Decaf mobile: an (almost) Javascript-free theme

10 years ago · 488a38cd85
300 changed files with 11117 additions and 328 deletions
--- a/boot.php
+++ b/boot.php
@ -1935,6 +1935,36 @@ function build_querystring($params, $name=null) {
    return $ret;    
 }

+function explode_querystring($query) {
+	$arg_st = strpos($query, '?');
+	if($arg_st !== false) {
+		$base = substr($query, 0, $arg_st);
+		$arg_st += 1;
+	}
+	else {
+		$base = '';
+		$arg_st = 0;
+	}
+
+	$args = explode('&', substr($query, $arg_st));
+	foreach($args as $k=>$arg) {
+		if($arg === '')
+			unset($args[$k]);
+	}
+	$args = array_values($args);
+
+	if(!$base) {
+		$base = $args[0];
+		unset($args[0]);
+		$args = array_values($args);
+	}
+
+	return array(
+		'base' => $base,
+		'args' => $args,
+	);
+}
+
 /**
 * Returns the complete URL of the current page, e.g.: http(s)://something.com/network
 *
--- a/include/Contact.php
+++ b/include/Contact.php
@ -222,13 +222,13 @@ function contact_photo_menu($contact) {
 	$posts_link = $a->get_baseurl() . '/network/?cid=' . $contact['id'];

 	$menu = Array(
-		t("Poke") => $poke_link,
-		t("View Status") => $status_link,
-		t("View Profile") => $profile_link,
-		t("View Photos") => $photos_link,		
-		t("Network Posts") => $posts_link, 
-		t("Edit Contact") => $contact_url,
-		t("Send PM") => $pm_url,
+		'poke' => array(t("Poke"), $poke_link),
+		'status' => array(t("View Status"), $status_link),
+		'profile' => array(t("View Profile"), $profile_link),
+		'photos' => array(t("View Photos"), $photos_link),		
+		'network' => array(t("Network Posts"), $posts_link), 
+		'edit' => array(t("Edit Contact"), $contact_url),
+		'pm' => array(t("Send PM"), $pm_url),
 	);
 	
 	
@ -236,7 +236,7 @@ function contact_photo_menu($contact) {
 	
 	call_hooks('contact_photo_menu', $args);
 	
-	$o = "";
+/*	$o = "";
 	foreach($menu as $k=>$v){
 		if ($v!="") {
 			if(($k !== t("Network Posts")) && ($k !== t("Send PM")) && ($k !== t('Edit Contact')))
@ -245,7 +245,16 @@ function contact_photo_menu($contact) {
 				$o .= "<li><a href=\"$v\">$k</a></li>\n";
 		}
 	}
-	return $o;
+	return $o;*/
+	foreach($menu as $k=>$v){
+		if ($v[1]!="") {
+			if(($v[0] !== t("Network Posts")) && ($v[0] !== t("Send PM")) && ($v[0] !== t('Edit Contact')))
+				$menu[$k][2] = 1;
+			else
+				$menu[$k][2] = 0;
+		}
+	}
+	return $menu;
 }}


--- a/include/acl_selectors.php
+++ b/include/acl_selectors.php
@ -1,4 +1,7 @@
 <?php
+
+require_once("include/contact_selectors.php");
+
 /**
 * 
 */
@ -243,9 +246,7 @@ function prune_deadguys($arr) {
 }


-
-function populate_acl($user = null,$celeb = false) {
-
+function get_acl_permissions($user = null) {
 	$allow_cid = $allow_gid = $deny_cid = $deny_gid = false;

 	if(is_array($user)) {
@ -265,6 +266,19 @@ function populate_acl($user = null,$celeb = false) {

 	$allow_cid = prune_deadguys($allow_cid);

+	return array(
+		'allow_cid' => $allow_cid,
+		'allow_gid' => $allow_gid,
+		'deny_cid' => $deny_cid,
+		'deny_gid' => $deny_gid,
+	);
+}
+
+
+function populate_acl($user = null,$celeb = false) {
+
+	$perms = get_acl_permissions($user);
+
 	// We shouldn't need to prune deadguys from the block list. Either way they can't get the message.
 	// Also no point enumerating groups and checking them, that will take place on delivery.

@ -311,10 +325,10 @@ function populate_acl($user = null,$celeb = false) {
 		'$showall'=> t("Visible to everybody"),
 		'$show'		 => t("show"),
 		'$hide'		 => t("don't show"),
-		'$allowcid' => json_encode($allow_cid),
-		'$allowgid' => json_encode($allow_gid),
-		'$denycid' => json_encode($deny_cid),
-		'$denygid' => json_encode($deny_gid),
+		'$allowcid' => json_encode($perms['allow_cid']),
+		'$allowgid' => json_encode($perms['allow_gid']),
+		'$denycid' => json_encode($perms['deny_cid']),
+		'$denygid' => json_encode($perms['deny_gid']),
 	));
 	
 	
@ -322,3 +336,238 @@ function populate_acl($user = null,$celeb = false) {

 }

+function construct_acl_data(&$a, $user) {
+
+	// Get group and contact information for html ACL selector
+	$acl_data = acl_lookup(&$a, 'html');
+
+	$user_defaults = get_acl_permissions($user);
+
+	if($acl_data['groups']) {
+		foreach($acl_data['groups'] as $key=>$group) {
+			// Add a "selected" flag to groups that are posted to by default
+			if($user_defaults['allow_gid'] &&
+			   in_array($group['id'], $user_defaults['allow_gid']) && !in_array($group['id'], $user_defaults['deny_gid']) )
+				$acl_data['groups'][$key]['selected'] = 1;
+			else
+				$acl_data['groups'][$key]['selected'] = 0;
+		}
+	}
+	if($acl_data['contacts']) {
+		foreach($acl_data['contacts'] as $key=>$contact) {
+			// Add a "selected" flag to groups that are posted to by default
+			if($user_defaults['allow_cid'] &&
+			   in_array($contact['id'], $user_defaults['allow_cid']) && !in_array($contact['id'], $user_defaults['deny_cid']) )
+				$acl_data['contacts'][$key]['selected'] = 1;
+			else
+				$acl_data['contacts'][$key]['selected'] = 0;
+		}
+	}
+
+	return $acl_data;
+
+}
+
+function acl_lookup(&$a, $out_type = 'json') {
+
+	if(!local_user())
+		return "";
+
+
+	$start = (x($_REQUEST,'start')?$_REQUEST['start']:0);
+	$count = (x($_REQUEST,'count')?$_REQUEST['count']:100);
+	$search = (x($_REQUEST,'search')?$_REQUEST['search']:"");
+	$type = (x($_REQUEST,'type')?$_REQUEST['type']:"");
+	
+
+	// For use with jquery.autocomplete for private mail completion
+
+	if(x($_REQUEST,'query') && strlen($_REQUEST['query'])) {
+		if(! $type)
+			$type = 'm';
+		$search = $_REQUEST['query'];
+	}
+
+
+	if ($search!=""){
+		$sql_extra = "AND `name` LIKE '%%".dbesc($search)."%%'";
+		$sql_extra2 = "AND (`attag` LIKE '%%".dbesc($search)."%%' OR `name` LIKE '%%".dbesc($search)."%%' OR `nick` LIKE '%%".dbesc($search)."%%')";
+	} else {
+		$sql_extra = $sql_extra2 = "";
+	}
+	
+	// count groups and contacts
+	if ($type=='' || $type=='g'){
+		$r = q("SELECT COUNT(`id`) AS g FROM `group` WHERE `deleted` = 0 AND `uid` = %d $sql_extra",
+			intval(local_user())
+		);
+		$group_count = (int)$r[0]['g'];
+	} else {
+		$group_count = 0;
+	}
+	
+	if ($type=='' || $type=='c'){
+		$r = q("SELECT COUNT(`id`) AS c FROM `contact` 
+				WHERE `uid` = %d AND `self` = 0 
+				AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0
+				AND `notify` != '' $sql_extra2" ,
+			intval(local_user())
+		);
+		$contact_count = (int)$r[0]['c'];
+	} 
+	elseif ($type == 'm') {
+
+		// autocomplete for Private Messages
+
+		$r = q("SELECT COUNT(`id`) AS c FROM `contact` 
+				WHERE `uid` = %d AND `self` = 0 
+				AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0 
+				AND `network` IN ('%s','%s','%s') $sql_extra2" ,
+			intval(local_user()),
+			dbesc(NETWORK_DFRN),
+			dbesc(NETWORK_ZOT),
+			dbesc(NETWORK_DIASPORA)
+		);
+		$contact_count = (int)$r[0]['c'];
+
+	}
+	elseif ($type == 'a') {
+
+		// autocomplete for Contacts
+
+		$r = q("SELECT COUNT(`id`) AS c FROM `contact` 
+				WHERE `uid` = %d AND `self` = 0 
+				AND `pending` = 0 $sql_extra2" ,
+			intval(local_user())
+		);
+		$contact_count = (int)$r[0]['c'];
+
+	} else {
+		$contact_count = 0;
+	}
+	
+	$tot = $group_count+$contact_count;
+	
+	$groups = array();
+	$contacts = array();
+	
+	if ($type=='' || $type=='g'){
+		
+		$r = q("SELECT `group`.`id`, `group`.`name`, GROUP_CONCAT(DISTINCT `group_member`.`contact-id` SEPARATOR ',') as uids
+				FROM `group`,`group_member` 
+				WHERE `group`.`deleted` = 0 AND `group`.`uid` = %d 
+					AND `group_member`.`gid`=`group`.`id`
+					$sql_extra
+				GROUP BY `group`.`id`
+				ORDER BY `group`.`name` 
+				LIMIT %d,%d",
+			intval(local_user()),
+			intval($start),
+			intval($count)
+		);
+
+		foreach($r as $g){
+//		logger('acl: group: ' . $g['name'] . ' members: ' . $g['uids']);		
+			$groups[] = array(
+				"type"  => "g",
+				"photo" => "images/twopeople.png",
+				"name"  => $g['name'],
+				"id"	=> intval($g['id']),
+				"uids"  => array_map("intval", explode(",",$g['uids'])),
+				"link"  => ''
+			);
+		}
+	}
+	
+	if ($type=='' || $type=='c'){
+	
+		$r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag` FROM `contact` 
+			WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0 AND `notify` != ''
+			$sql_extra2
+			ORDER BY `name` ASC ",
+			intval(local_user())
+		);
+	}
+	elseif($type == 'm') {
+		$r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag` FROM `contact` 
+			WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0
+			AND `network` IN ('%s','%s','%s')
+			$sql_extra2
+			ORDER BY `name` ASC ",
+			intval(local_user()),
+			dbesc(NETWORK_DFRN),
+			dbesc(NETWORK_ZOT),
+			dbesc(NETWORK_DIASPORA)
+		);
+	}
+	elseif($type == 'a') {
+		$r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag` FROM `contact` 
+			WHERE `uid` = %d AND `pending` = 0
+			$sql_extra2
+			ORDER BY `name` ASC ",
+			intval(local_user())
+		);
+	}
+	else
+		$r = array();
+
+
+	if($type == 'm' || $type == 'a') {
+		$x = array();
+		$x['query'] = $search;
+		$x['photos'] = array();
+		$x['links'] = array();
+		$x['suggestions'] = array();
+		$x['data'] = array();
+		if(count($r)) {
+			foreach($r as $g) {
+				$x['photos'][] = $g['micro'];
+				$x['links'][] = $g['url'];
+				$x['suggestions'][] = $g['name'];
+				$x['data'][] = intval($g['id']);
+			}
+		}
+		echo json_encode($x);
+		killme();
+	}
+
+	if(count($r)) {
+		foreach($r as $g){
+			$contacts[] = array(
+				"type"  => "c",
+				"photo" => $g['micro'],
+				"name"  => $g['name'],
+				"id"	=> intval($g['id']),
+				"network" => $g['network'],
+				"link" => $g['url'],
+				"nick" => ($g['attag']) ? $g['attag'] : $g['nick'],
+			);
+		}			
+	}
+		
+	$items = array_merge($groups, $contacts);
+
+
+	if($out_type === 'html') {
+		$o = array(
+			'tot'		=> $tot,
+			'start'	=> $start,
+			'count'	=> $count,
+			'groups'	=> $groups,
+			'contacts'	=> $contacts,
+		);
+		return $o;
+	}
+	
+	$o = array(
+		'tot'	=> $tot,
+		'start' => $start,
+		'count'	=> $count,
+		'items'	=> $items,
+	);
+	
+	echo json_encode($o);
+
+	killme();
+}
+
--- a/include/conversation.php
+++ b/include/conversation.php
@ -1,6 +1,7 @@
 <?php

 require_once("include/bbcode.php");
+require_once("include/acl_selectors.php");


 // Note: the code in 'item_extract_images' and 'item_redir_and_replace_images'
@ -704,6 +705,7 @@ function conversation(&$a, $items, $mode, $update, $preview = false) {

 	$o = replace_macros($page_template, array(
 		'$baseurl' => $a->get_baseurl($ssl_state),
+		'$return_path' => $a->query_string,
 		'$live_update' => $live_update_div,
 		'$remove' => t('remove'),
 		'$mode' => $mode,
@ -908,7 +910,7 @@ function format_like($cnt,$arr,$type,$id) {
 			$str .= sprintf( t(', and %d other people'), $total - MAX_LIKERS );
 		}
 		$str = (($type === 'like') ? sprintf( t('%s like this.'), $str) : sprintf( t('%s don\'t like this.'), $str));
-		$o .= "\t" . '<div id="' . $type . 'list-' . $id . '" style="display: none;" >' . $str . '</div>';
+		$o .= "\t" . '<div class="wall-item-' . $type . '-expanded" id="' . $type . 'list-' . $id . '" style="display: none;" >' . $str . '</div>';
 	}
 	return $o;
 }}
@ -962,8 +964,6 @@ function status_editor($a,$x, $notes_cid = 0, $popup=false) {
 	));


-	$tpl = get_markup_template("jot.tpl");
-
 	$jotplugins = '';
 	$jotnets = '';

@ -994,10 +994,31 @@ function status_editor($a,$x, $notes_cid = 0, $popup=false) {
 	if($notes_cid)
 		$jotnets .= '<input type="hidden" name="contact_allow[]" value="' . $notes_cid .'" />';

+
+	// Private/public post links for the non-JS ACL form
+	$private_post = 1;
+	if($_REQUEST['public'])
+		$private_post = 0;
+
+	$query_str = $a->query_string;
+	if(strpos($query_str, 'public=1') !== false)
+		$query_str = str_replace(array('?public=1', '&public=1'), array('', ''), $query_str);
+
+	// I think $a->query_string may never have ? in it, but I could be wrong
+	// It looks like it's from the index.php?q=[etc] rewrite that the web
+	// server does, which converts any ? to &, e.g. suggest&ignore=61 for suggest?ignore=61
+	if(strpos($query_str, '?') === false)
+		$public_post_link = '?public=1';
+	else
+		$public_post_link = '&public=1';
+
+
+
 //	$tpl = replace_macros($tpl,array('$jotplugins' => $jotplugins));
+	$tpl = get_markup_template("jot.tpl");

 	$o .= replace_macros($tpl,array(
-		'$return_path' => $a->query_string,
+		'$return_path' => $query_str,
 		'$action' =>  $a->get_baseurl(true) . '/item',
 		'$share' => (x($x,'button') ? $x['button'] : t('Share')),
 		'$upload' => t('Upload photo'),
@ -1033,14 +1054,22 @@ function status_editor($a,$x, $notes_cid = 0, $popup=false) {
 		'$jotnets' => $jotnets,
 		'$emtitle' => t('Example: bob@example.com, mary@example.com'),
 		'$lockstate' => $x['lockstate'],
-		'$acl' => $x['acl'],
 		'$bang' => $x['bang'],
 		'$profile_uid' => $x['profile_uid'],
 		'$preview' => ((feature_enabled($x['profile_uid'],'preview')) ? t('Preview') : ''),
 		'$jotplugins' => $jotplugins,
 		'$sourceapp' => t($a->sourcename),
 		'$cancel' => t('Cancel'),
-		'$rand_num' => random_digits(12)
+		'$rand_num' => random_digits(12),
+
+		// ACL permissions box
+		'$acl' => $x['acl'],
+		'$acl_data' => $x['acl_data'],
+		'$group_perms' => t('Post to Groups'),
+		'$contact_perms' => t('Post to Contacts'),
+		'$private' => t('Private post'),
+		'$is_private' => $private_post,
+		'$public_link' => $public_post_link,
 	));


--- a/include/items.php
+++ b/include/items.php
@ -3874,6 +3874,34 @@ function drop_item($id,$interactive = true) {

 	if((local_user() == $item['uid']) || ($cid) || (! $interactive)) {

+		// Check if we should do HTML-based delete confirmation
+		if($_REQUEST['confirm']) {
+			// <form> can't take arguments in its "action" parameter
+			// so add any arguments as hidden inputs
+			$query = explode_querystring($a->query_string);
+			$inputs = array();
+			foreach($query['args'] as $arg) {
+				if(strpos($arg, 'confirm=') === false) {
+					$arg_parts = explode('=', $arg);
+					$inputs[] = array('name' => $arg_parts[0], 'value' => $arg_parts[1]);
+				}
+			}
+
+			return replace_macros(get_markup_template('confirm.tpl'), array(
+				'$method' => 'get',
+				'$message' => t('Do you really want to delete this item?'),
+				'$extra_inputs' => $inputs,
+				'$confirm' => t('Yes'),
+				'$confirm_url' => $query['base'],
+				'$confirm_name' => 'confirmed',
+				'$cancel' => t('Cancel'),
+			));
+		}
+		// Now check how the user responded to the confirmation query
+		if($_REQUEST['canceled']) {
+			goaway($a->get_baseurl() . '/' . $_SESSION['return_url']);
+		}
+
 		logger('delete item: ' . $item['id'], LOGGER_DEBUG);
 		// delete the item

--- a/include/nav.php
+++ b/include/nav.php
@ -8,8 +8,6 @@ function nav(&$a) {
 	 *
 	 */

-	$ssl_state = ((local_user()) ? true : false);
-
 	if(!(x($a->page,'nav')))
 		$a->page['nav'] = '';

@ -19,6 +17,35 @@ function nav(&$a) {

 	$a->page['nav'] .= '<div id="panel" style="display: none;"></div>' ;

+	$nav_info = nav_info($a);
+
+	/**
+	 * Build the page
+	 */
+
+	$tpl = get_markup_template('nav.tpl');
+
+	$a->page['nav'] .= replace_macros($tpl, array(
+        '$baseurl' => $a->get_baseurl(),
+		'$langselector' => lang_selector(),
+		'$sitelocation' => $nav_info['sitelocation'],
+		'$nav' => $nav_info['nav'],
+		'$banner' =>  $nav_info['banner'],
+		'$emptynotifications' => t('Nothing new here'),
+		'$userinfo' => $nav_info['userinfo'],
+		'$sel' => 	$a->nav_sel,
+		'$apps' => $a->apps,
+		'$clear_notifs' => t('Clear notifications')
+	));
+
+	call_hooks('page_header', $a->page['nav']);
+}
+
+
+function nav_info(&$a) {
+
+	$ssl_state = ((local_user()) ? true : false);
+
 	/**
 	 *
 	 * Our network is distributed, and as you visit friends some of the 
@ -152,6 +179,9 @@ function nav(&$a) {
 	 }


+	 $nav['navigation'] = array('navigation/', t('Navigation'), "", t('Site map'));
+
+
 	/**
 	 *
 	 * Provide a banner/logo/whatever
@ -164,23 +194,15 @@ function nav(&$a) {
 		$banner .= '<a href="http://friendica.com"><img id="logo-img" src="images/friendica-32.png" alt="logo" /></a><span id="logo-text"><a href="http://friendica.com">Friendica</a></span>';


-	$tpl = get_markup_template('nav.tpl');
-
-	$a->page['nav'] .= replace_macros($tpl, array(
-        '$baseurl' => $a->get_baseurl(),
-		'$langselector' => lang_selector(),
-		'$sitelocation' => $sitelocation,
-		'$nav' => $nav,
-		'$banner' =>  $banner,
-		'$emptynotifications' => t('Nothing new here'),
-		'$userinfo' => $userinfo,
-		'$sel' => 	$a->nav_sel,
-		'$apps' => $a->apps,
-	));
-
-	call_hooks('page_header', $a->page['nav']);
+	return array(
+		'sitelocation' => $sitelocation,
+		'nav' => $nav,
+		'banner' => $banner,
+		'userinfo' => $userinfo,
+	);
 }

+
 /*
 * Set a menu item in navbar as selected
 * 
--- a/include/template_processor.php
+++ b/include/template_processor.php
@ -259,15 +259,15 @@ class Template {
 	public function replace($s, $r) {
 		$this->r = $r;

+		// remove comments block
+		$s = preg_replace('/{#(.*?\s*?)*?#}/', "", $s);
+
 		$s = $this->_build_nodes($s);

 		$s = preg_replace_callback('/\|\|([0-9]+)\|\|/', array($this, "_replcb_node"), $s);
 		if ($s == Null)
 			$this->_preg_error();

-		// remove comments block
-		$s = preg_replace('/{#[^#]*#}/', "", $s);
-
 		// replace strings recursively (limit to 10 loops)
 		$os = "";
 		$count = 0;
--- a/mod/acl.php
+++ b/mod/acl.php
@ -4,193 +4,7 @@
 require_once("include/acl_selectors.php");

 function acl_init(&$a){
-	if(!local_user())
-		return "";
-
-
-	$start = (x($_REQUEST,'start')?$_REQUEST['start']:0);
-	$count = (x($_REQUEST,'count')?$_REQUEST['count']:100);
-	$search = (x($_REQUEST,'search')?$_REQUEST['search']:"");
-	$type = (x($_REQUEST,'type')?$_REQUEST['type']:"");
-	
-
-	// For use with jquery.autocomplete for private mail completion
-
-	if(x($_REQUEST,'query') && strlen($_REQUEST['query'])) {
-		if(! $type)
-			$type = 'm';
-		$search = $_REQUEST['query'];
-	}
-
-
-	if ($search!=""){
-		$sql_extra = "AND `name` LIKE '%%".dbesc($search)."%%'";
-		$sql_extra2 = "AND (`attag` LIKE '%%".dbesc($search)."%%' OR `name` LIKE '%%".dbesc($search)."%%' OR `nick` LIKE '%%".dbesc($search)."%%')";
-	} else {
-		$sql_extra = $sql_extra2 = "";
-	}
-	
-	// count groups and contacts
-	if ($type=='' || $type=='g'){
-		$r = q("SELECT COUNT(`id`) AS g FROM `group` WHERE `deleted` = 0 AND `uid` = %d $sql_extra",
-			intval(local_user())
-		);
-		$group_count = (int)$r[0]['g'];
-	} else {
-		$group_count = 0;
-	}
-	
-	if ($type=='' || $type=='c'){
-		$r = q("SELECT COUNT(`id`) AS c FROM `contact` 
-				WHERE `uid` = %d AND `self` = 0 
-				AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0
-				AND `notify` != '' $sql_extra2" ,
-			intval(local_user())
-		);
-		$contact_count = (int)$r[0]['c'];
-	} 
-	elseif ($type == 'm') {
-
-		// autocomplete for Private Messages
-
-		$r = q("SELECT COUNT(`id`) AS c FROM `contact` 
-				WHERE `uid` = %d AND `self` = 0 
-				AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0 
-				AND `network` IN ('%s','%s','%s') $sql_extra2" ,
-			intval(local_user()),
-			dbesc(NETWORK_DFRN),
-			dbesc(NETWORK_ZOT),
-			dbesc(NETWORK_DIASPORA)
-		);
-		$contact_count = (int)$r[0]['c'];
-
-	}
-	elseif ($type == 'a') {
-
-		// autocomplete for Contacts
-
-		$r = q("SELECT COUNT(`id`) AS c FROM `contact` 
-				WHERE `uid` = %d AND `self` = 0 
-				AND `pending` = 0 $sql_extra2" ,
-			intval(local_user())
-		);
-		$contact_count = (int)$r[0]['c'];
-
-	} else {
-		$contact_count = 0;
-	}
-	
-	$tot = $group_count+$contact_count;
-	
-	$groups = array();
-	$contacts = array();
-	
-	if ($type=='' || $type=='g'){
-		
-		$r = q("SELECT `group`.`id`, `group`.`name`, GROUP_CONCAT(DISTINCT `group_member`.`contact-id` SEPARATOR ',') as uids
-				FROM `group`,`group_member` 
-				WHERE `group`.`deleted` = 0 AND `group`.`uid` = %d 
-					AND `group_member`.`gid`=`group`.`id`
-					$sql_extra
-				GROUP BY `group`.`id`
-				ORDER BY `group`.`name` 
-				LIMIT %d,%d",
-			intval(local_user()),
-			intval($start),
-			intval($count)
-		);
-
-		foreach($r as $g){
-//		logger('acl: group: ' . $g['name'] . ' members: ' . $g['uids']);		
-			$groups[] = array(
-				"type"  => "g",
-				"photo" => "images/twopeople.png",
-				"name"  => $g['name'],
-				"id"	=> intval($g['id']),
-				"uids"  => array_map("intval", explode(",",$g['uids'])),
-				"link"  => ''
-			);
-		}
-	}
-	
-	if ($type=='' || $type=='c'){
-	
-		$r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag` FROM `contact` 
-			WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0 AND `notify` != ''
-			$sql_extra2
-			ORDER BY `name` ASC ",
-			intval(local_user())
-		);
-	}
-	elseif($type == 'm') {
-		$r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag` FROM `contact` 
-			WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0
-			AND `network` IN ('%s','%s','%s')
-			$sql_extra2
-			ORDER BY `name` ASC ",
-			intval(local_user()),
-			dbesc(NETWORK_DFRN),
-			dbesc(NETWORK_ZOT),
-			dbesc(NETWORK_DIASPORA)
-		);
-	}
-	elseif($type == 'a') {
-		$r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag` FROM `contact` 
-			WHERE `uid` = %d AND `pending` = 0
-			$sql_extra2
-			ORDER BY `name` ASC ",
-			intval(local_user())
-		);
-	}
-	else
-		$r = array();
-
-
-	if($type == 'm' || $type == 'a') {
-		$x = array();
-		$x['query'] = $search;
-		$x['photos'] = array();
-		$x['links'] = array();
-		$x['suggestions'] = array();
-		$x['data'] = array();
-		if(count($r)) {
-			foreach($r as $g) {
-				$x['photos'][] = $g['micro'];
-				$x['links'][] = $g['url'];
-				$x['suggestions'][] = $g['name'];
-				$x['data'][] = intval($g['id']);
-			}
-		}
-		echo json_encode($x);
-		killme();
-	}
-
-	if(count($r)) {
-		foreach($r as $g){
-			$contacts[] = array(
-				"type"  => "c",
-				"photo" => $g['micro'],
-				"name"  => $g['name'],
-				"id"	=> intval($g['id']),
-				"network" => $g['network'],
-				"link" => $g['url'],
-				"nick" => ($g['attag']) ? $g['attag'] : $g['nick'],
-			);
-		}			
-	}
-		
-	$items = array_merge($groups, $contacts);
-	
-	$o = array(
-		'tot'	=> $tot,
-		'start' => $start,
-		'count'	=> $count,
-		'items'	=> $items,
-	);
-	
-	echo json_encode($o);
-
-	killme();
+	acl_lookup($a);
 }


--- a/mod/contacts.php
+++ b/mod/contacts.php
@ -225,6 +225,36 @@ function contacts_content(&$a) {

 		if($cmd === 'drop') {

+			// Check if we should do HTML-based delete confirmation
+			if($_REQUEST['confirm']) {
+				// <form> can't take arguments in its "action" parameter
+				// so add any arguments as hidden inputs
+				$query = explode_querystring($a->query_string);
+				$inputs = array();
+				foreach($query['args'] as $arg) {
+					if(strpos($arg, 'confirm=') === false) {
+						$arg_parts = explode('=', $arg);
+						$inputs[] = array('name' => $arg_parts[0], 'value' => $arg_parts[1]);
+					}
+				}
+
+				$a->page['aside'] = '';
+				return replace_macros(get_markup_template('confirm.tpl'), array(
+					'$method' => 'get',
+					'$message' => t('Do you really want to delete this contact?'),
+					'$extra_inputs' => $inputs,
+					'$confirm' => t('Yes'),
+					'$confirm_url' => $query['base'],
+					'$confirm_name' => 'confirmed',
+					'$cancel' => t('Cancel'),
+				));
+			}
+			// Now check how the user responded to the confirmation query
+			if($_REQUEST['canceled']) {
+				goaway($a->get_baseurl(true) . '/' . $_SESSION['return_url']);
+
+			}
+
 			require_once('include/Contact.php');

 			terminate_friendship($a->user,$a->contact,$orig_record[0]);
@ -239,6 +269,10 @@ function contacts_content(&$a) {
 		}
 	}

+
+
+	$_SESSION['return_url'] = $a->query_string;
+
 	if((x($a->data,'contact')) && (is_array($a->data['contact']))) {

 		$contact_id = $a->data['contact']['id'];
@ -405,8 +439,6 @@ function contacts_content(&$a) {
 	$ignored = false;
 	$all = false;

-	$_SESSION['return_url'] = $a->query_string;
-
 	if(($a->argc == 2) && ($a->argv[1] === 'all')) {
 		$sql_extra = '';
 		$all = true;
--- a/mod/display.php
+++ b/mod/display.php
@ -112,8 +112,9 @@ function display_content(&$a, $update = 0) {
 			'acl' => populate_acl($a->user, $celeb),
 			'bang' => '',
 			'visitor' => 'block',
-			'profile_uid' => local_user()
-		);	
+			'profile_uid' => local_user(),
+			'acl_data' => construct_acl_data($a, $a->user), // For non-Javascript ACL selector
+		);
 		$o .= status_editor($a,$x,0,true);
 	}

--- a/mod/editpost.php
+++ b/mod/editpost.php
@ -85,16 +85,19 @@ function editpost_content(&$a) {
 		}
 	}

-	if($mail_enabled) {
+	// I don't think there's any need for the $jotnets when editing the post,
+	// and including them makes it difficult for the JS-free theme, so let's
+	// disable them
+/*	if($mail_enabled) {
       $selected = (($pubmail_enabled) ? ' checked="checked" ' : '');
 		$jotnets .= '<div class="profile-jot-net"><input type="checkbox" name="pubmail_enable"' . $selected . ' value="1" /> '
          	. t("Post to Email") . '</div>';
-	}
+	}*/
 					


 	call_hooks('jot_tool', $jotplugins);
-	call_hooks('jot_networks', $jotnets);
+	//call_hooks('jot_networks', $jotnets);

 	
 	//$tpl = replace_macros($tpl,array('$jotplugins' => $jotplugins));	
--- a/mod/item.php
+++ b/mod/item.php
@ -923,10 +923,12 @@ function item_content(&$a) {

 	require_once('include/security.php');

+	$o = '';
 	if(($a->argc == 3) && ($a->argv[1] === 'drop') && intval($a->argv[2])) {
 		require_once('include/items.php');
-		drop_item($a->argv[2]);
+		$o = drop_item($a->argv[2]);
 	}
+	return $o;
 }

 /**
--- a/mod/like.php
+++ b/mod/like.php
@ -105,6 +105,10 @@ function like_content(&$a) {
 	}


+	// See if we've been passed a return path to redirect to
+	$return_path = ((x($_REQUEST,'return')) ? $_REQUEST['return'] : '');
+
+
 	$r = q("SELECT * FROM `item` WHERE `verb` = '%s' AND `deleted` = 0 
 		AND `contact-id` = %d AND ( `parent` = '%s' OR `parent-uri` = '%s' OR `thr-parent` = '%s') LIMIT 1",
 		dbesc($activity),
@ -137,7 +141,9 @@ function like_content(&$a) {
 //		proc_run('php',"include/notifier.php","like","$post_id"); // $post_id isn't defined here!
 		$like_item_id = $like_item['id'];
 		proc_run('php',"include/notifier.php","like","$like_item_id");
-		return;
+
+		like_content_return($a->get_baseurl(), $return_path);
+		return; // NOTREACHED
 	}

 	$uri = item_new_uri($a->get_hostname(),$owner_uid);
@ -221,11 +227,29 @@ EOT;

 	proc_run('php',"include/notifier.php","like","$post_id");

-	killme();
+	like_content_return($a->get_baseurl(), $return_path);
+	killme(); // NOTREACHED
 //	return; // NOTREACHED
 }


+// Decide how to return. If we were called with a 'return' argument,
+// then redirect back to the calling page. If not, just quietly end
+
+function like_content_return($baseurl, $return_path) {
+
+	if($return_path) {
+		$rand = '_=' . time();
+		if(strpos($return_path, '?')) $rand = "&$rand";
+		else $rand = "?$rand";
+
+		goaway($baseurl . "/" . $return_path . $rand);
+	}
+
+	killme();
+}
+
+
 function store_diaspora_like_retract_sig($activity, $item, $like_item, $contact) {
 	// Note that we can only create a signature for a user of the local server. We don't have
 	// a key for remote users. That is ok, because if a remote user is "unlike"ing a post, it 
--- a/mod/manage.php
+++ b/mod/manage.php
@ -1,5 +1,7 @@
 <?php

+require_once("include/text.php");
+

 function manage_post(&$a) {

@ -68,6 +70,10 @@ function manage_post(&$a) {
 	unset($_SESSION['return_url']);
 	if(x($_SESSION,'submanage'))
 		unset($_SESSION['submanage']);
+	if(x($_SESSION,'sysmsg'))
+		unset($_SESSION['sysmsg']);
+	if(x($_SESSION,'sysmsg_info'))
+		unset($_SESSION['sysmsg_info']);

 	require_once('include/security.php');
 	authenticate_success($r[0],true,true);
@ -91,27 +97,18 @@ function manage_content(&$a) {
 		return;
 	}

-	$o = '<h3>' . t('Manage Identities and/or Pages') . '</h3>';
-
-	
-	$o .= '<div id="identity-manage-desc">' . t('Toggle between different identities or community/group pages which share your account details or which you have been granted "manage" permissions') . '</div>';
-
-	$o .= '<div id="identity-manage-choose">' . t('Select an identity to manage: ') . '</div>';
-
-	$o .= '<div id="identity-selector-wrapper">' . "\r\n";
-	$o .= '<form action="manage" method="post" >' . "\r\n";
-	$o .= '<select name="identity" size="4" onchange="this.form.submit();" >' . "\r\n";
-
-	foreach($a->identities as $rr) {
-		$selected = (($rr['nickname'] === $a->user['nickname']) ? ' selected="selected" ' : '');
-		$o .= '<option ' . $selected . 'value="' . $rr['uid'] . '">' . $rr['username'] . ' (' . $rr['nickname'] . ')</option>' . "\r\n";
+	$identities = $a->identities;
+	foreach($identities as $key=>$id) {
+		$identities[$key]['selected'] = (($id['nickname'] === $a->user['nickname']) ? ' selected="selected" ' : '');
 	}

-	$o .= '</select>' . "\r\n";
-	$o .= '<div id="identity-select-break"></div>' . "\r\n";
-
-//	$o .= '<input id="identity-submit" type="submit" name="submit" value="' . t('Submit') . '" />';
-	$o .= '</div></form>' . "\r\n";
+	$o = replace_macros(get_markup_template('manage.tpl'), array(
+		'$title' => t('Manage Identities and/or Pages'),
+		'$desc' => t('Toggle between different identities or community/group pages which share your account details or which you have been granted "manage" permissions'),
+		'$choose' => t('Select an identity to manage: '),
+		'$identities' => $identities,
+		'$submit' => t('Submit'),
+	));

 	return $o;

--- a/mod/message.php
+++ b/mod/message.php
@ -82,6 +82,8 @@ function message_post(&$a) {
 		$a->argc = 2;
 		$a->argv[1] = 'new';
 	}
+	else
+		goaway($a->get_baseurl(true) . '/' . $_SESSION['return_url']);

 }

@ -185,6 +187,36 @@ function message_content(&$a) {
 	if(($a->argc == 3) && ($a->argv[1] === 'drop' || $a->argv[1] === 'dropconv')) {
 		if(! intval($a->argv[2]))
 			return;
+
+		// Check if we should do HTML-based delete confirmation
+		if($_REQUEST['confirm']) {
+			// <form> can't take arguments in its "action" parameter
+			// so add any arguments as hidden inputs
+			$query = explode_querystring($a->query_string);
+			$inputs = array();
+			foreach($query['args'] as $arg) {
+				if(strpos($arg, 'confirm=') === false) {
+					$arg_parts = explode('=', $arg);
+					$inputs[] = array('name' => $arg_parts[0], 'value' => $arg_parts[1]);
+				}
+			}
+
+			//$a->page['aside'] = '';
+			return replace_macros(get_markup_template('confirm.tpl'), array(
+				'$method' => 'get',
+				'$message' => t('Do you really want to delete this message?'),
+				'$extra_inputs' => $inputs,
+				'$confirm' => t('Yes'),
+				'$confirm_url' => $query['base'],
+				'$confirm_name' => 'confirmed',
+				'$cancel' => t('Cancel'),
+			));
+		}
+		// Now check how the user responded to the confirmation query
+		if($_REQUEST['canceled']) {
+			goaway($a->get_baseurl(true) . '/' . $_SESSION['return_url']);
+		}
+
 		$cmd = $a->argv[1];
 		if($cmd === 'drop') {
 			$r = q("DELETE FROM `mail` WHERE `id` = %d AND `uid` = %d LIMIT 1",
@ -194,7 +226,8 @@ function message_content(&$a) {
 			if($r) {
 				info( t('Message deleted.') . EOL );
 			}
-			goaway($a->get_baseurl(true) . '/message' );
+			//goaway($a->get_baseurl(true) . '/message' );
+			goaway($a->get_baseurl(true) . '/' . $_SESSION['return_url']);
 		}
 		else {
 			$r = q("SELECT `parent-uri`,`convid` FROM `mail` WHERE `id` = %d AND `uid` = %d LIMIT 1",
@ -224,7 +257,8 @@ function message_content(&$a) {
 				if($r)
 					info( t('Conversation removed.') . EOL );
 			} 
-			goaway($a->get_baseurl(true) . '/message' );
+			//goaway($a->get_baseurl(true) . '/message' );
+			goaway($a->get_baseurl(true) . '/' . $_SESSION['return_url']);
 		}	
 	
 	}
@ -304,6 +338,9 @@ function message_content(&$a) {
 		return $o;
 	}

+
+	$_SESSION['return_url'] = $a->query_string;
+
 	if($a->argc == 1) {

 		// list messages
--- a/mod/navigation.php
+++ b/mod/navigation.php
@ -0,0 +1,27 @@
+<?php
+
+require_once("include/nav.php");
+
+function navigation_content(&$a) {
+
+	$nav_info = nav_info($a);
+
+	/**
+	 * Build the page
+	 */
+
+	$tpl = get_markup_template('navigation.tpl');
+	return replace_macros($tpl, array(
+        '$baseurl' => $a->get_baseurl(),
+		'$langselector' => lang_selector(),
+		'$sitelocation' => $nav_info['sitelocation'],
+		'$nav' => $nav_info['nav'],
+		'$banner' =>  $nav_info['banner'],
+		'$emptynotifications' => t('Nothing new here'),
+		'$userinfo' => $nav_info['userinfo'],
+		'$sel' => 	$a->nav_sel,
+		'$apps' => $a->apps,
+		'$clear_notifs' => t('Clear notifications')
+	));
+
+}
--- a/mod/network.php
+++ b/mod/network.php
@ -560,10 +560,12 @@ function network_content(&$a, $update = 0) {
 			'default_location' => $a->user['default-location'],
 			'nickname' => $a->user['nickname'],
 			'lockstate' => ((($group) || ($cid) || ($nets) || (is_array($a->user) && ((strlen($a->user['allow_cid'])) || (strlen($a->user['allow_gid'])) || (strlen($a->user['deny_cid'])) || (strlen($a->user['deny_gid']))))) ? 'lock' : 'unlock'),
+			'default_perms' => get_acl_permissions($a->user),
 			'acl' => populate_acl((($group || $cid || $nets) ? $def_acl : $a->user), $celeb),
 			'bang' => (($group || $cid || $nets) ? '!' : ''),
 			'visitor' => 'block',
-			'profile_uid' => local_user()
+			'profile_uid' => local_user(),
+			'acl_data' => construct_acl_data($a, $a->user), // For non-Javascript ACL selector
 		);

 		$o .= status_editor($a,$x);
--- a/mod/notes.php
+++ b/mod/notes.php
@ -60,8 +60,8 @@ function notes_content(&$a,$update = false) {
    	    'bang' => '',
        	'visitor' => 'block',
 	   	    'profile_uid' => local_user(),
-			'button' => t('Save')
-
+			'button' => t('Save'),
+			'acl_data' => '',
    	);

    	$o .= status_editor($a,$x,$a->contact['id']);
--- a/mod/photos.php
+++ b/mod/photos.php
@ -166,6 +166,11 @@ function photos_post(&$a) {
 			return; // NOTREACHED
 		}

+		// Check if the user has responded to a delete confirmation query
+		if($_REQUEST['canceled']) {
+			goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
+		}
+
 		$newalbum = notags(trim($_POST['albumname']));
 		if($newalbum != $album) {
 			q("UPDATE `photo` SET `album` = '%s' WHERE `album` = '%s' AND `uid` = %d",
@ -181,6 +186,25 @@ function photos_post(&$a) {

 		if($_POST['dropalbum'] == t('Delete Album')) {

+			// Check if we should do HTML-based delete confirmation
+			if($_REQUEST['confirm']) {
+				$drop_url = $a->query_string;
+				$extra_inputs = array(
+					array('name' => 'albumname', 'value' => $_POST['albumname']),
+				);
+				$a->page['content'] = replace_macros(get_markup_template('confirm.tpl'), array(
+					'$method' => 'post',
+					'$message' => t('Do you really want to delete this photo album and all its photos?'),
+					'$extra_inputs' => $extra_inputs,
+					'$confirm' => t('Delete Album'),
+					'$confirm_url' => $drop_url,
+					'$confirm_name' => 'dropalbum', // Needed so that confirmation will bring us back into this if statement
+					'$cancel' => t('Cancel'),
+				));
+				$a->error = 1; // Set $a->error so the other module functions don't execute
+				return;
+			}
+
 			$res = array();

 			// get the list of photos we are about to delete
@ -242,10 +266,32 @@ function photos_post(&$a) {
 		return; // NOTREACHED
 	}

+
+	// Check if the user has responded to a delete confirmation query for a single photo
+	if(($a->argc > 2) && $_REQUEST['canceled']) {
+		goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
+	}
+
 	if(($a->argc > 2) && (x($_POST,'delete')) && ($_POST['delete'] == t('Delete Photo'))) {

 		// same as above but remove single photo

+		// Check if we should do HTML-based delete confirmation
+		if($_REQUEST['confirm']) {
+			$drop_url = $a->query_string;
+			$a->page['content'] = replace_macros(get_markup_template('confirm.tpl'), array(
+				'$method' => 'post',
+				'$message' => t('Do you really want to delete this photo?'),
+				'$extra_inputs' => array(),
+				'$confirm' => t('Delete Photo'),
+				'$confirm_url' => $drop_url,
+				'$confirm_name' => 'delete', // Needed so that confirmation will bring us back into this if statement
+				'$cancel' => t('Cancel'),
+			));
+			$a->error = 1; // Set $a->error so the other module functions don't execute
+			return;
+		}
+
 		if($visitor) {
 			$r = q("SELECT `id`, `resource-id` FROM `photo` WHERE `contact-id` = %d AND `uid` = %d AND `resource-id` = '%s' LIMIT 1",
 				intval($visitor),
@ -284,7 +330,7 @@ function photos_post(&$a) {
 			}
 		}

-		goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
+		goaway($a->get_baseurl() . '/photos/' . $a->data['user']['nickname']);
 		return; // NOTREACHED
 	}

@ -1024,8 +1070,10 @@ function photos_content(&$a) {

 		call_hooks('photo_upload_form',$ret);

-		$default_upload = '<input id="photos-upload-choose" type="file" name="userfile" /> 	<div class="photos-upload-submit-wrapper" >
-		<input type="submit" name="submit" value="' . t('Submit') . '" id="photos-upload-submit" /> </div>';
+		$default_upload_box = replace_macros(get_markup_template('photos_default_uploader_box.tpl'), array());
+		$default_upload_submit = replace_macros(get_markup_template('photos_default_uploader_submit.tpl'), array(
+			'$submit' => t('Submit'),
+		));

 		$usage_message = '';
 		$limit = service_class_fetch($a->data['user']['uid'],'photo_upload_limit');
@ -1038,6 +1086,25 @@ function photos_content(&$a) {
 		}


+		// Private/public post links for the non-JS ACL form
+		$private_post = 1;
+		if($_REQUEST['public'])
+			$private_post = 0;
+
+		$query_str = $a->query_string;
+		if(strpos($query_str, 'public=1') !== false)
+			$query_str = str_replace(array('?public=1', '&public=1'), array('', ''), $query_str);
+
+		// I think $a->query_string may never have ? in it, but I could be wrong
+		// It looks like it's from the index.php?q=[etc] rewrite that the web
+		// server does, which converts any ? to &, e.g. suggest&ignore=61 for suggest?ignore=61
+		if(strpos($query_str, '?') === false)
+			$public_post_link = '?public=1';
+		else
+			$public_post_link = '&public=1';
+
+
+
 		$tpl = get_markup_template('photos_upload.tpl');

 		if($a->theme['template_engine'] === 'internal') {
@ -1060,9 +1127,20 @@ function photos_content(&$a) {
 			'$albumselect' => $albumselect_e,
 			'$permissions' => t('Permissions'),
 			'$aclselect' => $aclselect_e,
-			'$uploader' => $ret['addon_text'],
-			'$default' => (($ret['default_upload']) ? $default_upload : ''),
-			'$uploadurl' => $ret['post_url']
+			'$alt_uploader' => $ret['addon_text'],
+			'$default_upload_box' => (($ret['default_upload']) ? $default_upload_box : ''),
+			'$default_upload_submit' => (($ret['default_upload']) ? $default_upload_submit : ''),
+			'$uploadurl' => $ret['post_url'],
+
+			// ACL permissions box
+			'$acl_data' => construct_acl_data($a, $a->user), // For non-Javascript ACL selector
+			'$group_perms' => t('Show to Groups'),
+			'$contact_perms' => t('Show to Contacts'),
+			'$private' => t('Private Photo'),
+			'$public' => t('Public Photo'),
+			'$is_private' => $private_post,
+			'$return_path' => $query_str,
+			'$public_link' => $public_post_link,

 		));

@ -1372,6 +1450,24 @@ function photos_content(&$a) {
 		if(($cmd === 'edit') && ($can_post)) {
 			$edit_tpl = get_markup_template('photo_edit.tpl');

+			// Private/public post links for the non-JS ACL form
+			$private_post = 1;
+			if($_REQUEST['public'])
+				$private_post = 0;
+
+			$query_str = $a->query_string;
+			if(strpos($query_str, 'public=1') !== false)
+				$query_str = str_replace(array('?public=1', '&public=1'), array('', ''), $query_str);
+
+			// I think $a->query_string may never have ? in it, but I could be wrong
+			// It looks like it's from the index.php?q=[etc] rewrite that the web
+			// server does, which converts any ? to &, e.g. suggest&ignore=61 for suggest?ignore=61
+			if(strpos($query_str, '?') === false)
+				$public_post_link = '?public=1';
+			else
+				$public_post_link = '&public=1';
+
+
 			if($a->theme['template_engine'] === 'internal') {
 				$album_e = template_escape($ph[0]['album']);
 				$caption_e = template_escape($ph[0]['desc']);
@ -1400,7 +1496,17 @@ function photos_content(&$a) {
 				'$help_tags' => t('Example: @bob, @Barbara_Jensen, @jim@example.com, #California, #camping'),
 				'$item_id' => ((count($linked_items)) ? $link_item['id'] : 0),
 				'$submit' => t('Submit'),
-				'$delete' => t('Delete Photo')
+				'$delete' => t('Delete Photo'),
+
+				// ACL permissions box
+				'$acl_data' => construct_acl_data($a, $ph[0]), // For non-Javascript ACL selector
+				'$group_perms' => t('Show to Groups'),
+				'$contact_perms' => t('Show to Contacts'),
+				'$private' => t('Private photo'),
+				'$public' => t('Public photo'),
+				'$is_private' => $private_post,
+				'$return_path' => $query_str,
+				'$public_link' => $public_post_link,
 			));
 		}

@ -1418,9 +1524,10 @@ function photos_content(&$a) {
 				$likebuttons = replace_macros($like_tpl,array(
 					'$id' => $link_item['id'],
 					'$likethis' => t("I like this \x28toggle\x29"),
-					'$nolike' => t("I don't like this \x28toggle\x29"),
+					'$nolike' => (feature_enabled(local_user(), 'dislike') ? t("I don't like this \x28toggle\x29") : ''),
 					'$share' => t('Share'),
-					'$wait' => t('Please wait')
+					'$wait' => t('Please wait'),
+					'$return_path' => $a->query_string,
 				));
 			}

--- a/mod/profile.php
+++ b/mod/profile.php
@ -198,7 +198,8 @@ function profile_content(&$a, $update = 0) {
            	'acl' => (($is_owner) ? populate_acl($a->user, $celeb) : ''),
 	            'bang' => '',
    	        'visitor' => (($is_owner || $commvisitor) ? 'block' : 'none'),
-        	    'profile_uid' => $a->profile['profile_uid']
+        	    'profile_uid' => $a->profile['profile_uid'],
+				'acl_data' => ( $is_owner ? construct_acl_data($a, $a->user) : '' ), // For non-Javascript ACL selector
        	);

        	$o .= status_editor($a,$x);
--- a/mod/settings.php
+++ b/mod/settings.php
@ -1012,6 +1012,25 @@ function settings_content(&$a) {
 	require_once('include/group.php');
 	$group_select = mini_group_select(local_user(),$a->user['def_gid']);

+
+	// Private/public post links for the non-JS ACL form
+	$private_post = 1;
+	if($_REQUEST['public'])
+		$private_post = 0;
+
+	$query_str = $a->query_string;
+	if(strpos($query_str, 'public=1') !== false)
+		$query_str = str_replace(array('?public=1', '&public=1'), array('', ''), $query_str);
+
+	// I think $a->query_string may never have ? in it, but I could be wrong
+	// It looks like it's from the index.php?q=[etc] rewrite that the web
+	// server does, which converts any ? to &, e.g. suggest&ignore=61 for suggest?ignore=61
+	if(strpos($query_str, '?') === false)
+		$public_post_link = '?public=1';
+	else
+		$public_post_link = '&public=1';
+
+
 	$o .= replace_macros($stpl, array(
 		'$ptitle' 	=> t('Account Settings'),

@ -1046,6 +1065,17 @@ function settings_content(&$a) {
 		'$blockwall'=> $blockwall, // array('blockwall', t('Allow friends to post to your profile page:'), !$blockwall, ''),
 		'$blocktags'=> $blocktags, // array('blocktags', t('Allow friends to tag your posts:'), !$blocktags, ''),

+		// ACL permissions box
+		'$acl_data' => construct_acl_data($a, $a->user), // For non-Javascript ACL selector
+		'$group_perms' => t('Show to Groups'),
+		'$contact_perms' => t('Show to Contacts'),
+		'$private' => t('Default Private Post'),