Merge branch '3.2RC'

Add rounded corners to mimic categories input field and main text area.

.homeinstall/README.md

@@ -34,7 +34,7 @@ Software
 ## The basic steps (quick overview)
 
 + Register your own domain (for example at selfHOST) or a free subdomain (for example at freeDNS)
-+ Log on to your new debian (server)
++ Log on to your fresh Debian
   - apt-get install git
   - mkdir -p /var/www
   - cd /var/www
@@ -44,7 +44,7 @@ Software
   - nano hubzilla-config.txt
     - Read the comments carefully
     - Enter your values: db pass, domain, values for dyn DNS
-  - Make sure your your external drive (for backups) is mounted
+  - Make sure your external drive (for backups) is mounted
   - hubzilla-setup.sh as root
     - ... wait, wait, wait until the script is finised
   - reboot

.homeinstall/hubzilla-setup.sh

@@ -641,7 +641,7 @@ function configure_cron_daily {
     # every 10 min for poller.php
     if [ -z "`grep 'poller.php' /etc/crontab`" ]
     then
-        echo "*/10 * * * * www-data cd /var/www/html; php include/poller.php >> /dev/null 2>&1" >> /etc/crontab
+        echo "*/10 * * * * www-data cd /var/www/html; php Zotlabs/Daemon/Master.php Cron >> /dev/null 2>&1" >> /etc/crontab
     fi
     # Run external script daily at 05:30
     # - stop apache and mysql-server

CHANGELOG

@@ -1,3 +1,129 @@
+Hubzilla 3.2 (2018-03-09)
+	- Improve rendering of Readme files in plugin settings
+	- Add pdl file for mod moderate
+	- Update redbasic theme screenshot
+	- Restrict mail messages to max_import_size
+	- Add pdl file for mod thing
+	- Add federation property to webfinger
+	- Provide new member widget which sits beneath the notifications for the first 60 days after an account creation
+	- Rename Addon/Feature settings to Addon Settings
+	- Move privacy groups to the newly created Access Control and Permissions tab
+	- Move oauth_client management and guest access tokens to features rather than auto-enabling at various feature levels
+	- Change undo_post_tagging() to emit quoted tags rather than using underscore replacement if they contain spaces
+	- Require directory servers to be using some modern form of encryption
+	- Change icon set from font-awesome to fork-awesome
+	- Provide opt-out link and text with notification emails
+	- Alter image selection widget to accept/submit on choose (github issue #979)
+	- If hide_in_statistics is set, only include the total channels count and no other statistical info in siteinfo.json
+	- Mark connections where we do not have post_comments permissions with an no entry sign
+	- Click your own profile photo to change it if loged in
+	- Remove street address info from the default basic profile fields
+	- Handle error logging in on cloud page (post method not implemented)
+	- Cloud 'view-as-tiles' toggle wasn't available for guests and they are the most likely to prefer that view
+	- Provide DB compatibility for poll and voting implementations across several platforms
+	- Remove the unused ZotDriver and ProtoDriver classes
+	- Move dreport from zot to lib
+	- Move Zotlabs\Zot\Verify to Zotlabs\Lib\Verify as part of the zot6 re-org
+	- Add event resource_id to iconfig so Diaspora can search on it without looking inside JSON objects
+	- Trim non-existent/deprecated plugins from siteinfo plugin list
+	- Add 'Validate' button to new_channel page
+	- Do not show summary if it is equal to body
+	- Update code tag styling so bbcode [code] blocks and wiki markdown inline code render nicely
+	- Crypto improvements (use pkcs1_oaep_padding instead of the older pkcs1_padding)
+	- Refactor OAuth2Server a bit
+	- Refactor of the DB update system
+	- Extend the oauth2 storage driver so that we can use our own channel table
+	- Provide option to block the public stream unless authenticated
+	- Refactor shares and urn shares into activities
+	- Show likes and dislikes in notices if always_show_in_notices is set
+	- Add hidden config to disallow anonymous comments (github issue #972)
+	- Add flexibility to prefix/suffix string translations for jquery.timeago
+	- Make post titles searchable (github issue #975)
+	- Implement zot6 delivery
+	- Remove mobile_detect library
+	- Separate the parsing of author information from the parsing of item/activity information in feedutils
+	- Provide summaries in feeds under very limited cases
+	- Redirect to the email_validation page if login was attempted after account creation but prior to successful verification
+	- Iprove workflow for form based email validation when auto_channel_create is in effect
+	- Provide a default video image if nothing else is available
+	- Surface the ability to change the landing page after channel creation
+	- Create the 'go' module to present several possible things to do after channel creation
+	- Add unit test for dba_pdo driver class
+	- Add unit test for \DBA factory
+	- Usability improvements to registration/verification workflow
+	- Don't do any bbcode translation within code blocks (except baseurl, observer, and linefeeds)
+	- Improve browser language detection
+	- Remove unused prototype importer template and obsolete reflection cms importer
+	- Update to bootstrap 4 stable
+	- Implement caching of notifications in browser session storage
+	- Code cleanup and simplification in mod_like
+	- Implement new cropper library
+	- Better notifications for edit post/comments which may have been originally posted long ago
+	- Ensure filter words are not empty in include/items.php
+	- Change query in mod search to be compatible with postgres
+	- Provide channel list function in the zot api
+	- Remove deprecated 'qcomment' feature
+	- Simplify webserver logic flow
+	- Simplify interactions with the get_features hook
+	- Provide a local pubstream option (content from this site only)
+	- Simplify dir_tagadelic dramatically
+	- Surface the article feature
+	- Add summary bbcode tag
+	- Move markdown-in-posts/comments feature to plugin
+	- Support tables in markdown posts/comments
+
+
+	Bugfixes
+	- Fix javascript error if there are no notifications
+	- Fix some issues with friend suggestions on standalone sites with no 'suggestme' volunteers
+	- Fix unable to reset profile fields to defaults in admin/profs by emptying the textarea
+	⁻ Fix issues with accordions related to bootstrap upgrade
+	- Fix empty dob is set to the date of the first profile save
+	- Fix several email validation issues
+	- Fix issue if logged in locally and mod_display returns nothing owned by your uid; retry with known public uids rather than issue 'permission denied'
+	- Fix public stream app permission check to match the recent fixes to the Module
+	- Fix issues with delivery of edited posts to forums
+	- Fix autoname test
+	- Fix issue where self and pending connections were visible in connections when not loged in
+	- Fix bad query in mod defperms
+	- Fix issue where gnusocial likes were not recognised as like activity
+	- Fix manual queue invocation
+	- Fix unable to delete accounts using tickboxes on admin/accounts
+	- Fix a PHP7.2 warning when a channel has no cards
+	- Fix unable to delete permission groups with space in name (github issue #920)
+
+	Addons
+	Statistic: fix reporting of incorrect register policy in nodeinfo
+	Diaspora: diaspora_init_relay: calls diaspora_import_author with too many arguments
+	Pubcrawl: provide a system 'allowed' for to match the system setting for other protocols
+	Diaspora: fix issue with sending diaspora profile change messages over diaspora_v2
+	Diaspora: provide limited but hopefully adequate support for new Diaspora html5 audio/video
+	Pubcrawl: send zot context with follow requests
+	Pubcrawl: add video to the set of message types we process
+	Pubcrawl: support for activitypub media
+	Openclipatar: remove extra details for each image
+	Diaspora: initial work on event participation
+	Statistic: remove the friendica protocol from nodeinfo until it is fully implemented
+	Statistic: re-arrange the order of the .host-meta/nodeinfo links
+	Pubcrawl: add share verb to activitystreams translator
+	Pubcrawl: post public posts to syschannel
+	Statistics: fix legacy statistics.json interface
+	Gnusocial: improve error checking when processing a salmon message
+	Dirstats: fix sql syntax error
+	Pubcrawl: possibly reduce constraint violations for xchan_store_lowlevel (duplicate entry)
+	Diaspora: ensure we process Friendica-over-Diaspora yearless birthdays correctly
+	Chess: added simple history browsing controls to spectator view
+	Diaspora: support post/comment edits
+	Diaspora: don't redirect fetch requests for non-Diaspora wall-to-wall and forum posts unless they can be redirected to a Diaspora protocol site
+	Chess: added support for publicly visible games
+	Phpmailer: add quickstart notes
+	Chess: choose random color if no color is chosen
+	New Plugin: mdpost - markdown in posts/comments, migrated from core to addon
+	Diaspora: provide a configuration option to import the diaspora firehose, otherwise only import content matching subscribed tags
+	NSFW: load images only after click on the button
+	Twitter: provide configurable tweet length until such time as 280 becomes universal
+
+
 Hubzilla 3.0 (2018-01-09)
 	- Updated homeinstall script
 	- Sort cloud directory by 1. is_dir and 2. name

LICENSE

@@ -1,4 +1,4 @@
-Copyright (c) 2010-2017 the Hubzilla Community
+Copyright (c) 2010-2018 the Hubzilla Community
 All rights reserved.
 
 Permission is hereby granted, free of charge, to any person obtaining a copy

README.md

@@ -3,18 +3,18 @@
 Hubzilla - Community Server
 ===========================
 
+
 <p align="center" markdown="1">
 <em><a href="https://github.com/redmatrix/hubzilla/blob/master/install/INSTALL.txt">Installing Hubzilla</a></em> 
 </p>
 
-
 **What is Hubzilla?**
 
-Hubzilla is a general purpose communication server integrated with a web publishing system and a decentralised permission system. If this sounds like a bunch of technical mumbo-jumbo to you, just think of it as an independent platform for sharing stuff online. 
+Hubzilla is a general purpose communication server integrated with a web publishing system and a decentralised permission system. If this sounds like a bunch of technical mumbo-jumbo to you, just think of it as an independent platform for sharing stuff online (publicly or privately). 
 
 Hubzilla contains some social network bits, some cloud storage bits, some blog and forum bits, and some content management bits. These are all integrated within a common privacy framework - and it is all decentralised. 
 
-Everything you publish or share can be restricted to those channels and people you wish to share them with; and these permissions work completely invisibly - even with channels on different servers or other communications services.
+Everything you publish or share can be restricted to those channels and people you wish to share them with; and these permissions work completely invisibly - **even with channels on different servers or other communications services**.
 
 Migration and live backups of your connections, settings, and everything you publish are built-in, so you never need worry about server failure. 
 

Zotlabs/Access/AccessList.php

@@ -3,10 +3,14 @@
 namespace Zotlabs\Access;
 
 /**
- * @brief AccessList class.
+ * @brief AccessList class which represents individual content ACLs.
  *
  * A class to hold an AccessList object with allowed and denied contacts and
  * groups.
+ *
+ * After evaluating @ref ::Zotlabs::Access::PermissionLimits "PermissionLimits"
+ * and @ref ::Zotlabs::Lib::Permcat "Permcat"s individual content ACLs are evaluated.
+ * These answer the question "Can Joe view *this* album/photo?".
  */
 class AccessList {
 	/**
@@ -103,7 +107,7 @@ class AccessList {
 	 * @brief Return an array consisting of the current access list components
 	 * where the elements are directly storable.
 	 *
-	 * @return Associative array with:
+	 * @return array An associative array with:
 	 *   * \e string \b allow_cid => string of allowed cids
 	 *   * \e string \b allow_gid => string of allowed gids
 	 *   * \e string \b deny_cid  => string of denied cids

Zotlabs/Access/PermissionLimits.php

@@ -2,35 +2,92 @@
 
 namespace Zotlabs\Access;
 
-use \Zotlabs\Lib as ZLib;
+use Zotlabs\Lib\PConfig;
 
+/**
+ * @brief Permission limits.
+ *
+ * Permission limits are a very high level permission setting. They are hard
+ * limits by design.
+ * "Who can view my photos (at all)?"
+ * "Who can post photos in my albums (at all)?"
+ *
+ * For viewing permissions we generally set these to 'anybody' and for write
+ * permissions we generally set them to 'those I allow', though many people
+ * restrict the viewing permissions further for things like 'Can view my connections'.
+ *
+ * People get confused enough by permissions that we wanted a place to set their
+ * privacy expectations once and be done with it.
+ *
+ * Connection related permissions like "Can Joe view my photos?" are handled by
+ * @ref ::Zotlabs::Lib::Permcat "Permcat" and inherit from the channel's Permission
+ * limits.
+ *
+ * @see Permissions
+ */
 class PermissionLimits {
 
+	/**
+	 * @brief Get standard permission limits.
+	 *
+	 * Viewing permissions and post_comments permission are set to 'anybody',
+	 * other permissions are set to 'those I allow'.
+	 *
+	 * The list of permissions comes from Permissions::Perms().
+	 *
+	 * @return array
+	 */
 	static public function Std_Limits() {
+		$limits = [];
 		$perms = Permissions::Perms();
-		$limits = array();
+
+		$anon_comments = get_config('system','anonymous_comments',true);
+
 		foreach($perms as $k => $v) {
-			if(strstr($k,'view') || $k === 'post_comments')
+			if(strstr($k, 'view') || ($k === 'post_comments' && $anon_comments))
 				$limits[$k] = PERMS_PUBLIC;
 			else
 				$limits[$k] = PERMS_SPECIFIC;
 		}
+
 		return $limits;
 	}
 
-	static public function Set($channel_id,$perm,$perm_limit) {
-		ZLib\PConfig::Set($channel_id,'perm_limits',$perm,$perm_limit);
+	/**
+	 * @brief Sets a permission limit for a channel.
+	 *
+	 * @param int $channel_id
+	 * @param string $perm
+	 * @param int $perm_limit one of PERMS_* constants
+	 */
+	static public function Set($channel_id, $perm, $perm_limit) {
+		PConfig::Set($channel_id, 'perm_limits', $perm, $perm_limit);
 	}
 
-	static public function Get($channel_id,$perm = '') {
+	/**
+	 * @brief Get a channel's permission limits.
+	 *
+	 * Return a channel's permission limits from PConfig. If $perm is set just
+	 * return this permission limit, if not set, return an array with all
+	 * permission limits.
+	 *
+	 * @param int $channel_id
+	 * @param string $perm (optional)
+	 * @return
+	 *   * \b boolean false if no perm_limits set for this channel
+	 *   * \b int if $perm is set, return one of PERMS_* constants for this permission
+	 *   * \b array with all permission limits, if $perm is not set
+	 */
+	static public function Get($channel_id, $perm = '') {
 		if($perm) {
-			return Zlib\PConfig::Get($channel_id,'perm_limits',$perm);
+			return PConfig::Get($channel_id, 'perm_limits', $perm);
 		}
-		else {
-			Zlib\PConfig::Load($channel_id);
-			if(array_key_exists($channel_id,\App::$config) && array_key_exists('perm_limits',\App::$config[$channel_id]))
-				return \App::$config[$channel_id]['perm_limits'];
-			return false;
-		}
-	}	
+
+		PConfig::Load($channel_id);
+		if(array_key_exists($channel_id, \App::$config)
+				&& array_key_exists('perm_limits', \App::$config[$channel_id]))
+			return \App::$config[$channel_id]['perm_limits'];
+
+		return false;
+	}
 }

Zotlabs/Daemon/Notifier.php

@@ -90,8 +90,6 @@ class Notifier {
 
 		$item_id = $argv[2];
 
-		$extra = (($argc > 3) ? $argv[3] : null);
-
 		if(! $item_id)
 			return;
 
@@ -315,7 +313,7 @@ class Notifier {
 			}
 
 
-			if($target_item['id'] == $target_item['parent']) {
+			if($target_item['mid'] === $target_item['parent_mid']) {
 				$parent_item = $target_item;
 				$top_level_post = true;
 			}
@@ -620,8 +618,8 @@ class Notifier {
 				$packet = zot_build_packet($channel,$packet_type,(($packet_recips) ? $packet_recips : null));
 			}
 			if($packet_type === 'keychange') {
-				$packet = zot_build_packet($channel,$packet_type,(($packet_recips) ? $packet_recips : null));
 				$pmsg = get_pconfig($channel['channel_id'],'system','keychange');
+				$packet = zot_build_packet($channel,$packet_type,(($packet_recips) ? $packet_recips : null));
 			}
 			elseif($packet_type === 'request') {
 				$env = (($hub_env && $hub_env[$hub['hubloc_host'] . $hub['hubloc_sitekey']]) ? $hub_env[$hub['hubloc_host'] . $hub['hubloc_sitekey']] : '');
@@ -642,7 +640,21 @@ class Notifier {
 			}
 			else {
 				$env = (($hub_env && $hub_env[$hub['hubloc_host'] . $hub['hubloc_sitekey']]) ? $hub_env[$hub['hubloc_host'] . $hub['hubloc_sitekey']] : '');
-				$packet = zot_build_packet($channel,'notify',$env,(($private) ? $hub['hubloc_sitekey'] : null), $hub['site_crypto'],$hash);	
+
+				// currently zot6 delivery is only performed on normal items and not sync items or mail or anything else
+				// Eventually we will do this for all deliveries, but for now ensure this is precisely what we are dealing 
+				// with before switching to zot6 as the primary zot6 handler checks for the existence of a message delivery report
+				// to trigger dequeue'ing
+
+				$z6 = (($encoded_item && $encoded_item['type'] === 'activity' && (! array_key_exists('allow_cid',$encoded_item))) ? true : false);
+				if($z6) {
+					$packet = zot6_build_packet($channel,'notify',$env, json_encode($encoded_item), (($private) ? $hub['hubloc_sitekey'] : null), $hub['site_crypto'],$hash);
+				}
+				else {
+					$packet = zot_build_packet($channel,'notify',$env, (($private) ? $hub['hubloc_sitekey'] : null), $hub['site_crypto'],$hash);
+
+				}	
+
 				queue_insert(
 					[
 						'hash'       => $hash,

Zotlabs/Daemon/Queue.php

@@ -13,10 +13,10 @@ class Queue {
 		require_once('include/bbcode.php');
 
 
-		if(argc() > 1)
-			$queue_id = argv(1);
+		if($argc > 1)
+			$queue_id = $argv[1];
 		else
-			$queue_id = 0;
+			$queue_id = EMPTY_STR;
 
 		logger('queue: start');
 

Zotlabs/Identity/OAuth2Server.php

@@ -0,0 +1,34 @@
+<?php
+
+namespace Zotlabs\Identity;
+
+class OAuth2Server extends \OAuth2\Server {
+
+	public function __construct(OAuth2Storage $storage, $config = []) {
+
+		if(! is_array($config)) {
+			$config = [
+				'use_openid_connect' => true,
+				'issuer' => \Zotlabs\Lib\System::get_site_name()
+			];
+		}
+
+		parent::__construct($storage, $config);
+
+		// Add the "Client Credentials" grant type (it is the simplest of the grant types)
+		$this->addGrantType(new \OAuth2\GrantType\ClientCredentials($storage));
+
+		// Add the "Authorization Code" grant type (this is where the oauth magic happens)
+		$this->addGrantType(new \OAuth2\GrantType\AuthorizationCode($storage));
+
+		$keyStorage = new \OAuth2\Storage\Memory( [
+			'keys' => [
+				'public_key'  => get_config('system', 'pubkey'),
+				'private_key' => get_config('system', 'prvkey')
+			]
+		]);
+
+		$this->addStorage($keyStorage, 'public_key');
+	}
+
+}

Zotlabs/Identity/OAuth2Storage.php

@@ -0,0 +1,81 @@
+<?php
+
+namespace Zotlabs\Identity;
+
+
+class OAuth2Storage extends \OAuth2\Storage\Pdo {
+
+    /**
+     * @param string $username
+     * @param string $password
+     * @return bool
+     */
+    public function checkUserCredentials($username, $password)
+    {
+        if ($user = $this->getUser($username)) {
+            return $this->checkPassword($user, $password);
+        }
+
+        return false;
+    }
+
+    /**
+     * @param string $username
+     * @return array|bool
+     */
+    public function getUserDetails($username)
+    {
+        return $this->getUser($username);
+    }
+
+
+    /**
+     *
+     * @param array $user
+     * @param string $password
+     * @return bool
+     */
+    protected function checkPassword($user, $password)
+    {
+
+		$x = account_verify_password($user,$password);
+		return((array_key_exists('channel',$x) && ! empty($x['channel'])) ? true : false);
+
+    }
+
+    /**
+     * @param string $username
+     * @return array|bool
+     */
+    public function getUser($username)
+    {
+
+		$x = channelx_by_nick($username);
+		if(! $x) {
+			return false;
+		}
+
+		return( [
+			'username'  => $x['channel_address'],
+			'user_id'   => $x['channel_id'],
+			'firstName' => $x['channel_name'],
+			'lastName'  => '',
+			'password'  => 'NotARealPassword'
+		] );
+    }
+
+    /**
+     * plaintext passwords are bad!  Override this for your application
+     *
+     * @param string $username
+     * @param string $password
+     * @param string $firstName
+     * @param string $lastName
+     * @return bool
+     */
+    public function setUser($username, $password, $firstName = null, $lastName = null)
+    {
+        return true;
+    }
+
+}

Zotlabs/Lib/Apps.php

@@ -119,6 +119,7 @@ class Apps {
 
 
 	static public function parse_app_description($f,$translate = true) {
+
 		$ret = array();
 
 		$baseurl = z_root();
@@ -194,6 +195,10 @@ class Apps {
 						if(! is_public_profile())
 							unset($ret);
 						break;
+					case 'public_stream':
+						if(! can_view_public_stream())
+							unset($ret);
+						break;
 					case 'observer':
 						if(! $observer)
 							unset($ret);
@@ -221,6 +226,7 @@ class Apps {
 	static public function translate_system_apps(&$arr) {
 		$apps = array(
 			'Apps' => t('Apps'),
+			'Articles' => t('Articles'),
 			'Cards' => t('Cards'),
 			'Admin' => t('Site Admin'),
 			'Report Bug' => t('Report Bug'),
@@ -345,6 +351,10 @@ class Apps {
 							if(! is_public_profile())
 								return '';
 							break;
+						case 'public_stream':
+							if(! can_view_public_stream())
+								return '';
+							break;
 						case 'observer':
 							$observer = \App::get_observer();
 							if(! $observer)

Zotlabs/Lib/Config.php

@@ -142,9 +142,9 @@ class Config {
 
 
 	/**
-	 * @brief Returns a value directly from the database configuration storage.
+	 * @brief Returns a record directly from the database configuration storage.
 	 *
-	 * This function queries directly the database and bypasses the chached storage
+	 * This function queries directly the database and bypasses the cached storage
 	 * from get_config($family, $key).
 	 *
 	 * @param string $family

Zotlabs/Lib/DB_Upgrade.php

@@ -10,22 +10,12 @@ class DB_Upgrade {
 
 	function __construct($db_revision) {
 
-		$platform_name = System::get_platform_name();
+		$this->config_name = 'db_version';
+		$this->func_prefix = '_';
 
-		$update_file = 'install/' . $platform_name . '/update.php';
-		if(! file_exists($update_file)) {
-			$update_file = 'install/update.php';
-			$this->config_name = 'db_version';
-			$this->func_prefix = 'update_r';
-		}
-		else {
-			$this->config_name = $platform_name . '_db_version';
-			$this->func_prefix = $platform_name . '_update_';
-		}
-
-		$build = get_config('system', $this->config_name, 0);
+		$build = get_config('system', 'db_version', 0);
 		if(! intval($build))
-			$build = set_config('system', $this->config_name, $db_revision);
+			$build = set_config('system', 'db_version', $db_revision);
 
 		if($build == $db_revision) {
 			// Nothing to be done.
@@ -40,82 +30,78 @@ class DB_Upgrade {
 		
 			$current = intval($db_revision);
 
-			if(($stored < $current) && file_exists($update_file)) {
+			if($stored < $current) {
 
-				Config::Load('database');
+				// The last update we performed was $stored.
+				// Start at $stored + 1 and continue until we have completed $current
 
-				// We're reporting a different version than what is currently installed.
-				// Run any existing update scripts to bring the database up to current.
-				
-				require_once($update_file);
-
-				// make sure that boot.php and update.php are the same release, we might be
-				// updating from git right this very second and the correct version of the update.php
-				// file may not be here yet. This can happen on a very busy site.
-
-				if($db_revision == UPDATE_VERSION) {
-					for($x = $stored; $x < $current; $x ++) {
-						$func = $this->func_prefix . $x;
-						if(function_exists($func)) {
-							// There could be a lot of processes running or about to run.
-							// We want exactly one process to run the update command.
-							// So store the fact that we're taking responsibility
-							// after first checking to see if somebody else already has.
-
-							// If the update fails or times-out completely you may need to
-							// delete the config entry to try again.
-
-							if(get_config('database', $func))
-								break;
-							set_config('database',$func, '1');
-							// call the specific update
-
-							$retval = $func();
-							if($retval) {
-
-								// Prevent sending hundreds of thousands of emails by creating
-								// a lockfile.  
-
-								$lockfile = 'store/[data]/mailsent';
-
-								if ((file_exists($lockfile)) && (filemtime($lockfile) > (time() - 86400)))
-									return;
-								@unlink($lockfile);
-								//send the administrator an e-mail
-								file_put_contents($lockfile, $x);
-							
-								$r = q("select account_language from account where account_email = '%s' limit 1",
-									dbesc(\App::$config['system']['admin_email'])
-								);
-								push_lang(($r) ? $r[0]['account_language'] : 'en');
-
-								z_mail(
-									[
-										'toEmail'        => \App::$config['system']['admin_email'],
-										'messageSubject' => sprintf( t('Update Error at %s'), z_root()),
-										'textVersion'    => replace_macros(get_intltext_template('update_fail_eml.tpl'), 
-											[
-												'$sitename' => \App::$config['system']['sitename'],
-												'$siteurl' =>  z_root(),
-												'$update' => $x,
-												'$error' => sprintf( t('Update %s failed. See error logs.'), $x)
-											]
-										)
-									]
-								);
-
-								//try the logger
-								logger('CRITICAL: Update Failed: ' . $x);
-								pop_lang();
-							}
-							else {
-								set_config('database',$func, 'success');
-							}
-						}
+				for($x = $stored + 1; $x <= $current; $x ++) {
+					$s = '_' . $x;
+					$cls = '\\Zotlabs\Update\\' . $s ;
+					if(! class_exists($cls)) {					
+						return;
+					}
+
+					// There could be a lot of processes running or about to run.
+					// We want exactly one process to run the update command.
+					// So store the fact that we're taking responsibility
+					// after first checking to see if somebody else already has.
+
+					// If the update fails or times-out completely you may need to
+					// delete the config entry to try again.
+
+					Config::Load('database');
+
+					if(get_config('database', $s))
+						break;
+					set_config('database',$s, '1');
+					
+
+					$c =  new $cls();
+					$retval = $c->run();
+
+					if($retval != UPDATE_SUCCESS) {
+
+						// Prevent sending hundreds of thousands of emails by creating
+						// a lockfile.  
+
+						$lockfile = 'store/[data]/mailsent';
+
+						if ((file_exists($lockfile)) && (filemtime($lockfile) > (time() - 86400)))
+							return;
+						@unlink($lockfile);
+						//send the administrator an e-mail
+						file_put_contents($lockfile, $x);
+							
+						$r = q("select account_language from account where account_email = '%s' limit 1",
+							dbesc(\App::$config['system']['admin_email'])
+						);
+						push_lang(($r) ? $r[0]['account_language'] : 'en');
+						z_mail(
+							[
+								'toEmail'        => \App::$config['system']['admin_email'],
+								'messageSubject' => sprintf( t('Update Error at %s'), z_root()),
+								'textVersion'    => replace_macros(get_intltext_template('update_fail_eml.tpl'), 
+									[
+										'$sitename' => \App::$config['system']['sitename'],
+										'$siteurl' =>  z_root(),
+										'$update' => $x,
+										'$error' => sprintf( t('Update %s failed. See error logs.'), $x)
+									]
+								)
+							]
+						);
+
+						//try the logger
+						logger('CRITICAL: Update Failed: ' . $x);
+						pop_lang();
+					}
+					else {
+						set_config('database',$s, 'success');
 					}
-					set_config('system', $this->config_name, $db_revision);
 				}
 			}
+			set_config('system', 'db_version', $db_revision);
 		}
 	}
 }

Zotlabs/Lib/DReport.php

@@ -1,5 +1,5 @@
 <?php
-namespace Zotlabs\Zot;
+namespace Zotlabs\Lib;
 
 class DReport {
 

Zotlabs/Lib/Enotify.php

@@ -63,7 +63,9 @@ class Enotify {
 		$thanks     = t('Thank You,');
 		$sitename   = get_config('system','sitename');
 		$site_admin = sprintf( t('%s Administrator'), $sitename);
-
+		$opt_out1   = sprintf( t('This email was sent by %1$s at %2$s.'), t('$Projectname'), \App::get_hostname());
+		$opt_out2   = sprintf( t('To stop receiving these messages, please adjust your Notification Settings at %s'), z_root() . '/settings');		
+		$hopt_out2  = sprintf( t('To stop receiving these messages, please adjust your %s.'), '<a href="' . z_root() . '/settings' . '">' . t('Notification Settings')  . '</a>');
 		$sender_name = $product;
 		$hostname = \App::get_hostname();
 		if(strpos($hostname,':'))
@@ -112,6 +114,8 @@ class Enotify {
 		}
 
 
+	$always_show_in_notices = get_pconfig($recip['channel_id'],'system','always_show_in_notices');
+
 	// e.g. "your post", "David's photo", etc.
 	$possess_desc = t('%s <!item_type!>');
 
@@ -128,18 +132,28 @@ class Enotify {
 	}
 
 	if ($params['type'] == NOTIFY_COMMENT) {
-//		logger("notification: params = " . print_r($params, true), LOGGER_DEBUG);
+		//logger("notification: params = " . print_r($params, true), LOGGER_DEBUG);
 
 		$moderated = (($params['item']['item_blocked'] == ITEM_MODERATED) ? true : false);
 
 		$itemlink = $params['link'];
 
-		// ignore like/unlike activity on posts - they probably require a separate notification preference
+		$action = t('commented on');
+
+		if(array_key_exists('item',$params) && in_array($params['item']['verb'], [ACTIVITY_LIKE, ACTIVITY_DISLIKE])) {
+
+			if(! $always_show_in_notices) {
+				logger('notification: not a visible activity. Ignoring.');
+				pop_lang();
+				return;
+			}
+
+			if(activity_match($params['verb'], ACTIVITY_LIKE))
+				$action = t('liked');
+
+			if(activity_match($params['verb'], ACTIVITY_DISLIKE))
+				$action = t('disliked');
 
-		if (array_key_exists('item',$params) && (! visible_activity($params['item']))) {
-			logger('notification: not a visible activity. Ignoring.');
-			pop_lang();
-			return;
 		}
 
 		$parent_mid = $params['parent_mid'];
@@ -181,26 +195,29 @@ class Enotify {
 		//$possess_desc = str_replace('<!item_type!>',$possess_desc);
 
 		// "a post"
-		$dest_str = sprintf(t('%1$s, %2$s commented on [zrl=%3$s]a %4$s[/zrl]'),
+		$dest_str = sprintf(t('%1$s, %2$s %3$s [zrl=%4$s]a %5$s[/zrl]'),
 			$recip['channel_name'],
 			'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
+			$action,
 			$itemlink,
 			$item_post_type);
 
 		// "George Bull's post"
 		if($p)
-			$dest_str = sprintf(t('%1$s, %2$s commented on [zrl=%3$s]%4$s\'s %5$s[/zrl]'),
+			$dest_str = sprintf(t('%1$s, %2$s %3$s [zrl=%4$s]%5$s\'s %6$s[/zrl]'),
 				$recip['channel_name'],
 				'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
+				$action,
 				$itemlink,
 				$p[0]['author']['xchan_name'],
 				$item_post_type);
 		
 		// "your post"
 		if($p[0]['owner']['xchan_name'] == $p[0]['author']['xchan_name'] && intval($p[0]['item_wall']))
-			$dest_str = sprintf(t('%1$s, %2$s commented on [zrl=%3$s]your %4$s[/zrl]'),
+			$dest_str = sprintf(t('%1$s, %2$s %3$s [zrl=%4$s]your %5$s[/zrl]'),
 				$recip['channel_name'],
 				'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
+				$action,
 				$itemlink,
 				$item_post_type);
 
@@ -231,12 +248,12 @@ class Enotify {
 
 		$itemlink =  $params['link'];
 
-		// ignore like/unlike activity on posts - they probably require a separate notification preference
-
 		if (array_key_exists('item',$params) && (! activity_match($params['item']['verb'],ACTIVITY_LIKE))) {
-			logger('notification: not a like activity. Ignoring.');
-			pop_lang();
-			return;
+			if(! $always_show_in_notices) {
+				logger('notification: not a visible activity. Ignoring.');
+				pop_lang();
+				return;
+			}
 		}
 
 		$parent_mid = $params['parent_mid'];
@@ -496,8 +513,6 @@ class Enotify {
 	// Another option would be to not add them to the DB, and change how emails are handled 
 	// (probably would be better that way)
 
-	$always_show_in_notices = get_pconfig($recip['channel_id'],'system','always_show_in_notices');
-
 	if (!$always_show_in_notices) {
 		if (($params['type'] == NOTIFY_WALL) || ($params['type'] == NOTIFY_MAIL) || ($params['type'] == NOTIFY_INTRO)) {
 			$seen = 1;
@@ -600,6 +615,9 @@ class Enotify {
 		$datarray['titemlink']    = $itemlink;
 		$datarray['thanks']       = $thanks;
 		$datarray['site_admin']   = $site_admin;
+		$datarray['opt_out1']     = $opt_out1;
+		$datarray['opt_out2']     = $opt_out2;
+		$datarray['hopt_out2']    = $hopt_out2;
 		$datarray['title']        = stripslashes($title);
 		$datarray['htmlversion']  = $htmlversion;
 		$datarray['textversion']  = $textversion;
@@ -657,6 +675,8 @@ class Enotify {
 			'$hitemlink'    => $datarray['hitemlink'],
 			'$thanks'       => $datarray['thanks'],
 			'$site_admin'   => $datarray['site_admin'],
+			'$opt_out1'     => $datarray['opt_out1'],
+			'$opt_out2'     => $datarray['hopt_out2'],
 			'$title'        => $datarray['title'],
 			'$htmlversion'  => $datarray['htmlversion'],
 		));
@@ -677,6 +697,8 @@ class Enotify {
 			'$titemlink'    => $datarray['titemlink'],
 			'$thanks'       => $datarray['thanks'],
 			'$site_admin'   => $datarray['site_admin'],
+			'$opt_out1'     => $datarray['opt_out1'],
+			'$opt_out2'     => $datarray['opt_out2'],
 			'$title'        => $datarray['title'],
 			'$textversion'  => $datarray['textversion'],
 		));
@@ -794,6 +816,20 @@ class Enotify {
 				: sprintf( t('commented on %s\'s post'), $item['owner']['xchan_name']));
 		}
 
+		$edit = false;
+
+		if($item['edited'] > $item['created']) {
+			if($item['item_thread_top']) {
+				$itemem_text = sprintf( t('edited a post dated %s'), relative_date($item['created']));
+				$edit = true;
+			}
+			else {
+				$itemem_text = sprintf( t('edited a comment dated %s'), relative_date($item['created']));
+				$edit = true;
+			}
+		}
+
+
 		// convert this logic into a json array just like the system notifications
 
 		return array(
@@ -801,7 +837,7 @@ class Enotify {
 			'name' => $item['author']['xchan_name'],
 			'url' => $item['author']['xchan_url'],
 			'photo' => $item['author']['xchan_photo_s'],
-			'when' => relative_date($item['created']), 
+			'when' => relative_date(($edit)? $item['edited'] : $item['created']), 
 			'class' => (intval($item['item_unseen']) ? 'notify-unseen' : 'notify-seen'),
 			'b64mid' => ((in_array($item['verb'], [ACTIVITY_LIKE, ACTIVITY_DISLIKE])) ? 'b64.' . base64url_encode($item['thr_parent']) : 'b64.' . base64url_encode($item['mid'])),
 			'notify_id' => 'undefined',

Zotlabs/Lib/Img_filesize.php

@@ -0,0 +1,122 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+class Img_filesize {
+
+	private $url;
+
+	function __construct($url) {
+		$this->url = $url;
+	}
+
+	function getSize() {
+		$size = null;
+
+		if(stripos($this->url,z_root() . '/photo') !== false) {
+			$size = self::getLocalFileSize($this->url);
+		}
+		if(! $size) {
+			$size = getRemoteFileSize($this->url);
+		}
+
+		return $size;
+	}
+
+
+	static function getLocalFileSize($url) {
+	
+		$fname = basename($url);
+		$resolution = 0;
+	
+		if(strpos($fname,'.') !== false)
+			$fname = substr($fname,0,strpos($fname,'.'));
+	
+		if(substr($fname,-2,1) == '-') {
+			$resolution = intval(substr($fname,-1,1));
+			$fname = substr($fname,0,-2);
+		}
+			
+		$r = q("SELECT filesize FROM photo WHERE resource_id = '%s' AND imgscale = %d LIMIT 1",
+			dbesc($fname),
+			intval($resolution)
+		);
+		if($r) {
+			return $r[0]['filesize'];
+		}
+		return null;
+	}
+
+}
+
+/**
+ * Try to determine the size of a remote file by making an HTTP request for
+ * a byte range, or look for the content-length header in the response.
+ * The function aborts the transfer as soon as the size is found, or if no
+ * length headers are returned, it aborts the transfer.
+ *
+ * @return int|null null if size could not be determined, or length of content
+ */
+function getRemoteFileSize($url)
+{
+    $ch = curl_init($url);
+
+    $headers = array(
+        'Range: bytes=0-1',
+        'Connection: close',
+    );
+
+    $in_headers = true;
+    $size       = null;
+
+    curl_setopt($ch, CURLOPT_HEADER, 1);
+    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+    curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2450.0 Iron/46.0.2450.0');
+    curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
+    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
+    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
+    curl_setopt($ch, CURLOPT_VERBOSE, 0); // set to 1 to debug
+    curl_setopt($ch, CURLOPT_STDERR, fopen('php://output', 'r'));
+
+    curl_setopt($ch, CURLOPT_HEADERFUNCTION, function($curl, $line) use (&$in_headers, &$size) {
+        $length = strlen($line);
+
+        if (trim($line) == '') {
+            $in_headers = false;
+        }
+
+        list($header, $content) = explode(':', $line, 2);
+        $header = strtolower(trim($header));
+
+        if ($header == 'content-range') {
+            // found a content-range header
+            list($rng, $s) = explode('/', $content, 2);
+            $size = (int)$s;
+            return 0; // aborts transfer
+        } else if ($header == 'content-length' && 206 != curl_getinfo($curl, CURLINFO_HTTP_CODE)) {
+            // found content-length header and this is not a 206 Partial Content response (range response)
+            $size = (int)$content;
+            return 0;
+        } else {
+            // continue
+            return $length;
+        }
+    });
+
+    curl_setopt($ch, CURLOPT_WRITEFUNCTION, function($curl, $data) use ($in_headers) {
+        if (!$in_headers) {
+            // shouldn't be here unless we couldn't determine file size
+            // abort transfer
+            return 0;
+        }
+
+        // write function is also called when reading headers
+        return strlen($data);
+    });
+
+    curl_exec($ch);
+    curl_getinfo($ch);
+	curl_close($ch);
+
+    return $size;
+}

Zotlabs/Lib/MarkdownSoap.php

@@ -3,51 +3,66 @@
 namespace Zotlabs\Lib;
 
 /**
- * MarkdownSoap
+ * @brief MarkdownSoap class.
+ *
  * Purify Markdown for storage
+ * @code{.php}
  *   $x = new MarkdownSoap($string_to_be_cleansed);
  *   $text = $x->clean();
- *
+ * @endcode
  * What this does:
  * 1. extracts code blocks and privately escapes them from processing
  * 2. Run html purifier on the content
  * 3. put back the code blocks
  * 4. run htmlspecialchars on the entire content for safe storage
  *
- * At render time: 
+ * At render time:
+ * @code{.php}
  *    $markdown = \Zotlabs\Lib\MarkdownSoap::unescape($text);
  *    $html = \Michelf\MarkdownExtra::DefaultTransform($markdown);
+ * @endcode
  */
-
-
-
 class MarkdownSoap {
 
+	/**
+	 * @var string
+	 */
+	private $str;
+	/**
+	 * @var string
+	 */
 	private $token;
 
-	private $str;
 
 	function __construct($s) {
-		$this->str  = $s;
+		$this->str   = $s;
 		$this->token = random_string(20);
 	}
 
-
 	function clean() {
 
 		$x = $this->extract_code($this->str);
 
 		$x = $this->purify($x);
 
-		$x = $this->putback_code($x);		
+		$x = $this->putback_code($x);
 
 		$x = $this->escape($x);
-		
+
 		return $x;
 	}
 
+	/**
+	 * @brief Extracts code blocks and privately escapes them from processing.
+	 *
+	 * @see encode_code()
+	 * @see putback_code()
+	 *
+	 * @param string $s
+	 * @return string
+	 */
 	function extract_code($s) {
-			
+
 		$text = preg_replace_callback('{
 					(?:\n\n|\A\n?)
 					(	            # $1 = the code block -- one or more lines, starting with a space/tab
@@ -62,7 +77,7 @@ class MarkdownSoap {
 
 		return $text;
 	}
-	
+
 	function encode_code($matches) {
 		return $this->token . ';' . base64_encode($matches[0]) . ';' ;
 	}
@@ -71,8 +86,17 @@ class MarkdownSoap {
 		return base64_decode($matches[1]);
 	}
 
+	/**
+	 * @brief Put back the code blocks.
+	 *
+	 * @see extract_code()
+	 * @see decode_code()
+	 *
+	 * @param string $s
+	 * @return string
+	 */
 	function putback_code($s) {
-		$text = preg_replace_callback('{' . $this->token . '\;(.*?)\;}xm',[ $this, 'decode_code' ], $s);
+		$text = preg_replace_callback('{' . $this->token . '\;(.*?)\;}xm', [ $this, 'decode_code' ], $s);
 		return $text;
 	}
 
@@ -84,20 +108,25 @@ class MarkdownSoap {
 	}
 
 	function protect_autolinks($s) {
-		$s = preg_replace('/\<(https?\:\/\/)(.*?)\>/','[$1$2]($1$2)',$s);
+		$s = preg_replace('/\<(https?\:\/\/)(.*?)\>/', '[$1$2]($1$2)', $s);
 		return $s;
 	}
 
 	function unprotect_autolinks($s) {
 		return $s;
-
 	}
 
 	function escape($s) {
-		return htmlspecialchars($s,ENT_QUOTES,'UTF-8',false);
+		return htmlspecialchars($s, ENT_QUOTES, 'UTF-8', false);
 	}
 
+	/**
+	 * @brief Converts special HTML entities back to characters.
+	 *
+	 * @param string $s
+	 * @return string
+	 */
 	static public function unescape($s) {
-		return htmlspecialchars_decode($s,ENT_QUOTES);
+		return htmlspecialchars_decode($s, ENT_QUOTES);
 	}
 }

Zotlabs/Lib/Permcat.php

@@ -2,12 +2,36 @@
 
 namespace Zotlabs\Lib;
 
-use \Zotlabs\Access as Zaccess;
+use Zotlabs\Access\PermissionRoles;
+use Zotlabs\Access\Permissions;
 
+/**
+ * @brief Permission Categories. Permission rules for various classes of connections.
+ *
+ * Connection permissions answer the question "Can Joe view my photos?"
+ *
+ * Some permissions may be inherited from the channel's "privacy settings"
+ * (@ref ::Zotlabs::Access::PermissionLimits "PermissionLimits") "Who can view my
+ * photos (at all)?" which have higher priority than individual connection settings.
+ * We evaluate permission limits first, and then fall through to connection
+ * permissions if the permission limits didn't already make a definitive decision.
+ *
+ * After PermissionLimits and connection permissions are evaluated, individual
+ * content ACLs are evaluated (@ref ::Zotlabs::Access::AccessList "AccessList").
+ * These answer the question "Can Joe view *this* album/photo?".
+ */
 class Permcat {
 
+	/**
+	 * @var array
+	 */
 	private $permcats = [];
 
+	/**
+	 * @brief Permcat constructor.
+	 *
+	 * @param int $channel_id
+	 */
 	public function __construct($channel_id) {
 
 		$perms = [];
@@ -16,16 +40,16 @@ class Permcat {
 
 		$role = get_pconfig($channel_id,'system','permissions_role');
 		if($role) {
-			$x = Zaccess\PermissionRoles::role_perms($role);
+			$x = PermissionRoles::role_perms($role);
 			if($x['perms_connect']) {
-				$perms = Zaccess\Permissions::FilledPerms($x['perms_connect']);
+				$perms = Permissions::FilledPerms($x['perms_connect']);
 			}
 		}
 
 		// if no role perms it may be a custom role, see if there any autoperms
 
 		if(! $perms) {
-			$perms = Zaccess\Permissions::FilledAutoPerms($channel_id);
+			$perms = Permissions::FilledAutoPerms($channel_id);
 		}
 
 		// if no autoperms it may be a custom role with manual perms
@@ -50,13 +74,13 @@ class Permcat {
 		// nothing was found - create a filled permission array where all permissions are 0
 
 		if(! $perms) {
-			$perms = Zaccess\Permissions::FilledPerms([]);
+			$perms = Permissions::FilledPerms([]);
 		}
 
 		$this->permcats[] = [
 			'name'      => 'default',
 			'localname' => t('default','permcat'),
-			'perms'     => Zaccess\Permissions::Operms($perms),
+			'perms'     => Permissions::Operms($perms),
 			'system'    => 1
 		];
 
@@ -67,26 +91,39 @@ class Permcat {
 				$this->permcats[] = [
 					'name'      => $p[$x][0],
 					'localname' => $p[$x][1],
-					'perms'     => Zaccess\Permissions::Operms(Zaccess\Permissions::FilledPerms($p[$x][2])),
+					'perms'     => Permissions::Operms(Permissions::FilledPerms($p[$x][2])),
 					'system'    => intval($p[$x][3])
 				];
 			}
 		}
 	}
 
-
+	/**
+	 * @brief Return array with permcats.
+	 *
+	 * @return array
+	 */
 	public function listing() {
 		return $this->permcats;
 	}
 
+	/**
+	 * @brief
+	 *
+	 * @param string $name
+	 * @return array
+	 *   * \e array with permcats
+	 *   * \e bool \b error if $name not found in permcats true
+	 */
 	public function fetch($name) {
 		if($name && $this->permcats) {
 			foreach($this->permcats as $permcat) {
-				if(strcasecmp($permcat['name'],$name) === 0) {
+				if(strcasecmp($permcat['name'], $name) === 0) {
 					return $permcat;
 				}
 			}
 		}
+
 		return ['error' => true];
 	}
 
@@ -118,29 +155,32 @@ class Permcat {
 					$permcats[] = [ $xv['k'], $xv['k'], $value, 0 ];
 				}
 			}
-		}					
+		}
 
-		call_hooks('permcats',$permcats);
+		/**
+		 * @hooks permcats
+		 *   * \e array
+		 */
+		call_hooks('permcats', $permcats);
 
 		return $permcats;
-
 	}
 
-	static public function find_permcat($arr,$name) {
+	static public function find_permcat($arr, $name) {
 		if((! $arr) || (! $name))
 			return false;
+
 		foreach($arr as $p)
 			if($p['name'] == $name)
 				return $p['value'];
 	}
 
-	static public function update($channel_id, $name,$permarr) {
-		PConfig::Set($channel_id,'permcat',$name,$permarr);
+	static public function update($channel_id, $name, $permarr) {
+		PConfig::Set($channel_id, 'permcat', $name, $permarr);
 	}
 
-	static public function delete($channel_id,$name) {
-		PConfig::Delete($channel_id,'permcat',$name);
+	static public function delete($channel_id, $name) {
+		PConfig::Delete($channel_id, 'permcat', $name);
 	}
 
-
 }

Zotlabs/Lib/ProtoDriver.php

@@ -1,19 +0,0 @@
-<?php /** @file */
-
-namespace Zotlabs\Lib;
-
-/*
- * Abstraction class for dealing with alternate networks (which of course do not exist, hence the abstraction)
- */
-
-
-abstract class ProtoDriver {
-	abstract protected function discover($channel,$location);
-	abstract protected function deliver($item,$channel,$recipients);
-	abstract protected function collect($channel,$connection);
-	abstract protected function change_permissions($permissions,$channel,$recipient);
-	abstract protected function acknowledge_permissions($permissions,$channel,$recipient);
-	abstract protected function deliver_private($item,$channel,$recipients);
-	abstract protected function collect_private($channel,$connection);
-
-}

Zotlabs/Lib/Share.php

@@ -0,0 +1,141 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+
+class Share {
+
+	private $item = null;
+
+
+	public function __construct($post_id) {
+	
+		if(! $post_id)
+			return;
+	
+		if(! (local_channel() || remote_channel()))
+			return;
+	
+		$r = q("SELECT * from item left join xchan on author_xchan = xchan_hash WHERE id = %d  LIMIT 1",
+			intval($post_id)
+		);
+		if(! $r)
+			return;
+
+		if(($r[0]['item_private']) && ($r[0]['xchan_network'] !== 'rss'))
+			return;
+	
+		$sql_extra = item_permissions_sql($r[0]['uid']);
+	
+		$r = q("select * from item where id = %d $sql_extra",
+			intval($post_id)
+		);
+		if(! $r)
+			return;
+	
+		if($r[0]['mimetype'] !== 'text/bbcode')
+			return;
+	
+		/** @FIXME eventually we want to post remotely via rpost on your home site */
+		// When that works remove this next bit:
+	
+		if(! local_channel())
+			return;
+
+		xchan_query($r);
+	
+		$this->item = $r[0];
+		return;
+	}
+
+	public function obj() {
+		$obj = [];
+
+		if(! $this->item)
+			return $obj;
+
+		$obj['type']         = $this->item['obj_type'];
+		$obj['id']           = $this->item['mid'];
+		$obj['content']      = $this->item['body'];
+		$obj['content_type'] = $this->item['mimetype'];
+		$obj['title']        = $this->item['title'];
+		$obj['created']      = $this->item['created'];
+		$obj['edited']       = $this->item['edited'];
+		$obj['author'] = [
+			'name'     => $this->item['author']['xchan_name'],
+			'address'  => $this->item['author']['xchan_addr'],
+			'network'  => $this->item['author']['xchan_network'],
+			'link'     => [
+				[ 
+					'rel'  => 'alternate', 
+					'type' => 'text/html', 
+					'href' => $this->item['author']['xchan_url']
+				],
+				[
+					'rel'  => 'photo', 
+					'type' => $this->item['author']['xchan_photo_mimetype'], 
+					'href' => $this->item['author']['xchan_photo_m']
+				]
+			]
+		];
+
+		$obj['owner'] = [
+			'name'     => $this->item['owner']['xchan_name'],
+			'address'  => $this->item['owner']['xchan_addr'],
+			'network'  => $this->item['owner']['xchan_network'],
+			'link'     => [
+				[ 
+					'rel'  => 'alternate', 
+					'type' => 'text/html', 
+					'href' => $this->item['owner']['xchan_url']
+				],
+				[
+					'rel'  => 'photo', 
+					'type' => $this->item['owner']['xchan_photo_mimetype'], 
+					'href' => $this->item['owner']['xchan_photo_m']
+				]
+			]
+		];
+
+		$obj['link'] = [
+			'rel'  => 'alternate',
+			'type' => 'text/html',
+			'href' => $this->item['plink']
+		];
+
+		return $obj;
+	}
+
+	public function bbcode() {
+		$bb = NULL_STR;
+
+		if(! $this->item)
+			return $bb;
+
+		$is_photo = (($this->item['obj_type'] === ACTIVITY_OBJ_PHOTO) ? true : false);
+		if($is_photo) {
+			$object = json_decode($this->item['obj'],true);
+			$photo_bb = $object['body'];
+		}
+	
+		if (strpos($this->item['body'], "[/share]") !== false) {
+			$pos = strpos($this->item['body'], "[share");
+			$bb = substr($this->item['body'], $pos);
+		} else {
+			$bb = "[share author='".urlencode($this->item['author']['xchan_name']).
+				"' profile='".$this->item['author']['xchan_url'] .
+				"' avatar='".$this->item['author']['xchan_photo_s'].
+				"' link='".$this->item['plink'].
+				"' posted='".$this->item['created'].
+				"' message_id='".$this->item['mid']."']";
+			if($this->item['title'])
+				$bb .= '[b]'.$this->item['title'].'[/b]'."\r\n";
+			$bb .= (($is_photo) ? $photo_bb . "\r\n" . $this->item['body'] : $this->item['body']);
+			$bb .= "[/share]";
+		}
+
+		return $bb;
+
+	}
+
+}

Zotlabs/Lib/ThreadItem.php

@@ -730,9 +730,6 @@ class ThreadItem {
 
 		$observer = $conv->get_observer();
 
-		$qc = ((local_channel()) ? get_pconfig(local_channel(),'system','qcomment') : null);
-		$qcomment = (($qc) ? explode("\n",$qc) : null);
-
 		$arr = array('comment_buttons' => '','id' => $this->get_id());
 		call_hooks('comment_buttons',$arr);
 		$comment_buttons = $arr['comment_buttons'];
@@ -744,7 +741,6 @@ class ThreadItem {
 			'$type' => (($conv->get_mode() === 'channel') ? 'wall-comment' : 'net-comment'),
 			'$id' => $this->get_id(),
 			'$parent' => $this->get_id(),
-			'$qcomment' => $qcomment,
 			'$comment_buttons' => $comment_buttons,
 			'$profile_uid' =>  $conv->get_profile_owner(),
 			'$mylink' => $observer['xchan_url'],

Zotlabs/Lib/Verify.php

@@ -1,6 +1,6 @@
 <?php
 
-namespace Zotlabs\Zot;
+namespace Zotlabs\Lib;
 
 
 class Verify {

Zotlabs/Lib/ZotDriver.php

@@ -1,30 +0,0 @@
-<?php /** @file */
-
-namespace Zotlabs\Lib;
-
-
-class ZotDriver extends ProtoDriver {
-
-	protected function discover($channel,$location) {
-
-	}
-	protected function deliver($item,$channel,$recipients) {
-
-	}
-	protected function collect($channel,$connection) {
-
-	}
-	protected function change_permissions($permissions,$channel,$recipient) {
-
-	}
-	protected function acknowledge_permissions($permissions,$channel,$recipient) {
-
-	}
-	protected function deliver_private($item,$channel,$recipients) {
-
-	}
-	protected function collect_private($channel,$connection) {
-
-	}
-
-}

Zotlabs/Module/Acl.php

@@ -1,36 +1,39 @@
 <?php
+
 namespace Zotlabs\Module;
 
-/*
- * ACL selector json backend 
+require_once 'include/acl_selectors.php';
+require_once 'include/group.php';
+
+/**
+ * @brief ACL selector json backend.
+ *
  * This module provides JSON lists of connections and local/remote channels
  * (xchans) to populate various tools such as the ACL (AccessControlList) popup
- * and various auto-complete functions (such as email recipients, search, and 
+ * and various auto-complete functions (such as email recipients, search, and
  * mention targets.
+ *
  * There are two primary output structural formats. One for the ACL widget and
  * the other for auto-completion.
- * Many of the  behaviour variations are triggered on the use of single character keys
- * however this functionality has grown in an ad-hoc manner and has gotten quite messy over time.    
+ *
+ * Many of the behaviour variations are triggered on the use of single character
+ * keys however this functionality has grown in an ad-hoc manner and has gotten
+ * quite messy over time.
  */
-
-require_once("include/acl_selectors.php");
-require_once("include/group.php");
-
-
 class Acl extends \Zotlabs\Web\Controller {
 
 	function init() {
-	
+
 		logger('mod_acl: ' . print_r($_REQUEST,true));
-	
+
 		$start    = (x($_REQUEST,'start')  ? $_REQUEST['start']  : 0);
 		$count    = (x($_REQUEST,'count')  ? $_REQUEST['count']  : 500);
 		$search   = (x($_REQUEST,'search') ? $_REQUEST['search'] : '');
 		$type     = (x($_REQUEST,'type')   ? $_REQUEST['type']   : '');
-		$noforums = (x($_REQUEST,'n')      ? $_REQUEST['n']      : false);	
+		$noforums = (x($_REQUEST,'n')      ? $_REQUEST['n']      : false);
 
 
-		// $type = 
+		// $type =
 		//  ''   =>  standard ACL request
 		//  'g'  =>  Groups only ACL request
 		//  'f'  =>  forums only ACL request
@@ -382,15 +385,13 @@ class Acl extends \Zotlabs\Web\Controller {
 			'count'	=> $count,
 			'items'	=> $items,
 		);
-	
-	
-		
+
 		echo json_encode($o);
-	
+
 		killme();
 	}
-	
-	
+
+
 	function navbar_complete(&$a) {
 	
 	//	logger('navbar_complete');
@@ -447,5 +448,5 @@ class Acl extends \Zotlabs\Web\Controller {
 		}
 		return array();
 	}
-	
+
 }

Zotlabs/Module/Admin/Accounts.php

@@ -16,6 +16,7 @@ class Accounts {
 	 */
 
 	function post() {
+
 		$pending = ( x($_POST, 'pending') ? $_POST['pending'] : array() );
 		$users   = ( x($_POST, 'user')    ? $_POST['user']    : array() );
 		$blocked = ( x($_POST, 'blocked') ? $_POST['blocked'] : array() );
@@ -24,7 +25,7 @@ class Accounts {
 	
 		// change to switch structure?
 		// account block/unblock button was submitted
-		if (x($_POST, 'page_users_block')) {
+		if (x($_POST, 'page_accounts_block')) {
 			for ($i = 0; $i < count($users); $i++) {
 				// if account is blocked remove blocked bit-flag, otherwise add blocked bit-flag
 				$op = ($blocked[$i]) ? '& ~' : '| ';
@@ -43,13 +44,13 @@ class Accounts {
 			notice( sprintf( tt("%s account deleted", "%s accounts deleted", count($users)), count($users)) );
 		}
 		// registration approved button was submitted
-		if (x($_POST, 'page_users_approve')) {
+		if (x($_POST, 'page_accounts_approve')) {
 			foreach ($pending as $hash) {
 				account_allow($hash);
 			}
 		}
 		// registration deny button was submitted
-		if (x($_POST, 'page_users_deny')) {
+		if (x($_POST, 'page_accounts_deny')) {
 			foreach ($pending as $hash) {
 				account_deny($hash);
 			}

Zotlabs/Module/Admin/Dbsync.php

@@ -7,36 +7,38 @@ namespace Zotlabs\Module\Admin;
 class Dbsync {
 	
 
-
-
 	function get() {
 		$o = '';
 	
 		if(argc() > 3 && intval(argv(3)) && argv(2) === 'mark') {
-			set_config('database', 'update_r' . intval(argv(3)), 'success');
-			if(intval(get_config('system','db_version')) <= intval(argv(3)))
-				set_config('system','db_version',intval(argv(3)) + 1);
+			// remove the old style config if it exists
+			del_config('database', 'update_r' . intval(argv(3)));
+			set_config('database', '_' . intval(argv(3)), 'success');
+			if(intval(get_config('system','db_version')) < intval(argv(3)))
+				set_config('system','db_version',intval(argv(3)));
 			info( t('Update has been marked successful') . EOL);
 			goaway(z_root() . '/admin/dbsync');
 		}
 	
 		if(argc() > 2 && intval(argv(2))) {
-			require_once('install/update.php');
-			$func = 'update_r' . intval(argv(2));
-			if(function_exists($func)) {
-				$retval = $func();
+			$x = intval(argv(2));
+			$s = '_' . $x;
+			$cls = '\\Zotlabs\Update\\' . $s ;
+			if(class_exists($cls)) {
+				$c =  new $cls();
+				$retval = $c->run();
 				if($retval === UPDATE_FAILED) {
-					$o .= sprintf( t('Executing %s failed. Check system logs.'), $func); 
+					$o .= sprintf( t('Executing %s failed. Check system logs.'), $s); 
 				}
 				elseif($retval === UPDATE_SUCCESS) {
-					$o .= sprintf( t('Update %s was successfully applied.'), $func);
-					set_config('database',$func, 'success');
+					$o .= sprintf( t('Update %s was successfully applied.'), $s);
+					set_config('database',$s, 'success');
 				}
 				else
-					$o .= sprintf( t('Update %s did not return a status. Unknown if it succeeded.'), $func);
+					$o .= sprintf( t('Update %s did not return a status. Unknown if it succeeded.'), $s);
 			}
 			else
-				$o .= sprintf( t('Update function %s could not be found.'), $func);
+				$o .= sprintf( t('Update function %s could not be found.'), $s);
 	
 			return $o;
 		}
@@ -45,23 +47,25 @@ class Dbsync {
 		$r = q("select * from config where cat = 'database' ");
 		if(count($r)) {
 			foreach($r as $rr) {
-				$upd = intval(substr($rr['k'],8));
+				$upd = intval(substr($rr['k'],-4));
 				if($rr['v'] === 'success')
 					continue;
 				$failed[] = $upd;
 			}
 		}
-		if(! count($failed))
-			return '<div class="generic-content-wrapper-styled"><h3>' . t('No failed updates.') . '</h3></div>';
-	
-		$o = replace_macros(get_markup_template('failed_updates.tpl'),array(
-			'$base' => z_root(),
-			'$banner' => t('Failed Updates'),
-			'$desc' => '',
-			'$mark' => t('Mark success (if update was manually applied)'),
-			'$apply' => t('Attempt to execute this update step automatically'),
-			'$failed' => $failed
+		if(count($failed)) {
+			$o = replace_macros(get_markup_template('failed_updates.tpl'),array(
+				'$base'   => z_root(),
+				'$banner' => t('Failed Updates'),
+				'$desc'   => '',
+				'$mark'   => t('Mark success (if update was manually applied)'),
+				'$apply'  => t('Attempt to execute this update step automatically'),
+				'$failed' => $failed
 		));
+		}
+		else {
+			return '<div class="generic-content-wrapper-styled"><h3>' . t('No failed updates.') . '</h3></div>';
+		}
 	
 		return $o;
 	}

Zotlabs/Module/Admin/Profs.php

@@ -9,17 +9,37 @@ class Profs {
 	
 		if(array_key_exists('basic',$_REQUEST)) {
 			$arr = explode(',',$_REQUEST['basic']);
-			for($x = 0; $x < count($arr); $x ++) 
-				if(trim($arr[$x]))
-					$arr[$x] = trim($arr[$x]);
-			set_config('system','profile_fields_basic',$arr);
-	
+			array_walk($arr,'array_trim');
+			$narr = [];
+			if(count($arr)) {
+				foreach($arr as $a) {
+					if(strlen($a)) {
+						$narr[] = $a;
+					}
+				}
+			}
+			if(! $narr)
+				del_config('system','profile_fields_basic');
+			else
+				set_config('system','profile_fields_basic',$narr);
+
+
 			if(array_key_exists('advanced',$_REQUEST)) {
 				$arr = explode(',',$_REQUEST['advanced']);
-				for($x = 0; $x < count($arr); $x ++)
-					if(trim($arr[$x]))
-						$arr[$x] = trim($arr[$x]);
-				set_config('system','profile_fields_advanced',$arr);
+				array_walk($arr,'array_trim');
+				$narr = [];
+				if(count($arr)) {
+					foreach($arr as $a) {
+						if(strlen($a)) {
+							$narr[] = $a;
+						}
+					}
+				}
+				if(! $narr)
+					del_config('system','profile_fields_advanced');
+				else
+					set_config('system','profile_fields_advanced',$narr);
+
 			}
 			goaway(z_root() . '/admin/profs');
 		}
@@ -98,6 +118,7 @@ class Profs {
 		$basic = '';
 		$barr = array();
 		$fields = get_profile_fields_basic();
+
 		if(! $fields)
 			$fields = get_profile_fields_basic(1);
 		if($fields) {

Zotlabs/Module/Admin/Security.php

@@ -52,24 +52,24 @@ class Security {
 	function get() {
 	
 		$whitesites = get_config('system','whitelisted_sites');
-		$whitesites_str = ((is_array($whitesites)) ? implode($whitesites,"\n") : '');
+		$whitesites_str = ((is_array($whitesites)) ? implode("\n",$whitesites) : '');
 	
 		$blacksites = get_config('system','blacklisted_sites');
-		$blacksites_str = ((is_array($blacksites)) ? implode($blacksites,"\n") : '');
+		$blacksites_str = ((is_array($blacksites)) ? implode("\n",$blacksites) : '');
 	
 	
 		$whitechannels = get_config('system','whitelisted_channels');
-		$whitechannels_str = ((is_array($whitechannels)) ? implode($whitechannels,"\n") : '');
+		$whitechannels_str = ((is_array($whitechannels)) ? implode("\n",$whitechannels) : '');
 	
 		$blackchannels = get_config('system','blacklisted_channels');
-		$blackchannels_str = ((is_array($blackchannels)) ? implode($blackchannels,"\n") : '');
+		$blackchannels_str = ((is_array($blackchannels)) ? implode("\n",$blackchannels) : '');
 	
 	
 		$whiteembeds = get_config('system','embed_allow');
-		$whiteembeds_str = ((is_array($whiteembeds)) ? implode($whiteembeds,"\n") : '');
+		$whiteembeds_str = ((is_array($whiteembeds)) ? implode("\n",$whiteembeds) : '');
 	
 		$blackembeds = get_config('system','embed_deny');
-		$blackembeds_str = ((is_array($blackembeds)) ? implode($blackembeds,"\n") : '');
+		$blackembeds_str = ((is_array($blackembeds)) ? implode("\n",$blackembeds) : '');
 	
 		$embed_coop = intval(get_config('system','embed_coop'));
 	

Zotlabs/Module/Admin/Site.php

@@ -24,23 +24,28 @@ class Site {
 		$siteinfo			=	((x($_POST,'siteinfo'))		    ? trim($_POST['siteinfo'])				: '');
 		$language			=	((x($_POST,'language'))			? notags(trim($_POST['language']))			: '');
 		$theme				=	((x($_POST,'theme'))			? notags(trim($_POST['theme']))				: '');
-		$theme_mobile			=	((x($_POST,'theme_mobile'))		? notags(trim($_POST['theme_mobile']))			: '');
+//		$theme_mobile			=	((x($_POST,'theme_mobile'))		? notags(trim($_POST['theme_mobile']))			: '');
 //		$site_channel			=	((x($_POST,'site_channel'))	? notags(trim($_POST['site_channel']))				: '');
 		$maximagesize		=	((x($_POST,'maximagesize'))		? intval(trim($_POST['maximagesize']))				:  0);
 
 		$register_policy	=	((x($_POST,'register_policy'))	? intval(trim($_POST['register_policy']))	:  0);
-
+		$minimum_age           = ((x($_POST,'minimum_age'))          ? intval(trim($_POST['minimum_age']))    : 13);
 		$access_policy	=	((x($_POST,'access_policy'))	? intval(trim($_POST['access_policy']))	:  0);
 		$invite_only	= ((x($_POST,'invite_only'))		? True	: False);
 		$abandon_days	=	((x($_POST,'abandon_days'))	    ? intval(trim($_POST['abandon_days']))	    :  0);
 
 		$register_text		=	((x($_POST,'register_text'))	? notags(trim($_POST['register_text']))		: '');
+		$site_sellpage		=	((x($_POST,'site_sellpage'))	? notags(trim($_POST['site_sellpage']))		: '');
+		$site_location		=	((x($_POST,'site_location'))	? notags(trim($_POST['site_location']))		: '');
 		$frontpage			=	((x($_POST,'frontpage'))	? notags(trim($_POST['frontpage']))		: '');
+		$firstpage		    =	((x(trim($_POST,'firstpage')))	? notags(trim($_POST['firstpage']))		: 'profiles');
 		$mirror_frontpage	=	((x($_POST,'mirror_frontpage'))	? intval(trim($_POST['mirror_frontpage']))		: 0);
 		$directory_server	=	((x($_POST,'directory_server')) ? trim($_POST['directory_server']) : '');
 		$allowed_sites		=	((x($_POST,'allowed_sites'))	? notags(trim($_POST['allowed_sites']))		: '');
 		$force_publish		=	((x($_POST,'publish_all'))		? True	: False);
 		$disable_discover_tab =	((x($_POST,'disable_discover_tab'))		? False	:	True);
+		$site_firehose      =   ((x($_POST,'site_firehose')) ? True : False);
+		$open_pubstream     =   ((x($_POST,'open_pubstream')) ? True : False);
 		$login_on_homepage	=	((x($_POST,'login_on_homepage'))		? True	:	False);
 		$enable_context_help = ((x($_POST,'enable_context_help'))		? True	:	False);
 		$global_directory     = ((x($_POST,'directory_submit_url'))	? notags(trim($_POST['directory_submit_url']))	: '');
@@ -64,7 +69,7 @@ class Site {
 		$techlevel_lock    = ((x($_POST,'techlock'))         ? intval($_POST['techlock'])   : 0);
 		$imagick_path      = ((x($_POST,'imagick_path'))     ? trim($_POST['imagick_path'])   : '');
 		$thumbnail_security  = ((x($_POST,'thumbnail_security'))     ? intval($_POST['thumbnail_security'])   : 0);
-		$force_queue       = ((intval($_POST['force_queue']) > 0) ? intval($_POST['force_queue'])   : 300);
+		$force_queue       = ((intval($_POST['force_queue']) > 0) ? intval($_POST['force_queue'])   : 3000);
 
 		$techlevel         = null;
 		if(array_key_exists('techlevel', $_POST))
@@ -76,6 +81,9 @@ class Site {
 		set_config('system', 'poll_interval', $poll_interval);
 		set_config('system', 'maxloadavg', $maxloadavg);
 		set_config('system', 'frontpage', $frontpage);
+		set_config('system', 'sellpage', $site_sellpage);
+		set_config('system', 'workflow_channel_next', $firstpage);
+		set_config('system', 'site_location', $site_location);
 		set_config('system', 'mirror_frontpage', $mirror_frontpage);
 		set_config('system', 'sitename', $sitename);
 		set_config('system', 'login_on_homepage', $login_on_homepage);
@@ -114,15 +122,16 @@ class Site {
 		set_config('system','siteinfo',$siteinfo);
 		set_config('system', 'language', $language);
 		set_config('system', 'theme', $theme);
-		if ( $theme_mobile === '---' ) {
-			del_config('system', 'mobile_theme');
-		} else {
-			set_config('system', 'mobile_theme', $theme_mobile);
-		}
+//		if ( $theme_mobile === '---' ) {
+//			del_config('system', 'mobile_theme');
+//		} else {
+//			set_config('system', 'mobile_theme', $theme_mobile);
+//		}
 	//	set_config('system','site_channel', $site_channel);
 		set_config('system','maximagesize', $maximagesize);
 
 		set_config('system','register_policy', $register_policy);
+		set_config('system','minimum_age', $minimum_age);
 		set_config('system','invitation_only', $invite_only);
 		set_config('system','access_policy', $access_policy);
 		set_config('system','account_abandon_days', $abandon_days);
@@ -130,6 +139,8 @@ class Site {
 		set_config('system','allowed_sites', $allowed_sites);
 		set_config('system','publish_all', $force_publish);
 		set_config('system','disable_discover_tab', $disable_discover_tab);
+		set_config('system','site_firehose', $site_firehose);
+		set_config('system','open_pubstream', $open_pubstream);
 		set_config('system','force_queue_threshold', $force_queue);
 		if ($global_directory == '') {
 			del_config('system', 'directory_submit_url');
@@ -209,9 +220,10 @@ class Site {
 		$realm = get_directory_realm();
 
 		// directory server should not be set or settable unless we are a directory client
+		// avoid older redmatrix servers which don't have modern encryption
 
 		if($dirmode == DIRECTORY_MODE_NORMAL) {
-			$x = q("select site_url from site where site_flags in (%d,%d) and site_realm = '%s' and site_dead = 0",
+			$x = q("select site_url from site where site_flags in (%d,%d) and site_realm = '%s' and site_dead = 0 and site_project != 'redmatrix'",
 				intval(DIRECTORY_MODE_SECONDARY),
 				intval(DIRECTORY_MODE_PRIMARY),
 				dbesc($realm)
@@ -288,17 +300,18 @@ class Site {
 
 			'$techlock' => [ 'techlock', t('Lock the technical skill level setting'), get_config('system','techlevel_lock'), t('Members can set their own technical comfort level by default') ],
 
-			'$banner'			=> array('banner', t("Banner/Logo"), $banner, ""),
+			'$banner'			=> array('banner', t("Banner/Logo"), $banner, t('Unfiltered HTML/CSS/JS is allowed')),
 			'$admininfo'		=> array('admininfo', t("Administrator Information"), $admininfo, t("Contact information for site administrators.  Displayed on siteinfo page.  BBCode can be used here")),
 			'$siteinfo'		=> array('siteinfo', t('Site Information'), get_config('system','siteinfo'), t("Publicly visible description of this site.  Displayed on siteinfo page.  BBCode can be used here")),
 			'$language' 		=> array('language', t("System language"), get_config('system','language'), "", $lang_choices),
 			'$theme' 			=> array('theme', t("System theme"), get_config('system','theme'), t("Default system theme - may be over-ridden by user profiles - <a href='#' id='cnftheme'>change theme settings</a>"), $theme_choices),
-			'$theme_mobile' 	=> array('theme_mobile', t("Mobile system theme"), get_config('system','mobile_theme'), t("Theme for mobile devices"), $theme_choices_mobile),
+//			'$theme_mobile' 	=> array('theme_mobile', t("Mobile system theme"), get_config('system','mobile_theme'), t("Theme for mobile devices"), $theme_choices_mobile),
 //			'$site_channel' 	=> array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")),
 			'$feed_contacts'    => array('feed_contacts', t('Allow Feeds as Connections'),get_config('system','feed_contacts'),t('(Heavy system resource usage)')),
 			'$maximagesize'		=> array('maximagesize', t("Maximum image size"), intval(get_config('system','maximagesize')), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")),
 			'$register_policy'	=> array('register_policy', t("Does this site allow new member registration?"), get_config('system','register_policy'), "", $register_choices),
 			'$invite_only'		=> array('invite_only', t("Invitation only"), get_config('system','invitation_only'), t("Only allow new member registrations with an invitation code. Above register policy must be set to Yes.")),
+			'$minimum_age'		=> array('minimum_age', t("Minimum age"), (x(get_config('system','minimum_age'))?get_config('system','minimum_age'):13), t("Minimum age (in years) for who may register on this site.")),
 			'$access_policy'	=> array('access_policy', t("Which best describes the types of account offered by this hub?"), get_config('system','access_policy'), "This is displayed on the public server site list.", $access_choices),
 			'$register_text'	=> array('register_text', t("Register text"), htmlspecialchars(get_config('system','register_text'), ENT_QUOTES, 'UTF-8'), t("Will be displayed prominently on the registration page.")),
 			'$frontpage'	=> array('frontpage', t("Site homepage to show visitors (default: login box)"), get_config('system','frontpage'), t("example: 'public' to show public stream, 'page/sys/home' to show a system webpage called 'home' or 'include:home.html' to include a file.")),
@@ -308,6 +321,8 @@ class Site {
 			'$verify_email'		=> array('verify_email', t("Verify Email Addresses"), get_config('system','verify_email'), t("Check to verify email addresses used in account registration (recommended).")),
 			'$force_publish'	=> array('publish_all', t("Force publish"), get_config('system','publish_all'), t("Check to force all profiles on this site to be listed in the site directory.")),
 			'$disable_discover_tab'	=> array('disable_discover_tab', t('Import Public Streams'), $discover_tab, t('Import and allow access to public content pulled from other sites. Warning: this content is unmoderated.')),
+			'$site_firehose'	=> array('site_firehose', t('Site only Public Streams'), get_config('system','site_firehose'), t('Allow access to public content originating only from this site if Imported Public Streams are disabled.')),
+			'$open_pubstream'	=> array('open_pubstream', t('Allow anybody on the internet to access the Public streams'), get_config('system','open_pubstream',1), t('Disable to require authentication before viewing. Warning: this content is unmoderated.')),
 			'$login_on_homepage'	=> array('login_on_homepage', t("Login on Homepage"),((intval($homelogin) || $homelogin === false) ? 1 : '') , t("Present a login box to visitors on the home page if no other content has been configured.")),
 			'$enable_context_help'	=> array('enable_context_help', t("Enable context help"),((intval($enable_context_help) === 1 || $enable_context_help === false) ? 1 : 0) , t("Display contextual help for the current page when the help button is pressed.")),
 
@@ -322,12 +337,19 @@ class Site {
 			'$timeout'			=> array('timeout', t("Network timeout"), (x(get_config('system','curl_timeout'))?get_config('system','curl_timeout'):60), t("Value is in seconds. Set to 0 for unlimited (not recommended).")),
 			'$delivery_interval'			=> array('delivery_interval', t("Delivery interval"), (x(get_config('system','delivery_interval'))?get_config('system','delivery_interval'):2), t("Delay background delivery processes by this many seconds to reduce system load. Recommend: 4-5 for shared hosts, 2-3 for virtual private servers. 0-1 for large dedicated servers.")),
 			'$delivery_batch_count' => array('delivery_batch_count', t('Deliveries per process'),(x(get_config('system','delivery_batch_count'))?get_config('system','delivery_batch_count'):1), t("Number of deliveries to attempt in a single operating system process. Adjust if necessary to tune system performance. Recommend: 1-5.")),
-			'$force_queue'			=> array('force_queue', t("Queue Threshold"), get_config('system','force_queue_threshold',300), t("Always defer immediate delivery if queue contains more than this number of entries.")),
+			'$force_queue'			=> array('force_queue', t("Queue Threshold"), get_config('system','force_queue_threshold',3000), t("Always defer immediate delivery if queue contains more than this number of entries.")),
 			'$poll_interval'			=> array('poll_interval', t("Poll interval"), (x(get_config('system','poll_interval'))?get_config('system','poll_interval'):2), t("Delay background polling processes by this many seconds to reduce system load. If 0, use delivery interval.")),
 			'$imagick_path'			=> array('imagick_path', t("Path to ImageMagick convert program"), get_config('system','imagick_convert_path'), t("If set, use this program to generate photo thumbnails for huge images ( > 4000 pixels in either dimension), otherwise memory exhaustion may occur. Example: /usr/bin/convert")),
 			'$thumbnail_security'			=> array('thumbnail_security', t("Allow SVG thumbnails in file browser"), get_config('system','thumbnail_security',0), t("WARNING: SVG images may contain malicious code.")),
 			'$maxloadavg'			=> array('maxloadavg', t("Maximum Load Average"), ((intval(get_config('system','maxloadavg')) > 0)?get_config('system','maxloadavg'):50), t("Maximum system load before delivery and poll processes are deferred - default 50.")),
 			'$default_expire_days' => array('default_expire_days', t('Expiration period in days for imported (grid/network) content'), intval(get_config('system','default_expire_days')), t('0 for no expiration of imported content')),
+
+			'$sellpage' => array('site_sellpage', t('Public servers: Optional landing (marketing) webpage for new registrants'), get_config('system','sellpage',''), sprintf( t('Create this page first. Default is %s/register'),z_root())),
+			'$firstpage' => array('firstpage', t('Page to display after creating a new channel'), get_config('system','workflow_channel_next','profiles'), t('Recommend: profiles, go, or settings')),
+
+			'$location' => array('site_location', t('Optional: site location'), get_config('system','site_location',''), t('Region or country')),
+
+
 			'$form_security_token' => get_form_security_token("admin_site"),
 		));
 	}

Zotlabs/Module/Api.php

@@ -39,10 +39,12 @@ class Api extends \Zotlabs\Web\Controller {
 					
 			// get consumer/client from request token
 			try {
-				$request = OAuth1Request::from_request();
+				$request = \OAuth1Request::from_request();
 			}
 			catch(\Exception $e) {
-				echo "<pre>"; var_dump($e); killme();
+				logger('OAuth exception: ' . print_r($e,true));
+				// echo "<pre>"; var_dump($e); 
+				killme();
 			}
 			
 			
@@ -52,7 +54,7 @@ class Api extends \Zotlabs\Web\Controller {
 				if (is_null($app)) 
 					return "Invalid request. Unknown token.";
 
-				$consumer = new OAuth1Consumer($app['client_id'], $app['pw'], $app['redirect_uri']);
+				$consumer = new \OAuth1Consumer($app['client_id'], $app['pw'], $app['redirect_uri']);
 	
 				$verifier = md5($app['secret'] . local_channel());
 				set_config('oauth', $verifier, local_channel());
@@ -63,7 +65,7 @@ class Api extends \Zotlabs\Web\Controller {
 					$glue = '?';
 					if(strstr($consumer->callback_url,$glue))
 						$glue = '?';
-					goaway($consumer->callback_url . $glue . "oauth_token=" . OAuth1Util::urlencode_rfc3986($params['oauth_token']) . "&oauth_verifier=" . OAuth1Util::urlencode_rfc3986($verifier));
+					goaway($consumer->callback_url . $glue . "oauth_token=" . \OAuth1Util::urlencode_rfc3986($params['oauth_token']) . "&oauth_verifier=" . \OAuth1Util::urlencode_rfc3986($verifier));
 					killme();
 				}
 							

Zotlabs/Module/Articles.php

@@ -35,7 +35,7 @@ class Articles extends \Zotlabs\Web\Controller {
 			return;
 		}
 
-		nav_set_selected(t('Cards'));
+		nav_set_selected(t('Articles'));
 
 		head_add_link([ 
 			'rel'   => 'alternate',
@@ -102,6 +102,7 @@ class Articles extends \Zotlabs\Web\Controller {
 				'permissions'       => $channel_acl,
 				'showacl'           => (($is_owner) ? true : false),
 				'visitor'           => true,
+				'body'              => '[summary][/summary]',
 				'hide_location'     => false,
 				'hide_voting'       => false,
 				'profile_uid'       => intval($owner),

Zotlabs/Module/Authorize.php

@@ -2,70 +2,66 @@
 
 namespace Zotlabs\Module;
 
+use Zotlabs\Identity\OAuth2Storage;
+
 
 class Authorize extends \Zotlabs\Web\Controller {
 
+	function init() {
 
-	function get() {
-
-
-			// workaround for HTTP-auth in CGI mode
-			if (x($_SERVER, 'REDIRECT_REMOTE_USER')) {
-				$userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)) ;
-				if(strlen($userpass)) {
-					list($name, $password) = explode(':', $userpass);
-					$_SERVER['PHP_AUTH_USER'] = $name;
-					$_SERVER['PHP_AUTH_PW'] = $password;
-				}
+		// workaround for HTTP-auth in CGI mode
+		if (x($_SERVER, 'REDIRECT_REMOTE_USER')) {
+			$userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)) ;
+			if(strlen($userpass)) {
+				list($name, $password) = explode(':', $userpass);
+				$_SERVER['PHP_AUTH_USER'] = $name;
+				$_SERVER['PHP_AUTH_PW'] = $password;
 			}
+		}
 
-			if (x($_SERVER, 'HTTP_AUTHORIZATION')) {
-				$userpass = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"], 6)) ;
-				if(strlen($userpass)) {
-					list($name, $password) = explode(':', $userpass);
-					$_SERVER['PHP_AUTH_USER'] = $name;
-					$_SERVER['PHP_AUTH_PW'] = $password;
-				}
+		if (x($_SERVER, 'HTTP_AUTHORIZATION')) {
+			$userpass = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"], 6)) ;
+			if(strlen($userpass)) {
+				list($name, $password) = explode(':', $userpass);
+				$_SERVER['PHP_AUTH_USER'] = $name;
+				$_SERVER['PHP_AUTH_PW'] = $password;
 			}
+		}
 
+		$s = new \Zotlabs\Identity\OAuth2Server(new OAuth2Storage(\DBA::$dba->db));
 
+		$request = \OAuth2\Request::createFromGlobals();
+		$response = new \OAuth2\Response();
 
+		// validate the authorize request
+		if (! $s->validateAuthorizeRequest($request, $response)) {
+			$response->send();
+			killme();
+		}
 
-	require_once('include/oauth2.php');
+		// display an authorization form
+		if (empty($_POST)) {
 
-	$request = \OAuth2\Request::createFromGlobals();
-	$response = new \OAuth2\Response();
-
-	// validate the authorize request
-	if (! $oauth2_server->validateAuthorizeRequest($request, $response)) {
-	    $response->send();
-    	killme();
-	}
-
-	// display an authorization form
-	if (empty($_POST)) {
-
-	  return '
+			return '
 <form method="post">
   <label>Do You Authorize TestClient?</label><br />
   <input type="submit" name="authorized" value="yes">
   <input type="submit" name="authorized" value="no">
 </form>';
+		}
+
+		// print the authorization code if the user has authorized your client
+		$is_authorized = ($_POST['authorized'] === 'yes');
+		$s->handleAuthorizeRequest($request, $response, $is_authorized, local_channel());
+		if ($is_authorized) {
+			// this is only here so that you get to see your code in the cURL request. Otherwise,
+			// we'd redirect back to the client
+			$code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=')+5, 40);
+			echo("SUCCESS! Authorization Code: $code");
+		}
+
+		$response->send();
+		killme();
 	}
 
-	// print the authorization code if the user has authorized your client
-	$is_authorized = ($_POST['authorized'] === 'yes');
-	$oauth2_server->handleAuthorizeRequest($request, $response, $is_authorized);
-	if ($is_authorized) {
-		// this is only here so that you get to see your code in the cURL request. Otherwise, 
-		// we'd redirect back to the client
-		$code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=')+5, 40);
-		echo("SUCCESS! Authorization Code: $code");
-		
-	}
-
-	$response->send();
-	killme();
-	}
-
-}
+}

Zotlabs/Module/Cards.php

@@ -9,18 +9,22 @@ require_once('include/acl_selectors.php');
 class Cards extends \Zotlabs\Web\Controller {
 
 	function init() {
-	
+
 		if(argc() > 1)
 			$which = argv(1);
 		else
 			return;
-	
+
 		profile_load($which);
-	
+
 	}
-	
+
+	/**
+	 * {@inheritDoc}
+	 * @see \Zotlabs\Web\Controller::get()
+	 */
 	function get($update = 0, $load = false) {
-	
+
 		if(observer_prohibited(true)) {
 			return login();
 		}
@@ -31,13 +35,13 @@ class Cards extends \Zotlabs\Web\Controller {
 			return;
 		}
 
-		if(! feature_enabled(\App::$profile_uid,'cards')) {
+		if(! feature_enabled(\App::$profile_uid, 'cards')) {
 			return;
 		}
 
 		nav_set_selected(t('Cards'));
 
-		head_add_link([ 
+		head_add_link([
 			'rel'   => 'alternate',
 			'type'  => 'application/json+oembed',
 			'href'  => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string),
@@ -46,48 +50,48 @@ class Cards extends \Zotlabs\Web\Controller {
 
 
 		$category = (($_REQUEST['cat']) ? escape_tags(trim($_REQUEST['cat'])) : '');
-					
+
 		if($category) {
-			$sql_extra2 .= protect_sprintf(term_item_parent_query(\App::$profile['profile_uid'],'item', $category, TERM_CATEGORY));
+			$sql_extra2 .= protect_sprintf(term_item_parent_query(\App::$profile['profile_uid'], 'item', $category, TERM_CATEGORY));
 		}
 
 
 		$which = argv(1);
-		
+
 		$selected_card = ((argc() > 2) ? argv(2) : '');
 
 		$_SESSION['return_url'] = \App::$query_string;
-	
+
 		$uid      = local_channel();
 		$owner    = \App::$profile_uid;
 		$observer = \App::get_observer();
-	
+
 		$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
-		
-		if(! perm_is_allowed($owner,$ob_hash,'view_pages')) {
+
+		if(! perm_is_allowed($owner, $ob_hash, 'view_pages')) {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}
-		
+
 		$is_owner = ($uid && $uid == $owner);
-	
+
 		$channel = channelx_by_n($owner);
 
 		if($channel) {
-			$channel_acl = array(
+			$channel_acl = [
 				'allow_cid' => $channel['channel_allow_cid'],
 				'allow_gid' => $channel['channel_allow_gid'],
 				'deny_cid'  => $channel['channel_deny_cid'],
 				'deny_gid'  => $channel['channel_deny_gid']
-			);
+			];
 		}
 		else {
 			$channel_acl = [ 'allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '' ];
 		}
-	
 
 
-		if(perm_is_allowed($owner,$ob_hash,'write_pages')) {
+
+		if(perm_is_allowed($owner, $ob_hash, 'write_pages')) {
 
 			$x = [
 				'webpage'           => ITEM_TYPE_CARD,
@@ -95,9 +99,9 @@ class Cards extends \Zotlabs\Web\Controller {
 				'content_label'     => t('Add Card'),
 				'button'            => t('Create'),
 				'nickname'          => $channel['channel_address'],
-				'lockstate'         => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] 
+				'lockstate'         => (($channel['channel_allow_cid'] || $channel['channel_allow_gid']
 					|| $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
-				'acl'               => (($is_owner) ? populate_acl($channel_acl, false, 
+				'acl'               => (($is_owner) ? populate_acl($channel_acl, false,
 					\Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_pages')) : ''),
 				'permissions'       => $channel_acl,
 				'showacl'           => (($is_owner) ? true : false),
@@ -110,7 +114,7 @@ class Cards extends \Zotlabs\Web\Controller {
 				'layoutselect'      => false,
 				'expanded'          => false,
 				'novoting'          => false,
-				'catsenabled'       => feature_enabled($owner,'categories'),
+				'catsenabled'       => feature_enabled($owner, 'categories'),
 				'bbco_autocomplete' => 'bbcode',
 				'bbcode'            => true
 			];
@@ -119,14 +123,14 @@ class Cards extends \Zotlabs\Web\Controller {
 				$x['title'] = $_REQUEST['title'];
 			if($_REQUEST['body'])
 				$x['body'] = $_REQUEST['body'];
-			$editor = status_editor($a,$x);
 
+			$editor = status_editor($a, $x);
 		}
 		else {
 			$editor = '';
 		}
-		
-		
+
+
 		$sql_extra = item_permissions_sql($owner);
 
 		if($selected_card) {
@@ -137,9 +141,9 @@ class Cards extends \Zotlabs\Web\Controller {
 				$sql_extra .= "and item.id = " . intval($r[0]['iid']) . " ";
 			}
 		}
-				
-		$r = q("select * from item 
-			where item.uid = %d and item_type = %d 
+
+		$r = q("select * from item
+			where uid = %d and item_type = %d
 			$sql_extra order by item.created desc",
 			intval($owner),
 			intval(ITEM_TYPE_CARD)
@@ -149,9 +153,10 @@ class Cards extends \Zotlabs\Web\Controller {
 			and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_pending_remove = 0
 			and item.item_blocked = 0 ";
 
+		$items_result = [];
 		if($r) {
 
-			$parents_str = ids_to_querystr($r,'id');
+			$parents_str = ids_to_querystr($r, 'id');
 
 			$items = q("SELECT item.*, item.id AS item_id
 				FROM item
@@ -164,24 +169,22 @@ class Cards extends \Zotlabs\Web\Controller {
 			if($items) {
 				xchan_query($items);
 				$items = fetch_post_tags($items, true);
-				$items = conv_sort($items,'updated');
+				$items_result = conv_sort($items, 'updated');
 			}
-			else
-				$items = [];
 		}
 
 		$mode = 'cards';
-			
-     	$content = conversation($items,$mode,false,'traditional');
+
+		$content = conversation($items_result, $mode, false, 'traditional');
 
 		$o = replace_macros(get_markup_template('cards.tpl'), [
 			'$title' => t('Cards'),
 			'$editor' => $editor,
 			'$content' => $content,
-			'$pager' => alt_pager($a,count($items))
+			'$pager' => alt_pager($a, count($items_result))
 		]);
 
-        return $o;
-    }
+		return $o;
+	}
 
 }

Zotlabs/Module/Channel.php

@@ -204,7 +204,7 @@ class Channel extends \Zotlabs\Web\Controller {
 				$_SESSION['loadtime'] = datetime_convert();
 			}
 			else {
-				$r = q("SELECT distinct parent AS item_id, created from item
+				$r = q("SELECT distinct parent AS item_id from item
 					left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids )
 					WHERE uid = %d $item_normal_update
 					AND item_wall = 1 $simple_update
@@ -239,7 +239,7 @@ class Channel extends \Zotlabs\Web\Controller {
 
 			if($load || ($checkjs->disabled())) {
 				if($mid) {
-					$r = q("SELECT distinct parent AS item_id from item where mid like '%s' and uid = %d $item_normal
+					$r = q("SELECT parent AS item_id from item where mid like '%s' and uid = %d $item_normal
 						AND item_wall = 1 $sql_extra limit 1",
 						dbesc($mid . '%'),
 						intval(\App::$profile['profile_uid'])
@@ -249,13 +249,13 @@ class Channel extends \Zotlabs\Web\Controller {
 					}
 				}
 				else {
-					$r = q("SELECT distinct id AS item_id, created FROM item
-						left join abook on item.author_xchan = abook.abook_xchan
-						WHERE uid = %d $item_normal
-						AND item_wall = 1 and item_thread_top = 1
-						AND (abook_blocked = 0 or abook.abook_flags is null)
+					$r = q("SELECT item.parent AS item_id FROM item 
+						left join abook on ( item.author_xchan = abook.abook_xchan $abook_uids )
+						WHERE true and item.uid = %d AND item.item_thread_top = 1 $item_normal
+						AND (abook.abook_blocked = 0 or abook.abook_flags is null)
+						AND item.item_wall = 1 
 						$sql_extra $sql_extra2
-						ORDER BY created DESC $pager_sql ",
+						ORDER BY created DESC, id $pager_sql ",
 						intval(\App::$profile['profile_uid'])
 					);
 				}

Zotlabs/Module/Cloud.php

@@ -110,6 +110,9 @@ class Cloud extends \Zotlabs\Web\Controller {
 		elseif($err instanceof \Sabre\DAV\Exception\Forbidden) {
 			notice( t('Permission denied') . EOL);
 		}
+		elseif($err instanceof \Sabre\DAV\Exception\NotImplemented) {
+			notice( t('Please refresh page') . EOL);
+		}
 		else {
 			notice( t('Unknown error') . EOL);
 		}

Zotlabs/Module/Connections.php

@@ -232,7 +232,7 @@ class Connections extends \Zotlabs\Web\Controller {
 				if($rr['xchan_url']) {
 
 					if(($rr['vcard']) && is_array($rr['vcard']['tels']) && $rr['vcard']['tels'][0]['nr'])
-						$phone = ((\App::$is_mobile || \App::$is_tablet) ? $rr['vcard']['tels'][0]['nr'] : '');
+						$phone = $rr['vcard']['tels'][0]['nr'];
 					else
 						$phone = '';
 	
@@ -245,6 +245,11 @@ class Connections extends \Zotlabs\Web\Controller {
 						((intval($rr['abook_blocked'])) ? t('Blocked') : ''),
 						((intval($rr['abook_not_here'])) ? t('Not connected at this location') : '')
 					);
+
+					$oneway = false;
+					if(! intval(get_abconfig(local_channel(),$rr['xchan_hash'],'their_perms','post_comments'))) {
+						$oneway = true;
+					}
 	
 					foreach($status as $str) {
 						if(!$str)
@@ -283,7 +288,8 @@ class Connections extends \Zotlabs\Web\Controller {
 						'ignore_hover' => t('Ignore connection'),
 						'ignore' => ((! $rr['abook_ignored']) ? t('Ignore') : false),
 						'recent_label' => t('Recent activity'),
-						'recentlink' => z_root() . '/network/?f=&cid=' . intval($rr['abook_id'])
+						'recentlink' => z_root() . '/network/?f=&cid=' . intval($rr['abook_id']),
+						'oneway' => $oneway
 					);
 				}
 			}

Zotlabs/Module/Connedit.php

@@ -826,27 +826,10 @@ class Connedit extends \Zotlabs\Web\Controller {
 				}
 			}
 
-			$locstr = '';
-	
-			$locs = q("select hubloc_addr as location from hubloc left join site on hubloc_url = site_url where hubloc_hash = '%s'
-				and hubloc_deleted = 0 and site_dead = 0",
-				dbesc($contact['xchan_hash'])
-			);
-	
-			if($locs) {
-				foreach($locs as $l) {
-					if(!($l['location']))
-						continue;
-					if(strpos($locstr,$l['location']) !== false)
-						continue;
-					if(strlen($locstr))
-						$locstr .= ', ';
-					$locstr .= $l['location'];
-				}
-			}
-			else
+			$locstr = locations_by_netid($contact['xchan_hash']);
+			if(! $locstr)
 				$locstr = $contact['xchan_url'];
-
+	
 			$clone_warn = '';
 			$clonable = (in_array($contact['xchan_network'],['zot','rss']) ? true : false);
 			if(! $clonable) {
@@ -866,7 +849,7 @@ class Connedit extends \Zotlabs\Web\Controller {
 			$o .= replace_macros($tpl, [
 				'$header'         => (($self) ? t('Connection Default Permissions') : sprintf( t('Connection: %s'),$contact['xchan_name'])),
 				'$autoperms'      => array('autoperms',t('Apply these permissions automatically'), ((get_pconfig(local_channel(),'system','autoperms')) ? 1 : 0), t('Connection requests will be approved without your interaction'), $yes_no),
-				'$permcat'        => [ 'permcat', t('Permission role'), '', '',$permcats ],
+				'$permcat'        => [ 'permcat', t('Permission role'), '', '<span class="loading invisible">' . t('Loading') . '<span class="jumping-dots"><span class="dot-1">.</span><span class="dot-2">.</span><span class="dot-3">.</span></span></span>',$permcats ],
 				'$permcat_new'    => t('Add permission role'),
 				'$permcat_enable' => feature_enabled(local_channel(),'permcats'),
 				'$addr'           => $contact['xchan_addr'],
@@ -912,7 +895,6 @@ class Connedit extends \Zotlabs\Web\Controller {
 				'$permnote_self'  => t('Some permissions may be inherited from your channel\'s <a href="settings"><strong>privacy settings</strong></a>, which have higher priority than individual settings. You can change those settings here but they wont have any impact unless the inherited setting changes.'),
 				'$lastupdtext'    => t('Last update:'),
 				'$last_update'    => relative_date($contact['abook_connected']),
-				'$is_mobile'      => ((\App::$is_mobile || \App::$is_tablet) ? true : false),
 				'$profile_select' => contact_profile_assign($contact['abook_profile']),
 				'$multiprofs'     => $multiprofs,
 				'$contact_id'     => $contact['abook_id'],

Zotlabs/Module/Cover_photo.php

@@ -64,12 +64,12 @@ class Cover_photo extends \Zotlabs\Web\Controller {
 				$image_id = substr($image_id,0,-2);
 			}
 				
-	
-			$srcX = $_POST['xstart'];
-			$srcY = $_POST['ystart'];
-			$srcW = $_POST['xfinal'] - $srcX;
-			$srcH = $_POST['yfinal'] - $srcY;
-	
+
+
+			$srcX = intval($_POST['xstart']);
+			$srcY = intval($_POST['ystart']);
+			$srcW = intval($_POST['xfinal']) - $srcX;
+			$srcH = intval($_POST['yfinal']) - $srcY;
 	
 			$r = q("select gender from profile where uid = %d and is_default = 1 limit 1",
 				intval(local_channel())
@@ -207,7 +207,7 @@ class Cover_photo extends \Zotlabs\Web\Controller {
 			}
 		}
 	
-		$imagedata = (($os_storage) ? @file_get_contents($imagedata) : $imagedata);
+		$imagedata = (($os_storage) ? @file_get_contents(dbunescbin($imagedata)) : dbunescbin($imagedata));
 		$ph = photo_factory($imagedata, $filetype);
 	
 		if(! $ph->is_valid()) {
@@ -357,12 +357,23 @@ class Cover_photo extends \Zotlabs\Web\Controller {
 				'$user'                => \App::$channel['channel_address'],
 				'$lbl_upfile'          => t('Upload File:'),
 				'$lbl_profiles'        => t('Select a profile:'),
-				'$title'               => t('Upload Cover Photo'),
+				'$title'               => t('Change Cover Photo'),
 				'$submit'              => t('Upload'),
 				'$profiles'            => $profiles,
+				'$embedPhotos' => t('Use a photo from your albums'),
+				'$embedPhotosModalTitle' => t('Use a photo from your albums'),
+				'$embedPhotosModalCancel' => t('Cancel'),
+				'$embedPhotosModalOK' => t('OK'),
+				'$modalchooseimages' => t('Choose images to embed'),
+				'$modalchoosealbum' => t('Choose an album'),
+				'$modaldiffalbum' => t('Choose a different album'),
+				'$modalerrorlist' => t('Error getting album list'),
+				'$modalerrorlink' => t('Error getting photo link'),
+				'$modalerroralbum' => t('Error getting album'),
 				'$form_security_token' => get_form_security_token("cover_photo"),
 					/// @FIXME - yuk  
-				'$select'              => sprintf('%s %s', t('or'), ($newuser) ? '<a href="' . z_root() . '">' . t('skip this step') . '</a>' : '<a href="'. z_root() . '/photos/' . \App::$channel['channel_address'] . '">' . t('select a photo from your photo albums') . '</a>')
+				'$select' => t('Select existing photo'),
+
 			));
 			
 			call_hooks('cover_photo_content_end', $o);

Zotlabs/Module/Defperms.php

@@ -22,7 +22,7 @@ class Defperms extends \Zotlabs\Web\Controller {
 	
 		$r = q("SELECT abook.*, xchan.*
 			FROM abook left join xchan on abook_xchan = xchan_hash
-			WHERE abook_self = 1 and abook_id = %d LIMIT 1",
+			WHERE abook_self = 1 and abook_channel = %d LIMIT 1",
 			intval(local_channel())
 		);
 		if($r) {
@@ -237,7 +237,7 @@ class Defperms extends \Zotlabs\Web\Controller {
 			$o .= replace_macros($tpl, [
 				'$header'         => t('Connection Default Permissions'),
 				'$autoperms'      => array('autoperms',t('Apply these permissions automatically'), ((get_pconfig(local_channel(),'system','autoperms')) ? 1 : 0), t('If enabled, connection requests will be approved without your interaction'), $yes_no),
-				'$permcat'        => [ 'permcat', t('Permission role'), '', '',$permcats ],
+				'$permcat'        => [ 'permcat', t('Permission role'), '', '<span class="loading invisible">' . t('Loading') . '<span class="jumping-dots"><span class="dot-1">.</span><span class="dot-2">.</span><span class="dot-3">.</span></span></span>',$permcats ],
 				'$permcat_new'    => t('Add permission role'),
 				'$permcat_enable' => feature_enabled(local_channel(),'permcats'),
 				'$section'        => $section,

Zotlabs/Module/Directory.php

@@ -17,7 +17,7 @@ class Directory extends \Zotlabs\Web\Controller {
 				intval(local_channel()),
 				dbesc($_GET['ignore'])
 			);
-			goaway(z_root() . '/directory?suggest=1');
+			goaway(z_root() . '/directory?f=&suggest=1');
 		}
 	
 		$observer = get_observer_hash();
@@ -101,6 +101,11 @@ class Directory extends \Zotlabs\Web\Controller {
 		if($suggest) {
 	
 			$r = suggestion_query(local_channel(),get_observer_hash());
+
+			if(! $r) {
+				notice( t('No default suggestions were found.') . EOL);
+				return;
+			}
 	
 			// Remember in which order the suggestions were
 			$addresses = array();

Zotlabs/Module/Dirsearch.php

@@ -97,7 +97,10 @@ class Dirsearch extends \Zotlabs\Web\Controller {
 		else
 			$sync = false;
 	
-	
+		if(($dirmode == DIRECTORY_MODE_STANDALONE) && (! $hub)) {
+			$hub = \App::get_hostname();
+		}
+
 		if($hub)
 			$hub_query = " and xchan_hash in (select hubloc_hash from hubloc where hubloc_host =  '" . protect_sprintf(dbesc($hub)) . "') ";
 		else
@@ -313,7 +316,7 @@ class Dirsearch extends \Zotlabs\Web\Controller {
 	
 			$ret['results'] = $entries;
 			if($kw) {
-				$k = dir_tagadelic($kw);
+				$k = dir_tagadelic($kw, $hub);
 				if($k) {
 					$ret['keywords'] = array();
 					foreach($k as $kv) {

Zotlabs/Module/Display.php

@@ -215,6 +215,7 @@ class Display extends \Zotlabs\Web\Controller {
 			$pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(\App::$pager['itemspage']),intval(\App::$pager['start']));
 
 			if($load || ($checkjs->disabled()) || ($module_format !== 'html')) {
+
 				$r = null;
 
 				require_once('include/channel.php');
@@ -235,7 +236,7 @@ class Display extends \Zotlabs\Web\Controller {
 					}
 				}
 
-				if($r === null) {
+				if(! $r) {
 
 					// in case somebody turned off public access to sys channel content using permissions
 					// make that content unsearchable by ensuring the owner uid can't match
@@ -281,7 +282,7 @@ class Display extends \Zotlabs\Web\Controller {
 				}
 			}
 
-			if($r === null) {
+			if(! $r) {
 				// in case somebody turned off public access to sys channel content using permissions
 				// make that content unsearchable by ensuring the owner_xchan can't match
 				if(! perm_is_allowed($sysid,$observer_hash,'view_stream'))
@@ -343,14 +344,15 @@ class Display extends \Zotlabs\Web\Controller {
 		case 'atom':
 
 			$atom = replace_macros(get_markup_template('atom_feed.tpl'), array(
-				'$version'      => xmlify(\Zotlabs\Lib\System::get_project_version()),
-				'$red'          => xmlify(\Zotlabs\Lib\System::get_platform_name()),
-				'$feed_id'      => xmlify(\App::$cmd),
-				'$feed_title'   => xmlify(t('Article')),
-				'$feed_updated' => xmlify(datetime_convert('UTC', 'UTC', 'now', ATOM_TIME)),
-				'$author'       => '',
-				'$owner'        => '',
-				'$profile_page' => xmlify(z_root() . '/display/' . $target_item['mid']),
+				'$version'       => xmlify(\Zotlabs\Lib\System::get_project_version()),
+				'$generator'     => xmlify(\Zotlabs\Lib\System::get_platform_name()),
+				'$generator_uri' => 'https://hubzilla.org',
+				'$feed_id'       => xmlify(\App::$cmd),
+				'$feed_title'    => xmlify(t('Article')),
+				'$feed_updated'  => xmlify(datetime_convert('UTC', 'UTC', 'now', ATOM_TIME)),
+				'$author'        => '',
+				'$owner'         => '',
+				'$profile_page'  => xmlify(z_root() . '/display/' . $target_item['mid']),
 			));
 				
 			$x = [ 'xml' => $atom, 'channel' => $channel, 'observer_hash' => $observer_hash, 'params' => $params ];

Zotlabs/Module/Email_resend.php

@@ -0,0 +1,46 @@
+<?php
+
+namespace Zotlabs\Module;
+
+
+class Email_resend extends \Zotlabs\Web\Controller {
+
+	function post() {
+
+		if($_POST['token']) {
+			if(! account_approve(trim($_POST['token']))) {
+				notice(t('Token verification failed.'));
+			}
+		}
+
+	}
+
+
+	function get() {
+
+		if(argc() > 1) {
+			$result = false;
+			$email = hex2bin(argv(1));
+
+			if($email) {
+				$result = verify_email_address( [ 'resend' => true, 'email' => $email ] );
+			}
+
+			if($result) {
+				notice(t('Email verification resent'));
+			}
+			else {
+				notice(t('Unable to resend email verification message.'));
+			}
+
+			goaway(z_root() . '/email_validation/' . bin2hex($email));
+
+		}
+
+		// @todo - one can provide a form here to resend the mail
+		// after directing to here if a succesful login was attempted from an unverified address.
+
+
+	}
+
+}

Zotlabs/Module/Email_validation.php

@@ -0,0 +1,48 @@
+<?php
+
+namespace Zotlabs\Module;
+
+
+class Email_validation extends \Zotlabs\Web\Controller {
+
+	function post() {
+
+		$success = false;
+		if($_POST['token']) {
+			// This will redirect internally on success unless the channel is auto_created
+			if(account_approve(trim(basename($_POST['token'])))) {
+				$success = true;
+				if(get_config('system','auto_channel_create')) {
+					$next_page = get_config('system', 'workflow_channel_next', 'profiles');		
+				}
+				if($next_page) {
+					goaway(z_root() . '/' . $next_page);
+				}
+			}
+		}
+		if(! $success) {
+			notice( t('Token verification failed.') . EOL);
+		}
+	}
+
+
+	function get() {
+
+		if(argc() > 1) {
+			$email = hex2bin(argv(1));
+		}
+
+		$o = replace_macros(get_markup_template('email_validation.tpl'), [
+			'$title' => t('Email Verification Required'),
+			'$desc' => sprintf( t('A verification token was sent to your email address [%s]. Enter that token here to complete the account verification step. Please allow a few minutes for delivery, and check your spam folder if you do not see the message.'),$email),
+			'$resend' => t('Resend Email'),
+			'$email' => bin2hex($email),
+			'$submit' => t('Submit'),
+			'$token' => [ 'token', t('Validation token'),'','' ],
+		]);
+		
+		return $o;
+
+	}
+
+}

Zotlabs/Module/Embedphotos.php

@@ -53,7 +53,7 @@ class Embedphotos extends \Zotlabs\Web\Controller {
 			} else {
 				json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false));
 			}
-			json_return_and_die(array('status' => true, 'photolink' => $photolink));
+			json_return_and_die(array('status' => true, 'photolink' => $photolink, 'resource_id' => $resource_id));
 		}
 	}
 

Zotlabs/Module/Go.php

@@ -0,0 +1,67 @@
+<?php
+
+namespace Zotlabs\Module;
+
+
+class Go extends \Zotlabs\Web\Controller {
+
+	function init() {
+		if(local_channel()) {
+			$channel = \App::get_channel();
+			if($channel) {
+				profile_load($channel['channel_address'],0);
+			}
+		}
+	}
+
+
+
+	function get() {
+		if(! local_channel()) {
+			notify( t('This page is available only to site members') . EOL);
+		}
+
+		$channel = \App::get_channel();
+
+
+		$title = t('Welcome');
+
+		$m = t('What would you like to do?');
+
+		$m1 = t('Please bookmark this page if you would like to return to it in the future');
+
+
+		$options = [
+			'profile_photo' => t('Upload a profile photo'),
+			'cover_photo'   => t('Upload a cover photo'),
+			'profiles'      => t('Edit your default profile'),
+			'suggest'       => t('View friend suggestions'),
+			'directory'     => t('View the channel directory'),
+			'settings'      => t('View/edit your channel settings'),
+			'help'          => t('View the site or project documentation'),
+			'channel/' . $channel['channel_address']       => t('Visit your channel homepage'),
+			'connections'   => t('View your connections and/or add somebody whose address you already know'),
+			'network'       => t('View your personal stream (this may be empty until you add some connections)'),
+
+		];
+ 
+		$site_firehose = ((intval(get_config('system','site_firehose',0))) ? true : false);
+ 		$net_firehose  = ((get_config('system','disable_discover_tab',1)) ? false : true);
+
+		if($site_firehose || $net_firehose) {
+			$options['pubstream'] = t('View the public stream. Warning: this content is not moderated');
+		}
+
+		$o = replace_macros(get_markup_template('go.tpl'), [
+			'$title' => $title,
+			'$m' => $m,
+			'$m1' => $m1,
+			'$options' => $options
+
+		]);
+
+		return $o;
+
+	}
+
+}

Zotlabs/Module/Hq.php

@@ -29,6 +29,8 @@ class Hq extends \Zotlabs\Web\Controller {
 			);
 		}
 
+		killme();
+
 	}
 
 	function get($update = 0, $load = false) {
@@ -50,9 +52,9 @@ class Hq extends \Zotlabs\Web\Controller {
 		$item_normal_update = item_normal_update();
 
 		if(! $item_hash) {
-			$r = q("SELECT mid FROM item
-				WHERE uid = %d 
-				AND mid = parent_mid
+			$r = q("SELECT mid FROM item 
+				WHERE uid = %d $item_normal
+				AND mid = parent_mid 
 				ORDER BY created DESC LIMIT 1",
 				intval(local_channel())
 			);
@@ -135,13 +137,11 @@ class Hq extends \Zotlabs\Web\Controller {
 			$o = replace_macros(get_markup_template("hq.tpl"),
 				[
 					'$no_messages' => (($target_item) ? false : true),
-					'$no_messages_label' => t('Welcome to hubzilla!')
+					'$no_messages_label' => [ t('Welcome to Hubzilla!'), t('You have got no unseen posts...') ],
+					'$editor' => status_editor($a,$x)
 				]
 			);
-	
-			$o = '<div id="jot-popup">';
-			$o .= status_editor($a,$x);
-			$o .= '</div>';
+
 		}
 
 		if(! $update && ! $load) {
@@ -266,23 +266,20 @@ class Hq extends \Zotlabs\Web\Controller {
 		}
 	
 		if($r) {
-			$parents_str = ids_to_querystr($r,'item_id');
-			if($parents_str) {
-				$items = q("SELECT item.*, item.id AS item_id 
-					FROM item
-					WHERE parent IN ( %s ) $item_normal ",
-					dbesc($parents_str)
-				);
+			$items = q("SELECT item.*, item.id AS item_id 
+				FROM item
+				WHERE parent = '%s' $item_normal ",
+				dbesc($r[0]['item_id'])
+			);
 	
-				xchan_query($items,true,(($sys_item) ? local_channel() : 0));
-				$items = fetch_post_tags($items,true);
-				$items = conv_sort($items,'created');
-			}
+			xchan_query($items,true,(($sys_item) ? local_channel() : 0));
+			$items = fetch_post_tags($items,true);
+			$items = conv_sort($items,'created');
 		}
 		else {
 			$items = [];
 		}
-	
+
 		$o .= conversation($items, 'hq', $update, 'client');
 
 		if($updateable) {

Zotlabs/Module/Import.php

@@ -64,7 +64,7 @@ class Import extends \Zotlabs\Web\Controller {
 				notice( t('Nothing to import.') . EOL);
 				return;
 			} else if(strpos($old_address, '＠')) {
-				// if you copy the identity address from your profile page, make it work for convenience
+				// if you copy the identity address from your profile page, make it work for convenience - WARNING: this is a utf-8 variant and NOT an ASCII ampersand. Please do not edit. 
 				$old_address = str_replace('＠', '@', $old_address);
 			}
 

Zotlabs/Module/Item.php

@@ -39,6 +39,7 @@ class Item extends \Zotlabs\Web\Controller {
 		$uid = local_channel();
 		$channel = null;
 		$observer = null;
+		$datarray = [];
 	
 	
 		/**
@@ -504,7 +505,12 @@ class Item extends \Zotlabs\Web\Controller {
 			$body = z_input_filter($body,$mimetype,$execflag);
 		}
 	
-		// Verify ability to use html or php!!!
+
+		$arr = [ 'profile_uid' => $profile_uid, 'content' => $body, 'mimetype' => $mimetype ];
+		call_hooks('post_content',$arr);
+		$body = $arr['content'];
+		$mimetype = $arr['mimetype'];
+
 	
 		$gacl = $acl->get();
 		$str_contact_allow = $gacl['allow_cid'];
@@ -516,13 +522,6 @@ class Item extends \Zotlabs\Web\Controller {
 	
 			require_once('include/text.php');			
 	
-			if($uid && $uid == $profile_uid && feature_enabled($uid,'markdown')) {
-				require_once('include/markdown.php');
-				$body = preg_replace_callback('/\[share(.*?)\]/ism','\share_shield',$body);			
-				$body = markdown_to_bb($body,true,['preserve_lf' => true]);
-				$body = preg_replace_callback('/\[share(.*?)\]/ism','\share_unshield',$body);
-
-			}
 	
 			// BBCODE alert: the following functions assume bbcode input
 			// and will require alternatives for alternative content-types (text/html, text/markdown, text/plain, etc.)
@@ -621,6 +620,21 @@ class Item extends \Zotlabs\Web\Controller {
 					$i++;
 				}
 			}
+
+
+			if(preg_match_all('/(\[share=(.*?)\](.*?)\[\/share\])/',$body,$match)) {
+				// process share by id				
+
+				$verb = ACTIVITY_SHARE;
+				$i = 0;
+				foreach($match[2] as $mtch) {
+					$reshare = new \Zotlabs\Lib\Share($mtch);
+					$datarray['obj'] = $reshare->obj();
+					$datarray['obj_type'] = $datarray['obj']['type'];
+					$body = str_replace($match[1][$i],$reshare->bbcode(),$body);
+					$i++;
+				}
+			}
 	
 		}
 	
@@ -722,7 +736,6 @@ class Item extends \Zotlabs\Web\Controller {
 		if(!$thr_parent)
 			$thr_parent = $mid;
 	
-		$datarray = array();
 
 		$item_thread_top = ((! $parent) ? 1 : 0);
 	
@@ -755,6 +768,7 @@ class Item extends \Zotlabs\Web\Controller {
 
 		if ((! $plink) && ($item_thread_top)) {
 			$plink = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . $mid;
+			$plink = substr($plink,0,190);
 		}
 		
 		$datarray['aid']                 = $channel['channel_account_id'];

Zotlabs/Module/Like.php

@@ -9,9 +9,41 @@ require_once('include/items.php');
 
 class Like extends \Zotlabs\Web\Controller {
 
-	function get() {
+
+
+	private function reaction_to_activity($reaction) {
+
+		$acts = [
+			'like'        => ACTIVITY_LIKE ,
+			'dislike'     => ACTIVITY_DISLIKE ,
+			'agree'       => ACTIVITY_AGREE ,
+			'disagree'    => ACTIVITY_DISAGREE ,
+			'abstain'     => ACTIVITY_ABSTAIN ,
+			'attendyes'   => ACTIVITY_ATTEND ,
+			'attendno'    => ACTIVITY_ATTENDNO ,
+			'attendmaybe' => ACTIVITY_ATTENDMAYBE 
+		];
+
+		// unlike (etc.) reactions are an undo of positive reactions, rather than a negative action.
+		// The activity is the same in undo actions and will have the same activity mapping
+
+		if(substr($reaction,0,2) === 'un') {
+			$reaction = substr($reaction,2);
+		}
+
+		if(array_key_exists($reaction,$acts)) {
+			return $acts[$reaction];
+		}
+
+		return EMPTY_STR;
+
+	}
+
+
+
+	public function get() {
 	
-		$o = '';
+		$o = EMPTY_STR;
 
 		$sys_channel = get_sys_channel();
 		$sys_channel_id = (($sys_channel) ? $sys_channel['channel_id'] : 0);
@@ -35,48 +67,17 @@ class Like extends \Zotlabs\Web\Controller {
 		if(! $verb)
 			$verb = 'like';
 	
-		switch($verb) {
-			case 'like':
-			case 'unlike':
-				$activity = ACTIVITY_LIKE;
-				break;
-			case 'dislike':
-			case 'undislike':
-				$activity = ACTIVITY_DISLIKE;
-				break;
-			case 'agree':
-			case 'unagree':
-				$activity = ACTIVITY_AGREE;
-				break;
-			case 'disagree':
-			case 'undisagree':
-				$activity = ACTIVITY_DISAGREE;
-				break;
-			case 'abstain':
-			case 'unabstain':
-				$activity = ACTIVITY_ABSTAIN;
-				break;
-			case 'attendyes':
-			case 'unattendyes':
-				$activity = ACTIVITY_ATTEND;
-				break;
-			case 'attendno':
-			case 'unattendno':
-				$activity = ACTIVITY_ATTENDNO;
-				break;
-			case 'attendmaybe':
-			case 'unattendmaybe':
-				$activity = ACTIVITY_ATTENDMAYBE;
-				break;
-			default:
-				return;
-				break;
+		$activity = $this->reaction_to_activity($verb);
+
+		if(! $activity) {
+			return EMPTY_STR; 
 		}
+
 	
 		$extended_like = false;
 		$object = $target = null;
-		$post_type = '';
-		$objtype = '';
+		$post_type = EMPTY_STR;
+		$objtype = EMPTY_STR;
 	
 		if(argc() == 3) {
 	

Zotlabs/Module/Linkinfo.php

@@ -120,9 +120,9 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 	
 		$siteinfo = self::parseurl_getsiteinfo($url);
 	
-		// If this is a Red site, use zrl rather than url so they get zids sent to them by default
+		// If the site uses this platform, use zrl rather than url so they get zids sent to them by default
 	
-		if( x($siteinfo,'generator') && (strpos($siteinfo['generator'], \Zotlabs\Lib\System::get_platform_name() . ' ') === 0))
+		if(is_matrix_url($url))
 			$template = str_replace('url','zrl',$template);
 	
 		if($siteinfo["title"] == "") {

Zotlabs/Module/Logout.php

@@ -9,4 +9,4 @@ class Logout extends \Zotlabs\Web\Controller {
 		goaway(z_root());
 
 	}
-}
+}

Zotlabs/Module/Magic.php

@@ -166,7 +166,7 @@ class Magic extends \Zotlabs\Web\Controller {
 
 			$token = random_string();
 
-			\Zotlabs\Zot\Verify::create('auth',$channel['channel_id'],$token,$x[0]['hubloc_url']);
+			\Zotlabs\Lib\Verify::create('auth',$channel['channel_id'],$token,$x[0]['hubloc_url']);
 	
 			$target_url = $x[0]['hubloc_callback'] . '/?f=&auth=' . urlencode(channel_reddress($channel))
 				. '&sec=' . $token . '&dest=' . urlencode($dest) . '&version=' . ZOT_REVISION;

Zotlabs/Module/Network.php

@@ -108,6 +108,9 @@ class Network extends \Zotlabs\Web\Controller {
 		}
 	
 	
+		$default_cmin = ((feature_enabled(local_channel(),'affinity')) ? get_pconfig(local_channel(),'affinity','cmin',0) : 0);
+		$default_cmax = ((feature_enabled(local_channel(),'affinity')) ? get_pconfig(local_channel(),'affinity','cmax',99) : 99);
+
 	
 		// if no tabs are selected, defaults to comments
 	
@@ -117,8 +120,8 @@ class Network extends \Zotlabs\Web\Controller {
 		$liked    = ((x($_GET,'liked')) ? intval($_GET['liked']) : 0);
 		$conv     = ((x($_GET,'conv'))  ? intval($_GET['conv'])  : 0);
 		$spam     = ((x($_GET,'spam'))  ? intval($_GET['spam'])  : 0);
-		$cmin     = ((x($_GET,'cmin'))  ? intval($_GET['cmin'])  : 0);
-		$cmax     = ((x($_GET,'cmax'))  ? intval($_GET['cmax'])  : 99);
+		$cmin     = ((array_key_exists('cmin',$_GET))  ? intval($_GET['cmin'])  : $default_cmin);
+		$cmax     = ((array_key_exists('cmax',$_GET))  ? intval($_GET['cmax'])  : $default_cmax);
 		$file     = ((x($_GET,'file'))  ? $_GET['file']          : '');
 		$xchan    = ((x($_GET,'xchan')) ? $_GET['xchan']         : '');
 		$net      = ((x($_GET,'net'))   ? $_GET['net']           : '');
@@ -141,7 +144,7 @@ class Network extends \Zotlabs\Web\Controller {
 				// NOTREACHED
 			}
 			if($_GET['pf'] === '1')
-				$deftag = '@' . t('forum') . '+' . intval($cid) . '+';
+				$deftag = '!' . t('forum') . '+' . intval($cid);
 			else
 				$def_acl = [ 'allow_cid' => '<' . $r[0]['abook_xchan'] . '>', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '' ];
 		}
@@ -206,8 +209,11 @@ class Network extends \Zotlabs\Web\Controller {
 			: '');
 	
 		$sql_nets = '';
+
+		$distinct = '';
+		$item_thread_top = ' AND item_thread_top = 1 ';
 	
-		$sql_extra = " AND item.parent IN ( SELECT parent FROM item WHERE item_thread_top = 1 $sql_options ) ";
+		$sql_extra = $sql_options;
 	
 		if($group) {
 			$contact_str = '';
@@ -223,7 +229,8 @@ class Network extends \Zotlabs\Web\Controller {
 				$contact_str = ' 0 ';
 				info( t('Privacy group is empty'));
 			}
-	
+			$distinct = ' distinct ';
+			$item_thread_top = '';
 			$sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true $sql_options AND (( author_xchan IN ( $contact_str ) OR owner_xchan in ( $contact_str )) or allow_gid like '" . protect_sprintf('%<' . dbesc($group_hash) . '>%') . "' ) and id = parent $item_normal ) ";
 	
 			$x = group_rec_byhash(local_channel(), $group_hash);
@@ -247,6 +254,8 @@ class Network extends \Zotlabs\Web\Controller {
 				intval(local_channel())
 			);
 			if($r) {
+				$distinct = ' distinct ';
+				$item_thread_top = '';
 				$sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true $sql_options AND uid = " . intval(local_channel()) . " AND ( author_xchan = '" . dbesc($r[0]['abook_xchan']) . "' or owner_xchan = '" . dbesc($r[0]['abook_xchan']) . "' ) $item_normal ) ";
 				$title = replace_macros(get_markup_template("section_title.tpl"),array(
 					'$title' => '<a href="' . zid($r[0]['xchan_url']) . '" ><img src="' . zid($r[0]['xchan_photo_s'])  . '" alt="' . urlencode($r[0]['xchan_name']) . '" /></a> <a href="' . zid($r[0]['xchan_url']) . '" >' . $r[0]['xchan_name'] . '</a>'
@@ -261,13 +270,15 @@ class Network extends \Zotlabs\Web\Controller {
 			}
 		}
 		elseif($xchan) {
-				$r = q("select * from xchan where xchan_hash = '%s'",
-					dbesc($xchan)
-				);
-				if($r) {
-					$sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true $sql_options AND uid = " . intval(local_channel()) . " AND ( author_xchan = '" . dbesc($xchan) . "' or owner_xchan = '" . dbesc($xchan) . "' ) $item_normal ) ";
-					$title = replace_macros(get_markup_template("section_title.tpl"),array(
-						'$title' => '<a href="' . zid($r[0]['xchan_url']) . '" ><img src="' . zid($r[0]['xchan_photo_s'])  . '" alt="' . urlencode($r[0]['xchan_name']) . '" /></a> <a href="' . zid($r[0]['xchan_url']) . '" >' . $r[0]['xchan_name'] . '</a>'
+			$r = q("select * from xchan where xchan_hash = '%s'",
+				dbesc($xchan)
+			);
+			if($r) {
+				$distinct = ' distinct ';
+				$item_thread_top = '';
+				$sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true $sql_options AND uid = " . intval(local_channel()) . " AND ( author_xchan = '" . dbesc($xchan) . "' or owner_xchan = '" . dbesc($xchan) . "' ) $item_normal ) ";
+				$title = replace_macros(get_markup_template("section_title.tpl"),array(
+					'$title' => '<a href="' . zid($r[0]['xchan_url']) . '" ><img src="' . zid($r[0]['xchan_photo_s'])  . '" alt="' . urlencode($r[0]['xchan_name']) . '" /></a> <a href="' . zid($r[0]['xchan_url']) . '" >' . $r[0]['xchan_name'] . '</a>'
 				));
 				$o = $tabs;
 				$o .= $title;
@@ -370,6 +381,8 @@ class Network extends \Zotlabs\Web\Controller {
 		}
 	
 		if($conv) {
+			$distinct = ' distinct ';
+			$item_thread_top = '';
 			$sql_extra .= sprintf(" AND parent IN (SELECT distinct(parent) from item where ( author_xchan like '%s' or item_mentionsme = 1 )) ",
 				dbesc(protect_sprintf($channel['channel_hash']))
 			);
@@ -406,7 +419,6 @@ class Network extends \Zotlabs\Web\Controller {
 			if($cmax == 99)
 				$sql_nets .= " OR abook.abook_closeness IS NULL ) ";
 	
-	
 		}
 
 		$net_query = (($net) ? " left join xchan on xchan_hash = author_xchan " : ''); 
@@ -446,7 +458,7 @@ class Network extends \Zotlabs\Web\Controller {
 		if($nouveau && $load) {
 			// "New Item View" - show all items unthreaded in reverse created date order
 	
-			$items = q("SELECT item.*, item.id AS item_id, received FROM item
+			$items = q("SELECT item.*, item.id AS item_id, received FROM item 
 				left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids )
 				$net_query
 				WHERE true $uids $item_normal
@@ -475,18 +487,16 @@ class Network extends \Zotlabs\Web\Controller {
 			if($load) {
 
 				// Fetch a page full of parent items for this page
-	
-				$r = q("SELECT distinct item.id AS item_id, $ordering FROM item
+				$r = q("SELECT $distinct item.parent AS item_id FROM item 
 					left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids )
 					$net_query
-					WHERE true $uids $item_normal
-					AND item.parent = item.id
+					WHERE true $uids $item_thread_top $item_normal
+					AND item.mid = item.parent_mid
 					and (abook.abook_blocked = 0 or abook.abook_flags is null)
 					$sql_extra3 $sql_extra $sql_nets
 					$net_query2
 					ORDER BY $ordering DESC $pager_sql "
 				);
-	
 			}
 			else {
 

Zotlabs/Module/New_channel.php

@@ -89,9 +89,7 @@ class New_channel extends \Zotlabs\Web\Controller {
 	
 		change_channel($result['channel']['channel_id']);
 	
-		if(! strlen($next_page = get_config('system','workflow_channel_next')))
-			$next_page = 'settings';
-		
+		$next_page = get_config('system', 'workflow_channel_next', 'profiles');		
 		goaway(z_root() . '/' . $next_page);
 	
 	}
@@ -144,6 +142,7 @@ class New_channel extends \Zotlabs\Web\Controller {
 			'$role'		=> $role,
 			'$default_role' => $default_role,
 			'$nickname'     => $nickname,
+			'$validate'     => t('Validate'),
 			'$submit'       => t('Create'),
 			'$channel_usage_message' => $channel_usage_message
 		));

Zotlabs/Module/Owa.php

@@ -31,19 +31,26 @@ class Owa extends \Zotlabs\Web\Controller {
 
 					if($keyId) {
 						$r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash 
-							where hubloc_addr = '%s' limit 1",
+							where hubloc_addr = '%s' ",
 							dbesc(str_replace('acct:','',$keyId))
 						);
 						if($r) {
-							$hubloc = $r[0];
-							$verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']);	
-							if($verified && $verified['header_signed'] && $verified['header_valid']) {
-								$ret['success'] = true;
-								$token = random_string(32);
-								\Zotlabs\Zot\Verify::create('owt',0,$token,$r[0]['hubloc_addr']);
-								$result = '';
-								openssl_public_encrypt($token,$result,$hubloc['xchan_pubkey']);
-								$ret['encrypted_token'] = base64url_encode($result);
+							foreach($r as $hubloc) {
+								$verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']);	
+								if($verified && $verified['header_signed'] && $verified['header_valid']) {
+									logger('OWA header: ' . print_r($verified,true),LOGGER_DATA);	
+									logger('OWA success: ' . $hubloc['hubloc_addr'],LOGGER_DATA);
+									$ret['success'] = true;
+									$token = random_string(32);
+									\Zotlabs\Lib\Verify::create('owt',0,$token,$hubloc['hubloc_addr']);
+									$result = '';
+									openssl_public_encrypt($token,$result,$hubloc['xchan_pubkey']);
+									$ret['encrypted_token'] = base64url_encode($result);
+									break;
+								}
+								else {
+									logger('OWA fail: ' . $hubloc['hubloc_id'] . ' ' . $hubloc['hubloc_addr']);
+								}
 							}
 						}
 					}

Zotlabs/Module/Ping.php

@@ -148,14 +148,12 @@ class Ping extends \Zotlabs\Web\Controller {
 
 			$pubs = q("SELECT count(id) as total from item
 				WHERE uid = %d
-				AND author_xchan != '%s'
-				AND obj_type != '%s'
 				AND item_unseen = 1
+				AND author_xchan != '%s'
 				AND created > '" . datetime_convert('UTC','UTC',$_SESSION['static_loadtime']) . "'
 				$item_normal",
 				intval($sys['channel_id']),
-				dbesc(get_observer_hash()),
-				dbesc(ACTIVITY_OBJ_FILE)
+				dbesc(get_observer_hash())
 			);
 
 			if($pubs)
@@ -168,8 +166,8 @@ class Ping extends \Zotlabs\Web\Controller {
 
 			$r = q("SELECT * FROM item
 				WHERE uid = %d
-				AND author_xchan != '%s'
 				AND item_unseen = 1
+				AND author_xchan != '%s'
 				AND created > '" . datetime_convert('UTC','UTC',$_SESSION['static_loadtime']) . "'
 				$item_normal
 				ORDER BY created DESC
@@ -210,22 +208,22 @@ class Ping extends \Zotlabs\Web\Controller {
 		if(x($_REQUEST, 'markRead') && local_channel()) {
 			switch($_REQUEST['markRead']) {
 				case 'network':
-					$r = q("update item set item_unseen = 0 where item_unseen = 1 and uid = %d",
+					$r = q("UPDATE item SET item_unseen = 0 WHERE uid = %d AND item_unseen = 1",
 						intval(local_channel())
 					);
 					break;
 				case 'home':
-					$r = q("update item set item_unseen = 0 where item_unseen = 1 and item_wall = 1  and uid = %d",
+					$r = q("UPDATE item SET item_unseen = 0 WHERE uid = %d AND item_unseen = 1 AND item_wall = 1",
 						intval(local_channel())
 					);
 					break;
 				case 'mail':
-					$r = q("update mail set mail_seen = 1 where mail_seen = 0 and channel_id = %d ",
+					$r = q("UPDATE mail SET mail_seen = 1 WHERE channel_id = %d AND mail_seen = 0",
 						intval(local_channel())
 					);
 					break;
 				case 'all_events':
-					$r = q("update event set dismissed = 1 where dismissed = 0 and uid = %d AND dtstart < '%s' AND dtstart > '%s' ",
+					$r = q("UPDATE event SET dismissed = 1 WHERE uid = %d AND dismissed = 0 AND dtstart < '%s' AND dtstart > '%s' ",
 						intval(local_channel()),
 						dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')),
 						dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days'))
@@ -245,9 +243,9 @@ class Ping extends \Zotlabs\Web\Controller {
 		}
 
 		if(x($_REQUEST, 'markItemRead') && local_channel()) {
-			$r = q("update item set item_unseen = 0 where parent = %d and uid = %d",
-				intval($_REQUEST['markItemRead']),
-				intval(local_channel())
+			$r = q("UPDATE item SET item_unseen = 0 WHERE  uid = %d AND parent = %d",
+				intval(local_channel()),
+				intval($_REQUEST['markItemRead'])
 			);
 		}
 
@@ -256,7 +254,7 @@ class Ping extends \Zotlabs\Web\Controller {
 		 * dropdown menu.
 		 */
 		if(argc() > 1 && argv(1) === 'notify') {
-			$t = q("select * from notify where uid = %d and seen = 0 order by created desc",
+			$t = q("SELECT * FROM notify WHERE uid = %d AND seen = 0 ORDER BY CREATED DESC",
 				intval(local_channel())
 			);
 
@@ -270,7 +268,18 @@ class Ping extends \Zotlabs\Web\Controller {
 
 					$mid = basename($tt['link']);
 
-					$b64mid = ((strpos($mid, 'b64.' === 0)) ? $mid : 'b64.' . base64url_encode($mid));
+					if(in_array($tt['verb'], [ACTIVITY_LIKE, ACTIVITY_DISLIKE])) {
+						// we need the thread parent
+						$r = q("select thr_parent from item where mid = '%s' and uid = %d limit 1",
+							dbesc($mid),
+							intval(local_channel())
+						);
+
+						$b64mid = ((strpos($r[0]['thr_parent'], 'b64.' === 0)) ? $r[0]['thr_parent'] : 'b64.' . base64url_encode($r[0]['thr_parent']));
+					}
+					else {
+						$b64mid = ((strpos($mid, 'b64.' === 0)) ? $mid : 'b64.' . base64url_encode($mid));
+					}
 
 					$notifs[] = array(
 						'notify_link' => z_root() . '/notify/view/' . $tt['id'],
@@ -320,10 +329,13 @@ class Ping extends \Zotlabs\Web\Controller {
 		if(argc() > 1 && (argv(1) === 'network' || argv(1) === 'home')) {
 			$result = array();
 
-			$r = q("SELECT * FROM item
-				WHERE item_unseen = 1 and uid = %d $item_normal
+			$r = q("SELECT * FROM item 
+				WHERE uid = %d
+				AND item_unseen = 1
 				AND author_xchan != '%s'
-				ORDER BY created DESC limit 300",
+				$item_normal
+				ORDER BY created DESC
+				LIMIT 300",
 				intval(local_channel()),
 				dbesc($ob_hash)
 			);
@@ -492,9 +504,9 @@ class Ping extends \Zotlabs\Web\Controller {
 		$t3 = dba_timer();
 
 		if($vnotify & (VNOTIFY_NETWORK|VNOTIFY_CHANNEL)) {
-			
-			$r = q("SELECT id, item_wall FROM item
-				WHERE item_unseen = 1 and uid = %d
+
+			$r = q("SELECT id, item_wall FROM item 
+				WHERE uid = %d and item_unseen = 1 
 				$item_normal
 				AND author_xchan != '%s'",
 				intval(local_channel()),

Zotlabs/Module/Profile_photo.php

@@ -1,10 +1,11 @@
 <?php
 namespace Zotlabs\Module;
 
-/* @file profile_photo.php
-   @brief Module-file with functions for handling of profile-photos
-
-*/
+/*
+ * @file Profile_photo.php
+ * @brief Module-file with functions for handling of profile-photos
+ *
+ */
 
 
 require_once('include/photo/photo_driver.php');
@@ -55,6 +56,10 @@ class Profile_photo extends \Zotlabs\Web\Controller {
 	        
 		if((array_key_exists('cropfinal',$_POST)) && (intval($_POST['cropfinal']) == 1)) {
 	
+			// logger('crop: ' . print_r($_POST,true));
+
+
+
 			// phase 2 - we have finished cropping
 	
 			if(argc() != 2) {
@@ -86,10 +91,10 @@ class Profile_photo extends \Zotlabs\Web\Controller {
 			} 
 
 	
-			$srcX = $_POST['xstart'];
-			$srcY = $_POST['ystart'];
-			$srcW = $_POST['xfinal'] - $srcX;
-			$srcH = $_POST['yfinal'] - $srcY;
+			$srcX = intval($_POST['xstart']);
+			$srcY = intval($_POST['ystart']);
+			$srcW = intval($_POST['xfinal']) - $srcX;
+			$srcH = intval($_POST['yfinal']) - $srcY;
 
 			$r = q("SELECT * FROM photo WHERE resource_id = '%s' AND uid = %d AND imgscale = %d LIMIT 1",
 				dbesc($image_id),
@@ -299,7 +304,7 @@ class Profile_photo extends \Zotlabs\Web\Controller {
 		}
 	
 		$channel = \App::get_channel();
-	
+		$pf = 0;
 		$newuser = false;
 	
 		if(argc() == 2 && argv(1) === 'new')
@@ -313,8 +318,8 @@ class Profile_photo extends \Zotlabs\Web\Controller {
 				        
 			$resource_id = argv(2);
 	
-			// When using an existing photo, we don't have a dialogue to offer a choice of profiles,
-			// so it gets attached to the default
+
+			$pf = (($_REQUEST['pf']) ? intval($_REQUEST['pf']) : 0);
 
 			$c = q("select id, is_default from profile where uid = %d",
 				intval(local_channel())
@@ -326,6 +331,9 @@ class Profile_photo extends \Zotlabs\Web\Controller {
 				$_REQUEST['profile'] = $c[0]['id'];
 				$multi_profiles = false;
 			}
+			else {
+				$_REQUEST['profile'] = $pf;
+			}
 
 			$r = q("SELECT id, album, imgscale FROM photo WHERE uid = %d AND resource_id = '%s' ORDER BY imgscale ASC",
 				intval(local_channel()),
@@ -425,6 +433,16 @@ class Profile_photo extends \Zotlabs\Web\Controller {
 			intval(local_channel())
 		);
 
+		if($profiles) {
+			for($x = 0; $x < count($profiles); $x ++) {
+				$profiles[$x]['selected'] = false;
+				if($pf && $profiles[$x]['id'] == $pf)
+					$profiles[$x]['selected'] = true;
+				if((! $pf) && $profiles[$x]['is_default'])
+					$profiles[$x]['selected'] = true;
+			}
+		}
+
 		$importing = ((array_key_exists('importfile',\App::$data)) ? true : false);
 	
 		if(! x(\App::$data,'imagecrop')) {
@@ -436,14 +454,23 @@ class Profile_photo extends \Zotlabs\Web\Controller {
 				'$importfile' => (($importing) ? \App::$data['importfile'] : ''),
 				'$lbl_upfile' => t('Upload File:'),
 				'$lbl_profiles' => t('Select a profile:'),
-				'$title' => (($importing) ? t('Use Photo for Profile') : t('Upload Profile Photo')),
+				'$title' => (($importing) ? t('Use Photo for Profile') : t('Change Profile Photo')),
 				'$submit' => (($importing) ? t('Use') : t('Upload')),
 				'$profiles' => $profiles,
 				'$single' => ((count($profiles) == 1) ? true : false),
 				'$profile0' => $profiles[0],
+				'$embedPhotos' => t('Use a photo from your albums'),
+				'$embedPhotosModalTitle' => t('Use a photo from your albums'),
+				'$embedPhotosModalCancel' => t('Cancel'),
+				'$embedPhotosModalOK' => t('OK'),
+				'$modalchooseimages' => t('Choose images to embed'),
+				'$modalchoosealbum' => t('Choose an album'),
+				'$modaldiffalbum' => t('Choose a different album'),
+				'$modalerrorlist' => t('Error getting album list'),
+				'$modalerrorlink' => t('Error getting photo link'),
+				'$modalerroralbum' => t('Error getting album'),
 				'$form_security_token' => get_form_security_token("profile_photo"),
-	// FIXME - yuk  
-				'$select' => sprintf('%s %s', t('or'), ($newuser) ? '<a href="' . z_root() . '">' . t('skip this step') . '</a>' : '<a href="'. z_root() . '/photos/' . \App::$channel['channel_address'] . '">' . t('select a photo from your photo albums') . '</a>')
+				'$select' => t('Select existing photo'),
 			));
 			
 			call_hooks('profile_photo_content_end', $o);

Zotlabs/Module/Pubstream.php

@@ -12,14 +12,26 @@ class Pubstream extends \Zotlabs\Web\Controller {
 		if($load)
 			$_SESSION['loadtime'] = datetime_convert();
 
-	
-		if(observer_prohibited(true)) {
-				return login();
+		if((observer_prohibited(true))) {
+			return login();
+		}
+
+		if(! intval(get_config('system','open_pubstream',1))) {
+			if(! get_observer_hash()) {
+				return login();
+			}
+		}
+
+		$site_firehose = ((intval(get_config('system','site_firehose',0))) ? true : false);
+		$net_firehose  = ((get_config('system','disable_discover_tab',1)) ? false : true);
+
+		if(! ($site_firehose || $net_firehose)) {
+			return '';
+		}
+
+		if($net_firehose) {
+			$site_firehose = false;
 		}
-	
-		$disable_discover_tab = get_config('system','disable_discover_tab') || get_config('system','disable_discover_tab') === false;
-		if($disable_discover_tab)
-			return;
 
 		$mid = ((x($_REQUEST,'mid')) ? $_REQUEST['mid'] : '');
 
@@ -142,7 +154,7 @@ class Pubstream extends \Zotlabs\Web\Controller {
 		require_once('include/channel.php');
 		require_once('include/security.php');
 	
-		if(get_config('system','site_firehose')) {
+		if($site_firehose) {
 			$uids = " and item.uid in ( " . stream_perms_api_uids(PERMS_PUBLIC) . " ) and item_private = 0  and item_wall = 1 ";
 		}
 		else {
@@ -160,7 +172,8 @@ class Pubstream extends \Zotlabs\Web\Controller {
 
 		$net_query = (($net) ? " left join xchan on xchan_hash = author_xchan " : ''); 
 		$net_query2 = (($net) ? " and xchan_network = '" . protect_sprintf(dbesc($net)) . "' " : '');
-	
+
+		$abook_uids = " and abook.abook_channel = " . intval(\App::$profile['profile_uid']) . " ";
 	
 		$simple_update = (($_SESSION['loadtime']) ? " AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' " : '');
 	
@@ -179,7 +192,7 @@ class Pubstream extends \Zotlabs\Web\Controller {
 			if($load) {
 				if($mid) {
 					$r = q("SELECT parent AS item_id FROM item
-						left join abook on item.author_xchan = abook.abook_xchan
+						left join abook on item.author_xchan = abook.abook_xchan 
 						$net_query
 						WHERE mid like '%s' $uids $item_normal
 						and (abook.abook_blocked = 0 or abook.abook_flags is null)
@@ -189,11 +202,10 @@ class Pubstream extends \Zotlabs\Web\Controller {
 				}
 				else {
 					// Fetch a page full of parent items for this page
-					$r = q("SELECT distinct item.id AS item_id, $ordering FROM item
-						left join abook on item.author_xchan = abook.abook_xchan
+					$r = q("SELECT item.id AS item_id FROM item 
+						left join abook on ( item.author_xchan = abook.abook_xchan $abook_uids )
 						$net_query
-						WHERE true $uids $item_normal
-						AND item.parent = item.id
+						WHERE true $uids and item.item_thread_top = 1 $item_normal
 						and (abook.abook_blocked = 0 or abook.abook_flags is null)
 						$sql_extra3 $sql_extra $sql_nets $net_query2
 						ORDER BY $ordering DESC $pager_sql "

Zotlabs/Module/Register.php

@@ -123,9 +123,6 @@ class Register extends \Zotlabs\Web\Controller {
 		if($policy == REGISTER_OPEN ) {
 			if($email_verify) {
 				$res = verify_email_address($result);
-				if($res) {
-					info( t('Registration successful. Please check your email for validation instructions.') . EOL ) ;
-				}
 			}
 			else {
 				$res = send_register_success_email($result['email'],$result['password']);
@@ -133,7 +130,8 @@ class Register extends \Zotlabs\Web\Controller {
 			if($res) {
 				if($invite_code) {
 					info( t('Registration successful. Continue to create your first channel...') . EOL ) ;
-				} else {
+				} 
+				else {
 					info( t('Registration successful. Please check your email for validation instructions.') . EOL ) ;
 				}
 			}
@@ -150,9 +148,11 @@ class Register extends \Zotlabs\Web\Controller {
 		}
 	
 		if($email_verify) {
-			goaway(z_root());
+			goaway(z_root() . '/email_validation/' . bin2hex($result['email']));
 		}
-	
+
+		// fall through and authenticate if no approvals or verifications were required. 	
+
 		authenticate_success($result['account'],null,true,false,true);
 		
 		$new_channel = false;
@@ -217,6 +217,9 @@ class Register extends \Zotlabs\Web\Controller {
 		$privacy_role = ((x($_REQUEST,'permissions_role')) ? $_REQUEST['permissions_role'] : "");
 
 		$perm_roles = \Zotlabs\Access\PermissionRoles::roles();
+
+		// A new account will not have a techlevel, but accounts can also be created by the administrator.
+
 		if((get_account_techlevel() < 4) && $privacy_role !== 'custom')
 			unset($perm_roles[t('Other')]);
 	
@@ -231,15 +234,17 @@ class Register extends \Zotlabs\Web\Controller {
 		// Configurable whether to restrict age or not - default is based on international legal requirements
 		// This can be relaxed if you are on a restricted server that does not share with public servers
 	
-		if(get_config('system','no_age_restriction')) 
+		if(get_config('system','no_age_restriction')) {
 			$label_tos = sprintf( t('I accept the %s for this website'), $toslink);
-		else
+		}
+		else {
 			$age = get_config('system','minimum_age');
 			if(!$age) {
 				$age = 13;
 			}
 			$label_tos = sprintf( t('I am over %s years of age and accept the %s for this website'), $age, $toslink);
-	
+		}
+
 		$enable_tos = 1 - intval(get_config('system','no_termsofservice'));
 	
 		$email        = array('email', t('Your email address'), ((x($_REQUEST,'email')) ? strip_tags(trim($_REQUEST['email'])) : ""));
@@ -255,6 +260,7 @@ class Register extends \Zotlabs\Web\Controller {
 
 		$auto_create  = (get_config('system','auto_channel_create') ? true : false);
 		$default_role = get_config('system','default_permissions_role');
+		$email_verify = get_config('system','verify_email');
 	
 		require_once('include/bbcode.php');
 	
@@ -278,7 +284,7 @@ class Register extends \Zotlabs\Web\Controller {
 			'$pass1'        => $password,
 			'$pass2'        => $password2,
 			'$submit'       => t('Register'),
-			'$verify_note'  => t('This site may require email verification after submitting this form. If you are returned to a login page, please check your email for instructions.')
+			'$verify_note'  => (($email_verify) ? t('This site requires email verification. After completing this form, please check your email for further instructions.') : ''),
 		));
 	
 		return $o;

Zotlabs/Module/Search.php

@@ -90,7 +90,7 @@ class Search extends \Zotlabs\Web\Controller {
 		}
 		else {
 			$regstr = db_getfunc('REGEXP');
-			$sql_extra = sprintf(" AND item.body $regstr '%s' ", dbesc(protect_sprintf(preg_quote($search))));
+			$sql_extra = sprintf(" AND (item.title $regstr '%s' OR item.body $regstr '%s') ", dbesc(protect_sprintf(preg_quote($search))), dbesc(protect_sprintf(preg_quote($search))));
 		}
 	
 		// Here is the way permissions work in the search module...
@@ -165,40 +165,41 @@ class Search extends \Zotlabs\Web\Controller {
 			if($load) {
 				$r = null;
 						
-				if(ACTIVE_DBTYPE == DBTYPE_POSTGRES) {
-					$prefix = 'distinct on (created, mid)';
-					$suffix = 'ORDER BY created DESC, mid';
-				} else {
-					$prefix = 'distinct';
-					$suffix = 'group by mid ORDER BY created DESC';
-				}
 				if(local_channel()) {
-					$r = q("SELECT $prefix mid, item.id as item_id, item.* from item
+					$r = q("SELECT mid, MAX(id) as item_id from item
 						WHERE ((( item.allow_cid = ''  AND item.allow_gid = '' AND item.deny_cid  = '' AND item.deny_gid  = '' AND item_private = 0 ) 
 						OR ( item.uid = %d )) OR item.owner_xchan = '%s' )
 						$item_normal
 						$sql_extra
-						$suffix $pager_sql ",
+						group by mid order by created desc $pager_sql ",
 						intval(local_channel()),
 						dbesc($sys['xchan_hash'])
 					);
 				}
 				if($r === null) {
-					$r = q("SELECT $prefix mid, item.id as item_id, item.* from item
+					$r = q("SELECT mid, MAX(id) as item_id from item
 						WHERE (((( item.allow_cid = ''  AND item.allow_gid = '' AND item.deny_cid  = ''
 						AND item.deny_gid  = '' AND item_private = 0 )
 						and owner_xchan in ( " . stream_perms_xchans(($observer) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " ))
 							$pub_sql ) OR owner_xchan = '%s')
 						$item_normal
 						$sql_extra 
-						$suffix $pager_sql",
+						group by mid order by created desc $pager_sql",
 						dbesc($sys['xchan_hash'])
 					);
 				}
+				if($r) {
+					$str = ids_to_querystr($r,'item_id');
+					$r = q("select *, id as item_id from item where id in ( " . $str . ") order by created desc ");
+				}
 			}
 			else {
 				$r = array();
 			}
+		
+
+
+
 		}
 	
 		if($r) {

Zotlabs/Module/Settings/Account.php

@@ -113,7 +113,7 @@ class Account {
 			'$origpass' => array('origpass', t('Current Password'), ' ',''),
 			'$password1'=> array('npassword', t('Enter New Password'), '', ''),
 			'$password2'=> array('confirm', t('Confirm New Password'), '', t('Leave password fields blank unless changing')),
-			'$techlevel' => [ 'techlevel', t('Your technical skill level'), $def_techlevel, t('Used to provide a member experience matched to your comfort level'), $techlevels ],
+			'$techlevel' => [ 'techlevel', t('Your technical skill level'), $def_techlevel, t('Used to provide a member experience and additional features consistent with your comfort level'), $techlevels ],
 			'$techlock' => $techlock,
 			'$submit' 	=> t('Submit'),
 			'$email' 	=> array('email', t('Email Address:'), $email, ''),

Zotlabs/Module/Settings/Channel.php

@@ -331,22 +331,21 @@ class Channel {
 		);
 	
 		$limits = \Zotlabs\Access\PermissionLimits::Get(local_channel());
+		$anon_comments = get_config('system','anonymous_comments',true);
 	
 		foreach($global_perms as $k => $perm) {
 			$options = array();
+			$can_be_public = ((strstr($k,'view') || ($k === 'post_comments' && $anon_comments)) ? true : false);
 			foreach($perm_opts as $opt) {
-				if(((! strstr($k,'view')) && $k !== 'post_comments') && $opt[1] == PERMS_PUBLIC)
+				if($opt[1] == PERMS_PUBLIC && (! $can_be_public))
 					continue;
 				$options[$opt[1]] = $opt[0];
 			}
 			$permiss[] = array($k,$perm,$limits[$k],'',$options);			
 		}
-	
-	
+		
 		//		logger('permiss: ' . print_r($permiss,true));
 	
-	
-	
 		$username   = $channel['channel_name'];
 		$nickname   = $channel['channel_address'];
 		$timezone   = $channel['channel_timezone'];

Zotlabs/Module/Settings/Display.php

@@ -21,7 +21,7 @@ class Display {
 		if(! $theme)
 			$theme = 'redbasic';
 
-		$mobile_theme      = ((x($_POST,'mobile_theme')) ? notags(trim($_POST['mobile_theme']))  : '');
+
 		$preload_images    = ((x($_POST,'preload_images')) ? intval($_POST['preload_images'])  : 0);
 		$channel_menu      = ((x($_POST,'channel_menu')) ? intval($_POST['channel_menu'])  : 0);
 		$user_scalable     = ((x($_POST,'user_scalable')) ? intval($_POST['user_scalable'])  : 0);
@@ -47,11 +47,6 @@ class Display {
 		if($itemspage > 100)
 			$itemspage = 100;
 
-		if ($mobile_theme == "---")
-			del_pconfig(local_channel(),'system','mobile_theme');
-		else {
-			set_pconfig(local_channel(),'system','mobile_theme',$mobile_theme);
-		}
 
 		set_pconfig(local_channel(),'system','preload_images',$preload_images);
 		set_pconfig(local_channel(),'system','user_scalable',$user_scalable);
@@ -114,10 +109,6 @@ class Display {
 
 		$theme = (($existing_theme) ? $existing_theme : $default_theme);
 
-		$default_mobile_theme = get_config('system','mobile_theme');
-		if(! $mobile_default_theme)
-			$mobile_default_theme = 'none';
-
 		$allowed_themes_str = get_config('system','allowed_themes');
 		$allowed_themes_raw = explode(',',$allowed_themes_str);
 		$allowed_themes = array();
@@ -135,26 +126,19 @@ class Display {
 
 				$info = get_theme_info($th);
 				$compatible = check_plugin_versions($info);
-				if(!$compatible) {
-					$mobile_themes[$f] = $themes[$f] = sprintf(t('%s - (Incompatible)'), $f);
+				if(! $compatible) {
+					$themes[$f] = sprintf(t('%s - (Incompatible)'), $f);
 					continue;
 				}
 
 				$is_experimental = file_exists('view/theme/' . $th . '/experimental');
 				$unsupported = file_exists('view/theme/' . $th . '/unsupported');
-				$is_mobile = file_exists('view/theme/' . $th . '/mobile');
 				$is_library = file_exists('view/theme/'. $th . '/library');
-				$mobile_themes['---'] = t("No special theme for mobile devices");
 
 				if (!$is_experimental or ($is_experimental && (get_config('experimentals','exp_themes')==1 or get_config('experimentals','exp_themes')===false))){
 					$theme_name = (($is_experimental) ?  sprintf(t('%s - (Experimental)'), $f) : $f);
 					if (! $is_library) {
-						if($is_mobile) {
-							$mobile_themes[$f] = $themes[$f] = $theme_name . ' (' . t('mobile') . ')';
-						}
-						else {
-							$mobile_themes[$f] = $themes[$f] = $theme_name;
-						}
+						$themes[$f] = $theme_name;
 					}
 				}
 			}
@@ -166,7 +150,6 @@ class Display {
 			$theme_selected = explode(':', $theme_selected)[0];
 		}
 
-		$mobile_theme_selected = (!x($_SESSION,'mobile_theme')? $default_mobile_theme : $_SESSION['mobile_theme']);
 
 		$preload_images = get_pconfig(local_channel(),'system','preload_images');
 		$preload_images = (($preload_images===false)? '0': $preload_images); // default if not set: 0
@@ -213,7 +196,6 @@ class Display {
 			'$theme'	=> (($themes) ? array('theme', t('Display Theme:'), $theme_selected, '', $themes, 'preview') : false),
 			'$schema'   => array('schema', t('Select scheme'), $existing_schema, '' , $schemas),
 
-			'$mobile_theme' => (($mobile_themes) ? array('mobile_theme', t('Mobile Theme:'), $mobile_theme_selected, '', $mobile_themes, '') : false),
 			'$preload_images' => array('preload_images', t("Preload images before rendering the page"), $preload_images, t("The subjective page load time will be longer but the page will be ready when displayed"), $yes_no),
 			'$user_scalable' => array('user_scalable', t("Enable user zoom on mobile devices"), $user_scalable, '', $yes_no),
 			'$ajaxint'   => array('browser_update',  t("Update browser every xx seconds"), $browser_update, t('Minimum of 10 seconds, no maximum')),

Zotlabs/Module/Settings/Featured.php

@@ -17,12 +17,8 @@ class Featured {
 			$cmin = intval($_POST['affinity_cmin']);
 			if($cmin < 0 || $cmin > 99)
 				$cmin = 0;
-			if($cmin !== 0 || $cmax !== 99) {
-				set_pconfig(local_channel(),'system','network_page_default','cmin=' . $cmin . '&cmax=' . $cmax);
-			}
-			else {
-				set_pconfig(local_channel(),'system','network_page_default','');
-			}
+			set_pconfig(local_channel(),'affinity','cmin',$cmin);
+			set_pconfig(local_channel(),'affinity','cmax',$cmax);
 
 			info( t('Affinity Slider settings updated.') . EOL);
 
@@ -46,12 +42,12 @@ class Featured {
 			$cmax = intval(get_pconfig(local_channel(),'affinity','cmax'));
 			$cmax = (($cmax) ? $cmax : 99);
 			$setting_fields .= replace_macros(get_markup_template('field_input.tpl'), array(
-				'$field'    => array('affinity_cmax', t('Default maximum affinity level'), $cmax, '')
+				'$field'    => array('affinity_cmax', t('Default maximum affinity level'), $cmax, t('0-99 default 99'))
 			));
 			$cmin = intval(get_pconfig(local_channel(),'affinity','cmin'));
 			$cmin = (($cmin) ? $cmin : 0);
 			$setting_fields .= replace_macros(get_markup_template('field_input.tpl'), array(
-				'$field'    => array('affinity_cmin', t('Default minimum affinity level'), $cmin, '')
+				'$field'    => array('affinity_cmin', t('Default minimum affinity level'), $cmin, t('0-99 - default 0'))
 			));
 
 			$settings_addons .= replace_macros(get_markup_template('generic_addon_settings.tpl'), array(
@@ -65,7 +61,8 @@ class Featured {
 		$tpl = get_markup_template("settings_addons.tpl");
 		$o .= replace_macros($tpl, array(
 			'$form_security_token' => get_form_security_token("settings_featured"),
-			'$title'	=> t('Feature/Addon Settings'),
+			'$title'	=> t('Addon Settings'),
+			'$descrip'  => t('Please save/submit changes to any panel before opening another.'),
 			'$settings_addons' => $settings_addons
 		));
 		return $o;

Zotlabs/Module/Settings/Permcats.php

@@ -49,7 +49,7 @@ class Permcats {
 
 
 		if(argc() > 2) 
-			$name = argv(2);			
+			$name = hex2bin(argv(2));			
 
 		if(argc() > 3 && argv(3) === 'drop') {
 			\Zotlabs\Lib\Permcat::delete(local_channel(),$name);
@@ -70,7 +70,7 @@ class Permcats {
 				if(($pc['name']) && ($name) && ($pc['name'] == $name))
 					$existing = $pc['perms'];
 				if(! $pc['system'])
-					$permcats[$pc['name']] = $pc['localname'];
+					$permcats[bin2hex($pc['name'])] = $pc['localname'];
 			}
 		}
 

Zotlabs/Module/Share.php

@@ -14,6 +14,10 @@ class Share extends \Zotlabs\Web\Controller {
 		if(! $post_id)
 			killme();
 	
+
+		echo '[share=' . $post_id . '][/share]';
+		killme();
+
 		if(! (local_channel() || remote_channel()))
 			killme();
 	

Zotlabs/Module/Siteinfo.php

@@ -5,7 +5,6 @@ namespace Zotlabs\Module;
 class Siteinfo extends \Zotlabs\Web\Controller {
 
 	function init() {
-logger(print_r($_REQUEST,true));
 		if (argv(1) === 'json' || $_REQUEST['module_format'] === 'json') {
 			$data = get_site_info();
 			json_return_and_die($data);

Zotlabs/Module/Sitelist.php

@@ -32,7 +32,7 @@ class Sitelist extends \Zotlabs\Web\Controller {
 	
 		$result = array('success' => false);
 	
-		$r = q("select count(site_url) as total from site where site_type = %d $sql_extra ",
+		$r = q("select count(site_url) as total from site where site_type = %d and site_dead = 0 $sql_extra ",
 			intval(SITE_TYPE_ZOT)
 		);
 		
@@ -42,7 +42,7 @@ class Sitelist extends \Zotlabs\Web\Controller {
 		$result['start'] = $start;
 		$result['limit'] = $limit;	
 	
-		$r = q("select * from site where site_type = %d $sql_extra $sql_order $sql_limit",
+		$r = q("select * from site where site_type = %d and site_dead = 0 $sql_extra $sql_order $sql_limit",
 			intval(SITE_TYPE_ZOT)
 		);
 	

Zotlabs/Module/Thing.php

@@ -20,6 +20,11 @@ class Thing extends \Zotlabs\Web\Controller {
 
 		$channel    = \App::get_channel();
 
+		if($_SERVER['REQUEST_METHOD'] === 'GET' && argc() < 2) {
+			profile_load($channel['channel_address']);
+		}
+
+
 		$term_hash = (($_REQUEST['term_hash']) ? $_REQUEST['term_hash'] : '');
 
 		$name = escape_tags($_REQUEST['term']);

Zotlabs/Module/Token.php

@@ -2,39 +2,36 @@
 
 namespace Zotlabs\Module;
 
+use Zotlabs\Identity\OAuth2Storage;
+
 
 class Token extends \Zotlabs\Web\Controller {
 
+	function init() {
 
-	function get() {
-
-
-			// workaround for HTTP-auth in CGI mode
-			if (x($_SERVER, 'REDIRECT_REMOTE_USER')) {
-				$userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)) ;
-				if(strlen($userpass)) {
-					list($name, $password) = explode(':', $userpass);
-					$_SERVER['PHP_AUTH_USER'] = $name;
-					$_SERVER['PHP_AUTH_PW'] = $password;
-				}
+		// workaround for HTTP-auth in CGI mode
+		if (x($_SERVER, 'REDIRECT_REMOTE_USER')) {
+			$userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)) ;
+			if(strlen($userpass)) {
+				list($name, $password) = explode(':', $userpass);
+				$_SERVER['PHP_AUTH_USER'] = $name;
+				$_SERVER['PHP_AUTH_PW'] = $password;
 			}
+		}
 
-			if (x($_SERVER, 'HTTP_AUTHORIZATION')) {
-				$userpass = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"], 6)) ;
-				if(strlen($userpass)) {
-					list($name, $password) = explode(':', $userpass);
-					$_SERVER['PHP_AUTH_USER'] = $name;
-					$_SERVER['PHP_AUTH_PW'] = $password;
-				}
+		if (x($_SERVER, 'HTTP_AUTHORIZATION')) {
+			$userpass = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"], 6)) ;
+			if(strlen($userpass)) {
+				list($name, $password) = explode(':', $userpass);
+				$_SERVER['PHP_AUTH_USER'] = $name;
+				$_SERVER['PHP_AUTH_PW'] = $password;
 			}
+		}
 
+		$s = new \Zotlabs\Identity\OAuth2Server(new OAuth2Storage(\DBA::$dba->db));
+		$s->handleTokenRequest(\OAuth2\Request::createFromGlobals())->send();
 
-
-
-	require_once('include/oauth2.php');
-	$oauth2_server->handleTokenRequest(\OAuth2\Request::createFromGlobals())->send(); 
-
-	killme();
+		killme();
 	}
 
-}
+}

Zotlabs/Module/Viewconnections.php

@@ -44,7 +44,7 @@ class Viewconnections extends \Zotlabs\Web\Controller {
 		$sql_extra = '';
 	
 		if(! $is_owner) {
-			$abook_flags = " and abook_hidden = 0 ";
+			$abook_flags .= " and abook_hidden = 0 ";
 			$sql_extra = " and xchan_hidden = 0 ";
 		}
 	
@@ -69,8 +69,13 @@ class Viewconnections extends \Zotlabs\Web\Controller {
 		$contacts = array();
 	
 		foreach($r as $rr) {
+
+			$oneway = false;
+			if(! intval(get_abconfig(\App::$profile['uid'],$rr['xchan_hash'],'their_perms','post_comments'))) {
+				$oneway = true;
+			}
 	
-		    $url = chanlink_hash($rr['xchan_hash']);
+			$url = chanlink_hash($rr['xchan_hash']);
 			if($url) {
 				$contacts[] = array(
 					'id' => $rr['abook_id'],
@@ -83,6 +88,7 @@ class Viewconnections extends \Zotlabs\Web\Controller {
 					'sparkle' => '',
 					'itemurl' => $rr['url'],
 					'network' => '',
+					'oneway' => $oneway
 				);
 			}
 		}

Zotlabs/Module/Wfinger.php

@@ -123,7 +123,8 @@ class Wfinger extends \Zotlabs\Web\Controller {
 			$result['properties'] = [
 					'http://webfinger.net/ns/name'   => $r[0]['channel_name'],
 					'http://xmlns.com/foaf/0.1/name' => $r[0]['channel_name'],
-					'https://w3id.org/security/v1#publicKeyPem' => $r[0]['xchan_pubkey']
+					'https://w3id.org/security/v1#publicKeyPem' => $r[0]['xchan_pubkey'],
+					'http://purl.org/zot/federation' => 'zot'
 			];
 	
 			foreach($aliases as $alias) 

Zotlabs/Render/SmartyInterface.php

@@ -2,8 +2,6 @@
 
 namespace Zotlabs\Render;
 
-require_once('library/Smarty/libs/Smarty.class.php');
-
 class SmartyInterface extends \Smarty {
 
 	public $filename;

Zotlabs/Render/Theme.php

@@ -8,10 +8,8 @@ use App;
 class Theme {
 
 	static $system_theme = null;
-	static $system_mobile_theme = null;
 
 	static $session_theme = null;
-	static $session_mobile_theme = null;
 
 	/**
 	 * @brief Array with base or fallback themes.
@@ -32,10 +30,6 @@ class Theme {
 			? \App::$config['system']['theme'] : '');
 		self::$session_theme = ((isset($_SESSION) && x($_SESSION, 'theme'))
 			? $_SESSION['theme'] : self::$system_theme);
-		self::$system_mobile_theme = ((isset(\App::$config['system']['mobile_theme']))
-			? \App::$config['system']['mobile_theme'] : '');
-		self::$session_mobile_theme = ((isset($_SESSION) && x($_SESSION, 'mobile_theme'))
-			? $_SESSION['mobile_theme'] : self::$system_mobile_theme);
 
 		$page_theme = null;
 
@@ -55,30 +49,12 @@ class Theme {
 		if(array_key_exists('theme', \App::$layout) && \App::$layout['theme'])
 			$page_theme = \App::$layout['theme'];
 
-		// If the viewer is on a mobile device, ensure that we're using a mobile
-		// theme of some kind or whatever the viewer's preference is for mobile
-		// viewing (if applicable)
+		$chosen_theme = self::$session_theme;
 
-		if(\App::$is_mobile || \App::$is_tablet) {
-			if(isset($_SESSION['show_mobile']) && (! $_SESSION['show_mobile'])) {
-				$chosen_theme = self::$session_theme;
-			}
-			else {
-				$chosen_theme = self::$session_mobile_theme;
-
-				if($chosen_theme === '' || $chosen_theme === '---' ) {
-					// user has selected to have the mobile theme be the same as the normal one
-					$chosen_theme = self::$session_theme;
-				}
-			}
+		if($page_theme) {
+			$chosen_theme = $page_theme;
 		}
-		else {
-			$chosen_theme = self::$session_theme;
 
-			if($page_theme) {
-				$chosen_theme = $page_theme;
-			}
-		}
 		if(array_key_exists('theme_preview', $_GET))
 			$chosen_theme = $_GET['theme_preview'];
 

Zotlabs/Storage/Browser.php

@@ -264,7 +264,10 @@ class Browser extends DAV\Browser\Plugin {
 			$this->server->emit('onHTMLActionsPanel', array($parent, &$output, $path));
 		}
 
-
+		$deftiles = (($is_owner) ? 0 : 1);
+		$tiles = ((array_key_exists('cloud_tiles',$_SESSION)) ? intval($_SESSION['cloud_tiles']) : $deftiles);
+		$_SESSION['cloud_tiles'] = $tiles;
+	
 		$html .= replace_macros(get_markup_template('cloud.tpl'), array(
 				'$header' => t('Files') . ": " . $this->escapeHTML($path) . "/",
 				'$total' => t('Total'),

Zotlabs/Thumbs/Epubthumb.php

@@ -2,36 +2,54 @@
 
 namespace Zotlabs\Thumbs;
 
-require_once('library/epub-meta/epub.php');
+require_once 'library/epub-meta/epub.php';
 
+/**
+ * @brief Thumbnail creation for epub files.
+ *
+ */
 class Epubthumb {
 
+	/**
+	 * @brief Match for application/epub+zip.
+	 *
+	 * @param string $type MimeType
+	 * @return boolean
+	 */
 	function Match($type) {
 		return(($type === 'application/epub+zip') ? true : false );
 	}
 
-	function Thumb($attach,$preview_style,$height = 300, $width = 300) {
+	/**
+	 * @brief
+	 *
+	 * @param array $attach
+	 * @param number $preview_style unused
+	 * @param number $height (optional) default 300
+	 * @param number $width (optional) default 300
+	 */
+	function Thumb($attach, $preview_style, $height = 300, $width = 300) {
 
 		$photo = false;
 
-		$ep = new \Epub(dbunescbin($attach['content']));
+		$ep = new \EPub(dbunescbin($attach['content']));
 		$data = $ep->Cover();
 
 		if($data['found']) {
 			$photo = $data['data'];
 		}
 
-        if($photo) {
+		if($photo) {
 			$image = imagecreatefromstring($photo);
-			$dest = imagecreatetruecolor( $width, $height );
-	        $srcwidth = imagesx($image);
-    	    $srcheight = imagesy($image);
+			$dest = imagecreatetruecolor($width, $height);
+			$srcwidth = imagesx($image);
+			$srcheight = imagesy($image);
 
-        	imagealphablending($dest, false);
+			imagealphablending($dest, false);
 			imagesavealpha($dest, true);
-        	imagecopyresampled($dest, $image, 0, 0, 0, 0, $width, $height, $srcwidth, $srcheight);
-            imagedestroy($image);
-			imagejpeg($dest,dbunescbin($attach['content']) . '.thumb');
+			imagecopyresampled($dest, $image, 0, 0, 0, 0, $width, $height, $srcwidth, $srcheight);
+			imagedestroy($image);
+			imagejpeg($dest, dbunescbin($attach['content']) . '.thumb');
 		}
 	}
 }

Zotlabs/Thumbs/Video.php

@@ -49,6 +49,7 @@ class Video {
 			$cmd = $imagick_path . ' ' . escapeshellarg(PROJECT_BASE . '/' . $tmpfile . '[0]') . ' -thumbnail ' . $width . 'x' . $height . ' ' . escapeshellarg(PROJECT_BASE . '/' . $outfile);
 			//  logger('imagick thumbnail command: ' . $cmd);
 
+			/** @scrutinizer ignore-unhandled */
 			@exec($cmd);
 
 			if(! file_exists($outfile)) {

Zotlabs/Update/_1000.php

@@ -0,0 +1,15 @@
+<?php
+
+namespace Zotlabs\Update;
+
+class _1000 {
+function run() {
+	$r = q("ALTER TABLE `channel` ADD `channel_a_delegate` TINYINT( 3 ) UNSIGNED NOT NULL DEFAULT '0', ADD INDEX ( `channel_a_delegate` )");
+	if($r)
+		return UPDATE_SUCCESS;
+	return UPDATE_FAILED;
+}
+
+
+
+}

Zotlabs/Update/_1001.php

@@ -0,0 +1,27 @@
+<?php
+
+namespace Zotlabs\Update;
+
+class _1001 {
+function run() {
+	$r = q("CREATE TABLE if not exists `verify` (
+		`id` INT(10) UNSIGNED NOT NULL ,
+		`channel` INT(10) UNSIGNED NOT NULL DEFAULT '0',
+		`type` CHAR( 32 ) NOT NULL DEFAULT '',
+		`token` CHAR( 255 ) NOT NULL DEFAULT '',
+		`meta` CHAR( 255 ) NOT NULL DEFAULT '',
+		`created` DATETIME NOT NULL DEFAULT '0001-01-01 00:00:00',
+		PRIMARY KEY ( `id` )
+		) ENGINE = MYISAM DEFAULT CHARSET=utf8");
+
+	$r2 = q("alter table `verify` add index (`channel`), add index (`type`), add index (`token`),
+		add index (`meta`), add index (`created`)");
+
+	if($r && $r2)
+		return UPDATE_SUCCESS;
+	return UPDATE_FAILED;
+}
+
+
+
+}

Zotlabs/Update/_1002.php

@@ -0,0 +1,20 @@
+<?php
+
+namespace Zotlabs\Update;
+
+class _1002 {
+function run() {
+	$r = q("ALTER TABLE `event` CHANGE `account` `aid` INT( 10 ) UNSIGNED NOT NULL DEFAULT '0'");
+	$r2 = q("alter table `event` drop index `account`, add index (`aid`)");
+
+	q("drop table contact");
+	q("drop table deliverq");
+
+	if($r && $r2)
+		return UPDATE_SUCCESS;
+	return UPDATE_FAILED;
+}
+
+
+
+}

Zotlabs/Update/_1003.php

@@ -0,0 +1,15 @@
+<?php
+
+namespace Zotlabs\Update;
+
+class _1003 {
+function run() {
+	$r = q("ALTER TABLE `xchan` ADD `xchan_flags` INT UNSIGNED NOT NULL DEFAULT '0' AFTER `xchan_network` ,
+ADD INDEX ( `xchan_flags` ) ");
+	if($r)
+		return UPDATE_SUCCESS;
+	return UPDATE_FAILED;
+}
+
+
+}

Zotlabs/Update/_1004.php

@@ -0,0 +1,24 @@
+<?php
+
+namespace Zotlabs\Update;
+
+class _1004 {
+function run() {
+	$r = q("CREATE TABLE if not exists `site` (
+`site_url` CHAR( 255 ) NOT NULL ,
+`site_flags` INT NOT NULL DEFAULT '0',
+`site_update` DATETIME NOT NULL DEFAULT '0001-01-01 00:00:00',
+`site_directory` CHAR( 255 ) NOT NULL DEFAULT '',
+PRIMARY KEY ( `site_url` )
+) ENGINE = MYISAM DEFAULT CHARSET=utf8");
+
+	$r2 = q("alter table site add index (site_flags), add index (site_update), add index (site_directory) ");
+
+	if($r && $r2)
+		return UPDATE_SUCCESS;
+	return UPDATE_FAILED;
+}
+
+
+
+}

Zotlabs/Update/_1005.php

@@ -0,0 +1,13 @@
+<?php
+
+namespace Zotlabs\Update;
+
+class _1005 {
+function run() {
+	q("drop table guid");
+	q("drop table `notify-threads`");
+	return UPDATE_SUCCESS;
+}
+
+
+}

Zotlabs/Update/_1006.php

@@ -0,0 +1,45 @@
+<?php
+
+namespace Zotlabs\Update;
+
+class _1006 {
+function run() {
+
+	$r = q("CREATE TABLE IF NOT EXISTS `xprof` (
+  `xprof_hash` char(255) NOT NULL,
+  `xprof_desc` char(255) NOT NULL DEFAULT '',
+  `xprof_dob` char(12) NOT NULL DEFAULT '',
+  `xprof_gender` char(255) NOT NULL DEFAULT '',
+  `xprof_marital` char(255) NOT NULL DEFAULT '',
+  `xprof_sexual` char(255) NOT NULL DEFAULT '',
+  `xprof_locale` char(255) NOT NULL DEFAULT '',
+  `xprof_region` char(255) NOT NULL DEFAULT '',
+  `xprof_postcode` char(32) NOT NULL DEFAULT '',
+  `xprof_country` char(255) NOT NULL DEFAULT '',
+  PRIMARY KEY (`xprof_hash`),
+  KEY `xprof_desc` (`xprof_desc`),
+  KEY `xprof_dob` (`xprof_dob`),
+  KEY `xprof_gender` (`xprof_gender`),
+  KEY `xprof_marital` (`xprof_marital`),
+  KEY `xprof_sexual` (`xprof_sexual`),
+  KEY `xprof_locale` (`xprof_locale`),
+  KEY `xprof_region` (`xprof_region`),
+  KEY `xprof_postcode` (`xprof_postcode`),
+  KEY `xprof_country` (`xprof_country`)
+) ENGINE=MyISAM DEFAULT CHARSET=utf8");
+
+	$r2 = q("CREATE TABLE IF NOT EXISTS `xtag` (
+  `xtag_hash` char(255) NOT NULL,
+  `xtag_term` char(255) NOT NULL DEFAULT '',
+  PRIMARY KEY (`xtag_hash`),
+  KEY `xtag_term` (`xtag_term`)
+) ENGINE=MyISAM DEFAULT CHARSET=utf8");
+
+	if($r && $r2)
+		return UPDATE_SUCCESS;
+	return UPDATE_FAILED;
+}
+
+
+
+}

Zotlabs/Update/_1007.php

@@ -0,0 +1,15 @@
+<?php
+
+namespace Zotlabs\Update;
+
+class _1007 {
+function run() {
+	$r = q("ALTER TABLE `channel` ADD `channel_r_storage` INT UNSIGNED NOT NULL DEFAULT '128', ADD `channel_w_storage` INT UNSIGNED NOT NULL DEFAULT '128', add index ( channel_r_storage ), add index ( channel_w_storage )");
+
+	if($r && $r2)
+		return UPDATE_SUCCESS;
+	return UPDATE_FAILED;
+}
+
+
+}

Zotlabs/Update/_1008.php

@@ -0,0 +1,15 @@
+<?php
+
+namespace Zotlabs\Update;
+
+class _1008 {
+function run() {
+	$r = q("alter table profile drop prv_keywords,  CHANGE `pub_keywords` `keywords` TEXT CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL, drop index pub_keywords");
+
+	if($r)
+		return UPDATE_SUCCESS;
+	return UPDATE_FAILED;
+}
+
+
+}

Zotlabs/Update/_1009.php

@@ -0,0 +1,15 @@
+<?php
+
+namespace Zotlabs\Update;
+
+class _1009 {
+function run() {
+	$r = q("ALTER TABLE `xprof` ADD `xprof_keywords` TEXT NOT NULL");
+	if($r)
+		return UPDATE_SUCCESS;
+	return UPDATE_FAILED;
+}
+
+
+
+}

Zotlabs/Update/_1010.php

@@ -0,0 +1,18 @@
+<?php
+
+namespace Zotlabs\Update;
+
+class _1010 {
+function run() {
+	$r = q("ALTER TABLE `abook` ADD `abook_dob` DATETIME NOT NULL DEFAULT '0001-01-01 00:00:00' AFTER `abook_connnected` ,
+ADD INDEX ( `abook_dob` )");
+
+	$r2 = q("ALTER TABLE `profile` ADD `dob_tz` CHAR( 255 ) NOT NULL DEFAULT 'UTC' AFTER `dob`");
+
+	if($r && $r2)
+		return UPDATE_SUCCESS;
+	return UPDATE_FAILED;
+}
+
+
+}

Zotlabs/Update/_1011.php

@@ -0,0 +1,16 @@
+<?php
+
+namespace Zotlabs\Update;
+
+class _1011 {
+function run() {
+	$r = q("ALTER TABLE `item` ADD `expires` DATETIME NOT NULL DEFAULT '0001-01-01 00:00:00' AFTER `edited` ,
+ADD INDEX ( `expires` )");
+
+	if($r)
+		return UPDATE_SUCCESS;
+	return UPDATE_FAILED;
+}
+	
+
+}

Zotlabs/Update/_1012.php

@@ -0,0 +1,16 @@
+<?php
+
+namespace Zotlabs\Update;
+
+class _1012 {
+function run() {
+	$r = q("ALTER TABLE `xchan` ADD `xchan_connurl` CHAR( 255 ) NOT NULL DEFAULT '' AFTER `xchan_url` ,
+ADD INDEX ( `xchan_connurl` )");
+
+	if($r)
+		return UPDATE_SUCCESS;
+	return UPDATE_FAILED;
+}
+
+
+}

Zotlabs/Update/_1013.php

@@ -0,0 +1,21 @@
+<?php
+
+namespace Zotlabs\Update;
+
+class _1013 {
+function run() {
+	$r = q("CREATE TABLE if not exists `xlink` (
+`xlink_id` INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY ,
+`xlink_xchan` CHAR( 255 ) NOT NULL DEFAULT '',
+`xlink_link` CHAR( 255 ) NOT NULL DEFAULT '',
+`xlink_updated` DATETIME NOT NULL DEFAULT '0001-01-01 00:00:00'
+) ENGINE = MYISAM DEFAULT CHARSET=utf8");
+
+	$r2 = q("alter table xlink add index ( xlink_xchan ), add index ( xlink_link ), add index ( xlink_updated ) ");
+	if($r && $r2)
+		return UPDATE_SUCCESS;
+	return UPDATE_FAILED;
+}
+
+
+}

Zotlabs/Update/_1014.php

@@ -0,0 +1,14 @@
+<?php
+
+namespace Zotlabs\Update;
+
+class _1014 {
+function run() {
+	$r = q("ALTER TABLE `verify` CHANGE `id` `id` INT( 10 ) UNSIGNED NOT NULL AUTO_INCREMENT");
+	if($r)
+		return UPDATE_SUCCESS;
+	return UPDATE_FAILED;
+}
+
+
+}

Zotlabs/Update/_1015.php

@@ -0,0 +1,19 @@
+<?php
+
+namespace Zotlabs\Update;
+
+class _1015 {
+function run() {
+	$r = q("ALTER TABLE `channel` ADD `channel_r_pages` INT UNSIGNED NOT NULL DEFAULT '128',
+ADD `channel_w_pages` INT UNSIGNED NOT NULL DEFAULT '128'");
+
+	$r2 = q("ALTER TABLE `channel` ADD INDEX ( `channel_r_pages` ) , ADD INDEX ( `channel_w_pages` ) ");
+
+	if($r && $r2)
+		return UPDATE_SUCCESS;
+	return UPDATE_FAILED;
+}
+
+
+
+}

Zotlabs/Update/_1016.php

@@ -0,0 +1,39 @@
+<?php
+
+namespace Zotlabs\Update;
+
+class _1016 {
+function run() {
+
+	$r = q("CREATE TABLE IF NOT EXISTS `menu` (
+  `menu_id` int(10) unsigned NOT NULL AUTO_INCREMENT,
+  `menu_channel_id` int(10) unsigned NOT NULL DEFAULT '0',
+  `menu_desc` char(255) NOT NULL DEFAULT '',
+  PRIMARY KEY (`menu_id`),
+  KEY `menu_channel_id` (`menu_channel_id`)
+) ENGINE=MyISAM DEFAULT CHARSET=utf8 ");
+
+	$r2 = q("CREATE TABLE IF NOT EXISTS `menu_item` (
+  `mitem_id` int(10) unsigned NOT NULL AUTO_INCREMENT,
+  `mitem_link` char(255) NOT NULL DEFAULT '',
+  `mitem_desc` char(255) NOT NULL DEFAULT '',
+  `allow_cid` mediumtext NOT NULL,
+  `allow_gid` mediumtext NOT NULL,
+  `deny_cid` mediumtext NOT NULL,
+  `deny_gid` mediumtext NOT NULL,
+  `mitem_channel_id` int(10) unsigned NOT NULL,
+  `mitem_menu_id` int(10) unsigned NOT NULL DEFAULT '0',
+  `mitem_order` int(11) NOT NULL DEFAULT '0',
+  PRIMARY KEY (`mitem_id`),
+  KEY `mitem_channel_id` (`mitem_channel_id`),
+  KEY `mitem_menu_id` (`mitem_menu_id`)
+) ENGINE=MyISAM DEFAULT CHARSET=utf8 ");
+
+
+	if($r && $r2)
+		return UPDATE_SUCCESS;
+	return UPDATE_FAILED;
+}
+
+
+}

Zotlabs/Update/_1017.php

@@ -0,0 +1,14 @@
+<?php
+
+namespace Zotlabs\Update;
+
+class _1017 {
+function run() {
+	$r = q("ALTER TABLE `event` CHANGE `cid` `event_xchan` CHAR( 255 ) NOT NULL DEFAULT '', ADD INDEX ( `event_xchan` ), drop index cid  ");
+	if($r)
+		return UPDATE_SUCCESS;
+	return UPDATE_FAILED;
+}
+
+
+}

Zotlabs/Update/_1018.php

@@ -0,0 +1,16 @@
+<?php
+
+namespace Zotlabs\Update;
+
+class _1018 {
+function run() {
+	$r = q("ALTER TABLE `event` ADD `event_hash` CHAR( 255 ) NOT NULL DEFAULT '' AFTER `event_xchan` ,
+ADD INDEX ( `event_hash` )");
+	if($r)
+		return UPDATE_SUCCESS;
+	return UPDATE_FAILED;
+}
+
+
+
+}

Zotlabs/Update/_1019.php

@@ -0,0 +1,14 @@
+<?php
+
+namespace Zotlabs\Update;
+
+class _1019 {
+function run() {
+	$r = q("ALTER TABLE `event` DROP `message_id` ");
+	if($r)
+		return UPDATE_SUCCESS;
+	return UPDATE_FAILED;
+}
+
+
+}

Zotlabs/Update/_1020.php

@@ -0,0 +1,14 @@
+<?php
+
+namespace Zotlabs\Update;
+
+class _1020 {
+function run() {
+	$r = q("alter table photo drop `contact-id`, drop guid, drop index `resource-id`, add index ( `resource_id` )");
+	if($r)
+		return UPDATE_SUCCESS;
+	return UPDATE_FAILED;
+}
+
+
+}