Merge branch 'develop' into 'japanese'

Update 4.6 See merge request harukin/core!72
Revert "Revert "Merge branch 'develop' into 'origin'""
2019-12-29 14:08:20 +09:00 · 2019-12-29 13:59:00 +09:00 · 2019-12-29 13:53:59 +09:00 · 2019-12-29 13:33:15 +09:00 · 2019-12-29 13:31:01 +09:00 · 2019-12-29 13:10:22 +09:00
3425 changed files with 349064 additions and 570607 deletions
@@ -37,7 +37,7 @@ pageheader.html
 doc/SiteTOS.md
 # themes except for redbasic
 view/theme/*
-! view/theme/redbasic
+!view/theme/redbasic
 # site theme schemas
 view/theme/redbasic/schema/default.php
 # Doxygen API documentation, run 'doxygen util/Doxyfile' to generate it
@@ -0,0 +1,147 @@
+# Select image from https://hub.docker.com/_/php/
+#image: php:7.2
+# Use a prepared Hubzilla image to optimise pipeline duration
+image: registry.gitlab.com/dawnbreak/hubzilla/core:php7.2
+
+
+stages:
+  - test
+  - deploy
+
+
+# Select what we should cache
+cache:
+  paths:
+  - vendor/
+  - .cache/
+
+
+# global variables for all jobs, if no job specific variables
+variables:
+  # Tell composer to use the project workspace .cache folder
+  COMPOSER_CACHE_DIR: "$CI_PROJECT_DIR/.cache/composer"
+  # Ignore a Composer warning
+  COMPOSER_ALLOW_SUPERUSER: 1
+  # Configure MySQL/MariaDB service (https://hub.docker.com/_/mysql/, https://hub.docker.com/_/mariadb/)
+  MYSQL_DATABASE: hello_world_test
+  MYSQL_ROOT_PASSWORD: mysql
+  # Configure PostgreSQL service (https://hub.docker.com/_/postgres/)
+  POSTGRES_DB: ci-db
+  POSTGRES_USER: ci-user
+  POSTGRES_PASSWORD: ci-pass
+
+
+before_script:
+# pecl and composer do not work with PHP production restrictions (from Hubzilla Docker image)
+- if [ -f /usr/local/etc/php/conf.d/z_prod.ini ]; then mv /usr/local/etc/php/conf.d/z_prod.ini /usr/local/etc/php/conf.d/z_prod.ini.off; fi
+# Install & enable Xdebug for code coverage reports
+- pecl install xdebug
+- docker-php-ext-enable xdebug
+# Install composer
+- curl -sS https://getcomposer.org/installer | php
+# Install dev libraries from composer
+- php ./composer.phar install --no-progress
+
+
+# hidden job definition with template for MySQL/MariaDB
+.job_template_mysql: &job_definition_mysql
+  stage: test
+  script:
+  - echo "USE $MYSQL_DATABASE; $(cat ./install/schema_mysql.sql)" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE"
+  - echo "SHOW DATABASES;" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE"
+  - echo "USE $MYSQL_DATABASE; SHOW TABLES;" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE"
+  - vendor/bin/phpunit --configuration tests/phpunit.xml --coverage-text
+
+# hidden job definition with template for PostgreSQL
+.job_template_postgres: &job_definition_postgres
+  stage: test
+  services:
+  - postgres:latest
+  script:
+  - export PGPASSWORD=$POSTGRES_PASSWORD
+  - psql --version
+  - psql -h "postgres" -U "$POSTGRES_USER" -d "$POSTGRES_DB" -c "SELECT VERSION();"
+  # Import hubzilla's DB schema
+  - psql -h "postgres" -U "$POSTGRES_USER" -v ON_ERROR_STOP=1 --quiet "$POSTGRES_DB" < ./install/schema_postgres.sql
+  # Show databases and relations/tables of hubzilla's database
+  #- psql -h "postgres" -U "$POSTGRES_USER" -l
+  #- psql -h "postgres" -U "$POSTGRES_USER" -d "$POSTGRES_DB" -c "\dt;"
+  # Run the actual tests
+  - vendor/bin/phpunit --configuration tests/phpunit-pgsql.xml --testdox
+
+# hidden job definition with artifacts config template
+.artifacts_template:
+  artifacts: &artifacts_template
+    expire_in: 1 week
+    # Gitlab should show the results, but has problems parsing PHPUnit's junit file.
+    reports:
+      junit: tests/results/junit.xml
+    # Archive test results (coverage, testdox, junit)
+    name: "$CI_COMMIT_REF_SLUG-$CI_JOB_NAME"
+    paths:
+      - tests/results/
+
+
+# PHP7.2 with MySQL 5.7
+php7.2_mysql5.7:
+  <<: *job_definition_mysql
+  services:
+  - mysql:5.7
+
+
+# PHP7.2 with MySQL 8 (latest)
+php7.2_mysql8:
+  <<: *job_definition_mysql
+  services:
+  - name: mysql:8
+    command: ["--default-authentication-plugin=mysql_native_password"]
+
+
+# PHP7.2 with MariaDB 10.2
+php7.2_mariadb10.2:
+  <<: *job_definition_mysql
+  services:
+  - name: mariadb:10.2
+    alias: mysql
+
+
+# PHP7.3 with MariaDB 10.3 (latest)
+php7.3_mariadb10.3:
+  <<: *job_definition_mysql
+  image: registry.gitlab.com/dawnbreak/hubzilla/core:php7.3
+  services:
+  - name: mariadb:10.3
+    alias: mysql
+
+
+# PHP7.2 with PostgreSQL latest (11)
+php7.2_postgres11:
+  <<: *job_definition_postgres
+  artifacts: *artifacts_template
+
+
+# PHP7.3 with PostgreSQL latest (11)
+php7.3_postgres11:
+  <<: *job_definition_postgres
+  image: registry.gitlab.com/dawnbreak/hubzilla/core:php7.3
+  artifacts: *artifacts_template
+
+
+# Generate Doxygen API Documentation and deploy it as GitLab pages
+pages:
+  stage: deploy
+  cache: {}
+  image: php:7-cli-alpine
+  before_script:
+    - apk update
+    - apk add doxygen ttf-freefont graphviz
+  script:
+    - doxygen util/Doxyfile
+    - mv doc/html/ public/
+    - echo "API documentation should be accessible at https://hubzilla.frama.io/core/ soon"
+  artifacts:
+    paths:
+      - public
+  only:
+    # Only generate it on main repo's master branch
+    - master@hubzilla/core
@@ -1,23 +1,10 @@
-# Hubzilla at Home next to your Router
-
-Run hubzilla-setup.sh for an unattended installation of hubzilla.
-
-The script is known to work without adjustments with
-
-+ Hardware
-  - Mini-PC with Debian-9.2-amd64, or
-  - Rapberry 3 with Raspbian, Debian-9.3
-+ DynDNS
-  - selfHOST.de
-  - freedns.afraid.org
+# How to use

 ## Disclaimers

- This script does work with Debian 9 only.
+- This script does work with Debian 10 only.
 - This script has to be used on a fresh debian install only (it does not take account for a possibly already installed and configured webserver or sql implementation).

-# Step-by-Step Overwiew
-
 ## Preconditions

 Hardware
@@ -28,35 +15,27 @@ Hardware

 Software

-+ Fresh installation of Debian 9 (Stretch)
-+ Router with open ports 80 and 443 for your Hub
+ Fresh installation of Debian 10 (Stretch)
+ Router with open ports 80 and 443 for your web server

-## The basic steps (quick overview)
+## How to run the script

 + Register your own domain (for example at selfHOST) or a free subdomain (for example at freeDNS)
 + Log on to your fresh Debian
  - apt-get install git
  - mkdir -p /var/www
  - cd /var/www
-  - git clone https://github.com/redmatrix/hubzilla.git html
+  - git clone https://framagit.org/hubzilla/core.git html
  - cd html/.homeinstall
  - cp hubzilla-config.txt.template hubzilla-config.txt
  - nano hubzilla-config.txt
    - Read the comments carefully
    - Enter your values: db pass, domain, values for dyn DNS
-  - Make sure your external drive (for backups) is mounted
+    - Prepare your external disk for backups
  - hubzilla-setup.sh as root
    - ... wait, wait, wait until the script is finised
-  - reboot
 + Open your domain with a browser and step throught the initial configuration of hubzilla.

-## Troubleshooting
-
-If the check of the mail address fails when you try to register the very first user in the browser. Do...
-
-    cd /var/www/html
-    util/config system.do_not_check_dns 1
-
 ## Optional - Set path to imagemagick

 In Admin settings of hubzilla or via terminal
@@ -64,60 +43,74 @@ In Admin settings of hubzilla or via terminal
    cd /var/www/html
    util/config system.imagick_convert_path /usr/bin/convert

-# Step-by-Step in Detail
+## Optional - Switch verification of email on/off

-## Preparations Hardware
+Do this just befor you register the user.

-### Mini-PC
+In Admin settings of hubzilla or via terminal

-### Recommended: USB Drive for Backups
+    cd /var/www/html

-The installation will create a daily backup written to an external drive.
+Check the current setting 

-The USB drive must be compatible with the filesystems
+    util/config system verify_email

- ext4 (if you do not want to encrypt the USB) 
- LUKS + ext4 (if you want to encrypt the USB) 
+Switch the verification on/off (1/0)

-The backup includes 
+    util/config system verify_email 0

- Hubzilla DB
- Hubzilla installation /var/www/html
- Certificates for letsencrypt
+## What the script will do for you...

-## Preparations Software
+ install everything required by Hubzilla, basically a web server (Apache), PHP, a database (MySQL), certbot,...
+ create a database
+ run certbot to have everything for a secure connection (httpS)
+ create a script for daily maintenance
+  - backup to external disk (certificates, database, /var/www/)
+  - renew certfificate (letsencrypt)
+  - update of Hubzilla
+  - update of Debian
+  - restart
+ create cron jobs for
+  - DynDNS (selfHOST.de or freedns.afraid.org) every 5 minutes
+  - Master.php for Zap/Hubzilla every 10 minutes
+  - daily maintenance script every day at 05:30

-### Install Debian Linux on the Mini-PC
+The script is known to work without adjustments with

-Download the stable Debian at https://www.debian.org/  
-(Debian 8 is no longer supported.)
+ Hardware
+  - Mini-PC with Debian 10 (stretch), or
+  - Rapberry 3 with Raspbian, Debian 10
+ DynDNS
+  - selfHOST.de
+  - freedns.afraid.org

-Create bootable USB drive with Debian on it.You could use
+The script can install both [Hubzilla](https://zotlabs.org/page/hubzilla/hubzilla-project) and [Zap](https://zotlabs.com/zap/). Make sure to use the correct GIT repositories.  

- unetbootin, https://en.wikipedia.org/wiki/UNetbootin
- or simply the linux command "dd"
-
-Example for command dd...
-
-    su -
-    dd if=2017-11-29-raspbian-stretch.img of=/dev/mmcblk0
-
-Do not forget to unmount the SD card before and check if unmounted like in this example...
-
-    su -
-    umount /dev/mmcblk0*
-    df -h
+ Hubzilla
+  - core: git clone https://framagit.org/hubzilla/core.git html (in this readme)
+  - addons: util/add_addon_repo https://framagit.org/hubzilla/addons.git hzaddons (in hubzilla-setup.sh)
+ Zap
+  - core: git clone https://framagit.org/zot/zap.git html (in this readme)
+  - addons: util/add_addon_repo https://framagit.org/zot/zap-addons.git zaddons (in hubzilla-setup.sh)


-Switch off your mini pc, plug in your USB drive and start the mini pc from the
-stick. Install Debian. Follow the instructions of the installation.

-### Configure your Router
+# Step-by-Step - some Details

-Open the ports 80 and 443 on your router for your Debian
+## Preparations
+
+## Configure your Router
+
+Your web has to be visible in the internet.  
+
+Open the ports 80 and 443 on your router for your Debian. Make sure your web server is marked as "exposed host".

 ## Preparations Dynamic IP Address

+Follow the instructions in .homeinstall/hubzilla-config.txt.  
+
+In short...  
+
 Your Hubzilla must be reachable by a domain that you can type in your browser

    cooldomain.org
@@ -132,99 +125,15 @@ There are two ways to get a domain...

 ...for example buy at selfHOST.de  

-The cost are around 10,- € once and 1,50 € per month (2017).
+The cost is 1,50 € per month (2019).

 ### Method 2: Register a free subdomain

 ...for example register at freedns.afraid.org

-Follow the instructions in .homeinstall/hubzilla-config.txt.  
+## Note on Rasperry 

-
-## Install Hubzilla on your Debian
-
-Login to your debian
-(Provided your username is "you" and the name of the mini pc is "debian". You
-could take the IP address instead of "debian")
-
-    ssh -X you@debian
-
-Change to root user
-
-    su -l
-
-Install git
-
-    apt-get install git
-
-Make the directory for apache and change diretory to it
-
-    mkdir /var/www
-    cd /var/www/
-
-Clone hubzilla from git ("git pull" will update it later)
-
-    git clone https://framagit.org/hubzilla/core html
-
-Change to the install script
-
-    cd html/.homeinstall/
-    
-Copy the template file
-    
-    cp hubzilla-config.txt.template hubzilla-config.txt
-
-Modify the file "hubzilla-config.txt". Read the instructions there carefully and enter your values.
-
-    nano hubzilla-config.txt
-
-Make sure your external drive (for backups) is plugged in and can be mounted as configured in "hubzilla-config.txt". Otherwise the daily backups will not work.
-
-Run the script
-
-     ./hubzilla-setup.sh
-
-Wait... The script should not finish with an error message.
-
-In a webbrowser open your domain.
-Expected: A test page of hubzilla is shown. All checks there should be
-successfull. Go on...
-Expected: A page for the Hubzilla server configuration shows up.
-
-Leave db server name "127.0.0.1" and port "0" untouched.
-
-Enter
-
- DB user name = hubzilla
- DB pass word = This is the password you entered in "hubzilla-config.txt"
- DB name = hubzilla
-
-Leave db type "MySQL" untouched.
-
-Follow the instructions in the next pages.
-
-Recommended: Set path to imagemagick
-
- in admin settings of hubzilla or 
- via terminal
-
-    util/config system.imagick_convert_path /usr/bin/convert
-
-After the daily script was executed at 05:30 (am)
-
- look at /var/www/html/hubzilla-daily.log
- check your backup on the external drive
- optionally view the daily log under yourdomain.org/admin/logs/
-  - set the logfile to var/www/html/hubzilla-daily.log
-
-## Note for the Rasperry 
-
-The script was tested with an Raspberry 3 under Raspian (Debian 9.3, 2017-11-29-raspbian-stretch.img).
-
-It is recommended to deinstall these programms to avoid endless updates. Use...
-
-    sudo apt-get purge wolfram-engine sonic-pi
-    sudo apt-get autoremove
+The script was tested with an Raspberry 3 under Raspian, Debian 10.

 It is recommended to run the Raspi without graphical frontend (X-Server). Use...

@@ -234,12 +143,5 @@ to boot the Rapsi to the client console.

 DO NOT FORGET TO CHANGE THE DEFAULT PASSWORD FOR USER PI!

-On a Raspian Stretch (Debian 9) the validation of the mail address fails for the very first user.
-This used to happen on some *bsd distros but there was some work to fix that a year ago (2017).
-
-So if your system isn't registered in DNS or DNS isn't active do
-
-    cd /var/www/html
-    util/config system.do_not_check_dns 1


@@ -2,8 +2,8 @@
 ### MANDATORY - database password #############
 #
 # Please give your database password
+# It is better to not use blanks inside the password.
 #   Example: db_pass=pass_word_with_no_blanks_in_it
-#   Example: db_pass="this password has blanks in it"
 db_pass=

 ###############################################
@@ -18,7 +18,12 @@ db_pass=
 #     Example: my.cooldomain.org
 #     Example: cooldomain.org
 #
-# Email is optional
+# You might use "localhost" for a LOCAL TEST installation.
+# This is usefull if you want to debug the server inside a VM.
+#
+#     Example: localhost
+#
+# Email is optional if you use "localhost".
 #
 #
 le_domain=
@@ -28,7 +33,7 @@ le_email=
 ### OPTIONAL - selfHOST - dynamic IP address ##
 #
 # 1. Register a domain at selfhost.de
-#    - choose offer "DOMAIN dynamisch" 1,50€/mon at 08.01.2016
+#    - choose offer "DOMAIN dynamisch" 1,50€/mon at 04/2019
 # 2. Get your configuration for dynamic IP update
 #    - Log in at selfhost.de
 #    - go to "DynDNS Accounte"
@@ -3,7 +3,10 @@
 # How to use
 # ----------
 # 
-# This file automates the installation of hubzilla under Debian Linux
+# This file automates the installation of
+# - hubzilla: https://zotlabs.org/page/hubzilla/hubzilla-project and
+# - zap: https://zotlabs.com/zap/
+# under Debian Linux
 #
 # 1) Copy the file "hubzilla-config.txt.template" to "hubzilla-config.txt"
 #       Follow the instuctions there
@@ -23,18 +26,15 @@
 # - install
 #        * apache webserer, 
 #        * php,  
-#        * mysql - the database for hubzilla,  
-#        * phpmyadmin,  
-#        * git to download and update hubzilla itself
-# - download hubzilla core and addons
+#        * mariadb - the database for hubzilla,  
+#        * adminer,  
+#        * git to download and update addons
 # - configure cron
-#        * "poller.php" for regular background prozesses of hubzilla
-#        * to_do "apt-get update" and "apt-get dist-upgrade" to keep linux
-#          up-to-date
-#        * to_do backup hubzillas database and files (rsnapshot)
-# - configure dynamic ip with cron
-# - to_do letsencrypt
-# - to_do redirection to https
+#        * "Master.php" for regular background prozesses of hubzilla
+#        * "apt-get update" and "apt-get dist-upgrade" and "apt-get autoremove" to keep linux up-to-date
+#        * run command to keep the IP up-to-date > DynDNS provided by selfHOST.de or freedns.afraid.org
+#        * backup hubzillas database and files (rsync)
+# - run letsencrypt to create, register and use a certifacte for https
 # 
 # 
 # Discussion
@@ -44,26 +44,6 @@
 # - The script runs into installation errors for phpmyadmin if it uses
 #   different passwords. For the sake of simplicity one singel password.
 # 
-# Security - suhosin for PHP
-# - The script does not install suhosin.
-# - Is the security package suhosin usefull or not usefull?
-#
-# Hubzilla - email verification
-# - The script switches off email verification off in all htconfig.tpl.
-#   Example: /var/www/html/view/en/htconfig.tpl
-# - Is this a silly idea or not?
-#
-# 
-# Remove Hubzilla (for a fresh start using the script)
-# ----------------------------------------------------
-#
-# You could use /var/www/hubzilla-remove.sh
-# that is created by hubzilla-setup.sh.
-#
-# The script will remove (almost everything) what was installed by the script.
-# After the removal you could run the script again to have a fresh install
-# of all applications including hubzilla and its database.
-# 
 # How to restore from backup
 # --------------------------
 #
@@ -75,19 +55,11 @@
 # - creates a daily cron that runs the hubzilla-daily.sh
 #
 # hubzilla-daily.sh makes a (daily) backup of all relevant files
-# - /var/lib/mysql/ > hubzilla database
-# - /var/www/html/ > hubzilla from github
-# - /var/www/letsencrypt/ > certificates
+# - /var/lib/mysql/ > database
+# - /var/www/ > hubzilla/zap from github
+# - /etc/letsencrypt/ > certificates
 # 
-# hubzilla-daily.sh writes the backup
-# - either to an external disk compatible to LUKS+ext4 (see hubzilla-config.txt)
-# - or to /var/cache/rsnapshot in case the external disk is not plugged in
-# 
-# Restore backup
-# - - - - - - - 
-# 
-# This was not tested yet.
-# Bacically you can copy the files from the backup to the server.
+# hubzilla-daily.sh writes the backup to an external disk compatible to LUKS+ext4 (see hubzilla-config.txt)
 # 
 # Credits
 # -------
@@ -95,8 +67,6 @@
 # The script is based on Thomas Willinghams script "debian-setup.sh"
 # which he used to install the red#matrix.
 #
-# The script uses another script from https://github.com/lukas2511/letsencrypt.sh
-#
 # The documentation for bash is here
 # https://www.gnu.org/software/bash/manual/bash.html
 #
@@ -116,9 +86,9 @@ function check_sanity {
    then
        die "Debian is supported only"
    fi
-    if ! grep -q 'Linux 9' /etc/issue
+    if ! grep -q 'Linux 10' /etc/issue
    then
-        die "Linux 9 (stretch) is supported only"x
+        die "Linux 10 (buster) is supported only"x
    fi
 }

@@ -136,11 +106,11 @@ function check_config {
    # backup is important and should be checked
 	if [ -n "$backup_device_name" ]
 	then
-            if [ ! -d "$backup_mount_point" ]
-            then
-                mkdir "$backup_mount_point"
-	    fi
-            device_mounted=0
+		if [ ! -d "$backup_mount_point" ]
+		then
+			mkdir "$backup_mount_point"
+		fi
+		device_mounted=0
 		if fdisk -l | grep -i "$backup_device_name.*linux"
 		then
 		    print_info "ok - filesystem of external device is linux"
@@ -229,21 +199,17 @@ function print_warn {
 }

 function stop_hubzilla {
-    if [ -d /etc/apache2 ]
-    then
-        print_info "stopping apache webserver..."
-        service apache2 stop
-    fi
-    if [ -f /etc/init.d/mysql ]
-    then
-        print_info "stopping mysql db..."
-        /etc/init.d/mysql stop
-    fi
+    print_info "stopping apache webserver..."
+    systemctl stop apache2
+    print_info "stopping mysql db..."
+    systemctl stop mariadb
 }

 function install_apache {
    print_info "installing apache..."
    nocheck_install "apache2 apache2-utils"
+    a2enmod rewrite
+    systemctl restart apache2
 }

 function install_imagemagick {
@@ -256,6 +222,11 @@ function install_curl {
    nocheck_install "curl"
 }

+function install_wget {
+    print_info "installing wget..."
+    nocheck_install "wget"
+}
+
 function install_sendmail {
    print_info "installing sendmail..."
    nocheck_install "sendmail sendmail-bin"
@@ -264,65 +235,47 @@ function install_sendmail {
 function install_php {
    # openssl and mbstring are included in libapache2-mod-php
    print_info "installing php..."
-    nocheck_install "libapache2-mod-php php php-pear php-curl php-mcrypt php-gd"
-    sed -i "s/^upload_max_filesize =.*/upload_max_filesize = 100M/g" /etc/php/7.0/apache2/php.ini
-    sed -i "s/^post_max_size =.*/post_max_size = 100M/g" /etc/php/7.0/apache2/php.ini
+    nocheck_install "libapache2-mod-php php php-pear php-curl php-gd php-mysqli php-mbstring php-xml php-zip"
+    sed -i "s/^upload_max_filesize =.*/upload_max_filesize = 100M/g" /etc/php/7.3/apache2/php.ini
+    sed -i "s/^post_max_size =.*/post_max_size = 100M/g" /etc/php/7.3/apache2/php.ini
 }

 function install_mysql {
-    # http://www.microhowto.info/howto/perform_an_unattended_installation_of_a_debian_package.html
-    # 
-    # To determine the required package name, key and type you can perform
-    # a trial installation then search the configuration database.
-    # 
-    #     debconf-get-selections | grep mysql-server
-    #
-    # The command debconf-get-selections is provided by the package
-    # debconf-utils, which you may need to install.
-    #
-    #    apt-get install debconf-utils
-    #
-    # If you want to supply an answer to a configuration question but do not 
-    # want to be prompted for it then this can be arranged by preseeding the
-    # DebConf database with the required information.
-    #
-    #     echo mysql-server mysql-server/root_password password xyzzy | debconf-set-selections
-    #     echo mysql-server mysql-server/root_password_again password xyzzy | debconf-set-selections
-    #
    print_info "installing mysql..."
    if [ -z "$mysqlpass" ]
    then
        die "mysqlpass not set in $configfile"
    fi
-    echo mysql-server mysql-server/root_password password $mysqlpass | debconf-set-selections
-    echo mysql-server mysql-server/root_password_again password $mysqlpass | debconf-set-selections
-    nocheck_install "php-mysql mysql-server mysql-client"
+	if type mysql ; then
+		echo "Yes, mysql is installed"
+	else
+		echo "mariadb-server"
+		nocheck_install "mariadb-server"
+        systemctl status mariadb
+        systemctl start mariadb
+        mysql --user=root <<_EOF_
+UPDATE mysql.user SET Password=PASSWORD('${db_root_password}') WHERE User='root';
+DELETE FROM mysql.user WHERE User='';
+DROP DATABASE IF EXISTS test;
+DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%';
+FLUSH PRIVILEGES;
+_EOF_
+    fi    
 }

-function install_phpmyadmin {
-    print_info "installing phpmyadmin..."
-    if [ -z "$phpmyadminpass" ]
+function install_adminer {
+    print_info "installing adminer..."
+    nocheck_install "adminer"
+    if [ ! -f /etc/adminer/adminer.conf ]
    then
-        die "phpmyadminpass not set in $configfile"
+        echo "Alias /adminer /usr/share/adminer/adminer" > /etc/adminer/adminer.conf
+        ln -s /etc/adminer/adminer.conf /etc/apache2/conf-available/adminer.conf
+    else
+        print_info "file /etc/adminer/adminer.conf exists already"
    fi
-    echo phpmyadmin    phpmyadmin/setup-password password $phpmyadminpass | debconf-set-selections
-    echo phpmyadmin    phpmyadmin/mysql/app-pass password $phpmyadminpass | debconf-set-selections
-    echo phpmyadmin    phpmyadmin/app-password-confirm password $phpmyadminpass | debconf-set-selections
-    echo phpmyadmin    phpmyadmin/mysql/admin-pass    password $phpmyadminpass | debconf-set-selections
-    echo phpmyadmin    phpmyadmin/password-confirm    password $phpmyadminpass | debconf-set-selections
-    echo phpmyadmin    phpmyadmin/reconfigure-webserver multiselect apache2 | debconf-set-selections
-    nocheck_install "phpmyadmin"
-
-    # It seems to be not neccessary to check rewrite.load because it comes
-    # with the installation. To be sure you could check this manually by:
-    #
-    #    nano /etc/apache2/mods-available/rewrite.load
-    #
-    # You should find the content:
-    #
-    #    LoadModule rewrite_module /usr/lib/apache2/modules/mod_rewrite.so

    a2enmod rewrite
+
    if [ ! -f /etc/apache2/apache2.conf ]
    then
        die "could not find file /etc/apache2/apache2.conf"
@@ -330,12 +283,10 @@ function install_phpmyadmin {
    sed -i \
        "s/AllowOverride None/AllowOverride all/" \
        /etc/apache2/apache2.conf
-    if [ -z "`grep 'Include /etc/phpmyadmin/apache.conf' /etc/apache2/apache2.conf`" ]
-    then
-        echo "Include /etc/phpmyadmin/apache.conf" >> /etc/apache2/apache2.conf
-    fi
-    service apache2 restart
-    /etc/init.d/mysql start
+
+    a2enconf adminer
+    systemctl restart mariadb
+    systemctl reload apache2
 }

 function create_hubzilla_db {
@@ -352,6 +303,7 @@ function create_hubzilla_db {
    then
        die "hubzilla_db_pass not set in $configfile"
    fi
+    systemctl restart mariadb
    Q1="CREATE DATABASE IF NOT EXISTS $hubzilla_db_name;"
    Q2="GRANT USAGE ON *.* TO $hubzilla_db_user@localhost IDENTIFIED BY '$hubzilla_db_pass';"
    Q3="GRANT ALL PRIVILEGES ON $hubzilla_db_name.* to $hubzilla_db_user@localhost identified by '$hubzilla_db_pass';"
@@ -449,11 +401,11 @@ function configure_cron_selfhost {
    print_info "configure cron for selfhost..."
    if [ -z "$selfhost_user" ]
    then
-        print_info "freedns is not configured because freedns_key is empty in $configfile"
+        print_info "selfhost is not configured because selfhost_key is empty in $configfile"
    else
        # Use cron for dynamich ip update
        #   - at reboot
-        #   - every 30 minutes
+        #   - every 5 minutes
        if [ -z "`grep 'selfhost-updater.sh' /etc/crontab`" ]
        then
            echo "@reboot root bash /etc/selfhost/selfhost-updater.sh update > /dev/null 2>&1" >> /etc/crontab
@@ -471,89 +423,13 @@ function install_letsencrypt {
    then
        die "Failed to install let's encrypt: 'le_domain' is empty in $configfile"
    fi
-    # configure apache
-    apache_le_conf=/etc/apache2/sites-available/le-default.conf    
-    if [ -f $apache_le_conf ]
+    if [ -z "$le_email" ]
    then
-        print_info "$apache_le_conf exist already"
-    else
-        cat > $apache_le_conf <<END
-# letsencrypt default Apache configuration
-Alias /.well-known/acme-challenge /var/www/letsencrypt
-
-<Directory /var/www/letsencrypt>
-    Options FollowSymLinks
-	Allow from all
-</Directory>
-END
-        a2ensite le-default.conf
-        service apache2 restart
+        die "Failed to install let's encrypt: 'le_email' is empty in $configfile"
    fi
-    # download the shell script
-    if [ -d $le_dir ]
-    then
-        print_info "letsenrypt exists already (nothing downloaded > no certificate created and registered)"
-        return 0
-    fi
-    git clone https://github.com/lukas2511/dehydrated $le_dir
-    cd $le_dir
-    # create config file for letsencrypt.sh
-    echo "WELLKNOWN=$le_dir" > $le_dir/config.sh
-    if [ -n "$le_email" ]
-    then
-        echo "CONTACT_EMAIL=$le_email" >> $le_dir/config.sh
-    fi
-    # create domain file for letsencrypt.sh
-    # WATCH THIS:
-    #    - It did not work wit "sub.domain.org www.sub.domain.org".
-    #    - So just use "sub.domain.org" only!
-    echo "$le_domain" > $le_dir/domains.txt
-    # test apache config for letsencrpyt
-    url_http=http://$le_domain/.well-known/acme-challenge/domains.txt
-    wget_output=$(wget -nv --spider --max-redirect 0 $url_http)
-    if [ $? -ne 0 ]
-    then
-        die "Failed to load $url_http"
-    fi
-    # accept terms of service of letsencrypt
-    ./dehydrated --register --accept-terms
-    # run script dehydrated
-    # 
-    ./dehydrated --cron --config $le_dir/config.sh
-}
-
-function configure_apache_for_https {
-    print_info "configuring apache to use httpS ..."
-    # letsencrypt.sh
-    #
-    #   "${BASEDIR}/certs/${domain}/privkey.pem"
-    #   "${BASEDIR}/certs/${domain}/cert.pem"
-    #   "${BASEDIR}/certs/${domain}/fullchain.pem"
-    #
-    SSLCertificateFile=${le_dir}/certs/${le_domain}/cert.pem
-    SSLCertificateKeyFile=${le_dir}/certs/${le_domain}/privkey.pem
-    SSLCertificateChainFile=${le_dir}/certs/${le_domain}/fullchain.pem
-    if [ ! -f $SSLCertificateFile ]
-    then
-        print_warn "Failed to configure apache for httpS: Missing certificate file $SSLCertificateFile" 
-        return 0  
-    fi
-    # make sure that the ssl mode is enabled
-    print_info "...configuring apache to use httpS - a2enmod ssl ..."
-    a2enmod ssl
-    # modify apach' ssl conf file 
-    if grep -i "ServerName" $sslconf
-    then
-        print_info "seems that apache was already configered to use httpS with $sslconf"
-    else
-        sed -i "s/ServerAdmin.*$/ServerAdmin webmaster@localhost\\n        ServerName ${le_domain}/" $sslconf 
-    fi     
-    sed -i s#/etc/ssl/certs/ssl-cert-snakeoil.pem#$SSLCertificateFile# $sslconf 
-    sed -i s#/etc/ssl/private/ssl-cert-snakeoil.key#$SSLCertificateKeyFile# $sslconf 
-    sed -i s#/etc/apache2/ssl.crt/server-ca.crt#$SSLCertificateChainFile# $sslconf 
-    sed -i s/#SSLCertificateChainFile/SSLCertificateChainFile/ $sslconf 
-    # apply changes
-    a2ensite default-ssl.conf
+    nocheck_install "certbot python-certbot-apache" 
+    print_info "run certbot ..."
+	certbot --apache -w /var/www/html -d $le_domain -m $le_email --agree-tos --non-interactive --redirect --hsts --uir
    service apache2 restart
 }

@@ -570,9 +446,19 @@ function check_https {
 }

 function install_hubzilla {
-    print_info "installing hubzilla addons..."
+    print_info "installing addons..."
    cd /var/www/html/
-    util/add_addon_repo https://framagit.org/hubzilla/addons.git hzaddons
+    if git remote -v | grep -i "origin.*hubzilla.*core"
+    then
+        print_info "hubzilla"
+        util/add_addon_repo https://framagit.org/hubzilla/addons hzaddons
+    elif git remote -v | grep -i "origin.*zap.*core"
+    then
+        print_info "zap"
+        util/add_addon_repo https://framagit.org/zot/zap-addons.git zaddons
+    else
+        die "neither zap nor hubzilla repository > did not install addons or zap/hubzilla"
+    fi
    mkdir -p "store/[data]/smarty3"
    chmod -R 777 store
    touch .htconfig.php
@@ -582,58 +468,12 @@ function install_hubzilla {
 	chown root:www-data /var/www/html/
 	chown root:www-data /var/www/html/.htaccess
 	chmod 0644 /var/www/html/.htaccess
-    # try to switch off email registration
-    sed -i "s/verify_email.*1/verify_email'] = 0/" /var/www/html/view/*/ht*
-    if [ -n "`grep -r 'verify_email.*1' /var/www/html/view/`" ]
-    then
-        print_warn "Hubzillas registration prozess might have email verification switched on."
-    fi
-    print_info "installed hubzilla"
+    print_info "installed addons"
 }

-function rewrite_to_https {
-    print_info "configuring apache to redirect http to httpS ..."
-    htaccessfile=/var/www/html/.htaccess
-    if grep -i "https" $htaccessfile
-    then
-        print_info "...configuring apache to redirect http to httpS was already done in $htaccessfile"
-    else
-        sed -i "s#QSA]#QSA]\\n  RewriteCond %{SERVER_PORT} !^443$\\n  RewriteRule (.*) https://%{HTTP_HOST}/$1 [R=301,L]#" $htaccessfile 
-    fi     
-    service apache2 restart
-}
-
-# This will allways overwrite both config files
-#   - internal disk
-#   - external disk (LUKS + ext4)
-#  of rsnapshot for hubzilla
-function install_rsnapshot {
-    print_info "installing rsnapshot..."
-    nocheck_install "rsnapshot"
-    # internal disk
-    cp -f /etc/rsnapshot.conf $snapshotconfig
-    sed -i "s/^cmd_cp/#cmd_cp/" $snapshotconfig
-    sed -i "s/^backup/#backup/" $snapshotconfig
-	echo "backup	/var/lib/mysql/	localhost/" >> $snapshotconfig
-	echo "backup	/var/www/html/	localhost/" >> $snapshotconfig
-	echo "backup	/var/www/letsencrypt/	localhost/" >> $snapshotconfig
-	# external disk
-	if [ -n "$backup_device_name" ]
-	then
-		cp -f /etc/rsnapshot.conf $snapshotconfig_external_device   
-		sed -i "s#snapshot_root.*#snapshot_root	$backup_mount_point#" $snapshotconfig_external_device
-		sed -i "/alpha/s/6/30/" $snapshotconfig_external_device 
-		sed -i "s/^cmd_cp/#cmd_cp/" $snapshotconfig_external_device
-		sed -i "s/^backup/#backup/" $snapshotconfig_external_device
-		if [ -z "`grep 'letsencrypt' $snapshotconfig_external_device`" ]
-		then
-			echo "backup	/var/lib/mysql/	localhost/" >> $snapshotconfig_external_device
-			echo "backup	/var/www/html/	localhost/" >> $snapshotconfig_external_device
-			echo "backup	/var/www/letsencrypt/	localhost/" >> $snapshotconfig_external_device
-		fi
-    else
-        print_info "No backup configuration (rsnapshot) for external device configured. Reason: backup_device_name and/or backup_device_pass not given in $configfile"
-	fi
+function install_rsync {
+    print_info "installing rsync..."
+    nocheck_install "rsync"
 }

 function install_cryptosetup {
@@ -644,28 +484,28 @@ function install_cryptosetup {
 function configure_cron_daily {
    print_info "configuring cron..."
    # every 10 min for poller.php
-    if [ -z "`grep 'poller.php' /etc/crontab`" ]
+    if [ -z "`grep 'Master.php' /etc/crontab`" ]
    then
        echo "*/10 * * * * www-data cd /var/www/html; php Zotlabs/Daemon/Master.php Cron >> /dev/null 2>&1" >> /etc/crontab
    fi
    # Run external script daily at 05:30
    # - stop apache and mysql-server
-    # - backup hubzilla
+    # - renew the certificate of letsencrypt
+    # - backup db, files (/var/www/html), certificates if letsencrypt
    # - update hubzilla core and addon
    # - update and upgrade linux
-    # - reboot
+    # - reboot is done by "shutdown -h now" because "reboot" hangs sometimes depending on the system
 echo "#!/bin/sh" > /var/www/$hubzilladaily
 echo "#" >> /var/www/$hubzilladaily
 echo "echo \" \"" >> /var/www/$hubzilladaily
 echo "echo \"+++ \$(date) +++\"" >> /var/www/$hubzilladaily
 echo "echo \" \"" >> /var/www/$hubzilladaily
 echo "echo \"\$(date) - renew certificate...\"" >> /var/www/$hubzilladaily
-echo "bash $le_dir/dehydrated --cron --config $le_dir/config.sh" >> /var/www/$hubzilladaily
+echo "certbot renew --noninteractive" >> /var/www/$hubzilladaily
 echo "#" >> /var/www/$hubzilladaily
-echo "# stop hubzilla" >> /var/www/$hubzilladaily
-echo "echo \"\$(date) - stoping apache and mysql...\"" >> /var/www/$hubzilladaily
+echo "echo \"\$(date) - stopping apache and mysql...\"" >> /var/www/$hubzilladaily
 echo "service apache2 stop" >> /var/www/$hubzilladaily
-echo "/etc/init.d/mysql stop # to avoid inconsistancies" >> /var/www/$hubzilladaily
+echo "/etc/init.d/mysql stop # to avoid inconsistencies" >> /var/www/$hubzilladaily
 echo "#" >> /var/www/$hubzilladaily
 echo "# backup" >> /var/www/$hubzilladaily
 echo "echo \"\$(date) - try to mount external device for backup...\"" >> /var/www/$hubzilladaily
@@ -696,11 +536,13 @@ echo "        if mount $backup_device_name $backup_mount_point" >> /var/www/$hub
 echo "        then" >> /var/www/$hubzilladaily
 echo "            device_mounted=1" >> /var/www/$hubzilladaily
 echo "            echo \"device $backup_device_name is now mounted. Starting backup...\"" >> /var/www/$hubzilladaily
-echo "			rsnapshot -c $snapshotconfig_external_device alpha" >> /var/www/$hubzilladaily
-echo "			echo \"\$(date) - disk sizes...\"" >> /var/www/$hubzilladaily
-echo "			df -h" >> /var/www/$hubzilladaily
-echo "			echo \"\$(date) - db size...\"" >> /var/www/$hubzilladaily
-echo "			du -h $backup_mount_point | grep mysql/hubzilla" >> /var/www/$hubzilladaily
+echo "            rsync -a --delete /var/lib/mysql/ /media/hubzilla_backup/mysql" >> /var/www/$hubzilladaily
+echo "            rsync -a --delete /var/www/ /media/hubzilla_backup/www" >> /var/www/$hubzilladaily
+echo "            rsync -a --delete /etc/letsencrypt/ /media/hubzilla_backup/letsencrypt" >> /var/www/$hubzilladaily
+echo "            echo \"\$(date) - disk sizes...\"" >> /var/www/$hubzilladaily
+echo "            df -h" >> /var/www/$hubzilladaily
+echo "            echo \"\$(date) - db size...\"" >> /var/www/$hubzilladaily
+echo "            du -h $backup_mount_point | grep mysql/hubzilla" >> /var/www/$hubzilladaily
 echo "            echo \"unmounting backup device...\"" >> /var/www/$hubzilladaily
 echo "            umount $backup_mount_point" >> /var/www/$hubzilladaily
 echo "        else" >> /var/www/$hubzilladaily
@@ -722,18 +564,16 @@ echo "echo \"\$(date) - db size...\"" >> /var/www/$hubzilladaily
 echo "du -h /var/lib/mysql/ | grep mysql/hubzilla" >> /var/www/$hubzilladaily
 echo "#" >> /var/www/$hubzilladaily
 echo "# update" >> /var/www/$hubzilladaily
-echo "echo \"\$(date) - updating dehydrated...\"" >> /var/www/$hubzilladaily
-echo "git -C /var/www/letsencrypt/ pull" >> /var/www/$hubzilladaily
-echo "echo \"\$(date) - updating hubhilla core...\"" >> /var/www/$hubzilladaily
+echo "echo \"\$(date) - updating core and addons...\"" >> /var/www/$hubzilladaily
 echo "(cd /var/www/html/ ; util/udall)" >> /var/www/$hubzilladaily
 echo "chown -R www-data:www-data /var/www/html/ # make all accessable for the webserver" >> /var/www/$hubzilladaily
 echo "chown root:www-data /var/www/html/.htaccess" >> /var/www/$hubzilladaily
 echo "chmod 0644 /var/www/html/.htaccess # www-data can read but not write it" >> /var/www/$hubzilladaily
 echo "echo \"\$(date) - updating linux...\"" >> /var/www/$hubzilladaily
 echo "apt-get -q -y update && apt-get -q -y dist-upgrade && apt-get -q -y autoremove # update linux and upgrade" >> /var/www/$hubzilladaily
-echo "echo \"\$(date) - Backup hubzilla and update linux finished. Rebooting...\"" >> /var/www/$hubzilladaily
+echo "echo \"\$(date) - Backup and update finished. Rebooting...\"" >> /var/www/$hubzilladaily
 echo "#" >> /var/www/$hubzilladaily
-echo "reboot" >> /var/www/$hubzilladaily
+echo "shutdown -r now" >> /var/www/$hubzilladaily

    if [ -z "`grep 'hubzilla-daily.sh' /etc/crontab`" ]
    then
@@ -745,38 +585,6 @@ echo "reboot" >> /var/www/$hubzilladaily
    print_info "configured cron for updates/upgrades"
 }

-function write_uninstall_script {
-    print_info "writing uninstall script..."
-
-    cat > /var/www/hubzilla-remove.sh <<END
-#!/bin/sh
-#
-# This script removes Hubzilla.
-# You might do this for a fresh start using the script.
-# The script will remove (almost everything) what was installed by the script,
-# all applications including hubzilla and its database.
-#
-# Backup the certificates of letsencrypt (you never know)
-cp -a /var/www/letsencrypt/ ~/backup_le_certificats
-#
-# Removal
-apt-get remove apache2 apache2-utils libapache2-mod-php5 php5 php-pear php5-xcache php5-curl php5-mcrypt php5-gd php5-mysql mysql-server mysql-client phpmyadmin
-apt-get purge apache2 apache2-utils libapache2-mod-php5 php5 php-pear php5-xcache php5-curl php5-mcrypt php5-gd php5-mysql mysql-server mysql-client phpmyadmin
-apt-get autoremove
-apt-get clean
-rm /etc/rsnapshot_hubzilla.conf
-rm /etc/rsnapshot_hubzilla_external_device.conf
-rm -R /etc/apache2/
-rm -R /var/lib/mysql/
-rm -R /var/www
-rm -R /etc/selfhost/
-# uncomment the next line if you want to remove the backups
-# rm -R /var/cache/rsnapshot
-nano /etc/crontab # remove entries there manually
-END
-    chmod -x /var/www/hubzilla-remove.sh
-}
-
 ########################################################################
 # START OF PROGRAM 
 ########################################################################
@@ -791,12 +599,7 @@ source $configfile
 selfhostdir=/etc/selfhost
 selfhostscript=selfhost-updater.sh
 hubzilladaily=hubzilla-daily.sh
-plugins_update=.homeinstall/plugins_update.sh
-snapshotconfig=/etc/rsnapshot_hubzilla.conf
-snapshotconfig_external_device=/etc/rsnapshot_hubzilla_external_device.conf
 backup_mount_point=/media/hubzilla_backup
-le_dir=/var/www/letsencrypt
-sslconf=/etc/apache2/sites-available/default-ssl.conf

 #set -x    # activate debugging from here

@@ -804,27 +607,50 @@ check_config
 stop_hubzilla
 update_upgrade
 install_curl
+install_wget
 install_sendmail
 install_apache
 install_imagemagick
 install_php
 install_mysql
-install_phpmyadmin
+install_adminer
 create_hubzilla_db
 run_freedns
 install_run_selfhost
 ping_domain
 configure_cron_freedns
 configure_cron_selfhost
-install_letsencrypt
-configure_apache_for_https
-check_https
+
+if [ "$le_domain" != "localhost" ]
+then
+    install_letsencrypt
+    configure_apache_for_https
+    check_https
+else
+    print_info "is localhost - skipped installation of letsencrypt and configuration of apache for https"
+fi     
+
 install_hubzilla
-rewrite_to_https
-install_rsnapshot
+
+if [ "$le_domain" != "localhost" ]
+then
+    rewrite_to_https
+    install_rsnapshot
+else
+    print_info "is localhost - skipped rewrite to https and installation of rsnapshot"
+fi     
+
 configure_cron_daily
-install_cryptosetup
-write_uninstall_script
+
+if [ "$le_domain" != "localhost" ]
+then
+    install_cryptosetup
+    write_uninstall_script
+else
+    print_info "is localhost - skipped installation of cryptosetup"
+fi     
+

 #set +x    # stop debugging from here

+
@@ -1,4 +1,608 @@
-Hubzilla 3.6 (????-??-??)
+Hubzilla 4.6 (2019-12-04)
+	- Improve opengraph support for channels
+	- Add opengraph support for articles
+	- Update abook_connected for RSS feeds only if handle_feed() returned success
+	- Do not embed PDF files by default but allow to enabled this feature in security options
+	- Check if file exists before we include it in the router
+	- Update jquery to version 3.4.1
+	- Update composer libraries
+	- Remove old and unused javascript libraries
+	- Improved BBcode to Markdown conversion
+	- Introduce inline SVG support via BBcode
+	- Sanitize title on Atom/RSS feed import
+	- Improved HTTP headers cache support for photos
+	- Add date headers to signed headers
+	- Add check if item['tag'] is an array
+	- Add hook comments_are_now_closed for addons to override date based comment closure
+	- Change mysql schema for item.llink and item.plink for new installs from char(191) to text
+	- Improved photo cache expiration
+	- Improved plural function processing on translation strings creation from .po file with util/po2php utlility
+	- Improved support for CDN/Infrastructure caching (especially profile images)
+	- New japanese translation
+	- Add connect button for non-zot networks not connected in current location
+	- Allow to send forum channels wall2wall or sent by mentions post to external sites via addons
+	- Allow addons to process forum posts published through mentions
+	- Improved internal routing for ActivityPub messages
+	- Improved admin documentation
+	- Add ITEM_TYPE_CUSTOM and hooks to permit addons to create and distribute custom item types
+	- Support "comment policy" in Zot6 communications
+	- Add selected text as quote on reply if comment button is used
+	- Add more nofollow tags to links to discourage backlink farmers
+	- Improved conversion of emoji reactions from zot to zot6
+	- Add CardDAV/CalDAV autodiscovery
+	- Label source project of zotfeed since it is not completely compatible across projects
+	- Update homeinstall script
+
+	Bugfixes
+	- Fix once cached embedded content is used and stored forever
+	- Fix wildcard tag issue
+	- Fix duplicate attachment in jot fileupload
+	- Fix regression with audio file upload
+	- Fix can not edit menu name or title (#1402)
+	- Fix pagination encoding issue for some server setups
+	- Fix Zap->Hubzilla event title compatibility
+	- Fix event timezones for Zot6
+	- Fix missing summary in mod article_edit
+	- Fix PHP warning failed to write session data using user defined save handler
+	- Fix possible thumbnails distortion on rebuild with util/thumbrepair utility
+	- Fix issues with image import to zot6
+	- Fix attachment permissions on clonned channels sync
+	- Fix entries without sitekey returned from DB in queue_deliver() and Lib/Queue
+
+	Addons
+	- Twitter: send tweet even if attached image uploading was unsuccessful
+	- Livejournal: add link to original post option
+	- Flashcards: update to version 2.08
+	- Pubcrawl: compatibility changes to support pixelfed
+	- Cart: update paypal button to API v2
+	- Photocache: rework for speed and lower memory consumption
+	- Photocache: etag support for cached photos
+	- Photocache: purge cache on addon uninstall
+	- Openstreetmap: fix regression if no default values set
+	- Livejournal: allow send posts from non channel owner
+	- Pubcrawl: fix event timezones
+	- Pubcrawl: better ActivityPub channel URL detection
+	- Pubcrawl: fix comments delivery for other channels on the same hub
+	- New addon "workflow" with initial basic "issue tracker" capability
+
+
+
+Hubzilla 4.4.1 (2019-08-16)
+	- Fix wrong profile photo displayed when previewing and editing profiles
+	- Fix regression from 4.4 which prevented encrypted signatures from being used for encrypted messages
+	- Fix typo in queueworker addon which broke filtering of duplicate work
+
+
+Hubzilla 4.4 (2019-08-13)
+	- Change primary directory from zotadel.net to hub.netzgemeinde.eu (requested by zotadel admin)
+	- Add Russian context help files
+	- Replace plink URL with share tag if possible
+	- Catch and exclude trailing punctuation while URL embedding
+	- Do not limit channel if service class property value is set to zero
+	- Streamline keyId and creator/actor
+	- Add daemon_master_summon hook
+	- Serve static files directly if not caught by web server
+	- Update cacert.pem
+	- Calendar: allow different date/time format inputs
+	- Calendar: hide timezone select for allday events
+	⁻ Add opengraph meta info to channel page
+	- Begin directory migration to zot6
+	- Support zot and zot6 in social graph operations
+	- Lowlevel support for zot6 direct messages
+	- Consolidate HTTP signatures
+	- Allow api login by address or url
+	- Provide auto redirect from zot6 /item permalinks
+	- Export all items except photos in channel_export_items_date()
+	- Calendar: clicking a day or week number will now open the day or week view
+	- Remove cached photo location directory on delete if empty
+	- Include zot6 hubs in the Grid scope
+	- Fix os_path replace for thumbnails
+	- Avoid to process original images using storeThumbnail()
+
+	Bugfixes
+	- Fix URLs on imported item taxonomy
+	- Fix admin not allowed to delete any item
+	- Fix webfiunger issue with URLs containing an @
+	- Fix missing object in emoji reactions
+	- Fix appschema to include diaspora:guid
+	- Fix zotfinger in update_directory_entry()
+	- Fix incorrect media type on links for photo objects
+	- Fix mid not dbesc'd in item_store()
+	- Fix calendar encoding issues
+
+	Addons
+	- twitter: various rendering improvements
+	- cavatar: fix wrong image mimetype
+	- gravatar: fix wrong image mimetype
+	- Add license file
+	- pubcrawl: make repeats render like wall to wall posts
+	- pubcrawl: fix pubcrawl_import_author() sometimes returning a non activitypub xchan
+	- pubcrawl: use Lib/Activity for taxonomy en/decoding
+	- pubcrawl: fix wrong uuid in like activity
+	- pubcrawl: fix issue with encoding hashtags
+	- openstreetmap: use https URLs by default
+	- queueworker: refactor and efficiency improvements
+	- pubcrawl: use unique IDs for follow and accept activities
+	- pubcrawl: implement thread completion
+	- pubcrawl: implement delete activity
+	- photocache: reduce the size of the photo cache subdirectories tree
+	- photocache: use html_entity_decode() for cached photo URL
+	- diaspora: fix possible issue with diaspora relay not initializing
+
+
+Hubzilla 4.2.1 (2019-06-17)
+	- Deprecate mod events
+	- Revisit mod cal
+	- Fix issues with deletion of linked items and resources
+	- Fix zot6 delete issue
+	- Fix attach sync issue
+	- Remove sizeRangeSuffixes in justified gallery wrapper
+	- Fix storageconv issue with postgres
+	- Fix embedphotos image size
+	- pubcrawl: use URI instead of object for actor url
+	- diaspora: adjust loglevel
+	- gallery: remove workaround for margin issue which has been fixed upstream
+	- cart: warn about unsaved changes
+
+
+Hubzilla 4.2 (2019-06-04)
+	- Introduce Calendar app which deprecates Events and CalDAV apps and streamlines the featuresets
+	- Update mod cal to reflect changes in the calendar app
+	- Improve timezone detection for CalDAV calendars
+	- Add mention support to event description in channel calendar
+	- Update jgrowl library
+	- Do not try to oembed URLs without embed tags
+	- Optimise pdf oembed processing
+	- Add form security token to mod register
+	- Replace URLs for mod gallery, mod photos and mod photo on cloned channel post sync
+	- Update justified gallery library
+	- Update bootstrap libraries
+	- Use "cache" flag for bbcode() on content destined for zot6
+	- Improve DB indexing
+	- Drop deprecated columns from channel the table
+	- Replace own image URL in clonned channel posts
+	- Improve DB update handling
+	- Improve item deletion when a contact was removed
+	- Zot6 compatibility for emoji reactions
+	- Add threaded comments support (disabled by default)
+	- Improve xmlify()/unxmlify() performance
+	- Update blueimp/jquery-file-uplad library
+	- Update sabre/vobject library
+	- Various doco updates
+	- Implement remove profile photo button (reset to default photo)
+	- Implement remove cover photo button
+	- Update the homeinstall script
+	- Add command line tool for photo thumbnails storage conversion
+	- Implement option to store photo thumbnails in filesystem instead of DB
+
+	Bugfixes
+	- Fix category widget when using articles
+	- Fix live update not triggering in mod search
+	- Fix encoded URLs in code blocks
+	- Fix wiki headers not escaped
+	- Fix possible xchan protocol confusion in new_contact()
+	- Fix xchan_url not displayed if xchan_addr not available
+	- Fix suggestion ordering in mod directory
+	- Fix event attachment delivery to zot6
+
+	Addons
+	- pubcrawl: improve friendica compatibility by adding the nonstandard diaspora:guid field
+	- pubcrawl: initial suport for events
+	- pubcrawl: improve permalink detection
+	- flashcards: fix moving learn buttons if viewport sizes changes
+	- flashcards: Move card details to the bottom of a card
+	- upgrade_info: provide links to changelog
+	- photocache: do not save filename for cached photos
+	- pubcrawl: save local comment activitypub payload in iconfig to be used for relay
+	- flashcards: UI improvements in box settings
+	- pubcrawl: implement profile update messages
+	- pubcrawl: use URI instead of object for actor
+	- flashcards: fix jumping sync button
+	- pubcrawl: add threaded comments support
+	- pubcrawl: ignore target encoding errors
+	- pubcrawl: format photo items for activitypub
+
+
+Hubzilla 4.0.3 (2019-04-26)
+	- Add attachments to zot6 event objects
+	- Add zot6 to federated transports 
+	- Update import/export to handle zot6 hublocs and xchans
+	- Update fix_system_urls() to handle zot6 hublocs
+	- Fix infinite loop using postgres as backend
+	- Fix magic auth in combination with zot6
+	- Fix check for required PHP version
+	- Diaspora: favour diaspora protocol identities over others with same hubloc or xchan address
+
+
+Hubzilla 4.0.2 (2019-04-08)
+	- Port cdav calendar to fullcalendar version 4
+	- Fix perms_pending not evaluated correctly
+	- Fix return wrong profile photo modification date by plugin
+	- Fix suggestion widget using feature_enabled still
+	- Fix check service class limits when syncing files
+	- Remove xchan_instance_url from notifier query - it is not used anymore
+	- Implement remove cover photo functionality
+	- Fix z6_discover() and create a zot6 hubloc on import if applicable
+	- Add backend support for connections ordering
+	- Deduplicate items in item_store() by uuid if we got one otherwise by mid
+	- Add ITEM_TYPE_CUSTOM support to mod display
+	- Fix mod subthread on sys channel items
+	- Fix "recipient not found" dreport spaming with own xchan
+	- Fix wrong variables in dirsearch
+	- Fix 48 hours timeframe check in mod changeaddr
+	- Fix wrong variable in Libsync
+	- Pubcrawl: revert adding additional receivers to comments
+	- Diaspora: fix intro received when being banned
+	- Pubcrawl: add diaspora:guid from friendica AP posts for deduplication
+	- Diaspora: fix friendica plink
+	- Photocache: fix issue with spaces and quotes in original filenames
+
+
+Hubzilla 4.0.1 (2019-03-21)
+	- Fix permissions not getting decrypted on follow
+	- Add option to add a poster to the video bbcode
+	- Fix SQL performance issue with queries including thr_parent
+	- Fix share encoding issue between hz and zap
+	- Fix edge case in unsupported advisory privacy
+	- Messagefilter enhancements
+	- Fix XSS issues
+	- Clone systems apps to the extent possible
+	- Auto-configure imagick thumbnail binary during setup if possible
+	- Fix array not unserialized in util/service_class
+	- Add phpmd and phpcs to composer require-dev for code linting
+	- Fix issue with email encoding
+	- Fix signature issue for zot6 content imported from zotfeeds to hubzilla
+	- Find unregistered z6 clones on hubzilla sites
+	- Add zot6 to clonable networks
+	- Add owner permission checks to AS item fetch
+	- Perform zot6 discovery in import_author_xchan
+	- Fix authenticated fetches
+	- Port zot_record_preferred() from zap
+	
+	Addons:
+	- Pubcrawl: deliver comments to abook contacts and thread participants
+	- Pubcrawl: fix can_comment_on_post()
+	- Deliverynotice: do not save empty postopts
+	- Gravatar: fix URL and use z_fetch_url()
+	- Pubcrawl: improve SQL queries in pubcrawl_item_mod_init()
+	- Pubcrawl: fix authenticated item fetch
+
+
+Hubzilla 4.0 (2019-03-08)
+	- Add CURLOPT_CONNECTTIMEOUT option
+	- Allow parameters as final path argument in API router
+	- Remove clones from delivery recipients for top-level posts in favor of clone sync
+	- Mention php-zip module dependency in administrator guide
+	- Iron out some kinks with scrollToItem() in combination with collapsed content and images
+	- Zot API changes to support combined content (items+files) import addon
+	- Update PHP Version check during setup - min version is now 7.1
+	- Urlencode links in category widget
+	- Implement ability for channel visitors to be able to delete their own content
+	- Support zot location independent urls
+	- MySQL 8 admin summary compatibility
+	- Improved gitlab-ci environment
+	- Deprecate and remove addon settings in favour of per app settings
+	- Refactor PhotoDriver class and add tests
+	- Convert affinity tool to app
+	- Refactor linkify_tags() so it works with xchans across multiple protocols
+	- Add the actual mid to viewsrc for debuging reasons
+	- Add filter hooks and the ability to add buttons to the default status editor
+	- Prevent Hubzilla usage for SEO backlinks
+	- Implement privacy warning for forum posts via !-tag
+	- Set document title when title changes on a page update
+	- Cache embeds in the background on initial storage rather than on first access
+	- Custom sessionhandler support
+	- Update nginx and lighttpd sample server configs to explicit disallow access to util
+	- Introduce command line tool for managing site admins
+	- Various doxygen improvements
+	- Add privacygroup_extras_post/drop hooks
+	- Add collect_public_recipients hook
+	- Prevent memory exhaustion on zot message pickup with large message queue
+	- Remove experimental worker queue from core
+	- Add get_base_apps hook
+	- Improve handling of notification updates while commenting
+	- Add warning if upload_filesize < 4MB
+	- Add ITEM_TYPE_CUSTOM and hooks for processing custom item types
+	- Set min/maxversion for plugins to STD_VERSION unless otherwise specified
+	- Add option to make affinity slider 'sticky' across page loads
+	- Add photo_view_filter hook
+	- Reset page title if article has no title
+	- Implement the zot6 protocol
+	- Add PHOTO_CACHE photo type
+	- Basic support for HTTP3
+	- Add native summary support
+	- Disable image caching if personal or group permissions enabled
+
+	Bugfixes
+	- Fix guest access token xchan record not created on URL login
+	- Fix regression where mod oep was still using hex2bin/bin2hex instead of album hash
+	- Fix regression when selecting multiple images in embed images
+	- Fix broken sync_an_item()
+	- Fix page jumping on like if comments are expanded (show all x comments)
+	- Fix regression in mod display where an page update could display items from multiple channels
+	- Fix starring and filing allowed for other unsupported item types
+	- Fix wrong variable in z_get_temp_dir()
+	- Fix page jumping when liking a collapsed/expanded post
+	- Fix tags detection in URL
+	- Fix warnings in mod embedphotos
+	- Fix wrong variable in can_comment_on_post()
+	- Fix mod new_channel counting removed channels
+	- Fix regression where not all content variables were sslified
+	- Fix default values for affinity tool and other information which could be lost when approving a connection
+	- Fix regression in linkdropper()
+	- Fix issue with unset auto_save_draft variable which resultet in a javascript error
+	- Fix home notifications won't expand if there are more than 300 unseen network notifications ahead of them
+	- Fix total_identities count
+	- Fix delayed items propagate before publication on cloned channels
+
+	Addons
+	- twitter_api: fedilab needs profile_image_url_https
+	- New addon: content_import - imports items and files to cloned channels (this obsoletes hzfiles)
+	- Diaspora: prevent processing of incomplete messages in various places
+	- hzfiles: fix add missing load/unload functions
+	- chess: do not look for games if we have no game_id - improves initial pageload performance
+	- chess: convert to app
+	- channelreputation: convert to app
+	- irc: convert to per app
+	- Provide the addon_common directory for common addon libraries
+	- fuzzloc: convert to app
+	- flattrwidget: convert to app
+	- jappixmini: convert to app
+	- xmpp: convert to app
+	- visage: convert to app
+	- diaspora: reflect linkify_tags() rewrite
+	- twitter: convert to app
+	- smileybutton: convert to app
+	- skeleton: convert to app
+	- planets: convert to app
+	- pumpio: convert to app
+	- pageheader: convert to app
+	- nsabait: convert to app
+	- dwpost: convert to app
+	- diaspora: set the preserve_lf option in various places
+	- diaspora: fix comments from unknown persons are not accpted
+	- nofed: convert to app
+	- ljpost: convert to app
+	- diaspora: call update_queue_item() if delivery failed
+	- pubcrawl: call update_queue_item() if delivery failed
+	- libertree: convert to app
+	- New addon: queueworker advanced - queue handling (experimental)
+	- gallery: extended functionality: implements stream image viewer, converts images at the beginning of a post to a gallery
+	- authchoose: correction to query, add affinity setting
+	- New addon: photocache - local caching for public photos
+	- New addon: totp - two factor authentication using time-based one-time passwords
+
+
+Hubzilla 3.8.9 (2018-02-03)
+	- Fix typos in mod oep
+	- Fix page jumping when liking collapsed/expanded post
+	- Fix failure to import mail in mod import
+	- Fix wrong channel count in mod new_channel
+	- Fix diaspora addon regression
+	- Remove deprecated diaspora addon endpoint
+	- Fix wrong function call in gallery addon
+
+
+Hubzilla 3.8.8 (2018-12-22)
+	- Fix issue with linkinfo
+	- Fix cURL with HTTP/2
+	- Remove scale_external_images()
+	- Style highlight bbcode via css
+	- Make mod channel deal with b64 encoded mid's
+	- Fix email retrieval in OAuth2Storage
+	- Add reinstall option to util/addons
+	- Remove deprecated caching protection from mod photo
+	- Add missing check for observer in mod like
+	- Articles: default to logged in channel if channel name is not passed
+	- Wiki: fix preview issue with hyperlinks
+	- Cart: backport fixes from osada
+	- Gallery: provide file extensions for better compatibility
+	- Hsse: fix issue when linkinfo data was inserted
+	- Diaspora: remove deprecated scale_external_images()
+
+
+Hubzilla 3.8.7 (2018-12-14)
+	- Fix issue with linkdropper in comment area
+	- Fix regression wit app ordering
+	- Fix return if readImnageBlob() throws an exception
+	- Introduce photo_view_filter hook
+	- Fix home notifications not expanding in certain situations
+	- Fix for dark schema
+	- Fix total identities restriction
+	- Fix article page title not updating if article has no title
+	- Gallery: the gallery app will now act as the full-size photo viewer in /photos if installed
+
+
+Hubzilla 3.8.6 (2018-12-03)
+	- Prevent incompatible export files (osada/zap) from being imported
+	- Catch exception if readImageBlob() receives bogus data
+	- Streamline PDF previews
+	- Allow notification filtering by name or address
+	- Fix too restrictive attached photo permissions
+	- Update ES translation
+	- Use flex for the default template
+	- Do not store serialized pconfig value received via to Module/Pconfig.php
+	- Update jquery-file-upload lib and move to composer
+	- Update imagesloaded lib and move to composer
+	- Fix activitypub tag notifications
+	- Fix call to undefined function in PConfig
+	- Fix typo which prevented propagation of comments to zot6 (dev)
+	- Activitypub: add support for pterotype (wordpress plugin)
+	- Openstreetmap: check validity of lat+lon before rendering a map
+
+
+Hubzilla 3.8.5 (2018-11-19)
+	- Fix pconfig for new installs
+	- Fix delayed publication of posts in combination with channel clones
+	- Fix issue where photo filesize was not updated in the DB when a photo was edited
+	- Fix issue where the original photo size was not set correct in the DB
+	- Fix delivery issue in zot_fetch()
+	- Fix typo in channel reputation addon
+
+
+Hubzilla 3.8.4 (2018-11-14)
+	- Fix xss issue (thanks to Eduardo)
+	- Implement hook in enotify to be used by superblock
+	- Various css fixes
+	- Improve photo cache handling
+	- Provide a function hz_syslog() to log to syslog
+	- Fix request_target in z_post_url()
+	- Fix plural handling for various languages
+	- Some preparatory work for zot6
+	- Fix warning in gallery addon
+	- Fix date issue on xchan photo update in diaspora and pubcrawl addons
+	- Fix typos in startpage addon
+	- Improve activitypub addressing
+	- Fix taxonomy in activitypub direct messages
+	- Fix syntax error in diaspora addon
+	- New e-learning addon flashcards
+	- Remove DNS check for database connection during installation
+	- Implement timestamps for pconfig
+
+
+Hubzilla 3.8.3 (2018-11-05)
+	- Do not count likes in forum notifications if likes notifications are disabled
+	- Fix typo in spanish translation which broke javascript
+	- Improve linkinfo charset handling and image detection
+	- Fix wrong image resize for some external images
+	- Move blueimp upload lib to composer and update to version 9.25
+	- Remove primary/clone counts from admin summary until we have a mechanism to update the fixed counts
+	- Fix html2markdown() and re-enable previously failing tests
+	- Improve look of oembed content for Hubzilla links
+	- Fix forum notifications count not correct
+	- Fix gallery addon which broke mod apps in some situations
+	- Fix wiki_list widget not working on every page respectively level
+	
+
+Hubzilla 3.8.2 (2018-10-29)
+	- Merge unmerged changes from dev into master
+	- Fix issues with forum handling in mod network and ping
+	- Fix delivery chain linkage messed up if original post was edited
+	- Fix issues with the experimental queue worker
+	- Fix call to image source {1} from html template
+	- Group stream filters by threaded and unthreaded default view
+	- Show only unseen forum messages when clicking on forum notification
+	- Improve editor contact autocomplete performance
+	- Convert non UTF-8 content on link embeding
+	- Make textcomplete return up to 100 items
+	- Look for for matches in the entire string when suggesting emojis
+	- Add [summary] bbcode to autocomplete list
+	- Update blueimp_upload to version 9.23
+	- Update spanish strings 
+
+	Addons
+	- Cart: don't allow items to be added unless user is logged into the Grid.
+	- Pubcrawl: simplify asencode_activity() addressing to reflect upcoming changes in mastodon 2.6
+	- Rendezvous: Update rendezvous_group.tpl to fix broken Bootstrap library reference
+
+
+Hubzilla 3.8.1 (2018-10-21)
+	- Fix issue with too long navbar banners
+	- Fix menu item edit link
+	- Fix issue with jquery file upload
+
+
+Hubzilla 3.8 (2018-10-19)
+	- Re-implement basic build test via gitlab-ci
+	- Rework wiki encoding/decoding
+	- Implement improved worker (experimental - off by default)
+	- Rework hubzilla settings infrastructure
+	- Port the features to stand-alone apps
+	- Add app_destroy hook
+	- Improve mod network search
+	- Extend app_install() to allow installing by app name
+	- Remove tech levels
+	- Hide channel creation form when at or over service_class['limit_identities']
+	- Rename groups and group_members tables for MySQL 8 compatibility
+	- Improve checks for image magick and pdo at setup
+	- Allow a second url in apd files for settings
+	- Add contact autocomplete to mod photo comments
+	- Add hook to allow addons to filter the list returned by app_list
+	- Do not sync channel moved field
+	- Add attach_delete hook
+	- Catch errors in template rendering
+	- Provide a noscript_content switch for mod channel and display
+	- Install and update bootstrap via composer
+	- Improve cover-photo handling
+	- Improve notification handling on small screens
+	- Detect and automatically repair duplicate plugin hook scenarios
+	- Add dreport_process hook
+	- Redirect stdout/stderr on cron command
+	- Update composer libs and add ramsey/uuid
+	- Add hook to extend conv_item cog dropdown menu
+	- Trigger the query options off of the active module rather than passed parameters in first_post_date()
+	- Tweak archive widget for articles
+	- Add api_not_found hook
+	- Ignore deleted hublocs in zot finger
+	- Don't use "checkjs" with an associated page reload - wrap a static copy of the content in noscript tags instead
+	- Add possibility to override helpfiles
+	- Add support for overriding the default template location and individual templates via .htconfig.php
+	- Add table support to markdown
+	- Make channel_remove less memory hungry
+	- Prevent json-ld bombing
+	- Turn off browser autocomplete on channel sources creation
+	- Add alter_pdl hook
+	- Add ability for addons to create .pdl files and load them automatically
+	- Sanitise vcard fields
+	- Don't sync system apps
+
+	
+	Bugfixes
+	- Fix issue with timeago plurals
+	- Fix issue with HTTP signatures
+	- Fix issues with channel import
+	- Fix double linebreaks in viewsrc output
+	- Fix jsonld signature issue (library is using sha1, spec requires sha256)
+	- Fix bookmarks not syncing between clones
+	- Fix combined view getting lost when deleting first message in pm thread
+	- Fix authors unable to comment on posts they authored when owned by others in certain circumstances
+	- Fix syschannel included in total channels count
+	- Fix html-to-markdown adds a backslash infront of a hash after each new line
+	- Fix profile likes dropdown
+	- Fix tags corruption when editing posts
+	- Fix duplicate info() messages
+	- Fix zid leaking to nonzot sites if markdown is enabled
+	- Fix app delete issue with base installed apps and app photo being reloaded uneccessarily
+	- Fix app update and ownership issues
+
+	Addons
+	- Upgrade Info: new addon to inform channel owners about system upgrades
+	- Superblock: fix issue with not removeable channels
+	- Cart: fix subscription table not created on install
+	- Hsse: new addon - a WYSIWYG editor for certain modules
+	- Rainbowtag: convert to app infrastructure
+	- Superblock: convert to app infrastructure
+	- Send ZID: convert to app infrastructure
+	- Adultphotoflag: move setting to mod photos
+	- GNU-Social: convert to app infrastructure
+	- Pubcrawl: convert to app infrastructure
+	- Startpage: convert to app infrastructure
+	- Wppost: convert to app infrastructure
+	- Diaspora: convert to app infrastructure
+	- Mdpost: move setting to editor settings
+	- Cart: convert to app infrastructure
+	- Cart: reflect renaming of groups table
+	- Authchoose: convert to app infrastructure
+	- Channelreputation: new addon - reputation system for community channels (forums, etc.)
+	- Diaspora: fix commenting on diaspora reshares
+	- Gallery: convert to app infrastructure
+	- Nsfw: convert to app infrastructure
+	- Diaspora: change top level retraction type from StatusMessage to Post
+	- Delivery Notice: new addon - display delivery status information at the top of items
+	- Diaspora: exclude xchan_networks rss, anon and unknown from the query to make the results more reliable
+	- Diaspora: provide xchan_url if we have no xchan_addr for mentions
+	- Diaspora: fix x-social-relay tags converted to associative array
+	- Twitter API: improvements for the twidere client
+	- Pubcrawl: partial support for inbound AP events
+	- Pubcrawl: add support for image objects
+	- Gallery: provide a way to direct link to a photo album gallery
+	- Pubcrawl: improve can_comment_on_post handler
+	- Pubcrawl: implement pleroma quirks regarding follow activities
+	- Cart: add ability to create catalog entries for physical and/or manually fulfilled items
+	- Cart: add subscriptions submodule
+
+
+Hubzilla 3.6 (2018-07-25)
 	- Update jquery.timeago library
 	- Implement Hookable CSP
 	- ActivityStreams: accept header changes to support plume 
@@ -1,4 +1,5 @@
-Copyright (c) 2010-2018 the Hubzilla Community
+Copyright (c) 2019 Hubzilla Community
+
 All rights reserved.

 Permission is hereby granted, free of charge, to any person obtaining a copy
@@ -8,13 +9,13 @@ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 copies of the Software, and to permit persons to whom the Software is
 furnished to do so, subject to the following conditions:

-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.

 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-THE SOFTWARE.
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
@@ -25,5 +25,8 @@ Hubzilla is completely decentralised and open source, for you modify or adapt to

 The Hubzilla community consists of passionate volunteers creating an open source commons of decentralised services which are highly integrated and can rival the feature set of large centralised providers. We do our best to provide ethical software which places you in control of your online communications and privacy expectations.

+Build status master branch:
+[![Build Status Master](https://framagit.org/hubzilla/core/badges/master/build.svg)](https://framagit.org/hubzilla/core/badges/master/build.svg)

-[![Build Status](https://travis-ci.org/redmatrix/hubzilla.svg)](https://travis-ci.org/redmatrix/hubzilla)
+Build status dev branch:
+[![Build Status Dev](https://framagit.org/hubzilla/core/badges/dev/build.svg)](https://framagit.org/hubzilla/core/badges/dev/build.svg)
@@ -88,4 +88,4 @@ class PermissionLimits {

 		return false;
 	}
-}
+}
@@ -0,0 +1,27 @@
+<?php /** @file */
+
+namespace Zotlabs\Daemon;
+
+
+class Cache_embeds {
+
+	static public function run($argc,$argv) {
+
+		if(! $argc == 2)
+			return;
+
+		$c = q("select body from item where id = %d ",
+			dbesc(intval($argv[1]))
+		);
+
+		if(! $c)
+			return;
+
+		$item = $c[0];
+
+		// bbcode conversion by default processes embeds that aren't already cached.
+		// Ignore the returned html output. 
+
+		bbcode($item['body']);
+	}
+}
@@ -60,7 +60,7 @@ class Cron {
 				drop_item($rr['id'],false,(($rr['item_wall']) ? DROPITEM_PHASE1 : DROPITEM_NORMAL));
 				if($rr['item_wall']) {
 					// The notifier isn't normally invoked unless item_drop is interactive.
-					Zotlabs\Daemon\Master::Summon( [ 'Notifier', 'drop', $rr['id'] ] );
+					Master::Summon( [ 'Notifier', 'drop', $rr['id'] ] );
 				}
 			}
 		}
@@ -94,6 +94,29 @@ class Cron {
 					@time_sleep_until(microtime(true) + (float) $interval);
 			}
 		}
+		
+		// Clean expired photos from cache
+		
+		$r = q("SELECT DISTINCT xchan, content FROM photo WHERE photo_usage = %d AND expires < %s - INTERVAL %s",
+			intval(PHOTO_CACHE),
+			db_utcnow(),
+			db_quoteinterval(get_config('system','active_expire_days', '30') . ' DAY')
+		);
+		if($r) {
+			q("DELETE FROM photo WHERE photo_usage = %d AND expires < %s - INTERVAL %s",
+				intval(PHOTO_CACHE),
+				db_utcnow(),
+				db_quoteinterval(get_config('system','active_expire_days', '30') . ' DAY')
+			);
+			foreach($r as $rr) {
+				$file = dbunescbin($rr['content']);
+				if(is_file($file)) {
+					@unlink($file);
+					@rmdir(dirname($file));
+					logger('info: deleted cached photo file ' . $file, LOGGER_DEBUG);
+				}
+			}
+		}

 		// publish any applicable items that were set to be published in the future
 		// (time travel posts). Restrict to items that have come of age in the last
@@ -164,7 +187,7 @@ class Cron {
 		if($r) {
 			require_once('include/photo/photo_driver.php');
 			foreach($r as $rr) {
-				$photos = import_xchan_photo($rr['xchan_photo_l'],$rr['xchan_hash']);
+				$photos = import_xchan_photo($rr['xchan_photo_l'], $rr['xchan_hash'], false, true);
 				$x = q("update xchan set xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s'
 					where xchan_hash = '%s'",
 					dbesc($photos[0]),
@@ -191,7 +214,7 @@ class Cron {
 			$restart = true;
 			$generation = intval($argv[2]);
 			if(! $generation)
-				killme();		
+				return;
 		}

 		reload_plugins();
@@ -44,6 +44,11 @@ class Cron_daily {
 			db_utcnow(), db_quoteinterval('1 YEAR')
 		);

+		// Clean up emdedded content cache
+		q("DELETE FROM cache WHERE updated < %s - INTERVAL %s",
+		    db_utcnow(),
+		    db_quoteinterval(get_config('system','active_expire_days', '30') . ' DAY')
+		);

 		//update statistics in config
 		require_once('include/statistics_fns.php');
@@ -85,6 +90,7 @@ class Cron_daily {
 		Master::Summon(array('Cli_suggest'));

 		remove_obsolete_hublocs();
+		z6_discover();

 		call_hooks('cron_daily',datetime_convert());

@@ -13,7 +13,7 @@ class CurlAuth {
 	static public function run($argc,$argv) {

 		if($argc != 2)
-			killme();
+			return;

 		\App::$session->start();

@@ -50,6 +50,6 @@ class CurlAuth {

 		file_put_contents($c,$x);

-		killme();
+		return;
 	}
-}
+}
@@ -2,6 +2,8 @@

 namespace Zotlabs\Daemon;

+use Zotlabs\Lib\DReport;
+
 require_once('include/zot.php');
 require_once('include/queue_fn.php');

@@ -58,11 +60,12 @@ class Deliver {

 							foreach($dresult as $xx) {
 								if(is_array($xx) && array_key_exists('message_id',$xx)) {
-									if(delivery_report_is_storable($xx)) {
-										q("insert into dreport ( dreport_mid, dreport_site, dreport_recip, dreport_result, dreport_time, dreport_xchan ) values ( '%s', '%s','%s','%s','%s','%s' ) ",
+									if(DReport::is_storable($xx)) {
+										q("insert into dreport ( dreport_mid, dreport_site, dreport_recip, dreport_name, dreport_result, dreport_time, dreport_xchan ) values ( '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ",
 											dbesc($xx['message_id']),
 											dbesc($xx['location']),
 											dbesc($xx['recipient']),
+											dbesc(($xx['name']) ? $xx['name'] : EMPTY_STR),
 											dbesc($xx['status']),
 											dbesc(datetime_convert($xx['date'])),
 											dbesc($xx['sender'])
@@ -3,14 +3,13 @@
 namespace Zotlabs\Daemon;

 if(array_search( __file__ , get_included_files()) === 0) {
-
 	require_once('include/cli_startup.php');
 	array_shift($argv);
 	$argc = count($argv);

 	if($argc)
 		Master::Release($argc,$argv);
-	killme();
+	return;
 }


@@ -18,13 +17,43 @@ if(array_search( __file__ , get_included_files()) === 0) {
 class Master {

 	static public function Summon($arr) {
-		proc_run('php','Zotlabs/Daemon/Master.php',$arr);
+		$hookinfo = [
+			'argv'=>$arr
+		];
+
+		call_hooks ('daemon_master_summon',$hookinfo);
+
+		$arr = $hookinfo['argv'];
+		$argc = count($arr);
+
+		if ((!is_array($arr) || (count($arr) < 1))) {
+			logger("Summon handled by hook.",LOGGER_DEBUG);
+			return;
+		}
+
+		$phpbin = get_config('system','phpbin','php');
+		proc_run($phpbin,'Zotlabs/Daemon/Master.php',$arr);
 	}

 	static public function Release($argc,$argv) {
 		cli_startup();
-		logger('Master: release: ' . print_r($argv,true), LOGGER_ALL,LOG_DEBUG);
-		$cls = '\\Zotlabs\\Daemon\\' . $argv[0];
-		$cls::run($argc,$argv);
-	}	
+
+		$hookinfo = [
+			'argv'=>$argv
+		];
+
+		call_hooks ('daemon_master_release',$hookinfo);
+
+		$argv = $hookinfo['argv'];
+		$argc = count($argv);
+
+		if ((!is_array($argv) || (count($argv) < 1))) {
+			logger("Release handled by hook.",LOGGER_DEBUG);
+			return;
+		}
+
+		logger('Master: release: ' . json_encode($argv), LOGGER_ALL,LOG_DEBUG);
+                $cls = '\\Zotlabs\\Daemon\\' . $argv[0];
+                $cls::run($argc,$argv);
+	}
 }
@@ -2,6 +2,8 @@

 namespace Zotlabs\Daemon;

+use Zotlabs\Lib\Libzot;
+
 require_once('include/queue_fn.php');
 require_once('include/html2plain.php');
 require_once('include/conversation.php');
@@ -283,8 +285,21 @@ class Notifier {
 			}

 			if(! in_array(intval($target_item['item_type']), [ ITEM_TYPE_POST ] )) {
-				logger('notifier: target item not forwardable: type ' . $target_item['item_type'], LOGGER_DEBUG);
-				return;
+				$hookinfo=[
+					'targetitem'=>$target_item,
+					'deliver'=>false
+				];
+				if (intval($target_item['item_type'] == ITEM_TYPE_CUSTOM)) {
+					call_hooks('customitem_deliver',$hookinfo);
+				}
+
+				if (!$hookinfo['deliver']) {
+					logger('notifier: target item not forwardable: type ' . $target_item['item_type'], LOGGER_DEBUG);
+					return;
+				}
+
+				$target_item = $hookinfo['targetitem'];
+
 			}

 			// Check for non published items, but allow an exclusion for transmitting hidden file activities
@@ -344,7 +359,16 @@ class Notifier {
 				return;

 			$encoded_item = encode_item($target_item);
-		
+
+			// activitystreams version
+			$m = get_iconfig($target_item,'activitystreams','signed_data');
+			if($m) {
+				$activity = json_decode($m,true);
+			}
+			else {
+				$activity = \Zotlabs\Lib\Activity::encode_activity($target_item);
+			}		
+
 			// Send comments to the owner to re-deliver to everybody in the conversation
 			// We only do this if the item in question originated on this site. This prevents looping.
 			// To clarify, a site accepting a new comment is responsible for sending it to the owner for relay.
@@ -401,6 +425,12 @@ class Notifier {
 				$private = false;
 				$recipients = collect_recipients($parent_item,$private);

+
+				if ($top_level_post) {
+					// remove clones who will receive the post via sync
+					$recipients = array_diff($recipients, [ $target_item['owner_xchan'] ]);
+				} 
+
 				// FIXME add any additional recipients such as mentions, etc.

 				// don't send deletions onward for other people's stuff
@@ -423,6 +453,8 @@ class Notifier {
 		$x['body'] = 'private';
 		logger('notifier: encoded item: ' . print_r($x,true), LOGGER_DATA, LOG_DEBUG);

+		//logger('notifier: encoded activity: ' . print_r($activity,true), LOGGER_DATA, LOG_DEBUG);
+
 		stringify_array_elms($recipients);
 		if(! $recipients) {
 			logger('no recipients');
@@ -433,7 +465,7 @@ class Notifier {

 		$env_recips = (($private) ? array() : null);

-		$details = q("select xchan_hash, xchan_instance_url, xchan_network, xchan_addr, xchan_guid, xchan_guid_sig from xchan where xchan_hash in (" . protect_sprintf(implode(',',$recipients)) . ")");
+		$details = q("select xchan_hash, xchan_network, xchan_addr, xchan_guid, xchan_guid_sig from xchan where xchan_hash in (" . protect_sprintf(implode(',',$recipients)) . ")");


 		$recip_list = array();
@@ -559,7 +591,9 @@ class Notifier {

 		foreach($dhubs as $hub) {

-			if($hub['hubloc_network'] !== 'zot') {
+			logger('notifier_hub: ' . $hub['hubloc_url'],LOGGER_DEBUG);
+
+			if(! in_array($hub['hubloc_network'], [ 'zot','zot6' ])) {
 				$narr = [
 					'channel'        => $channel,
 					'upstream'       => $upstream,
@@ -608,20 +642,32 @@ class Notifier {
 				continue;
 			}

-			// default: zot protocol
+			if(! in_array($hub['hubloc_network'], [ 'zot','zot6' ])) {
+				continue;
+			}
+
+			// Do not change this to a uuid as long as we have traditional zot servers
+			// in the loop. The signature verification step can't handle dashes in the 
+			// hashes. 
+
+			$hash   = random_string(48);

-			$hash   = random_string();
 			$packet = null;
 			$pmsg   = '';

 			if($packet_type === 'refresh' || $packet_type === 'purge') {
-				$packet = zot_build_packet($channel,$packet_type,(($packet_recips) ? $packet_recips : null));
+				if($hub['hubloc_network'] === 'zot6') {
+					$packet = Libzot::build_packet($channel, $packet_type, ids_to_array($packet_recips,'hash'));
+				}
+				else {
+					$packet = zot_build_packet($channel,$packet_type,(($packet_recips) ? $packet_recips : null));
+				}
 			}
-			if($packet_type === 'keychange') {
+			if($packet_type === 'keychange' && $hub['hubloc_network'] === 'zot') {
 				$pmsg = get_pconfig($channel['channel_id'],'system','keychange');
 				$packet = zot_build_packet($channel,$packet_type,(($packet_recips) ? $packet_recips : null));
 			}
-			elseif($packet_type === 'request') {
+			elseif($packet_type === 'request' && $hub['hubloc_network'] === 'zot') {
 				$env = (($hub_env && $hub_env[$hub['hubloc_host'] . $hub['hubloc_sitekey']]) ? $hub_env[$hub['hubloc_host'] . $hub['hubloc_sitekey']] : '');
 				$packet = zot_build_packet($channel,$packet_type,$env,$hub['hubloc_sitekey'],$hub['site_crypto'],
 					$hash, array('message_id' => $request_message_id)
@@ -634,6 +680,7 @@ class Notifier {
 					'account_id' => $channel['channel_account_id'],
 					'channel_id' => $channel['channel_id'],
 					'posturl'    => $hub['hubloc_callback'],
+					'driver'     => $hub['hubloc_network'],
 					'notify'     => $packet,
 					'msg'        => (($pmsg) ? json_encode($pmsg) : '')
 				));
@@ -641,18 +688,43 @@ class Notifier {
 			else {
 				$env = (($hub_env && $hub_env[$hub['hubloc_host'] . $hub['hubloc_sitekey']]) ? $hub_env[$hub['hubloc_host'] . $hub['hubloc_sitekey']] : '');

-				// currently zot6 delivery is only performed on normal items and not sync items or mail or anything else
-				// Eventually we will do this for all deliveries, but for now ensure this is precisely what we are dealing 
-				// with before switching to zot6 as the primary zot6 handler checks for the existence of a message delivery report
-				// to trigger dequeue'ing

-				$z6 = (($encoded_item && $encoded_item['type'] === 'activity' && (! array_key_exists('allow_cid',$encoded_item))) ? true : false);
-				if($z6) {
-					$packet = zot6_build_packet($channel,'notify',$env, json_encode($encoded_item), (($private) ? $hub['hubloc_sitekey'] : null), $hub['site_crypto'],$hash);
+				if($hub['hubloc_network'] === 'zot6') {
+					$zenv = [];
+					if($env) {
+						foreach($env as $e) {
+							$zenv[] = $e['hash'];
+						}
+					}
+
+					$packet_type = (($upstream || $uplink) ? 'response' : 'activity'); 
+
+					// block zot private reshares from zot6, as this could cause a number of privacy issues
+					// due to parenting differences between the reshare implementations. In zot a reshare is
+					// a standalone parent activity and in zot6 it is a followup/child of the original activity.
+					// For public reshares, some comments to the reshare on the zot fork will not make it to zot6
+					// due to these different message models. This cannot be prevented at this time. 
+
+					if($packet_type === 'activity' && $activity['type'] === 'Announce' && intval($target_item['item_private'])) {
+						continue;
+					}
+
+					$packet = Libzot::build_packet($channel,$packet_type,$zenv,$activity,'activitystreams',(($private) ? $hub['hubloc_sitekey'] : null),$hub['site_crypto']);
 				}
 				else {
-					$packet = zot_build_packet($channel,'notify',$env, (($private) ? $hub['hubloc_sitekey'] : null), $hub['site_crypto'],$hash);
+					// currently zot6 delivery is only performed on normal items and not sync items or mail or anything else
+					// Eventually we will do this for all deliveries, but for now ensure this is precisely what we are dealing 
+					// with before switching to zot6 as the primary zot6 handler checks for the existence of a message delivery report
+					// to trigger dequeue'ing

+					$z6 = (($encoded_item && $encoded_item['type'] === 'activity' && (! array_key_exists('allow_cid',$encoded_item))) ? true : false);
+					if($z6) {
+						$packet = zot6_build_packet($channel,'notify',$env, json_encode($encoded_item), (($private) ? $hub['hubloc_sitekey'] : null), $hub['site_crypto'],$hash);
+					}
+					else {
+						$packet = zot_build_packet($channel,'notify',$env, (($private) ? $hub['hubloc_sitekey'] : null), $hub['site_crypto'],$hash);
+
+					}
 				}	

 				queue_insert(
@@ -661,6 +733,7 @@ class Notifier {
 						'account_id' => $target_item['aid'],
 						'channel_id' => $target_item['uid'],
 						'posturl'    => $hub['hubloc_callback'],
+						'driver'     => $hub['hubloc_network'],
 						'notify'     => $packet,
 						'msg'        => json_encode($encoded_item)
 					]
@@ -61,15 +61,17 @@ class Onepoll {

 		if($contact['xchan_network'] === 'rss') {
 			logger('onepoll: processing feed ' . $contact['xchan_name'], LOGGER_DEBUG);
-			handle_feed($importer['channel_id'],$contact_id,$contact['xchan_hash']);
-			q("update abook set abook_connected = '%s' where abook_id = %d",
-				dbesc(datetime_convert()),
-				intval($contact['abook_id'])
-			);
+			$alive = handle_feed($importer['channel_id'],$contact_id,$contact['xchan_hash']);
+			if ($alive) {
+				q("update abook set abook_connected = '%s' where abook_id = %d",
+					dbesc(datetime_convert()),
+					intval($contact['abook_id'])
+				);
+			}
 			return;
 		}
 	
-		if($contact['xchan_network'] !== 'zot')
+		if(! in_array($contact['xchan_network'],['zot','zot6']))
 			return;

 		// update permissions
@@ -47,7 +47,7 @@ class Poller {
 			$restart = true;
 			$generation = intval($argv[2]);
 			if(! $generation)
-				killme();		
+				return;
 		}

 		if(($argc > 1) && intval($argv[1])) {
@@ -110,7 +110,7 @@ class Poller {
 				}


-				if($contact['xchan_network'] !== 'zot')
+				if(! in_array($contact['xchan_network'],['zot','zot6']))
 					continue;

 				if($c == $t) {
@@ -199,6 +199,7 @@ class Poller {
 		set_config('system','lastpoll',datetime_convert());

 		//All done - clear the lockfile	
+
 		@unlink($lockfile);

 		return;
@@ -12,7 +12,6 @@ class Queue {
 		require_once('include/items.php');
 		require_once('include/bbcode.php');

-
 		if($argc > 1)
 			$queue_id = $argv[1];
 		else
@@ -61,10 +60,20 @@ class Queue {
 			// or just prior to this query based on recent and long-term delivery history. If we have good reason to believe
 			// the site is permanently down, there's no reason to attempt delivery at all, or at most not more than once 
 			// or twice a day. 
-	
-			$r = q("SELECT * FROM outq WHERE outq_delivered = 0 and outq_scheduled < %s ",
+
+			$sqlrandfunc = db_getfunc('rand');
+
+			$r = q("SELECT *,$sqlrandfunc as rn FROM outq WHERE outq_delivered = 0 and outq_scheduled < %s order by rn limit 1",
 				db_utcnow()
 			);
+			while ($r) {
+				foreach($r as $rv) {
+					queue_deliver($rv);
+				}
+				$r = q("SELECT *,$sqlrandfunc as rn FROM outq WHERE outq_delivered = 0 and outq_scheduled < %s order by rn limit 1",
+					db_utcnow()
+				);
+			}
 		}
 		if(! $r)
 			return;
@@ -0,0 +1,48 @@
+<?php
+
+namespace Zotlabs\Extend;
+
+
+class Route {
+
+	static function register($file,$modname) {
+		$rt = self::get();
+		$rt[] = [ $file, $modname ];
+		self::set($rt);
+	}
+
+	static function unregister($file,$modname) {
+		$rt = self::get();
+		if($rt) {
+			$n = [];
+			foreach($rt as $r) {
+				if($r[0] !== $file && $r[1] !== $modname) {
+					$n[] = $r;
+				}
+			}
+			self::set($n);
+		}
+	}
+
+	static function unregister_by_file($file) {
+		$rt = self::get();
+		if($rt) {
+			$n = [];
+			foreach($rt as $r) {
+				if($r[0] !== $file) {
+					$n[] = $r;
+				}
+			}
+			self::set($n);
+		}
+	}
+
+	static function get() {
+		return get_config('system','routes',[]);
+	}
+
+	static function set($r) {
+		return set_config('system','routes',$r);
+	}
+}
+
@@ -0,0 +1,47 @@
+<?php
+
+namespace Zotlabs\Extend;
+
+
+class Widget {
+
+	static function register($file,$widget) {
+		$rt = self::get();
+		$rt[] = [ $file, $widget ];
+		self::set($rt);
+	}
+
+	static function unregister($file,$widget) {
+		$rt = self::get();
+		if($rt) {
+			$n = [];
+			foreach($rt as $r) {
+				if($r[0] !== $file && $r[1] !== $widget) {
+					$n[] = $r;
+				}
+			}
+			self::set($n);
+		}
+	}
+
+	static function unregister_by_file($file) {
+		$rt = self::get();
+		if($rt) {
+			$n = [];
+			foreach($rt as $r) {
+				if($r[0] !== $file) {
+					$n[] = $r;
+				}
+			}
+			self::set($n);
+		}
+	}
+
+	static function get() {
+		return get_config('system','widgets',[]);
+	}
+
+	static function set($r) {
+		return set_config('system','widgets',$r);
+	}
+}
@@ -4,7 +4,7 @@ namespace Zotlabs\Identity;

 class OAuth2Server extends \OAuth2\Server {

-	public function __construct(OAuth2Storage $storage, $config = []) {
+	public function __construct(OAuth2Storage $storage, $config = null) {

 		if(! is_array($config)) {
 			$config = [
@@ -19,7 +19,8 @@ class OAuth2Server extends \OAuth2\Server {
 		$this->addGrantType(new \OAuth2\GrantType\ClientCredentials($storage));

 		// Add the "Authorization Code" grant type (this is where the oauth magic happens)
-		$this->addGrantType(new \OAuth2\GrantType\AuthorizationCode($storage));
+                // Need to use OpenID\GrantType to return id_token (see:https://github.com/bshaffer/oauth2-server-php/issues/443)
+		$this->addGrantType(new \OAuth2\OpenID\GrantType\AuthorizationCode($storage));

 		$keyStorage = new \OAuth2\Storage\Memory( [
 			'keys' => [
@@ -50,20 +50,78 @@ class OAuth2Storage extends \OAuth2\Storage\Pdo {
    public function getUser($username)
    {

-		$x = channelx_by_nick($username);
+		$x = channelx_by_n($username);
 		if(! $x) {
 			return false;
 		}

+		$a = q("select * from account where account_id = %d",
+			intval($x['channel_account_id'])
+		);
+
+		$n = explode(' ', $x['channel_name']);
+
 		return( [
-			'username'  => $x['channel_address'],
-			'user_id'   => $x['channel_id'],
-			'firstName' => $x['channel_name'],
-			'lastName'  => '',
-			'password'  => 'NotARealPassword'
+			'webfinger'   => channel_reddress($x),
+			'portable_id' => $x['channel_hash'],
+			'email'       => $a[0]['account_email'],
+			'username'    => $x['channel_address'],
+			'user_id'     => $x['channel_id'],
+			'name'        => $x['channel_name'],
+			'firstName'   => ((count($n) > 1) ? $n[1] : $n[0]),
+			'lastName'    => ((count($n) > 2) ? $n[count($n) - 1] : ''),
+			'picture'     => $x['xchan_photo_l']
 		] );
    }

+    public function scopeExists($scope) {
+      // Report that the scope is valid even if it's not.
+      // We will only return a very small subset no matter what.
+      // @TODO: Truly validate the scope
+      //    see vendor/bshaffer/oauth2-server-php/src/OAuth2/Storage/ScopeInterface.php and
+      //        vendor/bshaffer/oauth2-server-php/src/OAuth2/Storage/Pdo.php
+      //    for more info.
+      return true;
+    }
+
+    public function getDefaultScope($client_id=null) {
+      // Do not REQUIRE a scope
+      //    see vendor/bshaffer/oauth2-server-php/src/OAuth2/Storage/ScopeInterface.php and
+      //    for more info.
+      return null;
+    }
+
+    public function getUserClaims ($user_id, $claims) {
+      // Populate the CLAIMS requested (if any).
+      // @TODO: create a more reasonable/comprehensive list.
+      // @TODO: present claims on the AUTHORIZATION screen
+
+        $userClaims = Array();
+        $claims = explode (' ', trim($claims));
+        $validclaims = Array ("name","preferred_username","webfinger","portable_id","email","picture","firstName","lastName");
+        $claimsmap = Array (
+                            "webfinger" => 'webfinger',
+                            "portable_id" => 'portable_id',
+                            "name" => 'name',
+							"email" => 'email',
+                            "preferred_username" => 'username',
+							"picture" => 'picture',
+							"given_name" => 'firstName',
+							"family_name" => 'lastName'
+                           );
+        $userinfo = $this->getUser($user_id);
+        foreach ($validclaims as $validclaim) {
+            if (in_array($validclaim,$claims)) {
+              $claimkey = $claimsmap[$validclaim];
+              $userClaims[$validclaim] = $userinfo[$claimkey];
+            } else {
+              $userClaims[$validclaim] = $validclaim;
+            }
+        }
+        $userClaims["sub"]=$user_id;
+        return $userClaims; 
+    }
+
    /**
     * plaintext passwords are bad!  Override this for your application
     *
@@ -78,4 +136,4 @@ class OAuth2Storage extends \OAuth2\Storage\Pdo {
        return true;
    }

-}
+}
@@ -7,22 +7,25 @@ namespace Zotlabs\Lib;
 *
 * Parses an ActivityStream JSON string.
 */
+
 class ActivityStreams {

-	public $raw    = null;
-	public $data;
-	public $valid  = false;
-	public $id     = '';
-	public $type   = '';
-	public $actor  = null;
-	public $obj    = null;
-	public $tgt    = null;
-	public $origin = null;
-	public $owner  = null;
-	public $signer = null;
-	public $ldsig  = null;
-	public $sigok  = false;
-	public $recips = null;
+	public $raw        = null;
+	public $data       = null;
+	public $valid      = false;
+	public $deleted    = false;
+	public $id         = '';
+	public $parent_id  = '';
+	public $type       = '';
+	public $actor      = null;
+	public $obj        = null;
+	public $tgt        = null;
+	public $origin     = null;
+	public $owner      = null;
+	public $signer     = null;
+	public $ldsig      = null;
+	public $sigok      = false;
+	public $recips     = null;
 	public $raw_recips = null;

 	/**
@@ -35,16 +38,49 @@ class ActivityStreams {
 	function __construct($string) {

 		$this->raw  = $string;
-		$this->data = json_decode($string, true);
+
+		if(is_array($string)) {
+			$this->data = $string;
+		}
+		else {
+			$this->data = json_decode($string, true);
+		}

 		if($this->data) {
+
+			// verify and unpack JSalmon signature if present
+			
+			if(is_array($this->data) && array_key_exists('signed',$this->data)) {
+				$ret = JSalmon::verify($this->data);
+				$tmp = JSalmon::unpack($this->data['data']);
+				if($ret && $ret['success']) {
+					if($ret['signer']) {
+						$saved = json_encode($this->data,JSON_UNESCAPED_SLASHES);
+						$this->data = $tmp;
+						$this->data['signer'] = $ret['signer'];
+						$this->data['signed_data'] = $saved;
+						if($ret['hubloc']) {
+							$this->data['hubloc'] = $ret['hubloc'];
+						}
+					}
+				}
+			}
+
 			$this->valid = true;
+
+			if(array_key_exists('type',$this->data) && array_key_exists('actor',$this->data) && array_key_exists('object',$this->data)) {
+				if($this->data['type'] === 'Delete' && $this->data['actor'] === $this->data['object']) {
+					$this->deleted = $this->data['actor'];
+					$this->valid = false;
+				}
+			}
+
 		}

 		if($this->is_valid()) {
 			$this->id     = $this->get_property_obj('id');
 			$this->type   = $this->get_primary_type();
-			$this->actor  = $this->get_compound_property('actor');
+			$this->actor  = $this->get_actor('actor','','');
 			$this->obj    = $this->get_compound_property('object');
 			$this->tgt    = $this->get_compound_property('target');
 			$this->origin = $this->get_compound_property('origin');
@@ -53,14 +89,31 @@ class ActivityStreams {
 			$this->ldsig = $this->get_compound_property('signature');
 			if($this->ldsig) {
 				$this->signer = $this->get_compound_property('creator',$this->ldsig);
-				if($this->signer && $this->signer['publicKey'] && $this->signer['publicKey']['publicKeyPem']) {
-					$this->sigok = \Zotlabs\Lib\LDSignatures::verify($this->data,$this->signer['publicKey']['publicKeyPem']);
+				if($this->signer && is_array($this->signer) && array_key_exists('publicKey',$this->signer) && is_array($this->signer['publicKey']) && $this->signer['publicKey']['publicKeyPem']) {
+					$this->sigok = LDSignatures::verify($this->data,$this->signer['publicKey']['publicKeyPem']);
 				}
 			}

-			if(($this->type === 'Note') && (! $this->obj)) {
+			if(! $this->obj) {
 				$this->obj = $this->data;
 				$this->type = 'Create';
+				if(! $this->actor) {
+					$this->actor = $this->get_actor('attributedTo',$this->obj);
+				}
+			}
+			
+			if($this->obj && is_array($this->obj) && $this->obj['actor'])
+				$this->obj['actor'] = $this->get_actor('actor',$this->obj);
+			if($this->tgt && is_array($this->tgt) && $this->tgt['actor'])
+				$this->tgt['actor'] = $this->get_actor('actor',$this->tgt);
+
+			$this->parent_id = $this->get_property_obj('inReplyTo');
+
+			if((! $this->parent_id) && is_array($this->obj)) {				
+				$this->parent_id = $this->obj['inReplyTo'];
+			}
+			if((! $this->parent_id) && is_array($this->obj)) {				
+				$this->parent_id = $this->obj['id'];
 			}
 		}
 	}
@@ -190,28 +243,32 @@ class ActivityStreams {
 		$base = (($base) ? $base : $this->data);
 		$propname = (($prefix) ? $prefix . ':' : '') . $property;

+		if(! is_array($base)) {
+			btlogger('not an array: ' . print_r($base,true));
+			return null;
+		}
+
 		return ((array_key_exists($propname, $base)) ? $base[$propname] : null);
 	}

+
 	/**
 	 * @brief Fetches a property from an URL.
 	 *
 	 * @param string $url
 	 * @return NULL|mixed
 	 */
+
 	function fetch_property($url) {
-		$redirects = 0;
-		if(! check_siteallowed($url)) {
-			logger('blacklisted: ' . $url);
-			return null;
-		}
+		return self::fetch($url);
+	}

-		$x = z_fetch_url($url, true, $redirects,
-			['headers' => [ 'Accept: application/activity+json, application/ld+json; profile="https://www.w3.org/ns/activitystreams"' ]]);
-		if($x['success'])
-			return json_decode($x['body'], true);
+	static function fetch($url,$channel = null) {
+		return Activity::fetch($url,$channel);
+	}

-		return null;
+	static function is_an_actor($s) {
+		return(in_array($s,[ 'Application','Group','Organization','Person','Service' ]));
 	}

 	/**
@@ -222,10 +279,71 @@ class ActivityStreams {
 	 * @param string $namespace (optional) default empty
 	 * @return NULL|mixed
 	 */
-	function get_compound_property($property, $base = '', $namespace = '') {
+
+	function get_actor($property,$base='',$namespace = '') {
 		$x = $this->get_property_obj($property, $base, $namespace);
 		if($this->is_url($x)) {
-			$x = $this->fetch_property($x);
+
+			// SECURITY: If we have already stored the actor profile, re-generate it 
+			// from cached data - don't refetch it from the network
+
+			$r = q("select * from xchan left join hubloc on xchan_hash = hubloc_hash where hubloc_id_url = '%s' limit 1",
+				dbesc($x)
+			);
+			if($r) {
+				$y = Activity::encode_person($r[0]);
+				$y['cached'] = true;
+				return $y;
+			}
+		}
+		$actor = $this->get_compound_property($property,$base,$namespace,true);
+		if(is_array($actor) && self::is_an_actor($actor['type'])) {
+			if(array_key_exists('id',$actor) && (! array_key_exists('inbox',$actor))) {
+				$actor = $this->fetch_property($actor['id']);
+			}
+			return $actor;
+		}
+		return null;
+	}
+
+
+	/**
+	 * @brief
+	 *
+	 * @param string $property
+	 * @param array $base
+	 * @param string $namespace (optional) default empty
+	 * @param boolean $first (optional) default false, if true and result is a sequential array return only the first element
+	 * @return NULL|mixed
+	 */
+	function get_compound_property($property, $base = '', $namespace = '', $first = false) {
+		$x = $this->get_property_obj($property, $base, $namespace);
+		if($this->is_url($x)) {
+			$y = $this->fetch_property($x);
+			if (is_array($y)) {
+				$x = $y;
+			}
+		}
+
+		// verify and unpack JSalmon signature if present
+			
+		if(is_array($x) && array_key_exists('signed',$x)) {
+			$ret = JSalmon::verify($x);
+			$tmp = JSalmon::unpack($x['data']);
+			if($ret && $ret['success']) {
+				if($ret['signer']) {
+					$saved = json_encode($x,JSON_UNESCAPED_SLASHES);
+					$x = $tmp;
+					$x['signer'] = $ret['signer'];
+					$x['signed_data'] = $saved;
+					if($ret['hubloc']) {
+						$x['hubloc'] = $ret['hubloc'];
+					}
+				}
+			}
+		}
+		if($first && is_array($x) && array_key_exists(0,$x)) {
+			return $x[0];
 		}

 		return $x;
@@ -273,4 +391,18 @@ class ActivityStreams {
 		return $x;
 	}

+
+	static function is_as_request() {
+
+		$x = getBestSupportedMimeType([
+			'application/ld+json;profile="https://www.w3.org/ns/activitystreams"',
+			'application/activity+json',
+			'application/ld+json;profile="http://www.w3.org/ns/activitystreams"'
+		]);
+
+		return(($x) ? true : false);
+
+	}
+
+
 }
@@ -12,8 +12,16 @@ class Api_router {
 	}

 	static function find($path) {
-		if(array_key_exists($path,self::$routes))
+		if (array_key_exists($path,self::$routes)) {
 			return self::$routes[$path];
+		}
+
+		$with_params = dirname($path) . '/[id]';
+
+		if (array_key_exists($with_params,self::$routes)) {
+			return self::$routes[$with_params];
+		}
+
 		return null;
 	}

@@ -11,8 +11,10 @@ class Cache {

 		$hash = hash('whirlpool',$key);

-		$r = q("SELECT v FROM cache WHERE k = '%s' limit 1",
-			dbesc($hash)
+		$r = q("SELECT v FROM cache WHERE k = '%s' AND updated > %s - INTERVAL %s LIMIT 1",
+			dbesc($hash),
+			db_utcnow(),
+			db_quoteinterval(get_config('system','object_cache_days', '30') . ' DAY')
 		);
 			
 		if ($r)
@@ -40,12 +42,5 @@ class Cache {
 				dbesc(datetime_convert()));
 		}
 	}
-
-		
-	public static function clear() {
-		q("DELETE FROM cache WHERE updated < '%s'",
-			dbesc(datetime_convert('UTC','UTC',"now - 30 days")));			
-	}
-		
 }
 	 
@@ -58,10 +58,15 @@ class DB_Upgrade {
 					

 					$c =  new $cls();
+
 					$retval = $c->run();

 					if($retval != UPDATE_SUCCESS) {

+
+						$source = t('Source code of failed update: ') . "\n\n" . @file_get_contents('Zotlabs/Update/' . $s . '.php');
+												
+
 						// Prevent sending hundreds of thousands of emails by creating
 						// a lockfile.  

@@ -86,7 +91,9 @@ class DB_Upgrade {
 										'$sitename' => \App::$config['system']['sitename'],
 										'$siteurl' =>  z_root(),
 										'$update' => $x,
-										'$error' => sprintf( t('Update %s failed. See error logs.'), $x)
+										'$error' => sprintf( t('Update %s failed. See error logs.'), $x),
+										'$baseurl' => z_root(),
+										'$source' => $source
 									]
 								)
 							]
@@ -14,6 +14,7 @@ class DReport {
 		$this->location   = $location;
 		$this->sender     = $sender;
 		$this->recipient  = $recipient;
+		$this->name       = EMPTY_STR;
 		$this->message_id = $message_id;
 		$this->status     = $status;
 		$this->date       = datetime_convert();
@@ -24,8 +25,8 @@ class DReport {
 		$this->date       = datetime_convert();
 	}

-	function addto_recipient($name) {
-		$this->recipient = $this->recipient . ' ' . $name;
+	function set_name($name) {
+		$this->name = $name;
 	}

 	function addto_update($status) {
@@ -37,6 +38,7 @@ class DReport {
 		$this->location   = $arr['location'];
 		$this->sender     = $arr['sender'];
 		$this->recipient  = $arr['recipient'];
+		$this->name       = $arr['name'];
 		$this->message_id = $arr['message_id'];
 		$this->status     = $arr['status'];
 		$this->date       = $arr['date'];
@@ -47,9 +49,99 @@ class DReport {
 			'location'   => $this->location,
 			'sender'     => $this->sender,
 			'recipient'  => $this->recipient,
+			'name'       => $this->name,
 			'message_id' => $this->message_id,
 			'status'     => $this->status,
 			'date'       => $this->date
 		);
 	}
+
+	/**
+	 * @brief decide whether to store a returned delivery report
+	 *
+	 * @param array $dr
+	 * @return boolean
+	 */
+
+	static function is_storable($dr) {
+
+		if(get_config('system', 'disable_dreport'))
+			return false;
+
+		/**
+		 * @hooks dreport_is_storable
+		 *   Called before storing a dreport record to determine whether to store it.
+		 *   * \e array
+		 */
+
+		call_hooks('dreport_is_storable', $dr);
+
+		// let plugins accept or reject - if neither, continue on
+		if(array_key_exists('accept',$dr) && intval($dr['accept']))
+			return true;
+		if(array_key_exists('reject',$dr) && intval($dr['reject']))
+			return false;
+
+		if(! ($dr['sender']))
+			return false;
+
+		// Is the sender one of our channels?
+
+		$c = q("select channel_id from channel where channel_hash = '%s' or channel_portable_id = '%s' limit 1",
+			dbesc($dr['sender']),
+			dbesc($dr['sender'])
+		);
+
+		if(! $c)
+			return false;
+
+		// legacy zot recipients add a space and their name to the xchan. remove it if true.
+
+		$legacy_recipient = strpos($dr['recipient'], ' ');
+		if($legacy_recipient !== false) {
+			$legacy_recipient_parts = explode(' ', $dr['recipient'], 2);
+			$rxchan = $legacy_recipient_parts[0];
+		}
+		else {
+			$rxchan = $dr['recipient'];
+		}
+
+
+
+		// is the recipient one of our connections, or do we want to store every report?
+
+		$pcf = get_pconfig($c[0]['channel_id'],'system','dreport_store_all');
+		if($pcf)
+			return true;
+
+		// We always add ourself as a recipient to private and relayed posts
+		// So if a remote site says they can't find us, that's no big surprise
+		// and just creates a lot of extra report noise
+
+		if(($dr['location'] !== z_root()) && ($dr['sender'] === $rxchan) && ($dr['status'] === 'recipient not found'))
+			return false;
+
+		// If you have a private post with a recipient list, every single site is going to report
+		// back a failed delivery for anybody on that list that isn't local to them. We're only
+		// concerned about this if we have a local hubloc record which says we expected them to
+		// have a channel on that site.
+
+		$r = q("select hubloc_id from hubloc where hubloc_hash = '%s' and hubloc_url = '%s'",
+			dbesc($rxchan),
+			dbesc($dr['location'])
+		);
+		if((! $r) && ($dr['status'] === 'recipient_not_found'))
+			return false;
+
+		$r = q("select abook_id from abook where abook_xchan = '%s' and abook_channel = %d limit 1",
+			dbesc($rxchan),
+			intval($c[0]['channel_id'])
+		);
+		if($r)
+			return true;
+
+		return false;
+	}
+
+
 }
@@ -754,9 +754,9 @@ class Enotify {
 		// generate a multipart/alternative message header
 		$messageHeader =
 			$params['additionalMailHeader'] .
-			"From: $fromName <{$params['fromEmail']}>\n" .
-			"Reply-To: $fromName <{$params['replyTo']}>\n" .
-			"MIME-Version: 1.0\n" .
+			"From: $fromName <{$params['fromEmail']}>" . PHP_EOL .
+			"Reply-To: $fromName <{$params['replyTo']}>" . PHP_EOL . 
+			"MIME-Version: 1.0" . PHP_EOL . 
 			"Content-Type: multipart/alternative; boundary=\"{$mimeBoundary}\"";

 		// assemble the final multipart message body with the text and html types included
@@ -764,15 +764,15 @@ class Enotify {
 		$htmlBody = chunk_split(base64_encode($params['htmlVersion']));

 		$multipartMessageBody =
-			"--" . $mimeBoundary . "\n" .					// plain text section
-			"Content-Type: text/plain; charset=UTF-8\n" .
-			"Content-Transfer-Encoding: base64\n\n" .
-			$textBody . "\n" .
-			"--" . $mimeBoundary . "\n" .					// text/html section
-			"Content-Type: text/html; charset=UTF-8\n" .
-			"Content-Transfer-Encoding: base64\n\n" .
-			$htmlBody . "\n" .
-			"--" . $mimeBoundary . "--\n";					// message ending
+			"--" . $mimeBoundary . PHP_EOL .					// plain text section
+			"Content-Type: text/plain; charset=UTF-8" . PHP_EOL .
+			"Content-Transfer-Encoding: base64" . PHP_EOL . PHP_EOL .
+			$textBody . PHP_EOL .
+			"--" . $mimeBoundary . PHP_EOL .					// text/html section
+			"Content-Type: text/html; charset=UTF-8" . PHP_EOL .
+			"Content-Transfer-Encoding: base64" . PHP_EOL . PHP_EOL . 
+			$htmlBody . PHP_EOL .
+			"--" . $mimeBoundary . "--" . PHP_EOL;					// message ending

 		// send the message
 		$res = mail(
@@ -807,6 +807,11 @@ class Enotify {
 			$itemem_text = (($item['item_thread_top'])
 				? t('created a new post')
 				: sprintf( t('commented on %s\'s post'), $item['owner']['xchan_name']));
+
+			if($item['verb'] === ACTIVITY_SHARE) {
+				$itemem_text = sprintf( t('repeated %s\'s post'), $item['author']['xchan_name']);
+			}
+
 		}

 		$edit = false;
@@ -825,19 +830,32 @@ class Enotify {

 		// convert this logic into a json array just like the system notifications

-		return array(
+		$who = (($item['verb'] === ACTIVITY_SHARE) ? 'owner' : 'author');
+
+		$x = array(
 			'notify_link' => $item['llink'],
-			'name' => $item['author']['xchan_name'],
-			'url' => $item['author']['xchan_url'],
-			'photo' => $item['author']['xchan_photo_s'],
+			'name' => $item[$who]['xchan_name'],
+			'addr' => (($item[$who]['xchan_addr']) ? $item[$who]['xchan_addr'] : $item[$who]['xchan_url']),
+			'url' => $item[$who]['xchan_url'],
+			'photo' => $item[$who]['xchan_photo_s'],
 			'when' => relative_date(($edit)? $item['edited'] : $item['created']), 
 			'class' => (intval($item['item_unseen']) ? 'notify-unseen' : 'notify-seen'),
 			'b64mid' => ((in_array($item['verb'], [ACTIVITY_LIKE, ACTIVITY_DISLIKE])) ? 'b64.' . base64url_encode($item['thr_parent']) : 'b64.' . base64url_encode($item['mid'])),
 			'notify_id' => 'undefined',
 			'thread_top' => (($item['item_thread_top']) ? true : false),
-			'message' => strip_tags(bbcode($itemem_text))
+			'message' => strip_tags(bbcode($itemem_text)),
+			// these are for the superblock addon
+			'hash' => $item[$who]['xchan_hash'],
+			'uid' => local_channel(),
+			'display' => true
 		);

+		call_hooks('enotify_format',$x);
+		if(! $x['display']) {
+			return [];
+		}
+
+		return $x;
 	}

 }
@@ -0,0 +1,405 @@
+<?php 
+
+namespace Zotlabs\Lib;
+
+use Zotlabs\Lib\Libsync;
+
+
+class Group {
+	
+	static function add($uid,$name,$public = 0) {
+
+		$ret = false;
+		if(x($uid) && x($name)) {
+			$r = self::byname($uid,$name); // check for dups
+			if($r !== false) {
+
+				// This could be a problem. 
+				// Let's assume we've just created a group which we once deleted
+				// all the old members are gone, but the group remains so we don't break any security
+				// access lists. What we're doing here is reviving the dead group, but old content which
+				// was restricted to this group may now be seen by the new group members. 
+
+				$z = q("SELECT * FROM pgrp WHERE id = %d LIMIT 1",
+					intval($r)
+				);
+				if(($z) && $z[0]['deleted']) {
+					q('UPDATE pgrp SET deleted = 0 WHERE id = %d', intval($z[0]['id']));
+					notice( t('A deleted group with this name was revived. Existing item permissions <strong>may</strong> apply to this group and any future members. If this is not what you intended, please create another group with a different name.') . EOL); 
+				}
+				return true;
+			}
+
+			do {
+				$dups = false;
+				$hash = random_string(32) . str_replace(['<','>'],['.','.'], $name);
+
+				$r = q("SELECT id FROM pgrp WHERE hash = '%s' LIMIT 1", dbesc($hash));
+				if($r)
+					$dups = true;
+			} while($dups == true);
+
+
+			$r = q("INSERT INTO pgrp ( hash, uid, visible, gname )
+				VALUES( '%s', %d, %d, '%s' ) ",
+				dbesc($hash),
+				intval($uid),
+				intval($public),
+				dbesc($name)
+			);
+			$ret = $r;
+		}
+
+		Libsync::build_sync_packet($uid,null,true);
+		return $ret;
+	}
+
+
+	static function remove($uid,$name) {
+		$ret = false;
+		if(x($uid) && x($name)) {
+			$r = q("SELECT id, hash FROM pgrp WHERE uid = %d AND gname = '%s' LIMIT 1",
+				intval($uid),
+				dbesc($name)
+			);
+			if($r) {
+				$group_id = $r[0]['id'];
+				$group_hash = $r[0]['hash'];
+			}
+
+			if(! $group_id)
+				return false;
+
+			// remove group from default posting lists
+			$r = q("SELECT channel_default_group, channel_allow_gid, channel_deny_gid FROM channel WHERE channel_id = %d LIMIT 1",
+			       intval($uid)
+			);
+			if($r) {
+				$user_info = $r[0];
+				$change = false;
+
+				if($user_info['channel_default_group'] == $group_hash) {
+					$user_info['channel_default_group'] = '';
+					$change = true;
+				}
+				if(strpos($user_info['channel_allow_gid'], '<' . $group_hash . '>') !== false) {
+					$user_info['channel_allow_gid'] = str_replace('<' . $group_hash . '>', '', $user_info['channel_allow_gid']);
+					$change = true;
+				}
+				if(strpos($user_info['channel_deny_gid'], '<' . $group_hash . '>') !== false) {
+					$user_info['channel_deny_gid'] = str_replace('<' . $group_hash . '>', '', $user_info['channel_deny_gid']);
+					$change = true;
+				}
+
+				if($change) {
+					q("UPDATE channel SET channel_default_group = '%s', channel_allow_gid = '%s', channel_deny_gid = '%s' 
+						WHERE channel_id = %d",
+						intval($user_info['channel_default_group']),
+						dbesc($user_info['channel_allow_gid']),
+						dbesc($user_info['channel_deny_gid']),
+						intval($uid)
+					);
+				}
+			}
+
+			// remove all members
+			$r = q("DELETE FROM pgrp_member WHERE uid = %d AND gid = %d ",
+				intval($uid),
+				intval($group_id)
+			);
+
+			// remove group
+			$r = q("UPDATE pgrp SET deleted = 1 WHERE uid = %d AND gname = '%s'",
+				intval($uid),
+				dbesc($name)
+			);
+
+			$ret = $r;
+
+		}
+
+		Libsync::build_sync_packet($uid,null,true);
+
+		return $ret;
+	}
+
+
+	static function byname($uid,$name) {
+		if((! $uid) || (! strlen($name)))
+			return false;
+		$r = q("SELECT * FROM pgrp WHERE uid = %d AND gname = '%s' LIMIT 1",
+			intval($uid),
+			dbesc($name)
+		);
+		if($r)
+			return $r[0]['id'];
+		return false;
+	}
+
+
+	static function rec_byhash($uid,$hash) {
+		if((! $uid) || (! strlen($hash)))
+			return false;
+		$r = q("SELECT * FROM pgrp WHERE uid = %d AND hash = '%s' LIMIT 1",
+			intval($uid),
+			dbesc($hash)
+		);
+		if($r)
+			return $r[0];
+		return false;
+	}
+
+
+	static function member_remove($uid,$name,$member) {
+		$gid = self::byname($uid,$name);
+		if(! $gid)
+			return false;
+		if(! ( $uid && $gid && $member))
+			return false;
+		$r = q("DELETE FROM pgrp_member WHERE uid = %d AND gid = %d AND xchan = '%s' ",
+			intval($uid),
+			intval($gid),
+			dbesc($member)
+		);
+
+		Libsync::build_sync_packet($uid,null,true);
+
+		return $r;
+	}
+
+
+	static function member_add($uid,$name,$member,$gid = 0) {
+		if(! $gid)
+			$gid = self::byname($uid,$name);
+		if((! $gid) || (! $uid) || (! $member))
+			return false;
+
+		$r = q("SELECT * FROM pgrp_member WHERE uid = %d AND gid = %d AND xchan = '%s' LIMIT 1",	
+			intval($uid),
+			intval($gid),
+			dbesc($member)
+		);
+		if($r)
+			return true;	// You might question this, but 
+				// we indicate success because the group member was in fact created
+				// -- It was just created at another time
+	 	if(! $r)
+			$r = q("INSERT INTO pgrp_member (uid, gid, xchan)
+				VALUES( %d, %d, '%s' ) ",
+				intval($uid),
+				intval($gid),
+				dbesc($member)
+		);
+
+		Libsync::build_sync_packet($uid,null,true);
+
+		return $r;
+	}
+
+
+	static function members($gid) {
+		$ret = array();
+		if(intval($gid)) {
+			$r = q("SELECT * FROM pgrp_member 
+				LEFT JOIN abook ON abook_xchan = pgrp_member.xchan left join xchan on xchan_hash = abook_xchan
+				WHERE gid = %d AND abook_channel = %d and pgrp_member.uid = %d and xchan_deleted = 0 and abook_self = 0 and abook_blocked = 0 and abook_pending = 0 ORDER BY xchan_name ASC ",
+				intval($gid),
+				intval(local_channel()),
+				intval(local_channel())
+			);
+			if($r)
+				$ret = $r;
+		}
+		return $ret;
+	}
+
+	static function members_xchan($gid) {
+		$ret = [];
+		if(intval($gid)) {
+			$r = q("SELECT xchan FROM pgrp_member WHERE gid = %d AND uid = %d",
+				intval($gid),
+				intval(local_channel())
+			);
+			if($r) {
+				foreach($r as $rr) {
+					$ret[] = $rr['xchan'];
+				}
+			}
+		}
+		return $ret;
+	}
+
+	static function members_profile_xchan($uid,$gid) {
+		$ret = [];
+
+		if(intval($gid)) {
+			$r = q("SELECT abook_xchan as xchan from abook left join profile on abook_profile = profile_guid where profile.id = %d and profile.uid = %d",
+				intval($gid),
+				intval($uid)
+			);
+			if($r) {
+				foreach($r as $rr) {
+					$ret[] = $rr['xchan'];
+				}
+			}
+		}
+		return $ret;
+	}
+
+
+
+
+	static function select($uid,$group = '') {
+	
+		$grps = [];
+		$o = '';
+
+		$r = q("SELECT * FROM pgrp WHERE deleted = 0 AND uid = %d ORDER BY gname ASC",
+			intval($uid)
+		);
+		$grps[] = array('name' => '', 'hash' => '0', 'selected' => '');
+		if($r) {
+			foreach($r as $rr) {
+				$grps[] = array('name' => $rr['gname'], 'id' => $rr['hash'], 'selected' => (($group == $rr['hash']) ? 'true' : ''));
+			}
+
+		}
+		logger('select: ' . print_r($grps,true), LOGGER_DATA);
+
+		$o = replace_macros(get_markup_template('group_selection.tpl'), array(
+			'$label' => t('Add new connections to this privacy group'),
+			'$groups' => $grps 
+		));
+		return $o;
+	}
+
+
+
+
+	static function widget($every="connections",$each="group",$edit = false, $group_id = 0, $cid = '',$mode = 1) {
+
+		$o = '';
+
+		if(! (local_channel() && feature_enabled(local_channel(),'groups'))) {
+			return '';
+		}
+
+		$groups = array();
+
+		$r = q("SELECT * FROM pgrp WHERE deleted = 0 AND uid = %d ORDER BY gname ASC",
+			intval($_SESSION['uid'])
+		);
+		$member_of = array();
+		if($cid) {
+			$member_of = self::containing(local_channel(),$cid);
+		} 
+
+		if($r) {
+			foreach($r as $rr) {
+				$selected = (($group_id == $rr['id']) ? ' group-selected' : '');
+			
+				if ($edit) {
+					$groupedit = [ 'href' => "group/".$rr['id'], 'title' => t('edit') ];
+				} 
+				else {
+					$groupedit = null;
+				}
+			
+				$groups[] = [
+					'id'		=> $rr['id'],
+					'enc_cid'   => base64url_encode($cid),
+					'cid'		=> $cid,
+					'text' 		=> $rr['gname'],
+					'selected' 	=> $selected,
+					'href'		=> (($mode == 0) ? $each.'?f=&gid='.$rr['id'] : $each."/".$rr['id']) . ((x($_GET,'new')) ? '&new=' . $_GET['new'] : '') . ((x($_GET,'order')) ? '&order=' . $_GET['order'] : ''),
+					'edit'		=> $groupedit,
+					'ismember'	=> in_array($rr['id'],$member_of),
+				];
+			}
+		}
+	
+	
+		$tpl = get_markup_template("group_side.tpl");
+		$o = replace_macros($tpl, array(
+			'$title'		=> t('Privacy Groups'),
+			'$edittext'     => t('Edit group'),
+			'$createtext' 	=> t('Add privacy group'),
+			'$ungrouped'    => (($every === 'contacts') ? t('Channels not in any privacy group') : ''),
+			'$groups'		=> $groups,
+			'$add'			=> t('add'),
+		));
+		
+	
+		return $o;
+	}
+
+
+	static function expand($g) {
+		if(! (is_array($g) && count($g)))
+			return array();
+
+		$ret = [];
+		$x   = [];
+
+		// private profile linked virtual groups
+
+		foreach($g as $gv) {
+			if(substr($gv,0,3) === 'vp.') {
+				$profile_hash = substr($gv,3);
+				if($profile_hash) {
+					$r = q("select abook_xchan from abook where abook_profile = '%s'",
+						dbesc($profile_hash)
+					);
+					if($r) {
+						foreach($r as $rv) {
+							$ret[] = $rv['abook_xchan'];
+						}
+					}
+				}
+			}
+			else {
+				$x[] = $gv;
+			}
+		}								 
+
+		if($x) {
+			stringify_array_elms($x,true);
+			$groups = implode(',', $x);
+			if($groups) {
+				$r = q("SELECT xchan FROM pgrp_member WHERE gid IN ( select id from pgrp where hash in ( $groups ))");
+				if($r) {
+					foreach($r as $rr) {
+						$ret[] = $rr['xchan'];
+					}
+				}
+			}
+		}
+		return $ret;
+	}
+
+
+	static function member_of($c) {
+		$r = q("SELECT pgrp.gname, pgrp.id FROM pgrp LEFT JOIN pgrp_member ON pgrp_member.gid = pgrp.id WHERE pgrp_member.xchan = '%s' AND pgrp.deleted = 0 ORDER BY pgrp.gname  ASC ",
+			dbesc($c)
+		);
+
+		return $r;
+
+	}
+
+	static function containing($uid,$c) {
+
+		$r = q("SELECT gid FROM pgrp_member WHERE uid = %d AND pgrp_member.xchan = '%s' ",
+			intval($uid),
+			dbesc($c)
+		);
+
+		$ret = array();
+		if($r) {
+			foreach($r as $rr)
+				$ret[] = $rr['gid'];
+		}
+	
+		return $ret;
+	}
+}
@@ -2,15 +2,13 @@

 namespace Zotlabs\Lib;

+use Zotlabs\Web\HTTPSig;

 class JSalmon {

-	static function sign($data,$key_id,$key) {
+	static function sign($data,$key_id,$key,$data_type = 'application/x-zot+json') {

-		$arr       = $data;
-		$data      = json_encode($data,JSON_UNESCAPED_SLASHES);
-		$data      = base64url_encode($data, false); // do not strip padding
-		$data_type = 'application/x-zot+json';
+		$data      = base64url_encode(json_encode($data,true),true); // strip padding
 		$encoding  = 'base64url';
 		$algorithm = 'RSA-SHA256';

@@ -18,9 +16,9 @@ class JSalmon {

 		// precomputed base64url encoding of data_type, encoding, algorithm concatenated with periods

-		$precomputed = '.' . base64url_encode($data_type,false) . '.YmFzZTY0dXJs.UlNBLVNIQTI1Ng==';
+		$precomputed = '.' . base64url_encode($data_type,true) . '.YmFzZTY0dXJs.UlNBLVNIQTI1Ng';

-		$signature  = base64url_encode(rsa_sign($data . $precomputed, $key), false);
+		$signature  = base64url_encode(rsa_sign($data . $precomputed, $key), true);

 		return ([
 			'signed'    => true,
@@ -30,9 +28,45 @@ class JSalmon {
 			'alg'       => $algorithm,
 			'sigs'      => [
 				'value'  => $signature,
-				'key_id' => base64url_encode($key_id)
+				'key_id' => base64url_encode($key_id, true)
 			]
 		]);

 	}
+
+	static function verify($x) {
+
+		logger('verify');
+		$ret = [ 'results' => [] ];
+
+		if(! is_array($x)) {
+			return $false;
+		}
+		if(! ( array_key_exists('signed',$x) && $x['signed'])) {
+			return $false;
+		}
+
+		$signed_data = preg_replace('/\s+/','',$x['data']) . '.' 
+			. base64url_encode($x['data_type'],true) . '.' 
+			. base64url_encode($x['encoding'],true) . '.' 
+			. base64url_encode($x['alg'],true);
+
+		$key = HTTPSig::get_key(EMPTY_STR,base64url_decode($x['sigs']['key_id']));
+		 logger('key: ' . print_r($key,true));
+		if($key['portable_id'] && $key['public_key']) {
+			if(rsa_verify($signed_data,base64url_decode($x['sigs']['value']),$key['public_key'])) {
+				logger('verified');
+				$ret = [ 'success' => true, 'signer' => $key['portable_id'], 'hubloc' => $key['hubloc'] ];
+			}
+		}
+
+		return $ret;
+
+	}
+
+	static function unpack($data) {
+		return json_decode(base64url_decode($data),true);
+	}
+
+
 }
@@ -29,8 +29,8 @@ class LDSignatures {
 		$options = [
 			'type' => 'RsaSignature2017',
 			'nonce' => random_string(64),
-			'creator' => z_root() . '/channel/' . $channel['channel_address'] . '/public_key_pem',
-			'created' => datetime_convert('UTC','UTC', 'now', 'Y-m-d\Th:i:s\Z')
+			'creator' => z_root() . '/channel/' . $channel['channel_address'],
+			'created' => datetime_convert('UTC','UTC', 'now', 'Y-m-d\TH:i:s\Z')
 		];

 		$ohash = self::hash(self::signable_options($options));
@@ -124,7 +124,7 @@ class LDSignatures {
 			'meDataType'  => $data_type,
 			'meEncoding'  => $encoding,
 			'meAlgorithm' => $algorithm,
-			'meCreator'   => z_root() . '/channel/' . $channel['channel_address'] . '/public_key_pem',
+			'meCreator'   => z_root() . '/channel/' . $channel['channel_address'],
 			'meSignatureValue' => $signature
 		]);

@@ -132,4 +132,4 @@ class LDSignatures {



-}
+}
@@ -0,0 +1,654 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+use Zotlabs\Lib\Libzot;
+
+require_once('include/permissions.php');
+
+
+class Libzotdir {
+
+	/**
+	 * @brief
+	 *
+	 * @param int $dirmode
+	 * @return array
+	 */
+
+	static function find_upstream_directory($dirmode) {
+		global $DIRECTORY_FALLBACK_SERVERS;
+
+		$preferred = get_config('system','directory_server');
+
+		// Thwart attempts to use a private directory
+
+		if(($preferred) && ($preferred != z_root())) {
+			$r = q("select * from site where site_url = '%s' limit 1",
+				dbesc($preferred)
+			);
+			if(($r) && ($r[0]['site_flags'] & DIRECTORY_MODE_STANDALONE)) {
+				$preferred = '';
+			}		
+		}
+
+
+		if (! $preferred) {
+
+			/*
+			 * No directory has yet been set. For most sites, pick one at random
+			 * from our list of directory servers. However, if we're a directory
+			 * server ourself, point at the local instance
+			 * We will then set this value so this should only ever happen once.
+			 * Ideally there will be an admin setting to change to a different 
+			 * directory server if you don't like our choice or if circumstances change.
+			 */
+
+			$dirmode = intval(get_config('system','directory_mode'));
+			if ($dirmode == DIRECTORY_MODE_NORMAL) {
+				$toss = mt_rand(0,count($DIRECTORY_FALLBACK_SERVERS));
+				$preferred = $DIRECTORY_FALLBACK_SERVERS[$toss];
+				if(! $preferred) {
+					$preferred = DIRECTORY_FALLBACK_MASTER;
+				}
+				set_config('system','directory_server',$preferred);
+			} 
+			else {
+				set_config('system','directory_server',z_root());
+			}
+		}
+		if($preferred) {
+			return [ 'url' => $preferred ];
+		}
+		else {
+			return [];
+		}
+	}
+
+
+	/**
+	 * Directories may come and go over time. We will need to check that our
+	 * directory server is still valid occasionally, and reset to something that
+	 * is if our directory has gone offline for any reason
+	 */
+
+	static function check_upstream_directory() {
+
+		$directory = get_config('system', 'directory_server');
+
+		// it's possible there is no directory server configured and the local hub is being used.
+		// If so, default to preserving the absence of a specific server setting.
+
+		$isadir = true;
+
+		if ($directory) {
+			$j = Zotfinger::exec($directory);
+			if(array_path_exists('data/directory_mode',$j)) {
+				if ($j['data']['directory_mode'] === 'normal') {
+					$isadir = false;
+				}
+			}
+		}
+
+		if (! $isadir)
+			set_config('system', 'directory_server', '');
+	}
+
+
+	static function get_directory_setting($observer, $setting) {
+
+		if ($observer)
+			$ret = get_xconfig($observer, 'directory', $setting);
+		else
+			$ret = ((array_key_exists($setting,$_SESSION)) ? intval($_SESSION[$setting]) : false);
+
+		if($ret === false)
+			$ret = get_config('directory', $setting);
+
+
+		// 'safemode' is the default if there is no observer or no established preference. 
+
+		if($setting === 'safemode' && $ret === false)
+			$ret = 1;
+
+		if($setting === 'globaldir' && intval(get_config('system','localdir_hide')))
+			$ret = 1;
+
+		return $ret;
+	}
+
+	/**
+	 * @brief Called by the directory_sort widget.
+	 */
+	static function dir_sort_links() {
+
+		$safe_mode = 1;
+
+		$observer = get_observer_hash();
+
+		$safe_mode = self::get_directory_setting($observer, 'safemode');
+		$globaldir = self::get_directory_setting($observer, 'globaldir');
+		$pubforums = self::get_directory_setting($observer, 'pubforums');
+
+		$hide_local = intval(get_config('system','localdir_hide'));
+		if($hide_local)
+			$globaldir = 1;
+
+
+		// Build urls without order and pubforums so it's easy to tack on the changed value
+		// Probably there's an easier way to do this
+
+		$directory_sort_order = get_config('system','directory_sort_order');
+		if(! $directory_sort_order)
+			$directory_sort_order = 'date';
+
+		$current_order = (($_REQUEST['order']) ? $_REQUEST['order'] : $directory_sort_order);
+		$suggest = (($_REQUEST['suggest']) ? '&suggest=' . $_REQUEST['suggest'] : '');
+
+		$url = 'directory?f=';
+
+		$tmp = array_merge($_GET,$_POST);
+		unset($tmp['suggest']);
+		unset($tmp['pubforums']);
+		unset($tmp['global']);
+		unset($tmp['safe']);
+		unset($tmp['q']);
+		unset($tmp['f']);
+		$forumsurl = $url . http_build_query($tmp) . $suggest;
+
+		$o = replace_macros(get_markup_template('dir_sort_links.tpl'), [
+			'$header'    => t('Directory Options'),
+			'$forumsurl' => $forumsurl,
+			'$safemode'  => array('safemode', t('Safe Mode'),$safe_mode,'',array(t('No'), t('Yes')),' onchange=\'window.location.href="' . $forumsurl . '&safe="+(this.checked ? 1 : 0)\''),
+			'$pubforums' => array('pubforums', t('Public Forums Only'),$pubforums,'',array(t('No'), t('Yes')),' onchange=\'window.location.href="' . $forumsurl . '&pubforums="+(this.checked ? 1 : 0)\''),
+			'$hide_local' => $hide_local,
+			'$globaldir' => array('globaldir', t('This Website Only'), 1-intval($globaldir),'',array(t('No'), t('Yes')),' onchange=\'window.location.href="' . $forumsurl . '&global="+(this.checked ? 0 : 1)\''),
+		]);
+
+		return $o;
+	}
+
+	/**
+	 * @brief Checks the directory mode of this hub.
+	 *
+	 * Checks the directory mode of this hub to see if it is some form of directory server. If it is,
+	 * get the directory realm of this hub. Fetch a list of all other directory servers in this realm and request
+	 * a directory sync packet. This will contain both directory updates and new ratings. Store these all in the DB. 
+	 * In the case of updates, we will query each of them asynchronously from a poller task. Ratings are stored 
+	 * directly if the rater's signature matches.
+	 *
+	 * @param int $dirmode;
+	 */
+
+	static function sync_directories($dirmode) {
+
+		if ($dirmode == DIRECTORY_MODE_STANDALONE || $dirmode == DIRECTORY_MODE_NORMAL)
+			return;
+
+		$realm = get_directory_realm();
+		if ($realm == DIRECTORY_REALM) {
+			$r = q("select * from site where (site_flags & %d) > 0 and site_url != '%s' and site_type = %d and ( site_realm = '%s' or site_realm = '') ",
+				intval(DIRECTORY_MODE_PRIMARY|DIRECTORY_MODE_SECONDARY),
+				dbesc(z_root()),
+				intval(SITE_TYPE_ZOT),
+				dbesc($realm)
+			);
+		} 
+		else {
+			$r = q("select * from site where (site_flags & %d) > 0 and site_url != '%s' and site_realm like '%s' and site_type = %d ",
+				intval(DIRECTORY_MODE_PRIMARY|DIRECTORY_MODE_SECONDARY),
+				dbesc(z_root()),
+				dbesc(protect_sprintf('%' . $realm . '%')),
+				intval(SITE_TYPE_ZOT)
+			);
+		}
+
+		// If there are no directory servers, setup the fallback master
+		/** @FIXME What to do if we're in a different realm? */
+
+		if ((! $r) && (z_root() != DIRECTORY_FALLBACK_MASTER)) {
+
+			$x = site_store_lowlevel(
+				[
+					'site_url'       => DIRECTORY_FALLBACK_MASTER,
+					'site_flags'     => DIRECTORY_MODE_PRIMARY,
+					'site_update'    => NULL_DATE, 
+					'site_directory' => DIRECTORY_FALLBACK_MASTER . '/dirsearch',
+					'site_realm'     => DIRECTORY_REALM,
+					'site_valid'     => 1,
+				]
+			);
+
+			$r = q("select * from site where site_flags in (%d, %d) and site_url != '%s' and site_type = %d ",
+				intval(DIRECTORY_MODE_PRIMARY),
+				intval(DIRECTORY_MODE_SECONDARY),
+				dbesc(z_root()),
+				intval(SITE_TYPE_ZOT)
+			);
+		}
+		if (! $r)
+			return;
+
+		foreach ($r as $rr) {
+			if (! $rr['site_directory'])
+				continue;
+
+			logger('sync directories: ' . $rr['site_directory']);
+
+			// for brand new directory servers, only load the last couple of days.
+			// It will take about a month for a new directory to obtain the full current repertoire of channels.
+			/** @FIXME Go back and pick up earlier ratings if this is a new directory server. These do not get refreshed. */
+
+			$token = get_config('system','realm_token');
+
+			$syncdate = (($rr['site_sync'] <= NULL_DATE) ? datetime_convert('UTC','UTC','now - 2 days') : $rr['site_sync']);
+			$x = z_fetch_url($rr['site_directory'] . '?f=&sync=' . urlencode($syncdate) . (($token) ? '&t=' . $token : ''));
+
+			if (! $x['success'])
+				continue;
+
+			$j = json_decode($x['body'],true);
+			if (!($j['transactions']) || ($j['ratings']))
+				continue;
+
+			q("update site set site_sync = '%s' where site_url = '%s'",
+				dbesc(datetime_convert()),
+				dbesc($rr['site_url'])
+			);
+
+			logger('sync_directories: ' . $rr['site_url'] . ': ' . print_r($j,true), LOGGER_DATA);
+
+			if (is_array($j['transactions']) && count($j['transactions'])) {
+				foreach ($j['transactions'] as $t) {
+					$r = q("select * from updates where ud_guid = '%s' limit 1",
+						dbesc($t['transaction_id'])
+					);
+					if($r)
+						continue;
+
+					$ud_flags = 0;
+					if (is_array($t['flags']) && in_array('deleted',$t['flags']))
+						$ud_flags |= UPDATE_FLAGS_DELETED;
+					if (is_array($t['flags']) && in_array('forced',$t['flags']))
+						$ud_flags |= UPDATE_FLAGS_FORCED;
+	
+					$z = q("insert into updates ( ud_hash, ud_guid, ud_date, ud_flags, ud_addr )
+						values ( '%s', '%s', '%s', %d, '%s' ) ",
+						dbesc($t['hash']),
+						dbesc($t['transaction_id']),
+						dbesc($t['timestamp']),
+						intval($ud_flags),
+						dbesc($t['address'])
+					);
+				}
+			}
+		}
+	}
+
+
+
+	/**
+	 * @brief
+	 *
+	 * Given an update record, probe the channel, grab a zot-info packet and refresh/sync the data.
+	 *
+	 * Ignore updating records marked as deleted.
+	 *
+	 * If successful, sets ud_last in the DB to the current datetime for this
+	 * reddress/webbie.
+	 *
+	 * @param array $ud Entry from update table
+	 */
+
+	static function update_directory_entry($ud) {
+
+		logger('update_directory_entry: ' . print_r($ud,true), LOGGER_DATA);
+
+		if ($ud['ud_addr'] && (! ($ud['ud_flags'] & UPDATE_FLAGS_DELETED))) {
+			$success = false;
+
+			$href = \Zotlabs\Lib\Webfinger::zot_url(punify($ud['ud_addr']));
+			if($href) {
+				$zf = \Zotlabs\Lib\Zotfinger::exec($href);
+			}
+			if(is_array($zf) && array_path_exists('signature/signer',$zf) && $zf['signature']['signer'] === $href && intval($zf['signature']['header_valid'])) {
+				$xc = Libzot::import_xchan($zf['data'], 0, $ud);
+			}
+			else {
+				q("update updates set ud_last = '%s' where ud_addr = '%s'",
+					dbesc(datetime_convert()),
+					dbesc($ud['ud_addr'])
+				);
+			}
+		}
+	}
+
+
+	/**
+	 * @brief Push local channel updates to a local directory server.
+	 *
+	 * This is called from include/directory.php if a profile is to be pushed to the
+	 * directory and the local hub in this case is any kind of directory server.
+	 *
+	 * @param int $uid
+	 * @param boolean $force
+	 */
+
+	static function local_dir_update($uid, $force) {
+
+	
+		logger('local_dir_update: uid: ' . $uid, LOGGER_DEBUG);
+
+		$p = q("select channel.channel_hash, channel_address, channel_timezone, profile.* from profile left join channel on channel_id = uid where uid = %d and is_default = 1",
+			intval($uid)
+		);
+
+		$profile = array();
+		$profile['encoding'] = 'zot';
+
+		if ($p) {
+			$hash = $p[0]['channel_hash'];
+
+			$profile['description'] = $p[0]['pdesc'];
+			$profile['birthday']    = $p[0]['dob'];
+			if ($age = age($p[0]['dob'],$p[0]['channel_timezone'],''))  
+				$profile['age'] = $age;
+
+			$profile['gender']      = $p[0]['gender'];
+			$profile['marital']     = $p[0]['marital'];
+			$profile['sexual']      = $p[0]['sexual'];
+			$profile['locale']      = $p[0]['locality'];
+			$profile['region']      = $p[0]['region'];
+			$profile['postcode']    = $p[0]['postal_code'];
+			$profile['country']     = $p[0]['country_name'];
+			$profile['about']       = $p[0]['about'];
+			$profile['homepage']    = $p[0]['homepage'];
+			$profile['hometown']    = $p[0]['hometown'];
+
+			if ($p[0]['keywords']) {
+				$tags = array();
+				$k = explode(' ', $p[0]['keywords']);
+				if ($k)
+					foreach ($k as $kk)
+						if (trim($kk))
+							$tags[] = trim($kk);
+
+				if ($tags)
+					$profile['keywords'] = $tags;
+			}
+
+			$hidden = (1 - intval($p[0]['publish']));
+
+			logger('hidden: ' . $hidden);
+
+			$r = q("select xchan_hidden from xchan where xchan_hash = '%s' limit 1",
+				dbesc($p[0]['channel_hash'])
+			);
+
+			if(intval($r[0]['xchan_hidden']) != $hidden) {
+				$r = q("update xchan set xchan_hidden = %d where xchan_hash = '%s'",
+					intval($hidden),
+					dbesc($p[0]['channel_hash'])
+				);
+			}
+
+			$arr = [ 'channel_id' => $uid, 'hash' => $hash, 'profile' => $profile ];
+			call_hooks('local_dir_update', $arr);
+
+			$address = channel_reddress($p[0]);
+
+			if (perm_is_allowed($uid, '', 'view_profile')) {
+				self::import_directory_profile($hash, $arr['profile'], $address, 0);
+			}
+			else {
+				// they may have made it private
+				$r = q("delete from xprof where xprof_hash = '%s'",
+					dbesc($hash)
+				);
+				$r = q("delete from xtag where xtag_hash = '%s'",
+					dbesc($hash)
+				);
+			}
+	
+		}
+
+		$ud_hash = random_string() . '@' . \App::get_hostname();
+		self::update_modtime($hash, $ud_hash, channel_reddress($p[0]),(($force) ? UPDATE_FLAGS_FORCED : UPDATE_FLAGS_UPDATED));
+	}
+
+
+
+	/**
+	 * @brief Imports a directory profile.
+	 *
+	 * @param string $hash
+	 * @param array $profile
+	 * @param string $addr
+	 * @param number $ud_flags (optional) UPDATE_FLAGS_UPDATED
+	 * @param number $suppress_update (optional) default 0
+	 * @return boolean $updated if something changed
+	 */
+
+	static function import_directory_profile($hash, $profile, $addr, $ud_flags = UPDATE_FLAGS_UPDATED, $suppress_update = 0) {
+
+		logger('import_directory_profile', LOGGER_DEBUG);
+		if (! $hash)
+			return false;
+
+		$arr = array();
+
+		$arr['xprof_hash']         = $hash;
+		$arr['xprof_dob']          = (($profile['birthday'] === '0000-00-00') ? $profile['birthday'] : datetime_convert('','',$profile['birthday'],'Y-m-d')); // !!!! check this for 0000 year
+		$arr['xprof_age']          = (($profile['age'])         ? intval($profile['age']) : 0);
+		$arr['xprof_desc']         = (($profile['description']) ? htmlspecialchars($profile['description'], ENT_COMPAT,'UTF-8',false) : '');	
+		$arr['xprof_gender']       = (($profile['gender'])      ? htmlspecialchars($profile['gender'],      ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_marital']      = (($profile['marital'])     ? htmlspecialchars($profile['marital'],     ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_sexual']       = (($profile['sexual'])      ? htmlspecialchars($profile['sexual'],      ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_locale']       = (($profile['locale'])      ? htmlspecialchars($profile['locale'],      ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_region']       = (($profile['region'])      ? htmlspecialchars($profile['region'],      ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_postcode']     = (($profile['postcode'])    ? htmlspecialchars($profile['postcode'],    ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_country']      = (($profile['country'])     ? htmlspecialchars($profile['country'],     ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_about']        = (($profile['about'])       ? htmlspecialchars($profile['about'],       ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_homepage']     = (($profile['homepage'])    ? htmlspecialchars($profile['homepage'],    ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_hometown']     = (($profile['hometown'])    ? htmlspecialchars($profile['hometown'],    ENT_COMPAT,'UTF-8',false) : '');
+
+		$clean = array();
+		if (array_key_exists('keywords', $profile) and is_array($profile['keywords'])) {
+			self::import_directory_keywords($hash,$profile['keywords']);
+			foreach ($profile['keywords'] as $kw) {
+				$kw = trim(htmlspecialchars($kw,ENT_COMPAT, 'UTF-8', false));
+				$kw = trim($kw, ',');
+				$clean[] = $kw;
+			}
+		}
+
+		$arr['xprof_keywords'] = implode(' ',$clean);
+
+		// Self censored, make it so
+		// These are not translated, so the German "erwachsenen" keyword will not censor the directory profile. Only the English form - "adult".
+
+
+		if(in_arrayi('nsfw',$clean) || in_arrayi('adult',$clean)) {
+			q("update xchan set xchan_selfcensored = 1 where xchan_hash = '%s'",
+				dbesc($hash)
+			);
+		}
+
+		$r = q("select * from xprof where xprof_hash = '%s' limit 1",
+			dbesc($hash)
+		);
+
+		if ($arr['xprof_age'] > 150)
+			$arr['xprof_age'] = 150;
+		if ($arr['xprof_age'] < 0)
+			$arr['xprof_age'] = 0;
+
+		if ($r) {
+			$update = false;
+			foreach ($r[0] as $k => $v) {
+				if ((array_key_exists($k,$arr)) && ($arr[$k] != $v)) {
+					logger('import_directory_profile: update ' . $k . ' => ' . $arr[$k]);
+					$update = true;
+					break;
+				}
+			}
+			if ($update) {
+				q("update xprof set
+					xprof_desc = '%s',
+					xprof_dob = '%s',
+					xprof_age = %d,
+					xprof_gender = '%s',
+					xprof_marital = '%s',
+					xprof_sexual = '%s',
+					xprof_locale = '%s',
+					xprof_region = '%s',
+					xprof_postcode = '%s',
+					xprof_country = '%s',
+					xprof_about = '%s',
+					xprof_homepage = '%s',
+					xprof_hometown = '%s',
+					xprof_keywords = '%s'
+					where xprof_hash = '%s'",
+					dbesc($arr['xprof_desc']),
+					dbesc($arr['xprof_dob']),
+					intval($arr['xprof_age']),
+					dbesc($arr['xprof_gender']),
+					dbesc($arr['xprof_marital']),
+					dbesc($arr['xprof_sexual']),
+					dbesc($arr['xprof_locale']),
+					dbesc($arr['xprof_region']),
+					dbesc($arr['xprof_postcode']),
+					dbesc($arr['xprof_country']),
+					dbesc($arr['xprof_about']),
+					dbesc($arr['xprof_homepage']),
+					dbesc($arr['xprof_hometown']),
+					dbesc($arr['xprof_keywords']),
+					dbesc($arr['xprof_hash'])
+				);
+			}
+		} else {
+			$update = true;
+			logger('New profile');
+			q("insert into xprof (xprof_hash, xprof_desc, xprof_dob, xprof_age, xprof_gender, xprof_marital, xprof_sexual, xprof_locale, xprof_region, xprof_postcode, xprof_country, xprof_about, xprof_homepage, xprof_hometown, xprof_keywords) values ('%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s') ",
+				dbesc($arr['xprof_hash']),
+				dbesc($arr['xprof_desc']),
+				dbesc($arr['xprof_dob']),
+				intval($arr['xprof_age']),
+				dbesc($arr['xprof_gender']),
+				dbesc($arr['xprof_marital']),
+				dbesc($arr['xprof_sexual']),
+				dbesc($arr['xprof_locale']),
+				dbesc($arr['xprof_region']),
+				dbesc($arr['xprof_postcode']),
+				dbesc($arr['xprof_country']),
+				dbesc($arr['xprof_about']),
+				dbesc($arr['xprof_homepage']),
+				dbesc($arr['xprof_hometown']),
+				dbesc($arr['xprof_keywords'])
+			);
+		}
+
+		$d = [
+			'xprof' => $arr,
+			'profile' => $profile,
+			'update' => $update
+		];
+		/**
+		 * @hooks import_directory_profile
+		 *   Called when processing delivery of a profile structure from an external source (usually for directory storage).
+		 *   * \e array \b xprof
+		 *   * \e array \b profile
+		 *   * \e boolean \b update
+		 */
+		call_hooks('import_directory_profile', $d);
+
+		if (($d['update']) && (! $suppress_update))
+			self::update_modtime($arr['xprof_hash'],random_string() . '@' . \App::get_hostname(), $addr, $ud_flags);
+
+		return $d['update'];
+	}
+
+	/**
+	 * @brief
+	 *
+	 * @param string $hash An xtag_hash
+	 * @param array $keywords
+	 */
+
+	static function import_directory_keywords($hash, $keywords) {
+
+		$existing = array();
+		$r = q("select * from xtag where xtag_hash = '%s' and xtag_flags = 0",
+			dbesc($hash)
+		);
+
+		if($r) {
+			foreach($r as $rr)
+				$existing[] = $rr['xtag_term'];
+		}
+
+		$clean = array();
+		foreach($keywords as $kw) {
+			$kw = trim(htmlspecialchars($kw,ENT_COMPAT, 'UTF-8', false));
+			$kw = trim($kw, ',');
+			$clean[] = $kw;
+		}
+
+		foreach($existing as $x) {
+			if(! in_array($x, $clean))
+				$r = q("delete from xtag where xtag_hash = '%s' and xtag_term = '%s' and xtag_flags = 0",
+					dbesc($hash),
+					dbesc($x)
+				);
+		}
+		foreach($clean as $x) {
+			if(! in_array($x, $existing)) {
+				$r = q("insert into xtag ( xtag_hash, xtag_term, xtag_flags) values ( '%s' ,'%s', 0 )",
+					dbesc($hash),
+					dbesc($x)
+				);
+			}
+		}
+	}
+
+
+	/**
+	 * @brief
+	 *
+	 * @param string $hash
+	 * @param string $guid
+	 * @param string $addr
+	 * @param int $flags (optional) default 0
+	 */
+
+	static function update_modtime($hash, $guid, $addr, $flags = 0) {
+
+		$dirmode = intval(get_config('system', 'directory_mode'));
+
+		if($dirmode == DIRECTORY_MODE_NORMAL)
+			return;
+
+		if($flags) {
+			q("insert into updates (ud_hash, ud_guid, ud_date, ud_flags, ud_addr ) values ( '%s', '%s', '%s', %d, '%s' )",
+				dbesc($hash),
+				dbesc($guid),
+				dbesc(datetime_convert()),
+				intval($flags),
+				dbesc($addr)
+			);	
+		}
+		else {
+			q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and not (ud_flags & %d)>0 ",
+				intval(UPDATE_FLAGS_UPDATED),
+				dbesc($addr),
+				intval(UPDATE_FLAGS_UPDATED)
+			);
+		}
+	}
+
+
+
+
+
+
+}
@@ -19,7 +19,7 @@ class MessageFilter {

 		$lang = null;

-		if((strpos($incl,'lang=') !== false) || (strpos($excl,'lang=') !== false)) {
+		if((strpos($incl,'lang=') !== false) || (strpos($excl,'lang=') !== false) || (strpos($incl,'lang!=') !== false) || (strpos($excl,'lang!=') !== false)) {
 			$lang = detect_language($text);
 		}

@@ -39,10 +39,17 @@ class MessageFilter {
 						if((($t['ttype'] == TERM_HASHTAG) || ($t['ttype'] == TERM_COMMUNITYTAG)) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*')))
 							return false;
 				}
+				elseif(substr($word,0,1) === '$' && $tags) {
+					foreach($tags as $t)
+						if(($t['ttype'] == TERM_CATEGORY) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*')))
+							return false;
+				}
 				elseif((strpos($word,'/') === 0) && preg_match($word,$text))
 					return false;
 				elseif((strpos($word,'lang=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,5))) == 0))
 					return false;
+				elseif((strpos($word,'lang!=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,6))) != 0))
+					return false;
 				elseif(stristr($text,$word) !== false)
 					return false;
 			}
@@ -60,10 +67,17 @@ class MessageFilter {
 						if((($t['ttype'] == TERM_HASHTAG) || ($t['ttype'] == TERM_COMMUNITYTAG)) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*')))
 							return true;
 				}
+				elseif(substr($word,0,1) === '$' && $tags) {
+					foreach($tags as $t)
+						if(($t['ttype'] == TERM_CATEGORY) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*')))
+							return true;
+				}
 				elseif((strpos($word,'/') === 0) && preg_match($word,$text))
 					return true;
 				elseif((strpos($word,'lang=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,5))) == 0))
 					return true;
+				elseif((strpos($word,'lang!=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,6))) != 0))
+					return true;
 				elseif(stristr($text,$word) !== false)
 					return true;
 			}
@@ -26,7 +26,8 @@ class NativeWiki {

 				$w['rawName']  = get_iconfig($w, 'wiki', 'rawName');
 				$w['htmlName'] = escape_tags($w['rawName']);
-				$w['urlName']  = urlencode(urlencode($w['rawName']));
+				//$w['urlName']  = urlencode(urlencode($w['rawName']));
+				$w['urlName']  = self::name_encode($w['rawName']);
 				$w['mimeType'] = get_iconfig($w, 'wiki', 'mimeType');
 				$w['typelock'] = get_iconfig($w, 'wiki', 'typelock');
 				$w['lockstate']     = (($w['allow_cid'] || $w['allow_gid'] || $w['deny_cid'] || $w['deny_gid']) ? 'lock' : 'unlock');
@@ -39,26 +40,17 @@ class NativeWiki {

 	function create_wiki($channel, $observer_hash, $wiki, $acl) {

-		// Generate unique resource_id using the same method as item_message_id()
-		do {
-			$dups = false;
-			$resource_id = random_string();
-			$r = q("SELECT mid FROM item WHERE resource_id = '%s' AND resource_type = '%s' AND uid = %d LIMIT 1", 
-				dbesc($resource_id), 
-				dbesc(NWIKI_ITEM_RESOURCE_TYPE),
-				intval($channel['channel_id'])
-			);
-			if($r)
-				$dups = true;
-		} while($dups == true);
+		$resource_id = new_uuid();
+		$uuid = new_uuid();

 		$ac = $acl->get();
-		$mid = item_message_id();
+		$mid = z_root() . '/item/' . $uuid;

 		$arr = array();	// Initialize the array of parameters for the post
 		$item_hidden = ((intval($wiki['postVisible']) === 0) ? 1 : 0); 
 		$wiki_url = z_root() . '/wiki/' . $channel['channel_address'] . '/' . $wiki['urlName'];
 		$arr['aid'] = $channel['channel_account_id'];
+		$arr['uuid'] = $uuid;
 		$arr['uid'] = $channel['channel_id'];
 		$arr['mid'] = $mid;
 		$arr['parent_mid'] = $mid;
@@ -199,7 +191,7 @@ class NativeWiki {
 			return array('item' => null, 'success' => false);
 		} 
 		else {
-			$drop = drop_item($item['id'], false, DROPITEM_NORMAL, true);
+			$drop = drop_item($item['id'], false, DROPITEM_NORMAL);
 		}

 		info( t('Wiki files deleted successfully'));
@@ -233,7 +225,8 @@ class NativeWiki {
 				'wiki'     => $w,
 				'rawName'  => $rawName,
 				'htmlName' => escape_tags($rawName),
-				'urlName'  => urlencode(urlencode($rawName)),
+				//'urlName'  => urlencode(urlencode($rawName)),
+				'urlName'  => self::name_encode($rawName),
 				'mimeType' => $mimeType,
 				'typelock' => $typelock
 			);
@@ -249,7 +242,8 @@ class NativeWiki {
 			WHERE resource_type = '%s' AND iconfig.v = '%s' AND uid = %d 
 			AND item_deleted = 0 $sql_extra limit 1", 
 			dbesc(NWIKI_ITEM_RESOURCE_TYPE), 
-			dbesc(urldecode($urlName)), 
+			//dbesc(urldecode($urlName)), 
+			dbesc(self::name_decode($urlName)),
 			intval($uid)
 		);

@@ -286,4 +280,32 @@ class NativeWiki {
 			return array('read' => true, 'write' => $write, 'success' => true);
 		}
 	}
+
+	public static function name_encode ($string) {
+
+		$string = html_entity_decode($string);
+		$encoding = mb_internal_encoding();
+		mb_internal_encoding("UTF-8");
+		$ret = mb_ereg_replace_callback ('[^A-Za-z0-9\-\_\.\~]',function ($char) {
+	                $charhex = unpack('H*',$char[0]);
+                	$ret = '('.$charhex[1].')';
+                	return $ret;
+ 			}
+			,$string);
+		mb_internal_encoding($encoding);
+		return $ret;
+	}
+
+	public static function name_decode ($string) {
+
+		$encoding = mb_internal_encoding();
+		mb_internal_encoding("UTF-8");
+		$ret = mb_ereg_replace_callback ('(\(([0-9a-f]+)\))',function ($chars) {
+			return pack('H*',$chars[2]);
+			}
+			,$string);
+		mb_internal_encoding($encoding);
+		return $ret;
+	}
+
 }
@@ -44,7 +44,8 @@ class NativeWikiPage {
 					$pages[] = [
 						'resource_id' => $resource_id,
 						'title'       => escape_tags($title),
-						'url'         => str_replace('%2F','/',urlencode(str_replace('%2F','/',urlencode($title)))),
+						//'url'         => str_replace('%2F','/',urlencode(str_replace('%2F','/',urlencode($title)))),
+						'url'		=> Zlib\NativeWiki::name_encode($title),
 						'link_id'     => 'id_' . substr($resource_id, 0, 10) . '_' . $page_item['id']
 					];
 				}
@@ -98,7 +99,8 @@ class NativeWikiPage {
 			$page = [ 
 				'rawName'  => $name,
 				'htmlName' => escape_tags($name),
-				'urlName'  => urlencode($name), 
+				//'urlName'  => urlencode($name), 
+				'urlName' => Zlib\NativeWiki::name_encode($name)

 			];

@@ -154,7 +156,8 @@ class NativeWikiPage {
 			$page = [ 
 				'rawName'  => $pageNewName, 
 				'htmlName' => escape_tags($pageNewName), 
-				'urlName'  => urlencode(escape_tags($pageNewName))
+				//'urlName'  => urlencode(escape_tags($pageNewName))
+				'urlName' => Zlib\NativeWiki::name_encode($pageNewName)
 			];

 			return [ 'success' => true, 'page' => $page ];
@@ -365,7 +368,6 @@ class NativeWikiPage {

 		unset($item['id']);
 		unset($item['author']);
-
 		$item['parent']       = 0;
 		$item['body']         = $content;
 		$item['author_xchan'] = $observer_hash;
@@ -527,7 +529,8 @@ class NativeWikiPage {
 			$pages = $pageURLs = array();
 			foreach ($match[1] as $m) {
 				// TODO: Why do we need to double urlencode for this to work?
-				$pageURLs[] = urlencode(urlencode(escape_tags($m)));
+				//$pageURLs[] = urlencode(urlencode(escape_tags($m)));
+				$pageURLs[] = Zlib\NativeWiki::name_encode(escape_tags($m));
 				$pages[] = $m;
 			}
 			$idx = 0;
@@ -556,7 +559,10 @@ class NativeWikiPage {
 			'$pageHistory' => $pageHistory['history'],
 			'$permsWrite'  => $arr['permsWrite'],
 			'$name_lbl'    => t('Name'),
-			'$msg_label'   => t('Message','wiki_history')
+			'$msg_label'   => t('Message','wiki_history'),
+			'$date_lbl'    => t('Date'),
+			'$revert_btn'  => t('Revert'),
+			'$compare_btn' => t('Compare')
 		));

 	}
@@ -613,7 +619,7 @@ class NativeWikiPage {
 			$s = str_replace('[observer.webname]', '', $s);
 			$s = str_replace('[observer.photo]', '', $s);
 		}
-	
+
 		return $s;
 	}
 	
@@ -57,6 +57,7 @@ class PConfig {
 					\App::$config[$uid][$c]['config_loaded'] = true;
 				}
 				\App::$config[$uid][$c][$k] = $rr['v'];
+				\App::$config[$uid][$c]['pcfgud:'.$k] = $rr['updated'];
 			}
 		}
 	}
@@ -111,9 +112,11 @@ class PConfig {
 	 *  The configuration key to set
 	 * @param string $value
 	 *  The value to store
+	 * @param string $updated (optional)
+	 *  The datetime to store
 	 * @return mixed Stored $value or false
 	 */
-	static public function Set($uid, $family, $key, $value) {
+	static public function Set($uid, $family, $key, $value, $updated = NULL) {

 		// this catches subtle errors where this function has been called
 		// with local_channel() when not logged in (which returns false)
@@ -130,29 +133,79 @@ class PConfig {
 		$dbvalue = ((is_array($value))  ? serialize($value) : $value);
 		$dbvalue = ((is_bool($dbvalue)) ? intval($dbvalue)  : $dbvalue);

+		$now = datetime_convert();
+		if (! $updated) {
+			//Sometimes things happen fast... very fast.
+			//To make sure legitimate updates aren't rejected
+			//because not enough time has passed.  We say our updates
+			//happened just a short time in the past rather than right now.
+			$updated = datetime_convert('UTC','UTC','-2 seconds');
+		}
+
+		$hash = hash('sha256',$family.':'.$key);
+
+		if (self::Get($uid, 'hz_delpconfig', $hash) !== false) {
+			if (self::Get($uid, 'hz_delpconfig', $hash) > $now) {
+				logger('Refusing to update pconfig with outdated info (Item deleted more recently).', LOGGER_NORMAL, LOG_ERR);
+				return self::Get($uid,$family,$key);
+			} else {
+				self::Delete($uid,'hz_delpconfig',$hash);
+			}
+		}
+
 		if(self::Get($uid, $family, $key) === false) {
 			if(! array_key_exists($uid, \App::$config))
 				\App::$config[$uid] = array();
 			if(! array_key_exists($family, \App::$config[$uid]))
 				\App::$config[$uid][$family] = array();

-			$ret = q("INSERT INTO pconfig ( uid, cat, k, v ) VALUES ( %d, '%s', '%s', '%s' ) ",
+
+			$ret = q("INSERT INTO pconfig ( uid, cat, k, v, updated ) VALUES ( %d, '%s', '%s', '%s', '%s' ) ",
 				intval($uid),
 				dbesc($family),
 				dbesc($key),
-				dbesc($dbvalue)
+				dbesc($dbvalue),
+				dbesc($updated)
 			);
+
+			// There is a possible race condition if another process happens
+			// to insert something after this thread has Loaded and now.  We should
+			// at least make a note of it if it happens.
+
+			if (!$ret) {
+				logger("Error: Insert to pconfig failed.",LOGGER_NORMAL, LOG_ERR);
+			}
+
+			\App::$config[$uid][$family]['pcfgud:'.$key] = $updated;
+
 		}
 		else {
+			$new = (\App::$config[$uid][$family]['pcfgud:'.$key] < $now);

-			$ret = q("UPDATE pconfig SET v = '%s' WHERE uid = %d and cat = '%s' AND k = '%s'",
-				dbesc($dbvalue),
-				intval($uid),
-				dbesc($family),
-				dbesc($key)
-			);
+			if ($new) {
+
+				// @NOTE There is still a possible race condition under limited circumstances
+				// where a value will be updated by another thread with more current data than
+				// we have.  At this point there is no easy way to test for it, so we update
+				// and hope for the best.
+
+				$ret = q("UPDATE pconfig SET v = '%s', updated = '%s' WHERE uid = %d and cat = '%s' AND k = '%s' ",
+					dbesc($dbvalue),
+					dbesc($updated),
+					intval($uid),
+					dbesc($family),
+					dbesc($key)
+				);
+
+				\App::$config[$uid][$family]['pcfgud:'.$key] = $updated;
+
+			} else {
+				logger('Refusing to update pconfig with outdated info.', LOGGER_NORMAL, LOG_ERR);
+				return self::Get($uid, $family, $key);
+			}
 		}

+
 		// keep a separate copy for all variables which were
 		// set in the life of this page. We need this to
 		// synchronise channel clones.
@@ -163,7 +216,11 @@ class PConfig {
 			\App::$config[$uid]['transient'][$family] = array();

 		\App::$config[$uid][$family][$key] = $value;
-		\App::$config[$uid]['transient'][$family][$key] = $value;
+
+		if ($new) {
+			\App::$config[$uid]['transient'][$family][$key] = $value;
+			\App::$config[$uid]['transient'][$family]['pcfgud:'.$key] = $updated;
+		}

 		if($ret)
 			return $value;
@@ -184,20 +241,33 @@ class PConfig {
 	 *  The category of the configuration value
 	 * @param string $key
 	 *  The configuration key to delete
-	 * @return mixed
+	 * @param string $updated (optional)
+	 *  The datetime to store
+	 * @return boolean
 	 */
-	static public function Delete($uid, $family, $key) {
+	static public function Delete($uid, $family, $key, $updated = NULL) {

 		if(is_null($uid) || $uid === false)
 			return false;

+		$updated = ($updated) ? $updated : datetime_convert('UTC','UTC','-2 seconds');
+		$now = datetime_convert();
+		$newer = (\App::$config[$uid][$family]['pcfgud:'.$key] < $now);
+
+		if (! $newer) {
+			logger('Refusing to delete pconfig with outdated delete request.', LOGGER_NORMAL, LOG_ERR);
+			return false;
+		}
+
 		$ret = false;

-		if(array_key_exists($uid,\App::$config)
-			&& is_array(\App::$config['uid'])
-			&& array_key_exists($family,\App::$config['uid'])
-			&& array_key_exists($key, \App::$config[$uid][$family]))
+		if (isset(\App::$config[$uid][$family][$key])) {
 			unset(\App::$config[$uid][$family][$key]);
+		}
+
+		if (isset(\App::$config[$uid][$family]['pcfgud:'.$key])) {
+			unset(\App::$config[$uid][$family]['pcfgud:'.$key]);
+		}

 		$ret = q("DELETE FROM pconfig WHERE uid = %d AND cat = '%s' AND k = '%s'",
 			intval($uid),
@@ -205,6 +275,13 @@ class PConfig {
 			dbesc($key)
 		);

+		// Synchronize delete with clones.
+
+		if ($family != 'hz_delpconfig') {
+			$hash = hash('sha256',$family.':'.$key);
+			set_pconfig($uid,'hz_delpconfig',$hash,$updated);
+		}
+
 		return $ret;
 	}

@@ -0,0 +1,278 @@
+<?php /** @file */
+
+namespace Zotlabs\Lib;
+
+use Zotlabs\Lib\Libzot;
+
+
+class Queue {
+
+	static function update($id, $add_priority = 0) {
+
+		logger('queue: requeue item ' . $id,LOGGER_DEBUG);
+		$x = q("select outq_created, outq_posturl from outq where outq_hash = '%s' limit 1",
+			dbesc($id)
+		);
+		if(! $x)
+			return;
+
+
+		$y = q("select min(outq_created) as earliest from outq where outq_posturl = '%s'",
+			dbesc($x[0]['outq_posturl'])
+		);
+
+		// look for the oldest queue entry with this destination URL. If it's older than a couple of days,
+		// the destination is considered to be down and only scheduled once an hour, regardless of the
+		// age of the current queue item.
+
+		$might_be_down = false;
+
+		if($y)
+			$might_be_down = ((datetime_convert('UTC','UTC',$y[0]['earliest']) < datetime_convert('UTC','UTC','now - 2 days')) ? true : false);
+
+
+		// Set all other records for this destination way into the future. 
+		// The queue delivers by destination. We'll keep one queue item for
+		// this destination (this one) with a shorter delivery. If we succeed
+		// once, we'll try to deliver everything for that destination.
+		// The delivery will be set to at most once per hour, and if the 
+		// queue item is less than 12 hours old, we'll schedule for fifteen
+		// minutes. 
+
+		$r = q("UPDATE outq SET outq_scheduled = '%s' WHERE outq_posturl = '%s'",
+			dbesc(datetime_convert('UTC','UTC','now + 5 days')),
+			dbesc($x[0]['outq_posturl'])
+		);
+ 
+		$since = datetime_convert('UTC','UTC',$x[0]['outq_created']);
+
+		if(($might_be_down) || ($since < datetime_convert('UTC','UTC','now - 12 hour'))) {
+			$next = datetime_convert('UTC','UTC','now + 1 hour');
+		}
+		else {
+			$next = datetime_convert('UTC','UTC','now + ' . intval($add_priority) . ' minutes');
+		}
+
+		q("UPDATE outq SET outq_updated = '%s', 
+			outq_priority = outq_priority + %d, 
+			outq_scheduled = '%s' 
+			WHERE outq_hash = '%s'",
+
+			dbesc(datetime_convert()),
+			intval($add_priority),
+			dbesc($next),
+			dbesc($id)
+		);
+	}
+
+
+	static function remove($id,$channel_id = 0) {
+		logger('queue: remove queue item ' . $id,LOGGER_DEBUG);
+		$sql_extra = (($channel_id) ? " and outq_channel = " . intval($channel_id) . " " : '');
+		
+		q("DELETE FROM outq WHERE outq_hash = '%s' $sql_extra",
+			dbesc($id)
+		);
+	}
+
+
+	static function remove_by_posturl($posturl) {
+		logger('queue: remove queue posturl ' . $posturl,LOGGER_DEBUG);
+		
+		q("DELETE FROM outq WHERE outq_posturl = '%s' ",
+			dbesc($posturl)
+		);
+	}
+
+
+
+	static function set_delivered($id,$channel = 0) {
+		logger('queue: set delivered ' . $id,LOGGER_DEBUG);
+		$sql_extra = (($channel_id) ? " and outq_channel = " . intval($channel_id) . " " : '');
+
+		// Set the next scheduled run date so far in the future that it will be expired
+		// long before it ever makes it back into the delivery chain. 
+
+		q("update outq set outq_delivered = 1, outq_updated = '%s', outq_scheduled = '%s' where outq_hash = '%s' $sql_extra ",
+			dbesc(datetime_convert()),
+			dbesc(datetime_convert('UTC','UTC','now + 5 days')),
+			dbesc($id)
+		);
+	}
+
+
+
+	static function insert($arr) {
+
+		// do not queue anything with no destination
+
+		if(! (array_key_exists('posturl',$arr) && trim($arr['posturl']))) {
+			return false;
+		}
+
+		$x = q("insert into outq ( outq_hash, outq_account, outq_channel, outq_driver, outq_posturl, outq_async, outq_priority,
+			outq_created, outq_updated, outq_scheduled, outq_notify, outq_msg ) 
+			values ( '%s', %d, %d, '%s', '%s', %d, %d, '%s', '%s', '%s', '%s', '%s' )",
+			dbesc($arr['hash']),
+			intval($arr['account_id']),
+			intval($arr['channel_id']),
+			dbesc(($arr['driver']) ? $arr['driver'] : 'zot'),
+			dbesc($arr['posturl']),
+			intval(1),
+			intval(($arr['priority']) ? $arr['priority'] : 0),
+			dbesc(datetime_convert()),
+			dbesc(datetime_convert()),
+			dbesc(datetime_convert()),
+			dbesc($arr['notify']),
+			dbesc(($arr['msg']) ? $arr['msg'] : '')
+		);
+		return $x;
+
+	}
+
+
+
+	static function deliver($outq, $immediate = false) {
+
+		$base = null;
+		$h = parse_url($outq['outq_posturl']);
+		if($h !== false) 
+			$base = $h['scheme'] . '://' . $h['host'] . (($h['port']) ? ':' . $h['port'] : '');
+
+		if(($base) && ($base !== z_root()) && ($immediate)) {
+			$y = q("select site_update, site_dead from site where site_url = '%s' ",
+				dbesc($base)
+			);
+			if($y) {
+				if(intval($y[0]['site_dead'])) {
+					self::remove_by_posturl($outq['outq_posturl']);
+					logger('dead site ignored ' . $base);
+					return;
+				}
+				if($y[0]['site_update'] < datetime_convert('UTC','UTC','now - 1 month')) {
+					self::update($outq['outq_hash'],10);
+					logger('immediate delivery deferred for site ' . $base);
+					return;
+				}
+			}
+			else {
+
+				// zot sites should all have a site record, unless they've been dead for as long as
+				// your site has existed. Since we don't know for sure what these sites are,
+				// call them unknown
+
+				site_store_lowlevel( 
+					[
+						'site_url'    => $base,
+						'site_update' => datetime_convert(),
+						'site_dead'   => 0,
+						'site_type'   => intval(($outq['outq_driver'] === 'post') ? SITE_TYPE_NOTZOT : SITE_TYPE_UNKNOWN),
+						'site_crypto' => ''
+					]
+				);
+			}
+		}
+
+		$arr = array('outq' => $outq, 'base' => $base, 'handled' => false, 'immediate' => $immediate);
+		call_hooks('queue_deliver',$arr);
+		if($arr['handled'])
+			return;
+
+		// "post" queue driver - used for diaspora and friendica-over-diaspora communications.
+
+		if($outq['outq_driver'] === 'post') {
+			$result = z_post_url($outq['outq_posturl'],$outq['outq_msg']);
+			if($result['success'] && $result['return_code'] < 300) {
+				logger('deliver: queue post success to ' . $outq['outq_posturl'], LOGGER_DEBUG);
+				if($base) {
+					q("update site set site_update = '%s', site_dead = 0 where site_url = '%s' ",
+						dbesc(datetime_convert()),
+						dbesc($base)
+					);
+				}
+				q("update dreport set dreport_result = '%s', dreport_time = '%s' where dreport_queue = '%s'",
+					dbesc('accepted for delivery'),
+					dbesc(datetime_convert()),
+					dbesc($outq['outq_hash'])
+				);
+				self::remove($outq['outq_hash']);
+
+				// server is responding - see if anything else is going to this destination and is piled up 
+				// and try to send some more. We're relying on the fact that do_delivery() results in an 
+				// immediate delivery otherwise we could get into a queue loop. 
+
+				if(! $immediate) {
+					$x = q("select outq_hash from outq where outq_posturl = '%s' and outq_delivered = 0",
+						dbesc($outq['outq_posturl'])
+					);
+	
+					$piled_up = array();
+					if($x) {
+						foreach($x as $xx) {
+							 $piled_up[] = $xx['outq_hash'];
+						}
+					}
+					if($piled_up) {
+						// call do_delivery() with the force flag
+						do_delivery($piled_up, true);
+					}
+				}
+			}
+			else {
+				logger('deliver: queue post returned ' . $result['return_code'] 
+					. ' from ' . $outq['outq_posturl'],LOGGER_DEBUG);
+					self::update($outq['outq_hash'],10);
+			}
+			return;
+		}
+
+		// normal zot delivery
+
+		logger('deliver: dest: ' . $outq['outq_posturl'], LOGGER_DEBUG);
+
+
+		if($outq['outq_posturl'] === z_root() . '/zot') {
+			// local delivery
+			$zot = new \Zotlabs\Zot6\Receiver(new \Zotlabs\Zot6\Zot6Handler(),$outq['outq_notify']);
+			$result = $zot->run(true);
+			logger('returned_json: ' . json_encode($result,JSON_PRETTY_PRINT|JSON_UNESCAPED_SLASHES), LOGGER_DATA);
+			logger('deliver: local zot delivery succeeded to ' . $outq['outq_posturl']);
+			Libzot::process_response($outq['outq_posturl'],[ 'success' => true, 'body' => json_encode($result) ], $outq);
+		}
+		else {
+			logger('remote');
+			$channel = null;
+
+			if($outq['outq_channel']) {
+				$channel = channelx_by_n($outq['outq_channel']);
+			}
+
+			$host_crypto = null;
+
+			if($channel && $base) {
+				$h = q("select hubloc_sitekey, site_crypto from hubloc left join site on hubloc_url = site_url where site_url = '%s' and hubloc_sitekey != '' order by hubloc_id desc limit 1",
+					dbesc($base)
+				);
+				if($h) {
+					$host_crypto = $h[0];
+				}
+			}
+
+			$msg = $outq['outq_notify'];
+
+			$result = Libzot::zot($outq['outq_posturl'],$msg,$channel,$host_crypto);
+
+			if($result['success']) {
+				logger('deliver: remote zot delivery succeeded to ' . $outq['outq_posturl']);
+				Libzot::process_response($outq['outq_posturl'],$result, $outq);
+			}
+			else {
+				logger('deliver: remote zot delivery failed to ' . $outq['outq_posturl']);
+				logger('deliver: remote zot delivery fail data: ' . print_r($result,true), LOGGER_DATA);
+				self::update($outq['outq_hash'],10);
+			}
+		}
+		return;
+	}
+}
+
@@ -54,6 +54,7 @@ class Share {
 		if(! $this->item)
 			return $obj;

+		$obj['asld']         = $this->item['mid'];
 		$obj['type']         = $this->item['obj_type'];
 		$obj['id']           = $this->item['mid'];
 		$obj['content']      = $this->item['body'];
@@ -0,0 +1,150 @@
+<?php
+
+namespace Zotlabs\Lib;
+use DomDocument;
+
+/**
+ *  SVGSantiizer
+ * 
+ *  Whitelist-based PHP SVG sanitizer.
+ * 
+ *  @link https://github.com/alister-/SVG-Sanitizer}
+ *  @author Alister Norris
+ *  @copyright Copyright (c) 2013 Alister Norris
+ *  @license http://opensource.org/licenses/mit-license.php The MIT License
+ *  @package svgsanitizer
+ */
+
+class SvgSanitizer {
+	
+	private $xmlDoc;				// PHP XML DOMDocument
+
+	private $removedattrs = [];
+
+	private static $allowed_functions = [ 'matrix', 'url', 'translate', 'rgb' ];
+
+	// defines the whitelist of elements and attributes allowed.
+	private static $whitelist = [
+		'a' => [ 'class', 'clip-path', 'clip-rule', 'fill', 'fill-opacity', 'fill-rule', 'filter', 'id', 'mask', 'opacity', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'style', 'systemLanguage', 'transform', 'href', 'xlink:href', 'xlink:title' ],
+		'circle' => [ 'class', 'clip-path', 'clip-rule', 'cx', 'cy', 'fill', 'fill-opacity', 'fill-rule', 'filter', 'id', 'mask', 'opacity', 'r', 'requiredFeatures', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'style', 'systemLanguage', 'transform' ],
+		'clipPath' => [ 'class', 'clipPathUnits', 'id' ],
+		'defs' => [ ],
+	    'style' => [ 'type' ],
+		'desc' => [ ],
+		'ellipse' => [ 'class', 'clip-path', 'clip-rule', 'cx', 'cy', 'fill', 'fill-opacity', 'fill-rule', 'filter', 'id', 'mask', 'opacity', 'requiredFeatures', 'rx', 'ry', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'style', 'systemLanguage', 'transform' ],
+		'feGaussianBlur' => [ 'class', 'color-interpolation-filters', 'id', 'requiredFeatures', 'stdDeviation' ],
+		'filter' => [ 'class', 'color-interpolation-filters', 'filterRes', 'filterUnits', 'height', 'id', 'primitiveUnits', 'requiredFeatures', 'width', 'x', 'xlink:href', 'y' ],
+		'foreignObject' => [ 'class', 'font-size', 'height', 'id', 'opacity', 'requiredFeatures', 'style', 'transform', 'width', 'x', 'y' ],
+		'g' => [ 'class', 'clip-path', 'clip-rule', 'id', 'display', 'fill', 'fill-opacity', 'fill-rule', 'filter', 'mask', 'opacity', 'requiredFeatures', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'style', 'systemLanguage', 'transform', 'font-family', 'font-size', 'font-style', 'font-weight', 'text-anchor' ],
+		'image' => [ 'class', 'clip-path', 'clip-rule', 'filter', 'height', 'id', 'mask', 'opacity', 'requiredFeatures', 'style', 'systemLanguage', 'transform', 'width', 'x', 'xlink:href', 'xlink:title', 'y' ],
+		'line' => [ 'class', 'clip-path', 'clip-rule', 'fill', 'fill-opacity', 'fill-rule', 'filter', 'id', 'marker-end', 'marker-mid', 'marker-start', 'mask', 'opacity', 'requiredFeatures', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'style', 'systemLanguage', 'transform', 'x1', 'x2', 'y1', 'y2' ],
+		'linearGradient' => [ 'class', 'id', 'gradientTransform', 'gradientUnits', 'requiredFeatures', 'spreadMethod', 'systemLanguage', 'x1', 'x2', 'xlink:href', 'y1', 'y2' ],
+		'marker' => [ 'id', 'class', 'markerHeight', 'markerUnits', 'markerWidth', 'orient', 'preserveAspectRatio', 'refX', 'refY', 'systemLanguage', 'viewBox' ],
+		'mask' => [ 'class', 'height', 'id', 'maskContentUnits', 'maskUnits', 'width', 'x', 'y' ],
+		'metadata' => [ 'class', 'id' ],
+		'path' => [ 'class', 'clip-path', 'clip-rule', 'd', 'fill', 'fill-opacity', 'fill-rule', 'filter', 'id', 'marker-end', 'marker-mid', 'marker-start', 'mask', 'opacity', 'requiredFeatures', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'style', 'systemLanguage', 'transform' ],
+		'pattern' => [ 'class', 'height', 'id', 'patternContentUnits', 'patternTransform', 'patternUnits', 'requiredFeatures', 'style', 'systemLanguage', 'viewBox', 'width', 'x', 'xlink:href', 'y' ],
+		'polygon' => [ 'class', 'clip-path', 'clip-rule', 'id', 'fill', 'fill-opacity', 'fill-rule', 'filter', 'id', 'class', 'marker-end', 'marker-mid', 'marker-start', 'mask', 'opacity', 'points', 'requiredFeatures', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'style', 'systemLanguage', 'transform' ],
+		'polyline' => [ 'class', 'clip-path', 'clip-rule', 'id', 'fill', 'fill-opacity', 'fill-rule', 'filter', 'marker-end', 'marker-mid', 'marker-start', 'mask', 'opacity', 'points', 'requiredFeatures', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'style', 'systemLanguage', 'transform' ],
+		'radialGradient' => [ 'class', 'cx', 'cy', 'fx', 'fy', 'gradientTransform', 'gradientUnits', 'id', 'r', 'requiredFeatures', 'spreadMethod', 'systemLanguage', 'xlink:href' ],
+		'rect' => [ 'class', 'clip-path', 'clip-rule', 'fill', 'fill-opacity', 'fill-rule', 'filter', 'height', 'id', 'mask', 'opacity', 'requiredFeatures', 'rx', 'ry', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'style', 'systemLanguage', 'transform', 'width', 'x', 'y' ],
+		'stop' => [ 'class', 'id', 'offset', 'requiredFeatures', 'stop-color', 'stop-opacity', 'style', 'systemLanguage' ],
+		'svg' => [ 'class', 'clip-path', 'clip-rule', 'filter', 'id', 'height', 'mask', 'preserveAspectRatio', 'requiredFeatures', 'style', 'systemLanguage', 'viewBox', 'width', 'x', 'xmlns', 'xmlns:se', 'xmlns:xlink', 'y' ],
+		'switch' => [ 'class', 'id', 'requiredFeatures', 'systemLanguage' ],
+		'symbol' => [ 'class', 'fill', 'fill-opacity', 'fill-rule', 'filter', 'font-family', 'font-size', 'font-style', 'font-weight', 'id', 'opacity', 'preserveAspectRatio', 'requiredFeatures', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'style', 'systemLanguage', 'transform', 'viewBox' ],
+		'text' => [ 'class', 'clip-path', 'clip-rule', 'fill', 'fill-opacity', 'fill-rule', 'filter', 'font-family', 'font-size', 'font-style', 'font-weight', 'id', 'mask', 'opacity', 'requiredFeatures', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'style', 'systemLanguage', 'text-anchor', 'transform', 'x', 'xml:space', 'y' ],
+		'textPath' => [ 'class', 'id', 'method', 'requiredFeatures', 'spacing', 'startOffset', 'style', 'systemLanguage', 'transform', 'xlink:href' ],
+		'title' => [ ],
+		'tspan' => [ 'class', 'clip-path', 'clip-rule', 'dx', 'dy', 'fill', 'fill-opacity', 'fill-rule', 'filter', 'font-family', 'font-size', 'font-style', 'font-weight', 'id', 'mask', 'opacity', 'requiredFeatures', 'rotate', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'style', 'systemLanguage', 'text-anchor', 'textLength', 'transform', 'x', 'xml:space', 'y' ],
+		'use' => [ 'class', 'clip-path', 'clip-rule', 'fill', 'fill-opacity', 'fill-rule', 'filter', 'height', 'id', 'mask', 'stroke', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke-width', 'style', 'transform', 'width', 'x', 'xlink:href', 'y' ],
+	];
+
+	function __construct() {
+		$this->xmlDoc = new DOMDocument('1.0','UTF-8');
+		$this->xmlDoc->preserveWhiteSpace = false;
+		libxml_use_internal_errors(true);
+	}
+
+	// load XML SVG
+	function load($file) {
+		$this->xmlDoc->load($file);
+	}
+
+	function loadXML($str) {
+		if (! $this->xmlDoc->loadXML($str)) {
+			logger('loadxml: ' . print_r(libxml_get_errors(),true), LOGGER_DEBUG);
+			return false;
+		}
+		return true;
+	}
+
+	function sanitize()
+	{
+		// all elements in xml doc
+		$allElements = $this->xmlDoc->getElementsByTagName('*');
+
+		// loop through all elements
+		for($i = 0; $i < $allElements->length; $i++)
+		{
+			$this->removedattrs = [];
+			
+			$currentNode = $allElements->item($i);
+
+			// logger('current_node: ' . print_r($currentNode,true));
+
+			// array of allowed attributes in specific element
+			$whitelist_attr_arr = self::$whitelist[$currentNode->tagName];
+
+			// does element exist in whitelist?
+		    if(isset($whitelist_attr_arr)) {
+					$total = $currentNode->attributes->length;
+					
+		    		for($x = 0; $x < $total; $x++) {
+
+		    			// get attributes name
+		    			$attrName = $currentNode->attributes->item($x)->nodeName;
+
+						// logger('checking: ' . print_r($currentNode->attributes->item($x),true));
+						$matches = false;
+						
+		    			// check if attribute isn't in whitelist
+		    			if(! in_array($attrName, $whitelist_attr_arr)) {
+							$this->removedattrs[] = $attrName;
+		    			}
+						// check for disallowed functions
+						elseif (preg_match_all('/([a-zA-Z0-9]+)[\s]*\(/',
+							$currentNode->attributes->item($x)->textContent,$matches,PREG_SET_ORDER)) {
+							if ($attrName === 'text') {
+								continue;
+							}
+							foreach ($matches as $match) {
+								if(! in_array($match[1],self::$allowed_functions)) {
+									logger('queue_remove_function: ' . $match[1],LOGGER_DEBUG);
+									$this->removedattrs[] = $attrName;
+								}
+							}
+						}
+		    		}	
+					if ($this->removedattrs) {
+						foreach ($this->removedattrs as $attr) {
+							$currentNode->removeAttribute($attr);
+							logger('removed: ' . $attr, LOGGER_DEBUG);
+						}
+					}
+
+			}
+
+		    // else remove element
+		    else {
+				logger('remove_node: ' . print_r($currentNode,true));
+		        $currentNode->parentNode->removeChild($currentNode);
+		    }	
+		}
+		return true;
+	}
+
+	function saveSVG() {
+		$this->xmlDoc->formatOutput = true;
+		return($this->xmlDoc->saveXML());
+	}
+}
@@ -2,6 +2,8 @@

 namespace Zotlabs\Lib;

+use Zotlabs\Lib\Apps;
+
 require_once('include/text.php');

 /**
@@ -36,6 +38,9 @@ class ThreadItem {
 				
 		$this->data = $data;
 		$this->toplevel = ($this->get_id() == $this->get_data_value('parent'));
+		$this->threaded = get_config('system','thread_allow');
+
+		$observer = \App::get_observer();

 		// Prepare the children
 		if($data['children']) {
@@ -49,6 +54,7 @@ class ThreadItem {
 					continue;
 				}

+
 				$child = new ThreadItem($item);
 				$this->add_child($child);
 			}
@@ -71,7 +77,7 @@ class ThreadItem {
 	 *      _ false on failure
 	 */

-	public function get_template_data($conv_responses, $thread_level=1) {
+	public function get_template_data($conv_responses, $thread_level=1, $conv_flags = []) {
 	
 		$result = array();

@@ -92,10 +98,11 @@ class ThreadItem {
 		$conv = $this->get_conversation();
 		$observer = $conv->get_observer();

-		$lock = ((($item['item_private'] == 1) || (($item['uid'] == local_channel()) && (strlen($item['allow_cid']) || strlen($item['allow_gid']) 
+		$lock = (((intval($item['item_private'])) || (($item['uid'] == local_channel()) && (strlen($item['allow_cid']) || strlen($item['allow_gid']) 
 			|| strlen($item['deny_cid']) || strlen($item['deny_gid']))))
 			? t('Private Message')
 			: false);
+
 		$shareable = ((($conv->get_profile_owner() == local_channel() && local_channel()) && ($item['item_private'] != 1)) ? true : false);

 		// allow an exemption for sharing stuff from your private feeds
@@ -103,13 +110,26 @@ class ThreadItem {
 			$shareable = true;

 		$privacy_warning = false;
-		if(($item['item_private'] == 1) && ($item['owner']['xchan_network'] === 'activitypub')) {
+		if(intval($item['item_private']) && ($item['owner']['xchan_network'] === 'activitypub')) {
 			$recips = get_iconfig($item['parent'], 'activitypub', 'recips');

 			if(! in_array($observer['xchan_url'], $recips['to']))
 				$privacy_warning = true;
 		}

+		if ($lock) {
+ 			if (($item['mid'] == $item['parent_mid']) && count(get_terms_oftype($item['term'],TERM_FORUM))) {
+ 				$privacy_warning = true;
+				$conv_flags['parent_privacy_warning'] = true;
+ 			}
+		}
+
+		$privacy_warning = (isset($conv_flags['parent_privacy_warning'])) ? $conv_flags['parent_privacy_warning'] : $privacy_warning;
+
+		if ($lock && $privacy_warning) {
+			$lock = t('Privacy conflict. Discretion advised.');
+		}
+
 		$mode = $conv->get_mode();

 		switch($item['item_type']) {
@@ -259,7 +279,7 @@ class ThreadItem {
 		$forged = ((($item['sig']) && (! intval($item['item_verified']))) ? t('Message signature incorrect') : '');
 		$unverified = '' ; // (($this->is_wall_to_wall() && (! intval($item['item_verified']))) ? t('Message cannot be verified') : '');

-
+		$settings = '';

 		// FIXME - check this permission
 		if($conv->get_profile_owner() == local_channel()) {
@@ -267,12 +287,14 @@ class ThreadItem {
 				'tagit' => t("Add Tag"),
 				'classtagger' => "",
 			);
+
+			$settings = t('Conversation Tools');
 		}

 		$has_bookmarks = false;
-		if(is_array($item['term'])) {
+		if(Apps::system_app_installed(local_channel(), 'Bookmarks') && is_array($item['term'])) {
 			foreach($item['term'] as $t) {
-				if((get_account_techlevel() > 0) && ($t['ttype'] == TERM_BOOKMARK))
+				if(($t['ttype'] == TERM_BOOKMARK))
 					$has_bookmarks = true;
 			}
 		}
@@ -284,10 +306,18 @@ class ThreadItem {
 		if($this->is_commentable() && $observer) {
 			$like = array( t("I like this \x28toggle\x29"), t("like"));
 			$dislike = array( t("I don't like this \x28toggle\x29"), t("dislike"));
+			$reply_to = array( t("Reply on this comment"), t("reply"), t("Reply to"));
 		}

-		if ($shareable)
-			$share = array( t('Share This'), t('share'));
+		if ($shareable) {
+			// This actually turns out not to be possible in some protocol stacks without opening up hundreds of new issues.
+			// Will allow it only for uri resolvable sources.
+			if(strpos($item['mid'],'http') === 0) {
+				$share = []; //Not yet ready for primetime
+				//$share = array( t('Repeat This'), t('repeat'));
+			}
+			$embed = array( t('Share This'), t('share'));
+		}

 		$dreport = '';

@@ -295,13 +325,14 @@ class ThreadItem {
 		if($keep_reports === 0)
 			$keep_reports = 10;

-		if((! get_config('system','disable_dreport')) && strcmp(datetime_convert('UTC','UTC',$item['created']),datetime_convert('UTC','UTC',"now - $keep_reports days")) > 0)
+		if((! get_config('system','disable_dreport')) && strcmp(datetime_convert('UTC','UTC',$item['created']),datetime_convert('UTC','UTC',"now - $keep_reports days")) > 0) {
 			$dreport = t('Delivery Report');
+			$dreport_link = gen_link_id($item['mid']);
+		}

 		if(strcmp(datetime_convert('UTC','UTC',$item['created']),datetime_convert('UTC','UTC','now - 12 hours')) > 0)
 			$is_new = true;

-
 		localize_item($item);

 		$body = prepare_body($item,true);
@@ -312,19 +343,19 @@ class ThreadItem {
 		$owner_address = substr($item['owner']['xchan_addr'],0,strpos($item['owner']['xchan_addr'],'@'));
 		$viewthread = $item['llink'];
 		if($conv->get_mode() === 'channel')
-			$viewthread = z_root() . '/channel/' . $owner_address . '?f=&mid=' . urlencode($item['mid']);
+			$viewthread = z_root() . '/channel/' . $owner_address . '?f=&mid=' . urlencode(gen_link_id($item['mid']));

 		$comment_count_txt = sprintf( tt('%d comment','%d comments',$total_children),$total_children );
 		$list_unseen_txt = (($unseen_comments) ? sprintf('%d unseen',$unseen_comments) : '');
 		
-		
-
-		
-
 		$children = $this->get_children();

 		$has_tags = (($body['tags'] || $body['categories'] || $body['mentions'] || $body['attachments'] || $body['folders']) ? true : false);

+                $dropdown_extras_arr = [ 'item' => $item , 'dropdown_extras' => '' ];
+                call_hooks('dropdown_extras',$dropdown_extras_arr);
+                $dropdown_extras = $dropdown_extras_arr['dropdown_extras'];
+
 		$tmp_item = array(
 			'template' => $this->get_template(),
 			'mode' => $mode,
@@ -339,13 +370,15 @@ class ThreadItem {
 			'text' => strip_tags($body['html']),
 			'id' => $this->get_id(),
 			'mid' => $item['mid'],
+			'parent' => $item['parent'],
+			'author_id' => (($item['author']['xchan_addr']) ? $item['author']['xchan_addr'] : $item['author']['xchan_url']),
 			'isevent' => $isevent,
 			'attend' => $attend,
 			'consensus' => $consensus,
 			'conlabels' => $conlabels,
 			'canvote' => $canvote,
-			'linktitle' => sprintf( t('View %s\'s profile - %s'), $profile_name, $item['author']['xchan_addr']),
-			'olinktitle' => sprintf( t('View %s\'s profile - %s'), $this->get_owner_name(), $item['owner']['xchan_addr']),
+			'linktitle' => sprintf( t('View %s\'s profile - %s'), $profile_name, (($item['author']['xchan_addr']) ? $item['author']['xchan_addr'] : $item['author']['xchan_url'])),
+			'olinktitle' => sprintf( t('View %s\'s profile - %s'), $this->get_owner_name(), (($item['owner']['xchan_addr']) ? $item['owner']['xchan_addr'] : $item['owner']['xchan_url'])),
 			'llink' => $item['llink'],
 			'viewthread' => $viewthread,
 			'to' => t('to'),
@@ -356,6 +389,7 @@ class ThreadItem {
 			'thread_action_menu' => thread_action_menu($item,$conv->get_mode()),
 			'thread_author_menu' => thread_author_menu($item,$conv->get_mode()),
 			'dreport' => $dreport,
+			'dreport_link' => $dreport_link,
 			'name' => $profile_name,
 			'thumb' => $profile_avatar,
 			'osparkle' => $osparkle,
@@ -390,22 +424,25 @@ class ThreadItem {
 			'has_tags' => $has_tags,
 			'reactions' => $this->reactions,
 // Item toolbar buttons
-			'emojis'   => (($this->is_toplevel() && $this->is_commentable() && $observer && feature_enabled($conv->get_profile_owner(),'emojis')) ? '1' : ''),
+			'emojis'	=> (($this->is_toplevel() && $this->is_commentable() && $observer && feature_enabled($conv->get_profile_owner(),'emojis')) ? '1' : ''),
 			'like'      => $like,
 			'dislike'   => ((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike : ''),
+			'reply_to'	=> (((! $this->is_toplevel()) && feature_enabled($conv->get_profile_owner(),'reply_to')) ? $reply_to : ''),
+			'top_hint'	=> t("Go to previous comment"),
 			'share'     => $share,
+			'embed'     => $embed,
 			'rawmid'	=> $item['mid'],
 			'plink'     => get_plink($item),
 			'edpost'    => $edpost, // ((feature_enabled($conv->get_profile_owner(),'edit_posts')) ? $edpost : ''),
-			'star'      => ((feature_enabled($conv->get_profile_owner(),'star_posts')) ? $star : ''),
+			'star'      => ((feature_enabled($conv->get_profile_owner(),'star_posts') && ($item['item_type'] == ITEM_TYPE_POST)) ? $star : ''),
 			'tagger'    => ((feature_enabled($conv->get_profile_owner(),'commtag')) ? $tagger : ''),
-			'filer'     => ((feature_enabled($conv->get_profile_owner(),'filing')) ? $filer : ''),
+			'filer'     => ((feature_enabled($conv->get_profile_owner(),'filing') && ($item['item_type'] == ITEM_TYPE_POST)) ? $filer : ''),
 			'bookmark'  => (($conv->get_profile_owner() == local_channel() && local_channel() && $has_bookmarks) ? t('Save Bookmarks') : ''),
 			'addtocal'  => (($has_event) ? t('Add to Calendar') : ''),
 			'drop'      => $drop,
 			'multidrop' => ((feature_enabled($conv->get_profile_owner(),'multi_delete')) ? $multidrop : ''),
+			'dropdown_extras' => $dropdown_extras,
 // end toolbar buttons
-
 			'unseen_comments' => $unseen_comments,
 			'comment_count' => $total_children,
 			'comment_count_txt' => $comment_count_txt,
@@ -431,7 +468,9 @@ class ThreadItem {
 			'preview_lbl' => t('This is an unsaved preview'),
 			'wait' => t('Please wait'),
 			'submid' => str_replace(['+','='], ['',''], base64_encode($item['mid'])),
-			'thread_level' => $thread_level
+			'thread_level' => $thread_level,
+			'settings' => $settings,
+			'thr_parent' => (($item['parent_mid'] != $item['thr_parent']) ? $item['thr_parent'] : '')
 		);

 		$arr = array('item' => $item, 'output' => $tmp_item);
@@ -454,7 +493,7 @@ class ThreadItem {

 		if(($this->get_display_mode() === 'normal') && ($nb_children > 0)) {
 			foreach($children as $child) {
-				$result['children'][] = $child->get_template_data($conv_responses, $thread_level + 1);
+				$result['children'][] = $child->get_template_data($conv_responses, $thread_level + 1,$conv_flags);
 			}
 			// Collapse
 			if(($nb_children > $visible_comments) || ($thread_level > 1)) {
@@ -739,8 +778,6 @@ class ThreadItem {
 		call_hooks('comment_buttons',$arr);
 		$comment_buttons = $arr['comment_buttons'];
 		
-		$feature_auto_save_draft = ((feature_enabled($conv->get_profile_owner(), 'auto_save_draft')) ? "true" : "false");
-
 		$comment_box = replace_macros($template,array(
 			'$return_path' => '',
 			'$threaded' => $this->is_threaded(),
@@ -775,8 +812,7 @@ class ThreadItem {
 			'$anoncomments' => ((($conv->get_mode() === 'channel' || $conv->get_mode() === 'display') && perm_is_allowed($conv->get_profile_owner(),'','post_comments')) ? true : false),
 			'$anonname' => [ 'anonname', t('Your full name (required)') ],
 			'$anonmail' => [ 'anonmail', t('Your email address (required)') ],
-			'$anonurl'  => [ 'anonurl',  t('Your website URL (optional)') ],
-			'$auto_save_draft' => $feature_auto_save_draft,
+			'$anonurl'  => [ 'anonurl',  t('Your website URL (optional)') ]
 		));

 		return $comment_box;
@@ -831,4 +867,3 @@ class ThreadItem {


 }
-
@@ -0,0 +1,53 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+class ThreadListener {
+
+	static public function store($target_id,$portable_id,$ltype = 0) {
+		$x = self::fetch($target_id,$portable_id,$ltype = 0);
+		if(! $x) {  
+			$r = q("insert into listeners ( target_id, portable_id, ltype ) values ( '%s', '%s' , %d ) ",
+				dbesc($target_id),
+				dbesc($portable_id),
+				intval($ltype)
+			);
+		}  	
+	}
+
+	static public function fetch($target_id,$portable_id,$ltype = 0) {
+		$x = q("select * from listeners where target_id = '%s' and portable_id = '%s' and ltype = %d limit 1",
+			dbesc($target_id),
+			dbesc($portable_id),
+			intval($ltype)
+		);
+		if($x) {
+			return $x[0];
+		}
+		return false;
+	}
+
+	static public function fetch_by_target($target_id,$ltype = 0) {
+		$x = q("select * from listeners where target_id = '%s' and ltype = %d",
+			dbesc($target_id),
+			intval($ltype)
+		);
+
+		return $x;
+	}
+
+	static public function delete_by_target($target_id, $ltype = 0) {
+		return q("delete from listeners where target_id = '%s' and ltype = %d",
+			dbesc($target_id),
+			intval($ltype)
+		);
+	}
+
+	static public function delete_by_pid($portable_id, $ltype = 0) {
+		return q("delete from listeners where portable_id = '%s' and ltype = %d",
+			dbesc($portable_id),
+			intval($ltype)
+		);
+	}
+
+}
@@ -196,7 +196,6 @@ class ThreadStream {
 			$item->set_commentable(false);
 		} 

-		require_once('include/channel.php');

 		$item->set_conversation($this);
 		$this->threads[] = $item;
@@ -0,0 +1,109 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+/**
+ * @brief Fetch and return a webfinger for a resource
+ *
+ * @param string $resource - The resource
+ * @return boolean|string false or associative array from result JSON
+ */
+
+class Webfinger {
+
+	static private $server   = EMPTY_STR;
+	static private $resource = EMPTY_STR;
+
+	static function exec($resource) {
+
+		if(! $resource) {
+			return false;
+		}
+
+		self::parse_resource($resource);
+
+		if(! ( self::$server && self::$resource)) {
+			return false;
+		}
+
+		if(! check_siteallowed(self::$server)) {
+			logger('blacklisted: ' . self::$server);
+			return false;
+		}
+
+		btlogger('fetching resource: ' . self::$resource . ' from ' . self::$server, LOGGER_DEBUG, LOG_INFO);
+
+		$url = 'https://' . self::$server . '/.well-known/webfinger?f=&resource=' . self::$resource ;
+
+		$counter = 0;
+		$s = z_fetch_url($url, false, $counter, [ 'headers' => [ 'Accept: application/jrd+json, */*' ] ]);
+
+		if($s['success']) {
+			$j = json_decode($s['body'], true);
+			return($j);
+		}
+
+		return false;
+	}
+
+	static function parse_resource($resource) {
+
+		self::$resource = urlencode($resource);
+
+		if(strpos($resource,'http') === 0) {
+			$m = parse_url($resource);
+			if($m) {
+				if($m['scheme'] !== 'https') {
+					return false;
+				}
+				self::$server = $m['host'] . (($m['port']) ? ':' . $m['port'] : '');
+			}
+			else {
+				return false;
+			}
+		}
+		elseif(strpos($resource,'tag:') === 0) {
+			$arr = explode(':',$resource); // split the tag
+			$h = explode(',',$arr[1]); // split the host,date
+			self::$server = $h[0];
+		}
+		else {
+			$x = explode('@',$resource);
+			$username = $x[0];
+			if(count($x) > 1) {
+				self::$server = $x[1];
+			}
+			else {
+				return false;
+			}
+			if(strpos($resource,'acct:') !== 0) {
+				self::$resource = urlencode('acct:' . $resource);
+			}
+		}
+
+	}
+
+	/**
+	 * @brief fetch a webfinger resource and return a zot6 discovery url if present
+	 *
+	 */ 
+
+	static function zot_url($resource) {
+
+		$arr = self::exec($resource);
+
+		if(is_array($arr) && array_key_exists('links',$arr)) {
+			foreach($arr['links'] as $link) {
+				if(array_key_exists('rel',$link) && $link['rel'] === PROTOCOL_ZOT6) {
+					if(array_key_exists('href',$link) && $link['href'] !== EMPTY_STR) {
+						return $link['href'];
+					}
+				}
+			}
+		}
+		return false;
+	}
+
+
+
+}
@@ -0,0 +1,91 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+use Zotlabs\Web\HTTPSig;
+
+
+class ZotURL {
+
+	static public function fetch($url,$channel) {
+
+		$ret = [ 'success' => false ];
+
+		if(strpos($url,'x-zot:') !== 0) {
+			return $ret;
+		}
+
+
+		if(! $url) {
+			return $ret;
+		}
+
+		$portable_url = substr($url,6);
+		$u = explode('/',$portable_url);		
+		$portable_id = $u[0];
+
+		$hosts = self::lookup($portable_id);
+
+		if(! $hosts) {
+			return $ret;
+		}
+
+		foreach($hosts as $h) {
+			$newurl = $h . '/id/' . $portable_url;
+
+			$m = parse_url($newurl);
+
+			$data = json_encode([ 'zot_token' => random_string() ]);
+
+			if($channel && $m) {
+
+				$headers = [ 
+					'Accept'           => 'application/x-zot+json', 
+					'Content-Type'     => 'application/x-zot+json',
+					'X-Zot-Token'      => random_string(),
+					'Digest'           => HTTPSig::generate_digest_header($data),
+					'Host'             => $m['host'],
+					'(request-target)' => 'post ' . get_request_string($newurl)
+				];
+				$h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel),false);
+			}
+			else {
+				$h = [ 'Accept: application/x-zot+json' ]; 
+			}
+				
+			$result = [];
+
+			$redirects = 0;
+			$x = z_post_url($newurl,$data,$redirects, [ 'headers' => $h  ] );
+			if($x['success']) {
+				return $x;
+			}
+		}
+
+		return $ret;
+
+	}
+
+	static public function is_zoturl($url) {
+
+		if(strpos($url,'x-zot:') === 0) {
+			return true;
+		}
+		return false;
+	}
+
+
+	static public function lookup($portable_id) {
+
+		$r = q("select * from hubloc left join site on hubloc_url = site_url where hubloc_hash = '%s' and site_dead = 0 order by hubloc_primary desc",
+			dbesc($portable_id)
+		);
+
+		if(! $r) {
+			// extend to network lookup
+			return false;
+		}
+		return ids_to_array($r,'hubloc_url');
+	}
+
+}
@@ -0,0 +1,63 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+use Zotlabs\Web\HTTPSig;
+
+class Zotfinger {
+
+	static function exec($resource,$channel = null) {
+
+		if(! $resource) {
+			return false;
+		}
+
+		$m = parse_url($resource);
+
+		$data = json_encode([ 'zot_token' => random_string() ]);
+
+		if($channel && $m) {
+
+			$headers = [ 
+				'Accept'           => 'application/x-zot+json', 
+				'Content-Type'     => 'application/x-zot+json',
+				'X-Zot-Token'      => random_string(),
+				'Digest'           => HTTPSig::generate_digest_header($data),
+				'Host'             => $m['host'],
+				'(request-target)' => 'post ' . get_request_string($resource)
+			];
+			$h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel),false);
+		}
+		else {
+			$h = [ 'Accept: application/x-zot+json' ]; 
+		}
+				
+		$result = [];
+
+
+		$redirects = 0;
+		$x = z_post_url($resource,$data,$redirects, [ 'headers' => $h  ] );
+
+		logger('fetch: ' . print_r($x,true));
+
+		if($x['success']) {
+			
+			$result['signature'] = HTTPSig::verify($x);
+    
+			$result['data'] = json_decode($x['body'],true);
+
+			if($result['data'] && is_array($result['data']) && array_key_exists('encrypted',$result['data']) && $result['data']['encrypted']) {
+				$result['data'] = json_decode(crypto_unencapsulate($result['data'],get_config('system','prvkey')),true);
+			}
+
+			logger('decrypted: ' . print_r($result,true));
+
+			return $result;
+		}
+
+		return false;
+	}
+
+
+
+}
@@ -81,9 +81,10 @@ class Acl extends \Zotlabs\Web\Controller {


 		if($search) {
-			$sql_extra = " AND groups.gname LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " ";
+			$sql_extra = " AND pgrp.gname LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " ";
 			$sql_extra2 = "AND ( xchan_name LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " OR xchan_addr LIKE " . protect_sprintf( "'%" . dbesc(punify($search)) . ((strpos($search,'@') === false) ? "%@%'"  : "%'")) . ") ";
-	
+			$sql_extra2_xchan = "AND ( xchan_name LIKE " . protect_sprintf( "'" . dbesc($search) . "%'" ) . " OR xchan_addr LIKE " . protect_sprintf( "'" . dbesc(punify($search)) . ((strpos($search,'@') === false) ? "%@%'"  : "%'")) . ") ";
+
 			// This horrible mess is needed because position also returns 0 if nothing is found. 
 			// Would be MUCH easier if it instead returned a very large value
 			// Otherwise we could just 
@@ -128,13 +129,13 @@ class Acl extends \Zotlabs\Web\Controller {

 			// Normal privacy groups

-			$r = q("SELECT groups.id, groups.hash, groups.gname
-					FROM groups, group_member 
-					WHERE groups.deleted = 0 AND groups.uid = %d 
-					AND group_member.gid = groups.id
+			$r = q("SELECT pgrp.id, pgrp.hash, pgrp.gname
+					FROM pgrp, pgrp_member 
+					WHERE pgrp.deleted = 0 AND pgrp.uid = %d 
+					AND pgrp_member.gid = pgrp.id
 					$sql_extra
-					GROUP BY groups.id
-					ORDER BY groups.gname 
+					GROUP BY pgrp.id
+					ORDER BY pgrp.gname 
 					LIMIT %d OFFSET %d",
 				intval(local_channel()),
 				intval($count),
@@ -165,7 +166,7 @@ class Acl extends \Zotlabs\Web\Controller {
 			if($extra_channels) {
 				foreach($extra_channels as $channel) {
 					if(perm_is_allowed(intval($channel), get_observer_hash(),'view_contacts')) {
-						if($extra_channel_sql)
+						if($extra_channels_sql)
 							$extra_channels_sql .= ',';
 						$extra_channels_sql .= intval($channel);
 					}
@@ -226,7 +227,7 @@ class Acl extends \Zotlabs\Web\Controller {
 			else { // Visitors
 				$r = q("SELECT xchan_hash as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_their_perms, 0 as abook_flags, 0 as abook_self
 					FROM xchan left join xlink on xlink_link = xchan_hash
-					WHERE xlink_xchan  = '%s' AND xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc" ,
+					WHERE xlink_xchan  = '%s' AND xchan_deleted = 0 $sql_extra2_xchan order by $order_extra2 xchan_name asc" ,
 					dbesc(get_observer_hash())
 				);
 	
@@ -270,7 +271,7 @@ class Acl extends \Zotlabs\Web\Controller {
 			if((count($r) < 100) && $type == 'c') {
 				$r2 = q("SELECT substr(xchan_hash,1,18) as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_their_perms, 0 as abook_flags, 0 as abook_self 
 					FROM xchan 
-					WHERE xchan_deleted = 0 and not xchan_network  in ('rss','anon','unknown') $sql_extra2 order by $order_extra2 xchan_name asc" 
+					WHERE xchan_deleted = 0 and not xchan_network  in ('rss','anon','unknown') $sql_extra2_xchan order by $order_extra2 xchan_name asc"
 				);
 				if($r2) {
 					$r = array_merge($r,$r2);
@@ -86,7 +86,7 @@ class Admin extends \Zotlabs\Web\Controller {

 		// list total user accounts, expirations etc.
 		$accounts = array();
-		$r = q("SELECT COUNT(*) AS total, COUNT(CASE WHEN account_expires > %s THEN 1 ELSE NULL END) AS expiring, COUNT(CASE WHEN account_expires < %s AND account_expires > '%s' THEN 1 ELSE NULL END) AS expired, COUNT(CASE WHEN (account_flags & %d)>0 THEN 1 ELSE NULL END) AS blocked FROM account",
+		$r = q("SELECT COUNT(CASE WHEN account_id > 0 THEN 1 ELSE NULL END) AS total, COUNT(CASE WHEN account_expires > %s THEN 1 ELSE NULL END) AS expiring, COUNT(CASE WHEN account_expires < %s AND account_expires > '%s' THEN 1 ELSE NULL END) AS expired, COUNT(CASE WHEN (account_flags & %d)>0 THEN 1 ELSE NULL END) AS blocked FROM account",
 			db_utcnow(),
 			db_utcnow(),
 			dbesc(NULL_DATE),
@@ -109,11 +109,9 @@ class Admin extends \Zotlabs\Web\Controller {

 		// available channels, primary and clones
 		$channels = array();
-		$r = q("SELECT COUNT(*) AS total, COUNT(CASE WHEN channel_primary = 1 THEN 1 ELSE NULL END) AS main, COUNT(CASE WHEN channel_primary = 0 THEN 1 ELSE NULL END) AS clones FROM channel WHERE channel_removed = 0");
+		$r = q("SELECT COUNT(*) AS total FROM channel WHERE channel_removed = 0 and channel_system = 0");
 		if ($r) {
 			$channels['total']  = array('label' => t('Channels'), 'val' => $r[0]['total']);
-			$channels['main']   = array('label' => t('Primary'), 'val' => $r[0]['main']);
-			$channels['clones'] = array('label' => t('Clones'), 'val' => $r[0]['clones']);
 		}

 		// We can do better, but this is a quick queue status
@@ -31,7 +31,7 @@ class Account_edit {
 		}

 		$service_class = trim($_REQUEST['service_class']);
-		$account_level = intval(trim($_REQUEST['account_level']));
+		$account_level = 5;
 		$account_language = trim($_REQUEST['account_language']);

 		$r = q("update account set account_service_class = '%s', account_level = %d, account_language = '%s' 
@@ -68,7 +68,6 @@ class Account_edit {
 			'$title' => t('Account Edit'),
 			'$pass1' => [ 'pass1', t('New Password'), ' ','' ],
 			'$pass2' => [ 'pass2', t('New Password again'), ' ','' ],
-			'$account_level' => [ 'account_level', t('Technical skill level'), $x[0]['account_level'], '', \Zotlabs\Lib\Techlevels::levels() ],
 			'$account_language' => [ 'account_language' , t('Account language (for emails)'), $x[0]['account_language'], '', language_list() ],
 			'$service_class' => [ 'service_class', t('Service class'), $x[0]['account_service_class'], '' ],
 			'$submit' => t('Submit'),
@@ -81,4 +80,4 @@ class Account_edit {
 	}


-}
+}
@@ -2,6 +2,7 @@

 namespace Zotlabs\Module\Admin;

+use App;
 use \Zotlabs\Storage\GitRepo;
 use \Michelf\MarkdownExtra;

@@ -253,14 +254,14 @@ class Addons {
 		 * Single plugin
 		 */

-		if (\App::$argc == 3){
-			$plugin = \App::$argv[2];
+		if (App::$argc == 3){
+			$plugin = App::$argv[2];
 			if (!is_file("addon/$plugin/$plugin.php")){
 				notice( t("Item not found.") );
 				return '';
 			}

-			$enabled = in_array($plugin,\App::$plugins);
+			$enabled = in_array($plugin,App::$plugins);
 			$info = get_plugin_info($plugin);
 			$x = check_plugin_versions($info);

@@ -268,11 +269,11 @@ class Addons {

 			if($enabled && ! $x) {
 				$enabled = false;
-				$idz = array_search($plugin, \App::$plugins);
+				$idz = array_search($plugin, App::$plugins);
 				if ($idz !== false) {
-					unset(\App::$plugins[$idz]);
+					unset(App::$plugins[$idz]);
 					uninstall_plugin($plugin);
-					set_config("system","addon", implode(", ",\App::$plugins));
+					set_config("system","addon", implode(", ",App::$plugins));
 				}
 			}
 			$info['disabled'] = 1-intval($x);
@@ -281,19 +282,19 @@ class Addons {
 				check_form_security_token_redirectOnErr('/admin/addons', 'admin_addons', 't');
 				$pinstalled = false;
 				// Toggle plugin status
-				$idx = array_search($plugin, \App::$plugins);
+				$idx = array_search($plugin, App::$plugins);
 				if ($idx !== false){
-					unset(\App::$plugins[$idx]);
+					unset(App::$plugins[$idx]);
 					uninstall_plugin($plugin);
 					$pinstalled = false;
 					info( sprintf( t("Plugin %s disabled."), $plugin ) );
 				} else {
-					\App::$plugins[] = $plugin;
+					App::$plugins[] = $plugin;
 					install_plugin($plugin);
 					$pinstalled = true;
 					info( sprintf( t("Plugin %s enabled."), $plugin ) );
 				}
-				set_config("system","addon", implode(", ",\App::$plugins));
+				set_config("system","addon", implode(", ",App::$plugins));

 				if($pinstalled) {
 					@require_once("addon/$plugin/$plugin.php");
@@ -305,7 +306,7 @@ class Addons {

 			// display plugin details

-			if (in_array($plugin, \App::$plugins)){
+			if (in_array($plugin, App::$plugins)){
 				$status = 'on';
 				$action = t('Disable');
 			} else {
@@ -375,20 +376,23 @@ class Addons {
 		if($files) {
 			foreach($files as $file) {
 				if (is_dir($file)){
+					if($file == 'addon/addon_common/')
+						continue;
+
 					list($tmp, $id) = array_map('trim', explode('/', $file));
 					$info = get_plugin_info($id);
-					$enabled = in_array($id,\App::$plugins);
+					$enabled = in_array($id,App::$plugins);
 					$x = check_plugin_versions($info);

 					// disable plugins which are installed but incompatible versions

 					if($enabled && ! $x) {
 						$enabled = false;
-						$idz = array_search($id, \App::$plugins);
+						$idz = array_search($id, App::$plugins);
 						if ($idz !== false) {
-							unset(\App::$plugins[$idz]);
+							unset(App::$plugins[$idz]);
 							uninstall_plugin($id);
-							set_config("system","addon", implode(", ",\App::$plugins));
+							set_config("system","addon", implode(", ",App::$plugins));
 						}
 					}
 					$info['disabled'] = 1-intval($x);
@@ -476,4 +480,4 @@ class Addons {
 		return(strcmp(strtolower($a[2]['name']),strtolower($b[2]['name'])));
 	}

-}
+}
@@ -19,7 +19,47 @@ class Dbsync {
 			info( t('Update has been marked successful') . EOL);
 			goaway(z_root() . '/admin/dbsync');
 		}
+
+		if(argc() > 3 && intval(argv(3)) && argv(2) === 'verify') {
+
+			$s = '_' . intval(argv(3));
+			$cls = '\\Zotlabs\Update\\' . $s ;
+			if(class_exists($cls)) {
+				$c =  new $cls();
+				if(method_exists($c,'verify')) {
+					$retval = $c->verify();
+					if($retval === UPDATE_FAILED) {
+						$o .= sprintf( t('Verification of update %s failed. Check system logs.'), $s); 
+					}
+					elseif($retval === UPDATE_SUCCESS) {
+						$o .= sprintf( t('Update %s was successfully applied.'), $s);
+						set_config('database',$s, 'success');
+					}
+					else
+						$o .= sprintf( t('Verifying update %s did not return a status. Unknown if it succeeded.'), $s);
+				}
+				else {
+						$o .= sprintf( t('Update %s does not contain a verification function.'), $s );
+				}
+			}
+			else
+				$o .= sprintf( t('Update function %s could not be found.'), $s);
 	
+			return $o;
+
+
+
+
+
+			// remove the old style config if it exists
+			del_config('database', 'update_r' . intval(argv(3)));
+			set_config('database', '_' . intval(argv(3)), 'success');
+			if(intval(get_config('system','db_version')) < intval(argv(3)))
+				set_config('system','db_version',intval(argv(3)));
+			info( t('Update has been marked successful') . EOL);
+			goaway(z_root() . '/admin/dbsync');
+		}
+
 		if(argc() > 2 && intval(argv(2))) {
 			$x = intval(argv(2));
 			$s = '_' . $x;
@@ -28,14 +68,14 @@ class Dbsync {
 				$c =  new $cls();
 				$retval = $c->run();
 				if($retval === UPDATE_FAILED) {
-					$o .= sprintf( t('Executing %s failed. Check system logs.'), $s); 
+					$o .= sprintf( t('Executing update procedure %s failed. Check system logs.'), $s); 
 				}
 				elseif($retval === UPDATE_SUCCESS) {
 					$o .= sprintf( t('Update %s was successfully applied.'), $s);
 					set_config('database',$s, 'success');
 				}
 				else
-					$o .= sprintf( t('Update %s did not return a status. Unknown if it succeeded.'), $s);
+					$o .= sprintf( t('Update %s did not return a status. It cannot be determined if it was successful.'), $s);
 			}
 			else
 				$o .= sprintf( t('Update function %s could not be found.'), $s);
@@ -59,6 +99,7 @@ class Dbsync {
 				'$banner' => t('Failed Updates'),
 				'$desc'   => '',
 				'$mark'   => t('Mark success (if update was manually applied)'),
+				'$verify' => t('Attempt to verify this update if a verification procedure exists'),
 				'$apply'  => t('Attempt to execute this update step automatically'),
 				'$failed' => $failed
 		));
@@ -43,6 +43,12 @@ class Security {
 	
 		$be = $this->trim_array_elems(explode("\n",$_POST['embed_deny']));
 		set_config('system','embed_deny',$be);
+
+		$thumbnail_security = ((x($_POST,'thumbnail_security')) ? intval($_POST['thumbnail_security']) : 0);
+		set_config('system', 'thumbnail_security' , $thumbnail_security);
+
+		$inline_pdf = ((x($_POST,'inline_pdf')) ? intval($_POST['inline_pdf']) : 0);
+		set_config('system', 'inline_pdf' , $inline_pdf);
 	
 		$ts = ((x($_POST,'transport_security')) ? True : False);
 		set_config('system','transport_security_header',$ts);
@@ -86,7 +92,7 @@ class Security {
 		$embedhelp2 = t("The recommended setting is to only allow unfiltered HTML from the following sites:"); 
 		$embedhelp3 = t("https://youtube.com/<br />https://www.youtube.com/<br />https://youtu.be/<br />https://vimeo.com/<br />https://soundcloud.com/<br />");
 		$embedhelp4 = t("All other embedded content will be filtered, <strong>unless</strong> embedded content from that site is explicitly blocked.");
-	
+
 		$t = get_markup_template('admin_security.tpl');
 		return replace_macros($t, array(
 			'$title' => t('Administration'),
@@ -106,7 +112,9 @@ class Security {
 			'$embed_sslonly' => array('embed_sslonly',t('Only allow embeds from secure (SSL) websites and links.'), intval(get_config('system','embed_sslonly')),''),
 			'$embed_allow' => array('embed_allow', t('Allow unfiltered embedded HTML content only from these domains'), $whiteembeds_str, t('One site per line. By default embedded content is filtered.')),
 			'$embed_deny' => array('embed_deny', t('Block embedded HTML from these domains'), $blackembeds_str, ''),
-	
+			'$thumbnail_security'   => [ 'thumbnail_security', t("Allow SVG thumbnails in file browser"), get_config('system','thumbnail_security',0), t("WARNING: SVG images may contain malicious code.") ],
+			'$inline_pdf'   => [ 'inline_pdf', t("Allow embedded (inline) PDF files"), get_config('system','inline_pdf',0), '' ],
+
 //	        '$embed_coop'     => array('embed_coop', t('Cooperative embed security'), $embed_coop, t('Enable to share embed security with other compatible sites/hubs')),

 			'$submit' => t('Submit')
@@ -128,4 +136,4 @@ class Security {
 	}
 	
 	
-}
+}
@@ -72,19 +72,13 @@ class Site {
 		$maxloadavg        = ((x($_POST,'maxloadavg'))       ? intval(trim($_POST['maxloadavg'])) : 50);
 		$feed_contacts     = ((x($_POST,'feed_contacts'))    ? intval($_POST['feed_contacts'])    : 0);
 		$verify_email      = ((x($_POST,'verify_email'))     ? 1 : 0);
-		$techlevel_lock    = ((x($_POST,'techlock'))         ? intval($_POST['techlock'])   : 0);
 		$imagick_path      = ((x($_POST,'imagick_path'))     ? trim($_POST['imagick_path'])   : '');
-		$thumbnail_security  = ((x($_POST,'thumbnail_security'))     ? intval($_POST['thumbnail_security'])   : 0);
 		$force_queue       = ((intval($_POST['force_queue']) > 0) ? intval($_POST['force_queue'])   : 3000);
 		$pub_incl = escape_tags(trim($_POST['pub_incl']));
 		$pub_excl = escape_tags(trim($_POST['pub_excl']));

 		$permissions_role = escape_tags(trim($_POST['permissions_role']));

-		$techlevel         = null;
-		if(array_key_exists('techlevel', $_POST))
-			$techlevel = intval($_POST['techlevel']);
-
 		set_config('system', 'feed_contacts', $feed_contacts);
 		set_config('system', 'delivery_interval', $delivery_interval);
 		set_config('system', 'delivery_batch_count', $delivery_batch_count);
@@ -105,17 +99,10 @@ class Site {
 		set_config('system', 'from_email', $from_email);
 		set_config('system', 'from_email_name' , $from_email_name);
 		set_config('system', 'imagick_convert_path' , $imagick_path);
-		set_config('system', 'thumbnail_security' , $thumbnail_security);
 		set_config('system', 'default_permissions_role', $permissions_role);
 		set_config('system', 'pubstream_incl',$pub_incl);
 		set_config('system', 'pubstream_excl',$pub_excl);

-		set_config('system', 'techlevel_lock', $techlevel_lock);
-
-
-
-		if(! is_null($techlevel))
-			set_config('system', 'techlevel', $techlevel);

 		if($directory_server)
 			set_config('system','directory_server',$directory_server);
@@ -130,7 +117,7 @@ class Site {
 			del_config('system', 'admininfo');
 		} else {
 			require_once('include/text.php');
-			linkify_tags($a, $admininfo, local_channel());
+			linkify_tags($admininfo, local_channel());
 			set_config('system', 'admininfo', $admininfo);
 		}
 		set_config('system','siteinfo',$siteinfo);
@@ -284,15 +271,6 @@ class Site {
 		// now invert the logic for the setting.
 		$discover_tab = (1 - $discover_tab);

-		$techlevels = [
-			'0' => t('Beginner/Basic'),
-			'1' => t('Novice - not skilled but willing to learn'),
-			'2' => t('Intermediate - somewhat comfortable'),
-			'3' => t('Advanced - very comfortable'),
-			'4' => t('Expert - I can write computer code'),
-			'5' => t('Wizard - I probably know more than you do')
-		];
-
 		$perm_roles = \Zotlabs\Access\PermissionRoles::roles();
 		$default_role = get_config('system','default_permissions_role','social');

@@ -316,10 +294,6 @@ class Site {
 			// name, label, value, help string, extra data...
 			'$sitename' 		=> array('sitename', t("Site name"), htmlspecialchars(get_config('system','sitename'), ENT_QUOTES, 'UTF-8'),''),

-			'$techlevel' => [ 'techlevel', t('Site default technical skill level'), get_config('system','techlevel'), t('Used to provide a member experience matched to technical comfort level'), $techlevels ],
-
-			'$techlock' => [ 'techlock', t('Lock the technical skill level setting'), get_config('system','techlevel_lock'), t('Members can set their own technical comfort level by default') ],
-
 			'$banner'			=> array('banner', t("Banner/Logo"), $banner, t('Unfiltered HTML/CSS/JS is allowed')),
 			'$admininfo'		=> array('admininfo', t("Administrator Information"), $admininfo, t("Contact information for site administrators.  Displayed on siteinfo page.  BBCode can be used here")),
 			'$siteinfo'		=> array('siteinfo', t('Site Information'), get_config('system','siteinfo'), t("Publicly visible description of this site.  Displayed on siteinfo page.  BBCode can be used here")),
@@ -332,10 +306,10 @@ class Site {
 			'$register_policy'	=> array('register_policy', t("Does this site allow new member registration?"), get_config('system','register_policy'), "", $register_choices),
 			'$invite_only'		=> array('invite_only', t("Invitation only"), get_config('system','invitation_only'), t("Only allow new member registrations with an invitation code. Above register policy must be set to Yes.")),
 			'$minimum_age'		=> array('minimum_age', t("Minimum age"), (x(get_config('system','minimum_age'))?get_config('system','minimum_age'):13), t("Minimum age (in years) for who may register on this site.")),
-			'$access_policy'	=> array('access_policy', t("Which best describes the types of account offered by this hub?"), get_config('system','access_policy'), "This is displayed on the public server site list.", $access_choices),
+			'$access_policy'	=> array('access_policy', t("Which best describes the types of account offered by this hub?"), get_config('system','access_policy'), t("This is displayed on the public server site list."), $access_choices),
 			'$register_text'	=> array('register_text', t("Register text"), htmlspecialchars(get_config('system','register_text'), ENT_QUOTES, 'UTF-8'), t("Will be displayed prominently on the registration page.")),
 			'$role'         => $role,
-			'$frontpage'	=> array('frontpage', t("Site homepage to show visitors (default: login box)"), get_config('system','frontpage'), t("example: 'public' to show public stream, 'page/sys/home' to show a system webpage called 'home' or 'include:home.html' to include a file.")),
+			'$frontpage'	=> array('frontpage', t("Site homepage to show visitors (default: login box)"), get_config('system','frontpage'), t("example: 'pubstream' to show public stream, 'page/sys/home' to show a system webpage called 'home' or 'include:home.html' to include a file.")),
 			'$mirror_frontpage'	=> array('mirror_frontpage', t("Preserve site homepage URL"), get_config('system','mirror_frontpage'), t('Present the site homepage in a frame at the original location instead of redirecting')),
 			'$abandon_days'     => array('abandon_days', t('Accounts abandoned after x days'), get_config('system','account_abandon_days'), t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.')),
 			'$allowed_sites'	=> array('allowed_sites', t("Allowed friend domains"), get_config('system','allowed_sites'), t("Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains")),
@@ -365,7 +339,6 @@ class Site {
 			'$force_queue'			=> array('force_queue', t("Queue Threshold"), get_config('system','force_queue_threshold',3000), t("Always defer immediate delivery if queue contains more than this number of entries.")),
 			'$poll_interval'			=> array('poll_interval', t("Poll interval"), (x(get_config('system','poll_interval'))?get_config('system','poll_interval'):2), t("Delay background polling processes by this many seconds to reduce system load. If 0, use delivery interval.")),
 			'$imagick_path'			=> array('imagick_path', t("Path to ImageMagick convert program"), get_config('system','imagick_convert_path'), t("If set, use this program to generate photo thumbnails for huge images ( > 4000 pixels in either dimension), otherwise memory exhaustion may occur. Example: /usr/bin/convert")),
-			'$thumbnail_security'			=> array('thumbnail_security', t("Allow SVG thumbnails in file browser"), get_config('system','thumbnail_security',0), t("WARNING: SVG images may contain malicious code.")),
 			'$maxloadavg'			=> array('maxloadavg', t("Maximum Load Average"), ((intval(get_config('system','maxloadavg')) > 0)?get_config('system','maxloadavg'):50), t("Maximum system load before delivery and poll processes are deferred - default 50.")),
 			'$default_expire_days' => array('default_expire_days', t('Expiration period in days for imported (grid/network) content'), intval(get_config('system','default_expire_days')), t('0 for no expiration of imported content')),
 			'$active_expire_days' => array('active_expire_days', t('Do not expire any posts which have comments less than this many days ago'), intval(get_config('system','active_expire_days',7)), ''),
@@ -0,0 +1,94 @@
+<?php
+
+namespace Zotlabs\Module;
+
+use App;
+use Zotlabs\Lib\Apps;
+use Zotlabs\Lib\Libsync;
+
+class Affinity extends \Zotlabs\Web\Controller {
+
+	function post() {
+
+		if(! local_channel())
+			return;
+
+		if(! Apps::system_app_installed(local_channel(),'Affinity Tool'))
+			return;
+
+		check_form_security_token_redirectOnErr('affinity', 'affinity');
+
+		$cmax = intval($_POST['affinity_cmax']);
+		if($cmax < 0 || $cmax > 99)
+			$cmax = 99;
+
+		$cmin = intval($_POST['affinity_cmin']);
+		if($cmin < 0 || $cmin > 99)
+			$cmin = 0;
+
+		$lock = intval($_POST['affinity_lock']);
+
+		set_pconfig(local_channel(),'affinity','cmin',$cmin);
+		set_pconfig(local_channel(),'affinity','cmax',$cmax);
+		set_pconfig(local_channel(),'affinity','lock',$lock);
+
+		info( t('Affinity Tool settings updated.') . EOL);
+
+		Libsync::build_sync_packet();
+
+	}
+
+
+	function get() {
+
+		if(! local_channel())
+			return;
+
+		$desc = t('This app presents a slider control in your connection editor and also on your network page. The slider represents your degree of friendship (affinity) with each connection. It allows you to zoom in or out and display conversations from only your closest friends or everybody in your stream.');
+		if(! Apps::system_app_installed(local_channel(),'Affinity Tool')) {
+			//Do not display any associated widgets at this point
+			App::$pdl = '';
+
+			$o = '<b>' . t('Affinity Tool App') . ' (' . t('Not Installed') . '):</b><br>';
+			$o .= $desc;
+			return $o;
+		}
+
+		$text = t('The numbers below represent the minimum and maximum slider default positions for your network/stream page as a percentage.'); 			
+
+		$content = '<div class="section-content-info-wrapper">' . $text . '</div>';
+
+		$cmax = intval(get_pconfig(local_channel(),'affinity','cmax'));
+		$cmax = (($cmax) ? $cmax : 99);
+		$content .= replace_macros(get_markup_template('field_input.tpl'), array(
+			'$field'    => array('affinity_cmax', t('Default maximum affinity level'), $cmax, t('0-99 default 99'))
+		));
+
+		$cmin = intval(get_pconfig(local_channel(),'affinity','cmin'));
+		$cmin = (($cmin) ? $cmin : 0);
+		$content .= replace_macros(get_markup_template('field_input.tpl'), array(
+			'$field'    => array('affinity_cmin', t('Default minimum affinity level'), $cmin, t('0-99 - default 0'))
+		));
+
+		$lock = intval(get_pconfig(local_channel(),'affinity','lock',1));
+
+		$content .= replace_macros(get_markup_template('field_checkbox.tpl'), array(
+			'$field'    => array('affinity_lock', t('Persistent affinity levels'), $lock, t('If disabled the max and min levels will be reset to default after page reload'), ['No','Yes'])
+		));
+
+		$tpl = get_markup_template("settings_addon.tpl");
+
+		$o = replace_macros($tpl, array(
+			'$action_url' => 'affinity',
+			'$form_security_token' => get_form_security_token("affinity"),
+			'$title' => t('Affinity Tool Settings'),
+			'$content'  => $content,
+			'$baseurl'   => z_root(),
+			'$submit'    => t('Submit'),
+		));
+
+		return $o;
+	}
+
+
+}
@@ -90,12 +90,12 @@ class Appman extends \Zotlabs\Web\Controller {

 		$channel = \App::get_channel();

-		if(argc() > 2) {
+		if(argc() > 3) {
 			if(argv(2) === 'moveup') {
-				Zlib\Apps::moveup(local_channel(),argv(1));
+				Zlib\Apps::moveup(local_channel(),argv(1),argv(3));
 			}
 			if(argv(2) === 'movedown') {
-				Zlib\Apps::movedown(local_channel(),argv(1));
+				Zlib\Apps::movedown(local_channel(),argv(1),argv(3));
 			}
 			goaway(z_root() . '/apporder');
 		}
@@ -113,10 +113,12 @@ class Appman extends \Zotlabs\Web\Controller {
 			if($r) {
 				$app = $r[0];

-				$term = q("select * from term where otype = %d and oid = %d",
+				$term = q("select * from term where otype = %d and oid = %d and uid = %d",
 					intval(TERM_OBJ_APP),
-					intval($r[0]['id'])
+					intval($r[0]['id']),
+					intval(local_channel())
 				);
+
 				if($term) {
 					$app['categories'] = '';
 					foreach($term as $t) {
@@ -17,25 +17,28 @@ class Apporder extends \Zotlabs\Web\Controller {

 		nav_set_selected('Order Apps');

-		$syslist = array();
-		$list = Zlib\Apps::app_list(local_channel(), false, ['nav_featured_app', 'nav_pinned_app']);
-		if($list) {
-			foreach($list as $li) {
-				$syslist[] = Zlib\Apps::app_encode($li);
+		foreach( [ 'nav_featured_app', 'nav_pinned_app' ] as $l ) {
+			$syslist = [];
+			$list = Zlib\Apps::app_list(local_channel(), false, [ $l ]);
+			if($list) {
+				foreach($list as $li) {
+					$syslist[] = Zlib\Apps::app_encode($li);
+				}
 			}
-		}
-		Zlib\Apps::translate_system_apps($syslist);
+		
+			Zlib\Apps::translate_system_apps($syslist);

-		usort($syslist,'Zotlabs\\Lib\\Apps::app_name_compare');
+			usort($syslist,'Zotlabs\\Lib\\Apps::app_name_compare');

-		$syslist = Zlib\Apps::app_order(local_channel(),$syslist);
+			$syslist = Zlib\Apps::app_order(local_channel(),$syslist, $l);

-		foreach($syslist as $app) {
-			if(strpos($app['categories'],'nav_pinned_app') !== false) {
-				$navbar_apps[] = Zlib\Apps::app_render($app,'nav-order');
-			}
-			else {
-				$nav_apps[] = Zlib\Apps::app_render($app,'nav-order');
+			foreach($syslist as $app) {
+				if($l === 'nav_pinned_app') {
+					$navbar_apps[] = Zlib\Apps::app_render($app,'nav-order');
+				}
+				elseif(strpos($app['categories'],'nav_pinned_app') === false) {
+					$nav_apps[] = Zlib\Apps::app_render($app,'nav-order');
+				}
 			}
 		}

@@ -47,11 +47,11 @@ class Apps extends \Zotlabs\Web\Controller {
 		return replace_macros(get_markup_template('myapps.tpl'), array(
 			'$sitename' => get_config('system','sitename'),
 			'$cat' => $cat,
-			'$title' => t('Apps'),
+			'$title' => (($available) ? t('Available Apps') : t('Installed Apps')),
 			'$apps' => $apps,
 			'$authed' => ((local_channel()) ? true : false),
-			'$manage' => (($available) ? '' : t('Manage apps')),
-			'$create' => (($mode == 'edit') ? t('Create new app') : '')
+			'$manage' => (($available) ? '' : t('Manage Apps')),
+			'$create' => (($mode == 'edit') ? t('Create Custom App') : '')
 		));
 	
 	}
@@ -0,0 +1,63 @@
+<?php
+
+namespace Zotlabs\Module;
+
+
+class Apschema extends \Zotlabs\Web\Controller {
+
+	function init() {
+
+		$base = z_root();
+
+		$arr = [
+			'@context' => [
+				'zot'              => z_root() . '/apschema#',
+				'id'               => '@id',
+				'type'             => '@type',
+				'commentPolicy'    => 'as:commentPolicy',
+				'meData'           => 'zot:meData',
+				'meDataType'       => 'zot:meDataType',
+				'meEncoding'       => 'zot:meEncoding',
+				'meAlgorithm'      => 'zot:meAlgorithm',
+				'meCreator'        => 'zot:meCreator',
+				'meSignatureValue' => 'zot:meSignatureValue',
+				'locationAddress'  => 'zot:locationAddress',
+				'locationPrimary'  => 'zot:locationPrimary',
+				'locationDeleted'  => 'zot:locationDeleted',
+				'nomadicLocation'  => 'zot:nomadicLocation',
+				'nomadicHubs'      => 'zot:nomadicHubs',
+				'emojiReaction'    => 'zot:emojiReaction',
+				'expires'          => 'zot:expires',
+				'directMessage'    => 'zot:directMessage',
+				 
+				'magicEnv' => [
+					'@id'   => 'zot:magicEnv',
+					'@type' => '@id'
+				],
+
+				'nomadicLocations' => [
+					'@id'   => 'zot:nomadicLocations',
+					'@type' => '@id'
+				],
+
+				'ostatus'      => 'http://ostatus.org#',
+				'conversation' => 'ostatus:conversation',
+
+				'diaspora'     => 'https://diasporafoundation.org/ns/',
+				'guid'         => 'diaspora:guid',
+
+				'Hashtag'      => 'as:Hashtag'
+				
+			]
+		];
+
+		header('Content-Type: application/ld+json');
+		echo json_encode($arr,JSON_UNESCAPED_SLASHES);
+		killme();
+
+	}
+
+
+
+
+}
@@ -85,10 +85,9 @@ class Article_edit extends \Zotlabs\Web\Controller {

 		$mimetype = $itm[0]['mimetype'];

+		$summary = (($itm[0]['summary']) ? '[summary]' . $itm[0]['summary'] . '[/summary]' . "\r\n" : '');
 		$content = $itm[0]['body'];

-
-
 		$rp = 'articles/' . $channel['channel_address'];

 		$x = array(
@@ -110,7 +109,7 @@ class Article_edit extends \Zotlabs\Web\Controller {
 			'ptyp' => $itm[0]['type'],
 			'mimeselect' => false,
 			'mimetype' => $itm[0]['mimetype'],
-			'body' => undo_post_tagging($content),
+			'body' => $summary . undo_post_tagging($content),
 			'post_id' => $post_id,
 			'visitor' => true,
 			'title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'),
@@ -122,7 +121,7 @@ class Article_edit extends \Zotlabs\Web\Controller {
 			'bbcode' => (($mimetype  == 'text/bbcode') ? true : false)
 		);

-		$editor = status_editor($a, $x);
+		$editor = status_editor($a, $x, false, 'Article_edit');

 		$o .= replace_macros(get_markup_template('edpost_head.tpl'), array(
 			'$title' => t('Edit Article'),
@@ -1,19 +1,33 @@
 <?php
 namespace Zotlabs\Module;

+use App;
+use Zotlabs\Lib\Apps;
+use Zotlabs\Web\Controller;
+use Zotlabs\Lib\PermissionDescription;
+
 require_once('include/channel.php');
 require_once('include/conversation.php');
 require_once('include/acl_selectors.php');
+require_once('include/opengraph.php');


-class Articles extends \Zotlabs\Web\Controller {
+class Articles extends Controller {

 	function init() {
 	
 		if(argc() > 1)
 			$which = argv(1);
-		else
-			return;
+
+                if(! $which) {
+                        if(local_channel()) {
+                                $channel = App::get_channel();
+                                if($channel && $channel['channel_address'])
+                                $which = $channel['channel_address'];
+                        } else {
+				return;
+			}
+                }
 	
 		profile_load($which);
 	
@@ -25,22 +39,27 @@ class Articles extends \Zotlabs\Web\Controller {
 			return login();
 		}

-		if(! \App::$profile) {
+		if(! App::$profile) {
 			notice( t('Requested profile is not available.') . EOL );
-			\App::$error = 404;
+			App::$error = 404;
 			return;
 		}

-		if(! feature_enabled(\App::$profile_uid,'articles')) {
-			return;
+		if(! Apps::system_app_installed(App::$profile_uid, 'Articles')) {
+			//Do not display any associated widgets at this point
+			App::$pdl = '';
+
+			$o = '<b>' . t('Articles App') . ' (' . t('Not Installed') . '):</b><br>';
+			$o .= t('Create interactive articles');
+			return $o;
 		}

-		nav_set_selected(t('Articles'));
+		nav_set_selected('Articles');

 		head_add_link([ 
 			'rel'   => 'alternate',
 			'type'  => 'application/json+oembed',
-			'href'  => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string),
+			'href'  => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . App::$query_string),
 			'title' => 'oembed'
 		]);

@@ -48,19 +67,21 @@ class Articles extends \Zotlabs\Web\Controller {
 		$category = (($_REQUEST['cat']) ? escape_tags(trim($_REQUEST['cat'])) : '');
 					
 		if($category) {
-			$sql_extra2 .= protect_sprintf(term_item_parent_query(\App::$profile['profile_uid'],'item', $category, TERM_CATEGORY));
+			$sql_extra2 .= protect_sprintf(term_item_parent_query(App::$profile['profile_uid'],'item', $category, TERM_CATEGORY));
 		}

+		$datequery = ((x($_GET,'dend') && is_a_date_arg($_GET['dend'])) ? notags($_GET['dend']) : '');
+		$datequery2 = ((x($_GET,'dbegin') && is_a_date_arg($_GET['dbegin'])) ? notags($_GET['dbegin']) : '');

 		$which = argv(1);
 		
 		$selected_card = ((argc() > 2) ? argv(2) : '');

-		$_SESSION['return_url'] = \App::$query_string;
+		$_SESSION['return_url'] = App::$query_string;
 	
 		$uid      = local_channel();
-		$owner    = \App::$profile_uid;
-		$observer = \App::get_observer();
+		$owner    = App::$profile_uid;
+		$observer = App::get_observer();
 	
 		$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
 		
@@ -98,7 +119,7 @@ class Articles extends \Zotlabs\Web\Controller {
 				'lockstate'         => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] 
 					|| $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
 				'acl'               => (($is_owner) ? populate_acl($channel_acl, false, 
-					\Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_pages')) : ''),
+					PermissionDescription::fromGlobalPermission('view_pages')) : ''),
 				'permissions'       => $channel_acl,
 				'showacl'           => (($is_owner) ? true : false),
 				'visitor'           => true,
@@ -120,7 +141,7 @@ class Articles extends \Zotlabs\Web\Controller {
 				$x['title'] = $_REQUEST['title'];
 			if($_REQUEST['body'])
 				$x['body'] = $_REQUEST['body'];
-			$editor = status_editor($a,$x);
+			$editor = status_editor($a,$x,false,'Articles');

 		}
 		else {
@@ -128,8 +149,8 @@ class Articles extends \Zotlabs\Web\Controller {
 		}
 		
 		$itemspage = get_pconfig(local_channel(),'system','itemspage');
-		\App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 20));
-		$pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(\App::$pager['itemspage']), intval(\App::$pager['start']));
+		App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 20));
+		$pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(App::$pager['itemspage']), intval(App::$pager['start']));

 		
 		$sql_extra = item_permissions_sql($owner);
@@ -143,10 +164,21 @@ class Articles extends \Zotlabs\Web\Controller {
 				$sql_item = "and item.id = " . intval($r[0]['iid']) . " ";
 			}
 		}
-				
+		if($datequery) {
+			$sql_extra2 .= protect_sprintf(sprintf(" AND item.created <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery))));
+			$order = 'post';
+		}
+		if($datequery2) {
+			$sql_extra2 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery2))));
+		}
+
+		if($datequery || $datequery2) {
+			$sql_extra2 .= " and item.item_thread_top != 0 ";
+		}
+
 		$r = q("select * from item 
 			where item.uid = %d and item_type = %d 
-			$sql_extra $sql_item order by item.created desc $pager_sql",
+			$sql_extra $sql_extra2 $sql_item order by item.created desc $pager_sql",
 			intval($owner),
 			intval(ITEM_TYPE_ARTICLE)
 		);
@@ -161,23 +193,26 @@ class Articles extends \Zotlabs\Web\Controller {

 			$parents_str = ids_to_querystr($r,'id');

-			$items = q("SELECT item.*, item.id AS item_id
+			$r = q("SELECT item.*, item.id AS item_id
 				FROM item
 				WHERE item.uid = %d $item_normal
 				AND item.parent IN ( %s )
 				$sql_extra $sql_extra2 ",
-				intval(\App::$profile['profile_uid']),
+				intval(App::$profile['profile_uid']),
 				dbesc($parents_str)
 			);
-			if($items) {
-				xchan_query($items);
-				$items = fetch_post_tags($items, true);
+			if($r) {
+				xchan_query($r);
+				$items = fetch_post_tags($r, true);
 				$items = conv_sort($items,'updated');
 			}
 			else
 				$items = [];
 		}

+		// Add Opengraph markup
+		opengraph_add_meta((! empty($items) ? $r[0] : []), $channel);
+
 		$mode = 'articles';
 			
 		if(get_pconfig(local_channel(),'system','articles_list_mode') && (! $selected_card))
@@ -7,27 +7,34 @@ use Zotlabs\Identity\OAuth2Storage;
 class Authorize extends \Zotlabs\Web\Controller {

 	function get() {
-		if (!local_channel()) {
+		if (! local_channel()) {
 			return login();
-		} else {
-			// TODO: Fully implement the dynamic client registration protocol:
-			// OpenID Connect Dynamic Client Registration 1.0 Client Metadata
-			// http://openid.net/specs/openid-connect-registration-1_0.html
-			$app = array(
-				'name' => (x($_REQUEST, 'client_name') ? urldecode($_REQUEST['client_name']) : t('Unknown App')),
-				'icon' => (x($_REQUEST, 'logo_uri')    ? urldecode($_REQUEST['logo_uri']) : z_root() . '/images/icons/plugin.png'),
-				'url'  => (x($_REQUEST, 'client_uri')  ? urldecode($_REQUEST['client_uri']) : ''),
-			);
-			$o .= replace_macros(get_markup_template('oauth_authorize.tpl'), array(
-				'$title' => t('Authorize'),
-				'$authorize' => sprintf( t('Do you authorize the app %s to access your channel data?'), '<a style="float: none;" href="' . $app['url'] . '">' . $app['name'] . '</a> '),
-				'$app' => $app,
-				'$yes' => t('Allow'),
-				'$no' => t('Deny'),
-				'$client_id' => (x($_REQUEST, 'client_id') ? $_REQUEST['client_id'] : ''),
+		} 
+		else {
+
+			$name = $_REQUEST['client_name'];
+			if(! $name) {
+				$name = (($_REQUEST['client_id']) ?: t('Unknown App'));
+			}
+
+			$app = [
+				'name' => $name,
+				'icon' => (x($_REQUEST, 'logo_uri')    ? $_REQUEST['logo_uri'] : z_root() . '/images/icons/plugin.png'),
+				'url'  => (x($_REQUEST, 'client_uri')  ? $_REQUEST['client_uri'] : ''),
+			];
+
+			$link = (($app['url']) ? '<a style="float: none;" href="' . $app['url'] . '">' . $app['name'] . '</a> ' : $app['name']);
+
+			$o .= replace_macros(get_markup_template('oauth_authorize.tpl'), [
+				'$title'        => t('Authorize'),
+				'$authorize'    => sprintf( t('Do you authorize the app %s to access your channel data?'), $link ),
+				'$app'          => $app,
+				'$yes'          => t('Allow'),
+				'$no'           => t('Deny'),
+				'$client_id'    => (x($_REQUEST, 'client_id') ? $_REQUEST['client_id'] : ''),
 				'$redirect_uri' => (x($_REQUEST, 'redirect_uri') ? $_REQUEST['redirect_uri'] : ''),
-				'$state' => (x($_REQUEST, 'state') ? $_REQUEST['state'] : ''),
-			));
+				'$state'        => (x($_REQUEST, 'state') ? $_REQUEST['state'] : ''),
+			]);
 			return $o;
 		}
 	}
@@ -60,13 +67,16 @@ class Authorize extends \Zotlabs\Web\Controller {
 		$request = \OAuth2\Request::createFromGlobals();
 		$response = new \OAuth2\Response();

+		// Note, "sub" field must match type and content. $user_id is used to populate - make sure it's a string. 
+		$channel = channelx_by_n(local_channel());
+		$user_id = $channel['channel_id'];
+
 		// If the client is not registered, add to the database
 		if (!$client = $storage->getClientDetails($client_id)) {
-			$client_secret = random_string(16);
+			// Until "Dynamic Client Registration" is pursued - allow new clients to assign their own secret in the REQUEST
+			$client_secret = (isset($_REQUEST['client_secret'])) ? $_REQUEST['client_secret'] : random_string(16);
 			// Client apps are registered per channel
-			$user_id = local_channel();
-			$storage->setClientDetails($client_id, $client_secret, $redirect_uri, 'authorization_code', null, $user_id);
-			
+			$storage->setClientDetails($client_id, $client_secret, $redirect_uri, 'authorization_code', $_REQUEST['scope'], $user_id);
 		}
 		if (!$client = $storage->getClientDetails($client_id)) {
 			// There was an error registering the client.
@@ -83,7 +93,7 @@ class Authorize extends \Zotlabs\Web\Controller {

 		// print the authorization code if the user has authorized your client
 		$is_authorized = ($_POST['authorize'] === 'allow');
-		$s->handleAuthorizeRequest($request, $response, $is_authorized, local_channel());
+		$s->handleAuthorizeRequest($request, $response, $is_authorized, $user_id);
 		if ($is_authorized) {
 			$code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=') + 5, 40);
 			logger('Authorization Code: ' .  $code);
@@ -109,7 +109,7 @@ class Blocks extends \Zotlabs\Web\Controller {
 		if($_REQUEST['pagetitle'])
 			$x['pagetitle'] = $_REQUEST['pagetitle'];
 	
-		$editor = status_editor($a,$x);
+		$editor = status_editor($a,$x,false,'Blocks');
 	

 		$r = q("select iconfig.iid, iconfig.k, iconfig.v, mid, title, body, mimetype, created, edited from iconfig 
@@ -1,6 +1,9 @@
 <?php
 namespace Zotlabs\Module;

+use App;
+use Zotlabs\Lib\Apps;
+

 class Bookmarks extends \Zotlabs\Web\Controller {

@@ -8,7 +11,10 @@ class Bookmarks extends \Zotlabs\Web\Controller {
 		if(! local_channel())
 			return;

-		nav_set_selected('View Bookmarks');
+		if(! Apps::system_app_installed(local_channel(), 'Bookmarks'))
+			return;
+
+		nav_set_selected('Bookmarks');

 		$item_id = intval($_REQUEST['item']);
 		$burl = trim($_REQUEST['burl']);
@@ -59,19 +65,26 @@ class Bookmarks extends \Zotlabs\Web\Controller {
 		killme();
 	}
 	
-		function get() {
+	function get() {
 		if(! local_channel()) {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}
-	
+
+		if(! Apps::system_app_installed(local_channel(), 'Bookmarks')) {
+			//Do not display any associated widgets at this point
+			App::$pdl = '';
+
+			$o = '<b>' . t('Bookmarks App') . ' (' . t('Not Installed') . '):</b><br>';
+			$o .= t('Bookmark links from posts and manage them');
+			return $o;
+		}
 	
 		require_once('include/menu.php');
 		require_once('include/conversation.php');
 	
 		$channel = \App::get_channel();
 	
-		//$o = profile_tabs($a,true,$channel['channel_address']);
 		$o = '';
 	
 		$o .= '<div class="generic-content-wrapper-styled">';
@@ -1,22 +1,25 @@
 <?php
 namespace Zotlabs\Module;

+
+use App;
+use Zotlabs\Web\Controller;
+
 require_once('include/conversation.php');
 require_once('include/bbcode.php');
 require_once('include/datetime.php');
 require_once('include/event.php');
 require_once('include/items.php');
+require_once('include/html2plain.php');


-class Cal extends \Zotlabs\Web\Controller {
+class Cal extends Controller {

 	function init() {
 		if(observer_prohibited()) {
 			return;
 		}
 	
-		$o = '';
-	
 		if(argc() > 1) {
 			$nick = argv(1);
 	
@@ -24,19 +27,21 @@ class Cal extends \Zotlabs\Web\Controller {
 	
 			$channelx = channelx_by_nick($nick);
 	
-			if(! $channelx)
+			if(! $channelx) {
+				notice( t('Channel not found.') . EOL);
 				return;
+			}
 	
-			\App::$data['channel'] = $channelx;
+			App::$data['channel'] = $channelx;
 	
-			$observer = \App::get_observer();
-			\App::$data['observer'] = $observer;
+			$observer = App::get_observer();
+			App::$data['observer'] = $observer;
 	
 			$observer_xchan = (($observer) ? $observer['xchan_hash'] : '');
 	
-			head_set_icon(\App::$data['channel']['xchan_photo_s']);
+			head_set_icon(App::$data['channel']['xchan_photo_s']);
 	
-			\App::$page['htmlhead'] .= "<script> var profile_uid = " . ((\App::$data['channel']) ? \App::$data['channel']['channel_id'] : 0) . "; </script>" ;
+			App::$page['htmlhead'] .= "<script> var profile_uid = " . ((App::$data['channel']) ? App::$data['channel']['channel_id'] : 0) . "; </script>" ;
 	
 		}
 	
@@ -51,18 +56,8 @@ class Cal extends \Zotlabs\Web\Controller {
 			return;
 		}
 		
-		$channel = null;
-	
-		if(argc() > 1) {
-			$channel = channelx_by_nick(argv(1));
-		}
-	
-	
-		if(! $channel) {
-			notice( t('Channel not found.') . EOL);
-			return;
-		}
-	
+		$channel = App::$data['channel'];
+
 		// since we don't currently have an event permission - use the stream permission
 	
 		if(! perm_is_allowed($channel['channel_id'], get_observer_hash(), 'view_stream')) {
@@ -71,290 +66,152 @@ class Cal extends \Zotlabs\Web\Controller {
 		}

 		nav_set_selected('Calendar');
+
+		head_add_css('/library/fullcalendar/packages/core/main.min.css');
+		head_add_css('/library/fullcalendar/packages/daygrid/main.min.css');
+		head_add_css('cdav_calendar.css');
+
+		head_add_js('/library/fullcalendar/packages/core/main.min.js');
+		head_add_js('/library/fullcalendar/packages/daygrid/main.min.js');
+
+		$sql_extra = permissions_sql($channel['channel_id'], get_observer_hash(), 'event');
+
+		if(! perm_is_allowed($channel['channel_id'], get_observer_hash(), 'view_contacts') || App::$profile['hide_friends'])
+			$sql_extra .= " and etype != 'birthday' ";
 	
-		$sql_extra = permissions_sql($channel['channel_id'],get_observer_hash(),'event');
-	
-		$first_day = get_pconfig(local_channel(),'system','cal_first_day');
+		$first_day = feature_enabled($channel['channel_id'], 'cal_first_day');
 		$first_day = (($first_day) ? $first_day : 0);
 	
-		$htpl = get_markup_template('event_head.tpl');
-		\App::$page['htmlhead'] .= replace_macros($htpl,array(
-			'$baseurl' => z_root(),
-			'$module_url' => '/cal/' . $channel['channel_address'],
-			'$modparams' => 2,
-			'$lang' => \App::$language,
-			'$first_day' => $first_day
-		));
-	
-		$o = '';
-	
-		//$tabs = profile_tabs($a, True, $channel['channel_address']);
-		$tabs = '';
-	
-		$mode = 'view';
-		$y = 0;
-		$m = 0;
-		$ignored = ((x($_REQUEST,'ignored')) ? " and dismissed = " . intval($_REQUEST['ignored']) . " "  : '');
-	
-		// logger('args: ' . print_r(\App::$argv,true));
-	
-		if(argc() > 3 && intval(argv(2)) && intval(argv(3))) {
-			$mode = 'view';
-			$y = intval(argv(2));
-			$m = intval(argv(3));
-		}
-		if(argc() <= 3) {
-			$mode = 'view';
-			$event_id = argv(2);
+		$start = '';
+		$finish = '';
+
+		if (argv(2) === 'json') {
+			if (x($_GET,'start'))	$start = $_GET['start'];
+			if (x($_GET,'end'))	$finish = $_GET['end'];
 		}
 	
-		if($mode == 'view') {
-	
-			/* edit/create form */
-			if($event_id) {
-				$r = q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1",
-					dbesc($event_id),
-					intval($channel['channel_id'])
-				);
-				if(count($r))
-					$orig_event = $r[0];
-			}
-	
-	
-			// Passed parameters overrides anything found in the DB
-			if(!x($orig_event))
-				$orig_event = array();
-	
-	
-	
-			$tz = date_default_timezone_get();
-			if(x($orig_event))
-				$tz = (($orig_event['adjust']) ? date_default_timezone_get() : 'UTC');
-	
-			$syear = datetime_convert('UTC', $tz, $sdt, 'Y');
-			$smonth = datetime_convert('UTC', $tz, $sdt, 'm');
-			$sday = datetime_convert('UTC', $tz, $sdt, 'd');
-			$shour = datetime_convert('UTC', $tz, $sdt, 'H');
-			$sminute = datetime_convert('UTC', $tz, $sdt, 'i');
-	
-			$stext = datetime_convert('UTC',$tz,$sdt);
-			$stext = substr($stext,0,14) . "00:00";
-	
-			$fyear = datetime_convert('UTC', $tz, $fdt, 'Y');
-			$fmonth = datetime_convert('UTC', $tz, $fdt, 'm');
-			$fday = datetime_convert('UTC', $tz, $fdt, 'd');
-			$fhour = datetime_convert('UTC', $tz, $fdt, 'H');
-			$fminute = datetime_convert('UTC', $tz, $fdt, 'i');
-	
-			$ftext = datetime_convert('UTC',$tz,$fdt);
-			$ftext = substr($ftext,0,14) . "00:00";
-	
-			$type = ((x($orig_event)) ? $orig_event['etype'] : 'event');
-	
-			$f = get_config('system','event_input_format');
-			if(! $f)
-				$f = 'ymd';
-	
-			$catsenabled = feature_enabled($channel['channel_id'],'categories');
-	
-	
-			$show_bd = perm_is_allowed($channel['channel_id'], get_observer_hash(), 'view_contacts');
-			if(! $show_bd) {
-				$sql_extra .= " and event.etype != 'birthday' ";
-			}
-	
-	
-			$category = '';
-	
-			$thisyear = datetime_convert('UTC',date_default_timezone_get(),'now','Y');
-			$thismonth = datetime_convert('UTC',date_default_timezone_get(),'now','m');
-			if(! $y)
-				$y = intval($thisyear);
-			if(! $m)
-				$m = intval($thismonth);
-	
-			// Put some limits on dates. The PHP date functions don't seem to do so well before 1900.
-			// An upper limit was chosen to keep search engines from exploring links millions of years in the future. 
-	
-			if($y < 1901)
-				$y = 1900;
-			if($y > 2099)
-				$y = 2100;
-	
-			$nextyear = $y;
-			$nextmonth = $m + 1;
-			if($nextmonth > 12) {
-					$nextmonth = 1;
-				$nextyear ++;
-			}
-	
-			$prevyear = $y;
-			if($m > 1)
-				$prevmonth = $m - 1;
-			else {
-				$prevmonth = 12;
-				$prevyear --;
-			}
-				
-			$dim    = get_dim($y,$m);
-			$start  = sprintf('%d-%d-%d %d:%d:%d',$y,$m,1,0,0,0);
-			$finish = sprintf('%d-%d-%d %d:%d:%d',$y,$m,$dim,23,59,59);
-	
-	
-			if (argv(2) === 'json'){
-				if (x($_GET,'start'))	$start = $_GET['start'];
-				if (x($_GET,'end'))	$finish = $_GET['end'];
-			}
-	
-			$start  = datetime_convert('UTC','UTC',$start);
-			$finish = datetime_convert('UTC','UTC',$finish);
-	
-			$adjust_start = datetime_convert('UTC', date_default_timezone_get(), $start);
-			$adjust_finish = datetime_convert('UTC', date_default_timezone_get(), $finish);
-	
+		$start  = datetime_convert('UTC','UTC',$start);
+		$finish = datetime_convert('UTC','UTC',$finish);
+		$adjust_start = datetime_convert('UTC', date_default_timezone_get(), $start);
+		$adjust_finish = datetime_convert('UTC', date_default_timezone_get(), $finish);

-			if(! perm_is_allowed(\App::$profile['uid'],get_observer_hash(),'view_contacts'))
-				$sql_extra .= " and etype != 'birthday' ";
+		if (x($_GET, 'id')) {
+			$r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan, item.id as item_id
+                                from event left join item on item.resource_id = event.event_hash
+				where item.resource_type = 'event' and event.uid = %d and event.id = %d $sql_extra limit 1",
+				intval($channel['channel_id']),
+				intval($_GET['id'])
+			);
+		}
+		else {
+			// fixed an issue with "nofinish" events not showing up in the calendar.
+			// There's still an issue if the finish date crosses the end of month.
+			// Noting this for now - it will need to be fixed here and in Friendica.
+			// Ultimately the finish date shouldn't be involved in the query.
+			$r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan, item.id as item_id
+				from event left join item on event.event_hash = item.resource_id 
+				where item.resource_type = 'event' and event.uid = %d and event.uid = item.uid 
+				AND (( event.adjust = 0 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' ) 
+				OR (  event.adjust = 1 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' )) 
+				$sql_extra",
+				intval($channel['channel_id']),
+				dbesc($start),
+				dbesc($finish),
+				dbesc($adjust_start),
+				dbesc($adjust_finish)
+			);
+		}
+	
+		if($r) {
+			xchan_query($r);
+			$r = fetch_post_tags($r,true);
+			$r = sort_by_date($r);
+		}

-			if (x($_GET,'id')){
-			  	$r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan
-	                                from event left join item on resource_id = event_hash where resource_type = 'event' and event.uid = %d and event.id = %d $sql_extra limit 1",
-					intval($channel['channel_id']),
-					intval($_GET['id'])
-				);
-			} 
-			else {
-				// fixed an issue with "nofinish" events not showing up in the calendar.
-				// There's still an issue if the finish date crosses the end of month.
-				// Noting this for now - it will need to be fixed here and in Friendica.
-				// Ultimately the finish date shouldn't be involved in the query. 
+		$events = [];
 	
-				$r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan
-	                              from event left join item on event_hash = resource_id 
-					where resource_type = 'event' and event.uid = %d and event.uid = item.uid $ignored 
-					AND (( adjust = 0 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' ) 
-					OR  (  adjust = 1 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' )) $sql_extra ",
-					intval($channel['channel_id']),
-					dbesc($start),
-					dbesc($finish),
-					dbesc($adjust_start),
-					dbesc($adjust_finish)
-				);
-	
-			}
-	
-			$links = array();
-	
-			if($r) {
-				xchan_query($r);
-				$r = fetch_post_tags($r,true);
-	
-				$r = sort_by_date($r);
-			}
-	
-			if($r) {
-				foreach($r as $rr) {
-					$j = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtstart'], 'j') : datetime_convert('UTC','UTC',$rr['dtstart'],'j'));
-					if(! x($links,$j)) 
-						$links[$j] = z_root() . '/' . \App::$cmd . '#link-' . $j;
+		if($r) {
+
+			foreach($r as $rr) {
+
+				$tz = get_iconfig($rr, 'event', 'timezone');
+				if(! $tz)
+					$tz = 'UTC';
+
+				$start = (($rr['adjust']) ? datetime_convert($tz, date_default_timezone_get(), $rr['dtstart'], 'c') : datetime_convert('UTC', 'UTC', $rr['dtstart'], 'c'));
+				if ($rr['nofinish']){
+					$end = null;
+				} else {
+					$end = (($rr['adjust']) ? datetime_convert($tz, date_default_timezone_get(), $rr['dtend'], 'c') : datetime_convert('UTC', 'UTC', $rr['dtend'], 'c'));
 				}
-			}
-	
-			$events=array();
-	
-			$last_date = '';
-			$fmt = t('l, F j');
-	
-			if($r) {
-	
-				foreach($r as $rr) {
-					
-					$j = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtstart'], 'j') : datetime_convert('UTC','UTC',$rr['dtstart'],'j'));
-					$d = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtstart'], $fmt) : datetime_convert('UTC','UTC',$rr['dtstart'],$fmt));
-					$d = day_translate($d);
-					
-					$start = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtstart'], 'c') : datetime_convert('UTC','UTC',$rr['dtstart'],'c'));
-					if ($rr['nofinish']){
-						$end = null;
-					} else {
-						$end = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtend'], 'c') : datetime_convert('UTC','UTC',$rr['dtend'],'c'));
-					}
-					
-					
-					$is_first = ($d !== $last_date);
-						
-					$last_date = $d;
-	
-					$edit = false;
-	
-					$drop = false;
-	
-					$title = strip_tags(html_entity_decode(bbcode($rr['summary']),ENT_QUOTES,'UTF-8'));
-					if(! $title) {
-						list($title, $_trash) = explode("<br",bbcode($rr['desc']),2);
-						$title = strip_tags(html_entity_decode($title,ENT_QUOTES,'UTF-8'));
-					}
+
+				$html = '';
+				if (x($_GET,'id')) {
+					$rr['timezone'] = $tz;
 					$html = format_event_html($rr);
-					$rr['desc'] = zidify_links(smilies(bbcode($rr['desc'])));
-					$rr['location'] = zidify_links(smilies(bbcode($rr['location'])));
-					$events[] = array(
-						'id'=>$rr['id'],
-						'hash' => $rr['event_hash'],
-						'start'=> $start,
-						'end' => $end,
-						'drop' => $drop,
-						'allDay' => false,
-						'title' => $title,
-						
-						'j' => $j,
-						'd' => $d,
-						'edit' => $edit,
-						'is_first'=>$is_first,
-						'item'=>$rr,
-						'html'=>$html,
-						'plink' => array($rr['plink'],t('Link to Source'),'',''),
-					);
-	
-	
 				}
+
+				$events[] = array(
+					'calendar_id' => 'channel_calendar',
+					'rw' => true,
+					'id'=>$rr['id'],
+					'uri' => $rr['event_hash'],
+					'timezone' => $tz,
+					'start'=> $start,
+					'end' => $end,
+					'drop' => $drop,
+					'allDay' => (($rr['adjust']) ? 0 : 1),
+					'title' => html_entity_decode($rr['summary'], ENT_COMPAT, 'UTF-8'),
+					'editable' => $edit ? true : false,
+					'item' => $rr,
+					'plink' => [$rr['plink'], t('Link to source')],
+					'description' => html_entity_decode($rr['description'], ENT_COMPAT, 'UTF-8'),
+					'location' => html_entity_decode($rr['location'], ENT_COMPAT, 'UTF-8'),
+					'allow_cid' => expand_acl($rr['allow_cid']),
+					'allow_gid' => expand_acl($rr['allow_gid']),
+					'deny_cid' => expand_acl($rr['deny_cid']),
+					'deny_gid' => expand_acl($rr['deny_gid']),
+					'html' => $html
+				);
 			}
-			
-			if (argv(2) === 'json'){
-				echo json_encode($events); killme();
-			}
-			
-			// links: array('href', 'text', 'extra css classes', 'title')
-			if (x($_GET,'id')){
-				$tpl =  get_markup_template("event_cal.tpl");
-			} 
-			else {
-				$tpl = get_markup_template("events_cal-js.tpl");
-			}
-	
-			$nick = $channel['channel_address'];
-	
-			$o = replace_macros($tpl, array(
-				'$baseurl'	=> z_root(),
-				'$new_event'	=> array(z_root().'/cal',(($event_id) ? t('Edit Event') : t('Create Event')),'',''),
-				'$previus'	=> array(z_root()."/cal/$nick/$prevyear/$prevmonth",t('Previous'),'',''),
-				'$next'		=> array(z_root()."/cal/$nick/$nextyear/$nextmonth",t('Next'),'',''),
-				'$export'	=> array(z_root()."/cal/$nick/$y/$m/export",t('Export'),'',''),
-				'$calendar'	=> cal($y,$m,$links, ' eventcal'),
-				'$events'	=> $events,
-				'$upload'	=> t('Import'),
-				'$submit'	=> t('Submit'),
-				'$prev'		=> t('Previous'),
-				'$next'		=> t('Next'),
-				'$today'	=> t('Today'),
-				'$form'		=> $form,
-				'$expandform'	=> ((x($_GET,'expandform')) ? true : false),
-				'$tabs'		=> $tabs
-			));
-			
-			if (x($_GET,'id')){ echo $o; killme(); }
-			
-			return $o;
 		}
+
+		if (argv(2) === 'json') {
+			echo json_encode($events);
+			killme();
+		}
+			
+		if (x($_GET,'id')) {
+			$o = replace_macros(get_markup_template("cal_event.tpl"), [
+				'$events' => $events
+			]);
+			echo $o;
+			killme();
+		}
+
+		$nick = $channel['channel_address'];
+
+		$sources = '{
+			id: \'channel_calendar\',
+			url: \'/cal/' . $nick . '/json/\',
+			color: \'#3a87ad\'
+		}';
+
+		$o = replace_macros(get_markup_template("cal_calendar.tpl"), [
+			'$sources' => $sources,
+			'$lang' => App::$language,
+			'$timezone' => date_default_timezone_get(),
+			'$first_day' => $first_day,
+			'$prev'	=> t('Previous'),
+			'$next'	=> t('Next'),
+			'$today' => t('Today'),
+			'$title' => $title,
+			'$dtstart' => $dtstart,
+			'$dtend' => $dtend,
+			'$nick' => $nick
+		]);
+
+		return $o;
 	
 	}
 	
@@ -122,7 +122,7 @@ class Card_edit extends \Zotlabs\Web\Controller {
 			'bbcode' => (($mimetype  == 'text/bbcode') ? true : false)
 		);

-		$editor = status_editor($a, $x);
+		$editor = status_editor($a, $x, false, 'Card_edit');

 		$o .= replace_macros(get_markup_template('edpost_head.tpl'), array(
 			'$title' => t('Edit Card'),
@@ -1,14 +1,22 @@
 <?php
 namespace Zotlabs\Module;

+use App;
+use Zotlabs\Lib\Apps;
+use Zotlabs\Web\Controller;
+use Zotlabs\Lib\PermissionDescription;
+
 require_once('include/channel.php');
 require_once('include/conversation.php');
 require_once('include/acl_selectors.php');

+/**
+ * @brief Provides the Cards module.
+ *
+ */
+class Cards extends Controller {

-class Cards extends \Zotlabs\Web\Controller {
-
-	function init() {
+	public function init() {

 		if(argc() > 1)
 			$which = argv(1);
@@ -16,35 +24,41 @@ class Cards extends \Zotlabs\Web\Controller {
 			return;

 		profile_load($which);
-
 	}

 	/**
 	 * {@inheritDoc}
-	 * @see \Zotlabs\Web\Controller::get()
+	 * @see \\Zotlabs\\Web\\Controller::get()
+	 *
+	 * @return string Parsed HTML from template 'cards.tpl'
 	 */
-	function get($update = 0, $load = false) {
+	public function get($update = 0, $load = false) {

 		if(observer_prohibited(true)) {
 			return login();
 		}

-		if(! \App::$profile) {
+		if(! App::$profile) {
 			notice( t('Requested profile is not available.') . EOL );
-			\App::$error = 404;
+			App::$error = 404;
 			return;
 		}

-		if(! feature_enabled(\App::$profile_uid, 'cards')) {
-			return;
+		if(! Apps::system_app_installed(App::$profile_uid, 'Cards')) {
+			//Do not display any associated widgets at this point
+			App::$pdl = '';
+
+			$o = '<b>' . t('Cards App') . ' (' . t('Not Installed') . '):</b><br>';
+			$o .= t('Create personal planning cards');
+			return $o;
 		}

-		nav_set_selected(t('Cards'));
+		nav_set_selected('Cards');

 		head_add_link([
 			'rel'   => 'alternate',
 			'type'  => 'application/json+oembed',
-			'href'  => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string),
+			'href'  => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . App::$query_string),
 			'title' => 'oembed'
 		]);

@@ -52,7 +66,7 @@ class Cards extends \Zotlabs\Web\Controller {
 		$category = (($_REQUEST['cat']) ? escape_tags(trim($_REQUEST['cat'])) : '');

 		if($category) {
-			$sql_extra2 .= protect_sprintf(term_item_parent_query(\App::$profile['profile_uid'], 'item', $category, TERM_CATEGORY));
+			$sql_extra2 .= protect_sprintf(term_item_parent_query(App::$profile['profile_uid'], 'item', $category, TERM_CATEGORY));
 		}


@@ -60,11 +74,11 @@ class Cards extends \Zotlabs\Web\Controller {

 		$selected_card = ((argc() > 2) ? argv(2) : '');

-		$_SESSION['return_url'] = \App::$query_string;
+		$_SESSION['return_url'] = App::$query_string;

 		$uid      = local_channel();
-		$owner    = \App::$profile_uid;
-		$observer = \App::get_observer();
+		$owner    = App::$profile_uid;
+		$observer = App::get_observer();

 		$ob_hash = (($observer) ? $observer['xchan_hash'] : '');

@@ -90,7 +104,6 @@ class Cards extends \Zotlabs\Web\Controller {
 		}


-
 		if(perm_is_allowed($owner, $ob_hash, 'write_pages')) {

 			$x = [
@@ -102,7 +115,7 @@ class Cards extends \Zotlabs\Web\Controller {
 				'lockstate'         => (($channel['channel_allow_cid'] || $channel['channel_allow_gid']
 					|| $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
 				'acl'               => (($is_owner) ? populate_acl($channel_acl, false,
-					\Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_pages')) : ''),
+					PermissionDescription::fromGlobalPermission('view_pages')) : ''),
 				'permissions'       => $channel_acl,
 				'showacl'           => (($is_owner) ? true : false),
 				'visitor'           => true,
@@ -124,7 +137,7 @@ class Cards extends \Zotlabs\Web\Controller {
 			if($_REQUEST['body'])
 				$x['body'] = $_REQUEST['body'];

-			$editor = status_editor($a, $x);
+			$editor = status_editor($a, $x, false, 'Cards');
 		}
 		else {
 			$editor = '';
@@ -132,8 +145,8 @@ class Cards extends \Zotlabs\Web\Controller {


 		$itemspage = get_pconfig(local_channel(),'system','itemspage');
-		\App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 20));
-		$pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(\App::$pager['itemspage']), intval(\App::$pager['start']));
+		App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 20));
+		$pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(App::$pager['itemspage']), intval(App::$pager['start']));


 		$sql_extra = item_permissions_sql($owner);
@@ -171,7 +184,7 @@ class Cards extends \Zotlabs\Web\Controller {
 				WHERE item.uid = %d $item_normal
 				AND item.parent IN ( %s )
 				$sql_extra $sql_extra2 ",
-				intval(\App::$profile['profile_uid']),
+				intval(App::$profile['profile_uid']),
 				dbesc($parents_str)
 			);
 			if($items) {
@@ -1,12 +1,17 @@
 <?php
 namespace Zotlabs\Module;

+use App;
+use Zotlabs\Lib\Apps;
+use Zotlabs\Web\Controller;
+use Zotlabs\Web\HTTPSig;
+
 require_once('include/event.php');

 require_once('include/auth.php');
 require_once('include/security.php');

-class Cdav extends \Zotlabs\Web\Controller {
+class Cdav extends Controller {

 	function init() {

@@ -37,7 +42,7 @@ class Cdav extends \Zotlabs\Web\Controller {
 						continue;
 					}

-					$sigblock = \Zotlabs\Web\HTTPSig::parse_sigheader($_SERVER[$head]);
+					$sigblock = HTTPSig::parse_sigheader($_SERVER[$head]);
 					if($sigblock) {
 						$keyId = str_replace('acct:','',$sigblock['keyId']);
 						if($keyId) {
@@ -60,7 +65,7 @@ class Cdav extends \Zotlabs\Web\Controller {
 								continue;

 							if($record) {
-								$verified = \Zotlabs\Web\HTTPSig::verify('',$record['channel']['channel_pubkey']);
+								$verified = HTTPSig::verify('',$record['channel']['channel_pubkey']);
 								if(! ($verified && $verified['header_signed'] && $verified['header_valid'])) {
 									$record = null;
 								}
@@ -126,8 +131,14 @@ class Cdav extends \Zotlabs\Web\Controller {
 			$auth->setRealm(ucfirst(\Zotlabs\Lib\System::get_platform_name()) . 'CalDAV/CardDAV');

 			if (local_channel()) {
+
 				logger('loggedin');
-				$channel = \App::get_channel();
+
+				if((argv(1) == 'addressbooks') && (!Apps::system_app_installed(local_channel(), 'CardDAV'))) {
+					killme();
+				}
+
+				$channel = App::get_channel();
 				$auth->setCurrentUser($channel['channel_address']);
 				$auth->channel_id = $channel['channel_id'];
 				$auth->channel_hash = $channel['channel_hash'];
@@ -161,12 +172,15 @@ class Cdav extends \Zotlabs\Web\Controller {
 			$nodes = [
 				// /principals
 				new \Sabre\CalDAV\Principal\Collection($principalBackend),
+
 				// /calendars
 				new \Sabre\CalDAV\CalendarRoot($principalBackend, $caldavBackend),
+
 				// /addressbook
-				new \Sabre\CardDAV\AddressBookRoot($principalBackend, $carddavBackend),
+				new \Sabre\CardDAV\AddressBookRoot($principalBackend, $carddavBackend)
 			];

+
 			// The object tree needs in turn to be passed to the server class

 			$server = new \Sabre\DAV\Server($nodes);
@@ -204,7 +218,11 @@ class Cdav extends \Zotlabs\Web\Controller {
 		if(! local_channel())
 			return;

-		$channel = \App::get_channel();
+		if((argv(1) === 'addressbook') && (! Apps::system_app_installed(local_channel(), 'CardDAV'))) {
+			return;
+		}
+
+		$channel = App::get_channel();
 		$principalUri = 'principals/' . $channel['channel_address'];

 		if(!cdav_principal($principalUri))
@@ -254,10 +272,19 @@ class Cdav extends \Zotlabs\Web\Controller {
 				if(!cdav_perms($id[0],$calendars,true))
 					return;

+				$timezone = ((x($_POST,'timezone_select')) ? escape_tags(trim($_POST['timezone_select'])) : '');
+				$tz = (($timezone) ? $timezone : date_default_timezone_get());
+
+				$allday = $_REQUEST['allday'];
+
 				$title = $_REQUEST['title'];
-				$dtstart = new \DateTime($_REQUEST['dtstart']);
-				if($_REQUEST['dtend'])
-					$dtend = new \DateTime($_REQUEST['dtend']);
+				$start = datetime_convert('UTC', 'UTC', $_REQUEST['dtstart']);
+				$dtstart = new \DateTime($start);
+
+				if($_REQUEST['dtend']) {
+					$end = datetime_convert('UTC', 'UTC', $_REQUEST['dtend']);
+					$dtend = new \DateTime($end);
+				}
 				$description = $_REQUEST['description'];
 				$location = $_REQUEST['location'];

@@ -281,13 +308,24 @@ class Cdav extends \Zotlabs\Web\Controller {
 					'DTSTART' => $dtstart
 				    ]
 				]);
-				if($dtend)
+
+				if($dtend) {
 					$vcalendar->VEVENT->add('DTEND', $dtend);
+					if($allday)
+						$vcalendar->VEVENT->DTEND['VALUE'] = 'DATE';
+					else
+						$vcalendar->VEVENT->DTEND['TZID'] = $tz;
+				}
 				if($description)
 					$vcalendar->VEVENT->add('DESCRIPTION', $description);
 				if($location)
 					$vcalendar->VEVENT->add('LOCATION', $location);

+				if($allday)
+					$vcalendar->VEVENT->DTSTART['VALUE'] = 'DATE';
+				else
+					$vcalendar->VEVENT->DTSTART['TZID'] = $tz;
+
 				$calendarData = $vcalendar->serialize();

 				$caldavBackend->createCalendarObject($id, $objectUri, $calendarData);
@@ -324,10 +362,19 @@ class Cdav extends \Zotlabs\Web\Controller {
 				if(!cdav_perms($id[0],$calendars,true))
 					return;

+				$timezone = ((x($_POST,'timezone_select')) ? escape_tags(trim($_POST['timezone_select'])) : '');
+				$tz = (($timezone) ? $timezone : date_default_timezone_get());
+
+				$allday = $_REQUEST['allday'];
+
 				$uri = $_REQUEST['uri'];
 				$title = $_REQUEST['title'];
-				$dtstart = new \DateTime($_REQUEST['dtstart']);
-				$dtend = $_REQUEST['dtend'] ? new \DateTime($_REQUEST['dtend']) : '';
+				$start = datetime_convert('UTC', 'UTC', $_REQUEST['dtstart']);
+				$dtstart = new \DateTime($start);
+				if($_REQUEST['dtend']) {
+					$end = datetime_convert('UTC', 'UTC', $_REQUEST['dtend']);
+					$dtend = new \DateTime($end);
+				}
 				$description = $_REQUEST['description'];
 				$location = $_REQUEST['location'];

@@ -337,12 +384,23 @@ class Cdav extends \Zotlabs\Web\Controller {

 				if($title)
 					$vcalendar->VEVENT->SUMMARY = $title;
-				if($dtstart)
+				if($dtstart) {
 					$vcalendar->VEVENT->DTSTART = $dtstart;
-				if($dtend)
+					if($allday)
+						$vcalendar->VEVENT->DTSTART['VALUE'] = 'DATE';
+					else
+						$vcalendar->VEVENT->DTSTART['TZID'] = $tz;
+				}
+				if($dtend) {
 					$vcalendar->VEVENT->DTEND = $dtend;
+					if($allday)
+						$vcalendar->VEVENT->DTEND['VALUE'] = 'DATE';
+					else
+						$vcalendar->VEVENT->DTEND['TZID'] = $tz;
+				}
 				else
 					unset($vcalendar->VEVENT->DTEND);
+
 				if($description)
 					$vcalendar->VEVENT->DESCRIPTION = $description;
 				if($location)
@@ -378,9 +436,18 @@ class Cdav extends \Zotlabs\Web\Controller {
 				if(!cdav_perms($id[0],$calendars,true))
 					return;

+				$timezone = ((x($_POST,'timezone_select')) ? escape_tags(trim($_POST['timezone_select'])) : '');
+				$tz = (($timezone) ? $timezone : date_default_timezone_get());
+
+				$allday = $_REQUEST['allday'];
+
 				$uri = $_REQUEST['uri'];
-				$dtstart = new \DateTime($_REQUEST['dtstart']);
-				$dtend = $_REQUEST['dtend'] ? new \DateTime($_REQUEST['dtend']) : '';
+				$start = datetime_convert('UTC', 'UTC', $_REQUEST['dtstart']);
+				$dtstart = new \DateTime($start);
+				if($_REQUEST['dtend']) {
+					$end = datetime_convert('UTC', 'UTC', $_REQUEST['dtend']);
+					$dtend = new \DateTime($end);
+				}

 				$object = $caldavBackend->getCalendarObject($id, $uri);

@@ -388,13 +455,20 @@ class Cdav extends \Zotlabs\Web\Controller {

 				if($dtstart) {
 					$vcalendar->VEVENT->DTSTART = $dtstart;
+					if($allday)
+						$vcalendar->VEVENT->DTSTART['VALUE'] = 'DATE';
+					else
+						$vcalendar->VEVENT->DTSTART['TZID'] = $tz;
 				}
 				if($dtend) {
 					$vcalendar->VEVENT->DTEND = $dtend;
+					if($allday)
+						$vcalendar->VEVENT->DTEND['VALUE'] = 'DATE';
+					else
+						$vcalendar->VEVENT->DTEND['TZID'] = $tz;
 				}
-				else {
+				else
 					unset($vcalendar->VEVENT->DTEND);
-				}

 				$calendarData = $vcalendar->serialize();

@@ -722,16 +796,27 @@ class Cdav extends \Zotlabs\Web\Controller {
 		//Import calendar or addressbook
 		if(($_FILES) && array_key_exists('userfile',$_FILES) && intval($_FILES['userfile']['size']) && $_REQUEST['target']) {

-			$src = @file_get_contents($_FILES['userfile']['tmp_name']);
+			$src = $_FILES['userfile']['tmp_name'];

 			if($src) {

 				if($_REQUEST['c_upload']) {
+					if($_REQUEST['target'] == 'channel_calendar') {
+						$result = parse_ical_file($src,local_channel());
+						if($result)
+							info( t('Calendar entries imported.') . EOL);
+						else
+							notice( t('No calendar entries found.') . EOL);
+
+						@unlink($src);
+						return;
+					}
+
 					$id = explode(':', $_REQUEST['target']);
 					$ext = 'ics';
 					$table = 'calendarobjects';
 					$column = 'calendarid';
-					$objects = new \Sabre\VObject\Splitter\ICalendar($src);
+					$objects = new \Sabre\VObject\Splitter\ICalendar(@file_get_contents($src));
 					$profile = \Sabre\VObject\Node::PROFILE_CALDAV;
 					$backend = new \Sabre\CalDAV\Backend\PDO($pdo);
 				}
@@ -741,7 +826,7 @@ class Cdav extends \Zotlabs\Web\Controller {
 					$ext = 'vcf';
 					$table = 'cards';
 					$column = 'addressbookid';
-					$objects = new \Sabre\VObject\Splitter\VCard($src);
+					$objects = new \Sabre\VObject\Splitter\VCard(@file_get_contents($src));
 					$profile = \Sabre\VObject\Node::PROFILE_CARDDAV;
 					$backend = new \Sabre\CardDAV\Backend\PDO($pdo);
 				}
@@ -807,15 +892,24 @@ class Cdav extends \Zotlabs\Web\Controller {
 		if(!local_channel())
 			return;

-		$channel = \App::get_channel();
+		if((argv(1) === 'addressbook') && (! Apps::system_app_installed(local_channel(), 'CardDAV'))) {
+			//Do not display any associated widgets at this point
+			App::$pdl = '';
+
+			$o = '<b>' . t('CardDAV App') . ' (' . t('Not Installed') . '):</b><br>';
+			$o .= t('CalDAV capable addressbook');
+			return $o;
+		}
+
+		App::$profile_uid = local_channel();
+
+		$channel = App::get_channel();
 		$principalUri = 'principals/' . $channel['channel_address'];

 		$pdo = \DBA::$dba->db;

 		require_once 'vendor/autoload.php';

-		head_add_css('cdav.css');
-
 		if(!cdav_principal($principalUri)) {
 			$this->activate($pdo, $channel);
 			if(!cdav_principal($principalUri)) {
@@ -824,28 +918,98 @@ class Cdav extends \Zotlabs\Web\Controller {
 		}

 		if(argv(1) === 'calendar') {
-			nav_set_selected('CalDAV');
+			nav_set_selected('Calendar');
 			$caldavBackend = new \Sabre\CalDAV\Backend\PDO($pdo);
 			$calendars = $caldavBackend->getCalendarsForUser($principalUri);
 		}

 		//Display calendar(s) here
-		if(argc() == 2 && argv(1) === 'calendar') {
+		if(argc() <= 3 && argv(1) === 'calendar') {

-			head_add_css('/library/fullcalendar/fullcalendar.css');
+			head_add_css('/library/fullcalendar/packages/core/main.min.css');
+			head_add_css('/library/fullcalendar/packages/daygrid/main.min.css');
+			head_add_css('/library/fullcalendar/packages/timegrid/main.min.css');
+			head_add_css('/library/fullcalendar/packages/list/main.min.css');
 			head_add_css('cdav_calendar.css');

-			head_add_js('/library/moment/moment.min.js', 1);
-			head_add_js('/library/fullcalendar/fullcalendar.min.js', 1);
-			head_add_js('/library/fullcalendar/locale-all.js', 1);
+			head_add_js('/library/fullcalendar/packages/core/main.min.js');
+			head_add_js('/library/fullcalendar/packages/interaction/main.min.js');
+			head_add_js('/library/fullcalendar/packages/daygrid/main.min.js');
+			head_add_js('/library/fullcalendar/packages/timegrid/main.min.js');
+			head_add_js('/library/fullcalendar/packages/list/main.min.js');
+
+			$sources = '';
+			$resource_id = '';
+			$resource = null;
+
+			if(argc() == 3)
+				$resource_id = argv(2);
+
+			if($resource_id) {
+				$r = q("SELECT event.*, item.author_xchan, item.owner_xchan, item.plink, item.id as item_id FROM event LEFT JOIN item ON event.event_hash = item.resource_id
+					WHERE event.uid = %d AND event.event_hash = '%s' LIMIT 1",
+					intval(local_channel()),
+					dbesc($resource_id)
+				);
+				if($r) {
+					xchan_query($r);
+					$r = fetch_post_tags($r,true);
+
+					$tz = get_iconfig($r[0], 'event', 'timezone');
+					if(! $tz)
+						$tz = 'UTC';
+
+					$r[0]['timezone'] = $tz;
+					$r[0]['dtstart'] = (($r[0]['adjust']) ? datetime_convert('UTC', date_default_timezone_get(), $r[0]['dtstart'], 'c') : datetime_convert('UTC', 'UTC', $r[0]['dtstart'], 'c'));
+					$r[0]['dtend'] = (($r[0]['adjust']) ? datetime_convert('UTC', date_default_timezone_get(), $r[0]['dtend'], 'c') : datetime_convert('UTC', 'UTC' ,$r[0]['dtend'], 'c'));
+
+					$r[0]['plink'] = [$r[0]['plink'], t('Link to source')];
+
+					$resource = $r[0];
+
+					$catsenabled = feature_enabled(local_channel(),'categories');
+					$categories = '';
+					if($catsenabled){
+						if($r[0]['term']) {
+							$cats = get_terms_oftype($r[0]['term'], TERM_CATEGORY);
+							foreach ($cats as $cat) {
+								if(strlen($categories))
+									$categories .= ', ';
+								$categories .= $cat['term'];
+							}
+						}
+					}
+
+					if($r[0]['dismissed'] == 0) {
+						q("UPDATE event SET dismissed = 1 WHERE event.uid = %d AND event.event_hash = '%s'",
+							intval(local_channel()),
+							dbesc($resource_id)
+						);
+					}
+				}
+			}
+
+			if(get_pconfig(local_channel(), 'cdav_calendar', 'channel_calendar')) {
+				$sources .= '{
+					id: \'channel_calendar\',
+					url: \'/channel_calendar/json/\',
+					color: \'#3a87ad\'
+				}, ';
+			}
+
+			$channel_calendars[] = [
+				'displayname' => $channel['channel_name'],
+				'id' => 'channel_calendar'
+			];

 			foreach($calendars as $calendar) {
 				$editable = (($calendar['share-access'] == 2) ? 'false' : 'true');  // false/true must be string since we're passing it to javascript
-				$color = (($calendar['{http://apple.com/ns/ical/}calendar-color']) ? $calendar['{http://apple.com/ns/ical/}calendar-color'] : '#3a87ad');
+				$color = (($calendar['{http://apple.com/ns/ical/}calendar-color']) ? $calendar['{http://apple.com/ns/ical/}calendar-color'] : '#6cad39');
 				$sharer = (($calendar['share-access'] == 3) ? $calendar['{urn:ietf:params:xml:ns:caldav}calendar-description'] : '');
 				$switch = get_pconfig(local_channel(), 'cdav_calendar', $calendar['id'][0]);
 				if($switch) {
 					$sources .= '{
+						id: ' . $calendar['id'][0] . ',
 						url: \'/cdav/calendar/json/' . $calendar['id'][0] . '/' . $calendar['id'][1] . '\',
 						color: \'' . $color . '\'
 					 }, ';
@@ -862,19 +1026,34 @@ class Cdav extends \Zotlabs\Web\Controller {

 			$sources = rtrim($sources, ', ');

-			$first_day = get_pconfig(local_channel(),'system','cal_first_day');
+			$first_day = feature_enabled(local_channel(), 'cal_first_day');
 			$first_day = (($first_day) ? $first_day : 0);

-			$title = ['title', t('Event title')];
-			$dtstart = ['dtstart', t('Start date and time'), '', t('Example: YYYY-MM-DD HH:mm')];
-			$dtend = ['dtend', t('End date and time'), '', t('Example: YYYY-MM-DD HH:mm')];
+			$title = ['title', t('Event title') ];
+			$dtstart = ['dtstart', t('Start date and time')];
+			$dtend = ['dtend', t('End date and time')];
+			$timezone_select = ['timezone_select' , t('Timezone:'), date_default_timezone_get(), '', get_timezones()];
+
 			$description = ['description', t('Description')];
 			$location = ['location', t('Location')];

+			$catsenabled = feature_enabled(local_channel(), 'categories');
+
+			require_once('include/acl_selectors.php');
+	
+			$accesslist = new \Zotlabs\Access\AccessList($channel);
+			$perm_defaults = $accesslist->get();
+
+			//$acl = (($orig_event['event_xchan']) ? '' : populate_acl(((x($orig_event)) ? $orig_event : $perm_defaults), false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream')));
+			$acl = populate_acl($perm_defaults, false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'));
+
+			$permissions = (($resource_id) ? $resource : $perm_defaults);
+
 			$o .= replace_macros(get_markup_template('cdav_calendar.tpl'), [
 				'$sources' => $sources,
 				'$color' => $color,
-				'$lang' => \App::$language,
+				'$lang' => App::$language,
+				'$timezone' => date_default_timezone_get(),
 				'$first_day' => $first_day,
 				'$prev'	=> t('Previous'),
 				'$next'	=> t('Next'),
@@ -886,6 +1065,7 @@ class Cdav extends \Zotlabs\Web\Controller {
 				'$list_week' => t('List week'),
 				'$list_day' => t('List day'),
 				'$title' => $title,
+				'$channel_calendars' => $channel_calendars,
 				'$writable_calendars' => $writable_calendars,
 				'$dtstart' => $dtstart,
 				'$dtend' => $dtend,
@@ -893,11 +1073,28 @@ class Cdav extends \Zotlabs\Web\Controller {
 				'$location' => $location,
 				'$more' => t('More'),
 				'$less' => t('Less'),
+				'$update' => t('Update'),
 				'$calendar_select_label' => t('Select calendar'),
+				'$calendar_optiopns_label' => [t('Channel Calendars'), t('CalDAV Calendars')],
 				'$delete' => t('Delete'),
 				'$delete_all' => t('Delete all'),
 				'$cancel' => t('Cancel'),
-				'$recurrence_warning' => t('Sorry! Editing of recurrent events is not yet implemented.')
+				'$create' => t('Create'),
+				'$recurrence_warning' => t('Sorry! Editing of recurrent events is not yet implemented.'),
+
+				'$channel_hash' => $channel['channel_hash'],
+				'$acl' => $acl,
+				'$lockstate' => (($accesslist->is_private()) ? 'lock' : 'unlock'),
+				'$allow_cid' => acl2json($permissions['allow_cid']),
+				'$allow_gid' => acl2json($permissions['allow_gid']),
+				'$deny_cid' => acl2json($permissions['deny_cid']),
+				'$deny_gid' => acl2json($permissions['deny_gid']),
+				'$catsenabled' => $catsenabled,
+				'$categories_label' => t('Categories'),
+
+				'$resource' => json_encode($resource),
+				'$categories' => $categories,
+				'$timezone_select' => ((feature_enabled(local_channel(),'event_tz_select')) ? $timezone_select : '')
 			]);

 			return $o;
@@ -907,10 +1104,12 @@ class Cdav extends \Zotlabs\Web\Controller {
 		//Provide json data for calendar
 		if(argc() == 5 && argv(1) === 'calendar' && argv(2) === 'json'  && intval(argv(3)) && intval(argv(4))) {

+			$events = [];
+
 			$id = [argv(3), argv(4)];

 			if(! cdav_perms($id[0],$calendars))
-				killme();
+				json_return_and_die($events);

 			if (x($_GET,'start'))
 				$start = new \DateTime($_GET['start']);
@@ -927,13 +1126,16 @@ class Cdav extends \Zotlabs\Web\Controller {
 			if($uris) {

 				$objects = $caldavBackend->getMultipleCalendarObjects($id, $uris);
-
 				foreach($objects as $object) {

 					$vcalendar = \Sabre\VObject\Reader::read($object['calendardata']);

-					if(isset($vcalendar->VEVENT->RRULE))
+					if(isset($vcalendar->VEVENT->RRULE)) {
+						// expanding recurrent events seems to loose timezone info
+						// save it here so we can add it later
+						$recurrent_timezone = (string)$vcalendar->VEVENT->DTSTART['TZID'];
 						$vcalendar = $vcalendar->expand($start, $end);
+					}

 					foreach($vcalendar->VEVENT as $vevent) {
 						$title = (string)$vevent->SUMMARY;
@@ -941,29 +1143,33 @@ class Cdav extends \Zotlabs\Web\Controller {
 						$dtend = (string)$vevent->DTEND;
 						$description = (string)$vevent->DESCRIPTION;
 						$location = (string)$vevent->LOCATION;
-
+						$timezone_str = (string)$vevent->DTSTART['TZID'];
 						$rw = ((cdav_perms($id[0],$calendars,true)) ? true : false);
+						$editable = $rw ? true : false;
 						$recurrent = ((isset($vevent->{'RECURRENCE-ID'})) ? true : false);

-						$editable = $rw ? true : false;
-
-						if($recurrent)
+						if($recurrent) {
 							$editable = false;
+							$timezone_str = $recurrent_timezone;
+						}

-						$allDay = false;
+						// Try to get an usable olson format timezone
+						$timezone_obj = \Sabre\VObject\TimeZoneUtil::getTimeZone($timezone_str, $vcalendar);
+						$timezone = $timezone_obj->getName();

-						// allDay event rules
-						if(!strpos($dtstart, 'T') && !strpos($dtend, 'T'))
-							$allDay = true;
-						if(strpos($dtstart, 'T000000') && strpos($dtend, 'T000000'))
-							$allDay = true;
+						// If we got nothing fallback to UTC
+						if(! $timezone)
+							$timezone = 'UTC';
+
+						$allDay = (((string)$vevent->DTSTART['VALUE'] == 'DATE') ? true : false);

 						$events[] = [
 							'calendar_id' => $id,
 							'uri' => $object['uri'],
 							'title' => $title,
-							'start' => $dtstart,
-							'end' => $dtend,
+							'timezone' => $timezone,
+							'start' => datetime_convert($timezone, date_default_timezone_get(), $dtstart, 'c'),
+							'end' => (($dtend) ? datetime_convert($timezone, date_default_timezone_get(), $dtend, 'c') : ''),
 							'description' => $description,
 							'location' => $location,
 							'allDay' => $allDay,
@@ -973,15 +1179,12 @@ class Cdav extends \Zotlabs\Web\Controller {
 						];
 					}
 				}
-				json_return_and_die($events);
-			}
-			else {
-				killme();
 			}
+			json_return_and_die($events);
 		}

 		//enable/disable calendars
-		if(argc() == 5 && argv(1) === 'calendar' && argv(2) === 'switch'  && intval(argv(3)) && (argv(4) == 1 || argv(4) == 0)) {
+		if(argc() == 5 && argv(1) === 'calendar' && argv(2) === 'switch'  && argv(3) && (argv(4) == 1 || argv(4) == 0)) {
 			$id = argv(3);

 			if(! cdav_perms($id,$calendars))
@@ -1240,12 +1443,13 @@ class Cdav extends \Zotlabs\Web\Controller {
 			$caldavBackend = new \Sabre\CalDAV\Backend\PDO($pdo);
 			$properties = [
 				'{DAV:}displayname' => t('Default Calendar'),
-				'{http://apple.com/ns/ical/}calendar-color' => '#3a87ad',
+				'{http://apple.com/ns/ical/}calendar-color' => '#6cad39',
 				'{urn:ietf:params:xml:ns:caldav}calendar-description' => $channel['channel_name']
 			];

 			$id = $caldavBackend->createCalendar($uri, 'default', $properties);
 			set_pconfig(local_channel(), 'cdav_calendar' , $id[0], 1);
+			set_pconfig(local_channel(), 'cdav_calendar' , 'channel_calendar', 1);

 			//create default addressbook
 			$carddavBackend = new \Sabre\CardDAV\Backend\PDO($pdo);
@@ -31,7 +31,7 @@ class Changeaddr extends \Zotlabs\Web\Controller {
 	
 		if($account['account_password_changed'] > NULL_DATE) {
 			$d1 = datetime_convert('UTC','UTC','now - 48 hours');
-			if($account['account_password_changed'] > d1) {
+			if($account['account_password_changed'] > $d1) {
 				notice( t('Channel name changes are not allowed within 48 hours of changing the account password.') . EOL);
 				return;
 			}
@@ -49,7 +49,7 @@ class Changeaddr extends \Zotlabs\Web\Controller {

 		if(check_webbie(array($new_address)) !== $new_address) {
 			notice( t('Nickname has unsupported characters or is already being used on this site.') . EOL);
-			return $ret;
+			return;
 		}

 		channel_change_address($channel,$new_address);
@@ -2,19 +2,26 @@

 namespace Zotlabs\Module;

-require_once('include/contact_widgets.php');
+
+use App;
+use Zotlabs\Web\Controller;
+use Zotlabs\Lib\PermissionDescription;
+use Zotlabs\Web\HTTPSig;
+use Zotlabs\Lib\Libzot;
+
 require_once('include/items.php');
-require_once("include/bbcode.php");
 require_once('include/security.php');
 require_once('include/conversation.php');
 require_once('include/acl_selectors.php');
-require_once('include/permissions.php');
+require_once('include/opengraph.php');
+

 /**
 * @brief Channel Controller
 *
 */
-class Channel extends \Zotlabs\Web\Controller {
+
+class Channel extends Controller {

 	function init() {

@@ -26,7 +33,7 @@ class Channel extends \Zotlabs\Web\Controller {
 			$which = argv(1);
 		if(! $which) {
 			if(local_channel()) {
-				$channel = \App::get_channel();
+				$channel = App::get_channel();
 				if($channel && $channel['channel_address'])
 				$which = $channel['channel_address'];
 			}
@@ -37,7 +44,49 @@ class Channel extends \Zotlabs\Web\Controller {
 		}

 		$profile = 0;
-		$channel = \App::get_channel();
+		$channel = App::get_channel();
+
+		if((local_channel()) && (argc() > 2) && (argv(2) === 'view')) {
+			$which = $channel['channel_address'];
+			$profile = argv(1);
+		}
+
+		$channel = channelx_by_nick($which);
+		if(! $channel) {
+			http_status_exit(404, 'Not found');
+		}
+
+		// handle zot6 channel discovery 
+
+		if(Libzot::is_zot_request()) {
+	
+			$sigdata = HTTPSig::verify(file_get_contents('php://input'));
+
+			if($sigdata && $sigdata['signer'] && $sigdata['header_valid']) {
+				$data = json_encode(Libzot::zotinfo([ 'address' => $channel['channel_address'], 'target_url' => $sigdata['signer'] ]));
+				$s = q("select site_crypto, hubloc_sitekey from site left join hubloc on hubloc_url = site_url where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1",
+					dbesc($sigdata['signer'])
+				);
+
+				if($s) {
+					$data = json_encode(crypto_encapsulate($data,$s[0]['hubloc_sitekey'],Libzot::best_algorithm($s[0]['site_crypto'])));
+				}
+			}
+			else {
+				$data = json_encode(Libzot::zotinfo([ 'address' => $channel['channel_address'] ]));
+			}
+
+			$headers = [ 
+				'Content-Type'     => 'application/x-zot+json', 
+				'Digest'           => HTTPSig::generate_digest_header($data),
+				'(request-target)' => strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI']
+			 ];
+			$h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel));
+			HTTPSig::set_headers($h);
+			echo $data;
+			killme();
+		}
+

 		if((local_channel()) && (argc() > 2) && (argv(2) === 'view')) {
 			$which = $channel['channel_address'];
@@ -61,21 +110,38 @@ class Channel extends \Zotlabs\Web\Controller {

 		// Run profile_load() here to make sure the theme is set before
 		// we start loading content
-
 		profile_load($which,$profile);
+		
+		// Add Opengraph markup
+		$mid = ((x($_REQUEST,'mid')) ? $_REQUEST['mid'] : '');
+		if(strpos($mid,'b64.') === 0)
+		    $mid = @base64url_decode(substr($mid,4));
+		    
+		if($mid)
+		    $r = q("SELECT * FROM item WHERE mid = '%s' AND uid = %d AND item_private = 0 LIMIT 1",
+		        dbesc($mid),
+		        intval($channel['channel_id'])
+		    );
+		    
+		opengraph_add_meta($r ? $r[0] : [], $channel);
 	}

 	function get($update = 0, $load = false) {

+		$noscript_content = get_config('system', 'noscript_content', '1');
+
 		if($load)
 			$_SESSION['loadtime'] = datetime_convert();

-		$checkjs = new \Zotlabs\Web\CheckJS(1);
-
 		$category = $datequery = $datequery2 = '';

 		$mid = ((x($_REQUEST,'mid')) ? $_REQUEST['mid'] : '');

+		if(strpos($mid,'b64.') === 0)
+			$decoded = @base64url_decode(substr($mid,4));
+		if($decoded)
+			$mid = $decoded;
+
 		$datequery = ((x($_GET,'dend') && is_a_date_arg($_GET['dend'])) ? notags($_GET['dend']) : '');
 		$datequery2 = ((x($_GET,'dbegin') && is_a_date_arg($_GET['dbegin'])) ? notags($_GET['dbegin']) : '');

@@ -95,22 +161,22 @@ class Channel extends \Zotlabs\Web\Controller {

 		if($update) {
 			// Ensure we've got a profile owner if updating.
-			\App::$profile['profile_uid'] = \App::$profile_uid = $update;
+			App::$profile['profile_uid'] = App::$profile_uid = $update;
 		}

-		$is_owner = (((local_channel()) && (\App::$profile['profile_uid'] == local_channel())) ? true : false);
+		$is_owner = (((local_channel()) && (App::$profile['profile_uid'] == local_channel())) ? true : false);

-		$channel = \App::get_channel();
-		$observer = \App::get_observer();
+		$channel = App::get_channel();
+		$observer = App::get_observer();
 		$ob_hash = (($observer) ? $observer['xchan_hash'] : '');

-		$perms = get_all_perms(\App::$profile['profile_uid'],$ob_hash);
+		$perms = get_all_perms(App::$profile['profile_uid'],$ob_hash);

 		if(! $perms['view_stream']) {
 			// We may want to make the target of this redirect configurable
 			if($perms['view_profile']) {
 				notice( t('Insufficient permissions.  Request redirected to profile page.') . EOL);
-				goaway (z_root() . "/profile/" . \App::$profile['channel_address']);
+				goaway (z_root() . "/profile/" . App::$profile['channel_address']);
 			}
 			notice( t('Permission denied.') . EOL);
 			return;
@@ -121,7 +187,7 @@ class Channel extends \Zotlabs\Web\Controller {

 			nav_set_selected('Channel Home');

-			$static = channel_manual_conv_update(\App::$profile['profile_uid']);
+			$static = channel_manual_conv_update(App::$profile['profile_uid']);

 			// search terms header
 			if($search) {
@@ -147,16 +213,16 @@ class Channel extends \Zotlabs\Web\Controller {

 				$x = array(
 					'is_owner' => $is_owner,
-					'allow_location' => ((($is_owner || $observer) && (intval(get_pconfig(\App::$profile['profile_uid'],'system','use_browser_location')))) ? true : false),
-					'default_location' => (($is_owner) ? \App::$profile['channel_location'] : ''),
-					'nickname' => \App::$profile['channel_address'],
-					'lockstate' => (((strlen(\App::$profile['channel_allow_cid'])) || (strlen(\App::$profile['channel_allow_gid'])) || (strlen(\App::$profile['channel_deny_cid'])) || (strlen(\App::$profile['channel_deny_gid']))) ? 'lock' : 'unlock'),
-					'acl' => (($is_owner) ? populate_acl($channel_acl,true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post') : ''),
+					'allow_location' => ((($is_owner || $observer) && (intval(get_pconfig(App::$profile['profile_uid'],'system','use_browser_location')))) ? true : false),
+					'default_location' => (($is_owner) ? App::$profile['channel_location'] : ''),
+					'nickname' => App::$profile['channel_address'],
+					'lockstate' => (((strlen(App::$profile['channel_allow_cid'])) || (strlen(App::$profile['channel_allow_gid'])) || (strlen(App::$profile['channel_deny_cid'])) || (strlen(App::$profile['channel_deny_gid']))) ? 'lock' : 'unlock'),
+					'acl' => (($is_owner) ? populate_acl($channel_acl,true, PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post') : ''),
 					'permissions' => $channel_acl,
 					'showacl' => (($is_owner) ? 'yes' : ''),
 					'bang' => '',
 					'visitor' => (($is_owner || $observer) ? true : false),
-					'profile_uid' => \App::$profile['profile_uid'],
+					'profile_uid' => App::$profile['profile_uid'],
 					'editor_autocomplete' => true,
 					'bbco_autocomplete' => 'bbcode',
 					'bbcode' => true,
@@ -164,7 +230,7 @@ class Channel extends \Zotlabs\Web\Controller {
 					'reset' => t('Reset form')
 				);

-				$o .= status_editor($a,$x);
+				$o .= status_editor($a,$x,false,'Channel');
 			}

 		}
@@ -176,14 +242,14 @@ class Channel extends \Zotlabs\Web\Controller {

 		$item_normal = item_normal();
 		$item_normal_update = item_normal_update();
-		$sql_extra = item_permissions_sql(\App::$profile['profile_uid']);
+		$sql_extra = item_permissions_sql(App::$profile['profile_uid']);

-		if(get_pconfig(\App::$profile['profile_uid'],'system','channel_list_mode') && (! $mid))
+		if(feature_enabled(App::$profile['profile_uid'], 'channel_list_mode') && (! $mid))
 			$page_mode = 'list';
 		else
 			$page_mode = 'client';

-		$abook_uids = " and abook.abook_channel = " . intval(\App::$profile['profile_uid']) . " ";
+		$abook_uids = " and abook.abook_channel = " . intval(App::$profile['profile_uid']) . " ";

 		$simple_update = (($update) ? " AND item_unseen = 1 " : '');

@@ -193,7 +259,8 @@ class Channel extends \Zotlabs\Web\Controller {
 				$sql_extra .= term_query('item',substr($search,1),TERM_HASHTAG,TERM_COMMUNITYTAG);
 			}
 			else {
-				$sql_extra .= sprintf(" AND item.body like '%s' ",
+				$sql_extra .= sprintf(" AND (item.body like '%s' OR item.title like '%s') ",
+					dbesc(protect_sprintf('%' . $search . '%')),
 					dbesc(protect_sprintf('%' . $search . '%'))
 				);
 			}
@@ -203,7 +270,7 @@ class Channel extends \Zotlabs\Web\Controller {
 		head_add_link([ 
 			'rel'   => 'alternate',
 			'type'  => 'application/json+oembed',
-			'href'  => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string),
+			'href'  => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . App::$query_string),
 			'title' => 'oembed'
 		]);

@@ -221,7 +288,7 @@ class Channel extends \Zotlabs\Web\Controller {
 				$r = q("SELECT parent AS item_id from item where mid like '%s' and uid = %d $item_normal_update
 					AND item_wall = 1 $simple_update $sql_extra limit 1",
 					dbesc($mid . '%'),
-					intval(\App::$profile['profile_uid'])
+					intval(App::$profile['profile_uid'])
 				);
 				$_SESSION['loadtime'] = datetime_convert();
 			}
@@ -233,7 +300,7 @@ class Channel extends \Zotlabs\Web\Controller {
 					AND (abook.abook_blocked = 0 or abook.abook_flags is null)
 					$sql_extra
 					ORDER BY created DESC",
-					intval(\App::$profile['profile_uid'])
+					intval(App::$profile['profile_uid'])
 				);
 				$_SESSION['loadtime'] = datetime_convert();
 			}
@@ -242,10 +309,10 @@ class Channel extends \Zotlabs\Web\Controller {
 		else {

 			if(x($category)) {
-				$sql_extra2 .= protect_sprintf(term_item_parent_query(\App::$profile['profile_uid'],'item', $category, TERM_CATEGORY));
+				$sql_extra2 .= protect_sprintf(term_item_parent_query(App::$profile['profile_uid'],'item', $category, TERM_CATEGORY));
 			}
 			if(x($hashtags)) {
-				$sql_extra2 .= protect_sprintf(term_item_parent_query(\App::$profile['profile_uid'],'item', $hashtags, TERM_HASHTAG, TERM_COMMUNITYTAG));
+				$sql_extra2 .= protect_sprintf(term_item_parent_query(App::$profile['profile_uid'],'item', $hashtags, TERM_HASHTAG, TERM_COMMUNITYTAG));
 			}

 			if($datequery) {
@@ -256,10 +323,6 @@ class Channel extends \Zotlabs\Web\Controller {
 				$sql_extra2 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery2))));
 			}

-			if($datequery || $datequery2) {
-				$sql_extra2 .= " and item.item_thread_top != 0 ";
-			}
-
 			if($order === 'post')
 				$ordering = "created";
 			else
@@ -267,15 +330,15 @@ class Channel extends \Zotlabs\Web\Controller {


 			$itemspage = get_pconfig(local_channel(),'system','itemspage');
-			\App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 20));
-			$pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(\App::$pager['itemspage']), intval(\App::$pager['start']));
+			App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 20));
+			$pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(App::$pager['itemspage']), intval(App::$pager['start']));

-			if($load || ($checkjs->disabled())) {
+			if($noscript_content || $load) {
 				if($mid) {
 					$r = q("SELECT parent AS item_id from item where mid like '%s' and uid = %d $item_normal
 						AND item_wall = 1 $sql_extra limit 1",
 						dbesc($mid . '%'),
-						intval(\App::$profile['profile_uid'])
+						intval(App::$profile['profile_uid'])
 					);
 					if (! $r) {
 						notice( t('Permission denied.') . EOL);
@@ -288,8 +351,8 @@ class Channel extends \Zotlabs\Web\Controller {
 						AND (abook.abook_blocked = 0 or abook.abook_flags is null)
 						AND item.item_wall = 1 AND item.item_thread_top = 1
 						$sql_extra $sql_extra2 
-						ORDER BY $ordering DESC $pager_sql ",
-						intval(\App::$profile['profile_uid'])
+						ORDER BY $ordering DESC, item_id $pager_sql ",
+						intval(App::$profile['profile_uid'])
 					);
 				}
 			}
@@ -301,17 +364,17 @@ class Channel extends \Zotlabs\Web\Controller {

 			$parents_str = ids_to_querystr($r,'item_id');

-			$items = q("SELECT item.*, item.id AS item_id
+			$r = q("SELECT item.*, item.id AS item_id
 				FROM item
 				WHERE item.uid = %d $item_normal
 				AND item.parent IN ( %s )
 				$sql_extra ",
-				intval(\App::$profile['profile_uid']),
+				intval(App::$profile['profile_uid']),
 				dbesc($parents_str)
 			);

-			xchan_query($items);
-			$items = fetch_post_tags($items, true);
+			xchan_query($r);
+			$items = fetch_post_tags($r, true);
 			$items = conv_sort($items,$ordering);

 			if($load && $mid && (! count($items))) {
@@ -326,22 +389,25 @@ class Channel extends \Zotlabs\Web\Controller {

 		if((! $update) && (! $load)) {

+			if($decoded)
+				$mid = 'b64.' . base64url_encode($mid);
+
 			// This is ugly, but we can't pass the profile_uid through the session to the ajax updater,
 			// because browser prefetching might change it on us. We have to deliver it with the page.

-			$maxheight = get_pconfig(\App::$profile['profile_uid'],'system','channel_divmore_height');
+			$maxheight = get_pconfig(App::$profile['profile_uid'],'system','channel_divmore_height');
 			if(! $maxheight)
 				$maxheight = 400;

 			$o .= '<div id="live-channel"></div>' . "\r\n";
-			$o .= "<script> var profile_uid = " . \App::$profile['profile_uid']
-				. "; var netargs = '?f='; var profile_page = " . \App::$pager['page']
+			$o .= "<script> var profile_uid = " . App::$profile['profile_uid']
+				. "; var netargs = '?f='; var profile_page = " . App::$pager['page']
 				. "; divmore_height = " . intval($maxheight) . "; </script>\r\n";

-			\App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),array(
+			App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),array(
 				'$baseurl' => z_root(),
 				'$pgtype' => 'channel',
-				'$uid' => ((\App::$profile['profile_uid']) ? \App::$profile['profile_uid'] : '0'),
+				'$uid' => ((App::$profile['profile_uid']) ? App::$profile['profile_uid'] : '0'),
 				'$gid' => '0',
 				'$cid' => '0',
 				'$cmin' => '(-1)',
@@ -354,15 +420,15 @@ class Channel extends \Zotlabs\Web\Controller {
 				'$wall' => '1',
 				'$fh' => '0',
 				'$static'  => $static,
-				'$page' => ((\App::$pager['page'] != 1) ? \App::$pager['page'] : 1),
+				'$page' => ((App::$pager['page'] != 1) ? App::$pager['page'] : 1),
 				'$search' => $search,
 				'$xchan' => '',
-				'$order' => $order,
+				'$order' => (($order) ? urlencode($order) : ''),
 				'$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0),
 				'$file' => '',
 				'$cats' => (($category) ? urlencode($category) : ''),
 				'$tags' => (($hashtags) ? urlencode($hashtags) : ''),
-				'$mid' => $mid,
+				'$mid' => (($mid) ? urlencode($mid) : ''),
 				'$verb' => '',
 				'$net' => '',
 				'$dend' => $datequery,
@@ -405,17 +471,26 @@ class Channel extends \Zotlabs\Web\Controller {

 		$mode = (($search) ? 'search' : 'channel');

-		if($checkjs->disabled()) {
-			$o .= conversation($items,$mode,$update,'traditional');
-		}
-		else {
+		if($update) {
 			$o .= conversation($items,$mode,$update,$page_mode);
 		}
+		else {
+
+			$o .= '<noscript>';
+			if($noscript_content) {
+				$o .= conversation($items,$mode,$update,'traditional');
+				$o .= alt_pager(count($items));
+			}
+			else {
+				$o .= '<div class="section-content-warning-wrapper">' . t('You must enable javascript for your browser to be able to view this content.') . '</div>';
+			}
+			$o .= '</noscript>';
+
+			$o .= conversation($items,$mode,$update,$page_mode);

-		if((! $update) || ($checkjs->disabled())) {
-			$o .= alt_pager(count($items));
 			if ($mid && $items[0]['title'])
-				\App::$page['title'] = $items[0]['title'] . " - " . \App::$page['title'];
+				App::$page['title'] = $items[0]['title'] . " - " . App::$page['title'];
+
 		}

 		if($mid)
@@ -0,0 +1,495 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/conversation.php');
+require_once('include/bbcode.php');
+require_once('include/datetime.php');
+require_once('include/event.php');
+require_once('include/items.php');
+require_once('include/html2plain.php');
+
+class Channel_calendar extends \Zotlabs\Web\Controller {
+
+	function post() {
+	
+		logger('post: ' . print_r($_REQUEST,true), LOGGER_DATA);
+	
+		if(! local_channel())
+			return;
+	
+		$event_id = ((x($_POST,'event_id')) ? intval($_POST['event_id']) : 0);
+		$event_hash = ((x($_POST,'event_hash')) ? $_POST['event_hash'] : '');
+	
+		$xchan = ((x($_POST,'xchan')) ? dbesc($_POST['xchan']) : '');
+		$uid = local_channel();
+
+		// only allow editing your own events. 
+		if(($xchan) && ($xchan !== get_observer_hash()))
+			return;
+
+		$timezone = ((x($_POST,'timezone_select')) ? escape_tags(trim($_POST['timezone_select'])) : '');
+		$tz = (($timezone) ? $timezone : date_default_timezone_get());
+
+		$categories = escape_tags(trim($_POST['categories']));
+		
+		$adjust = intval($_POST['adjust']);
+
+		$start = datetime_convert('UTC', 'UTC', escape_tags($_REQUEST['dtstart']));
+		$finish = datetime_convert('UTC', 'UTC', escape_tags($_REQUEST['dtend']));
+
+		$summary  = escape_tags(trim($_POST['summary']));
+		$desc     = escape_tags(trim($_POST['desc']));
+		$location = escape_tags(trim($_POST['location']));
+		$type     = escape_tags(trim($_POST['type']));
+
+		// Don't allow the event to finish before it begins.
+		// It won't hurt anything, but somebody will file a bug report
+		// and we'll waste a bunch of time responding to it. Time that 
+		// could've been spent doing something else. 
+	
+		if(strcmp($finish,$start) < 0 && !$nofinish) {
+			notice( t('Event can not end before it has started.') . EOL);
+			if(intval($_REQUEST['preview'])) {
+				echo( t('Unable to generate preview.'));
+			}
+			killme();
+		}
+	
+		if((! $summary) || (! $start)) {
+			notice( t('Event title and start time are required.') . EOL);
+			if(intval($_REQUEST['preview'])) {
+				echo( t('Unable to generate preview.'));
+			}
+			killme();
+		}
+
+		$channel = \App::get_channel();
+	
+		$acl = new \Zotlabs\Access\AccessList(false);
+	
+		if($event_id) {
+			$x = q("select * from event where id = %d and uid = %d limit 1",
+				intval($event_id),
+				intval(local_channel())
+			);
+			if(! $x) {
+				notice( t('Event not found.') . EOL);
+				if(intval($_REQUEST['preview'])) {
+					echo( t('Unable to generate preview.'));
+					killme();
+				}
+				return;
+			}
+	
+			$acl->set($x[0]);
+	
+			$created = $x[0]['created'];
+			$edited = datetime_convert();
+		}
+		else {
+			$created = $edited = datetime_convert();
+			$acl->set_from_array($_POST);
+		}
+	
+		$post_tags = array();
+		$channel = \App::get_channel();
+		$ac = $acl->get();
+
+		$str_contact_allow = $ac['allow_cid'];
+		$str_group_allow   = $ac['allow_gid'];
+		$str_contact_deny = $ac['deny_cid'];
+		$str_group_deny = $ac['deny_gid'];
+
+		$private = $acl->is_private();
+
+		require_once('include/text.php');
+		$results = linkify_tags($desc, local_channel());
+
+		if($results) {
+			// Set permissions based on tag replacements
+			set_linkified_perms($results, $str_contact_allow, $str_group_allow, local_channel(), false, $private);
+
+			foreach($results as $result) {
+				$success = $result['success'];
+				if($success['replaced']) {
+					$post_tags[] = array(
+						'uid'   => local_channel(),
+						'ttype' => $success['termtype'],
+						'otype' => TERM_OBJ_POST,
+						'term'  => $success['term'],
+						'url'   => $success['url']
+					);	
+				}
+			}
+		}
+
+		if(strlen($categories)) {
+			$cats = explode(',',$categories);
+			foreach($cats as $cat) {
+				$post_tags[] = array(
+					'uid'   => local_channel(),
+					'ttype' => TERM_CATEGORY,
+					'otype' => TERM_OBJ_POST,
+					'term'  => trim($cat),
+					'url'   => $channel['xchan_url'] . '?f=&cat=' . urlencode(trim($cat))
+				);
+			}
+		}
+	
+		$datarray = array();
+		$datarray['dtstart'] = $start;
+		$datarray['dtend'] = $finish;
+		$datarray['summary'] = $summary;
+		$datarray['description'] = $desc;
+		$datarray['location'] = $location;
+		$datarray['etype'] = $type;
+		$datarray['adjust'] = $adjust;
+		$datarray['nofinish'] = 0;
+		$datarray['uid'] = local_channel();
+		$datarray['account'] = get_account_id();
+		$datarray['event_xchan'] = $channel['channel_hash'];
+		$datarray['allow_cid'] = $str_contact_allow;
+		$datarray['allow_gid'] = $str_group_allow;
+		$datarray['deny_cid'] = $str_contact_deny;
+		$datarray['deny_gid'] = $str_group_deny;
+		$datarray['private'] = intval($private);
+		$datarray['id'] = $event_id;
+		$datarray['created'] = $created;
+		$datarray['edited'] = $edited;
+		$datarray['timezone'] = $tz;
+
+	
+		if(intval($_REQUEST['preview'])) {
+			$html = format_event_html($datarray);
+			echo $html;
+			killme();
+		}
+	
+		$event = event_store_event($datarray);
+	
+		if($post_tags)	
+			$datarray['term'] = $post_tags;
+	
+		$item_id = event_store_item($datarray,$event);
+	
+		if($item_id) {
+			$r = q("select * from item where id = %d",
+				intval($item_id)
+			);
+			if($r) {
+				xchan_query($r);
+				$sync_item = fetch_post_tags($r);
+				$z = q("select * from event where event_hash = '%s' and uid = %d limit 1",
+					dbesc($r[0]['resource_id']),
+					intval($channel['channel_id'])
+				);
+				if($z) {
+					build_sync_packet($channel['channel_id'],array('event_item' => array(encode_item($sync_item[0],true)),'event' => $z));
+				}
+			}
+		}
+	
+		\Zotlabs\Daemon\Master::Summon(array('Notifier','event',$item_id));
+
+		killme();
+	
+	}
+	
+	
+	
+	function get() {
+	
+		if(argc() > 2 && argv(1) == 'ical') {
+			$event_id = argv(2);
+	
+			require_once('include/security.php');
+			$sql_extra = permissions_sql(local_channel());
+	
+			$r = q("select * from event where event_hash = '%s' $sql_extra limit 1",
+				dbesc($event_id)
+			);
+			if($r) { 
+				header('Content-type: text/calendar');
+				header('content-disposition: attachment; filename="' . t('event') . '-' . $event_id . '.ics"' );
+				echo ical_wrapper($r);
+				killme();
+			}
+			else {
+				notice( t('Event not found.') . EOL );
+				return;
+			}
+		}
+	
+		if(! local_channel()) {
+			notice( t('Permission denied.') . EOL);
+			return;
+		}
+
+		if((argc() > 2) && (argv(1) === 'ignore') && intval(argv(2))) {
+			$r = q("update event set dismissed = 1 where id = %d and uid = %d",
+				intval(argv(2)),
+				intval(local_channel())
+			);
+		}
+	
+		if((argc() > 2) && (argv(1) === 'unignore') && intval(argv(2))) {
+			$r = q("update event set dismissed = 0 where id = %d and uid = %d",
+				intval(argv(2)),
+				intval(local_channel())
+			);
+		}
+
+		$channel = \App::get_channel();
+	
+		$mode = 'view';
+		$export = false;
+		$ignored = ((x($_REQUEST,'ignored')) ? " and dismissed = " . intval($_REQUEST['ignored']) . " "  : '');
+
+		if(argc() > 1) {
+			if(argc() > 2 && argv(1) === 'add') {
+				$mode = 'add';
+				$item_id = intval(argv(2));
+			}
+			if(argc() > 2 && argv(1) === 'drop') {
+				$mode = 'drop';
+				$event_id = argv(2);
+			}
+			if(argc() <= 2 && argv(1) === 'export') {
+				$export = true;
+			}
+			if(argc() > 2 && intval(argv(1)) && intval(argv(2))) {
+				$mode = 'view';
+			}
+			if(argc() <= 2) {
+				$mode = 'view';
+				$event_id = argv(1);
+			}
+		}
+	
+		if($mode === 'add') {
+			event_addtocal($item_id,local_channel());
+			killme();
+		}
+	
+		if($mode == 'view') {
+	
+			/* edit/create form */
+			if($event_id) {
+				$r = q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1",
+					dbesc($event_id),
+					intval(local_channel())
+				);
+				if(count($r))
+					$orig_event = $r[0];
+			}
+	
+			$channel = \App::get_channel();
+
+			if (argv(1) === 'json'){
+				if (x($_GET,'start'))	$start = $_GET['start'];
+				if (x($_GET,'end'))	$finish = $_GET['end'];
+			}
+	
+			$start  = datetime_convert('UTC','UTC',$start);
+			$finish = datetime_convert('UTC','UTC',$finish);
+			$adjust_start = datetime_convert('UTC', date_default_timezone_get(), $start);
+			$adjust_finish = datetime_convert('UTC', date_default_timezone_get(), $finish);
+
+			if (x($_GET,'id')){
+			  	$r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan, item.id as item_id
+	                                from event left join item on item.resource_id = event.event_hash
+					where item.resource_type = 'event' and event.uid = %d and event.id = %d limit 1",
+					intval(local_channel()),
+					intval($_GET['id'])
+				);
+			}
+			elseif($export) {
+				$r = q("SELECT event.*, item.id as item_id
+					from event left join item on item.resource_id = event.event_hash
+					where event.uid = %d and event.dtstart > '%s' and event.dtend > event.dtstart",
+					intval(local_channel()),
+					dbesc(NULL_DATE)
+				);
+			}
+			else {
+				// fixed an issue with "nofinish" events not showing up in the calendar.
+				// There's still an issue if the finish date crosses the end of month.
+				// Noting this for now - it will need to be fixed here and in Friendica.
+				// Ultimately the finish date shouldn't be involved in the query. 
+
+				$r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan, item.id as item_id
+					from event left join item on event.event_hash = item.resource_id 
+					where item.resource_type = 'event' and event.uid = %d and event.uid = item.uid $ignored 
+					AND (( event.adjust = 0 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' ) 
+					OR  (  event.adjust = 1 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' )) ",
+					intval(local_channel()),
+					dbesc($start),
+					dbesc($finish),
+					dbesc($adjust_start),
+					dbesc($adjust_finish)
+				);
+			}
+	
+			if($r && ! $export) {
+				xchan_query($r);
+				$r = fetch_post_tags($r,true);
+				$r = sort_by_date($r);
+			}
+
+			$events = [];
+	
+			if($r) {
+	
+				foreach($r as $rr) {
+
+					$tz = get_iconfig($rr, 'event', 'timezone');
+
+					if(! $tz)
+						$tz = 'UTC';
+
+					$start = (($rr['adjust']) ? datetime_convert($tz, date_default_timezone_get(), $rr['dtstart'], 'c') : datetime_convert('UTC', 'UTC', $rr['dtstart'], 'c'));
+					if ($rr['nofinish']){
+						$end = null;
+					} else {
+						$end = (($rr['adjust']) ? datetime_convert($tz, date_default_timezone_get(), $rr['dtend'], 'c') : datetime_convert('UTC', 'UTC', $rr['dtend'], 'c'));
+					}
+
+					$catsenabled = feature_enabled(local_channel(),'categories');
+					$categories = '';
+					if($catsenabled){
+						if($rr['term']) {
+							$cats = get_terms_oftype($rr['term'], TERM_CATEGORY);
+							foreach ($cats as $cat) {
+								if(strlen($categories))
+									$categories .= ', ';
+								$categories .= $cat['term'];
+							}
+						}
+					}
+
+					$edit = ((local_channel() && $rr['author_xchan'] == get_observer_hash()) ? array(z_root().'/events/'.$rr['event_hash'].'?expandform=1',t('Edit event'),'','') : false);
+	
+					$drop = array(z_root().'/events/drop/'.$rr['event_hash'],t('Delete event'),'','');
+	
+					$events[] = array(
+						'calendar_id' => 'channel_calendar',
+						'rw' => true,
+						'id'=>$rr['id'],
+						'uri' => $rr['event_hash'],
+						'timezone' => $tz,
+						'start'=> $start,
+						'end' => $end,
+						'drop' => $drop,
+						'allDay' => (($rr['adjust']) ? 0 : 1),
+						'title' => html_entity_decode($rr['summary'], ENT_COMPAT, 'UTF-8'),
+						'editable' => $edit ? true : false,
+						'item' => $rr,
+						'plink' => [$rr['plink'], t('Link to source')],
+						'description' => html_entity_decode($rr['description'], ENT_COMPAT, 'UTF-8'),
+						'location' => html_entity_decode($rr['location'], ENT_COMPAT, 'UTF-8'),
+						'allow_cid' => expand_acl($rr['allow_cid']),
+						'allow_gid' => expand_acl($rr['allow_gid']),
+						'deny_cid' => expand_acl($rr['deny_cid']),
+						'deny_gid' => expand_acl($rr['deny_gid']),
+						'categories' => $categories
+					);
+				}
+			}
+			
+			if($export) {
+				header('Content-type: text/calendar');
+				header('content-disposition: attachment; filename="' . t('calendar') . '-' . $channel['channel_address'] . '.ics"' );
+				echo ical_wrapper($r);
+				killme();
+			}
+
+			if (\App::$argv[1] === 'json'){
+				json_return_and_die($events);
+			}
+		}
+
+	
+		if($mode === 'drop' && $event_id) {
+			$r = q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1",
+				dbesc($event_id),
+				intval(local_channel())
+			);
+	
+			$sync_event = $r[0];
+	
+			if($r) {
+				$r = q("delete from event where event_hash = '%s' and uid = %d",
+					dbesc($event_id),
+					intval(local_channel())
+				);
+
+				if($r) {
+
+					$sync_event['event_deleted'] = 1;
+					build_sync_packet(0,array('event' => array($sync_event)));
+
+					$i = q("select * from item where resource_type = 'event' and resource_id = '%s' and uid = %d",
+						dbesc($event_id),
+						intval(local_channel())
+					);
+
+					if ($i) {
+
+						$can_delete = false;
+						$local_delete = true;
+
+						$ob_hash = get_observer_hash();
+						if($ob_hash && ($ob_hash === $i[0]['author_xchan'] || $ob_hash === $i[0]['owner_xchan'] || $ob_hash === $i[0]['source_xchan'])) {
+							$can_delete = true;
+						}
+
+						// The site admin can delete any post/item on the site.
+						// If the item originated on this site+channel the deletion will propagate downstream. 
+						// Otherwise just the local copy is removed.
+
+						if(is_site_admin()) {
+							$local_delete = true;
+							if(intval($i[0]['item_origin']))
+								$can_delete = true;
+						}
+
+						if($can_delete || $local_delete) {
+
+							// if this is a different page type or it's just a local delete
+							// but not by the item author or owner, do a simple deletion
+
+							$complex = false;	
+
+							if(intval($i[0]['item_type']) || ($local_delete && (! $can_delete))) {
+								drop_item($i[0]['id']);
+							}
+							else {
+								// complex deletion that needs to propagate and be performed in phases
+								drop_item($i[0]['id'],true,DROPITEM_PHASE1);
+								$complex = true;
+							}
+
+							$ii = q("select * from item where id = %d",
+								intval($i[0]['id'])
+							);
+							if($ii) {
+								xchan_query($ii);
+								$sync_item = fetch_post_tags($ii);
+								build_sync_packet($i[0]['uid'],array('item' => array(encode_item($sync_item[0],true))));
+							}
+
+							if($complex) {
+								tag_deliver($i[0]['uid'],$i[0]['id']);
+							}
+						}
+					}
+					killme();
+				}
+				notice( t('Failed to remove event' ) . EOL);
+				killme();
+			}
+		}
+	
+	}
+	
+}
@@ -106,7 +106,7 @@ class Chanview extends \Zotlabs\Web\Controller {
 	
 		if (\App::$poi) {
 			$url = \App::$poi['xchan_url'];
-			if(\App::$poi['xchan_network'] === 'zot') {
+			if(in_array(\App::$poi['xchan_network'], ['zot', 'zot6'])) {
 				$is_zot = true;
 			}			
 			if(local_channel()) {
@@ -1,13 +1,19 @@
 <?php /** @file */

-namespace Zotlabs\Module; 
+namespace Zotlabs\Module;
+
+use App;
+use Zotlabs\Lib\Apps;
+use Zotlabs\Web\Controller;
+use Zotlabs\Lib\Chatroom;
+use Zotlabs\Access\AccessList;
+
+


 require_once('include/bookmarks.php');

-use \Zotlabs\Lib as Zlib;
-
-class Chat extends \Zotlabs\Web\Controller {
+class Chat extends Controller {

 	function init() {
 	
@@ -16,7 +22,7 @@ class Chat extends \Zotlabs\Web\Controller {
 			$which = argv(1);
 		if(! $which) {
 			if(local_channel()) {
-				$channel = \App::get_channel();
+				$channel = App::get_channel();
 				if($channel && $channel['channel_address'])
 				$which = $channel['channel_address'];
 			}
@@ -27,7 +33,7 @@ class Chat extends \Zotlabs\Web\Controller {
 		}
 	
 		$profile = 0;
-		$channel = \App::get_channel();
+		$channel = App::get_channel();
 	
 		if((local_channel()) && (argc() > 2) && (argv(2) === 'view')) {
 			$which = $channel['channel_address'];
@@ -49,16 +55,16 @@ class Chat extends \Zotlabs\Web\Controller {
 		if((! $room) || (! local_channel()))
 			return;
 	
-		$channel = \App::get_channel();
+		$channel = App::get_channel();
 	
 	
 		if($_POST['action'] === 'drop') {
 			logger('delete chatroom');
-			Zlib\Chatroom::destroy($channel,array('cr_name' => $room));
+			Chatroom::destroy($channel,array('cr_name' => $room));
 			goaway(z_root() . '/chat/' . $channel['channel_address']);
 		}
 	
-		$acl = new \Zotlabs\Access\AccessList($channel);
+		$acl = new AccessList($channel);
 		$acl->set_from_array($_REQUEST);
 	
 		$arr = $acl->get();
@@ -67,7 +73,7 @@ class Chat extends \Zotlabs\Web\Controller {
 		if(intval($arr['expire']) < 0)
 			$arr['expire'] = 0;
 	
-		Zlib\Chatroom::create($channel,$arr);
+		Chatroom::create($channel,$arr);
 	
 		$x = q("select * from chatroom where cr_name = '%s' and cr_uid = %d limit 1",
 			dbesc($room),
@@ -88,26 +94,35 @@ class Chat extends \Zotlabs\Web\Controller {
 	
 	
 	function get() {
+
+		if(! Apps::system_app_installed(App::$profile_uid, 'Chatrooms')) {
+			//Do not display any associated widgets at this point
+			App::$pdl = '';
+
+			$o = '<b>' . t('Chatrooms App') . ' (' . t('Not Installed') . '):</b><br>';
+			$o .= t('Access Controlled Chatrooms');
+			return $o;
+		}
 	
 		if(local_channel()) {
-			$channel = \App::get_channel();
-			nav_set_selected('My Chatrooms');
+			$channel = App::get_channel();
+			nav_set_selected('Chatrooms');
 		}

-		$ob = \App::get_observer();
+		$ob = App::get_observer();
 		$observer = get_observer_hash();
 		if(! $observer) {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}
 	
-		if(! perm_is_allowed(\App::$profile['profile_uid'],$observer,'chat')) {
+		if(! perm_is_allowed(App::$profile['profile_uid'],$observer,'chat')) {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}
 		
 		if((argc() > 3) && intval(argv(2)) && (argv(3) === 'leave')) {
-			Zlib\Chatroom::leave($observer,argv(2),$_SERVER['REMOTE_ADDR']);
+			Chatroom::leave($observer,argv(2),$_SERVER['REMOTE_ADDR']);
 			goaway(z_root() . '/channel/' . argv(1));
 		}
 	
@@ -160,16 +175,16 @@ class Chat extends \Zotlabs\Web\Controller {
 			$room_id = intval(argv(2));
 			$bookmark_link = get_bookmark_link($ob);
 	
-			$x = Zlib\Chatroom::enter($observer,$room_id,'online',$_SERVER['REMOTE_ADDR']);
+			$x = Chatroom::enter($observer,$room_id,'online',$_SERVER['REMOTE_ADDR']);
 			if(! $x)
 				return;
 			$x = q("select * from chatroom where cr_id = %d and cr_uid = %d $sql_extra limit 1",
 				intval($room_id),
-				intval(\App::$profile['profile_uid'])
+				intval(App::$profile['profile_uid'])
 			);
 	
 			if($x) {
-				$acl = new \Zotlabs\Access\AccessList(false);
+				$acl = new AccessList(false);
 				$acl->set($x[0]);
 	
 				$private = $acl->is_private();
@@ -208,19 +223,12 @@ class Chat extends \Zotlabs\Web\Controller {
 			));
 			return $o;
 		}
-	
-	
+
 		require_once('include/conversation.php');
 	
-		//$o = profile_tabs($a,((local_channel() && local_channel() == \App::$profile['profile_uid']) ? true : false),\App::$profile['channel_address']);
 		$o = '';
-	
-		if(! feature_enabled(\App::$profile['profile_uid'],'ajaxchat')) {
-			notice( t('Feature disabled.') . EOL);
-			return $o;
-		}

-		$acl = new \Zotlabs\Access\AccessList($channel);
+		$acl = new AccessList($channel);
 		$channel_acl = $acl->get();

 		$lockstate = (($channel_acl['allow_cid'] || $channel_acl['allow_gid'] || $channel_acl['deny_cid'] || $channel_acl['deny_gid']) ? 'lock' : 'unlock');
@@ -244,17 +252,17 @@ class Chat extends \Zotlabs\Web\Controller {
 			));
 		}

-		$rooms = Zlib\Chatroom::roomlist(\App::$profile['profile_uid']);
+		$rooms = Chatroom::roomlist(App::$profile['profile_uid']);
 	
 		$o .= replace_macros(get_markup_template('chatrooms.tpl'), array(
-			'$header' => sprintf( t('%1$s\'s Chatrooms'), \App::$profile['fullname']),
+			'$header' => sprintf( t('%1$s\'s Chatrooms'), App::$profile['fullname']),
 			'$name' => t('Name'),
 			'$baseurl' => z_root(),
-			'$nickname' => \App::$profile['channel_address'],
+			'$nickname' => App::$profile['channel_address'],
 			'$rooms' => $rooms,
 			'$norooms' => t('No chatrooms available'),
 			'$newroom' => t('Create New'),
-			'$is_owner' => ((local_channel() && local_channel() == \App::$profile['profile_uid']) ? 1 : 0),
+			'$is_owner' => ((local_channel() && local_channel() == App::$profile['profile_uid']) ? 1 : 0),
 			'$chatroom_new' => $chatroom_new,
 			'$expire' => t('Expiration'),
 			'$expire_unit' => t('min') //minutes
@@ -35,13 +35,6 @@ class Cloud extends \Zotlabs\Web\Controller {
 		if (argc() > 1)
 			$which = argv(1);

-
-		if (argc() < 2 && intval(get_config('system','cloud_disable_siteroot'))) {
-			notice( t('Permission denied.') . EOL);
-			construct_page();
-			killme();
-		}
-
 		$profile = 0;

 		if ($which)
@@ -1,21 +1,21 @@
 <?php
 namespace Zotlabs\Module; /** @file */

-
+use App;
+use Zotlabs\Web\Controller;
+use Zotlabs\Lib\Apps;

 require_once('include/contact_widgets.php');
 require_once('include/items.php');

-
-
-class Connect extends \Zotlabs\Web\Controller {
+class Connect extends Controller {

 	function init() {
 		if(argc() > 1)
 			$which = argv(1);
 		else {
 			notice( t('Requested profile is not available.') . EOL );
-			\App::$error = 404;
+			App::$error = 404;
 			return;
 		}
 	
@@ -24,20 +24,32 @@ class Connect extends \Zotlabs\Web\Controller {
 		);
 	
 		if($r)
-			\App::$data['channel'] = $r[0];
+			App::$data['channel'] = $r[0];
+
+		$channel_id = App::$data['channel']['channel_id'];
+
+		if(! Apps::system_app_installed($channel_id, 'Premium Channel')) {
+			return;
+		}
 	
 		profile_load($which,'');
 	}
 	
 	function post() {
 	
-		if(! array_key_exists('channel', \App::$data))
+		if(! array_key_exists('channel', App::$data))
 			return;
+
+		$channel_id = App::$data['channel']['channel_id'];
+
+		if(! Apps::system_app_installed($channel_id, 'Premium Channel')) {
+			return;
+		}
 	
-		$edit = ((local_channel() && (local_channel() == \App::$data['channel']['channel_id'])) ? true : false);
+		$edit = ((local_channel() && (local_channel() == $channel_id)) ? true : false);
 	
 		if($edit) {
-			$has_premium = ((\App::$data['channel']['channel_pageflags'] & PAGE_PREMIUM) ? 1 : 0);
+			$has_premium = ((App::$data['channel']['channel_pageflags'] & PAGE_PREMIUM) ? 1 : 0);
 			$premium = (($_POST['premium']) ? intval($_POST['premium']) : 0);
 			$text = escape_tags($_POST['text']);
 			
@@ -48,25 +60,25 @@ class Connect extends \Zotlabs\Web\Controller {
 					intval(local_channel()) 
 				);
 				
-				\Zotlabs\Daemon\Master::Summon(array('Notifier','refresh_all',\App::$data['channel']['channel_id']));
+				\Zotlabs\Daemon\Master::Summon(array('Notifier','refresh_all',$channel_id));
 			}
-			set_pconfig(\App::$data['channel']['channel_id'],'system','selltext',$text);
+			set_pconfig($channel_id,'system','selltext',$text);
 			// reload the page completely to get fresh data
-			goaway(z_root() . '/' . \App::$query_string);
+			goaway(z_root() . '/' . App::$query_string);
 	
 		}
 	
 		$url = '';
-		$observer = \App::get_observer();
+		$observer = App::get_observer();
 		if(($observer) && ($_POST['submit'] === t('Continue'))) {
 			if($observer['xchan_follow'])
-				$url = sprintf($observer['xchan_follow'],urlencode(channel_reddress(\App::$data['channel'])));
+				$url = sprintf($observer['xchan_follow'],urlencode(channel_reddress(App::$data['channel'])));
 			if(! $url) {
 				$r = q("select * from hubloc where hubloc_hash = '%s' order by hubloc_id desc limit 1",
 					dbesc($observer['xchan_hash'])
 				);
 				if($r)
-					$url = $r[0]['hubloc_url'] . '/follow?f=&url=' . urlencode(channel_reddress(\App::$data['channel']));
+					$url = $r[0]['hubloc_url'] . '/follow?f=&url=' . urlencode(channel_reddress(App::$data['channel']));
 			}
 		}
 		if($url)
@@ -79,17 +91,31 @@ class Connect extends \Zotlabs\Web\Controller {
 	
 	
 	function get() {
+
+		if(! array_key_exists('channel', App::$data))
+			return;
+
+		$channel_id = App::$data['channel']['channel_id'];
+
+		if(! Apps::system_app_installed($channel_id, 'Premium Channel')) {
+			//Do not display any associated widgets at this point
+			App::$pdl = '';
+
+			$o = '<b>' . t('Premium Channel App') . ' (' . t('Not Installed') . '):</b><br>';
+			$o .= t('Allows you to set restrictions and terms on those that connect with your channel');
+			return $o;
+		}
 	
-		$edit = ((local_channel() && (local_channel() == \App::$data['channel']['channel_id'])) ? true : false);
+		$edit = ((local_channel() && (local_channel() == $channel_id)) ? true : false);
 	
-		$text = get_pconfig(\App::$data['channel']['channel_id'],'system','selltext');
+		$text = get_pconfig($channel_id,'system','selltext');
 	
 		if($edit) {
 	
 			$o = replace_macros(get_markup_template('sellpage_edit.tpl'),array(
 				'$header' => t('Premium Channel Setup'),
-				'$address' => \App::$data['channel']['channel_address'],
-				'$premium' => array('premium', t('Enable premium channel connection restrictions'),((\App::$data['channel']['channel_pageflags'] & PAGE_PREMIUM) ? '1' : ''),''),
+				'$address' => App::$data['channel']['channel_address'],
+				'$premium' => array('premium', t('Enable premium channel connection restrictions'),((App::$data['channel']['channel_pageflags'] & PAGE_PREMIUM) ? '1' : ''),''),
 				'$lbl_about' => t('Please enter your restrictions or conditions, such as paypal receipt, usage guidelines, etc.'),
 	 			'$text' => $text,
 				'$desc' => t('This channel may require additional steps or acknowledgement of the following conditions prior to connecting:'),
@@ -107,7 +133,7 @@ class Connect extends \Zotlabs\Web\Controller {
 	
 			$submit = replace_macros(get_markup_template('sellpage_submit.tpl'), array(
 				'$continue' => t('Continue'),			
-				'$address' => \App::$data['channel']['channel_address']
+				'$address' => App::$data['channel']['channel_address']
 			));
 	
 			$o = replace_macros(get_markup_template('sellpage_view.tpl'),array(
@@ -120,7 +146,7 @@ class Connect extends \Zotlabs\Web\Controller {
 	
 			));
 	
-			$arr = array('channel' => \App::$data['channel'],'observer' => \App::get_observer(), 'sellpage' => $o, 'submit' => $submit);
+			$arr = array('channel' => App::$data['channel'],'observer' => App::get_observer(), 'sellpage' => $o, 'submit' => $submit);
 			call_hooks('connect_premium', $arr);
 			$o = $arr['sellpage'];
 	
@@ -1,6 +1,7 @@
 <?php
 namespace Zotlabs\Module;

+use App;

 require_once('include/socgraph.php');
 require_once('include/selectors.php');
@@ -12,8 +13,10 @@ class Connections extends \Zotlabs\Web\Controller {
 	
 		if(! local_channel())
 			return;
+
+		App::$profile_uid = local_channel();
 	
-		$channel = \App::get_channel();
+		$channel = App::get_channel();
 		if($channel)
 			head_set_icon($channel['xchan_photo_s']);
 	
@@ -43,7 +46,7 @@ class Connections extends \Zotlabs\Web\Controller {
 		$all         = false;
 	
 		if(! $_REQUEST['aj'])
-			$_SESSION['return_url'] = \App::$query_string;
+			$_SESSION['return_url'] = App::$query_string;
 	
 		$search_flags = "";
 		$head = '';
@@ -88,14 +91,14 @@ class Connections extends \Zotlabs\Web\Controller {
 						$search_flags = " and abook_pending = 1 ";
 						$head = t('New');
 						$pending = true;
-						\App::$argv[1] = 'pending';
+						App::$argv[1] = 'pending';
 					}
 					else {
 						$head = t('All');
 						$search_flags = '';
 						$all = true;
-						\App::$argc = 1;
-						unset(\App::$argv[1]);
+						App::$argc = 1;
+						unset(App::$argv[1]);
 					}
 					break;
 	//			case 'unconnected':
@@ -124,6 +127,20 @@ class Connections extends \Zotlabs\Web\Controller {
 			$unblocked = true;
 		}
 	
+		switch($_REQUEST['order']) {
+			case 'name_desc':
+				$sql_order = 'xchan_name DESC';
+				break;
+			case 'connected':
+				$sql_order = 'abook_created';
+				break;
+			case 'connected_desc':
+				$sql_order = 'abook_created DESC';
+				break;
+			default:
+				$sql_order = 'xchan_name';
+		}
+
 		$search = ((x($_REQUEST,'search')) ? notags(trim($_REQUEST['search'])) : '');
 	
 		$tabs = array(
@@ -217,7 +234,7 @@ class Connections extends \Zotlabs\Web\Controller {
 		$sql_extra .= (($searching) ? protect_sprintf(" AND xchan_name like '%$search_txt%' ") : "");
 	
 		if($_REQUEST['gid']) {
-			$sql_extra .= " and xchan_hash in ( select xchan from group_member where gid = " . intval($_REQUEST['gid']) . " and uid = " . intval(local_channel()) . " ) ";
+			$sql_extra .= " and xchan_hash in ( select xchan from pgrp_member where gid = " . intval($_REQUEST['gid']) . " and uid = " . intval(local_channel()) . " ) ";
 		}
 	 	
 		$r = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash 
@@ -225,15 +242,15 @@ class Connections extends \Zotlabs\Web\Controller {
 			intval(local_channel())
 		);
 		if($r) {
-			\App::set_pager_total($r[0]['total']);
+			App::set_pager_total($r[0]['total']);
 			$total = $r[0]['total'];
 		}
 	
 		$r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash
-			WHERE abook_channel = %d and abook_self = 0 and xchan_deleted = 0 and xchan_orphan = 0 $sql_extra $sql_extra2 ORDER BY xchan_name LIMIT %d OFFSET %d ",
+			WHERE abook_channel = %d and abook_self = 0 and xchan_deleted = 0 and xchan_orphan = 0 $sql_extra $sql_extra2 ORDER BY $sql_order LIMIT %d OFFSET %d ",
 			intval(local_channel()),
-			intval(\App::$pager['itemspage']),
-			intval(\App::$pager['start'])
+			intval(App::$pager['itemspage']),
+			intval(App::$pager['start'])
 		);
 	
 		$contacts = array();
@@ -304,8 +321,11 @@ class Connections extends \Zotlabs\Web\Controller {
 						'ignore_hover' => t('Ignore connection'),
 						'ignore' => ((! $rr['abook_ignored']) ? t('Ignore') : false),
 						'recent_label' => t('Recent activity'),
-						'recentlink' => z_root() . '/network/?f=&cid=' . intval($rr['abook_id']),
-						'oneway' => $oneway
+						'recentlink' => z_root() . '/network/?f=&cid=' . intval($rr['abook_id']) . '&name=' . $rr['xchan_name'],
+						'oneway' => $oneway,
+						'connect' => (intval($rr['abook_not_here']) ? t('Connect') : ''),
+						'follow' => z_root() . '/follow/?f=&url=' . urlencode($rr['xchan_hash']) . '&interactive=0',
+						'connect_hover' => t('Connect at this location')
 					);
 				}
 			}
@@ -326,7 +346,7 @@ class Connections extends \Zotlabs\Web\Controller {
 			killme();
 		}
 		else {
-			$o .= "<script> var page_query = '" . escape_tags($_GET['q']) . "'; var extra_args = '" . extra_query_args() . "' ; </script>";
+			$o .= "<script> var page_query = '" . escape_tags(urlencode($_GET['q'])) . "'; var extra_args = '" . extra_query_args() . "' ; </script>";
 			$o .= replace_macros(get_markup_template('connections.tpl'),array(
 				'$header' => t('Connections') . (($head) ? ': ' . $head : ''),
 				'$tabs' => $tabs,
@@ -337,7 +357,7 @@ class Connections extends \Zotlabs\Web\Controller {
 				'$finding' => (($searching) ? t('Connections search') . ": '" . $search . "'" : ""),
 				'$submit' => t('Find'),
 				'$edit' => t('Edit'),
-				'$cmd' => \App::$cmd,
+				'$cmd' => App::$cmd,
 				'$contacts' => $contacts,
 				'$paginate' => paginate($a),
 	
@@ -7,6 +7,8 @@ namespace Zotlabs\Module;
 *
 */

+use Zotlabs\Lib\Apps;
+use Zotlabs\Lib\Libzot;

 require_once('include/socgraph.php');
 require_once('include/selectors.php');
@@ -99,7 +101,8 @@ class Connedit extends \Zotlabs\Web\Controller {
 		}
 	
 	
-		$profile_id = $_POST['profile_assign'];
+		$profile_id = ((array_key_exists('profile_assign',$_POST)) ? $_POST['profile_assign'] : $orig_record[0]['abook_profile']);
+
 		if($profile_id) {
 			$r = q("SELECT profile_guid FROM profile WHERE profile_guid = '%s' AND uid = %d LIMIT 1",
 				dbesc($profile_id),
@@ -111,18 +114,23 @@ class Connedit extends \Zotlabs\Web\Controller {
 			}
 		}
 	
-		$abook_incl = escape_tags($_POST['abook_incl']);
-		$abook_excl = escape_tags($_POST['abook_excl']);
-	
+		$abook_incl = ((array_key_exists('abook_incl',$_POST)) ? escape_tags($_POST['abook_incl']) : $orig_record[0]['abook_incl']);
+		$abook_excl = ((array_key_exists('abook_excl',$_POST)) ? escape_tags($_POST['abook_excl']) : $orig_record[0]['abook_excl']);
+
+
 		$hidden = intval($_POST['hidden']);
 	
 		$priority = intval($_POST['poll']);
 		if($priority > 5 || $priority < 0)
 			$priority = 0;
 	
+		if(! array_key_exists('closeness',$_POST)) {
+			$_POST['closeness'] = 80;
+		}
 		$closeness = intval($_POST['closeness']);
-		if($closeness < 0)
-			$closeness = 99;
+		if($closeness < 0 || $closeness > 99) {
+			$closeness = 80;
+		}
 	
 		$rating = intval($_POST['rating']);
 		if($rating < (-10))
@@ -229,6 +237,8 @@ class Connedit extends \Zotlabs\Web\Controller {
 		}

 		$abook_pending = (($new_friend) ? 0 : $orig_record[0]['abook_pending']);
+
+
 	
 		$r = q("UPDATE abook SET abook_profile = '%s', abook_closeness = %d, abook_pending = %d,
 			abook_incl = '%s', abook_excl = '%s'
@@ -474,6 +484,10 @@ class Connedit extends \Zotlabs\Web\Controller {
 					if(! zot_refresh($orig_record[0],\App::get_channel()))
 						notice( t('Refresh failed - channel is currently unavailable.') );
 				}
+				elseif($orig_record[0]['xchan_network'] === 'zot6') {
+					if(! Libzot::refresh($orig_record[0],\App::get_channel()))
+						notice( t('Refresh failed - channel is currently unavailable.') );
+				}
 				else {
 	
 					// if you are on a different network we'll force a refresh of the connection basic info
@@ -696,7 +710,7 @@ class Connedit extends \Zotlabs\Web\Controller {

 			$tpl = get_markup_template("abook_edit.tpl");
 	
-			if(feature_enabled(local_channel(),'affinity')) {
+			if(Apps::system_app_installed(local_channel(),'Affinity Tool')) {

 				$sections['affinity'] = [
 					'label' => t('Affinity'),
@@ -727,9 +741,12 @@ class Connedit extends \Zotlabs\Web\Controller {
 				}
 	
 				$slider_tpl = get_markup_template('contact_slider.tpl');
+				
+				$slideval = intval($contact['abook_closeness']);
+				
 				$slide = replace_macros($slider_tpl,array(
 					'$min' => 1,
-					'$val' => (($contact['abook_closeness']) ? $contact['abook_closeness'] : 99),
+					'$val' => $slideval,
 					'$labels' => $label_str,
 				));
 			}
@@ -774,7 +791,7 @@ class Connedit extends \Zotlabs\Web\Controller {
 	
 			$global_perms = \Zotlabs\Access\Permissions::Perms();

-			$existing = get_all_perms(local_channel(),$contact['abook_xchan']);
+			$existing = get_all_perms(local_channel(),$contact['abook_xchan'],false);
 	
 			$unapproved = array('pending', t('Approve this connection'), '', t('Accept connection to allow communication'), array(t('No'),('Yes')));
 	
@@ -831,7 +848,7 @@ class Connedit extends \Zotlabs\Web\Controller {
 				$locstr = unpunify($contact['xchan_url']);
 	
 			$clone_warn = '';
-			$clonable = (in_array($contact['xchan_network'],['zot','rss']) ? true : false);
+			$clonable = (in_array($contact['xchan_network'],['zot', 'zot6', 'rss']) ? true : false);
 			if(! $clonable) {
 				$clone_warn = '<strong>';
 				$clone_warn .= ((intval($contact['abook_not_here'])) 
@@ -851,7 +868,7 @@ class Connedit extends \Zotlabs\Web\Controller {
 				'$autoperms'      => array('autoperms',t('Apply these permissions automatically'), ((get_pconfig(local_channel(),'system','autoperms')) ? 1 : 0), t('Connection requests will be approved without your interaction'), $yes_no),
 				'$permcat'        => [ 'permcat', t('Permission role'), '', '<span class="loading invisible">' . t('Loading') . '<span class="jumping-dots"><span class="dot-1">.</span><span class="dot-2">.</span><span class="dot-3">.</span></span></span>',$permcats ],
 				'$permcat_new'    => t('Add permission role'),
-				'$permcat_enable' => feature_enabled(local_channel(),'permcats'),
+				'$permcat_enable' => Apps::system_app_installed(local_channel(), 'Permission Categories'),
 				'$addr'           => unpunify($contact['xchan_addr']),
 				'$primeurl'       => unpunify($contact['xchan_url']),
 				'$section'        => $section,
@@ -886,7 +903,7 @@ class Connedit extends \Zotlabs\Web\Controller {
 				'$inherited'      => t('inherited'),
 				'$submit'         => t('Submit'),
 				'$lbl_vis2'       => sprintf( t('Please choose the profile you would like to display to %s when viewing your profile securely.'), $contact['xchan_name']),
-				'$close'          => $contact['abook_closeness'],
+				'$close'          => (($contact['abook_closeness']) ? $contact['abook_closeness'] : 80),
 				'$them'           => t('Their Settings'),
 				'$me'             => t('My Settings'),
 				'$perms'          => $perms,
@@ -23,7 +23,7 @@ class Contactgroup extends \Zotlabs\Web\Controller {
 	
 		if((argc() > 1) && (intval(argv(1)))) {
 	
-			$r = q("SELECT * FROM groups WHERE id = %d AND uid = %d AND deleted = 0 LIMIT 1",
+			$r = q("SELECT * FROM pgrp WHERE id = %d AND uid = %d AND deleted = 0 LIMIT 1",
 				intval(argv(1)),
 				intval(local_channel())
 			);
@@ -48,6 +48,32 @@ class Cover_photo extends \Zotlabs\Web\Controller {
 		$channel = \App::get_channel();
 		
 		check_form_security_token_redirectOnErr('/cover_photo', 'cover_photo');
+
+		// Remove cover photo
+		if(isset($_POST['remove'])) {
+			
+			$r = q("SELECT resource_id FROM photo WHERE photo_usage = %d AND uid = %d LIMIT 1",
+				intval(PHOTO_COVER),
+				intval(local_channel())
+			);
+			
+			if($r) {
+			    q("update photo set photo_usage = %d where photo_usage = %d and uid = %d",
+			    	intval(PHOTO_NORMAL),
+				    intval(PHOTO_COVER),
+				    intval(local_channel())
+			    );
+			
+				$sync = attach_export_data($channel,$r[0]['resource_id']);
+				if($sync)
+				    build_sync_packet($channel['channel_id'],array('file' => array($sync)));
+			}
+
+			// Update directory in background
+			\Zotlabs\Daemon\Master::Summon(array('Directory',$channel['channel_id']));
+
+			goaway(z_root() . '/cover_photo');
+		}
 	        
 		if((array_key_exists('cropfinal',$_POST)) && ($_POST['cropfinal'] == 1)) {
 	
@@ -106,7 +132,7 @@ class Cover_photo extends \Zotlabs\Web\Controller {
 						if(file_exists($tmp_name)) {
 							$base_image = $r[0];
 							$gis = getimagesize($tmp_name);
-logger('gis: ' . print_r($gis,true));
+							logger('gis: ' . print_r($gis,true), LOGGER_DEBUG);
 							$base_image['width'] = $gis[0];
 							$base_image['height'] = $gis[1];
 							$base_image['content'] = @file_get_contents($tmp_name);
@@ -167,25 +193,18 @@ logger('gis: ' . print_r($gis,true));
 						'filename'     => $base_image['filename'], 
 						'album'        => t('Cover Photos'),
 						'os_path'      => $base_image['os_path'],
-						'display_path' => $base_image['display_path']
+						'display_path' => $base_image['display_path'],
+						'photo_usage'  => PHOTO_COVER
 					];
-	
-					$p['imgscale'] = 7;
-					$p['photo_usage'] = PHOTO_COVER;
-	
-					$r1 = $im->save($p);
+					
+					$r1 = $im->storeThumbnail($p, PHOTO_RES_COVER_1200);
 	
 					$im->doScaleImage(850,310);
-					$p['imgscale'] = 8;
-	
-					$r2 = $im->save($p);
-	
+					$r2 = $im->storeThumbnail($p, PHOTO_RES_COVER_850);
 	
 					$im->doScaleImage(425,160);
-					$p['imgscale'] = 9;
-	
-					$r3 = $im->save($p);
-				
+					$r3 = $im->storeThumbnail($p, PHOTO_RES_COVER_425);
+					
 					if($r1 === false || $r2 === false || $r3 === false) {
 						// if one failed, delete them all so we can start over.
 						notice( t('Image resize failed.') . EOL );
@@ -193,13 +212,28 @@ logger('gis: ' . print_r($gis,true));
 							dbesc($base_image['resource_id']),
 							local_channel()
 						);
+						
+						$x = q("SELECT content FROM photo WHERE resource_id = '%s' AND uid = %d AND os_storage = 1 AND imgscale >= 7",
+							dbesc($base_image['resource_id']),
+							local_channel()
+						);
+						if($x) {
+							foreach($x as $xx) {
+								@unlink(dbunescbin($xx['content']));
+							}
+						}
+
 						return;
 					}
-	
-					$channel = \App::get_channel();
+
 					$this->send_cover_photo_activity($channel,$base_image,$profile);
-	
-	
+					
+					$sync = attach_export_data($channel,$base_image['resource_id']);
+					if($sync)
+					    build_sync_packet($channel['channel_id'],array('file' => array($sync)));
+
+					// Update directory in background
+					\Zotlabs\Daemon\Master::Summon(array('Directory',$channel['channel_id']));
 				}
 				else
 					notice( t('Unable to process image') . EOL);
@@ -215,7 +249,7 @@ logger('gis: ' . print_r($gis,true));
 	
 		require_once('include/attach.php');
 	
-		$res = attach_store(\App::get_channel(), get_observer_hash(), '', array('album' => t('Cover Photos'), 'hash' => $hash));
+		$res = attach_store(\App::get_channel(), get_observer_hash(), '', array('album' => t('Cover Photos'), 'hash' => $hash, 'nosync' => true));
 	
 		logger('attach_store: ' . print_r($res,true));
 	
@@ -393,6 +427,7 @@ logger('gis: ' . print_r($gis,true));
 				'$lbl_profiles'        => t('Select a profile:'),
 				'$title'               => t('Change Cover Photo'),
 				'$submit'              => t('Upload'),
+				'$remove'              => t('Remove'),
 				'$profiles'            => $profiles,
 				'$embedPhotos' => t('Use a photo from your albums'),
 				'$embedPhotosModalTitle' => t('Use a photo from your albums'),
@@ -8,8 +8,9 @@

 namespace Zotlabs\Module;

-use \Sabre\DAV as SDAV;
-use \Zotlabs\Storage;
+use Sabre\DAV as SDAV;
+use Zotlabs\Storage;
+use Zotlabs\Web\HTTPSig;

 require_once('include/attach.php');
 require_once('include/auth.php');
@@ -46,7 +47,7 @@ class Dav extends \Zotlabs\Web\Controller {
 					continue;
 				}

-				$sigblock = \Zotlabs\Web\HTTPSig::parse_sigheader($_SERVER[$head]);
+				$sigblock = HTTPSig::parse_sigheader($_SERVER[$head]);
 				if($sigblock) {
 					$keyId = str_replace('acct:','',$sigblock['keyId']);
 					if($keyId) {
@@ -69,7 +70,7 @@ class Dav extends \Zotlabs\Web\Controller {
 							continue;

 						if($record) {
-							$verified = \Zotlabs\Web\HTTPSig::verify('',$record['channel']['channel_pubkey']);
+							$verified = HTTPSig::verify('',$record['channel']['channel_pubkey']);
 							if(! ($verified && $verified['header_signed'] && $verified['header_valid'])) {
 								$record = null;
 							}
@@ -94,6 +95,8 @@ class Dav extends \Zotlabs\Web\Controller {


 		$auth = new \Zotlabs\Storage\BasicAuth();
+		$auth->observer = get_observer_hash();
+
 		$auth->setRealm(ucfirst(\Zotlabs\Lib\System::get_platform_name()) . ' ' . 'WebDAV');

 		$rootDirectory = new \Zotlabs\Storage\Directory('/', $auth);
@@ -1,14 +1,16 @@
 <?php
 namespace Zotlabs\Module;

+use App;
+use Zotlabs\Lib\Apps;
+use Zotlabs\Web\Controller;

 require_once('include/socgraph.php');
 require_once('include/selectors.php');
 require_once('include/group.php');
 require_once('include/photos.php');

-
-class Defperms extends \Zotlabs\Web\Controller {
+class Defperms extends Controller {

 	/* @brief Initialize the connection-editor
 	 *
@@ -19,6 +21,9 @@ class Defperms extends \Zotlabs\Web\Controller {
 	
 		if(! local_channel())
 			return;
+
+		if(! Apps::system_app_installed(local_channel(), 'Default Permissions'))
+			return;
 	
 		$r = q("SELECT abook.*, xchan.*
 			FROM abook left join xchan on abook_xchan = xchan_hash
@@ -26,10 +31,10 @@ class Defperms extends \Zotlabs\Web\Controller {
 			intval(local_channel())
 		);
 		if($r) {
-			\App::$poi = $r[0];
+			App::$poi = $r[0];
 		}

-		$channel = \App::get_channel();
+		$channel = App::get_channel();
 		if($channel)
 			head_set_icon($channel['xchan_photo_s']);	
 	}
@@ -43,12 +48,15 @@ class Defperms extends \Zotlabs\Web\Controller {
 	
 		if(! local_channel())
 			return;
+
+		if(! Apps::system_app_installed(local_channel(), 'Default Permissions'))
+			return;
 	
 		$contact_id = intval(argv(1));
 		if(! $contact_id)
 			return;
 	
-		$channel = \App::get_channel();
+		$channel = App::get_channel();
 	
 		$orig_record = q("SELECT * FROM abook WHERE abook_id = %d AND abook_channel = %d LIMIT 1",
 			intval($contact_id),
@@ -112,7 +120,7 @@ class Defperms extends \Zotlabs\Web\Controller {
 			intval($contact_id)
 		);
 		if($r) {
-			\App::$poi = $r[0];
+			App::$poi = $r[0];
 		}
 	
 	
@@ -131,22 +139,22 @@ class Defperms extends \Zotlabs\Web\Controller {
 	
 	function defperms_clone(&$a) {
 	
-			if(! \App::$poi)
+			if(! App::$poi)
 				return;
 		
-			$channel = \App::get_channel();
+			$channel = App::get_channel();
 	
 			$r = q("SELECT abook.*, xchan.*
 				FROM abook left join xchan on abook_xchan = xchan_hash
 				WHERE abook_channel = %d and abook_id = %d LIMIT 1",
 				intval(local_channel()),
-				intval(\App::$poi['abook_id'])
+				intval(App::$poi['abook_id'])
 			);
 			if($r) {
-				\App::$poi = array_shift($r);
+				App::$poi = array_shift($r);
 			}
 	
-			$clone = \App::$poi;
+			$clone = App::$poi;
 	
 			unset($clone['abook_id']);
 			unset($clone['abook_account']);
@@ -173,9 +181,18 @@ class Defperms extends \Zotlabs\Web\Controller {
 			notice( t('Permission denied.') . EOL);
 			return login();
 		}
+
+		if(! Apps::system_app_installed(local_channel(), 'Default Permissions')) {
+			//Do not display any associated widgets at this point
+			App::$pdl = '';
+
+			$o = '<b>' . t('Default Permissions App') . ' (' . t('Not Installed') . '):</b><br>';
+			$o .= t('Set custom default permissions for new connections');
+			return $o;
+		}
 	
 		$section = ((array_key_exists('section',$_REQUEST)) ? $_REQUEST['section'] : '');
-		$channel = \App::get_channel();
+		$channel = App::get_channel();
 	
 		$yes_no = array(t('No'),t('Yes'));
 	
@@ -193,7 +210,7 @@ class Defperms extends \Zotlabs\Web\Controller {
 		}
 		$o .= " }\n</script>\n";
 	
-		if(\App::$poi) {
+		if(App::$poi) {
 	
 			$sections = [];

@@ -203,13 +220,12 @@ class Defperms extends \Zotlabs\Web\Controller {
 	
 	
 			$perms = array();
-			$channel = \App::get_channel();
+			$channel = App::get_channel();

-			$contact = \App::$poi;
+			$contact = App::$poi;
 	
 			$global_perms = \Zotlabs\Access\Permissions::Perms();

-			$existing = get_all_perms(local_channel(),$contact['abook_xchan']);
 			$hidden_perms = [];
 	
 			foreach($global_perms as $k => $v) {
@@ -239,7 +255,7 @@ class Defperms extends \Zotlabs\Web\Controller {
 				'$autoperms'      => array('autoperms',t('Apply these permissions automatically'), ((get_pconfig(local_channel(),'system','autoperms')) ? 1 : 0), t('If enabled, connection requests will be approved without your interaction'), $yes_no),
 				'$permcat'        => [ 'permcat', t('Permission role'), '', '<span class="loading invisible">' . t('Loading') . '<span class="jumping-dots"><span class="dot-1">.</span><span class="dot-2">.</span><span class="dot-3">.</span></span></span>',$permcats ],
 				'$permcat_new'    => t('Add permission role'),
-				'$permcat_enable' => feature_enabled(local_channel(),'permcats'),
+				'$permcat_enable' => Apps::system_app_installed(local_channel(), 'Permission Categories'),
 				'$section'        => $section,
 				'$sections'       => $sections,
 				'$autolbl'        => t('The permissions indicated on this page will be applied to all new connections.'),
@@ -12,13 +12,16 @@ class Directory extends \Zotlabs\Web\Controller {
 	function init() {
 		\App::set_pager_itemspage(60);
 	
-		if(x($_GET,'ignore')) {
+		if(local_channel() && x($_GET,'ignore')) {
 			q("insert into xign ( uid, xchan ) values ( %d, '%s' ) ",
 				intval(local_channel()),
 				dbesc($_GET['ignore'])
 			);
 			goaway(z_root() . '/directory?f=&suggest=1');
 		}
+
+		if(local_channel())
+			\App::$profile_uid = local_channel();
 	
 		$observer = get_observer_hash();
 		$global_changed = false;
@@ -55,6 +58,7 @@ class Directory extends \Zotlabs\Web\Controller {
 			if($observer)
 				set_xconfig($observer,'directory','pubforums',$pubforums);
 		}
+
 	}
 	
 	function get() {
@@ -99,8 +103,14 @@ class Directory extends \Zotlabs\Web\Controller {
 		$suggest = (local_channel() && x($_REQUEST,'suggest')) ? $_REQUEST['suggest'] : '';
 	
 		if($suggest) {
-	
-			$r = suggestion_query(local_channel(),get_observer_hash());
+
+			// the directory options have no effect in suggestion mode
+			
+			$globaldir = 1;
+			$safe_mode = 1;
+			$type = 0;
+
+			$r = suggestion_query(local_channel(),get_observer_hash(),0,60);

 			if(! $r) {
 				notice( t('No default suggestions were found.') . EOL);
@@ -208,12 +218,17 @@ class Directory extends \Zotlabs\Web\Controller {
 				if($j) {
 	
 					if($j['results']) {
-	
+
+						$results = $j['results'];
+						if($suggest) {
+							$results = self::reorder_results($results,$addresses);
+						}
+
 						$entries = array();
 	
 						$photo = 'thumb';
 	
-						foreach($j['results'] as $rr) {
+						foreach($results as $rr) {
 	
 							$profile_link = chanlink_url($rr['url']);
 			
@@ -272,7 +287,7 @@ class Directory extends \Zotlabs\Web\Controller {
 	
 							$hometown = ((x($profile,'hometown') == 1) ? $profile['hometown']  : False);
 	
-							$about = ((x($profile,'about') == 1) ? zidify_links(bbcode($profile['about'])) : False);
+							$about = ((x($profile,'about') == 1) ? zidify_links(bbcode($profile['about'], ['tryoembed' => false])) : False);
 	
 							$keywords = ((x($profile,'keywords')) ? $profile['keywords'] : '');
 	
@@ -330,7 +345,7 @@ class Directory extends \Zotlabs\Web\Controller {
 								'pdesc_label' => t('Description:'),
 								'marital'  => $marital,
 								'homepage' => $homepage,
-								'homepageurl' => linkify($homepageurl),
+								'homepageurl' => linkify($homepageurl, true),
 								'hometown' => $hometown,
 								'hometown_label' => t('Hometown:'),
 								'about' => $about,
@@ -395,7 +410,7 @@ class Directory extends \Zotlabs\Web\Controller {
 	
 							$dirtitle = (($globaldir) ? t('Global Directory') : t('Local Directory'));
 	
-							$o .= "<script> var page_query = '" . escape_tags($_GET['q']) . "'; var extra_args = '" . extra_query_args() . "' ; divmore_height = " . intval($maxheight) . ";  </script>";
+							$o .= "<script> var page_query = '" . escape_tags(urlencode($_GET['q'])) . "'; var extra_args = '" . extra_query_args() . "' ; divmore_height = " . intval($maxheight) . ";  </script>";
 							$o .= replace_macros($tpl, array(
 								'$search' => $search,
 								'$desc' => t('Find'),
@@ -434,5 +449,22 @@ class Directory extends \Zotlabs\Web\Controller {
 		return $o;
 	}
 	
-	
+	static public function reorder_results($results,$suggests) {
+
+		if(! $suggests)
+			return $results;
+
+		$out = [];
+		foreach($suggests as $k => $v) {
+			foreach($results as $rv) {
+				if($k == $rv['address']) {
+					$out[intval($v)] = $rv;
+					break;
+				}
+			}
+		}
+
+		return $out;
+	}
+
 }
@@ -116,12 +116,12 @@ class Dirsearch extends \Zotlabs\Web\Controller {
 			$sql_extra .= $this->dir_query_build($joiner,'xchan_name',$name);
 		if($address)
 			$sql_extra .= $this->dir_query_build($joiner,'xchan_addr',$address);
-		if($city)
-			$sql_extra .= $this->dir_query_build($joiner,'xprof_locale',$city);
+		if($locale)
+			$sql_extra .= $this->dir_query_build($joiner,'xprof_locale',$locale);
 		if($region)
 			$sql_extra .= $this->dir_query_build($joiner,'xprof_region',$region);
-		if($post)
-			$sql_extra .= $this->dir_query_build($joiner,'xprof_postcode',$post);
+		if($postcode)
+			$sql_extra .= $this->dir_query_build($joiner,'xprof_postcode',$postcode);
 		if($country)
 			$sql_extra .= $this->dir_query_build($joiner,'xprof_country',$country);
 		if($gender)
@@ -394,7 +394,7 @@ class Dirsearch extends \Zotlabs\Web\Controller {
 						$quoted_string = false;
 					}
 					else
-						$curr['value'] .= ' ' . trim(q);
+						$curr['value'] .= ' ' . trim($q);
 				}
 			}
 		}
@@ -12,8 +12,9 @@ class Display extends \Zotlabs\Web\Controller {

 	function get($update = 0, $load = false) {

-		$module_format = 'html';
+		$noscript_content = (get_config('system', 'noscript_content', '1') && (! $update));

+		$module_format = 'html';

 		if(argc() > 1) {
 			$module_format = substr(argv(1),strrpos(argv(1),'.') + 1);
@@ -21,8 +22,6 @@ class Display extends \Zotlabs\Web\Controller {
 				$module_format = 'html';			
 		}

-		$checkjs = new \Zotlabs\Web\CheckJS(1);
-	
 		if($load)
 			$_SESSION['loadtime'] = datetime_convert();
 	
@@ -82,7 +81,7 @@ class Display extends \Zotlabs\Web\Controller {
 			);
 	
 			$o = '<div id="jot-popup">';
-			$o .= status_editor($a,$x);
+			$o .= status_editor($a,$x,false,'Display');
 			$o .= '</div>';
 		}
 	
@@ -176,11 +175,15 @@ class Display extends \Zotlabs\Web\Controller {
 			 	return '';
 			}
 		}
+		if ($target_item['item_type'] == ITEM_TYPE_CUSTOM) {
+			call_hooks('item_custom_display',$target_item);
+			notice( t('Page not found.') . EOL);
+			return '';
+		}
 		
 		
 		$static = ((array_key_exists('static',$_REQUEST)) ? intval($_REQUEST['static']) : 0);
-	
-	
+
 		$simple_update = (($update) ? " AND item_unseen = 1 " : '');
 			
 		if($update && $_SESSION['loadtime'])
@@ -235,7 +238,7 @@ class Display extends \Zotlabs\Web\Controller {
 				'$dbegin'  => '',
 				'$verb'    => '',
 				'$net'     => '',
-				'$mid'     => $mid
+				'$mid'     => (($mid) ? urlencode($mid) : '')
 			));

 			head_add_link([ 
@@ -253,53 +256,44 @@ class Display extends \Zotlabs\Web\Controller {

 		$sql_extra = public_permissions_sql($observer_hash);

-		if(($update && $load) || ($checkjs->disabled()) || ($module_format !== 'html')) {
+		if($noscript_content || $load) {

-			$pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(\App::$pager['itemspage']),intval(\App::$pager['start']));
+			$r = null;

-			if($load || ($checkjs->disabled()) || ($module_format !== 'html')) {
+			require_once('include/channel.php');
+			$sys = get_sys_channel();
+			$sysid = $sys['channel_id'];

-				$r = null;
-
-				require_once('include/channel.php');
-				$sys = get_sys_channel();
-				$sysid = $sys['channel_id'];
-
-				if(local_channel()) {
-					$r = q("SELECT item.id as item_id from item
-						WHERE uid = %d
-						and mid = '%s'
-						$item_normal
-						limit 1",
-						intval(local_channel()),
-						dbesc($target_item['parent_mid'])
-					);
-					if($r) {
-						$updateable = true;
-					}
+			if(local_channel()) {
+				$r = q("SELECT item.id as item_id from item WHERE uid = %d and mid = '%s' $item_normal limit 1",
+					intval(local_channel()),
+					dbesc($target_item['parent_mid'])
+				);
+				if($r) {
+					$updateable = true;
 				}
+			}

-				if(! $r) {
+			if(! $r) {

-					// in case somebody turned off public access to sys channel content using permissions
-					// make that content unsearchable by ensuring the owner uid can't match
+				// in case somebody turned off public access to sys channel content using permissions
+				// make that content unsearchable by ensuring the owner uid can't match

-					if(! perm_is_allowed($sysid,$observer_hash,'view_stream'))
-						$sysid = 0;
+				if(! perm_is_allowed($sysid,$observer_hash,'view_stream'))
+					$sysid = 0;

-					$r = q("SELECT item.id as item_id from item
-						WHERE mid = '%s'
-						AND (((( item.allow_cid = ''  AND item.allow_gid = '' AND item.deny_cid  = '' 
-						AND item.deny_gid  = '' AND item_private = 0 ) 
-						and uid in ( " . stream_perms_api_uids(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " ))
-						OR uid = %d )
-						$sql_extra )
-						$item_normal
-						limit 1",
-						dbesc($target_item['parent_mid']),
-						intval($sysid)
-					);
-				}
+				$r = q("SELECT item.id as item_id from item
+					WHERE mid = '%s'
+					AND (((( item.allow_cid = ''  AND item.allow_gid = '' AND item.deny_cid  = '' 
+					AND item.deny_gid  = '' AND item_private = 0 ) 
+					and uid in ( " . stream_perms_api_uids(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " ))
+					OR uid = %d )
+					$sql_extra )
+					$item_normal
+					limit 1",
+					dbesc($target_item['parent_mid']),
+					intval($sysid)
+				);
 			}
 		}
 	
@@ -309,7 +303,6 @@ class Display extends \Zotlabs\Web\Controller {
 			require_once('include/channel.php');
 			$sys = get_sys_channel();
 			$sysid = $sys['channel_id'];
-
 			if(local_channel()) {
 				$r = q("SELECT item.parent AS item_id from item
 					WHERE uid = %d
@@ -325,7 +318,7 @@ class Display extends \Zotlabs\Web\Controller {
 				}
 			}

-			if(! $r) {
+			if($r === null) {
 				// in case somebody turned off public access to sys channel content using permissions
 				// make that content unsearchable by ensuring the owner_xchan can't match
 				if(! perm_is_allowed($sysid,$observer_hash,'view_stream'))
@@ -350,7 +343,7 @@ class Display extends \Zotlabs\Web\Controller {
 		else {
 			$r = array();
 		}
-	
+
 		if($r) {
 			$parents_str = ids_to_querystr($r,'item_id');
 			if($parents_str) {
@@ -373,14 +366,23 @@ class Display extends \Zotlabs\Web\Controller {
 			
 		case 'html':

-			if ($checkjs->disabled()) {
-				$o .= conversation($items, 'display', $update, 'traditional');
-				if ($items[0]['title'])
-					\App::$page['title'] = $items[0]['title'] . " - " . \App::$page['title'];
-			} 
-			else {
+			if ($update) {
 				$o .= conversation($items, 'display', $update, 'client');
 			}
+			else {
+				$o .= '<noscript>';
+				if($noscript_content) {
+					$o .= conversation($items, 'display', $update, 'traditional');
+				}
+				else {
+					$o .= '<div class="section-content-warning-wrapper">' . t('You must enable javascript for your browser to be able to view this content.') . '</div>';
+				}
+				$o .= '</noscript>';
+
+				\App::$page['title'] = (($items[0]['title']) ? $items[0]['title'] . " - " . \App::$page['title'] : \App::$page['title']);
+
+				$o .= conversation($items, 'display', $update, 'client');
+			} 

 			break;

@@ -435,7 +437,7 @@ class Display extends \Zotlabs\Web\Controller {

 		$o .= '<div id="content-complete"></div>';

-		if((($update && $load) || $checkjs->disabled()) && (! $items))  {
+		if((($update && $load) || $noscript_content) && (! $items)) {
 			
 			$r = q("SELECT id, item_deleted FROM item WHERE mid = '%s' LIMIT 1",
 				dbesc($item_hash)
@@ -16,10 +16,21 @@ class Dreport extends \Zotlabs\Web\Controller {
 		$channel = \App::get_channel();
 		
 		$mid = ((argc() > 1) ? argv(1) : '');
+		$encoded_mid = '';

+		if(strpos($mid,'b64.') === 0) {
+			$encoded_mid = $mid;
+			$mid = @base64url_decode(substr($mid,4));
+		}
 		if($mid === 'push') {
 			$table = 'push';
 			$mid = ((argc() > 2) ? argv(2) : '');
+
+			if(strpos($mid,'b64.') === 0) {
+				$encoded_mid = $mid;
+				$mid = @base64url_decode(substr($mid,4));
+			}
+
 			if($mid) {	
 				$i = q("select id from item where mid = '%s' and uid = %d and ( author_xchan = '%s' or ( owner_xchan = '%s' and item_wall = 1 )) ",
 					dbesc($mid),
@@ -32,12 +43,15 @@ class Dreport extends \Zotlabs\Web\Controller {
 				}
 			}
 			sleep(3);
-			goaway(z_root() . '/dreport/' . urlencode($mid));
+			goaway(z_root() . '/dreport/' . (($encoded_mid) ? $encoded_mid : $mid));
 		}

 		if($mid === 'mail') {
 			$table = 'mail';
 			$mid = ((argc() > 2) ? argv(2) : '');
+			if(strpos($mid,'b64.') === 0)
+				$mid = @base64url_decode(substr($mid,4));
+
 		}
 	
 	
@@ -69,8 +83,9 @@ class Dreport extends \Zotlabs\Web\Controller {
 			return;
 		}
 		
-		$r = q("select * from dreport where dreport_xchan = '%s' and dreport_mid = '%s'",
+		$r = q("select * from dreport where (dreport_xchan = '%s' or dreport_xchan = '%s') and dreport_mid = '%s'",
 			dbesc($channel['channel_hash']),
+			dbesc($channel['channel_portable_id']),
 			dbesc($mid)
 		);
 	
@@ -80,7 +95,6 @@ class Dreport extends \Zotlabs\Web\Controller {
 		}
 		
 		for($x = 0; $x < count($r); $x++ ) {
-			$r[$x]['name'] = escape_tags(substr($r[$x]['dreport_recip'],strpos($r[$x]['dreport_recip'],' ')));
 	
 			// This has two purposes: 1. make the delivery report strings translateable, and
 			// 2. assign an ordering to item delivery results so we can group them and provide
@@ -138,16 +152,17 @@ class Dreport extends \Zotlabs\Web\Controller {
 		$entries = array();
 		foreach($r as $rr) {
 			$entries[] = [ 
-				'name' => $rr['name'],					
+				'name' => escape_tags($rr['dreport_name'] ?: $rr['dreport_recip']),					
 				'result' => escape_tags($rr['dreport_result']),
 				'time' => escape_tags(datetime_convert('UTC',date_default_timezone_get(),$rr['dreport_time']))
 			];
 		}

 		$o = replace_macros(get_markup_template('dreport.tpl'), array(
-			'$title' => sprintf( t('Delivery report for %1$s'),substr($mid,0,32)) . '...',
+			'$title' => sprintf( t('Delivery report for %1$s'),basename($mid)) . '...',
 			'$table' => $table,
 			'$mid' => urlencode($mid),
+			'$safe_mid' => urlencode(gen_link_id($mid)),
 			'$options' => t('Options'),
 			'$push' => t('Redeliver'),
 			'$entries' => $entries
@@ -162,9 +177,9 @@ class Dreport extends \Zotlabs\Web\Controller {
 	
 	private static function dreport_gravity_sort($a,$b) {
 		if($a['gravity'] == $b['gravity']) {
-			if($a['name'] === $b['name'])
+			if($a['dreport_name'] === $b['dreport_name'])
 				return strcmp($a['dreport_time'],$b['dreport_time']);
-			return strcmp($a['name'],$b['name']);
+			return strcmp($a['dreport_name'],$b['dreport_name']);
 		}
 		return (($a['gravity'] > $b['gravity']) ? 1 : (-1));
 	}
@@ -132,7 +132,7 @@ class Editblock extends \Zotlabs\Web\Controller {
 			'bbcode' => (($mimetype  == 'text/bbcode') ? true : false)
 		);

-		$editor = status_editor($a, $x);
+		$editor = status_editor($a, $x, false, 'Editblock');

 		$o .= replace_macros(get_markup_template('edpost_head.tpl'), array(
 			'$title' => t('Edit Block'),
@@ -131,7 +131,7 @@ class Editlayout extends \Zotlabs\Web\Controller {
 			'profile_uid' => intval($owner),
 		);

-		$editor = status_editor($a, $x);
+		$editor = status_editor($a, $x, false, 'Editlayout');

 		$o .= replace_macros(get_markup_template('edpost_head.tpl'), array(
 			'$title' => t('Edit Layout'),
@@ -45,7 +45,8 @@ class Editpost extends \Zotlabs\Web\Controller {
 		}

 		if($itm[0]['resource_type'] === 'event' && $itm[0]['resource_id']) {
-			goaway(z_root() . '/events/' . $itm[0]['resource_id'] . '?expandform=1');
+			goaway(z_root() . '/cdav/calendar/' . $itm[0]['resource_id']);
+			//goaway(z_root() . '/events/' . $itm[0]['resource_id'] . '?expandform=1');
 		}

 		$owner_uid = $itm[0]['uid'];
@@ -102,7 +103,7 @@ class Editpost extends \Zotlabs\Web\Controller {
 			'bbcode' => true
 		);

-		$editor = status_editor($a, $x);
+		$editor = status_editor($a, $x, false, 'Editpost');

 		$o .= replace_macros(get_markup_template('edpost_head.tpl'), array(
 			'$title' => t('Edit post'),
@@ -160,7 +160,7 @@ class Editwebpage extends \Zotlabs\Web\Controller {
 			'bbcode' => (($mimetype  == 'text/bbcode') ? true : false)
 		);

-		$editor = status_editor($a, $x);
+		$editor = status_editor($a, $x, false, 'Editwebpage');

 		$o .= replace_macros(get_markup_template('edpost_head.tpl'), array(
 			'$title' => t('Edit Webpage'),
@@ -0,0 +1,22 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/security.php');
+require_once('include/bbcode.php');
+
+
+class Embed extends \Zotlabs\Web\Controller {
+
+	function init() {
+	
+		$post_id = ((argc() > 1) ? intval(argv(1)) : 0);
+	
+		if(! $post_id)
+			killme();
+	
+		echo '[share=' . $post_id . '][/share]';
+		killme();
+
+	}
+	
+}
@@ -3,8 +3,10 @@
 namespace Zotlabs\Module;

 /**
- * @brief
+ * @brief Embedphoto endpoint.
 *
+ * Provide an AJAX endpoint to fill the embedPhotoModal with folders and photos
+ * selection.
 */
 class Embedphotos extends \Zotlabs\Web\Controller {

@@ -13,93 +15,116 @@ class Embedphotos extends \Zotlabs\Web\Controller {
 	}

 	/**
+	 * @brief This is the POST destination for the embedphotos button.
 	 *
-	 * This is the POST destination for the embedphotos button
-	 *
+	 * @return string A JSON string.
 	 */
-	function post() {
+	public function post() {
 		if (argc() > 1 && argv(1) === 'album') {
 			// API: /embedphotos/album
-			$name = (x($_POST,'name') ? $_POST['name'] : null );
-			if(!$name) {
+			$name = (x($_POST, 'name') ? $_POST['name'] : null );
+			if (!$name) {
 				json_return_and_die(array('errormsg' => 'Error retrieving album', 'status' => false));
 			}
 			$album = $this->embedphotos_widget_album(array('channel' => \App::get_channel(), 'album' => $name));
 			json_return_and_die(array('status' => true, 'content' => $album));
 		}
-		if(argc() > 1 && argv(1) === 'albumlist') {
+		if (argc() > 1 && argv(1) === 'albumlist') {
 			// API: /embedphotos/albumlist
-			$album_list = $this->embedphotos_album_list($a);
+			$album_list = $this->embedphotos_album_list();
 			json_return_and_die(array('status' => true, 'albumlist' => $album_list));
 		}
-		if(argc() > 1 && argv(1) === 'photolink') {
+		if (argc() > 1 && argv(1) === 'photolink') {
 			// API: /embedphotos/photolink
-			$href = (x($_POST,'href') ? $_POST['href'] : null );
-			if(!$href) {
+			$href = (x($_POST, 'href') ? $_POST['href'] : null );
+			if (!$href) {
 				json_return_and_die(array('errormsg' => 'Error retrieving link ' . $href, 'status' => false));
 			}
-			$resource_id = array_pop(explode("/", $href));
-			$r = q("SELECT obj from item where resource_type = 'photo' and resource_id = '%s' limit 1",
-				dbesc($resource_id)
-			);
-			if(!$r) {
-				json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false));
-			}
-			$obj = json_decode($r[0]['obj'], true);
-			if(x($obj,'body')) {
-				$photolink = $obj['body'];
-			} elseif (x($obj,'bbcode')) {
-				$photolink = $obj['bbcode'];
-			} else {
-				json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false));
-			}
-			json_return_and_die(array('status' => true, 'photolink' => $photolink, 'resource_id' => $resource_id));
+			$resource_id = array_pop(explode('/', $href));
+			$x = self::photolink($resource_id);
+			if($x) 
+				json_return_and_die(array('status' => true, 'photolink' => $x, 'resource_id' => $resource_id));
+			json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false));
 		}
 	}

-	/**
-	 * Copied from include/widgets.php::widget_album() with a modification to get the profile_uid from
-	 * the input array as in widget_item()
-	 *
-	 * @param array $args
-	 * @return string with HTML
-	 */
-	function embedphotos_widget_album($args) {

+	protected static function photolink($resource) {
+		$channel = \App::get_channel();
+		$output = EMPTY_STR;
+		if($channel) {
+			$resolution = ((feature_enabled($channel['channel_id'],'large_photos')) ? 1 : 2);
+			$r = q("select mimetype, height, width from photo where resource_id = '%s' and $resolution = %d and uid = %d limit 1",
+				dbesc($resource),
+				intval($resolution),
+				intval($channel['channel_id'])
+			);
+			if(! $r)
+				return $output;
+
+			if($r[0]['mimetype'] === 'image/jpeg')
+				$ext = '.jpg';
+			elseif($r[0]['mimetype'] === 'image/png')
+				$ext = '.png';
+			elseif($r[0]['mimetype'] === 'image/gif')
+				$ext = '.gif';
+			else
+				$ext = EMPTY_STR;
+
+			$output = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $resource . ']' .
+				'[zmg=' . $r[0]['width'] . 'x' . $r[0]['height'] . ']' . z_root() . '/photo/' . $resource . '-' . $resolution .  $ext . '[/zmg][/zrl]';
+
+			return $output;
+		}
+	}
+
+
+	/**
+	 * @brief Get photos from an album.
+	 *
+	 * @see \\Zotlabs\\Widget\\Album::widget()
+	 *
+	 * @param array $args associative array with
+	 *  * \e array \b channel
+	 *  * \e string \b album
+	 * @return string with HTML code from 'photo_album.tpl'
+	 */
+	protected function embedphotos_widget_album($args) {
 		$channel_id = 0;
-		if(array_key_exists('channel', $args))
+
+		if (array_key_exists('channel', $args)) {
 			$channel = $args['channel'];
-		$channel_id = intval($channel['channel_id']);
-		if(! $channel_id)
+			$channel_id = intval($channel['channel_id']);
+		}
+		if (! $channel_id)
 			$channel_id = \App::$profile_uid;
-		if(! $channel_id)
+		if (! $channel_id)
 			return '';

-		$owner_uid = $channel_id;
 		require_once('include/security.php');
 		$sql_extra = permissions_sql($channel_id);

-		if(! perm_is_allowed($channel_id,get_observer_hash(),'view_storage'))
+		if (! perm_is_allowed($channel_id, get_observer_hash(), 'view_storage'))
 			return '';

-		if($args['album'])
+		if (isset($args['album']))
 			$album = (($args['album'] === '/') ? '' : $args['album']);
-		if($args['title'])
+		if (isset($args['title']))
 			$title = $args['title'];

 		/**
-		 * This may return incorrect permissions if you have multiple directories of the same name.
+		 * @note This may return incorrect permissions if you have multiple directories of the same name.
 		 * It is a limitation of the photo table using a name for a photo album instead of a folder hash
 		 */
-		if($album) {
+		if ($album) {
 			require_once('include/attach.php');
 			$x = q("select hash from attach where filename = '%s' and uid = %d limit 1",
 				dbesc($album),
-				intval($owner_uid)
+				intval($channel_id)
 			);
-			if($x) {
-				$y = attach_can_view_folder($owner_uid,get_observer_hash(),$x[0]['hash']);
-				if(! $y)
+			if ($x) {
+				$y = attach_can_view_folder($channel_id, get_observer_hash(), $x[0]['hash']);
+				if (! $y)
 					return '';
 			}
 		}
@@ -110,30 +135,33 @@ class Embedphotos extends \Zotlabs\Web\Controller {
 				(SELECT resource_id, max(imgscale) imgscale FROM photo WHERE uid = %d AND album = '%s' AND imgscale <= 4 AND photo_usage IN ( %d, %d ) $sql_extra GROUP BY resource_id) ph
 				ON (p.resource_id = ph.resource_id AND p.imgscale = ph.imgscale)
 				ORDER BY created $order",
-				intval($owner_uid),
+				intval($channel_id),
 				dbesc($album),
 				intval(PHOTO_NORMAL),
 				intval(PHOTO_PROFILE)
 		);

-		$photos = array();
-		if(count($r)) {
+		$photos = [];
+		if (count($r)) {
 			$twist = 'rotright';
-			foreach($r as $rr) {
-				if($twist == 'rotright')
+			foreach ($r as $rr) {
+				if ($twist == 'rotright')
 					$twist = 'rotleft';
 				else
 					$twist = 'rotright';

+				$ph = photo_factory('');
+				$phototypes = $ph->supportedTypes();
+
 				$ext = $phototypes[$rr['mimetype']];

 				$imgalt_e = $rr['filename'];
 				$desc_e = $rr['description'];

-				$imagelink = (z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $rr['resource_id']
+				$imagelink = (z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $rr['resource_id']
 					. (($_GET['order'] === 'posted') ? '?f=&order=posted' : ''));

-				$photos[] = array(
+				$photos[] = [
 						'id' => $rr['id'],
 						'twist' => ' ' . $twist . rand(2,4),
 						'link' => $imagelink,
@@ -143,35 +171,43 @@ class Embedphotos extends \Zotlabs\Web\Controller {
 						'desc'=> $desc_e,
 						'ext' => $ext,
 						'hash'=> $rr['resource_id'],
-						'unknown' => t('Unknown')
-					);
+						'unknown' => t('Unknown'),
+				];
 			}
 		}

 		$tpl = get_markup_template('photo_album.tpl');
-		$o .= replace_macros($tpl, array(
+		$o = replace_macros($tpl, [
 			'$photos' => $photos,
 			'$album' => (($title) ? $title : $album),
 			'$album_id' => rand(),
-			'$album_edit' => array(t('Edit Album'), $album_edit),
+			'$album_edit' => array(t('Edit Album'), false),
 			'$can_post' => false,
 			'$upload' => array(t('Upload'), z_root() . '/photos/' . \App::$profile['channel_address'] . '/upload/' . bin2hex($album)),
 			'$order' => false,
-			'$upload_form' => $upload_form,
-			'$no_fullscreen_btn' => true
-		));
+			'$upload_form' => '',
+			'$no_fullscreen_btn' => true,
+		]);

 		return $o;
 	}

-	function embedphotos_album_list($a) {
+	/**
+	 * @brief Get albums observer is allowed to see.
+	 *
+	 * @see photos_albums_list()
+	 *
+	 * @return NULL|array
+	 */
+	protected function embedphotos_album_list() {
 		require_once('include/photos.php');
 		$p = photos_albums_list(\App::get_channel(), \App::get_observer());
-		if($p['success']) {
+
+		if ($p['success']) {
 			return $p['albums'];
-		} else {
-			return null;
 		}
+
+		return null;
 	}

 }
@@ -6,11 +6,14 @@ require_once('include/bbcode.php');
 require_once('include/datetime.php');
 require_once('include/event.php');
 require_once('include/items.php');
-
+require_once('include/html2plain.php');

 class Events extends \Zotlabs\Web\Controller {

 	function post() {
+
+		// this module is deprecated
+		return;
 	
 		logger('post: ' . print_r($_REQUEST,true), LOGGER_DATA);
 	
@@ -97,8 +100,8 @@ class Events extends \Zotlabs\Web\Controller {
 		$type     = escape_tags(trim($_POST['type']));
 	
 		require_once('include/text.php');
-		linkify_tags($a, $desc, local_channel());
-		linkify_tags($a, $location, local_channel());
+		linkify_tags($desc, local_channel());
+		linkify_tags($location, local_channel());
 	
 		//$action = ($event_hash == '') ? 'new' : "event/" . $event_hash;
 	
@@ -245,6 +248,9 @@ class Events extends \Zotlabs\Web\Controller {
 	
 	
 	function get() {
+
+		// this module is deprecated
+		return;
 	
 		if(argc() > 2 && argv(1) == 'ical') {
 			$event_id = argv(2);
@@ -271,8 +277,10 @@ class Events extends \Zotlabs\Web\Controller {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}
-	
+
+		\App::$profile_uid = local_channel();
 		nav_set_selected('Events');
+
 	
 		if((argc() > 2) && (argv(1) === 'ignore') && intval(argv(2))) {
 			$r = q("update event set dismissed = 1 where id = %d and uid = %d",
@@ -288,7 +296,7 @@ class Events extends \Zotlabs\Web\Controller {
 			);
 		}
 	
-		$first_day = get_pconfig(local_channel(),'system','cal_first_day');
+		$first_day = feature_enabled(local_channel(), 'events_cal_first_day');
 		$first_day = (($first_day) ? $first_day : 0);
 	
 		$htpl = get_markup_template('event_head.tpl');
@@ -641,6 +649,7 @@ class Events extends \Zotlabs\Web\Controller {
 					}
 					$html = format_event_html($rr);
 					$rr['desc'] = zidify_links(smilies(bbcode($rr['desc'])));
+					$rr['description'] = htmlentities(html2plain(bbcode($rr['description'])),ENT_COMPAT,'UTF-8',false);
 					$rr['location'] = zidify_links(smilies(bbcode($rr['location'])));
 					$events[] = array(
 						'id'=>$rr['id'],
@@ -659,11 +668,10 @@ class Events extends \Zotlabs\Web\Controller {
 						'html'=>$html,
 						'plink' => array($rr['plink'],t('Link to Source'),'',''),
 					);
-	
-	
+
 				}
 			}
-			
+
 			if($export) {
 				header('Content-type: text/calendar');
 				header('content-disposition: attachment; filename="' . t('calendar') . '-' . $channel['channel_address'] . '.ics"' );
@@ -5,6 +5,8 @@ namespace Zotlabs\Module;
 *
 */

+
+
 class Filestorage extends \Zotlabs\Web\Controller {

 	function post() {
@@ -71,14 +73,6 @@ class Filestorage extends \Zotlabs\Web\Controller {
 			return;
 		}

-		// Since we have ACL'd files in the wild, but don't have ACL here yet, we
-		// need to return for anyone other than the owner, despite the perms check for now.
-
-		$is_owner = (((local_channel()) && ($owner  == local_channel())) ? true : false);
-		if(! ($is_owner || is_site_admin())){
-			info( t('Permission Denied.') . EOL );
-			return;
-		}

 		if(argc() > 3 && argv(3) === 'delete') {

@@ -101,18 +95,31 @@ class Filestorage extends \Zotlabs\Web\Controller {
 			}

 			$file = intval(argv(2));
-			$r = q("SELECT hash FROM attach WHERE id = %d AND uid = %d LIMIT 1",
+			$r = q("SELECT hash, creator FROM attach WHERE id = %d AND uid = %d LIMIT 1",
 				dbesc($file),
 				intval($owner)
 			);
 			if(! $r) {
+				notice( t('File not found.') . EOL);
+
 				if($json_return) 
 					json_return_and_die([ 'success' => false ]);

-				notice( t('File not found.') . EOL);
 				goaway(z_root() . '/cloud/' . $which);
 			}

+			if(local_channel() !== $owner) {
+				if($r[0]['creator'] && $r[0]['creator'] !== $ob_hash) {
+					notice( t('Permission denied.') . EOL);
+
+					if($json_return) 
+						json_return_and_die([ 'success' => false ]);
+
+					goaway(z_root() . '/cloud/' . $which);
+				}
+			}
+
+
 			$f = $r[0];

 			$channel = channelx_by_n($owner);
@@ -128,12 +135,25 @@ class Filestorage extends \Zotlabs\Web\Controller {
 				}
 			}

-			if(json_return)
+			if($json_return)
 				json_return_and_die([ 'success' => true ]);

 			goaway(dirname($url));
 		}

+
+
+
+		// Since we have ACL'd files in the wild, but don't have ACL here yet, we
+		// need to return for anyone other than the owner, despite the perms check for now.
+
+		$is_owner = (((local_channel()) && ($owner  == local_channel())) ? true : false);
+		if(! ($is_owner || is_site_admin())){
+			info( t('Permission Denied.') . EOL );
+			return;
+		}
+
+
 		if(argc() > 3 && argv(3) === 'edit') {
 			require_once('include/acl_selectors.php');
 			if(! $perms['write_storage']) {
@@ -1,6 +1,8 @@
 <?php
 namespace Zotlabs\Module;

+use Zotlabs\Web\HTTPSig;
+
 /**
 * module: getfile
 * 
@@ -35,7 +37,6 @@ class Getfile extends \Zotlabs\Web\Controller {
 		$sig      = $_POST['signature'];
 		$resource = $_POST['resource'];
 		$revision = intval($_POST['revision']);
-		$resolution = (-1);

 		if(! $hash)
 			killme();
@@ -47,7 +48,7 @@ class Getfile extends \Zotlabs\Web\Controller {
 					continue;
 				}

-				$sigblock = \Zotlabs\Web\HTTPSig::parse_sigheader($_SERVER[$head]);
+				$sigblock = HTTPSig::parse_sigheader($_SERVER[$head]);
 				if($sigblock) {
 					$keyId = $sigblock['keyId'];

@@ -58,7 +59,7 @@ class Getfile extends \Zotlabs\Web\Controller {
 						);
 						if($r) {
 							$hubloc = $r[0];
-							$verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']);	
+							$verified = HTTPSig::verify('',$hubloc['xchan_pubkey']);	
 							if($verified && $verified['header_signed'] && $verified['header_valid'] && $hash == $hubloc['hubloc_hash']) {
 								$header_verified = true;
 							}
@@ -81,9 +82,14 @@ class Getfile extends \Zotlabs\Web\Controller {
 			killme();
 		}
 	
-		if(substr($resource,-2,1) == '-') {
+		if(isset($_POST['resolution']))
+			$resolution = intval($_POST['resolution']);
+		elseif(substr($resource,-2,1) == '-') {
 			$resolution = intval(substr($resource,-1,1));
 			$resource = substr($resource,0,-2);
+		}
+		else {
+			$resolution = (-1);
 		}			

 		$slop = intval(get_pconfig($channel['channel_id'],'system','getfile_time_slop'));
@@ -106,9 +112,10 @@ class Getfile extends \Zotlabs\Web\Controller {
 		}

 		if($resolution > 0) {
-			$r = q("select * from photo where resource_id = '%s' and uid = %d limit 1",
+			$r = q("SELECT * FROM photo WHERE resource_id = '%s' AND uid = %d AND imgscale = %d LIMIT 1",
 				dbesc($resource),
-				intval($channel['channel_id'])
+				intval($channel['channel_id']),
+				$resolution
 			);
 			if($r) {
 				header('Content-type: ' . $r[0]['mimetype']);
@@ -1,11 +1,13 @@
 <?php
 namespace Zotlabs\Module;

+use App;
+use Zotlabs\Web\Controller;
+use Zotlabs\Lib\Apps;
+
 require_once('include/group.php');

-
-
-class Group extends \Zotlabs\Web\Controller {
+class Group extends Controller {

 	function init() {
 		if(! local_channel()) {
@@ -13,7 +15,11 @@ class Group extends \Zotlabs\Web\Controller {
 			return;
 		}

-		\App::$profile_uid = local_channel();
+		if(! Apps::system_app_installed(local_channel(), 'Privacy Groups')) {
+			return;
+		}
+
+		App::$profile_uid = local_channel();

 		nav_set_selected('Privacy Groups');
 	}
@@ -24,6 +30,10 @@ class Group extends \Zotlabs\Web\Controller {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}
+
+		if(! Apps::system_app_installed(local_channel(), 'Privacy Groups')) {
+			return;
+		}
 	
 		if((argc() == 2) && (argv(1) === 'new')) {
 			check_form_security_token_redirectOnErr('/group/new', 'group_edit');
@@ -43,7 +53,7 @@ class Group extends \Zotlabs\Web\Controller {
 		if((argc() == 2) && (intval(argv(1)))) {
 			check_form_security_token_redirectOnErr('/group', 'group_edit');
 			
-			$r = q("SELECT * FROM groups WHERE id = %d AND uid = %d LIMIT 1",
+			$r = q("SELECT * FROM pgrp WHERE id = %d AND uid = %d LIMIT 1",
 				intval(argv(1)),
 				intval(local_channel())
 			);
@@ -56,8 +66,11 @@ class Group extends \Zotlabs\Web\Controller {
 			$groupname = notags(trim($_POST['groupname']));
 			$public = intval($_POST['public']);
 	
+			$hookinfo = [ 'pgrp_extras' => '', 'group'=>$group['id'] ];
+                       	call_hooks ('privacygroup_extras_post',$hookinfo);
+
 			if((strlen($groupname))  && (($groupname != $group['gname']) || ($public != $group['visible']))) {
-				$r = q("UPDATE groups SET gname = '%s', visible = %d  WHERE uid = %d AND id = %d",
+				$r = q("UPDATE pgrp SET gname = '%s', visible = %d  WHERE uid = %d AND id = %d",
 					dbesc($groupname),
 					intval($public),
 					intval(local_channel()),
@@ -65,6 +78,8 @@ class Group extends \Zotlabs\Web\Controller {
 				);
 				if($r)
 					info( t('Privacy group updated.') . EOL );
+
+
 				build_sync_packet(local_channel(),null,true);
 			}
 	
@@ -77,13 +92,22 @@ class Group extends \Zotlabs\Web\Controller {

 		$change = false;
 	
-		logger('mod_group: ' . \App::$cmd,LOGGER_DEBUG);
+		logger('mod_group: ' . App::$cmd,LOGGER_DEBUG);
 		
 		if(! local_channel()) {
 			notice( t('Permission denied') . EOL);
 			return;
 		}

+		if(! Apps::system_app_installed(local_channel(), 'Privacy Groups')) {
+			//Do not display any associated widgets at this point
+			App::$pdl = '';
+
+			$o = '<b>' . t('Privacy Groups App') . ' (' . t('Not Installed') . '):</b><br>';
+			$o .= t('Management of privacy groups');
+			return $o;
+		}
+
 		// Switch to text mode interface if we have more than 'n' contacts or group members
 		$switchtotext = get_pconfig(local_channel(),'system','groupedit_image_limit');
 		if($switchtotext === false)
@@ -96,7 +120,7 @@ class Group extends \Zotlabs\Web\Controller {

 			$new = (((argc() == 2) && (argv(1) === 'new')) ? true : false);

-			$groups = q("SELECT id, gname FROM groups WHERE deleted = 0 AND uid = %d ORDER BY gname ASC",
+			$groups = q("SELECT id, gname FROM pgrp WHERE deleted = 0 AND uid = %d ORDER BY gname ASC",
 				intval(local_channel())
 			);

@@ -108,6 +132,10 @@ class Group extends \Zotlabs\Web\Controller {
 				$i++;
 			}

+			$hookinfo = [ 'pgrp_extras' => '', 'group'=>argv(1) ];
+			call_hooks ('privacygroup_extras',$hookinfo);
+			$pgrp_extras = $hookinfo['pgrp_extras'];
+
 			$tpl = get_markup_template('privacy_groups.tpl');
 			$o = replace_macros($tpl, [
 				'$title' => t('Privacy Groups'),
@@ -117,6 +145,7 @@ class Group extends \Zotlabs\Web\Controller {
 				// new group form
 				'$gname' => array('groupname',t('Privacy group name')),
 				'$public' => array('public',t('Members are visible to other channels'), false),
+				'$pgrp_extras' => $pgrp_extras,
 				'$form_security_token' => get_form_security_token("group_edit"),
 				'$submit' => t('Submit'),

@@ -141,14 +170,17 @@ class Group extends \Zotlabs\Web\Controller {
 			check_form_security_token_redirectOnErr('/group', 'group_drop', 't');
 			
 			if(intval(argv(2))) {
-				$r = q("SELECT gname FROM groups WHERE id = %d AND uid = %d LIMIT 1",
+				$r = q("SELECT gname FROM pgrp WHERE id = %d AND uid = %d LIMIT 1",
 					intval(argv(2)),
 					intval(local_channel())
 				);
 				if($r) 
 					$result = group_rmv(local_channel(),$r[0]['gname']);
-				if($result)
+				if($result) {
+					$hookinfo = [ 'pgrp_extras' => '', 'group' => argv(2) ];
+					call_hooks ('privacygroup_extras_drop',$hookinfo);
 					info( t('Privacy group removed.') . EOL);
+				}
 				else
 					notice( t('Unable to remove privacy group.') . EOL);
 			}
@@ -173,7 +205,7 @@ class Group extends \Zotlabs\Web\Controller {
 		if((argc() > 1) && (intval(argv(1)))) {
 	
 			require_once('include/acl_selectors.php');
-			$r = q("SELECT * FROM groups WHERE id = %d AND uid = %d AND deleted = 0 LIMIT 1",
+			$r = q("SELECT * FROM pgrp WHERE id = %d AND uid = %d AND deleted = 0 LIMIT 1",
 				intval(argv(1)),
 				intval(local_channel())
 			);
@@ -211,6 +243,10 @@ class Group extends \Zotlabs\Web\Controller {
 				}
 			}

+			$hookinfo = [ 'pgrp_extras' => '', 'group'=>$group['id'] ];
+			call_hooks ('privacygroup_extras',$hookinfo);
+			$pgrp_extras = $hookinfo['pgrp_extras'];
+
 			$context = $context + array(
 				'$title' => sprintf(t('Privacy Group: %s'), $group['gname']),
 				'$details_label' => t('Edit'),
@@ -221,6 +257,7 @@ class Group extends \Zotlabs\Web\Controller {
 				'$form_security_token_edit' => get_form_security_token('group_edit'),
 				'$delete' => t('Delete Group'),
 				'$form_security_token_drop' => get_form_security_token("group_drop"),
+				'$pgrp_extras' => $pgrp_extras,
 			);
 	
 		}
@@ -264,6 +301,7 @@ class Group extends \Zotlabs\Web\Controller {
 	
 		$context['$groupeditor'] = $groupeditor;
 		$context['$desc'] = t('Click a channel to toggle membership');
+		$context['$pgrp_extras'] = $pgrp_extras;
 	
 		if($change) {
 			$tpl = get_markup_template('groupeditor.tpl');
@@ -13,14 +13,12 @@ class Home extends \Zotlabs\Web\Controller {
 		$ret = array();
 	
 		call_hooks('home_init',$ret);
-	
+
 		$splash = ((argc() > 1 && argv(1) === 'splash') ? true : false);
 	
 		$channel = \App::get_channel();
 		if(local_channel() && $channel && $channel['xchan_url'] && ! $splash) {
-			$dest = $channel['channel_startpage'];
-			if(! $dest)
-				$dest = get_pconfig(local_channel(),'system','startpage');
+			$dest = (($ret['startpage']) ? $ret['startpage'] : '');
 			if(! $dest)
 				$dest = get_config('system','startpage');
 			if(! $dest)
@@ -138,7 +138,7 @@ class Hq extends \Zotlabs\Web\Controller {
 				[
 					'$no_messages' => (($target_item) ? false : true),
 					'$no_messages_label' => [ t('Welcome to Hubzilla!'), t('You have got no unseen posts...') ],
-					'$editor' => status_editor($a,$x)
+					'$editor' => status_editor($a,$x,false,'Hq')
 				]
 			);

@@ -194,7 +194,7 @@ class Hq extends \Zotlabs\Web\Controller {
 				'$dbegin'  => '',
 				'$verb'    => '',
 				'$net'     => '',
-				'$mid'     => $mid
+				'$mid'     => (($mid) ? urlencode($mid) : '')
 			]);
 		}

--- a/Show More
+++ b/Show More