diff --git a/include/acl_selectors.php b/include/acl_selectors.php index 05856bd21..a1154399a 100644 --- a/include/acl_selectors.php +++ b/include/acl_selectors.php @@ -392,7 +392,6 @@ function acl_lookup(&$a, $out_type = 'json') { if(!local_user()) return ""; - $start = (x($_REQUEST,'start')?$_REQUEST['start']:0); $count = (x($_REQUEST,'count')?$_REQUEST['count']:100); $search = (x($_REQUEST,'search')?$_REQUEST['search']:""); @@ -492,7 +491,7 @@ function acl_lookup(&$a, $out_type = 'json') { $groups[] = array( "type" => "g", "photo" => "images/twopeople.png", - "name" => $g['name'], + "name" => htmlentities($g['name']), "id" => intval($g['id']), "uids" => array_map("intval", explode(",",$g['uids'])), "link" => '', @@ -547,7 +546,7 @@ function acl_lookup(&$a, $out_type = 'json') { foreach($r as $g) { $x['photos'][] = proxy_url($g['micro'], false, PROXY_SIZE_MICRO); $x['links'][] = $g['url']; - $x['suggestions'][] = $g['name']; + $x['suggestions'][] = htmlentities($g['name']); $x['data'][] = intval($g['id']); } } @@ -560,11 +559,11 @@ function acl_lookup(&$a, $out_type = 'json') { $contacts[] = array( "type" => "c", "photo" => proxy_url($g['micro'], false, PROXY_SIZE_MICRO), - "name" => $g['name'], + "name" => htmlentities($g['name']), "id" => intval($g['id']), "network" => $g['network'], "link" => $g['url'], - "nick" => ($g['attag']) ? $g['attag'] : $g['nick'], + "nick" => htmlentities(($g['attag']) ? $g['attag'] : $g['nick']), "forum" => $g['forum'] ); } @@ -605,11 +604,11 @@ function acl_lookup(&$a, $out_type = 'json') { $unknow_contacts[] = array( "type" => "c", "photo" => proxy_url($row['author-avatar'], false, PROXY_SIZE_MICRO), - "name" => $row['author-name'], + "name" => htmlentities($row['author-name']), "id" => '', "network" => "unknown", "link" => $row['author-link'], - "nick" => $nick, + "nick" => htmlentities($nick), "forum" => false ); } diff --git a/include/conversation.php b/include/conversation.php index 1edf79425..107fb84ea 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -946,7 +946,7 @@ function like_puller($a,$item,&$arr,$mode) { $arr[$item['thr-parent']] = 1; else $arr[$item['thr-parent']] ++; - $arr[$item['thr-parent'] . '-l'][] = '' . $item['author-name'] . ''; + $arr[$item['thr-parent'] . '-l'][] = '' . htmlentities($item['author-name']) . ''; } return; }} @@ -962,7 +962,7 @@ if(! function_exists('format_like')) { function format_like($cnt,$arr,$type,$id) { $o = ''; if($cnt == 1) - $o .= (($type === 'like') ? sprintf( t('%s likes this.'), $arr[0]) : sprintf( t('%s doesn\'t like this.'), $arr[0])) . EOL ; + $o .= (($type === 'like') ? sprintf( t('%s likes this.'), $arr[0]) : sprintf( t('%s doesn\'t like this.'), $arr[0])) . EOL; else { $spanatts = "class=\"fakelink\" onclick=\"openClose('{$type}list-$id');\""; switch($type) { diff --git a/include/diaspora.php b/include/diaspora.php index 61a0dfc3c..757cf1a6b 100644 --- a/include/diaspora.php +++ b/include/diaspora.php @@ -592,7 +592,7 @@ function diaspora_request($importer,$xml) { // perhaps we were already sharing with this person. Now they're sharing with us. // That makes us friends. - if($contact['rel'] == CONTACT_IS_FOLLOWER && !in_array($importer['page-flags'], array(PAGE_COMMUNITY, PAGE_SOAPBOX))) { + if($contact['rel'] == CONTACT_IS_FOLLOWER && in_array($importer['page-flags'], array(PAGE_FREELOVE))) { q("UPDATE `contact` SET `rel` = %d, `writable` = 1 WHERE `id` = %d AND `uid` = %d", intval(CONTACT_IS_FRIEND), intval($contact['id']), @@ -774,7 +774,7 @@ function diaspora_post_allow($importer,$contact, $is_comment = false) { // perhaps we were already sharing with this person. Now they're sharing with us. // That makes us friends. // Normally this should have handled by getting a request - but this could get lost - if($contact['rel'] == CONTACT_IS_FOLLOWER && !in_array($importer['page-flags'], array(PAGE_COMMUNITY, PAGE_SOAPBOX))) { + if($contact['rel'] == CONTACT_IS_FOLLOWER && in_array($importer['page-flags'], array(PAGE_FREELOVE))) { q("UPDATE `contact` SET `rel` = %d, `writable` = 1 WHERE `id` = %d AND `uid` = %d", intval(CONTACT_IS_FRIEND), intval($contact['id']), diff --git a/include/feed.php b/include/feed.php index dd360a07b..f11bb52a1 100644 --- a/include/feed.php +++ b/include/feed.php @@ -201,8 +201,8 @@ function feed_import($xml,$importer,&$contact, &$hub) { //$item["object"] = $xml; - $r = q("SELECT `id` FROM `item` WHERE `uid` = %d AND `uri` = '%s'", - intval($importer["uid"]), dbesc($item["uri"])); + $r = q("SELECT `id` FROM `item` WHERE `uid` = %d AND `uri` = '%s' AND `network` = '%s'", + intval($importer["uid"]), dbesc($item["uri"]), dbesc(NETWORK_FEED)); if ($r) { logger("Item with uri ".$item["uri"]." for user ".$importer["uid"]." already existed under id ".$r[0]["id"], LOGGER_DEBUG); continue; diff --git a/include/follow.php b/include/follow.php index ca0228cc0..21c05c8f3 100644 --- a/include/follow.php +++ b/include/follow.php @@ -154,11 +154,7 @@ function new_contact($uid,$url,$interactive = false) { $hidden = (($ret['network'] === NETWORK_MAIL) ? 1 : 0); - if($ret['network'] === NETWORK_MAIL) { - $writeable = 1; - - } - if($ret['network'] === NETWORK_DIASPORA) + if(in_array($ret['network'], array(NETWORK_MAIL, NETWORK_DIASPORA))) $writeable = 1; // check if we already have a contact @@ -215,9 +211,7 @@ function new_contact($uid,$url,$interactive = false) { return $result; } - $new_relation = (($ret['network'] === NETWORK_MAIL) ? CONTACT_IS_FRIEND : CONTACT_IS_SHARING); - if($ret['network'] === NETWORK_DIASPORA) - $new_relation = CONTACT_IS_FOLLOWER; + $new_relation = ((in_array($ret['network'], array(NETWORK_MAIL, NETWORK_DIASPORA))) ? CONTACT_IS_FRIEND : CONTACT_IS_SHARING); // create contact record $r = q("INSERT INTO `contact` ( `uid`, `created`, `url`, `nurl`, `addr`, `alias`, `batch`, `notify`, `poll`, `poco`, `name`, `nick`, `network`, `pubkey`, `rel`, `priority`, diff --git a/include/items.php b/include/items.php index 8691ccca4..5c7aa52e6 100644 --- a/include/items.php +++ b/include/items.php @@ -1239,10 +1239,10 @@ function item_store($arr,$force_parent = false, $notify = false, $dontcache = fa $arr['guid'] = ((x($arr,'guid')) ? notags(trim($arr['guid'])) : get_guid(32, $guid_prefix)); $arr['uri'] = ((x($arr,'uri')) ? notags(trim($arr['uri'])) : $arr['guid']); $arr['extid'] = ((x($arr,'extid')) ? notags(trim($arr['extid'])) : ''); - $arr['author-name'] = ((x($arr,'author-name')) ? notags(trim($arr['author-name'])) : ''); + $arr['author-name'] = ((x($arr,'author-name')) ? trim($arr['author-name']) : ''); $arr['author-link'] = ((x($arr,'author-link')) ? notags(trim($arr['author-link'])) : ''); $arr['author-avatar'] = ((x($arr,'author-avatar')) ? notags(trim($arr['author-avatar'])) : ''); - $arr['owner-name'] = ((x($arr,'owner-name')) ? notags(trim($arr['owner-name'])) : ''); + $arr['owner-name'] = ((x($arr,'owner-name')) ? trim($arr['owner-name']) : ''); $arr['owner-link'] = ((x($arr,'owner-link')) ? notags(trim($arr['owner-link'])) : ''); $arr['owner-avatar'] = ((x($arr,'owner-avatar')) ? notags(trim($arr['owner-avatar'])) : ''); $arr['created'] = ((x($arr,'created') !== false) ? datetime_convert('UTC','UTC',$arr['created']) : datetime_convert()); @@ -1250,8 +1250,8 @@ function item_store($arr,$force_parent = false, $notify = false, $dontcache = fa $arr['commented'] = ((x($arr,'commented') !== false) ? datetime_convert('UTC','UTC',$arr['commented']) : datetime_convert()); $arr['received'] = ((x($arr,'received') !== false) ? datetime_convert('UTC','UTC',$arr['received']) : datetime_convert()); $arr['changed'] = ((x($arr,'changed') !== false) ? datetime_convert('UTC','UTC',$arr['changed']) : datetime_convert()); - $arr['title'] = ((x($arr,'title')) ? notags(trim($arr['title'])) : ''); - $arr['location'] = ((x($arr,'location')) ? notags(trim($arr['location'])) : ''); + $arr['title'] = ((x($arr,'title')) ? trim($arr['title']) : ''); + $arr['location'] = ((x($arr,'location')) ? trim($arr['location']) : ''); $arr['coord'] = ((x($arr,'coord')) ? notags(trim($arr['coord'])) : ''); $arr['last-child'] = ((x($arr,'last-child')) ? intval($arr['last-child']) : 0 ); $arr['visible'] = ((x($arr,'visible') !== false) ? intval($arr['visible']) : 1 ); @@ -1489,9 +1489,10 @@ function item_store($arr,$force_parent = false, $notify = false, $dontcache = fa $arr = $unescaped; // find the item we just created - $r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `uid` = %d ORDER BY `id` ASC ", + $r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `uid` = %d AND `network` = '%s' ORDER BY `id` ASC ", dbesc($arr['uri']), - intval($arr['uid']) + intval($arr['uid']), + dbesc($arr['network']) ); if(count($r)) { diff --git a/mod/contacts.php b/mod/contacts.php index ee62bf3c9..c562c9822 100644 --- a/mod/contacts.php +++ b/mod/contacts.php @@ -590,6 +590,10 @@ function contacts_content(&$a) { if ($contact['network'] == NETWORK_DFRN) $profile_select = contact_profile_assign($contact['profile-id'],(($contact['network'] !== NETWORK_DFRN) ? true : false)); + if (in_array($contact['network'], array(NETWORK_DIASPORA, NETWORK_OSTATUS)) AND + ($contact['rel'] == CONTACT_IS_FOLLOWER)) + $follow = $a->get_baseurl(true)."/follow?url=".urlencode($contact["url"]); + $o .= replace_macros($tpl, array( '$header' => t('Contact Editor'), '$tab_str' => $tab_str, @@ -617,6 +621,8 @@ function contacts_content(&$a) { '$updpub' => t('Update public posts'), '$last_update' => $last_update, '$udnow' => t('Update now'), + '$follow' => $follow, + '$follow_text' => t("Connect/Follow"), '$profile_select' => $profile_select, '$contact_id' => $contact['id'], '$block_text' => (($contact['blocked']) ? t('Unblock') : t('Block') ), diff --git a/mod/dfrn_confirm.php b/mod/dfrn_confirm.php index 1cc258853..d5dbab951 100644 --- a/mod/dfrn_confirm.php +++ b/mod/dfrn_confirm.php @@ -382,7 +382,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { if($duplex) $new_relation = CONTACT_IS_FRIEND; else - $new_relation = CONTACT_IS_SHARING; + $new_relation = CONTACT_IS_FOLLOWER; if($new_relation != CONTACT_IS_FOLLOWER) $writable = 1; diff --git a/mod/dirfind.php b/mod/dirfind.php index 1e4f5539f..95f9bf53a 100644 --- a/mod/dirfind.php +++ b/mod/dirfind.php @@ -145,7 +145,7 @@ function dirfind_content(&$a, $prefix = "") { $o .= replace_macros($tpl,array( '$url' => zrl($jj->url), - '$name' => $jj->name, + '$name' => htmlentities($jj->name), '$photo' => proxy_url($jj->photo, false, PROXY_SIZE_THUMB), '$tags' => $jj->tags, '$conntxt' => $conntxt, diff --git a/object/Item.php b/object/Item.php index cc6d08ec2..63fa43d3e 100644 --- a/object/Item.php +++ b/object/Item.php @@ -235,6 +235,8 @@ class Item extends BaseObject { if ($shareable) $buttons['share'] = array( t('Share this'), t('share')); } + $comment = $this->get_comment_box($indent); + if(strcmp(datetime_convert('UTC','UTC',$item['created']),datetime_convert('UTC','UTC','now - 12 hours')) > 0){ $shiny = 'shiny'; } @@ -304,6 +306,10 @@ class Item extends BaseObject { !diaspora_is_redmatrix($item["owner-link"]) AND isset($buttons["like"])) unset($buttons["like"]); + // Diaspora doesn't has multithreaded comments + if (($item["item_network"] == NETWORK_DIASPORA) AND ($indent == 'comment')) + unset($comment); + // Facebook can like comments - but it isn't programmed in the connector yet. if (($item["item_network"] == NETWORK_FACEBOOK) AND ($indent == 'comment') AND isset($buttons["like"])) unset($buttons["like"]); @@ -326,7 +332,7 @@ class Item extends BaseObject { 'id' => $this->get_id(), 'guid' => urlencode($item['guid']), 'linktitle' => sprintf( t('View %s\'s profile @ %s'), $profile_name, ((strlen($item['author-link'])) ? $item['author-link'] : $item['url'])), - 'olinktitle' => sprintf( t('View %s\'s profile @ %s'), $this->get_owner_name(), ((strlen($item['owner-link'])) ? $item['owner-link'] : $item['url'])), + 'olinktitle' => sprintf( t('View %s\'s profile @ %s'), htmlentities($this->get_owner_name()), ((strlen($item['owner-link'])) ? $item['owner-link'] : $item['url'])), 'to' => t('to'), 'via' => t('via'), 'wall' => t('Wall-to-Wall'), @@ -348,7 +354,7 @@ class Item extends BaseObject { 'shiny' => $shiny, 'owner_url' => $this->get_owner_url(), 'owner_photo' => proxy_url($this->get_owner_photo(), false, PROXY_SIZE_THUMB), - 'owner_name' => $owner_name_e, + 'owner_name' => htmlentities($owner_name_e), 'plink' => get_plink($item), 'edpost' => ((feature_enabled($conv->get_profile_owner(),'edit_posts')) ? $edpost : ''), 'isstarred' => $isstarred, @@ -361,7 +367,7 @@ class Item extends BaseObject { 'like' => $like, 'dislike' => $dislike, 'switchcomment' => t('Comment'), - 'comment' => $this->get_comment_box($indent), + 'comment' => $comment, 'previewing' => ($conv->is_preview() ? ' preview ' : ''), 'wait' => t('Please wait'), 'thread_level' => $thread_level, @@ -523,7 +529,7 @@ class Item extends BaseObject { */ public function set_conversation($conv) { $previous_mode = ($this->conversation ? $this->conversation->get_mode() : ''); - + $this->conversation = $conv; // Set it on our children too diff --git a/view/templates/contact_edit.tpl b/view/templates/contact_edit.tpl index 06141081c..95e8e5d29 100644 --- a/view/templates/contact_edit.tpl +++ b/view/templates/contact_edit.tpl @@ -51,6 +51,9 @@ {{if $lblsuggest}}