_version']),
+			intval($darray['app_channel']),
+			dbesc($darray['app_addr']),
+			dbesc($darray['app_price']),
+			dbesc($darray['app_page']),
+			dbesc($darray['app_requires']),
+			dbesc($created),
+			dbesc($created),
+			intval($darray['app_system']),
+			intval($darray['app_deleted'])
+		);
+		if($r) {
+			$ret['success'] = true;
+			$ret['app_id'] = $darray['app_id'];
+		}
+		if($arr['categories']) {
+			$x = q("select id from app where app_id = '%s' and app_channel = %d limit 1",
+				dbesc($darray['app_id']),
+				intval($darray['app_channel'])
+			);
+			$y = explode(',',$arr['categories']);
+			if($y) {
+				foreach($y as $t) {
+					$t = trim($t);
+					if($t) {
+						store_item_tag($darray['app_channel'],$x[0]['id'],TERM_OBJ_APP,TERM_CATEGORY,escape_tags($t),escape_tags(z_root() . '/apps/?f=&cat=' . escape_tags($t)));
+					}
+				}
+			}
+		}
+
+		return $ret;
+	}
+
+
+	static public function app_update($arr) {
+
+		$darray = array();
+		$ret = array('success' => false);
+
+		$darray['app_url']     = ((x($arr,'url')) ? $arr['url'] : '');
+		$darray['app_channel'] = ((x($arr,'uid')) ? $arr['uid'] : 0);
+		$darray['app_id']      = ((x($arr,'guid')) ? $arr['guid'] : 0);
+
+		if((! $darray['app_url']) || (! $darray['app_channel']) || (! $darray['app_id']))
+			return $ret;
+
+		if($arr['photo'] && ! strstr($arr['photo'],z_root())) {
+			$x = import_xchan_photo($arr['photo'],get_observer_hash(),true);
+			$arr['photo'] = $x[1];
+		}
+
+		$darray['app_sig']      = ((x($arr,'sig')) ? $arr['sig'] : '');
+		$darray['app_author']   = ((x($arr,'author')) ? $arr['author'] : get_observer_hash());
+		$darray['app_name']     = ((x($arr,'name')) ? escape_tags($arr['name']) : t('Unknown'));
+		$darray['app_desc']     = ((x($arr,'desc')) ? escape_tags($arr['desc']) : '');
+		$darray['app_photo']    = ((x($arr,'photo')) ? $arr['photo'] : z_root() . '/' . get_default_profile_photo(80));
+		$darray['app_version']  = ((x($arr,'version')) ? escape_tags($arr['version']) : '');
+		$darray['app_addr']     = ((x($arr,'addr')) ? escape_tags($arr['addr']) : '');
+		$darray['app_price']    = ((x($arr,'price')) ? escape_tags($arr['price']) : '');
+		$darray['app_page']     = ((x($arr,'page')) ? escape_tags($arr['page']) : '');
+		$darray['app_requires'] = ((x($arr,'requires')) ? escape_tags($arr['requires']) : '');
+		$darray['app_system']   = ((x($arr,'system'))   ? intval($arr['system']) : 0);
+		$darray['app_deleted']  = ((x($arr,'deleted'))  ? intval($arr['deleted']) : 0);
+
+		$edited = datetime_convert();
+
+		$r = q("update app set app_sig = '%s', app_author = '%s', app_name = '%s', app_desc = '%s', app_url = '%s', app_photo = '%s', app_version = '%s', app_addr = '%s', app_price = '%s', app_page = '%s', app_requires = '%s', app_edited = '%s', app_system = %d, app_deleted = %d where app_id = '%s' and app_channel = %d",
+			dbesc($darray['app_sig']),
+			dbesc($darray['app_author']),
+			dbesc($darray['app_name']),
+			dbesc($darray['app_desc']),
+			dbesc($darray['app_url']),
+			dbesc($darray['app_photo']),
+			dbesc($darray['app_version']),
+			dbesc($darray['app_addr']),
+			dbesc($darray['app_price']),
+			dbesc($darray['app_page']),
+			dbesc($darray['app_requires']),
+			dbesc($edited),
+			intval($darray['app_system']),
+			intval($darray['app_deleted']),
+			dbesc($darray['app_id']),
+			intval($darray['app_channel'])
+		);
+		if($r) {
+			$ret['success'] = true;
+			$ret['app_id'] = $darray['app_id'];
+		}
+
+		$x = q("select id from app where app_id = '%s' and app_channel = %d limit 1",
+			dbesc($darray['app_id']),
+			intval($darray['app_channel'])
+		);
+		if($x) {
+			q("delete from term where otype = %d and oid = %d",
+				intval(TERM_OBJ_APP),
+				intval($x[0]['id'])
+			);
+			if($arr['categories']) {
+				$y = explode(',',$arr['categories']);
+				if($y) {
+					foreach($y as $t) {
+						$t = trim($t);
+						if($t) {
+							store_item_tag($darray['app_channel'],$x[0]['id'],TERM_OBJ_APP,TERM_CATEGORY,escape_tags($t),escape_tags(z_root() . '/apps/?f=&cat=' . escape_tags($t)));
+						}
+					}
+				}
+			}
+		}
+
+		return $ret;
+
+	}
+
+
+	static public function app_encode($app,$embed = false) {
+
+		$ret = array();
+
+		$ret['type'] = 'personal';
+	
+		if($app['app_id'])
+			$ret['guid'] = $app['app_id'];
+
+		if($app['app_id'])
+			$ret['guid'] = $app['app_id'];
+
+		if($app['app_sig'])
+			$ret['sig'] = $app['app_sig'];
+
+		if($app['app_author'])
+			$ret['author'] = $app['app_author'];
+
+		if($app['app_name'])
+			$ret['name'] = $app['app_name'];
+
+		if($app['app_desc'])
+			$ret['desc'] = $app['app_desc'];
+
+		if($app['app_url'])
+			$ret['url'] = $app['app_url'];
+
+		if($app['app_photo'])
+			$ret['photo'] = $app['app_photo'];
+
+		if($app['app_version'])
+			$ret['version'] = $app['app_version'];
+
+		if($app['app_addr'])
+			$ret['addr'] = $app['app_addr'];
+
+		if($app['app_price'])
+			$ret['price'] = $app['app_price'];
+	
+		if($app['app_page'])
+			$ret['page'] = $app['app_page'];
+
+		if($app['app_requires'])
+			$ret['requires'] = $app['app_requires'];
+
+		if($app['app_system'])
+			$ret['system'] = $app['app_system'];
+
+		if($app['app_deleted'])
+			$ret['deleted'] = $app['app_deleted'];
+
+		if($app['term']) {
+			$s = '';
+			foreach($app['term'] as $t) {
+				if($s)
+					$s .= ',';
+				$s .= $t['term'];
+			}
+			$ret['categories'] = $s;
+		}
+
+
+		if(! $embed)
+			return $ret;
+
+		if(array_key_exists('categories',$ret))
+			unset($ret['categories']);
+	
+		$j = json_encode($ret);
+		return '[app]' . chunk_split(base64_encode($j),72,"\n") . '[/app]';
+
+	}
+
+
+	static public function papp_encode($papp) {
+		return chunk_split(base64_encode(json_encode($papp)),72,"\n");
+
+	}
+
+}
+
+

Zotlabs/Lib/Cache.php

@@ -0,0 +1,46 @@
+<?php /** @file */
+
+namespace Zotlabs\Lib;
+
+	/**
+	 *  cache api
+	 */
+	 
+class Cache {
+	public static function get($key) {
+		$r = q("SELECT v FROM cache WHERE k = '%s' limit 1",
+			dbesc($key)
+		);
+			
+		if ($r)
+			return $r[0]['v'];
+		return null;
+	}
+		
+	public static function set($key,$value) {
+
+		$r = q("SELECT * FROM cache WHERE k = '%s' limit 1",
+			dbesc($key)
+		);
+		if($r) {
+			q("UPDATE cache SET v = '%s', updated = '%s' WHERE k = '%s'",
+				dbesc($value),
+				dbesc(datetime_convert()),
+				dbesc($key));
+		}
+		else {
+			q("INSERT INTO cache ( k, v, updated) VALUES ('%s','%s','%s')",
+				dbesc($key),
+				dbesc($value),
+				dbesc(datetime_convert()));
+		}
+	}
+
+		
+	public static function clear() {
+		q("DELETE FROM cache WHERE updated < '%s'",
+			dbesc(datetime_convert('UTC','UTC',"now - 30 days")));			
+	}
+		
+}
+	 

Zotlabs/Lib/Chatroom.php

@@ -0,0 +1,267 @@
+<?php
+namespace Zotlabs\Lib;
+
+/**
+ * @brief Chat related functions.
+ */
+
+
+
+class Chatroom {
+	/**
+	 * @brief Creates a chatroom.
+	 *
+	 * @param array $channel
+	 * @param array $arr
+	 * @return An associative array containing:
+	 *  - success: A boolean
+	 *  - message: (optional) A string
+	 */
+
+	static public function create($channel, $arr) {
+
+		$ret = array('success' => false);
+
+		$name = trim($arr['name']);
+		if(! $name) {
+			$ret['message'] = t('Missing room name');
+			return $ret;
+		}
+
+		$r = q("select cr_id from chatroom where cr_uid = %d and cr_name = '%s' limit 1",
+			intval($channel['channel_id']),
+			dbesc($name)
+		);
+		if($r) {
+			$ret['message'] = t('Duplicate room name');
+			return $ret;
+		}
+
+		$r = q("select count(cr_id) as total from chatroom where cr_aid = %d",
+			intval($channel['channel_account_id'])
+		);
+		if($r)
+			$limit = service_class_fetch($channel['channel_id'], 'chatrooms');
+
+		if(($r) && ($limit !== false) && ($r[0]['total'] >= $limit)) {
+			$ret['message'] = upgrade_message();
+			return $ret;
+		}
+
+		if(! array_key_exists('expire', $arr))
+			$arr['expire'] = 120;  // minutes, e.g. 2 hours
+
+		$created = datetime_convert();
+
+		$x = q("insert into chatroom ( cr_aid, cr_uid, cr_name, cr_created, cr_edited, cr_expire, allow_cid, allow_gid, deny_cid, deny_gid )
+			values ( %d, %d , '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s' ) ",
+			intval($channel['channel_account_id']),
+			intval($channel['channel_id']),
+			dbesc($name),
+			dbesc($created),
+			dbesc($created),
+			intval($arr['expire']),
+			dbesc($arr['allow_cid']),
+			dbesc($arr['allow_gid']),
+			dbesc($arr['deny_cid']),
+			dbesc($arr['deny_gid'])
+		);
+
+		if($x)
+			$ret['success'] = true;
+
+		return $ret;
+	}
+
+
+	static public function destroy($channel,$arr) {
+
+		$ret = array('success' => false);
+
+		if(intval($arr['cr_id']))
+			$sql_extra = " and cr_id = " . intval($arr['cr_id']) . " ";
+		elseif(trim($arr['cr_name']))
+			$sql_extra = " and cr_name = '" . protect_sprintf(dbesc(trim($arr['cr_name']))) . "' ";
+		else {
+			$ret['message'] = t('Invalid room specifier.');
+			return $ret;
+		}
+
+		$r = q("select * from chatroom where cr_uid = %d $sql_extra limit 1",
+			intval($channel['channel_id'])
+		);
+		if(! $r) {
+			$ret['message'] = t('Invalid room specifier.');
+			return $ret;
+		}
+
+		build_sync_packet($channel['channel_id'],array('chatroom' => $r));
+
+		q("delete from chatroom where cr_id = %d",
+			intval($r[0]['cr_id'])
+		);
+		if($r[0]['cr_id']) {
+			q("delete from chatpresence where cp_room = %d",
+				intval($r[0]['cr_id'])
+			);
+			q("delete from chat where chat_room = %d",
+				intval($r[0]['cr_id'])
+			);
+		}
+
+		$ret['success'] = true;
+		return $ret;
+	}
+
+
+	static public function enter($observer_xchan, $room_id, $status, $client) {
+
+		if(! $room_id || ! $observer_xchan)
+			return;
+
+		$r = q("select * from chatroom where cr_id = %d limit 1",
+			intval($room_id)
+		);
+		if(! $r) {
+			notice( t('Room not found.') . EOL);
+			return false;
+		}
+		require_once('include/security.php');
+		$sql_extra = permissions_sql($r[0]['cr_uid']);
+
+		$x = q("select * from chatroom where cr_id = %d and cr_uid = %d $sql_extra limit 1",
+			intval($room_id),
+			intval($r[0]['cr_uid'])
+		);
+		if(! $x) {
+			notice( t('Permission denied.') . EOL);
+			return false;
+		}
+
+		$limit = service_class_fetch($r[0]['cr_uid'], 'chatters_inroom');
+		if($limit !== false) {
+			$y = q("select count(*) as total from chatpresence where cp_room = %d",
+				intval($room_id)
+			);
+			if($y && $y[0]['total'] > $limit) {
+				notice( t('Room is full') . EOL);
+				return false;
+			}
+		}
+
+		if(intval($x[0]['cr_expire'])) {
+			$r = q("delete from chat where created < %s - INTERVAL %s and chat_room = %d", 
+				db_utcnow(), 
+				db_quoteinterval( intval($x[0]['cr_expire']) . ' MINUTE' ),
+				intval($x[0]['cr_id'])
+			);
+		}
+
+		$r = q("select * from chatpresence where cp_xchan = '%s' and cp_room = %d limit 1",
+			dbesc($observer_xchan),
+			intval($room_id)
+		);
+		if($r) {
+			q("update chatpresence set cp_last = '%s' where cp_id = %d and cp_client = '%s'",
+				dbesc(datetime_convert()),
+				intval($r[0]['cp_id']),
+				dbesc($client)
+			);
+			return true;
+		}
+
+		$r = q("insert into chatpresence ( cp_room, cp_xchan, cp_last, cp_status, cp_client )
+			values ( %d, '%s', '%s', '%s', '%s' )",
+			intval($room_id),
+			dbesc($observer_xchan),
+			dbesc(datetime_convert()),
+			dbesc($status),
+			dbesc($client)
+		);
+
+		return $r;
+	}
+
+
+	function leave($observer_xchan, $room_id, $client) {
+		if(! $room_id || ! $observer_xchan)
+			return;
+
+		$r = q("select * from chatpresence where cp_xchan = '%s' and cp_room = %d and cp_client = '%s' limit 1",
+			dbesc($observer_xchan),
+			intval($room_id),
+			dbesc($client)
+		);
+		if($r) {
+			q("delete from chatpresence where cp_id = %d",
+				intval($r[0]['cp_id'])
+			);
+		}
+
+		return true;
+	}
+
+
+	static public function roomlist($uid) {
+		require_once('include/security.php');
+		$sql_extra = permissions_sql($uid);
+
+		$r = q("select allow_cid, allow_gid, deny_cid, deny_gid, cr_name, cr_expire, cr_id, count(cp_id) as cr_inroom from chatroom left join chatpresence on cr_id = cp_room where cr_uid = %d $sql_extra group by cr_name, cr_id order by cr_name",
+			intval($uid)
+		);
+
+		return $r;
+	}
+
+	static public function list_count($uid) {
+		require_once('include/security.php');
+		$sql_extra = permissions_sql($uid);
+
+		$r = q("select count(*) as total from chatroom where cr_uid = %d $sql_extra",
+			intval($uid)
+		);
+
+		return $r[0]['total'];
+	}
+
+	/**
+	 * create a chat message via API.
+	 * It is the caller's responsibility to enter the room.
+ 	*/
+
+	static public function message($uid, $room_id, $xchan, $text) {
+
+		$ret = array('success' => false);
+
+		if(! $text)
+			return;
+
+		$sql_extra = permissions_sql($uid);
+
+		$r = q("select * from chatroom where cr_uid = %d and cr_id = %d $sql_extra",
+			intval($uid),
+			intval($room_id)
+		);
+		if(! $r)
+			return $ret;
+
+		$arr = array(
+			'chat_room' => $room_id,
+			'chat_xchan' => $xchan,
+			'chat_text' => $text
+		);
+
+		call_hooks('chat_message', $arr);
+
+		$x = q("insert into chat ( chat_room, chat_xchan, created, chat_text )
+			values( %d, '%s', '%s', '%s' )",
+			intval($room_id),
+			dbesc($xchan),
+			dbesc(datetime_convert()),
+			dbesc($arr['chat_text'])
+		);
+
+		$ret['success'] = true;
+		return $ret;
+	}
+}

Zotlabs/Lib/Config.php

@@ -0,0 +1,166 @@
+<?php /** @file */
+
+namespace Zotlabs\Lib;
+
+
+class Config {
+
+	/**
+	 * @brief Loads the hub's configuration from database to a cached storage.
+	 *
+	 * Retrieve a category ($family) of config variables from database to a cached
+	 * storage in the global App::$config[$family].
+	 *
+	 * @param string $family
+	 *  The category of the configuration value
+	 */
+
+	static public function Load($family) {
+		if(! array_key_exists($family, \App::$config))
+			\App::$config[$family] = array();
+
+		if(! array_key_exists('config_loaded', \App::$config[$family])) {
+			$r = q("SELECT * FROM config WHERE cat = '%s'", dbesc($family));
+			if($r !== false) {
+				if($r) {
+					foreach($r as $rr) {
+						$k = $rr['k'];
+						\App::$config[$family][$k] = $rr['v'];
+					}
+				}
+				\App::$config[$family]['config_loaded'] = true;
+			}
+		} 
+	}
+
+	/**
+	 * @brief Sets a configuration value for the hub.
+	 *
+	 * Stores a config value ($value) in the category ($family) under the key ($key).
+	 *
+	 * @param string $family
+	 *  The category of the configuration value
+	 * @param string $key
+	 *  The configuration key to set
+	 * @param mixed $value
+	 *  The value to store in the configuration
+	 * @return mixed
+	 *  Return the set value, or false if the database update failed
+	 */
+
+	static public function Set($family,$key,$value) {
+		// manage array value
+		$dbvalue = ((is_array($value))  ? serialize($value) : $value);
+		$dbvalue = ((is_bool($dbvalue)) ? intval($dbvalue)  : $dbvalue);
+
+		if(get_config($family, $key) === false || (! self::get_from_storage($family, $key))) {
+			$ret = q("INSERT INTO config ( cat, k, v ) VALUES ( '%s', '%s', '%s' ) ",
+				dbesc($family),
+				dbesc($key),
+				dbesc($dbvalue)
+			);
+			if($ret) {
+				\App::$config[$family][$key] = $value;
+				$ret = $value;
+			}
+			return $ret;
+		}
+
+		$ret = q("UPDATE config SET v = '%s' WHERE cat = '%s' AND k = '%s'",
+			dbesc($dbvalue),
+			dbesc($family),
+			dbesc($key)
+		);
+
+		if($ret) {
+			\App::$config[$family][$key] = $value;
+			$ret = $value;
+		}
+		return $ret;
+
+	}
+
+	/**
+	 * @brief Get a particular config variable given the category name ($family)
+	 * and a key.
+	 *
+	 * Get a particular config variable from the given category ($family) and the
+	 * $key from a cached storage in App::$config[$family]. If a key is found in the
+	 * DB but does not exist in local config cache, pull it into the cache so we
+	 * do not have to hit the DB again for this item.
+	 * 
+	 * Returns false if not set.
+	 *
+	 * @param string $family
+	 *  The category of the configuration value
+	 * @param string $key
+	 *  The configuration key to query
+	 * @return mixed Return value or false on error or if not set
+	 */
+
+	static public function Get($family,$key) {
+		if((! array_key_exists($family, \App::$config)) || (! array_key_exists('config_loaded', \App::$config[$family])))
+			self::Load($family);
+
+		if(array_key_exists('config_loaded', \App::$config[$family])) {
+			if(! array_key_exists($key, \App::$config[$family])) {
+				return false;		
+			}
+			return ((! is_array(\App::$config[$family][$key])) && (preg_match('|^a:[0-9]+:{.*}$|s', \App::$config[$family][$key])) 
+				? unserialize(\App::$config[$family][$key])
+				: \App::$config[$family][$key]
+			);
+		}
+
+		return false;
+	}
+
+	/**
+	 * @brief Deletes the given key from the hub's configuration database.
+	 *
+	 * Removes the configured value from the stored cache in App::$config[$family]
+	 * and removes it from the database.
+	 *
+	 * @param string $family
+	 *  The category of the configuration value
+	 * @param string $key
+	 *  The configuration key to delete
+	 * @return mixed
+	 */
+
+	static public function Delete($family,$key) {
+
+		$ret = false;
+
+		if(array_key_exists($family, \App::$config) && array_key_exists($key, \App::$config[$family]))
+			unset(\App::$config[$family][$key]);
+			$ret = q("DELETE FROM config WHERE cat = '%s' AND k = '%s'",
+			dbesc($family),
+			dbesc($key)
+		);
+		return $ret;
+	}
+
+
+	/**
+	 * @brief Returns a value directly from the database configuration storage.
+	 *
+	 * This function queries directly the database and bypasses the chached storage
+	 * from get_config($family, $key).
+	 *
+	 * @param string $family
+	 *  The category of the configuration value
+	 * @param string $key
+	 *  The configuration key to query
+	 * @return mixed
+	 */
+
+	static private function get_from_storage($family,$key) {
+		$ret = q("SELECT * FROM config WHERE cat = '%s' AND k = '%s' LIMIT 1",
+			dbesc($family),
+			dbesc($key)
+		);
+		return $ret;
+	}
+
+}

Zotlabs/Lib/Enotify.php

@@ -0,0 +1,685 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+/**
+ * @brief File with functions and a class for generating system and email notifications.
+ */
+
+
+class Enotify {
+
+	/**
+	 * @brief
+	 *
+	 * @param array $params an assoziative array with:
+	 *  * \e string \b from_xchan sender xchan hash
+	 *  * \e string \b to_xchan recipient xchan hash
+	 *  * \e array \b item an assoziative array
+	 *  * \e int \b type one of the NOTIFY_* constants from boot.php
+	 *  * \e string \b link
+	 *  * \e string \b parent_mid
+	 *  * \e string \b otype
+	 *  * \e string \b verb
+	 *  * \e string \b activity
+	 */
+
+
+	static public function submit($params) {
+
+		logger('notification: entry', LOGGER_DEBUG);
+
+		// throw a small amount of entropy into the system to breakup duplicates arriving at the same precise instant.
+		usleep(mt_rand(0, 10000));
+
+		if ($params['from_xchan']) {
+			$x = q("select * from xchan where xchan_hash = '%s' limit 1",
+				dbesc($params['from_xchan'])
+			);
+		}
+		if ($params['to_xchan']) {
+			$y = q("select channel.*, account.* from channel left join account on channel_account_id = account_id
+				where channel_hash = '%s' and channel_removed = 0 limit 1",
+				dbesc($params['to_xchan'])
+			);
+		}
+		if ($x & $y) {
+			$sender = $x[0];
+			$recip = $y[0];
+		} else {
+			logger('notification: no sender or recipient.');
+			logger('sender: ' . $params['from_xchan']);
+			logger('recip: ' . $params['to_xchan']);
+			return;
+		}
+
+		// from here on everything is in the recipients language
+
+		push_lang($recip['account_language']); // should probably have a channel language
+
+		$banner     = t('$Projectname Notification');
+		$product    = t('$projectname'); // PLATFORM_NAME;
+		$siteurl    = z_root();
+		$thanks     = t('Thank You,');
+		$sitename   = get_config('system','sitename');
+		$site_admin = sprintf( t('%s Administrator'), $sitename);
+
+		$sender_name = $product;
+		$hostname = \App::get_hostname();
+		if(strpos($hostname,':'))
+		$hostname = substr($hostname,0,strpos($hostname,':'));
+
+		// Do not translate 'noreply' as it must be a legal 7-bit email address
+		$sender_email = 'noreply' . '@' . $hostname;
+
+		$additional_mail_header = "";
+
+		if(array_key_exists('item', $params)) {
+			require_once('include/conversation.php');
+			// if it's a normal item...
+			if (array_key_exists('verb', $params['item'])) {
+				// localize_item() alters the original item so make a copy first
+				$i = $params['item'];
+				logger('calling localize');
+				localize_item($i);
+				$title = $i['title'];
+				$body = $i['body'];
+				$private = (($i['item_private']) || intval($i['item_obscured']));
+			}
+			else {
+				$title = $params['item']['title'];
+				$body = $params['item']['body'];
+			}
+		} 
+		else {
+			$title = $body = '';
+		}
+
+
+	// e.g. "your post", "David's photo", etc.
+	$possess_desc = t('%s <!item_type!>');
+
+	if ($params['type'] == NOTIFY_MAIL) {
+		logger('notification: mail');
+		$subject = 	sprintf( t('[Hubzilla:Notify] New mail received at %s'),$sitename);
+
+		$preamble = sprintf( t('%1$s, %2$s sent you a new private message at %3$s.'),$recip['channel_name'], $sender['xchan_name'],$sitename);
+		$epreamble = sprintf( t('%1$s sent you %2$s.'),'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]', '[zrl=$itemlink]' . t('a private message') . '[/zrl]');
+		$sitelink = t('Please visit %s to view and/or reply to your private messages.');
+		$tsitelink = sprintf( $sitelink, $siteurl . '/mail/' . $params['item']['id'] );
+		$hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '/mail/' . $params['item']['id'] . '">' . $sitename . '</a>');
+		$itemlink = $siteurl . '/mail/' . $params['item']['id'];
+	}
+
+	if ($params['type'] == NOTIFY_COMMENT) {
+//		logger("notification: params = " . print_r($params, true), LOGGER_DEBUG);
+
+		$itemlink =  $params['link'];
+
+		// ignore like/unlike activity on posts - they probably require a sepearate notification preference
+
+		if (array_key_exists('item',$params) && (! visible_activity($params['item'])))
+			return;
+
+		$parent_mid = $params['parent_mid'];
+
+		// Check to see if there was already a notify for this post.
+		// If so don't create a second notification
+
+		$p = null;
+		$p = q("select id from notify where link = '%s' and uid = %d limit 1",
+			dbesc($params['link']),
+			intval($recip['channel_id'])
+		);
+		if ($p) {
+			logger('notification: comment already notified');
+			pop_lang();
+			return;
+		}
+	
+
+		// if it's a post figure out who's post it is.
+
+		$p = null;
+
+		if($params['otype'] === 'item' && $parent_mid) {
+			$p = q("select * from item where mid = '%s' and uid = %d limit 1",
+				dbesc($parent_mid),
+				intval($recip['channel_id'])
+			);
+		}
+
+		xchan_query($p);
+
+
+		$item_post_type = item_post_type($p[0]);
+//		$private = $p[0]['item_private'];
+		$parent_id = $p[0]['id'];
+
+		$parent_item = $p[0];
+
+		//$possess_desc = str_replace('<!item_type!>',$possess_desc);
+
+		// "a post"
+		$dest_str = sprintf(t('%1$s, %2$s commented on [zrl=%3$s]a %4$s[/zrl]'),
+			$recip['channel_name'],
+			'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
+			$itemlink,
+			$item_post_type);
+
+		// "George Bull's post"
+		if($p)
+			$dest_str = sprintf(t('%1$s, %2$s commented on [zrl=%3$s]%4$s\'s %5$s[/zrl]'),
+				$recip['channel_name'],
+				'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
+				$itemlink,
+				$p[0]['author']['xchan_name'],
+				$item_post_type);
+		
+		// "your post"
+		if($p[0]['owner']['xchan_name'] == $p[0]['author']['xchan_name'] && intval($p[0]['item_wall']))
+			$dest_str = sprintf(t('%1$s, %2$s commented on [zrl=%3$s]your %4$s[/zrl]'),
+				$recip['channel_name'],
+				'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
+				$itemlink,
+				$item_post_type);
+
+		// Some mail softwares relies on subject field for threading.
+		// So, we cannot have different subjects for notifications of the same thread.
+		// Before this we have the name of the replier on the subject rendering 
+		// differents subjects for messages on the same thread.
+
+		$subject = sprintf( t('[Hubzilla:Notify] Comment to conversation #%1$d by %2$s'), $parent_id, $sender['xchan_name']);
+		$preamble = sprintf( t('%1$s, %2$s commented on an item/conversation you have been following.'), $recip['channel_name'], $sender['xchan_name']); 
+		$epreamble = $dest_str; 
+
+		$sitelink = t('Please visit %s to view and/or reply to the conversation.');
+		$tsitelink = sprintf( $sitelink, $siteurl );
+		$hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '">' . $sitename . '</a>');
+	}
+
+	if($params['type'] == NOTIFY_WALL) {
+		$subject = sprintf( t('[Hubzilla:Notify] %s posted to your profile wall') , $sender['xchan_name']);
+
+		$preamble = sprintf( t('%1$s, %2$s posted to your profile wall at %3$s') , $recip['channel_name'], $sender['xchan_name'], $sitename);
+
+		$epreamble = sprintf( t('%1$s, %2$s posted to [zrl=%3$s]your wall[/zrl]') ,
+			$recip['channel_name'], 
+			'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
+			$params['link']); 
+
+		$sitelink = t('Please visit %s to view and/or reply to the conversation.');
+		$tsitelink = sprintf( $sitelink, $siteurl );
+		$hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '">' . $sitename . '</a>');
+		$itemlink =  $params['link'];
+	}
+
+	if ($params['type'] == NOTIFY_TAGSELF) {
+
+		$p = null;
+		$p = q("select id from notify where link = '%s' and uid = %d limit 1",
+			dbesc($params['link']),
+			intval($recip['channel_id'])
+		);
+		if ($p) {
+			logger('enotify: tag: already notified about this post');
+			pop_lang();
+			return;
+		}
+	
+		$subject =	sprintf( t('[Hubzilla:Notify] %s tagged you') , $sender['xchan_name']);
+		$preamble = sprintf( t('%1$s, %2$s tagged you at %3$s') , $recip['channel_name'], $sender['xchan_name'], $sitename);
+		$epreamble = sprintf( t('%1$s, %2$s [zrl=%3$s]tagged you[/zrl].') ,
+			$recip['channel_name'],
+			'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
+			$params['link']); 
+
+		$sitelink = t('Please visit %s to view and/or reply to the conversation.');
+		$tsitelink = sprintf( $sitelink, $siteurl );
+		$hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '">' . $sitename . '</a>');
+		$itemlink =  $params['link'];
+	}
+
+	if ($params['type'] == NOTIFY_POKE) {
+		$subject =	sprintf( t('[Hubzilla:Notify] %1$s poked you') , $sender['xchan_name']);
+		$preamble = sprintf( t('%1$s, %2$s poked you at %3$s') , $recip['channel_name'], $sender['xchan_name'], $sitename);
+		$epreamble = sprintf( t('%1$s, %2$s [zrl=%2$s]poked you[/zrl].') ,
+			$recip['channel_name'], 
+			'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
+			$params['link']); 
+
+		$subject = str_replace('poked', t($params['activity']), $subject);
+		$preamble = str_replace('poked', t($params['activity']), $preamble);
+		$epreamble = str_replace('poked', t($params['activity']), $epreamble);
+
+		$sitelink = t('Please visit %s to view and/or reply to the conversation.');
+		$tsitelink = sprintf( $sitelink, $siteurl );
+		$hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '">' . $sitename . '</a>');
+		$itemlink =  $params['link'];
+	}
+
+	if ($params['type'] == NOTIFY_TAGSHARE) {
+		$subject =	sprintf( t('[Hubzilla:Notify] %s tagged your post') , $sender['xchan_name']);
+		$preamble = sprintf( t('%1$s, %2$s tagged your post at %3$s') , $recip['channel_name'],$sender['xchan_name'], $sitename);
+		$epreamble = sprintf( t('%1$s, %2$s tagged [zrl=%3$s]your post[/zrl]') ,
+			$recip['channel_name'],
+			'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
+			$itemlink); 
+
+		$sitelink = t('Please visit %s to view and/or reply to the conversation.');
+		$tsitelink = sprintf( $sitelink, $siteurl );
+		$hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '">' . $sitename . '</a>');
+		$itemlink =  $params['link'];
+	}
+
+	if ($params['type'] == NOTIFY_INTRO) {
+		$subject = sprintf( t('[Hubzilla:Notify] Introduction received'));
+		$preamble = sprintf( t('%1$s, you\'ve received an new connection request from \'%2$s\' at %3$s'), $recip['channel_name'], $sender['xchan_name'], $sitename); 
+		$epreamble = sprintf( t('%1$s, you\'ve received [zrl=%2$s]a new connection request[/zrl] from %3$s.'),
+			$recip['channel_name'],
+			$siteurl . '/connections/ifpending',
+			'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]'); 
+		$body = sprintf( t('You may visit their profile at %s'),$sender['xchan_url']);
+
+		$sitelink = t('Please visit %s to approve or reject the connection request.');
+		$tsitelink = sprintf( $sitelink, $siteurl . '/connections/ifpending');
+		$hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '/connections/ifpending">' . $sitename . '</a>');
+		$itemlink = $params['link'];
+	}
+
+	if ($params['type'] == NOTIFY_SUGGEST) {
+		$subject = sprintf( t('[Hubzilla:Notify] Friend suggestion received'));
+		$preamble = sprintf( t('%1$s, you\'ve received a friend suggestion from \'%2$s\' at %3$s'), $recip['channel_name'], $sender['xchan_name'], $sitename); 
+		$epreamble = sprintf( t('%1$s, you\'ve received [zrl=%2$s]a friend suggestion[/zrl] for %3$s from %4$s.'),
+			$recip['channel_name'],
+			$itemlink,
+			'[zrl=' . $params['item']['url'] . ']' . $params['item']['name'] . '[/zrl]',
+			'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]'); 
+
+		$body = t('Name:') . ' ' . $params['item']['name'] . "\n";
+		$body .= t('Photo:') . ' ' . $params['item']['photo'] . "\n";
+		$body .= sprintf( t('You may visit their profile at %s'),$params['item']['url']);
+
+		$sitelink = t('Please visit %s to approve or reject the suggestion.');
+		$tsitelink = sprintf( $sitelink, $siteurl );
+		$hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '">' . $sitename . '</a>');
+		$itemlink =  $params['link'];
+	}
+
+	if ($params['type'] == NOTIFY_CONFIRM) {
+		// ?
+	}
+
+	if ($params['type'] == NOTIFY_SYSTEM) {
+		// ?
+	}
+
+	$h = array(
+		'params'    => $params,
+		'subject'   => $subject,
+		'preamble'  => $preamble,
+		'epreamble' => $epreamble,
+		'body'      => $body,
+		'sitelink'  => $sitelink,
+		'sitename'  => $sitename,
+		'tsitelink' => $tsitelink,
+		'hsitelink' => $hsitelink,
+		'itemlink'  => $itemlink,
+		'sender'    => $sender,
+		'recipient' => $recip
+	);
+
+	call_hooks('enotify', $h);
+
+	$subject   = $h['subject'];
+	$preamble  = $h['preamble'];
+	$epreamble = $h['epreamble'];
+	$body      = $h['body'];
+	$sitelink  = $h['sitelink'];
+	$tsitelink = $h['tsitelink'];
+	$hsitelink = $h['hsitelink'];
+	$itemlink  = $h['itemlink']; 
+
+
+	require_once('include/html2bbcode.php');
+
+	do {
+		$dups = false;
+		$hash = random_string();
+		$r = q("SELECT `id` FROM `notify` WHERE `hash` = '%s' LIMIT 1",
+			dbesc($hash));
+		if ($r)
+			$dups = true;
+	} while ($dups === true);
+
+
+	$datarray = array();
+	$datarray['hash']   = $hash;
+	$datarray['sender_hash'] = $sender['xchan_hash'];
+	$datarray['xname']   = $sender['xchan_name'];
+	$datarray['url']    = $sender['xchan_url'];
+	$datarray['photo']  = $sender['xchan_photo_s'];
+	$datarray['created']   = datetime_convert();
+	$datarray['aid']    = $recip['channel_account_id'];
+	$datarray['uid']    = $recip['channel_id'];
+	$datarray['link']   = $itemlink;
+	$datarray['parent'] = $parent_mid;
+	$datarray['parent_item'] = $parent_item;
+	$datarray['ntype']   = $params['type'];
+	$datarray['verb']   = $params['verb'];
+	$datarray['otype']  = $params['otype'];
+ 	$datarray['abort']  = false;
+
+	$datarray['item'] = $params['item'];
+
+	call_hooks('enotify_store', $datarray);
+
+	if ($datarray['abort']) {
+		pop_lang();
+		return;
+	}
+
+
+	// create notification entry in DB
+	$seen = 0;
+
+	// Mark some notifications as seen right away
+	// Note! The notification have to be created, because they are used to send emails
+	// So easiest solution to hide them from Notices is to mark them as seen right away.
+	// Another option would be to not add them to the DB, and change how emails are handled (probably would be better that way)
+	$always_show_in_notices = get_pconfig($recip['channel_id'],'system','always_show_in_notices');
+	if (!$always_show_in_notices) {
+		if (($params['type'] == NOTIFY_WALL) || ($params['type'] == NOTIFY_MAIL) || ($params['type'] == NOTIFY_INTRO)) {
+			$seen = 1;
+		}
+	}
+
+	$r = q("insert into notify (hash,xname,url,photo,created,aid,uid,link,parent,seen,ntype,verb,otype)
+		values('%s','%s','%s','%s','%s',%d,%d,'%s','%s',%d,%d,'%s','%s')",
+		dbesc($datarray['hash']),
+		dbesc($datarray['xname']),
+		dbesc($datarray['url']),
+		dbesc($datarray['photo']),
+		dbesc($datarray['created']),
+		intval($datarray['aid']),
+		intval($datarray['uid']),
+		dbesc($datarray['link']),
+		dbesc($datarray['parent']),
+		intval($seen),
+		intval($datarray['ntype']),
+		dbesc($datarray['verb']),
+		dbesc($datarray['otype'])
+	);
+
+	$r = q("select id from notify where hash = '%s' and uid = %d limit 1",
+		dbesc($hash),
+		intval($recip['channel_id'])
+	);
+	if ($r) {
+		$notify_id = $r[0]['id'];
+	} else {
+		logger('notification not found.');
+		pop_lang();
+		return;
+	}
+
+	$itemlink = z_root() . '/notify/view/' . $notify_id;
+	$msg = str_replace('$itemlink',$itemlink,$epreamble);
+
+	// wretched hack, but we don't want to duplicate all the preamble variations and we also don't want to screw up a translation
+
+	if ((\App::$language === 'en' || (! \App::$language)) && strpos($msg,', '))
+		$msg = substr($msg,strpos($msg,', ')+1);	
+
+	$r = q("update notify set msg = '%s' where id = %d and uid = %d",
+		dbesc($msg),
+		intval($notify_id),
+		intval($datarray['uid'])
+	);
+
+	// send email notification if notification preferences permit
+
+	require_once('bbcode.php');
+	if ((intval($recip['channel_notifyflags']) & intval($params['type'])) || $params['type'] == NOTIFY_SYSTEM) {
+
+		logger('notification: sending notification email');
+
+		$hn = get_pconfig($recip['channel_id'],'system','email_notify_host');
+		if($hn && (! stristr(\App::get_hostname(),$hn))) {
+			// this isn't the email notification host
+			pop_lang();
+			return;
+		}
+
+		$textversion = strip_tags(html_entity_decode(bbcode(stripslashes(str_replace(array("\\r", "\\n"), array( "", "\n"), $body))),ENT_QUOTES,'UTF-8'));
+
+		$htmlversion = bbcode(stripslashes(str_replace(array("\\r","\\n"), array("","<br />\n"),$body)));
+
+
+		// use $_SESSION['zid_override'] to force zid() to use 
+		// the recipient address instead of the current observer
+
+		$_SESSION['zid_override'] = $recip['channel_address'] . '@' . \App::get_hostname();
+		$_SESSION['zrl_override'] = z_root() . '/channel/' . $recip['channel_address'];
+		
+		$textversion = zidify_links($textversion);
+		$htmlversion = zidify_links($htmlversion);
+
+		// unset when done to revert to normal behaviour
+
+		unset($_SESSION['zid_override']);
+		unset($_SESSION['zrl_override']);
+
+		$datarray = array();
+		$datarray['banner']       = $banner;
+		$datarray['product']      = $product;
+		$datarray['preamble']     = $preamble;
+		$datarray['sitename']     = $sitename;
+		$datarray['siteurl']      = $siteurl;
+		$datarray['type']         = $params['type'];
+		$datarray['parent']       = $params['parent_mid'];
+		$datarray['source_name']  = $sender['xchan_name'];
+		$datarray['source_link']  = $sender['xchan_url'];
+		$datarray['source_photo'] = $sender['xchan_photo_s'];
+		$datarray['uid']          = $recip['channel_id'];
+		$datarray['username']     = $recip['channel_name'];
+		$datarray['hsitelink']    = $hsitelink;
+		$datarray['tsitelink']    = $tsitelink;
+		$datarray['hitemlink']    = '<a href="' . $itemlink . '">' . $itemlink . '</a>';
+		$datarray['titemlink']    = $itemlink;
+		$datarray['thanks']       = $thanks;
+		$datarray['site_admin']   = $site_admin;
+		$datarray['title']        = stripslashes($title);
+		$datarray['htmlversion']  = $htmlversion;
+		$datarray['textversion']  = $textversion;
+		$datarray['subject']      = $subject;
+		$datarray['headers']      = $additional_mail_header;
+		$datarray['email_secure'] = false;
+
+		call_hooks('enotify_mail', $datarray);
+
+		// Default to private - don't disclose message contents over insecure channels (such as email)
+		// Might be interesting to use GPG,PGP,S/MIME encryption instead
+		// but we'll save that for a clever plugin developer to implement
+
+		$private_activity = false;
+
+		if (! $datarray['email_secure']) {
+			switch ($params['type']) {
+				case NOTIFY_WALL:
+				case NOTIFY_TAGSELF:
+				case NOTIFY_POKE:
+				case NOTIFY_COMMENT:
+					if (! $private)
+						break;
+					$private_activity = true;
+				case NOTIFY_MAIL:
+					$datarray['textversion'] = $datarray['htmlversion'] = $datarray['title'] = '';
+					$datarray['subject'] = preg_replace('/' . preg_quote(t('[Hubzilla:Notify]')) . '/','$0*',$datarray['subject']);
+					break;
+				default:
+					break;
+			}
+		}
+
+		if ($private_activity
+			&& intval(get_pconfig($datarray['uid'], 'system', 'ignore_private_notifications'))) {
+
+			pop_lang();
+			return;
+		}
+
+		// load the template for private message notifications
+		$tpl = get_markup_template('email_notify_html.tpl');
+		$email_html_body = replace_macros($tpl,array(
+			'$banner'       => $datarray['banner'],
+			'$notify_icon'  => \Zotlabs\Lib\System::get_notify_icon(),
+			'$product'      => $datarray['product'],
+			'$preamble'     => $datarray['preamble'],
+			'$sitename'     => $datarray['sitename'],
+			'$siteurl'      => $datarray['siteurl'],
+			'$source_name'  => $datarray['source_name'],
+			'$source_link'  => $datarray['source_link'],
+			'$source_photo' => $datarray['source_photo'],
+			'$username'     => $datarray['to_name'],
+			'$hsitelink'    => $datarray['hsitelink'],
+			'$hitemlink'    => $datarray['hitemlink'],
+			'$thanks'       => $datarray['thanks'],
+			'$site_admin'   => $datarray['site_admin'],
+			'$title'        => $datarray['title'],
+			'$htmlversion'  => $datarray['htmlversion'],
+		));
+
+		// load the template for private message notifications
+		$tpl = get_markup_template('email_notify_text.tpl');
+		$email_text_body = replace_macros($tpl, array(
+			'$banner'       => $datarray['banner'],
+			'$product'      => $datarray['product'],
+			'$preamble'     => $datarray['preamble'],
+			'$sitename'     => $datarray['sitename'],
+			'$siteurl'      => $datarray['siteurl'],
+			'$source_name'  => $datarray['source_name'],
+			'$source_link'  => $datarray['source_link'],
+			'$source_photo' => $datarray['source_photo'],
+			'$username'     => $datarray['to_name'],
+			'$tsitelink'    => $datarray['tsitelink'],
+			'$titemlink'    => $datarray['titemlink'],
+			'$thanks'       => $datarray['thanks'],
+			'$site_admin'   => $datarray['site_admin'],
+			'$title'        => $datarray['title'],
+			'$textversion'  => $datarray['textversion'],
+		));
+
+//		logger('text: ' . $email_text_body);
+
+		// use the EmailNotification library to send the message
+
+		self::send(array(
+			'fromName'             => $sender_name,
+			'fromEmail'            => $sender_email,
+			'replyTo'              => $sender_email,
+			'toEmail'              => $recip['account_email'],
+			'messageSubject'       => $datarray['subject'],
+			'htmlVersion'          => $email_html_body,
+			'textVersion'          => $email_text_body,
+			'additionalMailHeader' => $datarray['headers'],
+		));
+	}
+
+	pop_lang();
+
+}
+
+
+	/**
+	 * @brief Send a multipart/alternative message with Text and HTML versions.
+	 *
+	 * @param array $params an assoziative array with:
+	 *  * \e string \b fromName        name of the sender
+	 *  * \e string \b fromEmail       email of the sender
+	 *  * \e string \b replyTo         replyTo address to direct responses
+	 *  * \e string \b toEmail         destination email address
+	 *  * \e string \b messageSubject  subject of the message
+	 *  * \e string \b htmlVersion     html version of the message
+	 *  * \e string \b textVersion     text only version of the message
+	 *  * \e string \b additionalMailHeader  additions to the smtp mail header
+	 */
+	static public function send($params) {
+
+		$fromName = email_header_encode(html_entity_decode($params['fromName'],ENT_QUOTES,'UTF-8'),'UTF-8'); 
+		$messageSubject = email_header_encode(html_entity_decode($params['messageSubject'],ENT_QUOTES,'UTF-8'),'UTF-8');
+
+		// generate a mime boundary
+		$mimeBoundary = rand(0, 9) . "-"
+				.rand(10000000000, 9999999999) . "-"
+				.rand(10000000000, 9999999999) . "=:"
+				.rand(10000, 99999);
+
+		// generate a multipart/alternative message header
+		$messageHeader =
+			$params['additionalMailHeader'] .
+			"From: $fromName <{$params['fromEmail']}>\n" .
+			"Reply-To: $fromName <{$params['replyTo']}>\n" .
+			"MIME-Version: 1.0\n" .
+			"Content-Type: multipart/alternative; boundary=\"{$mimeBoundary}\"";
+
+		// assemble the final multipart message body with the text and html types included
+		$textBody = chunk_split(base64_encode($params['textVersion']));
+		$htmlBody = chunk_split(base64_encode($params['htmlVersion']));
+
+		$multipartMessageBody =
+			"--" . $mimeBoundary . "\n" .					// plain text section
+			"Content-Type: text/plain; charset=UTF-8\n" .
+			"Content-Transfer-Encoding: base64\n\n" .
+			$textBody . "\n" .
+			"--" . $mimeBoundary . "\n" .					// text/html section
+			"Content-Type: text/html; charset=UTF-8\n" .
+			"Content-Transfer-Encoding: base64\n\n" .
+			$htmlBody . "\n" .
+			"--" . $mimeBoundary . "--\n";					// message ending
+
+		// send the message
+		$res = mail(
+			$params['toEmail'],								// send to address
+			$messageSubject,								// subject
+			$multipartMessageBody,							// message body
+			$messageHeader									// message headers
+		);
+		logger("notification: enotify::send returns " . $res, LOGGER_DEBUG);
+	}
+
+	static public function format($item) {
+
+		$ret = '';
+
+		require_once('include/conversation.php');
+
+		// Call localize_item with the "brief" flag to get a one line status for activities. 
+		// This should set $item['localized'] to indicate we have a brief summary.
+
+		localize_item($item);
+
+		if($item_localize) {
+			$itemem_text = $item['localize'];
+		}
+		else {
+			$itemem_text = (($item['item_thread_top'])
+				? t('created a new post')
+				: sprintf( t('commented on %s\'s post'), $item['owner']['xchan_name']));
+		}
+
+		// convert this logic into a json array just like the system notifications
+
+		return array(
+			'notify_link' => $item['llink'], 
+			'name' => $item['author']['xchan_name'],
+			'url' => $item['author']['xchan_url'],
+			'photo' => $item['author']['xchan_photo_s'],
+			'when' => relative_date($item['created']), 
+			'class' => (intval($item['item_unseen']) ? 'notify-unseen' : 'notify-seen'), 
+			'message' => strip_tags(bbcode($itemem_text))
+		);
+
+	}
+
+}

Zotlabs/Lib/IConfig.php

@@ -0,0 +1,165 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+
+
+class IConfig {
+
+	static public function Load(&$item) {
+		return;
+	}
+
+	static public function Get(&$item, $family, $key) {
+
+		$is_item = false;
+	
+		if(is_array($item)) {
+			$is_item = true;
+			if((! array_key_exists('iconfig',$item)) || (! is_array($item['iconfig'])))
+				$item['iconfig'] = array();
+
+			if(array_key_exists('item_id',$item))
+				$iid = $item['item_id'];
+			else
+				$iid = $item['id'];
+		}
+		elseif(intval($item))
+			$iid = $item;
+
+		if(! $iid)
+			return false;
+
+		if(is_array($item) && array_key_exists('iconfig',$item) && is_array($item['iconfig'])) {
+			foreach($item['iconfig'] as $c) {
+				if($c['iid'] == $iid && $c['cat'] == $family && $c['k'] == $key)
+					return $c['v'];
+			}
+		}
+		 
+		$r = q("select * from iconfig where iid = %d and cat = '%s' and k = '%s' limit 1",
+			intval($iid),
+			dbesc($family),
+			dbesc($key)
+		);
+		if($r) {
+			$r[0]['v'] = ((preg_match('|^a:[0-9]+:{.*}$|s',$r[0]['v'])) ? unserialize($r[0]['v']) : $r[0]['v']);
+			if($is_item)
+				$item['iconfig'][] = $r[0];
+			return $r[0]['v'];
+		}
+		return false;
+
+	}
+
+	/**
+	 * IConfig::Set(&$item, $family, $key, $value, $sharing = false);
+	 *
+	 * $item - item array or item id. If passed an array the iconfig meta information is
+	 *    added to the item structure (which will need to be saved with item_store eventually).
+	 *    If passed an id, the DB is updated, but may not be federated and/or cloned.
+	 * $family - namespace of meta variable
+	 * $key - key of meta variable
+	 * $value - value of meta variable
+	 * $sharing - boolean (default false); if true the meta information is propagated with the item
+	 *   to other sites/channels, mostly useful when $item is an array and has not yet been stored/delivered.
+	 *   If the meta information is added after delivery and you wish it to be shared, it may be necessary to 
+	 *   alter the item edited timestamp and invoke the delivery process on the updated item. The edited 
+	 *   timestamp needs to be altered in order to trigger an item_store_update() at the receiving end.
+	 */
+ 
+
+	static public function Set(&$item, $family, $key, $value, $sharing = false) {
+
+		$dbvalue = ((is_array($value))  ? serialize($value) : $value);
+		$dbvalue = ((is_bool($dbvalue)) ? intval($dbvalue)  : $dbvalue);
+
+		$is_item = false;
+		$idx = null;
+
+		if(is_array($item)) {
+			$is_item = true;
+			if((! array_key_exists('iconfig',$item)) || (! is_array($item['iconfig'])))
+				$item['iconfig'] = array();
+			elseif($item['iconfig']) {
+				for($x = 0; $x < count($item['iconfig']); $x ++) {
+					if($item['iconfig'][$x]['cat'] == $family && $item['iconfig'][$x]['k'] == $key) {
+						$idx = $x;
+					}
+				}
+			}
+			$entry = array('cat' => $family, 'k' => $key, 'v' => $value, 'sharing' => $sharing);
+
+			if(is_null($idx))
+				$item['iconfig'][] = $entry;
+			else
+				$item['iconfig'][$idx] = $entry;
+			return $value;
+		}
+
+		if(intval($item))
+			$iid = intval($item);
+
+		if(! $iid)
+			return false;
+
+		if(self::Get($item, $family, $key) === false) {
+			$r = q("insert into iconfig( iid, cat, k, v, sharing ) values ( %d, '%s', '%s', '%s', %d ) ",
+				intval($iid),
+				dbesc($family),
+				dbesc($key),
+				dbesc($dbvalue),
+				intval($sharing)
+			);
+		}
+		else {
+			$r = q("update iconfig set v = '%s', sharing = %d where iid = %d and cat = '%s' and  k = '%s' ",
+				dbesc($dbvalue),
+				intval($sharing),
+				intval($iid),
+				dbesc($family),
+				dbesc($key)
+			);
+		}
+
+		if(! $r)
+			return false;
+
+		return $value;
+	}
+
+
+
+	static public function Delete(&$item, $family, $key) {
+
+
+		$is_item = false;
+		$idx = null;
+
+		if(is_array($item)) {
+			$is_item = true;
+			if(is_array($item['iconfig'])) {
+				for($x = 0; $x < count($item['iconfig']); $x ++) {
+					if($item['iconfig'][$x]['cat'] == $family && $item['iconfig'][$x]['k'] == $key) {
+						unset($item['iconfig'][$x]);
+					}
+				}
+			}
+			return true;
+		}
+
+		if(intval($item))
+			$iid = intval($item);
+
+		if(! $iid)
+			return false;
+
+		return q("delete from iconfig where iid = %d and cat = '%s' and  k = '%s' ",
+			intval($iid),
+			dbesc($family),
+			dbesc($key)
+		);
+
+	}
+
+}

Zotlabs/Lib/PConfig.php

@@ -0,0 +1,189 @@
+<?php /** @file */
+
+namespace Zotlabs\Lib;
+
+
+class PConfig {
+
+	/**
+	 * @brief Loads all configuration values of a channel into a cached storage.
+	 *
+	 * All configuration values of the given channel are stored in global cache
+	 * which is available under the global variable App::$config[$uid].
+	 *
+	 * @param string $uid
+	 *  The channel_id
+	 * @return void|false Nothing or false if $uid is false
+	 */
+
+	static public function Load($uid) {
+		if($uid === false)
+			return false;
+
+		if(! array_key_exists($uid, \App::$config))
+			\App::$config[$uid] = array();
+
+		$r = q("SELECT * FROM pconfig WHERE uid = %d",
+			intval($uid)
+		);
+
+		if($r) {
+			foreach($r as $rr) {
+				$k = $rr['k'];
+				$c = $rr['cat'];
+				if(! array_key_exists($c, \App::$config[$uid])) {
+					\App::$config[$uid][$c] = array();
+					\App::$config[$uid][$c]['config_loaded'] = true;
+				}
+				\App::$config[$uid][$c][$k] = $rr['v'];
+			}
+		}
+	}
+
+	/**
+	 * @brief Get a particular channel's config variable given the category name
+	 * ($family) and a key.
+	 *
+	 * Get a particular channel's config value from the given category ($family)
+	 * and the $key from a cached storage in App::$config[$uid].
+	 *
+	 * Returns false if not set.
+	 *
+	 * @param string $uid
+	 *  The channel_id
+	 * @param string $family
+	 *  The category of the configuration value
+	 * @param string $key
+	 *  The configuration key to query
+	 * @param boolean $instore (deprecated, without function)
+	 * @return mixed Stored value or false if it does not exist
+	 */
+
+	static public function Get($uid,$family,$key,$instore = false) {
+
+		if($uid === false)
+			return false;
+
+		if(! array_key_exists($uid, \App::$config))
+			self::Load($uid);
+
+		if((! array_key_exists($family, \App::$config[$uid])) || (! array_key_exists($key, \App::$config[$uid][$family])))
+			return false;
+
+		return ((! is_array(\App::$config[$uid][$family][$key])) && (preg_match('|^a:[0-9]+:{.*}$|s', \App::$config[$uid][$family][$key])) 
+			? unserialize(\App::$config[$uid][$family][$key])
+			: \App::$config[$uid][$family][$key]
+		);
+
+	}
+
+	/**
+	 * @brief Sets a configuration value for a channel.
+	 *
+	 * Stores a config value ($value) in the category ($family) under the key ($key)
+	 * for the channel_id $uid.
+	 *
+	 * @param string $uid
+	 *  The channel_id
+	 * @param string $family
+	 *  The category of the configuration value
+	 * @param string $key
+	 *  The configuration key to set
+	 * @param string $value
+	 *  The value to store
+	 * @return mixed Stored $value or false
+	 */
+
+	static public function Set($uid, $family, $key, $value) {
+
+		// this catches subtle errors where this function has been called 
+		// with local_channel() when not logged in (which returns false)
+		// and throws an error in array_key_exists below. 
+		// we provide a function backtrace in the logs so that we can find
+		// and fix the calling function.
+
+		if($uid === false) {
+			btlogger('UID is FALSE!', LOGGER_NORMAL, LOG_ERR);
+			return;
+		}
+
+		// manage array value
+		$dbvalue = ((is_array($value))  ? serialize($value) : $value);
+		$dbvalue = ((is_bool($dbvalue)) ? intval($dbvalue)  : $dbvalue);
+
+		if(get_pconfig($uid, $family, $key) === false) {
+			if(! array_key_exists($uid, \App::$config))
+				\App::$config[$uid] = array();
+			if(! array_key_exists($family, \App::$config[$uid]))
+				\App::$config[$uid][$family] = array();
+
+			$ret = q("INSERT INTO pconfig ( uid, cat, k, v ) VALUES ( %d, '%s', '%s', '%s' ) ",
+				intval($uid),
+				dbesc($family),
+				dbesc($key),
+				dbesc($dbvalue)
+			);
+
+		}
+		else {
+
+			$ret = q("UPDATE pconfig SET v = '%s' WHERE uid = %d and cat = '%s' AND k = '%s'",
+				dbesc($dbvalue),
+				intval($uid),
+				dbesc($family),
+				dbesc($key)
+			);
+
+		}
+
+		// keep a separate copy for all variables which were
+		// set in the life of this page. We need this to
+		// synchronise channel clones.
+
+		if(! array_key_exists('transient', \App::$config[$uid]))
+			\App::$config[$uid]['transient'] = array();
+		if(! array_key_exists($family, \App::$config[$uid]['transient']))
+			\App::$config[$uid]['transient'][$family] = array();
+
+		\App::$config[$uid][$family][$key] = $value;
+		\App::$config[$uid]['transient'][$family][$key] = $value;
+
+		if($ret)
+			return $value;
+
+		return $ret;
+	}
+
+
+	/**
+	 * @brief Deletes the given key from the channel's configuration.
+	 *
+	 * Removes the configured value from the stored cache in App::$config[$uid]
+	 * and removes it from the database.
+	 *
+	 * @param string $uid
+	 *  The channel_id
+	 * @param string $family
+	 *  The category of the configuration value
+	 * @param string $key
+	 *  The configuration key to delete
+	 * @return mixed
+	 */
+ 
+	static public function Delete($uid, $family, $key) {
+
+		$ret = false;
+
+		if(array_key_exists($key, \App::$config[$uid][$family]))
+			unset(\App::$config[$uid][$family][$key]);
+			$ret = q("DELETE FROM pconfig WHERE uid = %d AND cat = '%s' AND k = '%s'",
+				intval($uid),
+				dbesc($family),
+				dbesc($key)
+			);
+
+		return $ret;
+	}
+
+}
+		

Zotlabs/Lib/PermissionDescription.php

@@ -0,0 +1,170 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+require_once("include/permissions.php");
+require_once("include/language.php");
+require_once("include/text.php");
+
+
+/**
+ * Encapsulates information the ACL dialog requires to describe
+ * permission settings for an item with an empty ACL.
+ * i.e the caption, icon, and tooltip for the no-ACL option in the ACL dialog.
+ */
+class PermissionDescription  {
+
+	private $global_perm;
+	private $channel_perm;
+	private $fallback_description;
+	
+	/**
+	 * Constructor is private.
+	 * Use static methods fromGlobalPermission(), fromStandalonePermission(), or fromDescription()
+	 * to create instances.
+	 */
+	private function __construct($global_perm, $channel_perm, $description = '') {
+
+		$this->global_perm  = $global_perm;
+		$this->channel_perm = $channel_perm;
+		
+		$this->fallback_description = ($description  == '') ? t('Visible to your default audience') : $description;
+	}
+
+	/**
+	 * If the interpretation of an empty ACL can't be summarised with a global default permission
+	 * or a specific permission setting then use this method and describe what it means instead.
+	 * Remember to localize the description first.
+	 *
+	 * @param  string $description - the localized caption for the no-ACL option in the ACL dialog.
+	 * @return a new instance of PermissionDescription
+	 */
+	public static function fromDescription($description) {
+		return new PermissionDescription('', 0x80000, $description);
+	}
+
+
+	/**
+	 * Use this method only if the interpretation of an empty ACL doesn't fall back to a global
+	 * default permission. You should pass one of the constants from boot.php - PERMS_PUBLIC,
+	 * PERMS_NETWORK etc.
+	 * 
+	 * @param  integer $perm - a single enumerated constant permission - PERMS_PUBLIC, PERMS_NETWORK etc.
+	 * @return a new instance of PermissionDescription
+	 */
+	public static function fromStandalonePermission($perm) {
+
+		$result = new PermissionDescription('', $perm);
+		
+		$checkPerm = $this->get_permission_description();
+		if ($checkPerm == $this->fallback_description) {
+			$result = null;
+			logger('null PermissionDescription from unknown standalone permission: ' . $perm ,LOGGER_DEBUG, LOG_ERROR);
+		}
+
+		return $result;
+	}
+
+	/**
+	 * This is the preferred way to create a PermissionDescription, as it provides the most details.
+	 * Use this method if you know an empty ACL will result in one of the global default permissions 
+	 * being used, such as channel_r_stream (for which you would pass 'view_stream').
+	 * 
+	 * @param  string $permname - a key for the global perms array from get_perms() in permissions.php,
+	 *         e.g. 'view_stream', 'view_profile', etc.
+	 * @return a new instance of PermissionDescription
+	 */
+	public static function fromGlobalPermission($permname) {
+
+		$result = null;
+
+		$global_perms = get_perms();
+
+		if (array_key_exists($permname, $global_perms)) {
+
+			$permDetails = $global_perms[$permname];
+
+			// It should be OK to always just read the permissions from App::$channel
+			//
+			// App::$profile is a union of channel and profile fields.
+			// The distinction is basically that App::$profile is pointing to the resource
+			// being observed. App::$channel is referring to the current logged-in channel
+			// member (if this is a local channel) e.g. the observer. We only show the ACL
+			// widget to the page owner (observer and observed are the same) so in that case
+			// I believe either may be safely used here.
+			$channelPerm = \App::$channel[$permDetails[0]];
+			$result = new PermissionDescription($permDetails[1], $channelPerm);
+		} else {
+			// The acl dialog can handle null arguments, but it shouldn't happen
+			logger('null PermissionDescription from unknown global permission: ' . $permname ,LOGGER_DEBUG, LOG_ERROR);
+		}
+		return $result;
+	}
+
+
+	/**
+	 * Gets a localized description of the permission, or a generic message if the permission
+	 * is unknown.
+	 *
+	 * @return string description
+	 */
+	public function get_permission_description() {
+
+		switch($this->channel_perm) {			
+
+			case 0:              return t('Only me');
+			case PERMS_PUBLIC:   return t('Public');
+			case PERMS_NETWORK:  return t('Anybody in the $Projectname network');
+			case PERMS_SITE:     return sprintf(t('Any account on %s'), \App::get_hostname());
+			case PERMS_CONTACTS: return t('Any of my connections');
+			case PERMS_SPECIFIC: return t('Only connections I specifically allow');
+			case PERMS_AUTHED:   return t('Anybody authenticated (could include visitors from other networks)');
+			case PERMS_PENDING:  return t('Any connections including those who haven\'t yet been approved');
+			default:             return $this->fallback_description;
+		}
+	}
+
+	/**
+	 * Returns an icon css class name if an appropriate one is available, e.g. "fa-globe" for Public,
+	 * otherwise returns empty string. 
+	 *
+	 * @return string icon css class name (often FontAwesome)
+	 */
+	public function get_permission_icon() {
+
+		switch($this->channel_perm) {			
+
+			case 0:/* only me */ return 'fa-eye-slash';
+			case PERMS_PUBLIC:   return 'fa-globe';
+			case PERMS_NETWORK:  return 'fa-share-alt-square'; // fa-share-alt-square is very similiar to the hubzilla logo, but we should create our own logo class to use
+			case PERMS_SITE:     return 'fa-sitemap'; 
+			case PERMS_CONTACTS: return 'fa-group'; 
+			case PERMS_SPECIFIC: return 'fa-list';
+			case PERMS_AUTHED:   return '';
+			case PERMS_PENDING:  return '';
+			default:             return '';
+		}
+	}
+
+
+	/**
+	 * Returns a localized description of where the permission came from, if this is known.
+	 * If it's not know, or if the permission is standalone and didn't come from a default
+	 * permission setting, then empty string is returned.
+	 *
+	 * @return string description or empty string
+	*/
+	public function get_permission_origin_description() {
+
+		switch($this->global_perm) {			
+
+			case PERMS_R_STREAM:  return t('This is your default setting for the audience of your normal stream, and posts.');
+			case PERMS_R_PROFILE: return t('This is your default setting for who can view your default channel profile');
+			case PERMS_R_ABOOK:   return t('This is your default setting for who can view your connections');
+			case PERMS_R_STORAGE: return t('This is your default setting for who can view your file storage and photos');
+			case PERMS_R_PAGES:   return t('This is your default setting for the audience of your webpages');
+			default:              return '';
+		}
+	}
+
+}

Zotlabs/Lib/ProtoDriver.php

@@ -0,0 +1,19 @@
+<?php /** @file */
+
+namespace Zotlabs\Lib;
+
+/*
+ * Abstraction class for dealing with alternate networks (which of course do not exist, hence the abstraction)
+ */
+
+
+abstract class ProtoDriver {
+	abstract protected function discover($channel,$location);
+	abstract protected function deliver($item,$channel,$recipients);
+	abstract protected function collect($channel,$connection);
+	abstract protected function change_permissions($permissions,$channel,$recipient);
+	abstract protected function acknowledge_permissions($permissions,$channel,$recipient);
+	abstract protected function deliver_private($item,$channel,$recipients);
+	abstract protected function collect_private($channel,$connection);
+
+}

Zotlabs/Lib/SuperCurl.php

@@ -0,0 +1,127 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+/**
+ * @brief wrapper for z_fetch_url() which can be instantiated with several built-in parameters and 
+ * these can be modified and re-used. Useful for CalDAV and other processes which need to authenticate
+ * and set lots of CURL options (many of which stay the same from one call to the next). 
+ */
+
+
+
+
+class SuperCurl {
+
+	
+    private $auth;
+    private $url;
+
+	private $curlopt = array();
+
+	private $headers = null;
+    public $filepos = 0;
+	public $filehandle = 0;
+    public $request_data = '';
+
+	private $request_method = 'GET';
+	private $upload = false;
+	private $cookies = false;
+
+
+    private function set_data($s) {
+        $this->request_data = $s;
+        $this->filepos = 0;
+    }
+
+    public function curl_read($ch,$fh,$size) {
+
+        if($this->filepos < 0) {
+            unset($fh);
+            return '';
+        }
+
+        $s = substr($this->request_data,$this->filepos,$size);
+
+        if(strlen($s) < $size)
+            $this->filepos = (-1);
+        else
+            $this->filepos = $this->filepos + $size;
+
+        return $s;
+    }
+
+
+	public function __construct($opts = array()) {
+		$this->set($opts);
+	}
+
+	private function set($opts = array()) {
+		if($opts) {
+			foreach($opts as $k => $v) {
+				switch($k) {
+					case 'http_auth':
+						$this->auth = $v;
+						break;
+					case 'magicauth':
+						// currently experimental
+						$this->magicauth = $v;
+						\Zotlabs\Daemon\Master::Summon([ 'CurlAuth', $v ]);
+						break;
+					case 'custom':
+						$this->request_method = $v;
+						break;
+					case 'url':
+						$this->url = $v;
+						break;
+					case 'data':
+						$this->set_data($v);
+						if($v) {
+							$this->upload = true;
+						}
+						else {
+							$this->upload = false;
+						}							
+						break;
+					case 'headers':
+						$this->headers = $v;
+						break;
+					default:
+						$this->curlopts[$k] = $v;
+						break;
+				}
+			}
+		}
+	}
+
+	function exec() {
+		$opts = $this->curlopts;
+		$url = $this->url;
+		if($this->auth)
+			$opts['http_auth'] = $this->auth;
+		if($this->magicauth) {
+			$opts['cookiejar']  = 'store/[data]/cookie_' . $this->magicauth;
+			$opts['cookiefile'] = 'store/[data]/cookie_' . $this->magicauth;
+			$opts['cookie'] = 'PHPSESSID=' . trim(file_get_contents('store/[data]/cookien_' . $this->magicauth));
+			$c = channelx_by_n($this->magicauth);
+			if($c)
+				$url = zid($this->url,$c['channel_address'] . '@' . \App::get_hostname());
+		}	
+		if($this->custom)
+			$opts['custom'] = $this->custom;
+		if($this->headers)
+			$opts['headers'] = $this->headers;
+		if($this->upload) {
+			$opts['upload'] = true;
+			$opts['infile'] = $this->filehandle;
+			$opts['infilesize'] = strlen($this->request_data);
+			$opts['readfunc'] = [ $this, 'curl_read' ] ;
+		}
+
+		$recurse = 0;
+		return z_fetch_url($this->url,true,$recurse,(($opts) ? $opts : null)); 
+		
+	}
+		
+	
+}

Zotlabs/Lib/System.php

@@ -0,0 +1,58 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+class System {
+
+	static public function get_platform_name() {
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && array_key_exists('platform_name',\App::$config['system']))
+			return \App::$config['system']['platform_name'];
+		return PLATFORM_NAME;
+	}
+
+	static public function get_site_name() {
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['sitename'])
+			return \App::$config['system']['sitename'];
+		return '';
+	}
+
+	static public function get_project_version() {
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['hide_version'])
+			return '';
+		return self::get_std_version();
+	}
+
+	static public function get_update_version() {
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['hide_version'])
+			return '';
+		return DB_UPDATE_VERSION;
+	}
+
+
+	static public function get_notify_icon() {
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['email_notify_icon_url'])
+			return \App::$config['system']['email_notify_icon_url'];
+		return z_root() . '/images/hz-white-32.png';
+	}
+
+	static public function get_site_icon() {
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['site_icon_url'])
+			return \App::$config['system']['site_icon_url'];
+		return z_root() . '/images/hz-32.png';
+	}
+
+
+	static public function get_server_role() {
+		if(UNO)
+			return 'basic';
+		return 'pro';
+	}
+
+	static public function get_std_version() {
+		if(defined('STD_VERSION'))
+			return STD_VERSION;
+		return '0.0.0';
+	}
+
+
+}

Zotlabs/Lib/ThreadItem.php

@@ -0,0 +1,780 @@
+<?php /** @file */
+
+namespace Zotlabs\Lib;
+
+require_once('include/text.php');
+
+/**
+ * A thread item
+ */
+
+class ThreadItem {
+
+	public  $data = array();
+	private $template = 'conv_item.tpl';
+	private $comment_box_template = 'comment_item.tpl';
+	private $commentable = false;
+	// list of supported reaction emojis - a site can over-ride this via config system.reactions
+	private $reactions = ['1f60a','1f44f','1f37e','1f48b','1f61e','2665','1f606','1f62e','1f634','1f61c','1f607','1f608'];
+	private $toplevel = false;
+	private $children = array();
+	private $parent = null;
+	private $conversation = null;
+	private $redirect_url = null;
+	private $owner_url = '';
+	private $owner_photo = '';
+	private $owner_name = '';
+	private $wall_to_wall = false;
+	private $threaded = false;
+	private $visiting = false;
+	private $channel = null;
+	private $display_mode = 'normal';
+
+
+	public function __construct($data) {
+				
+		$this->data = $data;
+		$this->toplevel = ($this->get_id() == $this->get_data_value('parent'));
+
+		// Prepare the children
+		if(count($data['children'])) {
+			foreach($data['children'] as $item) {
+
+				/*
+				 * Only add those that will be displayed
+				 */
+
+				if((! visible_activity($item)) || array_key_exists('author_blocked',$item)) {
+					continue;
+				}
+
+				$child = new ThreadItem($item);
+				$this->add_child($child);
+			}
+		}
+
+		// allow a site to configure the order and content of the reaction emoji list
+		if($this->toplevel) {
+			$x = get_config('system','reactions');
+			if($x && is_array($x) && count($x)) {
+				$this->reactions = $x;
+			}
+		}
+	}
+
+	/**
+	 * Get data in a form usable by a conversation template
+	 *
+	 * Returns:
+	 *      _ The data requested on success
+	 *      _ false on failure
+	 */
+
+	public function get_template_data($conv_responses, $thread_level=1) {
+	
+		$result = array();
+
+		$item     = $this->get_data();
+
+		$commentww = '';
+		$sparkle = '';
+		$buttons = '';
+		$dropping = false;
+		$star = false;
+		$isstarred = "unstarred fa-star-o";
+		$indent = '';
+		$osparkle = '';
+		$total_children = $this->count_descendants();
+		$unseen_comments = (($item['real_uid']) ? 0 : $this->count_unseen_descendants());
+
+		$conv = $this->get_conversation();
+		$observer = $conv->get_observer();
+
+		$lock = ((($item['item_private'] == 1) || (($item['uid'] == local_channel()) && (strlen($item['allow_cid']) || strlen($item['allow_gid']) 
+			|| strlen($item['deny_cid']) || strlen($item['deny_gid']))))
+			? t('Private Message')
+			: false);
+		$shareable = ((($conv->get_profile_owner() == local_channel() && local_channel()) && ($item['item_private'] != 1)) ? true : false);
+
+		// allow an exemption for sharing stuff from your private feeds
+		if($item['author']['xchan_network'] === 'rss')
+			$shareable = true;
+
+		$mode = $conv->get_mode();
+
+		if(local_channel() && $observer['xchan_hash'] === $item['author_xchan'])
+			$edpost = array(z_root()."/editpost/".$item['id'], t("Edit"));
+		else
+			$edpost = false;
+
+
+		if($observer['xchan_hash'] == $this->get_data_value('author_xchan') 
+			|| $observer['xchan_hash'] == $this->get_data_value('owner_xchan') 
+			|| $this->get_data_value('uid') == local_channel())
+			$dropping = true;
+
+
+		if(array_key_exists('real_uid',$item)) {
+			$edpost = false;
+			$dropping = false;
+		}
+
+
+		if($dropping) {
+			$drop = array(
+				'dropping' => $dropping,
+				'delete' => t('Delete'),
+			);
+		}		
+// FIXME
+		if($observer_is_pageowner) {		
+			$multidrop = array(
+				'select' => t('Select'), 
+			);
+		}
+
+		$filer = ((($conv->get_profile_owner() == local_channel()) && (! array_key_exists('real_uid',$item))) ? t("Save to Folder") : false);
+
+		$profile_avatar = $item['author']['xchan_photo_m'];
+		$profile_link   = chanlink_url($item['author']['xchan_url']);
+		$profile_name   = $item['author']['xchan_name'];
+
+		$location = format_location($item);
+		$isevent = false;
+		$attend = null;
+		$canvote = false;
+
+		// process action responses - e.g. like/dislike/attend/agree/whatever
+		$response_verbs = array('like');
+		if(feature_enabled($conv->get_profile_owner(),'dislike'))
+			$response_verbs[] = 'dislike';
+		if($item['obj_type'] === ACTIVITY_OBJ_EVENT) {
+			$response_verbs[] = 'attendyes';
+			$response_verbs[] = 'attendno';
+			$response_verbs[] = 'attendmaybe';
+			if($this->is_commentable()) {
+				$isevent = true;
+				$attend = array( t('I will attend'), t('I will not attend'), t('I might attend'));
+			}
+		}
+
+		$consensus = (intval($item['item_consensus']) ? true : false);
+		if($consensus) {
+			$response_verbs[] = 'agree';
+			$response_verbs[] = 'disagree';
+			$response_verbs[] = 'abstain';
+			if($this->is_commentable()) {
+				$conlabels = array( t('I agree'), t('I disagree'), t('I abstain'));
+				$canvote = true;
+			}
+		}
+
+		if(! feature_enabled($conv->get_profile_owner(),'dislike'))
+			unset($conv_responses['dislike']);
+  
+		$responses = get_responses($conv_responses,$response_verbs,$this,$item);
+
+		$like_count = ((x($conv_responses['like'],$item['mid'])) ? $conv_responses['like'][$item['mid']] : '');
+		$like_list = ((x($conv_responses['like'],$item['mid'])) ? $conv_responses['like'][$item['mid'] . '-l'] : '');
+		if (count($like_list) > MAX_LIKERS) {
+			$like_list_part = array_slice($like_list, 0, MAX_LIKERS);
+			array_push($like_list_part, '<a href="#" data-toggle="modal" data-target="#likeModal-' . $this->get_id() . '"><b>' . t('View all') . '</b></a>');
+		} else {
+			$like_list_part = '';
+		}
+		$like_button_label = tt('Like','Likes',$like_count,'noun');
+
+		if (feature_enabled($conv->get_profile_owner(),'dislike')) {
+			$dislike_count = ((x($conv_responses['dislike'],$item['mid'])) ? $conv_responses['dislike'][$item['mid']] : '');
+			$dislike_list = ((x($conv_responses['dislike'],$item['mid'])) ? $conv_responses['dislike'][$item['mid'] . '-l'] : '');
+			$dislike_button_label = tt('Dislike','Dislikes',$dislike_count,'noun');
+			if (count($dislike_list) > MAX_LIKERS) {
+				$dislike_list_part = array_slice($dislike_list, 0, MAX_LIKERS);
+				array_push($dislike_list_part, '<a href="#" data-toggle="modal" data-target="#dislikeModal-' . $this->get_id() . '"><b>' . t('View all') . '</b></a>');
+			} else {
+				$dislike_list_part = '';
+			}
+		}
+
+		$showlike    = ((x($conv_responses['like'],$item['mid'])) ? format_like($conv_responses['like'][$item['mid']],$conv_responses['like'][$item['mid'] . '-l'],'like',$item['mid']) : '');
+		$showdislike = ((x($conv_responses['dislike'],$item['mid']) && feature_enabled($conv->get_profile_owner(),'dislike'))  
+				? format_like($conv_responses['dislike'][$item['mid']],$conv_responses['dislike'][$item['mid'] . '-l'],'dislike',$item['mid']) : '');
+
+		/*
+		 * We should avoid doing this all the time, but it depends on the conversation mode
+		 * And the conv mode may change when we change the conv, or it changes its mode
+		 * Maybe we should establish a way to be notified about conversation changes
+		 */
+
+		$this->check_wall_to_wall();
+		
+		if($this->is_toplevel()) {
+			// FIXME check this permission
+			if(($conv->get_profile_owner() == local_channel()) && (! array_key_exists('real_uid',$item))) {
+
+// FIXME we don't need all this stuff, some can be done in the template
+
+				$star = array(
+					'do' => t("Add Star"),
+					'undo' => t("Remove Star"),
+					'toggle' => t("Toggle Star Status"),
+					'classdo' => (intval($item['item_starred']) ? "hidden" : ""),
+					'classundo' => (intval($item['item_starred']) ? "" : "hidden"),
+					'isstarred' => (intval($item['item_starred']) ? "starred fa-star" : "unstarred fa-star-o"),
+					'starred' =>  t('starred'),
+				);
+
+			}
+		} 
+		else {
+			$indent = 'comment';
+		}
+
+
+		$verified = (intval($item['item_verified']) ? t('Message signature validated') : '');
+		$forged = ((($item['sig']) && (! intval($item['item_verified']))) ? t('Message signature incorrect') : '');
+		$unverified = '' ; // (($this->is_wall_to_wall() && (! intval($item['item_verified']))) ? t('Message cannot be verified') : '');
+
+
+
+		// FIXME - check this permission
+		if($conv->get_profile_owner() == local_channel()) {
+			$tagger = array(
+				'tagit' => t("Add Tag"),
+				'classtagger' => "",
+			);
+		}
+
+		$has_bookmarks = false;
+		if(is_array($item['term'])) {
+			foreach($item['term'] as $t) {
+				if(!UNO && $t['ttype'] == TERM_BOOKMARK)
+					$has_bookmarks = true;
+			}
+		}
+
+		$has_event = false;
+		if(($item['obj_type'] === ACTIVITY_OBJ_EVENT) && $conv->get_profile_owner() == local_channel())
+			$has_event = true;
+
+		if($this->is_commentable()) {
+			$like = array( t("I like this \x28toggle\x29"), t("like"));
+			$dislike = array( t("I don't like this \x28toggle\x29"), t("dislike"));
+		}
+
+		if ($shareable)
+			$share = array( t('Share This'), t('share'));
+
+		$dreport = '';
+
+		$keep_reports = intval(get_config('system','expire_delivery_reports'));
+		if($keep_reports === 0)
+			$keep_reports = 30;
+
+		if((! get_config('system','disable_dreport')) && strcmp(datetime_convert('UTC','UTC',$item['created']),datetime_convert('UTC','UTC',"now - $keep_reports days")) > 0)
+			$dreport = t('Delivery Report');
+
+		if(strcmp(datetime_convert('UTC','UTC',$item['created']),datetime_convert('UTC','UTC','now - 12 hours')) > 0)
+			$indent .= ' shiny';
+
+
+		localize_item($item);
+
+		$body = prepare_body($item,true);
+
+		// $viewthread (below) is only valid in list mode. If this is a channel page, build the thread viewing link
+		// since we can't depend on llink or plink pointing to the right local location.
+ 
+		$owner_address = substr($item['owner']['xchan_addr'],0,strpos($item['owner']['xchan_addr'],'@'));
+		$viewthread = $item['llink'];
+		if($conv->get_mode() === 'channel')
+			$viewthread = z_root() . '/channel/' . $owner_address . '?f=&mid=' . $item['mid'];
+
+		$comment_count_txt = sprintf( tt('%d comment','%d comments',$total_children),$total_children );
+		$list_unseen_txt = (($unseen_comments) ? sprintf('%d unseen',$unseen_comments) : '');
+		
+
+
+		
+
+		$children = $this->get_children();
+
+		$has_tags = (($body['tags'] || $body['categories'] || $body['mentions'] || $body['attachments'] || $body['folders']) ? true : false);
+
+		$tmp_item = array(
+			'template' => $this->get_template(),
+			'mode' => $mode,			
+			'type' => implode("",array_slice(explode("/",$item['verb']),-1)),
+			'body' => $body['html'],
+			'tags' => $body['tags'],
+			'categories' => $body['categories'],
+			'mentions' => $body['mentions'],
+			'attachments' => $body['attachments'],
+			'folders' => $body['folders'],
+			'text' => strip_tags($body['html']),
+			'id' => $this->get_id(),
+			'mid' => $item['mid'],
+			'isevent' => $isevent,
+			'attend' => $attend,
+			'consensus' => $consensus,
+			'conlabels' => $conlabels,
+			'canvote' => $canvote,
+			'linktitle' => sprintf( t('View %s\'s profile - %s'), $profile_name, $item['author']['xchan_addr']),
+			'olinktitle' => sprintf( t('View %s\'s profile - %s'), $this->get_owner_name(), $item['owner']['xchan_addr']),
+			'llink' => $item['llink'],
+			'viewthread' => $viewthread,
+			'to' => t('to'),
+			'via' => t('via'),
+			'wall' => t('Wall-to-Wall'),
+			'vwall' => t('via Wall-To-Wall:'),
+			'profile_url' => $profile_link,
+			'item_photo_menu' => item_photo_menu($item),
+			'dreport' => $dreport,
+			'name' => $profile_name,
+			'thumb' => $profile_avatar,
+			'osparkle' => $osparkle,
+			'sparkle' => $sparkle,
+			'title' => $item['title'],
+			'title_tosource' => get_pconfig($conv->get_profile_owner(),'system','title_tosource'),
+			'ago' => relative_date($item['created']),
+			'app' => $item['app'],
+			'str_app' => sprintf( t('from %s'), $item['app']),
+			'isotime' => datetime_convert('UTC', date_default_timezone_get(), $item['created'], 'c'),
+			'localtime' => datetime_convert('UTC', date_default_timezone_get(), $item['created'], 'r'),
+			'editedtime' => (($item['edited'] != $item['created']) ? sprintf( t('last edited: %s'), datetime_convert('UTC', date_default_timezone_get(), $item['edited'], 'r')) : ''),
+			'expiretime' => (($item['expires'] !== NULL_DATE) ? sprintf( t('Expires: %s'), datetime_convert('UTC', date_default_timezone_get(), $item['expires'], 'r')):''),
+			'lock' => $lock,
+			'verified' => $verified,
+			'unverified' => $unverified,
+			'forged' => $forged,
+			'location' => $location,
+			'indent' => $indent,
+			'owner_url' => $this->get_owner_url(),
+			'owner_photo' => $this->get_owner_photo(),
+			'owner_name' => $this->get_owner_name(),
+			'photo' => $body['photo'],
+			'event' => $body['event'],
+			'has_tags' => $has_tags,
+			'reactions' => $this->reactions,
+// Item toolbar buttons
+			'emojis'   => (($this->is_toplevel() && $this->is_commentable() && feature_enabled($conv->get_profile_owner(),'emojis')) ? '1' : ''),
+			'like'      => $like,
+			'dislike'   => ((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike : ''),
+			'share'     => $share,
+			'rawmid'	=> $item['mid'],
+			'plink'     => get_plink($item),
+			'edpost'    => $edpost, // ((feature_enabled($conv->get_profile_owner(),'edit_posts')) ? $edpost : ''),
+			'star'      => ((feature_enabled($conv->get_profile_owner(),'star_posts')) ? $star : ''),
+			'tagger'    => ((feature_enabled($conv->get_profile_owner(),'commtag')) ? $tagger : ''),
+			'filer'     => ((feature_enabled($conv->get_profile_owner(),'filing')) ? $filer : ''),
+			'bookmark'  => (($conv->get_profile_owner() == local_channel() && local_channel() && $has_bookmarks) ? t('Save Bookmarks') : ''),
+			'addtocal'  => (($has_event) ? t('Add to Calendar') : ''),
+			'drop'      => $drop,
+			'multidrop' => ((feature_enabled($conv->get_profile_owner(),'multi_delete')) ? $multidrop : ''),
+// end toolbar buttons
+
+			'unseen_comments' => $unseen_comments,
+			'comment_count' => $total_children,
+			'comment_count_txt' => $comment_count_txt,
+			'list_unseen_txt' => $list_unseen_txt,
+			'markseen' => t('Mark all seen'),
+			'responses' => $responses,
+			'like_count' => $like_count,
+			'like_list' => $like_list,
+			'like_list_part' => $like_list_part,
+			'like_button_label' => $like_button_label,
+			'like_modal_title' => t('Likes','noun'),
+			'dislike_modal_title' => t('Dislikes','noun'),
+			'dislike_count' => ((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_count : ''),
+			'dislike_list' => ((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_list : ''),
+			'dislike_list_part' => ((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_list_part : ''),
+			'dislike_button_label' => ((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_button_label : ''),
+			'modal_dismiss' => t('Close'),
+			'showlike' => $showlike,
+			'showdislike' => $showdislike,
+			'comment' => $this->get_comment_box($indent),
+			'previewing' => ($conv->is_preview() ? ' preview ' : ''),
+			'wait' => t('Please wait'),
+			'thread_level' => $thread_level
+		);
+
+		$arr = array('item' => $item, 'output' => $tmp_item);
+		call_hooks('display_item', $arr);
+
+		$result = $arr['output'];
+
+		$result['children'] = array();
+		$nb_children = count($children);
+
+		$visible_comments = get_config('system','expanded_comments');
+		if($visible_comments === false)
+			$visible_comments = 3;
+
+		if(($this->get_display_mode() === 'normal') && ($nb_children > 0)) {
+			foreach($children as $child) {
+				$result['children'][] = $child->get_template_data($conv_responses, $thread_level + 1);
+			}
+			// Collapse
+			if(($nb_children > $visible_comments) || ($thread_level > 1)) {
+				$result['children'][0]['comment_firstcollapsed'] = true;
+				$result['children'][0]['num_comments'] = $comment_count_txt;
+				$result['children'][0]['hide_text'] = sprintf( t('%s show all'), '<i class="fa fa-chevron-down"></i>');
+				if($thread_level > 1) {
+					$result['children'][$nb_children - 1]['comment_lastcollapsed'] = true;
+				}
+				else {
+					$result['children'][$nb_children - ($visible_comments + 1)]['comment_lastcollapsed'] = true;
+				}
+			}
+		}
+		
+		$result['private'] = $item['item_private'];
+		$result['toplevel'] = ($this->is_toplevel() ? 'toplevel_item' : '');
+
+		if($this->is_threaded()) {
+			$result['flatten'] = false;
+			$result['threaded'] = true;
+		}
+		else {
+			$result['flatten'] = true;
+			$result['threaded'] = false;
+		}
+
+		return $result;
+	}
+	
+	public function get_id() {
+		return $this->get_data_value('id');
+	}
+
+	public function get_display_mode() {
+		return $this->display_mode;
+	}
+
+	public function set_display_mode($mode) {
+		$this->display_mode = $mode;
+	}
+
+	public function is_threaded() {
+		return $this->threaded;
+	}
+
+	public function set_commentable($val) {
+		$this->commentable = $val;
+		foreach($this->get_children() as $child)
+			$child->set_commentable($val);
+	}
+
+	public function is_commentable() {
+		return $this->commentable;
+	}
+
+	/**
+	 * Add a child item
+	 */
+	public function add_child($item) {
+		$item_id = $item->get_id();
+		if(!$item_id) {
+			logger('[ERROR] Item::add_child : Item has no ID!!', LOGGER_DEBUG);
+			return false;
+		}
+		if($this->get_child($item->get_id())) {
+			logger('[WARN] Item::add_child : Item already exists ('. $item->get_id() .').', LOGGER_DEBUG);
+			return false;
+		}
+		/*
+		 * Only add what will be displayed
+		 */
+
+		if(activity_match($item->get_data_value('verb'),ACTIVITY_LIKE) || activity_match($item->get_data_value('verb'),ACTIVITY_DISLIKE)) {
+			return false;
+		}
+		
+		$item->set_parent($this);
+		$this->children[] = $item;
+		return end($this->children);
+	}
+
+	/**
+	 * Get a child by its ID
+	 */
+	public function get_child($id) {
+		foreach($this->get_children() as $child) {
+			if($child->get_id() == $id)
+				return $child;
+		}
+		return null;
+	}
+
+	/**
+	 * Get all our children
+	 */
+	public function get_children() {
+		return $this->children;
+	}
+
+	/**
+	 * Set our parent
+	 */
+	protected function set_parent($item) {
+		$parent = $this->get_parent();
+		if($parent) {
+			$parent->remove_child($this);
+		}
+		$this->parent = $item;
+		$this->set_conversation($item->get_conversation());
+	}
+
+	/**
+	 * Remove our parent
+	 */
+	protected function remove_parent() {
+		$this->parent = null;
+		$this->conversation = null;
+	}
+
+	/**
+	 * Remove a child
+	 */
+	public function remove_child($item) {
+		$id = $item->get_id();
+		foreach($this->get_children() as $key => $child) {
+			if($child->get_id() == $id) {
+				$child->remove_parent();
+				unset($this->children[$key]);
+				// Reindex the array, in order to make sure there won't be any trouble on loops using count()
+				$this->children = array_values($this->children);
+				return true;
+			}
+		}
+		logger('[WARN] Item::remove_child : Item is not a child ('. $id .').', LOGGER_DEBUG);
+		return false;
+	}
+
+	/**
+	 * Get parent item
+	 */
+	protected function get_parent() {
+		return $this->parent;
+	}
+
+	/**
+	 * set conversation
+	 */
+	public function set_conversation($conv) {
+		$previous_mode = ($this->conversation ? $this->conversation->get_mode() : '');
+		
+		$this->conversation = $conv;
+
+		// Set it on our children too
+		foreach($this->get_children() as $child)
+			$child->set_conversation($conv);
+	}
+
+	/**
+	 * get conversation
+	 */
+	public function get_conversation() {
+		return $this->conversation;
+	}
+
+	/**
+	 * Get raw data
+	 *
+	 * We shouldn't need this
+	 */
+	public function get_data() {
+		return $this->data;
+	}
+
+	/**
+	 * Get a data value
+	 *
+	 * Returns:
+	 *      _ value on success
+	 *      _ false on failure
+	 */
+	public function get_data_value($name) {
+		if(!isset($this->data[$name])) {
+//			logger('[ERROR] Item::get_data_value : Item has no value name "'. $name .'".', LOGGER_DEBUG);
+			return false;
+		}
+
+		return $this->data[$name];
+	}
+
+	/**
+	 * Get template
+	 */
+	public function get_template() {
+		return $this->template;
+	}
+
+
+	public function set_template($t) {
+		$this->template = $t;
+	}
+
+	/**
+	 * Check if this is a toplevel post
+	 */
+	private function is_toplevel() {
+		return $this->toplevel;
+	}
+
+	/**
+	 * Count the total of our descendants
+	 */
+	private function count_descendants() {
+		$children = $this->get_children();
+		$total = count($children);
+		if($total > 0) {
+			foreach($children as $child) {
+				$total += $child->count_descendants();
+			}
+		}
+		return $total;
+	}
+
+	private function count_unseen_descendants() {
+		$children = $this->get_children();
+		$total = count($children);
+		if($total > 0) {
+			$total = 0;
+			foreach($children as $child) {
+				if((! visible_activity($child->data)) || array_key_exists('author_blocked',$child->data)) {
+					continue;
+				}
+				if(intval($child->data['item_unseen']))
+					$total ++;
+			}
+		}
+		return $total;
+	}
+
+
+	/**
+	 * Get the template for the comment box
+	 */
+	private function get_comment_box_template() {
+		return $this->comment_box_template;
+	}
+
+	/**
+	 * Get the comment box
+	 *
+	 * Returns:
+	 *      _ The comment box string (empty if no comment box)
+	 *      _ false on failure
+	 */
+	private function get_comment_box($indent) {
+
+		if(!$this->is_toplevel() && !get_config('system','thread_allow')) {
+			return '';
+		}
+		
+		$comment_box = '';
+		$conv = $this->get_conversation();
+
+//		logger('Commentable conv: ' . $conv->is_commentable());
+
+		if(! $this->is_commentable())
+			return;
+
+		$template = get_markup_template($this->get_comment_box_template());
+
+		$observer = $conv->get_observer();
+
+		$qc = ((local_channel()) ? get_pconfig(local_channel(),'system','qcomment') : null);
+		$qcomment = (($qc) ? explode("\n",$qc) : null);
+
+		$arr = array('comment_buttons' => '','id' => $this->get_id());
+		call_hooks('comment_buttons',$arr);
+		$comment_buttons = $arr['comment_buttons'];
+
+
+		$comment_box = replace_macros($template,array(
+			'$return_path' => '',
+			'$threaded' => $this->is_threaded(),
+			'$jsreload' => '', //(($conv->get_mode() === 'display') ? $_SESSION['return_url'] : ''),
+			'$type' => (($conv->get_mode() === 'channel') ? 'wall-comment' : 'net-comment'),
+			'$id' => $this->get_id(),
+			'$parent' => $this->get_id(),
+			'$qcomment' => $qcomment,
+			'$comment_buttons' => $comment_buttons,
+			'$profile_uid' =>  $conv->get_profile_owner(),
+			'$mylink' => $observer['xchan_url'],
+			'$mytitle' => t('This is you'),
+			'$myphoto' => $observer['xchan_photo_s'],
+			'$comment' => t('Comment'),
+			'$submit' => t('Submit'),
+			'$edbold' => t('Bold'),
+			'$editalic' => t('Italic'),
+			'$eduline' => t('Underline'),
+			'$edquote' => t('Quote'),
+			'$edcode' => t('Code'),
+			'$edimg' => t('Image'),
+			'$edurl' => t('Insert Link'),
+			'$edvideo' => t('Video'),
+			'$preview' => t('Preview'), // ((feature_enabled($conv->get_profile_owner(),'preview')) ? t('Preview') : ''),
+			'$indent' => $indent,
+			'$feature_encrypt' => ((feature_enabled($conv->get_profile_owner(),'content_encrypt')) ? true : false),
+			'$encrypt' => t('Encrypt text'),
+			'$cipher' => $conv->get_cipher(),
+			'$sourceapp' => \App::$sourcename
+
+		));
+
+		return $comment_box;
+	}
+
+	private function get_redirect_url() {
+		return $this->redirect_url;
+	}
+
+	/**
+	 * Check if we are a wall to wall item and set the relevant properties
+	 */
+	protected function check_wall_to_wall() {
+		$conv = $this->get_conversation();
+		$this->wall_to_wall = false;
+		$this->owner_url = '';
+		$this->owner_photo = '';
+		$this->owner_name = '';
+
+		if($conv->get_mode() === 'channel')
+			return;
+		
+		if($this->is_toplevel() && ($this->get_data_value('author_xchan') != $this->get_data_value('owner_xchan'))) {
+			$this->owner_url = chanlink_url($this->data['owner']['xchan_url']);
+			$this->owner_photo = $this->data['owner']['xchan_photo_m'];
+			$this->owner_name = $this->data['owner']['xchan_name'];
+			$this->wall_to_wall = true;
+		}
+	}
+
+	private function is_wall_to_wall() {
+		return $this->wall_to_wall;
+	}
+
+	private function get_owner_url() {
+		return $this->owner_url;
+	}
+
+	private function get_owner_photo() {
+		return $this->owner_photo;
+	}
+
+	private function get_owner_name() {
+		return $this->owner_name;
+	}
+
+	private function is_visiting() {
+		return $this->visiting;
+	}
+
+
+
+
+}
+

Zotlabs/Lib/ThreadStream.php

@@ -0,0 +1,220 @@
+<?php /** @file */
+
+namespace Zotlabs\Lib;
+
+require_once('boot.php');
+require_once('include/text.php');
+require_once('include/items.php');
+
+/**
+ * A list of threads
+ *
+ */
+
+class ThreadStream {
+
+	private $threads = array();
+	private $mode = null;
+	private $observer = null;
+	private $writable = false;
+	private $commentable = false;
+	private $profile_owner = 0;
+	private $preview = false;
+	private $prepared_item = '';
+	private $cipher = 'aes256';
+
+	// $prepared_item is for use by alternate conversation structures such as photos
+	// wherein we've already prepared a top level item which doesn't look anything like
+	// a normal "post" item
+
+	public function __construct($mode, $preview, $prepared_item = '') {
+		$this->set_mode($mode);
+		$this->preview = $preview;
+		$this->prepared_item = $prepared_item;
+		$c = ((local_channel()) ? get_pconfig(local_channel(),'system','default_cipher') : '');
+		if($c)
+			$this->cipher = $c;
+	}
+
+	/**
+	 * Set the mode we'll be displayed on
+	 */
+	private function set_mode($mode) {
+		if($this->get_mode() == $mode)
+			return;
+
+		$this->observer = \App::get_observer();
+		$ob_hash = (($this->observer) ? $this->observer['xchan_hash'] : '');
+
+		switch($mode) {
+			case 'network':
+				$this->profile_owner = local_channel();
+				$this->writable = true;
+				break;
+			case 'channel':
+				$this->profile_owner = \App::$profile['profile_uid'];
+				$this->writable = perm_is_allowed($this->profile_owner,$ob_hash,'post_comments');
+				break;
+			case 'display':
+				// in this mode we set profile_owner after initialisation (from conversation()) and then 
+				// pull some trickery which allows us to re-invoke this function afterward
+				// it's an ugly hack so FIXME
+				$this->writable = perm_is_allowed($this->profile_owner,$ob_hash,'post_comments');
+				break;
+			case 'page':
+				$this->profile_owner = \App::$profile['uid'];
+				$this->writable = perm_is_allowed($this->profile_owner,$ob_hash,'post_comments');
+				break;
+			default:
+				logger('[ERROR] Conversation::set_mode : Unhandled mode ('. $mode .').', LOGGER_DEBUG);
+				return false;
+				break;
+		}
+		$this->mode = $mode;
+	}
+
+	/**
+	 * Get mode
+	 */
+	public function get_mode() {
+		return $this->mode;
+	}
+
+	/**
+	 * Check if page is writable
+	 */
+	public function is_writable() {
+		return $this->writable;
+	}
+
+	public function is_commentable() {
+		return $this->commentable;
+	}
+
+	/**
+	 * Check if page is a preview
+	 */
+	public function is_preview() {
+		return $this->preview;
+	}
+
+	/**
+	 * Get profile owner
+	 */
+	public function get_profile_owner() {
+		return $this->profile_owner;
+	}
+
+	public function set_profile_owner($uid) {
+		$this->profile_owner = $uid;
+		$mode = $this->get_mode();
+		$this->mode = null;
+		$this->set_mode($mode);
+	}
+
+	public function get_observer() {
+		return $this->observer;
+	}
+
+	public function get_cipher() {
+		return $this->cipher;
+	}
+
+
+	/**
+	 * Add a thread to the conversation
+	 *
+	 * Returns:
+	 *      _ The inserted item on success
+	 *      _ false on failure
+	 */
+	public function add_thread($item) {
+		$item_id = $item->get_id();
+		if(!$item_id) {
+			logger('Item has no ID!!', LOGGER_DEBUG, LOG_ERR);
+			return false;
+		}
+		if($this->get_thread($item->get_id())) {
+			logger('Thread already exists ('. $item->get_id() .').', LOGGER_DEBUG, LOG_WARNING);
+			return false;
+		}
+
+		/*
+		 * Only add things that will be displayed
+		 */
+
+		
+		if(($item->get_data_value('id') != $item->get_data_value('parent')) && (activity_match($item->get_data_value('verb'),ACTIVITY_LIKE) || activity_match($item->get_data_value('verb'),ACTIVITY_DISLIKE))) {
+			return false;
+		}
+
+		$item->set_commentable(false);
+		$ob_hash = (($this->observer) ? $this->observer['xchan_hash'] : '');
+		
+		if(! comments_are_now_closed($item->get_data())) {
+			if(($item->get_data_value('author_xchan') === $ob_hash) || ($item->get_data_value('owner_xchan') === $ob_hash))
+				$item->set_commentable(true);
+
+			if(intval($item->get_data_value('item_nocomment'))) {
+				$item->set_commentable(false);
+			}
+			elseif(($this->observer) && (! $item->is_commentable())) {
+				if((array_key_exists('owner',$item->data)) && intval($item->data['owner']['abook_self']))
+					$item->set_commentable(perm_is_allowed($this->profile_owner,$this->observer['xchan_hash'],'post_comments'));
+				else
+					$item->set_commentable(can_comment_on_post($this->observer['xchan_hash'],$item->data));
+			}
+		}
+		require_once('include/channel.php');
+
+		$item->set_conversation($this);
+		$this->threads[] = $item;
+		return end($this->threads);
+	}
+
+	/**
+	 * Get data in a form usable by a conversation template
+	 *
+	 * We should find a way to avoid using those arguments (at least most of them)
+	 *
+	 * Returns:
+	 *      _ The data requested on success
+	 *      _ false on failure
+	 */
+	public function get_template_data($conv_responses) {
+		$result = array();
+
+		foreach($this->threads as $item) {
+
+			if(($item->get_data_value('id') == $item->get_data_value('parent')) && $this->prepared_item) {
+				$item_data = $this->prepared_item;
+			}
+			else {
+				$item_data = $item->get_template_data($conv_responses);
+			}
+			if(!$item_data) {
+				logger('Failed to get item template data ('. $item->get_id() .').', LOGGER_DEBUG, LOG_ERR);
+				return false;
+			}
+			$result[] = $item_data;
+		}
+
+		return $result;
+	}
+
+	/**
+	 * Get a thread based on its item id
+	 *
+	 * Returns:
+	 *      _ The found item on success
+	 *      _ false on failure
+	 */
+	private function get_thread($id) {
+		foreach($this->threads as $item) {
+			if($item->get_id() == $id)
+				return $item;
+		}
+
+		return false;
+	}
+}

Zotlabs/Lib/XConfig.php

@@ -0,0 +1,160 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+
+class XConfig {
+
+	/**
+	 * @brief Loads a full xchan's configuration into a cached storage.
+	 *
+	 * All configuration values of the given observer hash are stored in global
+	 * cache which is available under the global variable App::$config[$xchan].
+	 *
+	 * @param string $xchan
+	 *  The observer's hash
+	 * @return void|false Returns false if xchan is not set
+	 */
+
+	static public function Load($xchan) {
+
+		if(! $xchan)
+			return false;
+
+		if(! array_key_exists($xchan, \App::$config))
+			\App::$config[$xchan] = array();
+
+		$r = q("SELECT * FROM xconfig WHERE xchan = '%s'",
+			dbesc($xchan)
+		);
+
+		if($r) {
+			foreach($r as $rr) {
+				$k = $rr['k'];
+				$c = $rr['cat'];
+				if(! array_key_exists($c, \App::$config[$xchan])) {
+					\App::$config[$xchan][$c] = array();
+					\App::$config[$xchan][$c]['config_loaded'] = true;
+				}
+				\App::$config[$xchan][$c][$k] = $rr['v'];
+			}
+		}
+	}
+
+	/**
+	 * @brief Get a particular observer's config variable given the category
+	 * name ($family) and a key.
+	 *
+	 * Get a particular observer's config value from the given category ($family)
+	 * and the $key from a cached storage in App::$config[$xchan].
+	 *
+	 * Returns false if not set.
+	 *
+	 * @param string $xchan
+	 *  The observer's hash
+	 * @param string $family
+	 *  The category of the configuration value
+	 * @param string $key
+	 *  The configuration key to query
+	 * @return mixed Stored $value or false if it does not exist
+	 */
+
+	static public function Get($xchan, $family, $key) {
+
+		if(! $xchan)
+			return false;
+
+		if(! array_key_exists($xchan, \App::$config))
+			load_xconfig($xchan);
+
+		if((! array_key_exists($family, \App::$config[$xchan])) || (! array_key_exists($key, \App::$config[$xchan][$family])))
+			return false;
+
+		return ((! is_array(\App::$config[$xchan][$family][$key])) && (preg_match('|^a:[0-9]+:{.*}$|s', \App::$config[$xchan][$family][$key])) 
+			? unserialize(\App::$config[$xchan][$family][$key])
+			: \App::$config[$xchan][$family][$key]
+		);
+	}
+
+	/**
+	 * @brief Sets a configuration value for an observer.
+	 *
+	 * Stores a config value ($value) in the category ($family) under the key ($key)
+	 * for the observer's $xchan hash.
+	 *
+	 *
+	 * @param string $xchan
+	 *  The observer's hash
+	 * @param string $family
+	 *  The category of the configuration value
+	 * @param string $key
+	 *  The configuration key to set
+	 * @param string $value
+	 *  The value to store
+	 * @return mixed Stored $value or false
+	 */
+
+	static public function Set($xchan, $family, $key, $value) {
+
+		// manage array value
+		$dbvalue = ((is_array($value))  ? serialize($value) : $value);
+		$dbvalue = ((is_bool($dbvalue)) ? intval($dbvalue)  : $dbvalue);
+
+		if(self::Get($xchan, $family, $key) === false) {
+			if(! array_key_exists($xchan, \App::$config))
+				\App::$config[$xchan] = array();
+			if(! array_key_exists($family, \App::$config[$xchan]))
+				\App::$config[$xchan][$family] = array();
+
+			$ret = q("INSERT INTO xconfig ( xchan, cat, k, v ) VALUES ( '%s', '%s', '%s', '%s' ) ",
+				dbesc($xchan),
+				dbesc($family),
+				dbesc($key),
+				dbesc($dbvalue)
+			);
+		}
+		else {
+			$ret = q("UPDATE xconfig SET v = '%s' WHERE xchan = '%s' and cat = '%s' AND k = '%s'",
+				dbesc($dbvalue),
+				dbesc($xchan),
+				dbesc($family),
+				dbesc($key)
+			);
+		}
+
+		\App::$config[$xchan][$family][$key] = $value;
+
+		if($ret)
+			return $value;
+		return $ret;
+	}
+
+	/**
+	 * @brief Deletes the given key from the observer's config.
+	 *
+	 * Removes the configured value from the stored cache in App::$config[$xchan]
+	 * and removes it from the database.
+	 *
+	 * @param string $xchan
+	 *  The observer's hash
+	 * @param string $family
+	 *  The category of the configuration value
+	 * @param string $key
+	 *  The configuration key to delete
+	 * @return mixed
+	 */
+
+	static public function Delete($xchan, $family, $key) {
+
+		if(x(\App::$config[$xchan][$family], $key))
+			unset(\App::$config[$xchan][$family][$key]);
+		$ret = q("DELETE FROM xconfig WHERE xchan = '%s' AND cat = '%s' AND k = '%s'",
+			dbesc($xchan),
+			dbesc($family),
+			dbesc($key)
+		);
+
+		return $ret;
+	}
+
+}

Zotlabs/Lib/ZotDriver.php

@@ -0,0 +1,30 @@
+<?php /** @file */
+
+namespace Zotlabs\Lib;
+
+
+class ZotDriver extends ProtoDriver {
+
+	protected function discover($channel,$location) {
+
+	}
+	protected function deliver($item,$channel,$recipients) {
+
+	}
+	protected function collect($channel,$connection) {
+
+	}
+	protected function change_permissions($permissions,$channel,$recipient) {
+
+	}
+	protected function acknowledge_permissions($permissions,$channel,$recipient) {
+
+	}
+	protected function deliver_private($item,$channel,$recipients) {
+
+	}
+	protected function collect_private($channel,$connection) {
+
+	}
+
+}

Zotlabs/Module/Achievements.php

@@ -0,0 +1,93 @@
+<?php
+namespace Zotlabs\Module;
+
+
+class Achievements extends \Zotlabs\Web\Controller {
+
+	function get() {
+		// This doesn't work, so
+		if (! is_developer())
+			return;
+	
+		if(argc() > 1)
+			$which = argv(1);
+		else {
+			notice( t('Requested profile is not available.') . EOL );
+			return;
+	}
+	
+		$profile = 0;
+		$profile = argv(1);		
+		profile_load($which,$profile);
+	
+		$r = q("select channel_id from channel where channel_address = '%s'",
+				dbesc($which)
+				);
+		if($r) {
+			$owner = intval($r[0]['channel_id']);
+			}
+	
+		$observer = \App::get_observer();
+		$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
+		$perms = get_all_perms($owner,$ob_hash);
+		if(! $perms['view_profile']) {
+			notice( t('Permission denied.') . EOL);
+		return;
+	    }
+	
+		$newmembertext = t('Some blurb about what to do when you\'re new here');
+	
+	
+	//	By default, all badges are false
+		$contactbadge = false;
+		$profilebadge = false;
+		$keywordsbadge = false;
+		
+	// Check number of contacts.  Award a badge if over 10
+	// We'll figure these out on each page load instead of 
+	// writing them to the DB because that will mean one needs
+	// to retain their achievements - eg, you can't add
+	// a bunch of channels just to get your badge, and then
+	// delete them all again.  If these become popular or
+	// used in profiles or something, we may need to reconsider
+	// and add a table for this - because this won't scale.
+	    
+	    $r = q("select * from abook where abook_channel = %d",
+		intval($owner)
+		);
+	
+		if (count($r))
+			$contacts = count($r);
+		// We're checking for 11 to adjust for the abook record for self
+		if ($contacts >= 11)
+				$contactbadge = true;
+			
+	//	Check if an about field in the profile has been created.
+	
+		$r = q("select * from profile where uid = %d and about <> ''",
+				intval($owner)
+		);
+		
+		if ($r)
+			$profilebadge = 1;
+	
+	// Check if keywords have been set
+	
+		$r = q("select * from profile where uid = %d and keywords <> ''",
+				intval($owner)
+		);
+		
+		if($r)
+			$keywordsbadge = 1;
+	
+	    return replace_macros(get_markup_template("achievements.tpl"), array(
+	                '$newmembertext' => $newmembertext,
+	                '$profilebadge' => $profilebadge,
+	                '$contactbadge' => $contactbadge,
+	                '$keywordsbadge' => $keywordsbadge,
+	                '$channelsbadge' => $channelsbadge
+	));
+	
+	}
+	
+}

Zotlabs/Module/Acl.php

@@ -0,0 +1,377 @@
+<?php
+namespace Zotlabs\Module;
+
+/*
+ * ACL selector json backend 
+ * This module provides JSON lists of connections and local/remote channels
+ * (xchans) to populate various tools such as the ACL (AccessControlList) popup
+ * and various auto-complete functions (such as email recipients, search, and 
+ * mention targets.
+ * There are two primary output structural formats. One for the ACL widget and
+ * the other for auto-completion.
+ * Many of the  behaviour variations are triggered on the use of single character keys
+ * however this functionality has grown in an ad-hoc manner and has gotten quite messy over time.    
+ */
+
+require_once("include/acl_selectors.php");
+require_once("include/group.php");
+
+
+class Acl extends \Zotlabs\Web\Controller {
+
+	function init(){
+	
+		//	logger('mod_acl: ' . print_r($_REQUEST,true));
+	
+		$start    = (x($_REQUEST,'start')  ? $_REQUEST['start']  : 0);
+		$count    = (x($_REQUEST,'count')  ? $_REQUEST['count']  : 500);
+		$search   = (x($_REQUEST,'search') ? $_REQUEST['search'] : '');
+		$type     = (x($_REQUEST,'type')   ? $_REQUEST['type']   : '');
+		$noforums = (x($_REQUEST,'n')      ? $_REQUEST['n']      : false);	
+
+
+		// $type = 
+		//  ''   =>  standard ACL request
+		//  'g'  =>  Groups only ACL request
+		//  'c'  =>  Connections only ACL request or editor (textarea) mention request
+		// $_REQUEST['search'] contains ACL search text.
+
+
+		// $type =
+		//  'm'  =>  autocomplete private mail recipient (checks post_mail permission)
+		//  'a'  =>  autocomplete connections (mod_connections, mod_poke, mod_sources, mod_photos)
+		//  'x'  =>  nav search bar autocomplete (match any xchan)
+		// $_REQUEST['query'] contains autocomplete search text.
+	
+		// List of channels whose connections to also suggest, 
+		// e.g. currently viewed channel or channels mentioned in a post
+
+		$extra_channels = (x($_REQUEST,'extra_channels') ? $_REQUEST['extra_channels'] : array());
+	
+		// The different autocomplete libraries use different names for the search text
+		// parameter. Internaly we'll use $search to represent the search text no matter
+		// what request variable it was attached to. 
+	
+		if(array_key_exists('query',$_REQUEST)) {
+			$search = $_REQUEST['query'];
+		}
+	
+		if( (! local_channel()) && (! ($type == 'x' || $type == 'c')))
+			killme();
+	
+		if($search) {
+			$sql_extra = " AND `name` LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " ";
+			$sql_extra2 = "AND ( xchan_name LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " OR xchan_addr LIKE " . protect_sprintf( "'%" . dbesc($search) . ((strpos($search,'@') === false) ? "%@%'"  : "%'")) . ") ";
+	
+			// This horrible mess is needed because position also returns 0 if nothing is found. 
+			// Would be MUCH easier if it instead returned a very large value
+			// Otherwise we could just 
+			// order by LEAST(POSITION($search IN xchan_name),POSITION($search IN xchan_addr)).
+
+			$order_extra2 = "CASE WHEN xchan_name LIKE " 
+					. protect_sprintf( "'%" . dbesc($search) . "%'" ) 
+					. " then POSITION('" . dbesc($search) 
+					. "' IN xchan_name) else position('" . dbesc($search) . "' IN xchan_addr) end, ";
+
+			$col = ((strpos($search,'@') !== false) ? 'xchan_addr' : 'xchan_name' );
+			$sql_extra3 = "AND $col like " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " ";
+	
+		}
+		else {
+			$sql_extra = $sql_extra2 = $sql_extra3 = "";
+		}
+		
+		
+		$groups = array();
+		$contacts = array();
+		
+		if($type == '' || $type == 'g') {
+	
+			$r = q("SELECT `groups`.`id`, `groups`.`hash`, `groups`.`gname`
+					FROM `groups`,`group_member` 
+					WHERE `groups`.`deleted` = 0 AND `groups`.`uid` = %d 
+					AND `group_member`.`gid`=`groups`.`id`
+					$sql_extra
+					GROUP BY `groups`.`id`
+					ORDER BY `groups`.`gname` 
+					LIMIT %d OFFSET %d",
+				intval(local_channel()),
+				intval($count),
+				intval($start)
+			);
+
+			if($r) {	
+				foreach($r as $g){
+		//		logger('acl: group: ' . $g['gname'] . ' members: ' . group_get_members_xchan($g['id']));
+					$groups[] = array(
+						"type"  => "g",
+						"photo" => "images/twopeople.png",
+						"name"  => $g['gname'],
+						"id"	=> $g['id'],
+						"xid"   => $g['hash'],
+						"uids"  => group_get_members_xchan($g['id']),
+						"link"  => ''
+					);
+				}
+			}
+		}
+	
+		if($type == '' || $type == 'c') {
+			$extra_channels_sql  = ''; 
+			// Only include channels who allow the observer to view their permissions
+			foreach($extra_channels as $channel) {
+				if(perm_is_allowed(intval($channel), get_observer_hash(),'view_contacts'))
+					$extra_channels_sql .= "," . intval($channel);
+			}
+	
+			$extra_channels_sql = substr($extra_channels_sql,1); // Remove initial comma
+	
+			// Getting info from the abook is better for local users because it contains info about permissions
+			if(local_channel()) {
+				if($extra_channels_sql != '')
+					$extra_channels_sql = " OR (abook_channel IN ($extra_channels_sql)) and abook_hidden = 0 ";
+
+				$r2 = null;
+
+				$r1 = q("select * from atoken where atoken_uid = %d",
+					intval(local_channel())
+				);
+				if($r1) {
+					require_once('include/security.php');
+					$r2 = array();
+					foreach($r1 as $rr) {
+						$x = atoken_xchan($rr);
+						$r2[] = [ 
+							'id' => 'a' . $rr['atoken_id'] ,
+							'hash' => $x['xchan_hash'],
+							'name' => $x['xchan_name'],
+							'micro' => $x['xchan_photo_m'],
+							'url' => z_root(),
+							'nick' => $x['xchan_addr'],
+							'abook_their_perms' => 0,
+							'abook_flags' => 0,
+							'abook_self' => 0
+						];
+					}
+				} 
+
+	
+				$r = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, abook_flags, abook_self 
+					FROM abook left join xchan on abook_xchan = xchan_hash 
+					WHERE (abook_channel = %d $extra_channels_sql) AND abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc" ,
+					intval(local_channel())
+				);
+				if($r2)
+					$r = array_merge($r2,$r);
+
+			}
+			else { // Visitors
+				$r = q("SELECT xchan_hash as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_their_perms, 0 as abook_flags, 0 as abook_self
+					FROM xchan left join xlink on xlink_link = xchan_hash
+					WHERE xlink_xchan  = '%s' AND xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc" ,
+					dbesc(get_observer_hash())
+				);
+	
+				// Find contacts of extra channels
+				// This is probably more complicated than it needs to be
+				if($extra_channels_sql) {
+					// Build a list of hashes that we got previously so we don't get them again
+					$known_hashes = array("'".get_observer_hash()."'");
+					if($r)
+						foreach($r as $rr) 
+							$known_hashes[] = "'".$rr['hash']."'";
+					$known_hashes_sql = 'AND xchan_hash not in ('.join(',',$known_hashes).')';
+	
+					$r2 = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, abook_flags, abook_self 
+						FROM abook left join xchan on abook_xchan = xchan_hash 
+						WHERE abook_channel IN ($extra_channels_sql) $known_hashes_sql AND abook_blocked = 0 and abook_pending = 0 and abook_hidden = 0 and xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc");
+					if($r2)
+						$r = array_merge($r,$r2);
+	
+					// Sort accoring to match position, then alphabetically. This could be avoided if the above two SQL queries could be combined into one, and the sorting could be done on the SQl server (like in the case of a local user)
+					$matchpos = function($x) use($search) {
+						$namepos = strpos($x['name'],$search);
+						$nickpos = strpos($x['nick'],$search);
+						// Use a large position if not found
+						return min($namepos === false ? 9999 : $namepos, $nickpos === false ? 9999 : $nickpos);
+					};
+					// This could be made simpler if PHP supported stable sorting
+					usort($r,function($a,$b) use($matchpos) {
+						$pos1 = $matchpos($a);
+						$pos2 = $matchpos($b);
+						if($pos1 == $pos2) { // Order alphabetically if match position is the same
+							if($a['name'] == $b['name'])
+								return 0;
+							else
+								return ($a['name'] < $b['name']) ? -1 : 1;
+						}
+						return ($pos1 < $pos2) ? -1 : 1;
+					});
+				}
+			}
+			if(intval(get_config('system','taganyone')) || intval(get_pconfig(local_channel(),'system','taganyone'))) {
+				if((count($r) < 100) && $type == 'c') {
+					$r2 = q("SELECT substr(xchan_hash,1,18) as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_their_perms, 0 as abook_flags, 0 as abook_self 
+						FROM xchan 
+						WHERE xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc" 
+					);
+					if($r2)
+						$r = array_merge($r,$r2);
+				}
+			}
+		}
+		elseif($type == 'm') {
+	
+			$r = q("SELECT xchan_hash as hash, xchan_name as name, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url 
+				FROM abook left join xchan on abook_xchan = xchan_hash
+				WHERE abook_channel = %d and ( (abook_their_perms = null) or (abook_their_perms & %d )>0)
+				and xchan_deleted = 0
+				$sql_extra3
+				ORDER BY `xchan_name` ASC ",
+				intval(local_channel()),
+				intval(PERMS_W_MAIL)
+			);
+		}
+		elseif($type == 'a') {
+	
+			$r = q("SELECT abook_id as id, xchan_name as name, xchan_hash as hash, xchan_addr as nick, xchan_photo_s as micro, xchan_network as network, xchan_url as url, xchan_addr as attag , abook_their_perms FROM abook left join xchan on abook_xchan = xchan_hash
+				WHERE abook_channel = %d
+				and xchan_deleted = 0
+				$sql_extra3
+				ORDER BY xchan_name ASC ",
+				intval(local_channel())
+			);
+	
+		}
+		elseif($type == 'x') {
+			$r = $this->navbar_complete($a);
+			$contacts = array();
+			if($r) {
+				foreach($r as $g) {
+					$contacts[] = array(
+						"photo"    => $g['photo'],
+						"name"     => $g['name'],
+						"nick"     => $g['address'],
+					);
+				}
+			}
+	
+			$o = array(
+				'start' => $start,
+				'count'	=> $count,
+				'items'	=> $contacts,
+			);
+			echo json_encode($o);
+			killme();
+		}
+		else
+			$r = array();
+	
+		if($r) {
+			foreach($r as $g){
+	
+				// remove RSS feeds from ACLs - they are inaccessible
+				if(strpos($g['hash'],'/') && $type != 'a')
+					continue;
+	
+				if(($g['abook_their_perms'] & PERMS_W_TAGWALL) && $type == 'c' && (! $noforums)) {
+					$contacts[] = array(
+						"type"     => "c",
+						"photo"    => "images/twopeople.png",
+						"name"     => $g['name'] . '+',
+						"id"	   => $g['id'] . '+',
+						"xid"      => $g['hash'],
+						"link"     => $g['nick'],
+						"nick"     => substr($g['nick'],0,strpos($g['nick'],'@')),
+						"self"     => (intval($g['abook_self']) ? 'abook-self' : ''),
+						"taggable" => 'taggable',
+						"label"    => t('network')
+					);
+				}
+				$contacts[] = array(
+					"type"     => "c",
+					"photo"    => $g['micro'],
+					"name"     => $g['name'],
+					"id"	   => $g['id'],
+					"xid"      => $g['hash'],
+					"link"     => $g['nick'],
+					"nick"     => (($g['nick']) ? substr($g['nick'],0,strpos($g['nick'],'@')) : t('RSS')),
+					"self"     => (intval($g['abook_self']) ? 'abook-self' : ''),
+					"taggable" => '',
+					"label"    => '',
+				);
+			}			
+		}
+			
+		$items = array_merge($groups, $contacts);
+		
+		$o = array(
+			'start' => $start,
+			'count'	=> $count,
+			'items'	=> $items,
+		);
+	
+	
+		
+		echo json_encode($o);
+	
+		killme();
+	}
+	
+	
+	function navbar_complete(&$a) {
+	
+	//	logger('navbar_complete');
+	
+		if(observer_prohibited()) {
+			return;
+		}
+	
+		$dirmode = intval(get_config('system','directory_mode'));
+		$search = ((x($_REQUEST,'search')) ? htmlentities($_REQUEST['search'],ENT_COMPAT,'UTF-8',false) : '');
+		if(! $search || mb_strlen($search) < 2)
+			return array();
+	
+		$star = false;
+		$address = false;
+	
+		if(substr($search,0,1) === '@')
+			$search = substr($search,1);
+	
+		if(substr($search,0,1) === '*') {
+			$star = true;
+			$search = substr($search,1);
+		}
+	
+		if(strpos($search,'@') !== false) {
+			$address = true;
+		}
+	
+		if(($dirmode == DIRECTORY_MODE_PRIMARY) || ($dirmode == DIRECTORY_MODE_STANDALONE)) {
+			$url = z_root() . '/dirsearch';
+		}
+	
+		if(! $url) {
+			require_once("include/dir_fns.php");
+			$directory = find_upstream_directory($dirmode);
+			$url = $directory['url'] . '/dirsearch';
+		}
+	
+		$count = (x($_REQUEST,'count') ?  $_REQUEST['count'] : 100);
+		if($url) {
+			$query = $url . '?f=' ;
+			$query .= '&name=' . urlencode($search) . "&limit=$count" . (($address) ? '&address=' . urlencode($search) : '');
+	
+			$x = z_fetch_url($query);
+			if($x['success']) {
+				$t = 0;
+				$j = json_decode($x['body'],true);
+				if($j && $j['results']) {
+					return $j['results'];
+				}
+			}
+		}
+		return array();
+	}
+	
+}

Zotlabs/Module/Api.php

@@ -0,0 +1,122 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/api.php');
+
+
+
+class Api extends \Zotlabs\Web\Controller {
+
+	function post() {
+	
+		if(! local_channel()) {
+			notice( t('Permission denied.') . EOL);
+			return;
+		}
+	
+		if(count(\App::$user) && x(\App::$user,'uid') && \App::$user['uid'] != local_channel()) {
+			notice( t('Permission denied.') . EOL);
+			return;
+		}
+	
+	}
+	
+		function get() {
+		if(\App::$cmd=='api/oauth/authorize'){
+	
+			/* 
+			 * api/oauth/authorize interact with the user. return a standard page
+			 */
+			
+			\App::$page['template'] = "minimal";
+					
+			// get consumer/client from request token
+			try {
+				$request = OAuth1Request::from_request();
+			} catch(Exception $e) {
+				echo "<pre>"; var_dump($e); killme();
+			}
+			
+			
+			if(x($_POST,'oauth_yes')){
+			
+				$app = $this->oauth_get_client($request);
+				if (is_null($app)) return "Invalid request. Unknown token.";
+				$consumer = new OAuth1Consumer($app['client_id'], $app['pw'], $app['redirect_uri']);
+	
+				$verifier = md5($app['secret'].local_channel());
+				set_config("oauth", $verifier, local_channel());
+				
+				
+				if($consumer->callback_url!=null) {
+					$params = $request->get_parameters();
+					$glue="?";
+					if (strstr($consumer->callback_url,$glue)) $glue="?";
+					goaway($consumer->callback_url . $glue . "oauth_token=" . OAuth1Util::urlencode_rfc3986($params['oauth_token']) . "&oauth_verifier=" . OAuth1Util::urlencode_rfc3986($verifier));
+					killme();
+				}
+							
+				$tpl = get_markup_template("oauth_authorize_done.tpl");
+				$o = replace_macros($tpl, array(
+					'$title' => t('Authorize application connection'),
+					'$info' => t('Return to your app and insert this Securty Code:'),
+					'$code' => $verifier,
+				));
+			
+				return $o;
+			}
+			
+			
+			if(! local_channel()) {
+				//TODO: we need login form to redirect to this page
+				notice( t('Please login to continue.') . EOL );
+				return login(false,'api-login',$request->get_parameters());
+			}
+			//FKOAuth1::loginUser(4);
+			
+			$app = $this->oauth_get_client($request);
+			if (is_null($app)) return "Invalid request. Unknown token.";
+			
+			
+	
+			
+			$tpl = get_markup_template('oauth_authorize.tpl');
+			$o = replace_macros($tpl, array(
+				'$title' => t('Authorize application connection'),
+				'$app' => $app,
+				'$authorize' => t('Do you want to authorize this application to access your posts and contacts, and/or create new posts for you?'),
+				'$yes'	=> t('Yes'),
+				'$no'	=> t('No'),
+			));
+			
+			//echo "<pre>"; var_dump($app); killme();
+			
+			return $o;
+		}
+		
+		echo api_call($a);
+		killme();
+	}
+
+	function oauth_get_client($request){
+
+	
+		$params = $request->get_parameters();
+		$token = $params['oauth_token'];
+	
+		$r = q("SELECT `clients`.* 
+			FROM `clients`, `tokens` 
+			WHERE `clients`.`client_id`=`tokens`.`client_id` 
+			AND `tokens`.`id`='%s' AND `tokens`.`auth_scope`='request'",
+			dbesc($token));
+
+		if (!count($r))
+			return null;
+	
+		return $r[0];
+	}
+	
+	
+	
+	
+}

Zotlabs/Module/Appman.php

@@ -0,0 +1,131 @@
+<?php /** @file */
+
+namespace Zotlabs\Module; 
+
+//require_once('include/apps.php');
+
+use \Zotlabs\Lib as Zlib;
+
+class Appman extends \Zotlabs\Web\Controller {
+
+	function post() {
+	
+		if(! local_channel())
+			return;
+	
+		if($_POST['url']) {
+			$arr = array(
+				'uid' => intval($_REQUEST['uid']),
+				'url' => escape_tags($_REQUEST['url']),
+				'guid' => escape_tags($_REQUEST['guid']),
+				'author' => escape_tags($_REQUEST['author']),
+				'addr' => escape_tags($_REQUEST['addr']),
+				'name' => escape_tags($_REQUEST['name']),
+				'desc' => escape_tags($_REQUEST['desc']),
+				'photo' => escape_tags($_REQUEST['photo']),
+				'version' => escape_tags($_REQUEST['version']),
+				'price' => escape_tags($_REQUEST['price']),
+				'requires' => escape_tags($_REQUEST['requires']),
+				'system' => intval($_REQUEST['system']),
+				'sig' => escape_tags($_REQUEST['sig']),
+				'categories' => escape_tags($_REQUEST['categories'])
+			);
+	
+			$_REQUEST['appid'] = Zlib\Apps::app_install(local_channel(),$arr);
+	
+			if(Zlib\Apps::app_installed(local_channel(),$arr))
+				info( t('App installed.') . EOL);
+	
+			return;
+		}
+	
+	
+		$papp = Zlib\Apps::app_decode($_POST['papp']);
+	
+		if(! is_array($papp)) {
+			notice( t('Malformed app.') . EOL);
+			return;
+		}
+	
+		if($_POST['install']) {
+			Zlib\Apps::app_install(local_channel(),$papp);
+			if(Zlib\Apps::app_installed(local_channel(),$papp))
+				info( t('App installed.') . EOL);
+		}
+	
+		if($_POST['delete']) {
+			Zlib\Apps::app_destroy(local_channel(),$papp);
+		}
+	
+		if($_POST['edit']) {
+			return;
+		}
+	
+		if($_SESSION['return_url']) 
+			goaway(z_root() . '/' . $_SESSION['return_url']);
+		goaway(z_root() . '/apps');
+	
+	
+	}
+	
+	
+	function get() {
+	
+		if(! local_channel()) {
+			notice( t('Permission denied.') . EOL);
+			return;
+		}
+	
+		$channel = \App::get_channel();
+		$app = null;
+		$embed = null;
+		if($_REQUEST['appid']) {
+			$r = q("select * from app where app_id = '%s' and app_channel = %d limit 1",
+				dbesc($_REQUEST['appid']),
+				dbesc(local_channel())
+			);
+			if($r) {
+				$app = $r[0];
+
+				$term = q("select * from term where otype = %d and oid = %d",
+					intval(TERM_OBJ_APP),
+					intval($r[0]['id'])
+				);
+				if($term) {
+					$app['categories'] = '';
+					foreach($term as $t) {
+						if($app['categories'])
+							$app['categories'] .= ',';
+						$app['categories'] .= $t['term'];
+					}
+				}
+			}
+
+			$embed = array('embed', t('Embed code'), Zlib\Apps::app_encode($app,true),'', 'onclick="this.select();"');
+	
+		}
+				
+		return replace_macros(get_markup_template('app_create.tpl'), array(
+	
+			'$banner' => (($app) ? t('Edit App') : t('Create App')),
+			'$app' => $app,
+			'$guid' => (($app) ? $app['app_id'] : ''),
+			'$author' => (($app) ? $app['app_author'] : $channel['channel_hash']),
+			'$addr' => (($app) ? $app['app_addr'] : $channel['xchan_addr']),
+			'$name' => array('name', t('Name of app'),(($app) ? $app['app_name'] : ''), t('Required')),
+			'$url' => array('url', t('Location (URL) of app'),(($app) ? $app['app_url'] : ''), t('Required')),
+	 		'$desc' => array('desc', t('Description'),(($app) ? $app['app_desc'] : ''), ''),
+			'$photo' => array('photo', t('Photo icon URL'),(($app) ? $app['app_photo'] : ''), t('80 x 80 pixels - optional')),
+			'$categories' => array('categories',t('Categories (optional, comma separated list)'),(($app) ? $app['categories'] : ''),''),
+			'$version' => array('version', t('Version ID'),(($app) ? $app['app_version'] : ''), ''),
+			'$price' => array('price', t('Price of app'),(($app) ? $app['app_price'] : ''), ''),
+			'$page' => array('page', t('Location (URL) to purchase app'),(($app) ? $app['app_page'] : ''), ''),
+			'$system' => (($app) ? intval($app['app_system']) : 0),
+			'$requires' => (($app) ? $app['app_requires'] : ''),
+			'$embed' => $embed,
+			'$submit' => t('Submit')
+		));
+	
+	}
+	
+}

Zotlabs/Module/Apps.php

@@ -0,0 +1,53 @@
+<?php
+namespace Zotlabs\Module;
+
+//require_once('include/apps.php');
+
+use \Zotlabs\Lib as Zlib;
+
+class Apps extends \Zotlabs\Web\Controller {
+
+	function get() {
+	
+		if(argc() == 2 && argv(1) == 'edit')
+			$mode = 'edit';
+		else
+			$mode = 'list';
+	
+		$_SESSION['return_url'] = \App::$cmd;
+	
+		$apps = array();
+	
+	
+		if(local_channel()) {
+			Zlib\Apps::import_system_apps();
+			$syslist = array();
+			$list = Zlib\Apps::app_list(local_channel(), false, $_GET['cat']);
+			if($list) {
+				foreach($list as $x) {
+					$syslist[] = Zlib\Apps::app_encode($x);
+				}
+			}
+			Zlib\Apps::translate_system_apps($syslist);
+		}
+		else
+			$syslist = Zlib\Apps::get_system_apps(true);
+
+		usort($syslist,'Zotlabs\\Lib\\Apps::app_name_compare');
+	
+	//	logger('apps: ' . print_r($syslist,true));
+	
+		foreach($syslist as $app) {
+			$apps[] = Zlib\Apps::app_render($app,$mode);
+		}
+	
+		return replace_macros(get_markup_template('myapps.tpl'), array(
+			'$sitename' => get_config('system','sitename'),
+			'$cat' => ((array_key_exists('cat',$_GET) && $_GET['cat']) ? ' - ' . escape_tags($_GET['cat']) : ''),
+			'$title' => t('Apps'),
+			'$apps' => $apps,
+		));
+	
+	}
+	
+}

Zotlabs/Module/Attach.php

@@ -0,0 +1,61 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/security.php');
+require_once('include/attach.php');
+
+
+class Attach extends \Zotlabs\Web\Controller {
+
+	function init() {
+	
+		if(argc() < 2) {
+			notice( t('Item not available.') . EOL);
+			return;
+		}
+	
+		$r = attach_by_hash(argv(1),((argc() > 2) ? intval(argv(2)) : 0));
+	
+		if(! $r['success']) {
+			notice( $r['message'] . EOL);
+			return;
+		}
+	
+		$c = q("select channel_address from channel where channel_id = %d limit 1",
+			intval($r['data']['uid'])
+		);
+	
+		if(! $c)
+			return;
+	
+	
+		$unsafe_types = array('text/html','text/css','application/javascript');
+	
+		if(in_array($r['data']['filetype'],$unsafe_types)) {
+				header('Content-type: text/plain');
+		}
+		else {
+			header('Content-type: ' . $r['data']['filetype']);
+		}
+	
+		header('Content-disposition: attachment; filename="' . $r['data']['filename'] . '"');
+		if(intval($r['data']['os_storage'])) {
+			$fname = dbunescbin($r['data']['content']);
+			if(strpos($fname,'store') !== false)
+				$istream = fopen($fname,'rb');
+			else
+				$istream = fopen('store/' . $c[0]['channel_address'] . '/' . $fname,'rb');
+			$ostream = fopen('php://output','wb');
+			if($istream && $ostream) {
+				pipe_streams($istream,$ostream);
+				fclose($istream);
+				fclose($ostream);
+			}
+		}
+		else
+			echo dbunescbin($r['data']['content']);
+		killme();
+	
+	}
+	
+}

Zotlabs/Module/Authtest.php

@@ -0,0 +1,61 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/zot.php');
+
+
+class Authtest extends \Zotlabs\Web\Controller {
+
+	function get() {
+	
+	
+		$auth_success = false;
+		$o .= '<h3>Magic-Auth Diagnostic</h3>';
+	
+		if(! local_channel()) {
+			notice( t('Permission denied.') . EOL);
+			return $o;
+		}
+	
+		$o .= '<form action="authtest" method="get">';
+		$o .= 'Target URL: <input type="text" style="width: 250px;" name="dest" value="' . $_GET['dest'] .'" />';
+		$o .= '<input type="submit" name="submit" value="Submit" /></form>'; 
+	
+		$o .= '<br /><br />';
+	
+		if(x($_GET,'dest')) {
+			if(strpos($_GET['dest'],'@')) {
+				$_GET['dest'] = $_REQUEST['dest'] = 'https://' . substr($_GET['dest'],strpos($_GET['dest'],'@')+1) . '/channel/' . substr($_GET['dest'],0,strpos($_GET['dest'],'@'));
+			}
+	
+			$_REQUEST['test'] = 1;
+			$mod = new Magic();
+			$x = $mod->init($a);
+
+			$o .= 'Local Setup returns: ' . print_r($x,true);
+	
+	
+	
+			if($x['url']) {
+				$z = z_fetch_url($x['url'] . '&test=1');
+				if($z['success']) {
+					$j = json_decode($z['body'],true);
+					if(! $j)
+						$o .= 'json_decode failure from remote site. ' . print_r($z['body'],true);
+					$o .= 'Remote site responded: ' . print_r($j,true);
+					if($j['success'] && strpos($j['message'],'Authentication Success'))
+						$auth_success = true;
+				}
+				else {
+					$o .= 'fetch url failure.' . print_r($z,true);
+				}
+			}
+	
+			if(! $auth_success)
+				$o .= 'Authentication Failed!' . EOL;
+		}
+	
+		return str_replace("\n",'<br />',$o);
+	}
+	
+}

Zotlabs/Module/Block.php

@@ -0,0 +1,92 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/items.php');
+require_once('include/conversation.php');
+require_once('include/page_widgets.php');
+
+
+class Block extends \Zotlabs\Web\Controller {
+
+	function init() {
+	
+		$which = argv(1);
+		$profile = 0;
+		profile_load($which,$profile);
+	
+		if(\App::$profile['profile_uid'])
+			head_set_icon(\App::$profile['thumb']);
+	
+	}
+	
+	
+		function get() {
+	
+		if(! perm_is_allowed(\App::$profile['profile_uid'],get_observer_hash(),'view_pages')) {
+			notice( t('Permission denied.') . EOL);
+			return;
+		}
+	
+		if(argc() < 3) {
+			notice( t('Invalid item.') . EOL);
+			return;
+		}
+	
+		$channel_address = argv(1);
+		$page_id = argv(2);
+	
+		$u = q("select channel_id from channel where channel_address = '%s' limit 1",
+			dbesc($channel_address)
+		);
+	
+		if(! $u) {
+			notice( t('Channel not found.') . EOL);
+			return;
+		}
+	
+		if($_REQUEST['rev'])
+			$revision = " and revision = " . intval($_REQUEST['rev']) . " ";
+		else
+			$revision = " order by revision desc ";
+	
+		require_once('include/security.php');
+		$sql_options = item_permissions_sql($u[0]['channel_id']);
+	
+		$r = q("select item.* from item left join iconfig on item.id = iconfig.iid
+			where item.uid = %d and iconfig.cat = 'system' and iconfig.v = '%s' and iconfig.k = 'BUILDBLOCK' and 
+			item_type = %d $sql_options $revision limit 1",
+			intval($u[0]['channel_id']),
+			dbesc($page_id),
+			intval(ITEM_TYPE_BLOCK)
+		);
+	
+		if(! $r) {
+	
+			// Check again with no permissions clause to see if it is a permissions issue
+	
+			$x = q("select item.* from item left join iconfig on item.id = iconfig.iid
+			where item.uid = %d and iconfig.cat = 'system' and iconfig.v = '%s' and iconfig.k = 'BUILDBLOCK' and 
+			item_type = %d $revision limit 1",
+				intval($u[0]['channel_id']),
+				dbesc($page_id),
+				intval(ITEM_TYPE_BLOCK)
+			);
+			if($x) {
+				// Yes, it's there. You just aren't allowed to see it.
+				notice( t('Permission denied.') . EOL);
+			}
+			else {
+				notice( t('Page not found.') . EOL);
+			}
+			return;
+		}
+	
+		xchan_query($r);
+		$r = fetch_post_tags($r,true);
+	
+		$o .= prepare_page($r[0]);
+		return $o;
+	
+	}
+	
+}

Zotlabs/Module/Blocks.php

@@ -0,0 +1,173 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/channel.php');
+require_once('include/conversation.php');
+require_once('include/acl_selectors.php');
+
+
+class Blocks extends \Zotlabs\Web\Controller {
+
+	function init() {
+	
+		if(argc() > 1 && argv(1) === 'sys' && is_site_admin()) {
+			$sys = get_sys_channel();
+			if($sys && intval($sys['channel_id'])) {
+				\App::$is_sys = true;
+			}
+		}
+	
+		if(argc() > 1)
+			$which = argv(1);
+		else
+			return;
+	
+		profile_load($which);
+	
+	}
+	
+	
+	function get() {
+	
+		if(! \App::$profile) {
+			notice( t('Requested profile is not available.') . EOL );
+			\App::$error = 404;
+			return;
+		}
+	
+		$which = argv(1);
+	
+		$_SESSION['return_url'] = \App::$query_string;
+	
+		$uid = local_channel();
+		$owner = 0;
+		$channel = null;
+		$observer = \App::get_observer();
+	
+		$channel = \App::get_channel();
+	
+		if(\App::$is_sys && is_site_admin()) {
+			$sys = get_sys_channel();
+			if($sys && intval($sys['channel_id'])) {
+				$uid = $owner = intval($sys['channel_id']);
+				$channel = $sys;
+				$observer = $sys;
+			}
+		}
+	
+		if(! $owner) {
+			// Figure out who the page owner is.
+			$r = q("select channel_id from channel where channel_address = '%s'",
+				dbesc($which)
+			);
+			if($r) {
+				$owner = intval($r[0]['channel_id']);
+			}
+		}
+	
+		$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
+	
+		$perms = get_all_perms($owner,$ob_hash);
+	
+		if(! $perms['write_pages']) {
+			notice( t('Permission denied.') . EOL);
+			return;
+		}
+	
+		// Block design features from visitors 
+	
+		if((! $uid) || ($uid != $owner)) {
+			notice( t('Permission denied.') . EOL);
+			return;
+		}
+	
+		$mimetype = (($_REQUEST['mimetype']) ? $_REQUEST['mimetype'] : get_pconfig($owner,'system','page_mimetype'));
+
+		$x = array(
+			'webpage' => ITEM_TYPE_BLOCK,
+			'is_owner' => true,
+			'nickname' => \App::$profile['channel_address'],
+			'lockstate' => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
+			'bang' => '',
+			'showacl' => false,
+			'visitor' => true,
+			'mimetype' => $mimetype,
+			'mimeselect' => true,
+			'hide_location' => true,
+			'ptlabel' => t('Block Name'),
+			'profile_uid' => intval($owner),
+			'expanded' => true,
+			'novoting' => true,
+			'bbco_autocomplete' => 'bbcode',
+			'bbcode' => true
+		);
+	
+		if($_REQUEST['title'])
+			$x['title'] = $_REQUEST['title'];
+		if($_REQUEST['body'])
+			$x['body'] = $_REQUEST['body'];
+		if($_REQUEST['pagetitle'])
+			$x['pagetitle'] = $_REQUEST['pagetitle'];
+	
+		$editor = status_editor($a,$x);
+	
+
+		$r = q("select iconfig.iid, iconfig.k, iconfig.v, mid, title, body, mimetype, created, edited from iconfig 
+			left join item on iconfig.iid = item.id
+			where uid = %d and iconfig.cat = 'system' and iconfig.k = 'BUILDBLOCK' 
+			and item_type = %d order by item.created desc",
+			intval($owner),
+			intval(ITEM_TYPE_BLOCK)
+		);
+	
+		$pages = null;
+	
+		if($r) {
+			$pages = array();
+			foreach($r as $rr) {
+				$element_arr = array(
+					'type'      => 'block',
+					'title'	    => $rr['title'],
+					'body'      => $rr['body'],
+					'created'   => $rr['created'],
+					'edited'    => $rr['edited'],
+					'mimetype'  => $rr['mimetype'],
+					'pagetitle' => $rr['v'],
+					'mid'       => $rr['mid']
+				);
+				$pages[$rr['iid']][] = array(
+					'url' => $rr['iid'],
+					'name' => $rr['v'],
+					'title' => $rr['title'],
+					'created' => $rr['created'],
+					'edited' => $rr['edited'],
+					'bb_element' => '[element]' . base64url_encode(json_encode($element_arr)) . '[/element]'
+				);
+			} 
+		}
+	
+		//Build the base URL for edit links
+		$url = z_root() . '/editblock/' . $which; 
+	
+		$o .= replace_macros(get_markup_template('blocklist.tpl'), array(
+			'$baseurl'    => $url,
+			'$title'      => t('Blocks'),
+			'$name'       => t('Block Name'),
+			'$blocktitle' => t('Block Title'),
+			'$created'    => t('Created'),
+			'$edited'     => t('Edited'),
+			'$create'     => t('Create'),
+			'$edit'       => t('Edit'),
+			'$share'      => t('Share'),
+			'$delete'     => t('Delete'),
+			'$editor'     => $editor,
+			'$pages'      => $pages,
+			'$channel'    => $which,
+			'$view'       => t('View'),
+			'$preview'    => '1',
+		));
+	    
+		return $o;
+	}
+	
+}

Zotlabs/Module/Bookmarks.php

@@ -0,0 +1,105 @@
+<?php
+namespace Zotlabs\Module;
+
+
+class Bookmarks extends \Zotlabs\Web\Controller {
+
+	function init() {
+		if(! local_channel())
+			return;
+		$item_id = intval($_REQUEST['item']);
+		$burl = trim($_REQUEST['burl']);
+	
+		if(! $item_id)
+			return;
+	
+		$u = \App::get_channel();
+	
+		$item_normal = item_normal();
+	
+		$i = q("select * from item where id = %d and uid = %d $item_normal limit 1",
+			intval($item_id),
+			intval(local_channel())
+		);
+	
+		if(! $i)
+			return;
+	
+		$i = fetch_post_tags($i);
+	
+		$item = $i[0];
+	
+		$terms = get_terms_oftype($item['term'],TERM_BOOKMARK);
+	
+		if($terms) {
+			require_once('include/bookmarks.php');
+	
+			$s = q("select * from xchan where xchan_hash = '%s' limit 1",
+				dbesc($item['author_xchan'])
+			);
+			if(! $s) {
+				logger('mod_bookmarks: author lookup failed.');
+				killme();
+			}
+			foreach($terms as $t) {
+				if($burl) {
+					if($burl == $t['url']) {
+						bookmark_add($u,$s[0],$t,$item['item_private']);
+					}
+				}
+				else
+					bookmark_add($u,$s[0],$t,$item['item_private']);
+	
+				info( t('Bookmark added') . EOL);
+			}
+		}
+		killme();
+	}
+	
+		function get() {
+		if(! local_channel()) {
+			notice( t('Permission denied.') . EOL);
+			return;
+		}
+	
+	
+		require_once('include/menu.php');
+		require_once('include/conversation.php');
+	
+		$channel = \App::get_channel();
+	
+		$o = profile_tabs($a,true,$channel['channel_address']);
+	
+		$o .= '<div class="generic-content-wrapper-styled">';
+	
+		$o .= '<h3>' . t('My Bookmarks') . '</h3>';
+	
+		$x = menu_list(local_channel(),'',MENU_BOOKMARK);
+	
+		if($x) {
+			foreach($x as $xx) {
+				$y = menu_fetch($xx['menu_name'],local_channel(),get_observer_hash());
+				$o .= menu_render($y,'',true);
+			}
+		}
+	
+		$o .= '<h3>' . t('My Connections Bookmarks') . '</h3>';
+	
+	
+		$x = menu_list(local_channel(),'',MENU_SYSTEM|MENU_BOOKMARK);
+	
+		if($x) {
+			foreach($x as $xx) {
+				$y = menu_fetch($xx['menu_name'],local_channel(),get_observer_hash());
+				$o .= menu_render($y,'',true);
+			}
+		}
+	
+		$o .= '</div>';
+	
+		return $o;
+	
+	}
+	
+	
+}

Zotlabs/Module/Branchtopic.php

@@ -0,0 +1,47 @@
+<?php
+namespace Zotlabs\Module;
+
+
+class Branchtopic extends \Zotlabs\Web\Controller {
+
+	function init() {
+	
+		if(! local_channel())
+			return;
+	
+		$item_id = 0;
+	
+		if(argc() > 1)
+			$item_id = intval(argv(1));	
+	
+		if(! $item_id)
+			return;
+	
+		$channel = \App::get_channel();
+	
+		if(! $channel)
+			return;
+	
+	
+		$r = q("select * from item where id = %d and uid = %d and owner_xchan = '%s' and id != parent limit 1",
+			intval($item_id),
+			intval(local_channel()),
+			dbesc($channel['channel_hash'])
+		);
+	
+		if(! $r)
+			return;
+	
+		$p = q("select * from item where id = %d and uid = %d limit 1",
+			intval($r[0]['parent']),
+			intval(local_channel())
+		);
+	
+		$x = q("update item set parent = id, route = '', item_thread_top = 1 where id = %d",
+			intval($item_id)
+		);
+	
+		return;
+	}
+	
+}

Zotlabs/Module/Cal.php

@@ -0,0 +1,354 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/conversation.php');
+require_once('include/bbcode.php');
+require_once('include/datetime.php');
+require_once('include/event.php');
+require_once('include/items.php');
+
+
+class Cal extends \Zotlabs\Web\Controller {
+
+	function init() {
+		if(observer_prohibited()) {
+			return;
+		}
+	
+		$o = '';
+	
+		if(argc() > 1) {
+			$nick = argv(1);
+	
+			profile_load($nick);
+	
+			$channelx = channelx_by_nick($nick);
+	
+			if(! $channelx)
+				return;
+	
+			\App::$data['channel'] = $channelx;
+	
+			$observer = \App::get_observer();
+			\App::$data['observer'] = $observer;
+	
+			$observer_xchan = (($observer) ? $observer['xchan_hash'] : '');
+	
+			head_set_icon(\App::$data['channel']['xchan_photo_s']);
+	
+			\App::$page['htmlhead'] .= "<script> var profile_uid = " . ((\App::$data['channel']) ? \App::$data['channel']['channel_id'] : 0) . "; </script>" ;
+	
+		}
+	
+		return;
+	}
+	
+	
+	
+	function get() {
+	
+		if(observer_prohibited()) {
+			return;
+		}
+		
+		$channel = null;
+	
+		if(argc() > 1) {
+			$channel = channelx_by_nick(argv(1));
+		}
+	
+	
+		if(! $channel) {
+			notice( t('Channel not found.') . EOL);
+			return;
+		}
+	
+		// since we don't currently have an event permission - use the stream permission
+	
+		if(! perm_is_allowed($channel['channel_id'], get_observer_hash(), 'view_stream')) {
+			notice( t('Permissions denied.') . EOL);
+			return;
+		}
+	
+		$sql_extra = permissions_sql($channel['channel_id'],get_observer_hash(),'event');
+	
+		$first_day = get_pconfig(local_channel(),'system','cal_first_day');
+		$first_day = (($first_day) ? $first_day : 0);
+	
+		$htpl = get_markup_template('event_head.tpl');
+		\App::$page['htmlhead'] .= replace_macros($htpl,array(
+			'$baseurl' => z_root(),
+			'$module_url' => '/cal/' . $channel['channel_address'],
+			'$modparams' => 2,
+			'$lang' => \App::$language,
+			'$first_day' => $first_day
+		));
+	
+		$o = '';
+	
+		$tabs = profile_tabs($a, True, $channel['channel_address']);
+	
+		$mode = 'view';
+		$y = 0;
+		$m = 0;
+		$ignored = ((x($_REQUEST,'ignored')) ? " and dismissed = " . intval($_REQUEST['ignored']) . " "  : '');
+	
+		// logger('args: ' . print_r(\App::$argv,true));
+	
+		if(argc() > 3 && intval(argv(2)) && intval(argv(3))) {
+			$mode = 'view';
+			$y = intval(argv(2));
+			$m = intval(argv(3));
+		}
+		if(argc() <= 3) {
+			$mode = 'view';
+			$event_id = argv(2);
+		}
+	
+		if($mode == 'view') {
+	
+			/* edit/create form */
+			if($event_id) {
+				$r = q("SELECT * FROM `event` WHERE event_hash = '%s' AND `uid` = %d LIMIT 1",
+					dbesc($event_id),
+					intval($channel['channel_id'])
+				);
+				if(count($r))
+					$orig_event = $r[0];
+			}
+	
+	
+			// Passed parameters overrides anything found in the DB
+			if(!x($orig_event))
+				$orig_event = array();
+	
+	
+	
+			$tz = date_default_timezone_get();
+			if(x($orig_event))
+				$tz = (($orig_event['adjust']) ? date_default_timezone_get() : 'UTC');
+	
+			$syear = datetime_convert('UTC', $tz, $sdt, 'Y');
+			$smonth = datetime_convert('UTC', $tz, $sdt, 'm');
+			$sday = datetime_convert('UTC', $tz, $sdt, 'd');
+			$shour = datetime_convert('UTC', $tz, $sdt, 'H');
+			$sminute = datetime_convert('UTC', $tz, $sdt, 'i');
+	
+			$stext = datetime_convert('UTC',$tz,$sdt);
+			$stext = substr($stext,0,14) . "00:00";
+	
+			$fyear = datetime_convert('UTC', $tz, $fdt, 'Y');
+			$fmonth = datetime_convert('UTC', $tz, $fdt, 'm');
+			$fday = datetime_convert('UTC', $tz, $fdt, 'd');
+			$fhour = datetime_convert('UTC', $tz, $fdt, 'H');
+			$fminute = datetime_convert('UTC', $tz, $fdt, 'i');
+	
+			$ftext = datetime_convert('UTC',$tz,$fdt);
+			$ftext = substr($ftext,0,14) . "00:00";
+	
+			$type = ((x($orig_event)) ? $orig_event['etype'] : 'event');
+	
+			$f = get_config('system','event_input_format');
+			if(! $f)
+				$f = 'ymd';
+	
+			$catsenabled = feature_enabled($channel['channel_id'],'categories');
+	
+	
+			$show_bd = perm_is_allowed($channel['channel_id'], get_observer_hash(), 'view_contacts');
+			if(! $show_bd) {
+				$sql_extra .= " and event.etype != 'birthday' ";
+			}
+	
+	
+			$category = '';
+	
+			$thisyear = datetime_convert('UTC',date_default_timezone_get(),'now','Y');
+			$thismonth = datetime_convert('UTC',date_default_timezone_get(),'now','m');
+			if(! $y)
+				$y = intval($thisyear);
+			if(! $m)
+				$m = intval($thismonth);
+	
+			// Put some limits on dates. The PHP date functions don't seem to do so well before 1900.
+			// An upper limit was chosen to keep search engines from exploring links millions of years in the future. 
+	
+			if($y < 1901)
+				$y = 1900;
+			if($y > 2099)
+				$y = 2100;
+	
+			$nextyear = $y;
+			$nextmonth = $m + 1;
+			if($nextmonth > 12) {
+					$nextmonth = 1;
+				$nextyear ++;
+			}
+	
+			$prevyear = $y;
+			if($m > 1)
+				$prevmonth = $m - 1;
+			else {
+				$prevmonth = 12;
+				$prevyear --;
+			}
+				
+			$dim    = get_dim($y,$m);
+			$start  = sprintf('%d-%d-%d %d:%d:%d',$y,$m,1,0,0,0);
+			$finish = sprintf('%d-%d-%d %d:%d:%d',$y,$m,$dim,23,59,59);
+	
+	
+			if (argv(2) === 'json'){
+				if (x($_GET,'start'))	$start = $_GET['start'];
+				if (x($_GET,'end'))	$finish = $_GET['end'];
+			}
+	
+			$start  = datetime_convert('UTC','UTC',$start);
+			$finish = datetime_convert('UTC','UTC',$finish);
+	
+			$adjust_start = datetime_convert('UTC', date_default_timezone_get(), $start);
+			$adjust_finish = datetime_convert('UTC', date_default_timezone_get(), $finish);
+	
+			if (x($_GET,'id')){
+			  	$r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan
+	                                from event left join item on resource_id = event_hash where resource_type = 'event' and event.uid = %d and event.id = %d $sql_extra limit 1",
+					intval($channel['channel_id']),
+					intval($_GET['id'])
+				);
+			} 
+			else {
+				// fixed an issue with "nofinish" events not showing up in the calendar.
+				// There's still an issue if the finish date crosses the end of month.
+				// Noting this for now - it will need to be fixed here and in Friendica.
+				// Ultimately the finish date shouldn't be involved in the query. 
+	
+				$r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan
+	                              from event left join item on event_hash = resource_id 
+					where resource_type = 'event' and event.uid = %d $ignored 
+					AND (( adjust = 0 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' ) 
+					OR  (  adjust = 1 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' )) $sql_extra ",
+					intval($channel['channel_id']),
+					dbesc($start),
+					dbesc($finish),
+					dbesc($adjust_start),
+					dbesc($adjust_finish)
+				);
+	
+			}
+	
+			$links = array();
+	
+			if($r) {
+				xchan_query($r);
+				$r = fetch_post_tags($r,true);
+	
+				$r = sort_by_date($r);
+			}
+	
+			if($r) {
+				foreach($r as $rr) {
+					$j = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtstart'], 'j') : datetime_convert('UTC','UTC',$rr['dtstart'],'j'));
+					if(! x($links,$j)) 
+						$links[$j] = z_root() . '/' . \App::$cmd . '#link-' . $j;
+				}
+			}
+	
+			$events=array();
+	
+			$last_date = '';
+			$fmt = t('l, F j');
+	
+			if($r) {
+	
+				foreach($r as $rr) {
+					
+					$j = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtstart'], 'j') : datetime_convert('UTC','UTC',$rr['dtstart'],'j'));
+					$d = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtstart'], $fmt) : datetime_convert('UTC','UTC',$rr['dtstart'],$fmt));
+					$d = day_translate($d);
+					
+					$start = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtstart'], 'c') : datetime_convert('UTC','UTC',$rr['dtstart'],'c'));
+					if ($rr['nofinish']){
+						$end = null;
+					} else {
+						$end = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtend'], 'c') : datetime_convert('UTC','UTC',$rr['dtend'],'c'));
+					}
+					
+					
+					$is_first = ($d !== $last_date);
+						
+					$last_date = $d;
+	
+					$edit = false;
+	
+					$drop = false;
+	
+					$title = strip_tags(html_entity_decode(bbcode($rr['summary']),ENT_QUOTES,'UTF-8'));
+					if(! $title) {
+						list($title, $_trash) = explode("<br",bbcode($rr['desc']),2);
+						$title = strip_tags(html_entity_decode($title,ENT_QUOTES,'UTF-8'));
+					}
+					$html = format_event_html($rr);
+					$rr['desc'] = bbcode($rr['desc']);
+					$rr['location'] = bbcode($rr['location']);
+					$events[] = array(
+						'id'=>$rr['id'],
+						'hash' => $rr['event_hash'],
+						'start'=> $start,
+						'end' => $end,
+						'drop' => $drop,
+						'allDay' => false,
+						'title' => $title,
+						
+						'j' => $j,
+						'd' => $d,
+						'edit' => $edit,
+						'is_first'=>$is_first,
+						'item'=>$rr,
+						'html'=>$html,
+						'plink' => array($rr['plink'],t('Link to Source'),'',''),
+					);
+	
+	
+				}
+			}
+			
+			if (argv(2) === 'json'){
+				echo json_encode($events); killme();
+			}
+			
+			// links: array('href', 'text', 'extra css classes', 'title')
+			if (x($_GET,'id')){
+				$tpl =  get_markup_template("event_cal.tpl");
+			} 
+			else {
+				$tpl = get_markup_template("events_cal-js.tpl");
+			}
+	
+			$nick = $channel['channel_address'];
+	
+			$o = replace_macros($tpl, array(
+				'$baseurl'	=> z_root(),
+				'$new_event'	=> array(z_root().'/cal',(($event_id) ? t('Edit Event') : t('Create Event')),'',''),
+				'$previus'	=> array(z_root()."/cal/$nick/$prevyear/$prevmonth",t('Previous'),'',''),
+				'$next'		=> array(z_root()."/cal/$nick/$nextyear/$nextmonth",t('Next'),'',''),
+				'$export'	=> array(z_root()."/cal/$nick/$y/$m/export",t('Export'),'',''),
+				'$calendar'	=> cal($y,$m,$links, ' eventcal'),
+				'$events'	=> $events,
+				'$upload'	=> t('Import'),
+				'$submit'	=> t('Submit'),
+				'$prev'		=> t('Previous'),
+				'$next'		=> t('Next'),
+				'$today'	=> t('Today'),
+				'$form'		=> $form,
+				'$expandform'	=> ((x($_GET,'expandform')) ? true : false),
+				'$tabs'		=> $tabs
+			));
+			
+			if (x($_GET,'id')){ echo $o; killme(); }
+			
+			return $o;
+		}
+	
+	}
+	
+}

Zotlabs/Module/Channel.php

@@ -0,0 +1,366 @@
+<?php
+namespace Zotlabs\Module;
+
+
+require_once('include/contact_widgets.php');
+require_once('include/items.php');
+require_once("include/bbcode.php");
+require_once('include/security.php');
+require_once('include/conversation.php');
+require_once('include/acl_selectors.php');
+require_once('include/permissions.php');
+
+class Channel extends \Zotlabs\Web\Controller {
+
+	function init() {
+
+		$which = null;
+		if(argc() > 1)
+			$which = argv(1);
+		if(! $which) {
+			if(local_channel()) {
+				$channel = \App::get_channel();
+				if($channel && $channel['channel_address'])
+				$which = $channel['channel_address'];
+			}
+		}
+		if(! $which) {
+			notice( t('You must be logged in to see this page.') . EOL );
+			return;
+		}
+
+		$profile = 0;
+		$channel = \App::get_channel();
+
+		if((local_channel()) && (argc() > 2) && (argv(2) === 'view')) {
+			$which = $channel['channel_address'];
+			$profile = argv(1);		
+		}
+
+		\App::$page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" title="' . t('Posts and comments') . '" href="' . z_root() . '/feed/' . $which . '" />' . "\r\n" ;
+		\App::$page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" title="' . t('Only posts') . '" href="' . z_root() . '/feed/' . $which . '?top=1" />' . "\r\n" ;
+
+		// Not yet ready for prime time
+		//	\App::$page['htmlhead'] .= '<link rel="openid.server" href="' . z_root() . '/id/' . $which .'?f=" />' . "\r\n" ;
+		//	\App::$page['htmlhead'] .= '<link rel="openid.delegate" href="' . z_root() . '/channel/' . $which .'" />' . "\r\n" ;
+
+		// Run profile_load() here to make sure the theme is set before
+		// we start loading content
+
+		profile_load($which,$profile);
+
+	}
+
+	function get($update = 0, $load = false) {
+
+
+		if($load)
+			$_SESSION['loadtime'] = datetime_convert();
+
+		$checkjs = new \Zotlabs\Web\CheckJS(1);
+
+		$category = $datequery = $datequery2 = '';
+
+		$mid = ((x($_REQUEST,'mid')) ? $_REQUEST['mid'] : '');
+
+		$datequery = ((x($_GET,'dend') && is_a_date_arg($_GET['dend'])) ? notags($_GET['dend']) : '');
+		$datequery2 = ((x($_GET,'dbegin') && is_a_date_arg($_GET['dbegin'])) ? notags($_GET['dbegin']) : '');
+
+		if(observer_prohibited(true)) {			
+			return login();
+		}
+
+		$category = ((x($_REQUEST,'cat')) ? $_REQUEST['cat'] : '');
+		$hashtags = ((x($_REQUEST,'tag')) ? $_REQUEST['tag'] : '');
+
+		$groups = array();
+
+		$o = '';
+
+		if($update) {
+			// Ensure we've got a profile owner if updating.
+			\App::$profile['profile_uid'] = \App::$profile_uid = $update;
+		}
+		else {
+			if(\App::$profile['profile_uid'] == local_channel()) {
+				nav_set_selected('home');
+			}
+		}
+
+		$is_owner = (((local_channel()) && (\App::$profile['profile_uid'] == local_channel())) ? true : false);
+
+		$channel = \App::get_channel();
+		$observer = \App::get_observer();
+		$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
+
+		$perms = get_all_perms(\App::$profile['profile_uid'],$ob_hash);
+
+		if(! $perms['view_stream']) {
+			// We may want to make the target of this redirect configurable
+			if($perms['view_profile']) {
+				notice( t('Insufficient permissions.  Request redirected to profile page.') . EOL);
+				goaway (z_root() . "/profile/" . \App::$profile['channel_address']);
+			}
+			notice( t('Permission denied.') . EOL);
+			return;
+		}
+
+
+		if(! $update) {
+
+			$o .= profile_tabs($a, $is_owner, \App::$profile['channel_address']);
+
+			$o .= common_friends_visitor_widget(\App::$profile['profile_uid']);
+
+			if($channel && $is_owner) {
+				$channel_acl = array(
+					'allow_cid' => $channel['channel_allow_cid'], 
+					'allow_gid' => $channel['channel_allow_gid'], 
+					'deny_cid' => $channel['channel_deny_cid'], 
+					'deny_gid' => $channel['channel_deny_gid']
+				);
+			}
+			else
+				$channel_acl = array(); 
+
+
+			if($perms['post_wall']) {
+
+				$x = array(
+					'is_owner' => $is_owner,
+					'allow_location' => ((($is_owner || $observer) && (intval(get_pconfig(\App::$profile['profile_uid'],'system','use_browser_location')))) ? true : false),
+					'default_location' => (($is_owner) ? \App::$profile['channel_location'] : ''),
+					'nickname' => \App::$profile['channel_address'],
+					'lockstate' => (((strlen(\App::$profile['channel_allow_cid'])) || (strlen(\App::$profile['channel_allow_gid'])) || (strlen(\App::$profile['channel_deny_cid'])) || (strlen(\App::$profile['channel_deny_gid']))) ? 'lock' : 'unlock'),
+					'acl' => (($is_owner) ? populate_acl($channel_acl,true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post') : ''),
+					'showacl' => (($is_owner) ? 'yes' : ''),
+					'bang' => '',
+					'visitor' => (($is_owner || $observer) ? true : false),
+					'profile_uid' => \App::$profile['profile_uid'],
+					'editor_autocomplete' => true,
+					'bbco_autocomplete' => 'bbcode',
+					'bbcode' => true
+        		);
+
+        		$o .= status_editor($a,$x);
+			}
+
+		}
+
+
+		/**
+		 * Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups
+		 */
+
+		$item_normal = item_normal();
+		$sql_extra = item_permissions_sql(\App::$profile['profile_uid']);
+
+		if(get_pconfig(\App::$profile['profile_uid'],'system','channel_list_mode') && (! $mid))
+			$page_mode = 'list';
+		else
+			$page_mode = 'client';
+
+		$abook_uids = " and abook.abook_channel = " . intval(\App::$profile['profile_uid']) . " ";
+
+		$simple_update = (($update) ? " AND item_unseen = 1 " : '');
+
+		\App::$page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string) . '" title="oembed" />' . "\r\n";
+		
+		if($update && $_SESSION['loadtime'])
+			$simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' )  OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) ";
+		if($load)
+			$simple_update = '';
+
+		if(($update) && (! $load)) {
+
+			if($mid) {
+				$r = q("SELECT parent AS item_id from item where mid like '%s' and uid = %d $item_normal
+					AND item_wall = 1 AND item_unseen = 1 $sql_extra limit 1",
+					dbesc($mid . '%'),
+					intval(\App::$profile['profile_uid'])
+				);
+			} 
+			else {
+				$r = q("SELECT distinct parent AS `item_id`, created from item
+					left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids )
+					WHERE uid = %d $item_normal
+					AND item_wall = 1 $simple_update
+					AND (abook.abook_blocked = 0 or abook.abook_flags is null)
+					$sql_extra
+					ORDER BY created DESC",
+					intval(\App::$profile['profile_uid'])
+				);
+				$_SESSION['loadtime'] = datetime_convert();
+			}
+
+		}
+		else {
+
+			if(x($category)) {
+			        $sql_extra .= protect_sprintf(term_query('item', $category, TERM_CATEGORY));
+			}
+			if(x($hashtags)) {
+			        $sql_extra .= protect_sprintf(term_query('item', $hashtags, TERM_HASHTAG, TERM_COMMUNITYTAG));
+			}
+
+			if($datequery) {
+				$sql_extra2 .= protect_sprintf(sprintf(" AND item.created <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery))));
+			}
+			if($datequery2) {
+				$sql_extra2 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery2))));
+			}
+
+			$itemspage = get_pconfig(local_channel(),'system','itemspage');
+			\App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 20));
+			$pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(\App::$pager['itemspage']), intval(\App::$pager['start']));
+
+			if($load || ($checkjs->disabled())) {
+				if($mid) {
+					$r = q("SELECT parent AS item_id from item where mid = '%s' and uid = %d $item_normal
+						AND item_wall = 1 $sql_extra limit 1",
+						dbesc($mid),
+						intval(\App::$profile['profile_uid'])
+					);
+					if (! $r) {
+						notice( t('Permission denied.') . EOL);
+					}
+
+				} 
+				else {
+					$r = q("SELECT distinct id AS item_id, created FROM item 
+						left join abook on item.author_xchan = abook.abook_xchan
+						WHERE uid = %d $item_normal
+						AND item_wall = 1 and item_thread_top = 1
+						AND (abook_blocked = 0 or abook.abook_flags is null)
+						$sql_extra $sql_extra2
+						ORDER BY created DESC $pager_sql ",
+						intval(\App::$profile['profile_uid'])
+					);
+				}
+			}
+			else {
+				$r = array();
+			}
+		}
+
+		if($r) {
+
+			$parents_str = ids_to_querystr($r,'item_id');
+ 
+			$items = q("SELECT `item`.*, `item`.`id` AS `item_id` 
+				FROM `item`
+				WHERE `item`.`uid` = %d $item_normal
+				AND `item`.`parent` IN ( %s )
+				$sql_extra ",
+				intval(\App::$profile['profile_uid']),
+				dbesc($parents_str)
+			);
+
+			xchan_query($items);
+			$items = fetch_post_tags($items, true);
+			$items = conv_sort($items,'created');
+
+			if($load && $mid && (! count($items))) {
+				// This will happen if we don't have sufficient permissions
+				// to view the parent item (or the item itself if it is toplevel)
+				notice( t('Permission denied.') . EOL);
+			}
+
+		} 
+		else {
+			$items = array();
+		}
+
+		if((! $update) && (! $load)) {
+
+			// This is ugly, but we can't pass the profile_uid through the session to the ajax updater,
+			// because browser prefetching might change it on us. We have to deliver it with the page.
+
+			$maxheight = get_pconfig(\App::$profile['profile_uid'],'system','channel_divmore_height');
+			if(! $maxheight)
+				$maxheight = 400;
+
+			$o .= '<div id="live-channel"></div>' . "\r\n";
+			$o .= "<script> var profile_uid = " . \App::$profile['profile_uid'] 
+				. "; var netargs = '?f='; var profile_page = " . \App::$pager['page']
+				. "; divmore_height = " . intval($maxheight) . "; </script>\r\n";
+
+			\App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),array(
+				'$baseurl' => z_root(),
+				'$pgtype' => 'channel',
+				'$uid' => ((\App::$profile['profile_uid']) ? \App::$profile['profile_uid'] : '0'),
+				'$gid' => '0',
+				'$cid' => '0',
+				'$cmin' => '0',
+				'$cmax' => '0',
+				'$star' => '0',
+				'$liked' => '0',
+				'$conv' => '0',
+				'$spam' => '0',
+				'$nouveau' => '0',
+				'$wall' => '1',
+				'$fh' => '0',
+				'$page' => ((\App::$pager['page'] != 1) ? \App::$pager['page'] : 1),
+				'$search' => '',
+				'$order' => '',
+				'$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0),
+				'$file' => '',
+				'$cats' => (($category) ? $category : ''),
+				'$tags' => (($hashtags) ? $hashtags : ''),
+				'$mid' => $mid,
+				'$verb' => '',
+				'$dend' => $datequery,
+				'$dbegin' => $datequery2
+			));
+
+
+		}
+
+		$update_unseen = '';
+
+		if($page_mode === 'list') {
+
+			/**
+			 * in "list mode", only mark the parent item and any like activities as "seen". 
+			 * We won't distinguish between comment likes and post likes. The important thing
+			 * is that the number of unseen comments will be accurate. The SQL to separate the
+			 * comment likes could also get somewhat hairy. 
+			 */
+
+			if($parents_str) {
+				$update_unseen = " AND ( id IN ( " . dbesc($parents_str) . " )";
+				$update_unseen .= " OR ( parent IN ( " . dbesc($parents_str) . " ) AND verb in ( '" . dbesc(ACTIVITY_LIKE) . "','" . dbesc(ACTIVITY_DISLIKE) . "' ))) ";
+			}
+		}
+		else {
+			if($parents_str) {
+				$update_unseen = " AND parent IN ( " . dbesc($parents_str) . " )";
+			}
+		}
+
+		if($is_owner && $update_unseen) {
+			$r = q("UPDATE item SET item_unseen = 0 where item_unseen = 1 and item_wall = 1 AND uid = %d $update_unseen",
+				intval(local_channel())
+			);
+		}
+
+
+		if($checkjs->disabled()) {
+			$o .= conversation($a,$items,'channel',$update,'traditional');
+		} 
+		else {
+			$o .= conversation($a,$items,'channel',$update,$page_mode);
+		}
+
+		if((! $update) || ($checkjs->disabled())) {
+			$o .= alt_pager($a,count($items));
+			if ($mid && $items[0]['title'])
+				\App::$page['title'] = $items[0]['title'] . " - " . \App::$page['title'];
+		}
+
+		if($mid) 
+			$o .= '<div id="content-complete"></div>';
+
+		return $o;
+	}
+}

Zotlabs/Module/Chanview.php

@@ -0,0 +1,105 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/zot.php');
+
+class Chanview extends \Zotlabs\Web\Controller {
+
+	function get() {
+	
+		$observer = \App::get_observer();
+		$xchan = null;
+	
+		$r = null;
+	
+		if($_REQUEST['hash']) {
+			$r = q("select * from xchan where xchan_hash = '%s' limit 1",
+				dbesc($_REQUEST['hash'])
+			);
+		}
+		if($_REQUEST['address']) {
+			$r = q("select * from xchan where xchan_addr = '%s' limit 1",
+				dbesc($_REQUEST['address'])
+			);
+		}
+		elseif(local_channel() && intval($_REQUEST['cid'])) {
+			$r = q("SELECT abook.*, xchan.* 
+				FROM abook left join xchan on abook_xchan = xchan_hash
+				WHERE abook_channel = %d and abook_id = %d LIMIT 1",
+				intval(local_channel()),
+				intval($_REQUEST['cid'])
+			);
+		}	
+		elseif($_REQUEST['url']) {
+	
+			// if somebody re-installed they will have more than one xchan, use the most recent name date as this is
+			// the most useful consistently ascending table item we have. 
+	
+			$r = q("select * from xchan where xchan_url = '%s' order by xchan_name_date desc limit 1",
+				dbesc($_REQUEST['url'])
+			);
+		}
+		if($r) {
+			\App::$poi = $r[0];
+		}
+	
+	
+		// Here, let's see if we have an xchan. If we don't, how we proceed is determined by what
+		// info we do have. If it's a URL, we can offer to visit it directly. If it's a webbie or 
+		// address, we can and should try to import it. If it's just a hash, we can't continue, but we 
+		// probably wouldn't have a hash if we don't already have an xchan for this channel.
+	
+		if(! \App::$poi) {
+			logger('mod_chanview: fallback');
+			// This is hackish - construct a zot address from the url
+			if($_REQUEST['url']) {
+				if(preg_match('/https?\:\/\/(.*?)(\/channel\/|\/profile\/)(.*?)$/ism',$_REQUEST['url'],$matches)) {
+					$_REQUEST['address'] = $matches[3] . '@' . $matches[1];
+				}
+				logger('mod_chanview: constructed address ' . print_r($matches,true)); 
+			}
+	
+			if($_REQUEST['address']) {
+				$j = \Zotlabs\Zot\Finger::run($_REQUEST['address'],null);
+				if($j['success']) {
+					import_xchan($j);
+					$r = q("select * from xchan where xchan_addr = '%s' limit 1",
+						dbesc($_REQUEST['address'])
+					);
+					if($r)
+						\App::$poi = $r[0];
+				}
+			}
+		}
+	
+		if(! \App::$poi) {
+	//		We don't know who this is, and we can't figure it out from the URL
+	//		On the plus side, there's a good chance we know somebody else at that 
+	//		hub so sending them there with a Zid will probably work anyway.
+			$url = ($_REQUEST['url']);
+			if($observer)
+				$url = zid($url);
+		}
+	
+		if (\App::$poi) {
+		$url = \App::$poi['xchan_url'];
+		if($observer)
+			$url = zid($url);
+		}
+		// let somebody over-ride the iframed viewport presentation
+		// or let's just declare this a failed experiment.
+	
+	//	if((! local_channel()) || (get_pconfig(local_channel(),'system','chanview_full')))
+		
+		goaway($url);
+	
+	//	$o = replace_macros(get_markup_template('chanview.tpl'),array(
+	//		'$url' => $url,
+	//		'$full' => t('toggle full screen mode')
+	//	));
+	
+	//	return $o;
+	
+	}
+	
+}

Zotlabs/Module/Chat.php

@@ -0,0 +1,263 @@
+<?php /** @file */
+
+namespace Zotlabs\Module; 
+
+
+require_once('include/bookmarks.php');
+
+use \Zotlabs\Lib as Zlib;
+
+class Chat extends \Zotlabs\Web\Controller {
+
+	function init() {
+	
+		$which = null;
+		if(argc() > 1)
+			$which = argv(1);
+		if(! $which) {
+			if(local_channel()) {
+				$channel = \App::get_channel();
+				if($channel && $channel['channel_address'])
+				$which = $channel['channel_address'];
+			}
+		}
+		if(! $which) {
+			notice( t('You must be logged in to see this page.') . EOL );
+			return;
+		}
+	
+		$profile = 0;
+		$channel = \App::get_channel();
+	
+		if((local_channel()) && (argc() > 2) && (argv(2) === 'view')) {
+			$which = $channel['channel_address'];
+			$profile = argv(1);		
+		}
+	
+		\App::$page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . z_root() . '/feed/' . $which .'" />' . "\r\n" ;
+	
+		// Run profile_load() here to make sure the theme is set before
+		// we start loading content
+	
+		profile_load($which,$profile);
+	
+	}
+	
+	function post() {
+	
+		if($_POST['room_name'])
+			$room = strip_tags(trim($_POST['room_name']));	
+	
+		if((! $room) || (! local_channel()))
+			return;
+	
+		$channel = \App::get_channel();
+	
+	
+		if($_POST['action'] === 'drop') {
+			logger('delete chatroom');
+			Zlib\Chatroom::destroy($channel,array('cr_name' => $room));
+			goaway(z_root() . '/chat/' . $channel['channel_address']);
+		}
+	
+		$acl = new \Zotlabs\Access\AccessList($channel);
+		$acl->set_from_array($_REQUEST);
+	
+		$arr = $acl->get();
+		$arr['name'] = $room;
+		$arr['expire'] = intval($_POST['chat_expire']);
+		if(intval($arr['expire']) < 0)
+			$arr['expire'] = 0;
+	
+		Zlib\Chatroom::create($channel,$arr);
+	
+		$x = q("select * from chatroom where cr_name = '%s' and cr_uid = %d limit 1",
+			dbesc($room),
+			intval(local_channel())
+		);
+	
+		build_sync_packet(0, array('chatroom' => $x));
+	
+		if($x)
+			goaway(z_root() . '/chat/' . $channel['channel_address'] . '/' . $x[0]['cr_id']);
+	
+		// that failed. Try again perhaps?
+	
+		goaway(z_root() . '/chat/' . $channel['channel_address'] . '/new');
+	
+	
+	}
+	
+	
+	function get() {
+	
+		if(local_channel())
+			$channel = \App::get_channel();
+	
+		$ob = \App::get_observer();
+		$observer = get_observer_hash();
+		if(! $observer) {
+			notice( t('Permission denied.') . EOL);
+			return;
+		}
+	
+		if(! perm_is_allowed(\App::$profile['profile_uid'],$observer,'chat')) {
+			notice( t('Permission denied.') . EOL);
+			return;
+		}
+		
+		if((argc() > 3) && intval(argv(2)) && (argv(3) === 'leave')) {
+			Zlib\Chatroom::leave($observer,argv(2),$_SERVER['REMOTE_ADDR']);
+			goaway(z_root() . '/channel/' . argv(1));
+		}
+	
+	
+		if((argc() > 3) && intval(argv(2)) && (argv(3) === 'status')) {
+			$ret = array('success' => false);
+			$room_id = intval(argv(2));
+			if(! $room_id || ! $observer)
+				return;
+	
+			$r = q("select * from chatroom where cr_id = %d limit 1",
+				intval($room_id)
+			);
+			if(! $r) {
+				json_return_and_die($ret);
+			}
+			require_once('include/security.php');
+			$sql_extra = permissions_sql($r[0]['cr_uid']);
+	
+			$x = q("select * from chatroom where cr_id = %d and cr_uid = %d $sql_extra limit 1",
+				intval($room_id),
+				intval($r[0]['cr_uid'])
+			);
+			if(! $x) {
+				json_return_and_die($ret);
+			}
+			$y = q("select count(*) as total from chatpresence where cp_room = %d",
+				intval($room_id)
+			);
+			if($y) {
+				$ret['success'] = true;
+				$ret['chatroom'] = $r[0]['cr_name'];
+				$ret['inroom'] = $y[0]['total'];
+			}
+	
+			// figure out how to present a timestamp of the last activity, since we don't know the observer's timezone.
+	
+			$z = q("select created from chat where chat_room = %d order by created desc limit 1",
+				intval($room_id)
+			);
+			if($z) {
+				$ret['last'] = $z[0]['created'];
+			}
+			json_return_and_die($ret);
+		}
+	
+	
+		if(argc() > 2 && intval(argv(2))) {
+	
+			$room_id = intval(argv(2));
+			$bookmark_link = get_bookmark_link($ob);
+	
+			$x = Zlib\Chatroom::enter($observer,$room_id,'online',$_SERVER['REMOTE_ADDR']);
+			if(! $x)
+				return;
+			$x = q("select * from chatroom where cr_id = %d and cr_uid = %d $sql_extra limit 1",
+				intval($room_id),
+				intval(\App::$profile['profile_uid'])
+			);
+	
+			if($x) {
+				$acl = new \Zotlabs\Access\AccessList(false);
+				$acl->set($x[0]);
+	
+				$private = $acl->is_private();
+				$room_name = $x[0]['cr_name'];
+				if($bookmark_link)
+					$bookmark_link .= '&url=' . z_root() . '/chat/' . argv(1) . '/' . argv(2) . '&title=' . urlencode($x[0]['cr_name']) . (($private) ? '&private=1' : '') . '&ischat=1'; 
+			}
+			else {
+				notice( t('Room not found') . EOL);
+				return;
+			}
+	
+			$cipher = get_pconfig(local_channel(),'system','default_cipher');
+			if(! $cipher)
+				$cipher = 'aes256';
+	
+	
+			$o = replace_macros(get_markup_template('chat.tpl'),array(
+				'$is_owner' => ((local_channel() && local_channel() == $x[0]['cr_uid']) ? true : false),
+				'$room_name' => $room_name,
+				'$room_id' => $room_id,
+				'$baseurl' => z_root(),
+				'$nickname' => argv(1),
+				'$submit' => t('Submit'),
+				'$leave' => t('Leave Room'),
+				'$drop' => t('Delete Room'),
+				'$away' => t('I am away right now'),
+				'$online' => t('I am online'),
+				'$bookmark_link' => $bookmark_link,
+				'$bookmark' => t('Bookmark this room'),
+				'$feature_encrypt' => ((feature_enabled(local_channel(),'content_encrypt')) ? true : false),
+				'$cipher' => $cipher,
+				'$linkurl' => t('Please enter a link URL:'),
+				'$encrypt' => t('Encrypt text'),
+				'$insert' => t('Insert web link')
+			));
+			return $o;
+		}
+	
+	
+		require_once('include/conversation.php');
+	
+		$o = profile_tabs($a,((local_channel() && local_channel() == \App::$profile['profile_uid']) ? true : false),\App::$profile['channel_address']);
+	
+		if(! feature_enabled(\App::$profile['profile_uid'],'ajaxchat')) {
+			notice( t('Feature disabled.') . EOL);
+			return $o;
+		}
+	
+	
+		$acl = new \Zotlabs\Access\AccessList($channel);
+		$channel_acl = $acl->get();
+	
+		$lockstate = (($channel_acl['allow_cid'] || $channel_acl['allow_gid'] || $channel_acl['deny_cid'] || $channel_acl['deny_gid']) ? 'lock' : 'unlock');
+		require_once('include/acl_selectors.php');
+		
+		$chatroom_new = '';
+		if(local_channel()) {
+			$chatroom_new = replace_macros(get_markup_template('chatroom_new.tpl'),array(
+				'$header' => t('New Chatroom'),
+				'$name' => array('room_name',t('Chatroom name'),'', ''),
+				'$chat_expire' => array('chat_expire',t('Expiration of chats (minutes)'),120,''),
+				'$permissions' =>  t('Permissions'),
+				'$acl' => populate_acl($channel_acl,false),
+				'$lockstate' => $lockstate,
+				'$submit' => t('Submit')
+	
+			));
+		}
+	
+		$rooms = Zlib\Chatroom::roomlist(\App::$profile['profile_uid']);
+	
+		$o .= replace_macros(get_markup_template('chatrooms.tpl'), array(
+			'$header' => sprintf( t('%1$s\'s Chatrooms'), \App::$profile['fullname']),
+			'$name' => t('Name'),
+			'$baseurl' => z_root(),
+			'$nickname' => \App::$profile['channel_address'],
+			'$rooms' => $rooms,
+			'$norooms' => t('No chatrooms available'),
+			'$newroom' => t('Create New'),
+			'$is_owner' => ((local_channel() && local_channel() == \App::$profile['profile_uid']) ? 1 : 0),
+			'$chatroom_new' => $chatroom_new,
+			'$expire' => t('Expiration'),
+			'$expire_unit' => t('min') //minutes
+		));
+	 
+		return $o;
+	
+	}
+	
+}

Zotlabs/Module/Chatsvc.php

@@ -0,0 +1,170 @@
+<?php /** @file */
+
+namespace Zotlabs\Module; 
+
+require_once('include/security.php');
+
+use \Zotlabs\Lib as Zlib;
+
+class Chatsvc extends \Zotlabs\Web\Controller {
+
+	function init() {
+	
+		//logger('chatsvc');
+	
+		$ret = array('success' => false);
+	
+		\App::$data['chat']['room_id'] = intval($_REQUEST['room_id']);
+		$x = q("select cr_uid from chatroom where cr_id = %d and cr_id != 0 limit 1",
+			intval(\App::$data['chat']['room_id'])
+		);
+		if(! $x)
+			json_return_and_die($ret);
+	
+		\App::$data['chat']['uid'] = $x[0]['cr_uid'];
+	
+		if(! perm_is_allowed(\App::$data['chat']['uid'],get_observer_hash(),'chat')) {
+	        json_return_and_die($ret);
+	    }
+	
+	}
+	
+	function post() {
+	
+		$ret = array('success' => false);
+	
+		$room_id = \App::$data['chat']['room_id'];
+		$text = escape_tags($_REQUEST['chat_text']);
+		if(! $text)
+			return;
+	
+		$sql_extra = permissions_sql(\App::$data['chat']['uid']);
+	
+		$r = q("select * from chatroom where cr_uid = %d and cr_id = %d $sql_extra",
+			intval(\App::$data['chat']['uid']),
+			intval(\App::$data['chat']['room_id'])
+		);
+		if(! $r)
+			json_return_and_die($ret);
+	
+		$arr = array(
+			'chat_room' => \App::$data['chat']['room_id'],
+			'chat_xchan' => get_observer_hash(),
+			'chat_text' => $text
+		);
+	
+		call_hooks('chat_post',$arr);
+	
+		$x = q("insert into chat ( chat_room, chat_xchan, created, chat_text )
+			values( %d, '%s', '%s', '%s' )",
+			intval(\App::$data['chat']['room_id']),
+			dbesc(get_observer_hash()),
+			dbesc(datetime_convert()),
+			dbesc($arr['chat_text'])		
+		);
+	
+		$ret['success'] = true;
+		json_return_and_die($ret);
+	}
+	
+	function get() {
+	
+		$status = strip_tags($_REQUEST['status']);
+		$room_id = intval(\App::$data['chat']['room_id']);
+		$stopped = ((x($_REQUEST,'stopped') && intval($_REQUEST['stopped'])) ? true : false);
+	
+		if($status && $room_id) {
+	
+			$x = q("select channel_address from channel where channel_id = %d limit 1",
+				intval(\App::$data['chat']['uid'])
+			);			
+	
+			$r = q("update chatpresence set cp_status = '%s', cp_last = '%s' where cp_room = %d and cp_xchan = '%s' and cp_client = '%s'",
+				dbesc($status),
+				dbesc(datetime_convert()),
+				intval($room_id),
+				dbesc(get_observer_hash()),
+				dbesc($_SERVER['REMOTE_ADDR'])
+			);
+	
+			goaway(z_root() . '/chat/' . $x[0]['channel_address'] . '/' . $room_id);		
+		}
+	
+		if(! $stopped) {
+	
+			$lastseen = intval($_REQUEST['last']);
+	
+			$ret = array('success' => false);
+	
+			$sql_extra = permissions_sql(\App::$data['chat']['uid']);
+	
+			$r = q("select * from chatroom where cr_uid = %d and cr_id = %d $sql_extra",
+				intval(\App::$data['chat']['uid']),
+				intval(\App::$data['chat']['room_id'])
+			);
+			if(! $r)
+				json_return_and_die($ret);
+	
+			$inroom = array();
+	
+			$r = q("select * from chatpresence left join xchan on xchan_hash = cp_xchan where cp_room = %d order by xchan_name",
+				intval(\App::$data['chat']['room_id'])
+			);
+			if($r) {
+				foreach($r as $rr) {
+					switch($rr['cp_status']) {
+						case 'away':
+							$status = t('Away');
+							$status_class = 'away';
+							break;
+						case 'online':
+						default:
+							$status = t('Online');
+							$status_class = 'online';
+							break;
+					}
+		
+					$inroom[] = array('img' => zid($rr['xchan_photo_m']), 'img_type' => $rr['xchan_photo_mimetype'],'name' => $rr['xchan_name'], 'status' => $status, 'status_class' => $status_class);
+				}
+			}
+	
+			$chats = array();
+	
+			$r = q("select * from chat left join xchan on chat_xchan = xchan_hash where chat_room = %d and chat_id > %d order by created",
+				intval(\App::$data['chat']['room_id']),
+				intval($lastseen)
+			);
+			if($r) {
+				foreach($r as $rr) {
+					$chats[] = array(
+						'id' => $rr['chat_id'],
+						'img' => zid($rr['xchan_photo_m']), 
+						'img_type' => $rr['xchan_photo_mimetype'],
+						'name' => $rr['xchan_name'],
+						'isotime' => datetime_convert('UTC', date_default_timezone_get(), $rr['created'], 'c'),
+						'localtime' => datetime_convert('UTC', date_default_timezone_get(), $rr['created'], 'r'),
+						'text' => smilies(bbcode($rr['chat_text'])),
+						'self' => ((get_observer_hash() == $rr['chat_xchan']) ? 'self' : '')
+					);
+				}
+			}
+		}
+	
+		$r = q("update chatpresence set cp_last = '%s' where cp_room = %d and cp_xchan = '%s' and cp_client = '%s'",
+			dbesc(datetime_convert()),
+			intval(\App::$data['chat']['room_id']),
+			dbesc(get_observer_hash()),
+			dbesc($_SERVER['REMOTE_ADDR'])
+		);
+	
+		$ret['success'] = true;
+		if(! $stopped) {
+			$ret['inroom'] = $inroom;
+			$ret['chats'] = $chats;
+		}
+		json_return_and_die($ret);
+	
+	}
+			 
+	
+}

Zotlabs/Module/Cloud.php

@@ -0,0 +1,103 @@
+<?php
+namespace Zotlabs\Module;
+/**
+ * @file mod/cloud.php
+ * @brief Initialize Hubzilla's cloud (SabreDAV).
+ *
+ * Module for accessing the DAV storage area.
+ */
+
+use Sabre\DAV as SDAV;
+use \Zotlabs\Storage;
+
+// composer autoloader for SabreDAV
+require_once('vendor/autoload.php');
+
+require_once('include/attach.php');
+
+
+/**
+ * @brief Fires up the SabreDAV server.
+ *
+ * @param App &$a
+ */
+
+
+class Cloud extends \Zotlabs\Web\Controller {
+
+	function init() {
+	
+		if (! is_dir('store'))
+			os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false);
+	
+		$which = null;
+		if (argc() > 1)
+			$which = argv(1);
+	
+		$profile = 0;
+	
+		\App::$page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . z_root() . '/feed/' . $which . '" />' . "\r\n";
+	
+		if ($which)
+			profile_load( $which, $profile);
+	
+		$auth = new \Zotlabs\Storage\BasicAuth();
+	
+		$ob_hash = get_observer_hash();
+	
+		if ($ob_hash) {
+			if (local_channel()) {
+				$channel = \App::get_channel();
+				$auth->setCurrentUser($channel['channel_address']);
+				$auth->channel_id = $channel['channel_id'];
+				$auth->channel_hash = $channel['channel_hash'];
+				$auth->channel_account_id = $channel['channel_account_id'];
+				if($channel['channel_timezone'])
+					$auth->setTimezone($channel['channel_timezone']);
+			}
+			$auth->observer = $ob_hash;
+		}
+	
+		if ($_GET['davguest'])
+			$_SESSION['davguest'] = true;
+	
+		$_SERVER['QUERY_STRING'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['QUERY_STRING']);
+		$_SERVER['QUERY_STRING'] = strip_zids($_SERVER['QUERY_STRING']);
+		$_SERVER['QUERY_STRING'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism', '', $_SERVER['QUERY_STRING']);
+	
+		$_SERVER['REQUEST_URI'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['REQUEST_URI']);
+		$_SERVER['REQUEST_URI'] = strip_zids($_SERVER['REQUEST_URI']);
+		$_SERVER['REQUEST_URI'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism', '', $_SERVER['REQUEST_URI']);
+	
+		$rootDirectory = new \Zotlabs\Storage\Directory('/', $auth);
+	
+		// A SabreDAV server-object
+		$server = new SDAV\Server($rootDirectory);
+		// prevent overwriting changes each other with a lock backend
+		$lockBackend = new SDAV\Locks\Backend\File('store/[data]/locks');
+		$lockPlugin = new SDAV\Locks\Plugin($lockBackend);
+	
+		$server->addPlugin($lockPlugin);
+	
+		$is_readable = false;
+	
+		// provide a directory view for the cloud in Hubzilla
+		$browser = new \Zotlabs\Storage\Browser($auth);
+		$auth->setBrowserPlugin($browser);
+	
+		$server->addPlugin($browser);
+	
+		// Experimental QuotaPlugin
+	//	require_once('\Zotlabs\Storage/QuotaPlugin.php');
+	//	$server->addPlugin(new \Zotlabs\Storage\\QuotaPlugin($auth));
+	
+		ob_start();
+		// All we need to do now, is to fire up the server
+		$server->exec();
+
+		ob_end_flush();
+
+		killme();
+	}
+	
+}

Zotlabs/Module/Common.php

@@ -0,0 +1,73 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/socgraph.php');
+
+
+class Common extends \Zotlabs\Web\Controller {
+
+	function init() {
+	
+		if(argc() > 1 && intval(argv(1)))
+			$channel_id = intval(argv(1));
+		else {
+			notice( t('No channel.') . EOL );
+			\App::$error = 404;
+			return;
+		}
+	
+		$x = q("select channel_address from channel where channel_id = %d limit 1",
+			intval($channel_id)
+		);
+	
+		if($x)
+			profile_load($x[0]['channel_address'],0);
+	
+	}
+	
+		function get() {
+	
+		$o = '';
+	
+		if(! \App::$profile['profile_uid'])
+			return;
+	
+		$observer_hash = get_observer_hash();
+	
+	
+		if(! perm_is_allowed(\App::$profile['profile_uid'],$observer_hash,'view_contacts')) {
+			notice( t('Permission denied.') . EOL);
+			return;
+		}
+	
+		$o .= '<h2>' . t('Common connections') . '</h2>';
+	
+		$t = count_common_friends(\App::$profile['profile_uid'],$observer_hash);
+	
+		if(! $t) {
+			notice( t('No connections in common.') . EOL);
+			return $o;
+		}
+	
+		$r = common_friends(\App::$profile['profile_uid'],$observer_hash);
+	
+		if($r) {
+	
+			$tpl = get_markup_template('common_friends.tpl');
+	
+			foreach($r as $rr) {
+				$o .= replace_macros($tpl,array(
+					'$url'   => $rr['xchan_url'],
+					'$name'  => $rr['xchan_name'],
+					'$photo' => $rr['xchan_photo_m'],
+					'$tags'  => ''
+				));
+			}
+	
+			$o .= cleardiv();
+		}
+	
+		return $o;
+	}
+	
+}

Zotlabs/Module/Connect.php

@@ -0,0 +1,131 @@
+<?php
+namespace Zotlabs\Module; /** @file */
+
+
+
+require_once('include/contact_widgets.php');
+require_once('include/items.php');
+
+
+
+class Connect extends \Zotlabs\Web\Controller {
+
+	function init() {
+		if(argc() > 1)
+			$which = argv(1);
+		else {
+			notice( t('Requested profile is not available.') . EOL );
+			\App::$error = 404;
+			return;
+		}
+	
+		$r = q("select * from channel where channel_address = '%s' limit 1",
+			dbesc($which)
+		);
+	
+		if($r)
+			\App::$data['channel'] = $r[0];
+	
+		profile_load($which,'');
+	}
+	
+		function post() {
+	
+		if(! array_key_exists('channel', \App::$data))
+			return;
+	
+		$edit = ((local_channel() && (local_channel() == \App::$data['channel']['channel_id'])) ? true : false);
+	
+		if($edit) {
+			$has_premium = ((\App::$data['channel']['channel_pageflags'] & PAGE_PREMIUM) ? 1 : 0);
+			$premium = (($_POST['premium']) ? intval($_POST['premium']) : 0);
+			$text = escape_tags($_POST['text']);
+			
+			if($has_premium != $premium) {
+				$r = q("update channel set channel_pageflags = ( channel_pageflags %s %d ) where channel_id = %d",
+					db_getfunc('^'),
+					intval(PAGE_PREMIUM),
+					intval(local_channel()) 
+				);
+				
+				\Zotlabs\Daemon\Master::Summon(array('Notifier','refresh_all',\App::$data['channel']['channel_id']));
+			}
+			set_pconfig(\App::$data['channel']['channel_id'],'system','selltext',$text);
+			// reload the page completely to get fresh data
+			goaway(z_root() . '/' . \App::$query_string);
+	
+		}
+	
+		$url = '';
+		$observer = \App::get_observer();
+		if(($observer) && ($_POST['submit'] === t('Continue'))) {
+			if($observer['xchan_follow'])
+				$url = sprintf($observer['xchan_follow'],urlencode(\App::$data['channel']['channel_address'] . '@' . \App::get_hostname())); 
+			if(! $url) {
+				$r = q("select * from hubloc where hubloc_hash = '%s' order by hubloc_id desc limit 1",
+					dbesc($observer['xchan_hash'])
+				);
+				if($r)
+					$url = $r[0]['hubloc_url'] . '/follow?f=&url=' . urlencode(\App::$data['channel']['channel_address'] . '@' . \App::get_hostname()); 
+			}
+		}
+		if($url)
+			goaway($url . '&confirm=1');
+		else
+			notice('Unable to connect to your home hub location.');
+	
+	}
+	
+	
+	
+		function get() {
+	
+		$edit = ((local_channel() && (local_channel() == \App::$data['channel']['channel_id'])) ? true : false);
+	
+		$text = get_pconfig(\App::$data['channel']['channel_id'],'system','selltext');
+	
+		if($edit) {
+	
+			$o = replace_macros(get_markup_template('sellpage_edit.tpl'),array(
+				'$header' => t('Premium Channel Setup'),
+				'$address' => \App::$data['channel']['channel_address'],
+				'$premium' => array('premium', t('Enable premium channel connection restrictions'),((\App::$data['channel']['channel_pageflags'] & PAGE_PREMIUM) ? '1' : ''),''),
+				'$lbl_about' => t('Please enter your restrictions or conditions, such as paypal receipt, usage guidelines, etc.'),
+	 			'$text' => $text,
+				'$desc' => t('This channel may require additional steps or acknowledgement of the following conditions prior to connecting:'),
+				'$lbl2' => t('Potential connections will then see the following text before proceeding:'),
+				'$desc2' => t('By continuing, I certify that I have complied with any instructions provided on this page.'),
+				'$submit' => t('Submit'),
+	
+	
+			));
+			return $o;
+		}
+		else {
+			if(! $text)
+				$text = t('(No specific instructions have been provided by the channel owner.)');
+	
+			$submit = replace_macros(get_markup_template('sellpage_submit.tpl'), array(
+				'$continue' => t('Continue'),			
+				'$address' => \App::$data['channel']['channel_address']
+			));
+	
+			$o = replace_macros(get_markup_template('sellpage_view.tpl'),array(
+				'$header' => t('Restricted or Premium Channel'),
+				'$desc' => t('This channel may require additional steps or acknowledgement of the following conditions prior to connecting:'),
+				'$text' => prepare_text($text), 
+	
+				'$desc2' => t('By continuing, I certify that I have complied with any instructions provided on this page.'),
+				'$submit' => $submit,
+	
+			));
+	
+			$arr = array('channel' => \App::$data['channel'],'observer' => \App::get_observer(), 'sellpage' => $o, 'submit' => $submit);
+			call_hooks('connect_premium', $arr);
+			$o = $arr['sellpage'];
+	
+		}
+	
+		return $o;
+	}
+}

Zotlabs/Module/Connections.php

@@ -0,0 +1,324 @@
+<?php
+namespace Zotlabs\Module;
+
+
+require_once('include/socgraph.php');
+require_once('include/selectors.php');
+require_once('include/group.php');
+require_once('include/contact_widgets.php');
+require_once('include/zot.php');
+require_once('include/widgets.php');
+
+
+class Connections extends \Zotlabs\Web\Controller {
+
+	function init() {
+	
+		if(! local_channel())
+			return;
+	
+		$channel = \App::get_channel();
+		if($channel)
+			head_set_icon($channel['xchan_photo_s']);
+	
+	}
+	
+		function get() {
+	
+		$sort_type = 0;
+		$o = '';
+	
+	
+		if(! local_channel()) {
+			notice( t('Permission denied.') . EOL);
+			return login();
+		}
+	
+		$blocked     = false;
+		$hidden      = false;
+		$ignored     = false;
+		$archived    = false;
+		$unblocked   = false;
+		$pending     = false;
+		$unconnected = false;
+		$all         = false;
+	
+		if(! $_REQUEST['aj'])
+			$_SESSION['return_url'] = \App::$query_string;
+	
+		$search_flags = '';
+		$head = '';
+	
+		if(argc() == 2) {
+			switch(argv(1)) {
+				case 'blocked':
+					$search_flags = " and abook_blocked = 1 ";
+					$head = t('Blocked');
+					$blocked = true;
+					break;
+				case 'ignored':
+					$search_flags = " and abook_ignored = 1 ";
+					$head = t('Ignored');
+					$ignored = true;
+					break;
+				case 'hidden':
+					$search_flags = " and abook_hidden = 1 ";
+					$head = t('Hidden');
+					$hidden = true;
+					break;
+				case 'archived':
+					$search_flags = " and abook_archived = 1 ";
+					$head = t('Archived');
+					$archived = true;
+					break;
+				case 'pending':
+					$search_flags = " and abook_pending = 1 ";
+					$head = t('New');
+					$pending = true;
+					nav_set_selected('intros');
+					break;
+				case 'ifpending':
+					$r = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and abook_pending = 1 and abook_self = 0 and abook_ignored = 0 and xchan_deleted = 0 and xchan_orphan = 0 ",
+						intval(local_channel())
+					);
+					if($r && $r[0]['total']) {
+						$search_flags = " and abook_pending = 1 ";
+						$head = t('New');
+						$pending = true;
+						nav_set_selected('intros');
+						\App::$argv[1] = 'pending';
+					}
+					else {
+						$head = t('All');
+						$search_flags = '';
+						$all = true;
+						\App::$argc = 1;
+						unset(\App::$argv[1]);
+					}
+					nav_set_selected('intros');
+					break;
+	//			case 'unconnected':
+	//				$search_flags = " and abook_unconnected = 1 ";
+	//				$head = t('Unconnected');
+	//				$unconnected = true;
+	//				break;
+	
+				case 'all':
+					$head = t('All');
+				default:
+					$search_flags = '';
+					$all = true;
+					break;
+	
+			}
+	
+			$sql_extra = $search_flags;
+			if(argv(1) === 'pending')
+				$sql_extra .= " and abook_ignored = 0 ";
+	
+		}
+		else {
+			$sql_extra = " and abook_blocked = 0 ";
+			$unblocked = true;
+		}
+	
+		$search = ((x($_REQUEST,'search')) ? notags(trim($_REQUEST['search'])) : '');
+	
+		$tabs = array(
+			/*
+			array(
+				'label' => t('Suggestions'),
+				'url'   => z_root() . '/suggest', 
+				'sel'   => '',
+				'title' => t('Suggest new connections'),
+			),
+			*/
+	
+			'pending' => array(
+				'label' => t('New Connections'),
+				'url'   => z_root() . '/connections/pending', 
+				'sel'   => ($pending) ? 'active' : '',
+				'title' => t('Show pending (new) connections'),
+			),
+	
+			'all' => array(
+				'label' => t('All Connections'),
+				'url'   => z_root() . '/connections/all', 
+				'sel'   => ($all) ? 'active' : '',
+				'title' => t('Show all connections'),
+			),
+	
+			/*
+			array(
+				'label' => t('Unblocked'),
+				'url'   => z_root() . '/connections',
+				'sel'   => (($unblocked) && (! $search) && (! $nets)) ? 'active' : '',
+				'title' => t('Only show unblocked connections'),
+			),
+			*/
+	
+			'blocked' => array(
+				'label' => t('Blocked'),
+				'url'   => z_root() . '/connections/blocked',
+				'sel'   => ($blocked) ? 'active' : '',
+				'title' => t('Only show blocked connections'),
+			),
+	
+			'ignored' => array(
+				'label' => t('Ignored'),
+				'url'   => z_root() . '/connections/ignored',
+				'sel'   => ($ignored) ? 'active' : '',
+				'title' => t('Only show ignored connections'),
+			),
+	
+			'archived' => array(
+				'label' => t('Archived'),
+				'url'   => z_root() . '/connections/archived',
+				'sel'   => ($archived) ? 'active' : '',
+				'title' => t('Only show archived connections'),
+			),
+	
+			'hidden' => array(
+				'label' => t('Hidden'),
+				'url'   => z_root() . '/connections/hidden',
+				'sel'   => ($hidden) ? 'active' : '',
+				'title' => t('Only show hidden connections'),
+			),
+	
+	//		array(
+	//			'label' => t('Unconnected'),
+	//			'url'   => z_root() . '/connections/unconnected',
+	//			'sel'   => ($unconnected) ? 'active' : '',
+	//			'title' => t('Only show one-way connections'),
+	//		),
+	
+	
+		);
+	
+		//$tab_tpl = get_markup_template('common_tabs.tpl');
+		//$t = replace_macros($tab_tpl, array('$tabs'=>$tabs));
+	
+		$searching = false;
+		if($search) {
+			$search_hdr = $search;
+			$search_txt = dbesc(protect_sprintf(preg_quote($search)));
+			$searching = true;
+		}
+		$sql_extra .= (($searching) ? protect_sprintf(" AND xchan_name like '%$search_txt%' ") : "");
+	
+		if($_REQUEST['gid']) {
+			$sql_extra .= " and xchan_hash in ( select xchan from group_member where gid = " . intval($_REQUEST['gid']) . " and uid = " . intval(local_channel()) . " ) ";
+		}
+	 	
+		$r = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash 
+			where abook_channel = %d and abook_self = 0 and xchan_deleted = 0 and xchan_orphan = 0 $sql_extra $sql_extra2 ",
+			intval(local_channel())
+		);
+		if($r) {
+			\App::set_pager_total($r[0]['total']);
+			$total = $r[0]['total'];
+		}
+	
+		$r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash
+			WHERE abook_channel = %d and abook_self = 0 and xchan_deleted = 0 and xchan_orphan = 0 $sql_extra $sql_extra2 ORDER BY xchan_name LIMIT %d OFFSET %d ",
+			intval(local_channel()),
+			intval(\App::$pager['itemspage']),
+			intval(\App::$pager['start'])
+		);
+	
+		$contacts = array();
+	
+		if(count($r)) {
+	
+			foreach($r as $rr) {
+				if($rr['xchan_url']) {
+	
+					$status_str = '';
+					$status = array(
+						((intval($rr['abook_pending'])) ? t('Pending approval') : ''),
+						((intval($rr['abook_archived'])) ? t('Archived') : ''),
+						((intval($rr['abook_hidden'])) ? t('Hidden') : ''),
+						((intval($rr['abook_ignored'])) ? t('Ignored') : ''),
+						((intval($rr['abook_blocked'])) ? t('Blocked') : '')
+					);
+	
+					foreach($status as $str) {
+						if(!$str)
+							continue;
+						$status_str .= $str;
+						$status_str .= ', ';
+					}
+					$status_str = rtrim($status_str, ', ');
+	
+					$contacts[] = array(
+						'img_hover' => sprintf( t('%1$s [%2$s]'),$rr['xchan_name'],$rr['xchan_url']),
+						'edit_hover' => t('Edit connection'),
+						'delete_hover' => t('Delete connection'),
+						'id' => $rr['abook_id'],
+						'thumb' => $rr['xchan_photo_m'], 
+						'name' => $rr['xchan_name'],
+						'classes' => (intval($rr['abook_archived']) ? 'archived' : ''),
+						'link' => z_root() . '/connedit/' . $rr['abook_id'],
+						'deletelink' => z_root() . '/connedit/' . intval($rr['abook_id']) . '/drop',
+						'delete' => t('Delete'),
+						'url' => chanlink_url($rr['xchan_url']),
+						'webbie_label' => t('Channel address'),
+						'webbie' => $rr['xchan_addr'],
+						'network_label' => t('Network'),
+						'network' => network_to_name($rr['xchan_network']),
+						'public_forum' => ((intval($rr['xchan_pubforum'])) ? true : false),
+						'status_label' => t('Status'),
+						'status' => $status_str,
+						'connected_label' => t('Connected'),
+						'connected' => datetime_convert('UTC',date_default_timezone_get(),$rr['abook_created'], 'c'),
+						'approve_hover' => t('Approve connection'),
+						'approve' => (($rr['abook_pending']) ? t('Approve') : false),
+						'ignore_hover' => t('Ignore connection'),
+						'ignore' => ((! $rr['abook_ignored']) ? t('Ignore') : false),
+						'recent_label' => t('Recent activity'),
+						'recentlink' => z_root() . '/network/?f=&cid=' . intval($rr['abook_id'])
+					);
+				}
+			}
+		}
+		
+	
+		if($_REQUEST['aj']) {
+			if($contacts) {
+				$o = replace_macros(get_markup_template('contactsajax.tpl'),array(
+					'$contacts' => $contacts,
+					'$edit' => t('Edit'),
+				));
+			}
+			else {
+				$o = '<div id="content-complete"></div>';
+			}
+			echo $o;
+			killme();
+		}
+		else {
+			$o .= "<script> var page_query = '" . $_GET['q'] . "'; var extra_args = '" . extra_query_args() . "' ; </script>";
+			$o .= replace_macros(get_markup_template('connections.tpl'),array(
+				'$header' => t('Connections') . (($head) ? ': ' . $head : ''),
+				'$tabs' => $tabs,
+				'$total' => $total,
+				'$search' => $search_hdr,
+				'$label' => t('Search'),
+				'$desc' => t('Search your connections'),
+				'$finding' => (($searching) ? t('Connections search') . ": '" . $search . "'" : ""),
+				'$submit' => t('Find'),
+				'$edit' => t('Edit'),
+				'$cmd' => \App::$cmd,
+				'$contacts' => $contacts,
+				'$paginate' => paginate($a),
+	
+			)); 
+		}
+	
+		if(! $contacts)
+			$o .= '<div id="content-complete"></div>';
+	
+		return $o;
+	}
+	
+}

Zotlabs/Module/Connedit.php

@@ -0,0 +1,766 @@
+<?php
+namespace Zotlabs\Module;
+
+/* @file connedit.php
+ * @brief In this file the connection-editor form is generated and evaluated.
+ *
+ *
+ */
+
+
+require_once('include/socgraph.php');
+require_once('include/selectors.php');
+require_once('include/group.php');
+require_once('include/contact_widgets.php');
+require_once('include/zot.php');
+require_once('include/widgets.php');
+require_once('include/photos.php');
+
+
+class Connedit extends \Zotlabs\Web\Controller {
+
+	/* @brief Initialize the connection-editor
+	 *
+	 *
+	 */
+
+	function init() {
+	
+		if(! local_channel())
+			return;
+	
+		if((argc() >= 2) && intval(argv(1))) {
+			$r = q("SELECT abook.*, xchan.*
+				FROM abook left join xchan on abook_xchan = xchan_hash
+				WHERE abook_channel = %d and abook_id = %d LIMIT 1",
+				intval(local_channel()),
+				intval(argv(1))
+			);
+			if($r) {
+				\App::$poi = $r[0];
+			}
+		}
+	
+		$channel = \App::get_channel();
+		if($channel)
+			head_set_icon($channel['xchan_photo_s']);
+	
+	}
+	
+	/* @brief Evaluate posted values and set changes
+	 *
+	 */
+	
+	function post() {
+	
+		if(! local_channel())
+			return;
+	
+		$contact_id = intval(argv(1));
+		if(! $contact_id)
+			return;
+	
+		$channel = \App::get_channel();
+	
+		// TODO if configured for hassle-free permissions, we'll post the form with ajax as soon as the
+		// connection enable is toggled to a special autopost url and set permissions immediately, leaving
+		// the other form elements alone pending a manual submit of the form. The downside is that there
+		// will be a window of opportunity when the permissions have been set but before you've had a chance
+		// to review and possibly restrict them. The upside is we won't have to warn you that your connection
+		// can't do anything until you save the bloody form.
+	
+		$autopost = (((argc() > 2) && (argv(2) === 'auto')) ? true : false);
+	
+		$orig_record = q("SELECT * FROM abook WHERE abook_id = %d AND abook_channel = %d LIMIT 1",
+			intval($contact_id),
+			intval(local_channel())
+		);
+	
+		if(! $orig_record) {
+			notice( t('Could not access contact record.') . EOL);
+			goaway(z_root() . '/connections');
+			return; // NOTREACHED
+		}
+	
+		call_hooks('contact_edit_post', $_POST);
+	
+		if(intval($orig_record[0]['abook_self'])) {
+			$autoperms = intval($_POST['autoperms']);
+			$is_self = true;
+		}
+		else {
+			$autoperms = null;
+			$is_self = false;
+		}
+	
+	
+		$profile_id = $_POST['profile_assign'];
+		if($profile_id) {
+			$r = q("SELECT profile_guid FROM profile WHERE profile_guid = '%s' AND `uid` = %d LIMIT 1",
+				dbesc($profile_id),
+				intval(local_channel())
+			);
+			if(! count($r)) {
+				notice( t('Could not locate selected profile.') . EOL);
+				return;
+			}
+		}
+	
+		$abook_incl = escape_tags($_POST['abook_incl']);
+		$abook_excl = escape_tags($_POST['abook_excl']);
+	
+		$hidden = intval($_POST['hidden']);
+	
+		$priority = intval($_POST['poll']);
+		if($priority > 5 || $priority < 0)
+			$priority = 0;
+	
+		$closeness = intval($_POST['closeness']);
+		if($closeness < 0)
+			$closeness = 99;
+	
+		$rating = intval($_POST['rating']);
+		if($rating < (-10))
+			$rating = (-10);
+		if($rating > 10)
+			$rating = 10;
+	
+		$rating_text = trim(escape_tags($_REQUEST['rating_text']));
+	
+		$abook_my_perms = 0;
+	
+		foreach($_POST as $k => $v) {
+			if(strpos($k,'perms_') === 0) {
+				$abook_my_perms += $v;
+			}
+		}
+	
+		$new_friend = false;
+	
+		if(! $is_self) {
+	
+			$signed = $orig_record[0]['abook_xchan'] . '.' . $rating . '.' . $rating_text;
+	
+			$sig = base64url_encode(rsa_sign($signed,$channel['channel_prvkey']));
+	
+			$z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1",
+				dbesc($channel['channel_hash']),
+				dbesc($orig_record[0]['abook_xchan'])
+			);
+	
+			if($z) {
+				$record = $z[0]['xlink_id'];
+				$w = q("update xlink set xlink_rating = '%d', xlink_rating_text = '%s', xlink_sig = '%s', xlink_updated = '%s'
+					where xlink_id = %d",
+					intval($rating),
+					dbesc($rating_text),
+					dbesc($sig),
+					dbesc(datetime_convert()),
+					intval($record)
+				);
+			}
+			else {
+				$w = q("insert into xlink ( xlink_xchan, xlink_link, xlink_rating, xlink_rating_text, xlink_sig, xlink_updated, xlink_static ) values ( '%s', '%s', %d, '%s', '%s', '%s', 1 ) ",
+					dbesc($channel['channel_hash']),
+					dbesc($orig_record[0]['abook_xchan']),
+					intval($rating),
+					dbesc($rating_text),
+					dbesc($sig),
+					dbesc(datetime_convert())
+				);
+				$z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1",
+					dbesc($channel['channel_hash']),
+					dbesc($orig_record[0]['abook_xchan'])
+				);
+				if($z)
+					$record = $z[0]['xlink_id'];
+			}
+			if($record) {
+				\Zotlabs\Daemon\Master::Summon(array('Ratenotif','rating',$record));
+			}
+		}
+	
+		if(($_REQUEST['pending']) && intval($orig_record[0]['abook_pending'])) {
+			$new_friend = true;
+	
+			// @fixme it won't be common, but when you accept a new connection request
+			// the permissions will now be that of your permissions role and ignore
+			// any you may have set manually on the form. We'll probably see a bug if somebody
+			// tries to set the permissions *and* approve the connection in the same
+			// request. The workaround is to approve the connection, then go back and
+			// adjust permissions as desired.
+	
+			$abook_my_perms = get_channel_default_perms(local_channel());
+	
+			$role = get_pconfig(local_channel(),'system','permissions_role');
+			if($role) {
+				$x = get_role_perms($role);
+				if($x['perms_accept'])
+					$abook_my_perms = $x['perms_accept'];
+			}
+		}
+	
+		$abook_pending = (($new_friend) ? 0 : $orig_record[0]['abook_pending']);
+	
+		$r = q("UPDATE abook SET abook_profile = '%s', abook_my_perms = %d , abook_closeness = %d, abook_pending = %d,
+			abook_incl = '%s', abook_excl = '%s'
+			where abook_id = %d AND abook_channel = %d",
+			dbesc($profile_id),
+			intval($abook_my_perms),
+			intval($closeness),
+			intval($abook_pending),
+			dbesc($abook_incl),
+			dbesc($abook_excl),
+			intval($contact_id),
+			intval(local_channel())
+		);
+	
+		if($orig_record[0]['abook_profile'] != $profile_id) {
+			//Update profile photo permissions
+	
+			logger('A new profile was assigned - updating profile photos');
+			profile_photo_set_profile_perms(local_channel(),$profile_id);
+	
+		}
+	
+		if($r)
+			info( t('Connection updated.') . EOL);
+		else
+			notice( t('Failed to update connection record.') . EOL);
+	
+		if(\App::$poi && \App::$poi['abook_my_perms'] != $abook_my_perms
+			&& (! intval(\App::$poi['abook_self']))) {
+			\Zotlabs\Daemon\Master::Summon(array('Notifier', (($new_friend) ? 'permission_create' : 'permission_update'), $contact_id));
+		}
+	
+		if($new_friend) {
+			$default_group = $channel['channel_default_group'];
+			if($default_group) {
+				require_once('include/group.php');
+				$g = group_rec_byhash(local_channel(),$default_group);
+				if($g)
+					group_add_member(local_channel(),'',\App::$poi['abook_xchan'],$g['id']);
+			}
+	
+			// Check if settings permit ("post new friend activity" is allowed, and
+			// friends in general or this friend in particular aren't hidden)
+			// and send out a new friend activity
+	
+			$pr = q("select * from profile where uid = %d and is_default = 1 and hide_friends = 0",
+				intval($channel['channel_id'])
+			);
+			if(($pr) && (! intval($orig_record[0]['abook_hidden'])) && (intval(get_pconfig($channel['channel_id'],'system','post_newfriend')))) {
+				$xarr = array();
+				$xarr['verb'] = ACTIVITY_FRIEND;
+				$xarr['item_wall'] = 1;
+				$xarr['item_origin'] = 1;
+				$xarr['item_thread_top'] = 1;
+				$xarr['owner_xchan'] = $xarr['author_xchan'] = $channel['channel_hash'];
+				$xarr['allow_cid'] = $channel['channel_allow_cid'];
+				$xarr['allow_gid'] = $channel['channel_allow_gid'];
+				$xarr['deny_cid'] = $channel['channel_deny_cid'];
+				$xarr['deny_gid'] = $channel['channel_deny_gid'];
+				$xarr['item_private'] = (($xarr['allow_cid']||$xarr['allow_gid']||$xarr['deny_cid']||$xarr['deny_gid']) ? 1 : 0);
+				$obj = array(
+					'type' => ACTIVITY_OBJ_PERSON,
+					'title' => \App::$poi['xchan_name'],
+					'id' => \App::$poi['xchan_hash'],
+					'link' => array(
+						array('rel' => 'alternate', 'type' => 'text/html', 'href' => \App::$poi['xchan_url']),
+						array('rel' => 'photo', 'type' => \App::$poi['xchan_photo_mimetype'], 'href' => \App::$poi['xchan_photo_l'])
+	       			),
+	   			);
+				$xarr['obj'] = json_encode($obj);
+				$xarr['obj_type'] = ACTIVITY_OBJ_PERSON;
+	
+				$xarr['body'] = '[zrl=' . $channel['xchan_url'] . ']' . $channel['xchan_name'] . '[/zrl]' . ' ' . t('is now connected to') . ' ' . '[zrl=' . \App::$poi['xchan_url'] . ']' . \App::$poi['xchan_name'] . '[/zrl]';
+	
+				$xarr['body'] .= "\n\n\n" . '[zrl=' . \App::$poi['xchan_url'] . '][zmg=80x80]' . \App::$poi['xchan_photo_m'] . '[/zmg][/zrl]';
+	
+				post_activity_item($xarr);
+	
+			}
+	
+	
+			// pull in a bit of content if there is any to pull in
+			\Zotlabs\Daemon\Master::Summon(array('Onepoll',$contact_id));
+	
+		}
+	
+		// Refresh the structure in memory with the new data
+	
+		$r = q("SELECT abook.*, xchan.*
+			FROM abook left join xchan on abook_xchan = xchan_hash
+			WHERE abook_channel = %d and abook_id = %d LIMIT 1",
+			intval(local_channel()),
+			intval($contact_id)
+		);
+		if($r) {
+			\App::$poi = $r[0];
+		}
+	
+		if($new_friend) {
+			$arr = array('channel_id' => local_channel(), 'abook' => \App::$poi);
+			call_hooks('accept_follow', $arr);
+		}
+	
+		if(! is_null($autoperms))
+			set_pconfig(local_channel(),'system','autoperms',(($autoperms) ? $abook_my_perms : 0));
+	
+		$this->connedit_clone($a);
+	
+		if(($_REQUEST['pending']) && (!$_REQUEST['done']))
+			goaway(z_root() . '/connections/ifpending');
+	
+		return;
+	
+	}
+	
+	/* @brief Clone connection
+	 *
+	 *
+	 */
+	
+	function connedit_clone(&$a) {
+	
+			if(! \App::$poi)
+				return;
+	
+	
+			$channel = \App::get_channel();
+	
+			$r = q("SELECT abook.*, xchan.*
+				FROM abook left join xchan on abook_xchan = xchan_hash
+				WHERE abook_channel = %d and abook_id = %d LIMIT 1",
+				intval(local_channel()),
+				intval(\App::$poi['abook_id'])
+			);
+			if($r) {
+				\App::$poi = $r[0];
+			}
+	
+			$clone = \App::$poi;
+	
+			unset($clone['abook_id']);
+			unset($clone['abook_account']);
+			unset($clone['abook_channel']);
+	
+			$abconfig = load_abconfig($channel['channel_id'],$clone['abook_xchan']);
+			if($abconfig)
+				$clone['abconfig'] = $abconfig;
+	
+			build_sync_packet(0 /* use the current local_channel */, array('abook' => array($clone)));
+	}
+	
+	/* @brief Generate content of connection edit page
+	 *
+	 *
+	 */
+	
+	function get() {
+	
+		$sort_type = 0;
+		$o = '';
+	
+		if(! local_channel()) {
+			notice( t('Permission denied.') . EOL);
+			return login();
+		}
+	
+		$channel = \App::get_channel();
+		$my_perms = get_channel_default_perms(local_channel());
+		$role = get_pconfig(local_channel(),'system','permissions_role');
+		if($role) {
+			$x = get_role_perms($role);
+			if($x['perms_accept'])
+				$my_perms = $x['perms_accept'];
+		}
+	
+		$yes_no = array(t('No'),t('Yes'));
+	
+		if($my_perms) {
+			$o .= "<script>function connectDefaultShare() {
+			\$('.abook-edit-me').each(function() {
+				if(! $(this).is(':disabled'))
+					$(this).prop('checked', false);
+			});\n\n";
+			$perms = get_perms();
+			foreach($perms as $p => $v) {
+				if($my_perms & $v[1]) {
+					$o .= "\$('#me_id_perms_" . $p . "').prop('checked', true); \n";
+				}
+			}
+			$o .= " }\n</script>\n";
+		}
+	
+		if(argc() == 3) {
+	
+			$contact_id = intval(argv(1));
+			if(! $contact_id)
+				return;
+	
+			$cmd = argv(2);
+	
+			$orig_record = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash
+				WHERE abook_id = %d AND abook_channel = %d AND abook_self = 0 LIMIT 1",
+				intval($contact_id),
+				intval(local_channel())
+			);
+	
+			if(! count($orig_record)) {
+				notice( t('Could not access address book record.') . EOL);
+				goaway(z_root() . '/connections');
+			}
+	
+			if($cmd === 'update') {
+				// pull feed and consume it, which should subscribe to the hub.
+				\Zotlabs\Daemon\Master::Summon(array('Poller',$contact_id));
+				goaway(z_root() . '/connedit/' . $contact_id);
+	
+			}
+			if($cmd === 'resetphoto') {
+				q("update xchan set xchan_photo_date = '2001-01-01 00:00:00' where xchan_hash = '%s' limit 1",
+					dbesc($orig_record[0]['xchan_hash'])
+				);
+				$cmd = 'refresh';
+			}	
+
+			if($cmd === 'refresh') {
+				if($orig_record[0]['xchan_network'] === 'zot') {
+					if(! zot_refresh($orig_record[0],\App::get_channel()))
+						notice( t('Refresh failed - channel is currently unavailable.') );
+				}
+				else {
+	
+					// if you are on a different network we'll force a refresh of the connection basic info
+					\Zotlabs\Daemon\Master::Summon(array('Notifier','permission_update',$contact_id));
+				}
+				goaway(z_root() . '/connedit/' . $contact_id);
+			}
+	
+			if($cmd === 'block') {
+				if(abook_toggle_flag($orig_record[0],ABOOK_FLAG_BLOCKED)) {
+					$this->connedit_clone($a);
+				}
+				else
+					notice(t('Unable to set address book parameters.') . EOL);
+				goaway(z_root() . '/connedit/' . $contact_id);
+			}
+	
+			if($cmd === 'ignore') {
+				if(abook_toggle_flag($orig_record[0],ABOOK_FLAG_IGNORED)) {
+					$this->connedit_clone($a);
+				}
+				else
+					notice(t('Unable to set address book parameters.') . EOL);
+				goaway(z_root() . '/connedit/' . $contact_id);
+			}
+	
+			if($cmd === 'archive') {
+				if(abook_toggle_flag($orig_record[0],ABOOK_FLAG_ARCHIVED)) {
+					$this->connedit_clone($a);
+				}
+				else
+					notice(t('Unable to set address book parameters.') . EOL);
+				goaway(z_root() . '/connedit/' . $contact_id);
+			}
+	
+			if($cmd === 'hide') {
+				if(abook_toggle_flag($orig_record[0],ABOOK_FLAG_HIDDEN)) {
+					$this->connedit_clone($a);
+				}
+				else
+					notice(t('Unable to set address book parameters.') . EOL);
+				goaway(z_root() . '/connedit/' . $contact_id);
+			}
+	
+			// We'll prevent somebody from unapproving an already approved contact.
+			// Though maybe somebody will want this eventually (??)
+	
+			if($cmd === 'approve') {
+				if(intval($orig_record[0]['abook_pending'])) {
+					if(abook_toggle_flag($orig_record[0],ABOOK_FLAG_PENDING)) {
+						$this->connedit_clone($a);
+					}
+					else
+						notice(t('Unable to set address book parameters.') . EOL);
+				}
+				goaway(z_root() . '/connedit/' . $contact_id);
+			}
+	
+	
+			if($cmd === 'drop') {
+	
+	
+	// FIXME
+	// We need to send either a purge or a refresh packet to the other side (the channel being unfriended).
+	// The issue is that the abook DB record _may_ get destroyed when we call contact_remove. As the notifier runs
+	// in the background there could be a race condition preventing this packet from being sent in all cases.
+	// PLACEHOLDER
+	
+				contact_remove(local_channel(), $orig_record[0]['abook_id']);
+				build_sync_packet(0 /* use the current local_channel */,
+					array('abook' => array(array(
+						'abook_xchan' => $orig_record[0]['abook_xchan'],
+						'entry_deleted' => true))
+					)
+				);
+	
+				info( t('Connection has been removed.') . EOL );
+				if(x($_SESSION,'return_url'))
+					goaway(z_root() . '/' . $_SESSION['return_url']);
+				goaway(z_root() . '/contacts');
+	
+			}
+		}
+	
+		if(\App::$poi) {
+	
+			$contact_id = \App::$poi['abook_id'];
+			$contact = \App::$poi;
+	
+			$tools = array(
+	
+				'view' => array(
+					'label' => t('View Profile'),
+					'url'   => chanlink_cid($contact['abook_id']),
+					'sel'   => '',
+					'title' => sprintf( t('View %s\'s profile'), $contact['xchan_name']),
+				),
+	
+				'refresh' => array(
+					'label' => t('Refresh Permissions'),
+					'url'   => z_root() . '/connedit/' . $contact['abook_id'] . '/refresh',
+					'sel'   => '',
+					'title' => t('Fetch updated permissions'),
+				),
+	
+				'recent' => array(
+					'label' => t('Recent Activity'),
+					'url'   => z_root() . '/network/?f=&cid=' . $contact['abook_id'],
+					'sel'   => '',
+					'title' => t('View recent posts and comments'),
+				),
+	
+				'block' => array(
+					'label' => (intval($contact['abook_blocked']) ? t('Unblock') : t('Block')),
+					'url'   => z_root() . '/connedit/' . $contact['abook_id'] . '/block',
+					'sel'   => (intval($contact['abook_blocked']) ? 'active' : ''),
+					'title' => t('Block (or Unblock) all communications with this connection'),
+					'info'   => (intval($contact['abook_blocked']) ? t('This connection is blocked!') : ''),
+				),
+	
+				'ignore' => array(
+					'label' => (intval($contact['abook_ignored']) ? t('Unignore') : t('Ignore')),
+					'url'   => z_root() . '/connedit/' . $contact['abook_id'] . '/ignore',
+					'sel'   => (intval($contact['abook_ignored']) ? 'active' : ''),
+					'title' => t('Ignore (or Unignore) all inbound communications from this connection'),
+					'info'   => (intval($contact['abook_ignored']) ? t('This connection is ignored!') : ''),
+				),
+	
+				'archive' => array(
+					'label' => (intval($contact['abook_archived']) ? t('Unarchive') : t('Archive')),
+					'url'   => z_root() . '/connedit/' . $contact['abook_id'] . '/archive',
+					'sel'   => (intval($contact['abook_archived']) ? 'active' : ''),
+					'title' => t('Archive (or Unarchive) this connection - mark channel dead but keep content'),
+					'info'   => (intval($contact['abook_archived']) ? t('This connection is archived!') : ''),
+				),
+	
+				'hide' => array(
+					'label' => (intval($contact['abook_hidden']) ? t('Unhide') : t('Hide')),
+					'url'   => z_root() . '/connedit/' . $contact['abook_id'] . '/hide',
+					'sel'   => (intval($contact['abook_hidden']) ? 'active' : ''),
+					'title' => t('Hide or Unhide this connection from your other connections'),
+					'info'   => (intval($contact['abook_hidden']) ? t('This connection is hidden!') : ''),
+				),
+	
+				'delete' => array(
+					'label' => t('Delete'),
+					'url'   => z_root() . '/connedit/' . $contact['abook_id'] . '/drop',
+					'sel'   => '',
+					'title' => t('Delete this connection'),
+				),
+	
+			);
+	
+			$self = false;
+	
+			if(intval($contact['abook_self']))
+				$self = true;
+	
+			$tpl = get_markup_template("abook_edit.tpl");
+	
+			if(feature_enabled(local_channel(),'affinity')) {
+	
+				$labels = array(
+					t('Me'),
+					t('Family'),
+					t('Friends'),
+					t('Acquaintances'),
+					t('All')
+				);
+				call_hooks('affinity_labels',$labels);
+				$label_str = '';
+	
+				if($labels) {
+					foreach($labels as $l) {
+						if($label_str) {
+							$label_str .= ", '|'";
+							$label_str .= ", '" . $l . "'";
+						}
+						else
+							$label_str .= "'" . $l . "'";
+					}
+				}
+	
+				$slider_tpl = get_markup_template('contact_slider.tpl');
+				$slide = replace_macros($slider_tpl,array(
+					'$min' => 1,
+					'$val' => (($contact['abook_closeness']) ? $contact['abook_closeness'] : 99),
+					'$labels' => $label_str,
+				));
+			}
+	
+			$rating_val = 0;
+			$rating_text = '';
+	
+			$xl = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1",
+				dbesc($channel['channel_hash']),
+				dbesc($contact['xchan_hash'])
+			);
+	
+			if($xl) {
+				$rating_val = intval($xl[0]['xlink_rating']);
+				$rating_text = $xl[0]['xlink_rating_text'];
+			}
+	
+			$poco_rating = get_config('system','poco_rating_enable');
+	
+			// if unset default to enabled
+			if($poco_rating === false)
+				$poco_rating = true;
+	
+			if($poco_rating) {
+				$rating = replace_macros(get_markup_template('rating_slider.tpl'),array(
+					'$min' => -10,
+					'$val' => $rating_val
+				));
+			}
+			else {
+				$rating = false;
+			}
+	
+	
+			$perms = array();
+			$channel = \App::get_channel();
+	
+			$global_perms = get_perms();
+			$existing = get_all_perms(local_channel(),$contact['abook_xchan']);
+	
+			$unapproved = array('pending', t('Approve this connection'), '', t('Accept connection to allow communication'), array(t('No'),('Yes')));
+	
+			$multiprofs = ((feature_enabled(local_channel(),'multi_profiles')) ? true : false);
+	
+			if($slide && !$multiprofs)
+				$affinity = t('Set Affinity');
+	
+			if(!$slide && $multiprofs)
+				$affinity = t('Set Profile');
+	
+			if($slide && $multiprofs)
+				$affinity = t('Set Affinity & Profile');
+	
+			foreach($global_perms as $k => $v) {
+				$thisperm = (($contact['abook_my_perms'] & $v[1]) ? "1" : '');
+				$checkinherited = ((($channel[$v[0]]) && ($channel[$v[0]] != PERMS_SPECIFIC)) ? "1" : '');
+	
+				// For auto permissions (when $self is true) we don't want to look at existing
+				// permissions because they are enabled for the channel owner
+				if((! $self) && ($existing[$k]))
+					$thisperm = "1";
+	
+				$perms[] = array('perms_' . $k, $v[3], (($contact['abook_their_perms'] & $v[1]) ? "1" : ""),$thisperm, $v[1], (($channel[$v[0]] == PERMS_SPECIFIC) ? '' : '1'), $v[4], $checkinherited);
+			}
+	
+			$locstr = '';
+	
+			$locs = q("select hubloc_addr as location from hubloc left join site on hubloc_url = site_url where hubloc_hash = '%s'
+				and hubloc_deleted = 0 and site_dead = 0",
+				dbesc($contact['xchan_hash'])
+			);
+	
+			if($locs) {
+				foreach($locs as $l) {
+					if(!($l['location']))
+						continue;
+					if(strpos($locstr,$l['location']) !== false)
+						continue;
+					if(strlen($locstr))
+						$locstr .= ', ';
+					$locstr .= $l['location'];
+				}
+			}
+			else
+				$locstr = t('none');
+	
+			$o .= replace_macros($tpl,array(
+	
+				'$header'         => (($self) ? t('Connection Default Permissions') : sprintf( t('Connection: %s'),$contact['xchan_name'])),
+				'$autoperms'      => array('autoperms',t('Apply these permissions automatically'), ((get_pconfig(local_channel(),'system','autoperms')) ? 1 : 0), t('Connection requests will be approved without your interaction'), $yes_no),
+				'$addr'           => $contact['xchan_addr'],
+				'$addr_text'      => t('This connection\'s primary address is'),
+				'$loc_text'       => t('Available locations:'),
+				'$locstr'         => $locstr,
+				'$notself'        => (($self) ? '' : '1'),
+				'$self'           => (($self) ? '1' : ''),
+				'$autolbl'        => t('The permissions indicated on this page will be applied to all new connections.'),
+				'$tools_label'    => t('Connection Tools'),
+				'$tools'          => (($self) ? '' : $tools),
+				'$lbl_slider'     => t('Slide to adjust your degree of friendship'),
+				'$lbl_rating'     => t('Rating'),
+				'$lbl_rating_label' => t('Slide to adjust your rating'),
+				'$lbl_rating_txt' => t('Optionally explain your rating'),
+				'$connfilter'     => feature_enabled(local_channel(),'connfilter'),
+				'$connfilter_label' => t('Custom Filter'),
+				'$incl'           => array('abook_incl',t('Only import posts with this text'), $contact['abook_incl'],t('words one per line or #tags or /patterns/ or lang=xx, leave blank to import all posts')),
+				'$excl'           => array('abook_excl',t('Do not import posts with this text'), $contact['abook_excl'],t('words one per line or #tags or /patterns/ or lang=xx, leave blank to import all posts')),
+				'$rating_text'    => array('rating_text', t('Optionally explain your rating'),$rating_text,''),
+				'$rating_info'    => t('This information is public!'),
+				'$rating'         => $rating,
+				'$rating_val'     => $rating_val,
+				'$slide'          => $slide,
+				'$affinity'       => $affinity,
+				'$pending_label'  => t('Connection Pending Approval'),
+				'$is_pending'     => (intval($contact['abook_pending']) ? 1 : ''),
+				'$unapproved'     => $unapproved,
+				'$inherited'      => t('inherited'),
+				'$submit'         => t('Submit'),
+				'$lbl_vis2'       => sprintf( t('Please choose the profile you would like to display to %s when viewing your profile securely.'), $contact['xchan_name']),
+				'$close'          => $contact['abook_closeness'],
+				'$them'           => t('Their Settings'),
+				'$me'             => t('My Settings'),
+				'$perms'          => $perms,
+				'$permlbl'        => t('Individual Permissions'),
+				'$permnote'       => t('Some permissions may be inherited from your channel\'s <a href="settings"><strong>privacy settings</strong></a>, which have higher priority than individual settings. You can <strong>not</strong> change those settings here.'),
+				'$permnote_self'  => t('Some permissions may be inherited from your channel\'s <a href="settings"><strong>privacy settings</strong></a>, which have higher priority than individual settings. You can change those settings here but they wont have any impact unless the inherited setting changes.'),
+				'$lastupdtext'    => t('Last update:'),
+				'$last_update'    => relative_date($contact['abook_connected']),
+				'$profile_select' => contact_profile_assign($contact['abook_profile']),
+				'$multiprofs'     => $multiprofs,
+				'$contact_id'     => $contact['abook_id'],
+				'$name'           => $contact['xchan_name'],
+	
+			));
+	
+			$arr = array('contact' => $contact,'output' => $o);
+	
+			call_hooks('contact_edit', $arr);
+	
+			return $arr['output'];
+	
+		}
+	
+	
+	}
+	
+}

Zotlabs/Module/Contactgroup.php

@@ -0,0 +1,54 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/group.php');
+
+
+class Contactgroup extends \Zotlabs\Web\Controller {
+
+	function get() {
+	
+		if(! local_channel()) {
+			killme();
+		}
+	
+		if((argc() > 2) && (intval(argv(1))) && (argv(2))) {
+			$r = q("SELECT abook_xchan from abook where abook_xchan = '%s' and abook_channel = %d and abook_self = 0 limit 1",
+				dbesc(base64url_decode(argv(2))),
+				intval(local_channel())
+			);
+			if($r)
+				$change = $r[0]['abook_xchan'];
+		}
+	
+		if((argc() > 1) && (intval(argv(1)))) {
+	
+			$r = q("SELECT * FROM `groups` WHERE `id` = %d AND `uid` = %d AND `deleted` = 0 LIMIT 1",
+				intval(argv(1)),
+				intval(local_channel())
+			);
+			if(! $r) {
+				killme();
+			}
+	
+			$group = $r[0];
+			$members = group_get_members($group['id']);
+			$preselected = array();
+			if(count($members))	{
+				foreach($members as $member)
+					$preselected[] = $member['xchan_hash'];
+			}
+	
+			if($change) {
+				if(in_array($change,$preselected)) {
+					group_rmv_member(local_channel(),$group['gname'],$change);
+				}
+				else {
+					group_add_member(local_channel(),$group['gname'],$change);
+				}
+			}
+		}
+	
+		killme();
+	}
+}

Zotlabs/Module/Cover_photo.php

@@ -0,0 +1,423 @@
+<?php
+namespace Zotlabs\Module;
+
+/* 
+   @file cover_photo.php
+   @brief Module-file with functions for handling of cover-photos
+
+*/
+
+require_once('include/photo/photo_driver.php');
+require_once('include/channel.php');
+
+
+
+/* @brief Initalize the cover-photo edit view
+ *
+ * @param $a Current application
+ * @return void
+ *
+ */
+
+
+class Cover_photo extends \Zotlabs\Web\Controller {
+
+	function init() {
+	
+		if(! local_channel()) {
+			return;
+		}
+	
+		$channel = \App::get_channel();
+		profile_load($channel['channel_address']);
+	
+	}
+	
+	/* @brief Evaluate posted values
+	 *
+	 * @param $a Current application
+	 * @return void
+	 *
+	 */
+	
+	function post() {
+	
+		if(! local_channel()) {
+			return;
+		}
+	
+		$channel = \App::get_channel();
+		
+		check_form_security_token_redirectOnErr('/cover_photo', 'cover_photo');
+	        
+		if((array_key_exists('cropfinal',$_POST)) && ($_POST['cropfinal'] == 1)) {
+	
+			// phase 2 - we have finished cropping
+	
+			if(argc() != 2) {
+				notice( t('Image uploaded but image cropping failed.') . EOL );
+				return;
+			}
+	
+			$image_id = argv(1);
+	
+			if(substr($image_id,-2,1) == '-') {
+				$scale = substr($image_id,-1,1);
+				$image_id = substr($image_id,0,-2);
+			}
+				
+	
+			$srcX = $_POST['xstart'];
+			$srcY = $_POST['ystart'];
+			$srcW = $_POST['xfinal'] - $srcX;
+			$srcH = $_POST['yfinal'] - $srcY;
+	
+	
+			$r = q("select gender from profile where uid = %d and is_default = 1 limit 1",
+				intval(local_channel())
+			);
+			if($r) {
+				$profile = $r[0];
+			}
+	
+			$r = q("SELECT * FROM photo WHERE resource_id = '%s' AND uid = %d AND imgscale = 0 LIMIT 1",
+				dbesc($image_id),
+				intval(local_channel())
+			);
+	
+			if($r) {
+	
+				$base_image = $r[0];
+				$base_image['content'] = (($r[0]['os_storage']) ? @file_get_contents($base_image['content']) : dbunescbin($base_image['content']));
+			
+				$im = photo_factory($base_image['content'], $base_image['mimetype']);
+				if($im->is_valid()) {
+	
+					// We are scaling and cropping the relative pixel locations to the original photo instead of the 
+					// scaled photo we operated on.
+	
+					// First load the scaled photo to check its size. (Should probably pass this in the post form and save
+					// a query.)
+	
+					$g = q("select width, height from photo where resource_id = '%s' and uid = %d and imgscale = 3",
+						dbesc($image_id),
+						intval(local_channel())
+					);
+	
+	
+					$scaled_width = $g[0]['width'];
+					$scaled_height = $g[0]['height'];
+	
+					if((! $scaled_width) || (! $scaled_height)) {
+						logger('potential divide by zero scaling cover photo');
+						return;
+					}
+	
+					// unset all other cover photos
+	
+					q("update photo set photo_usage = %d where photo_usage = %d and uid = %d",
+						intval(PHOTO_NORMAL),
+						intval(PHOTO_COVER),
+						intval(local_channel())
+					);
+	
+					$orig_srcx = ( $r[0]['width'] / $scaled_width ) * $srcX;
+					$orig_srcy = ( $r[0]['height'] / $scaled_height ) * $srcY;
+	 				$orig_srcw = ( $srcW / $scaled_width ) * $r[0]['width'];
+	 				$orig_srch = ( $srcH / $scaled_height ) * $r[0]['height'];
+	
+					$im->cropImageRect(1200,435,$orig_srcx, $orig_srcy, $orig_srcw, $orig_srch);
+	
+					$aid = get_account_id();
+	
+					$p = array('aid' => $aid, 'uid' => local_channel(), 'resource_id' => $base_image['resource_id'],
+						'filename' => $base_image['filename'], 'album' => t('Cover Photos'));
+	
+					$p['imgscale'] = 7;
+					$p['photo_usage'] = PHOTO_COVER;
+	
+					$r1 = $im->save($p);
+	
+					$im->doScaleImage(850,310);
+					$p['imgscale'] = 8;
+	
+					$r2 = $im->save($p);
+	
+	
+					$im->doScaleImage(425,160);
+					$p['imgscale'] = 9;
+	
+					$r3 = $im->save($p);
+				
+					if($r1 === false || $r2 === false || $r3 === false) {
+						// if one failed, delete them all so we can start over.
+						notice( t('Image resize failed.') . EOL );
+						$x = q("delete from photo where resource_id = '%s' and uid = %d and imgscale >= 7 ",
+							dbesc($base_image['resource_id']),
+							local_channel()
+						);
+						return;
+					}
+	
+					$channel = \App::get_channel();
+					$this->send_cover_photo_activity($channel,$base_image,$profile);
+	
+	
+				}
+				else
+					notice( t('Unable to process image') . EOL);
+			}
+	
+			goaway(z_root() . '/channel/' . $channel['channel_address']);
+	
+		}
+	
+	
+		$hash = photo_new_resource();
+		$smallest = 0;
+	
+		require_once('include/attach.php');
+	
+		$res = attach_store(\App::get_channel(), get_observer_hash(), '', array('album' => t('Cover Photos'), 'hash' => $hash));
+	
+		logger('attach_store: ' . print_r($res,true));
+	
+		if($res && intval($res['data']['is_photo'])) {
+			$i = q("select * from photo where resource_id = '%s' and uid = %d and imgscale = 0",
+				dbesc($hash),
+				intval(local_channel())
+			);
+	
+			if(! $i) {
+				notice( t('Image upload failed.') . EOL );
+				return;
+			}
+			$os_storage = false;
+	
+			foreach($i as $ii) {
+				$smallest = intval($ii['imgscale']);
+				$os_storage = intval($ii['os_storage']);
+				$imagedata = $ii['content'];
+				$filetype = $ii['mimetype'];
+	
+			}
+		}
+	
+		$imagedata = (($os_storage) ? @file_get_contents($imagedata) : $imagedata);
+		$ph = photo_factory($imagedata, $filetype);
+	
+		if(! $ph->is_valid()) {
+			notice( t('Unable to process image.') . EOL );
+			return;
+		}
+	
+		return $this->cover_photo_crop_ui_head($a, $ph, $hash, $smallest);
+		
+	}
+	
+	function send_cover_photo_activity($channel,$photo,$profile) {
+	
+		$arr = array();
+		$arr['item_thread_top'] = 1;
+		$arr['item_origin'] = 1;
+		$arr['item_wall'] = 1;
+		$arr['obj_type'] = ACTIVITY_OBJ_PHOTO;
+		$arr['verb'] = ACTIVITY_UPDATE;
+	
+		$arr['obj'] = json_encode(array(
+			'type' => $arr['obj_type'],
+			'id' => z_root() . '/photo/' . $photo['resource_id'] . '-7',
+			'link' => array('rel' => 'photo', 'type' => $photo['mimetype'], 'href' => z_root() . '/photo/' . $photo['resource_id'] . '-7')
+		));
+	
+		if($profile && stripos($profile['gender'],t('female')) !== false)
+			$t = t('%1$s updated her %2$s');
+		elseif($profile && stripos($profile['gender'],t('male')) !== false)
+			$t = t('%1$s updated his %2$s');
+		else
+			$t = t('%1$s updated their %2$s');
+	
+		$ptext = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $photo['resource_id'] . ']' . t('cover photo') . '[/zrl]';
+	
+		$ltext = '[zrl=' . z_root() . '/profile/' . $channel['channel_address'] . ']' . '[zmg]' . z_root() . '/photo/' . $photo['resource_id'] . '-8[/zmg][/zrl]'; 
+	
+		$arr['body'] = sprintf($t,$channel['channel_name'],$ptext) . "\n\n" . $ltext;
+	
+		$acl = new \Zotlabs\Access\AccessList($channel);
+		$x = $acl->get();
+		$arr['allow_cid'] = $x['allow_cid'];
+	
+		$arr['allow_gid'] = $x['allow_gid'];
+		$arr['deny_cid'] = $x['deny_cid'];
+		$arr['deny_gid'] = $x['deny_gid'];
+	
+		$arr['uid'] = $channel['channel_id'];
+		$arr['aid'] = $channel['channel_account_id'];
+	
+		$arr['owner_xchan'] = $channel['channel_hash'];
+		$arr['author_xchan'] = $channel['channel_hash'];
+	
+		post_activity_item($arr);
+	
+	
+	}
+	
+	
+	/* @brief Generate content of profile-photo view
+	 *
+	 * @param $a Current application
+	 * @return void
+	 *
+	 */
+	
+	
+	function get() {
+	
+		if(! local_channel()) {
+			notice( t('Permission denied.') . EOL );
+			return;
+		}
+	
+		$channel = \App::get_channel();
+	
+		$newuser = false;
+	
+		if(argc() == 2 && argv(1) === 'new')
+			$newuser = true;
+	
+		if(argv(1) === 'use') {
+			if (argc() < 3) {
+				notice( t('Permission denied.') . EOL );
+				return;
+			};
+			
+	//		check_form_security_token_redirectOnErr('/cover_photo', 'cover_photo');
+	        
+			$resource_id = argv(2);
+	
+			$r = q("SELECT id, album, imgscale FROM photo WHERE uid = %d AND resource_id = '%s' ORDER BY imgscale ASC",
+				intval(local_channel()),
+				dbesc($resource_id)
+			);
+			if(! $r) {
+				notice( t('Photo not available.') . EOL );
+				return;
+			}
+			$havescale = false;
+			foreach($r as $rr) {
+				if($rr['imgscale'] == 7)
+					$havescale = true;
+			}
+	
+			$r = q("SELECT `content`, `mimetype`, resource_id, os_storage FROM photo WHERE id = %d and uid = %d limit 1",
+				intval($r[0]['id']),
+				intval(local_channel())
+	
+			);
+			if(! $r) {
+				notice( t('Photo not available.') . EOL );
+				return;
+			}
+	
+			if(intval($r[0]['os_storage']))
+				$data = @file_get_contents($r[0]['content']);
+			else
+				$data = dbunescbin($r[0]['content']); 
+	
+			$ph = photo_factory($data, $r[0]['mimetype']);
+			$smallest = 0;
+			if($ph->is_valid()) {
+				// go ahead as if we have just uploaded a new photo to crop
+				$i = q("select resource_id, imgscale from photo where resource_id = '%s' and uid = %d and imgscale = 0",
+					dbesc($r[0]['resource_id']),
+					intval(local_channel())
+				);
+	
+				if($i) {
+					$hash = $i[0]['resource_id'];
+					foreach($i as $ii) {
+						$smallest = intval($ii['imgscale']);
+					}
+	            }
+	        }
+	 
+			$this->cover_photo_crop_ui_head($a, $ph, $hash, $smallest);
+		}
+	
+	
+		if(! x(\App::$data,'imagecrop')) {
+	
+			$tpl = get_markup_template('cover_photo.tpl');
+	
+			$o .= replace_macros($tpl,array(
+				'$user' => \App::$channel['channel_address'],
+				'$lbl_upfile' => t('Upload File:'),
+				'$lbl_profiles' => t('Select a profile:'),
+				'$title' => t('Upload Cover Photo'),
+				'$submit' => t('Upload'),
+				'$profiles' => $profiles,
+				'$form_security_token' => get_form_security_token("cover_photo"),
+	// FIXME - yuk  
+				'$select' => sprintf('%s %s', t('or'), ($newuser) ? '<a href="' . z_root() . '">' . t('skip this step') . '</a>' : '<a href="'. z_root() . '/photos/' . \App::$channel['channel_address'] . '">' . t('select a photo from your photo albums') . '</a>')
+			));
+			
+			call_hooks('cover_photo_content_end', $o);
+			
+			return $o;
+		}
+		else {
+			$filename = \App::$data['imagecrop'] . '-3';
+			$resolution = 3;
+			$tpl = get_markup_template("cropcover.tpl");
+			$o .= replace_macros($tpl,array(
+				'$filename' => $filename,
+				'$profile' => intval($_REQUEST['profile']),
+				'$resource' => \App::$data['imagecrop'] . '-3',
+				'$image_url' => z_root() . '/photo/' . $filename,
+				'$title' => t('Crop Image'),
+				'$desc' => t('Please adjust the image cropping for optimum viewing.'),
+				'$form_security_token' => get_form_security_token("cover_photo"),
+				'$done' => t('Done Editing')
+			));
+			return $o;
+		}
+	
+		return; // NOTREACHED
+	}
+	
+	/* @brief Generate the UI for photo-cropping
+	 *
+	 * @param $a Current application
+	 * @param $ph Photo-Factory
+	 * @return void
+	 *
+	 */
+	
+	
+	
+	function cover_photo_crop_ui_head(&$a, $ph, $hash, $smallest){
+	
+		$max_length = get_config('system','max_image_length');
+		if(! $max_length)
+			$max_length = MAX_IMAGE_LENGTH;
+		if($max_length > 0)
+			$ph->scaleImage($max_length);
+	
+		$width  = $ph->getWidth();
+		$height = $ph->getHeight();
+	
+		if($width < 300 || $height < 300) {
+			$ph->scaleImageUp(240);
+			$width  = $ph->getWidth();
+			$height = $ph->getHeight();
+		}
+	
+	
+		\App::$data['imagecrop'] = $hash;
+		\App::$data['imagecrop_resolution'] = $smallest;
+		\App::$page['htmlhead'] .= replace_macros(get_markup_template("crophead.tpl"), array());
+		return;
+	}
+	
+	
+}

Zotlabs/Module/Dav.php

@@ -0,0 +1,88 @@
+<?php
+
+namespace Zotlabs\Module;
+/**
+ * @file mod/dav.php
+ * @brief Initialize Hubzilla's cloud (SabreDAV).
+ *
+ * Module for accessing the DAV storage area from a DAV client.
+ */
+
+use \Sabre\DAV as SDAV;
+use \Zotlabs\Storage;
+
+// composer autoloader for SabreDAV
+require_once('vendor/autoload.php');
+
+require_once('include/attach.php');
+
+/**
+ * @brief Fires up the SabreDAV server.
+ *
+ * @param App &$a
+ */
+
+class Dav extends \Zotlabs\Web\Controller {
+
+	function init() {
+	
+		// workaround for HTTP-auth in CGI mode
+		if (x($_SERVER, 'REDIRECT_REMOTE_USER')) {
+ 			$userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)) ;
+			if(strlen($userpass)) {
+			 	list($name, $password) = explode(':', $userpass);
+				$_SERVER['PHP_AUTH_USER'] = $name;
+				$_SERVER['PHP_AUTH_PW'] = $password;
+			}
+		}
+
+		if (x($_SERVER, 'HTTP_AUTHORIZATION')) {
+			$userpass = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"], 6)) ;
+			if(strlen($userpass)) {
+				list($name, $password) = explode(':', $userpass);
+				$_SERVER['PHP_AUTH_USER'] = $name;
+				$_SERVER['PHP_AUTH_PW'] = $password;
+			}
+		}
+
+		if (! is_dir('store'))
+			os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false);
+	
+		if (argc() > 1)
+			profile_load(argv(1),0);
+	
+
+		$auth = new \Zotlabs\Storage\BasicAuth();
+		$auth->setRealm(ucfirst(\Zotlabs\Lib\System::get_platform_name()) . ' ' . 'WebDAV');
+
+		$rootDirectory = new \Zotlabs\Storage\Directory('/', $auth);
+	
+		// A SabreDAV server-object
+		$server = new SDAV\Server($rootDirectory);
+
+
+		$authPlugin = new \Sabre\DAV\Auth\Plugin($auth);
+		$server->addPlugin($authPlugin);
+
+
+		// prevent overwriting changes each other with a lock backend
+		$lockBackend = new SDAV\Locks\Backend\File('store/[data]/locks');
+		$lockPlugin = new SDAV\Locks\Plugin($lockBackend);
+	
+		$server->addPlugin($lockPlugin);
+	
+		// provide a directory view for the cloud in Hubzilla
+		$browser = new \Zotlabs\Storage\Browser($auth);
+		$auth->setBrowserPlugin($browser);
+	
+		// Experimental QuotaPlugin
+		// require_once('Zotlabs/Storage/QuotaPlugin.php');
+		// $server->addPlugin(new \Zotlabs\Storage\QuotaPlugin($auth));
+	
+		// All we need to do now, is to fire up the server
+		$server->exec();
+	
+		killme();
+	}
+	
+}

Zotlabs/Module/Directory.php

@@ -0,0 +1,425 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/socgraph.php');
+require_once('include/dir_fns.php');
+require_once('include/widgets.php');
+require_once('include/bbcode.php');
+
+
+class Directory extends \Zotlabs\Web\Controller {
+
+	function init() {
+		\App::set_pager_itemspage(60);
+	
+		if(x($_GET,'ignore')) {
+			q("insert into xign ( uid, xchan ) values ( %d, '%s' ) ",
+				intval(local_channel()),
+				dbesc($_GET['ignore'])
+			);
+			goaway(z_root() . '/directory?suggest=1');
+		}
+	
+		$observer = get_observer_hash();
+		$global_changed = false;
+		$safe_changed = false;
+		$pubforums_changed = false;
+	
+		if(array_key_exists('global',$_REQUEST)) {
+			$globaldir = intval($_REQUEST['global']);
+			$global_changed = true;
+		}
+		if($global_changed) {
+			$_SESSION['globaldir'] = $globaldir;
+			if($observer)
+				set_xconfig($observer,'directory','globaldir',$globaldir);
+		}
+	
+		if(array_key_exists('safe',$_REQUEST)) {
+			$safemode = intval($_REQUEST['safe']);
+			$safe_changed = true;
+		}
+		if($safe_changed) {
+			$_SESSION['safemode'] = $safemode;
+			if($observer)
+				set_xconfig($observer,'directory','safemode',$safemode);
+		}
+	
+	
+		if(array_key_exists('pubforums',$_REQUEST)) {
+			$pubforums = intval($_REQUEST['pubforums']);
+			$pubforums_changed = true;
+		}
+		if($pubforums_changed) {
+			$_SESSION['pubforums'] = $pubforums;
+			if($observer)
+				set_xconfig($observer,'directory','pubforums',$pubforums);
+		}
+	}
+	
+	function get() {
+	
+		if(observer_prohibited()) {
+			notice( t('Public access denied.') . EOL);
+			return;
+		}
+	
+		$observer = get_observer_hash();
+	
+		$globaldir = get_directory_setting($observer, 'globaldir');
+		// override your personal global search pref if we're doing a navbar search of the directory
+		if(intval($_REQUEST['navsearch']))
+			$globaldir = 1;
+	
+		$safe_mode = get_directory_setting($observer, 'safemode');
+	
+		$pubforums = get_directory_setting($observer, 'pubforums');
+	
+		$o = '';
+		nav_set_selected('directory');
+	
+		if(x($_POST,'search'))
+			$search = notags(trim($_POST['search']));
+		else
+			$search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : '');
+	
+	
+		if(strpos($search,'=') && local_channel() && get_pconfig(local_channel(),'feature','expert'))
+			$advanced = $search;
+	
+	
+		$keywords = (($_GET['keywords']) ? $_GET['keywords'] : '');
+	
+		// Suggest channels if no search terms or keywords are given
+		$suggest = (local_channel() && x($_REQUEST,'suggest')) ? $_REQUEST['suggest'] : '';
+	
+		if($suggest) {
+	
+			$r = suggestion_query(local_channel(),get_observer_hash());
+	
+			// Remember in which order the suggestions were
+			$addresses = array();
+			$common = array();
+			$index = 0;
+			foreach($r as $rr) {
+				$common[$rr['xchan_addr']] = $rr['total'];
+				$addresses[$rr['xchan_addr']] = $index++;
+			}
+	
+			// Build query to get info about suggested people
+			$advanced = '';
+			foreach(array_keys($addresses) as $address) {
+				$advanced .= "address=\"$address\" ";
+			}
+			// Remove last space in the advanced query
+			$advanced = rtrim($advanced);
+	
+		}
+	
+		$tpl = get_markup_template('directory_header.tpl');
+	
+		$dirmode = intval(get_config('system','directory_mode'));
+	
+		if(($dirmode == DIRECTORY_MODE_PRIMARY) || ($dirmode == DIRECTORY_MODE_STANDALONE)) {
+			$url = z_root() . '/dirsearch';
+		}
+		if(! $url) {
+			$directory = find_upstream_directory($dirmode);
+			if((! $directory) || (! array_key_exists('url',$directory)) || (! $directory['url']))
+				logger('CRITICAL: No directory server URL');
+			$url = $directory['url'] . '/dirsearch';
+		}
+	
+		$token = get_config('system','realm_token');
+	
+	
+		logger('mod_directory: URL = ' . $url, LOGGER_DEBUG);
+	
+		$contacts = array();
+	
+		if(local_channel()) {
+			$x = q("select abook_xchan from abook where abook_channel = %d",
+				intval(local_channel())
+			);
+			if($x) {
+				foreach($x as $xx)
+					$contacts[] = $xx['abook_xchan'];
+			}
+		}
+	
+		if($url) {
+	
+			$numtags = get_config('system','directorytags');
+	
+			$kw = ((intval($numtags) > 0) ? intval($numtags) : 50);
+	
+			if(get_config('system','disable_directory_keywords'))
+				$kw = 0;
+	
+			$query = $url . '?f=&kw=' . $kw . (($safe_mode != 1) ? '&safe=' . $safe_mode : '');
+	
+			if($token)
+				$query .= '&t=' . $token;
+	
+			if(! $globaldir)
+				$query .= '&hub=' . \App::get_hostname();
+	
+			if($search)
+				$query .= '&name=' . urlencode($search) . '&keywords=' . urlencode($search);
+			if(strpos($search,'@'))
+				$query .= '&address=' . urlencode($search);
+			if($keywords)
+				$query .= '&keywords=' . urlencode($keywords);
+			if($advanced)
+				$query .= '&query=' . urlencode($advanced);
+			if(! is_null($pubforums))
+				$query .= '&pubforums=' . intval($pubforums);
+	
+			$directory_sort_order = get_config('system','directory_sort_order');
+			if(! $directory_sort_order)
+				$directory_sort_order = 'date';
+	
+			$sort_order  = ((x($_REQUEST,'order')) ? $_REQUEST['order'] : $directory_sort_order);
+	
+			if($sort_order)
+				$query .= '&order=' . urlencode($sort_order);
+				
+			if(\App::$pager['page'] != 1)
+				$query .= '&p=' . \App::$pager['page'];
+	
+			logger('mod_directory: query: ' . $query);
+	
+			$x = z_fetch_url($query);
+			logger('directory: return from upstream: ' . print_r($x,true), LOGGER_DATA);
+	
+			if($x['success']) {
+				$t = 0;
+				$j = json_decode($x['body'],true);
+				if($j) {
+	
+					if($j['results']) {
+	
+						$entries = array();
+	
+						$photo = 'thumb';
+	
+						foreach($j['results'] as $rr) {
+	
+							$profile_link = chanlink_url($rr['url']);
+			
+							$pdesc = (($rr['description']) ? $rr['description'] . '<br />' : '');
+							$connect_link = ((local_channel()) ? z_root() . '/follow?f=&url=' . urlencode($rr['address']) : ''); 		
+	
+							// Checking status is disabled ATM until someone checks the performance impact more carefully
+							//$online = remote_online_status($rr['address']);
+							$online = '';
+	
+							if(in_array($rr['hash'],$contacts))
+								$connect_link = '';
+	
+							$location = '';
+							if(strlen($rr['locale']))
+								$location .= $rr['locale'];
+							if(strlen($rr['region'])) {
+								if(strlen($rr['locale']))
+									$location .= ', ';
+								$location .= $rr['region'];
+							}
+							if(strlen($rr['country'])) {
+								if(strlen($location))
+									$location .= ', ';
+								$location .= $rr['country'];
+							}
+	
+							$age = '';
+							if(strlen($rr['birthday'])) {
+								if(($years = age($rr['birthday'],'UTC','')) != 0)
+									$age = $years;
+							}
+	
+							$page_type = '';
+	
+							if($rr['total_ratings'])
+								$total_ratings = sprintf( tt("%d rating", "%d ratings", $rr['total_ratings']), $rr['total_ratings']);
+							else
+								$total_ratings = '';
+	
+							$profile = $rr;
+	
+							if ((x($profile,'locale') == 1)
+								|| (x($profile,'region') == 1)
+								|| (x($profile,'postcode') == 1)
+								|| (x($profile,'country') == 1))
+	
+							$gender = ((x($profile,'gender') == 1) ? t('Gender: ') . $profile['gender']: False);
+		
+							$marital = ((x($profile,'marital') == 1) ?  t('Status: ') . $profile['marital']: False);
+			
+							$homepage = ((x($profile,'homepage') == 1) ?  t('Homepage: ') : False);
+							$homepageurl = ((x($profile,'homepage') == 1) ?  $profile['homepage'] : ''); 
+	
+							$hometown = ((x($profile,'hometown') == 1) ? $profile['hometown']  : False);
+	
+							$about = ((x($profile,'about') == 1) ? bbcode($profile['about']) : False);
+	
+							$keywords = ((x($profile,'keywords')) ? $profile['keywords'] : '');
+	
+							$out = '';
+	
+							if($keywords) {
+								$keywords = str_replace(',',' ', $keywords);
+								$keywords = str_replace('  ',' ', $keywords);
+								$karr = explode(' ', $keywords);
+	
+								if($karr) {
+									if(local_channel()) {
+										$r = q("select keywords from profile where uid = %d and is_default = 1 limit 1",
+											intval(local_channel())
+										);
+										if($r) {
+											$keywords = str_replace(',',' ', $r[0]['keywords']);
+											$keywords = str_replace('  ',' ', $keywords);
+											$marr = explode(' ', $keywords);
+										}
+									}
+									foreach($karr as $k) {
+										if(strlen($out))
+											$out .= ', ';
+										if($marr && in_arrayi($k,$marr))
+											$out .= '<strong>' . $k . '</strong>';
+										else
+											$out .= $k;
+									}
+								}
+				
+							}
+	
+							$entry = array(
+								'id' => ++$t,
+								'profile_link' => $profile_link,
+								'public_forum' => $rr['public_forum'],
+								'photo' => $rr['photo'],
+								'hash' => $rr['hash'],
+								'alttext' => $rr['name'] . ((local_channel() || remote_channel()) ? ' ' . $rr['address'] : ''),
+								'name' => $rr['name'],
+								'age' => $age,
+								'age_label' => t('Age:'),
+								'profile' => $profile,
+								'address' =>  $rr['address'],
+								'nickname' => substr($rr['address'],0,strpos($rr['address'],'@')),
+								'location' => $location,
+								'location_label' => t('Location:'),
+								'gender'   => $gender,
+								'total_ratings' => $total_ratings,
+								'viewrate' => true,
+								'canrate' => ((local_channel()) ? true : false),
+								'pdesc'	=> $pdesc,
+								'pdesc_label' => t('Description:'),
+								'marital'  => $marital,
+								'homepage' => $homepage,
+								'homepageurl' => linkify($homepageurl),
+								'hometown' => $hometown,
+								'hometown_label' => t('Hometown:'),
+								'about' => $about,
+								'about_label' => t('About:'),
+								'conn_label' => t('Connect'),
+								'forum_label' => t('Public Forum:'), 
+								'connect' => $connect_link,
+								'online' => $online,
+								'kw' => (($out) ? t('Keywords: ') : ''),
+								'keywords' => $out,
+								'ignlink' => $suggest ? z_root() . '/directory?ignore=' . $rr['hash'] : '',
+								'ignore_label' => t('Don\'t suggest'),
+								'common_friends' => (($common[$rr['address']]) ? intval($common[$rr['address']]) : ''),
+								'common_label' => t('Common connections:'),
+								'common_count' => intval($common[$rr['address']]),
+								'safe' => $safe_mode
+							);
+	
+							$arr = array('contact' => $rr, 'entry' => $entry);
+	
+							call_hooks('directory_item', $arr);
+	
+							unset($profile);
+							unset($location);
+	
+							if(! $arr['entry']) {
+								continue;
+							}			
+							
+							if($sort_order == '' && $suggest) {
+								$entries[$addresses[$rr['address']]] = $arr['entry']; // Use the same indexes as originally to get the best suggestion first
+							}
+	
+							else {
+								$entries[] = $arr['entry'];
+							}
+						}
+	
+						ksort($entries); // Sort array by key so that foreach-constructs work as expected
+	
+						if($j['keywords']) {
+							\App::$data['directory_keywords'] = $j['keywords'];
+						}
+	
+						logger('mod_directory: entries: ' . print_r($entries,true), LOGGER_DATA);
+	
+	
+						if($_REQUEST['aj']) {
+							if($entries) {
+								$o = replace_macros(get_markup_template('directajax.tpl'),array(
+									'$entries' => $entries
+								));
+							}
+							else {
+								$o = '<div id="content-complete"></div>';
+							}
+							echo $o;
+							killme();
+						}
+						else {
+							$maxheight = 94;
+	
+							$dirtitle = (($globaldir) ? t('Global Directory') : t('Local Directory'));
+	
+							$o .= "<script> var page_query = '" . $_GET['q'] . "'; var extra_args = '" . extra_query_args() . "' ; divmore_height = " . intval($maxheight) . ";  </script>";
+							$o .= replace_macros($tpl, array(
+								'$search' => $search,
+								'$desc' => t('Find'),
+								'$finddsc' => t('Finding:'),
+								'$safetxt' => htmlspecialchars($search,ENT_QUOTES,'UTF-8'),
+								'$entries' => $entries,
+								'$dirlbl' => $suggest ? t('Channel Suggestions') : $dirtitle,
+								'$submit' => t('Find'),
+								'$next' => alt_pager($a,$j['records'], t('next page'), t('previous page')),
+								'$sort' => t('Sort options'),
+								'$normal' => t('Alphabetic'),
+								'$reverse' => t('Reverse Alphabetic'),
+								'$date' => t('Newest to Oldest'),
+								'$reversedate' => t('Oldest to Newest'),
+								'$suggest' => $suggest ? '&suggest=1' : ''
+							));
+	
+	
+						}
+	
+					}
+					else {
+						if($_REQUEST['aj']) {
+							$o = '<div id="content-complete"></div>';
+							echo $o;
+							killme();
+						}
+						if(\App::$pager['page'] == 1 && $j['records'] == 0 && strpos($search,'@')) {
+							goaway(z_root() . '/chanview/?f=&address=' . $search);
+						}
+						info( t("No entries (some entries may be hidden).") . EOL);
+					}
+				}
+			}
+		}
+		return $o;
+	}
+	
+	
+}

Zotlabs/Module/Dirsearch.php

@@ -0,0 +1,462 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/dir_fns.php');
+
+
+
+class Dirsearch extends \Zotlabs\Web\Controller {
+
+	function init() {
+		\App::set_pager_itemspage(60);
+	
+	}
+	
+		function get() {
+	
+		$ret = array('success' => false);
+	
+	//	logger('request: ' . print_r($_REQUEST,true));
+	
+	
+		$dirmode = intval(get_config('system','directory_mode'));
+	
+		if($dirmode == DIRECTORY_MODE_NORMAL) {
+			$ret['message'] = t('This site is not a directory server');
+			json_return_and_die($ret);
+		}
+	
+		$access_token = $_REQUEST['t'];
+	
+		$token = get_config('system','realm_token');
+		if($token && $access_token != $token) {
+			$ret['message'] = t('This directory server requires an access token');
+			json_return_and_die($ret);
+		}
+	
+	
+		if(argc() > 1 && argv(1) === 'sites') {
+			$ret = $this->list_public_sites();
+			json_return_and_die($ret);
+		}
+	
+		$sql_extra = '';
+	
+	
+		$tables = array('name','address','locale','region','postcode','country','gender','marital','sexual','keywords');
+	
+		if($_REQUEST['query']) {
+			$advanced = $this->dir_parse_query($_REQUEST['query']);
+			if($advanced) {
+				foreach($advanced as $adv) {
+					if(in_array($adv['field'],$tables)) {
+						if($adv['field'] === 'name')
+							$sql_extra .= $this->dir_query_build($adv['logic'],'xchan_name',$adv['value']);
+						elseif($adv['field'] === 'address')
+	 						$sql_extra .= $this->dir_query_build($adv['logic'],'xchan_addr',$adv['value']);
+						else
+							$sql_extra .= $this->dir_query_build($adv['logic'],'xprof_' . $adv['field'],$adv['value']);
+					}
+				}
+			}
+		}
+	
+		$hash     = ((x($_REQUEST['hash']))    ? $_REQUEST['hash']     : '');
+	
+		$name     = ((x($_REQUEST,'name'))     ? $_REQUEST['name']     : '');
+		$hub      = ((x($_REQUEST,'hub'))      ? $_REQUEST['hub']      : '');
+		$address  = ((x($_REQUEST,'address'))  ? $_REQUEST['address']  : '');
+		$locale   = ((x($_REQUEST,'locale'))   ? $_REQUEST['locale']   : '');
+		$region   = ((x($_REQUEST,'region'))   ? $_REQUEST['region']   : '');
+		$postcode = ((x($_REQUEST,'postcode')) ? $_REQUEST['postcode'] : '');
+		$country  = ((x($_REQUEST,'country'))  ? $_REQUEST['country']  : '');
+		$gender   = ((x($_REQUEST,'gender'))   ? $_REQUEST['gender']   : '');
+		$marital  = ((x($_REQUEST,'marital'))  ? $_REQUEST['marital']  : '');
+		$sexual   = ((x($_REQUEST,'sexual'))   ? $_REQUEST['sexual']   : '');
+		$keywords = ((x($_REQUEST,'keywords')) ? $_REQUEST['keywords'] : '');
+		$agege    = ((x($_REQUEST,'agege'))    ? intval($_REQUEST['agege']) : 0 );
+		$agele    = ((x($_REQUEST,'agele'))    ? intval($_REQUEST['agele']) : 0 );
+		$kw       = ((x($_REQUEST,'kw'))       ? intval($_REQUEST['kw'])    : 0 );
+		$forums   = ((array_key_exists('pubforums',$_REQUEST)) ? intval($_REQUEST['pubforums']) : 0);
+	
+		if(get_config('system','disable_directory_keywords'))
+			$kw = 0;
+	
+	
+		// by default use a safe search
+		$safe     = ((x($_REQUEST,'safe')));    // ? intval($_REQUEST['safe'])  : 1 );
+		if ($safe === false)
+				$safe = 1;
+			
+		if(array_key_exists('sync',$_REQUEST)) {
+			if($_REQUEST['sync'])
+				$sync = datetime_convert('UTC','UTC',$_REQUEST['sync']);
+			else
+				$sync = datetime_convert('UTC','UTC','2010-01-01 01:01:00');
+		}
+		else
+			$sync = false;
+	
+	
+		if($hub)
+			$hub_query = " and xchan_hash in (select hubloc_hash from hubloc where hubloc_host =  '" . protect_sprintf(dbesc($hub)) . "') ";
+		else
+			$hub_query = '';
+	
+		$sort_order  = ((x($_REQUEST,'order')) ? $_REQUEST['order'] : '');
+	
+		$joiner = ' OR ';
+		if($_REQUEST['and'])
+			$joiner = ' AND ';
+	
+		if($name)
+			$sql_extra .= $this->dir_query_build($joiner,'xchan_name',$name);
+		if($address)
+			$sql_extra .= $this->dir_query_build($joiner,'xchan_addr',$address);
+		if($city)
+			$sql_extra .= $this->dir_query_build($joiner,'xprof_locale',$city);
+		if($region)
+			$sql_extra .= $this->dir_query_build($joiner,'xprof_region',$region);
+		if($post)
+			$sql_extra .= $this->dir_query_build($joiner,'xprof_postcode',$post);
+		if($country)
+			$sql_extra .= $this->dir_query_build($joiner,'xprof_country',$country);
+		if($gender)
+			$sql_extra .= $this->dir_query_build($joiner,'xprof_gender',$gender);
+		if($marital)
+			$sql_extra .= $this->dir_query_build($joiner,'xprof_marital',$marital);
+		if($sexual)
+			$sql_extra .= $this->dir_query_build($joiner,'xprof_sexual',$sexual);
+		if($keywords)
+			$sql_extra .= $this->dir_query_build($joiner,'xprof_keywords',$keywords);
+	
+	
+		// we only support an age range currently. You must set both agege 
+		// (greater than or equal) and agele (less than or equal) 
+	
+		if($agele && $agege) {
+			$sql_extra .= " $joiner ( xprof_age <= " . intval($agele) . " ";
+			$sql_extra .= " AND  xprof_age >= " . intval($agege) . ") ";
+		}
+	
+	
+		if($hash) {
+			$sql_extra = " AND xchan_hash like '" . dbesc($hash) . protect_sprintf('%') . "' ";
+		}
+	
+	
+	    $perpage      = (($_REQUEST['n'])              ? $_REQUEST['n']                    : 60);
+	    $page         = (($_REQUEST['p'])              ? intval($_REQUEST['p'] - 1)        : 0);
+	    $startrec     = (($page+1) * $perpage) - $perpage;
+		$limit        = (($_REQUEST['limit'])          ? intval($_REQUEST['limit'])        : 0);
+		$return_total = ((x($_REQUEST,'return_total')) ? intval($_REQUEST['return_total']) : 0);
+	
+		// mtime is not currently working
+	
+		$mtime        = ((x($_REQUEST,'mtime'))        ? datetime_convert('UTC','UTC',$_REQUEST['mtime']) : '');
+	
+		// ok a separate tag table won't work. 
+		// merge them into xprof
+	
+		$ret['success'] = true;
+	
+		// If &limit=n, return at most n entries
+		// If &return_total=1, we count matching entries and return that as 'total_items' for use in pagination.
+		// By default we return one page (default 80 items maximum) and do not count total entries
+	
+		$logic = ((strlen($sql_extra)) ? 'false' : 'true');
+	
+		if($hash)
+			$logic = 'true';
+	
+		if($dirmode == DIRECTORY_MODE_STANDALONE) {
+			$sql_extra .= " and xchan_addr like '%%" . \App::get_hostname() . "' ";
+		}
+	
+		$safesql = (($safe > 0) ? " and xchan_censored = 0 and xchan_selfcensored = 0 " : '');
+		if($safe < 0)
+			$safesql = " and ( xchan_censored = 1 OR xchan_selfcensored = 1 ) ";
+	
+		if($forums)
+			$safesql .= " and xchan_pubforum = " . ((intval($forums)) ? '1 ' : '0 ');
+	
+		if($limit) 
+			$qlimit = " LIMIT $limit ";
+		else {
+			$qlimit = " LIMIT " . intval($perpage) . " OFFSET " . intval($startrec);
+			if($return_total) {
+				$r = q("SELECT COUNT(xchan_hash) AS `total` FROM xchan left join xprof on xchan_hash = xprof_hash where $logic $sql_extra and xchan_network = 'zot' and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0 $safesql ");
+				if($r) {
+					$ret['total_items'] = $r[0]['total'];
+				}
+			}
+		}
+	
+		if($sort_order == 'normal') {
+			$order = " order by xchan_name asc ";
+	
+			// Start the alphabetic search at 'A' 
+			// This will make a handful of channels whose names begin with
+			// punctuation un-searchable in this mode
+	
+			$safesql .= " and ascii(substring(xchan_name FROM 1 FOR 1)) > 64 ";
+		}
+		elseif($sort_order == 'reverse')
+			$order = " order by xchan_name desc ";
+		elseif($sort_order == 'reversedate')
+			$order = " order by xchan_name_date asc ";
+		else	
+			$order = " order by xchan_name_date desc ";
+	
+	
+		if($sync) {
+			$spkt = array('transactions' => array());
+			$r = q("select * from updates where ud_date >= '%s' and ud_guid != '' order by ud_date desc",
+				dbesc($sync)
+			);
+			if($r) {
+				foreach($r as $rr) {
+					$flags = array();
+					if($rr['ud_flags'] & UPDATE_FLAGS_DELETED)
+						$flags[] = 'deleted';
+					if($rr['ud_flags'] & UPDATE_FLAGS_FORCED)
+						$flags[] = 'forced';
+	
+					$spkt['transactions'][] = array(
+						'hash' => $rr['ud_hash'],
+						'address' => $rr['ud_addr'],
+						'transaction_id' => $rr['ud_guid'],
+						'timestamp' => $rr['ud_date'],
+						'flags' => $flags
+					);
+				}
+			}
+			$r = q("select * from xlink where xlink_static = 1 and xlink_updated >= '%s' ",
+				dbesc($sync)
+			);
+			if($r) {
+				$spkt['ratings'] = array();
+				foreach($r as $rr) {
+					$spkt['ratings'][] = array(
+						'type' => 'rating', 
+						'encoding' => 'zot',
+						'channel' => $rr['xlink_xchan'],
+						'target' => $rr['xlink_link'],
+						'rating' => intval($rr['xlink_rating']),
+						'rating_text' => $rr['xlink_rating_text'],
+						'signature' => $rr['xlink_sig'],
+						'edited' => $rr['xlink_updated']
+					);
+				}
+			}
+			json_return_and_die($spkt);
+		}
+		else {
+	
+			$r = q("SELECT xchan.*, xprof.* from xchan left join xprof on xchan_hash = xprof_hash 
+				where ( $logic $sql_extra ) $hub_query and xchan_network = 'zot' and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0 
+				$safesql $order $qlimit "
+			);
+	
+	
+	
+			$ret['page'] = $page + 1;
+			$ret['records'] = count($r);		
+		}
+	
+	
+	
+		if($r) {
+	
+			$entries = array();
+	
+			foreach($r as $rr) {
+	
+				$entry = array();
+	
+				$pc = q("select count(xlink_rating) as total_ratings from xlink where xlink_link = '%s' and xlink_rating != 0 and xlink_static = 1 group by xlink_rating",
+					dbesc($rr['xchan_hash'])
+				);
+	
+				if($pc)
+					$entry['total_ratings'] = intval($pc[0]['total_ratings']);
+				else
+					$entry['total_ratings'] = 0;
+	
+				$entry['name']        = $rr['xchan_name'];
+				$entry['hash']        = $rr['xchan_hash'];
+	
+				$entry['public_forum'] = (intval($rr['xchan_pubforum']) ? true : false);
+	
+				$entry['url']         = $rr['xchan_url'];
+				$entry['photo_l']     = $rr['xchan_photo_l'];
+				$entry['photo']       = $rr['xchan_photo_m'];
+				$entry['address']     = $rr['xchan_addr'];
+				$entry['description'] = $rr['xprof_desc'];
+				$entry['locale']      = $rr['xprof_locale'];
+				$entry['region']      = $rr['xprof_region'];
+				$entry['postcode']    = $rr['xprof_postcode'];
+				$entry['country']     = $rr['xprof_country'];
+				$entry['birthday']    = $rr['xprof_dob'];
+				$entry['age']         = $rr['xprof_age'];
+				$entry['gender']      = $rr['xprof_gender'];
+				$entry['marital']     = $rr['xprof_marital'];
+				$entry['sexual']      = $rr['xprof_sexual'];
+				$entry['about']       = $rr['xprof_about'];
+				$entry['homepage']    = $rr['xprof_homepage'];
+				$entry['hometown']    = $rr['xprof_hometown'];
+				$entry['keywords']    = $rr['xprof_keywords'];
+	
+				$entries[] = $entry;
+	
+			}
+	
+			$ret['results'] = $entries;
+			if($kw) {
+				$k = dir_tagadelic($kw);
+				if($k) {
+					$ret['keywords'] = array();
+					foreach($k as $kv) {
+						$ret['keywords'][] = array('term' => $kv[0],'weight' => $kv[1], 'normalise' => $kv[2]);
+					}
+				}
+			}
+		}		
+	
+		json_return_and_die($ret);
+	}
+	
+	function dir_query_build($joiner,$field,$s) {
+		$ret = '';
+		if(trim($s))
+			$ret .= dbesc($joiner) . " " . dbesc($field) . " like '" . protect_sprintf( '%' . dbesc($s) . '%' ) . "' ";
+		return $ret;
+	}
+	
+	function dir_flag_build($joiner,$field,$bit,$s) {
+		return dbesc($joiner) . " ( " . dbesc($field) . " & " . intval($bit) . " ) " . ((intval($s)) ? '>' : '=' ) . " 0 ";
+	}
+	
+	
+	function dir_parse_query($s) {
+	
+		$ret = array();
+		$curr = array();
+		$all = explode(' ',$s);
+		$quoted_string = false;
+	
+		if($all) {
+			foreach($all as $q) {
+				if($quoted_string === false) {
+					if($q === 'and') {
+						$curr['logic'] = 'and';
+						continue;
+					}
+					if($q === 'or') {
+						$curr['logic'] = 'or';
+						continue;
+					}
+					if($q === 'not') {
+						$curr['logic'] .= ' not';
+						continue;
+					}
+					if(strpos($q,'=')) {
+						if(! isset($curr['logic']))
+							$curr['logic'] = 'or';
+						$curr['field'] = trim(substr($q,0,strpos($q,'=')));
+						$curr['value'] = trim(substr($q,strpos($q,'=')+1));
+						if($curr['value'][0] == '"' && $curr['value'][strlen($curr['value'])-1] != '"') {
+							$quoted_string = true;
+							$curr['value'] = substr($curr['value'],1);
+							continue;
+						}
+						elseif($curr['value'][0] == '"' && $curr['value'][strlen($curr['value'])-1] == '"') {
+							$curr['value'] = substr($curr['value'],1,strlen($curr['value'])-2);
+							$ret[] = $curr;
+							$curr = array();
+							continue;
+						}	
+						else {
+							$ret[] = $curr;
+							$curr = array();
+							continue;
+						}
+					}
+				}
+				else {
+					if($q[strlen($q)-1] == '"') {
+						$curr['value'] .= ' ' . str_replace('"','',trim($q));
+						$ret[] = $curr;
+						$curr = array();
+						$quoted_string = false;
+					}
+					else
+						$curr['value'] .= ' ' . trim(q);
+				}
+			}
+		}
+		logger('dir_parse_query:' . print_r($ret,true),LOGGER_DATA);
+		return $ret;
+	}
+	
+		
+	
+	
+	
+	
+	
+	function list_public_sites() {
+	
+		$rand = db_getfunc('rand');
+		$realm = get_directory_realm();
+		if($realm == DIRECTORY_REALM) {
+			$r = q("select * from site where site_access != 0 and site_register !=0 and ( site_realm = '%s' or site_realm = '') and site_type = %d order by $rand",
+				dbesc($realm),
+				intval(SITE_TYPE_ZOT)
+			);
+		}
+		else {
+			$r = q("select * from site where site_access != 0 and site_register !=0 and site_realm = '%s' and site_type = %d order by $rand",
+				dbesc($realm),
+				intval(SITE_TYPE_ZOT)
+			);
+		}
+			
+		$ret = array('success' => false);
+	
+		if($r) {
+			$ret['success'] = true;
+			$ret['sites'] = array();
+			$insecure = array();
+	
+			foreach($r as $rr) {
+				
+				if($rr['site_access'] == ACCESS_FREE)
+					$access = 'free';
+				elseif($rr['site_access'] == ACCESS_PAID)
+					$access = 'paid';
+				elseif($rr['site_access'] == ACCESS_TIERED)
+					$access = 'tiered';
+				else
+					$access = 'private';
+	
+				if($rr['site_register'] == REGISTER_OPEN)
+					$register = 'open';
+				elseif($rr['site_register'] == REGISTER_APPROVE)
+					$register = 'approve';
+				else
+					$register = 'closed';
+	
+				if(strpos($rr['site_url'],'https://') !== false)
+					$ret['sites'][] = array('url' => $rr['site_url'], 'access' => $access, 'register' => $register, 'sellpage' => $rr['site_sellpage'], 'location' => $rr['site_location'], 'project' => $rr['site_project']);
+				else
+					$insecure[] = array('url' => $rr['site_url'], 'access' => $access, 'register' => $register, 'sellpage' => $rr['site_sellpage'], 'location' => $rr['site_location'], 'project' => $rr['site_project']);
+			}
+			if($insecure) {
+				$ret['sites'] = array_merge($ret['sites'],$insecure);
+			}
+		}
+		return $ret;
+	}		
+	
+}

Zotlabs/Module/Display.php

@@ -0,0 +1,343 @@
+<?php
+namespace Zotlabs\Module;
+
+
+
+class Display extends \Zotlabs\Web\Controller {
+
+	function get($update = 0, $load = false) {
+	
+		$checkjs = new \Zotlabs\Web\CheckJS(1);
+	
+		if($load)
+			$_SESSION['loadtime'] = datetime_convert();
+	
+	
+		if(observer_prohibited()) {
+			notice( t('Public access denied.') . EOL);
+			return;
+		}
+	
+		require_once("include/bbcode.php");
+		require_once('include/security.php');
+		require_once('include/conversation.php');
+		require_once('include/acl_selectors.php');
+		require_once('include/items.php');
+	
+	
+		\App::$page['htmlhead'] .= replace_macros(get_markup_template('display-head.tpl'), array());
+	
+		if(argc() > 1 && argv(1) !== 'load')
+			$item_hash = argv(1);
+	
+	
+		if($_REQUEST['mid'])
+			$item_hash = $_REQUEST['mid'];
+	
+	
+		if(! $item_hash) {
+			\App::$error = 404;
+			notice( t('Item not found.') . EOL);
+			return;
+		}
+	
+		$observer_is_owner = false;
+	
+	
+		if(local_channel() && (! $update)) {
+	
+			$channel = \App::get_channel();
+	
+	
+			$channel_acl = array(
+				'allow_cid' => $channel['channel_allow_cid'], 
+				'allow_gid' => $channel['channel_allow_gid'], 
+				'deny_cid' => $channel['channel_deny_cid'], 
+				'deny_gid' => $channel['channel_deny_gid']
+			); 
+	
+	
+			$x = array(
+				'is_owner' => true,
+				'allow_location' => ((intval(get_pconfig($channel['channel_id'],'system','use_browser_location'))) ? '1' : ''),
+				'default_location' => $channel['channel_location'],
+				'nickname' => $channel['channel_address'],
+				'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
+	
+				'acl' => populate_acl($channel_acl),
+				'bang' => '',
+				'visitor' => true,
+				'profile_uid' => local_channel(),
+				'return_path' => 'channel/' . $channel['channel_address'],
+				'expanded' => true,
+				'editor_autocomplete' => true,
+				'bbco_autocomplete' => 'bbcode',
+				'bbcode' => true
+			);
+	
+			$o = '<div id="jot-popup">';
+			$o .= status_editor($a,$x);
+			$o .= '</div>';
+	
+		}
+	
+		// This page can be viewed by anybody so the query could be complicated
+		// First we'll see if there is a copy of the item which is owned by us - if we're logged in locally.
+		// If that fails (or we aren't logged in locally), 
+		// query an item in which the observer (if logged in remotely) has cid or gid rights
+		// and if that fails, look for a copy of the post that has no privacy restrictions.  
+		// If we find the post, but we don't find a copy that we're allowed to look at, this fact needs to be reported.
+	
+		// find a copy of the item somewhere
+	
+		$target_item = null;
+	
+		$r = q("select id, uid, mid, parent_mid, item_type, item_deleted from item where mid like '%s' limit 1",
+			dbesc($item_hash . '%')
+		);
+	
+		if($r) {
+			$target_item = $r[0];
+		}
+	
+		$r = null;
+	
+		if($target_item['item_type']  == ITEM_TYPE_WEBPAGE) {
+			$x = q("select * from channel where channel_id = %d limit 1",
+				intval($target_item['uid'])
+			);
+			$y = q("select * from iconfig left join item on iconfig.iid = item.id 
+				where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'WEBPAGE' and item.id = %d limit 1",
+				intval($target_item['uid']),
+				intval($target_item['id'])
+			);
+			if($x && $y) {
+				goaway(z_root() . '/page/' . $x[0]['channel_address'] . '/' . $y[0]['v']);
+			}
+			else {
+				notice( t('Page not found.') . EOL);
+			 	return '';
+			}
+		}
+	
+	
+		$simple_update = (($update) ? " AND item_unseen = 1 " : '');
+			
+		if($update && $_SESSION['loadtime'])
+			$simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' )  OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) ";
+		if($load)
+			$simple_update = '';
+	
+	
+	
+		if((! $update) && (! $load)) {
+	
+	
+			$o .= '<div id="live-display"></div>' . "\r\n";
+			$o .= "<script> var profile_uid = " . ((intval(local_channel())) ? local_channel() : (-1))
+				. "; var netargs = '?f='; var profile_page = " . \App::$pager['page'] . "; </script>\r\n";
+	
+			\App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),array(
+				'$baseurl' => z_root(),
+				'$pgtype' => 'display',
+				'$uid' => '0',
+				'$gid' => '0',
+				'$cid' => '0',
+				'$cmin' => '0',
+				'$cmax' => '99',
+				'$star' => '0',
+				'$liked' => '0',
+				'$conv' => '0',
+				'$spam' => '0',
+				'$fh' => '0',
+				'$nouveau' => '0',
+				'$wall' => '0',
+				'$page' => ((\App::$pager['page'] != 1) ? \App::$pager['page'] : 1),
+				'$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0),
+				'$search' => '',
+				'$order' => '',
+				'$file' => '',
+				'$cats' => '',
+				'$tags' => '',
+				'$dend' => '',
+				'$dbegin' => '',
+				'$verb' => '',
+				'$mid' => $item_hash
+			));
+	
+	
+		}
+	
+		$observer_hash = get_observer_hash();
+		$item_normal = item_normal();
+	
+		$sql_extra = public_permissions_sql($observer_hash);
+	
+		if(($update && $load) || ($checkjs->disabled())) {
+	
+			$updateable = false;
+	
+			$pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(\App::$pager['itemspage']),intval(\App::$pager['start']));
+	
+			if($load || ($checkjs->disabled())) {
+				$r = null;
+	
+				require_once('include/channel.php');
+				$sys = get_sys_channel();
+				$sysid = $sys['channel_id'];
+	
+				if(local_channel()) {
+					$r = q("SELECT * from item
+						WHERE uid = %d
+						and mid = '%s'
+						$item_normal
+						limit 1",
+						intval(local_channel()),
+						dbesc($target_item['parent_mid'])
+					);
+					if($r) {
+						$updateable = true;
+	
+					}
+	
+				}
+				if($r === null) {
+	
+					// in case somebody turned off public access to sys channel content using permissions
+					// make that content unsearchable by ensuring the owner_xchan can't match
+	
+					if(! perm_is_allowed($sysid,$observer_hash,'view_stream'))
+						$sysid = 0;
+	
+	
+					$r = q("SELECT * from item
+						WHERE mid = '%s'
+						AND (((( `item`.`allow_cid` = ''  AND `item`.`allow_gid` = '' AND `item`.`deny_cid`  = '' 
+						AND `item`.`deny_gid`  = '' AND item_private = 0 ) 
+						and owner_xchan in ( " . stream_perms_xchans(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " ))
+						OR uid = %d )
+						$sql_extra )
+						$item_normal
+						limit 1",
+						dbesc($target_item['parent_mid']),
+						intval($sysid)
+					);
+	
+				}
+			}
+		}
+	
+		elseif($update && !$load) {
+			$r = null;
+	
+			require_once('include/channel.php');
+			$sys = get_sys_channel();
+			$sysid = $sys['channel_id'];
+	
+			if(local_channel()) {
+				$r = q("SELECT * from item
+					WHERE uid = %d
+					and mid = '%s'
+					$item_normal
+					$simple_update
+					limit 1",
+					intval(local_channel()),
+					dbesc($target_item['parent_mid'])
+				);
+				if($r) {
+					$updateable = true;
+				}
+			}
+			if($r === null) {
+				// in case somebody turned off public access to sys channel content using permissions
+				// make that content unsearchable by ensuring the owner_xchan can't match
+				if(! perm_is_allowed($sysid,$observer_hash,'view_stream'))
+					$sysid = 0;
+	
+				$r = q("SELECT * from item
+					WHERE mid = '%s'
+					AND (((( `item`.`allow_cid` = ''  AND `item`.`allow_gid` = '' AND `item`.`deny_cid`  = '' 
+					AND `item`.`deny_gid`  = '' AND item_private = 0 ) 
+					and owner_xchan in ( " . stream_perms_xchans(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " ))
+					OR uid = %d )
+					$sql_extra )
+					$item_normal
+					$simple_update
+					limit 1",
+					dbesc($target_item['parent_mid']),
+					intval($sysid)
+				);
+			}
+			$_SESSION['loadtime'] = datetime_convert();
+		}
+	
+		else {
+			$r = array();
+		}
+	
+		if($r) {
+	
+			$parents_str = ids_to_querystr($r,'id');
+			if($parents_str) {
+	
+				$items = q("SELECT `item`.*, `item`.`id` AS `item_id` 
+					FROM `item`
+					WHERE parent in ( %s ) $item_normal ",
+					dbesc($parents_str)
+				);
+	
+				xchan_query($items);
+				$items = fetch_post_tags($items,true);
+				$items = conv_sort($items,'created');
+			}
+		} else {
+			$items = array();
+		}
+	
+	
+		if ($checkjs->disabled()) {
+			$o .= conversation($a, $items, 'display', $update, 'traditional');
+			if ($items[0]['title'])
+				\App::$page['title'] = $items[0]['title'] . " - " . \App::$page['title'];
+		} 
+		else {
+			$o .= conversation($a, $items, 'display', $update, 'client');
+		}
+	
+		if($updateable) {
+			$x = q("UPDATE item SET item_unseen = 0 where item_unseen = 1 AND uid = %d and parent = %d ",
+				intval(local_channel()),
+				intval($r[0]['parent'])
+			);
+		}
+	
+		$o .= '<div id="content-complete"></div>';
+	
+		return $o;
+	
+	
+	/*
+		elseif((! $update) && (!  {
+			
+			$r = q("SELECT `id`, item_flags FROM `item` WHERE `id` = '%s' OR `mid` = '%s' LIMIT 1",
+				dbesc($item_hash),
+				dbesc($item_hash)
+			);
+			if($r) {
+				if(intval($r[0]['item_deleted'])) {
+					notice( t('Item has been removed.') . EOL );
+				}
+				else {	
+					notice( t('Permission denied.') . EOL ); 
+				}
+			}
+			else {
+				notice( t('Item not found.') . EOL );
+			}
+	
+		}
+	*/
+	}
+	
+	
+}

Zotlabs/Module/Dreport.php

@@ -0,0 +1,170 @@
+<?php
+namespace Zotlabs\Module;
+
+
+class Dreport extends \Zotlabs\Web\Controller {
+
+	function get() {
+	
+		if(! local_channel()) {
+			notice( t('Permission denied') . EOL);
+			return;
+		}
+	
+		$table = 'item';
+	
+		$channel = \App::get_channel();
+		
+		$mid = ((argc() > 1) ? argv(1) : '');
+
+		if($mid === 'push') {
+			$table = 'push';
+			$mid = ((argc() > 2) ? argv(2) : '');
+			if($mid) {	
+				$i = q("select id from item where mid = '%s' and author_xchan = '%s' and uid = %d",
+					dbesc($mid),
+					dbesc($channel['channel_hash']),
+					intval($channel['channel_id'])
+				);
+				if($i) {
+					\Zotlabs\Daemon\Master::Summon([ 'Notifier', 'edit_post', $i[0]['id'] ]);
+				}
+			}
+			sleep(3);
+			goaway(z_root() . '/dreport/' . urlencode($mid));
+		}
+
+		if($mid === 'mail') {
+			$table = 'mail';
+			$mid = ((argc() > 2) ? argv(2) : '');
+		}
+	
+	
+		if(! $mid) {
+			notice( t('Invalid message') . EOL);
+			return;
+		}
+	
+		switch($table) {
+			case 'item':
+				$i = q("select id from item where mid = '%s' and author_xchan = '%s' ",
+					dbesc($mid),
+					dbesc($channel['channel_hash'])
+				);
+				break;
+			case 'mail':
+				$i = q("select id from mail where mid = '%s' and from_xchan = '%s'",
+					dbesc($mid),
+					dbesc($channel['channel_hash'])
+				);
+				break;
+			default:
+				break;
+		}
+	
+		if(! $i) {
+			notice( t('Permission denied') . EOL);
+			return;
+		}
+		
+		$r = q("select * from dreport where dreport_xchan = '%s' and dreport_mid = '%s'",
+			dbesc($channel['channel_hash']),
+			dbesc($mid)
+		);
+	
+		if(! $r) {
+			notice( t('no results') . EOL);
+			return;
+		}
+		
+		for($x = 0; $x < count($r); $x++ ) {
+			$r[$x]['name'] = escape_tags(substr($r[$x]['dreport_recip'],strpos($r[$x]['dreport_recip'],' ')));
+	
+			// This has two purposes: 1. make the delivery report strings translateable, and
+			// 2. assign an ordering to item delivery results so we can group them and provide
+			// a readable report with more interesting events listed toward the top and lesser
+			// interesting items towards the bottom
+	
+			switch($r[$x]['dreport_result']) {
+				case 'channel sync processed':
+					$r[$x]['gravity'] = 0;
+					$r[$x]['dreport_result'] = t('channel sync processed');
+					break;
+				case 'queued':
+					$r[$x]['gravity'] = 2;
+					$r[$x]['dreport_result'] = t('queued');
+					break;
+				case 'posted':
+					$r[$x]['gravity'] = 3;
+					$r[$x]['dreport_result'] = t('posted');
+					break;
+				case 'accepted for delivery':
+					$r[$x]['gravity'] = 4;
+					$r[$x]['dreport_result'] = t('accepted for delivery');
+					break;
+				case 'updated':
+					$r[$x]['gravity'] = 5;
+					$r[$x]['dreport_result'] = t('updated');
+				case 'update ignored':
+					$r[$x]['gravity'] = 6;
+					$r[$x]['dreport_result'] = t('update ignored');
+					break;
+				case 'permission denied':
+					$r[$x]['dreport_result'] = t('permission denied');
+					$r[$x]['gravity'] = 6;
+					break;
+				case 'recipient not found':
+					$r[$x]['dreport_result'] = t('recipient not found');
+					break;
+				case 'mail recalled':
+					$r[$x]['dreport_result'] = t('mail recalled');
+					break;
+				case 'duplicate mail received':
+					$r[$x]['dreport_result'] = t('duplicate mail received');
+					break;
+				case 'mail delivered':
+					$r[$x]['dreport_result'] = t('mail delivered');
+					break;
+				default:
+					$r[$x]['gravity'] = 1;
+					break;
+			}
+		}
+	
+		usort($r,'self::dreport_gravity_sort');
+
+		$entries = array();
+		foreach($r as $rr) {
+			$entries[] = [ 
+				'name' => $rr['name'],					
+				'result' => escape_tags($rr['dreport_result']),
+				'time' => escape_tags(datetime_convert('UTC',date_default_timezone_get(),$rr['dreport_time']))
+			];
+		}
+
+		$o = replace_macros(get_markup_template('dreport.tpl'), array(
+			'$title' => sprintf( t('Delivery report for %1$s'),substr($mid,0,32)) . '...',
+			'$table' => $table,
+			'$mid' => urlencode($mid),
+			'$options' => t('Options'),
+			'$push' => t('Redeliver'),
+			'$entries' => $entries
+		));
+	
+	
+		return $o;
+	
+	
+	
+	}
+	
+	private static function dreport_gravity_sort($a,$b) {
+		if($a['gravity'] == $b['gravity']) {
+			if($a['name'] === $b['name'])
+				return strcmp($a['dreport_time'],$b['dreport_time']);
+			return strcmp($a['name'],$b['name']);
+		}
+		return (($a['gravity'] > $b['gravity']) ? 1 : (-1));
+	}
+	
+}

Zotlabs/Module/Editblock.php

@@ -0,0 +1,143 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/channel.php');
+require_once('include/acl_selectors.php');
+require_once('include/conversation.php');
+
+class Editblock extends \Zotlabs\Web\Controller {
+
+	function init() {
+
+		if(argc() > 1 && argv(1) === 'sys' && is_site_admin()) {
+			$sys = get_sys_channel();
+			if($sys && intval($sys['channel_id'])) {
+				\App::$is_sys = true;
+			}
+		}
+
+		if(argc() > 1)
+			$which = argv(1);
+		else
+			return;
+
+		profile_load($which);
+
+	}
+
+	function get() {
+
+		if(! \App::$profile) {
+			notice( t('Requested profile is not available.') . EOL );
+			\App::$error = 404;
+			return;
+		}
+
+		$which = argv(1);
+
+		$uid = local_channel();
+		$owner = 0;
+		$channel = null;
+		$observer = \App::get_observer();
+
+		$channel = \App::get_channel();
+
+		if(\App::$is_sys && is_site_admin()) {
+			$sys = get_sys_channel();
+			if($sys && intval($sys['channel_id'])) {
+				$uid = $owner = intval($sys['channel_id']);
+				$channel = $sys;
+				$observer = $sys;
+			}
+		}
+
+		if(! $owner) {
+			// Figure out who the page owner is.
+			$r = q("select channel_id from channel where channel_address = '%s'",
+				dbesc($which)
+			);
+			if($r) {
+				$owner = intval($r[0]['channel_id']);
+			}
+		}
+
+		$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
+
+		if(! perm_is_allowed($owner,$ob_hash,'write_pages')) {
+			notice( t('Permission denied.') . EOL);
+			return;
+		}
+
+		$is_owner = (($uid && $uid == $owner) ? true : false);
+
+		$o = '';
+
+		// Figure out which post we're editing
+		$post_id = ((argc() > 2) ? intval(argv(2)) : 0);
+
+		if(! ($post_id && $owner)) {
+			notice( t('Item not found') . EOL);
+			return;
+		}
+
+		$itm = q("SELECT * FROM `item` WHERE `id` = %d and uid = %s LIMIT 1",
+			intval($post_id),
+			intval($owner)
+		);
+		if($itm) {
+			$item_id = q("select * from iconfig where cat = 'system' and k = 'BUILDBLOCK' and iid = %d limit 1",
+				intval($itm[0]['id'])
+			);
+			if($item_id)
+				$block_title = $item_id[0]['v'];
+		}
+		else {
+			notice( t('Item not found') . EOL);
+			return;
+		}
+
+		$mimetype = $itm[0]['mimetype'];
+
+		$rp = 'blocks/' . $channel['channel_address'];
+
+		$x = array(
+			'nickname' => $channel['channel_address'],
+			'bbco_autocomplete'=> (($mimetype  == 'text/bbcode') ? 'bbcode' : 'comanche-block'),
+			'return_path' => $rp,
+			'webpage' => ITEM_TYPE_BLOCK,
+			'ptlabel' => t('Block Name'),
+			'button' => t('Edit'),
+			'writefiles' => (($mimetype  == 'text/bbcode') ? perm_is_allowed($owner, get_observer_hash(), 'write_storage') : false),
+			'weblink' => (($mimetype  == 'text/bbcode') ? t('Insert web link') : false),
+			'hide_voting' => true,
+			'hide_future' => true,
+			'hide_location' => true,
+			'hide_expire' => true,
+			'showacl' => false,
+			'ptyp' => $itm[0]['type'],
+			'mimeselect' => true,
+			'mimetype' => $itm[0]['mimetype'],
+			'body' => undo_post_tagging($itm[0]['body']),
+			'post_id' => $post_id,
+			'visitor' => true,
+			'title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'),
+			'placeholdertitle' => t('Title (optional)'),
+			'pagetitle' => $block_title,
+			'profile_uid' => (intval($channel['channel_id'])),
+			'bbcode' => (($mimetype  == 'text/bbcode') ? true : false)
+		);
+
+		$editor = status_editor($a, $x);
+
+		$o .= replace_macros(get_markup_template('edpost_head.tpl'), array(
+			'$title' => t('Edit Block'),
+			'$delete' => ((($itm[0]['author_xchan'] === $ob_hash) || ($itm[0]['owner_xchan'] === $ob_hash)) ? t('Delete') : false),
+			'$id' => $itm[0]['id'],
+			'$editor' => $editor
+		));
+
+		return $o;
+
+	}
+
+}

Zotlabs/Module/Editlayout.php

@@ -0,0 +1,146 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/channel.php');
+require_once('include/acl_selectors.php');
+require_once('include/conversation.php');
+
+class Editlayout extends \Zotlabs\Web\Controller {
+
+	function init() {
+
+		if(argc() > 1 && argv(1) === 'sys' && is_site_admin()) {
+			$sys = get_sys_channel();
+			if($sys && intval($sys['channel_id'])) {
+				\App::$is_sys = true;
+			}
+		}
+
+		if(argc() > 1)
+			$which = argv(1);
+		else
+			return;
+
+		profile_load($which);
+
+	}
+
+	function get() {
+
+		if(! \App::$profile) {
+			notice( t('Requested profile is not available.') . EOL );
+			\App::$error = 404;
+			return;
+		}
+
+		$which = argv(1);
+
+		$uid = local_channel();
+		$owner = 0;
+		$channel = null;
+		$observer = \App::get_observer();
+
+		$channel = \App::get_channel();
+
+		if(\App::$is_sys && is_site_admin()) {
+			$sys = get_sys_channel();
+			if($sys && intval($sys['channel_id'])) {
+				$uid = $owner = intval($sys['channel_id']);
+				$channel = $sys;
+				$observer = $sys;
+			}
+		}
+
+		if(! $owner) {
+			// Figure out who the page owner is.
+			$r = q("select channel_id from channel where channel_address = '%s'",
+				dbesc($which)
+			);
+			if($r) {
+				$owner = intval($r[0]['channel_id']);
+			}
+		}
+
+		$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
+
+		if(! perm_is_allowed($owner,$ob_hash,'write_pages')) {
+			notice( t('Permission denied.') . EOL);
+			return;
+		}
+
+		$is_owner = (($uid && $uid == $owner) ? true : false);
+
+		$o = '';
+
+		// Figure out which post we're editing
+		$post_id = ((argc() > 2) ? intval(argv(2)) : 0);
+
+		if(! $post_id) {
+			notice( t('Item not found') . EOL);
+			return;
+		}
+
+		// Now we've got a post and an owner, let's find out if we're allowed to edit it
+
+		$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
+
+		$perms = get_all_perms($owner,$ob_hash);
+
+		if(! $perms['write_pages']) {
+			notice( t('Permission denied.') . EOL);
+			return;
+		}
+
+		$itm = q("SELECT * FROM `item` WHERE `id` = %d and uid = %s LIMIT 1",
+			intval($post_id),
+			intval($owner)
+		);
+
+		$item_id = q("select * from iconfig where cat = 'system' and k = 'PDL' and iid = %d limit 1",
+			intval($itm[0]['id'])
+		);
+		if($item_id)
+			$layout_title = $item_id[0]['v'];
+
+
+		$rp = 'layouts/' . $which;
+
+		$x = array(
+			'webpage' => ITEM_TYPE_PDL,
+			'nickname' => $channel['channel_address'],
+			'editor_autocomplete'=> true,
+			'bbco_autocomplete'=> 'comanche',
+			'return_path' => $rp,
+			'button' => t('Edit'),
+			'hide_voting' => true,
+			'hide_future' => true,
+			'hide_expire' => true,
+			'hide_location' => true,
+			'hide_weblink' => true,
+			'hide_attach' => true,
+			'hide_preview' => true,
+			'ptyp' => $itm[0]['obj_type'],
+			'body' => undo_post_tagging($itm[0]['body']),
+			'post_id' => $post_id,
+			'title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'),
+			'pagetitle' => $layout_title,
+			'ptlabel' => t('Layout Name'),
+			'placeholdertitle' => t('Layout Description (Optional)'),
+			'showacl' => false,
+			'profile_uid' => intval($owner),
+		);
+
+		$editor = status_editor($a, $x);
+
+		$o .= replace_macros(get_markup_template('edpost_head.tpl'), array(
+			'$title' => t('Edit Layout'),
+			'$delete' => ((($itm[0]['author_xchan'] === $ob_hash) || ($itm[0]['owner_xchan'] === $ob_hash)) ? t('Delete') : false),
+			'$id' => $itm[0]['id'],
+			'$editor' => $editor
+		));
+
+		return $o;
+
+	}
+
+}

Zotlabs/Module/Editpost.php

@@ -0,0 +1,114 @@
+<?php
+namespace Zotlabs\Module; /** @file */
+
+require_once('include/acl_selectors.php');
+require_once('include/crypto.php');
+require_once('include/items.php');
+require_once('include/taxonomy.php');
+require_once('include/conversation.php');
+
+class Editpost extends \Zotlabs\Web\Controller {
+
+	function get() {
+
+		$o = '';
+
+		if(! local_channel()) {
+			notice( t('Permission denied.') . EOL);
+			return;
+		}
+
+		$post_id = ((argc() > 1) ? intval(argv(1)) : 0);
+
+		if(! $post_id) {
+			notice( t('Item not found') . EOL);
+			return;
+		}
+
+		$itm = q("SELECT * FROM `item` WHERE `id` = %d AND ( owner_xchan = '%s' OR author_xchan = '%s' ) LIMIT 1",
+			intval($post_id),
+			dbesc(get_observer_hash()),
+			dbesc(get_observer_hash())
+		);
+
+		if(! count($itm)) {
+			notice( t('Item is not editable') . EOL);
+			return;
+		}
+
+		if($itm[0]['resource_type'] === 'event' && $itm[0]['resource_id']) {
+			goaway(z_root() . '/events/' . $itm[0]['resource_id'] . '?expandform=1');
+		}
+
+		$owner_uid = $itm[0]['uid'];
+
+		$channel = \App::get_channel();
+
+		if(intval($itm[0]['item_obscured'])) {
+			$key = get_config('system','prvkey');
+			if($itm[0]['title'])
+				$itm[0]['title'] = crypto_unencapsulate(json_decode_plus($itm[0]['title']),$key);
+			if($itm[0]['body'])
+				$itm[0]['body'] = crypto_unencapsulate(json_decode_plus($itm[0]['body']),$key);
+		}
+
+		$category = '';
+		$catsenabled = ((feature_enabled($owner_uid,'categories')) ? 'categories' : '');
+
+		if ($catsenabled){
+		        $itm = fetch_post_tags($itm);
+	
+	                $cats = get_terms_oftype($itm[0]['term'], TERM_CATEGORY);
+	
+		        foreach ($cats as $cat) {
+		                if (strlen($category))
+		                        $category .= ', ';
+		                $category .= $cat['term'];
+		        }
+		}
+
+		if($itm[0]['attach']) {
+			$j = json_decode($itm[0]['attach'],true);
+			if($j) {
+				foreach($j as $jj) {
+					$itm[0]['body'] .= "\n" . '[attachment]' . basename($jj['href']) . ',' . $jj['revision'] . '[/attachment]' . "\n";
+				}
+			}
+		}
+
+		$x = array(
+			'nickname' => $channel['channel_address'],
+			'editor_autocomplete'=> true,
+			'bbco_autocomplete'=> 'bbcode',
+			'return_path' => $_SESSION['return_url'],
+			'button' => t('Edit'),
+			'hide_voting' => true,
+			'hide_future' => true,
+			'hide_location' => true,
+			'mimetype' => $itm[0]['mimetype'],
+			'ptyp' => $itm[0]['obj_type'],
+			'body' => htmlspecialchars_decode(undo_post_tagging($itm[0]['body']),ENT_COMPAT),
+			'post_id' => $post_id,
+			'defloc' => $channel['channel_location'],
+			'visitor' => true,
+			'title' => htmlspecialchars_decode($itm[0]['title'],ENT_COMPAT),
+			'category' => $category,
+			'showacl' => false,
+			'profile_uid' => $owner_uid,
+			'catsenabled' => $catsenabled,
+			'hide_expire' => true,
+			'bbcode' => true
+		);
+
+		$editor = status_editor($a, $x);
+
+		$o .= replace_macros(get_markup_template('edpost_head.tpl'), array(
+			'$title' => t('Edit post'),
+			'$editor' => $editor
+		));
+
+		return $o;
+
+	}
+
+}

Zotlabs/Module/Editwebpage.php

@@ -0,0 +1,178 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/channel.php');
+require_once('include/acl_selectors.php');
+require_once('include/conversation.php');
+
+
+class Editwebpage extends \Zotlabs\Web\Controller {
+
+	function init() {
+
+		if(argc() > 1 && argv(1) === 'sys' && is_site_admin()) {
+			$sys = get_sys_channel();
+			if($sys && intval($sys['channel_id'])) {
+				\App::$is_sys = true;
+			}
+		}
+
+		if(argc() > 1)
+			$which = argv(1);
+		else
+			return;
+
+		profile_load($which);
+
+	}
+
+	function get() {
+
+		if(! \App::$profile) {
+			notice( t('Requested profile is not available.') . EOL );
+			\App::$error = 404;
+			return;
+		}
+
+		$which = argv(1);
+
+		$uid = local_channel();
+		$owner = 0;
+		$channel = null;
+		$observer = \App::get_observer();
+
+		$channel = \App::get_channel();
+
+		if(\App::$is_sys && is_site_admin()) {
+			$sys = get_sys_channel();
+			if($sys && intval($sys['channel_id'])) {
+				$uid = $owner = intval($sys['channel_id']);
+				$channel = $sys;
+				$observer = $sys;
+			}
+		}
+
+		if(! $owner) {
+			// Figure out who the page owner is.
+			$r = q("select channel_id from channel where channel_address = '%s'",
+				dbesc($which)
+			);
+			if($r) {
+				$owner = intval($r[0]['channel_id']);
+			}
+		}
+
+		$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
+
+		if(! perm_is_allowed($owner,$ob_hash,'write_pages')) {
+			notice( t('Permission denied.') . EOL);
+			return;
+		}
+
+		$is_owner = (($uid && $uid == $owner) ? true : false);
+
+		$o = '';
+
+		// Figure out which post we're editing
+		$post_id = ((argc() > 2) ? intval(argv(2)) : 0);
+	
+		if(! $post_id) {
+			notice( t('Item not found') . EOL);
+			return;
+		}
+
+		$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
+
+		$perms = get_all_perms($owner,$ob_hash);
+
+		if(! $perms['write_pages']) {
+			notice( t('Permission denied.') . EOL);
+			return;
+		}
+
+		// We've already figured out which item we want and whose copy we need, 
+		// so we don't need anything fancy here
+
+		$sql_extra = item_permissions_sql($owner);
+
+		$itm = q("SELECT * FROM `item` WHERE `id` = %d and uid = %s $sql_extra LIMIT 1",
+			intval($post_id),
+			intval($owner)
+		);
+
+		if(! $itm) {
+			notice( t('Permission denied.') . EOL);
+			return;
+		}
+
+		if(intval($itm[0]['item_obscured'])) {
+			$key = get_config('system','prvkey');
+			if($itm[0]['title'])
+				$itm[0]['title'] = crypto_unencapsulate(json_decode_plus($itm[0]['title']),$key);
+			if($itm[0]['body'])
+				$itm[0]['body'] = crypto_unencapsulate(json_decode_plus($itm[0]['body']),$key);
+		}
+
+		$item_id = q("select * from iconfig where cat = 'system' and k = 'WEBPAGE' and iid = %d limit 1",
+			intval($itm[0]['id'])
+		);
+		if($item_id)
+			$page_title = $item_id[0]['v'];
+
+		$mimetype = $itm[0]['mimetype'];
+
+		if($mimetype === 'application/x-php') {
+			if((! $uid) || ($uid != $itm[0]['uid'])) {
+				notice( t('Permission denied.') . EOL);
+				return;
+			}
+		}
+	
+		$layout = $itm[0]['layout_mid'];
+	
+		$tpl = get_markup_template("jot.tpl");
+
+		$rp = 'webpages/' . $which;
+
+		$x = array(
+			'nickname' => $channel['channel_address'],
+			'bbco_autocomplete'=> (($mimetype  == 'text/bbcode') ? 'bbcode' : ''),
+			'return_path' => $rp,
+			'webpage' => ITEM_TYPE_WEBPAGE,
+			'ptlabel' => t('Page link'),
+			'pagetitle' => $page_title,
+			'writefiles' => (($mimetype  == 'text/bbcode') ? perm_is_allowed($owner, get_observer_hash(), 'write_storage') : false),
+			'button' => t('Edit'),
+			'weblink' => (($mimetype  == 'text/bbcode') ? t('Insert web link') : false),
+			'hide_location' => true,
+			'hide_voting' => true,
+			'ptyp' => $itm[0]['type'],
+			'body' => undo_post_tagging($itm[0]['body']),
+			'post_id' => $post_id,
+			'visitor' => ($is_owner) ? true : false,
+			'acl' => populate_acl($itm[0],false,\Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_pages')),
+			'showacl' => ($is_owner) ? true : false,
+			'mimetype' => $mimetype,
+			'mimeselect' => true,
+			'layout' => $layout,
+			'layoutselect' => true,
+			'title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'),
+			'lockstate' => (((strlen($itm[0]['allow_cid'])) || (strlen($itm[0]['allow_gid'])) || (strlen($itm[0]['deny_cid'])) || (strlen($itm[0]['deny_gid']))) ? 'lock' : 'unlock'),
+			'profile_uid' => (intval($owner)),
+			'bbcode' => (($mimetype  == 'text/bbcode') ? true : false)
+		);
+
+		$editor = status_editor($a, $x);
+
+		$o .= replace_macros(get_markup_template('edpost_head.tpl'), array(
+			'$title' => t('Edit Webpage'),
+			'$delete' => ((($itm[0]['author_xchan'] === $ob_hash) || ($itm[0]['owner_xchan'] === $ob_hash)) ? t('Delete') : false),
+			'$editor' => $editor,
+			'$id' => $itm[0]['id']
+		));
+
+		return $o;
+
+	}
+
+}

Zotlabs/Module/Embedphotos.php

@@ -0,0 +1,180 @@
+<?php
+namespace Zotlabs\Module;
+
+/**
+ *
+ * This is the POST destination for the embedphotos button
+ *
+ */  
+
+
+class Embedphotos extends \Zotlabs\Web\Controller {
+
+	function get() {
+		
+	}
+
+	function post() {
+		
+    if (argc() > 1 && argv(1) === 'album') {
+        // API: /embedphotos/album
+        $name = (x($_POST,'name') ? $_POST['name'] : null );
+        if (!$name) {
+            json_return_and_die(array('errormsg' => 'Error retrieving album', 'status' => false));
+        }
+        $album = $this->embedphotos_widget_album(array('channel' => \App::get_channel(), 'album' => $name));
+        json_return_and_die(array('status' => true, 'content' => $album));
+
+    }
+    if (argc() > 1 && argv(1) === 'albumlist') {
+        // API: /embedphotos/albumlist
+        $album_list = $this->embedphotos_album_list($a);
+        json_return_and_die(array('status' => true, 'albumlist' => $album_list));
+
+    }
+    if (argc() > 1 && argv(1) === 'photolink') {
+        // API: /embedphotos/photolink
+        $href = (x($_POST,'href') ? $_POST['href'] : null );
+        if (!$href) {
+            json_return_and_die(array('errormsg' => 'Error retrieving link ' . $href, 'status' => false));
+        }
+        $resource_id = array_pop(explode("/", $href));
+        $r = q("SELECT obj from item where resource_type = 'photo' and resource_id = '%s' limit 1",
+			dbesc($resource_id)
+		);
+        if(!$r) {
+            json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false));
+        }
+        $obj = json_decode($r[0]['obj'], true);
+        if(x($obj,'body')) {
+            $photolink = $obj['body'];
+        } elseif (x($obj,'bbcode')) {
+            $photolink = $obj['bbcode'];
+        } else {
+            json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false));
+        }
+        json_return_and_die(array('status' => true, 'photolink' => $photolink));
+
+    }
+	}
+	
+	
+/**
+ * Copied from include/widgets.php::widget_album() with a modification to get the profile_uid from
+ * the input array as in widget_item()
+ * @param type $name
+ * @return string
+ */
+function embedphotos_widget_album($args) {
+
+    $channel_id = 0;
+    if(array_key_exists('channel',$args))
+            $channel = $args['channel'];
+            $channel_id = intval($channel['channel_id']);
+    if(! $channel_id)
+            $channel_id = \App::$profile_uid;
+    if(! $channel_id)
+            return '';
+		$owner_uid = $channel_id;
+    require_once('include/security.php');
+    $sql_extra = permissions_sql($channel_id);
+
+    if(! perm_is_allowed($channel_id,get_observer_hash(),'view_storage'))
+            return '';
+
+    if($args['album'])
+            $album = $args['album'];
+    if($args['title'])
+            $title = $args['title'];
+
+		/** 
+		 * This may return incorrect permissions if you have multiple directories of the same name.
+		 * It is a limitation of the photo table using a name for a photo album instead of a folder hash
+		 */
+
+		if($album) {
+			$x = q("select hash from attach where filename = '%s' and uid = %d limit 1",
+				dbesc($album),
+				intval($owner_uid)
+			);
+			if($x) {
+				$y = attach_can_view_folder($owner_uid,get_observer_hash(),$x[0]['hash']);
+				if(! $y)
+					return '';
+			}
+		}
+
+		$order = 'DESC';
+
+		$r = q("SELECT p.resource_id, p.id, p.filename, p.mimetype, p.imgscale, p.description, p.created FROM photo p INNER JOIN
+				(SELECT resource_id, max(imgscale) imgscale FROM photo WHERE uid = %d AND album = '%s' AND imgscale <= 4 AND photo_usage IN ( %d, %d ) $sql_extra GROUP BY resource_id) ph 
+				ON (p.resource_id = ph.resource_id AND p.imgscale = ph.imgscale)
+			ORDER BY created $order",
+			intval($owner_uid),
+			dbesc($album),
+			intval(PHOTO_NORMAL),
+			intval(PHOTO_PROFILE)
+		);
+
+		$photos = array();
+			if(count($r)) {
+				$twist = 'rotright';
+				foreach($r as $rr) {
+	
+					if($twist == 'rotright')
+						$twist = 'rotleft';
+					else
+						$twist = 'rotright';
+					
+					$ext = $phototypes[$rr['mimetype']];
+	
+					$imgalt_e = $rr['filename'];
+					$desc_e = $rr['description'];
+	
+					$imagelink = (z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $rr['resource_id']
+					. (($_GET['order'] === 'posted') ? '?f=&order=posted' : ''));
+	
+					$photos[] = array(
+						'id' => $rr['id'],
+						'twist' => ' ' . $twist . rand(2,4),
+						'link' => $imagelink,
+						'title' => t('View Photo'),
+						'src' => z_root() . '/photo/' . $rr['resource_id'] . '-' . $rr['imgscale'] . '.' .$ext,
+						'alt' => $imgalt_e,
+						'desc'=> $desc_e,
+						'ext' => $ext,
+						'hash'=> $rr['resource_id'],
+						'unknown' => t('Unknown')
+					);
+				}
+			}
+
+		$tpl = get_markup_template('photo_album.tpl');
+		$o .= replace_macros($tpl, array(
+			'$photos' => $photos,
+			'$album' => (($title) ? $title : $album),
+			'$album_id' => rand(),
+			'$album_edit' => array(t('Edit Album'), $album_edit),
+			'$can_post' => false,
+			'$upload' => array(t('Upload'), z_root() . '/photos/' . \App::$profile['channel_address'] . '/upload/' . bin2hex($album)),
+			'$order' => false,
+			'$upload_form' => $upload_form,
+			'$no_fullscreen_btn' => true
+		));
+
+		return $o;
+}
+
+
+function embedphotos_album_list($a) {
+    $o = '';
+    require_once('include/photos.php');
+    $p = photos_albums_list(\App::get_channel(), \App::get_observer());
+    if ($p['success']) {
+        return $p['albums'];
+    } else {
+        return null;
+    }
+}
+
+}

Zotlabs/Module/Events.php

@@ -0,0 +1,718 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/conversation.php');
+require_once('include/bbcode.php');
+require_once('include/datetime.php');
+require_once('include/event.php');
+require_once('include/items.php');
+
+
+class Events extends \Zotlabs\Web\Controller {
+
+	function post() {
+	
+		logger('post: ' . print_r($_REQUEST,true), LOGGER_DATA);
+	
+		if(! local_channel())
+			return;
+	
+		if(($_FILES) && array_key_exists('userfile',$_FILES) && intval($_FILES['userfile']['size'])) {
+			$src = $_FILES['userfile']['tmp_name'];
+			if($src) {
+				$result = parse_ical_file($src,local_channel());
+				if($result)
+					info( t('Calendar entries imported.') . EOL);
+				else
+					notice( t('No calendar entries found.') . EOL);
+				@unlink($src);
+			}
+			goaway(z_root() . '/events');
+		}
+	
+	
+		$event_id = ((x($_POST,'event_id')) ? intval($_POST['event_id']) : 0);
+		$event_hash = ((x($_POST,'event_hash')) ? $_POST['event_hash'] : '');
+	
+		$xchan = ((x($_POST,'xchan')) ? dbesc($_POST['xchan']) : '');
+		$uid      = local_channel();
+	
+		$start_text = escape_tags($_REQUEST['start_text']);
+		$finish_text = escape_tags($_REQUEST['finish_text']);
+	
+		$adjust   = intval($_POST['adjust']);
+		$nofinish = intval($_POST['nofinish']);
+	
+		$categories = escape_tags(trim($_POST['category']));
+	
+		// only allow editing your own events. 
+	
+		if(($xchan) && ($xchan !== get_observer_hash()))
+			return;
+	
+		if($start_text) {
+			$start = $start_text;
+		}
+		else {
+			$start = sprintf('%d-%d-%d %d:%d:0',$startyear,$startmonth,$startday,$starthour,$startminute);
+		}
+	
+		if($nofinish) {
+			$finish = NULL_DATE;
+		}
+	
+		if($finish_text) {
+			$finish = $finish_text;
+		}
+		else {
+			$finish = sprintf('%d-%d-%d %d:%d:0',$finishyear,$finishmonth,$finishday,$finishhour,$finishminute);
+		}
+	
+		if($adjust) {
+			$start = datetime_convert(date_default_timezone_get(),'UTC',$start);
+			if(! $nofinish)
+				$finish = datetime_convert(date_default_timezone_get(),'UTC',$finish);
+		}
+		else {
+			$start = datetime_convert('UTC','UTC',$start);
+			if(! $nofinish)
+				$finish = datetime_convert('UTC','UTC',$finish);
+		}
+	
+		// Don't allow the event to finish before it begins.
+		// It won't hurt anything, but somebody will file a bug report
+		// and we'll waste a bunch of time responding to it. Time that 
+		// could've been spent doing something else. 
+	
+	
+		$summary  = escape_tags(trim($_POST['summary']));
+		$desc     = escape_tags(trim($_POST['desc']));
+		$location = escape_tags(trim($_POST['location']));
+		$type     = escape_tags(trim($_POST['type']));
+	
+		require_once('include/text.php');
+		linkify_tags($a, $desc, local_channel());
+		linkify_tags($a, $location, local_channel());
+	
+		//$action = ($event_hash == '') ? 'new' : "event/" . $event_hash;
+	
+		//fixme: this url gives a wsod if there is a linebreak detected in one of the variables ($desc or $location)
+		//$onerror_url = z_root() . "/events/" . $action . "?summary=$summary&description=$desc&location=$location&start=$start_text&finish=$finish_text&adjust=$adjust&nofinish=$nofinish&type=$type";
+		$onerror_url = z_root() . "/events";
+	
+		if(strcmp($finish,$start) < 0 && !$nofinish) {
+			notice( t('Event can not end before it has started.') . EOL);
+			if(intval($_REQUEST['preview'])) {
+				echo( t('Unable to generate preview.'));
+				killme();
+			}
+			goaway($onerror_url);
+		}
+	
+		if((! $summary) || (! $start)) {
+			notice( t('Event title and start time are required.') . EOL);
+			if(intval($_REQUEST['preview'])) {
+				echo( t('Unable to generate preview.'));
+				killme();
+			}
+			goaway($onerror_url);
+		}
+	
+		$share = ((intval($_POST['share'])) ? intval($_POST['share']) : 0);
+	
+		$channel = \App::get_channel();
+	
+		$acl = new \Zotlabs\Access\AccessList(false);
+	
+		if($event_id) {
+			$x = q("select * from event where id = %d and uid = %d limit 1",
+				intval($event_id),
+				intval(local_channel())
+			);
+			if(! $x) {
+				notice( t('Event not found.') . EOL);
+				if(intval($_REQUEST['preview'])) {
+					echo( t('Unable to generate preview.'));
+					killme();
+				}
+				return;
+			}
+	
+			$acl->set($x[0]);
+	
+			$created = $x[0]['created'];
+			$edited = datetime_convert();
+	
+			if($x[0]['allow_cid'] === '<' . $channel['channel_hash'] . '>' 
+				&& $x[0]['allow_gid'] === '' && $x[0]['deny_cid'] === '' && $x[0]['deny_gid'] === '') {
+				$share = false;
+			}
+			else {
+				$share = true;
+			}
+		}
+		else {
+			$created = $edited = datetime_convert();
+			if($share) {
+				$acl->set_from_array($_POST);
+			}
+			else {
+				$acl->set(array('allow_cid' => '<' . $channel['channel_hash'] . '>', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => ''));
+			}
+		}
+	
+		$post_tags = array();
+		$channel = \App::get_channel();
+		$ac = $acl->get();
+	
+		if(strlen($categories)) {
+			$cats = explode(',',$categories);
+			foreach($cats as $cat) {
+				$post_tags[] = array(
+					'uid'   => $profile_uid, 
+					'ttype' => TERM_CATEGORY,
+					'otype' => TERM_OBJ_POST,
+					'term'  => trim($cat),
+					'url'   => $channel['xchan_url'] . '?f=&cat=' . urlencode(trim($cat))
+				);
+			}
+		}
+	
+		$datarray = array();
+		$datarray['dtstart'] = $start;
+		$datarray['dtend'] = $finish;
+		$datarray['summary'] = $summary;
+		$datarray['description'] = $desc;
+		$datarray['location'] = $location;
+		$datarray['etype'] = $type;
+		$datarray['adjust'] = $adjust;
+		$datarray['nofinish'] = $nofinish;
+		$datarray['uid'] = local_channel();
+		$datarray['account'] = get_account_id();
+		$datarray['event_xchan'] = $channel['channel_hash'];
+		$datarray['allow_cid'] = $ac['allow_cid'];
+		$datarray['allow_gid'] = $ac['allow_gid'];
+		$datarray['deny_cid'] = $ac['deny_cid'];
+		$datarray['deny_gid'] = $ac['deny_gid'];
+		$datarray['private'] = (($acl->is_private()) ? 1 : 0);
+		$datarray['id'] = $event_id;
+		$datarray['created'] = $created;
+		$datarray['edited'] = $edited;
+	
+		if(intval($_REQUEST['preview'])) {
+			$html = format_event_html($datarray);
+			echo $html;
+			killme();
+		}
+	
+		$event = event_store_event($datarray);
+	
+	
+		if($post_tags)	
+			$datarray['term'] = $post_tags;
+	
+		$item_id = event_store_item($datarray,$event);
+	
+		if($item_id) {
+			$r = q("select * from item where id = %d",
+				intval($item_id)
+			);
+			if($r) {
+				xchan_query($r);
+				$sync_item = fetch_post_tags($r);
+				$z = q("select * from event where event_hash = '%s' and uid = %d limit 1",
+					dbesc($r[0]['resource_id']),
+					intval($channel['channel_id'])
+				);
+				if($z) {
+					build_sync_packet($channel['channel_id'],array('event_item' => array(encode_item($sync_item[0],true)),'event' => $z));
+				}
+			}
+		}
+	
+		if($share)
+			\Zotlabs\Daemon\Master::Summon(array('Notifier','event',$item_id));
+	
+	}
+	
+	
+	
+	function get() {
+	
+		if(argc() > 2 && argv(1) == 'ical') {
+			$event_id = argv(2);
+	
+			require_once('include/security.php');
+			$sql_extra = permissions_sql(local_channel());
+	
+			$r = q("select * from event where event_hash = '%s' $sql_extra limit 1",
+				dbesc($event_id)
+			);
+			if($r) { 
+				header('Content-type: text/calendar');
+				header('content-disposition: attachment; filename="' . t('event') . '-' . $event_id . '.ics"' );
+				echo ical_wrapper($r);
+				killme();
+			}
+			else {
+				notice( t('Event not found.') . EOL );
+				return;
+			}
+		}
+	
+		if(! local_channel()) {
+			notice( t('Permission denied.') . EOL);
+			return;
+		}
+	
+		nav_set_selected('all_events');
+	
+		if((argc() > 2) && (argv(1) === 'ignore') && intval(argv(2))) {
+			$r = q("update event set dismissed = 1 where id = %d and uid = %d",
+				intval(argv(2)),
+				intval(local_channel())
+			);
+		}
+	
+		if((argc() > 2) && (argv(1) === 'unignore') && intval(argv(2))) {
+			$r = q("update event set dismissed = 0 where id = %d and uid = %d",
+				intval(argv(2)),
+				intval(local_channel())
+			);
+		}
+	
+		$first_day = get_pconfig(local_channel(),'system','cal_first_day');
+		$first_day = (($first_day) ? $first_day : 0);
+	
+		$htpl = get_markup_template('event_head.tpl');
+		\App::$page['htmlhead'] .= replace_macros($htpl,array(
+			'$baseurl' => z_root(),
+			'$module_url' => '/events',
+			'$modparams' => 1,
+			'$lang' => \App::$language,
+			'$first_day' => $first_day
+		));
+	
+		$o = '';
+	
+		$channel = \App::get_channel();
+	
+		$mode = 'view';
+		$y = 0;
+		$m = 0;
+		$ignored = ((x($_REQUEST,'ignored')) ? " and dismissed = " . intval($_REQUEST['ignored']) . " "  : '');
+	
+	
+		// logger('args: ' . print_r(\App::$argv,true));
+	
+	
+	
+		if(argc() > 1) {
+			if(argc() > 2 && argv(1) === 'add') {
+				$mode = 'add';
+				$item_id = intval(argv(2));
+			}
+			if(argc() > 2 && argv(1) === 'drop') {
+				$mode = 'drop';
+				$event_id = argv(2);
+			}
+			if(argc() > 2 && intval(argv(1)) && intval(argv(2))) {
+				$mode = 'view';
+				$y = intval(argv(1));
+				$m = intval(argv(2));
+			}
+			if(argc() <= 2) {
+				$mode = 'view';
+				$event_id = argv(1);
+			}
+		}
+	
+		if($mode === 'add') {
+			event_addtocal($item_id,local_channel());
+			killme();
+		}
+	
+		if($mode == 'view') {
+	
+			/* edit/create form */
+			if($event_id) {
+				$r = q("SELECT * FROM `event` WHERE event_hash = '%s' AND `uid` = %d LIMIT 1",
+					dbesc($event_id),
+					intval(local_channel())
+				);
+				if(count($r))
+					$orig_event = $r[0];
+			}
+	
+			$channel = \App::get_channel();
+	
+			// Passed parameters overrides anything found in the DB
+			if(!x($orig_event))
+				$orig_event = array();
+	
+			// In case of an error the browser is redirected back here, with these parameters filled in with the previous values
+			/*
+			if(x($_REQUEST,'nofinish')) $orig_event['nofinish'] = $_REQUEST['nofinish'];
+			if(x($_REQUEST,'adjust')) $orig_event['adjust'] = $_REQUEST['adjust'];
+			if(x($_REQUEST,'summary')) $orig_event['summary'] = $_REQUEST['summary'];
+			if(x($_REQUEST,'description')) $orig_event['description'] = $_REQUEST['description'];
+			if(x($_REQUEST,'location')) $orig_event['location'] = $_REQUEST['location'];
+			if(x($_REQUEST,'start')) $orig_event['dtstart'] = $_REQUEST['start'];
+			if(x($_REQUEST,'finish')) $orig_event['dtend'] = $_REQUEST['finish'];
+			if(x($_REQUEST,'type')) $orig_event['etype'] = $_REQUEST['type'];
+			*/
+	
+			$n_checked = ((x($orig_event) && $orig_event['nofinish']) ? ' checked="checked" ' : '');
+			$a_checked = ((x($orig_event) && $orig_event['adjust']) ? ' checked="checked" ' : '');
+			$t_orig = ((x($orig_event)) ? $orig_event['summary'] : '');
+			$d_orig = ((x($orig_event)) ? $orig_event['description'] : '');
+			$l_orig = ((x($orig_event)) ? $orig_event['location'] : '');
+			$eid = ((x($orig_event)) ? $orig_event['id'] : 0);
+			$event_xchan = ((x($orig_event)) ? $orig_event['event_xchan'] : $channel['channel_hash']);
+			$mid = ((x($orig_event)) ? $orig_event['mid'] : '');
+	
+			if(! x($orig_event))
+				$sh_checked = '';
+			else
+				$sh_checked = ((($orig_event['allow_cid'] === '<' . $channel['channel_hash'] . '>' || (! $orig_event['allow_cid'])) && (! $orig_event['allow_gid']) && (! $orig_event['deny_cid']) && (! $orig_event['deny_gid'])) ? '' : ' checked="checked" ' );
+	
+			if($orig_event['event_xchan'])
+				$sh_checked .= ' disabled="disabled" ';
+	
+			$sdt = ((x($orig_event)) ? $orig_event['dtstart'] : 'now');
+	
+			$fdt = ((x($orig_event)) ? $orig_event['dtend'] : '+1 hour');
+	
+			$tz = date_default_timezone_get();
+			if(x($orig_event))
+				$tz = (($orig_event['adjust']) ? date_default_timezone_get() : 'UTC');
+	
+			$syear = datetime_convert('UTC', $tz, $sdt, 'Y');
+			$smonth = datetime_convert('UTC', $tz, $sdt, 'm');
+			$sday = datetime_convert('UTC', $tz, $sdt, 'd');
+			$shour = datetime_convert('UTC', $tz, $sdt, 'H');
+			$sminute = datetime_convert('UTC', $tz, $sdt, 'i');
+	
+			$stext = datetime_convert('UTC',$tz,$sdt);
+			$stext = substr($stext,0,14) . "00:00";
+	
+			$fyear = datetime_convert('UTC', $tz, $fdt, 'Y');
+			$fmonth = datetime_convert('UTC', $tz, $fdt, 'm');
+			$fday = datetime_convert('UTC', $tz, $fdt, 'd');
+			$fhour = datetime_convert('UTC', $tz, $fdt, 'H');
+			$fminute = datetime_convert('UTC', $tz, $fdt, 'i');
+	
+			$ftext = datetime_convert('UTC',$tz,$fdt);
+			$ftext = substr($ftext,0,14) . "00:00";
+	
+			$type = ((x($orig_event)) ? $orig_event['etype'] : 'event');
+	
+			$f = get_config('system','event_input_format');
+			if(! $f)
+				$f = 'ymd';
+	
+			$catsenabled = feature_enabled(local_channel(),'categories');
+	
+			$category = '';
+	
+			if($catsenabled && x($orig_event)){
+				$itm = q("select * from item where resource_type = 'event' and resource_id = '%s' and uid = %d limit 1",
+					dbesc($orig_event['event_hash']),
+					intval(local_channel())
+				);
+				$itm = fetch_post_tags($itm);
+				if($itm) {
+					$cats = get_terms_oftype($itm[0]['term'], TERM_CATEGORY);
+					foreach ($cats as $cat) {
+						if(strlen($category))
+							$category .= ', ';
+						$category .= $cat['term'];
+	            			}
+				}
+			}
+	
+			require_once('include/acl_selectors.php');
+	
+			$acl = new \Zotlabs\Access\AccessList($channel);
+			$perm_defaults = $acl->get();
+	
+			$tpl = get_markup_template('event_form.tpl');
+	
+			$form = replace_macros($tpl,array(
+				'$post' => z_root() . '/events',
+				'$eid' => $eid,
+				'$type' => $type,
+				'$xchan' => $event_xchan,
+				'$mid' => $mid,
+				'$event_hash' => $event_id,
+				'$summary' => array('summary', (($event_id) ? t('Edit event title') : t('Event title')), $t_orig, t('Required'), '*'),
+				'$catsenabled' => $catsenabled,
+				'$placeholdercategory' => t('Categories (comma-separated list)'),
+				'$c_text' => (($event_id) ? t('Edit Category') : t('Category')),
+				'$category' => $category,
+				'$required' => '<span class="required" title="' . t('Required') . '">*</span>',
+				'$s_dsel' => datetimesel($f,new \DateTime(),\DateTime::createFromFormat('Y',$syear+5),\DateTime::createFromFormat('Y-m-d H:i',"$syear-$smonth-$sday $shour:$sminute"), (($event_id) ? t('Edit start date and time') : t('Start date and time')), 'start_text',true,true,'','',true,$first_day),
+				'$n_text' => t('Finish date and time are not known or not relevant'),
+				'$n_checked' => $n_checked,
+				'$f_dsel' => datetimesel($f,new \DateTime(),\DateTime::createFromFormat('Y',$fyear+5),\DateTime::createFromFormat('Y-m-d H:i',"$fyear-$fmonth-$fday $fhour:$fminute"), (($event_id) ? t('Edit finish date and time') : t('Finish date and time')),'finish_text',true,true,'start_text','',false,$first_day),
+				'$nofinish' => array('nofinish', t('Finish date and time are not known or not relevant'), $n_checked, '', array(t('No'),t('Yes')), 'onclick="enableDisableFinishDate();"'),
+				'$adjust' => array('adjust', t('Adjust for viewer timezone'), $a_checked, t('Important for events that happen in a particular place. Not practical for global holidays.'), array(t('No'),t('Yes'))),
+				'$a_text' => t('Adjust for viewer timezone'),
+				'$d_text' => (($event_id) ? t('Edit Description') : t('Description')),
+				'$d_orig' => $d_orig,
+				'$l_text' => (($event_id) ? t('Edit Location') : t('Location')),
+				'$l_orig' => $l_orig,
+				'$t_orig' => $t_orig,
+				'$sh_text' => t('Share this event'),
+				'$sh_checked' => $sh_checked,
+				'$share' => array('share', t('Share this event'), $sh_checked, '', array(t('No'),t('Yes'))),
+				'$preview' => t('Preview'),
+				'$permissions' => t('Permission settings'),
+				// populating the acl dialog was a permission description from view_stream because Cal.php, which
+				// displays events, says "since we don't currently have an event permission - use the stream permission"
+				'$acl' => (($orig_event['event_xchan']) ? '' : populate_acl(((x($orig_event)) ? $orig_event : $perm_defaults), false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'))),
+				'$submit' => t('Submit'),
+				'$advanced' => t('Advanced Options')
+	
+			));
+			/* end edit/create form */
+	
+			$thisyear = datetime_convert('UTC',date_default_timezone_get(),'now','Y');
+			$thismonth = datetime_convert('UTC',date_default_timezone_get(),'now','m');
+			if(! $y)
+				$y = intval($thisyear);
+			if(! $m)
+				$m = intval($thismonth);
+	
+			$export = false;
+			if(argc() === 4 && argv(3) === 'export')
+				$export = true;
+	
+			// Put some limits on dates. The PHP date functions don't seem to do so well before 1900.
+			// An upper limit was chosen to keep search engines from exploring links millions of years in the future. 
+	
+			if($y < 1901)
+				$y = 1900;
+			if($y > 2099)
+				$y = 2100;
+	
+			$nextyear = $y;
+			$nextmonth = $m + 1;
+			if($nextmonth > 12) {
+					$nextmonth = 1;
+				$nextyear ++;
+			}
+	
+			$prevyear = $y;
+			if($m > 1)
+				$prevmonth = $m - 1;
+			else {
+				$prevmonth = 12;
+				$prevyear --;
+			}
+				
+			$dim    = get_dim($y,$m);
+			$start  = sprintf('%d-%d-%d %d:%d:%d',$y,$m,1,0,0,0);
+			$finish = sprintf('%d-%d-%d %d:%d:%d',$y,$m,$dim,23,59,59);
+	
+	
+			if (argv(1) === 'json'){
+				if (x($_GET,'start'))	$start = $_GET['start'];
+				if (x($_GET,'end'))	$finish = $_GET['end'];
+			}
+	
+			$start  = datetime_convert('UTC','UTC',$start);
+			$finish = datetime_convert('UTC','UTC',$finish);
+	
+			$adjust_start = datetime_convert('UTC', date_default_timezone_get(), $start);
+			$adjust_finish = datetime_convert('UTC', date_default_timezone_get(), $finish);
+	
+			if (x($_GET,'id')){
+			  	$r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan
+	                                from event left join item on resource_id = event_hash where resource_type = 'event' and event.uid = %d and event.id = %d limit 1",
+					intval(local_channel()),
+					intval($_GET['id'])
+				);
+			} elseif($export) {
+				$r = q("SELECT * from event where uid = %d
+					AND (( `adjust` = 0 AND ( `dtend` >= '%s' or nofinish = 1 ) AND `dtstart` <= '%s' ) 
+					OR  (  `adjust` = 1 AND ( `dtend` >= '%s' or nofinish = 1 ) AND `dtstart` <= '%s' )) ",
+					intval(local_channel()),
+					dbesc($start),
+					dbesc($finish),
+					dbesc($adjust_start),
+					dbesc($adjust_finish)
+				);
+			}
+			else {
+				// fixed an issue with "nofinish" events not showing up in the calendar.
+				// There's still an issue if the finish date crosses the end of month.
+				// Noting this for now - it will need to be fixed here and in Friendica.
+				// Ultimately the finish date shouldn't be involved in the query. 
+	
+				$r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan
+	                              from event left join item on event_hash = resource_id 
+					where resource_type = 'event' and event.uid = %d $ignored 
+					AND (( adjust = 0 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' ) 
+					OR  (  adjust = 1 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' )) ",
+					intval(local_channel()),
+					dbesc($start),
+					dbesc($finish),
+					dbesc($adjust_start),
+					dbesc($adjust_finish)
+				);
+	
+			}
+	
+			$links = array();
+	
+			if($r && ! $export) {
+				xchan_query($r);
+				$r = fetch_post_tags($r,true);
+	
+				$r = sort_by_date($r);
+			}
+	
+			if($r) {
+				foreach($r as $rr) {
+					$j = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtstart'], 'j') : datetime_convert('UTC','UTC',$rr['dtstart'],'j'));
+					if(! x($links,$j)) 
+						$links[$j] = z_root() . '/' . \App::$cmd . '#link-' . $j;
+				}
+			}
+	
+			$events=array();
+	
+			$last_date = '';
+			$fmt = t('l, F j');
+	
+			if($r) {
+	
+				foreach($r as $rr) {
+					
+					$j = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtstart'], 'j') : datetime_convert('UTC','UTC',$rr['dtstart'],'j'));
+					$d = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtstart'], $fmt) : datetime_convert('UTC','UTC',$rr['dtstart'],$fmt));
+					$d = day_translate($d);
+					
+					$start = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtstart'], 'c') : datetime_convert('UTC','UTC',$rr['dtstart'],'c'));
+					if ($rr['nofinish']){
+						$end = null;
+					} else {
+						$end = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtend'], 'c') : datetime_convert('UTC','UTC',$rr['dtend'],'c'));
+					}
+					
+					
+					$is_first = ($d !== $last_date);
+						
+					$last_date = $d;
+	
+					$edit = ((local_channel() && $rr['author_xchan'] == get_observer_hash()) ? array(z_root().'/events/'.$rr['event_hash'].'?expandform=1',t('Edit event'),'','') : false);
+	
+					$drop = array(z_root().'/events/drop/'.$rr['event_hash'],t('Delete event'),'','');
+	
+					$title = strip_tags(html_entity_decode(bbcode($rr['summary']),ENT_QUOTES,'UTF-8'));
+					if(! $title) {
+						list($title, $_trash) = explode("<br",bbcode($rr['desc']),2);
+						$title = strip_tags(html_entity_decode($title,ENT_QUOTES,'UTF-8'));
+					}
+					$html = format_event_html($rr);
+					$rr['desc'] = bbcode($rr['desc']);
+					$rr['location'] = bbcode($rr['location']);
+					$events[] = array(
+						'id'=>$rr['id'],
+						'hash' => $rr['event_hash'],
+						'start'=> $start,
+						'end' => $end,
+						'drop' => $drop,
+						'allDay' => false,
+						'title' => $title,
+						
+						'j' => $j,
+						'd' => $d,
+						'edit' => $edit,
+						'is_first'=>$is_first,
+						'item'=>$rr,
+						'html'=>$html,
+						'plink' => array($rr['plink'],t('Link to Source'),'',''),
+					);
+	
+	
+				}
+			}
+			
+			if($export) {
+				header('Content-type: text/calendar');
+				header('content-disposition: attachment; filename="' . t('calendar') . '-' . $channel['channel_address'] . '.ics"' );
+				echo ical_wrapper($r);
+				killme();
+			}
+	
+			if (\App::$argv[1] === 'json'){
+				echo json_encode($events); killme();
+			}
+			
+			// links: array('href', 'text', 'extra css classes', 'title')
+			if (x($_GET,'id')){
+				$tpl =  get_markup_template("event.tpl");
+			} 
+			else {
+				$tpl = get_markup_template("events-js.tpl");
+			}
+	
+			$o = replace_macros($tpl, array(
+				'$baseurl'	=> z_root(),
+				'$new_event'	=> array(z_root().'/events',(($event_id) ? t('Edit Event') : t('Create Event')),'',''),
+				'$previus'	=> array(z_root()."/events/$prevyear/$prevmonth",t('Previous'),'',''),
+				'$next'		=> array(z_root()."/events/$nextyear/$nextmonth",t('Next'),'',''),
+				'$export'	=> array(z_root()."/events/$y/$m/export",t('Export'),'',''),
+				'$calendar'	=> cal($y,$m,$links, ' eventcal'),
+				'$events'	=> $events,
+				'$view_label'   => t('View'),
+				'$month'        => t('Month'),
+				'$week'         => t('Week'),
+				'$day'          => t('Day'),
+				'$prev'		=> t('Previous'),
+				'$next'		=> t('Next'),
+				'$today'	=> t('Today'),
+				'$form'		=> $form,
+				'$expandform'	=> ((x($_GET,'expandform')) ? true : false),
+			));
+			
+			if (x($_GET,'id')){ echo $o; killme(); }
+			
+			return $o;
+		}
+	
+		if($mode === 'drop' && $event_id) {
+			$r = q("SELECT * FROM `event` WHERE event_hash = '%s' AND `uid` = %d LIMIT 1",
+				dbesc($event_id),
+				intval(local_channel())
+			);
+	
+			$sync_event = $r[0];
+	
+			if($r) {
+				$r = q("delete from event where event_hash = '%s' and uid = %d limit 1",
+					dbesc($event_id),
+					intval(local_channel())
+				);
+				if($r) {
+					$r = q("update item set resource_type = '', resource_id = '' where resource_type = 'event' and resource_id = '%s' and uid = %d",
+						dbesc($event_id),
+						intval(local_channel())
+					);
+					$sync_event['event_deleted'] = 1;
+					build_sync_packet(0,array('event' => array($sync_event)));
+	
+					info( t('Event removed') . EOL);
+				}
+				else {
+					notice( t('Failed to remove event' ) . EOL);
+				}
+				goaway(z_root() . '/events');
+			}
+		}
+	
+	}
+	
+}

Zotlabs/Module/Fbrowser.php

@@ -0,0 +1,136 @@
+<?php
+namespace Zotlabs\Module;
+/**
+ * @package		Friendica\modules
+ * @subpackage	FileBrowser
+ * @author		Fabio Comuni <fabrixxm@kirgroup.com>
+ */
+
+require_once('include/photo/photo_driver.php');
+
+/**
+ * @param App $a
+ */
+
+class Fbrowser extends \Zotlabs\Web\Controller {
+
+	function get(){
+		
+		if (!local_channel())
+			killme();
+	
+		if (\App::$argc==1)
+			killme();
+		
+		//echo "<pre>"; var_dump(\App::$argv); killme();	
+		
+		switch(\App::$argv[1]){
+			case "image":
+				$path = array( array(z_root()."/fbrowser/image/", t("Photos")));
+				$albums = false;
+				$sql_extra = "";
+				$sql_extra2 = " ORDER BY created DESC LIMIT 0, 10";
+				
+				if (\App::$argc==2){
+					$albums = q("SELECT distinct(`album`) AS `album` FROM `photo` WHERE `uid` = %d ",
+						intval(local_channel())
+					);
+					// anon functions only from 5.3.0... meglio tardi che mai..
+					$albums = array_map( "self::folder1" , $albums);
+					
+				}
+				
+				$album = "";
+				if (\App::$argc==3){
+					$album = hex2bin(\App::$argv[2]);
+					$sql_extra = sprintf("AND `album` = '%s' ",dbesc($album));
+					$sql_extra2 = "";
+					$path[]=array(z_root() . "/fbrowser/image/" . \App::$argv[2] . "/", $album);
+				}
+					
+				$r = q("SELECT `resource_id`, `id`, `filename`, type, min(`imgscale`) AS `hiq`,max(`imgscale`) AS `loq`, `description`  
+						FROM `photo` WHERE `uid` = %d $sql_extra
+						GROUP BY `resource_id` $sql_extra2",
+					intval(local_channel())					
+				);
+				
+				$files = array_map("self::files1", $r);
+				
+				$tpl = get_markup_template("filebrowser.tpl");
+				echo replace_macros($tpl, array(
+					'$type' => 'image',
+					'$baseurl' => z_root(),
+					'$path' => $path,
+					'$folders' => $albums,
+					'$files' =>$files,
+					'$cancel' => t('Cancel'),
+				));
+					
+					
+				break;
+			case "file":
+				if (\App::$argc==2){
+					$files = q("SELECT id, filename, filetype FROM `attach` WHERE `uid` = %d ",
+						intval(local_channel())
+					);
+					
+					$files = array_map("self::files2", $files);
+					//echo "<pre>"; var_dump($files); killme();
+				
+								
+					$tpl = get_markup_template("filebrowser.tpl");
+					echo replace_macros($tpl, array(
+						'$type' => 'file',
+						'$baseurl' => z_root(),
+						'$path' => array( array(z_root()."/fbrowser/image/", t("Files")) ),
+						'$folders' => false,
+						'$files' =>$files,
+						'$cancel' => t('Cancel'),
+					));
+					
+				}
+			
+				break;
+		}
+		
+	
+		killme();
+		
+	}
+
+	private static function folder1($el){
+		return array(bin2hex($el['album']),$el['album']);
+	}	
+
+
+	private static function files1($rr){ 
+
+		$ph = photo_factory('');
+		$types = $ph->supportedTypes();
+		$ext = $types[$rr['type']];
+	
+		$filename_e = $rr['filename'];
+			
+		return array( 
+			z_root() . '/photo/' . $rr['resource_id'] . '-' . $rr['hiq'] . '.' .$ext, 
+			$filename_e, 
+			z_root() . '/photo/' . $rr['resource_id'] . '-' . $rr['loq'] . '.'. $ext
+		);
+	}
+
+	private static function files2($rr){
+		list($m1,$m2) = explode("/",$rr['filetype']);
+		$filetype = ( (file_exists("images/icons/$m1.png"))?$m1:"zip");
+	
+		if(\App::get_template_engine() === 'internal') {
+			$filename_e = template_escape($rr['filename']);
+		}
+		else {
+			$filename_e = $rr['filename'];
+		}
+	
+		return array( z_root() . '/attach/' . $rr['id'], $filename_e, z_root() . '/images/icons/16/' . $filetype . '.png'); 
+	}
+
+	
+}

Zotlabs/Module/Feed.php

@@ -0,0 +1,48 @@
+<?php
+namespace Zotlabs\Module;
+
+
+require_once('include/items.php');
+
+
+class Feed extends \Zotlabs\Web\Controller {
+
+	function init() {
+	
+		$params = array();
+	
+		$params['begin']     = ((x($_REQUEST,'date_begin')) ? $_REQUEST['date_begin']      : NULL_DATE);
+		$params['end']       = ((x($_REQUEST,'date_end'))   ? $_REQUEST['date_end']        : '');
+		$params['type']      = ((stristr(argv(0),'json'))   ? 'json'                       : 'xml');
+		$params['pages']     = ((x($_REQUEST,'pages'))      ? intval($_REQUEST['pages'])   : 0);
+		$params['top']       = ((x($_REQUEST,'top'))        ? intval($_REQUEST['top'])     : 0);
+		$params['start']     = ((x($params,'start'))        ? intval($params['start'])     : 0);
+		$params['records']   = ((x($params,'records'))      ? intval($params['records'])   : 40);
+		$params['direction'] = ((x($params,'direction'))    ? dbesc($params['direction'])  : 'desc');
+		$params['cat']       = ((x($_REQUEST,'cat'))        ? escape_tags($_REQUEST['cat'])  : '');
+	
+		$channel = '';
+		if(argc() > 1) {
+			$r = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_address = '%s' limit 1",
+				dbesc(argv(1))
+			);
+			if(!($r && count($r)))
+				killme();
+	
+			$channel = $r[0];
+	
+			if(observer_prohibited(true))
+				killme();
+	 
+			logger('mod_feed: public feed request from ' . $_SERVER['REMOTE_ADDR'] . ' for ' . $channel['channel_address']);
+	
+			echo get_public_feed($channel,$params);
+	
+			killme();
+		}
+	
+	}
+	
+	
+	
+}

Zotlabs/Module/Ffsapi.php

@@ -0,0 +1,71 @@
+<?php
+namespace Zotlabs\Module;
+
+
+
+class Ffsapi extends \Zotlabs\Web\Controller {
+
+	function get() {
+	
+		$baseurl = z_root();
+		$name = get_config('system','sitename');
+		$description = t('Share content from Firefox to $Projectname');
+		$author = 'Mike Macgirvin';
+		$homepage = 'http://hubzilla.org';
+		$activate = t('Activate the Firefox $Projectname provider');
+	
+	$s = <<< EOT
+	
+	<script>
+	
+	var baseurl = '$baseurl';
+	
+	var data = {
+	  "origin": baseurl,
+	  // currently required
+	  "name": '$name',
+	  "iconURL": baseurl+"/images/hz-16.png",
+	  "icon32URL": baseurl+"/images/hz-32.png",
+	  "icon64URL": baseurl+"/images/hz-64.png",
+	
+	  // at least one of these must be defined
+	  // "workerURL": baseurl+"/worker.js",
+	  // "sidebarURL": baseurl+"/sidebar.htm",
+	  "shareURL": baseurl+"/rpost?f=&url=%{url}",
+	
+	  // status buttons are scheduled for Firefox 26 or 27
+	  //"statusURL": baseurl+"/statusPanel.html",
+	
+	  // social bookmarks are available in Firefox 26
+	  "markURL": baseurl+"/rbmark?f=&url=%{url}&title=%{title}",
+	  // icons should be 32x32 pixels
+	  // "markedIcon": baseurl+"/images/checkbox-checked-32.png",
+	  // "unmarkedIcon": baseurl+"/images/checkbox-unchecked-32.png",
+	  "unmarkedIcon": baseurl+"/images/hz-bookmark-32.png",
+	
+	  // should be available for display purposes
+	  "description": "$description",
+	  "author": "$author",
+	  "homepageURL": "$homepage",
+	
+	  // optional
+	  "version": "1.0"
+	}
+	
+	function activate(node) {
+	  var event = new CustomEvent("ActivateSocialFeature");
+	  var jdata = JSON.stringify(data);
+	  node.setAttribute("data-service", JSON.stringify(data));
+	  node.dispatchEvent(event);
+	}
+	</script>
+	
+	<button onclick="activate(this)" title="$activate" class="btn btn-primary">$activate</button>
+	
+EOT;
+	
+	return $s;
+	
+	}
+	
+}

Zotlabs/Module/Fhublocs.php

@@ -0,0 +1,85 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/zot.php');
+require_once('include/crypto.php');
+
+/* fix missing or damaged hublocs */
+
+
+class Fhublocs extends \Zotlabs\Web\Controller {
+
+	function get() {
+		
+		if(! is_site_admin())
+			return;
+	
+		$o = '';
+	
+		$r = q("select * from channel where channel_removed = 0");
+		$sitekey = get_config('system','pubkey');
+		
+		if($r) {
+			foreach($r as $rr) {
+				$found = false;
+				$primary_address = '';
+				$x = zot_get_hublocs($rr['channel_hash']);
+				if($x) {
+					foreach($x as $xx) {
+						if($xx['hubloc_url'] === z_root() && $xx['hubloc_sitekey'] === $sitekey) {
+							$found = true;
+							break;
+						}
+					}
+					if($found) {
+						$o .= 'Hubloc exists for ' . $rr['channel_name'] . EOL;
+						continue;
+					}	
+				}
+				$y = q("select xchan_addr from xchan where xchan_hash = '%s' limit 1",
+					dbesc($rr['channel_hash'])
+				);
+				if($y)
+					$primary_address = $y[0]['xchan_addr'];
+	
+				$hub_address = $rr['channel']['channel_address'] . '@' . \App::get_hostname();
+	
+			
+				$primary = (($hub_address === $primary_address) ? 1 : 0);
+				if(! $y)
+					$primary = 1;
+	
+				$m = q("delete from hubloc where hubloc_hash = '%s' and hubloc_url = '%s' ",
+					dbesc($rr['channel_hash']),
+					dbesc(z_root())
+				);
+	
+				// Create a verified hub location pointing to this site.
+	
+				$h = q("insert into hubloc ( hubloc_guid, hubloc_guid_sig, hubloc_hash, hubloc_addr, hubloc_primary, hubloc_url, hubloc_url_sig, hubloc_host, hubloc_callback, hubloc_sitekey, hubloc_network )
+					values ( '%s', '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s' )",
+					dbesc($rr['channel_guid']),
+					dbesc($rr['channel_guid_sig']),
+					dbesc($rr['channel_hash']),
+					dbesc($rr['channel_address'] . '@' . \App::get_hostname()),
+					intval($primary),
+					dbesc(z_root()),
+					dbesc(base64url_encode(rsa_sign(z_root(),$rr['channel_prvkey']))),
+					dbesc(\App::get_hostname()),
+					dbesc(z_root() . '/post'),
+					dbesc($sitekey),
+					dbesc('zot')
+				);
+	
+				if($h)
+					$o . 'local hubloc created for ' . $rr['channel_name'] . EOL;
+				else
+					$o .= 'DB update failed for ' . $rr['channel_name'] . EOL;
+	
+			}
+	
+			return $o;
+	
+		}
+	}
+}

Zotlabs/Module/Filer.php

@@ -0,0 +1,61 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/security.php');
+require_once('include/bbcode.php');
+require_once('include/items.php');
+
+
+
+class Filer extends \Zotlabs\Web\Controller {
+
+	function get() {
+	
+		if(! local_channel()) {
+			killme();
+		}
+	
+		$term = unxmlify(trim($_GET['term']));
+		$item_id = ((\App::$argc > 1) ? intval(\App::$argv[1]) : 0);
+	
+		logger('filer: tag ' . $term . ' item ' . $item_id);
+	
+		if($item_id && strlen($term)){
+			// file item
+			store_item_tag(local_channel(),$item_id,TERM_OBJ_POST,TERM_FILE,$term,'');
+	
+			// protect the entire conversation from periodic expiration
+	
+			$r = q("select parent from item where id = %d and uid = %d limit 1",
+				intval($item_id),
+				intval(local_channel())
+			);
+			if($r) {
+				$x = q("update item set item_retained = 1 where id = %d and uid = %d",
+					intval($r[0]['parent']),
+					intval(local_channel())
+				);
+			}
+		} 
+		else {
+			$filetags = array();
+			$r = q("select distinct(term) from term where uid = %d and ttype = %d order by term asc",
+				intval(local_channel()),
+				intval(TERM_FILE)
+			);
+			if(count($r)) {
+				foreach($r as $rr)
+					$filetags[] = $rr['term'];
+			}
+			$tpl = get_markup_template("filer_dialog.tpl");
+			$o = replace_macros($tpl, array(
+				'$field' => array('term', t("Save to Folder:"), '', '', $filetags, t('- select -')),
+				'$submit' => t('Save'),
+			));
+			
+			echo $o;
+		}
+		killme();
+	}
+	
+}

Zotlabs/Module/Filerm.php

@@ -0,0 +1,39 @@
+<?php
+namespace Zotlabs\Module;
+
+
+class Filerm extends \Zotlabs\Web\Controller {
+
+	function get() {
+	
+		if(! local_channel()) {
+			killme();
+		}
+	
+		$term = trim($_GET['term']);
+		$cat  = trim($_GET['cat']);
+	
+		$category = (($cat) ? true : false);
+		if($category)
+			$term = $cat;
+	
+		$item_id = ((\App::$argc > 1) ? intval(\App::$argv[1]) : 0);
+	
+		logger('filerm: tag ' . $term . ' item ' . $item_id);
+	
+		if($item_id && strlen($term)) {
+			$r = q("delete from term where uid = %d and ttype = %d and oid = %d and term = '%s'",
+				intval(local_channel()),
+				intval(($category) ? TERM_CATEGORY : TERM_FILE),
+				intval($item_id),
+				dbesc($term)
+			);
+		}
+	
+		if(x($_SESSION,'return_url'))
+			goaway(z_root() . '/' . $_SESSION['return_url']);
+		
+		killme();
+	}
+	
+}

Zotlabs/Module/Filestorage.php

@@ -0,0 +1,174 @@
+<?php
+namespace Zotlabs\Module;
+/**
+ * @file mod/filestorage.php
+ *
+ */
+
+require_once('include/attach.php');
+
+
+/**
+ *
+ * @param object &$a
+ */
+
+class Filestorage extends \Zotlabs\Web\Controller {
+
+	function post() {
+	
+		$channel_id = ((x($_POST, 'uid')) ? intval($_POST['uid']) : 0);
+	
+		if((! $channel_id) || (! local_channel()) || ($channel_id != local_channel())) {
+			notice( t('Permission denied.') . EOL);
+			return;
+		}
+	
+		$recurse = ((x($_POST, 'recurse')) ? intval($_POST['recurse']) : 0);
+		$resource = ((x($_POST, 'filehash')) ? notags($_POST['filehash']) : '');
+		$notify = ((x($_POST, 'notify')) ? intval($_POST['notify']) : 0);
+	
+		if(! $resource) {
+			notice(t('Item not found.') . EOL);
+			return;
+		}
+	
+		$channel = \App::get_channel();
+	
+		$acl = new \Zotlabs\Access\AccessList($channel);
+		$acl->set_from_array($_REQUEST);
+		$x = $acl->get();
+	
+		$cloudPath = get_parent_cloudpath($channel_id, $channel['channel_address'], $resource);
+	
+		//get the object before permissions change so we can catch eventual former allowed members
+		$object = get_file_activity_object($channel_id, $resource, $cloudPath);
+	
+		attach_change_permissions($channel_id, $resource, $x['allow_cid'], $x['allow_gid'], $x['deny_cid'], $x['deny_gid'], $recurse);
+	
+		file_activity($channel_id, $object, $x['allow_cid'], $x['allow_gid'], $x['deny_cid'], $x['deny_gid'], 'post', $notify);
+	
+		goaway($cloudPath);
+	}
+	
+		function get() {
+	
+		if(argc() > 1)
+			$which = argv(1);
+		else {
+			notice( t('Requested profile is not available.') . EOL );
+			\App::$error = 404;
+			return;
+		}
+	
+		$r = q("select * from channel where channel_address = '%s'",
+			dbesc($which)
+		);
+		if($r) {
+			$channel = $r[0];
+			$owner = intval($r[0]['channel_id']);
+		}
+	
+		$observer = \App::get_observer();
+		$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
+	
+		$perms = get_all_perms($owner, $ob_hash);
+	
+		if(! $perms['view_storage']) {
+			notice( t('Permission denied.') . EOL);
+			return;
+		}
+	
+		// Since we have ACL'd files in the wild, but don't have ACL here yet, we
+		// need to return for anyone other than the owner, despite the perms check for now.
+	
+		$is_owner = (((local_channel()) && ($owner  == local_channel())) ? true : false);
+		if(! $is_owner) {
+			info( t('Permission Denied.') . EOL );
+			return;
+		}
+	
+		if(argc() > 3 && argv(3) === 'delete') {
+			if(! $perms['write_storage']) {
+				notice( t('Permission denied.') . EOL);
+				return;
+			}
+	
+			$file = intval(argv(2));
+			$r = q("SELECT hash FROM attach WHERE id = %d AND uid = %d LIMIT 1",
+				dbesc($file),
+				intval($owner)
+			);
+			if(! $r) {
+				notice( t('File not found.') . EOL);
+				goaway(z_root() . '/cloud/' . $which);
+			}
+	
+			$f = $r[0];
+			$channel = \App::get_channel();
+	
+			$parentpath = get_parent_cloudpath($channel['channel_id'], $channel['channel_address'], $f['hash']);
+	
+			attach_delete($owner, $f['hash']);
+	
+			goaway($parentpath);
+		}
+	
+		if(argc() > 3 && argv(3) === 'edit') {
+			require_once('include/acl_selectors.php');
+			if(! $perms['write_storage']) {
+				notice( t('Permission denied.') . EOL);
+				return;
+			}
+			$file = intval(argv(2));
+	
+			$r = q("select id, uid, folder, filename, revision, flags, is_dir, os_storage, hash, allow_cid, allow_gid, deny_cid, deny_gid from attach where id = %d and uid = %d limit 1",
+				intval($file),
+				intval($owner)
+			);
+	
+			$f = $r[0];
+			$channel = \App::get_channel();
+	
+			$cloudpath = get_cloudpath($f) . (intval($f['is_dir']) ? '?f=&davguest=1' : '');
+			$parentpath = get_parent_cloudpath($channel['channel_id'], $channel['channel_address'], $f['hash']);
+	
+			$aclselect_e = populate_acl($f, false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_storage'));
+			$is_a_dir = (intval($f['is_dir']) ? true : false);
+	
+			$lockstate = (($f['allow_cid'] || $f['allow_gid'] || $f['deny_cid'] || $f['deny_gid']) ? 'lock' : 'unlock'); 
+	
+			// Encode path that is used for link so it's a valid URL
+			// Keep slashes as slashes, otherwise mod_rewrite doesn't work correctly
+			$encoded_path = str_replace('%2F', '/', rawurlencode($cloudpath));
+	
+			$o = replace_macros(get_markup_template('attach_edit.tpl'), array(
+				'$header' => t('Edit file permissions'),
+				'$file' => $f,
+				'$cloudpath' => z_root() . '/' . $encoded_path,
+				'$parentpath' => $parentpath,
+				'$uid' => $channel['channel_id'],
+				'$channelnick' => $channel['channel_address'],
+				'$permissions' => t('Permissions'),
+				'$aclselect' => $aclselect_e,
+				'$lockstate' => $lockstate,
+				'$permset' => t('Set/edit permissions'),
+				'$recurse' => array('recurse', t('Include all files and sub folders'), 0, '', array(t('No'), t('Yes'))),
+				'$backlink' => t('Return to file list'),
+				'$isadir' => $is_a_dir,
+				'$cpdesc' => t('Copy/paste this code to attach file to a post'),
+				'$cpldesc' => t('Copy/paste this URL to link file from a web page'),
+				'$submit' => t('Submit'),
+				'$attach_btn_title' => t('Share this file'),
+				'$link_btn_title' => t('Show URL to this file'),
+				'$notify' => array('notify', t('Notify your contacts about this file'), 0, '', array(t('No'), t('Yes')))
+			));
+	
+			echo $o;
+			killme();
+		}
+	
+		goaway(z_root() . '/cloud/' . $which);
+	}
+	
+}

Zotlabs/Module/Follow.php

@@ -0,0 +1,67 @@
+<?php
+namespace Zotlabs\Module;
+
+
+require_once('include/follow.php');
+
+
+class Follow extends \Zotlabs\Web\Controller {
+
+	function init() {
+	
+		if(! local_channel()) {
+			return;
+		}
+	
+		$uid = local_channel();
+		$url = notags(trim($_REQUEST['url']));
+		$return_url = $_SESSION['return_url'];
+		$confirm = intval($_REQUEST['confirm']);
+	
+		$channel = \App::get_channel();
+
+		// Warning: Do not edit the following line. The first symbol is UTF-8 &#65312; 
+		$url = str_replace('@','@',$url);	
+
+		$result = new_contact($uid,$url,$channel,true,$confirm);
+		
+		if($result['success'] == false) {
+			if($result['message'])
+				notice($result['message']);
+			goaway($return_url);
+		}
+	
+		info( t('Channel added.') . EOL);
+	
+		$clone = array();
+		foreach($result['abook'] as $k => $v) {
+			if(strpos($k,'abook_') === 0) {
+				$clone[$k] = $v;
+			}
+		}
+		unset($clone['abook_id']);
+		unset($clone['abook_account']);
+		unset($clone['abook_channel']);
+	
+		$abconfig = load_abconfig($channel['channel_id'],$clone['abook_xchan']);
+		if($abconfig)
+			$clone['abconfig'] = $abconfig;
+	
+		build_sync_packet(0 /* use the current local_channel */, array('abook' => array($clone)));
+	
+	
+		// If we can view their stream, pull in some posts
+	
+		if(($result['abook']['abook_their_perms'] & PERMS_R_STREAM) || ($result['abook']['xchan_network'] === 'rss'))
+			\Zotlabs\Daemon\Master::Summon(array('Onepoll',$result['abook']['abook_id']));
+	
+		goaway(z_root() . '/connedit/' . $result['abook']['abook_id'] . '?f=&follow=1');
+	
+	}
+	
+	function get() {
+		if(! local_channel()) {
+			return login();
+		}
+	}
+}

Zotlabs/Module/Getfile.php

@@ -0,0 +1,101 @@
+<?php
+namespace Zotlabs\Module;
+
+/**
+ * module: getfile
+ * 
+ * used for synchronising files and photos across clones
+ * 
+ * The site initiating the file operation will send a sync packet to known clones.
+ * They will respond by building the DB structures they require, then will provide a
+ * post request to this site to grab the file data. This is sent as a stream direct to
+ * disk at the other end, avoiding memory issues.
+ *
+ * Since magic-auth cannot easily be used by the CURL process at the other end,
+ * we will require a signed request which includes a timestamp. This should not be 
+ * used without SSL and is potentially vulnerable to replay if an attacker decrypts 
+ * the SSL traffic fast enough. The amount of time slop is configurable but defaults
+ * to 3 minutes.
+ * 
+ */
+
+
+
+require_once('include/attach.php');
+
+
+class Getfile extends \Zotlabs\Web\Controller {
+
+	function post() {
+	
+		$hash = $_POST['hash'];
+		$time = $_POST['time'];
+		$sig = $_POST['signature'];
+		$resource = $_POST['resource'];
+		$revision = intval($_POST['revision']);
+	
+		if(! $hash)
+			killme();
+	
+		$channel = channelx_by_hash($hash);
+	
+		if((! $channel) || (! $time) || (! $sig))
+			killme();
+	
+		$slop = intval(get_pconfig($channel['channel_id'],'system','getfile_time_slop'));
+		if($slop < 1)
+			$slop = 3;
+	
+		$d1 = datetime_convert('UTC','UTC',"now + $slop minutes");
+		$d2 = datetime_convert('UTC','UTC',"now - $slop minutes");	
+	
+		if(($time > $d1) || ($time < $d2)) {
+			logger('time outside allowable range');
+			killme();
+		}
+	
+		if(! rsa_verify($hash . '.' . $time,base64url_decode($sig),$channel['channel_pubkey'])) {
+			logger('verify failed.');
+			killme();
+		}
+	
+	
+		$r = attach_by_hash($resource,$revision);
+	
+		if(! $r['success']) {
+			notice( $r['message'] . EOL);
+			return;
+		}
+		
+	
+		$unsafe_types = array('text/html','text/css','application/javascript');
+	
+		if(in_array($r['data']['filetype'],$unsafe_types)) {
+				header('Content-type: text/plain');
+		}
+		else {
+			header('Content-type: ' . $r['data']['filetype']);
+		}
+	
+		header('Content-disposition: attachment; filename="' . $r['data']['filename'] . '"');
+		if(intval($r['data']['os_storage'])) {
+			$fname = dbunescbin($r['data']['data']);
+			if(strpos($fname,'store') !== false)
+				$istream = fopen($fname,'rb');
+			else
+				$istream = fopen('store/' . $channel['channel_address'] . '/' . $fname,'rb');
+			$ostream = fopen('php://output','wb');
+			if($istream && $ostream) {
+				pipe_streams($istream,$ostream);
+				fclose($istream);
+				fclose($ostream);
+			}
+		}
+		else
+			echo dbunescbin($r['data']['data']);
+		killme();
+	
+	
+	
+	}
+}

Zotlabs/Module/Group.php

@@ -0,0 +1,244 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/group.php');
+
+
+
+class Group extends \Zotlabs\Web\Controller {
+
+	function post() {
+	
+		if(! local_channel()) {
+			notice( t('Permission denied.') . EOL);
+			return;
+		}
+	
+		if((argc() == 2) && (argv(1) === 'new')) {
+			check_form_security_token_redirectOnErr('/group/new', 'group_edit');
+			
+			$name = notags(trim($_POST['groupname']));
+			$public = intval($_POST['public']);
+			$r = group_add(local_channel(),$name,$public);
+			if($r) {
+				info( t('Privacy group created.') . EOL );
+				$r = group_byname(local_channel(),$name);
+				if($r)
+					goaway(z_root() . '/group/' . $r);
+			}
+			else
+				notice( t('Could not create privacy group.') . EOL );	
+			goaway(z_root() . '/group');
+	
+		}
+		if((argc() == 2) && (intval(argv(1)))) {
+			check_form_security_token_redirectOnErr('/group', 'group_edit');
+			
+			$r = q("SELECT * FROM `groups` WHERE `id` = %d AND `uid` = %d LIMIT 1",
+				intval(argv(1)),
+				intval(local_channel())
+			);
+			if(! $r) {
+				notice( t('Privacy group not found.') . EOL );
+				goaway(z_root() . '/connections');
+	
+			}
+			$group = $r[0];
+			$groupname = notags(trim($_POST['groupname']));
+			$public = intval($_POST['public']);
+	
+			if((strlen($groupname))  && (($groupname != $group['gname']) || ($public != $group['visible']))) {
+				$r = q("UPDATE `groups` SET `gname` = '%s', visible = %d  WHERE `uid` = %d AND `id` = %d",
+					dbesc($groupname),
+					intval($public),
+					intval(local_channel()),
+					intval($group['id'])
+				);
+				if($r)
+					info( t('Privacy group updated.') . EOL );
+			}
+	
+			goaway(z_root() . '/group/' . argv(1) . '/' . argv(2));
+		}
+		return;	
+	}
+	
+		function get() {
+		$change = false;
+	
+		logger('mod_group: ' . \App::$cmd,LOGGER_DEBUG);
+		
+		if(! local_channel()) {
+			notice( t('Permission denied') . EOL);
+			return;
+		}
+	
+		// Switch to text mode interface if we have more than 'n' contacts or group members
+	
+		$switchtotext = get_pconfig(local_channel(),'system','groupedit_image_limit');
+		if($switchtotext === false)
+			$switchtotext = get_config('system','groupedit_image_limit');
+		if($switchtotext === false)
+			$switchtotext = 400;
+	
+		$tpl = get_markup_template('group_edit.tpl');
+		$context = array('$submit' => t('Submit'));
+	
+		if((argc() == 2) && (argv(1) === 'new')) {
+			
+			return replace_macros($tpl, $context + array(
+				'$title' => t('Create a group of channels.'),
+				'$gname' => array('groupname',t('Privacy group name: '), '', ''),
+				'$gid' => 'new',
+				'$public' => array('public',t('Members are visible to other channels'), false, ''),
+				'$form_security_token' => get_form_security_token("group_edit"),
+			));
+	
+	
+		}
+	
+		if((argc() == 3) && (argv(1) === 'drop')) {
+			check_form_security_token_redirectOnErr('/group', 'group_drop', 't');
+			
+			if(intval(argv(2))) {
+				$r = q("SELECT `name` FROM `groups` WHERE `id` = %d AND `uid` = %d LIMIT 1",
+					intval(argv(2)),
+					intval(local_channel())
+				);
+				if($r) 
+					$result = group_rmv(local_channel(),$r[0]['gname']);
+				if($result)
+					info( t('Privacy group removed.') . EOL);
+				else
+					notice( t('Unable to remove privacy group.') . EOL);
+			}
+			goaway(z_root() . '/group');
+			// NOTREACHED
+		}
+	
+	
+		if((argc() > 2) && intval(argv(1)) && argv(2)) {
+	
+			check_form_security_token_ForbiddenOnErr('group_member_change', 't');
+	
+			$r = q("SELECT abook_xchan from abook left join xchan on abook_xchan = xchan_hash where abook_xchan = '%s' and abook_channel = %d and xchan_deleted = 0 and abook_self = 0 and abook_blocked = 0 and abook_pending = 0 limit 1",
+				dbesc(base64url_decode(argv(2))),
+				intval(local_channel())
+			);
+			if(count($r))
+				$change = base64url_decode(argv(2));
+	
+		}
+	
+		if((argc() > 1) && (intval(argv(1)))) {
+	
+			require_once('include/acl_selectors.php');
+			$r = q("SELECT * FROM `groups` WHERE `id` = %d AND `uid` = %d AND `deleted` = 0 LIMIT 1",
+				intval(argv(1)),
+				intval(local_channel())
+			);
+			if(! $r) {
+				notice( t('Privacy group not found.') . EOL );
+				goaway(z_root() . '/connections');
+			}
+			$group = $r[0];
+	
+	
+			$members = group_get_members($group['id']);
+	
+			$preselected = array();
+			if(count($members))	{
+				foreach($members as $member)
+					if(! in_array($member['xchan_hash'],$preselected))
+						$preselected[] = $member['xchan_hash'];
+			}
+	
+			if($change) {
+	
+				if(in_array($change,$preselected)) {
+					group_rmv_member(local_channel(),$group['gname'],$change);
+				}
+				else {
+					group_add_member(local_channel(),$group['gname'],$change);
+				}
+	
+				$members = group_get_members($group['id']);
+	
+				$preselected = array();
+				if(count($members))	{
+					foreach($members as $member)
+						$preselected[] = $member['xchan_hash'];
+				}
+			}
+	
+			$drop_tpl = get_markup_template('group_drop.tpl');
+			$drop_txt = replace_macros($drop_tpl, array(
+				'$id' => $group['id'],
+				'$delete' => t('Delete'),
+				'$form_security_token' => get_form_security_token("group_drop"),
+			));
+	
+			
+			$context = $context + array(
+				'$title' => t('Privacy group editor'),
+				'$gname' => array('groupname',t('Privacy group name: '),$group['gname'], ''),
+				'$gid' => $group['id'],
+				'$drop' => $drop_txt,
+				'$public' => array('public',t('Members are visible to other channels'), $group['visible'], ''),
+				'$form_security_token' => get_form_security_token('group_edit'),
+			);
+	
+		}
+	
+		if(! isset($group))
+			return;
+	
+		$groupeditor = array(
+			'label_members' => t('Members'),
+			'members' => array(),
+			'label_contacts' => t('All Connected Channels'),
+			'contacts' => array(),
+		);
+			
+		$sec_token = addslashes(get_form_security_token('group_member_change'));
+		$textmode = (($switchtotext && (count($members) > $switchtotext)) ? true : false);
+		foreach($members as $member) {
+			if($member['xchan_url']) {
+				$member['archived'] = (intval($member['abook_archived']) ? true : false);
+				$member['click'] = 'groupChangeMember(' . $group['id'] . ',\'' . base64url_encode($member['xchan_hash']) . '\',\'' . $sec_token . '\'); return false;';
+				$groupeditor['members'][] = micropro($member,true,'mpgroup', $textmode);
+			}
+			else
+				group_rmv_member(local_channel(),$group['gname'],$member['xchan_hash']);
+		}
+	
+		$r = q("SELECT abook.*, xchan.* FROM `abook` left join xchan on abook_xchan = xchan_hash WHERE `abook_channel` = %d AND abook_self = 0 and abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 order by xchan_name asc",
+			intval(local_channel())
+		);
+	
+		if(count($r)) {
+			$textmode = (($switchtotext && (count($r) > $switchtotext)) ? true : false);
+			foreach($r as $member) {
+				if(! in_array($member['xchan_hash'],$preselected)) {
+					$member['archived'] = (intval($member['abook_archived']) ? true : false);
+					$member['click'] = 'groupChangeMember(' . $group['id'] . ',\'' . base64url_encode($member['xchan_hash']) . '\',\'' . $sec_token . '\'); return false;';
+					$groupeditor['contacts'][] = micropro($member,true,'mpall', $textmode);
+				}
+			}
+		}
+	
+		$context['$groupeditor'] = $groupeditor;
+		$context['$desc'] = t('Click on a channel to add or remove.');
+	
+		if($change) {
+			$tpl = get_markup_template('groupeditor.tpl');
+			echo replace_macros($tpl, $context);
+			killme();
+		}
+		
+		return replace_macros($tpl, $context);
+	
+	}
+	
+	
+}

Zotlabs/Module/Hcard.php

@@ -0,0 +1,60 @@
+<?php
+namespace Zotlabs\Module;
+
+
+class Hcard extends \Zotlabs\Web\Controller {
+
+	function init() {
+	
+	   if(argc() > 1)
+	        $which = argv(1);
+	    else {
+	        notice( t('Requested profile is not available.') . EOL );
+	        \App::$error = 404;
+	        return;
+	    }
+	
+	    $profile = '';
+	    $channel = \App::get_channel();
+	
+	    if((local_channel()) && (argc() > 2) && (argv(2) === 'view')) {
+	        $which = $channel['channel_address'];
+	        $profile = argv(1);
+	        $r = q("select profile_guid from profile where id = %d and uid = %d limit 1",
+	            intval($profile),
+	            intval(local_channel())
+	        );
+	        if(! $r)
+	            $profile = '';
+	        $profile = $r[0]['profile_guid'];
+	    }
+	
+	    \App::$page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . z_root() . '/feed/' . $which .'" />' . "\r\n" ;
+	
+	    if(! $profile) {
+	        $x = q("select channel_id as profile_uid from channel where channel_address = '%s' limit 1",
+	            dbesc(argv(1))
+	        );
+	        if($x) {
+	            \App::$profile = $x[0];
+	        }
+	    }
+	
+		profile_load($which,$profile);
+	
+	
+	}
+	
+	
+		function get() {
+	
+		require_once('include/widgets.php');
+		return widget_profile(array());
+	
+	
+	
+	}
+	
+	
+	
+}

Zotlabs/Module/Help.php

@@ -0,0 +1,146 @@
+<?php
+namespace Zotlabs\Module;
+
+
+require_once('include/help.php');
+
+/**
+ * You can create local site resources in doc/Site.md and either link to doc/Home.md for the standard resources
+ * or use our include mechanism to include it on your local page.
+ *
+ * #include doc/Home.md;
+ *
+ * The syntax is somewhat strict. 
+ *
+ */
+
+class Help extends \Zotlabs\Web\Controller {
+
+	function get() {
+		nav_set_selected('help');
+	
+		if($_REQUEST['search']) {
+		
+			$o .= '<div id="help-content" class="generic-content-wrapper">';
+			$o .= '<div class="section-title-wrapper">';
+			$o .= '<h2>' . t('Documentation Search') . ' - ' . htmlspecialchars($_REQUEST['search']) . '</h2>';
+			$o .= '</div>';
+			$o .= '<div class="section-content-wrapper">';
+	
+			$r = search_doc_files($_REQUEST['search']);
+			if($r) {
+				$o .= '<ul class="help-searchlist">';
+				foreach($r as $rr) {
+					$dirname = dirname($rr['sid']);
+					$fname = basename($rr['sid']);
+					$fname = substr($fname,0,strrpos($fname,'.'));
+					$path = trim(substr($dirname,4),'/');
+	
+					$o .= '<li><a href="help/' . (($path) ? $path . '/' : '') . $fname . '" >' . ucwords(str_replace('_',' ',notags($fname))) . '</a><br />' . 
+					str_replace('$Projectname',\Zotlabs\Lib\System::get_platform_name(),substr($rr['text'],0,200)) . '...<br /><br /></li>';
+	
+				}
+				$o .= '</ul>';
+				$o .= '</div>';
+				$o .= '</div>';
+			}
+			return $o;
+		}
+	
+	
+		global $lang;
+	
+		$doctype = 'markdown';
+	
+		$text = '';
+	
+		if(argc() > 1) {
+			$path = '';
+			for($x = 1; $x < argc(); $x ++) {
+				if(strlen($path))
+					$path .= '/';
+				$path .= argv($x);
+			}
+			$title = basename($path);
+	
+			$text = load_doc_file('doc/' . $path . '.md');
+			\App::$page['title'] = t('Help:') . ' ' . ucwords(str_replace('-',' ',notags($title)));
+	
+			if(! $text) {
+				$text = load_doc_file('doc/' . $path . '.bb');
+				if($text)
+					$doctype = 'bbcode';
+				\App::$page['title'] = t('Help:') . ' ' . ucwords(str_replace('_',' ',notags($title)));
+			}
+			if(! $text) {
+				$text = load_doc_file('doc/' . $path . '.html');
+				if($text)
+					$doctype = 'html';
+				\App::$page['title'] = t('Help:') . ' ' . ucwords(str_replace('-',' ',notags($title)));
+			}
+		}
+	
+		if(! $text) {
+			$text = load_doc_file('doc/Site.md');
+			\App::$page['title'] = t('Help');
+		}
+		if(! $text) {
+			$doctype = 'bbcode';
+			$text = load_doc_file('doc/main.bb');
+			\App::$page['title'] = t('Help');
+		}
+		
+		if(! strlen($text)) {
+			header($_SERVER["SERVER_PROTOCOL"] . ' 404 ' . t('Not Found'));
+			$tpl = get_markup_template("404.tpl");
+			return replace_macros($tpl, array(
+				'$message' =>  t('Page not found.' )
+			));
+		}
+	
+		if($doctype === 'html')
+			$content = $text;
+		if($doctype === 'markdown')	{
+			require_once('library/markdown.php');
+			# escape #include tags
+			$text = preg_replace('/#include/ism', '%%include', $text);
+			$content = Markdown($text);
+			$content = preg_replace('/%%include/ism', '#include', $content);
+		}
+		if($doctype === 'bbcode') {
+			require_once('include/bbcode.php');
+			$content = bbcode($text);
+			// bbcode retargets external content to new windows. This content is internal.
+			$content = str_replace(' target="_blank"','',$content);		
+		} 
+	
+		$content = preg_replace_callback("/#include (.*?)\;/ism", 'self::preg_callback_help_include', $content);
+	
+		return replace_macros(get_markup_template("help.tpl"), array(
+			'$title' => t('$Projectname Documentation'),
+			'$content' => translate_projectname($content)
+		));
+	
+	}
+	
+	
+	private static function preg_callback_help_include($matches) {
+	
+		if($matches[1]) {
+			$include = str_replace($matches[0],load_doc_file($matches[1]),$matches[0]);
+			if(preg_match('/\.bb$/', $matches[1]) || preg_match('/\.txt$/', $matches[1])) {
+				require_once('include/bbcode.php');
+				$include = bbcode($include);
+				$include = str_replace(' target="_blank"','',$include);		
+			} 
+			elseif(preg_match('/\.md$/', $matches[1])) {
+				require_once('library/markdown.php');
+				$include = Markdown($include);
+			}
+			return $include;
+		}
+	
+	}
+	
+	
+}

Zotlabs/Module/Home.php

@@ -0,0 +1,102 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/items.php');
+require_once('include/conversation.php');
+
+
+
+class Home extends \Zotlabs\Web\Controller {
+
+	function init() {
+	
+		$ret = array();
+	
+		call_hooks('home_init',$ret);
+	
+		$splash = ((argc() > 1 && argv(1) === 'splash') ? true : false);
+	
+		$channel = \App::get_channel();
+		if(local_channel() && $channel && $channel['xchan_url'] && ! $splash) {
+			$dest = $channel['channel_startpage'];
+			if(! $dest)
+				$dest = get_pconfig(local_channel(),'system','startpage');
+			if(! $dest)
+				$dest = get_config('system','startpage');
+			if(! $dest)
+				$dest = z_root() . '/network';
+	
+			goaway($dest);
+		}
+
+		if(remote_channel() && (! $splash) && $_SESSION['atoken']) {
+			$r = q("select * from atoken where atoken_id = %d",
+				intval($_SESSION['atoken'])
+			);
+			if($r) {
+				$x = channelx_by_n($r[0]['atoken_uid']);
+				if($x) {
+					goaway(z_root() . '/channel/' . $x['channel_address']);
+				}
+			}
+		} 
+
+	
+		if(get_account_id() && ! $splash) {
+			goaway(z_root() . '/new_channel');
+		}
+	
+	}
+	
+	
+	function get($update = 0, $load = false) {
+	
+		$o = '';
+	
+	
+		if(x($_SESSION,'theme'))
+			unset($_SESSION['theme']);
+		if(x($_SESSION,'mobile_theme'))
+			unset($_SESSION['mobile_theme']);
+	
+		$splash = ((argc() > 1 && argv(1) === 'splash') ? true : false);
+	
+		call_hooks('home_content',$o);
+		if($o)
+			return $o;
+	
+		$frontpage = get_config('system','frontpage');
+		if($frontpage) {
+			if(strpos($frontpage,'include:') !== false) {
+				$file = trim(str_replace('include:' , '', $frontpage));
+				if(file_exists($file)) {
+					\App::$page['template'] = 'full';
+					\App::$page['title'] = t('$Projectname');
+					$o .= file_get_contents($file);
+					return $o;
+				}
+			}
+			if(strpos($frontpage,'http') !== 0)
+				$frontpage = z_root() . '/' . $frontpage;
+			if(intval(get_config('system','mirror_frontpage'))) {
+				$o = '<html><head><title>' . t('$Projectname') . '</title></head><body style="margin: 0; padding: 0; border: none;" ><iframe src="' . $frontpage . '" width="100%" height="100%" style="margin: 0; padding: 0; border: none;" ></iframe></body></html>';
+				echo $o;
+				killme();
+			}
+			goaway($frontpage);
+		}
+	
+	
+		$sitename = get_config('system','sitename');
+		if($sitename) 
+			$o .= '<h1 class="home-welcome">' . sprintf( t("Welcome to %s") ,$sitename) . '</h1>';
+	
+		$loginbox = get_config('system','login_on_homepage');
+		if(intval($loginbox) || $loginbox === false)
+			$o .= login((\App::$config['system']['register_policy'] == REGISTER_CLOSED) ? 0 : 1);
+	
+		return $o;
+	
+	}
+	
+}

Zotlabs/Module/Hostxrd.php

@@ -0,0 +1,24 @@
+<?php
+namespace Zotlabs\Module;
+
+
+class Hostxrd extends \Zotlabs\Web\Controller {
+
+	function init() {
+		header('Access-Control-Allow-Origin: *');
+		header("Content-type: application/xrd+xml");
+		logger('hostxrd',LOGGER_DEBUG);
+	
+		$tpl = get_markup_template('xrd_host.tpl');
+		$x = replace_macros(get_markup_template('xrd_host.tpl'), array(
+			'$zhost' => \App::get_hostname(),
+			'$zroot' => z_root()
+		));
+		$arr = array('xrd' => $x);
+		call_hooks('hostxrd',$arr);
+	
+		echo $arr['xrd'];
+		killme();
+	}
+	
+}

Zotlabs/Module/Id.php

@@ -0,0 +1,319 @@
+<?php
+namespace Zotlabs\Module;
+
+/**
+ * @file mod/id.php
+ * @brief OpenID implementation
+ */
+
+require 'library/openid/provider/provider.php';
+
+
+$attrMap = array(
+	'namePerson/first'       => t('First Name'),
+	'namePerson/last'        => t('Last Name'),
+	'namePerson/friendly'    => t('Nickname'),
+	'namePerson'             => t('Full Name'),
+	'contact/internet/email' => t('Email'),
+	'contact/email'          => t('Email'),
+	'media/image/aspect11'   => t('Profile Photo'),
+	'media/image'            => t('Profile Photo'),
+	'media/image/default'    => t('Profile Photo'),
+	'media/image/16x16'      => t('Profile Photo 16px'),
+	'media/image/32x32'      => t('Profile Photo 32px'),
+	'media/image/48x48'      => t('Profile Photo 48px'),
+	'media/image/64x64'      => t('Profile Photo 64px'),
+	'media/image/80x80'      => t('Profile Photo 80px'),
+	'media/image/128x128'    => t('Profile Photo 128px'),
+	'timezone'               => t('Timezone'),
+	'contact/web/default'    => t('Homepage URL'),
+	'language/pref'          => t('Language'),
+	'birthDate/birthYear'    => t('Birth Year'),
+	'birthDate/birthMonth'   => t('Birth Month'),
+	'birthDate/birthday'     => t('Birth Day'),
+	'birthDate'              => t('Birthdate'),
+	'gender'                 => t('Gender'),
+);
+
+
+/**
+ * @brief Entrypoint for the OpenID implementation.
+ *
+ * @param App &$a
+ */
+
+class Id extends \Zotlabs\Web\Controller {
+
+	function init() {
+	
+		logger('id: ' . print_r($_REQUEST, true));
+	
+		if(argc() > 1) {
+			$which = argv(1);
+		} else {
+			\App::$error = 404;
+			return;
+		}
+	
+		$profile = '';
+		$channel = \App::get_channel();
+		profile_load($which,$profile);
+	
+		$op = new MysqlProvider;
+		$op->server();
+	}
+	
+	/**
+	 * @brief Returns user data needed for OpenID.
+	 *
+	 * If no $handle is provided we will use local_channel() by default.
+	 *
+	 * @param string $handle (default null)
+	 * @return boolean|array
+	 */
+	static public function getUserData($handle = null) {
+		if (! local_channel()) {
+			notice( t('Permission denied.') . EOL);
+			\App::$page['content'] =  login();
+	
+			return false;
+		}
+	
+	//	logger('handle: ' . $handle);
+	
+		if ($handle) {
+			$r = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_address = '%s' limit 1",
+				dbesc($handle)
+			);
+		} else {
+			$r = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_id = %d",
+				intval(local_channel())
+			);
+		}
+	
+		if (! r)
+			return false;
+	
+		$x = q("select * from account where account_id = %d limit 1", 
+			intval($r[0]['channel_account_id'])
+		);
+		if ($x)
+			$r[0]['email'] = $x[0]['account_email'];
+	
+		$p = q("select * from profile where is_default = 1 and uid = %d limit 1",
+			intval($r[0]['channel_account_id'])
+		);
+	
+		$gender = '';
+		if ($p[0]['gender'] == t('Male'))
+			$gender = 'M';
+		if ($p[0]['gender'] == t('Female'))
+			$gender = 'F';
+	
+		$r[0]['firstName'] = ((strpos($r[0]['channel_name'],' ')) ? substr($r[0]['channel_name'],0,strpos($r[0]['channel_name'],' ')) : $r[0]['channel_name']);
+		$r[0]['lastName'] = ((strpos($r[0]['channel_name'],' ')) ? substr($r[0]['channel_name'],strpos($r[0]['channel_name'],' ')+1) : '');
+		$r[0]['namePerson'] = $r[0]['channel_name'];
+		$r[0]['pphoto'] = $r[0]['xchan_photo_l'];
+		$r[0]['pphoto16'] = z_root() . '/photo/profile/16/' . $r[0]['channel_id'] . '.jpg';
+		$r[0]['pphoto32'] = z_root() . '/photo/profile/32/' . $r[0]['channel_id'] . '.jpg';
+		$r[0]['pphoto48'] = z_root() . '/photo/profile/48/' . $r[0]['channel_id'] . '.jpg';
+		$r[0]['pphoto64'] = z_root() . '/photo/profile/64/' . $r[0]['channel_id'] . '.jpg';
+		$r[0]['pphoto80'] = z_root() . '/photo/profile/80/' . $r[0]['channel_id'] . '.jpg';
+		$r[0]['pphoto128'] = z_root() . '/photo/profile/128/' . $r[0]['channel_id'] . '.jpg';
+		$r[0]['timezone'] = $r[0]['channel_timezone'];
+		$r[0]['url'] = $r[0]['xchan_url'];
+		$r[0]['language'] = (($x[0]['account_language']) ? $x[0]['account_language'] : 'en');
+		$r[0]['birthyear'] = ((intval(substr($p[0]['dob'],0,4))) ? intval(substr($p[0]['dob'],0,4)) : '');
+		$r[0]['birthmonth'] = ((intval(substr($p[0]['dob'],5,2))) ? intval(substr($p[0]['dob'],5,2)) : '');
+		$r[0]['birthday'] = ((intval(substr($p[0]['dob'],8,2))) ? intval(substr($p[0]['dob'],8,2)) : '');
+		$r[0]['birthdate'] = (($r[0]['birthyear'] && $r[0]['birthmonth'] && $r[0]['birthday']) ? $p[0]['dob'] : '');
+		$r[0]['gender'] = $gender;
+	
+		return $r[0];
+	
+	/*
+	*    if(isset($_POST['login'],$_POST['password'])) {
+	*        $login = mysql_real_escape_string($_POST['login']);
+	*        $password = sha1($_POST['password']);
+	*        $q = mysql_query("SELECT * FROM Users WHERE login = '$login' AND password = '$password'");
+	*        if($data = mysql_fetch_assoc($q)) {
+	*            return $data;
+	*        }
+	*        if($handle) {
+	*            echo 'Wrong login/password.';
+	*        }
+	*    }
+	*    if($handle) {
+	*    ?>
+	*    <form action="" method="post">
+	*    <input type="hidden" name="openid.assoc_handle" value="<?php
+namespace Zotlabs\Module; echo $handle?>">
+	*    Login: <input type="text" name="login"><br>
+	*    Password: <input type="password" name="password"><br>
+	*    <button>Submit</button>
+	*    </form>
+	*    <?php
+namespace Zotlabs\Module;
+	*    die();
+	*    }
+	*/
+	
+	}
+}
+	
+	
+	/**
+	 * @brief MySQL provider for OpenID implementation.
+	 *
+	 */
+	class MysqlProvider extends \LightOpenIDProvider {
+	
+		// See http://openid.net/specs/openid-attribute-properties-list-1_0-01.html
+		// This list contains a few variations of these attributes to maintain 
+		// compatibility with legacy clients
+	
+		private $attrFieldMap = array(
+			'namePerson/first'       => 'firstName',
+			'namePerson/last'        => 'lastName',
+			'namePerson/friendly'    => 'channel_address',
+			'namePerson'             => 'namePerson',
+			'contact/internet/email' => 'email',
+			'contact/email'          => 'email',
+			'media/image/aspect11'   => 'pphoto',
+			'media/image'            => 'pphoto',
+			'media/image/default'    => 'pphoto',
+			'media/image/16x16'      => 'pphoto16',
+			'media/image/32x32'      => 'pphoto32',
+			'media/image/48x48'      => 'pphoto48',
+			'media/image/64x64'      => 'pphoto64',
+			'media/image/80x80'      => 'pphoto80',
+			'media/image/128x128'    => 'pphoto128',
+			'timezone'               => 'timezone',
+			'contact/web/default'    => 'url',
+			'language/pref'          => 'language',
+			'birthDate/birthYear'    => 'birthyear',
+			'birthDate/birthMonth'   => 'birthmonth',
+			'birthDate/birthday'     => 'birthday',
+			'birthDate'              => 'birthdate',
+			'gender'                 => 'gender',
+		);
+	
+		function setup($identity, $realm, $assoc_handle, $attributes) {
+			global $attrMap;
+	
+	//		logger('identity: ' . $identity);
+	//		logger('realm: ' . $realm);
+	//		logger('assoc_handle: ' . $assoc_handle);
+	//		logger('attributes: ' . print_r($attributes,true));
+	
+			$data = \Zotlabs\Module\Id::getUserData($assoc_handle);
+	
+	
+	/** @FIXME this needs to be a template with localised strings */
+	
+	        $o .= '<form action="" method="post">'
+	           . '<input type="hidden" name="openid.assoc_handle" value="' . $assoc_handle . '">'
+	           . '<input type="hidden" name="login" value="' . $_POST['login'] .'">'
+	           . '<input type="hidden" name="password" value="' . $_POST['password'] .'">'
+	           . "<b>$realm</b> wishes to authenticate you.";
+	        if($attributes['required'] || $attributes['optional']) {
+	            $o .= " It also requests following information (required fields marked with *):"
+	               . '<ul>';
+	
+	            foreach($attributes['required'] as $attr) {
+	                if(isset($this->attrMap[$attr])) {
+	                    $o .= '<li>'
+	                       . '<input type="checkbox" name="attributes[' . $attr . ']"> '
+	                       . $this->attrMap[$attr] . ' <span class="required">*</span></li>';
+	                }
+	            }
+	
+	            foreach($attributes['optional'] as $attr) {
+	                if(isset($this->attrMap[$attr])) {
+	                    $o .= '<li>'
+	                       . '<input type="checkbox" name="attributes[' . $attr . ']"> '
+	                       . $this->attrMap[$attr] . '</li>';
+	                }
+	            }
+	            $o .= '</ul>';
+	        }
+	        $o .= '<br>'
+	           . '<button name="once">Allow once</button> '
+	           . '<button name="always">Always allow</button> '
+	           . '<button name="cancel">cancel</button> '
+	           . '</form>';
+	
+			\App::$page['content'] .= $o;
+		}
+	
+		function checkid($realm, &$attributes) {
+	
+			logger('checkid: ' . $realm);
+			logger('checkid attrs: ' . print_r($attributes,true));
+	
+			if(isset($_POST['cancel'])) {
+				$this->cancel();
+			}
+	
+			$data = \Zotlabs\Module\Id::getUserData();
+			if(! $data) {
+				return false;
+			}
+	
+			$q = get_pconfig(local_channel(), 'openid', $realm);
+	
+			$attrs = array();
+			if($q) {
+				$attrs = $q;
+	        } elseif(isset($_POST['attributes'])) {
+	            $attrs = array_keys($_POST['attributes']);
+	        } elseif(!isset($_POST['once']) && !isset($_POST['always'])) {
+	            return false;
+	        }
+	
+	        $attributes = array();
+	        foreach($attrs as $attr) {
+	            if(isset($this->attrFieldMap[$attr])) {
+	                $attributes[$attr] = $data[$this->attrFieldMap[$attr]];
+	            }
+	        }
+	
+			if(isset($_POST['always'])) {
+				set_pconfig(local_channel(),'openid',$realm,array_keys($attributes));
+			}
+	
+			return z_root() . '/id/' . $data['channel_address'];
+		}
+	
+		function assoc_handle() {
+			logger('assoc_handle');
+			$channel = \App::get_channel();
+	
+			return z_root() . '/channel/' . $channel['channel_address']; 
+		}
+	
+		function setAssoc($handle, $data) {
+			logger('setAssoc');
+			$channel = channelx_by_nick(basename($handle));
+			if($channel)
+				set_pconfig($channel['channel_id'],'openid','associate',$data);
+		}
+	
+		function getAssoc($handle) {
+			logger('getAssoc: ' . $handle);
+	
+			$channel = channelx_by_nick(basename($handle));
+			if($channel)
+				return get_pconfig($channel['channel_id'], 'openid', 'associate');
+	
+			return false;
+		}
+	
+		function delAssoc($handle) {
+			logger('delAssoc');
+			$channel = channelx_by_nick(basename($handle));
+			if($channel)
+				return del_pconfig($channel['channel_id'], 'openid', 'associate');
+		}
+	}
+	

Zotlabs/Module/Impel.php

@@ -0,0 +1,199 @@
+<?php
+namespace Zotlabs\Module; /** @file */
+
+// import page design element
+
+require_once('include/menu.php');
+
+
+class Impel extends \Zotlabs\Web\Controller {
+
+	function init() {
+	
+		$ret = array('success' => false);
+	
+		if(! local_channel())
+			json_return_and_die($ret);
+	
+		logger('impel: ' . print_r($_REQUEST,true), LOGGER_DATA);
+	
+		$elm = $_REQUEST['element'];
+		$x = base64url_decode($elm);
+		if(! $x)
+			json_return_and_die($ret);
+	
+		$j = json_decode($x,true);
+		if(! $j)
+			json_return_and_die($ret);
+	
+		$channel = \App::get_channel();
+	
+		$arr = array();
+		$is_menu = false;
+	
+		// a portable menu has its links rewritten with the local baseurl
+		$portable_menu = false;
+	
+		switch($j['type']) {
+			case 'webpage':
+				$arr['item_type'] = ITEM_TYPE_WEBPAGE;
+				$namespace = 'WEBPAGE';
+				$installed_type = t('webpage');
+				break;
+			case 'block':
+				$arr['item_type'] = ITEM_TYPE_BLOCK;
+				$namespace = 'BUILDBLOCK';
+				$installed_type = t('block');
+				break;
+			case 'layout':
+				$arr['item_type'] = ITEM_TYPE_PDL;
+				$namespace = 'PDL';
+				$installed_type = t('layout');
+				break;
+			case 'portable-menu':
+				$portable_menu = true;
+				// fall through
+			case 'menu':
+				$is_menu = true;
+				$installed_type = t('menu');
+				break;			
+			default:
+				logger('mod_impel: unrecognised element type' . print_r($j,true));
+				break;
+		}
+	
+		if($is_menu) {
+			$m = array();
+			$m['menu_channel_id'] = local_channel();
+			$m['menu_name'] = $j['pagetitle'];
+			$m['menu_desc'] = $j['desc'];
+			if($j['created'])
+				$m['menu_created'] = datetime_convert($j['created']);
+			if($j['edited'])
+				$m['menu_edited'] = datetime_convert($j['edited']);
+	
+			$m['menu_flags'] = 0;
+			if($j['flags']) {
+				if(in_array('bookmark',$j['flags']))
+					$m['menu_flags'] |= MENU_BOOKMARK;
+				if(in_array('system',$j['flags']))
+					$m['menu_flags'] |= MENU_SYSTEM;
+	
+			}
+	
+			$menu_id = menu_create($m);
+	
+			if($menu_id) {
+				if(is_array($j['items'])) {
+					foreach($j['items'] as $it) {
+						$mitem = array();
+	
+						$mitem['mitem_link'] = str_replace('[baseurl]',z_root(),$it['link']);
+						$mitem['mitem_desc'] = escape_tags($it['desc']);
+						$mitem['mitem_order'] = intval($it['order']);
+						if(is_array($it['flags'])) {
+							$mitem['mitem_flags'] = 0;
+							if(in_array('zid',$it['flags']))
+								$mitem['mitem_flags'] |= MENU_ITEM_ZID;
+							if(in_array('new-window',$it['flags']))
+								$mitem['mitem_flags'] |= MENU_ITEM_NEWWIN;
+							if(in_array('chatroom',$it['flags']))
+								$mitem['mitem_flags'] |= MENU_ITEM_CHATROOM;
+						}
+						menu_add_item($menu_id,local_channel(),$mitem);
+					}
+					if($j['edited']) {
+						$x = q("update menu set menu_edited = '%s' where menu_id = %d and menu_channel_id = %d",
+							dbesc(datetime_convert('UTC','UTC',$j['edited'])),
+							intval($menu_id),
+							intval(local_channel())
+						);
+					}
+				}	
+				$ret['success'] = true;
+			}
+			$x = $ret;
+		}
+		else {
+			$arr['uid'] = local_channel();
+			$arr['aid'] = $channel['channel_account_id'];
+			$arr['title'] = $j['title'];
+			$arr['body'] = $j['body'];
+			$arr['term'] = $j['term'];
+			$arr['layout_mid'] = $j['layout_mid'];
+			$arr['created'] = datetime_convert('UTC','UTC', $j['created']);
+			$arr['edited'] = datetime_convert('UTC','UTC',$j['edited']);
+			$arr['owner_xchan'] = get_observer_hash();
+			$arr['author_xchan'] = (($j['author_xchan']) ? $j['author_xchan'] : get_observer_hash());
+			$arr['mimetype'] = (($j['mimetype']) ? $j['mimetype'] : 'text/bbcode');
+	
+			if(! $j['mid'])
+				$j['mid'] = item_message_id();
+	
+			$arr['mid'] = $arr['parent_mid'] = $j['mid'];
+	
+	
+			if($j['pagetitle']) {
+				require_once('library/urlify/URLify.php');
+				$pagetitle = strtolower(\URLify::transliterate($j['pagetitle']));
+			}
+		
+			// Verify ability to use html or php!!!
+	
+		    $execflag = false;
+	
+			if($arr['mimetype'] === 'application/x-php') {
+				$z = q("select account_id, account_roles, channel_pageflags from account left join channel on channel_account_id = account_id where channel_id = %d limit 1",
+					intval(local_channel())
+				);
+	
+				if($z && (($z[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($z[0]['channel_pageflags'] & PAGE_ALLOWCODE))) {
+					$execflag = true;
+				}
+			}
+	
+			$i = q("select id, edited, item_deleted from item where mid = '%s' and uid = %d limit 1",
+				dbesc($arr['mid']),
+				intval(local_channel())
+			);
+
+			\Zotlabs\Lib\IConfig::Set($arr,'system',$namespace,(($pagetitle) ? $pagetitle : substr($arr['mid'],0,16)),true);
+	
+			if($i) {
+				$arr['id'] = $i[0]['id'];
+				// don't update if it has the same timestamp as the original
+				if($arr['edited'] > $i[0]['edited'])
+					$x = item_store_update($arr,$execflag);
+			}
+			else {
+				if(($i) && (intval($i[0]['item_deleted']))) {
+					// was partially deleted already, finish it off
+					q("delete from item where mid = '%s' and uid = %d",
+						dbesc($arr['mid']),
+						intval(local_channel())
+					);
+				}
+				else
+					$x = item_store($arr,$execflag);
+			}
+	
+			if($x && $x['success']) {
+				$item_id = $x['item_id'];
+			}
+		}
+	
+		if($x['success']) {
+			$ret['success'] = true;
+			info( sprintf( t('%s element installed'), $installed_type)); 
+		}
+		else {
+			notice( sprintf( t('%s element installation failed'), $installed_type)); 
+		}
+	
+		//??? should perhaps return ret? 
+
+		json_return_and_die(true);
+	
+	}
+	
+}

Zotlabs/Module/Import.php

@@ -0,0 +1,558 @@
+<?php
+namespace Zotlabs\Module;
+
+// Import a channel, either by direct file upload or via
+// connection to original server. 
+
+
+require_once('include/zot.php');
+require_once('include/channel.php');
+require_once('include/import.php');
+
+
+
+class Import extends \Zotlabs\Web\Controller {
+
+	function import_account($account_id) {
+	
+		if(! $account_id){
+			logger("import_account: No account ID supplied");
+			return;
+		}
+	
+		$max_identities = account_service_class_fetch($account_id,'total_identities');
+		$max_friends = account_service_class_fetch($account_id,'total_channels');
+		$max_feeds = account_service_class_fetch($account_id,'total_feeds');
+	
+		if($max_identities !== false) {
+			$r = q("select channel_id from channel where channel_account_id = %d",
+				intval($account_id)
+			);
+			if($r && count($r) > $max_identities) {
+				notice( sprintf( t('Your service plan only allows %d channels.'), $max_identities) . EOL);
+				return;
+			}
+		}
+	
+	
+		$data     = null;
+		$seize    = ((x($_REQUEST,'make_primary')) ? intval($_REQUEST['make_primary']) : 0);
+		$import_posts = ((x($_REQUEST,'import_posts')) ? intval($_REQUEST['import_posts']) : 0);
+		$src      = $_FILES['filename']['tmp_name'];
+		$filename = basename($_FILES['filename']['name']);
+		$filesize = intval($_FILES['filename']['size']);
+		$filetype = $_FILES['filename']['type'];
+	
+		$completed = ((array_key_exists('import_step',$_SESSION)) ? intval($_SESSION['import_step']) : 0);
+		if($completed)
+			logger('saved import step: ' . $_SESSION['import_step']);
+	
+		if($src) {
+	
+			// This is OS specific and could also fail if your tmpdir isn't very large
+			// mostly used for Diaspora which exports gzipped files.
+	
+			if(strpos($filename,'.gz')){
+				@rename($src,$src . '.gz');
+				@system('gunzip ' . escapeshellarg($src . '.gz'));
+			}
+	
+			if($filesize) {
+				$data = @file_get_contents($src);
+			}
+			unlink($src);
+		}
+	
+		if(! $src) {
+			$old_address = ((x($_REQUEST,'old_address')) ? $_REQUEST['old_address'] : '');
+			if(! $old_address) {
+				logger('mod_import: nothing to import.');
+				notice( t('Nothing to import.') . EOL);
+				return;
+			}
+	
+			$email    = ((x($_REQUEST,'email'))    ? $_REQUEST['email']    : '');
+			$password = ((x($_REQUEST,'password')) ? $_REQUEST['password'] : '');
+	
+			$channelname = substr($old_address,0,strpos($old_address,'@'));
+			$servername  = substr($old_address,strpos($old_address,'@')+1);
+	
+			$scheme = 'https://';
+			$api_path = '/api/red/channel/export/basic?f=&channel=' . $channelname;
+			if($import_posts)
+				$api_path .= '&posts=1';
+			$binary = false;
+			$redirects = 0;
+			$opts = array('http_auth' => $email . ':' . $password);
+			$url = $scheme . $servername . $api_path;
+			$ret = z_fetch_url($url, $binary, $redirects, $opts);
+			if(! $ret['success'])
+				$ret = z_fetch_url('http://' . $servername . $api_path, $binary, $redirects, $opts);
+			if($ret['success'])
+				$data = $ret['body'];
+			else
+				notice( t('Unable to download data from old server') . EOL);
+	
+		}
+	
+		if(! $data) {
+			logger('mod_import: empty file.');
+			notice( t('Imported file is empty.') . EOL);
+			return;
+		}
+	
+		$data = json_decode($data,true);
+	
+	//	logger('import: data: ' . print_r($data,true));
+	//	print_r($data);
+	
+	
+		if(array_key_exists('user',$data) && array_key_exists('version',$data)) {
+			require_once('include/Import/import_diaspora.php');
+			import_diaspora($data);
+			return;
+		}
+		
+		$moving = false;
+		
+		if(array_key_exists('compatibility',$data) && array_key_exists('database',$data['compatibility'])) {
+			$v1 = substr($data['compatibility']['database'],-4);
+			$v2 = substr(DB_UPDATE_VERSION,-4);
+			if($v2 > $v1) {
+				$t = sprintf( t('Warning: Database versions differ by %1$d updates.'), $v2 - $v1 ); 
+				notice($t);
+			}
+			if(array_key_exists('server_role',$data['compatibility']) && $data['compatibility']['server_role'] == 'basic')
+				$moving = true;
+		}
+	
+		if($moving)
+			$seize = 1;
+	
+		// import channel
+	
+		$relocate = ((array_key_exists('relocate',$data)) ? $data['relocate'] : null);
+
+		if(array_key_exists('channel',$data)) {
+	
+			if($completed < 1) {
+				$channel = import_channel($data['channel'], $account_id, $seize);
+	
+			}
+			else {
+				$r = q("select * from channel where channel_account_id = %d and channel_guid = '%s' limit 1",
+					intval($account_id),
+					dbesc($channel['channel_guid'])
+				);
+				if($r)
+					$channel = $r[0];
+			}
+			if(! $channel) {
+				logger('mod_import: channel not found. ', print_r($channel,true));
+				notice( t('Cloned channel not found. Import failed.') . EOL);
+				return;
+			}
+		}
+	
+		if(! $channel)
+			$channel = \App::get_channel();
+		
+		if(! $channel) {
+			logger('mod_import: channel not found. ', print_r($channel,true));
+			notice( t('No channel. Import failed.') . EOL);
+			return;
+		}
+	
+	
+		if($completed < 2) {
+			if(is_array($data['config'])) {
+				import_config($channel,$data['config']);
+			}
+	
+			logger('import step 2');
+			$_SESSION['import_step'] = 2;
+		}
+	
+	
+		if($completed < 3) {
+	
+			if($data['photo']) {
+				require_once('include/photo/photo_driver.php');
+				import_channel_photo(base64url_decode($data['photo']['data']),$data['photo']['type'],$account_id,$channel['channel_id']);
+			}
+	
+			if(is_array($data['profile']))
+				import_profiles($channel,$data['profile']);
+	
+			logger('import step 3');
+			$_SESSION['import_step'] = 3;
+		}
+	
+	
+		if($completed < 4) {
+	
+			if(is_array($data['hubloc']) && (! $moving)) {
+				import_hublocs($channel,$data['hubloc'],$seize);
+	
+			}
+			logger('import step 4');
+			$_SESSION['import_step'] = 4;
+		}
+	
+		if($completed < 5) {
+			// create new hubloc for the new channel at this site
+	
+			$r = q("insert into hubloc ( hubloc_guid, hubloc_guid_sig, hubloc_hash, hubloc_addr, hubloc_network, hubloc_primary, 
+				hubloc_url, hubloc_url_sig, hubloc_host, hubloc_callback, hubloc_sitekey )
+				values ( '%s', '%s', '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s' )",
+				dbesc($channel['channel_guid']),
+				dbesc($channel['channel_guid_sig']),
+				dbesc($channel['channel_hash']),
+				dbesc($channel['channel_address'] . '@' . \App::get_hostname()),
+				dbesc('zot'),
+				intval(($seize) ? 1 : 0),
+				dbesc(z_root()),
+				dbesc(base64url_encode(rsa_sign(z_root(),$channel['channel_prvkey']))),
+				dbesc(\App::get_hostname()),
+				dbesc(z_root() . '/post'),
+				dbesc(get_config('system','pubkey'))
+			);
+		
+			// reset the original primary hubloc if it is being seized
+	
+			if($seize) {
+				$r = q("update hubloc set hubloc_primary = 0 where hubloc_primary = 1 and hubloc_hash = '%s' and hubloc_url != '%s' ",
+					dbesc($channel['channel_hash']),
+					dbesc(z_root())
+				);
+			}
+			logger('import step 5');
+			$_SESSION['import_step'] = 5;
+		}
+	 
+	
+		if($completed < 6) {
+	
+			// import xchans and contact photos
+	
+			if($seize) {
+	
+				// replace any existing xchan we may have on this site if we're seizing control
+	
+				$r = q("delete from xchan where xchan_hash = '%s'",
+					dbesc($channel['channel_hash'])
+				);
+	
+				$r = q("insert into xchan ( xchan_hash, xchan_guid, xchan_guid_sig, xchan_pubkey, xchan_photo_l, xchan_photo_m, xchan_photo_s, xchan_addr, xchan_url, xchan_follow, xchan_connurl, xchan_name, xchan_network, xchan_photo_date, xchan_name_date, xchan_hidden, xchan_orphan, xchan_censored, xchan_selfcensored, xchan_system, xchan_pubforum, xchan_deleted ) values ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, %d, %d, %d, %d )",
+					dbesc($channel['channel_hash']),
+					dbesc($channel['channel_guid']),
+					dbesc($channel['channel_guid_sig']),
+					dbesc($channel['channel_pubkey']),
+					dbesc(z_root() . "/photo/profile/l/" . $channel['channel_id']),
+					dbesc(z_root() . "/photo/profile/m/" . $channel['channel_id']),
+					dbesc(z_root() . "/photo/profile/s/" . $channel['channel_id']),
+					dbesc($channel['channel_address'] . '@' . \App::get_hostname()),
+					dbesc(z_root() . '/channel/' . $channel['channel_address']),
+					dbesc(z_root() . '/follow?f=&url=%s'),
+					dbesc(z_root() . '/poco/' . $channel['channel_address']),
+					dbesc($channel['channel_name']),
+					dbesc('zot'),
+					dbesc(datetime_convert()),
+					dbesc(datetime_convert()),
+					0,0,0,0,0,0,0
+				);
+			}
+			logger('import step 6');
+			$_SESSION['import_step'] = 6;
+		}
+	
+		if($completed < 7) {
+	
+			$xchans = $data['xchan'];
+			if($xchans) {
+				foreach($xchans as $xchan) {
+	
+					$hash = make_xchan_hash($xchan['xchan_guid'],$xchan['xchan_guid_sig']);
+					if($xchan['xchan_network'] === 'zot' && $hash !== $xchan['xchan_hash']) {
+						logger('forged xchan: ' . print_r($xchan,true));
+						continue;
+					}
+	
+					if(! array_key_exists('xchan_hidden',$xchan)) {
+						$xchan['xchan_hidden']       = (($xchan['xchan_flags'] & 0x0001) ? 1 : 0);
+						$xchan['xchan_orphan']       = (($xchan['xchan_flags'] & 0x0002) ? 1 : 0);
+						$xchan['xchan_censored']     = (($xchan['xchan_flags'] & 0x0004) ? 1 : 0);
+						$xchan['xchan_selfcensored'] = (($xchan['xchan_flags'] & 0x0008) ? 1 : 0);
+						$xchan['xchan_system']       = (($xchan['xchan_flags'] & 0x0010) ? 1 : 0);
+						$xchan['xchan_pubforum']     = (($xchan['xchan_flags'] & 0x0020) ? 1 : 0);
+						$xchan['xchan_deleted']      = (($xchan['xchan_flags'] & 0x1000) ? 1 : 0);
+					}
+	
+					$r = q("select xchan_hash from xchan where xchan_hash = '%s' limit 1",
+						dbesc($xchan['xchan_hash'])
+					);
+					if($r)
+						continue;
+	
+					dbesc_array($xchan);
+			
+					$r = dbq("INSERT INTO xchan (`" 
+						. implode("`, `", array_keys($xchan)) 
+						. "`) VALUES ('" 
+						. implode("', '", array_values($xchan)) 
+						. "')" );
+	
+		
+					require_once('include/photo/photo_driver.php');
+					$photos = import_xchan_photo($xchan['xchan_photo_l'],$xchan['xchan_hash']);
+					if($photos[4])
+						$photodate = NULL_DATE;
+					else
+						$photodate = $xchan['xchan_photo_date'];
+	
+					$r = q("update xchan set xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s', xchan_photo_date = '%s'
+						where xchan_hash = '%s'",
+						dbesc($photos[0]),
+						dbesc($photos[1]),
+						dbesc($photos[2]),
+						dbesc($photos[3]),
+						dbesc($photodate),
+						dbesc($xchan['xchan_hash'])
+					);
+				
+				}
+			}
+			logger('import step 7');
+			$_SESSION['import_step'] = 7;
+	
+		}
+	
+	
+	
+		// FIXME - ensure we have an xchan if somebody is trying to pull a fast one
+	
+		if($completed < 8) {	
+			$friends = 0;
+			$feeds = 0;
+	
+			// import contacts
+			$abooks = $data['abook'];
+			if($abooks) {
+				foreach($abooks as $abook) {
+	
+					$abconfig = null;
+					if(array_key_exists('abconfig',$abook) && is_array($abook['abconfig']) && count($abook['abconfig']))
+						$abconfig = $abook['abconfig'];
+	
+					unset($abook['abook_id']);
+					unset($abook['abook_rating']);
+					unset($abook['abook_rating_text']);
+					$abook['abook_account'] = $account_id;
+					$abook['abook_channel'] = $channel['channel_id'];
+					if(! array_key_exists('abook_blocked',$abook)) {
+						$abook['abook_blocked']     = (($abook['abook_flags'] & 0x0001 ) ? 1 : 0);
+						$abook['abook_ignored']     = (($abook['abook_flags'] & 0x0002 ) ? 1 : 0);
+						$abook['abook_hidden']      = (($abook['abook_flags'] & 0x0004 ) ? 1 : 0);
+						$abook['abook_archived']    = (($abook['abook_flags'] & 0x0008 ) ? 1 : 0);
+						$abook['abook_pending']     = (($abook['abook_flags'] & 0x0010 ) ? 1 : 0);
+						$abook['abook_unconnected'] = (($abook['abook_flags'] & 0x0020 ) ? 1 : 0);
+						$abook['abook_self']        = (($abook['abook_flags'] & 0x0080 ) ? 1 : 0);
+						$abook['abook_feed']        = (($abook['abook_flags'] & 0x0100 ) ? 1 : 0);
+					}
+	
+					if($abook['abook_self']) {
+						$role = get_pconfig($channel['channel_id'],'system','permissions_role');
+						if(($role === 'forum') || ($abook['abook_my_perms'] & PERMS_W_TAGWALL)) {
+							q("update xchan set xchan_pubforum = 1 where xchan_hash = '%s' ",
+								dbesc($abook['abook_xchan'])
+							);
+						}
+					} 
+					else {
+						if($max_friends !== false && $friends > $max_friends)
+							continue;
+						if($max_feeds !== false && intval($abook['abook_feed']) && ($feeds > $max_feeds))
+							continue;
+					}
+	
+					dbesc_array($abook);
+					$r = dbq("INSERT INTO abook (`" 
+						. implode("`, `", array_keys($abook)) 
+						. "`) VALUES ('" 
+						. implode("', '", array_values($abook)) 
+						. "')" );
+	
+					$friends ++;
+					if(intval($abook['abook_feed']))
+						$feeds ++;
+	
+					if($abconfig) {
+						// @fixme does not handle sync of del_abconfig
+						foreach($abconfig as $abc) {
+							set_abconfig($channel['channel_id'],$abc['xchan'],$abc['cat'],$abc['k'],$abc['v']);
+						}
+					}
+	
+	
+	
+				}
+			}
+			logger('import step 8');
+			$_SESSION['import_step'] = 8;
+		}
+	
+	
+	
+		if($completed < 9) {
+			$groups = $data['group'];
+			if($groups) {
+				$saved = array();
+				foreach($groups as $group) {
+					$saved[$group['hash']] = array('old' => $group['id']);
+					if(array_key_exists('name',$group)) {
+						$group['gname'] = $group['name'];
+						unset($group['name']);
+					}
+					unset($group['id']);
+					$group['uid'] = $channel['channel_id'];					
+					dbesc_array($group);
+					$r = dbq("INSERT INTO groups (`" 
+						. implode("`, `", array_keys($group)) 
+						. "`) VALUES ('" 
+						. implode("', '", array_values($group)) 
+						. "')" );
+				}
+				$r = q("select * from `groups` where uid = %d",
+					intval($channel['channel_id'])
+				);
+				if($r) {
+					foreach($r as $rr) {
+						$saved[$rr['hash']]['new'] = $rr['id'];
+					}
+				} 
+			}
+	
+	
+			$group_members = $data['group_member'];
+			if($group_members) {
+				foreach($group_members as $group_member) {
+					unset($group_member['id']);
+					$group_member['uid'] = $channel['channel_id'];
+					foreach($saved as $x) {
+						if($x['old'] == $group_member['gid'])
+							$group_member['gid'] = $x['new'];
+					}
+					dbesc_array($group_member);
+					$r = dbq("INSERT INTO group_member (`" 
+						. implode("`, `", array_keys($group_member)) 
+						. "`) VALUES ('" 
+						. implode("', '", array_values($group_member)) 
+						. "')" );
+				}
+			}
+			logger('import step 9');
+			$_SESSION['import_step'] = 9;
+		}
+	
+		if(is_array($data['obj']))
+			import_objs($channel,$data['obj']);
+	
+		if(is_array($data['likes']))
+			import_likes($channel,$data['likes']);
+	
+		if(is_array($data['app']))
+			import_apps($channel,$data['app']);
+	
+		if(is_array($data['chatroom']))
+			import_chatrooms($channel,$data['chatroom']);
+	
+		if(is_array($data['conv']))
+			import_conv($channel,$data['conv']);
+	
+		if(is_array($data['mail']))
+			import_mail($channel,$data['mail']);
+	
+		if(is_array($data['event']))
+			import_events($channel,$data['event']);
+	
+		if(is_array($data['event_item']))
+			import_items($channel,$data['event_item'],false,$relocate);
+	
+		if(is_array($data['menu']))
+			import_menus($channel,$data['menu']);
+		
+		$addon = array('channel' => $channel,'data' => $data);
+		call_hooks('import_channel',$addon);
+	
+		$saved_notification_flags = notifications_off($channel['channel_id']);
+	
+		if($import_posts && array_key_exists('item',$data) && $data['item'])
+			import_items($channel,$data['item'],false,$relocate);
+	
+		notifications_on($channel['channel_id'],$saved_notification_flags);
+	
+	
+		if(array_key_exists('item_id',$data) && $data['item_id'])
+			import_item_ids($channel,$data['item_id']);
+	
+	
+		// FIXME - ensure we have a self entry if somebody is trying to pull a fast one
+	
+		// send out refresh requests
+		// notify old server that it may no longer be primary.
+	
+		\Zotlabs\Daemon\Master::Summon(array('Notifier','location',$channel['channel_id']));
+	
+		// This will indirectly perform a refresh_all *and* update the directory
+	
+		\Zotlabs\Daemon\Master::Summon(array('Directory', $channel['channel_id']));
+	
+	
+		notice( t('Import completed.') . EOL);
+	
+		change_channel($channel['channel_id']);
+	
+		unset($_SESSION['import_step']);
+		goaway(z_root() . '/network' );
+	
+	}
+	
+	
+	function post() {
+	
+		$account_id = get_account_id();
+		if(! $account_id)
+			return;
+	
+		$this->import_account($account_id);
+	}
+	
+	function get() {
+	
+		if(! get_account_id()) {
+			notice( t('You must be logged in to use this feature.'));
+			return '';
+		}
+	
+		$o = replace_macros(get_markup_template('channel_import.tpl'),array(
+			'$title' => t('Import Channel'),
+			'$desc' => t('Use this form to import an existing channel from a different server/hub. You may retrieve the channel identity from the old server/hub via the network or provide an export file.'),
+			'$label_filename' => t('File to Upload'),
+			'$choice' => t('Or provide the old server/hub details'),
+			'$label_old_address' => t('Your old identity address (xyz@example.com)'),
+			'$label_old_email' => t('Your old login email address'),
+			'$label_old_pass' => t('Your old login password'),
+			'$common' => t('For either option, please choose whether to make this hub your new primary address, or whether your old location should continue this role. You will be able to post from either location, but only one can be marked as the primary location for files, photos, and media.'),
+			'$label_import_primary' => t('Make this hub my primary location'),
+			'$label_import_posts' => t('Import existing posts if possible (experimental - limited by available memory'),
+			'$pleasewait' => t('This process may take several minutes to complete. Please submit the form only once and leave this page open until finished.'), 
+			'$email' => '',
+			'$pass' => '',
+			'$submit' => t('Submit')
+		));
+	
+		return $o;
+	
+	}
+	
+}

Zotlabs/Module/Import_items.php

@@ -0,0 +1,131 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/import.php');
+
+
+class Import_items extends \Zotlabs\Web\Controller {
+
+	function post() {
+	
+		if(! local_channel())
+			return;
+	
+		$data     = null;
+	
+		$src      = $_FILES['filename']['tmp_name'];
+		$filename = basename($_FILES['filename']['name']);
+		$filesize = intval($_FILES['filename']['size']);
+		$filetype = $_FILES['filename']['type'];
+	
+		if($src) {
+			// This is OS specific and could also fail if your tmpdir isn't very large
+			// mostly used for Diaspora which exports gzipped files.
+	
+			if(strpos($filename,'.gz')){
+				@rename($src,$src . '.gz');
+				@system('gunzip ' . escapeshellarg($src . '.gz'));
+			}
+	
+			if($filesize) {
+				$data = @file_get_contents($src);
+			}
+			unlink($src);
+		}
+	
+		if(! $src) {
+	
+			$old_address = ((x($_REQUEST,'old_address')) ? $_REQUEST['old_address'] : '');
+	
+			if(! $old_address) {
+				logger('mod_import: nothing to import.');
+				notice( t('Nothing to import.') . EOL);
+				return;
+			}
+	
+			$email    = ((x($_REQUEST,'email'))    ? $_REQUEST['email']    : '');
+			$password = ((x($_REQUEST,'password')) ? $_REQUEST['password'] : '');
+	
+			$year = ((x($_REQUEST,'year'))    ? $_REQUEST['year']    : '');
+	
+			$channelname = substr($old_address,0,strpos($old_address,'@'));
+			$servername  = substr($old_address,strpos($old_address,'@')+1);
+	
+			$scheme = 'https://';
+			$api_path = '/api/red/channel/export/items?f=&channel=' . $channelname . '&year=' . intval($year);
+			$binary = false;
+			$redirects = 0;
+			$opts = array('http_auth' => $email . ':' . $password);
+			$url = $scheme . $servername . $api_path;
+			$ret = z_fetch_url($url, $binary, $redirects, $opts);
+			if(! $ret['success'])
+				$ret = z_fetch_url('http://' . $servername . $api_path, $binary, $redirects, $opts);
+			if($ret['success'])
+				$data = $ret['body'];
+			else
+				notice( t('Unable to download data from old server') . EOL);
+	
+		}
+	
+		if(! $data) {
+			logger('mod_import: empty file.');
+			notice( t('Imported file is empty.') . EOL);
+			return;
+		}
+	
+		$data = json_decode($data,true);
+	
+	//	logger('import: data: ' . print_r($data,true));
+	//	print_r($data);
+	
+		if(! is_array($data))
+			return;
+	
+		if(array_key_exists('compatibility',$data) && array_key_exists('database',$data['compatibility'])) {
+			$v1 = substr($data['compatibility']['database'],-4);
+			$v2 = substr(DB_UPDATE_VERSION,-4);
+			if($v2 > $v1) {
+				$t = sprintf( t('Warning: Database versions differ by %1$d updates.'), $v2 - $v1 ); 
+				notice($t);
+			}
+		}
+	
+		$channel = \App::get_channel();
+	
+	
+		if(array_key_exists('item',$data) && $data['item']) {
+			import_items($channel,$data['item'],false,((array_key_exists('relocate',$data)) ? $data['relocate'] : null));
+		}
+	
+		if(array_key_exists('item_id',$data) && $data['item_id']) {
+			import_item_ids($channel,$data['item_id']);
+		}
+	
+		info( t('Import completed') . EOL);
+		return;
+	}
+	
+	
+	
+	
+	function get() {
+	
+		if(! local_channel()) {
+			notice( t('Permission denied') . EOL);
+			return login();
+		}
+	
+		$o = replace_macros(get_markup_template('item_import.tpl'),array(
+			'$title' => t('Import Items'),
+			'$desc' => t('Use this form to import existing posts and content from an export file.'),
+			'$label_filename' => t('File to Upload'),
+			'$submit' => t('Submit')
+		));
+	
+		return $o;
+	
+	}
+	
+	
+	
+}