Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

2169 lines
56 KiB

<?php
require_once("include/template_processor.php");
require_once("include/friendica_smarty.php");
require_once("include/Smilies.php");
require_once("include/map.php");
require_once("mod/proxy.php");
if(! function_exists('replace_macros')) {
9 years ago
/**
* This is our template processor
*
* @param string|FriendicaSmarty $s the string requiring macro substitution,
9 years ago
* or an instance of FriendicaSmarty
* @param array $r key value pairs (search => replace)
* @return string substituted string
*/
function replace_macros($s,$r) {
$stamp1 = microtime(true);
$a = get_app();
// pass $baseurl to all templates
$r['$baseurl'] = $a->get_baseurl();
$t = $a->template_engine();
try {
$output = $t->replace_macros($s,$r);
} catch (Exception $e) {
echo "<pre><b>".__function__."</b>: ".$e->getMessage()."</pre>"; killme();
}
$a->save_timestamp($stamp1, "rendering");
return $output;
}}
// random string, there are 86 characters max in text mode, 128 for hex
// output is urlsafe
define('RANDOM_STRING_HEX', 0x00 );
define('RANDOM_STRING_TEXT', 0x01 );
if(! function_exists('random_string')) {
function random_string($size = 64,$type = RANDOM_STRING_HEX) {
// generate a bit of entropy and run it through the whirlpool
$s = hash('whirlpool', (string) rand() . uniqid(rand(),true) . (string) rand(),(($type == RANDOM_STRING_TEXT) ? true : false));
$s = (($type == RANDOM_STRING_TEXT) ? str_replace("\n","",base64url_encode($s,true)) : $s);
return(substr($s,0,$size));
}}
9 years ago
if(! function_exists('notags')) {
/**
* This is our primary input filter.
*
* The high bit hack only involved some old IE browser, forget which (IE5/Mac?)
* that had an XSS attack vector due to stripping the high-bit on an 8-bit character
* after cleansing, and angle chars with the high bit set could get through as markup.
*
* This is now disabled because it was interfering with some legitimate unicode sequences
* and hopefully there aren't a lot of those browsers left.
*
* Use this on any text input where angle chars are not valid or permitted
* They will be replaced with safer brackets. This may be filtered further
* if these are not allowed either.
*
9 years ago
* @param string $string Input string
* @return string Filtered string
*/
function notags($string) {
return(str_replace(array("<",">"), array('[',']'), $string));
// High-bit filter no longer used
// return(str_replace(array("<",">","\xBA","\xBC","\xBE"), array('[',']','','',''), $string));
}}
9 years ago
if(! function_exists('escape_tags')) {
9 years ago
/**
* use this on "body" or "content" input where angle chars shouldn't be removed,
* and allow them to be safely displayed.
* @param string $string
* @return string
*/
function escape_tags($string) {
return(htmlspecialchars($string, ENT_COMPAT, 'UTF-8', false));
}}
// generate a string that's random, but usually pronounceable.
// used to generate initial passwords
if(! function_exists('autoname')) {
9 years ago
/**
* generate a string that's random, but usually pronounceable.
9 years ago
* used to generate initial passwords
* @param int $len
* @return string
*/
function autoname($len) {
if($len <= 0)
return '';
$vowels = array('a','a','ai','au','e','e','e','ee','ea','i','ie','o','ou','u');
if(mt_rand(0,5) == 4)
$vowels[] = 'y';
$cons = array(
'b','bl','br',
'c','ch','cl','cr',
'd','dr',
'f','fl','fr',
'g','gh','gl','gr',
'h',
'j',
'k','kh','kl','kr',
'l',
'm',
'n',
'p','ph','pl','pr',
'qu',
'r','rh',
's','sc','sh','sm','sp','st',
't','th','tr',
'v',
'w','wh',
'x',
'z','zh'
);
$midcons = array('ck','ct','gn','ld','lf','lm','lt','mb','mm', 'mn','mp',
'nd','ng','nk','nt','rn','rp','rt');
$noend = array('bl', 'br', 'cl','cr','dr','fl','fr','gl','gr',
'kh', 'kl','kr','mn','pl','pr','rh','tr','qu','wh');
$start = mt_rand(0,2);
if($start == 0)
$table = $vowels;
else
$table = $cons;
$word = '';
for ($x = 0; $x < $len; $x ++) {
$r = mt_rand(0,count($table) - 1);
$word .= $table[$r];
if($table == $vowels)
$table = array_merge($cons,$midcons);
else
$table = $vowels;
}
$word = substr($word,0,$len);
foreach($noend as $noe) {
if((strlen($word) > 2) && (substr($word,-2) == $noe)) {
$word = substr($word,0,-1);
break;
}
}
if(substr($word,-1) == 'q')
$word = substr($word,0,-1);
return $word;
}}
// escape text ($str) for XML transport
// returns escaped text.
if(! function_exists('xmlify')) {
9 years ago
/**
* escape text ($str) for XML transport
* @param string $str
* @return string Escaped text.
*/
function xmlify($str) {
/* $buffer = '';
$len = mb_strlen($str);
for($x = 0; $x < $len; $x ++) {
$char = mb_substr($str,$x,1);
switch( $char ) {
case "\r" :
break;
case "&" :
$buffer .= '&amp;';
break;
case "'" :
$buffer .= '&apos;';
break;
case "\"" :
$buffer .= '&quot;';
break;
case '<' :
$buffer .= '&lt;';
break;
case '>' :
$buffer .= '&gt;';
break;
case "\n" :
$buffer .= "\n";
break;
default :
$buffer .= $char;
break;
}
}*/
/*
$buffer = mb_ereg_replace("&", "&amp;", $str);
$buffer = mb_ereg_replace("'", "&apos;", $buffer);
$buffer = mb_ereg_replace('"', "&quot;", $buffer);
$buffer = mb_ereg_replace("<", "&lt;", $buffer);
$buffer = mb_ereg_replace(">", "&gt;", $buffer);
*/
$buffer = htmlspecialchars($str, ENT_QUOTES, "UTF-8");
$buffer = trim($buffer);
return($buffer);
}}
if(! function_exists('unxmlify')) {
9 years ago
/**
* undo an xmlify
* @param string $s xml escaped text
* @return string unescaped text
*/
function unxmlify($s) {
// $ret = str_replace('&amp;','&', $s);
// $ret = str_replace(array('&lt;','&gt;','&quot;','&apos;'),array('<','>','"',"'"),$ret);
/*$ret = mb_ereg_replace('&amp;', '&', $s);
$ret = mb_ereg_replace('&apos;', "'", $ret);
$ret = mb_ereg_replace('&quot;', '"', $ret);
$ret = mb_ereg_replace('&lt;', "<", $ret);
$ret = mb_ereg_replace('&gt;', ">", $ret);
*/
$ret = htmlspecialchars_decode($s, ENT_QUOTES);
return $ret;
}}
if(! function_exists('hex2bin')) {
9 years ago
/**
* convenience wrapper, reverse the operation "bin2hex"
* @param string $s
* @return number
*/
function hex2bin($s) {
if(! (is_string($s) && strlen($s)))
return '';
if(! ctype_xdigit($s)) {
return($s);
}
return(pack("H*",$s));
}}
9 years ago
if(! function_exists('paginate_data')) {
9 years ago
/**
* Automatica pagination data.
9 years ago
*
* @param App $a App instance
* @param int $count [optional] item count (used with alt pager)
* @return Array data for pagination template
9 years ago
*/
function paginate_data(&$a, $count=null) {
$stripped = preg_replace('/([&?]page=[0-9]*)/','',$a->query_string);
$stripped = str_replace('q=','',$stripped);
$stripped = trim($stripped,'/');
$pagenum = $a->pager['page'];
if (($a->page_offset != "") AND !preg_match('/[?&].offset=/', $stripped))
$stripped .= "&offset=".urlencode($a->page_offset);
$url = $stripped;
$data = array();
function _l(&$d, $name, $url, $text, $class="") {
if (!strpos($url, "?")) {
if ($pos = strpos($url, "&"))
$url = substr($url, 0, $pos)."?".substr($url, $pos + 1);
}
$d[$name] = array('url'=>$url, 'text'=>$text, 'class'=>$class);
}
if (!is_null($count)){
// alt pager
if($a->pager['page']>1)
_l($data, "prev", $url.'&page='.($a->pager['page'] - 1), t('newer'));
if($count>0)
_l($data, "next", $url.'&page='.($a->pager['page'] + 1), t('older'));
} else {
// full pager
if($a->pager['total'] > $a->pager['itemspage']) {
if($a->pager['page'] != 1)
_l($data, "prev", $url.'&page='.($a->pager['page'] - 1), t('prev'));
_l($data, "first", $url."&page=1", t('first'));
$numpages = $a->pager['total'] / $a->pager['itemspage'];
$numstart = 1;
$numstop = $numpages;
if($numpages > 14) {
$numstart = (($pagenum > 7) ? ($pagenum - 7) : 1);
$numstop = (($pagenum > ($numpages - 7)) ? $numpages : ($numstart + 14));
}
$pages = array();
for($i = $numstart; $i <= $numstop; $i++){
if($i == $a->pager['page'])
_l($pages, $i, "#", $i, "current");
else
_l($pages, $i, $url."&page=$i", $i, "n");
}
if(($a->pager['total'] % $a->pager['itemspage']) != 0) {
if($i == $a->pager['page'])
_l($pages, $i, "#", $i, "current");
else
_l($pages, $i, $url."&page=$i", $i, "n");
}
$data['pages'] = $pages;
$lastpage = (($numpages > intval($numpages)) ? intval($numpages)+1 : $numpages);
_l($data, "last", $url."&page=$lastpage", t('last'));
if(($a->pager['total'] - ($a->pager['itemspage'] * $a->pager['page'])) > 0)
_l($data, "next", $url."&page=".($a->pager['page'] + 1), t('next'));
}
}
return $data;
}}
if(! function_exists('paginate')) {
/**
* Automatic pagination.
*
* To use, get the count of total items.
* Then call $a->set_pager_total($number_items);
* Optionally call $a->set_pager_itemspage($n) to the number of items to display on each page
* Then call paginate($a) after the end of the display loop to insert the pager block on the page
* (assuming there are enough items to paginate).
* When using with SQL, the setting LIMIT %d, %d => $a->pager['start'],$a->pager['itemspage']
* will limit the results to the correct items for the current page.
* The actual page handling is then accomplished at the application layer.
*
* @param App $a App instance
* @return string html for pagination #FIXME remove html
*/
function paginate(&$a) {
$data = paginate_data($a);
$tpl = get_markup_template("paginate.tpl");
return replace_macros($tpl, array("pager" => $data));
}}
if(! function_exists('alt_pager')) {
9 years ago
/**
* Alternative pager
* @param App $a App instance
* @param int $i
* @return string html for pagination #FIXME remove html
*/
function alt_pager(&$a, $i) {
$data = paginate_data($a, $i);
$tpl = get_markup_template("paginate.tpl");
return replace_macros($tpl, array('pager' => $data));
}}
if(! function_exists('scroll_loader')) {
/**
* Loader for infinite scrolling
* @return string html for loader
*/
function scroll_loader() {
$tpl = get_markup_template("scroll_loader.tpl");
return replace_macros($tpl, array(
'wait' => t('Loading more entries...'),
'end' => t('The end')
));
}}
if(! function_exists('expand_acl')) {
9 years ago
/**
* Turn user/group ACLs stored as angle bracketed text into arrays
*
9 years ago
* @param string $s
* @return array
*/
function expand_acl($s) {
// turn string array of angle-bracketed elements into numeric array
// e.g. "<1><2><3>" => array(1,2,3);
$ret = array();
if(strlen($s)) {
$t = str_replace('<','',$s);
$a = explode('>',$t);
foreach($a as $aa) {
if(intval($aa))
$ret[] = intval($aa);
}
}
return $ret;
}}
if(! function_exists('sanitise_acl')) {
9 years ago
/**
* Wrap ACL elements in angle brackets for storage
9 years ago
* @param string $item
*/
function sanitise_acl(&$item) {
if(intval($item))
$item = '<' . intval(notags(trim($item))) . '>';
else
unset($item);
}}
if(! function_exists('perms2str')) {
9 years ago
/**
* Convert an ACL array to a storable string
*
9 years ago
* Normally ACL permissions will be an array.
* We'll also allow a comma-separated string.
*
9 years ago
* @param string|array $p
* @return string
*/
function perms2str($p) {
$ret = '';
if(is_array($p))
$tmp = $p;
else
$tmp = explode(',',$p);
if(is_array($tmp)) {
array_walk($tmp,'sanitise_acl');
$ret = implode('',$tmp);
}
return $ret;
}}
if(! function_exists('item_new_uri')) {
9 years ago
/**
* generate a guaranteed unique (for this domain) item ID for ATOM
* safe from birthday paradox
*
9 years ago
* @param string $hostname
* @param int $uid
* @return string
*/
function item_new_uri($hostname,$uid, $guid = "") {
do {
$dups = false;
if ($guid == "")
$hash = get_guid(32);
else {
$hash = $guid;
$guid = "";
}
$uri = "urn:X-dfrn:" . $hostname . ':' . $uid . ':' . $hash;
$r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' LIMIT 1",
dbesc($uri));
if(count($r))
$dups = true;
} while($dups == true);
return $uri;
}}
// Generate a guaranteed unique photo ID.
// safe from birthday paradox
if(! function_exists('photo_new_resource')) {
9 years ago
/**
* Generate a guaranteed unique photo ID.
* safe from birthday paradox
*
9 years ago
* @return string
*/
function photo_new_resource() {
do {
$found = false;
$resource = hash('md5',uniqid(mt_rand(),true));
$r = q("SELECT `id` FROM `photo` WHERE `resource-id` = '%s' LIMIT 1",
dbesc($resource)
);
if(count($r))
$found = true;
} while($found == true);
return $resource;
}}
if(! function_exists('load_view_file')) {
9 years ago
/**
* @deprecated
* wrapper to load a view template, checking for alternate
* languages before falling back to the default
*
9 years ago
* @global string $lang
* @global App $a
* @param string $s view name
* @return string
*/
function load_view_file($s) {
global $lang, $a;
if(! isset($lang))
$lang = 'en';
$b = basename($s);
$d = dirname($s);
if(file_exists("$d/$lang/$b")) {
$stamp1 = microtime(true);
$content = file_get_contents("$d/$lang/$b");
$a->save_timestamp($stamp1, "file");
return $content;
}
$theme = current_theme();
if(file_exists("$d/theme/$theme/$b")) {
$stamp1 = microtime(true);
$content = file_get_contents("$d/theme/$theme/$b");
$a->save_timestamp($stamp1, "file");
return $content;
}
$stamp1 = microtime(true);
$content = file_get_contents($s);
$a->save_timestamp($stamp1, "file");
return $content;
}}
if(! function_exists('get_intltext_template')) {
9 years ago
/**
* load a view template, checking for alternate
* languages before falling back to the default
*
9 years ago
* @global string $lang
* @param string $s view path
* @return string
*/
function get_intltext_template($s) {
global $lang;
$a = get_app();
$engine = '';
if($a->theme['template_engine'] === 'smarty3')
$engine = "/smarty3";
if(! isset($lang))
$lang = 'en';
if(file_exists("view/lang/$lang$engine/$s")) {
$stamp1 = microtime(true);
$content = file_get_contents("view/lang/$lang$engine/$s");
$a->save_timestamp($stamp1, "file");
return $content;
} elseif(file_exists("view/lang/en$engine/$s")) {
$stamp1 = microtime(true);
$content = file_get_contents("view/lang/en$engine/$s");
$a->save_timestamp($stamp1, "file");
return $content;
} else {
$stamp1 = microtime(true);
$content = file_get_contents("view$engine/$s");
$a->save_timestamp($stamp1, "file");
return $content;
}
}}
if(! function_exists('get_markup_template')) {
9 years ago
/**
* load template $s
*
9 years ago
* @param string $s
* @param string $root
* @return string
*/
function get_markup_template($s, $root = '') {
$stamp1 = microtime(true);
$a = get_app();
$t = $a->template_engine();
try {
$template = $t->get_template_file($s, $root);
} catch (Exception $e) {
echo "<pre><b>".__function__."</b>: ".$e->getMessage()."</pre>"; killme();
}
$a->save_timestamp($stamp1, "file");
return $template;
}}
if(! function_exists("get_template_file")) {
9 years ago
/**
*
9 years ago
* @param App $a
* @param string $filename
* @param string $root
* @return string
*/
function get_template_file($a, $filename, $root = '') {
$theme = current_theme();
// Make sure $root ends with a slash /
if($root !== '' && $root[strlen($root)-1] !== '/')
$root = $root . '/';
if(file_exists("{$root}view/theme/$theme/$filename"))
$template_file = "{$root}view/theme/$theme/$filename";
elseif (x($a->theme_info,"extends") && file_exists("{$root}view/theme/{$a->theme_info["extends"]}/$filename"))
$template_file = "{$root}view/theme/{$a->theme_info["extends"]}/$filename";
elseif (file_exists("{$root}/$filename"))
$template_file = "{$root}/$filename";
else
$template_file = "{$root}view/$filename";
return $template_file;
}}
9 years ago
if(! function_exists('attribute_contains')) {
9 years ago
/**
* for html,xml parsing - let's say you've got
* an attribute foobar="class1 class2 class3"
* and you want to find out if it contains 'class3'.
* you can't use a normal sub string search because you
* might match 'notclass3' and a regex to do the job is
* possible but a bit complicated.
* pass the attribute string as $attr and the attribute you
9 years ago
* are looking for as $s - returns true if found, otherwise false
*
9 years ago
* @param string $attr attribute value
* @param string $s string to search
* @return boolean True if found, False otherwise
*/
function attribute_contains($attr,$s) {
$a = explode(' ', $attr);
if(count($a) && in_array($s,$a))
return true;
return false;
}}
if (! function_exists('logger')) {
/* setup int->string log level map */
$LOGGER_LEVELS = array();
9 years ago
/**
* @brief Logs the given message at the given log level
*
9 years ago
* log levels:
* LOGGER_NORMAL (default)
* LOGGER_TRACE
* LOGGER_DEBUG
* LOGGER_DATA
* LOGGER_ALL
*
9 years ago
* @global App $a
* @global dba $db
* @global array $LOGGER_LEVELS
9 years ago
* @param string $msg
* @param int $level
*/
function logger($msg, $level = 0) {
global $a;
10 years ago
global $db;
global $LOGGER_LEVELS;
$debugging = get_config('system','debugging');
$logfile = get_config('system','logfile');
$loglevel = intval(get_config('system','loglevel'));
// turn off logger in install mode
if (
$a->module == 'install'
|| ! ($db && $db->connected)
|| ! $debugging
|| ! $logfile
|| $level > $loglevel
) {
return;
}
if (count($LOGGER_LEVELS) == 0) {
foreach (get_defined_constants() as $k => $v) {
if (substr($k, 0, 7) == "LOGGER_") {
$LOGGER_LEVELS[$v] = substr($k, 7, 7);
}
}
}
$process_id = session_id();
if ($process_id == '') {
$process_id = get_app()->process_id;
}
$callers = debug_backtrace();
$logline = sprintf("%s@%s\t[%s]:%s:%s:%s\t%s\n",
datetime_convert(),
$process_id,
$LOGGER_LEVELS[$level],
basename($callers[0]['file']),
$callers[0]['line'],
$callers[1]['function'],
$msg
);
$stamp1 = microtime(true);
@file_put_contents($logfile, $logline, FILE_APPEND);
$a->save_timestamp($stamp1, "file");
}}
if(! function_exists('activity_match')) {
9 years ago
/**
* Compare activity uri. Knows about activity namespace.
*
9 years ago
* @param string $haystack
* @param string $needle
* @return boolean
*/
function activity_match($haystack,$needle) {
if(($haystack === $needle) || ((basename($needle) === $haystack) && strstr($needle,NAMESPACE_ACTIVITY_SCHEMA)))
return true;
return false;
}}
if(! function_exists('get_tags')) {
9 years ago
/**
* Pull out all #hashtags and @person tags from $s;
* We also get @person@domain.com - which would make
9 years ago
* the regex quite complicated as tags can also
* end a sentence. So we'll run through our results
* and strip the period from any tags which end with one.
* Returns array of tags found, or empty array.
*
9 years ago
* @param string $s
* @return array
*/
function get_tags($s) {
$ret = array();
// Convert hashtag links to hashtags
$s = preg_replace("/#\[url\=([^\[\]]*)\](.*?)\[\/url\]/ism", "#$2", $s);
// ignore anything in a code block
$s = preg_replace('/\[code\](.*?)\[\/code\]/sm','',$s);
// Force line feeds at bbtags
$s = str_replace(array("[", "]"), array("\n[", "]\n"), $s);
// ignore anything in a bbtag
$s = preg_replace('/\[(.*?)\]/sm','',$s);
// Match full names against @tags including the space between first and last
// We will look these up afterward to see if they are full names or not recognisable.
if(preg_match_all('/(@[^ \x0D\x0A,:?]+ [^ \x0D\x0A@,:?]+)([ \x0D\x0A@,:?]|$)/',$s,$match)) {
foreach($match[1] as $mtch) {
if(strstr($mtch,"]")) {
// we might be inside a bbcode color tag - leave it alone
continue;
}
if(substr($mtch,-1,1) === '.')
$ret[] = substr($mtch,0,-1);
else
$ret[] = $mtch;
}
}
// Otherwise pull out single word tags. These can be @nickname, @first_last
// and #hash tags.
if(preg_match_all('/([!#@][^ \x0D\x0A,;:?]+)([ \x0D\x0A,;:?]|$)/',$s,$match)) {
foreach($match[1] as $mtch) {
if(strstr($mtch,"]")) {
// we might be inside a bbcode color tag - leave it alone
continue;
}
if(substr($mtch,-1,1) === '.')
$mtch = substr($mtch,0,-1);
// ignore strictly numeric tags like #1
if((strpos($mtch,'#') === 0) && ctype_digit(substr($mtch,1)))
continue;
// try not to catch url fragments
if(strpos($s,$mtch) && preg_match('/[a-zA-z0-9\/]/',substr($s,strpos($s,$mtch)-1,1)))
continue;
$ret[] = $mtch;
}
}
return $ret;
}}
//
if(! function_exists('qp')) {
9 years ago
/**
* quick and dirty quoted_printable encoding
*
9 years ago
* @param string $s
* @return string