community page

include/main.js

@@ -71,8 +71,9 @@
 
 	function NavUpdate() {
 
-		if($('#live-network').length) { src = 'network'; liveUpdate(); }
-		if($('#live-profile').length) { src = 'profile'; liveUpdate(); }
+		if($('#live-network').length)   { src = 'network'; liveUpdate(); }
+		if($('#live-profile').length)   { src = 'profile'; liveUpdate(); }
+		if($('#live-community').length) { src = 'community'; liveUpdate(); }
 		if($('#live-display').length) { 
 			if(liking) {
 				liking = 0;

include/nav.php

@@ -60,10 +60,9 @@ function nav(&$a) {
 
 	$help_url = $a->get_baseurl() . '/help';
 
-	if(! get_config('system','hide-help'))
+	if(! get_config('system','hide_help'))
 		$nav['help'] = array($help_url, t('Help'), "");
 
-
 	if($a->apps)
 		$nav['apps'] = array('apps', t('Apps'), "");
 
@@ -76,6 +75,8 @@ function nav(&$a) {
 		if(strlen($gdir))
 			$gdirpath = $gdir;
 	}
+	elseif(! get_config('system','no_community_page'))
+		$nav['community'] = array('community', t('Community'), "");
 
 	$nav['directory'] = array($gdirpath, t('Directory'), ""); 
 

mod/admin.php

@@ -1,4 +1,5 @@
 <?php
+
  /**
   * Friendika admin
   */
@@ -80,7 +81,7 @@ function admin_content(&$a) {
 	$t = get_markup_template("admin_aside.tpl");
 	$a->page['aside'] = replace_macros( $t, array(
 			'$admin' => $aside, 
-			'$h_pending' => t('User registrations waiting for confirm'),
+			'$h_pending' => t('User registrations waiting for confirmation'),
 			'$admurl'=> $a->get_baseurl()."/admin/"
 	));
 
@@ -176,12 +177,13 @@ function admin_page_site_post(&$a){
 	$block_public		=	((x($_POST,'block_public'))		? True	:	False);
 	$force_publish		=	((x($_POST,'publish_all'))		? True	:	False);
 	$global_directory	=	((x($_POST,'directory_submit_url'))	? notags(trim($_POST['directory_submit_url']))	: '');
-	$global_search_url	=	((x($_POST,'directory_search_url'))? notags(trim($_POST['directory_search_url']))	: '');
 	$no_multi_reg		=	((x($_POST,'no_multi_reg'))		? True	:	False);
 	$no_openid			=	!((x($_POST,'no_openid'))		? True	:	False);
 	$no_gravatar		=	!((x($_POST,'no_gravatar'))		? True	:	False);
 	$no_regfullname		=	!((x($_POST,'no_regfullname'))	? True	:	False);
 	$no_utf				=	!((x($_POST,'no_utf'))			? True	:	False);
+	$no_community_page	=	!((x($_POST,'no_community_page'))	? True	:	False);
+
 	$verifyssl			=	((x($_POST,'verifyssl'))		? True	:	False);
 	$proxyuser			=	((x($_POST,'proxyuser'))		? notags(trim($_POST['global_search_url']))	: '');
 	$proxy				=	((x($_POST,'proxy'))			? notags(trim($_POST['global_search_url']))	: '');
@@ -222,6 +224,7 @@ function admin_page_site_post(&$a){
 	set_config('system','no_openid', $no_openid);
 	set_config('system','no_gravatar', $no_gravatar);
 	set_config('system','no_regfullname', $no_regfullname);
+	set_config('system','no_community_page', $no_community_page);
 	set_config('system','proxy', $no_utf);
 	set_config('system','verifyssl', $verifyssl);
 	set_config('system','proxyuser', $proxyuser);
@@ -266,14 +269,15 @@ function admin_page_site(&$a) {
 	/* Banner */
 	$banner = get_config('system','banner');
 	if($banner == false) 
-		$banner = htmlspecialchars('<a href="http://project.friendika.com"><img id="logo-img" src="images/friendika-32.png" alt="logo" /></a><span id="logo-text"><a href="http://project.friendika.com">Friendika</a></span>');
+		$banner = '<a href="http://project.friendika.com"><img id="logo-img" src="images/friendika-32.png" alt="logo" /></a><span id="logo-text"><a href="http://project.friendika.com">Friendika</a></span>';
+	$banner = htmlspecialchars($banner);
 	
 	//echo "<pre>"; var_dump($lang_choices); die("</pre>");
 
 	/* Register policy */
 	$register_choices = Array(
 		REGISTER_CLOSED => t("Closed"),
-		REGISTER_APPROVE => t("Need approvation"),
+		REGISTER_APPROVE => t("Requires approval"),
 		REGISTER_OPEN => t("Open")
 	); 
 	
@@ -284,12 +288,12 @@ function admin_page_site(&$a) {
 		'$submit' => t('Submit'),
 		'$registration' => t('Registration'),
 		'$upload' => t('File upload'),
-		'$corporate' => t('Corporate/Edu'),
+		'$corporate' => t('Policies'),
 		'$advanced' => t('Advanced'),
 		
 		'$baseurl' => $a->get_baseurl(),
 									// name, label, value, help string, extra data...
-		'$sitename' 		=> array('sitename', t("Site name"), $a->config['sitename'], ""),
+		'$sitename' 		=> array('sitename', t("Site name"), htmlentities($a->config['sitename'], ENT_QUOTES), ""),
 		'$banner'			=> array('banner', t("Banner/Logo"), $banner, ""),
 		'$language' 		=> array('language', t("System language"), get_config('system','language'), "", $lang_choices),
 		'$theme' 			=> array('theme', t("System theme"), get_config('system','theme'), "Default system theme (which may be over-ridden by user profiles)", $theme_choices),
@@ -297,21 +301,19 @@ function admin_page_site(&$a) {
 		'$maximagesize'		=> array('maximagesize', t("Maximum image size"), get_config('system','maximagesize'), "Maximum size in bytes of uploaded images. Default is 0, which means no limits."),
 
 		'$register_policy'	=> array('register_policy', t("Register policy"), $a->config['register_policy'], "", $register_choices),
-		'$register_text'	=> array('register_text', t("Register text"), $a->config['register_text'], "Will be displayed prominently on the registration page."),
+		'$register_text'	=> array('register_text', t("Register text"), htmlentities($a->config['register_text'], ENT_QUOTES), "Will be displayed prominently on the registration page."),
 		'$allowed_sites'	=> array('allowed_sites', t("Allowed friend domains"), get_config('system','allowed_sites'), "Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains"),
 		'$allowed_email'	=> array('allowed_email', t("Allowed email domains"), get_config('system','allowed_email'), "Comma separated list of domains which are allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains"),
 		'$block_public'		=> array('block_public', t("Block public"), get_config('system','block_public'), "Check to block public access to all otherwise public personal pages on this site unless you are currently logged in."),
 		'$force_publish'	=> array('publish_all', t("Force publish"), get_config('system','publish_all'), "Check to force all profiles on this site to be listed in the site directory."),
 		'$global_directory'	=> array('directory_submit_url', t("Global directory update URL"), get_config('system','directory_submit_url'), "URL to update the global directory. If this is not set, the global directory is completely unavailable to the application."),
-		'$global_search_url'=> array('directory_search_url', t("Global directory search URL"), get_config('system','directory_search_url'), ""),
-			
 			
 		'$no_multi_reg'		=> array('no_multi_reg', t("Block multiple registrations"),  get_config('system','block_extended_register'), "Disallow users to register additional accounts for use as pages."),
 		'$no_openid'		=> array('no_openid', t("OpenID support"), !get_config('system','no_openid'), "OpenID support for registration and logins."),
 		'$no_gravatar'		=> array('no_gravatar', t("Gravatar support"), !get_config('system','no_gravatar'), "Search new user's photo on Gravatar."),
-		'$no_regfullname'	=> array('no_regfullname', t("Fullname check"), !get_config('system','no_regfullname'), "Force users to registrate with a space between his firsname and lastname in Full name, as an antispam measure"),
+		'$no_regfullname'	=> array('no_regfullname', t("Fullname check"), !get_config('system','no_regfullname'), "Force users to register with a space between firstname and lastname in Full name, as an antispam measure"),
 		'$no_utf'			=> array('no_utf', t("UTF-8 Regular expressions"), !get_config('system','proxy'), "Use PHP UTF8 regular expressions"),
-			
+		'$no_community_page' => array('no_community_page', t("Show Community Page"), !get_config('system','no_community_page'), "Display a Community page showing all recent public postings on this site."),	
 		'$verifyssl' 		=> array('verifyssl', t("Verify SSL"), get_config('system','verifyssl'), "If you wish, you can turn on strict certificate checking. This will mean you cannot connect (at all) to self-signed SSL sites."),
 		'$proxyuser'		=> array('proxyuser', t("Proxy user"), get_config('system','proxyuser'), ""),
 		'$proxy'			=> array('proxy', t("Proxy URL"), get_config('system','proxy'), ""),

mod/community.php

@@ -0,0 +1,88 @@
+<?php
+
+
+function community_content(&$a, $update = 0) {
+
+	$o = '';
+
+	if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
+		notice( t('Public access denied.') . EOL);
+		return;
+	}
+
+	if(! get_config('system','no_community_page')) {
+		notice( t('Not available.') . EOL);
+		return;
+	}
+
+	require_once("include/bbcode.php");
+	require_once('include/security.php');
+	require_once('include/conversation.php');
+
+	if(x($_SESSION,'theme'))
+		unset($_SESSION['theme']);
+
+
+	$o .= '<h3>' . t('Community') . '</h3>';
+	if(! $update) {
+		$o .= '<script>	$(document).ready(function() { $(\'#nav-community-link\').addClass(\'nav-selected\'); });</script>';
+		$o .= '<div id="live-community"></div>' . "\r\n";
+		$o .= "<script> var profile_uid = -1; var netargs = ''; var profile_page = " . $a->pager['page'] . "; </script>\r\n";
+	}
+
+	if(x($a->data,'search'))
+		$search = notags(trim($a->data['search']));
+	else
+		$search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : '');
+
+
+	// Here is the way permissions work in this module...
+	// Only public wall posts can be shown
+	// OR your own posts if you are a logged in member
+
+
+	$r = q("SELECT COUNT(*) AS `total`
+		FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` LEFT JOIN `profile` ON `profile`.`uid` = `item`.`uid`
+		WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0
+		AND `wall` = 1 AND `item`.`allow_cid` = ''  AND `item`.`allow_gid` = '' 
+		AND `item`.`deny_cid`  = '' AND `item`.`deny_gid`  = '' AND `profile`.`hidewall` = 0 
+		AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `profile`.`is-default` = 1 "
+	);
+
+	if(count($r))
+		$a->set_pager_total($r[0]['total']);
+
+	if(! $r[0]['total']) {
+		info( t('No results.') . EOL);
+		return $o;
+	}
+
+	$r = q("SELECT `item`.*, `item`.`id` AS `item_id`, 
+		`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
+		`contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`, 
+		`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`,
+		`user`.`nickname`, `profile`.`hidewall`
+		FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
+		LEFT JOIN `user` ON `user`.`uid` = `item`.`uid`
+		LEFT JOIN `profile` ON `profile`.`uid` = `item`.`uid` 
+		WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0
+		AND `wall` = 1 AND `item`.`allow_cid` = ''  AND `item`.`allow_gid` = '' 
+		AND `item`.`deny_cid`  = '' AND `item`.`deny_gid`  = '' AND `profile`.`hidewall` = 0 
+		AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `profile`.`is-default` = 1
+		ORDER BY `received` DESC LIMIT %d, %d ",
+		intval($a->pager['start']),
+		intval($a->pager['itemspage'])
+
+	);
+
+	// we behave the same in message lists as the search module
+
+	$o .= conversation($a,$r,'search',false);
+
+	$o .= paginate($a);
+
+	$o .= '<div class="cc-license">' . t('Shared content is covered by the <a href="http://creativecommons.org/licenses/by/3.0/">Creative Commons Attribution 3.0</a> license.') . '</div>';
+
+	return $o;
+}
+

mod/search.php

@@ -79,9 +79,12 @@ function search_content(&$a) {
 			OR `item`.`uid` = %d )
 		AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `profile`.`is-default` = 1
 		$search_alg
-		ORDER BY `parent` DESC ",
+		ORDER BY `received` DESC LIMIT %d , %d ",
 		intval(local_user()),
-		dbesc($search)
+		dbesc($search),
+		intval($a->pager['start']),
+		intval($a->pager['itemspage'])
+
 	);
 
 

mod/update_community.php

@@ -0,0 +1,33 @@
+<?php
+
+// See update_profile.php for documentation
+
+require_once('mod/community.php');
+
+function update_community_content(&$a) {
+
+	header("Content-type: text/html");
+	echo "<!DOCTYPE html><html><body>\r\n";
+	echo (($_GET['msie'] == 1) ? '<div>' : '<section>');
+
+        $text = community_content($a,true);
+        $pattern = "/<img([^>]*) src=\"([^\"]*)\"/";
+        $replace = "<img\${1} dst=\"\${2}\"";
+        $text = preg_replace($pattern, $replace, $text);
+
+		$replace = '<br />' . t('[Embedded content - reload page to view]') . '<br />';
+        $pattern = "/<\s*audio[^>]*>(.*?)<\s*\/\s*audio>/i";
+        $text = preg_replace($pattern, $replace, $text);
+        $pattern = "/<\s*video[^>]*>(.*?)<\s*\/\s*video>/i";
+        $text = preg_replace($pattern, $replace, $text);
+        $pattern = "/<\s*embed[^>]*>(.*?)<\s*\/\s*embed>/i";
+        $text = preg_replace($pattern, $replace, $text);
+        $pattern = "/<\s*iframe[^>]*>(.*?)<\s*\/\s*iframe>/i";
+        $text = preg_replace($pattern, $replace, $text);
+
+        echo str_replace("\t",'       ',$text);
+	echo (($_GET['msie'] == 1) ? '</div>' : '</section>');
+	echo "</body></html>\r\n";
+	killme();
+
+}

view/admin_site.tpl

@@ -29,8 +29,8 @@
 	{{ inc field_input.tpl with $field=$allowed_email }}{{ endinc }}
 	{{ inc field_checkbox.tpl with $field=$block_public }}{{ endinc }}
 	{{ inc field_checkbox.tpl with $field=$force_publish }}{{ endinc }}
+	{{ inc field_checkbox.tpl with $field=$no_community_page }}{{ endinc }}
 	{{ inc field_input.tpl with $field=$global_directory }}{{ endinc }}
-	{{ inc field_input.tpl with $field=$global_search_url }}{{ endinc }}
 	
 	<div class="submit"><input type="submit" name="page_site" value="$submit" /></div>
 	

view/nav.tpl

@@ -26,6 +26,9 @@ $langselector
 <a id="nav-home-link" class="nav-commlink $nav.home.2" href="$nav.home.0">$nav.home.1</a>
 <span id="home-update" class="nav-ajax-left"></span>
 {{ endif }}
+{{ if $nav.community }}
+<a id="nav-community-link" class="nav-commlink $nav.community.2" href="$nav.community.0">$nav.community.1</a>
+{{ endif }}
 {{ if $nav.notifications }}
 <a id="nav-notify-link" class="nav-commlink $nav.notifications.2" href="$nav.notifications.0">$nav.notifications.1</a>
 <span id="notify-update" class="nav-ajax-left"></span>