From 403d1f987ff68982c59d589e97e1eaa64b8d87d1 Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Mon, 19 Dec 2016 20:19:26 -0500 Subject: [PATCH 1/8] proxy_url: Fix extension extraction for URLs containing a . after a ? --- mod/proxy.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/mod/proxy.php b/mod/proxy.php index de2810dd7..57c722739 100644 --- a/mod/proxy.php +++ b/mod/proxy.php @@ -281,14 +281,14 @@ function proxy_url($url, $writemode = false, $size = '') { $longpath .= '/' . strtr(base64_encode($url), '+/', '-_'); - // Checking for valid extensions. Only add them if they are safe - $pos = strrpos($url, '.'); - if ($pos) { - $extension = strtolower(substr($url, $pos + 1)); - $pos = strpos($extension, '?'); - if ($pos) { - $extension = substr($extension, 0, $pos); - } + // Extract the URL extension, disregarding GET parameters starting with ? + $question_mark_pos = strpos($url, '?'); + if ($question_mark_pos === false) { + $question_mark_pos = strlen($url); + } + $dot_pos = strrpos($url, '.', $question_mark_pos - strlen($url)); + if ($dot_pos !== false) { + $extension = strtolower(substr($url, $dot_pos + 1, $question_mark_pos - ($dot_pos + 1))); } $extensions = array('jpg', 'jpeg', 'gif', 'png'); From 75711a947e9af36d6f03d2089b7f68ee6d92fec2 Mon Sep 17 00:00:00 2001 From: Michael Date: Tue, 20 Dec 2016 07:08:03 +0000 Subject: [PATCH 2/8] Workaround for vanished database connections while authentication --- include/auth_ejabberd.php | 26 ++++++++++++++++++-------- 1 file changed, 18 insertions(+), 8 deletions(-) diff --git a/include/auth_ejabberd.php b/include/auth_ejabberd.php index e1900dc73..01e338942 100755 --- a/include/auth_ejabberd.php +++ b/include/auth_ejabberd.php @@ -159,14 +159,19 @@ class exAuth { $sUser = str_replace(array("%20", "(a)"), array(" ", "@"), $aCommand[1]); $this->writeDebugLog("[debug] checking isuser for ". $sUser."@".$aCommand[2]); - // If the hostnames doesn't match, we try to check remotely - if ($a->get_hostname() != $aCommand[2]) - $found = $this->check_user($aCommand[2], $aCommand[1], true); - else { + // Does the hostname match? So we try directly + if ($a->get_hostname() == $aCommand[2]) { $sQuery = "SELECT `uid` FROM `user` WHERE `nickname`='".dbesc($sUser)."'"; $this->writeDebugLog("[debug] using query ". $sQuery); $r = q($sQuery); $found = dbm::is_result($r); + } else { + $found = false; + } + + // If the hostnames doesn't match or there is some failure, we try to check remotely + if (!$found) { + $found = $this->check_user($aCommand[2], $aCommand[1], true); } if ($found) { @@ -227,10 +232,8 @@ class exAuth { $sUser = str_replace(array("%20", "(a)"), array(" ", "@"), $aCommand[1]); $this->writeDebugLog("[debug] doing auth for ".$sUser."@".$aCommand[2]); - // If the hostnames doesn't match, we try to authenticate remotely - if ($a->get_hostname() != $aCommand[2]) - $Error = !$this->check_credentials($aCommand[2], $aCommand[1], $aCommand[3], true); - else { + // Does the hostname match? So we try directly + if ($a->get_hostname() == $aCommand[2]) { $sQuery = "SELECT `uid`, `password` FROM `user` WHERE `nickname`='".dbesc($sUser)."'"; $this->writeDebugLog("[debug] using query ". $sQuery); if ($oResult = q($sQuery)) { @@ -246,6 +249,13 @@ class exAuth { $this->writeLog("[exAuth] got password ".$oConfig[0]["v"]); $Error = ($aCommand[3] != $oConfig[0]["v"]); } + } else { + $Error = true; + } + + // If the hostnames doesn't match or there is some failure, we try to check remotely + if ($Error) { + $Error = !$this->check_credentials($aCommand[2], $aCommand[1], $aCommand[3], true); } if ($Error) { From 6e46987515fc36210e58c080cc4c4348a935b2f5 Mon Sep 17 00:00:00 2001 From: Michael Date: Tue, 20 Dec 2016 07:10:47 +0000 Subject: [PATCH 3/8] The object type "photo" is deprecated and was replaced by "image" --- include/diaspora.php | 2 +- include/like.php | 2 +- mod/photos.php | 4 ++-- mod/subthread.php | 2 +- mod/tagger.php | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/include/diaspora.php b/include/diaspora.php index f2d484867..09dff5cfa 100644 --- a/include/diaspora.php +++ b/include/diaspora.php @@ -2290,7 +2290,7 @@ class diaspora { $body = "[img]".unxmlify($photo->remote_photo_path). unxmlify($photo->remote_photo_name)."[/img]\n".$body; - $datarray["object-type"] = ACTIVITY_OBJ_PHOTO; + $datarray["object-type"] = ACTIVITY_OBJ_IMAGE; } else { $datarray["object-type"] = ACTIVITY_OBJ_NOTE; diff --git a/include/like.php b/include/like.php index 118ec81ca..e5c1867b4 100644 --- a/include/like.php +++ b/include/like.php @@ -163,7 +163,7 @@ function do_like($item_id, $verb) { $post_type = (($item['resource-id']) ? t('photo') : t('status')); if($item['object-type'] === ACTIVITY_OBJ_EVENT) $post_type = t('event'); - $objtype = (($item['resource-id']) ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE ); + $objtype = (($item['resource-id']) ? ACTIVITY_OBJ_IMAGE : ACTIVITY_OBJ_NOTE ); $link = xmlify('' . "\n") ; $body = $item['body']; diff --git a/mod/photos.php b/mod/photos.php index d72a82482..6d3ab2846 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -681,7 +681,7 @@ function photos_post(&$a) { $arr['visible'] = 1; $arr['verb'] = ACTIVITY_TAG; $arr['object-type'] = ACTIVITY_OBJ_PERSON; - $arr['target-type'] = ACTIVITY_OBJ_PHOTO; + $arr['target-type'] = ACTIVITY_OBJ_IMAGE; $arr['tag'] = $tagged[4]; $arr['inform'] = $tagged[2]; $arr['origin'] = 1; @@ -694,7 +694,7 @@ function photos_post(&$a) { $arr['object'] .= xmlify('' . "\n"); $arr['object'] .= '' . "\n"; - $arr['target'] = '' . ACTIVITY_OBJ_PHOTO . '' . $p[0]['desc'] . '' + $arr['target'] = '' . ACTIVITY_OBJ_IMAGE . '' . $p[0]['desc'] . '' . $a->get_baseurl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . ''; $arr['target'] .= '' . xmlify('' . "\n" . '') . ''; diff --git a/mod/subthread.php b/mod/subthread.php index 33cf7489c..d98390362 100644 --- a/mod/subthread.php +++ b/mod/subthread.php @@ -85,7 +85,7 @@ function subthread_content(&$a) { $uri = item_new_uri($a->get_hostname(),$owner_uid); $post_type = (($item['resource-id']) ? t('photo') : t('status')); - $objtype = (($item['resource-id']) ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE ); + $objtype = (($item['resource-id']) ? ACTIVITY_OBJ_IMAGE : ACTIVITY_OBJ_NOTE ); $link = xmlify('' . "\n") ; $body = $item['body']; diff --git a/mod/tagger.php b/mod/tagger.php index e0ef1ceb0..57f53d5dc 100644 --- a/mod/tagger.php +++ b/mod/tagger.php @@ -60,7 +60,7 @@ function tagger_content(&$a) { $uri = item_new_uri($a->get_hostname(),$owner_uid); $xterm = xmlify($term); $post_type = (($item['resource-id']) ? t('photo') : t('status')); - $targettype = (($item['resource-id']) ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE ); + $targettype = (($item['resource-id']) ? ACTIVITY_OBJ_IMAGE : ACTIVITY_OBJ_NOTE ); $link = xmlify('' . "\n") ; From 4c77ae2fe903bf15d6a41fb3ff802036c08a82c7 Mon Sep 17 00:00:00 2001 From: Michael Date: Tue, 20 Dec 2016 07:13:22 +0000 Subject: [PATCH 4/8] Only distribute items to active contacts --- include/notifier.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/notifier.php b/include/notifier.php index 812752a55..58240557b 100644 --- a/include/notifier.php +++ b/include/notifier.php @@ -575,7 +575,7 @@ function notifier_run(&$argv, &$argc){ $r0 = array(); $r1 = q("SELECT DISTINCT(`batch`), `id`, `name`,`network` FROM `contact` WHERE `network` = '%s' - AND `uid` = %d AND `rel` != %d group by `batch` ORDER BY rand() ", + AND `uid` = %d AND `rel` != %d AND NOT `blocked` AND NOT `pending` AND NOT `archive` GROUP BY `batch` ORDER BY rand()", dbesc(NETWORK_DIASPORA), intval($owner['uid']), intval(CONTACT_IS_SHARING) From 6e929934c59cd922bca41edb56b62b6032114a47 Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Tue, 20 Dec 2016 15:14:43 -0500 Subject: [PATCH 5/8] proxy: Simplify url extension extraction --- mod/proxy.php | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/mod/proxy.php b/mod/proxy.php index 57c722739..46d77726c 100644 --- a/mod/proxy.php +++ b/mod/proxy.php @@ -281,15 +281,8 @@ function proxy_url($url, $writemode = false, $size = '') { $longpath .= '/' . strtr(base64_encode($url), '+/', '-_'); - // Extract the URL extension, disregarding GET parameters starting with ? - $question_mark_pos = strpos($url, '?'); - if ($question_mark_pos === false) { - $question_mark_pos = strlen($url); - } - $dot_pos = strrpos($url, '.', $question_mark_pos - strlen($url)); - if ($dot_pos !== false) { - $extension = strtolower(substr($url, $dot_pos + 1, $question_mark_pos - ($dot_pos + 1))); - } + // Extract the URL extension + $extension = pathinfo(parse_url($url, PHP_URL_PATH), PATHINFO_EXTENSION); $extensions = array('jpg', 'jpeg', 'gif', 'png'); if (in_array($extension, $extensions)) { From b2768d8f1cbba565f0efd7a7b007b9479648b353 Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Tue, 20 Dec 2016 15:23:08 -0500 Subject: [PATCH 6/8] proxy mod: Standards bearer - Enforced PSR-2 standards - Normalized concatenation formatting - Normalized string delimiters - Normalized condition operators - Collapsed directly nested conditions - Used dvm::is_result - Added comments --- mod/proxy.php | 292 ++++++++++++++++++++++++++------------------------ 1 file changed, 153 insertions(+), 139 deletions(-) diff --git a/mod/proxy.php b/mod/proxy.php index 46d77726c..736b44007 100644 --- a/mod/proxy.php +++ b/mod/proxy.php @@ -1,20 +1,18 @@ -define("PROXY_DEFAULT_TIME", 86400); // 1 Day +define('PROXY_DEFAULT_TIME', 86400); // 1 Day -define("PROXY_SIZE_MICRO", "micro"); -define("PROXY_SIZE_THUMB", "thumb"); -define("PROXY_SIZE_SMALL", "small"); -define("PROXY_SIZE_MEDIUM", "medium"); -define("PROXY_SIZE_LARGE", "large"); +define('PROXY_SIZE_MICRO', 'micro'); +define('PROXY_SIZE_THUMB', 'thumb'); +define('PROXY_SIZE_SMALL', 'small'); +define('PROXY_SIZE_MEDIUM', 'medium'); +define('PROXY_SIZE_LARGE', 'large'); -require_once('include/security.php'); -require_once("include/Photo.php"); - -function proxy_init() { - global $a, $_SERVER; +require_once 'include/security.php'; +require_once 'include/Photo.php'; +function proxy_init(App $a) { // Pictures are stored in one of the following ways: // 1. If a folder "proxy" exists and is writeable, then use this for caching // 2. If a cache path is defined, use this @@ -24,11 +22,12 @@ function proxy_init() { if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE'])) { header('HTTP/1.1 304 Not Modified'); - header("Last-Modified: " . gmdate("D, d M Y H:i:s", time()) . " GMT"); - header('Etag: '.$_SERVER['HTTP_IF_NONE_MATCH']); - header("Expires: " . gmdate("D, d M Y H:i:s", time() + (31536000)) . " GMT"); - header("Cache-Control: max-age=31536000"); - if(function_exists('header_remove')) { + header('Last-Modified: ' . gmdate('D, d M Y H:i:s', time()) . ' GMT'); + header('Etag: ' . $_SERVER['HTTP_IF_NONE_MATCH']); + header('Expires: ' . gmdate('D, d M Y H:i:s', time() + (31536000)) . ' GMT'); + header('Cache-Control: max-age=31536000'); + + if (function_exists('header_remove')) { header_remove('Last-Modified'); header_remove('Expires'); header_remove('Cache-Control'); @@ -36,140 +35,149 @@ function proxy_init() { exit; } - if(function_exists('header_remove')) { + if (function_exists('header_remove')) { header_remove('Pragma'); header_remove('pragma'); } $thumb = false; $size = 1024; - $sizetype = ""; + $sizetype = ''; $basepath = $a->get_basepath(); // If the cache path isn't there, try to create it - if (!is_dir($basepath."/proxy")) - if (is_writable($basepath)) - mkdir($basepath."/proxy"); + if (!is_dir($basepath . '/proxy') AND is_writable($basepath)) { + mkdir($basepath . '/proxy'); + } // Checking if caching into a folder in the webroot is activated and working - $direct_cache = (is_dir($basepath."/proxy") AND is_writable($basepath."/proxy")); + $direct_cache = (is_dir($basepath . '/proxy') AND is_writable($basepath . '/proxy')); // Look for filename in the arguments - if ((isset($a->argv[1]) OR isset($a->argv[2]) OR isset($a->argv[3])) AND !isset($_REQUEST["url"])) { - if (isset($a->argv[3])) + if ((isset($a->argv[1]) OR isset($a->argv[2]) OR isset($a->argv[3])) AND !isset($_REQUEST['url'])) { + if (isset($a->argv[3])) { $url = $a->argv[3]; - elseif (isset($a->argv[2])) + } elseif (isset($a->argv[2])) { $url = $a->argv[2]; - else + } else { $url = $a->argv[1]; - - if (isset($a->argv[3]) and ($a->argv[3] == "thumb")) - $size = 200; - - // thumb, small, medium and large. - if (substr($url, -6) == ":micro") { - $size = 48; - $sizetype = ":micro"; - $url = substr($url, 0, -6); - } elseif (substr($url, -6) == ":thumb") { - $size = 80; - $sizetype = ":thumb"; - $url = substr($url, 0, -6); - } elseif (substr($url, -6) == ":small") { - $size = 175; - $url = substr($url, 0, -6); - $sizetype = ":small"; - } elseif (substr($url, -7) == ":medium") { - $size = 600; - $url = substr($url, 0, -7); - $sizetype = ":medium"; - } elseif (substr($url, -6) == ":large") { - $size = 1024; - $url = substr($url, 0, -6); - $sizetype = ":large"; } - $pos = strrpos($url, "=."); - if ($pos) - $url = substr($url, 0, $pos+1); + if (isset($a->argv[3]) AND ($a->argv[3] == 'thumb')) { + $size = 200; + } - $url = str_replace(array(".jpg", ".jpeg", ".gif", ".png"), array("","","",""), $url); + // thumb, small, medium and large. + if (substr($url, -6) == ':micro') { + $size = 48; + $sizetype = ':micro'; + $url = substr($url, 0, -6); + } elseif (substr($url, -6) == ':thumb') { + $size = 80; + $sizetype = ':thumb'; + $url = substr($url, 0, -6); + } elseif (substr($url, -6) == ':small') { + $size = 175; + $url = substr($url, 0, -6); + $sizetype = ':small'; + } elseif (substr($url, -7) == ':medium') { + $size = 600; + $url = substr($url, 0, -7); + $sizetype = ':medium'; + } elseif (substr($url, -6) == ':large') { + $size = 1024; + $url = substr($url, 0, -6); + $sizetype = ':large'; + } + + $pos = strrpos($url, '=.'); + if ($pos) { + $url = substr($url, 0, $pos + 1); + } + + $url = str_replace(array('.jpg', '.jpeg', '.gif', '.png'), array('','','',''), $url); $url = base64_decode(strtr($url, '-_', '+/'), true); - if ($url) + if ($url) { $_REQUEST['url'] = $url; - } else + } + } else { $direct_cache = false; + } if (!$direct_cache) { $urlhash = 'pic:' . sha1($_REQUEST['url']); - $cachefile = get_cachefile(hash("md5", $_REQUEST['url'])); - if ($cachefile != '') { - if (file_exists($cachefile)) { - $img_str = file_get_contents($cachefile); - $mime = image_type_to_mime_type(exif_imagetype($cachefile)); + $cachefile = get_cachefile(hash('md5', $_REQUEST['url'])); + if ($cachefile != '' AND file_exists($cachefile)) { + $img_str = file_get_contents($cachefile); + $mime = image_type_to_mime_type(exif_imagetype($cachefile)); - header("Content-type: $mime"); - header("Last-Modified: " . gmdate("D, d M Y H:i:s", time()) . " GMT"); - header('Etag: "'.md5($img_str).'"'); - header("Expires: " . gmdate("D, d M Y H:i:s", time() + (31536000)) . " GMT"); - header("Cache-Control: max-age=31536000"); + header('Content-type: ' . $mime); + header('Last-Modified: ' . gmdate('D, d M Y H:i:s', time()) . ' GMT'); + header('Etag: "' . md5($img_str) . '"'); + header('Expires: ' . gmdate('D, d M Y H:i:s', time() + (31536000)) . ' GMT'); + header('Cache-Control: max-age=31536000'); - // reduce quality - if it isn't a GIF - if ($mime != "image/gif") { - $img = new Photo($img_str, $mime); - if($img->is_valid()) { - $img_str = $img->imageString(); - } + // reduce quality - if it isn't a GIF + if ($mime != 'image/gif') { + $img = new Photo($img_str, $mime); + if ($img->is_valid()) { + $img_str = $img->imageString(); } - - echo $img_str; - killme(); } + + echo $img_str; + killme(); } - } else - $cachefile = ""; + } else { + $cachefile = ''; + } $valid = true; - if (!$direct_cache AND ($cachefile == "")) { + if (!$direct_cache AND ($cachefile == '')) { $r = qu("SELECT * FROM `photo` WHERE `resource-id` = '%s' LIMIT 1", $urlhash); - if (count($r)) { - $img_str = $r[0]['data']; - $mime = $r[0]["desc"]; - if ($mime == "") $mime = "image/jpeg"; + if (dbm::is_result($r)) { + $img_str = $r[0]['data']; + $mime = $r[0]['desc']; + if ($mime == '') { + $mime = 'image/jpeg'; + } } - } else + } else { $r = array(); + } - if (!count($r)) { + if (!dbm::is_result($r)) { // It shouldn't happen but it does - spaces in URL - $_REQUEST['url'] = str_replace(" ", "+", $_REQUEST['url']); + $_REQUEST['url'] = str_replace(' ', '+', $_REQUEST['url']); $redirects = 0; - $img_str = fetch_url($_REQUEST['url'],true, $redirects, 10); + $img_str = fetch_url($_REQUEST['url'], true, $redirects, 10); - $tempfile = tempnam(get_temppath(), "cache"); + $tempfile = tempnam(get_temppath(), 'cache'); file_put_contents($tempfile, $img_str); $mime = image_type_to_mime_type(exif_imagetype($tempfile)); unlink($tempfile); // If there is an error then return a blank image - if ((substr($a->get_curl_code(), 0, 1) == "4") or (!$img_str)) { - $img_str = file_get_contents("images/blank.png"); - $mime = "image/png"; - $cachefile = ""; // Clear the cachefile so that the dummy isn't stored + if ((substr($a->get_curl_code(), 0, 1) == '4') OR (!$img_str)) { + $img_str = file_get_contents('images/blank.png'); + $mime = 'image/png'; + $cachefile = ''; // Clear the cachefile so that the dummy isn't stored $valid = false; - $img = new Photo($img_str, "image/png"); - if($img->is_valid()) { + $img = new Photo($img_str, 'image/png'); + if ($img->is_valid()) { $img->scaleImage(10); $img_str = $img->imageString(); } - } else if (($mime != "image/jpeg") AND !$direct_cache AND ($cachefile == "")) { + } elseif ($mime != 'image/jpeg' AND !$direct_cache AND $cachefile == '') { $image = @imagecreatefromstring($img_str); - if($image === FALSE) die(); + if ($image === FALSE) { + die(); + } q("INSERT INTO `photo` ( `uid`, `contact-id`, `guid`, `resource-id`, `created`, `edited`, `filename`, `album`, `height`, `width`, `desc`, `data`, `scale`, `profile`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid` ) @@ -177,7 +185,7 @@ function proxy_init() { 0, 0, get_guid(), dbesc($urlhash), dbesc(datetime_convert()), dbesc(datetime_convert()), - dbesc(basename(dbesc($_REQUEST["url"]))), + dbesc(basename(dbesc($_REQUEST['url']))), dbesc(''), intval(imagesy($image)), intval(imagesx($image)), @@ -190,9 +198,8 @@ function proxy_init() { } else { $img = new Photo($img_str, $mime); - if($img->is_valid()) { - if (!$direct_cache AND ($cachefile == "")) - $img->store(0, 0, $urlhash, $_REQUEST['url'], '', 100); + if ($img->is_valid() AND !$direct_cache AND ($cachefile == '')) { + $img->store(0, 0, $urlhash, $_REQUEST['url'], '', 100); } } } @@ -200,9 +207,9 @@ function proxy_init() { $img_str_orig = $img_str; // reduce quality - if it isn't a GIF - if ($mime != "image/gif") { + if ($mime != 'image/gif') { $img = new Photo($img_str, $mime); - if($img->is_valid()) { + if ($img->is_valid()) { $img->scaleImage($size); $img_str = $img->imageString(); } @@ -212,20 +219,22 @@ function proxy_init() { // advantage: real file access is really fast // Otherwise write in cachefile if ($valid AND $direct_cache) { - file_put_contents($basepath."/proxy/".proxy_url($_REQUEST['url'], true), $img_str_orig); - if ($sizetype <> '') - file_put_contents($basepath."/proxy/".proxy_url($_REQUEST['url'], true).$sizetype, $img_str); - } elseif ($cachefile != '') + file_put_contents($basepath . '/proxy/' . proxy_url($_REQUEST['url'], true), $img_str_orig); + if ($sizetype != '') { + file_put_contents($basepath . '/proxy/' . proxy_url($_REQUEST['url'], true) . $sizetype, $img_str); + } + } elseif ($cachefile != '') { file_put_contents($cachefile, $img_str_orig); + } - header("Content-type: $mime"); + header('Content-type: ' . $mime); // Only output the cache headers when the file is valid if ($valid) { - header("Last-Modified: " . gmdate("D, d M Y H:i:s", time()) . " GMT"); - header('Etag: "'.md5($img_str).'"'); - header("Expires: " . gmdate("D, d M Y H:i:s", time() + (31536000)) . " GMT"); - header("Cache-Control: max-age=31536000"); + header('Last-Modified: ' . gmdate('D, d M Y H:i:s', time()) . ' GMT'); + header('Etag: "' . md5($img_str) . '"'); + header('Expires: ' . gmdate('D, d M Y H:i:s', time() + (31536000)) . ' GMT'); + header('Cache-Control: max-age=31536000'); } echo $img_str; @@ -272,11 +281,9 @@ function proxy_url($url, $writemode = false, $size = '') { $shortpath = hash('md5', $url); $longpath = substr($shortpath, 0, 2); - if (is_dir($basepath) and $writemode) { - if (!is_dir($basepath . '/' . $longpath)) { - mkdir($basepath . '/' . $longpath); - chmod($basepath . '/' . $longpath, 0777); - } + if (is_dir($basepath) AND $writemode AND !is_dir($basepath . '/' . $longpath)) { + mkdir($basepath . '/' . $longpath); + chmod($basepath . '/' . $longpath, 0777); } $longpath .= '/' . strtr(base64_encode($url), '+/', '-_'); @@ -314,9 +321,13 @@ function proxy_url($url, $writemode = false, $size = '') { * @return boolean */ function proxy_is_local_image($url) { - if ($url[0] == '/') return true; + if ($url[0] == '/') { + return true; + } - if (strtolower(substr($url, 0, 5)) == "data:") return true; + if (strtolower(substr($url, 0, 5)) == 'data:') { + return true; + } // links normalised - bug #431 $baseurl = normalise_link(get_app()->get_baseurl()); @@ -324,42 +335,45 @@ function proxy_is_local_image($url) { return (substr($url, 0, strlen($baseurl)) == $baseurl); } -function proxy_parse_query($var) { - /** - * Use this function to parse out the query array element from - * the output of parse_url(). - */ - $var = parse_url($var, PHP_URL_QUERY); - $var = html_entity_decode($var); - $var = explode('&', $var); - $arr = array(); +/** + * @brief Return the array of query string parameters from a URL + * + * @param string $url + * @return array Associative array of query string parameters + */ +function proxy_parse_query($url) { + $query = parse_url($url, PHP_URL_QUERY); + $query = html_entity_decode($query); + $query_list = explode('&', $query); + $arr = array(); - foreach($var as $val) { - $x = explode('=', $val); - $arr[$x[0]] = $x[1]; - } + foreach ($query_list as $key_value) { + $key_value_list = explode('=', $key_value); + $arr[$key_value_list[0]] = $key_value_list[1]; + } - unset($val, $x, $var); - return $arr; + unset($url, $query_list, $url); + return $arr; } function proxy_img_cb($matches) { - // if the picture seems to be from another picture cache then take the original source $queryvar = proxy_parse_query($matches[2]); - if (($queryvar['url'] != "") AND (substr($queryvar['url'], 0, 4) == "http")) + if (($queryvar['url'] != '') AND (substr($queryvar['url'], 0, 4) == 'http')) { $matches[2] = urldecode($queryvar['url']); + } // following line changed per bug #431 - if (proxy_is_local_image($matches[2])) + if (proxy_is_local_image($matches[2])) { return $matches[1] . $matches[2] . $matches[3]; + } - return $matches[1].proxy_url(htmlspecialchars_decode($matches[2])).$matches[3]; + return $matches[1] . proxy_url(htmlspecialchars_decode($matches[2])) . $matches[3]; } function proxy_parse_html($html) { $a = get_app(); - $html = str_replace(normalise_link($a->get_baseurl())."/", $a->get_baseurl()."/", $html); + $html = str_replace(normalise_link($a->get_baseurl()) . '/', $a->get_baseurl() . '/', $html); - return preg_replace_callback("/(]*src *= *[\"'])([^\"']+)([\"'][^>]*>)/siU", "proxy_img_cb", $html); + return preg_replace_callback('/(]*src *= *["\'])([^"\']+)(["\'][^>]*>)/siU', 'proxy_img_cb', $html); } From 24a58ab2e6e375d5e3107d3ba5af68d651b28b66 Mon Sep 17 00:00:00 2001 From: rabuzarus <> Date: Wed, 21 Dec 2016 16:12:13 +0100 Subject: [PATCH 7/8] frio: append bs tooltip to body element --- view/theme/frio/js/theme.js | 1 + 1 file changed, 1 insertion(+) diff --git a/view/theme/frio/js/theme.js b/view/theme/frio/js/theme.js index 8fbee06e5..3f3128be4 100644 --- a/view/theme/frio/js/theme.js +++ b/view/theme/frio/js/theme.js @@ -100,6 +100,7 @@ $(document).ready(function(){ // initialize the bootstrap tooltips $('body').tooltip({ selector: '[data-toggle="tooltip"]', + container: 'body', animation: true, html: true, placement: 'auto', From 8a9143023d91fd614f4ee51ea65d286191e89553 Mon Sep 17 00:00:00 2001 From: rabuzarus <> Date: Wed, 21 Dec 2016 16:22:20 +0100 Subject: [PATCH 8/8] frio: append hovercard to body element --- view/theme/frio/js/hovercard.js | 3 ++- view/theme/frio/templates/nav.tpl | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/view/theme/frio/js/hovercard.js b/view/theme/frio/js/hovercard.js index 6e2a827cd..d9f942916 100644 --- a/view/theme/frio/js/hovercard.js +++ b/view/theme/frio/js/hovercard.js @@ -79,7 +79,8 @@ $(document).ready(function(){ }, trigger: hctrigger, template: '
', - content: data + content: data, + container: "body", }).popover('show'); } }); diff --git a/view/theme/frio/templates/nav.tpl b/view/theme/frio/templates/nav.tpl index 5732e1211..390cf58dc 100644 --- a/view/theme/frio/templates/nav.tpl +++ b/view/theme/frio/templates/nav.tpl @@ -278,7 +278,7 @@