Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

1225 lines
32 KiB

11 years ago
10 years ago
11 years ago
11 years ago
10 years ago
11 years ago
11 years ago
11 years ago
10 years ago
11 years ago
10 years ago
10 years ago
10 years ago
11 years ago
10 years ago
11 years ago
11 years ago
10 years ago
11 years ago
10 years ago
11 years ago
11 years ago
11 years ago
11 years ago
10 years ago
10 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
10 years ago
11 years ago
11 years ago
10 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
10 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
10 years ago
10 years ago
10 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
10 years ago
11 years ago
11 years ago
10 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
10 years ago
11 years ago
11 years ago
10 years ago
11 years ago
10 years ago
10 years ago
  1. <?php
  2. require_once('include/config.php');
  3. require_once('include/network.php');
  4. require_once('include/plugin.php');
  5. require_once('include/text.php');
  6. require_once("include/pgettext.php");
  7. require_once('include/nav.php');
  8. define ( 'FRIENDIKA_PLATFORM', 'Free Friendika');
  9. define ( 'FRIENDIKA_VERSION', '2.3.1137' );
  10. define ( 'DFRN_PROTOCOL_VERSION', '2.21' );
  11. define ( 'DB_UPDATE_VERSION', 1097 );
  12. define ( 'EOL', "<br />\r\n" );
  13. define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' );
  14. /**
  15. *
  16. * Image storage quality. Lower numbers save space at cost of image detail.
  17. * For ease of upgrade, please do not change here. Change jpeg quality with
  18. * set_config('system','jpeg_quality',n) in .htconfig.php
  19. * where n is netween 1 and 100, and with very poor results below about 50
  20. *
  21. */
  22. define ( 'JPEG_QUALITY', 100 );
  23. /**
  24. * SSL redirection policies
  25. */
  26. define ( 'SSL_POLICY_NONE', 0 );
  27. define ( 'SSL_POLICY_FULL', 1 );
  28. define ( 'SSL_POLICY_SELFSIGN', 2 );
  29. /**
  30. * log levels
  31. */
  32. define ( 'LOGGER_NORMAL', 0 );
  33. define ( 'LOGGER_TRACE', 1 );
  34. define ( 'LOGGER_DEBUG', 2 );
  35. define ( 'LOGGER_DATA', 3 );
  36. define ( 'LOGGER_ALL', 4 );
  37. /**
  38. * registration policies
  39. */
  40. define ( 'REGISTER_CLOSED', 0 );
  41. define ( 'REGISTER_APPROVE', 1 );
  42. define ( 'REGISTER_OPEN', 2 );
  43. /**
  44. * relationship types
  45. */
  46. define ( 'CONTACT_IS_FOLLOWER', 1);
  47. define ( 'CONTACT_IS_SHARING', 2);
  48. define ( 'CONTACT_IS_FRIEND', 3);
  49. /**
  50. * Hook array order
  51. */
  52. define ( 'HOOK_HOOK', 0);
  53. define ( 'HOOK_FILE', 1);
  54. define ( 'HOOK_FUNCTION', 2);
  55. /**
  56. *
  57. * page/profile types
  58. *
  59. * PAGE_NORMAL is a typical personal profile account
  60. * PAGE_SOAPBOX automatically approves all friend requests as CONTACT_IS_SHARING, (readonly)
  61. * PAGE_COMMUNITY automatically approves all friend requests as CONTACT_IS_SHARING, but with
  62. * write access to wall and comments (no email and not included in page owner's ACL lists)
  63. * PAGE_FREELOVE automatically approves all friend requests as full friends (CONTACT_IS_FRIEND).
  64. *
  65. */
  66. define ( 'PAGE_NORMAL', 0 );
  67. define ( 'PAGE_SOAPBOX', 1 );
  68. define ( 'PAGE_COMMUNITY', 2 );
  69. define ( 'PAGE_FREELOVE', 3 );
  70. /**
  71. * Network and protocol family types
  72. */
  73. define ( 'NETWORK_ZOT', 'zot!'); // Zot!
  74. define ( 'NETWORK_DFRN', 'dfrn'); // Friendika, Mistpark, other DFRN implementations
  75. define ( 'NETWORK_OSTATUS', 'stat'); // status.net, identi.ca, GNU-social, other OStatus implementations
  76. define ( 'NETWORK_FEED', 'feed'); // RSS/Atom feeds with no known "post/notify" protocol
  77. define ( 'NETWORK_DIASPORA', 'dspr'); // Diaspora
  78. define ( 'NETWORK_MAIL', 'mail'); // IMAP/POP
  79. define ( 'NETWORK_FACEBOOK', 'face'); // Facebook API
  80. /**
  81. * Maximum number of "people who like (or don't like) this" that we will list by name
  82. */
  83. define ( 'MAX_LIKERS', 75);
  84. /**
  85. * Communication timeout
  86. */
  87. define ( 'ZCURL_TIMEOUT' , (-1));
  88. /**
  89. * email notification options
  90. */
  91. define ( 'NOTIFY_INTRO', 0x0001 );
  92. define ( 'NOTIFY_CONFIRM', 0x0002 );
  93. define ( 'NOTIFY_WALL', 0x0004 );
  94. define ( 'NOTIFY_COMMENT', 0x0008 );
  95. define ( 'NOTIFY_MAIL', 0x0010 );
  96. /**
  97. * various namespaces we may need to parse
  98. */
  99. define ( 'NAMESPACE_ZOT', 'http://purl.org/macgirvin/zot' );
  100. define ( 'NAMESPACE_DFRN' , 'http://purl.org/macgirvin/dfrn/1.0' );
  101. define ( 'NAMESPACE_THREAD' , 'http://purl.org/syndication/thread/1.0' );
  102. define ( 'NAMESPACE_TOMB' , 'http://purl.org/atompub/tombstones/1.0' );
  103. define ( 'NAMESPACE_ACTIVITY', 'http://activitystrea.ms/spec/1.0/' );
  104. define ( 'NAMESPACE_ACTIVITY_SCHEMA', 'http://activitystrea.ms/schema/1.0/' );
  105. define ( 'NAMESPACE_MEDIA', 'http://purl.org/syndication/atommedia' );
  106. define ( 'NAMESPACE_SALMON_ME', 'http://salmon-protocol.org/ns/magic-env' );
  107. define ( 'NAMESPACE_OSTATUSSUB', 'http://ostatus.org/schema/1.0/subscribe' );
  108. define ( 'NAMESPACE_GEORSS', 'http://www.georss.org/georss' );
  109. define ( 'NAMESPACE_POCO', 'http://portablecontacts.net/spec/1.0' );
  110. define ( 'NAMESPACE_FEED', 'http://schemas.google.com/g/2010#updates-from' );
  111. define ( 'NAMESPACE_OSTATUS', 'http://ostatus.org/schema/1.0' );
  112. define ( 'NAMESPACE_STATUSNET', 'http://status.net/schema/api/1/' );
  113. define ( 'NAMESPACE_ATOM1', 'http://www.w3.org/2005/Atom' );
  114. /**
  115. * activity stream defines
  116. */
  117. define ( 'ACTIVITY_LIKE', NAMESPACE_ACTIVITY_SCHEMA . 'like' );
  118. define ( 'ACTIVITY_DISLIKE', NAMESPACE_DFRN . '/dislike' );
  119. define ( 'ACTIVITY_OBJ_HEART', NAMESPACE_DFRN . '/heart' );
  120. define ( 'ACTIVITY_FRIEND', NAMESPACE_ACTIVITY_SCHEMA . 'make-friend' );
  121. define ( 'ACTIVITY_REQ_FRIEND', NAMESPACE_ACTIVITY_SCHEMA . 'request-friend' );
  122. define ( 'ACTIVITY_UNFRIEND', NAMESPACE_ACTIVITY_SCHEMA . 'remove-friend' );
  123. define ( 'ACTIVITY_FOLLOW', NAMESPACE_ACTIVITY_SCHEMA . 'follow' );
  124. define ( 'ACTIVITY_UNFOLLOW', NAMESPACE_ACTIVITY_SCHEMA . 'stop-following' );
  125. define ( 'ACTIVITY_POST', NAMESPACE_ACTIVITY_SCHEMA . 'post' );
  126. define ( 'ACTIVITY_UPDATE', NAMESPACE_ACTIVITY_SCHEMA . 'update' );
  127. define ( 'ACTIVITY_TAG', NAMESPACE_ACTIVITY_SCHEMA . 'tag' );
  128. define ( 'ACTIVITY_OBJ_COMMENT', NAMESPACE_ACTIVITY_SCHEMA . 'comment' );
  129. define ( 'ACTIVITY_OBJ_NOTE', NAMESPACE_ACTIVITY_SCHEMA . 'note' );
  130. define ( 'ACTIVITY_OBJ_PERSON', NAMESPACE_ACTIVITY_SCHEMA . 'person' );
  131. define ( 'ACTIVITY_OBJ_PHOTO', NAMESPACE_ACTIVITY_SCHEMA . 'photo' );
  132. define ( 'ACTIVITY_OBJ_P_PHOTO', NAMESPACE_ACTIVITY_SCHEMA . 'profile-photo' );
  133. define ( 'ACTIVITY_OBJ_ALBUM', NAMESPACE_ACTIVITY_SCHEMA . 'photo-album' );
  134. define ( 'ACTIVITY_OBJ_EVENT', NAMESPACE_ACTIVITY_SCHEMA . 'event' );
  135. define ( 'ACTIVITY_OBJ_TAGTERM', NAMESPACE_DFRN . '/tagterm' );
  136. /**
  137. * item weight for query ordering
  138. */
  139. define ( 'GRAVITY_PARENT', 0);
  140. define ( 'GRAVITY_LIKE', 3);
  141. define ( 'GRAVITY_COMMENT', 6);
  142. /**
  143. *
  144. * Reverse the effect of magic_quotes_gpc if it is enabled.
  145. * Please disable magic_quotes_gpc so we don't have to do this.
  146. * See http://php.net/manual/en/security.magicquotes.disabling.php
  147. *
  148. */
  149. function startup() {
  150. error_reporting(E_ERROR | E_WARNING | E_PARSE);
  151. set_time_limit(0);
  152. // This has to be quite large to deal with embedded private photos
  153. ini_set('pcre.backtrack_limit', 350000);
  154. if (get_magic_quotes_gpc()) {
  155. $process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST);
  156. while (list($key, $val) = each($process)) {
  157. foreach ($val as $k => $v) {
  158. unset($process[$key][$k]);
  159. if (is_array($v)) {
  160. $process[$key][stripslashes($k)] = $v;
  161. $process[] = &$process[$key][stripslashes($k)];
  162. } else {
  163. $process[$key][stripslashes($k)] = stripslashes($v);
  164. }
  165. }
  166. }
  167. unset($process);
  168. }
  169. }
  170. /**
  171. *
  172. * class: App
  173. *
  174. * Our main application structure for the life of this page
  175. * Primarily deals with the URL that got us here
  176. * and tries to make some sense of it, and
  177. * stores our page contents and config storage
  178. * and anything else that might need to be passed around
  179. * before we spit the page out.
  180. *
  181. */
  182. if(! class_exists('App')) {
  183. class App {
  184. public $module_loaded = false;
  185. public $query_string;
  186. public $config;
  187. public $page;
  188. public $profile;
  189. public $user;
  190. public $cid;
  191. public $contact;
  192. public $contacts;
  193. public $page_contact;
  194. public $content;
  195. public $data;
  196. public $error = false;
  197. public $cmd;
  198. public $argv;
  199. public $argc;
  200. public $module;
  201. public $pager;
  202. public $strings;
  203. public $path;
  204. public $hooks;
  205. public $timezone;
  206. public $interactive = true;
  207. public $plugins;
  208. public $apps = Array();
  209. public $identities;
  210. private $scheme;
  211. private $hostname;
  212. private $baseurl;
  213. private $db;
  214. private $curl_code;
  215. private $curl_headers;
  216. function __construct() {
  217. $this->config = array();
  218. $this->page = array();
  219. $this->pager= array();
  220. $this->query_string = '';
  221. startup();
  222. $this->scheme = ((isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'])) ? 'https' : 'http' );
  223. if(x($_SERVER,'SERVER_NAME')) {
  224. $this->hostname = $_SERVER['SERVER_NAME'];
  225. if(x($_SERVER,'SERVER_PORT') && $_SERVER['SERVER_PORT'] != 80 && $_SERVER['SERVER_PORT'] != 443)
  226. $this->hostname .= ':' . $_SERVER['SERVER_PORT'];
  227. /**
  228. * Figure out if we are running at the top of a domain
  229. * or in a sub-directory and adjust accordingly
  230. */
  231. $path = trim(dirname($_SERVER['SCRIPT_NAME']),'/\\');
  232. if(isset($path) && strlen($path) && ($path != $this->path))
  233. $this->path = $path;
  234. }
  235. set_include_path(
  236. "include/$this->hostname" . PATH_SEPARATOR
  237. . 'include' . PATH_SEPARATOR
  238. . 'library' . PATH_SEPARATOR
  239. . 'library/phpsec' . PATH_SEPARATOR
  240. . '.' );
  241. if((x($_SERVER,'QUERY_STRING')) && substr($_SERVER['QUERY_STRING'],0,2) === "q=")
  242. $this->query_string = substr($_SERVER['QUERY_STRING'],2);
  243. if(x($_GET,'q'))
  244. $this->cmd = trim($_GET['q'],'/\\');
  245. /**
  246. *
  247. * Break the URL path into C style argc/argv style arguments for our
  248. * modules. Given "http://example.com/module/arg1/arg2", $this->argc
  249. * will be 3 (integer) and $this->argv will contain:
  250. * [0] => 'module'
  251. * [1] => 'arg1'
  252. * [2] => 'arg2'
  253. *
  254. *
  255. * There will always be one argument. If provided a naked domain
  256. * URL, $this->argv[0] is set to "home".
  257. *
  258. */
  259. $this->argv = explode('/',$this->cmd);
  260. $this->argc = count($this->argv);
  261. if((array_key_exists('0',$this->argv)) && strlen($this->argv[0])) {
  262. $this->module = str_replace(".", "_", $this->argv[0]);
  263. }
  264. else {
  265. $this->argc = 1;
  266. $this->argv = array('home');
  267. $this->module = 'home';
  268. }
  269. /**
  270. * Special handling for the webfinger/lrdd host XRD file
  271. */
  272. if($this->cmd === '.well-known/host-meta') {
  273. $this->argc = 1;
  274. $this->argv = array('hostxrd');
  275. $this->module = 'hostxrd';
  276. }
  277. /**
  278. * See if there is any page number information, and initialise
  279. * pagination
  280. */
  281. $this->pager['page'] = ((x($_GET,'page')) ? $_GET['page'] : 1);
  282. $this->pager['itemspage'] = 50;
  283. $this->pager['start'] = ($this->pager['page'] * $this->pager['itemspage']) - $this->pager['itemspage'];
  284. $this->pager['total'] = 0;
  285. }
  286. function get_baseurl($ssl = false) {
  287. $scheme = $this->scheme;
  288. if(x($this->config,'ssl_policy')) {
  289. if(($ssl) || ($this->config['ssl_policy'] == SSL_POLICY_FULL))
  290. $scheme = 'https';
  291. if(($this->config['ssl_policy'] == SSL_POLICY_SELFSIGN) && (local_user() || x($_POST,'auth-params')))
  292. $scheme = 'https';
  293. }
  294. $this->baseurl = $scheme . "://" . $this->hostname . ((isset($this->path) && strlen($this->path)) ? '/' . $this->path : '' );
  295. return $this->baseurl;
  296. }
  297. function set_baseurl($url) {
  298. $parsed = @parse_url($url);
  299. $this->baseurl = $url;
  300. if($parsed) {
  301. $this->scheme = $parsed['scheme'];
  302. $this->hostname = $parsed['host'];
  303. if(x($parsed,'port'))
  304. $this->hostname .= ':' . $parsed['port'];
  305. if(x($parsed,'path'))
  306. $this->path = trim($parsed['path'],'\\/');
  307. }
  308. }
  309. function get_hostname() {
  310. return $this->hostname;
  311. }
  312. function set_hostname($h) {
  313. $this->hostname = $h;
  314. }
  315. function set_path($p) {
  316. $this->path = trim(trim($p),'/');
  317. }
  318. function get_path() {
  319. return $this->path;
  320. }
  321. function set_pager_total($n) {
  322. $this->pager['total'] = intval($n);
  323. }
  324. function set_pager_itemspage($n) {
  325. $this->pager['itemspage'] = intval($n);
  326. $this->pager['start'] = ($this->pager['page'] * $this->pager['itemspage']) - $this->pager['itemspage'];
  327. }
  328. function init_pagehead() {
  329. $this->page['title'] = $this->config['sitename'];
  330. $tpl = file_get_contents('view/head.tpl');
  331. $this->page['htmlhead'] = replace_macros($tpl,array(
  332. '$baseurl' => $this->get_baseurl(), // FIXME for z_path!!!!
  333. '$generator' => 'Friendika' . ' ' . FRIENDIKA_VERSION,
  334. '$delitem' => t('Delete this item?'),
  335. '$comment' => t('Comment')
  336. ));
  337. }
  338. function set_curl_code($code) {
  339. $this->curl_code = $code;
  340. }
  341. function get_curl_code() {
  342. return $this->curl_code;
  343. }
  344. function set_curl_headers($headers) {
  345. $this->curl_headers = $headers;
  346. }
  347. function get_curl_headers() {
  348. return $this->curl_headers;
  349. }
  350. }}
  351. // retrieve the App structure
  352. // useful in functions which require it but don't get it passed to them
  353. if(! function_exists('get_app')) {
  354. function get_app() {
  355. global $a;
  356. return $a;
  357. }};
  358. // Multi-purpose function to check variable state.
  359. // Usage: x($var) or $x($array,'key')
  360. // returns false if variable/key is not set
  361. // if variable is set, returns 1 if has 'non-zero' value, otherwise returns 0.
  362. // e.g. x('') or x(0) returns 0;
  363. if(! function_exists('x')) {
  364. function x($s,$k = NULL) {
  365. if($k != NULL) {
  366. if((is_array($s)) && (array_key_exists($k,$s))) {
  367. if($s[$k])
  368. return (int) 1;
  369. return (int) 0;
  370. }
  371. return false;
  372. }
  373. else {
  374. if(isset($s)) {
  375. if($s) {
  376. return (int) 1;
  377. }
  378. return (int) 0;
  379. }
  380. return false;
  381. }
  382. }}
  383. // called from db initialisation if db is dead.
  384. if(! function_exists('system_unavailable')) {
  385. function system_unavailable() {
  386. include('system_unavailable.php');
  387. system_down();
  388. killme();
  389. }}
  390. function clean_urls() {
  391. global $a;
  392. // if($a->config['system']['clean_urls'])
  393. return true;
  394. // return false;
  395. }
  396. function z_path() {
  397. global $a;
  398. $base = $a->get_baseurl();
  399. if(! clean_urls())
  400. $base .= '/?q=';
  401. return $base;
  402. }
  403. function z_root() {
  404. global $a;
  405. return $a->get_baseurl();
  406. }
  407. function absurl($path) {
  408. if(strpos($path,'/') === 0)
  409. return z_path() . $path;
  410. return $path;
  411. }
  412. // Primarily involved with database upgrade, but also sets the
  413. // base url for use in cmdline programs which don't have
  414. // $_SERVER variables, and synchronising the state of installed plugins.
  415. if(! function_exists('check_config')) {
  416. function check_config(&$a) {
  417. $build = get_config('system','build');
  418. if(! x($build))
  419. $build = set_config('system','build',DB_UPDATE_VERSION);
  420. $url = get_config('system','url');
  421. // if the url isn't set or the stored url is radically different
  422. // than the currently visited url, store the current value accordingly.
  423. // "Radically different" ignores common variations such as http vs https
  424. // and www.example.com vs example.com.
  425. if((! x($url)) || (! link_compare($url,$a->get_baseurl())))
  426. $url = set_config('system','url',$a->get_baseurl());
  427. if($build != DB_UPDATE_VERSION) {
  428. $stored = intval($build);
  429. $current = intval(DB_UPDATE_VERSION);
  430. if(($stored < $current) && file_exists('update.php')) {
  431. load_config('database');
  432. // We're reporting a different version than what is currently installed.
  433. // Run any existing update scripts to bring the database up to current.
  434. require_once('update.php');
  435. // make sure that boot.php and update.php are the same release, we might be
  436. // updating right this very second and the correct version of the update.php
  437. // file may not be here yet. This can happen on a very busy site.
  438. if(DB_UPDATE_VERSION == UPDATE_VERSION) {
  439. for($x = $stored; $x < $current; $x ++) {
  440. if(function_exists('update_' . $x)) {
  441. // There could be a lot of processes running or about to run.
  442. // We want exactly one process to run the update command.
  443. // So store the fact that we're taking responsibility
  444. // after first checking to see if somebody else already has.
  445. // If the update fails or times-out completely you may need to
  446. // delete the config entry to try again.
  447. if(get_config('database','update_' . $x))
  448. break;
  449. set_config('database','update_' . $x, '1');
  450. // call the specific update
  451. $func = 'update_' . $x;
  452. $func($a);
  453. }
  454. }
  455. set_config('system','build', DB_UPDATE_VERSION);
  456. }
  457. }
  458. }
  459. /**
  460. *
  461. * Synchronise plugins:
  462. *
  463. * $a->config['system']['addon'] contains a comma-separated list of names
  464. * of plugins/addons which are used on this system.
  465. * Go through the database list of already installed addons, and if we have
  466. * an entry, but it isn't in the config list, call the uninstall procedure
  467. * and mark it uninstalled in the database (for now we'll remove it).
  468. * Then go through the config list and if we have a plugin that isn't installed,
  469. * call the install procedure and add it to the database.
  470. *
  471. */
  472. $r = q("SELECT * FROM `addon` WHERE `installed` = 1");
  473. if(count($r))
  474. $installed = $r;
  475. else
  476. $installed = array();
  477. $plugins = get_config('system','addon');
  478. $plugins_arr = array();
  479. if($plugins)
  480. $plugins_arr = explode(',',str_replace(' ', '',$plugins));
  481. $a->plugins = $plugins_arr;
  482. $installed_arr = array();
  483. if(count($installed)) {
  484. foreach($installed as $i) {
  485. if(! in_array($i['name'],$plugins_arr)) {
  486. uninstall_plugin($i['name']);
  487. }
  488. else
  489. $installed_arr[] = $i['name'];
  490. }
  491. }
  492. if(count($plugins_arr)) {
  493. foreach($plugins_arr as $p) {
  494. if(! in_array($p,$installed_arr)) {
  495. install_plugin($p);
  496. }
  497. }
  498. }
  499. load_hooks();
  500. return;
  501. }}
  502. function get_guid($size=16) {
  503. $exists = true; // assume by default that we don't have a unique guid
  504. do {
  505. $s = random_string($size);
  506. $r = q("select id from guid where guid = '%s' limit 1", dbesc($s));
  507. if(! count($r))
  508. $exists = false;
  509. } while($exists);
  510. q("insert into guid ( guid ) values ( '%s' ) ", dbesc($s));
  511. return $s;
  512. }
  513. // wrapper for adding a login box. If $register == true provide a registration
  514. // link. This will most always depend on the value of $a->config['register_policy'].
  515. // returns the complete html for inserting into the page
  516. if(! function_exists('login')) {
  517. function login($register = false) {
  518. $o = "";
  519. $reg = false;
  520. if ($register) {
  521. $reg = array(
  522. 'title' => t('Create a New Account'),
  523. 'desc' => t('Register')
  524. );
  525. }
  526. $noid = get_config('system','no_openid');
  527. if(local_user()) {
  528. $tpl = get_markup_template("logout.tpl");
  529. }
  530. else {
  531. $tpl = get_markup_template("login.tpl");
  532. }
  533. $o .= replace_macros($tpl,array(
  534. '$logout' => t('Logout'),
  535. '$login' => t('Login'),
  536. '$lname' => array('username', t('Nickname or Email address: ') , '', ''),
  537. '$lpassword' => array('password', t('Password: '), '', ''),
  538. '$openid' => !$noid,
  539. '$lopenid' => array('openid_url', t('OpenID: '),'',''),
  540. '$register' => $reg,
  541. '$lostpass' => t('Forgot your password?'),
  542. '$lostlink' => t('Password Reset'),
  543. ));
  544. call_hooks('login_hook',$o);
  545. return $o;
  546. }}
  547. // Used to end the current process, after saving session state.
  548. if(! function_exists('killme')) {
  549. function killme() {
  550. session_write_close();
  551. exit;
  552. }}
  553. // redirect to another URL and terminate this process.
  554. if(! function_exists('goaway')) {
  555. function goaway($s) {
  556. header("Location: $s");
  557. killme();
  558. }}
  559. // Returns the uid of locally logged in user or false.
  560. if(! function_exists('local_user')) {
  561. function local_user() {
  562. if((x($_SESSION,'authenticated')) && (x($_SESSION,'uid')))
  563. return intval($_SESSION['uid']);
  564. return false;
  565. }}
  566. // Returns contact id of authenticated site visitor or false
  567. if(! function_exists('remote_user')) {
  568. function remote_user() {
  569. if((x($_SESSION,'authenticated')) && (x($_SESSION,'visitor_id')))
  570. return intval($_SESSION['visitor_id']);
  571. return false;
  572. }}
  573. // contents of $s are displayed prominently on the page the next time
  574. // a page is loaded. Usually used for errors or alerts.
  575. if(! function_exists('notice')) {
  576. function notice($s) {
  577. $a = get_app();
  578. if(! x($_SESSION,'sysmsg')) $_SESSION['sysmsg'] = array();
  579. if($a->interactive)
  580. $_SESSION['sysmsg'][] = $s;
  581. }}
  582. if(! function_exists('info')) {
  583. function info($s) {
  584. $a = get_app();
  585. if(! x($_SESSION,'sysmsg_info')) $_SESSION['sysmsg_info'] = array();
  586. if($a->interactive)
  587. $_SESSION['sysmsg_info'][] = $s;
  588. }}
  589. // wrapper around config to limit the text length of an incoming message
  590. if(! function_exists('get_max_import_size')) {
  591. function get_max_import_size() {
  592. global $a;
  593. return ((x($a->config,'max_import_size')) ? $a->config['max_import_size'] : 0 );
  594. }}
  595. /**
  596. *
  597. * Function : profile_load
  598. * @parameter App $a
  599. * @parameter string $nickname
  600. * @parameter int $profile
  601. *
  602. * Summary: Loads a profile into the page sidebar.
  603. * The function requires a writeable copy of the main App structure, and the nickname
  604. * of a registered local account.
  605. *
  606. * If the viewer is an authenticated remote viewer, the profile displayed is the
  607. * one that has been configured for his/her viewing in the Contact manager.
  608. * Passing a non-zero profile ID can also allow a preview of a selected profile
  609. * by the owner.
  610. *
  611. * Profile information is placed in the App structure for later retrieval.
  612. * Honours the owner's chosen theme for display.
  613. *
  614. */
  615. if(! function_exists('profile_load')) {
  616. function profile_load(&$a, $nickname, $profile = 0) {
  617. if(remote_user()) {
  618. $r = q("SELECT `profile-id` FROM `contact` WHERE `id` = %d LIMIT 1",
  619. intval($_SESSION['visitor_id']));
  620. if(count($r))
  621. $profile = $r[0]['profile-id'];
  622. }
  623. $r = null;
  624. if($profile) {
  625. $profile_int = intval($profile);
  626. $r = q("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `user`.* FROM `profile`
  627. LEFT JOIN `user` ON `profile`.`uid` = `user`.`uid`
  628. WHERE `user`.`nickname` = '%s' AND `profile`.`id` = %d LIMIT 1",
  629. dbesc($nickname),
  630. intval($profile_int)
  631. );
  632. }
  633. if(! count($r)) {
  634. $r = q("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `user`.* FROM `profile`
  635. LEFT JOIN `user` ON `profile`.`uid` = `user`.`uid`
  636. WHERE `user`.`nickname` = '%s' AND `profile`.`is-default` = 1 LIMIT 1",
  637. dbesc($nickname)
  638. );
  639. }
  640. if(($r === false) || (! count($r))) {
  641. notice( t('No profile') . EOL );
  642. $a->error = 404;
  643. return;
  644. }
  645. $a->profile = $r[0];
  646. $a->page['title'] = $a->profile['name'] . " @ " . $a->config['sitename'];
  647. $_SESSION['theme'] = $a->profile['theme'];
  648. if(! (x($a->page,'aside')))
  649. $a->page['aside'] = '';
  650. $block = (((get_config('system','block_public')) && (! local_user()) && (! remote_user())) ? true : false);
  651. $a->page['aside'] .= profile_sidebar($a->profile, $block);
  652. /*if(! $block)
  653. $a->page['aside'] .= contact_block();*/
  654. return;
  655. }}
  656. /**
  657. *
  658. * Function: profile_sidebar
  659. *
  660. * Formats a profile for display in the sidebar.
  661. * It is very difficult to templatise the HTML completely
  662. * because of all the conditional logic.
  663. *
  664. * @parameter: array $profile
  665. *
  666. * Returns HTML string stuitable for sidebar inclusion
  667. * Exceptions: Returns empty string if passed $profile is wrong type or not populated
  668. *
  669. */
  670. if(! function_exists('profile_sidebar')) {
  671. function profile_sidebar($profile, $block = 0) {
  672. $a = get_app();
  673. $o = '';
  674. $location = false;
  675. $address = false;
  676. $pdesc = true;
  677. if((! is_array($profile)) && (! count($profile)))
  678. return $o;
  679. call_hooks('profile_sidebar_enter', $profile);
  680. // don't show connect link to yourself
  681. $connect = (($profile['uid'] != local_user()) ? t('Connect') : False);
  682. // don't show connect link to authenticated visitors either
  683. if((remote_user()) && ($_SESSION['visitor_visiting'] == $profile['uid']))
  684. $connect = False;
  685. // show edit profile to yourself
  686. if ($profile['uid'] == local_user()) {
  687. $profile['edit'] = array($a->get_baseurl(). '/profiles', t('Profiles'),"", t('Manage/edit profiles'));
  688. $r = q("SELECT * FROM `profile` WHERE `uid` = %d",
  689. local_user());
  690. $profile['menu'] = array(
  691. 'chg_photo' => t('Change profile photo'),
  692. 'cr_new' => t('Create New Profile'),
  693. 'entries' => array(),
  694. );
  695. if(count($r)) {
  696. foreach($r as $rr) {
  697. $profile['menu']['entries'][] = array(
  698. 'photo' => $rr['thumb'],
  699. 'id' => $rr['id'],
  700. 'alt' => t('Profile Image'),
  701. 'profile_name' => $rr['profile-name'],
  702. 'isdefault' => $rr['is-default'],
  703. 'visibile_to_everybody' => t('visible to everybody'),
  704. 'edit_visibility' => t('Edit visibility'),
  705. );
  706. }
  707. }
  708. }
  709. if((x($profile,'address') == 1)
  710. || (x($profile,'locality') == 1)
  711. || (x($profile,'region') == 1)
  712. || (x($profile,'postal-code') == 1)
  713. || (x($profile,'country-name') == 1))
  714. $location = t('Location:');
  715. $gender = ((x($profile,'gender') == 1) ? t('Gender:') : False);
  716. $marital = ((x($profile,'marital') == 1) ? t('Status:') : False);
  717. $homepage = ((x($profile,'homepage') == 1) ? t('Homepage:') : False);
  718. if(($profile['hidewall'] || $block) && (! local_user()) && (! remote_user())) {
  719. $location = $pdesc = $connect = $gender = $marital = $homepage = False;
  720. }
  721. $firstname = ((strpos($profile['name'],' '))
  722. ? trim(substr($profile['name'],0,strpos($profile['name'],' '))) : $profile['name']);
  723. $lastname = (($firstname === $profile['name']) ? '' : trim(substr($profile['name'],strlen($firstname))));
  724. $diaspora = array(
  725. 'podloc' => $a->get_baseurl(),
  726. 'searchable' => (($profile['publish'] && $profile['net-publish']) ? 'true' : 'false' ),
  727. 'nickname ' => $profile['nickname'],
  728. 'fullname' => $profile['name'],
  729. 'firstname' => $firstname,
  730. 'lastname' => $lastname,
  731. 'photo300' => $a->get_baseurl() . '/photo/custom/300/' . $profile['uid'] . '.jpg',
  732. 'photo100' => $a->get_baseurl() . '/photo/custom/100/' . $profile['uid'] . '.jpg',
  733. 'photo50' => $a->get_baseurl() . '/photo/custom/50/' . $profile['uid'] . '.jpg',
  734. );
  735. if (!$block){
  736. $contact_block = contact_block();
  737. }
  738. $tpl = get_markup_template('profile_vcard.tpl');
  739. $o .= replace_macros($tpl, array(
  740. '$profile' => $profile,
  741. '$connect' => $connect,
  742. '$location' => template_escape($location),
  743. '$gender' => $gender,
  744. '$pdesc' => $pdesc,
  745. '$marital' => $marital,
  746. '$homepage' => $homepage,
  747. '$diaspora' => $diaspora,
  748. '$contact_block' => $contact_block,
  749. ));
  750. $arr = array('profile' => &$profile, 'entry' => &$o);
  751. call_hooks('profile_sidebar', $arr);
  752. return $o;
  753. }}
  754. if(! function_exists('get_birthdays')) {
  755. function get_birthdays() {
  756. $a = get_app();
  757. $o = '';
  758. if(! local_user())
  759. return $o;
  760. $bd_format = t('g A l F d') ; // 8 AM Friday January 18
  761. $bd_short = t('F d');
  762. $r = q("SELECT `event`.*, `event`.`id` AS `eid`, `contact`.* FROM `event`
  763. LEFT JOIN `contact` ON `contact`.`id` = `event`.`cid`
  764. WHERE `event`.`uid` = %d AND `type` = 'birthday' AND `start` < '%s' AND `finish` > '%s'
  765. ORDER BY `start` DESC ",
  766. intval(local_user()),
  767. dbesc(datetime_convert('UTC','UTC','now + 6 days')),
  768. dbesc(datetime_convert('UTC','UTC','now'))
  769. );
  770. if($r && count($r)) {
  771. $total = 0;
  772. foreach($r as $rr)
  773. if(strlen($rr['name']))
  774. $total ++;
  775. if($total) {
  776. $o .= '<div id="birthday-notice" class="birthday-notice fakelink" onclick=openClose(\'birthday-wrapper\'); >' . t('Birthday Reminders') . ' ' . '(' . $total . ')' . '</div>';
  777. $o .= '<div id="birthday-wrapper" style="display: none;" ><div id="birthday-title">' . t('Birthdays this week:') . '</div>';
  778. // $o .= '<div id="birthday-adjust">' . t("\x28Adjusted for local time\x29") . '</div>';
  779. $o .= '<div id="birthday-title-end"></div>';
  780. foreach($r as $rr) {
  781. if(! strlen($rr['name']))
  782. continue;
  783. $now = strtotime('now');
  784. $today = (((strtotime($rr['start'] . ' +00:00') < $now) && (strtotime($rr['finish'] . ' +00:00') > $now)) ? true : false);
  785. $sparkle = '';
  786. $url = $rr['url'];
  787. if($rr['network'] === NETWORK_DFRN) {
  788. $sparkle = " sparkle";
  789. $url = $a->get_baseurl() . '/redir/' . $rr['cid'];
  790. }
  791. $o .= '<div class="birthday-list" id="birthday-' . $rr['eid'] . '"><a class="birthday-link$sparkle" target="redir" href="'
  792. . $url . '">' . $rr['name'] . '</a> '
  793. . day_translate(datetime_convert('UTC', $a->timezone, $rr['start'], $rr['adjust'] ? $bd_format : $bd_short)) . (($today) ? ' ' . t('[today]') : '')
  794. . '</div>' ;
  795. }
  796. $o .= '</div></div>';
  797. }
  798. }
  799. return $o;
  800. }}
  801. /**
  802. *
  803. * Wrap calls to proc_close(proc_open()) and call hook
  804. * so plugins can take part in process :)
  805. *
  806. * args:
  807. * $cmd program to run
  808. * next args are passed as $cmd command line
  809. *
  810. * e.g.: proc_run("ls","-la","/tmp");
  811. *
  812. * $cmd and string args are surrounded with ""
  813. */
  814. if(! function_exists('proc_run')) {
  815. function proc_run($cmd){
  816. $a = get_app();
  817. $args = func_get_args();
  818. $arr = array('args' => $args, 'run_cmd' => true);
  819. call_hooks("proc_run", $arr);
  820. if(! $arr['run_cmd'])
  821. return;
  822. if(count($args) && $args[0] === 'php')
  823. $args[0] = ((x($a->config,'php_path')) && (strlen($a->config['php_path'])) ? $a->config['php_path'] : 'php');
  824. foreach ($args as $arg){
  825. $arg = escapeshellarg($arg);
  826. }
  827. $cmdline = implode($args," ");
  828. proc_close(proc_open($cmdline." &",array(),$foo));
  829. }}
  830. if(! function_exists('current_theme')) {
  831. function current_theme(){
  832. $app_base_themes = array('duepuntozero', 'loozah');
  833. $a = get_app();
  834. $system_theme = ((isset($a->config['system']['theme'])) ? $a->config['system']['theme'] : '');
  835. $theme_name = ((is_array($_SESSION) && x($_SESSION,'theme')) ? $_SESSION['theme'] : $system_theme);
  836. if($theme_name && file_exists('view/theme/' . $theme_name . '/style.css'))
  837. return($theme_name);
  838. foreach($app_base_themes as $t) {
  839. if(file_exists('view/theme/' . $t . '/style.css'))
  840. return($t);
  841. }
  842. $fallback = glob('view/theme/*/style.css');
  843. if(count($fallback))
  844. return (str_replace('view/theme/','', str_replace("/style.css","",$fallback[0])));
  845. }}
  846. /*
  847. * Return full URL to theme which is currently in effect.
  848. * Provide a sane default if nothing is chosen or the specified theme does not exist.
  849. */
  850. if(! function_exists('current_theme_url')) {
  851. function current_theme_url() {
  852. global $a;
  853. $t = current_theme();
  854. return($a->get_baseurl() . '/view/theme/' . $t . '/style.css');
  855. }}
  856. if(! function_exists('feed_birthday')) {
  857. function feed_birthday($uid,$tz) {
  858. /**
  859. *
  860. * Determine the next birthday, but only if the birthday is published
  861. * in the default profile. We _could_ also look for a private profile that the
  862. * recipient can see, but somebody could get mad at us if they start getting
  863. * public birthday greetings when they haven't made this info public.
  864. *
  865. * Assuming we are able to publish this info, we are then going to convert
  866. * the start time from the owner's timezone to UTC.
  867. *
  868. * This will potentially solve the problem found with some social networks
  869. * where birthdays are converted to the viewer's timezone and salutations from
  870. * elsewhere in the world show up on the wrong day. We will convert it to the
  871. * viewer's timezone also, but first we are going to convert it from the birthday
  872. * person's timezone to GMT - so the viewer may find the birthday starting at
  873. * 6:00PM the day before, but that will correspond to midnight to the birthday person.
  874. *
  875. */
  876. $birthday = '';
  877. $p = q("SELECT `dob` FROM `profile` WHERE `is-default` = 1 AND `uid` = %d LIMIT 1",
  878. intval($uid)
  879. );
  880. if($p && count($p)) {
  881. $tmp_dob = substr($p[0]['dob'],5);
  882. if(intval($tmp_dob)) {
  883. $y = datetime_convert($tz,$tz,'now','Y');
  884. $bd = $y . '-' . $tmp_dob . ' 00:00';
  885. $t_dob = strtotime($bd);
  886. $now = strtotime(datetime_convert($tz,$tz,'now'));
  887. if($t_dob < $now)
  888. $bd = $y + 1 . '-' . $tmp_dob . ' 00:00';
  889. $birthday = datetime_convert($tz,'UTC',$bd,ATOM_TIME);
  890. }
  891. }
  892. return $birthday;
  893. }}
  894. if(! function_exists('is_site_admin')) {
  895. function is_site_admin() {
  896. $a = get_app();
  897. if(local_user() && x($a->user,'email') && x($a->config,'admin_email') && ($a->user['email'] === $a->config['admin_email']))
  898. return true;
  899. return false;
  900. }}
  901. if(! function_exists('load_contact_links')) {
  902. function load_contact_links($uid) {
  903. $a = get_app();
  904. $ret = array();
  905. if(! $uid || x($a->contacts,'empty'))
  906. return;
  907. $r = q("SELECT `id`,`network`,`url`,`thumb` FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 ",
  908. intval($uid)
  909. );
  910. if(count($r)) {
  911. foreach($r as $rr){
  912. $url = normalise_link($rr['url']);
  913. $ret[$url] = $rr;
  914. }
  915. }
  916. else
  917. $ret['empty'] = true;
  918. $a->contacts = $ret;
  919. return;
  920. }}
  921. if(! function_exists('profile_tabs')){
  922. function profile_tabs($a, $is_owner=False, $nickname=Null){
  923. //echo "<pre>"; var_dump($a->user); killme();
  924. if (is_null($nickname))
  925. $nickname = $a->user['nickname'];
  926. if(x($_GET,'tab'))
  927. $tab = notags(trim($_GET['tab']));
  928. $url = $a->get_baseurl() . '/profile/' . $nickname;
  929. $tabs = array(
  930. array(
  931. 'label'=>t('Status'),
  932. 'url' => $url,
  933. 'sel' => ((!isset($tab)&&$a->argv[0]=='profile')?'active':''),
  934. ),
  935. array(
  936. 'label' => t('Profile'),
  937. 'url' => $url.'/?tab=profile',
  938. 'sel' => (($tab=='profile')?'active':''),
  939. ),
  940. array(
  941. 'label' => t('Photos'),
  942. 'url' => $a->get_baseurl() . '/photos/' . $nickname,
  943. 'sel' => ((!isset($tab)&&$a->argv[0]=='photos')?'active':''),
  944. ),
  945. );
  946. if ($is_owner){
  947. $tabs[] = array(
  948. 'label' => t('Events'),
  949. 'url' => $a->get_baseurl() . '/events',
  950. 'sel' =>((!isset($tab)&&$a->argv[0]=='events')?'active':''),
  951. );
  952. $tabs[] = array(
  953. 'label' => t('Personal Notes'),
  954. 'url' => $a->get_baseurl() . '/notes',
  955. 'sel' =>((!isset($tab)&&$a->argv[0]=='notes')?'active':''),
  956. );
  957. }
  958. $tpl = get_markup_template('common_tabs.tpl');
  959. return replace_macros($tpl,array('$tabs'=>$tabs));
  960. }}