diff --git a/.gitignore b/.gitignore index 6302bc1c8..2531fe4cd 100755 --- a/.gitignore +++ b/.gitignore @@ -13,6 +13,9 @@ addon #ignore documentation, it should be newly built doc/api +#ignore reports, should be generted with every build +report/ + #ignore config files from eclipse, we don't want IDE files in our repository .project .buildpath diff --git a/.htaccess b/.htaccess index 1df509670..28ac3dd80 100755 --- a/.htaccess +++ b/.htaccess @@ -1,10 +1,13 @@ -#Options -Indexes +Options -Indexes AddType application/x-java-archive .jar AddType audio/ogg .oga Deny from all + +Deny from all + RewriteEngine on diff --git a/boot.php b/boot.php index b30f02c9f..d5feaed2d 100755 --- a/boot.php +++ b/boot.php @@ -9,9 +9,9 @@ require_once('include/nav.php'); require_once('include/cache.php'); define ( 'FRIENDICA_PLATFORM', 'Friendica'); -define ( 'FRIENDICA_VERSION', '2.3.1278' ); -define ( 'DFRN_PROTOCOL_VERSION', '2.22' ); -define ( 'DB_UPDATE_VERSION', 1131 ); +define ( 'FRIENDICA_VERSION', '2.3.1285' ); +define ( 'DFRN_PROTOCOL_VERSION', '2.23' ); +define ( 'DB_UPDATE_VERSION', 1132 ); define ( 'EOL', "
\r\n" ); define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' ); @@ -286,7 +286,12 @@ class App { startup(); - $this->scheme = ((isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'])) ? 'https' : 'http' ); + $this->scheme = 'http'; + if(x($_SERVER,'HTTPS') && $_SERVER['HTTPS']) + $this->scheme = 'https'; + elseif(x($_SERVER,'SERVER_PORT') && (intval($_SERVER['SERVER_PORT']) == 443)) + $this->scheme = 'https'; + if(x($_SERVER,'SERVER_NAME')) { $this->hostname = $_SERVER['SERVER_NAME']; @@ -379,11 +384,22 @@ class App { $scheme = $this->scheme; - if(x($this->config,'ssl_policy')) { - if(($ssl) || ($this->config['ssl_policy'] == SSL_POLICY_FULL)) - $scheme = 'https'; - if(($this->config['ssl_policy'] == SSL_POLICY_SELFSIGN) && (local_user() || x($_POST,'auth-params'))) + if((x($this->config,'system')) && (x($this->config['system'],'ssl_policy'))) { + if(intval($this->config['system']['ssl_policy']) === intval(SSL_POLICY_FULL)) $scheme = 'https'; + +// We need to populate the $ssl flag across the entire program before turning this on. +// Basically, we'll have $ssl = true on any links which can only be seen by a logged in user +// (and also the login link). Anything seen by an outsider will have it turned off. +// At present, setting SSL_POLICY_SELFSIGN will only force remote contacts to update their +// contact links to this site with "http:" if they are currently using "https:" + +// if($this->config['system']['ssl_policy'] == SSL_POLICY_SELFSIGN) { +// if($ssl) +// $scheme = 'https'; +// else +// $scheme = 'http'; +// } } $this->baseurl = $scheme . "://" . $this->hostname . ((isset($this->path) && strlen($this->path)) ? '/' . $this->path : '' ); @@ -685,6 +701,7 @@ function get_guid($size=16) { if(! function_exists('login')) { function login($register = false, $hiddens=false) { + $a = get_app(); $o = ""; $reg = false; if ($register) { @@ -704,23 +721,26 @@ function login($register = false, $hiddens=false) { } + $dest_url = $a->get_baseurl(true) . '/' . $a->query_string; $o .= replace_macros($tpl,array( - '$logout' => t('Logout'), - '$login' => t('Login'), + + '$dest_url' => $dest_url, + '$logout' => t('Logout'), + '$login' => t('Login'), '$lname' => array('username', t('Nickname or Email address: ') , '', ''), '$lpassword' => array('password', t('Password: '), '', ''), '$openid' => !$noid, - '$lopenid' => array('openid_url', t('Or login using OpenID: '),'',''), + '$lopenid' => array('openid_url', t('Or login using OpenID: '),'',''), - '$hiddens' => $hiddens, + '$hiddens' => $hiddens, - '$register' => $reg, + '$register' => $reg, - '$lostpass' => t('Forgot your password?'), - '$lostlink' => t('Password Reset'), + '$lostpass' => t('Forgot your password?'), + '$lostlink' => t('Password Reset'), )); call_hooks('login_hook',$o); @@ -1209,7 +1229,7 @@ function current_theme(){ $a = get_app(); $system_theme = ((isset($a->config['system']['theme'])) ? $a->config['system']['theme'] : ''); - $theme_name = ((is_array($_SESSION) && x($_SESSION,'theme')) ? $_SESSION['theme'] : $system_theme); + $theme_name = ((isset($_SESSION) && x($_SESSION,'theme')) ? $_SESSION['theme'] : $system_theme); if($theme_name && file_exists('view/theme/' . $theme_name . '/style.css')) return($theme_name); @@ -1335,7 +1355,7 @@ function profile_tabs($a, $is_owner=False, $nickname=Null){ array( 'label' => t('Profile'), 'url' => $url.'/?tab=profile', - 'sel' => (($tab=='profile')?'active':''), + 'sel' => ((isset($tab) && $tab=='profile')?'active':''), ), array( 'label' => t('Photos'), diff --git a/build.xml b/build.xml index 83c530026..a61a5123d 100644 --- a/build.xml +++ b/build.xml @@ -1,14 +1,49 @@ - + + + + + + + + + + + + + + + + - - - + + + + + + + + + + + + @@ -31,6 +66,9 @@ + + + diff --git a/database.sql b/database.sql index 35c257f02..f058bc59e 100755 --- a/database.sql +++ b/database.sql @@ -92,6 +92,7 @@ CREATE TABLE IF NOT EXISTS `contact` ( `blocked` tinyint(1) NOT NULL DEFAULT '1', `readonly` tinyint(1) NOT NULL DEFAULT '0', `writable` tinyint(1) NOT NULL DEFAULT '0', + `forum` tinyint(1) NOT NULL DEFAULT '0', `hidden` tinyint(1) NOT NULL DEFAULT '0', `pending` tinyint(1) NOT NULL DEFAULT '1', `rating` tinyint(1) NOT NULL DEFAULT '0', @@ -116,6 +117,7 @@ CREATE TABLE IF NOT EXISTS `contact` ( KEY `dfrn-id` (`dfrn-id`), KEY `blocked` (`blocked`), KEY `readonly` (`readonly`), + KEY `forum` (`forum`), KEY `hidden` (`hidden`), KEY `pending` (`pending`), KEY `closeness` (`closeness`) @@ -636,6 +638,7 @@ CREATE TABLE IF NOT EXISTS `mailacct` ( `mailbox` CHAR( 255 ) NOT NULL, `user` CHAR( 255 ) NOT NULL , `pass` TEXT NOT NULL , +`reply_to` CHAR( 255 ) NOT NULL , `action` INT NOT NULL , `movetofolder` CHAR(255) NOT NULL , `pubmail` TINYINT(1) NOT NULL DEFAULT '0', diff --git a/htconfig.php b/htconfig.php index f52aed2b1..9d9c8a2c7 100755 --- a/htconfig.php +++ b/htconfig.php @@ -79,3 +79,9 @@ $a->config['system']['theme'] = 'duepuntozero'; // By default allow pseudonyms $a->config['system']['no_regfullname'] = true; + +// If set to true the priority settings of ostatus contacts are used +$a->config['system']['ostatus_use_priority'] = false; + +// If enabled all items are cached in the given directory +$a->config['system']['itemcache'] = ""; diff --git a/include/acl_selectors.php b/include/acl_selectors.php index 67d8cebde..a5f5aff53 100755 --- a/include/acl_selectors.php +++ b/include/acl_selectors.php @@ -113,11 +113,13 @@ function contact_selector($selname, $selclass, $preselected = false, $options) { $str_nets = implode(',',$x['networks']); $sql_extra .= " AND `network` IN ( $str_nets ) "; } + + $tabindex = (x($options, 'tabindex') ? "tabindex=\"" . $options["tabindex"] . "\"" : ""); if($x['single']) - $o .= "\r\n"; else - $o .= "\r\n"; $r = q("SELECT `id`, `name`, `url`, `network` FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 AND `notify` != '' @@ -156,7 +158,7 @@ function contact_selector($selname, $selclass, $preselected = false, $options) { -function contact_select($selname, $selclass, $preselected = false, $size = 4, $privmail = false, $celeb = false, $privatenet = false) { +function contact_select($selname, $selclass, $preselected = false, $size = 4, $privmail = false, $celeb = false, $privatenet = false, $tabindex = null) { $a = get_app(); @@ -178,12 +180,12 @@ function contact_select($selname, $selclass, $preselected = false, $size = 4, $p $sql_extra .= " AND `network` IN ( 'dfrn', 'mail', 'face', 'dspr' ) "; } - + $tabindex = ($tabindex > 0 ? "tabindex=\"$tabindex\"" : ""); if($privmail) - $o .= "\r\n"; else - $o .= "\r\n"; $r = q("SELECT `id`, `name`, `url`, `network` FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 AND `notify` != '' diff --git a/include/contact_widgets.php b/include/contact_widgets.php index caa0572d2..605a3eb78 100755 --- a/include/contact_widgets.php +++ b/include/contact_widgets.php @@ -75,4 +75,33 @@ function networks_widget($baseurl,$selected = '') { )); } +function fileas_widget($baseurl,$selected = '') { + $a = get_app(); + if(! local_user()) + return ''; + + $saved = get_pconfig(local_user(),'system','filetags'); + if(! strlen($saved)) + return; + + $matches = false; + $terms = array(); + $cnt = preg_match_all('/\[(.*?)\]/',$saved,$matches,PREG_SET_ORDER); + if($cnt) { + foreach($matches as $mtch) { + $unescaped = file_tag_decode($mtch[1]); + $terms[] = array('name' => $unescaped,'selected' => (($selected == $unescaped) ? 'selected' : '')); + } + } + + return replace_macros(get_markup_template('fileas_widget.tpl'),array( + '$title' => t('File Selections'), + '$desc' => '', + '$sel_all' => (($selected == '') ? 'selected' : ''), + '$all' => t('Everything'), + '$terms' => $terms, + '$base' => $baseurl, + + )); +} diff --git a/include/conversation.php b/include/conversation.php index 526c6ea00..e9f024c27 100755 --- a/include/conversation.php +++ b/include/conversation.php @@ -186,6 +186,8 @@ function conversation(&$a, $items, $mode, $update, $preview = false) { require_once('bbcode.php'); + $ssl_state = ((local_user()) ? true : false); + $profile_owner = 0; $page_writeable = false; @@ -345,7 +347,7 @@ function conversation(&$a, $items, $mode, $update, $preview = false) { 'like' => '', 'dislike' => '', 'comment' => '', - 'conv' => (($preview) ? '' : array('href'=> $a->get_baseurl() . '/display/' . $nickname . '/' . $item['id'], 'title'=> t('View in context'))), + 'conv' => (($preview) ? '' : array('href'=> $a->get_baseurl($ssl_state) . '/display/' . $nickname . '/' . $item['id'], 'title'=> t('View in context'))), 'previewing' => $previewing, 'wait' => t('Please wait'), ); @@ -375,7 +377,8 @@ function conversation(&$a, $items, $mode, $update, $preview = false) { $comments[$item['parent']] = 1; else $comments[$item['parent']] += 1; - } + } elseif(! x($comments,$item['parent'])) + $comments[$item['parent']] = 0; // avoid notices later on } // map all the like/dislike activities for each parent item @@ -460,7 +463,7 @@ function conversation(&$a, $items, $mode, $update, $preview = false) { $comment_lastcollapsed = true; } - $redirect_url = $a->get_baseurl() . '/redir/' . $item['cid'] ; + $redirect_url = $a->get_baseurl($ssl_state) . '/redir/' . $item['cid'] ; $lock = ((($item['private']) || (($item['uid'] == local_user()) && (strlen($item['allow_cid']) || strlen($item['allow_gid']) || strlen($item['deny_cid']) || strlen($item['deny_gid'])))) @@ -542,7 +545,7 @@ function conversation(&$a, $items, $mode, $update, $preview = false) { } $edpost = (((($profile_owner == local_user()) && ($toplevelpost) && (intval($item['wall']) == 1)) || ($mode === 'notes')) - ? array($a->get_baseurl()."/editpost/".$item['id'], t("Edit")) + ? array($a->get_baseurl($ssl_state)."/editpost/".$item['id'], t("Edit")) : False); @@ -559,24 +562,28 @@ function conversation(&$a, $items, $mode, $update, $preview = false) { ); $star = false; + $filer = false; + $isstarred = "unstarred"; - if ($profile_owner == local_user() && $toplevelpost) { - $isstarred = (($item['starred']) ? "starred" : "unstarred"); + if ($profile_owner == local_user()) { + if($toplevelpost) { + $isstarred = (($item['starred']) ? "starred" : "unstarred"); - $star = array( - 'do' => t("add star"), - 'undo' => t("remove star"), - 'toggle' => t("toggle star status"), - 'classdo' => (($item['starred']) ? "hidden" : ""), - 'classundo' => (($item['starred']) ? "" : "hidden"), - 'starred' => t('starred'), - 'tagger' => t("add tag"), - 'classtagger' => "", - ); + $star = array( + 'do' => t("add star"), + 'undo' => t("remove star"), + 'toggle' => t("toggle star status"), + 'classdo' => (($item['starred']) ? "hidden" : ""), + 'classundo' => (($item['starred']) ? "" : "hidden"), + 'starred' => t('starred'), + 'tagger' => t("add tag"), + 'classtagger' => "", + ); + } + $filer = t("file as"); } - $photo = $item['photo']; $thumb = $item['thumb']; @@ -642,7 +649,7 @@ function conversation(&$a, $items, $mode, $update, $preview = false) { // template to use to render item (wall, walltowall, search) 'template' => $template, - 'type' => implode("",array_slice(split("/",$item['verb']),-1)), + 'type' => implode("",array_slice(explode("/",$item['verb']),-1)), 'tags' => $tags, 'body' => template_escape($body), 'text' => strip_tags(template_escape($body)), @@ -670,6 +677,7 @@ function conversation(&$a, $items, $mode, $update, $preview = false) { 'edpost' => $edpost, 'isstarred' => $isstarred, 'star' => $star, + 'filer' => $filer, 'drop' => $drop, 'vote' => $likebuttons, 'like' => $like, @@ -691,7 +699,7 @@ function conversation(&$a, $items, $mode, $update, $preview = false) { $page_template = get_markup_template("conversation.tpl"); $o .= replace_macros($page_template, array( - '$baseurl' => $a->get_baseurl(), + '$baseurl' => $a->get_baseurl($ssl_state), '$mode' => $mode, '$user' => $a->user, '$threads' => $threads, @@ -701,7 +709,7 @@ function conversation(&$a, $items, $mode, $update, $preview = false) { return $o; }} -function best_link_url($item,&$sparkle) { +function best_link_url($item,&$sparkle,$ssl_state = false) { $a = get_app(); @@ -713,7 +721,7 @@ function best_link_url($item,&$sparkle) { if((local_user()) && (local_user() == $item['uid'])) { if(isset($a->contacts) && x($a->contacts,$clean_url)) { if($a->contacts[$clean_url]['network'] === NETWORK_DFRN) { - $best_url = $a->get_baseurl() . '/redir/' . $a->contacts[$clean_url]['id']; + $best_url = $a->get_baseurl($ssl_state) . '/redir/' . $a->contacts[$clean_url]['id']; $sparkle = true; } else @@ -734,10 +742,14 @@ function best_link_url($item,&$sparkle) { if(! function_exists('item_photo_menu')){ function item_photo_menu($item){ $a = get_app(); - - if (local_user() && (! count($a->contacts))) - load_contact_links(local_user()); + $ssl_state = false; + + if(local_user()) { + $ssl_state = true; + if(! count($a->contacts)) + load_contact_links(local_user()); + } $contact_url=""; $pm_url=""; $status_link=""; @@ -745,7 +757,7 @@ function item_photo_menu($item){ $posts_link=""; $sparkle = false; - $profile_link = best_link_url($item,$sparkle); + $profile_link = best_link_url($item,$sparkle,$ssl_state); if($profile_link === 'mailbox') $profile_link = ''; @@ -754,7 +766,7 @@ function item_photo_menu($item){ $status_link = $profile_link . "?url=status"; $photos_link = $profile_link . "?url=photos"; $profile_link = $profile_link . "?url=profile"; - $pm_url = $a->get_baseurl() . '/message/new/' . $cid; + $pm_url = $a->get_baseurl($ssl_state) . '/message/new/' . $cid; } else { if(local_user() && local_user() == $item['uid'] && link_compare($item['url'],$item['author-link'])) { @@ -765,8 +777,19 @@ function item_photo_menu($item){ } } if(($cid) && (! $item['self'])) { - $contact_url = $a->get_baseurl() . '/contacts/' . $cid; - $posts_link = $a->get_baseurl() . '/network/?cid=' . $cid; + $contact_url = $a->get_baseurl($ssl_state) . '/contacts/' . $cid; + $posts_link = $a->get_baseurl($ssl_state) . '/network/?cid=' . $cid; + + $clean_url = normalise_link($item['author-link']); + + if((local_user()) && (local_user() == $item['uid'])) { + if(isset($a->contacts) && x($a->contacts,$clean_url)) { + if($a->contacts[$clean_url]['network'] === NETWORK_DIASPORA) { + $pm_url = $a->get_baseurl($ssl_state) . '/message/new/' . $cid; + } + } + } + } $menu = Array( @@ -802,7 +825,7 @@ function like_puller($a,$item,&$arr,$mode) { if((activity_match($item['verb'],$verb)) && ($item['id'] != $item['parent'])) { $url = $item['author-link']; if((local_user()) && (local_user() == $item['uid']) && ($item['network'] === 'dfrn') && (! $item['self']) && (link_compare($item['author-link'],$item['url']))) { - $url = $a->get_baseurl() . '/redir/' . $item['contact-id']; + $url = $a->get_baseurl(true) . '/redir/' . $item['contact-id']; $sparkle = ' class="sparkle" '; } if(! ((isset($arr[$item['parent'] . '-l'])) && (is_array($arr[$item['parent'] . '-l'])))) @@ -864,7 +887,7 @@ function status_editor($a,$x, $notes_cid = 0, $popup=false) { $a->page['htmlhead'] .= replace_macros($tpl, array( '$newpost' => 'true', - '$baseurl' => $a->get_baseurl(), + '$baseurl' => $a->get_baseurl(true), '$editselect' => (($plaintext) ? 'none' : '/(profile-jot-text|prvmail-text)/'), '$geotag' => $geotag, '$nickname' => $x['nickname'], @@ -873,6 +896,7 @@ function status_editor($a,$x, $notes_cid = 0, $popup=false) { '$vidurl' => t("Please enter a video link/URL:"), '$audurl' => t("Please enter an audio link/URL:"), '$term' => t('Tag term:'), + '$fileas' => t('File as:'), '$whereareu' => t('Where are you right now?'), '$title' => t('Enter a title for this item') )); @@ -914,8 +938,8 @@ function status_editor($a,$x, $notes_cid = 0, $popup=false) { $o .= replace_macros($tpl,array( '$return_path' => $a->cmd, - '$action' => $a->get_baseurl().'/item', - '$share' => (($x['button']) ? $x['button'] : t('Share')), + '$action' => $a->get_baseurl(true) . '/item', + '$share' => (x($x,'button') ? $x['button'] : t('Share')), '$upload' => t('Upload photo'), '$shortupload' => t('upload photo'), '$attach' => t('Attach file'), @@ -938,7 +962,7 @@ function status_editor($a,$x, $notes_cid = 0, $popup=false) { '$ptyp' => (($notes_cid) ? 'note' : 'wall'), '$content' => '', '$post_id' => '', - '$baseurl' => $a->get_baseurl(), + '$baseurl' => $a->get_baseurl(true), '$defloc' => $x['default_location'], '$visitor' => $x['visitor'], '$pvisit' => (($notes_cid) ? 'none' : $x['visitor']), @@ -980,8 +1004,8 @@ function conv_sort($arr,$order) { usort($parents,'sort_thr_commented'); if(count($parents)) - foreach($parents as $x) - $x['children'] = array(); + foreach($parents as $i=>$_x) + $parents[$i]['children'] = array(); foreach($arr as $x) { if($x['id'] != $x['parent']) { diff --git a/include/dba.php b/include/dba.php index 7455b6b3e..5beea7a3a 100755 --- a/include/dba.php +++ b/include/dba.php @@ -1,5 +1,7 @@ debug) - logger('dba: ' . printable(print_r($r, true)), LOGGER_DATA); + logger('dba: ' . printable(print_r($r, true))); return($r); } diff --git a/include/delivery.php b/include/delivery.php index c1ff07bd5..532dcd699 100755 --- a/include/delivery.php +++ b/include/delivery.php @@ -256,7 +256,8 @@ function delivery_run($argv, $argc){ '$picdate' => xmlify(datetime_convert('UTC','UTC',$owner['avatar-date'] . '+00:00' , ATOM_TIME)) , '$uridate' => xmlify(datetime_convert('UTC','UTC',$owner['uri-date'] . '+00:00' , ATOM_TIME)) , '$namdate' => xmlify(datetime_convert('UTC','UTC',$owner['name-date'] . '+00:00' , ATOM_TIME)) , - '$birthday' => $birthday + '$birthday' => $birthday, + '$community' => (($owner['page-flags'] == PAGE_COMMUNITY) ? '1' : '') )); foreach($items as $item) { @@ -435,8 +436,8 @@ function delivery_run($argv, $argc){ $headers .= 'Reply-to: ' . $reply_to . "\n"; // for testing purposes: Collect exported mails - $file = tempnam("/tmp/friendica/", "mail-out-"); - file_put_contents($file, json_encode($it)); + // $file = tempnam("/tmp/friendica/", "mail-out-"); + // file_put_contents($file, json_encode($it)); $headers .= 'Message-Id: <' . iri2msgid($it['uri']). '>' . "\n"; @@ -446,30 +447,16 @@ function delivery_run($argv, $argc){ if($it['uri'] !== $it['parent-uri']) { $headers .= 'References: <' . iri2msgid($it['parent-uri']) . '>' . "\n"; - if(! strlen($it['title'])) { + if(!strlen($it['title'])) { $r = q("SELECT `title` FROM `item` WHERE `parent-uri` = '%s' LIMIT 1", - dbesc($it['parent-uri']) - ); - if(count($r)) { - $subtitle = $r[0]['title']; - if($subtitle) { - if(strncasecmp($subtitle,'RE:',3)) - $subject = $subtitle; - else - $subject = 'Re: ' . $subtitle; - } - } + dbesc($it['parent-uri'])); + + if(count($r) AND ($r[0]['title'] != '')) + $subject = $r[0]['title']; } + if(strncasecmp($subject,'RE:',3)) + $subject = 'Re: '.$subject; } - /*$headers .= 'MIME-Version: 1.0' . "\n"; - //$headers .= 'Content-Type: text/html; charset=UTF-8' . "\n"; - $headers .= 'Content-Type: text/plain; charset=UTF-8' . "\n"; - $headers .= 'Content-Transfer-Encoding: 8bit' . "\n\n"; - $html = prepare_body($it); - //$message = '' . $html . ''; - $message = html2plain($html); - logger('notifier: email delivery to ' . $addr); - mail($addr, $subject, $message, $headers);*/ email_send($addr, $subject, $headers, $it); } break; diff --git a/include/diaspora.php b/include/diaspora.php index dca857a19..1b5af42cd 100755 --- a/include/diaspora.php +++ b/include/diaspora.php @@ -1159,6 +1159,48 @@ function diaspora_comment($importer,$xml,$msg) { proc_run('php','include/notifier.php','comment',$message_id); } + + $myconv = q("SELECT `author-link`, `author-avatar`, `parent` FROM `item` WHERE `parent-uri` = '%s' AND `uid` = %d AND `parent` != 0 ", + dbesc($parent_item['uri']), + intval($importer['uid']) + ); + + if(count($myconv)) { + $importer_url = $a->get_baseurl() . '/profile/' . $importer['nickname']; + + foreach($myconv as $conv) { + + // now if we find a match, it means we're in this conversation + + if(! link_compare($conv['author-link'],$importer_url)) + continue; + + require_once('include/enotify.php'); + + $conv_parent = $conv['parent']; + + notification(array( + 'type' => NOTIFY_COMMENT, + 'notify_flags' => $importer['notify-flags'], + 'language' => $importer['language'], + 'to_name' => $importer['username'], + 'to_email' => $importer['email'], + 'uid' => $importer['uid'], + 'item' => $datarray, + 'link' => $a->get_baseurl() . '/display/' . $importer['nickname'] . '/' . $message_id, + 'source_name' => $datarray['author-name'], + 'source_link' => $datarray['author-link'], + 'source_photo' => $datarray['author-avatar'], + 'verb' => ACTIVITY_POST, + 'otype' => 'item', + 'parent' => $conv_parent, + + )); + + // only send one notification + break; + } + } return; } diff --git a/include/email.php b/include/email.php index 659978b6e..8ea8145fb 100755 --- a/include/email.php +++ b/include/email.php @@ -1,5 +1,7 @@ parts) { $ret['body'] = email_get_part($mbox,$uid,$struc,0, 'html'); + $html = $ret['body']; if (trim($ret['body']) == '') $ret['body'] = email_get_part($mbox,$uid,$struc,0, 'plain'); @@ -107,6 +110,17 @@ function email_get_msg($mbox,$uid) { else $ret['body'] = $text; } + + $ret['body'] = removegpg($ret['body']); + $msg = removesig($ret['body']); + $ret['body'] = $msg['body']; + $ret['body'] = convertquote($ret['body'], false); + + if (trim($html) != '') + $ret['body'] = removelinebreak($ret['body']); + + $ret['body'] = unifyattributionline($ret['body']); + return $ret; } diff --git a/include/event.php b/include/event.php index 4a9a9a004..29202badd 100755 --- a/include/event.php +++ b/include/event.php @@ -163,7 +163,7 @@ function bbtoevent($s) { if(preg_match("/\[event\-adjust\](.*?)\[\/event\-adjust\]/is",$s,$match)) $ev['adjust'] = $match[1]; $match = ''; - $ev['nofinish'] = (($ev['start'] && (!x($ev, 'finish') || !$ev['finish'])) ? 1 : 0); + $ev['nofinish'] = (((x($ev, 'start') && $ev['start']) && (!x($ev, 'finish') || !$ev['finish'])) ? 1 : 0); return $ev; } diff --git a/include/html2bbcode.php b/include/html2bbcode.php index 32a90d7d6..69ccf41b7 100755 --- a/include/html2bbcode.php +++ b/include/html2bbcode.php @@ -142,18 +142,22 @@ function html2bbcode($message) node2bbcode($doc, 'span', array('style'=>'font-style: italic;'), '[i]', '[/i]'); node2bbcode($doc, 'span', array('style'=>'font-weight: bold;'), '[b]', '[/b]'); - node2bbcode($doc, 'font', array('face'=>'/([\w ]+)/', 'size'=>'/(\d+)/', 'color'=>'/(.+)/'), '[font=$1][size=$2][color=$3]', '[/color][/size][/font]'); + /*node2bbcode($doc, 'font', array('face'=>'/([\w ]+)/', 'size'=>'/(\d+)/', 'color'=>'/(.+)/'), '[font=$1][size=$2][color=$3]', '[/color][/size][/font]'); node2bbcode($doc, 'font', array('size'=>'/(\d+)/', 'color'=>'/(.+)/'), '[size=$1][color=$2]', '[/color][/size]'); node2bbcode($doc, 'font', array('face'=>'/([\w ]+)/', 'size'=>'/(.+)/'), '[font=$1][size=$2]', '[/size][/font]'); node2bbcode($doc, 'font', array('face'=>'/([\w ]+)/', 'color'=>'/(.+)/'), '[font=$1][color=$3]', '[/color][/font]'); node2bbcode($doc, 'font', array('face'=>'/([\w ]+)/'), '[font=$1]', '[/font]'); node2bbcode($doc, 'font', array('size'=>'/(\d+)/'), '[size=$1]', '[/size]'); node2bbcode($doc, 'font', array('color'=>'/(.+)/'), '[color=$1]', '[/color]'); +*/ + // Untested + //node2bbcode($doc, 'span', array('style'=>'/.*font-size:\s*(.+?)[,;].*font-family:\s*(.+?)[,;].*color:\s*(.+?)[,;].*/'), '[size=$1][font=$2][color=$3]', '[/color][/font][/size]'); + //node2bbcode($doc, 'span', array('style'=>'/.*font-size:\s*(\d+)[,;].*/'), '[size=$1]', '[/size]'); + //node2bbcode($doc, 'span', array('style'=>'/.*font-size:\s*(.+?)[,;].*/'), '[size=$1]', '[/size]'); node2bbcode($doc, 'span', array('style'=>'/.*color:\s*(.+?)[,;].*/'), '[color="$1"]', '[/color]'); - node2bbcode($doc, 'span', array('style'=>'/.*font-size:\s*(\d+)/'), '[size=$1]', '[/size]'); - //node2bbcode($doc, 'span', array('style'=>'/.*font-family:\s*(.+?)[,;].*/'), '[font=$1]', '[/font]'); + //node2bbcode($doc, 'div', array('style'=>'/.*font-family:\s*(.+?)[,;].*font-size:\s*(\d+?)pt.*/'), '[font=$1][size=$2]', '[/size][/font]'); //node2bbcode($doc, 'div', array('style'=>'/.*font-family:\s*(.+?)[,;].*font-size:\s*(\d+?)px.*/'), '[font=$1][size=$2]', '[/size][/font]'); //node2bbcode($doc, 'div', array('style'=>'/.*font-family:\s*(.+?)[,;].*/'), '[font=$1]', '[/font]'); @@ -187,13 +191,13 @@ function html2bbcode($message) node2bbcode($doc, 'hr', array(), "[hr]", ""); - //node2bbcode($doc, 'table', array(), "", ""); - //node2bbcode($doc, 'tr', array(), "\n", ""); - //node2bbcode($doc, 'td', array(), "\t", ""); - node2bbcode($doc, 'table', array(), "[table]", "[/table]"); - node2bbcode($doc, 'th', array(), "[th]", "[/th]"); - node2bbcode($doc, 'tr', array(), "[tr]", "[/tr]"); - node2bbcode($doc, 'td', array(), "[td]", "[/td]"); + node2bbcode($doc, 'table', array(), "", ""); + node2bbcode($doc, 'tr', array(), "\n", ""); + node2bbcode($doc, 'td', array(), "\t", ""); + //node2bbcode($doc, 'table', array(), "[table]", "[/table]"); + //node2bbcode($doc, 'th', array(), "[th]", "[/th]"); + //node2bbcode($doc, 'tr', array(), "[tr]", "[/tr]"); + //node2bbcode($doc, 'td', array(), "[td]", "[/td]"); node2bbcode($doc, 'h1', array(), "\n\n[size=xx-large][b]", "[/b][/size]\n"); node2bbcode($doc, 'h2', array(), "\n\n[size=x-large][b]", "[/b][/size]\n"); diff --git a/include/items.php b/include/items.php index 1a7aa6c46..5a297c83e 100755 --- a/include/items.php +++ b/include/items.php @@ -28,7 +28,7 @@ function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0) $sql_extra = " AND `allow_cid` = '' AND `allow_gid` = '' AND `deny_cid` = '' AND `deny_gid` = '' "; - $r = q("SELECT `contact`.*, `user`.`uid` AS `user_uid`, `user`.`nickname`, `user`.`timezone` + $r = q("SELECT `contact`.*, `user`.`uid` AS `user_uid`, `user`.`nickname`, `user`.`timezone`, `user`.`page-flags` FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid` WHERE `contact`.`self` = 1 AND `user`.`nickname` = '%s' LIMIT 1", dbesc($owner_nick) @@ -156,7 +156,8 @@ function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0) '$picdate' => xmlify(datetime_convert('UTC','UTC',$owner['avatar-date'] . '+00:00' , ATOM_TIME)) , '$uridate' => xmlify(datetime_convert('UTC','UTC',$owner['uri-date'] . '+00:00' , ATOM_TIME)) , '$namdate' => xmlify(datetime_convert('UTC','UTC',$owner['name-date'] . '+00:00' , ATOM_TIME)) , - '$birthday' => ((strlen($birthday)) ? '' . xmlify($birthday) . '' : '') + '$birthday' => ((strlen($birthday)) ? '' . xmlify($birthday) . '' : ''), + '$community' => (($owner['page-flags'] == PAGE_COMMUNITY) ? '1' : '') )); call_hooks('atom_feed', $atom); @@ -682,7 +683,7 @@ function item_store($arr,$force_parent = false) { unset($arr['dsprsig']); } - if($arr['gravity']) + if(x($arr, 'gravity')) $arr['gravity'] = intval($arr['gravity']); elseif($arr['parent-uri'] === $arr['uri']) $arr['gravity'] = 0; @@ -742,6 +743,7 @@ function item_store($arr,$force_parent = false) { if($arr['parent-uri'] === $arr['uri']) { $parent_id = 0; + $parent_deleted = 0; $allow_cid = $arr['allow_cid']; $allow_gid = $arr['allow_gid']; $deny_cid = $arr['deny_cid']; @@ -800,6 +802,8 @@ function item_store($arr,$force_parent = false) { logger('item_store: item parent was not found - ignoring item'); return 0; } + + $parent_deleted = 0; } } @@ -1043,6 +1047,22 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) { if(! $rino_enable) $rino = 0; + $ssl_val = intval(get_config('system','ssl_policy')); + $ssl_policy = ''; + + switch($ssl_val){ + case SSL_POLICY_FULL: + $ssl_policy = 'full'; + break; + case SSL_POLICY_SELFSIGN: + $ssl_policy = 'self'; + break; + case SSL_POLICY_NONE: + default: + $ssl_policy = 'none'; + break; + } + $url = $contact['notify'] . '&dfrn_id=' . $idtosend . '&dfrn_version=' . DFRN_PROTOCOL_VERSION . (($rino) ? '&rino=1' : ''); logger('dfrn_deliver: ' . $url); @@ -1074,6 +1094,7 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) { $challenge = hex2bin((string) $res->challenge); $dfrn_version = (float) (($res->dfrn_version) ? $res->dfrn_version : 2.0); $rino_allowed = ((intval($res->rino) === 1) ? 1 : 0); + $page = (($owner['page-flags'] == PAGE_COMMUNITY) ? 1 : 0); $final_dfrn_id = ''; @@ -1115,6 +1136,11 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) { $postvars['perm'] = 'r'; } + $postvars['ssl_policy'] = $ssl_policy; + + if($page) + $postvars['page'] = '1'; + if($rino && $rino_allowed && (! $dissolve)) { $key = substr(random_string(),0,16); $data = bin2hex(aes_encrypt($postvars['data'],$key)); @@ -1379,6 +1405,19 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0) } + $community_page = 0; + $rawtags = $feed->get_feed_tags( NAMESPACE_DFRN, 'community'); + if($rawtags) { + $community_page = intval($rawtags[0]['data']); + } + if(is_array($contact) && intval($contact['forum']) != $community_page) { + q("update contact set forum = %d where id = %d limit 1", + intval($community_page), + intval($contact['id']) + ); + $contact['forum'] = (string) $community_page; + } + // process any deleted entries @@ -1962,6 +2001,19 @@ function local_delivery($importer,$data) { // NOTREACHED } + + $community_page = 0; + $rawtags = $feed->get_feed_tags( NAMESPACE_DFRN, 'community'); + if($rawtags) { + $community_page = intval($rawtags[0]['data']); + } + if(intval($importer['forum']) != $community_page) { + q("update contact set forum = %d where id = %d limit 1", + intval($community_page), + intval($importer['id']) + ); + $importer['forum'] = (string) $community_page; + } logger('local_delivery: feed item count = ' . $feed->get_item_quantity()); @@ -2001,6 +2053,7 @@ function local_delivery($importer,$data) { if(($item['verb'] === ACTIVITY_TAG) && ($item['object-type'] === ACTVITY_OBJ_TAGTERM)) { $xo = parse_xml_string($item['object'],false); $xt = parse_xml_string($item['target'],false); + if($xt->type === ACTIVITY_OBJ_NOTE) { $i = q("select * from `item` where uri = '%s' and uid = %d limit 1", dbesc($xt->id), diff --git a/include/msgclean.php b/include/msgclean.php new file mode 100644 index 000000000..284ad1ce4 --- /dev/null +++ b/include/msgclean.php @@ -0,0 +1,225 @@ +\s.*?To: (.*?)\s*?Cc: (.*?)\s*?Sent: (.*?)\s.*?Subject: ([^\n].*)\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + $message = savereplace('/----- Original Message -----\s.*?From: "([^<"].*?)" <(.*?)>\s.*?To: (.*?)\s*?Sent: (.*?)\s.*?Subject: ([^\n].*)\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + + $message = savereplace('/-------- Original-Nachricht --------\s*\['.$quote.'\]\nDatum: (.*?)\nVon: (.*?) <(.*?)>\nAn: (.*?)\nBetreff: (.*?)\n/i', "[".$quote."='$2']\n", $message); + $message = savereplace('/-------- Original-Nachricht --------\s*\['.$quote.'\]\sDatum: (.*?)\s.*Von: "([^<"].*?)" <(.*?)>\s.*An: (.*?)\n.*/i', "[".$quote."='$2']\n", $message); + $message = savereplace('/-------- Original-Nachricht --------\s*\['.$quote.'\]\nDatum: (.*?)\nVon: (.*?)\nAn: (.*?)\nBetreff: (.*?)\n/i', "[".$quote."='$2']\n", $message); + + $message = savereplace('/-----Urspr.*?ngliche Nachricht-----\sVon: "([^<"].*?)" <(.*?)>\s.*Gesendet: (.*?)\s.*An: (.*?)\s.*Betreff: ([^\n].*?).*:\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + $message = savereplace('/-----Urspr.*?ngliche Nachricht-----\sVon: "([^<"].*?)" <(.*?)>\s.*Gesendet: (.*?)\s.*An: (.*?)\s.*Betreff: ([^\n].*?)\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + + $message = savereplace('/Am (.*?), schrieb (.*?):\s*\['.$quote.'\]/i', "[".$quote."='$2']\n", $message); + + $message = savereplace('/Am .*?, \d+ .*? \d+ \d+:\d+:\d+ \+\d+\sschrieb\s(.*?)\s<(.*?)>:\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + + $message = savereplace('/Am (.*?) schrieb (.*?) <(.*?)>:\s*\['.$quote.'\]/i', "[".$quote."='$2']\n", $message); + $message = savereplace('/Am (.*?) schrieb <(.*?)>:\s*\['.$quote.'\]/i', "[".$quote."='$2']\n", $message); + $message = savereplace('/Am (.*?) schrieb (.*?):\s*\['.$quote.'\]/i', "[".$quote."='$2']\n", $message); + $message = savereplace('/Am (.*?) schrieb (.*?)\n(.*?):\s*\['.$quote.'\]/i', "[".$quote."='$2']\n", $message); + + $message = savereplace('/(\d+)\/(\d+)\/(\d+) ([^<"].*?) <(.*?)>\s*\['.$quote.'\]/i', "[".$quote."='$4']\n", $message); + + $message = savereplace('/On .*?, \d+ .*? \d+ \d+:\d+:\d+ \+\d+\s(.*?)\s<(.*?)>\swrote:\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + + $message = savereplace('/On (.*?) at (.*?), (.*?)\s<(.*?)>\swrote:\s*\['.$quote.'\]/i', "[".$quote."='$3']\n", $message); + $message = savereplace('/On (.*?)\n([^<].*?)\s<(.*?)>\swrote:\s*\['.$quote.'\]/i', "[".$quote."='$2']\n", $message); + $message = savereplace('/On (.*?), (.*?), (.*?)\s<(.*?)>\swrote:\s*\['.$quote.'\]/i', "[".$quote."='$3']\n", $message); + $message = savereplace('/On ([^,].*?), (.*?)\swrote:\s*\['.$quote.'\]/i', "[".$quote."='$2']\n", $message); + $message = savereplace('/On (.*?), (.*?)\swrote\s*\['.$quote.'\]/i', "[".$quote."='$2']\n", $message); + + // Der loescht manchmal den Body - was eigentlich unmoeglich ist + $message = savereplace('/On (.*?),(.*?),(.*?),(.*?), (.*?) wrote:\s*\['.$quote.'\]/i', "[".$quote."='$5']\n", $message); + + $message = savereplace('/Zitat von ([^<].*?) <(.*?)>:\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + + $message = savereplace('/Quoting ([^<].*?) <(.*?)>:\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + + $message = savereplace('/From: "([^<"].*?)" <(.*?)>\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + $message = savereplace('/From: <(.*?)>\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + + $message = savereplace('/Du \(([^)].*?)\) schreibst:\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + + $message = savereplace('/--- (.*?) <.*?> schrieb am (.*?):\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + $message = savereplace('/--- (.*?) schrieb am (.*?):\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + + $message = savereplace('/\* (.*?) <(.*?)> hat geschrieben:\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + + $message = savereplace('/(.*?) <(.*?)> schrieb (.*?)\):\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + $message = savereplace('/(.*?) <(.*?)> schrieb am (.*?) um (.*):\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + $message = savereplace('/(.*?) schrieb am (.*?) um (.*):\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + $message = savereplace('/(.*?) \((.*?)\) schrieb:\s*\['.$quote.'\]/i', "[".$quote."='$2']\n", $message); + $message = savereplace('/(.*?) schrieb:\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + + $message = savereplace('/(.*?) <(.*?)> writes:\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + $message = savereplace('/(.*?) \((.*?)\) writes:\s*\['.$quote.'\]/i', "[".$quote."='$2']\n", $message); + $message = savereplace('/(.*?) writes:\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + + $message = savereplace('/\* (.*?) wrote:\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + $message = savereplace('/(.*?) wrote \(.*?\):\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + $message = savereplace('/(.*?) wrote:\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + + $message = savereplace('/([^<].*?) <.*?> hat am (.*?)\sum\s(.*)\sgeschrieben:\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + + $message = savereplace('/(\d+)\/(\d+)\/(\d+) ([^<"].*?) <(.*?)>:\s*\['.$quote.'\]/i', "[".$quote."='$4']\n", $message); + $message = savereplace('/(\d+)\/(\d+)\/(\d+) (.*?) <(.*?)>\s*\['.$quote.'\]/i', "[".$quote."='$4']\n", $message); + $message = savereplace('/(\d+)\/(\d+)\/(\d+) <(.*?)>:\s*\['.$quote.'\]/i', "[".$quote."='$4']\n", $message); + $message = savereplace('/(\d+)\/(\d+)\/(\d+) <(.*?)>\s*\['.$quote.'\]/i', "[".$quote."='$4']\n", $message); + + $message = savereplace('/(.*?) <(.*?)> schrubselte:\s*\['.$quote.'\]/i', "[".$quote."='$1']\n", $message); + $message = savereplace('/(.*?) \((.*?)\) schrubselte:\s*\['.$quote.'\]/i', "[".$quote."='$2']\n", $message); + + } + return($message); +} + +function removegpg($message) +{ + + $pattern = '/(.*)\s*-----BEGIN PGP SIGNED MESSAGE-----\s*[\r\n].*Hash:.*?[\r\n](.*)'. + '[\r\n]\s*-----BEGIN PGP SIGNATURE-----\s*[\r\n].*'. + '[\r\n]\s*-----END PGP SIGNATURE-----(.*)/is'; + + preg_match($pattern, $message, $result); + + $cleaned = trim($result[1].$result[2].$result[3]); + + $cleaned = str_replace(array("\n- --\n", "\n- -"), array("\n-- \n", "\n-"), $cleaned); + + + if ($cleaned == '') + $cleaned = $message; + + return($cleaned); +} + +function removesig($message) +{ + $sigpos = strrpos($message, "\n-- \n"); + $quotepos = strrpos($message, "[/quote]"); + + if ($sigpos == 0) { + // Speziell fuer web.de, die das als Trenner verwenden + $message = str_replace("\n___________________________________________________________\n", "\n-- \n", $message); + $sigpos = strrpos($message, "\n-- \n"); + $quotepos = strrpos($message, "[/quote]"); + } + + // Sollte sich der Signaturtrenner innerhalb eines Quotes befinden + // wird keine Signaturtrennung ausgefuehrt + if (($sigpos < $quotepos) and ($sigpos != 0)) + return(array('body' => $message, 'sig' => '')); + + // To-Do: Regexp umstellen, so dass auf 1 oder kein Leerzeichen + // geprueft wird + //$message = str_replace("\n--\n", "\n-- \n", $message); + + $pattern = '/(.*)[\r\n]-- [\r\n](.*)/is'; + + preg_match($pattern, $message, $result); + + if (($result[1] != '') and ($result[2] != '')) { + $cleaned = trim($result[1])."\n"; + $sig = trim($result[2]); + // '[hr][size=x-small][color=darkblue]'.trim($result[2]).'[/color][/size]'; + } else { + $cleaned = $message; + $sig = ''; + } + + return(array('body' => $cleaned, 'sig' => $sig)); +} + +function removelinebreak($message) +{ + $arrbody = explode("\n", trim($message)); + + $lines = array(); + $lineno = 0; + + foreach($arrbody as $i => $line) { + $currquotelevel = 0; + $currline = $line; + while ((strlen($currline)>0) and ((substr($currline, 0, 1) == '>') + or (substr($currline, 0, 1) == ' '))) { + if (substr($currline, 0, 1) == '>') + $currquotelevel++; + + $currline = ltrim(substr($currline, 1)); + } + + $quotelevel = 0; + $nextline = trim($arrbody[$i+1]); + while ((strlen($nextline)>0) and ((substr($nextline, 0, 1) == '>') + or (substr($nextline, 0, 1) == ' '))) { + if (substr($nextline, 0, 1) == '>') + $quotelevel++; + + $nextline = ltrim(substr($nextline, 1)); + } + + $len = strlen($line); + $firstword = strpos($nextline.' ', ' '); + + $specialchars = ((substr(trim($nextline), 0, 1) == '-') or + (substr(trim($nextline), 0, 1) == '=') or + (substr(trim($nextline), 0, 1) == '*') or + (substr(trim($nextline), 0, 1) == '·') or + (substr(trim($nextline), 0, 4) == '[url') or + (substr(trim($nextline), 0, 5) == '[size') or + (substr(trim($nextline), 0, 7) == 'http://') or + (substr(trim($nextline), 0, 8) == 'https://')); + + if (!$specialchars) + $specialchars = ((substr(rtrim($line), -1) == '-') or + (substr(rtrim($line), -1) == '=') or + (substr(rtrim($line), -1) == '*') or + (substr(rtrim($line), -1) == '·') or + (substr(rtrim($line), -6) == '[/url]') or + (substr(rtrim($line), -7) == '[/size]')); + + //if ($specialchars) + // echo ("Special\n"); + + if ($lines[$lineno] != '') { + if (substr($lines[$lineno], -1) != ' ') + $lines[$lineno] .= ' '; + + while ((strlen($line)>0) and ((substr($line, 0, 1) == '>') + or (substr($line, 0, 1) == ' '))) { + + $line = ltrim(substr($line, 1)); + } + + } + //else + // $lines[$lineno] = $quotelevel.'-'.$len.'-'.$firstword.'-'; + + $lines[$lineno] .= $line; + //if ((($len + $firstword < 68) and (substr($line, -1, 1) != ' ')) + // or ($quotelevel != $currquotelevel) or $specialchars) + if (((substr($line, -1, 1) != ' ')) + or ($quotelevel != $currquotelevel)) + $lineno++; + } + return(implode("\n", $lines)); + +} +?> diff --git a/include/nav.php b/include/nav.php index aadfa82fd..e28081839 100755 --- a/include/nav.php +++ b/include/nav.php @@ -8,6 +8,8 @@ function nav(&$a) { * */ + $ssl_state = ((local_user()) ? true : false); + if(!(x($a->page,'nav'))) $a->page['nav'] = ''; @@ -27,7 +29,7 @@ function nav(&$a) { $myident = ((is_array($a->user) && isset($a->user['nickname'])) ? $a->user['nickname'] . '@' : ''); - $sitelocation = $myident . substr($a->get_baseurl(),strpos($a->get_baseurl(),'//') + 2 ); + $sitelocation = $myident . substr($a->get_baseurl($ssl_state),strpos($a->get_baseurl($ssl_state),'//') + 2 ); // nav links: array of array('href', 'text', 'extra css classes', 'title') @@ -53,7 +55,7 @@ function nav(&$a) { // user info $r = q("SELECT micro FROM contact WHERE uid=%d AND self=1", intval($a->user['uid'])); $userinfo = array( - 'icon' => (count($r) ? $r[0]['micro']: $a->get_baseurl()."/images/default-profile-mm.jpg"), + 'icon' => (count($r) ? $r[0]['micro']: $a->get_baseurl($ssl_state)."/images/default-profile-mm.jpg"), 'name' => $a->user['username'], ); @@ -76,7 +78,7 @@ function nav(&$a) { if(($a->config['register_policy'] == REGISTER_OPEN) && (! local_user()) && (! remote_user())) $nav['register'] = array('register',t('Register'), "", t('Create an account')); - $help_url = $a->get_baseurl() . '/help'; + $help_url = $a->get_baseurl($ssl_state) . '/help'; if(! get_config('system','hide_help')) $nav['help'] = array($help_url, t('Help'), "", t('Help and documentation')); diff --git a/include/network.php b/include/network.php index c72919dd8..22157ff18 100755 --- a/include/network.php +++ b/include/network.php @@ -303,7 +303,7 @@ function webfinger_dfrn($s,&$hcard) { if(! function_exists('webfinger')) { -function webfinger($s) { +function webfinger($s, $debug = false) { $host = ''; if(strstr($s,'@')) { $host = substr($s,strpos($s,'@') + 1); @@ -328,7 +328,7 @@ function webfinger($s) { }} if(! function_exists('lrdd')) { -function lrdd($uri) { +function lrdd($uri, $debug = false) { $a = get_app(); diff --git a/include/notifier.php b/include/notifier.php index 5b23406fc..d63ad7ae7 100755 --- a/include/notifier.php +++ b/include/notifier.php @@ -337,7 +337,9 @@ function notifier_run($argv, $argc){ '$picdate' => xmlify(datetime_convert('UTC','UTC',$owner['avatar-date'] . '+00:00' , ATOM_TIME)) , '$uridate' => xmlify(datetime_convert('UTC','UTC',$owner['uri-date'] . '+00:00' , ATOM_TIME)) , '$namdate' => xmlify(datetime_convert('UTC','UTC',$owner['name-date'] . '+00:00' , ATOM_TIME)) , - '$birthday' => $birthday + '$birthday' => $birthday, + '$community' => (($owner['page-flags'] == PAGE_COMMUNITY) ? '1' : '') + )); if($mail) { @@ -648,38 +650,23 @@ function notifier_run($argv, $argc){ $headers .= 'Reply-to: ' . $reply_to . "\n"; // for testing purposes: Collect exported mails - $file = tempnam("/tmp/friendica/", "mail-out2-"); - file_put_contents($file, json_encode($it)); + //$file = tempnam("/tmp/friendica/", "mail-out2-"); + //file_put_contents($file, json_encode($it)); $headers .= 'Message-Id: <' . iri2msgid($it['uri']) . '>' . "\n"; if($it['uri'] !== $it['parent-uri']) { $headers .= 'References: <' . iri2msgid($it['parent-uri']) . '>' . "\n"; - if(! strlen($it['title'])) { + if(!strlen($it['title'])) { $r = q("SELECT `title` FROM `item` WHERE `parent-uri` = '%s' LIMIT 1", - dbesc($it['parent-uri']) - ); - if(count($r)) { - $subtitle = $r[0]['title']; - if($subtitle) { - if(strncasecmp($subtitle,'RE:',3)) - $subject = $subtitle; - else - $subject = 'Re: ' . $subtitle; - } - } - } - } + dbesc($it['parent-uri'])); - /*$headers .= 'MIME-Version: 1.0' . "\n"; - //$headers .= 'Content-Type: text/html; charset=UTF-8' . "\n"; - $headers .= 'Content-Type: text/plain; charset=UTF-8' . "\n"; - $headers .= 'Content-Transfer-Encoding: 8bit' . "\n\n"; - $html = prepare_body($it); - //$message = '' . $html . ''; - $message = html2plain($html); - logger('notifier: email delivery to ' . $addr); - mail($addr, $subject, $message, $headers);*/ + if(count($r) AND ($r[0]['title'] != '')) + $subject = $r[0]['title']; + } + if(strncasecmp($subject,'RE:',3)) + $subject = 'Re: '.$subject; + } email_send($addr, $subject, $headers, $it); } break; diff --git a/include/oembed.php b/include/oembed.php index 5c3c595f5..cc71f9757 100755 --- a/include/oembed.php +++ b/include/oembed.php @@ -1,6 +1,6 @@ embedurl; - $jhtml = oembed_iframe($j->embedurl,$j->width,$j->height ); + $jhtml = oembed_iframe($j->embedurl,(isset($j->width) ? $j->width : null), (isset($j->height) ? $j->height : null) ); $ret=""; switch ($j->type) { case "video": { diff --git a/include/poller.php b/include/poller.php index cfbc46b87..8262c1d60 100755 --- a/include/poller.php +++ b/include/poller.php @@ -1,7 +1,6 @@ UTC_TIMESTAMP() - INTERVAL 12 HOUR && `last` < UTC_TIMESTAMP() - INTERVAL 15 MINUTE ) OR ( `last` < UTC_TIMESTAMP() - INTERVAL 1 HOUR ))"); + } if(! count($r)){ return; } diff --git a/include/security.php b/include/security.php index 8c536b656..19e91eb63 100755 --- a/include/security.php +++ b/include/security.php @@ -288,3 +288,59 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null) } +/* + * Functions used to protect against Cross-Site Request Forgery + * The security token has to base on at least one value that an attacker can't know - here it's the session ID and the private key. + * In this implementation, a security token is reusable (if the user submits a form, goes back and resubmits the form, maybe with small changes; + * or if the security token is used for ajax-calls that happen several times), but only valid for a certain amout of time (3hours). + * The "typename" seperates the security tokens of different types of forms. This could be relevant in the following case: + * A security token is used to protekt a link from CSRF (e.g. the "delete this profile"-link). + * If the new page contains by any chance external elements, then the used security token is exposed by the referrer. + * Actually, important actions should not be triggered by Links / GET-Requests at all, but somethimes they still are, + * so this mechanism brings in some damage control (the attacker would be able to forge a request to a form of this type, but not to forms of other types). + */ +function get_form_security_token($typename = '') { + $a = get_app(); + + $timestamp = time(); + $sec_hash = hash('whirlpool', $a->user['guid'] . $a->user['prvkey'] . session_id() . $timestamp . $typename); + + return $timestamp . '.' . $sec_hash; +} + +function check_form_security_token($typename = '', $formname = 'form_security_token') { + if (!x($_REQUEST, $formname)) return false; + $hash = $_REQUEST[$formname]; + + $max_livetime = 10800; // 3 hours + + $a = get_app(); + + $x = explode('.', $hash); + if (time() > (IntVal($x[0]) + $max_livetime)) return false; + + $sec_hash = hash('whirlpool', $a->user['guid'] . $a->user['prvkey'] . session_id() . $x[0] . $typename); + + return ($sec_hash == $x[1]); +} + +function check_form_security_std_err_msg() { + return t('The form security token was not correct. This probably happened because the form has been opened for too long (>3 hours) before subitting it.') . EOL; +} +function check_form_security_token_redirectOnErr($err_redirect, $typename = '', $formname = 'form_security_token') { + if (!check_form_security_token($typename, $formname)) { + $a = get_app(); + logger('check_form_security_token failed: user ' . $a->user['guid'] . ' - form element ' . $typename); + logger('check_form_security_token failed: _REQUEST data: ' . print_r($_REQUEST, true), LOGGER_DATA); + notice( check_form_security_std_err_msg() ); + goaway($a->get_baseurl() . $err_redirect ); + } +} +function check_form_security_token_ForbiddenOnErr($typename = '', $formname = 'form_security_token') { + if (!check_form_security_token($typename, $formname)) { + logger('check_form_security_token failed: user ' . $a->user['guid'] . ' - form element ' . $typename); + logger('check_form_security_token failed: _REQUEST data: ' . print_r($_REQUEST, true), LOGGER_DATA); + header('HTTP/1.1 403 Forbidden'); + killme(); + } +} \ No newline at end of file diff --git a/include/template_processor.php b/include/template_processor.php index 8671587fc..4c317efe1 100755 --- a/include/template_processor.php +++ b/include/template_processor.php @@ -80,8 +80,13 @@ */ private function _replcb_for($args){ $m = array_map('trim', explode(" as ", $args[2])); - list($keyname, $varname) = explode("=>",$m[1]); - if (is_null($varname)) { $varname=$keyname; $keyname=""; } + $x = explode("=>",$m[1]); + if (count($x) == 1) { + $varname = $x[0]; + $keyname = ""; + } else { + list($keyname, $varname) = $x; + } if ($m[0]=="" || $varname=="" || is_null($varname)) die("template error: 'for ".$m[0]." as ".$varname."'") ; //$vals = $this->r[$m[0]]; $vals = $this->_get_var($m[0]); @@ -91,7 +96,7 @@ $this->_push_stack(); $r = $this->r; $r[$varname] = $v; - if ($keyname!='') $r[$keyname] = $k; + if ($keyname!='') $r[$keyname] = (($k === 0) ? '0' : $k); $ret .= $this->replace($args[3], $r); $this->_pop_stack(); } @@ -198,7 +203,7 @@ $os=$s; $count++; $s = $this->var_replace($s); } - return template_unescape($s); + return $s; } } diff --git a/include/text.php b/include/text.php index 011006b76..a0ff1600e 100644 --- a/include/text.php +++ b/include/text.php @@ -20,7 +20,7 @@ function replace_macros($s,$r) { //$a = get_app(); //$a->page['debug'] .= "$tt
\n"; - return $r; + return template_unescape($r); }} @@ -638,7 +638,7 @@ if(! function_exists('search')) { function search($s,$id='search-box',$url='/search',$save = false) { $a = get_app(); $o = '
'; - $o .= '
'; + $o .= ''; $o .= ''; $o .= ''; if($save) @@ -694,8 +694,13 @@ function linkify($s) { if(! function_exists('smilies')) { function smilies($s, $sample = false) { + $a = get_app(); + if(intval(get_config('system','no_smilies')) + || (local_user() && intval(get_pconfig(local_user(),'system','no_smilies')))) + return $s; + $s = preg_replace_callback('/
(.*?)<\/pre>/ism','smile_encode',$s);
 	$s = preg_replace_callback('/(.*?)<\/code>/ism','smile_encode',$s);
 
@@ -874,16 +879,30 @@ function link_compare($a,$b) {
 if(! function_exists('prepare_body')) {
 function prepare_body($item,$attach = false) {
 
+	$a = get_app();
 	call_hooks('prepare_body_init', $item); 
 
-	$s = prepare_text($item['body']);
+	$cache = get_config('system','itemcache');
+
+	if (($cache != '')) {
+		$cachefile = $cache."/".$item["guid"]."-".strtotime($item["edited"])."-".hash("crc32", $item['body']);
+
+		if (file_exists($cachefile))
+			$s = file_get_contents($cachefile);
+		else {
+			$s = prepare_text($item['body']);
+			file_put_contents($cachefile, $s);
+		}
+	} else
+		$s = prepare_text($item['body']);
 
 	$prep_arr = array('item' => $item, 'html' => $s);
 	call_hooks('prepare_body', $prep_arr);
 	$s = $prep_arr['html'];
 
-	if(! $attach)
+	if(! $attach) {
 		return $s;
+	}
 
 	$arr = explode(',',$item['attach']);
 	if(count($arr)) {
@@ -913,10 +932,37 @@ function prepare_body($item,$attach = false) {
 		}
 		$s .= '
'; } + $matches = false; + $cnt = preg_match_all('/<(.*?)>/',$item['file'],$matches,PREG_SET_ORDER); + if($cnt) { +// logger('prepare_text: categories: ' . print_r($matches,true), LOGGER_DEBUG); + foreach($matches as $mtch) { + if(strlen($x)) + $x .= ','; + $x .= file_tag_decode($mtch[1]); + } + if(strlen($x)) + $s .= '
' . t('Categories:') . ' ' . $x . '
'; + } + $matches = false; + $x = ''; + $cnt = preg_match_all('/\[(.*?)\]/',$item['file'],$matches,PREG_SET_ORDER); + if($cnt) { +// logger('prepare_text: filed_under: ' . print_r($matches,true), LOGGER_DEBUG); + foreach($matches as $mtch) { + if(strlen($x)) + $x .= '   '; + $x .= file_tag_decode($mtch[1]). ' ' . t('[remove]') . ''; + } + if(strlen($x) && (local_user() == $item['uid'])) + $s .= '
' . t('Filed under:') . ' ' . $x . '
'; + } + $prep_arr = array('item' => $item, 'html' => $s); call_hooks('prepare_body_final', $prep_arr); + return $prep_arr['html']; }} @@ -1267,7 +1313,7 @@ function file_tag_save_file($uid,$item,$file) { if(count($r)) { if(! stristr($r[0]['file'],'[' . file_tag_encode($file) . ']')) q("update item set file = '%s' where id = %d and uid = %d limit 1", - dbesc($r[0]['file'] . '[' . $file_tag_encode($file) . ']'), + dbesc($r[0]['file'] . '[' . file_tag_encode($file) . ']'), intval($item), intval($uid) ); diff --git a/js/main.js b/js/main.js index c20455ad1..babd2a1c3 100755 --- a/js/main.js +++ b/js/main.js @@ -486,9 +486,9 @@ return a.join(''); } - function groupChangeMember(gid,cid) { + function groupChangeMember(gid, cid, sec_token) { $('body .fakelink').css('cursor', 'wait'); - $.get('group/' + gid + '/' + cid, function(data) { + $.get('group/' + gid + '/' + cid + "?t=" + sec_token, function(data) { $('#group-update-wrapper').html(data); $('body .fakelink').css('cursor', 'auto'); }); diff --git a/library/tinymce/jscripts/tiny_mce/plugins/bbcode/editor_plugin_src.js b/library/tinymce/jscripts/tiny_mce/plugins/bbcode/editor_plugin_src.js index 44d1473a9..183f2bc68 100755 --- a/library/tinymce/jscripts/tiny_mce/plugins/bbcode/editor_plugin_src.js +++ b/library/tinymce/jscripts/tiny_mce/plugins/bbcode/editor_plugin_src.js @@ -44,61 +44,79 @@ _dfrn_html2bbcode : function(s) { s = tinymce.trim(s); - function rep(re, str) { - - //modify code to keep stuff intact within [code][/code] blocks - //Waitman Gobble NO WARRANTY - - - var o = new Array(); - var x = s.split("[code]"); - var i = 0; - - var si = ""; - si = x.shift(); - si = si.replace(re,str); - o.push(si); - - for (i = 0; i < x.length; i++) { - var no = new Array(); - var j = x.shift(); - var g = j.split("[/code]"); - no.push(g.shift()); - si = g.shift(); - si = si.replace(re,str); - no.push(si); - o.push(no.join("[/code]")); - } - - s = o.join("[code]"); - - }; - - - - - /* oembed */ - function _h2b_cb(match) { - function s_h2b(data) { - match = data; + function rep(re, str) { + + //modify code to keep stuff intact within [code][/code] blocks + //Waitman Gobble NO WARRANTY + + + var o = new Array(); + var x = s.split("[code]"); + var i = 0; + + var si = ""; + si = x.shift(); + si = si.replace(re,str); + o.push(si); + + for (i = 0; i < x.length; i++) { + var no = new Array(); + var j = x.shift(); + var g = j.split("[/code]"); + no.push(g.shift()); + si = g.shift(); + si = si.replace(re,str); + no.push(si); + o.push(no.join("[/code]")); + } + + s = o.join("[code]"); + + }; + + + + + /* oembed */ + function _h2b_cb(match) { + /* + function s_h2b(data) { + match = data; } $.ajax({ - type:"POST", + type:"POST", url: 'oembed/h2b', - data: {text: match}, - async: false, - success: s_h2b, - dataType: 'html' - }); - return match; - } + data: {text: match}, + async: false, + success: s_h2b, + dataType: 'html' + }); + */ + + var f, g, tof = [], tor = []; + var find_spanc = /]*class *= *[\"'](?:[^\"']* )*oembed(?: [^\"']*)*[\"'][^>]*>(.*?(?:]*>(.*?)<\/span *>)*.*?)<\/span *>/ig; + while (f = find_spanc.exec(match)) { + var find_a = /]* rel=[\"']oembed[\"'][^>]*)>.*?<\/a *>/ig; + if (g = find_a.exec(f[1])) { + var find_href = /href=[\"']([^\"']*)[\"']/ig; + var m2 = find_href.exec(g[1]); + if (m2[1]) { + tof.push(f[0]); + tor.push("[EMBED]" + m2[1] + "[/EMBED]"); + } + } + } + for (var i = 0; i < tof.length; i++) match = match.replace(tof[i], tor[i]); + + return match; + } if (s.indexOf('class="oembed')>=0){ //alert("request oembed html2bbcode"); s = _h2b_cb(s); } - - /* /oembed */ - + + /* /oembed */ + // example: to [b] rep(/(.*?)<\/a>/gi,"[bookmark=$1]$2[/bookmark]"); @@ -111,16 +129,16 @@ rep(//gi,"[img=$3x$2]$1[/img]"); rep(//gi,"[img=$2x$3]$1[/img]"); rep(//gi,"[img]$1[/img]"); - - rep(/
    (.*?)<\/ul>/gi,"[list]$1[/list]"); - rep(/
      (.*?)<\/ul>/gi,"[list=]$1[/list]"); - rep(/
        (.*?)<\/ul>/gi,"[list=1]$1[/list]"); - rep(/
          (.*?)<\/ul>/gi,"[list=i]$1[/list]"); - rep(/
            (.*?)<\/ul>/gi,"[list=I]$1[/list]"); - rep(/
              (.*?)<\/ul>/gi,"[list=a]$1[/list]"); - rep(/
                (.*?)<\/ul>/gi,"[list=A]$1[/list]"); - rep(/
              • (.*?)<\/li>/gi,'[li]$1[/li]'); - + + rep(/
                  (.*?)<\/ul>/gi,"[list]$1[/list]"); + rep(/
                    (.*?)<\/ul>/gi,"[list=]$1[/list]"); + rep(/
                      (.*?)<\/ul>/gi,"[list=1]$1[/list]"); + rep(/
                        (.*?)<\/ul>/gi,"[list=i]$1[/list]"); + rep(/
                          (.*?)<\/ul>/gi,"[list=I]$1[/list]"); + rep(/
                            (.*?)<\/ul>/gi,"[list=a]$1[/list]"); + rep(/
                              (.*?)<\/ul>/gi,"[list=A]$1[/list]"); + rep(/
                            • (.*?)<\/li>/gi,'[li]$1[/li]'); + rep(/(.*?)<\/code>/gi,"[code]$1[/code]"); rep(/<\/(strong|b)>/gi,"[/b]"); rep(/<(strong|b)>/gi,"[b]"); @@ -149,42 +167,42 @@ // BBCode -> HTML from DFRN dialect _dfrn_bbcode2html : function(s) { s = tinymce.trim(s); - - - function rep(re, str) { - - //modify code to keep stuff intact within [code][/code] blocks - //Waitman Gobble NO WARRANTY - - - var o = new Array(); - var x = s.split("[code]"); - var i = 0; - - var si = ""; - si = x.shift(); - si = si.replace(re,str); - o.push(si); - - for (i = 0; i < x.length; i++) { - var no = new Array(); - var j = x.shift(); - var g = j.split("[/code]"); - no.push(g.shift()); - si = g.shift(); - si = si.replace(re,str); - no.push(si); - o.push(no.join("[/code]")); - } - - s = o.join("[code]"); - - }; - - - - - + + + function rep(re, str) { + + //modify code to keep stuff intact within [code][/code] blocks + //Waitman Gobble NO WARRANTY + + + var o = new Array(); + var x = s.split("[code]"); + var i = 0; + + var si = ""; + si = x.shift(); + si = si.replace(re,str); + o.push(si); + + for (i = 0; i < x.length; i++) { + var no = new Array(); + var j = x.shift(); + var g = j.split("[/code]"); + no.push(g.shift()); + si = g.shift(); + si = si.replace(re,str); + no.push(si); + o.push(no.join("[/code]")); + } + + s = o.join("[code]"); + + }; + + + + + // example: [b] to rep(/\n/gi,"
                              "); rep(/\[b\]/gi,""); @@ -193,43 +211,43 @@ rep(/\[\/i\]/gi,""); rep(/\[u\]/gi,""); rep(/\[\/u\]/gi,""); - rep(/\[hr\]/gi,"
                              "); + rep(/\[hr\]/gi,"
                              "); rep(/\[bookmark=([^\]]+)\](.*?)\[\/bookmark\]/gi,"$2"); rep(/\[url=([^\]]+)\](.*?)\[\/url\]/gi,"$2"); rep(/\[url\](.*?)\[\/url\]/gi,"                              $1"); rep(/\[img=(.*?)x(.*?)\](.*?)\[\/img\]/gi,""); rep(/\[img\](.*?)\[\/img\]/gi,""); - - rep(/\[list\](.*?)\[\/list\]/gi, '
                                $1
                              '); - rep(/\[list=\](.*?)\[\/list\]/gi, '
                                $1
                              '); - rep(/\[list=1\](.*?)\[\/list\]/gi, '
                                $1
                              '); - rep(/\[list=i\](.*?)\[\/list\]/gi,'
                                $1
                              '); - rep(/\[list=I\](.*?)\[\/list\]/gi, '
                                $1
                              '); - rep(/\[list=a\](.*?)\[\/list\]/gi, '
                                $1
                              '); - rep(/\[list=A\](.*?)\[\/list\]/gi, '
                                $1
                              '); - rep(/\[li\](.*?)\[\/li\]/gi, '
                            • $1
                              • '); + + rep(/\[list\](.*?)\[\/list\]/gi, '
                                $1
                              '); + rep(/\[list=\](.*?)\[\/list\]/gi, '
                                $1
                              '); + rep(/\[list=1\](.*?)\[\/list\]/gi, '
                                $1
                              '); + rep(/\[list=i\](.*?)\[\/list\]/gi,'
                                $1
                              '); + rep(/\[list=I\](.*?)\[\/list\]/gi, '
                                $1
                              '); + rep(/\[list=a\](.*?)\[\/list\]/gi, '
                                $1
                              '); + rep(/\[list=A\](.*?)\[\/list\]/gi, '
                                $1
                              '); + rep(/\[li\](.*?)\[\/li\]/gi, '
                            • $1
                              • '); rep(/\[color=(.*?)\](.*?)\[\/color\]/gi,"$2"); rep(/\[size=(.*?)\](.*?)\[\/size\]/gi,"$2"); rep(/\[code\](.*?)\[\/code\]/gi,"$1"); rep(/\[quote.*?\](.*?)\[\/quote\]/gi,"
                              $1
                              "); - - /* oembed */ - function _b2h_cb(match, url) { - url = bin2hex(url); - function s_b2h(data) { - match = data; - } - $.ajax({ - url: 'oembed/b2h?url=' + url, - async: false, - success: s_b2h, - dataType: 'html' - }); - return match; - } - s = s.replace(/\[embed\](.*?)\[\/embed\]/gi, _b2h_cb); - - /* /oembed */ + + /* oembed */ + function _b2h_cb(match, url) { + url = bin2hex(url); + function s_b2h(data) { + match = data; + } + $.ajax({ + url: 'oembed/b2h?url=' + url, + async: false, + success: s_b2h, + dataType: 'html' + }); + return match; + } + s = s.replace(/\[embed\](.*?)\[\/embed\]/gi, _b2h_cb); + + /* /oembed */ return s; } diff --git a/mod/admin.php b/mod/admin.php index 93714bb5f..a64b26903 100755 --- a/mod/admin.php +++ b/mod/admin.php @@ -37,7 +37,7 @@ function admin_post(&$a){ $func($a); } } - goaway($a->get_baseurl() . '/admin/plugins/' . $a->argv[2] ); + goaway($a->get_baseurl(true) . '/admin/plugins/' . $a->argv[2] ); return; // NOTREACHED break; case 'logs': @@ -49,7 +49,7 @@ function admin_post(&$a){ } } - goaway($a->get_baseurl() . '/admin' ); + goaway($a->get_baseurl(true) . '/admin' ); return; // NOTREACHED } @@ -68,11 +68,11 @@ function admin_content(&$a) { // array( url, name, extra css classes ) $aside = Array( - 'site' => Array($a->get_baseurl()."/admin/site/", t("Site") , "site"), - 'users' => Array($a->get_baseurl()."/admin/users/", t("Users") , "users"), - 'plugins'=> Array($a->get_baseurl()."/admin/plugins/", t("Plugins") , "plugins"), - 'themes' => Array($a->get_baseurl()."/admin/themes/", t("Themes") , "themes"), - 'update' => Array($a->get_baseurl()."/admin/update/", t("Update") , "update") + 'site' => Array($a->get_baseurl(true)."/admin/site/", t("Site") , "site"), + 'users' => Array($a->get_baseurl(true)."/admin/users/", t("Users") , "users"), + 'plugins'=> Array($a->get_baseurl(true)."/admin/plugins/", t("Plugins") , "plugins"), + 'themes' => Array($a->get_baseurl(true)."/admin/themes/", t("Themes") , "themes"), + 'update' => Array($a->get_baseurl(true)."/admin/update/", t("Update") , "update") ); /* get plugins admin page */ @@ -81,18 +81,18 @@ function admin_content(&$a) { $aside['plugins_admin']=Array(); foreach ($r as $h){ $plugin =$h['name']; - $aside['plugins_admin'][] = Array($a->get_baseurl()."/admin/plugins/".$plugin, $plugin, "plugin"); + $aside['plugins_admin'][] = Array($a->get_baseurl(true)."/admin/plugins/".$plugin, $plugin, "plugin"); // temp plugins with admin $a->plugins_admin[] = $plugin; } - $aside['logs'] = Array($a->get_baseurl()."/admin/logs/", t("Logs"), "logs"); + $aside['logs'] = Array($a->get_baseurl(true)."/admin/logs/", t("Logs"), "logs"); $t = get_markup_template("admin_aside.tpl"); $a->page['aside'] = replace_macros( $t, array( '$admin' => $aside, '$h_pending' => t('User registrations waiting for confirmation'), - '$admurl'=> $a->get_baseurl()."/admin/" + '$admurl'=> $a->get_baseurl(true)."/admin/" )); @@ -151,11 +151,7 @@ function admin_page_summary(&$a) { $r = q("SELECT COUNT(id) as `count` FROM `register`"); $pending = $r[0]['count']; - - - - - + $t = get_markup_template("admin_summary.tpl"); return replace_macros($t, array( '$title' => t('Administration'), @@ -210,7 +206,7 @@ function admin_page_site_post(&$a){ $dfrn_only = ((x($_POST,'dfrn_only')) ? True : False); $ostatus_disabled = !((x($_POST,'ostatus_disabled')) ? True : False); $diaspora_enabled = ((x($_POST,'diaspora_enabled')) ? True : False); - + $ssl_policy = ((x($_POST,'ssl_policy')) ? intval($_POST['ssl_policy']) : 0); set_config('config','sitename',$sitename); if ($banner==""){ @@ -222,6 +218,7 @@ function admin_page_site_post(&$a){ } else { set_config('system','banner', $banner); } + set_config('system','ssl_policy',$ssl_policy); set_config('system','language', $language); set_config('system','theme', $theme); set_config('system','maximagesize', $maximagesize); @@ -258,7 +255,7 @@ function admin_page_site_post(&$a){ set_config('system','diaspora_enabled', $diaspora_enabled); info( t('Site settings updated.') . EOL); - goaway($a->get_baseurl() . '/admin/site' ); + goaway($a->get_baseurl(true) . '/admin/site' ); return; // NOTREACHED } @@ -305,7 +302,13 @@ function admin_page_site(&$a) { REGISTER_APPROVE => t("Requires approval"), REGISTER_OPEN => t("Open") ); - + + $ssl_choices = array( + SSL_POLICY_NONE => t("No SSL policy, links will track page SSL state"), + SSL_POLICY_FULL => t("Force all links to use SSL"), + SSL_POLICY_SELFSIGN => t("Self-signed certificate, use SSL for local links only (discouraged)") + ); + $t = get_markup_template("admin_site.tpl"); return replace_macros($t, array( '$title' => t('Administration'), @@ -316,13 +319,13 @@ function admin_page_site(&$a) { '$corporate' => t('Policies'), '$advanced' => t('Advanced'), - '$baseurl' => $a->get_baseurl(), + '$baseurl' => $a->get_baseurl(true), // name, label, value, help string, extra data... '$sitename' => array('sitename', t("Site name"), htmlentities($a->config['sitename'], ENT_QUOTES), ""), '$banner' => array('banner', t("Banner/Logo"), $banner, ""), '$language' => array('language', t("System language"), get_config('system','language'), "", $lang_choices), '$theme' => array('theme', t("System theme"), get_config('system','theme'), t("Default system theme - may be over-ridden by user profiles"), $theme_choices), - + '$ssl_policy' => array('ssl_policy', t("SSL link policy"), (string) intval(get_config('system','ssl_policy')), t("Determines whether generated links should be forced to use SSL"), $ssl_choices), '$maximagesize' => array('maximagesize', t("Maximum image size"), get_config('system','maximagesize'), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")), '$register_policy' => array('register_policy', t("Register policy"), $a->config['register_policy'], "", $register_choices), @@ -389,7 +392,7 @@ function admin_page_users_post(&$a){ user_deny($hash); } } - goaway($a->get_baseurl() . '/admin/users' ); + goaway($a->get_baseurl(true) . '/admin/users' ); return; // NOTREACHED } @@ -399,7 +402,7 @@ function admin_page_users(&$a){ $user = q("SELECT * FROM `user` WHERE `uid`=%d", intval($uid)); if (count($user)==0){ notice( 'User not found' . EOL); - goaway($a->get_baseurl() . '/admin/users' ); + goaway($a->get_baseurl(true) . '/admin/users' ); return; // NOTREACHED } switch($a->argv[2]){ @@ -418,7 +421,7 @@ function admin_page_users(&$a){ notice( sprintf( ($user[0]['blocked']?t("User '%s' unblocked"):t("User '%s' blocked")) , $user[0]['username']) . EOL); }; break; } - goaway($a->get_baseurl() . '/admin/users' ); + goaway($a->get_baseurl(true) . '/admin/users' ); return; // NOTREACHED } @@ -497,7 +500,7 @@ function admin_page_users(&$a){ // values // - '$baseurl' => $a->get_baseurl(), + '$baseurl' => $a->get_baseurl(true), '$pending' => $pending, '$users' => $users, @@ -536,7 +539,7 @@ function admin_page_plugins(&$a){ info( sprintf( t("Plugin %s enabled."), $plugin ) ); } set_config("system","addon", implode(", ",$a->plugins)); - goaway($a->get_baseurl() . '/admin/plugins' ); + goaway($a->get_baseurl(true) . '/admin/plugins' ); return; // NOTREACHED } // display plugin details @@ -569,7 +572,7 @@ function admin_page_plugins(&$a){ '$page' => t('Plugins'), '$toggle' => t('Toggle'), '$settings' => t('Settings'), - '$baseurl' => $a->get_baseurl(), + '$baseurl' => $a->get_baseurl(true), '$plugin' => $plugin, '$status' => $status, @@ -607,7 +610,7 @@ function admin_page_plugins(&$a){ '$title' => t('Administration'), '$page' => t('Plugins'), '$submit' => t('Submit'), - '$baseurl' => $a->get_baseurl(), + '$baseurl' => $a->get_baseurl(true), '$function' => 'plugins', '$plugins' => $plugins )); @@ -713,7 +716,7 @@ function admin_page_themes(&$a){ info( sprintf('Theme %s disabled.',$theme)); set_config('system','allowed_themes',$s); - goaway($a->get_baseurl() . '/admin/themes' ); + goaway($a->get_baseurl(true) . '/admin/themes' ); return; // NOTREACHED } @@ -742,7 +745,7 @@ function admin_page_themes(&$a){ '$page' => t('Themes'), '$toggle' => t('Toggle'), '$settings' => t('Settings'), - '$baseurl' => $a->get_baseurl(), + '$baseurl' => $a->get_baseurl(true), '$plugin' => $theme, '$status' => $status, @@ -774,7 +777,7 @@ function admin_page_themes(&$a){ '$title' => t('Administration'), '$page' => t('Themes'), '$submit' => t('Submit'), - '$baseurl' => $a->get_baseurl(), + '$baseurl' => $a->get_baseurl(true), '$function' => 'themes', '$plugins' => $xthemes, '$experimental' => t('[Experimental]'), @@ -802,7 +805,7 @@ function admin_page_logs_post(&$a) { } info( t("Log settings updated.") ); - goaway($a->get_baseurl() . '/admin/logs' ); + goaway($a->get_baseurl(true) . '/admin/logs' ); return; // NOTREACHED } @@ -856,7 +859,7 @@ readable."); '$submit' => t('Submit'), '$clear' => t('Clear'), '$data' => $data, - '$baseurl' => $a->get_baseurl(), + '$baseurl' => $a->get_baseurl(true), '$logname' => get_config('system','logfile'), // name, label, value, help string, extra data... @@ -901,7 +904,7 @@ function admin_page_remoteupdate(&$a) { $tpl = get_markup_template("admin_remoteupdate.tpl"); return replace_macros($tpl, array( - '$baseurl' => $a->get_baseurl(), + '$baseurl' => $a->get_baseurl(true), '$submit' => t("Update now"), '$close' => t("Close"), '$localversion' => FRIENDICA_VERSION, diff --git a/mod/contacts.php b/mod/contacts.php index 001bf12af..78c8d4092 100755 --- a/mod/contacts.php +++ b/mod/contacts.php @@ -61,7 +61,7 @@ function contacts_post(&$a) { if(! count($orig_record)) { notice( t('Could not access contact record.') . EOL); - goaway($a->get_baseurl() . '/contacts'); + goaway($a->get_baseurl(true) . '/contacts'); return; // NOTREACHED } @@ -141,7 +141,7 @@ function contacts_content(&$a) { if(! count($orig_record)) { notice( t('Could not access contact record.') . EOL); - goaway($a->get_baseurl() . '/contacts'); + goaway($a->get_baseurl(true) . '/contacts'); return; // NOTREACHED } @@ -149,7 +149,7 @@ function contacts_content(&$a) { // pull feed and consume it, which should subscribe to the hub. proc_run('php',"include/poller.php","$contact_id"); - goaway($a->get_baseurl() . '/contacts/' . $contact_id); + goaway($a->get_baseurl(true) . '/contacts/' . $contact_id); // NOTREACHED } @@ -164,7 +164,7 @@ function contacts_content(&$a) { //notice( t('Contact has been ') . (($blocked) ? t('blocked') : t('unblocked')) . EOL ); info( (($blocked) ? t('Contact has been blocked') : t('Contact has been unblocked')) . EOL ); } - goaway($a->get_baseurl() . '/contacts/' . $contact_id); + goaway($a->get_baseurl(true) . '/contacts/' . $contact_id); return; // NOTREACHED } @@ -178,7 +178,7 @@ function contacts_content(&$a) { if($r) { info( (($readonly) ? t('Contact has been ignored') : t('Contact has been unignored')) . EOL ); } - goaway($a->get_baseurl() . '/contacts/' . $contact_id); + goaway($a->get_baseurl(true) . '/contacts/' . $contact_id); return; // NOTREACHED } @@ -220,9 +220,9 @@ function contacts_content(&$a) { contact_remove($orig_record[0]['id']); info( t('Contact has been removed.') . EOL ); if(x($_SESSION,'return_url')) - goaway($a->get_baseurl() . '/' . $_SESSION['return_url']); + goaway($a->get_baseurl(true) . '/' . $_SESSION['return_url']); else - goaway($a->get_baseurl() . '/contacts'); + goaway($a->get_baseurl(true) . '/contacts'); return; // NOTREACHED } } @@ -233,7 +233,7 @@ function contacts_content(&$a) { $contact = $a->data['contact']; $tpl = get_markup_template('contact_head.tpl'); - $a->page['htmlhead'] .= replace_macros($tpl, array('$baseurl' => $a->get_baseurl())); + $a->page['htmlhead'] .= replace_macros($tpl, array('$baseurl' => $a->get_baseurl(true))); require_once('include/contact_selectors.php'); @@ -295,17 +295,17 @@ function contacts_content(&$a) { $tabs = array( array( 'label' => (($contact['blocked']) ? t('Unblock') : t('Block') ), - 'url' => $a->get_baseurl() . '/contacts/' . $contact_id . '/block', + 'url' => $a->get_baseurl(true) . '/contacts/' . $contact_id . '/block', 'sel' => '', ), array( 'label' => (($contact['readonly']) ? t('Unignore') : t('Ignore') ), - 'url' => $a->get_baseurl() . '/contacts/' . $contact_id . '/ignore', + 'url' => $a->get_baseurl(true) . '/contacts/' . $contact_id . '/ignore', 'sel' => '', ), array( 'label' => t('Repair'), - 'url' => $a->get_baseurl() . '/crepair/' . $contact_id, + 'url' => $a->get_baseurl(true) . '/crepair/' . $contact_id, 'sel' => '', ) ); @@ -322,7 +322,7 @@ function contacts_content(&$a) { '$lbl_info1' => t('Contact Information / Notes'), '$infedit' => t('Edit contact notes'), '$common_text' => $common_text, - '$common_link' => $a->get_baseurl() . '/common/' . $contact['id'], + '$common_link' => $a->get_baseurl(true) . '/common/' . $contact['id'], '$all_friends' => $all_friends, '$relation_text' => $relation_text, '$visit' => sprintf( t('Visit %s\'s profile [%s]'),$contact['name'],$contact['url']), @@ -397,30 +397,30 @@ function contacts_content(&$a) { $tabs = array( array( 'label' => t('All Contacts'), - 'url' => $a->get_baseurl() . '/contacts/all', + 'url' => $a->get_baseurl(true) . '/contacts/all', 'sel' => ($all) ? 'active' : '', ), array( 'label' => t('Unblocked Contacts'), - 'url' => $a->get_baseurl() . '/contacts', + 'url' => $a->get_baseurl(true) . '/contacts', 'sel' => ((! $all) && (! $blocked) && (! $hidden) && (! $search) && (! $nets) && (! $ignored)) ? 'active' : '', ), array( 'label' => t('Blocked Contacts'), - 'url' => $a->get_baseurl() . '/contacts/blocked', + 'url' => $a->get_baseurl(true) . '/contacts/blocked', 'sel' => ($blocked) ? 'active' : '', ), array( 'label' => t('Ignored Contacts'), - 'url' => $a->get_baseurl() . '/contacts/ignored', + 'url' => $a->get_baseurl(true) . '/contacts/ignored', 'sel' => ($ignored) ? 'active' : '', ), array( 'label' => t('Hidden Contacts'), - 'url' => $a->get_baseurl() . '/contacts/hidden', + 'url' => $a->get_baseurl(true) . '/contacts/hidden', 'sel' => ($hidden) ? 'active' : '', ), @@ -445,7 +445,7 @@ function contacts_content(&$a) { $r = q("SELECT COUNT(*) AS `total` FROM `contact` - WHERE `uid` = %d AND `pending` = 0 $sql_extra $sql_extra2 ", + WHERE `uid` = %d AND `self` = 0 AND `pending` = 0 $sql_extra $sql_extra2 ", intval($_SESSION['uid'])); if(count($r)) { $a->set_pager_total($r[0]['total']); @@ -454,7 +454,7 @@ function contacts_content(&$a) { - $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `pending` = 0 $sql_extra $sql_extra2 ORDER BY `name` ASC LIMIT %d , %d ", + $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `pending` = 0 $sql_extra $sql_extra2 ORDER BY `name` ASC LIMIT %d , %d ", intval($_SESSION['uid']), intval($a->pager['start']), intval($a->pager['itemspage']) @@ -465,8 +465,6 @@ function contacts_content(&$a) { if(count($r)) { foreach($r as $rr) { - if($rr['self']) - continue; switch($rr['rel']) { case CONTACT_IS_FRIEND: diff --git a/mod/dfrn_confirm.php b/mod/dfrn_confirm.php index 0bc3ea7df..2f4fb7045 100644 --- a/mod/dfrn_confirm.php +++ b/mod/dfrn_confirm.php @@ -207,6 +207,9 @@ function dfrn_confirm_post(&$a,$handsfree = null) { if($duplex == 1) $params['duplex'] = 1; + if($user['page-flags'] == PAGE_COMMUNITY) + $params['page'] = 1; + logger('dfrn_confirm: Confirm: posting data to ' . $dfrn_confirm . ': ' . print_r($params,true), LOGGER_DATA); /** @@ -522,6 +525,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { $source_url = ((x($_POST,'source_url')) ? hex2bin($_POST['source_url']) : ''); $aes_key = ((x($_POST,'aes_key')) ? $_POST['aes_key'] : ''); $duplex = ((x($_POST,'duplex')) ? intval($_POST['duplex']) : 0 ); + $page = ((x($_POST,'page')) ? intval($_POST['page']) : 0 ); $version_id = ((x($_POST,'dfrn_version')) ? (float) $_POST['dfrn_version'] : 2.0); logger('dfrn_confirm: requestee contacted: ' . $node); @@ -677,6 +681,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { `blocked` = 0, `pending` = 0, `duplex` = %d, + `forum` = %d, `network` = '%s' WHERE `id` = %d LIMIT 1 ", dbesc($photos[0]), @@ -687,6 +692,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { dbesc(datetime_convert()), dbesc(datetime_convert()), intval($duplex), + intval($page), dbesc(NETWORK_DFRN), intval($dfrn_record) ); diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php index 0c0c27e3d..71860ac3b 100755 --- a/mod/dfrn_notify.php +++ b/mod/dfrn_notify.php @@ -14,6 +14,8 @@ function dfrn_notify_post(&$a) { $key = ((x($_POST,'key')) ? $_POST['key'] : ''); $dissolve = ((x($_POST,'dissolve')) ? intval($_POST['dissolve']) : 0); $perm = ((x($_POST,'perm')) ? notags(trim($_POST['perm'])) : 'r'); + $ssl_policy = ((x($_POST,'ssl_policy')) ? notags(trim($_POST['ssl_policy'])): 'none'); + $page = ((x($_POST,'page')) ? intval($_POST['page']) : 0); $writable = (-1); if($dfrn_version >= 2.21) { @@ -86,14 +88,76 @@ function dfrn_notify_post(&$a) { $importer = $r[0]; - if(($writable != (-1)) && ($writable != $importer['writable'])) { - q("UPDATE `contact` SET `writable` = %d WHERE `id` = %d LIMIT 1", - intval($writable), + if((($writable != (-1)) && ($writable != $importer['writable'])) || ($importer['forum'] != $page)) { + q("UPDATE `contact` SET `writable` = %d, forum = %d WHERE `id` = %d LIMIT 1", + intval(($writable == (-1)) ? $importer['writable'] : $writable), + intval($page), intval($importer['id']) ); - $importer['writable'] = $writable; + if($writable != (-1)) + $importer['writable'] = $writable; + $importer['forum'] = $page; } + // if contact's ssl policy changed, update our links + + $ssl_changed = false; + + if($ssl_policy == 'self' && strstr($importer['url'],'https:')) { + $ssl_changed = true; + $importer['url'] = str_replace('https:','http:',$importer['url']); + $importer['nurl'] = normalise_link($importer['url']); + $importer['photo'] = str_replace('https:','http:',$importer['photo']); + $importer['thumb'] = str_replace('https:','http:',$importer['thumb']); + $importer['micro'] = str_replace('https:','http:',$importer['micro']); + $importer['request'] = str_replace('https:','http:',$importer['request']); + $importer['notify'] = str_replace('https:','http:',$importer['notify']); + $importer['poll'] = str_replace('https:','http:',$importer['poll']); + $importer['confirm'] = str_replace('https:','http:',$importer['confirm']); + $importer['poco'] = str_replace('https:','http:',$importer['poco']); + } + + if($ssl_policy == 'full' && strstr($importer['url'],'http:')) { + $ssl_changed = true; + $importer['url'] = str_replace('http:','https:',$importer['url']); + $importer['nurl'] = normalise_link($importer['url']); + $importer['photo'] = str_replace('http:','https:',$importer['photo']); + $importer['thumb'] = str_replace('http:','https:',$importer['thumb']); + $importer['micro'] = str_replace('http:','https:',$importer['micro']); + $importer['request'] = str_replace('http:','https:',$importer['request']); + $importer['notify'] = str_replace('http:','https:',$importer['notify']); + $importer['poll'] = str_replace('http:','https:',$importer['poll']); + $importer['confirm'] = str_replace('http:','https:',$importer['confirm']); + $importer['poco'] = str_replace('http:','https:',$importer['poco']); + } + + if($ssl_changed) { + q("update contact set + url = '%s', + nurl = '%s', + photo = '%s', + thumb = '%s', + micro = '%s', + request = '%s', + notify = '%s', + poll = '%s', + confirm = '%s', + poco = '%s' + where id = %d limit 1", + dbesc($importer['url']), + dbesc($importer['nurl']), + dbesc($importer['photo']), + dbesc($importer['thumb']), + dbesc($importer['micro']), + dbesc($importer['request']), + dbesc($importer['notify']), + dbesc($importer['poll']), + dbesc($importer['confirm']), + dbesc($importer['poco']), + intval($importer['id']) + ); + } + logger('dfrn_notify: received notify from ' . $importer['name'] . ' for ' . $importer['username']); logger('dfrn_notify: data: ' . $data, LOGGER_DATA); diff --git a/mod/dfrn_poll.php b/mod/dfrn_poll.php index b12e07132..fe5cd4906 100755 --- a/mod/dfrn_poll.php +++ b/mod/dfrn_poll.php @@ -199,7 +199,7 @@ function dfrn_poll_post(&$a) { $ptype = ((x($_POST,'type')) ? $_POST['type'] : ''); $dfrn_version = ((x($_POST,'dfrn_version')) ? (float) $_POST['dfrn_version'] : 2.0); $perm = ((x($_POST,'perm')) ? $_POST['perm'] : 'r'); - + if($ptype === 'profile-check') { if((strlen($challenge)) && (strlen($sec))) { @@ -358,8 +358,8 @@ function dfrn_poll_post(&$a) { intval($contact_id) ); } - } - + } + header("Content-type: application/atom+xml"); $o = get_feed_for($a,$dfrn_id, $a->argv[1], $last_update, $direction); echo $o; diff --git a/mod/dfrn_request.php b/mod/dfrn_request.php index bc159137d..c2d37dac7 100755 --- a/mod/dfrn_request.php +++ b/mod/dfrn_request.php @@ -43,7 +43,7 @@ function dfrn_request_post(&$a) { return; - if($_POST['cancel']) { + if(x($_POST, 'cancel')) { goaway(z_root()); } @@ -77,9 +77,10 @@ function dfrn_request_post(&$a) { * Lookup the contact based on their URL (which is the only unique thing we have at the moment) */ - $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `url` = '%s' AND `self` = 0 LIMIT 1", + $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND (`url` = '%s' OR `nurl` = '%s') AND `self` = 0 LIMIT 1", intval(local_user()), - dbesc($dfrn_url) + dbesc($dfrn_url), + dbesc(normalise_link($dfrn_url)) ); if(count($r)) { @@ -666,7 +667,25 @@ function dfrn_request_content(&$a) { $page_desc = sprintf( t('Diaspora members: Please do not use this form. Instead, enter "%s" into your Diaspora search bar.'), $target_addr) . EOL . EOL; - $page_desc .= t("Please enter your 'Identity Address' from one of the following supported social networks:"); + $page_desc .= t("Please enter your 'Identity Address' from one of the following supported communications networks:"); + + // see if we are allowed to have NETWORK_MAIL2 contacts + + $mail_disabled = ((function_exists('imap_open') && (! get_config('system','imap_disabled'))) ? 0 : 1); + if(get_config('system','dfrn_only')) + $mail_disabled = 1; + + if(! $mail_disabled) { + $r = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1", + intval($a->profile['uid']) + ); + if(! count($r)) + $mail_disabled = 1; + } + + $emailnet = (($mail_disabled) ? '' : t("Connect as an email follower \x28Coming soon\x29")); + + $invite_desc = t('If you are not yet a member of the free social web, follow this link to find a public Friendica site and join us today.'); $o .= replace_macros($tpl,array( '$header' => t('Friend/Connection Request'), @@ -682,6 +701,8 @@ function dfrn_request_content(&$a) { '$diaspora' => t('Diaspora'), '$diasnote' => t('- please share from your own site as noted above'), '$your_address' => t('Your Identity Address:'), + '$invite_desc' => $invite_desc, + '$emailnet' => $emailnet, '$submit' => t('Submit Request'), '$cancel' => t('Cancel'), '$nickname' => $a->argv[1], diff --git a/mod/directory.php b/mod/directory.php index 962188945..7f18bd026 100755 --- a/mod/directory.php +++ b/mod/directory.php @@ -25,10 +25,6 @@ function directory_post(&$a) { function directory_content(&$a) { - $everything = (($a->argc > 1 && $a->argv[1] === 'all' && is_site_admin()) ? true : false); - if(x($_SESSION,'submanage') && intval($_SESSION['submanage'])) - $everything = false; - if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) { notice( t('Public access denied.') . EOL); return; @@ -52,12 +48,6 @@ function directory_content(&$a) { } $admin = ''; - if(is_site_admin()) { - if($everything) - $admin = ''; - else - $admin = ''; - } $o .= replace_macros($tpl, array( '$search' => $search, @@ -73,17 +63,14 @@ function directory_content(&$a) { $search = dbesc($search); $sql_extra = ((strlen($search)) ? " AND MATCH (`profile`.`name`, `user`.`nickname`, `pdesc`, `locality`,`region`,`country-name`,`gender`,`marital`,`sexual`,`about`,`romance`,`work`,`education`,`pub_keywords`,`prv_keywords` ) AGAINST ('$search' IN BOOLEAN MODE) " : ""); - $publish = ((get_config('system','publish_all') || $everything) ? '' : " AND `publish` = 1 " ); + $publish = ((get_config('system','publish_all')) ? '' : " AND `publish` = 1 " ); $r = q("SELECT COUNT(*) AS `total` FROM `profile` LEFT JOIN `user` ON `user`.`uid` = `profile`.`uid` WHERE `is-default` = 1 $publish AND `user`.`blocked` = 0 $sql_extra "); if(count($r)) $a->set_pager_total($r[0]['total']); - if($everything) - $order = " ORDER BY `register_date` DESC "; - else - $order = " ORDER BY `name` ASC "; + $order = " ORDER BY `name` ASC "; $r = q("SELECT `profile`.*, `profile`.`uid` AS `profile_uid`, `user`.`nickname`, `user`.`timezone` FROM `profile` LEFT JOIN `user` ON `user`.`uid` = `profile`.`uid` WHERE `is-default` = 1 $publish AND `user`.`blocked` = 0 $sql_extra $order LIMIT %d , %d ", diff --git a/mod/display.php b/mod/display.php index f428149e8..81ed174ac 100755 --- a/mod/display.php +++ b/mod/display.php @@ -16,7 +16,15 @@ function display_content(&$a) { $o = '
                              ' . "\r\n"; - $a->page['htmlhead'] .= ''; + $a->page['htmlhead'] .= << +$(document).ready(function() { + $(".comment-edit-wrapper textarea").contact_autocomplete(baseurl+"/acl"); + // make auto-complete work in more places + $(".wall-item-comment-wrapper textarea").contact_autocomplete(baseurl+"/acl"); +}); + +EOT; $nick = (($a->argc > 1) ? $a->argv[1] : ''); diff --git a/mod/filer.php b/mod/filer.php new file mode 100755 index 000000000..a9e213536 --- /dev/null +++ b/mod/filer.php @@ -0,0 +1,23 @@ +argc > 1) ? notags(trim($a->argv[1])) : 0); + + logger('filer: tag ' . $term . ' item ' . $item_id); + + if($item_id && strlen($term)) + file_tag_save_file(local_user(),$item_id,$term); + + killme(); +} diff --git a/mod/filerm.php b/mod/filerm.php new file mode 100644 index 000000000..66b684dc9 --- /dev/null +++ b/mod/filerm.php @@ -0,0 +1,21 @@ +argc > 1) ? notags(trim($a->argv[1])) : 0); + + logger('filerm: tag ' . $term . ' item ' . $item_id); + + if($item_id && strlen($term)) + file_tag_unsave_file(local_user(),$item_id,$term); + + if(x($_SESSION,'return_url')) + goaway($a->get_baseurl() . '/' . $_SESSION['return_url']); + + killme(); +} diff --git a/mod/group.php b/mod/group.php index 13401ef0d..a282dbccf 100755 --- a/mod/group.php +++ b/mod/group.php @@ -21,6 +21,8 @@ function group_post(&$a) { } if(($a->argc == 2) && ($a->argv[1] === 'new')) { + check_form_security_token_redirectOnErr('/group/new', 'group_edit'); + $name = notags(trim($_POST['groupname'])); $r = group_add(local_user(),$name); if($r) { @@ -35,6 +37,8 @@ function group_post(&$a) { return; // NOTREACHED } if(($a->argc == 2) && (intval($a->argv[1]))) { + check_form_security_token_redirectOnErr('/group', 'group_edit'); + $r = q("SELECT * FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($a->argv[1]), intval(local_user()) @@ -62,7 +66,8 @@ function group_post(&$a) { } function group_content(&$a) { - + $change = false; + if(! local_user()) { notice( t('Permission denied') . EOL); return; @@ -83,14 +88,17 @@ function group_content(&$a) { return replace_macros($tpl, $context + array( '$title' => t('Create a group of contacts/friends.'), - '$gname' => array('groupname',t('Group Name: '),$group['name'], ''), + '$gname' => array('groupname',t('Group Name: '), '', ''), '$gid' => 'new', + '$form_security_token' => get_form_security_token("group_edit"), )); } if(($a->argc == 3) && ($a->argv[1] === 'drop')) { + check_form_security_token_redirectOnErr('/group', 'group_drop', 't'); + if(intval($a->argv[2])) { $r = q("SELECT `name` FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($a->argv[2]), @@ -108,6 +116,8 @@ function group_content(&$a) { } if(($a->argc > 2) && intval($a->argv[1]) && intval($a->argv[2])) { + check_form_security_token_ForbiddenOnErr('group_member_change', 't'); + $r = q("SELECT `id` FROM `contact` WHERE `id` = %d AND `uid` = %d and `self` = 0 and `blocked` = 0 AND `pending` = 0 LIMIT 1", intval($a->argv[2]), intval(local_user()) @@ -155,7 +165,8 @@ function group_content(&$a) { $drop_tpl = get_markup_template('group_drop.tpl'); $drop_txt = replace_macros($drop_tpl, array( '$id' => $group['id'], - '$delete' => t('Delete') + '$delete' => t('Delete'), + '$form_security_token' => get_form_security_token("group_drop"), )); $celeb = ((($a->user['page-flags'] == PAGE_SOAPBOX) || ($a->user['page-flags'] == PAGE_COMMUNITY)) ? true : false); @@ -166,6 +177,7 @@ function group_content(&$a) { '$gname' => array('groupname',t('Group Name: '),$group['name'], ''), '$gid' => $group['id'], '$drop' => $drop_txt, + '$form_security_token' => get_form_security_token('group_edit'), ); } @@ -177,14 +189,14 @@ function group_content(&$a) { 'label_members' => t('Members'), 'members' => array(), 'label_contacts' => t('All Contacts'), - 'contacts' => arraY(), + 'contacts' => array(), ); - + $sec_token = addslashes(get_form_security_token('group_member_change')); $textmode = (($switchtotext && (count($members) > $switchtotext)) ? true : false); foreach($members as $member) { if($member['url']) { - $member['click'] = 'groupChangeMember(' . $group['id'] . ',' . $member['id'] . '); return true;'; + $member['click'] = 'groupChangeMember(' . $group['id'] . ',' . $member['id'] . ',\'' . $sec_token . '\'); return true;'; $groupeditor['members'][] = micropro($member,true,'mpgroup', $textmode); } else @@ -199,7 +211,7 @@ function group_content(&$a) { $textmode = (($switchtotext && (count($r) > $switchtotext)) ? true : false); foreach($r as $member) { if(! in_array($member['id'],$preselected)) { - $member['click'] = 'groupChangeMember(' . $group['id'] . ',' . $member['id'] . '); return true;'; + $member['click'] = 'groupChangeMember(' . $group['id'] . ',' . $member['id'] . ',\'' . $sec_token . '\'); return true;'; $groupeditor['contacts'][] = micropro($member,true,'mpall', $textmode); } } diff --git a/mod/item.php b/mod/item.php index 81d7c753b..fe570075f 100755 --- a/mod/item.php +++ b/mod/item.php @@ -425,110 +425,7 @@ function item_post(&$a) { if(count($tags)) { foreach($tags as $tag) { - - if(isset($profile)) - unset($profile); - if(strpos($tag,'#') === 0) { - if(strpos($tag,'[url=')) - continue; - $basetag = str_replace('_',' ',substr($tag,1)); - $body = str_replace($tag,'#[url=' . $a->get_baseurl() . '/search?search=' . rawurlencode($basetag) . ']' . $basetag . '[/url]',$body); - - $newtag = '#[url=' . $a->get_baseurl() . '/search?search=' . rawurlencode($basetag) . ']' . $basetag . '[/url]'; - if(! stristr($str_tags,$newtag)) { - if(strlen($str_tags)) - $str_tags .= ','; - $str_tags .= $newtag; - } - continue; - } - if(strpos($tag,'@') === 0) { - if(strpos($tag,'[url=')) - continue; - $stat = false; - $name = substr($tag,1); - if((strpos($name,'@')) || (strpos($name,'http://'))) { - $newname = $name; - $links = @lrdd($name); - if(count($links)) { - foreach($links as $link) { - if($link['@attributes']['rel'] === 'http://webfinger.net/rel/profile-page') - $profile = $link['@attributes']['href']; - if($link['@attributes']['rel'] === 'salmon') { - if(strlen($inform)) - $inform .= ','; - $inform .= 'url:' . str_replace(',','%2c',$link['@attributes']['href']); - } - } - } - } - else { - $newname = $name; - $alias = ''; - $tagcid = 0; - if(strrpos($newname,'+')) { - $tagcid = intval(substr($newname,strrpos($newname,'+') + 1)); - if(strpos($name,' ')) - $name = substr($name,0,strpos($name,' ')); - } - if($tagcid) { - $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", - intval($tagcid), - intval($profile_uid) - ); - } - elseif(strstr($name,'_') || strstr($name,' ')) { - $newname = str_replace('_',' ',$name); - $r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `uid` = %d LIMIT 1", - dbesc($newname), - intval($profile_uid) - ); - } - else { - $r = q("SELECT * FROM `contact` WHERE `attag` = '%s' OR `nick` = '%s' AND `uid` = %d ORDER BY `attag` DESC LIMIT 1", - dbesc($name), - dbesc($name), - intval($profile_uid) - ); - } - if(count($r)) { - $profile = $r[0]['url']; - if($r[0]['network'] === 'stat') { - $newname = $r[0]['nick']; - $stat = true; - if($r[0]['alias']) - $alias = $r[0]['alias']; - } - else - $newname = $r[0]['name']; - if(strlen($inform)) - $inform .= ','; - $inform .= 'cid:' . $r[0]['id']; - } - } - if($profile) { - $body = str_replace('@' . $name, '@' . '[url=' . $profile . ']' . $newname . '[/url]', $body); - $profile = str_replace(',','%2c',$profile); - $newtag = '@[url=' . $profile . ']' . $newname . '[/url]'; - if(! stristr($str_tags,$newtag)) { - if(strlen($str_tags)) - $str_tags .= ','; - $str_tags .= $newtag; - } - - // Status.Net seems to require the numeric ID URL in a mention if the person isn't - // subscribed to you. But the nickname URL is OK if they are. Grrr. We'll tag both. - - if(strlen($alias)) { - $newtag = '@[url=' . $alias . ']' . $newname . '[/url]'; - if(! stristr($str_tags,$newtag)) { - if(strlen($str_tags)) - $str_tags .= ','; - $str_tags .= $newtag; - } - } - } - } + handle_tag($a, $body, $inform, $str_tags, $profile_uid, $tag); } } @@ -627,7 +524,7 @@ function item_post(&$a) { if($preview) { require_once('include/conversation.php'); - $o = conversation(&$a,array(array_merge($contact_record,$datarray)),'search',false,true); + $o = conversation($a,array(array_merge($contact_record,$datarray)),'search',false,true); logger('preview: ' . $o); echo json_encode(array('preview' => $o)); killme(); @@ -922,3 +819,142 @@ function item_content(&$a) { drop_item($a->argv[2]); } } + +/** + * This function removes the tag $tag from the text $body and replaces it with + * the appropiate link. + * + * @param unknown_type $body the text to replace the tag in + * @param unknown_type $inform a comma-seperated string containing everybody to inform + * @param unknown_type $str_tags string to add the tag to + * @param unknown_type $profile_uid + * @param unknown_type $tag the tag to replace + */ +function handle_tag($a, &$body, &$inform, &$str_tags, $profile_uid, $tag) { + //is it a hash tag? + if(strpos($tag,'#') === 0) { + //if the tag is replaced... + if(strpos($tag,'[url=')) + //...do nothing + return; + //base tag has the tags name only + $basetag = str_replace('_',' ',substr($tag,1)); + //create text for link + $newtag = '#[url=' . $a->get_baseurl() . '/search?search=' . rawurlencode($basetag) . ']' . $basetag . '[/url]'; + //replace tag by the link + $body = str_replace($tag, $newtag, $body); + + //is the link already in str_tags? + if(! stristr($str_tags,$newtag)) { + //append or set str_tags + if(strlen($str_tags)) + $str_tags .= ','; + $str_tags .= $newtag; + } + return; + } + //is it a person tag? + if(strpos($tag,'@') === 0) { + //is it already replaced? + if(strpos($tag,'[url=')) + return; + $stat = false; + //get the person's name + $name = substr($tag,1); + //is it a link or a full dfrn address? + if((strpos($name,'@')) || (strpos($name,'http://'))) { + $newname = $name; + //get the profile links + $links = @lrdd($name); + if(count($links)) { + //for all links, collect how is to inform and how's profile is to link + foreach($links as $link) { + if($link['@attributes']['rel'] === 'http://webfinger.net/rel/profile-page') + $profile = $link['@attributes']['href']; + if($link['@attributes']['rel'] === 'salmon') { + if(strlen($inform)) + $inform .= ','; + $inform .= 'url:' . str_replace(',','%2c',$link['@attributes']['href']); + } + } + } + } else { //if it is a name rather than an address + $newname = $name; + $alias = ''; + $tagcid = 0; + //is it some generated name? + if(strrpos($newname,'+')) { + //get the id + $tagcid = intval(substr($newname,strrpos($newname,'+') + 1)); + //remove the next word from tag's name + if(strpos($name,' ')) { + $name = substr($name,0,strpos($name,' ')); + } + } + if($tagcid) { //if there was an id + //select contact with that id from the logged in user's contact list + $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", + intval($tagcid), + intval($profile_uid) + ); + } elseif(strstr($name,'_') || strstr($name,' ')) { //no id + //get the real name + $newname = str_replace('_',' ',$name); + //select someone from this user's contacts by name + $r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `uid` = %d LIMIT 1", + dbesc($newname), + intval($profile_uid) + ); + } else { + //select someone by attag or nick and the name passed in + $r = q("SELECT * FROM `contact` WHERE `attag` = '%s' OR `nick` = '%s' AND `uid` = %d ORDER BY `attag` DESC LIMIT 1", + dbesc($name), + dbesc($name), + intval($profile_uid) + ); + } + //$r is set, if someone could be selected + if(count($r)) { + $profile = $r[0]['url']; + //set newname to nick, find alias + if($r[0]['network'] === 'stat') { + $newname = $r[0]['nick']; + $stat = true; + if($r[0]['alias']) + $alias = $r[0]['alias']; + } + else + $newname = $r[0]['name']; + //add person's id to $inform + if(strlen($inform)) + $inform .= ','; + $inform .= 'cid:' . $r[0]['id']; + } + } + //if there is an url for this persons profile + if(isset($profile)) { + //create profile link + $profile = str_replace(',','%2c',$profile); + $newtag = '@[url=' . $profile . ']' . $newname . '[/url]'; + $body = str_replace('@' . $name, $newtag, $body); + //append tag to str_tags + if(! stristr($str_tags,$newtag)) { + if(strlen($str_tags)) + $str_tags .= ','; + $str_tags .= $newtag; + } + + // Status.Net seems to require the numeric ID URL in a mention if the person isn't + // subscribed to you. But the nickname URL is OK if they are. Grrr. We'll tag both. + + if(strlen($alias)) { + $newtag = '@[url=' . $alias . ']' . $newname . '[/url]'; + if(! stristr($str_tags,$newtag)) { + if(strlen($str_tags)) + $str_tags .= ','; + $str_tags .= $newtag; + } + } + } + } +} diff --git a/mod/manage.php b/mod/manage.php index ec4dcd8a0..84dfa6917 100755 --- a/mod/manage.php +++ b/mod/manage.php @@ -74,7 +74,7 @@ function manage_post(&$a) { if($limited_id) $_SESSION['submanage'] = $original_id; - goaway($a->get_baseurl() . '/profile/' . $a->user['nickname']); + goaway($a->get_baseurl(true) . '/profile/' . $a->user['nickname']); // NOTREACHED } diff --git a/mod/message.php b/mod/message.php index 57d45ee3c..0907abd77 100755 --- a/mod/message.php +++ b/mod/message.php @@ -56,23 +56,23 @@ function message_content(&$a) { return; } - $myprofile = $a->get_baseurl() . '/profile/' . $a->user['nickname']; + $myprofile = $a->get_baseurl(true) . '/profile/' . $a->user['nickname']; $tabs = array( array( 'label' => t('Inbox'), - 'url'=> $a->get_baseurl() . '/message', + 'url'=> $a->get_baseurl(true) . '/message', 'sel'=> (($a->argc == 1) ? 'active' : ''), ), array( 'label' => t('Outbox'), - 'url' => $a->get_baseurl() . '/message/sent', + 'url' => $a->get_baseurl(true) . '/message/sent', 'sel'=> (($a->argv[1] == 'sent') ? 'active' : ''), ), array( 'label' => t('New Message'), - 'url' => $a->get_baseurl() . '/message/new', + 'url' => $a->get_baseurl(true) . '/message/new', 'sel'=> (($a->argv[1] == 'new') ? 'active' : ''), ), ); @@ -99,7 +99,7 @@ function message_content(&$a) { if($r) { info( t('Message deleted.') . EOL ); } - goaway($a->get_baseurl() . '/message' ); + goaway($a->get_baseurl(true) . '/message' ); } else { $r = q("SELECT `parent-uri`,`convid` FROM `mail` WHERE `id` = %d AND `uid` = %d LIMIT 1", @@ -129,7 +129,7 @@ function message_content(&$a) { if($r) info( t('Conversation removed.') . EOL ); } - goaway($a->get_baseurl() . '/message' ); + goaway($a->get_baseurl(true) . '/message' ); } } @@ -146,7 +146,7 @@ function message_content(&$a) { $tpl = get_markup_template('msg-header.tpl'); $a->page['htmlhead'] .= replace_macros($tpl, array( - '$baseurl' => $a->get_baseurl(), + '$baseurl' => $a->get_baseurl(true), '$editselect' => (($plaintext) ? 'none' : '/(profile-jot-text|prvmail-text)/'), '$nickname' => $a->user['nickname'], '$linkurl' => t('Please enter a link URL:') @@ -154,7 +154,7 @@ function message_content(&$a) { $preselect = (isset($a->argv[2])?array($a->argv[2]):false); - $select = contact_select('messageto','message-to-select', $preselect, 4, true); + $select = contact_select('messageto','message-to-select', $preselect, 4, true, false, false, 10); $tpl = get_markup_template('prv_message.tpl'); $o .= replace_macros($tpl,array( '$header' => t('Send Private Message'), @@ -192,9 +192,9 @@ function message_content(&$a) { $a->set_pager_total($r[0]['total']); $r = q("SELECT max(`mail`.`created`) AS `mailcreated`, min(`mail`.`seen`) AS `mailseen`, - `mail`.* , `contact`.`name`, `contact`.`url`, `contact`.`thumb` + `mail`.* , `contact`.`name`, `contact`.`url`, `contact`.`thumb` , `contact`.`network` FROM `mail` LEFT JOIN `contact` ON `mail`.`contact-id` = `contact`.`id` - WHERE `mail`.`uid` = %d AND `from-url` $eq '%s' GROUP BY `parent-uri` ORDER BY `created` DESC LIMIT %d , %d ", + WHERE `mail`.`uid` = %d AND `from-url` $eq '%s' GROUP BY `parent-uri` ORDER BY `mailcreated` DESC LIMIT %d , %d ", intval(local_user()), dbesc($myprofile), intval($a->pager['start']), @@ -210,7 +210,7 @@ function message_content(&$a) { $o .= replace_macros($tpl, array( '$id' => $rr['id'], '$from_name' =>$rr['from-name'], - '$from_url' => (($rr['network'] === NETWORK_DFRN) ? $a->get_baseurl() . '/redir/' . $rr['contact-id'] : $rr['url']), + '$from_url' => (($rr['network'] === NETWORK_DFRN) ? $a->get_baseurl(true) . '/redir/' . $rr['contact-id'] : $rr['url']), '$sparkle' => ' sparkle', '$from_photo' => $rr['thumb'], '$subject' => template_escape((($rr['mailseen']) ? $rr['title'] : '' . $rr['title'] . '')), @@ -267,7 +267,7 @@ function message_content(&$a) { $a->page['htmlhead'] .= replace_macros($tpl, array( '$nickname' => $a->user['nickname'], - '$baseurl' => $a->get_baseurl() + '$baseurl' => $a->get_baseurl(true) )); @@ -278,7 +278,7 @@ function message_content(&$a) { $sparkle = ''; } else { - $from_url = $a->get_baseurl() . '/redir/' . $message['contact-id']; + $from_url = $a->get_baseurl(true) . '/redir/' . $message['contact-id']; $sparkle = ' sparkle'; } $o .= replace_macros($tpl, array( diff --git a/mod/network.php b/mod/network.php index 861b5ab73..9ec8c23b5 100755 --- a/mod/network.php +++ b/mod/network.php @@ -44,13 +44,16 @@ function network_init(&$a) { } $a->page['aside'] .= group_side('network','network',true,$group_id); - $a->page['aside'] .= networks_widget($a->get_baseurl() . '/network',(($_GET['nets']) ? $_GET['nets'] : '')); + $a->page['aside'] .= networks_widget($a->get_baseurl(true) . '/network',(x($_GET, 'nets') ? $_GET['nets'] : '')); $a->page['aside'] .= saved_searches($search); + $a->page['aside'] .= fileas_widget($a->get_baseurl(true) . '/network',(x($_GET, 'file') ? $_GET['file'] : '')); } function saved_searches($search) { + $a = get_app(); + $srchurl = '/network?f=' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : '') . ((x($_GET,'star')) ? '&star=' . $_GET['star'] : '') @@ -132,15 +135,15 @@ function network_content(&$a, $update = 0) { $starred_active = 'active'; } - if($_GET['bmark']) { + if(x($_GET,'bmark')) { $bookmarked_active = 'active'; } - if($_GET['conv']) { + if(x($_GET,'conv')) { $conv_active = 'active'; } - if($_GET['spam']) { + if(x($_GET,'spam')) { $spam_active = 'active'; } @@ -166,38 +169,38 @@ function network_content(&$a, $update = 0) { $tabs = array( array( 'label' => t('Commented Order'), - 'url'=>$a->get_baseurl() . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '?f=&cid=' . $_GET['cid'] : ''), + 'url'=>$a->get_baseurl(true) . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '?f=&cid=' . $_GET['cid'] : ''), 'sel'=>$all_active, ), array( 'label' => t('Posted Order'), - 'url'=>$a->get_baseurl() . '/' . str_replace('/new', '', $a->cmd) . '?f=&order=post' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : ''), + 'url'=>$a->get_baseurl(true) . '/' . str_replace('/new', '', $a->cmd) . '?f=&order=post' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : ''), 'sel'=>$postord_active, ), array( 'label' => t('Personal'), - 'url' => $a->get_baseurl() . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&conv=1', + 'url' => $a->get_baseurl(true) . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&conv=1', 'sel' => $conv_active, ), array( 'label' => t('New'), - 'url' => $a->get_baseurl() . '/' . str_replace('/new', '', $a->cmd) . '/new' . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : ''), + 'url' => $a->get_baseurl(true) . '/' . str_replace('/new', '', $a->cmd) . '/new' . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : ''), 'sel' => $new_active, ), array( 'label' => t('Starred'), - 'url'=>$a->get_baseurl() . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&star=1', + 'url'=>$a->get_baseurl(true) . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&star=1', 'sel'=>$starred_active, ), array( - 'label' => t('Bookmarks'), - 'url'=>$a->get_baseurl() . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&bmark=1', + 'label' => t('Shared Links'), + 'url'=>$a->get_baseurl(true) . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&bmark=1', 'sel'=>$bookmarked_active, ), // array( // 'label' => t('Spam'), -// 'url'=>$a->get_baseurl() . '/network?f=&spam=1' +// 'url'=>$a->get_baseurl(true) . '/network?f=&spam=1' // 'sel'=> $spam_active, // ), @@ -248,7 +251,7 @@ function network_content(&$a, $update = 0) { $def_acl = array('allow_cid' => '<' . intval($cid) . '>'); if(! $update) { - if(group) { + if($group) { if(($t = group_public_members($group)) && (! get_pconfig(local_user(),'system','nowarn_insecure'))) { notice( sprintf( tt('Warning: This group contains %s member from an insecure network.', 'Warning: This group contains %s members from an insecure network.', @@ -299,7 +302,7 @@ function network_content(&$a, $update = 0) { if($update) killme(); notice( t('No such group') . EOL ); - goaway($a->get_baseurl() . '/network'); + goaway($a->get_baseurl(true) . '/network'); // NOTREACHED } @@ -331,7 +334,7 @@ function network_content(&$a, $update = 0) { } else { notice( t('Invalid contact.') . EOL); - goaway($a->get_baseurl() . '/network'); + goaway($a->get_baseurl(true) . '/network'); // NOTREACHED } } @@ -498,7 +501,9 @@ function network_content(&$a, $update = 0) { $items = conv_sort($items,$ordering); - } + } else { + $items = array(); + } } diff --git a/mod/notifications.php b/mod/notifications.php index 99031a1d5..d478b5163 100755 --- a/mod/notifications.php +++ b/mod/notifications.php @@ -42,12 +42,12 @@ function notifications_post(&$a) { intval(local_user()) ); } - goaway($a->get_baseurl() . '/notifications/intros'); + goaway($a->get_baseurl(true) . '/notifications/intros'); } if($_POST['submit'] == t('Ignore')) { $r = q("UPDATE `intro` SET `ignore` = 1 WHERE `id` = %d LIMIT 1", intval($intro_id)); - goaway($a->get_baseurl() . '/notifications/intros'); + goaway($a->get_baseurl(true) . '/notifications/intros'); } } } @@ -69,32 +69,32 @@ function notifications_content(&$a) { $tabs = array( array( 'label' => t('System'), - 'url'=>$a->get_baseurl() . '/notifications/system', + 'url'=>$a->get_baseurl(true) . '/notifications/system', 'sel'=> (($a->argv[1] == 'system') ? 'active' : ''), ), array( 'label' => t('Network'), - 'url'=>$a->get_baseurl() . '/notifications/network', + 'url'=>$a->get_baseurl(true) . '/notifications/network', 'sel'=> (($a->argv[1] == 'network') ? 'active' : ''), ), array( 'label' => t('Personal'), - 'url'=>$a->get_baseurl() . '/notifications/personal', + 'url'=>$a->get_baseurl(true) . '/notifications/personal', 'sel'=> (($a->argv[1] == 'personal') ? 'active' : ''), ), array( 'label' => t('Home'), - 'url' => $a->get_baseurl() . '/notifications/home', + 'url' => $a->get_baseurl(true) . '/notifications/home', 'sel'=> (($a->argv[1] == 'home') ? 'active' : ''), ), array( 'label' => t('Introductions'), - 'url' => $a->get_baseurl() . '/notifications/intros', + 'url' => $a->get_baseurl(true) . '/notifications/intros', 'sel'=> (($a->argv[1] == 'intros') ? 'active' : ''), ), array( 'label' => t('Messages'), - 'url' => $a->get_baseurl() . '/message', + 'url' => $a->get_baseurl(true) . '/message', 'sel'=> '', ), ); @@ -244,7 +244,7 @@ function notifications_content(&$a) { switch($it['verb']){ case ACTIVITY_LIKE: $notif_content .= replace_macros($tpl_item_likes,array( - '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'], + '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'], '$item_image' => $it['author-avatar'], '$item_text' => sprintf( t("%s liked %s's post"), $it['author-name'], $it['pname']), '$item_when' => relative_date($it['created']) @@ -253,7 +253,7 @@ function notifications_content(&$a) { case ACTIVITY_DISLIKE: $notif_content .= replace_macros($tpl_item_dislikes,array( - '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'], + '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'], '$item_image' => $it['author-avatar'], '$item_text' => sprintf( t("%s disliked %s's post"), $it['author-name'], $it['pname']), '$item_when' => relative_date($it['created']) @@ -267,7 +267,7 @@ function notifications_content(&$a) { $it['fname'] = $obj->title; $notif_content .= replace_macros($tpl_item_friends,array( - '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'], + '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'], '$item_image' => $it['author-avatar'], '$item_text' => sprintf( t("%s is now friends with %s"), $it['author-name'], $it['fname']), '$item_when' => relative_date($it['created']) @@ -281,7 +281,7 @@ function notifications_content(&$a) { $tpl = (($it['id'] == $it['parent']) ? $tpl_item_posts : $tpl_item_comments); $notif_content .= replace_macros($tpl,array( - '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'], + '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'], '$item_image' => $it['author-avatar'], '$item_text' => $item_text, '$item_when' => relative_date($it['created']) @@ -314,7 +314,7 @@ function notifications_content(&$a) { if (count($r) > 0) { foreach ($r as $it) { $notif_content .= replace_macros($not_tpl,array( - '$item_link' => $a->get_baseurl().'/notify/view/'. $it['id'], + '$item_link' => $a->get_baseurl(true).'/notify/view/'. $it['id'], '$item_image' => $it['photo'], '$item_text' => strip_tags(bbcode($it['msg'])), '$item_when' => relative_date($it['date']) @@ -334,7 +334,7 @@ function notifications_content(&$a) { $notif_tpl = get_markup_template('notifications.tpl'); - $myurl = $a->get_baseurl() . '/profile/'. $a->user['nickname']; + $myurl = $a->get_baseurl(true) . '/profile/'. $a->user['nickname']; $myurl = substr($myurl,strpos($myurl,'://')+3); $myurl = str_replace(array('www.','.'),array('','\\.'),$myurl); $diasp_url = str_replace('/profile/','/u/',$myurl); @@ -369,7 +369,7 @@ function notifications_content(&$a) { switch($it['verb']){ case ACTIVITY_LIKE: $notif_content .= replace_macros($tpl_item_likes,array( - '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'], + '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'], '$item_image' => $it['author-avatar'], '$item_text' => sprintf( t("%s liked %s's post"), $it['author-name'], $it['pname']), '$item_when' => relative_date($it['created']) @@ -378,7 +378,7 @@ function notifications_content(&$a) { case ACTIVITY_DISLIKE: $notif_content .= replace_macros($tpl_item_dislikes,array( - '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'], + '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'], '$item_image' => $it['author-avatar'], '$item_text' => sprintf( t("%s disliked %s's post"), $it['author-name'], $it['pname']), '$item_when' => relative_date($it['created']) @@ -392,7 +392,7 @@ function notifications_content(&$a) { $it['fname'] = $obj->title; $notif_content .= replace_macros($tpl_item_friends,array( - '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'], + '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'], '$item_image' => $it['author-avatar'], '$item_text' => sprintf( t("%s is now friends with %s"), $it['author-name'], $it['fname']), '$item_when' => relative_date($it['created']) @@ -406,7 +406,7 @@ function notifications_content(&$a) { $tpl = (($it['id'] == $it['parent']) ? $tpl_item_posts : $tpl_item_comments); $notif_content .= replace_macros($tpl,array( - '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'], + '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'], '$item_image' => $it['author-avatar'], '$item_text' => $item_text, '$item_when' => relative_date($it['created']) @@ -456,7 +456,7 @@ function notifications_content(&$a) { switch($it['verb']){ case ACTIVITY_LIKE: $notif_content .= replace_macros($tpl_item_likes,array( - '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'], + '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'], '$item_image' => $it['author-avatar'], '$item_text' => sprintf( t("%s liked %s's post"), $it['author-name'], $it['pname']), '$item_when' => relative_date($it['created']) @@ -465,7 +465,7 @@ function notifications_content(&$a) { break; case ACTIVITY_DISLIKE: $notif_content .= replace_macros($tpl_item_dislikes,array( - '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'], + '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'], '$item_image' => $it['author-avatar'], '$item_text' => sprintf( t("%s disliked %s's post"), $it['author-name'], $it['pname']), '$item_when' => relative_date($it['created']) @@ -479,7 +479,7 @@ function notifications_content(&$a) { $it['fname'] = $obj->title; $notif_content .= replace_macros($tpl_item_friends,array( - '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'], + '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'], '$item_image' => $it['author-avatar'], '$item_text' => sprintf( t("%s is now friends with %s"), $it['author-name'], $it['fname']), '$item_when' => relative_date($it['created']) @@ -488,7 +488,7 @@ function notifications_content(&$a) { break; default: $notif_content .= replace_macros($tpl_item_comments,array( - '$item_link' => $a->get_baseurl().'/display/'.$a->user['nickname']."/".$it['parent'], + '$item_link' => $a->get_baseurl(true).'/display/'.$a->user['nickname']."/".$it['parent'], '$item_image' => $it['author-avatar'], '$item_text' => sprintf( t("%s commented on %s's post"), $it['author-name'], $it['pname']), '$item_when' => relative_date($it['created']) diff --git a/mod/notify.php b/mod/notify.php index a572b1534..ae8273a1d 100644 --- a/mod/notify.php +++ b/mod/notify.php @@ -20,7 +20,7 @@ function notify_init(&$a) { goaway($r[0]['link']); } - goaway($a->get_baseurl()); + goaway($a->get_baseurl(true)); } if($a->argc > 2 && $a->argv[1] === 'mark' && $a->argv[2] === 'all' ) { @@ -51,7 +51,7 @@ function notify_content(&$a) { if (count($r) > 0) { foreach ($r as $it) { $notif_content .= replace_macros($not_tpl,array( - '$item_link' => $a->get_baseurl().'/notify/view/'. $it['id'], + '$item_link' => $a->get_baseurl(true).'/notify/view/'. $it['id'], '$item_image' => $it['photo'], '$item_text' => strip_tags(bbcode($it['msg'])), '$item_when' => relative_date($it['date']) diff --git a/mod/parse_url.php b/mod/parse_url.php index e0b378f68..27dac4d5d 100755 --- a/mod/parse_url.php +++ b/mod/parse_url.php @@ -188,7 +188,7 @@ function parse_url_content(&$a) { if(! $text) { logger('parsing meta'); - $items = $domhead->getElementsByTagName('meta'); + $items = (isset($domhead) && is_object($domhead) ? $domhead->getElementsByTagName('meta') : null); if($items) { foreach($items as $item) { $property = $item->getAttribute('property'); diff --git a/mod/photos.php b/mod/photos.php index e40ae0d74..b294f0a66 100755 --- a/mod/photos.php +++ b/mod/photos.php @@ -1081,6 +1081,17 @@ function photos_content(&$a) { } + if(! $cmd !== 'edit') { + $a->page['htmlhead'] .= ''; + } + if($prevlink) $prevlink = array($prevlink, '') ; diff --git a/mod/profile_photo.php b/mod/profile_photo.php index e3dbdaf39..d1fd08eba 100755 --- a/mod/profile_photo.php +++ b/mod/profile_photo.php @@ -15,11 +15,13 @@ function profile_photo_init(&$a) { function profile_photo_post(&$a) { - if(! local_user()) { - notice ( t('Permission denied.') . EOL ); - return; - } - + if(! local_user()) { + notice ( t('Permission denied.') . EOL ); + return; + } + + check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo'); + if((x($_POST,'cropfinal')) && ($_POST['cropfinal'] == 1)) { // phase 2 - we have finished cropping @@ -148,7 +150,9 @@ function profile_photo_content(&$a) { notice( t('Permission denied.') . EOL ); return; }; - + + check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo'); + $resource_id = $a->argv[2]; //die(":".local_user()); $r=q("SELECT * FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' ORDER BY `scale` ASC", @@ -203,6 +207,7 @@ function profile_photo_content(&$a) { '$lbl_upfile' => t('Upload File:'), '$title' => t('Upload Profile Photo'), '$submit' => t('Upload'), + '$form_security_token' => get_form_security_token("profile_photo"), '$select' => sprintf('%s %s', t('or'), ($newuser) ? '' . t('skip this step') . '' : '' . t('select a photo from your photo albums') . '') )); @@ -218,6 +223,7 @@ function profile_photo_content(&$a) { '$image_url' => $a->get_baseurl() . '/photo/' . $filename, '$title' => t('Crop Image'), '$desc' => t('Please adjust the image cropping for optimum viewing.'), + '$form_security_token' => get_form_security_token("profile_photo"), '$done' => t('Done Editing') )); return $o; diff --git a/mod/profiles.php b/mod/profiles.php index ccd7d5474..7b3b6ccc1 100755 --- a/mod/profiles.php +++ b/mod/profiles.php @@ -21,6 +21,9 @@ function profiles_post(&$a) { notice( t('Profile not found.') . EOL); return; } + + check_form_security_token_redirectOnErr('/profiles', 'profile_edit'); + $is_default = (($orig[0]['is-default']) ? 1 : 0); $profile_name = notags(trim($_POST['profile_name'])); @@ -237,9 +240,11 @@ function profiles_content(&$a) { ); if(! count($r)) { notice( t('Profile not found.') . EOL); - goaway($a->get_baseurl() . '/profiles'); + goaway($a->get_baseurl(true) . '/profiles'); return; // NOTREACHED } + + check_form_security_token_redirectOnErr('/profiles', 'profile_drop', 't'); // move every contact using this profile as their default to the user default @@ -255,7 +260,7 @@ function profiles_content(&$a) { if($r) info( t('Profile deleted.') . EOL); - goaway($a->get_baseurl() . '/profiles'); + goaway($a->get_baseurl(true) . '/profiles'); return; // NOTREACHED } @@ -264,6 +269,8 @@ function profiles_content(&$a) { if(($a->argc > 1) && ($a->argv[1] === 'new')) { + + check_form_security_token_redirectOnErr('/profiles', 'profile_new', 't'); $r0 = q("SELECT `id` FROM `profile` WHERE `uid` = %d", intval(local_user())); @@ -290,11 +297,14 @@ function profiles_content(&$a) { info( t('New profile created.') . EOL); if(count($r3) == 1) - goaway($a->get_baseurl() . '/profiles/' . $r3[0]['id']); - goaway($a->get_baseurl() . '/profiles'); - } + goaway($a->get_baseurl(true) . '/profiles/' . $r3[0]['id']); + + goaway($a->get_baseurl(true) . '/profiles'); + } if(($a->argc > 2) && ($a->argv[1] === 'clone')) { + + check_form_security_token_redirectOnErr('/profiles', 'profile_clone', 't'); $r0 = q("SELECT `id` FROM `profile` WHERE `uid` = %d", intval(local_user())); @@ -329,10 +339,12 @@ function profiles_content(&$a) { ); info( t('New profile created.') . EOL); if(count($r3) == 1) - goaway($a->get_baseurl() . '/profiles/' . $r3[0]['id']); - goaway($a->get_baseurl() . '/profiles'); - return; // NOTREACHED - } + goaway($a->get_baseurl(true) . '/profiles/' . $r3[0]['id']); + + goaway($a->get_baseurl(true) . '/profiles'); + + return; // NOTREACHED + } if(($a->argc > 1) && (intval($a->argv[1]))) { @@ -361,7 +373,7 @@ function profiles_content(&$a) { )); - $a->page['htmlhead'] .= replace_macros($tpl, array('$baseurl' => $a->get_baseurl())); + $a->page['htmlhead'] .= replace_macros($tpl, array('$baseurl' => $a->get_baseurl(true))); $a->page['htmlhead'] .= ""; $f = get_config('system','birthday_input_format'); @@ -371,6 +383,9 @@ function profiles_content(&$a) { $is_default = (($r[0]['is-default']) ? 1 : 0); $tpl = get_markup_template("profile_edit.tpl"); $o .= replace_macros($tpl,array( + '$form_security_token' => get_form_security_token("profile_edit"), + '$profile_clone_link' => 'profiles/clone/' . $r[0]['id'] . '?t=' . get_form_security_token("profile_clone"), + '$profile_drop_link' => 'profiles/drop/' . $r[0]['id'] . '?t=' . get_form_security_token("profile_drop"), '$banner' => t('Edit Profile Details'), '$submit' => t('Submit'), '$viewprof' => t('View this profile'), @@ -410,7 +425,7 @@ function profiles_content(&$a) { '$lbl_work' => t('Work/employment'), '$lbl_school' => t('School/education'), '$disabled' => (($is_default) ? 'onclick="return false;" style="color: #BBBBFF;"' : ''), - '$baseurl' => $a->get_baseurl(), + '$baseurl' => $a->get_baseurl(true), '$profile_id' => $r[0]['id'], '$profile_name' => $r[0]['profile-name'], '$default' => (($is_default) ? '

                              ' . t('This is your public profile.
                              It may be visible to anybody using the internet.') . '

                              ' : ""), @@ -460,7 +475,8 @@ function profiles_content(&$a) { $o .= replace_macros($tpl_header,array( '$header' => t('Edit/Manage Profiles'), '$chg_photo' => t('Change profile photo'), - '$cr_new' => t('Create New Profile') + '$cr_new' => t('Create New Profile'), + '$cr_new_link' => 'profiles/new?t=' . get_form_security_token("profile_new") )); @@ -473,7 +489,7 @@ function profiles_content(&$a) { '$alt' => t('Profile Image'), '$profile_name' => $rr['profile-name'], '$visible' => (($rr['is-default']) ? '' . t('visible to everybody') . '' - : '' . t('Edit visibility') . '') + : '' . t('Edit visibility') . '') )); } } diff --git a/mod/settings.php b/mod/settings.php index 2ef582fdf..3a8ad29d2 100755 --- a/mod/settings.php +++ b/mod/settings.php @@ -53,16 +53,20 @@ function settings_post(&$a) { $old_page_flags = $a->user['page-flags']; if(($a->argc > 1) && ($a->argv[1] === 'oauth') && x($_POST,'remove')){ + check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth'); + $key = $_POST['remove']; q("DELETE FROM tokens WHERE id='%s' AND uid=%d", dbesc($key), local_user()); - goaway($a->get_baseurl()."/settings/oauth/"); + goaway($a->get_baseurl(true)."/settings/oauth/"); return; } if(($a->argc > 2) && ($a->argv[1] === 'oauth') && ($a->argv[2] === 'edit'||($a->argv[2] === 'add')) && x($_POST,'submit')) { + check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth'); + $name = ((x($_POST,'name')) ? $_POST['name'] : ''); $key = ((x($_POST,'key')) ? $_POST['key'] : ''); $secret = ((x($_POST,'secret')) ? $_POST['secret'] : ''); @@ -100,18 +104,23 @@ function settings_post(&$a) { local_user()); } } - goaway($a->get_baseurl()."/settings/oauth/"); + goaway($a->get_baseurl(true)."/settings/oauth/"); return; } if(($a->argc > 1) && ($a->argv[1] == 'addon')) { + check_form_security_token_redirectOnErr('/settings/addon', 'settings_addon'); + call_hooks('plugin_settings_post', $_POST); return; } if(($a->argc > 1) && ($a->argv[1] == 'connectors')) { - - if(x($_POST['imap-submit'])) { + + check_form_security_token_redirectOnErr('/settings/connectors', 'settings_connectors'); + + if(x($_POST, 'imap-submit')) { + $mail_server = ((x($_POST,'mail_server')) ? $_POST['mail_server'] : ''); $mail_port = ((x($_POST,'mail_port')) ? $_POST['mail_port'] : ''); $mail_ssl = ((x($_POST,'mail_ssl')) ? strtolower(trim($_POST['mail_ssl'])) : ''); @@ -185,7 +194,8 @@ function settings_post(&$a) { return; } - + check_form_security_token_redirectOnErr('/settings', 'settings'); + call_hooks('settings_post', $_POST); if((x($_POST,'npassword')) || (x($_POST,'confirm'))) { @@ -401,7 +411,7 @@ function settings_post(&$a) { } - goaway($a->get_baseurl() . '/settings' ); + goaway($a->get_baseurl(true) . '/settings' ); return; // NOTREACHED } @@ -425,27 +435,27 @@ function settings_content(&$a) { $tabs = array( array( 'label' => t('Account settings'), - 'url' => $a->get_baseurl().'/settings', + 'url' => $a->get_baseurl(true).'/settings', 'sel' => (($a->argc == 1)?'active':''), ), array( 'label' => t('Connector settings'), - 'url' => $a->get_baseurl().'/settings/connectors', + 'url' => $a->get_baseurl(true).'/settings/connectors', 'sel' => (($a->argc > 1) && ($a->argv[1] === 'connectors')?'active':''), ), array( 'label' => t('Plugin settings'), - 'url' => $a->get_baseurl().'/settings/addon', + 'url' => $a->get_baseurl(true).'/settings/addon', 'sel' => (($a->argc > 1) && ($a->argv[1] === 'addon')?'active':''), ), array( 'label' => t('Connections'), - 'url' => $a->get_baseurl() . '/settings/oauth', + 'url' => $a->get_baseurl(true) . '/settings/oauth', 'sel' => (($a->argc > 1) && ($a->argv[1] === 'oauth')?'active':''), ), array( 'label' => t('Export personal data'), - 'url' => $a->get_baseurl() . '/uexport', + 'url' => $a->get_baseurl(true) . '/uexport', 'sel' => '' ) ); @@ -460,6 +470,7 @@ function settings_content(&$a) { if(($a->argc > 2) && ($a->argv[2] === 'add')) { $tpl = get_markup_template("settings_oauth_edit.tpl"); $o .= replace_macros($tpl, array( + '$form_security_token' => get_form_security_token("settings_oauth"), '$tabs' => $tabs, '$title' => t('Add application'), '$submit' => t('Submit'), @@ -486,6 +497,7 @@ function settings_content(&$a) { $tpl = get_markup_template("settings_oauth_edit.tpl"); $o .= replace_macros($tpl, array( + '$form_security_token' => get_form_security_token("settings_oauth"), '$tabs' => $tabs, '$title' => t('Add application'), '$submit' => t('Update'), @@ -500,10 +512,12 @@ function settings_content(&$a) { } if(($a->argc > 3) && ($a->argv[2] === 'delete')) { + check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth', 't'); + $r = q("DELETE FROM clients WHERE client_id='%s' AND uid=%d", dbesc($a->argv[3]), local_user()); - goaway($a->get_baseurl()."/settings/oauth/"); + goaway($a->get_baseurl(true)."/settings/oauth/"); return; } @@ -518,7 +532,8 @@ function settings_content(&$a) { $tpl = get_markup_template("settings_oauth.tpl"); $o .= replace_macros($tpl, array( - '$baseurl' => $a->get_baseurl(), + '$form_security_token' => get_form_security_token("settings_oauth"), + '$baseurl' => $a->get_baseurl(true), '$title' => t('Connected Apps'), '$add' => t('Add application'), '$edit' => t('Edit'), @@ -544,6 +559,7 @@ function settings_content(&$a) { $tpl = get_markup_template("settings_addons.tpl"); $o .= replace_macros($tpl, array( + '$form_security_token' => get_form_security_token("settings_addon"), '$title' => t('Plugin Settings'), '$tabs' => $tabs, '$settings_addons' => $settings_addons @@ -586,28 +602,28 @@ function settings_content(&$a) { $tpl = get_markup_template("settings_connectors.tpl"); $o .= replace_macros($tpl, array( + '$form_security_token' => get_form_security_token("settings_connectors"), + '$title' => t('Connector Settings'), '$tabs' => $tabs, - '$diasp_enabled' => $diasp_enabled, - '$ostat_enabled' => $ostat_enabled, - - '$h_imap' => t('Email/Mailbox Setup'), - '$imap_desc' => t("If you wish to communicate with email contacts using this service \x28optional\x29, please specify how to connect to your mailbox."), - '$imap_lastcheck' => array('imap_lastcheck', t('Last successful email check:'), $mail_chk,''), - '$mail_disabled' => (($mail_disabled) ? t('Email access is disabled on this site.') : ''), - '$mail_server' => array('mail_server', t('IMAP server name:'), $mail_server, ''), - '$mail_port' => array('mail_port', t('IMAP port:'), $mail_port, ''), - '$mail_ssl' => array('mail_ssl', t('Security:'), strtoupper($mail_ssl), '', array( ''=>t('None'), 'TLS'=>'TLS', 'SSL'=>'SSL')), - '$mail_user' => array('mail_user', t('Email login name:'), $mail_user, ''), - '$mail_pass' => array('mail_pass', t('Email password:'), '', ''), - '$mail_replyto' => array('mail_replyto', t('Reply-to address:'), '', 'Optional'), - '$mail_pubmail' => array('mail_pubmail', t('Send public posts to all email contacts:'), $mail_pubmail, ''), - '$mail_action' => array('mail_action', t('Action after import:'), $mail_action, '', array(0=>t('None'), 1=>t('Delete'), 2=>t('Mark as seen'), 3=>t('Move to folder'))), - '$mail_movetofolder' => array('mail_movetofolder', t('Move to folder:'), $mail_movetofolder, ''), - '$submit' => t('Submit'), - + '$diasp_enabled' => $diasp_enabled, + '$ostat_enabled' => $ostat_enabled, + '$h_imap' => t('Email/Mailbox Setup'), + '$imap_desc' => t("If you wish to communicate with email contacts using this service \x28optional\x29, please specify how to connect to your mailbox."), + '$imap_lastcheck' => array('imap_lastcheck', t('Last successful email check:'), $mail_chk,''), + '$mail_disabled' => (($mail_disabled) ? t('Email access is disabled on this site.') : ''), + '$mail_server' => array('mail_server', t('IMAP server name:'), $mail_server, ''), + '$mail_port' => array('mail_port', t('IMAP port:'), $mail_port, ''), + '$mail_ssl' => array('mail_ssl', t('Security:'), strtoupper($mail_ssl), '', array( ''=>t('None'), 'TLS'=>'TLS', 'SSL'=>'SSL')), + '$mail_user' => array('mail_user', t('Email login name:'), $mail_user, ''), + '$mail_pass' => array('mail_pass', t('Email password:'), '', ''), + '$mail_replyto' => array('mail_replyto', t('Reply-to address:'), '', 'Optional'), + '$mail_pubmail' => array('mail_pubmail', t('Send public posts to all email contacts:'), $mail_pubmail, ''), + '$mail_action' => array('mail_action', t('Action after import:'), $mail_action, '', array(0=>t('None'), 1=>t('Delete'), 2=>t('Mark as seen'), 3=>t('Move to folder'))), + '$mail_movetofolder' => array('mail_movetofolder', t('Move to folder:'), $mail_movetofolder, ''), + '$submit' => t('Submit'), '$settings_connectors' => $settings_connectors )); @@ -636,20 +652,20 @@ function settings_content(&$a) { $blocktags = $a->user['blocktags']; $expire_items = get_pconfig(local_user(), 'expire','items'); - $expire_items = (($expire_items===false)?1:$expire_items); // default if not set: 1 + $expire_items = (($expire_items===false)? '1' : $expire_items); // default if not set: 1 $expire_notes = get_pconfig(local_user(), 'expire','notes'); - $expire_notes = (($expire_notes===false)?1:$expire_notes); // default if not set: 1 + $expire_notes = (($expire_notes===false)? '1' : $expire_notes); // default if not set: 1 $expire_starred = get_pconfig(local_user(), 'expire','starred'); - $expire_starred = (($expire_starred===false)?1:$expire_starred); // default if not set: 1 + $expire_starred = (($expire_starred===false)? '1' : $expire_starred); // default if not set: 1 $expire_photos = get_pconfig(local_user(), 'expire','photos'); - $expire_photos = (($expire_photos===false)?0:$expire_photos); // default if not set: 0 + $expire_photos = (($expire_photos===false)? '0' : $expire_photos); // default if not set: 0 $suggestme = get_pconfig(local_user(), 'system','suggestme'); - $suggestme = (($suggestme===false)?0:$suggestme); // default if not set: 0 + $suggestme = (($suggestme===false)? '0': $suggestme); // default if not set: 0 $browser_update = intval(get_pconfig(local_user(), 'system','update_interval')); $browser_update = (($browser_update == 0) ? 40 : $browser_update / 1000); // default if not set: 40 seconds @@ -720,13 +736,13 @@ function settings_content(&$a) { )); $blockwall = replace_macros($opt_tpl,array( - '$field' => array('blockwall', t('Allow friends to post to your profile page?'), ! $a->user['blockwall'], '', array(t('No'),t('Yes'))), + '$field' => array('blockwall', t('Allow friends to post to your profile page?'), (intval($a->user['blockwall']) ? '0' : '1'), '', array(t('No'),t('Yes'))), )); $blocktags = replace_macros($opt_tpl,array( - '$field' => array('blocktags', t('Allow friends to tag your posts?'), ! $a->user['blocktags'], '', array(t('No'),t('Yes'))), + '$field' => array('blocktags', t('Allow friends to tag your posts?'), (intval($a->user['blocktags']) ? '0' : '1'), '', array(t('No'),t('Yes'))), )); @@ -773,7 +789,7 @@ function settings_content(&$a) { $theme_selected = (!x($_SESSION,'theme')? $default_theme : $_SESSION['theme']); - $subdir = ((strlen($a->get_path())) ? '
                              ' . t('or') . ' ' . $a->get_baseurl() . '/profile/' . $nickname : ''); + $subdir = ((strlen($a->get_path())) ? '
                              ' . t('or') . ' ' . $a->get_baseurl(true) . '/profile/' . $nickname : ''); $tpl_addr = get_markup_template("settings_nick_set.tpl"); @@ -803,8 +819,9 @@ function settings_content(&$a) { '$ptitle' => t('Account Settings'), '$submit' => t('Submit'), - '$baseurl' => $a->get_baseurl(), + '$baseurl' => $a->get_baseurl(true), '$uid' => local_user(), + '$form_security_token' => get_form_security_token("settings"), '$nickname_block' => $prof_addr, diff --git a/mod/share.php b/mod/share.php index f6c025e3c..47bb851a4 100755 --- a/mod/share.php +++ b/mod/share.php @@ -17,7 +17,7 @@ function share_init(&$a) { $o = ''; if(local_user() && intval(get_pconfig(local_user(),'system','plaintext'))) { - $o .= '♲ [url=' . $r[0]['author-link'] . ']' . $r[0]['author-name'] . '[/url]'; + $o .= "\xE2\x99\xb2" . ' [url=' . $r[0]['author-link'] . ']' . $r[0]['author-name'] . '[/url]' . "\n"; if($r[0]['title']) $o .= '[b]' . $r[0]['title'] . '[/b]' . "\n"; $o .= $r[0]['body'] . "\n"; diff --git a/tests/autoname_test.php b/tests/autoname_test.php new file mode 100755 index 000000000..9dae920ca --- /dev/null +++ b/tests/autoname_test.php @@ -0,0 +1,73 @@ +assertNotEquals($autoname1, $autoname2); + } + + /** + *autonames should be random, odd length + */ + public function testAutonameOdd() { + $autoname1=autoname(9); + $autoname2=autoname(9); + + $this->assertNotEquals($autoname1, $autoname2); + } + + /** + * try to fail autonames + */ + public function testAutonameNoLength() { + $autoname1=autoname(0); + $this->assertEquals(0, count($autoname1)); + } + + /** + * try to fail it with invalid input + * + * TODO: What's corect behaviour here? An exception? + */ + public function testAutonameNegativeLength() { + $autoname1=autoname(-23); + $this->assertEquals(0, count($autoname1)); + } + + // public function testAutonameMaxLength() { + // $autoname2=autoname(PHP_INT_MAX); + // $this->assertEquals(PHP_INT_MAX, count($autoname2)); + // } + + /** + * test with a length, that may be too short + */ + public function testAutonameLength1() { + $autoname1=autoname(1); + $this->assertEquals(1, count($autoname1)); + + $autoname2=autoname(1); + $this->assertEquals(1, count($autoname2)); + + $this->assertFalse($autoname1==$autoname2); + } +} \ No newline at end of file diff --git a/tests/contains_attribute_test.php b/tests/contains_attribute_test.php new file mode 100755 index 000000000..b0bb06acf --- /dev/null +++ b/tests/contains_attribute_test.php @@ -0,0 +1,51 @@ +assertTrue(attribute_contains($testAttr, "class3")); + $this->assertFalse(attribute_contains($testAttr, "class2")); + } + + /** + * test attribute contains + */ + public function testAttributeContains2() { + $testAttr="class1 not-class2 class3"; + $this->assertTrue(attribute_contains($testAttr, "class3")); + $this->assertFalse(attribute_contains($testAttr, "class2")); + } + + /** + * test with empty input + */ + public function testAttributeContainsEmpty() { + $testAttr=""; + $this->assertFalse(attribute_contains($testAttr, "class2")); + } + + /** + * test input with special chars + */ + public function testAttributeContainsSpecialChars() { + $testAttr="--... %\$ä() /(=?}"; + $this->assertFalse(attribute_contains($testAttr, "class2")); + } +} \ No newline at end of file diff --git a/tests/expand_acl_test.php b/tests/expand_acl_test.php new file mode 100755 index 000000000..b516a3f14 --- /dev/null +++ b/tests/expand_acl_test.php @@ -0,0 +1,142 @@ +<2><3>'; + $this->assertEquals(array(1, 2, 3), expand_acl($text)); + } + + /** + * test with a big number + */ + public function testExpandAclBigNumber() { + $text='<1><'.PHP_INT_MAX.'><15>'; + $this->assertEquals(array(1, PHP_INT_MAX, 15), expand_acl($text)); + } + + /** + * test with a string in it. + * + * TODO: is this valid input? Otherwise: should there be an exception? + */ + public function testExpandAclString() { + $text="<1><279012>"; + $this->assertEquals(array(1, 279012, 'tt'), expand_acl($text)); + } + + /** + * test with a ' ' in it. + * + * TODO: is this valid input? Otherwise: should there be an exception? + */ + public function testExpandAclSpace() { + $text="<1><279 012><32>"; + $this->assertEquals(array(1, "279 012", "32"), expand_acl($text)); + } + + /** + * test empty input + */ + public function testExpandAclEmpty() { + $text=""; + $this->assertEquals(array(), expand_acl($text)); + } + + /** + * test invalid input, no < at all + * + * TODO: should there be an exception? + */ + public function testExpandAclNoBrackets() { + $text="According to documentation, that's invalid. "; //should be invalid + $this->assertEquals(array(), expand_acl($text)); + } + + /** + * test invalid input, just open < + * + * TODO: should there be an exception? + */ + public function testExpandAclJustOneBracket1() { + $text="assertEquals(array(), expand_acl($text)); + } + + /** + * test invalid input, just close > + * + * TODO: should there be an exception? + */ + public function testExpandAclJustOneBracket2() { + $text="Another invalid> string"; //should be invalid + $this->assertEquals(array(), expand_acl($text)); + } + + /** + * test invalid input, just close > + * + * TODO: should there be an exception? + */ + public function testExpandAclCloseOnly() { + $text="Another> invalid> string>"; //should be invalid + $this->assertEquals(array(), expand_acl($text)); + } + + /** + * test invalid input, just open < + * + * TODO: should there be an exception? + */ + public function testExpandAclOpenOnly() { + $text="assertEquals(array(), expand_acl($text)); + } + + /** + * test invalid input, open and close do not match + * + * TODO: should there be an exception? + */ + public function testExpandAclNoMatching1() { + $text=" invalid "; //should be invalid + $this->assertEquals(array(), expand_acl($text)); + } + + /** + * test invalid input, open and close do not match + * + * TODO: should there be an exception? + */ + public function testExpandAclNoMatching2() { + $text="<1>2><3>"; + $this->assertEquals(array(), expand_acl($text)); + } + + /** + * test invalid input, empty <> + * + * TODO: should there be an exception? Or array(1, 3) + */ + public function testExpandAclEmptyMatch() { + $text="<1><><3>"; + $this->assertEquals(array(), expand_acl($text)); + } +} \ No newline at end of file diff --git a/tests/get_tags_test.php b/tests/get_tags_test.php new file mode 100644 index 000000000..9051923be --- /dev/null +++ b/tests/get_tags_test.php @@ -0,0 +1,313 @@ +15, + 'attag'=>'', 'network'=>'dfrn', + 'name'=>'Mike Lastname', 'alias'=>'Mike', + 'nick'=>'Mike', 'url'=>"http://justatest.de")); + + $args=func_get_args(); + + //last parameter is always (in this test) uid, so, it should be 11 + if($args[count($args)-1]!=11) { + return; + } + + + if(3==count($args)) { + //first call in handle_body, id only + if($result[0]['id']==$args[1]) { + return $result; + } + //second call in handle_body, name + if($result[0]['name']===$args[1]) { + return $result; + } + } + //third call in handle_body, nick or attag + if($result[0]['nick']===$args[2] || $result[0]['attag']===$args[1]) { + return $result; + } +} + +/** + * replacement for dbesc. + * I don't want to test dbesc here, so + * I just return the input. It won't be a problem, because + * the test does not use a real database. + * + * DON'T USE HAT FUNCTION OUTSIDE A TEST! + * + * @param string $str + * @return input + */ +function dbesc($str) { + return $str; +} + +/** + * TestCase for tag handling. + * + * @author alexander + * @package test.util + */ +class GetTagsTest extends PHPUnit_Framework_TestCase { + /** the mock to use as app */ + private $a; + + /** + * initialize the test. That's a phpUnit function, + * don't change its name. + */ + public function setUp() { + $this->a=new MockApp(); + } + + /** + * test with one Person tag + */ + public function testGetTagsShortPerson() { + $text="hi @Mike"; + + $tags=get_tags($text); + + $inform=''; + $str_tags=''; + foreach($tags as $tag) { + handle_tag($this->a, $text, $inform, $str_tags, 11, $tag); + } + + //correct tags found? + $this->assertEquals(1, count($tags)); + $this->assertTrue(in_array("@Mike", $tags)); + + //correct output from handle_tag? + $this->assertEquals("cid:15", $inform); + $this->assertEquals("@[url=http://justatest.de]Mike Lastname[/url]", $str_tags); + $this->assertEquals("hi @[url=http://justatest.de]Mike Lastname[/url]", $text); + } + + /** + * test with one Person tag. + * There's a minor spelling mistake... + */ + public function testGetTagsShortPersonSpelling() { + $text="hi @Mike.because"; + + $tags=get_tags($text); + + //correct tags found? + $this->assertEquals(1, count($tags)); + $this->assertTrue(in_array("@Mike.because", $tags)); + + $inform=''; + $str_tags=''; + handle_tag($this->a, $text, $inform, $str_tags, 11, $tags[0]); + + $this->assertEquals("cid:15", $inform); + $this->assertEquals("@[url=http://justatest.de]Mike Lastname[/url]", $str_tags); + $this->assertEquals("hi @[url=http://justatest.de]Mike Lastname[/url].because", $text); + } + + /** + * test with two Person tags. + * There's a minor spelling mistake... + */ + public function testGetTagsPerson2Spelling() { + $text="hi @Mike@campino@friendica.eu"; + + $tags=get_tags($text); + + $this->assertEquals(2, count($tags)); + $this->assertTrue(in_array("@Mike", $tags)); + $this->assertTrue(in_array("@campino@friendica.eu", $tags)); + } + + /** + * Test with one hash tag. + */ + public function testGetTagsShortTag() { + $text="This is a #test_case"; + + $tags=get_tags($text); + + $this->assertEquals(1, count($tags)); + $this->assertTrue(in_array("#test_case", $tags)); + } + + /** + * test with a person and a hash tag + */ + public function testGetTagsShortTagAndPerson() { + $text="hi @Mike This is a #test_case"; + + $tags=get_tags($text); + + $this->assertEquals(3, count($tags)); + $this->assertTrue(in_array("@Mike", $tags)); + $this->assertTrue(in_array("@Mike This", $tags)); + $this->assertTrue(in_array("#test_case", $tags)); + + $inform=''; + $str_tags=''; + foreach($tags as $tag) { + handle_tag($this->a, $text, $inform, $str_tags, 11, $tag); + } + + $this->assertEquals("cid:15", $inform); + $this->assertEquals("@[url=http://justatest.de]Mike Lastname[/url],#[url=baseurl/search?search=test%20case]test case[/url]", $str_tags); + $this->assertEquals("hi @[url=http://justatest.de]Mike Lastname[/url] This is a #[url=baseurl/search?search=test%20case]test case[/url]", $text); + + } + + /** + * test with a person, a hash tag and some special chars. + */ + public function testGetTagsShortTagAndPersonSpecialChars() { + $text="hi @Mike, This is a #test_case."; + + $tags=get_tags($text); + + $this->assertEquals(2, count($tags)); + $this->assertTrue(in_array("@Mike", $tags)); + $this->assertTrue(in_array("#test_case", $tags)); + } + + /** + * Test with a person tag and text behind it. + */ + public function testGetTagsPersonOnly() { + $text="@Test I saw the Theme Dev group was created."; + + $tags=get_tags($text); + + $this->assertEquals(2, count($tags)); + $this->assertTrue(in_array("@Test I", $tags)); + $this->assertTrue(in_array("@Test", $tags)); + } + + /** + * this test demonstrates strange behaviour by intval. + * It makes the next test fail. + */ + public function testIntval() { + $this->assertEquals(15, intval("15 it")); + } + + /** + * test a tag with an id in it + */ + public function testIdTag() { + $text="Test with @mike+15 id tag"; + + $tags=get_tags($text); + + $this->assertEquals(2, count($tags)); + $this->assertTrue(in_array("@mike+15", $tags)); + + //happens right now, but it shouldn't be necessary + $this->assertTrue(in_array("@mike+15 id", $tags)); + + $inform=''; + $str_tags=''; + foreach($tags as $tag) { + handle_tag($this->a, $text, $inform, $str_tags, 11, $tag); + } + + $this->assertEquals("Test with @[url=http://justatest.de]Mike Lastname[/url] id tag", $text); + $this->assertEquals("@[url=http://justatest.de]Mike Lastname[/url]", $str_tags); + $this->assertEquals("cid:15", $inform); + } + + /** + * test with two persons and one special tag. + */ + public function testGetTags2Persons1TagSpecialChars() { + $text="hi @Mike, I'm just writing #test_cases, so" + ." so @somebody@friendica.com may change #things."; + + $tags=get_tags($text); + + $this->assertEquals(5, count($tags)); + $this->assertTrue(in_array("@Mike", $tags)); + $this->assertTrue(in_array("#test_cases", $tags)); + $this->assertTrue(in_array("@somebody@friendica.com", $tags)); + $this->assertTrue(in_array("@somebody@friendica.com may", $tags)); + $this->assertTrue(in_array("#things", $tags)); + } + + /** + * test with a long text. + */ + public function testGetTags() { + $text="hi @Mike, I'm just writing #test_cases, " + ." so @somebody@friendica.com may change #things. Of course I " + ."look for a lot of #pitfalls, like #tags at the end of a sentence " + ."@comment. I hope noone forgets about @fullstops.because that might" + ." break #things. @Mike@campino@friendica.eu is also #nice, isn't it? " + ."Now, add a @first_last tag. "; + + $tags=get_tags($text); + + $this->assertTrue(in_array("@Mike", $tags)); + $this->assertTrue(in_array("#test_cases", $tags)); + $this->assertTrue(in_array("@somebody@friendica.com", $tags)); + $this->assertTrue(in_array("#things", $tags)); + $this->assertTrue(in_array("#pitfalls", $tags)); + $this->assertTrue(in_array("#tags", $tags)); + $this->assertTrue(in_array("@comment", $tags)); + $this->assertTrue(in_array("@fullstops.because", $tags)); + $this->assertTrue(in_array("#things", $tags)); + $this->assertTrue(in_array("@Mike", $tags)); + $this->assertTrue(in_array("#nice", $tags)); + $this->assertTrue(in_array("@first_last", $tags)); + + //right now, none of the is matched + $this->assertFalse(in_array("@Mike@campino@friendica.eu", $tags)); + $this->assertTrue(in_array("@campino@friendica.eu", $tags)); + $this->assertTrue(in_array("@campino@friendica.eu is", $tags)); + } + + /** + * test with an empty string + */ + public function testGetTagsEmpty() { + $tags=get_tags(""); + $this->assertEquals(0, count($tags)); + } +} \ No newline at end of file diff --git a/tests/xss_filter_test.php b/tests/xss_filter_test.php new file mode 100644 index 000000000..d7dcf0472 --- /dev/null +++ b/tests/xss_filter_test.php @@ -0,0 +1,50 @@ +'; + + $validstring=notags($invalidstring); + $escapedString=escape_tags($invalidstring); + + $this->assertEquals('[submit type="button" onclick="alert(\'failed!\');" /]', $validstring); + $this->assertEquals("<submit type="button" onclick="alert('failed!');" />", $escapedString); + } + + /** + *xmlify and unxmlify + */ + public function testXmlify() { + $text="I want to break\n this!11!"; + $xml=xmlify($text); //test whether it actually may be part of a xml document + $retext=unxmlify($text); + + $this->assertEquals($text, $retext); + } + + /** + * test hex2bin and reverse + */ + public function testHex2Bin() { + $this->assertEquals(-3, hex2bin(bin2hex(-3))); + $this->assertEquals(0, hex2bin(bin2hex(0))); + $this->assertEquals(12, hex2bin(bin2hex(12))); + $this->assertEquals(PHP_INT_MAX, hex2bin(bin2hex(PHP_INT_MAX))); + } + + //function qp, quick and dirty?? + //get_mentions + //get_contact_block, bis Zeile 538 +} +?> diff --git a/update.php b/update.php index c29394b48..6a685a6ff 100755 --- a/update.php +++ b/update.php @@ -1,6 +1,6 @@ diff --git a/view/atom_feed.tpl b/view/atom_feed.tpl index 72cf8e4fd..2feb547ee 100755 --- a/view/atom_feed.tpl +++ b/view/atom_feed.tpl @@ -16,6 +16,7 @@ $hub $salmon + $community $feed_updated diff --git a/view/atom_feed_dfrn.tpl b/view/atom_feed_dfrn.tpl index 3d6bcc5b5..0bae62b52 100755 --- a/view/atom_feed_dfrn.tpl +++ b/view/atom_feed_dfrn.tpl @@ -12,10 +12,11 @@ $feed_id $feed_title - Friendika + Friendica $hub $salmon + $community $feed_updated diff --git a/view/auto_request.tpl b/view/auto_request.tpl index 204fcf247..2958397c9 100755 --- a/view/auto_request.tpl +++ b/view/auto_request.tpl @@ -7,8 +7,15 @@ $page_desc
                            • $friendica
                            • $diaspora $diasnote
                            • $statusnet
                              • +
                            • $emailnet

                            +

                            +$invite_desc +

                            +

                            +$desc +

                            diff --git a/view/cropbody.tpl b/view/cropbody.tpl index c9c0f84de..b484d15bf 100755 --- a/view/cropbody.tpl +++ b/view/cropbody.tpl @@ -40,6 +40,7 @@ $desc + diff --git a/view/de/strings.php b/view/de/strings.php index 3f9176cd7..5438a1c9f 100755 --- a/view/de/strings.php +++ b/view/de/strings.php @@ -4,23 +4,23 @@ function string_plural_select_de($n){ return ($n != 1); } ; -$a->strings["Post successful."] = "Beitrag erfolgreich veröffentlicht."; +$a->strings["Post successful."] = "Beitrag erfolgreich ver�ffentlicht."; $a->strings["[Embedded content - reload page to view]"] = "[Eingebetteter Inhalt - Seite neu laden zum Betrachten]"; $a->strings["Contact settings applied."] = "Einstellungen zum Kontakt angewandt."; $a->strings["Contact update failed."] = "Konnte den Kontakt nicht aktualisieren."; $a->strings["Permission denied."] = "Zugriff verweigert."; $a->strings["Contact not found."] = "Kontakt nicht gefunden."; $a->strings["Repair Contact Settings"] = "Kontakt-Einstellungen reparieren"; -$a->strings["WARNING: This is highly advanced and if you enter incorrect information your communications with this contact may stop working."] = "ACHTUNG: Das sind Experten-Einstellungen! Wenn Du etwas Falsches eingibst, funktioniert die Kommunikation mit diesem Kontakt evtl. nicht mehr."; -$a->strings["Please use your browser 'Back' button now if you are uncertain what to do on this page."] = "Bitte nutze den Zurück-Button deines Browsers jetzt, wenn du dir unsicher bist, was du tun willst."; -$a->strings["Return to contact editor"] = "Zurück zum Kontakteditor"; +$a->strings["WARNING: This is highly advanced and if you enter incorrect information your communications with this contact may stop working."] = "ACHTUNG: Das sind Experten-Einstellungen! Wenn Du etwas falsches eingibst, funktioniert die Kommunikation mit diesem Kontakt evtl. nicht mehr."; +$a->strings["Please use your browser 'Back' button now if you are uncertain what to do on this page."] = "Bitte nutze den Zur�ck-Button deines Browsers jetzt, wenn du dir unsicher bist, was auf dieser Seite gemacht wird."; +$a->strings["Return to contact editor"] = "Zur�ck zum Kontakteditor"; $a->strings["Name"] = "Name"; $a->strings["Account Nickname"] = "Account-Spitzname"; -$a->strings["@Tagname - overrides Name/Nickname"] = "@Tagname - überschreibt Name/Spitzname"; +$a->strings["@Tagname - overrides Name/Nickname"] = "@Tagname - �berschreibt Name/Spitzname"; $a->strings["Account URL"] = "Account-URL"; -$a->strings["Friend Request URL"] = "URL für Freundschaftsanfragen"; -$a->strings["Friend Confirm URL"] = "URL für Bestätigungen von Freundschaftsanfragen"; -$a->strings["Notification Endpoint URL"] = "URL-Endpunkt für Benachrichtigungen"; +$a->strings["Friend Request URL"] = "URL f�r Freundschaftsanfragen"; +$a->strings["Friend Confirm URL"] = "URL f�r Best�tigungen von Freundschaftsanfragen"; +$a->strings["Notification Endpoint URL"] = "URL-Endpunkt f�r Benachrichtigungen"; $a->strings["Poll/Feed URL"] = "Pull/Feed-URL"; $a->strings["New photo from this URL"] = "Neues Foto von dieser URL"; $a->strings["Submit"] = "Senden"; @@ -28,7 +28,7 @@ $a->strings["Help:"] = "Hilfe:"; $a->strings["Help"] = "Hilfe"; $a->strings["Not Found"] = "Nicht gefunden"; $a->strings["Page not found."] = "Seite nicht gefunden."; -$a->strings["File exceeds size limit of %d"] = "Die Datei ist größer als das erlaubte Limit von %d"; +$a->strings["File exceeds size limit of %d"] = "Die Datei ist gr��er als das erlaubte Limit von %d"; $a->strings["File upload failed."] = "Hochladen der Datei fehlgeschlagen."; $a->strings["Friend suggestion sent."] = "Kontaktvorschlag gesendet."; $a->strings["Suggest Friends"] = "Kontakte vorschlagen"; @@ -40,7 +40,7 @@ $a->strings["link to source"] = "Link zum Originalbeitrag"; $a->strings["Events"] = "Veranstaltungen"; $a->strings["Create New Event"] = "Neue Veranstaltung erstellen"; $a->strings["Previous"] = "Vorherige"; -$a->strings["Next"] = "Nächste"; +$a->strings["Next"] = "N�chste"; $a->strings["hour:minute"] = "Stunde:Minute"; $a->strings["Event details"] = "Veranstaltungsdetails"; $a->strings["Format is %s %s. Starting date and Description are required."] = "Format ist %s %s. Anfangsdatum und Beschreibung sind notwendig."; diff --git a/view/dfrn_request.tpl b/view/dfrn_request.tpl index cd98a4daa..d8aa8b181 100755 --- a/view/dfrn_request.tpl +++ b/view/dfrn_request.tpl @@ -7,7 +7,11 @@ $page_desc
                          • $friendica
                          • $diaspora $diasnote
                          • $statusnet
                            • +
                          • $emailnet
                          +$invite_desc +

                          +

                          $desc

                          diff --git a/view/fileas_widget.tpl b/view/fileas_widget.tpl new file mode 100755 index 000000000..54fba7435 --- /dev/null +++ b/view/fileas_widget.tpl @@ -0,0 +1,12 @@ +
                          +

                          $title

                          +
                          $desc
                          + + + +
                          diff --git a/view/group_drop.tpl b/view/group_drop.tpl index cbae1610f..2cbebbb8e 100755 --- a/view/group_drop.tpl +++ b/view/group_drop.tpl @@ -1,5 +1,5 @@ diff --git a/view/login.tpl b/view/login.tpl index 5349fa3d8..4cbbb1624 100755 --- a/view/login.tpl +++ b/view/login.tpl @@ -1,5 +1,5 @@ - +
                          diff --git a/view/logout.tpl b/view/logout.tpl index 6a84a5bbc..efc971df8 100755 --- a/view/logout.tpl +++ b/view/logout.tpl @@ -1,4 +1,4 @@ - +
                          diff --git a/view/mail_list.tpl b/view/mail_list.tpl old mode 100755 new mode 100644 index b284ffb0e..22e35dec8 --- a/view/mail_list.tpl +++ b/view/mail_list.tpl @@ -1,6 +1,6 @@
                          - $from_name + $from_name
                          $from_name
                          diff --git a/view/msg-header.tpl b/view/msg-header.tpl index b5c78345a..098333893 100755 --- a/view/msg-header.tpl +++ b/view/msg-header.tpl @@ -30,6 +30,12 @@ if(plaintext != 'none') { setup : function(ed) { ed.onInit.add(function(ed) { ed.pasteAsPlainText = true; + var editorId = ed.editorId; + var textarea = $('#'+editorId); + if (typeof(textarea.attr('tabindex')) != "undefined") { + $('#'+editorId+'_ifr').attr('tabindex', textarea.attr('tabindex')); + textarea.attr('tabindex', null); + } }); } }); diff --git a/view/photo_view.tpl b/view/photo_view.tpl index 5dbcabadf..732caf690 100755 --- a/view/photo_view.tpl +++ b/view/photo_view.tpl @@ -14,7 +14,7 @@
                          {{ if $nextlink }}{{ endif }}
                          -
                          $desc
                          +
                          $desc
                          {{ if $tags }}
                          $tags.0
                          $tags.1
                          diff --git a/view/profile_edit.tpl b/view/profile_edit.tpl index 8dab72649..e5c7162d0 100755 --- a/view/profile_edit.tpl +++ b/view/profile_edit.tpl @@ -5,9 +5,9 @@ $default @@ -17,6 +17,7 @@ $default
                          +
                          diff --git a/view/profile_listing_header.tpl b/view/profile_listing_header.tpl index 09e4fc9b2..61a273792 100755 --- a/view/profile_listing_header.tpl +++ b/view/profile_listing_header.tpl @@ -3,6 +3,6 @@ $chg_photo

                          diff --git a/view/profile_photo.tpl b/view/profile_photo.tpl index f258b5b86..0b3a1cac1 100755 --- a/view/profile_photo.tpl +++ b/view/profile_photo.tpl @@ -1,6 +1,7 @@

                          $title

                          +
                          diff --git a/view/profile_vcard.tpl b/view/profile_vcard.tpl index 5bcbfd0b0..7cd02f164 100755 --- a/view/profile_vcard.tpl +++ b/view/profile_vcard.tpl @@ -18,8 +18,8 @@
                          {{ endif }}
                          - - + + {{ if $pdesc }}
                          $profile.pdesc
                          {{ endif }}
                          $profile.name
                          diff --git a/view/prv_message.tpl b/view/prv_message.tpl index 4b904cbcd..2ce07ce6f 100755 --- a/view/prv_message.tpl +++ b/view/prv_message.tpl @@ -10,14 +10,14 @@ $parent $select
                          $subject
                          - +
                          $yourmessage
                          - +
                          - +
                          diff --git a/view/settings.tpl b/view/settings.tpl index 46c737b23..25479b5bf 100755 --- a/view/settings.tpl +++ b/view/settings.tpl @@ -5,7 +5,7 @@ $tabs $nickname_block - +

                          $h_pass

                          diff --git a/view/settings_addons.tpl b/view/settings_addons.tpl index 2cbfd17e9..28fca5362 100755 --- a/view/settings_addons.tpl +++ b/view/settings_addons.tpl @@ -4,6 +4,7 @@ $tabs + $settings_addons diff --git a/view/settings_connectors.tpl b/view/settings_connectors.tpl index 9493c8bf7..43c0346bb 100755 --- a/view/settings_connectors.tpl +++ b/view/settings_connectors.tpl @@ -6,6 +6,7 @@ $tabs
                          $ostat_enabled
                          + $settings_connectors diff --git a/view/settings_oauth.tpl b/view/settings_oauth.tpl index 0de0dbe98..da1398ab9 100755 --- a/view/settings_oauth.tpl +++ b/view/settings_oauth.tpl @@ -4,7 +4,8 @@ $tabs - + + {{ endfor }} diff --git a/view/settings_oauth_edit.tpl b/view/settings_oauth_edit.tpl index 98b7457aa..d29341386 100755 --- a/view/settings_oauth_edit.tpl +++ b/view/settings_oauth_edit.tpl @@ -3,6 +3,8 @@ $tabs

                          $title

                          + + {{ inc field_input.tpl with $field=$name }}{{ endinc }} {{ inc field_input.tpl with $field=$key }}{{ endinc }} {{ inc field_input.tpl with $field=$secret }}{{ endinc }} diff --git a/view/theme/darkbubble/theme.php b/view/theme/darkbubble/theme.php index 326c98bbd..053730c21 100755 --- a/view/theme/darkbubble/theme.php +++ b/view/theme/darkbubble/theme.php @@ -1,4 +1,22 @@ + */ + + $a->theme_info = array( 'extends' => 'testbubble', ); + + +$a->page['htmlhead'] .= <<< EOT + +EOT; diff --git a/view/theme/darkzero-NS/theme.php b/view/theme/darkzero-NS/theme.php index 521b1859e..2d3e4fd56 100755 --- a/view/theme/darkzero-NS/theme.php +++ b/view/theme/darkzero-NS/theme.php @@ -15,6 +15,8 @@ $a->page['htmlhead'] .= <<< EOT + //appsmenu + $('html').click(function() { + $('#nav-apps-link').removeClass('selected'); + document.getElementById( "nav-apps-menu" ).style.display = "none"; + }); + + $('#nav-apps-link').click(function(event){ + event.stopPropagation(); + }); + + + + $(document).ready(function() { + $("a.fancy-photo").fancybox(); // Select all links with lightbox class + $("a.fancy-album").fancybox(); +}); + + + + + EOT; diff --git a/view/theme/diabook/experimental b/view/theme/diabook/experimental deleted file mode 100755 index e69de29bb..000000000 diff --git a/view/theme/diabook/group_side.tpl b/view/theme/diabook/group_side.tpl new file mode 100755 index 000000000..af183d04d --- /dev/null +++ b/view/theme/diabook/group_side.tpl @@ -0,0 +1,29 @@ +
                          +
                          +

                          $title

                          + +
                          + + +
                          + diff --git a/view/theme/diabook/icons/isstar.png b/view/theme/diabook/icons/isstar.png deleted file mode 100644 index c955b25b5..000000000 Binary files a/view/theme/diabook/icons/isstar.png and /dev/null differ diff --git a/view/theme/diabook/icons/next.png b/view/theme/diabook/icons/next.png new file mode 100755 index 000000000..7b5e25b90 Binary files /dev/null and b/view/theme/diabook/icons/next.png differ diff --git a/view/theme/diabook/icons/prev.png b/view/theme/diabook/icons/prev.png new file mode 100755 index 000000000..55c1464ba Binary files /dev/null and b/view/theme/diabook/icons/prev.png differ diff --git a/view/theme/diabook/icons/toogle_off.png b/view/theme/diabook/icons/toogle_off.png old mode 100755 new mode 100644 index 99490bcd9..0fcce4d5a Binary files a/view/theme/diabook/icons/toogle_off.png and b/view/theme/diabook/icons/toogle_off.png differ diff --git a/view/theme/diabook/icons/toogle_on.png b/view/theme/diabook/icons/toogle_on.png old mode 100755 new mode 100644 index 81e8f9120..79ce07f0e Binary files a/view/theme/diabook/icons/toogle_on.png and b/view/theme/diabook/icons/toogle_on.png differ diff --git a/view/theme/diabook/icons/unglobe.png b/view/theme/diabook/icons/unglobe.png deleted file mode 100755 index aa9b0e189..000000000 Binary files a/view/theme/diabook/icons/unglobe.png and /dev/null differ diff --git a/view/theme/diabook/nav.tpl b/view/theme/diabook/nav.tpl index 8b32ebe6c..5776b6cf7 100644 --- a/view/theme/diabook/nav.tpl +++ b/view/theme/diabook/nav.tpl @@ -152,10 +152,6 @@
                        - - {# diff --git a/view/theme/diabook/photo_view.tpl b/view/theme/diabook/photo_view.tpl new file mode 100755 index 000000000..511fc73ac --- /dev/null +++ b/view/theme/diabook/photo_view.tpl @@ -0,0 +1,27 @@ +
                        +

                        $album.1

                        + + + +
                        + {{ if $prevlink }}{{ endif }} + + {{ if $nextlink }}{{ endif }} +
                        + +
                        +
                        $desc
                        +{{ if $tags }} +
                        $tags.0
                        +
                        $tags.1
                        +{{ endif }} +{{ if $tags.2 }}{{ endif }} + +{{ if $edit }}$edit{{ endif }} \ No newline at end of file diff --git a/view/theme/diabook/profile_side.tpl b/view/theme/diabook/profile_side.tpl new file mode 100644 index 000000000..01da55ce1 --- /dev/null +++ b/view/theme/diabook/profile_side.tpl @@ -0,0 +1,20 @@ + + + \ No newline at end of file diff --git a/view/theme/diabook/style.css b/view/theme/diabook/style.css index ad7119c2a..437f323fa 100644 --- a/view/theme/diabook/style.css +++ b/view/theme/diabook/style.css @@ -177,8 +177,8 @@ .icon.on { background-image: url("../../../view/theme/diabook/icons/toogle_on.png"); background-repeat: no-repeat;} .icon.off { background-image: url("../../../view/theme/diabook/icons/toogle_off.png"); background-repeat: no-repeat;} -.prev { background-position: -90px -60px;} -.next { background-position: -110px -60px;} +.icon.prev { background-image: url("../../../view/theme/diabook/icons/prev.png"); background-repeat: no-repeat;} +.icon.next { background-image: url("../../../view/theme/diabook/icons/next.png"); background-repeat: no-repeat;} /*.tagged { background-position: -130px -60px;}*/ .attachtype { @@ -247,7 +247,7 @@ background-image: url("../../../images/icons/10/edit.png"); } .icon.s10.star { - background-image: url("../../../images/icons/10/star.png"); + background-image: url("../../../images/star_dummy.png"); } .icon.s10.menu { background-image: url("../../../images/icons/10/menu.png"); @@ -285,7 +285,7 @@ background-image: url("../../../images/icons/16/edit.png"); }*/ .icon.s16.star { - background-image: url("../../../images/icons/16/star.png"); + background-image: url("../../../images/star_dummy.png"); } .icon.s16.menu { background-image: url("../../../images/icons/16/menu.png"); @@ -323,7 +323,7 @@ background-image: url("../../../images/icons/22/edit.png"); } .icon.s22.star { - background-image: url("../../../images/icons/22/star.png"); + background-image: url("../../../images/star_dummy.png"); } .icon.s22.menu { background-image: url("../../../images/icons/22/menu.png"); @@ -361,7 +361,7 @@ background-image: url("../../../images/icons/48/edit.png"); } .icon.s48.star { - background-image: url("../../../images/icons/48/star.png"); + background-image: url("../../../images/star_dummy.png"); } .icon.s48.menu { background-image: url("../../../images/icons/48/menu.png"); @@ -400,6 +400,7 @@ body { margin: 50px auto auto; display: table; } + h4 { font-size: 1.1em; } @@ -461,7 +462,7 @@ code { } #panel { position: absolute; - width: 10em; + width: 12em; background: #ffffff; color: #2d2d2d; margin: 0px; @@ -704,21 +705,17 @@ nav #nav-user-linkmenu nav #nav-user-linkmenu{ margin-right: 0px; } -nav #nav-home-link{ +nav #nav-home-link, #nav-directory-link, #nav-apps-link{ margin-left: 0px; + margin-right: 0px; font-weight: bold; + margin: 3px 5px; } nav #nav-directory-link{ - margin-left: 0px; - margin-right: 0px; - font-weight: bold; - margin: 3px 15px; + margin-right: 0px; } -nav #nav-apps-link{ - margin-left: 0px; - margin-right: 0px; - font-weight: bold; - margin: 3px 15px; +nav #nav-home-link{ + margin-left: 0px; } nav #nav-help-link .menu-popup, nav #nav-search-link .menu-popup, @@ -772,8 +769,6 @@ ul.menu-popup { margin: 0px; padding: 0px; list-style: none; - border: 1px solid #364e59; - border-top-color: transparent; z-index: 100000; -webkit-box-shadow: 0px 5px 10px rgba(0, 0, 0, 0.7); -moz-box-shadow: 0px 5px 10px rgba(0, 0, 0, 0.7); @@ -866,6 +861,43 @@ ul.menu-popup .empty { padding: 7px 7px 0px 0px; } +/*profile_side*/ +#profile_side { + margin-bottom: 30px; +} +#ps-usericon{ + height: 25px + } +#ps-username{ + font-size: 1.17em; + font-weight: bold; + vertical-align: top; + position: absolute; + padding-top: 4px; + padding-left: 5px; + color: #2D2D2D; + } +#ps-username:hover{ + text-decoration: none; + } +.menu-profile-side{ + list-style: none; + padding-left: 16px; + min-height: 16px; + } +.menu-profile-list{ + height: auto; + overflow: auto; + padding-top: 3px; + padding-bottom: 3px; + } +.menu-profile-list:hover{ + background: #EEE; + } +.menu-profile-list-item:hover{ + text-decoration: none; + } + /* aside */ aside { display: table-cell; @@ -876,6 +908,7 @@ aside { float: left; /* background: #F1F1F1; */ } + aside .vcard .fn { font-size: 18px; font-weight: bold; @@ -962,6 +995,10 @@ aside #side-peoplefind-url { widht: 55px; height: 55px; } +#lost-password-link { + float: left; + margin-right: 20px; + } /* widget */ .widget { margin-bottom: 2em; @@ -1036,6 +1073,13 @@ section { width: 800px; padding: 0px 0px 0px 12px; } + +body .pageheader{ + text-align: center; + margin-top: 25px; + font-size: 0px; + } + #id_username { width: 173px; } @@ -1046,13 +1090,13 @@ section { width: 173px; } #contact-edit-end { - } .pager { padding: 10px; text-align: center; font-size: 1.0em; - margin-top: 140%; + clear: both; + display: block; } .tabs { @@ -1858,7 +1902,6 @@ ul.tabs li .active { /* photo */ .lframe { float: left; - margin: 0px 10px 10px 0px; } /* profile match wrapper */ .profile-match-wrapper { @@ -1972,10 +2015,22 @@ box-shadow: 1px 1px 5px 0; } #prvmail-submit { - float: left; + float: right; margin-top: 10px; - margin-right: 30px; } +#prvmail-subject +{ +background: none repeat scroll 0 0 #FFFFFF; +border: 1px solid #CCCCCC; +border-radius: 5px 5px 5px 5px; +font-weight: bold; +height: 20px; +margin: 0 0 5px; +vertical-align: middle; +} +#prvmail-form{ + width: 597px; + } #prvmail-upload-wrapper, #prvmail-link-wrapper, #prvmail-rotator-wrapper { @@ -2163,14 +2218,25 @@ a.mail-list-link { padding: 10px; float: left; } +.lightbox{ + float: left; + } #photo-photo { float: left; } #photo-like-div .wall-item-like-buttons { - float: left; - margin-right: 10px; + float: left; + margin-right: 5px; + margin-top: 30px; } +.comment-edit-text-empty { + margin: 10px 0 0; + width: 85%; +} +.comment-edit-photo { + margin: 10px 0 0; +} .wall-item-like-buttons .icon.like { float: left; } @@ -2283,7 +2349,36 @@ float: left; color: #999999; } -.photo-top-image-wrapper { +#side-bar-photos-albums{ + margin-top: 15px; + } +.photo-top-photo, .photo-album-photo { + -webkit-border-radius: 5px 5px 0 0; + -moz-border-radius: 5px 5px 0 0; + border-radius: 5px 5px 0 0; +} +.photo-album-image-wrapper, .photo-top-image-wrapper { + float: left; + -moz-box-shadow: 0 0 5px #888; + -webkit-box-shadow: 0 0 5px #888; + box-shadow: 0 0 5px #888; + background-color: #EEE; + -webkit-border-radius: 5px; + -moz-border-radius: 5px; + border-radius: 5px; + padding-bottom: 20px; + position: relative; + margin: 0 10px 10px 0; +} +.photo-top-album-name { + position: absolute; + bottom: 0; + padding: 0 5px; +} +.photo-top-album-link{ + color: #1872A2; + } +/*.photo-top-image-wrapper { position: relative; float: left; margin-top: 15px; @@ -2299,7 +2394,7 @@ float: left; padding: 0px 3px; padding-top: 0.5em; background-color: rgb(255, 255, 255); -} +}*/ #photo-top-end { clear: both; } @@ -2312,5 +2407,4 @@ float: left; #photos-upload-newalbum-div { float: left; width: 175px; -} - +} \ No newline at end of file diff --git a/view/theme/diabook/theme.php b/view/theme/diabook/theme.php index 5a1828ad7..9093ac2ca 100755 --- a/view/theme/diabook/theme.php +++ b/view/theme/diabook/theme.php @@ -1,8 +1,8 @@ theme_info = array( 'extends' => 'diabook', ); +//profile_side + + + +$nav['usermenu']=array(); +$userinfo = null; + +if(local_user()) { + + + +$r = q("SELECT micro FROM contact WHERE uid=%d AND self=1", intval($a->user['uid'])); + +$userinfo = array( + 'icon' => (count($r) ? $r[0]['micro']: $a->get_baseurl()."/images/default-profile-mm.jpg"), + 'name' => $a->user['username'], + ); + +$ps['usermenu'][status] = Array('profile/' . $a->user['nickname'], t('Home'), "", t('Your posts and conversations')); +$ps['usermenu'][profile] = Array('profile/' . $a->user['nickname']. '?tab=profile', t('Profile'), "", t('Your profile page')); +$ps['usermenu'][photos] = Array('photos/' . $a->user['nickname'], t('Photos'), "", t('Your photos')); +$ps['usermenu'][events] = Array('events/', t('Events'), "", t('Your events')); +$ps['usermenu'][notes] = Array('notes/', t('Personal notes'), "", t('Your personal photos')); +$ps['usermenu'][community] = Array('community/', t('Community'), "", ""); + +if($is_url = preg_match ("/\bnetwork\b/i", $_SERVER['REQUEST_URI'])) { +$tpl = get_markup_template('profile_side.tpl'); + +$a->page['aside'] .= replace_macros($tpl, array( + '$userinfo' => $userinfo, + '$ps' => $ps, + )); +} +} + +//js scripts $a->page['htmlhead'] .= <<< EOT + + //appsmenu + $('html').click(function() { + $('#nav-apps-link').removeClass('selected'); + document.getElementById( "nav-apps-menu" ).style.display = "none"; + }); + + $('#nav-apps-link').click(function(event){ + event.stopPropagation(); + }); + + $(function() { + $('a.lightbox').fancybox(); // Select all links with lightbox class +}); + + + EOT; diff --git a/view/theme/dispy-dark/contact_template.tpl b/view/theme/dispy-dark/contact_template.tpl index fbf354b47..04968bd07 100644 --- a/view/theme/dispy-dark/contact_template.tpl +++ b/view/theme/dispy-dark/contact_template.tpl @@ -20,9 +20,11 @@
                        $contact.name
                        +{{ if $contact.alt_text }}
                        $contact.alt_text
                        {{ endif }}
                        Profile URL
                        $contact.network
                        + diff --git a/view/theme/dispy-dark/group_side.tpl b/view/theme/dispy-dark/group_side.tpl index 516d70d5b..10ecec2e8 100644 --- a/view/theme/dispy-dark/group_side.tpl +++ b/view/theme/dispy-dark/group_side.tpl @@ -1,5 +1,5 @@ -
                        -

                        $title

                        +
                        +

                        $title

                        +
                        $item.name diff --git a/view/theme/dispy/contact_template.tpl b/view/theme/dispy/contact_template.tpl index fbf354b47..04968bd07 100644 --- a/view/theme/dispy/contact_template.tpl +++ b/view/theme/dispy/contact_template.tpl @@ -20,9 +20,11 @@
                        $contact.name
                        +{{ if $contact.alt_text }}
                        $contact.alt_text
                        {{ endif }}
                        Profile URL
                        $contact.network
                        + diff --git a/view/theme/dispy/group_side.tpl b/view/theme/dispy/group_side.tpl index 516d70d5b..10ecec2e8 100644 --- a/view/theme/dispy/group_side.tpl +++ b/view/theme/dispy/group_side.tpl @@ -1,5 +1,5 @@ -
                        -

                        $title

                        +
                        +

                        $title

                        +
                        $item.name diff --git a/view/theme/duepuntozero/file.gif b/view/theme/duepuntozero/file.gif new file mode 100644 index 000000000..7885b998d Binary files /dev/null and b/view/theme/duepuntozero/file.gif differ diff --git a/view/theme/duepuntozero/style.css b/view/theme/duepuntozero/style.css index acd97eb94..b79b00ef4 100755 --- a/view/theme/duepuntozero/style.css +++ b/view/theme/duepuntozero/style.css @@ -309,7 +309,7 @@ div.wall-item-content-wrapper.shiny { margin-bottom: 10px; } -.group-selected, .nets-selected { +.group-selected, .nets-selected, .fileas-selected { padding: 3px; -moz-border-radius: 3px; border-radius: 3px; @@ -1024,6 +1024,10 @@ input#dfrn-url { float: left; } +.filer-item { + margin-left: 10px; + float: left; +} .wall-item-links-wrapper { float: left; @@ -1864,11 +1868,11 @@ a.mail-list-link { margin-top: 10px; } -.nets-ul { +.nets-ul, .fileas-ul { list-style-type: none; } -.nets-ul li { +.nets-ul li, .fileas-ul li { margin-top: 10px; } @@ -1879,6 +1883,14 @@ a.mail-list-link { margin-left: 42px; } +.fileas-link { + margin-left: 24px; +} + +.fileas-all { + margin-left: 0px; +} + #search-save { margin-left: 5px; } @@ -2603,12 +2615,12 @@ aside input[type='text'] { margin-top: 10px; } -.body-tag { +.body-tag, .filesavetags { opacity: 0.5; filter:alpha(opacity=50); } -.body-tag:hover { +.body-tag:hover, .filesavetags:hover { opacity: 1.0 !important; filter:alpha(opacity=100) !important; } @@ -2902,6 +2914,11 @@ aside input[type='text'] { .tagged { background-position: -48px -48px; } +.filer-icon { + display: block; width: 16px; height: 16px; + background-image: url('file.gif'); +} + .icon.dim { opacity: 0.3;filter:alpha(opacity=30); } .attachtype { diff --git a/view/theme/duepuntozero/theme.php b/view/theme/duepuntozero/theme.php index 7d919fedc..701fb1349 100755 --- a/view/theme/duepuntozero/theme.php +++ b/view/theme/duepuntozero/theme.php @@ -5,6 +5,8 @@ $a->page['htmlhead'] .= <<< EOT +EOT; diff --git a/view/theme/slackr/theme.php b/view/theme/slackr/theme.php index 5d63583f4..ceec4dd97 100755 --- a/view/theme/slackr/theme.php +++ b/view/theme/slackr/theme.php @@ -7,6 +7,8 @@ $a->page['htmlhead'] .= <<< EOT +EOT;