Merge remote-tracking branch 'upstream/develop' into network-page
This commit is contained in:
commit
c12075a005
9 changed files with 201 additions and 235 deletions
|
@ -44,6 +44,7 @@ Example: To set the directory value please add this line to your .htconfig.php:
|
|||
* **dlogfile - location of the developer log file
|
||||
* **event_input_format** - Default value is "ymd".
|
||||
* **frontend_worker_timeout** - Value in minutes after we think that a frontend task was killed by the webserver. Default value is 10.
|
||||
* **hsts** (Boolean) - Enables the sending of HTTP Strict Transport Security headers
|
||||
* **ignore_cache** (Boolean) - For development only. Disables the item cache.
|
||||
* **like_no_comment** (Boolean) - Don't update the "commented" value of an item when it is liked.
|
||||
* **local_block** (Boolean) - Used in conjunction with "block_public".
|
||||
|
|
|
@ -2233,7 +2233,7 @@ $called_api = null;
|
|||
|
||||
//don't send title to regular StatusNET requests to avoid confusing these apps
|
||||
if (x($_GET, 'getText')) {
|
||||
$ret['title'] = $item['title'] ;
|
||||
$ret['title'] = $item['title'];
|
||||
if ($_GET['getText'] == 'html') {
|
||||
$ret['text'] = bbcode($item['body'], false, false);
|
||||
} elseif ($_GET['getText'] == 'plain') {
|
||||
|
@ -2276,18 +2276,32 @@ $called_api = null;
|
|||
|
||||
$statushtml = trim(bbcode($body, false, false));
|
||||
|
||||
// Workaround for clients with limited HTML parser functionality
|
||||
$search = array("<br>", "<blockquote>", "</blockquote>",
|
||||
"<h1>", "</h1>", "<h2>", "</h2>",
|
||||
"<h3>", "</h3>", "<h4>", "</h4>",
|
||||
"<h5>", "</h5>", "<h6>", "</h6>");
|
||||
$replace = array("<br>\n", "\n<blockquote>", "</blockquote>\n",
|
||||
"\n<h1>", "</h1>\n", "\n<h2>", "</h2>\n",
|
||||
"\n<h3>", "</h3>\n", "\n<h4>", "</h4>\n",
|
||||
"\n<h5>", "</h5>\n", "\n<h6>", "</h6>\n");
|
||||
$replace = array("<br>", "<br><blockquote>", "</blockquote><br>",
|
||||
"<br><h1>", "</h1><br>", "<br><h2>", "</h2><br>",
|
||||
"<br><h3>", "</h3><br>", "<br><h4>", "</h4><br>",
|
||||
"<br><h5>", "</h5><br>", "<br><h6>", "</h6><br>");
|
||||
$statushtml = str_replace($search, $replace, $statushtml);
|
||||
|
||||
if ($item['title'] != "") {
|
||||
$statushtml = "<h4>" . bbcode($item['title']) . "</h4>\n" . $statushtml;
|
||||
$statushtml = "<br><h4>" . bbcode($item['title']) . "</h4><br>" . $statushtml;
|
||||
}
|
||||
|
||||
do {
|
||||
$oldtext = $statushtml;
|
||||
$statushtml = str_replace("<br><br>", "<br>", $statushtml);
|
||||
} while ($oldtext != $statushtml);
|
||||
|
||||
if (substr($statushtml, 0, 4) == '<br>') {
|
||||
$statushtml = substr($statushtml, 4);
|
||||
}
|
||||
|
||||
if (substr($statushtml, 0, -4) == '<br>') {
|
||||
$statushtml = substr($statushtml, -4);
|
||||
}
|
||||
|
||||
// feeds without body should contain the link
|
||||
|
|
|
@ -987,7 +987,8 @@ function bbcode($Text, $preserve_nl = false, $tryoembed = true, $simplehtml = fa
|
|||
|
||||
// Server independent link to posts and comments
|
||||
// See issue: https://github.com/diaspora/diaspora_federation/issues/75
|
||||
$Text = preg_replace("=diaspora://(.*?)/([^\s\]]*)=ism", System::baseUrl()."/display/$2", $Text);
|
||||
$expression = "=diaspora://.*?/post/([0-9A-Za-z\-_@.:]{15,254}[0-9A-Za-z])=ism";
|
||||
$Text = preg_replace($expression, System::baseUrl()."/display/$1", $Text);
|
||||
|
||||
// if the HTML is used to generate plain text, then don't do this search, but replace all URL of that kind to text
|
||||
// if ($simplehtml != 7) {
|
||||
|
|
309
include/dba.php
309
include/dba.php
|
@ -214,171 +214,32 @@ class dba {
|
|||
}
|
||||
}
|
||||
|
||||
public function q($sql, $onlyquery = false) {
|
||||
$a = get_app();
|
||||
/**
|
||||
* @brief execute SQL query - deprecated
|
||||
*
|
||||
* Please use the dba:: functions instead:
|
||||
* dba::select, dba::exists, dba::insert
|
||||
* dba::delete, dba::update, dba::p, dba::e
|
||||
*
|
||||
* @param string $sql SQL query
|
||||
* @return array Query array
|
||||
*/
|
||||
public function q($sql) {
|
||||
$ret = self::p($sql);
|
||||
|
||||
if (!$this->db || !$this->connected) {
|
||||
return false;
|
||||
if (is_bool($ret)) {
|
||||
return $ret;
|
||||
}
|
||||
|
||||
$this->error = '';
|
||||
$columns = self::columnCount($ret);
|
||||
|
||||
$connstr = ($this->connected() ? "Connected" : "Disonnected");
|
||||
$data = self::inArray($ret);
|
||||
|
||||
$stamp1 = microtime(true);
|
||||
|
||||
$orig_sql = $sql;
|
||||
|
||||
if (x($a->config,'system') && x($a->config['system'], 'db_callstack')) {
|
||||
$sql = "/*".System::callstack()." */ ".$sql;
|
||||
}
|
||||
|
||||
$columns = 0;
|
||||
|
||||
switch ($this->driver) {
|
||||
case 'pdo':
|
||||
$result = @$this->db->query($sql);
|
||||
// Is used to separate between queries that returning data - or not
|
||||
if (!is_bool($result)) {
|
||||
$columns = $result->columnCount();
|
||||
}
|
||||
break;
|
||||
case 'mysqli':
|
||||
$result = @$this->db->query($sql);
|
||||
break;
|
||||
case 'mysql':
|
||||
$result = @mysql_query($sql,$this->db);
|
||||
break;
|
||||
}
|
||||
$stamp2 = microtime(true);
|
||||
$duration = (float)($stamp2 - $stamp1);
|
||||
|
||||
$a->save_timestamp($stamp1, "database");
|
||||
|
||||
if (strtolower(substr($orig_sql, 0, 6)) != "select") {
|
||||
$a->save_timestamp($stamp1, "database_write");
|
||||
}
|
||||
if (x($a->config,'system') && x($a->config['system'],'db_log')) {
|
||||
if (($duration > $a->config["system"]["db_loglimit"])) {
|
||||
$duration = round($duration, 3);
|
||||
$backtrace = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS);
|
||||
@file_put_contents($a->config["system"]["db_log"], datetime_convert()."\t".$duration."\t".
|
||||
basename($backtrace[1]["file"])."\t".
|
||||
$backtrace[1]["line"]."\t".$backtrace[2]["function"]."\t".
|
||||
substr($sql, 0, 2000)."\n", FILE_APPEND);
|
||||
}
|
||||
}
|
||||
|
||||
switch ($this->driver) {
|
||||
case 'pdo':
|
||||
$errorInfo = $this->db->errorInfo();
|
||||
if ($errorInfo) {
|
||||
$this->error = $errorInfo[2];
|
||||
$this->errorno = $errorInfo[1];
|
||||
}
|
||||
break;
|
||||
case 'mysqli':
|
||||
if ($this->db->errno) {
|
||||
$this->error = $this->db->error;
|
||||
$this->errorno = $this->db->errno;
|
||||
}
|
||||
break;
|
||||
case 'mysql':
|
||||
if (mysql_errno($this->db)) {
|
||||
$this->error = mysql_error($this->db);
|
||||
$this->errorno = mysql_errno($this->db);
|
||||
}
|
||||
break;
|
||||
}
|
||||
if (strlen($this->error)) {
|
||||
logger('DB Error ('.$connstr.') '.$this->errorno.': '.$this->error);
|
||||
}
|
||||
|
||||
if ($this->debug) {
|
||||
|
||||
$mesg = '';
|
||||
|
||||
if ($result === false) {
|
||||
$mesg = 'false';
|
||||
} elseif ($result === true) {
|
||||
$mesg = 'true';
|
||||
} else {
|
||||
switch ($this->driver) {
|
||||
case 'pdo':
|
||||
$mesg = $result->rowCount().' results'.EOL;
|
||||
break;
|
||||
case 'mysqli':
|
||||
$mesg = $result->num_rows.' results'.EOL;
|
||||
break;
|
||||
case 'mysql':
|
||||
$mesg = mysql_num_rows($result).' results'.EOL;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
$str = 'SQL = ' . printable($sql) . EOL . 'SQL returned ' . $mesg
|
||||
. (($this->error) ? ' error: ' . $this->error : '')
|
||||
. EOL;
|
||||
|
||||
logger('dba: ' . $str );
|
||||
}
|
||||
|
||||
/**
|
||||
* If dbfail.out exists, we will write any failed calls directly to it,
|
||||
* regardless of any logging that may or may nor be in effect.
|
||||
* These usually indicate SQL syntax errors that need to be resolved.
|
||||
*/
|
||||
|
||||
if ($result === false) {
|
||||
logger('dba: ' . printable($sql) . ' returned false.' . "\n" . $this->error);
|
||||
if (file_exists('dbfail.out')) {
|
||||
file_put_contents('dbfail.out', datetime_convert() . "\n" . printable($sql) . ' returned false' . "\n" . $this->error . "\n", FILE_APPEND);
|
||||
}
|
||||
}
|
||||
|
||||
if (is_bool($result)) {
|
||||
return $result;
|
||||
}
|
||||
if ($onlyquery) {
|
||||
$this->result = $result;
|
||||
if ((count($data) == 0) && ($columns == 0)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
$r = array();
|
||||
switch ($this->driver) {
|
||||
case 'pdo':
|
||||
while ($x = $result->fetch(PDO::FETCH_ASSOC)) {
|
||||
$r[] = $x;
|
||||
}
|
||||
$result->closeCursor();
|
||||
break;
|
||||
case 'mysqli':
|
||||
while ($x = $result->fetch_array(MYSQLI_ASSOC)) {
|
||||
$r[] = $x;
|
||||
}
|
||||
$result->free_result();
|
||||
break;
|
||||
case 'mysql':
|
||||
while ($x = mysql_fetch_array($result, MYSQL_ASSOC)) {
|
||||
$r[] = $x;
|
||||
}
|
||||
mysql_free_result($result);
|
||||
break;
|
||||
}
|
||||
|
||||
// PDO doesn't return "true" on successful operations - like mysqli does
|
||||
// Emulate this behaviour by checking if the query returned data and had columns
|
||||
// This should be reliable enough
|
||||
if (($this->driver == 'pdo') && (count($r) == 0) && ($columns == 0)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
//$a->save_timestamp($stamp1, "database");
|
||||
|
||||
if ($this->debug) {
|
||||
logger('dba: ' . printable(print_r($r, true)));
|
||||
}
|
||||
return($r);
|
||||
return $data;
|
||||
}
|
||||
|
||||
public function dbg($dbg) {
|
||||
|
@ -515,6 +376,10 @@ class dba {
|
|||
/**
|
||||
* @brief Executes a prepared statement that returns data
|
||||
* @usage Example: $r = p("SELECT * FROM `item` WHERE `guid` = ?", $guid);
|
||||
*
|
||||
* Please only use it with complicated queries.
|
||||
* For all regular queries please use dba::select or dba::exists
|
||||
*
|
||||
* @param string $sql SQL statement
|
||||
* @return object statement object
|
||||
*/
|
||||
|
@ -540,7 +405,7 @@ class dba {
|
|||
return false;
|
||||
}
|
||||
|
||||
if (substr_count($sql, '?') != count($args)) {
|
||||
if ((substr_count($sql, '?') != count($args)) && (count($args) > 0)) {
|
||||
// Question: Should we continue or stop the query here?
|
||||
logger('Parameter mismatch. Query "'.$sql.'" - Parameters '.print_r($args, true), LOGGER_DEBUG);
|
||||
}
|
||||
|
@ -572,6 +437,19 @@ class dba {
|
|||
|
||||
switch (self::$dbo->driver) {
|
||||
case 'pdo':
|
||||
// If there are no arguments we use "query"
|
||||
if (count($args) == 0) {
|
||||
if (!$retval = self::$dbo->db->query($sql)) {
|
||||
$errorInfo = self::$dbo->db->errorInfo();
|
||||
self::$dbo->error = $errorInfo[2];
|
||||
self::$dbo->errorno = $errorInfo[1];
|
||||
$retval = false;
|
||||
break;
|
||||
}
|
||||
self::$dbo->affected_rows = $retval->rowCount();
|
||||
break;
|
||||
}
|
||||
|
||||
if (!$stmt = self::$dbo->db->prepare($sql)) {
|
||||
$errorInfo = self::$dbo->db->errorInfo();
|
||||
self::$dbo->error = $errorInfo[2];
|
||||
|
@ -600,8 +478,8 @@ class dba {
|
|||
$command = strtolower($parts[0]);
|
||||
$can_be_prepared = in_array($command, array('select', 'update', 'insert', 'delete'));
|
||||
|
||||
// The fallback routine currently only works with statements that doesn't return values
|
||||
if (!$can_be_prepared && $called_from_e) {
|
||||
// The fallback routine is called as well when there are no arguments
|
||||
if (!$can_be_prepared || (count($args) == 0)) {
|
||||
$retval = self::$dbo->db->query(self::replace_parameters($sql, $args));
|
||||
if (self::$dbo->db->errno) {
|
||||
self::$dbo->error = self::$dbo->db->error;
|
||||
|
@ -710,6 +588,8 @@ class dba {
|
|||
/**
|
||||
* @brief Executes a prepared statement like UPDATE or INSERT that doesn't return data
|
||||
*
|
||||
* Please use dba::delete, dba::insert, dba::update, ... instead
|
||||
*
|
||||
* @param string $sql SQL statement
|
||||
* @return boolean Was the query successfull? False is returned only if an error occurred
|
||||
*/
|
||||
|
@ -792,6 +672,8 @@ class dba {
|
|||
/**
|
||||
* @brief Fetches the first row
|
||||
*
|
||||
* Please use dba::select or dba::exists whenever this is possible.
|
||||
*
|
||||
* @param string $sql SQL statement
|
||||
* @return array first row of query
|
||||
*/
|
||||
|
@ -820,6 +702,26 @@ class dba {
|
|||
return self::$dbo->affected_rows;
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief Returns the number of columns of a statement
|
||||
*
|
||||
* @param object Statement object
|
||||
* @return int Number of columns
|
||||
*/
|
||||
public static function columnCount($stmt) {
|
||||
if (!is_object($stmt)) {
|
||||
return 0;
|
||||
}
|
||||
switch (self::$dbo->driver) {
|
||||
case 'pdo':
|
||||
return $stmt->columnCount();
|
||||
case 'mysqli':
|
||||
return $stmt->field_count;
|
||||
case 'mysql':
|
||||
return mysql_affected_rows($stmt);
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
/**
|
||||
* @brief Returns the number of rows of a statement
|
||||
*
|
||||
|
@ -856,6 +758,10 @@ class dba {
|
|||
case 'pdo':
|
||||
return $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
case 'mysqli':
|
||||
if (get_class($stmt) == 'mysqli_result') {
|
||||
return $stmt->fetch_assoc();
|
||||
}
|
||||
|
||||
// This code works, but is slow
|
||||
|
||||
// Bind the result to a result array
|
||||
|
@ -1019,13 +925,13 @@ class dba {
|
|||
$definition = db_definition();
|
||||
|
||||
foreach ($definition AS $table => $structure) {
|
||||
foreach ($structure['fields'] AS $field => $field_struct) {
|
||||
if (isset($field_struct['relation'])) {
|
||||
foreach ($field_struct['relation'] AS $rel_table => $rel_field) {
|
||||
self::$relation[$rel_table][$rel_field][$table][] = $field;
|
||||
}
|
||||
}
|
||||
}
|
||||
foreach ($structure['fields'] AS $field => $field_struct) {
|
||||
if (isset($field_struct['relation'])) {
|
||||
foreach ($field_struct['relation'] AS $rel_table => $rel_field) {
|
||||
self::$relation[$rel_table][$rel_field][$table][] = $field;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -1271,7 +1177,11 @@ class dba {
|
|||
* Example:
|
||||
* $table = "item";
|
||||
* $fields = array("id", "uri", "uid", "network");
|
||||
*
|
||||
* $condition = array("uid" => 1, "network" => 'dspr');
|
||||
* or:
|
||||
* $condition = array("`uid` = ? AND `network` IN (?, ?)", 1, 'dfrn', 'dspr');
|
||||
*
|
||||
* $params = array("order" => array("id", "received" => true), "limit" => 1);
|
||||
*
|
||||
* $data = dba::select($table, $fields, $condition, $params);
|
||||
|
@ -1409,43 +1319,54 @@ function dbesc($str) {
|
|||
}
|
||||
}
|
||||
|
||||
// Function: q($sql,$args);
|
||||
// Description: execute SQL query with printf style args.
|
||||
// Example: $r = q("SELECT * FROM `%s` WHERE `uid` = %d",
|
||||
// 'user', 1);
|
||||
/**
|
||||
* @brief execute SQL query with printf style args - deprecated
|
||||
*
|
||||
* Please use the dba:: functions instead:
|
||||
* dba::select, dba::exists, dba::insert
|
||||
* dba::delete, dba::update, dba::p, dba::e
|
||||
*
|
||||
* @param $args Query parameters (1 to N parameters of different types)
|
||||
* @return array Query array
|
||||
*/
|
||||
function q($sql) {
|
||||
global $db;
|
||||
|
||||
$args = func_get_args();
|
||||
unset($args[0]);
|
||||
|
||||
if ($db && $db->connected) {
|
||||
$sql = $db->clean_query($sql);
|
||||
$sql = $db->any_value_fallback($sql);
|
||||
$stmt = @vsprintf($sql,$args); // Disabled warnings
|
||||
//logger("dba: q: $stmt", LOGGER_ALL);
|
||||
if ($stmt === false)
|
||||
logger('dba: vsprintf error: ' . print_r(debug_backtrace(),true), LOGGER_DEBUG);
|
||||
|
||||
$db->log_index($stmt);
|
||||
|
||||
return $db->q($stmt);
|
||||
if (!$db || !$db->connected) {
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* This will happen occasionally trying to store the
|
||||
* session data after abnormal program termination
|
||||
*
|
||||
*/
|
||||
logger('dba: no database: ' . print_r($args,true));
|
||||
return false;
|
||||
$sql = $db->clean_query($sql);
|
||||
$sql = $db->any_value_fallback($sql);
|
||||
|
||||
$stmt = @vsprintf($sql, $args);
|
||||
|
||||
$ret = dba::p($stmt);
|
||||
|
||||
if (is_bool($ret)) {
|
||||
return $ret;
|
||||
}
|
||||
|
||||
$columns = dba::columnCount($ret);
|
||||
|
||||
$data = dba::inArray($ret);
|
||||
|
||||
if ((count($data) == 0) && ($columns == 0)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return $data;
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief Performs a query with "dirty reads"
|
||||
* @brief Performs a query with "dirty reads" - deprecated
|
||||
*
|
||||
* By doing dirty reads (reading uncommitted data) no locks are performed
|
||||
* This function can be used to fetch data that doesn't need to be reliable.
|
||||
* Please use the dba:: functions instead:
|
||||
* dba::select, dba::exists, dba::insert
|
||||
* dba::delete, dba::update, dba::p, dba::e
|
||||
*
|
||||
* @param $args Query parameters (1 to N parameters of different types)
|
||||
* @return array Query array
|
||||
|
@ -1465,9 +1386,7 @@ function qu($sql) {
|
|||
|
||||
$db->log_index($stmt);
|
||||
|
||||
$db->q("SET SESSION TRANSACTION ISOLATION LEVEL READ UNCOMMITTED;");
|
||||
$retval = $db->q($stmt);
|
||||
$db->q("SET SESSION TRANSACTION ISOLATION LEVEL REPEATABLE READ;");
|
||||
return $retval;
|
||||
}
|
||||
|
||||
|
|
|
@ -31,7 +31,7 @@ function convert_to_innodb() {
|
|||
$sql = sprintf("ALTER TABLE `%s` engine=InnoDB;", dbesc($table['TABLE_NAME']));
|
||||
echo $sql."\n";
|
||||
|
||||
$result = $db->q($sql);
|
||||
$result = dba::e($sql);
|
||||
if (!dbm::is_result($result)) {
|
||||
print_update_error($db, $sql);
|
||||
}
|
||||
|
@ -442,9 +442,9 @@ function update_structure($verbose, $action, $tables=null, $definition=null) {
|
|||
// Ensure index conversion to unique removes duplicates
|
||||
if ($is_unique) {
|
||||
if ($ignore != "") {
|
||||
$db->q("SET session old_alter_table=1;");
|
||||
dba::e("SET session old_alter_table=1;");
|
||||
} else {
|
||||
$r = $db->q("CREATE TABLE `".$temp_name."` LIKE `".$name."`;");
|
||||
$r = dba::e("CREATE TABLE `".$temp_name."` LIKE `".$name."`;");
|
||||
if (!dbm::is_result($r)) {
|
||||
$errors .= print_update_error($db, $sql3);
|
||||
return $errors;
|
||||
|
@ -452,25 +452,25 @@ function update_structure($verbose, $action, $tables=null, $definition=null) {
|
|||
}
|
||||
}
|
||||
|
||||
$r = @$db->q($sql3);
|
||||
$r = @dba::e($sql3);
|
||||
if (!dbm::is_result($r)) {
|
||||
$errors .= print_update_error($db, $sql3);
|
||||
}
|
||||
if ($is_unique) {
|
||||
if ($ignore != "") {
|
||||
$db->q("SET session old_alter_table=0;");
|
||||
dba::e("SET session old_alter_table=0;");
|
||||
} else {
|
||||
$r = $db->q("INSERT INTO `".$temp_name."` SELECT ".$field_list." FROM `".$name."`".$group_by.";");
|
||||
$r = dba::e("INSERT INTO `".$temp_name."` SELECT ".$field_list." FROM `".$name."`".$group_by.";");
|
||||
if (!dbm::is_result($r)) {
|
||||
$errors .= print_update_error($db, $sql3);
|
||||
return $errors;
|
||||
}
|
||||
$r = $db->q("DROP TABLE `".$name."`;");
|
||||
$r = dba::e("DROP TABLE `".$name."`;");
|
||||
if (!dbm::is_result($r)) {
|
||||
$errors .= print_update_error($db, $sql3);
|
||||
return $errors;
|
||||
}
|
||||
$r = $db->q("RENAME TABLE `".$temp_name."` TO `".$name."`;");
|
||||
$r = dba::e("RENAME TABLE `".$temp_name."` TO `".$name."`;");
|
||||
if (!dbm::is_result($r)) {
|
||||
$errors .= print_update_error($db, $sql3);
|
||||
return $errors;
|
||||
|
@ -551,7 +551,7 @@ function db_create_table($name, $fields, $verbose, $action, $indexes=null) {
|
|||
echo $sql.";\n";
|
||||
|
||||
if ($action)
|
||||
$r = @$db->q($sql);
|
||||
$r = @dba::e($sql);
|
||||
|
||||
return $r;
|
||||
}
|
||||
|
|
|
@ -373,7 +373,7 @@ class ostatus {
|
|||
$item["verb"] = $xpath->query('activity:verb/text()', $entry)->item(0)->nodeValue;
|
||||
|
||||
/// Delete a message
|
||||
if ($item["verb"] == "qvitter-delete-notice" || $item["verb"] == ACTIVITY_DELETE) {
|
||||
if (in_array($item["verb"], array('qvitter-delete-notice', ACTIVITY_DELETE, 'delete'))) {
|
||||
// ignore "Delete" messages (by now)
|
||||
logger("Ignore delete message ".print_r($item, true));
|
||||
continue;
|
||||
|
@ -411,6 +411,8 @@ class ostatus {
|
|||
}
|
||||
|
||||
// http://activitystrea.ms/schema/1.0/rsvp-yes
|
||||
// http://activitystrea.ms/schema/1.0/unfavorite
|
||||
// http://mastodon.social/schema/1.0/block
|
||||
if (!in_array($item["verb"], array(ACTIVITY_POST, ACTIVITY_LIKE, ACTIVITY_SHARE))) {
|
||||
logger("Unhandled verb ".$item["verb"]." ".print_r($item, true));
|
||||
}
|
||||
|
@ -418,27 +420,26 @@ class ostatus {
|
|||
self::processPost($xpath, $entry, $item, $importer);
|
||||
|
||||
if ($initialize && (count(self::$itemlist) > 0)) {
|
||||
// We will import it everytime, when it is started by our contacts
|
||||
$valid = !empty(self::$itemlist[0]['contact-id']);
|
||||
if (!$valid) {
|
||||
// If not, then it depends on this setting
|
||||
$valid = !Config::get('system','ostatus_full_threads');
|
||||
}
|
||||
|
||||
if ($valid) {
|
||||
// But we will only import complete threads
|
||||
$valid = self::$itemlist[0]['uri'] == self::$itemlist[0]['parent-uri'];
|
||||
}
|
||||
|
||||
if ($valid) {
|
||||
// Never post a thread when the only interaction by our contact was a like
|
||||
$valid = false;
|
||||
$verbs = array(ACTIVITY_POST, ACTIVITY_SHARE);
|
||||
foreach (self::$itemlist AS $item) {
|
||||
if (!empty($item['contact-id']) && in_array($item['verb'], $verbs)) {
|
||||
$valid = true;
|
||||
if (self::$itemlist[0]['uri'] == self::$itemlist[0]['parent-uri']) {
|
||||
// We will import it everytime, when it is started by our contacts
|
||||
$valid = !empty(self::$itemlist[0]['contact-id']);
|
||||
if (!$valid) {
|
||||
// If not, then it depends on this setting
|
||||
$valid = !Config::get('system','ostatus_full_threads');
|
||||
}
|
||||
if ($valid) {
|
||||
// Never post a thread when the only interaction by our contact was a like
|
||||
$valid = false;
|
||||
$verbs = array(ACTIVITY_POST, ACTIVITY_SHARE);
|
||||
foreach (self::$itemlist AS $item) {
|
||||
if (!empty($item['contact-id']) && in_array($item['verb'], $verbs)) {
|
||||
$valid = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
} else {
|
||||
// But we will only import complete threads
|
||||
$valid = dba::exists('item', array('uid' => $importer["uid"], 'uri' => self::$itemlist[0]['parent-uri']));
|
||||
}
|
||||
|
||||
if ($valid) {
|
||||
|
@ -477,6 +478,12 @@ class ostatus {
|
|||
*/
|
||||
private static function processPost($xpath, $entry, &$item, $importer) {
|
||||
$item["uri"] = $xpath->query('atom:id/text()', $entry)->item(0)->nodeValue;
|
||||
|
||||
if (dba::exists('item', array('uid' => $importer["uid"], 'uri' => $item["uri"]))) {
|
||||
logger('Post with URI '.$item["uri"].' already existed for user '.$importer["uid"].'.');
|
||||
return;
|
||||
}
|
||||
|
||||
$item["body"] = html2bbcode($xpath->query('atom:content/text()', $entry)->item(0)->nodeValue);
|
||||
$item["object-type"] = $xpath->query('activity:object-type/text()', $entry)->item(0)->nodeValue;
|
||||
if (($item["object-type"] == ACTIVITY_OBJ_BOOKMARK) || ($item["object-type"] == ACTIVITY_OBJ_EVENT)) {
|
||||
|
@ -591,7 +598,12 @@ class ostatus {
|
|||
}
|
||||
|
||||
if (isset($item["parent-uri"]) && ($related != '')) {
|
||||
self::fetchRelated($related, $item["parent-uri"], $importer);
|
||||
if (!dba::exists('item', array('uid' => $importer["uid"], 'uri' => $item['parent-uri']))) {
|
||||
self::fetchRelated($related, $item["parent-uri"], $importer);
|
||||
} else {
|
||||
logger('Reply with URI '.$item["uri"].' already existed for user '.$importer["uid"].'.');
|
||||
}
|
||||
|
||||
$item["type"] = 'remote-comment';
|
||||
$item["gravity"] = GRAVITY_COMMENT;
|
||||
} else {
|
||||
|
|
|
@ -2,6 +2,8 @@
|
|||
// Session management functions. These provide database storage of PHP
|
||||
// session info.
|
||||
|
||||
use Friendica\Core\Config;
|
||||
|
||||
require_once('include/cache.php');
|
||||
|
||||
$session_exists = 0;
|
||||
|
@ -114,6 +116,10 @@ ini_set('session.gc_probability', $gc_probability);
|
|||
ini_set('session.use_only_cookies', 1);
|
||||
ini_set('session.cookie_httponly', 1);
|
||||
|
||||
if (Config::get('system', 'ssl_policy') == SSL_POLICY_FULL) {
|
||||
ini_set('session.cookie_secure', 1);
|
||||
}
|
||||
|
||||
if (!get_config('system', 'disable_database_session')) {
|
||||
session_set_save_handler('ref_session_open', 'ref_session_close',
|
||||
'ref_session_read', 'ref_session_write',
|
||||
|
|
13
index.php
13
index.php
|
@ -489,6 +489,19 @@ $profile = $a->profile;
|
|||
header("X-Friendica-Version: " . FRIENDICA_VERSION);
|
||||
header("Content-type: text/html; charset=utf-8");
|
||||
|
||||
if (Config::get('system', 'hsts') && (Config::get('system', 'ssl_policy') == SSL_POLICY_FULL)) {
|
||||
header("Strict-Transport-Security: max-age=31536000");
|
||||
}
|
||||
|
||||
// Some security stuff
|
||||
header('X-Content-Type-Options: nosniff');
|
||||
header('X-XSS-Protection: 1; mode=block');
|
||||
header('X-Permitted-Cross-Domain-Policies: none');
|
||||
header('X-Frame-Options: sameorigin');
|
||||
|
||||
// Things like embedded OSM maps don't work, when this is enabled
|
||||
// header("Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; img-src 'self' https: data:; media-src 'self' https:; child-src 'self' https:; object-src 'none'");
|
||||
|
||||
/*
|
||||
* We use $_GET["mode"] for special page templates. So we will check if we have
|
||||
* to load another page template than the default one.
|
||||
|
|
|
@ -71,7 +71,7 @@ function directory_content(App $a) {
|
|||
$publish = ((get_config('system','publish_all')) ? '' : " AND `publish` = 1 " );
|
||||
|
||||
|
||||
$r = $db->q("SELECT COUNT(*) AS `total` FROM `profile`
|
||||
$r = q("SELECT COUNT(*) AS `total` FROM `profile`
|
||||
LEFT JOIN `user` ON `user`.`uid` = `profile`.`uid`
|
||||
WHERE `is-default` = 1 $publish AND `user`.`blocked` = 0 $sql_extra ");
|
||||
if (dbm::is_result($r))
|
||||
|
@ -81,11 +81,11 @@ function directory_content(App $a) {
|
|||
|
||||
$limit = intval($a->pager['start']).",".intval($a->pager['itemspage']);
|
||||
|
||||
$r = $db->q("SELECT `profile`.*, `profile`.`uid` AS `profile_uid`, `user`.`nickname`, `user`.`timezone` , `user`.`page-flags`,
|
||||
$r = q("SELECT `profile`.*, `profile`.`uid` AS `profile_uid`, `user`.`nickname`, `user`.`timezone` , `user`.`page-flags`,
|
||||
`contact`.`addr`, `contact`.`url` AS profile_url FROM `profile`
|
||||
LEFT JOIN `user` ON `user`.`uid` = `profile`.`uid`
|
||||
LEFT JOIN `contact` ON `contact`.`uid` = `user`.`uid`
|
||||
WHERE `is-default` = 1 $publish AND `user`.`blocked` = 0 AND `contact`.`self` $sql_extra $order LIMIT ".$limit);
|
||||
WHERE `is-default` $publish AND `user`.`blocked` = 0 AND `contact`.`self` $sql_extra $order LIMIT ".$limit);
|
||||
if (dbm::is_result($r)) {
|
||||
|
||||
if (in_array('small', $a->argv)) {
|
||||
|
|
Loading…
Reference in a new issue