Merge remote-tracking branch 'upstream/develop' into develop

This commit is contained in:
Silke Meyer 2017-10-04 21:28:35 +02:00
commit ab87f1215a
53 changed files with 7325 additions and 7621 deletions

View file

@ -37,7 +37,7 @@ local .htaccess file
- PHP *command line* access with register_argc_argv set to true in the - PHP *command line* access with register_argc_argv set to true in the
php.ini file [or see 'poormancron' in section 8] php.ini file [or see 'poormancron' in section 8]
- curl, gd (with at least jpeg support), mysql, mbstring and openssl extensions - curl, gd (with at least jpeg support), mysql, mbstring, xml and openssl extensions
- some form of email server or email gateway such that PHP mail() works - some form of email server or email gateway such that PHP mail() works

View file

@ -229,8 +229,9 @@ define('PROTOCOL_UNKNOWN', 0);
define('PROTOCOL_DFRN', 1); define('PROTOCOL_DFRN', 1);
define('PROTOCOL_DIASPORA', 2); define('PROTOCOL_DIASPORA', 2);
define('PROTOCOL_OSTATUS_SALMON', 3); define('PROTOCOL_OSTATUS_SALMON', 3);
define('PROTOCOL_OSTATUS_FEED', 4); define('PROTOCOL_OSTATUS_FEED', 4); // Deprecated
define('PROTOCOL_GS_CONVERSATION', 5); define('PROTOCOL_GS_CONVERSATION', 5); // Deprecated
define('PROTOCOL_SPLITTED_CONV', 6);
/** @}*/ /** @}*/
/** /**
@ -320,6 +321,8 @@ define ( 'NOTIFY_TAGSHARE', 0x0100 );
define ( 'NOTIFY_POKE', 0x0200 ); define ( 'NOTIFY_POKE', 0x0200 );
define ( 'NOTIFY_SHARE', 0x0400 ); define ( 'NOTIFY_SHARE', 0x0400 );
define ( 'SYSTEM_EMAIL', 0x4000 );
define ( 'NOTIFY_SYSTEM', 0x8000 ); define ( 'NOTIFY_SYSTEM', 0x8000 );
/* @}*/ /* @}*/
@ -391,6 +394,7 @@ define ( 'ACTIVITY_POST', NAMESPACE_ACTIVITY_SCHEMA . 'post' );
define ( 'ACTIVITY_UPDATE', NAMESPACE_ACTIVITY_SCHEMA . 'update' ); define ( 'ACTIVITY_UPDATE', NAMESPACE_ACTIVITY_SCHEMA . 'update' );
define ( 'ACTIVITY_TAG', NAMESPACE_ACTIVITY_SCHEMA . 'tag' ); define ( 'ACTIVITY_TAG', NAMESPACE_ACTIVITY_SCHEMA . 'tag' );
define ( 'ACTIVITY_FAVORITE', NAMESPACE_ACTIVITY_SCHEMA . 'favorite' ); define ( 'ACTIVITY_FAVORITE', NAMESPACE_ACTIVITY_SCHEMA . 'favorite' );
define ( 'ACTIVITY_UNFAVORITE', NAMESPACE_ACTIVITY_SCHEMA . 'unfavorite' );
define ( 'ACTIVITY_SHARE', NAMESPACE_ACTIVITY_SCHEMA . 'share' ); define ( 'ACTIVITY_SHARE', NAMESPACE_ACTIVITY_SCHEMA . 'share' );
define ( 'ACTIVITY_DELETE', NAMESPACE_ACTIVITY_SCHEMA . 'delete' ); define ( 'ACTIVITY_DELETE', NAMESPACE_ACTIVITY_SCHEMA . 'delete' );

View file

@ -28,7 +28,7 @@ Requirements
* Apache with mod-rewrite enabled and "Options All" so you can use a local .htaccess file * Apache with mod-rewrite enabled and "Options All" so you can use a local .htaccess file
* PHP 5.4+. * PHP 5.4+.
* PHP *command line* access with register_argc_argv set to true in the php.ini file * PHP *command line* access with register_argc_argv set to true in the php.ini file
* Curl, GD, PDO, MySQLi, hash and OpenSSL extensions * Curl, GD, PDO, MySQLi, hash, xml and OpenSSL extensions
* some form of email server or email gateway such that PHP mail() works * some form of email server or email gateway such that PHP mail() works
* Mysql 5.5.3+ or an equivalant alternative for MySQL (MariaDB, Percona Server etc.) * Mysql 5.5.3+ or an equivalant alternative for MySQL (MariaDB, Percona Server etc.)
* the ability to schedule jobs with cron (Linux/Mac) or Scheduled Tasks (Windows) (Note: other options are presented in Section 7 of this document.) * the ability to schedule jobs with cron (Linux/Mac) or Scheduled Tasks (Windows) (Note: other options are presented in Section 7 of this document.)

View file

@ -24,7 +24,7 @@ Wir planen, diese Einschränkung in einer zukünftigen Version zu beheben.
- Apache mit einer aktiverten mod-rewrite-Funktion und dem Eintrag "Options All", so dass du die lokale .htaccess-Datei nutzen kannst - Apache mit einer aktiverten mod-rewrite-Funktion und dem Eintrag "Options All", so dass du die lokale .htaccess-Datei nutzen kannst
- PHP 5.2+. Je neuer, desto besser. Du benötigst 5.3 für die Authentifizierung untereinander. In einer Windows-Umgebung arbeitet die Version 5.2+ möglicherweise nicht, da die Funktion dns_get_record() erst ab Version 5.3 verfügbar ist. - PHP 5.2+. Je neuer, desto besser. Du benötigst 5.3 für die Authentifizierung untereinander. In einer Windows-Umgebung arbeitet die Version 5.2+ möglicherweise nicht, da die Funktion dns_get_record() erst ab Version 5.3 verfügbar ist.
- PHP *Kommandozeilen*-Zugang mit register_argc_argv auf "true" gesetzt in der php.ini-Datei - PHP *Kommandozeilen*-Zugang mit register_argc_argv auf "true" gesetzt in der php.ini-Datei
- Curl, GD, PDO, MySQLi und OpenSSL-Erweiterung - Curl, GD, PDO, MySQLi, xml und OpenSSL-Erweiterung
- etwas in der Art eines Email-Servers oder eines Gateways wie PHP mail() - etwas in der Art eines Email-Servers oder eines Gateways wie PHP mail()
- Mysql 5.x - Mysql 5.x
- die Möglichkeit, wiederkehrende Aufgaben mit cron (Linux/Mac) oder "Scheduled Tasks" einzustellen (Windows) [Beachte: andere Optionen sind in Abschnitt 7 dieser Dokumentation zu finden] - die Möglichkeit, wiederkehrende Aufgaben mit cron (Linux/Mac) oder "Scheduled Tasks" einzustellen (Windows) [Beachte: andere Optionen sind in Abschnitt 7 dieser Dokumentation zu finden]

View file

@ -44,6 +44,7 @@ Example: To set the directory value please add this line to your .htconfig.php:
* **dlogfile - location of the developer log file * **dlogfile - location of the developer log file
* **event_input_format** - Default value is "ymd". * **event_input_format** - Default value is "ymd".
* **frontend_worker_timeout** - Value in minutes after we think that a frontend task was killed by the webserver. Default value is 10. * **frontend_worker_timeout** - Value in minutes after we think that a frontend task was killed by the webserver. Default value is 10.
* **hsts** (Boolean) - Enables the sending of HTTP Strict Transport Security headers
* **ignore_cache** (Boolean) - For development only. Disables the item cache. * **ignore_cache** (Boolean) - For development only. Disables the item cache.
* **like_no_comment** (Boolean) - Don't update the "commented" value of an item when it is liked. * **like_no_comment** (Boolean) - Don't update the "commented" value of an item when it is liked.
* **local_block** (Boolean) - Used in conjunction with "block_public". * **local_block** (Boolean) - Used in conjunction with "block_public".

View file

@ -9,27 +9,27 @@ use Friendica\Network\Probe;
// authorisation to do this. // authorisation to do this.
function user_remove($uid) { function user_remove($uid) {
if(! $uid) if (!$uid) {
return; return;
}
logger('Removing user: ' . $uid); logger('Removing user: ' . $uid);
$r = q("select * from user where uid = %d limit 1", intval($uid)); $r = dba::select('user', array(), array('uid' => $uid), array("limit" => 1));
call_hooks('remove_user',$r[0]); call_hooks('remove_user',$r);
// save username (actually the nickname as it is guaranteed // save username (actually the nickname as it is guaranteed
// unique), so it cannot be re-registered in the future. // unique), so it cannot be re-registered in the future.
q("insert into userd ( username ) values ( '%s' )", dba::insert('userd', array('username' => $r['nickname']));
$r[0]['nickname']
);
// The user and related data will be deleted in "cron_expire_and_remove_users" (cronjobs.php) // The user and related data will be deleted in "cron_expire_and_remove_users" (cronjobs.php)
q("UPDATE `user` SET `account_removed` = 1, `account_expires_on` = UTC_TIMESTAMP() WHERE `uid` = %d", intval($uid)); q("UPDATE `user` SET `account_removed` = 1, `account_expires_on` = UTC_TIMESTAMP() WHERE `uid` = %d", intval($uid));
proc_run(PRIORITY_HIGH, "include/notifier.php", "removeme", $uid); proc_run(PRIORITY_HIGH, "include/notifier.php", "removeme", $uid);
// Send an update to the directory // Send an update to the directory
proc_run(PRIORITY_LOW, "include/directory.php", $r[0]['url']); proc_run(PRIORITY_LOW, "include/directory.php", $r['url']);
if($uid == local_user()) { if($uid == local_user()) {
unset($_SESSION['authenticated']); unset($_SESSION['authenticated']);
@ -206,6 +206,8 @@ function get_contact_details_by_url($url, $uid = -1, $default = array()) {
return $cache[$url][$uid]; return $cache[$url][$uid];
} }
$ssl_url = str_replace('http://', 'https://', $url);
// Fetch contact data from the contact table for the given user // Fetch contact data from the contact table for the given user
$s = dba::p("SELECT `id`, `id` AS `cid`, 0 AS `gid`, 0 AS `zid`, `uid`, `url`, `nurl`, `alias`, `network`, `name`, `nick`, `addr`, `location`, `about`, `xmpp`, $s = dba::p("SELECT `id`, `id` AS `cid`, 0 AS `gid`, 0 AS `zid`, `uid`, `url`, `nurl`, `alias`, `network`, `name`, `nick`, `addr`, `location`, `about`, `xmpp`,
`keywords`, `gender`, `photo`, `thumb`, `micro`, `forum`, `prv`, (`forum` | `prv`) AS `community`, `contact-type`, `bd` AS `birthday`, `self` `keywords`, `gender`, `photo`, `thumb`, `micro`, `forum`, `prv`, (`forum` | `prv`) AS `community`, `contact-type`, `bd` AS `birthday`, `self`
@ -213,6 +215,15 @@ function get_contact_details_by_url($url, $uid = -1, $default = array()) {
normalise_link($url), $uid); normalise_link($url), $uid);
$r = dba::inArray($s); $r = dba::inArray($s);
// Fetch contact data from the contact table for the given user, checking with the alias
if (!dbm::is_result($r)) {
$s = dba::p("SELECT `id`, `id` AS `cid`, 0 AS `gid`, 0 AS `zid`, `uid`, `url`, `nurl`, `alias`, `network`, `name`, `nick`, `addr`, `location`, `about`, `xmpp`,
`keywords`, `gender`, `photo`, `thumb`, `micro`, `forum`, `prv`, (`forum` | `prv`) AS `community`, `contact-type`, `bd` AS `birthday`, `self`
FROM `contact` WHERE `alias` IN (?, ?, ?) AND `uid` = ?",
normalise_link($url), $url, $ssl_url, $uid);
$r = dba::inArray($s);
}
// Fetch the data from the contact table with "uid=0" (which is filled automatically) // Fetch the data from the contact table with "uid=0" (which is filled automatically)
if (!dbm::is_result($r)) { if (!dbm::is_result($r)) {
$s = dba::p("SELECT `id`, 0 AS `cid`, `id` AS `zid`, 0 AS `gid`, `uid`, `url`, `nurl`, `alias`, `network`, `name`, `nick`, `addr`, `location`, `about`, `xmpp`, $s = dba::p("SELECT `id`, 0 AS `cid`, `id` AS `zid`, 0 AS `gid`, `uid`, `url`, `nurl`, `alias`, `network`, `name`, `nick`, `addr`, `location`, `about`, `xmpp`,
@ -222,6 +233,15 @@ function get_contact_details_by_url($url, $uid = -1, $default = array()) {
$r = dba::inArray($s); $r = dba::inArray($s);
} }
// Fetch the data from the contact table with "uid=0" (which is filled automatically) - checked with the alias
if (!dbm::is_result($r)) {
$s = dba::p("SELECT `id`, 0 AS `cid`, `id` AS `zid`, 0 AS `gid`, `uid`, `url`, `nurl`, `alias`, `network`, `name`, `nick`, `addr`, `location`, `about`, `xmpp`,
`keywords`, `gender`, `photo`, `thumb`, `micro`, `forum`, `prv`, (`forum` | `prv`) AS `community`, `contact-type`, `bd` AS `birthday`, 0 AS `self`
FROM `contact` WHERE `alias` IN (?, ?, ?) AND `uid` = 0",
normalise_link($url), $url, $ssl_url);
$r = dba::inArray($s);
}
// Fetch the data from the gcontact table // Fetch the data from the gcontact table
if (!dbm::is_result($r)) { if (!dbm::is_result($r)) {
$s = dba::p("SELECT 0 AS `id`, 0 AS `cid`, `id` AS `gid`, 0 AS `zid`, 0 AS `uid`, `url`, `nurl`, `alias`, `network`, `name`, `nick`, `addr`, `location`, `about`, '' AS `xmpp`, $s = dba::p("SELECT 0 AS `id`, 0 AS `cid`, `id` AS `gid`, 0 AS `zid`, 0 AS `uid`, `url`, `nurl`, `alias`, `network`, `name`, `nick`, `addr`, `location`, `about`, '' AS `xmpp`,
@ -542,8 +562,10 @@ function get_contact($url, $uid = 0, $no_update = false) {
// Then the alias (which could be anything) // Then the alias (which could be anything)
if (!dbm::is_result($contact)) { if (!dbm::is_result($contact)) {
$r = dba::p("SELECT `id`, `avatar-date` FROM `contact` WHERE `alias` IN (?, ?) AND `uid` = ? LIMIT 1", // The link could be provided as http although we stored it as https
$url, normalise_link($url), $uid); $ssl_url = str_replace('http://', 'https://', $url);
$r = dba::p("SELECT `id`, `avatar-date` FROM `contact` WHERE `alias` IN (?, ?, ?) AND `uid` = ? LIMIT 1",
$url, normalise_link($url), $ssl_url, $uid);
$contact = dba::fetch($r); $contact = dba::fetch($r);
dba::close($r); dba::close($r);
} }

View file

@ -628,92 +628,24 @@ class Photo {
public function store($uid, $cid, $rid, $filename, $album, $scale, $profile = 0, $allow_cid = '', $allow_gid = '', $deny_cid = '', $deny_gid = '', $desc = '') { public function store($uid, $cid, $rid, $filename, $album, $scale, $profile = 0, $allow_cid = '', $allow_gid = '', $deny_cid = '', $deny_gid = '', $desc = '') {
$r = q("SELECT `guid` FROM `photo` WHERE `resource-id` = '%s' AND `guid` != '' LIMIT 1", $r = dba::select('photo', array('guid'), array("`resource-id` = ? AND `guid` != ?", $rid, ''), array('limit' => 1));
dbesc($rid)
);
if (dbm::is_result($r)) { if (dbm::is_result($r)) {
$guid = $r[0]['guid']; $guid = $r['guid'];
} else { } else {
$guid = get_guid(); $guid = get_guid();
} }
$x = q("SELECT `id` FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d AND `contact-id` = %d AND `scale` = %d LIMIT 1", $x = dba::select('photo', array('id'), array('resource-id' => $rid, 'uid' => $uid, 'contact-id' => $cid, 'scale' => $scale), array('limit' => 1));
dbesc($rid),
intval($uid),
intval($cid),
intval($scale)
);
if (dbm::is_result($x)) {
$r = q("UPDATE `photo`
SET `uid` = %d,
`contact-id` = %d,
`guid` = '%s',
`resource-id` = '%s',
`created` = '%s',
`edited` = '%s',
`filename` = '%s',
`type` = '%s',
`album` = '%s',
`height` = %d,
`width` = %d,
`datasize` = %d,
`data` = '%s',
`scale` = %d,
`profile` = %d,
`allow_cid` = '%s',
`allow_gid` = '%s',
`deny_cid` = '%s',
`deny_gid` = '%s',
`desc` = '%s'
WHERE `id` = %d",
intval($uid), $fields = array('uid' => $uid, 'contact-id' => $cid, 'guid' => $guid, 'resource-id' => $rid, 'created' => datetime_convert(), 'edited' => datetime_convert(),
intval($cid), 'filename' => basename($filename), 'type' => $this->getType(), 'album' => $album, 'height' => $this->getHeight(), 'width' => $this->getWidth(),
dbesc($guid), 'datasize' => strlen($this->imageString()), 'data' => $this->imageString(), 'scale' => $scale, 'profile' => $profile,
dbesc($rid), 'allow_cid' => $allow_cid, 'allow_gid' => $allow_gid, 'deny_cid' => $deny_cid, 'deny_gid' => $deny_gid, 'desc' => $desc);
dbesc(datetime_convert()),
dbesc(datetime_convert()), if (dbm::is_result($x)) {
dbesc(basename($filename)), $r = dba::update('photo', $fields, array('id' => $x['id']));
dbesc($this->getType()),
dbesc($album),
intval($this->getHeight()),
intval($this->getWidth()),
dbesc(strlen($this->imageString())),
dbesc($this->imageString()),
intval($scale),
intval($profile),
dbesc($allow_cid),
dbesc($allow_gid),
dbesc($deny_cid),
dbesc($deny_gid),
dbesc($desc),
intval($x[0]['id'])
);
} else { } else {
$r = q("INSERT INTO `photo` $r = dba::insert('photo', $fields);
(`uid`, `contact-id`, `guid`, `resource-id`, `created`, `edited`, `filename`, type, `album`, `height`, `width`, `datasize`, `data`, `scale`, `profile`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid`, `desc`)
VALUES (%d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s', %d, %d, '%s', '%s', '%s', '%s', '%s')",
intval($uid),
intval($cid),
dbesc($guid),
dbesc($rid),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
dbesc(basename($filename)),
dbesc($this->getType()),
dbesc($album),
intval($this->getHeight()),
intval($this->getWidth()),
dbesc(strlen($this->imageString())),
dbesc($this->imageString()),
intval($scale),
intval($profile),
dbesc($allow_cid),
dbesc($allow_gid),
dbesc($deny_cid),
dbesc($deny_gid),
dbesc($desc)
);
} }
return $r; return $r;

View file

@ -2233,7 +2233,7 @@ $called_api = null;
//don't send title to regular StatusNET requests to avoid confusing these apps //don't send title to regular StatusNET requests to avoid confusing these apps
if (x($_GET, 'getText')) { if (x($_GET, 'getText')) {
$ret['title'] = $item['title'] ; $ret['title'] = $item['title'];
if ($_GET['getText'] == 'html') { if ($_GET['getText'] == 'html') {
$ret['text'] = bbcode($item['body'], false, false); $ret['text'] = bbcode($item['body'], false, false);
} elseif ($_GET['getText'] == 'plain') { } elseif ($_GET['getText'] == 'plain') {
@ -2276,18 +2276,32 @@ $called_api = null;
$statushtml = trim(bbcode($body, false, false)); $statushtml = trim(bbcode($body, false, false));
// Workaround for clients with limited HTML parser functionality
$search = array("<br>", "<blockquote>", "</blockquote>", $search = array("<br>", "<blockquote>", "</blockquote>",
"<h1>", "</h1>", "<h2>", "</h2>", "<h1>", "</h1>", "<h2>", "</h2>",
"<h3>", "</h3>", "<h4>", "</h4>", "<h3>", "</h3>", "<h4>", "</h4>",
"<h5>", "</h5>", "<h6>", "</h6>"); "<h5>", "</h5>", "<h6>", "</h6>");
$replace = array("<br>\n", "\n<blockquote>", "</blockquote>\n", $replace = array("<br>", "<br><blockquote>", "</blockquote><br>",
"\n<h1>", "</h1>\n", "\n<h2>", "</h2>\n", "<br><h1>", "</h1><br>", "<br><h2>", "</h2><br>",
"\n<h3>", "</h3>\n", "\n<h4>", "</h4>\n", "<br><h3>", "</h3><br>", "<br><h4>", "</h4><br>",
"\n<h5>", "</h5>\n", "\n<h6>", "</h6>\n"); "<br><h5>", "</h5><br>", "<br><h6>", "</h6><br>");
$statushtml = str_replace($search, $replace, $statushtml); $statushtml = str_replace($search, $replace, $statushtml);
if ($item['title'] != "") { if ($item['title'] != "") {
$statushtml = "<h4>" . bbcode($item['title']) . "</h4>\n" . $statushtml; $statushtml = "<br><h4>" . bbcode($item['title']) . "</h4><br>" . $statushtml;
}
do {
$oldtext = $statushtml;
$statushtml = str_replace("<br><br>", "<br>", $statushtml);
} while ($oldtext != $statushtml);
if (substr($statushtml, 0, 4) == '<br>') {
$statushtml = substr($statushtml, 4);
}
if (substr($statushtml, 0, -4) == '<br>') {
$statushtml = substr($statushtml, -4);
} }
// feeds without body should contain the link // feeds without body should contain the link

View file

@ -987,7 +987,8 @@ function bbcode($Text, $preserve_nl = false, $tryoembed = true, $simplehtml = fa
// Server independent link to posts and comments // Server independent link to posts and comments
// See issue: https://github.com/diaspora/diaspora_federation/issues/75 // See issue: https://github.com/diaspora/diaspora_federation/issues/75
$Text = preg_replace("=diaspora://(.*?)/([^\s\]]*)=ism", System::baseUrl()."/display/$2", $Text); $expression = "=diaspora://.*?/post/([0-9A-Za-z\-_@.:]{15,254}[0-9A-Za-z])=ism";
$Text = preg_replace($expression, System::baseUrl()."/display/$1", $Text);
// if the HTML is used to generate plain text, then don't do this search, but replace all URL of that kind to text // if the HTML is used to generate plain text, then don't do this search, but replace all URL of that kind to text
// if ($simplehtml != 7) { // if ($simplehtml != 7) {

View file

@ -42,12 +42,6 @@ function cron_run(&$argv, &$argc){
// Expire and remove user entries // Expire and remove user entries
proc_run(PRIORITY_MEDIUM, "include/cronjobs.php", "expire_and_remove_users"); proc_run(PRIORITY_MEDIUM, "include/cronjobs.php", "expire_and_remove_users");
// Check OStatus conversations
proc_run(PRIORITY_MEDIUM, "include/cronjobs.php", "ostatus_mentions");
// Check every conversation
proc_run(PRIORITY_MEDIUM, "include/cronjobs.php", "ostatus_conversations");
// Call possible post update functions // Call possible post update functions
proc_run(PRIORITY_LOW, "include/cronjobs.php", "post_update"); proc_run(PRIORITY_LOW, "include/cronjobs.php", "post_update");

View file

@ -8,7 +8,6 @@ function cronjobs_run(&$argv, &$argc){
global $a; global $a;
require_once 'include/datetime.php'; require_once 'include/datetime.php';
require_once 'include/ostatus.php';
require_once 'include/post_update.php'; require_once 'include/post_update.php';
require_once 'mod/nodeinfo.php'; require_once 'mod/nodeinfo.php';
require_once 'include/photos.php'; require_once 'include/photos.php';
@ -22,19 +21,6 @@ function cronjobs_run(&$argv, &$argc){
logger("Starting cronjob ".$argv[1], LOGGER_DEBUG); logger("Starting cronjob ".$argv[1], LOGGER_DEBUG);
// Check OStatus conversations
// Check only conversations with mentions (for a longer time)
if ($argv[1] == 'ostatus_mentions') {
ostatus::check_conversations(true);
return;
}
// Check every conversation
if ($argv[1] == 'ostatus_conversations') {
ostatus::check_conversations(false);
return;
}
// Call possible post update functions // Call possible post update functions
// see include/post_update.php for more details // see include/post_update.php for more details
if ($argv[1] == 'post_update') { if ($argv[1] == 'post_update') {

View file

@ -7,11 +7,6 @@ require_once('include/datetime.php');
/** /**
* @class MySQL database class * @class MySQL database class
* *
* For debugging, insert 'dbg(1);' anywhere in the program flow.
* dbg(0); will turn it off. Logging is performed at LOGGER_DATA level.
* When logging, all binary info is converted to text and html entities are escaped so that
* the debugging stream is safe to view within both terminals and web pages.
*
* This class is for the low level database stuff that does driver specific things. * This class is for the low level database stuff that does driver specific things.
*/ */
@ -214,175 +209,32 @@ class dba {
} }
} }
public function q($sql, $onlyquery = false) { /**
$a = get_app(); * @brief execute SQL query - deprecated
*
* Please use the dba:: functions instead:
* dba::select, dba::exists, dba::insert
* dba::delete, dba::update, dba::p, dba::e
*
* @param string $sql SQL query
* @return array Query array
*/
public function q($sql) {
$ret = self::p($sql);
if (!$this->db || !$this->connected) { if (is_bool($ret)) {
return false; return $ret;
} }
$this->error = ''; $columns = self::columnCount($ret);
$connstr = ($this->connected() ? "Connected" : "Disonnected"); $data = self::inArray($ret);
$stamp1 = microtime(true); if ((count($data) == 0) && ($columns == 0)) {
$orig_sql = $sql;
if (x($a->config,'system') && x($a->config['system'], 'db_callstack')) {
$sql = "/*".System::callstack()." */ ".$sql;
}
$columns = 0;
switch ($this->driver) {
case 'pdo':
$result = @$this->db->query($sql);
// Is used to separate between queries that returning data - or not
if (!is_bool($result)) {
$columns = $result->columnCount();
}
break;
case 'mysqli':
$result = @$this->db->query($sql);
break;
case 'mysql':
$result = @mysql_query($sql,$this->db);
break;
}
$stamp2 = microtime(true);
$duration = (float)($stamp2 - $stamp1);
$a->save_timestamp($stamp1, "database");
if (strtolower(substr($orig_sql, 0, 6)) != "select") {
$a->save_timestamp($stamp1, "database_write");
}
if (x($a->config,'system') && x($a->config['system'],'db_log')) {
if (($duration > $a->config["system"]["db_loglimit"])) {
$duration = round($duration, 3);
$backtrace = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS);
@file_put_contents($a->config["system"]["db_log"], datetime_convert()."\t".$duration."\t".
basename($backtrace[1]["file"])."\t".
$backtrace[1]["line"]."\t".$backtrace[2]["function"]."\t".
substr($sql, 0, 2000)."\n", FILE_APPEND);
}
}
switch ($this->driver) {
case 'pdo':
$errorInfo = $this->db->errorInfo();
if ($errorInfo) {
$this->error = $errorInfo[2];
$this->errorno = $errorInfo[1];
}
break;
case 'mysqli':
if ($this->db->errno) {
$this->error = $this->db->error;
$this->errorno = $this->db->errno;
}
break;
case 'mysql':
if (mysql_errno($this->db)) {
$this->error = mysql_error($this->db);
$this->errorno = mysql_errno($this->db);
}
break;
}
if (strlen($this->error)) {
logger('DB Error ('.$connstr.') '.$this->errorno.': '.$this->error);
}
if ($this->debug) {
$mesg = '';
if ($result === false) {
$mesg = 'false';
} elseif ($result === true) {
$mesg = 'true';
} else {
switch ($this->driver) {
case 'pdo':
$mesg = $result->rowCount().' results'.EOL;
break;
case 'mysqli':
$mesg = $result->num_rows.' results'.EOL;
break;
case 'mysql':
$mesg = mysql_num_rows($result).' results'.EOL;
break;
}
}
$str = 'SQL = ' . printable($sql) . EOL . 'SQL returned ' . $mesg
. (($this->error) ? ' error: ' . $this->error : '')
. EOL;
logger('dba: ' . $str );
}
/**
* If dbfail.out exists, we will write any failed calls directly to it,
* regardless of any logging that may or may nor be in effect.
* These usually indicate SQL syntax errors that need to be resolved.
*/
if ($result === false) {
logger('dba: ' . printable($sql) . ' returned false.' . "\n" . $this->error);
if (file_exists('dbfail.out')) {
file_put_contents('dbfail.out', datetime_convert() . "\n" . printable($sql) . ' returned false' . "\n" . $this->error . "\n", FILE_APPEND);
}
}
if (is_bool($result)) {
return $result;
}
if ($onlyquery) {
$this->result = $result;
return true; return true;
} }
$r = array(); return $data;
switch ($this->driver) {
case 'pdo':
while ($x = $result->fetch(PDO::FETCH_ASSOC)) {
$r[] = $x;
}
$result->closeCursor();
break;
case 'mysqli':
while ($x = $result->fetch_array(MYSQLI_ASSOC)) {
$r[] = $x;
}
$result->free_result();
break;
case 'mysql':
while ($x = mysql_fetch_array($result, MYSQL_ASSOC)) {
$r[] = $x;
}
mysql_free_result($result);
break;
}
// PDO doesn't return "true" on successful operations - like mysqli does
// Emulate this behaviour by checking if the query returned data and had columns
// This should be reliable enough
if (($this->driver == 'pdo') && (count($r) == 0) && ($columns == 0)) {
return true;
}
//$a->save_timestamp($stamp1, "database");
if ($this->debug) {
logger('dba: ' . printable(print_r($r, true)));
}
return($r);
}
public function dbg($dbg) {
$this->debug = $dbg;
} }
public function escape($str) { public function escape($str) {
@ -515,6 +367,10 @@ class dba {
/** /**
* @brief Executes a prepared statement that returns data * @brief Executes a prepared statement that returns data
* @usage Example: $r = p("SELECT * FROM `item` WHERE `guid` = ?", $guid); * @usage Example: $r = p("SELECT * FROM `item` WHERE `guid` = ?", $guid);
*
* Please only use it with complicated queries.
* For all regular queries please use dba::select or dba::exists
*
* @param string $sql SQL statement * @param string $sql SQL statement
* @return object statement object * @return object statement object
*/ */
@ -540,7 +396,7 @@ class dba {
return false; return false;
} }
if (substr_count($sql, '?') != count($args)) { if ((substr_count($sql, '?') != count($args)) && (count($args) > 0)) {
// Question: Should we continue or stop the query here? // Question: Should we continue or stop the query here?
logger('Parameter mismatch. Query "'.$sql.'" - Parameters '.print_r($args, true), LOGGER_DEBUG); logger('Parameter mismatch. Query "'.$sql.'" - Parameters '.print_r($args, true), LOGGER_DEBUG);
} }
@ -572,6 +428,19 @@ class dba {
switch (self::$dbo->driver) { switch (self::$dbo->driver) {
case 'pdo': case 'pdo':
// If there are no arguments we use "query"
if (count($args) == 0) {
if (!$retval = self::$dbo->db->query($sql)) {
$errorInfo = self::$dbo->db->errorInfo();
self::$dbo->error = $errorInfo[2];
self::$dbo->errorno = $errorInfo[1];
$retval = false;
break;
}
self::$dbo->affected_rows = $retval->rowCount();
break;
}
if (!$stmt = self::$dbo->db->prepare($sql)) { if (!$stmt = self::$dbo->db->prepare($sql)) {
$errorInfo = self::$dbo->db->errorInfo(); $errorInfo = self::$dbo->db->errorInfo();
self::$dbo->error = $errorInfo[2]; self::$dbo->error = $errorInfo[2];
@ -600,8 +469,8 @@ class dba {
$command = strtolower($parts[0]); $command = strtolower($parts[0]);
$can_be_prepared = in_array($command, array('select', 'update', 'insert', 'delete')); $can_be_prepared = in_array($command, array('select', 'update', 'insert', 'delete'));
// The fallback routine currently only works with statements that doesn't return values // The fallback routine is called as well when there are no arguments
if (!$can_be_prepared && $called_from_e) { if (!$can_be_prepared || (count($args) == 0)) {
$retval = self::$dbo->db->query(self::replace_parameters($sql, $args)); $retval = self::$dbo->db->query(self::replace_parameters($sql, $args));
if (self::$dbo->db->errno) { if (self::$dbo->db->errno) {
self::$dbo->error = self::$dbo->db->error; self::$dbo->error = self::$dbo->db->error;
@ -710,6 +579,8 @@ class dba {
/** /**
* @brief Executes a prepared statement like UPDATE or INSERT that doesn't return data * @brief Executes a prepared statement like UPDATE or INSERT that doesn't return data
* *
* Please use dba::delete, dba::insert, dba::update, ... instead
*
* @param string $sql SQL statement * @param string $sql SQL statement
* @return boolean Was the query successfull? False is returned only if an error occurred * @return boolean Was the query successfull? False is returned only if an error occurred
*/ */
@ -792,6 +663,8 @@ class dba {
/** /**
* @brief Fetches the first row * @brief Fetches the first row
* *
* Please use dba::select or dba::exists whenever this is possible.
*
* @param string $sql SQL statement * @param string $sql SQL statement
* @return array first row of query * @return array first row of query
*/ */
@ -820,6 +693,26 @@ class dba {
return self::$dbo->affected_rows; return self::$dbo->affected_rows;
} }
/**
* @brief Returns the number of columns of a statement
*
* @param object Statement object
* @return int Number of columns
*/
public static function columnCount($stmt) {
if (!is_object($stmt)) {
return 0;
}
switch (self::$dbo->driver) {
case 'pdo':
return $stmt->columnCount();
case 'mysqli':
return $stmt->field_count;
case 'mysql':
return mysql_affected_rows($stmt);
}
return 0;
}
/** /**
* @brief Returns the number of rows of a statement * @brief Returns the number of rows of a statement
* *
@ -856,6 +749,10 @@ class dba {
case 'pdo': case 'pdo':
return $stmt->fetch(PDO::FETCH_ASSOC); return $stmt->fetch(PDO::FETCH_ASSOC);
case 'mysqli': case 'mysqli':
if (get_class($stmt) == 'mysqli_result') {
return $stmt->fetch_assoc();
}
// This code works, but is slow // This code works, but is slow
// Bind the result to a result array // Bind the result to a result array
@ -1019,13 +916,13 @@ class dba {
$definition = db_definition(); $definition = db_definition();
foreach ($definition AS $table => $structure) { foreach ($definition AS $table => $structure) {
foreach ($structure['fields'] AS $field => $field_struct) { foreach ($structure['fields'] AS $field => $field_struct) {
if (isset($field_struct['relation'])) { if (isset($field_struct['relation'])) {
foreach ($field_struct['relation'] AS $rel_table => $rel_field) { foreach ($field_struct['relation'] AS $rel_table => $rel_field) {
self::$relation[$rel_table][$rel_field][$table][] = $field; self::$relation[$rel_table][$rel_field][$table][] = $field;
} }
} }
} }
} }
} }
@ -1271,7 +1168,11 @@ class dba {
* Example: * Example:
* $table = "item"; * $table = "item";
* $fields = array("id", "uri", "uid", "network"); * $fields = array("id", "uri", "uid", "network");
*
* $condition = array("uid" => 1, "network" => 'dspr'); * $condition = array("uid" => 1, "network" => 'dspr');
* or:
* $condition = array("`uid` = ? AND `network` IN (?, ?)", 1, 'dfrn', 'dspr');
*
* $params = array("order" => array("id", "received" => true), "limit" => 1); * $params = array("order" => array("id", "received" => true), "limit" => 1);
* *
* $data = dba::select($table, $fields, $condition, $params); * $data = dba::select($table, $fields, $condition, $params);
@ -1381,24 +1282,6 @@ class dba {
} }
} }
function printable($s) {
$s = preg_replace("~([\x01-\x08\x0E-\x0F\x10-\x1F\x7F-\xFF])~",".", $s);
$s = str_replace("\x00",'.',$s);
if (x($_SERVER,'SERVER_NAME')) {
$s = escape_tags($s);
}
return $s;
}
// Procedural functions
function dbg($state) {
global $db;
if ($db) {
$db->dbg($state);
}
}
function dbesc($str) { function dbesc($str) {
global $db; global $db;
@ -1409,107 +1292,46 @@ function dbesc($str) {
} }
} }
// Function: q($sql,$args);
// Description: execute SQL query with printf style args.
// Example: $r = q("SELECT * FROM `%s` WHERE `uid` = %d",
// 'user', 1);
function q($sql) {
global $db;
$args = func_get_args();
unset($args[0]);
if ($db && $db->connected) {
$sql = $db->clean_query($sql);
$sql = $db->any_value_fallback($sql);
$stmt = @vsprintf($sql,$args); // Disabled warnings
//logger("dba: q: $stmt", LOGGER_ALL);
if ($stmt === false)
logger('dba: vsprintf error: ' . print_r(debug_backtrace(),true), LOGGER_DEBUG);
$db->log_index($stmt);
return $db->q($stmt);
}
/**
*
* This will happen occasionally trying to store the
* session data after abnormal program termination
*
*/
logger('dba: no database: ' . print_r($args,true));
return false;
}
/** /**
* @brief Performs a query with "dirty reads" * @brief execute SQL query with printf style args - deprecated
* *
* By doing dirty reads (reading uncommitted data) no locks are performed * Please use the dba:: functions instead:
* This function can be used to fetch data that doesn't need to be reliable. * dba::select, dba::exists, dba::insert
* dba::delete, dba::update, dba::p, dba::e
* *
* @param $args Query parameters (1 to N parameters of different types) * @param $args Query parameters (1 to N parameters of different types)
* @return array Query array * @return array Query array
*/ */
function qu($sql) { function q($sql) {
global $db; global $db;
$args = func_get_args(); $args = func_get_args();
unset($args[0]); unset($args[0]);
if ($db && $db->connected) { if (!$db || !$db->connected) {
$sql = $db->clean_query($sql); return false;
$sql = $db->any_value_fallback($sql);
$stmt = @vsprintf($sql,$args); // Disabled warnings
if ($stmt === false)
logger('dba: vsprintf error: ' . print_r(debug_backtrace(),true), LOGGER_DEBUG);
$db->log_index($stmt);
$db->q("SET SESSION TRANSACTION ISOLATION LEVEL READ UNCOMMITTED;");
$retval = $db->q($stmt);
$db->q("SET SESSION TRANSACTION ISOLATION LEVEL REPEATABLE READ;");
return $retval;
} }
/** $sql = $db->clean_query($sql);
* $sql = $db->any_value_fallback($sql);
* This will happen occasionally trying to store the
* session data after abnormal program termination
*
*/
logger('dba: no database: ' . print_r($args,true));
return false;
}
/** $stmt = @vsprintf($sql, $args);
*
* Raw db query, no arguments
*
*/
function dbq($sql) {
global $db;
if ($db && $db->connected) { $ret = dba::p($stmt);
$ret = $db->q($sql);
} else { if (is_bool($ret)) {
$ret = false; return $ret;
} }
return $ret;
}
// Caller is responsible for ensuring that any integer arguments to $columns = dba::columnCount($ret);
// dbesc_array are actually integers and not malformed strings containing
// SQL injection vectors. All integer array elements should be specifically
// cast to int to avoid trouble.
function dbesc_array_cb(&$item, $key) {
if (is_string($item))
$item = dbesc($item);
}
function dbesc_array(&$arr) { $data = dba::inArray($ret);
if (is_array($arr) && count($arr)) {
array_walk($arr,'dbesc_array_cb'); if ((count($data) == 0) && ($columns == 0)) {
return true;
} }
return $data;
} }
function dba_timer() { function dba_timer() {

View file

@ -31,7 +31,7 @@ function convert_to_innodb() {
$sql = sprintf("ALTER TABLE `%s` engine=InnoDB;", dbesc($table['TABLE_NAME'])); $sql = sprintf("ALTER TABLE `%s` engine=InnoDB;", dbesc($table['TABLE_NAME']));
echo $sql."\n"; echo $sql."\n";
$result = $db->q($sql); $result = dba::e($sql);
if (!dbm::is_result($result)) { if (!dbm::is_result($result)) {
print_update_error($db, $sql); print_update_error($db, $sql);
} }
@ -74,7 +74,7 @@ function update_fail($update_id, $error_message) {
$body = sprintf($body, $error_message); $body = sprintf($body, $error_message);
notification(array( notification(array(
'type' => "SYSTEM_EMAIL", 'type' => SYSTEM_EMAIL,
'to_email' => $admin['email'], 'to_email' => $admin['email'],
'preamble' => $preamble, 'preamble' => $preamble,
'body' => $body, 'body' => $body,
@ -442,9 +442,9 @@ function update_structure($verbose, $action, $tables=null, $definition=null) {
// Ensure index conversion to unique removes duplicates // Ensure index conversion to unique removes duplicates
if ($is_unique) { if ($is_unique) {
if ($ignore != "") { if ($ignore != "") {
$db->q("SET session old_alter_table=1;"); dba::e("SET session old_alter_table=1;");
} else { } else {
$r = $db->q("CREATE TABLE `".$temp_name."` LIKE `".$name."`;"); $r = dba::e("CREATE TABLE `".$temp_name."` LIKE `".$name."`;");
if (!dbm::is_result($r)) { if (!dbm::is_result($r)) {
$errors .= print_update_error($db, $sql3); $errors .= print_update_error($db, $sql3);
return $errors; return $errors;
@ -452,25 +452,25 @@ function update_structure($verbose, $action, $tables=null, $definition=null) {
} }
} }
$r = @$db->q($sql3); $r = @dba::e($sql3);
if (!dbm::is_result($r)) { if (!dbm::is_result($r)) {
$errors .= print_update_error($db, $sql3); $errors .= print_update_error($db, $sql3);
} }
if ($is_unique) { if ($is_unique) {
if ($ignore != "") { if ($ignore != "") {
$db->q("SET session old_alter_table=0;"); dba::e("SET session old_alter_table=0;");
} else { } else {
$r = $db->q("INSERT INTO `".$temp_name."` SELECT ".$field_list." FROM `".$name."`".$group_by.";"); $r = dba::e("INSERT INTO `".$temp_name."` SELECT ".$field_list." FROM `".$name."`".$group_by.";");
if (!dbm::is_result($r)) { if (!dbm::is_result($r)) {
$errors .= print_update_error($db, $sql3); $errors .= print_update_error($db, $sql3);
return $errors; return $errors;
} }
$r = $db->q("DROP TABLE `".$name."`;"); $r = dba::e("DROP TABLE `".$name."`;");
if (!dbm::is_result($r)) { if (!dbm::is_result($r)) {
$errors .= print_update_error($db, $sql3); $errors .= print_update_error($db, $sql3);
return $errors; return $errors;
} }
$r = $db->q("RENAME TABLE `".$temp_name."` TO `".$name."`;"); $r = dba::e("RENAME TABLE `".$temp_name."` TO `".$name."`;");
if (!dbm::is_result($r)) { if (!dbm::is_result($r)) {
$errors .= print_update_error($db, $sql3); $errors .= print_update_error($db, $sql3);
return $errors; return $errors;
@ -551,7 +551,7 @@ function db_create_table($name, $fields, $verbose, $action, $indexes=null) {
echo $sql.";\n"; echo $sql.";\n";
if ($action) if ($action)
$r = @$db->q($sql); $r = @dba::e($sql);
return $r; return $r;
} }

View file

@ -303,7 +303,7 @@ class dfrn {
AND (NOT `contact`.`blocked` OR `contact`.`pending`) AND (NOT `contact`.`blocked` OR `contact`.`pending`)
LEFT JOIN `sign` ON `sign`.`iid` = `item`.`id` LEFT JOIN `sign` ON `sign`.`iid` = `item`.`id`
WHERE `item`.`id` = %d AND `item`.`visible` AND NOT `item`.`moderated` AND `item`.`parent` != 0 WHERE `item`.`id` = %d AND `item`.`visible` AND NOT `item`.`moderated` AND `item`.`parent` != 0
AND `item`.`wall` AND NOT `item`.`private`", AND NOT `item`.`private`",
intval($item_id) intval($item_id)
); );
@ -330,12 +330,9 @@ class dfrn {
$alternatelink = $owner['url']; $alternatelink = $owner['url'];
$root = self::add_header($doc, $owner, 'dfrn:owner', $alternatelink, true);
$type = 'html'; $type = 'html';
$entry = self::entry($doc, $type, $item, $owner, true); $root = self::entry($doc, $type, $item, $owner, true, 0, true);
$root->appendChild($entry);
$atom = trim($doc->saveXML()); $atom = trim($doc->saveXML());
return $atom; return $atom;
@ -823,11 +820,12 @@ class dfrn {
* @param array $owner Owner record * @param array $owner Owner record
* @param bool $comment Trigger the sending of the "comment" element * @param bool $comment Trigger the sending of the "comment" element
* @param int $cid Contact ID of the recipient * @param int $cid Contact ID of the recipient
* @param bool $single If set, the entry is created as an XML document with a single "entry" element
* *
* @return object XML entry object * @return object XML entry object
* @todo Add type-hints * @todo Add type-hints
*/ */
private static function entry($doc, $type, $item, $owner, $comment = false, $cid = 0) { private static function entry($doc, $type, $item, $owner, $comment = false, $cid = 0, $single = false) {
$mentioned = array(); $mentioned = array();
@ -840,7 +838,22 @@ class dfrn {
return xml::create_element($doc, "at:deleted-entry", "", $attributes); return xml::create_element($doc, "at:deleted-entry", "", $attributes);
} }
$entry = $doc->createElement("entry"); if (!$single) {
$entry = $doc->createElement("entry");
} else {
$entry = $doc->createElementNS(NAMESPACE_ATOM1, 'entry');
$doc->appendChild($entry);
$entry->setAttribute("xmlns:thr", NAMESPACE_THREAD);
$entry->setAttribute("xmlns:at", NAMESPACE_TOMB);
$entry->setAttribute("xmlns:media", NAMESPACE_MEDIA);
$entry->setAttribute("xmlns:dfrn", NAMESPACE_DFRN);
$entry->setAttribute("xmlns:activity", NAMESPACE_ACTIVITY);
$entry->setAttribute("xmlns:georss", NAMESPACE_GEORSS);
$entry->setAttribute("xmlns:poco", NAMESPACE_POCO);
$entry->setAttribute("xmlns:ostatus", NAMESPACE_OSTATUS);
$entry->setAttribute("xmlns:statusnet", NAMESPACE_STATUSNET);
}
if ($item['allow_cid'] || $item['allow_gid'] || $item['deny_cid'] || $item['deny_gid']) { if ($item['allow_cid'] || $item['allow_gid'] || $item['deny_cid'] || $item['deny_gid']) {
$body = fix_private_photos($item['body'],$owner['uid'],$item,$cid); $body = fix_private_photos($item['body'],$owner['uid'],$item,$cid);
@ -868,10 +881,10 @@ class dfrn {
$entry->appendChild($dfrnowner); $entry->appendChild($dfrnowner);
if (($item['parent'] != $item['id']) || ($item['parent-uri'] !== $item['uri']) || (($item['thr-parent'] !== '') && ($item['thr-parent'] !== $item['uri']))) { if (($item['parent'] != $item['id']) || ($item['parent-uri'] !== $item['uri']) || (($item['thr-parent'] !== '') && ($item['thr-parent'] !== $item['uri']))) {
$parent = q("SELECT `guid` FROM `item` WHERE `id` = %d", intval($item["parent"]));
$parent_item = (($item['thr-parent']) ? $item['thr-parent'] : $item['parent-uri']); $parent_item = (($item['thr-parent']) ? $item['thr-parent'] : $item['parent-uri']);
$parent = q("SELECT `guid`,`plink` FROM `item` WHERE `uri` = '%s' AND `uid` = %d", dbesc($parent_item), intval($item['uid']));
$attributes = array("ref" => $parent_item, "type" => "text/html", $attributes = array("ref" => $parent_item, "type" => "text/html",
"href" => System::baseUrl().'/display/'.$parent[0]['guid'], "href" => $parent[0]['plink'],
"dfrn:diaspora_guid" => $parent[0]['guid']); "dfrn:diaspora_guid" => $parent[0]['guid']);
xml::add_element($doc, $entry, "thr:in-reply-to", "", $attributes); xml::add_element($doc, $entry, "thr:in-reply-to", "", $attributes);
} }
@ -1656,9 +1669,7 @@ class dfrn {
$msg["seen"] = 0; $msg["seen"] = 0;
$msg["replied"] = 0; $msg["replied"] = 0;
dbm::esc_array($msg, true); dba::insert('mail', $msg);
$r = dbq("INSERT INTO `mail` (`".implode("`, `", array_keys($msg))."`) VALUES (".implode(", ", array_values($msg)).")");
// send notifications. // send notifications.
/// @TODO Arange this mess /// @TODO Arange this mess

View file

@ -1013,7 +1013,8 @@ class Diaspora {
* @param array $item The item array * @param array $item The item array
*/ */
private static function fetch_guid($item) { private static function fetch_guid($item) {
preg_replace_callback("=diaspora://.*?/([^\s\]]*)=ism", $expression = "=diaspora://.*?/post/([0-9A-Za-z\-_@.:]{15,254}[0-9A-Za-z])=ism";
preg_replace_callback($expression,
function ($match) use ($item) { function ($match) use ($item) {
return self::fetch_guid_sub($match, $item); return self::fetch_guid_sub($match, $item);
}, $item["body"]); }, $item["body"]);
@ -1182,7 +1183,7 @@ class Diaspora {
* @return array the item record * @return array the item record
*/ */
private static function parent_item($uid, $guid, $author, $contact) { private static function parent_item($uid, $guid, $author, $contact) {
$r = q("SELECT `id`, `body`, `wall`, `uri`, `private`, `origin`, $r = q("SELECT `id`, `parent`, `body`, `wall`, `uri`, `private`, `origin`,
`author-name`, `author-link`, `author-avatar`, `author-name`, `author-link`, `author-avatar`,
`owner-name`, `owner-link`, `owner-avatar` `owner-name`, `owner-link`, `owner-avatar`
FROM `item` WHERE `uid` = %d AND `guid` = '%s' LIMIT 1", FROM `item` WHERE `uid` = %d AND `guid` = '%s' LIMIT 1",
@ -1776,8 +1777,16 @@ class Diaspora {
logger("Stored like ".$datarray["guid"]." with message id ".$message_id, LOGGER_DEBUG); logger("Stored like ".$datarray["guid"]." with message id ".$message_id, LOGGER_DEBUG);
} }
// like on comments have the comment as parent. So we need to fetch the toplevel parent
if ($parent_item["id"] != $parent_item["parent"]) {
$toplevel = dba::select('item', array('origin'), array('id' => $parent_item["parent"]), array('limit' => 1));
$origin = $toplevel["origin"];
} else {
$origin = $parent_item["origin"];
}
// If we are the origin of the parent we store the original data and notify our followers // If we are the origin of the parent we store the original data and notify our followers
if ($message_id && $parent_item["origin"]) { if ($message_id && $origin) {
// Formerly we stored the signed text, the signature and the author in different fields. // Formerly we stored the signed text, the signature and the author in different fields.
// We now store the raw data so that we are more flexible. // We now store the raw data so that we are more flexible.
@ -3517,7 +3526,14 @@ class Diaspora {
$itemaddr = self::handle_from_contact($item["contact-id"], $item["gcontact-id"]); $itemaddr = self::handle_from_contact($item["contact-id"], $item["gcontact-id"]);
$msg_type = "retraction"; $msg_type = "retraction";
$target_type = "Post";
if ($item['id'] == $item['parent']) {
$target_type = "Post";
} elseif ($item["verb"] == ACTIVITY_LIKE) {
$target_type = "Like";
} else {
$target_type = "Comment";
}
$message = array("author" => $itemaddr, $message = array("author" => $itemaddr,
"target_guid" => $item['guid'], "target_guid" => $item['guid'],

View file

@ -46,12 +46,14 @@ function notification($params) {
if (empty($sender_email)) if (empty($sender_email))
$sender_email = t('noreply').'@'.$hostname; $sender_email = t('noreply').'@'.$hostname;
$user = dba::select('user', array('nickname', 'page-flags'), if ($params['type'] != SYSTEM_EMAIL) {
$user = dba::select('user', array('nickname', 'page-flags'),
array('uid' => $params['uid']), array('limit' => 1)); array('uid' => $params['uid']), array('limit' => 1));
// There is no need to create notifications for forum accounts // There is no need to create notifications for forum accounts
if (!dbm::is_result($user) || in_array($user["page-flags"], array(PAGE_COMMUNITY, PAGE_PRVGROUP))) { if (!dbm::is_result($user) || in_array($user["page-flags"], array(PAGE_COMMUNITY, PAGE_PRVGROUP))) {
return; return;
}
} }
$nickname = $user["nickname"]; $nickname = $user["nickname"];
@ -366,7 +368,7 @@ function notification($params) {
} }
} }
if ($params['type'] == "SYSTEM_EMAIL") { if ($params['type'] == SYSTEM_EMAIL) {
// not part of the notifications. // not part of the notifications.
// it just send a mail to the user. // it just send a mail to the user.
// It will be used by the system to send emails to users (like // It will be used by the system to send emails to users (like
@ -517,7 +519,7 @@ function notification($params) {
// send email notification if notification preferences permit // send email notification if notification preferences permit
if ((intval($params['notify_flags']) & intval($params['type'])) if ((intval($params['notify_flags']) & intval($params['type']))
|| $params['type'] == NOTIFY_SYSTEM || $params['type'] == NOTIFY_SYSTEM
|| $params['type'] == "SYSTEM_EMAIL") { || $params['type'] == SYSTEM_EMAIL) {
logger('sending notification email'); logger('sending notification email');
@ -586,8 +588,8 @@ function notification($params) {
call_hooks('enotify_mail', $datarray); call_hooks('enotify_mail', $datarray);
// check whether sending post content in email notifications is allowed // check whether sending post content in email notifications is allowed
// always true for "SYSTEM_EMAIL" // always true for SYSTEM_EMAIL
$content_allowed = ((!get_config('system', 'enotify_no_content')) || ($params['type'] == "SYSTEM_EMAIL")); $content_allowed = ((!get_config('system', 'enotify_no_content')) || ($params['type'] == SYSTEM_EMAIL));
// load the template for private message notifications // load the template for private message notifications
$tpl = get_markup_template('email_notify_html.tpl'); $tpl = get_markup_template('email_notify_html.tpl');

View file

@ -534,6 +534,7 @@ function item_store($arr, $force_parent = false, $notify = false, $dontcache = f
} }
// Converting the plink // Converting the plink
/// @todo Check if this is really still needed
if ($arr['network'] == NETWORK_OSTATUS) { if ($arr['network'] == NETWORK_OSTATUS) {
if (isset($arr['plink'])) { if (isset($arr['plink'])) {
$arr['plink'] = ostatus::convert_href($arr['plink']); $arr['plink'] = ostatus::convert_href($arr['plink']);
@ -954,7 +955,7 @@ function item_store($arr, $force_parent = false, $notify = false, $dontcache = f
* An unique index would help - but the limitations of MySQL (maximum size of index values) prevent this. * An unique index would help - but the limitations of MySQL (maximum size of index values) prevent this.
*/ */
if ($arr["uid"] == 0) { if ($arr["uid"] == 0) {
$r = qu("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `uid` = 0 LIMIT 1", dbesc(trim($arr['uri']))); $r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `uid` = 0 LIMIT 1", dbesc(trim($arr['uri'])));
if (dbm::is_result($r)) { if (dbm::is_result($r)) {
logger('Global item already stored. URI: '.$arr['uri'].' on network '.$arr['network'], LOGGER_DEBUG); logger('Global item already stored. URI: '.$arr['uri'].' on network '.$arr['network'], LOGGER_DEBUG);
return 0; return 0;
@ -1595,9 +1596,6 @@ function item_is_remote_self($contact, &$datarray) {
$datarray['author-link'] = $datarray['owner-link']; $datarray['author-link'] = $datarray['owner-link'];
$datarray['author-avatar'] = $datarray['owner-avatar']; $datarray['author-avatar'] = $datarray['owner-avatar'];
// Trigger automatic reactions for addons
$datarray['api_source'] = true;
unset($datarray['created']); unset($datarray['created']);
unset($datarray['edited']); unset($datarray['edited']);
} }
@ -1623,6 +1621,13 @@ function item_is_remote_self($contact, &$datarray) {
$datarray["app"] = "Feed"; $datarray["app"] = "Feed";
} }
// Trigger automatic reactions for addons
$datarray['api_source'] = true;
// We have to tell the hooks who we are - this really should be improved
$_SESSION["authenticated"] = true;
$_SESSION["uid"] = $contact['uid'];
return true; return true;
} }

View file

@ -60,22 +60,14 @@ function send_message($recipient=0, $body='', $subject='', $replyto=''){
$handles = $recip_handle . ';' . $sender_handle; $handles = $recip_handle . ';' . $sender_handle;
$r = q("insert into conv (uid,guid,creator,created,updated,subject,recips) values(%d, '%s', '%s', '%s', '%s', '%s', '%s') ", $fields = array('uid' => local_user(), 'guid' => $conv_guid, 'creator' => $sender_handle,
intval(local_user()), 'created' => datetime_convert(), 'updated' => datetime_convert(),
dbesc($conv_guid), 'subject' => $subject, 'recips' => $handles);
dbesc($sender_handle), $r = dba::insert('conv', $fields);
dbesc(datetime_convert()),
dbesc(datetime_convert()),
dbesc($subject),
dbesc($handles)
);
$r = q("select * from conv where guid = '%s' and uid = %d limit 1", $r = dba::select('conv', array('id'), array('guid' => $conv_guid, 'uid' => local_user()), array('limit' => 1));
dbesc($conv_guid),
intval(local_user())
);
if (dbm::is_result($r)) if (dbm::is_result($r))
$convid = $r[0]['id']; $convid = $r['id'];
} }
if (! $convid) { if (! $convid) {
@ -194,28 +186,18 @@ function send_wallmessage($recipient='', $body='', $subject='', $replyto=''){
$handles = $recip_handle . ';' . $sender_handle; $handles = $recip_handle . ';' . $sender_handle;
$r = q("INSERT INTO `conv` (`uid`,`guid`,`creator`,`created`,`updated`,`subject`,`recips`) values(%d, '%s', '%s', '%s', '%s', '%s', '%s') ", $fields = array('uid' => $recipient['uid'], 'guid' => $conv_guid, 'creator' => $sender_handle,
intval($recipient['uid']), 'created' => datetime_convert(), 'updated' => datetime_convert(),
dbesc($conv_guid), 'subject' => $subject, 'recips' => $handles);
dbesc($sender_handle), $r = dba::insert('conv', $fields);
dbesc(datetime_convert()),
dbesc(datetime_convert()),
dbesc($subject),
dbesc($handles)
);
$r = q("SELECT * FROM `conv` WHERE `guid` = '%s' AND `uid` = %d LIMIT 1", $r = dba::select('conv', array('id'), array('guid' => $conv_guid, 'uid' => $recipient['uid']), array('limit' => 1));
dbesc($conv_guid), if (!dbm::is_result($r)) {
intval($recipient['uid'])
);
if (! dbm::is_result($r)) {
logger('send message: conversation not found.'); logger('send message: conversation not found.');
return -4; return -4;
} }
$convid = $r[0]['id']; $convid = $r['id'];
$r = q("INSERT INTO `mail` ( `uid`, `guid`, `convid`, `from-name`, `from-photo`, `from-url`, $r = q("INSERT INTO `mail` ( `uid`, `guid`, `convid`, `from-name`, `from-photo`, `from-url`,
`contact-id`, `title`, `body`, `seen`, `reply`, `replied`, `uri`, `parent-uri`, `created`, `unknown`) `contact-id`, `title`, `body`, `seen`, `reply`, `replied`, `uri`, `parent-uri`, `created`, `unknown`)

File diff suppressed because it is too large Load diff

View file

@ -48,7 +48,7 @@ function photo_albums($uid, $update = false) {
if (!Config::get('system', 'no_count', false)) { if (!Config::get('system', 'no_count', false)) {
/// @todo This query needs to be renewed. It is really slow /// @todo This query needs to be renewed. It is really slow
// At this time we just store the data in the cache // At this time we just store the data in the cache
$albums = qu("SELECT COUNT(DISTINCT `resource-id`) AS `total`, `album`, ANY_VALUE(`created`) AS `created` $albums = q("SELECT COUNT(DISTINCT `resource-id`) AS `total`, `album`, ANY_VALUE(`created`) AS `created`
FROM `photo` FROM `photo`
WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' $sql_extra WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' $sql_extra
GROUP BY `album` ORDER BY `created` DESC", GROUP BY `album` ORDER BY `created` DESC",
@ -58,7 +58,7 @@ function photo_albums($uid, $update = false) {
); );
} else { } else {
// This query doesn't do the count and is much faster // This query doesn't do the count and is much faster
$albums = qu("SELECT DISTINCT(`album`), '' AS `total` $albums = q("SELECT DISTINCT(`album`), '' AS `total`
FROM `photo` USE INDEX (`uid_album_scale_created`) FROM `photo` USE INDEX (`uid_album_scale_created`)
WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' $sql_extra", WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' $sql_extra",
intval($uid), intval($uid),

View file

@ -303,6 +303,9 @@ function poller_exec_function($queue, $funcname, $argv) {
$up_duration = number_format(microtime(true) - $poller_up_start, 3); $up_duration = number_format(microtime(true) - $poller_up_start, 3);
// Reset global data to avoid interferences
unset($_SESSION);
$funcname($argv, $argc); $funcname($argv, $argc);
$a->process_id = $old_process_id; $a->process_id = $old_process_id;

View file

@ -2,6 +2,8 @@
// Session management functions. These provide database storage of PHP // Session management functions. These provide database storage of PHP
// session info. // session info.
use Friendica\Core\Config;
require_once('include/cache.php'); require_once('include/cache.php');
$session_exists = 0; $session_exists = 0;
@ -114,6 +116,10 @@ ini_set('session.gc_probability', $gc_probability);
ini_set('session.use_only_cookies', 1); ini_set('session.use_only_cookies', 1);
ini_set('session.cookie_httponly', 1); ini_set('session.cookie_httponly', 1);
if (Config::get('system', 'ssl_policy') == SSL_POLICY_FULL) {
ini_set('session.cookie_secure', 1);
}
if (!get_config('system', 'disable_database_session')) { if (!get_config('system', 'disable_database_session')) {
session_set_save_handler('ref_session_open', 'ref_session_close', session_set_save_handler('ref_session_open', 'ref_session_close',
'ref_session_read', 'ref_session_write', 'ref_session_read', 'ref_session_write',

View file

@ -1158,8 +1158,9 @@ function poco_check_server($server_url, $network = "", $force = false) {
$network = NETWORK_OSTATUS; $network = NETWORK_OSTATUS;
} }
} }
if (strstr($orig_version, 'Pleroma')) { if (strstr($orig_version.$version, 'Pleroma')) {
$platform = 'Pleroma'; $platform = 'Pleroma';
$version = trim(str_replace('Pleroma', '', $version));
} }
} }
@ -2238,22 +2239,22 @@ function update_gcontact($contact) {
if ($update) { if ($update) {
logger("Update gcontact for ".$contact["url"], LOGGER_DEBUG); logger("Update gcontact for ".$contact["url"], LOGGER_DEBUG);
$condition = array('`nurl` = ? AND (`generation` = 0 OR `generation` >= ?)',
normalise_link($contact["url"]), $contact["generation"]);
$contact["updated"] = dbm::date($contact["updated"]);
q("UPDATE `gcontact` SET `photo` = '%s', `name` = '%s', `nick` = '%s', `addr` = '%s', `network` = '%s', $updated = array('photo' => $contact['photo'], 'name' => $contact['name'],
`birthday` = '%s', `gender` = '%s', `keywords` = '%s', `hide` = %d, `nsfw` = %d, 'nick' => $contact['nick'], 'addr' => $contact['addr'],
`contact-type` = %d, `alias` = '%s', `notify` = '%s', `url` = '%s', 'network' => $contact['network'], 'birthday' => $contact['birthday'],
`location` = '%s', `about` = '%s', `generation` = %d, `updated` = '%s', 'gender' => $contact['gender'], 'keywords' => $contact['keywords'],
`server_url` = '%s', `connect` = '%s' 'hide' => $contact['hide'], 'nsfw' => $contact['nsfw'],
WHERE `nurl` = '%s' AND (`generation` = 0 OR `generation` >= %d)", 'contact-type' => $contact['contact-type'], 'alias' => $contact['alias'],
dbesc($contact["photo"]), dbesc($contact["name"]), dbesc($contact["nick"]), 'notify' => $contact['notify'], 'url' => $contact['url'],
dbesc($contact["addr"]), dbesc($contact["network"]), dbesc($contact["birthday"]), 'location' => $contact['location'], 'about' => $contact['about'],
dbesc($contact["gender"]), dbesc($contact["keywords"]), intval($contact["hide"]), 'generation' => $contact['generation'], 'updated' => $contact['updated'],
intval($contact["nsfw"]), intval($contact["contact-type"]), dbesc($contact["alias"]), 'server_url' => $contact['server_url'], 'connect' => $contact['connect']);
dbesc($contact["notify"]), dbesc($contact["url"]), dbesc($contact["location"]),
dbesc($contact["about"]), intval($contact["generation"]), dbesc(dbm::date($contact["updated"])),
dbesc($contact["server_url"]), dbesc($contact["connect"]),
dbesc(normalise_link($contact["url"])), intval($contact["generation"]));
dba::update('gcontact', $updated, $condition, $fields);
// Now update the contact entry with the user id "0" as well. // Now update the contact entry with the user id "0" as well.
// This is used for the shadow copies of public items. // This is used for the shadow copies of public items.
@ -2261,20 +2262,25 @@ function update_gcontact($contact) {
dbesc(normalise_link($contact["url"]))); dbesc(normalise_link($contact["url"])));
if (dbm::is_result($r)) { if (dbm::is_result($r)) {
logger("Update shadow contact ".$r[0]["id"], LOGGER_DEBUG); logger("Update public contact ".$r[0]["id"], LOGGER_DEBUG);
update_contact_avatar($contact["photo"], 0, $r[0]["id"]); update_contact_avatar($contact["photo"], 0, $r[0]["id"]);
q("UPDATE `contact` SET `name` = '%s', `nick` = '%s', `addr` = '%s', $fields = array('name', 'nick', 'addr',
`network` = '%s', `bd` = '%s', `gender` = '%s', 'network', 'bd', 'gender',
`keywords` = '%s', `alias` = '%s', `contact-type` = %d, 'keywords', 'alias', 'contact-type',
`url` = '%s', `location` = '%s', `about` = '%s' 'url', 'location', 'about');
WHERE `id` = %d", $old_contact = dba::select('contact', $fields, array('id' => $r[0]["id"]), array('limit' => 1));
dbesc($contact["name"]), dbesc($contact["nick"]), dbesc($contact["addr"]),
dbesc($contact["network"]), dbesc($contact["birthday"]), dbesc($contact["gender"]), // Update it with the current values
dbesc($contact["keywords"]), dbesc($contact["alias"]), intval($contact["contact-type"]), $fields = array('name' => $contact['name'], 'nick' => $contact['nick'],
dbesc($contact["url"]), dbesc($contact["location"]), dbesc($contact["about"]), 'addr' => $contact['addr'], 'network' => $contact['network'],
intval($r[0]["id"])); 'bd' => $contact['birthday'], 'gender' => $contact['gender'],
'keywords' => $contact['keywords'], 'alias' => $contact['alias'],
'contact-type' => $contact['contact-type'], 'url' => $contact['url'],
'location' => $contact['location'], 'about' => $contact['about']);
dba::update('contact', $fields, array('id' => $r[0]["id"]), $old_contact);
} }
} }

View file

@ -748,7 +748,7 @@ function logger($msg, $level = 0) {
$callers = debug_backtrace(); $callers = debug_backtrace();
$logline = sprintf("%s@%s\t[%s]:%s:%s:%s\t%s\n", $logline = sprintf("%s@%s\t[%s]:%s:%s:%s\t%s\n",
datetime_convert(), datetime_convert('UTC', 'UTC', 'now', 'Y-m-d\TH:i:s\Z'),
$process_id, $process_id,
$LOGGER_LEVELS[$level], $LOGGER_LEVELS[$level],
basename($callers[0]['file']), basename($callers[0]['file']),
@ -1424,15 +1424,8 @@ function prepare_body(&$item, $attach = false, $preview = false) {
$title = ((strlen(trim($mtch[4]))) ? escape_tags(trim($mtch[4])) : escape_tags($mtch[1])); $title = ((strlen(trim($mtch[4]))) ? escape_tags(trim($mtch[4])) : escape_tags($mtch[1]));
$title .= ' ' . $mtch[2] . ' ' . t('bytes'); $title .= ' ' . $mtch[2] . ' ' . t('bytes');
if (($filetype == 'image') AND ($item['network'] == NETWORK_OSTATUS)) { $icon = '<div class="attachtype icon s22 type-' . $filetype . ' subtype-' . $filesubtype . '"></div>';
/// @todo Respect the spoiler for mastodon $as .= '<a href="' . strip_tags($the_url) . '" title="' . $title . '" class="attachlink" target="_blank" >' . $icon . '</a>';
$icon = '<img class="attached" src="'.$the_url.'" alt="" title="'.$title.'">';
$s .= '<br><a href="' . strip_tags($the_url) . '" title="' . $title . '" class="attached" target="_blank" >' . $icon . '</a>';
} else {
$icon = '<div class="attachtype icon s22 type-' . $filetype . ' subtype-' . $filesubtype . '"></div>';
$as .= '<a href="' . strip_tags($the_url) . '" title="' . $title . '" class="attachlink" target="_blank" >' . $icon . '</a>';
}
} }
} }
} }

View file

@ -16,11 +16,7 @@ function add_thread($itemid, $onlyshadow = false) {
$item['iid'] = $itemid; $item['iid'] = $itemid;
if (!$onlyshadow) { if (!$onlyshadow) {
$result = dbq("INSERT INTO `thread` (`" $result = dba::insert('thread', $item);
.implode("`, `", array_keys($item))
."`) VALUES ('"
.implode("', '", array_values($item))
."')");
logger("Add thread for item ".$itemid." - ".print_r($result, true), LOGGER_DEBUG); logger("Add thread for item ".$itemid." - ".print_r($result, true), LOGGER_DEBUG);
} }
@ -244,18 +240,19 @@ function delete_thread_uri($itemuri, $uid) {
function delete_thread($itemid, $itemuri = "") { function delete_thread($itemid, $itemuri = "") {
$item = q("SELECT `uid` FROM `thread` WHERE `iid` = %d", intval($itemid)); $item = q("SELECT `uid` FROM `thread` WHERE `iid` = %d", intval($itemid));
// Using dba::delete at this time could delete the associated item entries
$result = q("DELETE FROM `thread` WHERE `iid` = %d", intval($itemid)); $result = q("DELETE FROM `thread` WHERE `iid` = %d", intval($itemid));
logger("delete_thread: Deleted thread for item ".$itemid." - ".print_r($result, true), LOGGER_DEBUG); logger("delete_thread: Deleted thread for item ".$itemid." - ".print_r($result, true), LOGGER_DEBUG);
if ($itemuri != "") { if ($itemuri != "") {
$r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND NOT (`uid` IN (%d, 0))", $r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND NOT `deleted` AND NOT (`uid` IN (%d, 0))",
dbesc($itemuri), dbesc($itemuri),
intval($item["uid"]) intval($item["uid"])
); );
if (!dbm::is_result($r)) { if (!dbm::is_result($r)) {
dba::delete('item', array('uri' => $itemuri, 'uid' => 0)); dba::delete('item', array('uri' => $itemuri, 'uid' => 0));
logger("delete_thread: Deleted shadow for item ".$itemuri." - ".print_r($result, true), LOGGER_DEBUG); logger("delete_thread: Deleted shadow for item ".$itemuri, LOGGER_DEBUG);
} }
} }
} }

View file

@ -404,7 +404,7 @@ function send_register_pending_eml($email, $sitename, $username) {
$body = sprintf($body, $username, $sitename); $body = sprintf($body, $username, $sitename);
return notification(array( return notification(array(
'type' => "SYSTEM_EMAIL", 'type' => SYSTEM_EMAIL,
'to_email' => $email, 'to_email' => $email,
'subject'=> sprintf( t('Registration at %s'), $sitename), 'subject'=> sprintf( t('Registration at %s'), $sitename),
'body' => $body)); 'body' => $body));
@ -450,7 +450,7 @@ function send_register_open_eml($email, $sitename, $siteurl, $username, $passwor
$body = sprintf($body, $email, $sitename, $siteurl, $username, $password); $body = sprintf($body, $email, $sitename, $siteurl, $username, $password);
return notification(array( return notification(array(
'type' => "SYSTEM_EMAIL", 'type' => SYSTEM_EMAIL,
'to_email' => $email, 'to_email' => $email,
'subject'=> sprintf( t('Registration details for %s'), $sitename), 'subject'=> sprintf( t('Registration details for %s'), $sitename),
'preamble'=> $preamble, 'preamble'=> $preamble,

View file

@ -489,6 +489,19 @@ $profile = $a->profile;
header("X-Friendica-Version: " . FRIENDICA_VERSION); header("X-Friendica-Version: " . FRIENDICA_VERSION);
header("Content-type: text/html; charset=utf-8"); header("Content-type: text/html; charset=utf-8");
if (Config::get('system', 'hsts') && (Config::get('system', 'ssl_policy') == SSL_POLICY_FULL)) {
header("Strict-Transport-Security: max-age=31536000");
}
// Some security stuff
header('X-Content-Type-Options: nosniff');
header('X-XSS-Protection: 1; mode=block');
header('X-Permitted-Cross-Domain-Policies: none');
header('X-Frame-Options: sameorigin');
// Things like embedded OSM maps don't work, when this is enabled
// header("Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; img-src 'self' https: data:; media-src 'self' https:; child-src 'self' https:; object-src 'none'");
/* /*
* We use $_GET["mode"] for special page templates. So we will check if we have * We use $_GET["mode"] for special page templates. So we will check if we have
* to load another page template than the default one. * to load another page template than the default one.

View file

@ -457,7 +457,7 @@ function admin_page_federation(App $a) {
foreach ($platforms as $p) { foreach ($platforms as $p) {
// get a total count for the platform, the name and version of the // get a total count for the platform, the name and version of the
// highest version and the protocol tpe // highest version and the protocol tpe
$c = qu('SELECT COUNT(*) AS `total`, ANY_VALUE(`platform`) AS `platform`, $c = q('SELECT COUNT(*) AS `total`, ANY_VALUE(`platform`) AS `platform`,
ANY_VALUE(`network`) AS `network`, MAX(`version`) AS `version` FROM `gserver` ANY_VALUE(`network`) AS `network`, MAX(`version`) AS `version` FROM `gserver`
WHERE `platform` LIKE "%s" AND `last_contact` >= `last_failure` WHERE `platform` LIKE "%s" AND `last_contact` >= `last_failure`
ORDER BY `version` ASC;', $p); ORDER BY `version` ASC;', $p);
@ -465,7 +465,7 @@ function admin_page_federation(App $a) {
// what versions for that platform do we know at all? // what versions for that platform do we know at all?
// again only the active nodes // again only the active nodes
$v = qu('SELECT COUNT(*) AS `total`, `version` FROM `gserver` $v = q('SELECT COUNT(*) AS `total`, `version` FROM `gserver`
WHERE `last_contact` >= `last_failure` AND `platform` LIKE "%s" WHERE `last_contact` >= `last_failure` AND `platform` LIKE "%s"
GROUP BY `version` GROUP BY `version`
ORDER BY `version`;', $p); ORDER BY `version`;', $p);
@ -644,13 +644,13 @@ function admin_page_summary(App $a) {
logger('accounts: '.print_r($accounts,true),LOGGER_DATA); logger('accounts: '.print_r($accounts,true),LOGGER_DATA);
$r = qu("SELECT COUNT(`id`) AS `count` FROM `register`"); $r = q("SELECT COUNT(`id`) AS `count` FROM `register`");
$pending = $r[0]['count']; $pending = $r[0]['count'];
$r = qu("SELECT COUNT(*) AS `total` FROM `queue` WHERE 1"); $r = q("SELECT COUNT(*) AS `total` FROM `queue` WHERE 1");
$queue = (($r) ? $r[0]['total'] : 0); $queue = (($r) ? $r[0]['total'] : 0);
$r = qu("SELECT COUNT(*) AS `total` FROM `workerqueue` WHERE NOT `done`"); $r = q("SELECT COUNT(*) AS `total` FROM `workerqueue` WHERE NOT `done`");
$workerqueue = (($r) ? $r[0]['total'] : 0); $workerqueue = (($r) ? $r[0]['total'] : 0);
// We can do better, but this is a quick queue status // We can do better, but this is a quick queue status
@ -1395,7 +1395,7 @@ function admin_page_users_post(App $a) {
$body = sprintf($body, System::baseUrl(), $nu['email'], $result['password'], $a->config['sitename']); $body = sprintf($body, System::baseUrl(), $nu['email'], $result['password'], $a->config['sitename']);
notification(array( notification(array(
'type' => "SYSTEM_EMAIL", 'type' => SYSTEM_EMAIL,
'to_email' => $nu['email'], 'to_email' => $nu['email'],
'subject'=> sprintf(t('Registration details for %s'), $a->config['sitename']), 'subject'=> sprintf(t('Registration details for %s'), $a->config['sitename']),
'preamble'=> $preamble, 'preamble'=> $preamble,
@ -1487,7 +1487,7 @@ function admin_page_users(App $a) {
/* get users */ /* get users */
$total = qu("SELECT COUNT(*) AS `total` FROM `user` WHERE 1"); $total = q("SELECT COUNT(*) AS `total` FROM `user` WHERE 1");
if (count($total)) { if (count($total)) {
$a->set_pager_total($total[0]['total']); $a->set_pager_total($total[0]['total']);
$a->set_pager_itemspage(100); $a->set_pager_itemspage(100);
@ -1522,7 +1522,7 @@ function admin_page_users(App $a) {
$sql_order = "`".str_replace('.','`.`',$order)."`"; $sql_order = "`".str_replace('.','`.`',$order)."`";
$sql_order_direction = ($order_direction === "+")?"ASC":"DESC"; $sql_order_direction = ($order_direction === "+")?"ASC":"DESC";
$users = qu("SELECT `user`.*, `contact`.`name`, `contact`.`url`, `contact`.`micro`, `user`.`account_expired`, `contact`.`last-item` AS `lastitem_date` $users = q("SELECT `user`.*, `contact`.`name`, `contact`.`url`, `contact`.`micro`, `user`.`account_expired`, `contact`.`last-item` AS `lastitem_date`
FROM `user` FROM `user`
INNER JOIN `contact` ON `contact`.`uid` = `user`.`uid` AND `contact`.`self` INNER JOIN `contact` ON `contact`.`uid` = `user`.`uid` AND `contact`.`self`
WHERE `user`.`verified` WHERE `user`.`verified`

View file

@ -574,9 +574,15 @@ function contacts_content(App $a) {
if ($contact['network'] == NETWORK_DFRN) if ($contact['network'] == NETWORK_DFRN)
$profile_select = contact_profile_assign($contact['profile-id'],(($contact['network'] !== NETWORK_DFRN) ? true : false)); $profile_select = contact_profile_assign($contact['profile-id'],(($contact['network'] !== NETWORK_DFRN) ? true : false));
if (in_array($contact['network'], array(NETWORK_DIASPORA, NETWORK_OSTATUS)) && if (in_array($contact['network'], array(NETWORK_DIASPORA, NETWORK_OSTATUS))) {
($contact['rel'] == CONTACT_IS_FOLLOWER)) if ($contact['rel'] == CONTACT_IS_FOLLOWER) {
$follow = System::baseUrl(true)."/follow?url=".urlencode($contact["url"]); $follow = System::baseUrl(true)."/follow?url=".urlencode($contact["url"]);
$follow_text = t("Connect/Follow");
} elseif ($contact['rel'] == CONTACT_IS_FRIEND) {
$follow = System::baseUrl(true)."/unfollow?url=".urlencode($contact["url"]);
$follow_text = t("Disconnect/Unfollow");
}
}
// Load contactact related actions like hide, suggest, delete and others // Load contactact related actions like hide, suggest, delete and others
$contact_actions = contact_actions($contact); $contact_actions = contact_actions($contact);
@ -613,7 +619,7 @@ function contacts_content(App $a) {
'$last_update' => $last_update, '$last_update' => $last_update,
'$udnow' => t('Update now'), '$udnow' => t('Update now'),
'$follow' => $follow, '$follow' => $follow,
'$follow_text' => t("Connect/Follow"), '$follow_text' => $follow_text,
'$profile_select' => $profile_select, '$profile_select' => $profile_select,
'$contact_id' => $contact['id'], '$contact_id' => $contact['id'],
'$block_text' => (($contact['blocked']) ? t('Unblock') : t('Block') ), '$block_text' => (($contact['blocked']) ? t('Unblock') : t('Block') ),

View file

@ -35,10 +35,7 @@ function delegate_content(App $a) {
dbesc(normalise_link(System::baseUrl() . '/profile/' . $r[0]['nickname'])) dbesc(normalise_link(System::baseUrl() . '/profile/' . $r[0]['nickname']))
); );
if (dbm::is_result($r)) { if (dbm::is_result($r)) {
q("insert into manage ( uid, mid ) values ( %d , %d ) ", dba::insert('manage', array('uid' => $a->argv[2], 'mid' => local_user()));
intval($a->argv[2]),
intval(local_user())
);
} }
} }
goaway(System::baseUrl() . '/delegate'); goaway(System::baseUrl() . '/delegate');

View file

@ -352,8 +352,7 @@ function dfrn_confirm_post(App $a, $handsfree = null) {
dbesc(NETWORK_DFRN), dbesc(NETWORK_DFRN),
intval($contact_id) intval($contact_id)
); );
} } else {
else {
// $network !== NETWORK_DFRN // $network !== NETWORK_DFRN
@ -361,17 +360,15 @@ function dfrn_confirm_post(App $a, $handsfree = null) {
$notify = (($contact['notify']) ? $contact['notify'] : ''); $notify = (($contact['notify']) ? $contact['notify'] : '');
$poll = (($contact['poll']) ? $contact['poll'] : ''); $poll = (($contact['poll']) ? $contact['poll'] : '');
if((! $contact['notify']) || (! $contact['poll'])) { $arr = Probe::uri($contact['url']);
$arr = Probe::lrdd($contact['url']); if (empty($contact['notify'])) {
if(count($arr)) { $notify = $arr['notify'];
foreach($arr as $link) {
if($link['@attributes']['rel'] === 'salmon')
$notify = $link['@attributes']['href'];
if($link['@attributes']['rel'] === NAMESPACE_FEED)
$poll = $link['@attributes']['href'];
}
}
} }
if (empty($contact['poll'])) {
$poll = $arr['poll'];
}
$addr = $arr['addr'];
$new_relation = $contact['rel']; $new_relation = $contact['rel'];
$writable = $contact['writable']; $writable = $contact['writable'];
@ -394,6 +391,7 @@ function dfrn_confirm_post(App $a, $handsfree = null) {
$r = q("UPDATE `contact` SET `name-date` = '%s', $r = q("UPDATE `contact` SET `name-date` = '%s',
`uri-date` = '%s', `uri-date` = '%s',
`addr` = '%s',
`notify` = '%s', `notify` = '%s',
`poll` = '%s', `poll` = '%s',
`blocked` = 0, `blocked` = 0,
@ -406,6 +404,7 @@ function dfrn_confirm_post(App $a, $handsfree = null) {
", ",
dbesc(datetime_convert()), dbesc(datetime_convert()),
dbesc(datetime_convert()), dbesc(datetime_convert()),
dbesc($addr),
dbesc($notify), dbesc($notify),
dbesc($poll), dbesc($poll),
dbesc($network), dbesc($network),

View file

@ -71,7 +71,7 @@ function directory_content(App $a) {
$publish = ((get_config('system','publish_all')) ? '' : " AND `publish` = 1 " ); $publish = ((get_config('system','publish_all')) ? '' : " AND `publish` = 1 " );
$r = $db->q("SELECT COUNT(*) AS `total` FROM `profile` $r = q("SELECT COUNT(*) AS `total` FROM `profile`
LEFT JOIN `user` ON `user`.`uid` = `profile`.`uid` LEFT JOIN `user` ON `user`.`uid` = `profile`.`uid`
WHERE `is-default` = 1 $publish AND `user`.`blocked` = 0 $sql_extra "); WHERE `is-default` = 1 $publish AND `user`.`blocked` = 0 $sql_extra ");
if (dbm::is_result($r)) if (dbm::is_result($r))
@ -81,11 +81,11 @@ function directory_content(App $a) {
$limit = intval($a->pager['start']).",".intval($a->pager['itemspage']); $limit = intval($a->pager['start']).",".intval($a->pager['itemspage']);
$r = $db->q("SELECT `profile`.*, `profile`.`uid` AS `profile_uid`, `user`.`nickname`, `user`.`timezone` , `user`.`page-flags`, $r = q("SELECT `profile`.*, `profile`.`uid` AS `profile_uid`, `user`.`nickname`, `user`.`timezone` , `user`.`page-flags`,
`contact`.`addr`, `contact`.`url` AS profile_url FROM `profile` `contact`.`addr`, `contact`.`url` AS profile_url FROM `profile`
LEFT JOIN `user` ON `user`.`uid` = `profile`.`uid` LEFT JOIN `user` ON `user`.`uid` = `profile`.`uid`
LEFT JOIN `contact` ON `contact`.`uid` = `user`.`uid` LEFT JOIN `contact` ON `contact`.`uid` = `user`.`uid`
WHERE `is-default` = 1 $publish AND `user`.`blocked` = 0 AND `contact`.`self` $sql_extra $order LIMIT ".$limit); WHERE `is-default` $publish AND `user`.`blocked` = 0 AND `contact`.`self` $sql_extra $order LIMIT ".$limit);
if (dbm::is_result($r)) { if (dbm::is_result($r)) {
if (in_array('small', $a->argv)) { if (in_array('small', $a->argv)) {

View file

@ -17,13 +17,7 @@ function display_init(App $a) {
if ($a->argc == 3) { if ($a->argc == 3) {
if (substr($a->argv[2], -5) == '.atom') { if (substr($a->argv[2], -5) == '.atom') {
$item_id = substr($a->argv[2], 0, -5); $item_id = substr($a->argv[2], 0, -5);
$xml = dfrn::itemFeed($item_id); displayShowFeed($item_id);
if ($xml == '') {
http_status_exit(500);
}
header("Content-type: application/atom+xml");
echo $xml;
killme();
} }
} }
@ -70,6 +64,12 @@ function display_init(App $a) {
AND `item`.`guid` = ? LIMIT 1", $a->argv[1]); AND `item`.`guid` = ? LIMIT 1", $a->argv[1]);
} }
if (dbm::is_result($r)) { if (dbm::is_result($r)) {
if (strstr($_SERVER['HTTP_ACCEPT'], 'application/atom+xml')) {
logger('Directly serving XML for id '.$r["id"], LOGGER_DEBUG);
displayShowFeed($r["id"]);
}
if ($r["id"] != $r["parent"]) { if ($r["id"] != $r["parent"]) {
$r = dba::fetch_first("SELECT `id`, `author-name`, `author-link`, `author-avatar`, `network`, `body`, `uid`, `owner-link` FROM `item` $r = dba::fetch_first("SELECT `id`, `author-name`, `author-link`, `author-avatar`, `network`, `body`, `uid`, `owner-link` FROM `item`
WHERE `item`.`visible` AND NOT `item`.`deleted` AND NOT `item`.`moderated` WHERE `item`.`visible` AND NOT `item`.`deleted` AND NOT `item`.`moderated`
@ -293,7 +293,7 @@ function display_content(App $a, $update = 0) {
} }
// We are displaying an "alternate" link if that post was public. See issue 2864 // We are displaying an "alternate" link if that post was public. See issue 2864
$is_public = dba::exists('item', array('id' => $item_id, 'private' => false, 'wall' => true)); $is_public = dba::exists('item', array('id' => $item_id, 'private' => false));
if ($is_public) { if ($is_public) {
$alternate = System::baseUrl().'/display/'.$nick.'/'.$item_id.'.atom'; $alternate = System::baseUrl().'/display/'.$nick.'/'.$item_id.'.atom';
} else { } else {
@ -499,3 +499,12 @@ function display_content(App $a, $update = 0) {
return $o; return $o;
} }
function displayShowFeed($item_id) {
$xml = dfrn::itemFeed($item_id);
if ($xml == '') {
http_status_exit(500);
}
header("Content-type: application/atom+xml");
echo $xml;
killme();
}

View file

@ -8,6 +8,47 @@ require_once 'include/follow.php';
require_once 'include/Contact.php'; require_once 'include/Contact.php';
require_once 'include/contact_selectors.php'; require_once 'include/contact_selectors.php';
function follow_post(App $a) {
if (! local_user()) {
notice( t('Permission denied.') . EOL);
goaway($_SESSION['return_url']);
// NOTREACHED
}
if ($_REQUEST['cancel']) {
goaway($_SESSION['return_url']);
}
$uid = local_user();
$url = notags(trim($_REQUEST['url']));
$return_url = $_SESSION['return_url'];
// Makes the connection request for friendica contacts easier
// This is just a precaution if maybe this page is called somewhere directly via POST
$_SESSION["fastlane"] = $url;
$result = new_contact($uid,$url,true);
if ($result['success'] == false) {
if ($result['message']) {
notice($result['message']);
}
goaway($return_url);
} elseif ($result['cid']) {
goaway(System::baseUrl().'/contacts/'.$result['cid']);
}
info( t('Contact added').EOL);
if (strstr($return_url,'contacts')) {
goaway(System::baseUrl().'/contacts/'.$contact_id);
}
goaway($return_url);
// NOTREACHED
}
function follow_content(App $a) { function follow_content(App $a) {
if (! local_user()) { if (! local_user()) {
@ -99,13 +140,6 @@ function follow_content(App $a) {
$r[0]["about"] = ""; $r[0]["about"] = "";
} }
$header = $ret["name"];
if ($ret["addr"] != "") {
$header .= " <".$ret["addr"].">";
}
//$header .= " (".network_to_name($ret['network'], $ret['url']).")";
$header = t("Connect/Follow"); $header = t("Connect/Follow");
$o = replace_macros($tpl,array( $o = replace_macros($tpl,array(
@ -154,44 +188,3 @@ function follow_content(App $a) {
return $o; return $o;
} }
function follow_post(App $a) {
if (! local_user()) {
notice( t('Permission denied.') . EOL);
goaway($_SESSION['return_url']);
// NOTREACHED
}
if ($_REQUEST['cancel']) {
goaway($_SESSION['return_url']);
}
$uid = local_user();
$url = notags(trim($_REQUEST['url']));
$return_url = $_SESSION['return_url'];
// Makes the connection request for friendica contacts easier
// This is just a precaution if maybe this page is called somewhere directly via POST
$_SESSION["fastlane"] = $url;
$result = new_contact($uid,$url,true);
if ($result['success'] == false) {
if ($result['message']) {
notice($result['message']);
}
goaway($return_url);
} elseif ($result['cid']) {
goaway(System::baseUrl().'/contacts/'.$result['cid']);
}
info( t('Contact added').EOL);
if (strstr($return_url,'contacts')) {
goaway(System::baseUrl().'/contacts/'.$contact_id);
}
goaway($return_url);
// NOTREACHED
}

View file

@ -69,7 +69,7 @@ function lostpass_post(App $a) {
$body = sprintf($body, $resetlink, System::baseUrl(), $email); $body = sprintf($body, $resetlink, System::baseUrl(), $email);
notification(array( notification(array(
'type' => "SYSTEM_EMAIL", 'type' => SYSTEM_EMAIL,
'to_email' => $email, 'to_email' => $email,
'subject'=> sprintf( t('Password reset requested at %s'),$sitename), 'subject'=> sprintf( t('Password reset requested at %s'),$sitename),
'preamble'=> $preamble, 'preamble'=> $preamble,
@ -145,7 +145,7 @@ function lostpass_content(App $a) {
$body = sprintf($body, System::baseUrl(), $email, $new_password); $body = sprintf($body, System::baseUrl(), $email, $new_password);
notification(array( notification(array(
'type' => "SYSTEM_EMAIL", 'type' => SYSTEM_EMAIL,
'to_email' => $email, 'to_email' => $email,
'subject'=> sprintf( t('Your password has been changed at %s'),$sitename), 'subject'=> sprintf( t('Your password has been changed at %s'),$sitename),
'preamble'=> $preamble, 'preamble'=> $preamble,

File diff suppressed because it is too large Load diff

View file

@ -188,7 +188,7 @@ function nodeinfo_cron() {
} }
logger('cron_start'); logger('cron_start');
$users = qu("SELECT `user`.`uid`, `user`.`login_date`, `contact`.`last-item` $users = q("SELECT `user`.`uid`, `user`.`login_date`, `contact`.`last-item`
FROM `user` FROM `user`
INNER JOIN `profile` ON `profile`.`uid` = `user`.`uid` AND `profile`.`is-default` INNER JOIN `profile` ON `profile`.`uid` = `user`.`uid` AND `profile`.`is-default`
INNER JOIN `contact` ON `contact`.`uid` = `user`.`uid` AND `contact`.`self` INNER JOIN `contact` ON `contact`.`uid` = `user`.`uid` AND `contact`.`self`
@ -220,7 +220,7 @@ function nodeinfo_cron() {
Config::set('nodeinfo', 'active_users_monthly', $active_users_monthly); Config::set('nodeinfo', 'active_users_monthly', $active_users_monthly);
} }
$posts = qu("SELECT COUNT(*) AS local_posts FROM `thread` WHERE `thread`.`wall` AND `thread`.`uid` != 0"); $posts = q("SELECT COUNT(*) AS local_posts FROM `thread` WHERE `thread`.`wall` AND `thread`.`uid` != 0");
if (!is_array($posts)) { if (!is_array($posts)) {
$local_posts = -1; $local_posts = -1;
@ -231,7 +231,7 @@ function nodeinfo_cron() {
logger('local_posts: '.$local_posts, LOGGER_DEBUG); logger('local_posts: '.$local_posts, LOGGER_DEBUG);
$posts = qu("SELECT COUNT(*) FROM `contact` $posts = q("SELECT COUNT(*) FROM `contact`
INNER JOIN `item` ON `item`.`contact-id` = `contact`.`id` AND `item`.`uid` = `contact`.`uid` AND INNER JOIN `item` ON `item`.`contact-id` = `contact`.`id` AND `item`.`uid` = `contact`.`uid` AND
`item`.`id` != `item`.`parent` AND `item`.`network` IN ('%s', '%s', '%s') `item`.`id` != `item`.`parent` AND `item`.`network` IN ('%s', '%s', '%s')
WHERE `contact`.`self`", WHERE `contact`.`self`",

View file

@ -74,7 +74,7 @@ function photo_init(App $a) {
$uid = str_replace(array('.jpg','.png'),array('',''), $person); $uid = str_replace(array('.jpg','.png'),array('',''), $person);
$r = qu("SELECT * FROM `photo` WHERE `scale` = %d AND `uid` = %d AND `profile` = 1 LIMIT 1", $r = q("SELECT * FROM `photo` WHERE `scale` = %d AND `uid` = %d AND `profile` = 1 LIMIT 1",
intval($resolution), intval($resolution),
intval($uid) intval($uid)
); );
@ -104,7 +104,7 @@ function photo_init(App $a) {
} }
// check if the photo exists and get the owner of the photo // check if the photo exists and get the owner of the photo
$r = qu("SELECT `uid` FROM `photo` WHERE `resource-id` = '%s' LIMIT 1", $r = q("SELECT `uid` FROM `photo` WHERE `resource-id` = '%s' LIMIT 1",
dbesc($photo), dbesc($photo),
intval($resolution) intval($resolution)
); );
@ -114,7 +114,7 @@ function photo_init(App $a) {
// Now we'll see if we can access the photo // Now we'll see if we can access the photo
$r = qu("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `scale` <= %d $sql_extra ORDER BY scale DESC LIMIT 1", $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `scale` <= %d $sql_extra ORDER BY scale DESC LIMIT 1",
dbesc($photo), dbesc($photo),
intval($resolution) intval($resolution)
); );

View file

@ -29,7 +29,7 @@ function photos_init(App $a) {
if ($a->argc > 1) { if ($a->argc > 1) {
$nick = $a->argv[1]; $nick = $a->argv[1];
$user = qu("SELECT * FROM `user` WHERE `nickname` = '%s' AND `blocked` = 0 LIMIT 1", $user = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `blocked` = 0 LIMIT 1",
dbesc($nick) dbesc($nick)
); );
@ -153,7 +153,7 @@ function photos_post(App $a) {
} }
if ($contact_id) { if ($contact_id) {
$r = qu("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1", $r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1",
intval($contact_id), intval($contact_id),
intval($page_owner_uid) intval($page_owner_uid)
); );
@ -170,7 +170,7 @@ function photos_post(App $a) {
killme(); killme();
} }
$r = qu("SELECT `contact`.*, `user`.`nickname` FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid` $r = q("SELECT `contact`.*, `user`.`nickname` FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid`
WHERE `user`.`uid` = %d AND `self` = 1 LIMIT 1", WHERE `user`.`uid` = %d AND `self` = 1 LIMIT 1",
intval($page_owner_uid) intval($page_owner_uid)
); );
@ -192,7 +192,7 @@ function photos_post(App $a) {
return; // NOTREACHED return; // NOTREACHED
} }
$r = qu("SELECT `album` FROM `photo` WHERE `album` = '%s' AND `uid` = %d", $r = q("SELECT `album` FROM `photo` WHERE `album` = '%s' AND `uid` = %d",
dbesc($album), dbesc($album),
intval($page_owner_uid) intval($page_owner_uid)
); );
@ -1378,7 +1378,7 @@ function photos_content(App $a) {
else else
$order = 'DESC'; $order = 'DESC';
$prvnxt = qu("SELECT `resource-id` FROM `photo` WHERE `album` = '%s' AND `uid` = %d AND `scale` = 0 $prvnxt = q("SELECT `resource-id` FROM `photo` WHERE `album` = '%s' AND `uid` = %d AND `scale` = 0
$sql_extra ORDER BY `created` $order ", $sql_extra ORDER BY `created` $order ",
dbesc($ph[0]['album']), dbesc($ph[0]['album']),
intval($owner_uid) intval($owner_uid)
@ -1478,7 +1478,7 @@ function photos_content(App $a) {
if (dbm::is_result($linked_items)) { if (dbm::is_result($linked_items)) {
$link_item = $linked_items[0]; $link_item = $linked_items[0];
$r = qu("SELECT COUNT(*) AS `total` $r = q("SELECT COUNT(*) AS `total`
FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
WHERE `parent-uri` = '%s' AND `uri` != '%s' AND `item`.`deleted` = 0 and `item`.`moderated` = 0 WHERE `parent-uri` = '%s' AND `uri` != '%s' AND `item`.`deleted` = 0 and `item`.`moderated` = 0
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
@ -1495,7 +1495,7 @@ function photos_content(App $a) {
} }
$r = qu("SELECT `item`.*, `item`.`id` AS `item_id`, $r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`network`, `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`network`,
`contact`.`rel`, `contact`.`thumb`, `contact`.`self`, `contact`.`rel`, `contact`.`thumb`, `contact`.`self`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid` `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
@ -1835,7 +1835,7 @@ function photos_content(App $a) {
// Default - show recent photos with upload link (if applicable) // Default - show recent photos with upload link (if applicable)
//$o = ''; //$o = '';
$r = qu("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' $r = q("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s'
$sql_extra GROUP BY `resource-id`", $sql_extra GROUP BY `resource-id`",
intval($a->data['user']['uid']), intval($a->data['user']['uid']),
dbesc('Contact Photos'), dbesc('Contact Photos'),
@ -1846,7 +1846,7 @@ function photos_content(App $a) {
$a->set_pager_itemspage(20); $a->set_pager_itemspage(20);
} }
$r = qu("SELECT `resource-id`, ANY_VALUE(`id`) AS `id`, ANY_VALUE(`filename`) AS `filename`, $r = q("SELECT `resource-id`, ANY_VALUE(`id`) AS `id`, ANY_VALUE(`filename`) AS `filename`,
ANY_VALUE(`type`) AS `type`, ANY_VALUE(`album`) AS `album`, max(`scale`) AS `scale`, ANY_VALUE(`type`) AS `type`, ANY_VALUE(`album`) AS `album`, max(`scale`) AS `scale`,
ANY_VALUE(`created`) AS `created` FROM `photo` ANY_VALUE(`created`) AS `created` FROM `photo`
WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s'

View file

@ -118,7 +118,7 @@ function ping_init(App $a)
$notifs = ping_get_notifications(local_user()); $notifs = ping_get_notifications(local_user());
$items_unseen = qu("SELECT `item`.`id`, `item`.`parent`, `item`.`verb`, `item`.`wall`, `item`.`author-name`, $items_unseen = q("SELECT `item`.`id`, `item`.`parent`, `item`.`verb`, `item`.`wall`, `item`.`author-name`,
`item`.`contact-id`, `item`.`author-link`, `item`.`author-avatar`, `item`.`created`, `item`.`object`, `item`.`contact-id`, `item`.`author-link`, `item`.`author-avatar`, `item`.`created`, `item`.`object`,
`pitem`.`author-name` AS `pname`, `pitem`.`author-link` AS `plink` `pitem`.`author-name` AS `pname`, `pitem`.`author-link` AS `plink`
FROM `item` INNER JOIN `item` AS `pitem` ON `pitem`.`id` = `item`.`parent` FROM `item` INNER JOIN `item` AS `pitem` ON `pitem`.`id` = `item`.`parent`
@ -167,13 +167,13 @@ function ping_init(App $a)
} }
} }
$intros1 = qu("SELECT `intro`.`id`, `intro`.`datetime`, $intros1 = q("SELECT `intro`.`id`, `intro`.`datetime`,
`fcontact`.`name`, `fcontact`.`url`, `fcontact`.`photo` `fcontact`.`name`, `fcontact`.`url`, `fcontact`.`photo`
FROM `intro` LEFT JOIN `fcontact` ON `intro`.`fid` = `fcontact`.`id` FROM `intro` LEFT JOIN `fcontact` ON `intro`.`fid` = `fcontact`.`id`
WHERE `intro`.`uid` = %d AND `intro`.`blocked` = 0 AND `intro`.`ignore` = 0 AND `intro`.`fid` != 0", WHERE `intro`.`uid` = %d AND `intro`.`blocked` = 0 AND `intro`.`ignore` = 0 AND `intro`.`fid` != 0",
intval(local_user()) intval(local_user())
); );
$intros2 = qu("SELECT `intro`.`id`, `intro`.`datetime`, $intros2 = q("SELECT `intro`.`id`, `intro`.`datetime`,
`contact`.`name`, `contact`.`url`, `contact`.`photo` `contact`.`name`, `contact`.`url`, `contact`.`photo`
FROM `intro` LEFT JOIN `contact` ON `intro`.`contact-id` = `contact`.`id` FROM `intro` LEFT JOIN `contact` ON `intro`.`contact-id` = `contact`.`id`
WHERE `intro`.`uid` = %d AND `intro`.`blocked` = 0 AND `intro`.`ignore` = 0 AND `intro`.`contact-id` != 0", WHERE `intro`.`uid` = %d AND `intro`.`blocked` = 0 AND `intro`.`ignore` = 0 AND `intro`.`contact-id` != 0",
@ -184,7 +184,7 @@ function ping_init(App $a)
$intros = $intros1 + $intros2; $intros = $intros1 + $intros2;
$myurl = System::baseUrl() . '/profile/' . $a->user['nickname'] ; $myurl = System::baseUrl() . '/profile/' . $a->user['nickname'] ;
$mails = qu("SELECT `id`, `from-name`, `from-url`, `from-photo`, `created` FROM `mail` $mails = q("SELECT `id`, `from-name`, `from-url`, `from-photo`, `created` FROM `mail`
WHERE `uid` = %d AND `seen` = 0 AND `from-url` != '%s' ", WHERE `uid` = %d AND `seen` = 0 AND `from-url` != '%s' ",
intval(local_user()), intval(local_user()),
dbesc($myurl) dbesc($myurl)
@ -192,7 +192,7 @@ function ping_init(App $a)
$mail_count = count($mails); $mail_count = count($mails);
if ($a->config['register_policy'] == REGISTER_APPROVE && is_site_admin()){ if ($a->config['register_policy'] == REGISTER_APPROVE && is_site_admin()){
$regs = qu("SELECT `contact`.`name`, `contact`.`url`, `contact`.`micro`, `register`.`created`, COUNT(*) AS `total` $regs = q("SELECT `contact`.`name`, `contact`.`url`, `contact`.`micro`, `register`.`created`, COUNT(*) AS `total`
FROM `contact` RIGHT JOIN `register` ON `register`.`uid` = `contact`.`uid` FROM `contact` RIGHT JOIN `register` ON `register`.`uid` = `contact`.`uid`
WHERE `contact`.`self` = 1"); WHERE `contact`.`self` = 1");
@ -204,7 +204,7 @@ function ping_init(App $a)
$cachekey = "ping_init:".local_user(); $cachekey = "ping_init:".local_user();
$ev = Cache::get($cachekey); $ev = Cache::get($cachekey);
if (is_null($ev)) { if (is_null($ev)) {
$ev = qu("SELECT type, start, adjust FROM `event` $ev = q("SELECT type, start, adjust FROM `event`
WHERE `event`.`uid` = %d AND `start` < '%s' AND `finish` > '%s' and `ignore` = 0 WHERE `event`.`uid` = %d AND `start` < '%s' AND `finish` > '%s' and `ignore` = 0
ORDER BY `start` ASC ", ORDER BY `start` ASC ",
intval(local_user()), intval(local_user()),
@ -424,7 +424,7 @@ function ping_get_notifications($uid)
$a = get_app(); $a = get_app();
do { do {
$r = qu("SELECT `notify`.*, `item`.`visible`, `item`.`spam`, `item`.`deleted` $r = q("SELECT `notify`.*, `item`.`visible`, `item`.`spam`, `item`.`deleted`
FROM `notify` LEFT JOIN `item` ON `item`.`id` = `notify`.`iid` FROM `notify` LEFT JOIN `item` ON `item`.`id` = `notify`.`iid`
WHERE `notify`.`uid` = %d AND `notify`.`msg` != '' WHERE `notify`.`uid` = %d AND `notify`.`msg` != ''
AND NOT (`notify`.`type` IN (%d, %d)) AND NOT (`notify`.`type` IN (%d, %d))

View file

@ -108,13 +108,7 @@ function profiles_init(App $a) {
$r1[0]['net-publish'] = 0; $r1[0]['net-publish'] = 0;
$r1[0]['profile-name'] = dbesc($name); $r1[0]['profile-name'] = dbesc($name);
dbm::esc_array($r1[0], true); dba::insert('profile', $r1[0]);
$r2 = dbq("INSERT INTO `profile` (`"
. implode("`, `", array_keys($r1[0]))
. "`) VALUES ("
. implode(", ", array_values($r1[0]))
. ")" );
$r3 = q("SELECT `id` FROM `profile` WHERE `uid` = %d AND `profile-name` = '%s' LIMIT 1", $r3 = q("SELECT `id` FROM `profile` WHERE `uid` = %d AND `profile-name` = '%s' LIMIT 1",
intval(local_user()), intval(local_user()),

View file

@ -142,10 +142,10 @@ function proxy_init(App $a) {
$r = array(); $r = array();
if (!$direct_cache && ($cachefile == '')) { if (!$direct_cache && ($cachefile == '')) {
$r = qu("SELECT * FROM `photo` WHERE `resource-id` = '%s' LIMIT 1", $urlhash); $r = dba::select('photo', array('data', 'desc'), array('resource-id' => $urlhash), array('limit' => 1));
if (dbm::is_result($r)) { if (dbm::is_result($r)) {
$img_str = $r[0]['data']; $img_str = $r['data'];
$mime = $r[0]['desc']; $mime = $r['desc'];
if ($mime == '') { if ($mime == '') {
$mime = 'image/jpeg'; $mime = 'image/jpeg';
} }
@ -181,23 +181,11 @@ function proxy_init(App $a) {
die(); die();
} }
q("INSERT INTO `photo` $fields = array('uid' => 0, 'contact-id' => 0, 'guid' => get_guid(), 'resource-id' => $urlhash, 'created' => datetime_convert(), 'edited' => datetime_convert(),
( `uid`, `contact-id`, `guid`, `resource-id`, `created`, `edited`, `filename`, `album`, `height`, `width`, `desc`, `data`, `scale`, `profile`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid` ) 'filename' => basename($_REQUEST['url']), 'type' => '', 'album' => '', 'height' => imagesy($image), 'width' => imagesx($image),
VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', '%s', %d, %d, '%s', '%s', '%s', '%s' )", 'datasize' => 0, 'data' => $img_str, 'scale' => 100, 'profile' => 0,
0, 0, get_guid(), dbesc($urlhash), 'allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '', 'desc' => $mime);
dbesc(datetime_convert()), dba::insert('photo', $fields);
dbesc(datetime_convert()),
dbesc(basename(dbesc($_REQUEST['url']))),
dbesc(''),
intval(imagesy($image)),
intval(imagesx($image)),
$mime,
dbesc($img_str),
100,
intval(0),
dbesc(''), dbesc(''), dbesc(''), dbesc('')
);
} else { } else {
$img = new Photo($img_str, $mime); $img = new Photo($img_str, $mime);
if ($img->is_valid() && !$direct_cache && ($cachefile == '')) { if ($img->is_valid() && !$direct_cache && ($cachefile == '')) {

View file

@ -11,7 +11,7 @@ function search_saved_searches() {
$o = ''; $o = '';
if(! feature_enabled(local_user(),'savedsearch')) if (! feature_enabled(local_user(),'savedsearch'))
return $o; return $o;
$r = q("SELECT `id`,`term` FROM `search` WHERE `uid` = %d", $r = q("SELECT `id`,`term` FROM `search` WHERE `uid` = %d",
@ -50,30 +50,23 @@ function search_init(App $a) {
$search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : ''); $search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : '');
if(local_user()) { if (local_user()) {
if(x($_GET,'save') && $search) { if (x($_GET,'save') && $search) {
$r = q("SELECT * FROM `search` WHERE `uid` = %d AND `term` = '%s' LIMIT 1", $r = q("SELECT * FROM `search` WHERE `uid` = %d AND `term` = '%s' LIMIT 1",
intval(local_user()), intval(local_user()),
dbesc($search) dbesc($search)
); );
if (! dbm::is_result($r)) { if (!dbm::is_result($r)) {
q("INSERT INTO `search` (`uid`,`term`) VALUES ( %d, '%s')", dbm::insert('search', array('uid' => local_user(), 'term' => $search));
intval(local_user()),
dbesc($search)
);
} }
} }
if(x($_GET,'remove') && $search) { if (x($_GET,'remove') && $search) {
q("DELETE FROM `search` WHERE `uid` = %d AND `term` = '%s' LIMIT 1", dbm::delete('search', array('uid' => local_user(), 'term' => $search));
intval(local_user()),
dbesc($search)
);
} }
$a->page['aside'] .= search_saved_searches(); $a->page['aside'] .= search_saved_searches();
} } else {
else {
unset($_SESSION['theme']); unset($_SESSION['theme']);
unset($_SESSION['mobile-theme']); unset($_SESSION['mobile-theme']);
} }
@ -85,7 +78,7 @@ function search_init(App $a) {
function search_post(App $a) { function search_post(App $a) {
if(x($_POST,'search')) if (x($_POST,'search'))
$a->data['search'] = $_POST['search']; $a->data['search'] = $_POST['search'];
} }
@ -135,13 +128,13 @@ function search_content(App $a) {
nav_set_selected('search'); nav_set_selected('search');
if(x($a->data,'search')) if (x($a->data,'search'))
$search = notags(trim($a->data['search'])); $search = notags(trim($a->data['search']));
else else
$search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : ''); $search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : '');
$tag = false; $tag = false;
if(x($_GET,'tag')) { if (x($_GET,'tag')) {
$tag = true; $tag = true;
$search = ((x($_GET,'tag')) ? notags(trim(rawurldecode($_GET['tag']))) : ''); $search = ((x($_GET,'tag')) ? notags(trim(rawurldecode($_GET['tag']))) : '');
} }
@ -154,18 +147,18 @@ function search_content(App $a) {
'$content' => search($search,'search-box','search',((local_user()) ? true : false), false) '$content' => search($search,'search-box','search',((local_user()) ? true : false), false)
)); ));
if(strpos($search,'#') === 0) { if (strpos($search,'#') === 0) {
$tag = true; $tag = true;
$search = substr($search,1); $search = substr($search,1);
} }
if(strpos($search,'@') === 0) { if (strpos($search,'@') === 0) {
return dirfind_content($a); return dirfind_content($a);
} }
if(strpos($search,'!') === 0) { if (strpos($search,'!') === 0) {
return dirfind_content($a); return dirfind_content($a);
} }
if(x($_GET,'search-option')) if (x($_GET,'search-option'))
switch($_GET['search-option']) { switch($_GET['search-option']) {
case 'fulltext': case 'fulltext':
break; break;
@ -180,7 +173,7 @@ function search_content(App $a) {
break; break;
} }
if(! $search) if (! $search)
return $o; return $o;
if (get_config('system','only_tag_search')) if (get_config('system','only_tag_search'))
@ -191,7 +184,7 @@ function search_content(App $a) {
// OR your own posts if you are a logged in member // OR your own posts if you are a logged in member
// No items will be shown if the member has a blocked profile wall. // No items will be shown if the member has a blocked profile wall.
if($tag) { if ($tag) {
logger("Start tag search for '".$search."'", LOGGER_DEBUG); logger("Start tag search for '".$search."'", LOGGER_DEBUG);
$r = q("SELECT %s $r = q("SELECT %s
@ -224,7 +217,7 @@ function search_content(App $a) {
} }
if($tag) if ($tag)
$title = sprintf( t('Items tagged with: %s'), $search); $title = sprintf( t('Items tagged with: %s'), $search);
else else
$title = sprintf( t('Results for: %s'), $search); $title = sprintf( t('Results for: %s'), $search);

View file

@ -231,17 +231,12 @@ function settings_post(App $a) {
intval(local_user()) intval(local_user())
); );
if (! dbm::is_result($r)) { if (! dbm::is_result($r)) {
q("INSERT INTO `mailacct` (`uid`) VALUES (%d)", dba::insert('mailacct', array('uid' => local_user()));
intval(local_user())
);
} }
if(strlen($mail_pass)) { if(strlen($mail_pass)) {
$pass = ''; $pass = '';
openssl_public_encrypt($mail_pass,$pass,$a->user['pubkey']); openssl_public_encrypt($mail_pass,$pass,$a->user['pubkey']);
q("UPDATE `mailacct` SET `pass` = '%s' WHERE `uid` = %d", dba::update('mailacct', array('pass' => bin2hex($pass)), array('uid' => local_user()));
dbesc(bin2hex($pass)),
intval(local_user())
);
} }
$r = q("UPDATE `mailacct` SET `server` = '%s', `port` = %d, `ssltype` = '%s', `user` = '%s', $r = q("UPDATE `mailacct` SET `server` = '%s', `port` = %d, `ssltype` = '%s', `user` = '%s',
`action` = %d, `movetofolder` = '%s', `action` = %d, `movetofolder` = '%s',

View file

@ -39,10 +39,7 @@ function suggest_init(App $a) {
} }
// Now check how the user responded to the confirmation query // Now check how the user responded to the confirmation query
if (!$_REQUEST['canceled']) { if (!$_REQUEST['canceled']) {
q("INSERT INTO `gcign` ( `uid`, `gcid` ) VALUES ( %d, %d ) ", dba::insert('gcign', array('uid' => local_user(), 'gcid' => $_GET['ignore']));
intval(local_user()),
intval($_GET['ignore'])
);
} }
} }

140
mod/unfollow.php Normal file
View file

@ -0,0 +1,140 @@
<?php
use Friendica\App;
use Friendica\Core\System;
require_once 'include/probe.php';
require_once 'include/follow.php';
require_once 'include/Contact.php';
require_once 'include/contact_selectors.php';
function unfollow_post(App $a) {
if (!local_user()) {
notice(t('Permission denied.') . EOL);
goaway($_SESSION['return_url']);
// NOTREACHED
}
if ($_REQUEST['cancel']) {
goaway($_SESSION['return_url']);
}
$uid = local_user();
$url = notags(trim($_REQUEST['url']));
$return_url = $_SESSION['return_url'];
$condition = array("`uid` = ? AND `rel` = ? AND (`nurl` = ? OR `alias` = ? OR `alias` = ?) AND `network` != ?",
$uid, CONTACT_IS_FRIEND, normalise_link($url),
normalise_link($url), $url, NETWORK_STATUSNET);
$contact = dba::select('contact', array(), $condition, array('limit' => 1));
if (!dbm::is_result($contact)) {
notice(t("Contact wasn't found or can't be unfollowed."));
} else {
if (in_array($contact['network'], array(NETWORK_OSTATUS))) {
$r = q("SELECT `contact`.*, `user`.* FROM `contact` INNER JOIN `user` ON `contact`.`uid` = `user`.`uid`
WHERE `user`.`uid` = %d AND `contact`.`self` LIMIT 1",
intval($uid)
);
if (dbm::is_result($r)) {
$self = ""; // Unused parameter
terminate_friendship($r[0], $self, $contact);
}
}
dba::update('contact', array('rel' => CONTACT_IS_FOLLOWER), array('id' => $contact['id']));
info(t('Contact unfollowed').EOL);
goaway(System::baseUrl().'/contacts/'.$contact['id']);
}
goaway($return_url);
// NOTREACHED
}
function unfollow_content(App $a) {
if (! local_user()) {
notice(t('Permission denied.') . EOL);
goaway($_SESSION['return_url']);
// NOTREACHED
}
$uid = local_user();
$url = notags(trim($_REQUEST['url']));
$submit = t('Submit Request');
$condition = array("`uid` = ? AND `rel` = ? AND (`nurl` = ? OR `alias` = ? OR `alias` = ?) AND `network` != ?",
local_user(), CONTACT_IS_FRIEND, normalise_link($url),
normalise_link($url), $url, NETWORK_STATUSNET);
$contact = dba::select('contact', array('url', 'network', 'addr', 'name'), $condition, array('limit' => 1));
if (!dbm::is_result($contact)) {
notice(t("You aren't a friend of this contact.").EOL);
$submit = "";
// NOTREACHED
}
if (!in_array($contact['network'], array(NETWORK_DIASPORA, NETWORK_OSTATUS))) {
notice(t("Unfollowing is currently not supported by your network.").EOL);
$submit = "";
// NOTREACHED
}
$request = System::baseUrl()."/unfollow";
$tpl = get_markup_template('auto_request.tpl');
$r = q("SELECT `url` FROM `contact` WHERE `uid` = %d AND `self` LIMIT 1", intval($uid));
if (!$r) {
notice(t('Permission denied.') . EOL);
goaway($_SESSION['return_url']);
// NOTREACHED
}
$myaddr = $r[0]["url"];
// Makes the connection request for friendica contacts easier
$_SESSION["fastlane"] = $contact["url"];
$header = t("Disconnect/Unfollow");
$o = replace_macros($tpl,array(
'$header' => htmlentities($header),
'$desc' => "",
'$pls_answer' => "",
'$does_know_you' => "",
'$add_note' => "",
'$page_desc' => "",
'$friendica' => "",
'$statusnet' => "",
'$diaspora' => "",
'$diasnote' => "",
'$your_address' => t('Your Identity Address:'),
'$invite_desc' => "",
'$emailnet' => "",
'$submit' => $submit,
'$cancel' => t('Cancel'),
'$nickname' => "",
'$name' => $contact["name"],
'$url' => $contact["url"],
'$zrl' => zrl($contact["url"]),
'$url_label' => t("Profile URL"),
'$myaddr' => $myaddr,
'$request' => $request,
'$keywords' => "",
'$keywords_label' => ""
));
$a->page['aside'] = "";
profile_load($a, "", 0, get_contact_details_by_url($contact["url"]));
$o .= replace_macros(get_markup_template('section_title.tpl'),
array('$title' => t('Status Messages and Posts')
));
// Show last public posts
$o .= posts_from_contact_url($a, $contact["url"]);
return $o;
}

View file

@ -138,21 +138,12 @@ function wall_attach_post(App $a) {
$mimetype = z_mime_content_type($filename); $mimetype = z_mime_content_type($filename);
$hash = get_guid(64); $hash = get_guid(64);
$created = datetime_convert(); $created = datetime_convert();
$r = q("INSERT INTO `attach` ( `uid`, `hash`, `filename`, `filetype`, `filesize`, `data`, `created`, `edited`, `allow_cid`, `allow_gid`,`deny_cid`, `deny_gid` )
VALUES ( %d, '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ", $fields = array('uid' => $page_owner_uid, 'hash' => $hash, 'filename' => $filename, 'filetype' => $mimetype,
intval($page_owner_uid), 'filesize' => $filesize, 'data' => $filedata, 'created' => $created, 'edited' => $created,
dbesc($hash), 'allow_cid' => '<' . $page_owner_cid . '>', 'allow_gid' => '','deny_cid' => '', 'deny_gid' => '');
dbesc($filename),
dbesc($mimetype), $r = dba::insert('attach', $fields);
intval($filesize),
dbesc($filedata),
dbesc($created),
dbesc($created),
dbesc('<' . $page_owner_cid . '>'),
dbesc(''),
dbesc(''),
dbesc('')
);
@unlink($src); @unlink($src);

View file

@ -129,9 +129,8 @@ server {
# With php5-fpm: # With php5-fpm:
fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_pass unix:/var/run/php5-fpm.sock;
include fastcgi_params; include fastcgi.conf;
fastcgi_index index.php; fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
} }
# deny access to all dot files # deny access to all dot files

View file

@ -68,6 +68,11 @@ class Item extends BaseObject {
continue; continue;
} }
// You can always comment on Diaspora items
if (($item['network'] == NETWORK_DIASPORA) && (local_user() == $item['uid'])) {
$item['writable'] = true;
}
$item['pagedrop'] = $data['pagedrop']; $item['pagedrop'] = $data['pagedrop'];
$child = new Item($item); $child = new Item($item);
$this->add_child($child); $this->add_child($child);
@ -319,18 +324,6 @@ class Item extends BaseObject {
unset($buttons["like"]); unset($buttons["like"]);
} }
// Diaspora isn't able to do likes on comments - but Hubzilla does
/// @todo When Diaspora will pass this information we will remove these lines
if (($item["item_network"] == NETWORK_DIASPORA) && ($indent == 'comment') &&
!Diaspora::is_redmatrix($item["owner-link"]) && isset($buttons["like"])) {
unset($buttons["like"]);
}
// Facebook can like comments - but it isn't programmed in the connector yet.
if (($item["item_network"] == NETWORK_FACEBOOK) && ($indent == 'comment') && isset($buttons["like"])) {
unset($buttons["like"]);
}
$tmp_item = array( $tmp_item = array(
'template' => $this->get_template(), 'template' => $this->get_template(),
'type' => implode("",array_slice(explode("/",$item['verb']),-1)), 'type' => implode("",array_slice(explode("/",$item['verb']),-1)),

File diff suppressed because it is too large Load diff

View file

@ -7,7 +7,7 @@
{{foreach $saved as $search}} {{foreach $saved as $search}}
<li role="menuitem" class="saved-search-li clear"> <li role="menuitem" class="saved-search-li clear">
<a title="{{$search.delete}}" onclick="return confirmDelete();" id="drop-saved-search-term-{{$search.id}}" class="iconspacer savedsearchdrop " href="network/?f=&amp;remove=1&amp;search={{$search.encodedterm}}"></a> <a title="{{$search.delete}}" onclick="return confirmDelete();" id="drop-saved-search-term-{{$search.id}}" class="iconspacer savedsearchdrop " href="network/?f=&amp;remove=1&amp;search={{$search.encodedterm}}"></a>
<a id="saved-search-term-{{$search.id}}" class="savedsearchterm" href="network/?f=&amp;search={{$search.encodedterm}}">{{$search.term}}</a> <a id="saved-search-term-{{$search.id}}" class="savedsearchterm" href="search?search={{$search.encodedterm}}">{{$search.term}}</a>
</li> </li>
{{/foreach}} {{/foreach}}
</ul> </ul>

View file

@ -7,7 +7,7 @@
{{foreach $saved as $search}} {{foreach $saved as $search}}
<li role="menuitem" class="saved-search-li clear"> <li role="menuitem" class="saved-search-li clear">
<a title="{{$search.delete}}" onclick="return confirmDelete();" id="drop-saved-search-term-{{$search.id}}" class="savedsearchdrop pull-right" href="network/?f=&amp;remove=1&amp;search={{$search.encodedterm}}"><i class="fa fa-trash" aria-hidden="true"></i></a> <a title="{{$search.delete}}" onclick="return confirmDelete();" id="drop-saved-search-term-{{$search.id}}" class="savedsearchdrop pull-right" href="network/?f=&amp;remove=1&amp;search={{$search.encodedterm}}"><i class="fa fa-trash" aria-hidden="true"></i></a>
<a id="saved-search-term-{{$search.id}}" class="savedsearchterm" href="network/?f=&amp;search={{$search.encodedterm}}">{{$search.term}}</a> <a id="saved-search-term-{{$search.id}}" class="savedsearchterm" href="search?search={{$search.encodedterm}}">{{$search.term}}</a>
</li> </li>
{{/foreach}} {{/foreach}}
</ul> </ul>

View file

@ -4,7 +4,7 @@
<ul id="saved-search-ul"> <ul id="saved-search-ul">
{{foreach $saved as $search}} {{foreach $saved as $search}}
<li class="tool {{if $search.selected}}selected{{/if}}"> <li class="tool {{if $search.selected}}selected{{/if}}">
<a href="network/?f=&search={{$search.encodedterm}}" class="label" >{{$search.term}}</a> <a href="search?search={{$search.encodedterm}}" class="label" >{{$search.term}}</a>
<a href="network/?f=&remove=1&search={{$search.encodedterm}}" class="action icon s10 delete" title="{{$search.delete}}" onclick="return confirmDelete();"></a> <a href="network/?f=&remove=1&search={{$search.encodedterm}}" class="action icon s10 delete" title="{{$search.delete}}" onclick="return confirmDelete();"></a>
</li> </li>
{{/foreach}} {{/foreach}}