Merge branch 'master' of https://github.com/friendica/friendica
Conflicts: include/config.php update.php
This commit is contained in:
Alexander Kampmann
commit
355c42cb30
1809 changed files with 48790 additions and 7152 deletions
67
include/items.php
Executable file → Normal file
67
include/items.php
Executable file → Normal file
|
|
@ -7,14 +7,11 @@ require_once('include/crypto.php');
|
|||
|
||||
function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0) {
|
||||
|
||||
// default permissions - anonymous user
|
||||
|
||||
if(! strlen($owner_nick))
|
||||
killme();
|
||||
|
||||
$sitefeed = ((strlen($owner_nick)) ? false : true); // not yet implemented, need to rewrite huge chunks of following logic
|
||||
$public_feed = (($dfrn_id) ? false : true);
|
||||
$starred = false;
|
||||
$converse = false;
|
||||
$starred = false; // not yet implemented, possible security issues
|
||||
$converse = false;
|
||||
|
||||
if($public_feed && $a->argc > 2) {
|
||||
for($x = 2; $x < $a->argc; $x++) {
|
||||
|
|
@ -25,6 +22,7 @@ function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0)
|
|||
}
|
||||
}
|
||||
|
||||
// default permissions - anonymous user
|
||||
|
||||
$sql_extra = " AND `allow_cid` = '' AND `allow_gid` = '' AND `deny_cid` = '' AND `deny_gid` = '' ";
|
||||
|
||||
|
|
@ -418,7 +416,7 @@ function get_atom_elements($feed,$item) {
|
|||
// the wild, by sanitising it and converting supported tags to bbcode before we rip out any remaining
|
||||
// html.
|
||||
|
||||
if((strpos($res['body'],'<') !== false) || (strpos($res['body'],'>') !== false)) {
|
||||
if((strpos($res['body'],'<') !== false) && (strpos($res['body'],'>') !== false)) {
|
||||
|
||||
$res['body'] = reltoabs($res['body'],$base_url);
|
||||
|
||||
|
|
@ -431,13 +429,21 @@ function get_atom_elements($feed,$item) {
|
|||
|
||||
// we shouldn't need a whitelist, because the bbcode converter
|
||||
// will strip out any unsupported tags.
|
||||
// $config->set('HTML.Allowed', 'p,b,a[href],i');
|
||||
|
||||
$purifier = new HTMLPurifier($config);
|
||||
$res['body'] = $purifier->purify($res['body']);
|
||||
|
||||
$res['body'] = html2bbcode($res['body']);
|
||||
$res['body'] = @html2bbcode($res['body']);
|
||||
}
|
||||
elseif(! $have_real_body) {
|
||||
|
||||
// it's not one of our messages and it has no tags
|
||||
// so it's probably just text. We'll escape it just to be safe.
|
||||
|
||||
$res['body'] = escape_tags($res['body']);
|
||||
}
|
||||
|
||||
// this tag is obsolete but we keep it for really old sites
|
||||
|
||||
$allow = $item->get_item_tags(NAMESPACE_DFRN,'comment-allow');
|
||||
if($allow && $allow[0]['data'] == 1)
|
||||
|
|
@ -1092,12 +1098,23 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) {
|
|||
$postvars = array();
|
||||
$sent_dfrn_id = hex2bin((string) $res->dfrn_id);
|
||||
$challenge = hex2bin((string) $res->challenge);
|
||||
$perm = (($res->perm) ? $res->perm : null);
|
||||
$dfrn_version = (float) (($res->dfrn_version) ? $res->dfrn_version : 2.0);
|
||||
$rino_allowed = ((intval($res->rino) === 1) ? 1 : 0);
|
||||
$page = (($owner['page-flags'] == PAGE_COMMUNITY) ? 1 : 0);
|
||||
|
||||
$final_dfrn_id = '';
|
||||
|
||||
if($perm) {
|
||||
if((($perm == 'rw') && (! intval($contact['writable'])))
|
||||
|| (($perm == 'r') && (intval($contact['writable'])))) {
|
||||
q("update contact set writable = %d where id = %d limit 1",
|
||||
intval(($perm == 'rw') ? 1 : 0),
|
||||
intval($contact['id'])
|
||||
);
|
||||
$contact['writable'] = (string) 1 - intval($contact['writable']);
|
||||
}
|
||||
}
|
||||
|
||||
if(($contact['duplex'] && strlen($contact['pubkey']))
|
||||
|| ($owner['page-flags'] == PAGE_COMMUNITY && strlen($contact['pubkey']))
|
||||
|
|
@ -1437,7 +1454,7 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0)
|
|||
}
|
||||
if($deleted && is_array($contact)) {
|
||||
$r = q("SELECT `item`.*, `contact`.`self` FROM `item` left join `contact` on `item`.`contact-id` = `contact`.`id`
|
||||
WHERE `uri` = '%s' AND `item`.`uid` = %d AND `contact-id` = %d LIMIT 1",
|
||||
WHERE `uri` = '%s' AND `item`.`uid` = %d AND `contact-id` = %d AND NOT `item`.`file` LIKE '%%[%%' LIMIT 1",
|
||||
dbesc($uri),
|
||||
intval($importer['uid']),
|
||||
intval($contact['id'])
|
||||
|
|
@ -1582,9 +1599,10 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0)
|
|||
|
||||
if(count($r)) {
|
||||
if((x($datarray,'edited') !== false) && (datetime_convert('UTC','UTC',$datarray['edited']) !== $r[0]['edited'])) {
|
||||
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
|
||||
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
|
||||
dbesc($datarray['title']),
|
||||
dbesc($datarray['body']),
|
||||
dbesc($datarray['tag']),
|
||||
dbesc(datetime_convert('UTC','UTC',$datarray['edited'])),
|
||||
dbesc($item_id),
|
||||
intval($importer['uid'])
|
||||
|
|
@ -1727,9 +1745,10 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0)
|
|||
|
||||
if(count($r)) {
|
||||
if((x($datarray,'edited') !== false) && (datetime_convert('UTC','UTC',$datarray['edited']) !== $r[0]['edited'])) {
|
||||
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
|
||||
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
|
||||
dbesc($datarray['title']),
|
||||
dbesc($datarray['body']),
|
||||
dbesc($datarray['tag']),
|
||||
dbesc(datetime_convert('UTC','UTC',$datarray['edited'])),
|
||||
dbesc($item_id),
|
||||
intval($importer['uid'])
|
||||
|
|
@ -1800,7 +1819,7 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0)
|
|||
// but otherwise there's a possible data mixup on the sender's system.
|
||||
// the tgroup delivery code called from item_store will correct it if it's a forum,
|
||||
// but we're going to unconditionally correct it here so that the post will always be owned by our contact.
|
||||
logger('local_delivery: Correcting item owner.', LOGGER_DEBUG);
|
||||
logger('consume_feed: Correcting item owner.', LOGGER_DEBUG);
|
||||
$datarray['owner-name'] = $contact['name'];
|
||||
$datarray['owner-link'] = $contact['url'];
|
||||
$datarray['owner-avatar'] = $contact['thumb'];
|
||||
|
|
@ -1896,6 +1915,14 @@ function local_delivery($importer,$data) {
|
|||
);
|
||||
if(count($r)) {
|
||||
$fid = $r[0]['id'];
|
||||
|
||||
// OK, we do. Do we already have an introduction for this person ?
|
||||
$r = q("select id from intro where uid = %d and fid = %d limit 1",
|
||||
intval($fsugg['uid']),
|
||||
intval($fid)
|
||||
);
|
||||
if(count($r))
|
||||
return 0;
|
||||
}
|
||||
if(! $fid)
|
||||
$r = q("INSERT INTO `fcontact` ( `name`,`url`,`photo`,`request` ) VALUES ( '%s', '%s', '%s', '%s' ) ",
|
||||
|
|
@ -1916,6 +1943,7 @@ function local_delivery($importer,$data) {
|
|||
else
|
||||
return 0;
|
||||
|
||||
|
||||
$hash = random_string();
|
||||
|
||||
$r = q("INSERT INTO `intro` ( `uid`, `fid`, `contact-id`, `note`, `hash`, `datetime`, `blocked` )
|
||||
|
|
@ -2036,7 +2064,7 @@ function local_delivery($importer,$data) {
|
|||
if($deleted) {
|
||||
|
||||
$r = q("SELECT `item`.*, `contact`.`self` FROM `item` left join contact on `item`.`contact-id` = `contact`.`id`
|
||||
WHERE `uri` = '%s' AND `item`.`uid` = %d AND `contact-id` = %d LIMIT 1",
|
||||
WHERE `uri` = '%s' AND `item`.`uid` = %d AND `contact-id` = %d AND NOT `item`.`file` LIKE '%%[%%' LIMIT 1",
|
||||
dbesc($uri),
|
||||
intval($importer['importer_uid']),
|
||||
intval($importer['id'])
|
||||
|
|
@ -2332,9 +2360,10 @@ function local_delivery($importer,$data) {
|
|||
|
||||
if(count($r)) {
|
||||
if((x($datarray,'edited') !== false) && (datetime_convert('UTC','UTC',$datarray['edited']) !== $r[0]['edited'])) {
|
||||
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
|
||||
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
|
||||
dbesc($datarray['title']),
|
||||
dbesc($datarray['body']),
|
||||
dbesc($datarray['tag']),
|
||||
dbesc(datetime_convert('UTC','UTC',$datarray['edited'])),
|
||||
dbesc($item_id),
|
||||
intval($importer['importer_uid'])
|
||||
|
|
@ -2497,9 +2526,10 @@ function local_delivery($importer,$data) {
|
|||
|
||||
if(count($r)) {
|
||||
if((x($datarray,'edited') !== false) && (datetime_convert('UTC','UTC',$datarray['edited']) !== $r[0]['edited'])) {
|
||||
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
|
||||
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
|
||||
dbesc($datarray['title']),
|
||||
dbesc($datarray['body']),
|
||||
dbesc($datarray['tag']),
|
||||
dbesc(datetime_convert('UTC','UTC',$datarray['edited'])),
|
||||
dbesc($item_id),
|
||||
intval($importer['importer_uid'])
|
||||
|
|
@ -2925,6 +2955,11 @@ function item_expire($uid,$days) {
|
|||
|
||||
foreach($r as $item) {
|
||||
|
||||
// don't expire filed items
|
||||
|
||||
if(strpos($item['file'],'[') !== false)
|
||||
continue;
|
||||
|
||||
// Only expire posts, not photos and photo comments
|
||||
|
||||
if($expire_photos==0 && strlen($item['resource-id']))
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue