Browse Source

Merge remote-tracking branch 'refs/remotes/friendica/develop' into develop

pull/3289/head
Hypolite Petovan 4 years ago
parent
commit
500f0985f8
  1. 659
      boot.php
  2. 848
      include/dfrn.php
  3. 21
      include/items.php
  4. 206
      include/ostatus.php
  5. 12
      include/update_gcontact.php
  6. 171
      index.php
  7. 16
      mod/admin.php
  8. 13
      mod/dfrn_confirm.php
  9. 128
      mod/dfrn_notify.php
  10. 3
      mod/install.php
  11. 491
      mod/item.php
  12. 46
      mod/manage.php
  13. 28
      mod/network.php
  14. 495
      mod/photos.php
  15. 224
      mod/profiles.php
  16. 5
      testargs.php
  17. 31
      update.php
  18. 137
      util/po2php.php
  19. 10
      view/global.css
  20. 2
      view/theme/frio/css/mod_events.css
  21. 169
      view/theme/frio/css/style.css
  22. 5
      view/theme/frio/js/filebrowser.js
  23. 60
      view/theme/frio/js/hovercard.js
  24. 21
      view/theme/frio/js/theme.js
  25. 35
      view/theme/frio/templates/comment_item.tpl
  26. 10
      view/theme/frio/templates/common_tabs.tpl
  27. 18
      view/theme/frio/templates/contact_edit.tpl
  28. 42
      view/theme/frio/templates/contact_template.tpl
  29. 10
      view/theme/frio/templates/contacts-template.tpl
  30. 2
      view/theme/frio/templates/event.tpl
  31. 76
      view/theme/frio/templates/event_form.tpl
  32. 14
      view/theme/frio/templates/events_js.tpl
  33. 40
      view/theme/frio/templates/filebrowser.tpl
  34. 2
      view/theme/frio/templates/group_side.tpl
  35. 50
      view/theme/frio/templates/jot.tpl
  36. 11
      view/theme/frio/templates/nav.tpl
  37. 426
      view/theme/frio/templates/profile_advanced.tpl
  38. 8
      view/theme/frio/templates/profile_edit.tpl
  39. 12
      view/theme/frio/templates/profile_vcard.tpl
  40. 32
      view/theme/frio/templates/prv_message.tpl
  41. 84
      view/theme/frio/templates/search_item.tpl
  42. 4
      view/theme/frio/templates/settings.tpl
  43. 4
      view/theme/frio/templates/threaded_conversation.tpl
  44. 64
      view/theme/frio/templates/wall_thread.tpl
  45. 75
      view/theme/vier/theme.php

659
boot.php
File diff suppressed because it is too large
View File

848
include/dfrn.php
File diff suppressed because it is too large
View File

21
include/items.php

@ -1496,17 +1496,19 @@ function item_is_remote_self($contact, &$datarray) {
return true;
}
function new_follower($importer,$contact,$datarray,$item,$sharing = false) {
function new_follower($importer, $contact, $datarray, $item, $sharing = false) {
$url = notags(trim($datarray['author-link']));
$name = notags(trim($datarray['author-name']));
$photo = notags(trim($datarray['author-avatar']));
if (is_object($item)) {
$rawtag = $item->get_item_tags(NAMESPACE_ACTIVITY,'actor');
if ($rawtag && $rawtag[0]['child'][NAMESPACE_POCO]['preferredUsername'][0]['data'])
if ($rawtag && $rawtag[0]['child'][NAMESPACE_POCO]['preferredUsername'][0]['data']) {
$nick = $rawtag[0]['child'][NAMESPACE_POCO]['preferredUsername'][0]['data'];
} else
}
} else {
$nick = $item;
}
if (is_array($contact)) {
if (($contact['network'] == NETWORK_OSTATUS && $contact['rel'] == CONTACT_IS_SHARING)
@ -1544,11 +1546,9 @@ function new_follower($importer,$contact,$datarray,$item,$sharing = false) {
update_contact_avatar($photo, $importer["uid"], $contact_record["id"], true);
}
$r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
intval($importer['uid'])
);
$a = get_app();
if (dbm::is_result($r) AND !in_array($r[0]['page-flags'], array(PAGE_SOAPBOX, PAGE_FREELOVE))) {
@ -1567,8 +1567,9 @@ function new_follower($importer,$contact,$datarray,$item,$sharing = false) {
$def_gid = get_default_group($importer['uid'], $contact_record["network"]);
if (intval($def_gid))
group_add_member($importer['uid'],'',$contact_record['id'],$def_gid);
if (intval($def_gid)) {
group_add_member($importer['uid'], '', $contact_record['id'], $def_gid);
}
if (($r[0]['notify-flags'] & NOTIFY_INTRO) &&
in_array($r[0]['page-flags'], array(PAGE_NORMAL))) {
@ -1599,7 +1600,7 @@ function new_follower($importer,$contact,$datarray,$item,$sharing = false) {
}
}
function lose_follower($importer,$contact,$datarray = array(),$item = "") {
function lose_follower($importer, $contact, array $datarray = array(), $item = "") {
if (($contact['rel'] == CONTACT_IS_FRIEND) || ($contact['rel'] == CONTACT_IS_SHARING)) {
q("UPDATE `contact` SET `rel` = %d WHERE `id` = %d",
@ -1611,7 +1612,7 @@ function lose_follower($importer,$contact,$datarray = array(),$item = "") {
}
}
function lose_sharer($importer,$contact,$datarray = array(),$item = "") {
function lose_sharer($importer, $contact, array $datarray = array(), $item = "") {
if (($contact['rel'] == CONTACT_IS_FRIEND) || ($contact['rel'] == CONTACT_IS_FOLLOWER)) {
q("UPDATE `contact` SET `rel` = %d WHERE `id` = %d",
@ -1623,7 +1624,7 @@ function lose_sharer($importer,$contact,$datarray = array(),$item = "") {
}
}
function subscribe_to_hub($url,$importer,$contact,$hubmode = 'subscribe') {
function subscribe_to_hub($url, $importer, $contact, $hubmode = 'subscribe') {
$a = get_app();

206
include/ostatus.php

@ -239,6 +239,23 @@ class ostatus {
}
}
/**
* @brief Read attributes from element
*
* @param object $element Element object
*
* @return array attributes
*/
private static function read_attributes($element) {
$attribute = array();
foreach ($element->attributes AS $attributes) {
$attribute[$attributes->name] = $attributes->textContent;
}
return $attribute;
}
/**
* @brief Imports an XML string containing OStatus elements
*
@ -252,9 +269,9 @@ class ostatus {
logger("Import OStatus message", LOGGER_DEBUG);
if ($xml == "")
if ($xml == "") {
return;
}
//$tempfile = tempnam(get_temppath(), "import");
//file_put_contents($tempfile, $xml);
@ -273,13 +290,14 @@ class ostatus {
$gub = "";
$hub_attributes = $xpath->query("/atom:feed/atom:link[@rel='hub']")->item(0)->attributes;
if (is_object($hub_attributes))
foreach($hub_attributes AS $hub_attribute)
if (is_object($hub_attributes)) {
foreach ($hub_attributes AS $hub_attribute) {
if ($hub_attribute->name == "href") {
$hub = $hub_attribute->textContent;
logger("Found hub ".$hub, LOGGER_DEBUG);
}
}
}
$header = array();
$header["uid"] = $importer["uid"];
$header["network"] = NETWORK_OSTATUS;
@ -292,11 +310,11 @@ class ostatus {
// depending on that, the first node is different
$first_child = $doc->firstChild->tagName;
if ($first_child == "feed")
if ($first_child == "feed") {
$entries = $xpath->query('/atom:feed/atom:entry');
else
} else {
$entries = $xpath->query('/atom:entry');
}
$conversation = "";
$conversationlist = array();
$item_id = 0;
@ -304,25 +322,25 @@ class ostatus {
// Reverse the order of the entries
$entrylist = array();
foreach ($entries AS $entry)
foreach ($entries AS $entry) {
$entrylist[] = $entry;
}
foreach (array_reverse($entrylist) AS $entry) {
$mention = false;
// fetch the author
if ($first_child == "feed")
if ($first_child == "feed") {
$author = self::fetchauthor($xpath, $doc->firstChild, $importer, $contact, false);
else
} else {
$author = self::fetchauthor($xpath, $entry, $importer, $contact, false);
}
$value = $xpath->evaluate('atom:author/poco:preferredUsername/text()', $context)->item(0)->nodeValue;
if ($value != "")
if ($value != "") {
$nickname = $value;
else
} else {
$nickname = $author["author-name"];
}
$item = array_merge($header, $author);
// Now get the item
@ -330,7 +348,7 @@ class ostatus {
$r = q("SELECT `id` FROM `item` WHERE `uid` = %d AND `uri` = '%s'",
intval($importer["uid"]), dbesc($item["uri"]));
if ($r) {
if (dbm::is_result($r)) {
logger("Item with uri ".$item["uri"]." for user ".$importer["uid"]." already existed under id ".$r[0]["id"], LOGGER_DEBUG);
continue;
}
@ -341,9 +359,9 @@ class ostatus {
if (($item["object-type"] == ACTIVITY_OBJ_BOOKMARK) OR ($item["object-type"] == ACTIVITY_OBJ_EVENT)) {
$item["title"] = $xpath->query('atom:title/text()', $entry)->item(0)->nodeValue;
$item["body"] = $xpath->query('atom:summary/text()', $entry)->item(0)->nodeValue;
} elseif ($item["object-type"] == ACTIVITY_OBJ_QUESTION)
} elseif ($item["object-type"] == ACTIVITY_OBJ_QUESTION) {
$item["title"] = $xpath->query('atom:title/text()', $entry)->item(0)->nodeValue;
}
$item["object"] = $xml;
$item["verb"] = $xpath->query('activity:verb/text()', $entry)->item(0)->nodeValue;
@ -387,9 +405,9 @@ class ostatus {
}
// http://activitystrea.ms/schema/1.0/rsvp-yes
if (!in_array($item["verb"], array(ACTIVITY_POST, ACTIVITY_LIKE, ACTIVITY_SHARE)))
if (!in_array($item["verb"], array(ACTIVITY_POST, ACTIVITY_LIKE, ACTIVITY_SHARE))) {
logger("Unhandled verb ".$item["verb"]." ".print_r($item, true));
}
$item["created"] = $xpath->query('atom:published/text()', $entry)->item(0)->nodeValue;
$item["edited"] = $xpath->query('atom:updated/text()', $entry)->item(0)->nodeValue;
$conversation = $xpath->query('ostatus:conversation/text()', $entry)->item(0)->nodeValue;
@ -398,28 +416,32 @@ class ostatus {
$inreplyto = $xpath->query('thr:in-reply-to', $entry);
if (is_object($inreplyto->item(0))) {
foreach($inreplyto->item(0)->attributes AS $attributes) {
if ($attributes->name == "ref")
foreach ($inreplyto->item(0)->attributes AS $attributes) {
if ($attributes->name == "ref") {
$item["parent-uri"] = $attributes->textContent;
if ($attributes->name == "href")
}
if ($attributes->name == "href") {
$related = $attributes->textContent;
}
}
}
$georsspoint = $xpath->query('georss:point', $entry);
if ($georsspoint)
if ($georsspoint) {
$item["coord"] = $georsspoint->item(0)->nodeValue;
}
$categories = $xpath->query('atom:category', $entry);
if ($categories) {
foreach ($categories AS $category) {
foreach($category->attributes AS $attributes)
foreach ($category->attributes AS $attributes) {
if ($attributes->name == "term") {
$term = $attributes->textContent;
if(strlen($item["tag"]))
if(strlen($item["tag"])) {
$item["tag"] .= ',';
}
$item["tag"] .= "#[url=".App::get_baseurl()."/search?tag=".$term."]".$term."[/url]";
}
}
}
}
@ -428,61 +450,54 @@ class ostatus {
$links = $xpath->query('atom:link', $entry);
if ($links) {
$rel = "";
$href = "";
$type = "";
$length = "0";
$title = "";
foreach ($links AS $link) {
foreach($link->attributes AS $attributes) {
if ($attributes->name == "href")
$href = $attributes->textContent;
if ($attributes->name == "rel")
$rel = $attributes->textContent;
if ($attributes->name == "type")
$type = $attributes->textContent;
if ($attributes->name == "length")
$length = $attributes->textContent;
if ($attributes->name == "title")
$title = $attributes->textContent;
}
if (($rel != "") AND ($href != ""))
switch($rel) {
$attribute = self::read_attributes($link);
if (($attribute['rel'] != "") AND ($attribute['href'] != "")) {
switch ($attribute['rel']) {
case "alternate":
$item["plink"] = $href;
$item["plink"] = $attribute['href'];
if (($item["object-type"] == ACTIVITY_OBJ_QUESTION) OR
($item["object-type"] == ACTIVITY_OBJ_EVENT))
$item["body"] .= add_page_info($href);
($item["object-type"] == ACTIVITY_OBJ_EVENT)) {
$item["body"] .= add_page_info($attribute['href']);
}
break;
case "ostatus:conversation":
$conversation = $href;
$conversation = $attribute['href'];
break;
case "enclosure":
$enclosure = $href;
if(strlen($item["attach"]))
$enclosure = $attribute['href'];
if (strlen($item["attach"])) {
$item["attach"] .= ',';
$item["attach"] .= '[attach]href="'.$href.'" length="'.$length.'" type="'.$type.'" title="'.$title.'"[/attach]';
}
if (!isset($attribute['length'])) {
$attribute['length'] = "0";
}
$item["attach"] .= '[attach]href="'.$attribute['href'].'" length="'.$attribute['length'].'" type="'.$attribute['type'].'" title="'.$attribute['title'].'"[/attach]';
break;
case "related":
if ($item["object-type"] != ACTIVITY_OBJ_BOOKMARK) {
if (!isset($item["parent-uri"]))
$item["parent-uri"] = $href;
if ($related == "")
$related = $href;
} else
$item["body"] .= add_page_info($href);
if (!isset($item["parent-uri"])) {
$item["parent-uri"] = $attribute['href'];
}
if ($related == "") {
$related = $attribute['href'];
}
} else {
$item["body"] .= add_page_info($attribute['href']);
}
break;
case "self":
$self = $href;
$self = $attribute['href'];
break;
case "mentioned":
// Notification check
if ($importer["nurl"] == normalise_link($href))
if ($importer["nurl"] == normalise_link($attribute['href'])) {
$mention = true;
}
break;
}
}
}
}
@ -491,13 +506,16 @@ class ostatus {
$notice_info = $xpath->query('statusnet:notice_info', $entry);
if ($notice_info AND ($notice_info->length > 0)) {
foreach($notice_info->item(0)->attributes AS $attributes) {
if ($attributes->name == "source")
foreach ($notice_info->item(0)->attributes AS $attributes) {
if ($attributes->name == "source") {
$item["app"] = strip_tags($attributes->textContent);
if ($attributes->name == "local_id")
}
if ($attributes->name == "local_id") {
$local_id = $attributes->textContent;
if ($attributes->name == "repeat_of")
}
if ($attributes->name == "repeat_of") {
$repeat_of = $attributes->textContent;
}
}
}
@ -508,25 +526,27 @@ class ostatus {
if (is_object($activityobjects)) {
$orig_uri = $xpath->query("activity:object/atom:id", $activityobjects)->item(0)->nodeValue;
if (!isset($orig_uri))
if (!isset($orig_uri)) {
$orig_uri = $xpath->query('atom:id/text()', $activityobjects)->item(0)->nodeValue;
}
$orig_links = $xpath->query("activity:object/atom:link[@rel='alternate']", $activityobjects);
if ($orig_links AND ($orig_links->length > 0))
foreach($orig_links->item(0)->attributes AS $attributes)
if ($attributes->name == "href")
if ($orig_links AND ($orig_links->length > 0)) {
foreach ($orig_links->item(0)->attributes AS $attributes) {
if ($attributes->name == "href") {
$orig_link = $attributes->textContent;
if (!isset($orig_link))
}
}
}
if (!isset($orig_link)) {
$orig_link = $xpath->query("atom:link[@rel='alternate']", $activityobjects)->item(0)->nodeValue;
if (!isset($orig_link))
}
if (!isset($orig_link)) {
$orig_link = self::convert_href($orig_uri);
}
$orig_body = $xpath->query('activity:object/atom:content/text()', $activityobjects)->item(0)->nodeValue;
if (!isset($orig_body))
if (!isset($orig_body)) {
$orig_body = $xpath->query('atom:content/text()', $activityobjects)->item(0)->nodeValue;
}
$orig_created = $xpath->query('atom:published/text()', $activityobjects)->item(0)->nodeValue;
$orig_edited = $xpath->query('atom:updated/text()', $activityobjects)->item(0)->nodeValue;
@ -550,8 +570,26 @@ class ostatus {
$item["verb"] = $xpath->query('activity:verb/text()', $activityobjects)->item(0)->nodeValue;
$item["object-type"] = $xpath->query('activity:object/activity:object-type/text()', $activityobjects)->item(0)->nodeValue;
if (!isset($item["object-type"]))
if (!isset($item["object-type"])) {
$item["object-type"] = $xpath->query('activity:object-type/text()', $activityobjects)->item(0)->nodeValue;
}
$enclosures = $xpath->query("atom:link[@rel='alternate']", $activityobjects);
if ($enclosures) {
foreach ($enclosures AS $link) {
$attribute = self::read_attributes($link);
if ($href != "") {
$enclosure = $attribute['href'];
if (strlen($item["attach"])) {
$item["attach"] .= ',';
}
if (!isset($attribute['length'])) {
$attribute['length'] = "0";
}
$item["attach"] .= '[attach]href="'.$attribute['href'].'" length="'.$attribute['length'].'" type="'.$attribute['type'].'" title="'.$attribute['title'].'"[/attach]';
}
}
}
}
}
@ -579,13 +617,13 @@ class ostatus {
intval($importer["uid"]), dbesc($item["parent-uri"]));
}
}
if ($r) {
if (dbm::is_result($r)) {
$item["type"] = 'remote-comment';
$item["gravity"] = GRAVITY_COMMENT;
}
} else
} else {
$item["parent-uri"] = $item["uri"];
}
$item_id = self::completion($conversation, $importer["uid"], $item, $self);
if (!$item_id) {

12
include/update_gcontact.php

@ -2,11 +2,11 @@
use \Friendica\Core\Config;
function update_gcontact_run(&$argv, &$argc){
function update_gcontact_run(&$argv, &$argc) {
global $a;
require_once('include/Scrape.php');
require_once('include/socgraph.php');
require_once 'include/Scrape.php';
require_once 'include/socgraph.php';
logger('update_gcontact: start');
@ -21,11 +21,13 @@ function update_gcontact_run(&$argv, &$argc){
$r = q("SELECT * FROM `gcontact` WHERE `id` = %d", intval($contact_id));
if (!$r)
if (!dbm::_is_result($r)) {
return;
}
if (!in_array($r[0]["network"], array(NETWORK_DFRN, NETWORK_DIASPORA, NETWORK_OSTATUS)))
if (!in_array($r[0]["network"], array(NETWORK_DFRN, NETWORK_DIASPORA, NETWORK_OSTATUS))) {
return;
}
$data = probe_url($r[0]["url"]);

171
index.php

@ -28,17 +28,17 @@ $a->backend = false;
/**
*
* Load the configuration file which contains our DB credentials.
* Ignore errors. If the file doesn't exist or is empty, we are running in installation mode.
* Ignore errors. If the file doesn't exist or is empty, we are running in
* installation mode.
*
*/
$install = ((file_exists('.htconfig.php') && filesize('.htconfig.php')) ? false : true);
@include(".htconfig.php");
// Only load config if found, don't surpress errors
if (!$install) {
include ".htconfig.php";
}
/**
*
@ -46,11 +46,11 @@ $install = ((file_exists('.htconfig.php') && filesize('.htconfig.php')) ? false
*
*/
require_once("include/dba.php");
require_once "include/dba.php";
if(!$install) {
if (!$install) {
$db = new dba($db_host, $db_user, $db_pass, $db_data, $install);
unset($db_host, $db_user, $db_pass, $db_data);
unset($db_host, $db_user, $db_pass, $db_data);
/**
* Load configs from db. Overwrite configs from .htconfig.php
@ -59,17 +59,17 @@ if(!$install) {
Config::load();
if ($a->max_processes_reached() OR $a->maxload_reached()) {
header($_SERVER["SERVER_PROTOCOL"].' 503 Service Temporarily Unavailable');
header($_SERVER["SERVER_PROTOCOL"] . ' 503 Service Temporarily Unavailable');
header('Retry-After: 120');
header('Refresh: 120; url='.App::get_baseurl()."/".$a->query_string);
header('Refresh: 120; url=' . App::get_baseurl() . "/" . $a->query_string);
die("System is currently unavailable. Please try again later");
}
if (get_config('system','force_ssl') AND ($a->get_scheme() == "http") AND
(intval(get_config('system','ssl_policy')) == SSL_POLICY_FULL) AND
if (get_config('system', 'force_ssl') AND ($a->get_scheme() == "http") AND
(intval(get_config('system', 'ssl_policy')) == SSL_POLICY_FULL) AND
(substr(App::get_baseurl(), 0, 8) == "https://")) {
header("HTTP/1.1 302 Moved Temporarily");
header("Location: ".App::get_baseurl()."/".$a->query_string);
header("Location: " . App::get_baseurl() . "/" . $a->query_string);
exit();
}
@ -117,12 +117,12 @@ if (x($_SESSION,'authenticated') && !x($_SESSION,'language')) {
if (dbm::is_result($r)) $_SESSION['language'] = $r[0]['language'];
}
if((x($_SESSION,'language')) && ($_SESSION['language'] !== $lang)) {
if ((x($_SESSION,'language')) && ($_SESSION['language'] !== $lang)) {
$lang = $_SESSION['language'];
load_translation_table($lang);
}
if((x($_GET,'zrl')) && (!$install && !$maintenance)) {
if ((x($_GET,'zrl')) && (!$install && !$maintenance)) {
// Only continue when the given profile link seems valid
// Valid profile links contain a path with "/profile/" and no query parameters
if ((parse_url($_GET['zrl'], PHP_URL_QUERY) == "") AND
@ -223,7 +223,7 @@ if ((local_user()) || (! $privateapps === "1")) {
* further processing.
*/
if(strlen($a->module)) {
if (strlen($a->module)) {
/**
*
@ -233,12 +233,14 @@ if(strlen($a->module)) {
*/
// Compatibility with the Android Diaspora client
if ($a->module == "stream")
if ($a->module == "stream") {
$a->module = "network";
}
// Compatibility with the Firefox App
if (($a->module == "users") AND ($a->cmd == "users/sign_in"))
if (($a->module == "users") AND ($a->cmd == "users/sign_in")) {
$a->module = "login";
}
$privateapps = get_config('config','private_addons');
@ -246,11 +248,11 @@ if(strlen($a->module)) {
//Check if module is an app and if public access to apps is allowed or not
if ((!local_user()) && plugin_is_app($a->module) && $privateapps === "1") {
info( t("You must be logged in to use addons. "));
}
else {
} else {
include_once("addon/{$a->module}/{$a->module}.php");
if(function_exists($a->module . '_module'))
if (function_exists($a->module . '_module')) {
$a->module_loaded = true;
}
}
}
@ -320,29 +322,22 @@ if (!$install && !$maintenance) {
* Call module functions
*/
if($a->module_loaded) {
if ($a->module_loaded) {
$a->page['page_title'] = $a->module;
$placeholder = '';
if(function_exists($a->module . '_init')) {
if (function_exists($a->module . '_init')) {
call_hooks($a->module . '_mod_init', $placeholder);
$func = $a->module . '_init';
$func($a);
}
if(function_exists(str_replace('-','_',current_theme()) . '_init')) {
if (function_exists(str_replace('-','_',current_theme()) . '_init')) {
$func = str_replace('-','_',current_theme()) . '_init';
$func($a);
}
// elseif (x($a->theme_info,"extends") && file_exists("view/theme/".$a->theme_info["extends"]."/theme.php")) {
// require_once("view/theme/".$a->theme_info["extends"]."/theme.php");
// if(function_exists(str_replace('-','_',$a->theme_info["extends"]) . '_init')) {
// $func = str_replace('-','_',$a->theme_info["extends"]) . '_init';
// $func($a);
// }
// }
if(($_SERVER['REQUEST_METHOD'] === 'POST') && (! $a->error)
if (($_SERVER['REQUEST_METHOD'] === 'POST') && (! $a->error)
&& (function_exists($a->module . '_post'))
&& (! x($_POST,'auth-params'))) {
call_hooks($a->module . '_mod_post', $_POST);
@ -350,13 +345,13 @@ if($a->module_loaded) {
$func($a);
}
if((! $a->error) && (function_exists($a->module . '_afterpost'))) {
if ((! $a->error) && (function_exists($a->module . '_afterpost'))) {
call_hooks($a->module . '_mod_afterpost',$placeholder);
$func = $a->module . '_afterpost';
$func($a);
}
if((! $a->error) && (function_exists($a->module . '_content'))) {
if ((! $a->error) && (function_exists($a->module . '_content'))) {
$arr = array('content' => $a->page['content']);
call_hooks($a->module . '_mod_content', $arr);
$a->page['content'] = $arr['content'];
@ -366,7 +361,7 @@ if($a->module_loaded) {
$a->page['content'] .= $arr['content'];
}
if(function_exists(str_replace('-','_',current_theme()) . '_content_loaded')) {
if (function_exists(str_replace('-','_',current_theme()) . '_content_loaded')) {
$func = str_replace('-','_',current_theme()) . '_content_loaded';
$func($a);
}
@ -374,98 +369,76 @@ if($a->module_loaded) {
/*
* Create the page head after setting the language
* and getting any auth credentials
* and getting any auth credentials.
*
* Moved init_pagehead() and init_page_end() to after
* all the module functions have executed so that all
* theme choices made by the modules can take effect
* theme choices made by the modules can take effect.
*/
$a->init_pagehead();
/**
/*
* Build the page ending -- this is stuff that goes right before
* the closing </body> tag
*/
$a->init_page_end();
// If you're just visiting, let javascript take you home
if(x($_SESSION,'visitor_home'))
if (x($_SESSION, 'visitor_home')) {
$homebase = $_SESSION['visitor_home'];
elseif(local_user())
} elseif (local_user()) {
$homebase = 'profile/' . $a->user['nickname'];
}
if(isset($homebase))
if (isset($homebase)) {
$a->page['content'] .= '<script>var homebase="' . $homebase . '" ; </script>';
}
// now that we've been through the module content, see if the page reported
// a permission problem and if so, a 403 response would seem to be in order.
if(stristr( implode("",$_SESSION['sysmsg']), t('Permission denied'))) {
/*
* now that we've been through the module content, see if the page reported
* a permission problem and if so, a 403 response would seem to be in order.
*/
if (stristr(implode("", $_SESSION['sysmsg']), t('Permission denied'))) {
header($_SERVER["SERVER_PROTOCOL"] . ' 403 ' . t('Permission denied.'));
}
/**
*
/*
* Report anything which needs to be communicated in the notification area (before the main body)
*
*/
/*if(x($_SESSION,'sysmsg')) {
$a->page['content'] = "<div id=\"sysmsg\" class=\"error-message\">{$_SESSION['sysmsg']}</div>\r\n"
. ((x($a->page,'content')) ? $a->page['content'] : '');
$_SESSION['sysmsg']="";
unset($_SESSION['sysmsg']);
}
if(x($_SESSION,'sysmsg_info')) {
$a->page['content'] = "<div id=\"sysmsg_info\" class=\"info-message\">{$_SESSION['sysmsg_info']}</div>\r\n"
. ((x($a->page,'content')) ? $a->page['content'] : '');
$_SESSION['sysmsg_info']="";
unset($_SESSION['sysmsg_info']);
}*/
call_hooks('page_end', $a->page['content']);
/**
*
/*
* Add the navigation (menu) template
*
*/
if($a->module != 'install' && $a->module != 'maintenance') {
if ($a->module != 'install' && $a->module != 'maintenance') {
nav($a);
}
/**
/*
* Add a "toggle mobile" link if we're using a mobile device
*/
if($a->is_mobile || $a->is_tablet) {
if(isset($_SESSION['show-mobile']) && !$_SESSION['show-mobile']) {
if ($a->is_mobile || $a->is_tablet) {
if (isset($_SESSION['show-mobile']) && !$_SESSION['show-mobile']) {
$link = 'toggle_mobile?address=' . curPageURL();
}
else {
} else {
$link = 'toggle_mobile?off=1&address=' . curPageURL();
}
$a->page['footer'] = replace_macros(get_markup_template("toggle_mobile_footer.tpl"), array(
'$toggle_link' => $link,
'$toggle_text' => t('toggle mobile')
));
'$toggle_link' => $link,
'$toggle_text' => t('toggle mobile')
));
}
/**
* Build the page - now that we have all the components
*/
if(!$a->theme['stylesheet'])
if (!$a->theme['stylesheet']) {
$stylesheet = current_theme_url();
else
} else {
$stylesheet = $a->theme['stylesheet'];
}
$a->page['htmlhead'] = str_replace('{{$stylesheet}}',$stylesheet,$a->page['htmlhead']);
//$a->page['htmlhead'] = replace_macros($a->page['htmlhead'], array('$stylesheet' => $stylesheet));
@ -478,6 +451,7 @@ if (isset($_GET["mode"]) AND (($_GET["mode"] == "raw") OR ($_GET["mode"] == "min
$content = mb_convert_encoding($a->page["content"], 'HTML-ENTITIES', "UTF-8");
/// @TODO one day, kill those error-surpressing @ stuff, or PHP should ban it
@$doc->loadHTML($content);
$xpath = new DomXPath($doc);
@ -485,7 +459,6 @@ if (isset($_GET["mode"]) AND (($_GET["mode"] == "raw") OR ($_GET["mode"] == "min
$list = $xpath->query("//*[contains(@id,'tread-wrapper-')]"); /* */
foreach ($list as $item) {
$item = $target->importNode($item, true);
// And then append it to the target
@ -499,32 +472,30 @@ if (isset($_GET["mode"]) AND ($_GET["mode"] == "raw")) {
echo substr($target->saveHTML(), 6, -8);
if (!$a->is_backend())
session_write_close();
exit;
killme();
}
$page = $a->page;
$profile = $a->profile;
header("X-Friendica-Version: ".FRIENDICA_VERSION);
header("X-Friendica-Version: " . FRIENDICA_VERSION);
header("Content-type: text/html; charset=utf-8");
// We use $_GET["mode"] for special page templates. So we will check if we have
// to load another page template than the default one
// The page templates are located in /view/php/ or in the theme directory
/*
* We use $_GET["mode"] for special page templates. So we will check if we have
* to load another page template than the default one.
* The page templates are located in /view/php/ or in the theme directory.
*/
if (isset($_GET["mode"])) {
$template = theme_include($_GET["mode"].'.php');
$template = theme_include($_GET["mode"] . '.php');
}
// If there is no page template use the default page template
if(!$template) {
if (!$template) {
$template = theme_include("default.php");
}
require_once($template);
/// @TODO Looks unsafe (remote-inclusion), is maybe not but theme_include() uses file_exists() but does not escape anything
require_once $template;
if (!$a->is_backend())
session_write_close();
exit;
killme();

16
mod/admin.php

@ -2004,22 +2004,22 @@ function admin_page_features_post(App $a) {
$features = get_features(false);
foreach ($features as $fname => $fdata) {
foreach (array_slice($fdata,1) as $f) {
foreach (array_slice($fdata, 1) as $f) {
$feature = $f[0];
$feature_state = 'feature_'.$feature;
$featurelock = 'featurelock_'.$feature;
$feature_state = 'feature_' . $feature;
$featurelock = 'featurelock_' . $feature;
if (x($_POST[$feature_state])) {
$val = intval($_POST['feature_'.$feature]);
if (x($_POST, $feature_state)) {
$val = intval($_POST[$feature_state]);
} else {
$val = 0;
}
set_config('feature',$feature,$val);
if (x($_POST[$featurelock])) {
set_config('feature_lock',$feature,$val);
if (x($_POST, $featurelock)) {
set_config('feature_lock', $feature, $val);
} else {
del_config('feature_lock',$feature);
del_config('feature_lock', $feature);
}
}
}

13
mod/dfrn_confirm.php

@ -586,17 +586,18 @@ function dfrn_confirm_post(App $a, $handsfree = null) {
dbesc($decrypted_source_url),
intval($local_uid)
);
if(! count($ret)) {
if(strstr($decrypted_source_url,'http:'))
if (!dbm::is_result($ret)) {
if (strstr($decrypted_source_url,'http:')) {
$newurl = str_replace('http:','https:',$decrypted_source_url);
else
} else {
$newurl = str_replace('https:','http:',$decrypted_source_url);
}
$ret = q("SELECT * FROM `contact` WHERE `url` = '%s' AND `uid` = %d LIMIT 1",
dbesc($newurl),
intval($local_uid)
);
if(! count($ret)) {
if (!dbm::is_result($ret)) {
// this is either a bogus confirmation (?) or we deleted the original introduction.
$message = t('Contact record was not found for you on our site.');
xml_status(3,$message);
@ -611,7 +612,7 @@ function dfrn_confirm_post(App $a, $handsfree = null) {
$foreign_pubkey = $ret[0]['site-pubkey'];
$dfrn_record = $ret[0]['id'];
if(! $foreign_pubkey) {
if (! $foreign_pubkey) {
$message = sprintf( t('Site public key not available in contact record for URL %s.'), $newurl);
xml_status(3,$message);
}
@ -619,7 +620,7 @@ function dfrn_confirm_post(App $a, $handsfree = null) {
$decrypted_dfrn_id = "";
openssl_public_decrypt($dfrn_id,$decrypted_dfrn_id,$foreign_pubkey);
if(strlen($aes_key)) {
if (strlen($aes_key)) {
$decrypted_aes_key = "";
openssl_private_decrypt($aes_key,$decrypted_aes_key,$my_prvkey);
$dfrn_pubkey = openssl_decrypt($public_key,'AES-256-CBC',$decrypted_aes_key);

128
mod/dfrn_notify.php

@ -28,14 +28,14 @@ function dfrn_notify_post(App $a) {
$prv = (($page == 2) ? 1 : 0);
$writable = (-1);
if($dfrn_version >= 2.21) {
if ($dfrn_version >= 2.21) {
$writable = (($perm === 'rw') ? 1 : 0);
}
$direction = (-1);
if(strpos($dfrn_id,':') == 1) {
$direction = intval(substr($dfrn_id,0,1));
$dfrn_id = substr($dfrn_id,2);
if (strpos($dfrn_id, ':') == 1) {
$direction = intval(substr($dfrn_id, 0, 1));
$dfrn_id = substr($dfrn_id, 2);
}
$r = q("SELECT * FROM `challenge` WHERE `dfrn-id` = '%s' AND `challenge` = '%s' LIMIT 1",
@ -70,9 +70,11 @@ function dfrn_notify_post(App $a) {
break; // NOTREACHED
}
// be careful - $importer will contain both the contact information for the contact
// sending us the post, and also the user information for the person receiving it.
// since they are mixed together, it is easy to get them confused.
/*
* be careful - $importer will contain both the contact information for the contact
* sending us the post, and also the user information for the person receiving it.
* since they are mixed together, it is easy to get them confused.
*/
$r = q("SELECT `contact`.*, `contact`.`uid` AS `importer_uid`,
`contact`.`pubkey` AS `cpubkey`,
@ -100,15 +102,16 @@ function dfrn_notify_post(App $a) {
logger("Remote rino version: ".$rino_remote." for ".$importer["url"], LOGGER_DEBUG);
if((($writable != (-1)) && ($writable != $importer['writable'])) || ($importer['forum'] != $forum) || ($importer['prv'] != $prv)) {
if ((($writable != (-1)) && ($writable != $importer['writable'])) || ($importer['forum'] != $forum) || ($importer['prv'] != $prv)) {
q("UPDATE `contact` SET `writable` = %d, forum = %d, prv = %d WHERE `id` = %d",
intval(($writable == (-1)) ? $importer['writable'] : $writable),
intval($forum),
intval($prv),
intval($importer['id'])
);
if($writable != (-1))
if ($writable != (-1)) {
$importer['writable'] = $writable;
}
$importer['forum'] = $page;
}
@ -120,7 +123,7 @@ function dfrn_notify_post(App $a) {
logger('dfrn_notify: received notify from ' . $importer['name'] . ' for ' . $importer['username']);
logger('dfrn_notify: data: ' . $data, LOGGER_DATA);
if($dissolve == 1) {
if ($dissolve == 1) {
/*
* Relationship is dissolved permanently
@ -133,19 +136,12 @@ function dfrn_notify_post(App $a) {
}
// If we are setup as a soapbox we aren't accepting input from this person
// This behaviour is deactivated since it really doesn't make sense to even disallow comments
// The check if someone is a friend or simply a follower is done in a later place so it needn't to be done here
//if($importer['page-flags'] == PAGE_SOAPBOX)
// xml_status(0);
$rino = get_config('system','rino_encrypt');
$rino = get_config('system', 'rino_encrypt');
$rino = intval($rino);
logger("Local rino version: ". $rino, LOGGER_DEBUG);
logger("Local rino version: " . $rino, LOGGER_DEBUG);
if(strlen($key)) {
if (strlen($key)) {
// if local rino is lower than remote rino, abort: should not happen!
// but only for $remote_rino > 1, because old code did't send rino version
@ -158,20 +154,17 @@ function dfrn_notify_post(App $a) {
logger('rino: md5 raw key: ' . md5($rawkey));
$final_key = '';
if($dfrn_version >= 2.1) {
if((($importer['duplex']) && strlen($importer['cprvkey'])) || (! strlen($importer['cpubkey']))) {
openssl_private_decrypt($rawkey,$final_key,$importer['cprvkey']);
if ($dfrn_version >= 2.1) {
if ((($importer['duplex']) && strlen($importer['cprvkey'])) || (! strlen($importer['cpubkey']))) {
openssl_private_decrypt($rawkey, $final_key, $importer['cprvkey']);
} else {
openssl_public_decrypt($rawkey, $final_key, $importer['cpubkey']);
}
else {
openssl_public_decrypt($rawkey,$final_key,$importer['cpubkey']);
}
}
else {
if((($importer['duplex']) && strlen($importer['cpubkey'])) || (! strlen($importer['cprvkey']))) {
openssl_public_decrypt($rawkey,$final_key,$importer['cpubkey']);
}
else {
openssl_private_decrypt($rawkey,$final_key,$importer['cprvkey']);
} else {
if ((($importer['duplex']) && strlen($importer['cpubkey'])) || (! strlen($importer['cprvkey']))) {
openssl_public_decrypt($rawkey, $final_key, $importer['cpubkey']);
} else {
openssl_private_decrypt($rawkey, $final_key, $importer['cprvkey']);
}
}
@ -180,27 +173,31 @@ function dfrn_notify_post(App $a) {
switch($rino_remote) {
case 0:
case 1:
// we got a key. old code send only the key, without RINO version.
// we assume RINO 1 if key and no RINO version
$data = dfrn::aes_decrypt(hex2bin($data),$final_key);
/*
*we got a key. old code send only the key, without RINO version.
* we assume RINO 1 if key and no RINO version
*/
$data = dfrn::aes_decrypt(hex2bin($data), $final_key);
break;
case 2:
try {
$data = Crypto::decrypt(hex2bin($data),$final_key);
$data = Crypto::decrypt(hex2bin($data), $final_key);
} catch (InvalidCiphertext $ex) { // VERY IMPORTANT
// Either:
// 1. The ciphertext was modified by the attacker,
// 2. The key is wrong, or
// 3. $ciphertext is not a valid ciphertext or was corrupted.
// Assume the worst.
/*
* Either:
* 1. The ciphertext was modified by the attacker,
* 2. The key is wrong, or
* 3. $ciphertext is not a valid ciphertext or was corrupted.
* Assume the worst.
*/
logger('The ciphertext has been tampered with!');
xml_status(0,'The ciphertext has been tampered with!');
xml_status(0, 'The ciphertext has been tampered with!');
} catch (Ex\CryptoTestFailed $ex) {
logger('Cannot safely perform dencryption');
xml_status(0,'CryptoTestFailed');
xml_status(0, 'CryptoTestFailed');
} catch (Ex\CannotPerformOperation $ex) {
logger('Cannot safely perform decryption');
xml_status(0,'Cannot safely perform decryption');
xml_status(0, 'Cannot safely perform decryption');
}
break;
default:
@ -223,8 +220,10 @@ function dfrn_notify_content(App $a) {
if(x($_GET,'dfrn_id')) {
// initial communication from external contact, $direction is their direction.
// If this is a duplex communication, ours will be the opposite.
/*
* initial communication from external contact, $direction is their direction.
* If this is a duplex communication, ours will be the opposite.
*/
$dfrn_id = notags(trim($_GET['dfrn_id']));
$dfrn_version = (float) $_GET['dfrn_version'];
@ -288,42 +287,43 @@ function dfrn_notify_content(App $a) {
logger("Remote rino version: ".$rino_remote." for ".$r[0]["url"], LOGGER_DEBUG);
$challenge = '';
$challenge = '';
$encrypted_id = '';
$id_str = $my_id . '.' . mt_rand(1000,9999);
$id_str = $my_id . '.' . mt_rand(1000,9999);
$prv_key = trim($r[0]['prvkey']);
$pub_key = trim($r[0]['pubkey']);
$dplx = intval($r[0]['duplex']);
if((($dplx) && (strlen($prv_key))) || ((strlen($prv_key)) && (!(strlen($pub_key))))) {
openssl_private_encrypt($hash,$challenge,$prv_key);
openssl_private_encrypt($id_str,$encrypted_id,$prv_key);
}
elseif(strlen($pub_key)) {
openssl_public_encrypt($hash,$challenge,$pub_key);
openssl_public_encrypt($id_str,$encrypted_id,$pub_key);
}
else
$dplx = intval($r[0]['duplex']);
if ((($dplx) && (strlen($prv_key))) || ((strlen($prv_key)) && (!(strlen($pub_key))))) {
openssl_private_encrypt($hash, $challenge, $prv_key);
openssl_private_encrypt($id_str, $encrypted_id, $prv_key);
} elseif (strlen($pub_key)) {
openssl_public_encrypt($hash, $challenge, $pub_key);
openssl_public_encrypt($id_str, $encrypted_id, $pub_key);
} else {
/// @TODO these kind of else-blocks are making the code harder to understand
$status = 1;
}
$challenge = bin2hex($challenge);
$encrypted_id = bin2hex($encrypted_id);
$rino = get_config('system','rino_encrypt');
$rino = get_config('system', 'rino_encrypt');
$rino = intval($rino);
logger("Local rino version: ". $rino, LOGGER_DEBUG);
// if requested rino is lower than enabled local rino, lower local rino version
// if requested rino is higher than enabled local rino, reply with local rino
if ($rino_remote < $rino) $rino = $rino_remote;
if ($rino_remote < $rino) {
$rino = $rino_remote;
}
if((($r[0]['rel']) && ($r[0]['rel'] != CONTACT_IS_SHARING)) || ($r[0]['page-flags'] == PAGE_COMMUNITY)) {
$perm = 'rw';
}
else {
} else {
$perm = 'r';
}

3
mod/install.php

@ -460,9 +460,6 @@ function check_funcs(&$checks) {
$ck_funcs[6]['status'] = false;
$ck_funcs[6]['help'] = t('Error, XML PHP module required but not installed.');
}
/*if((x($_SESSION,'sysmsg')) && is_array($_SESSION['sysmsg']) && count($_SESSION['sysmsg']))
notice( t('Please see the file "INSTALL.txt".') . EOL);*/
}

491
mod/item.php
File diff suppressed because it is too large
View File

46
mod/manage.php

@ -22,34 +22,34 @@ function manage_post(App $a) {
}
}
$r = q("select * from manage where uid = %d",
$r = q("SELECT * FROM `manage` WHERE `uid` = %d",
intval($uid)
);
$submanage = $r;
$identity = ((x($_POST['identity'])) ? intval($_POST['identity']) : 0);
if(! $identity)
if (! $identity) {
return;
}
$limited_id = 0;
$original_id = $uid;
if(count($submanage)) {
foreach($submanage as $m) {
if($identity == $m['mid']) {
if (dbm::is_result($submanage)) {
foreach ($submanage as $m) {
if ($identity == $m['mid']) {
$limited_id = $m['mid'];
break;
}
}
}
if($limited_id) {
if ($limited_id) {
$r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
intval($limited_id)
);
}
else {
} else {
$r = q("SELECT * FROM `user` WHERE `uid` = %d AND `email` = '%s' AND `password` = '%s' LIMIT 1",
intval($identity),
dbesc($orig_record['email']),
@ -70,18 +70,22 @@ function manage_post(App $a) {
unset($_SESSION['mobile-theme']);
unset($_SESSION['page_flags']);
unset($_SESSION['return_url']);
if(x($_SESSION,'submanage'))
if (x($_SESSION, 'submanage')) {
unset($_SESSION['submanage']);
if(x($_SESSION,'sysmsg'))
}
if (x($_SESSION, 'sysmsg')) {
unset($_SESSION['sysmsg']);
if(x($_SESSION,'sysmsg_info'))
}
if (x($_SESSION, 'sysmsg_info')) {
unset($_SESSION['sysmsg_info']);
}
require_once('include/security.php');
authenticate_success($r[0],true,true);
authenticate_success($r[0], true, true);
if($limited_id)
if ($limited_id) {
$_SESSION['submanage'] = $original_id;
}
$ret = array();
call_hooks('home_init',$ret);
@ -113,26 +117,32 @@ function manage_content(App $a) {
dbesc($id['uid'])
);
$identities[$key][thumb] = $thumb[0][thumb];
$identities[$key]['thumb'] = $thumb[0]['thumb'];
$identities[$key]['selected'] = (($id['nickname'] === $a->user['nickname']) ? true : false);
$identities[$key]['selected'] = ($id['nickname'] === $a->user['nickname']);
$notifications = 0;
$r = q("SELECT DISTINCT(`parent`) FROM `notify` WHERE `uid` = %d AND NOT `seen` AND NOT (`type` IN (%d, %d))",
intval($id['uid']), intval(NOTIFY_INTRO), intval(NOTIFY_MAIL));
if ($r)
if (dbm::is_result($r)) {
$notifications = sizeof($r);
}
$r = q("SELECT DISTINCT(`convid`) FROM `mail` WHERE `uid` = %d AND NOT `seen`",
intval($id['uid']));
if ($r)
if (dbm::is_result($r)) {
$notifications = $notifications + sizeof($r);
}
$r = q("SELECT COUNT(*) AS `introductions` FROM `intro` WHERE NOT `blocked` AND NOT `ignore` AND `uid` = %d",
intval($id['uid']));
if ($r)
if (dbm::is_result($r)) {
$notifications = $notifications + $r[0]["introductions"];
}
$identities[$key]['notifications'] = $notifications;
}

28
mod/network.php

@ -6,7 +6,7 @@ function network_init(App $a) {
}
$is_a_date_query = false;
if (x($_GET['cid']) && intval($_GET['cid']) != 0) {
if (x($_GET, 'cid') && intval($_GET['cid']) != 0) {
$cid = $_GET['cid'];
}
@ -103,24 +103,27 @@ function network_init(App $a) {
}
}
if(x($_GET['nets']) && $_GET['nets'] === 'all')
// If nets is set to all, unset it
if (x($_GET, 'nets') && $_GET['nets'] === 'all') {
unset($_GET['nets']);
}
$group_id = (($a->argc > 1 && is_numeric($a->argv[1])) ? intval($a->argv[1]) : 0);
set_pconfig(local_user(), 'network.view', 'group.selected', $group_id);
require_once('include/group.php');
require_once('include/contact_widgets.php');
require_once('include/items.php');
require_once('include/ForumManager.php');
require_once 'include/group.php';
require_once 'include/contact_widgets.php';
require_once 'include/items.php';
require_once 'include/ForumManager.php';
if(! x($a->page,'aside'))
if (! x($a->page, 'aside')) {
$a->page['aside'] = '';
}
$search = ((x($_GET,'search')) ? escape_tags($_GET['search']) : '');
$search = ((x($_GET, 'search')) ? escape_tags($_GET['search']) : '');
if(x($_GET,'save')) {
if (x($_GET, 'save')) {
$r = qu("SELECT * FROM `search` WHERE `uid` = %d AND `term` = '%s' LIMIT 1",
intval(local_user()),
dbesc($search)
@ -132,7 +135,7 @@ function network_init(App $a) {
);
}
}
if(x($_GET,'remove')) {
if (x($_GET, 'remove')) {
q("DELETE FROM `search` WHERE `uid` = %d AND `term` = '%s'",
intval(local_user()),
dbesc($search)
@ -140,7 +143,7 @@ function network_init(App $a) {
}
// search terms header
if(x($_GET,'search')) {
if (x($_GET, 'search')) {
$a->page['content'] .= replace_macros(get_markup_template("section_title.tpl"),array(
'$title' => sprintf( t('Results for: %s'), $search)
));
@ -157,8 +160,9 @@ function network_init(App $a) {
function saved_searches($search) {
if(! feature_enabled(local_user(),