friendica
/
friendica
mirror of https://github.com/friendica/friendica
6
0
Fork 1
Code Issues Packages Projects Releases 1 Wiki Activity

Merge pull request #10586 from annando/app-user2 

Get rid of app->user completely
This commit is contained in:
Hypolite Petovan 2021-08-09 16:59:46 -04:00 committed by GitHub
parent 3267b50d22 28cfdec7c4
commit 536fbe5af1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
66 changed files with 1101 additions and 1120 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
boot.php
View File

@ -379,7 +379,7 @@ function is_site_admin()
$adminlist = explode(',', str_replace(' ', '', $admin_email));
return local_user() && $admin_email && in_array($a->user['email'] ?? '', $adminlist);
return local_user() && $admin_email && DBA::exists('user', ['uid' => $a->getLoggedInUserId(), 'email' => $adminlist]);
}
/**

4
include/api.php
View File

@ -258,7 +258,7 @@ function api_login(App $a)
$_SESSION["allow_api"] = true;
Hook::callAll('logged_in', $a->user);
Hook::callAll('logged_in', $record);
}
/**
@ -322,7 +322,7 @@ function api_call(App $a, App\Arguments $args = null)
if (!empty($info['auth']) && api_user() === false) {
api_login($a);
Logger::info(API_LOG_PREFIX . 'username {username}', ['module' => 'api', 'action' => 'call', 'username' => $a->user['username']]);
Logger::info(API_LOG_PREFIX . 'nickname {nickname}', ['module' => 'api', 'action' => 'call', 'nickname' => $a->getLoggedInUserNickname()]);
}
Logger::debug(API_LOG_PREFIX . 'parameters', ['module' => 'api', 'action' => 'call', 'parameters' => $_REQUEST]);

17
include/conversation.php
View File

@ -22,6 +22,7 @@
use Friendica\App;
use Friendica\Content\ContactSelector;
use Friendica\Content\Feature;
use Friendica\Core\ACL;
use Friendica\Core\Hook;
use Friendica\Core\Logger;
use Friendica\Core\Protocol;
@ -34,6 +35,7 @@ use Friendica\Model\Contact;
use Friendica\Model\Item;
use Friendica\Model\Post;
use Friendica\Model\Tag;
use Friendica\Model\User;
use Friendica\Model\Verb;
use Friendica\Object\Post as PostObject;
use Friendica\Object\Thread;
@ -1064,11 +1066,24 @@ function format_activity(array $links, $verb, $id) {
return $o;
}
function status_editor(App $a, $x, $notes_cid = 0, $popup = false)
function status_editor(App $a, array $x = [], $notes_cid = 0, $popup = false)
{
DI::profiler()->startRecording('rendering');
$o = '';
$user = User::getById($a->getLoggedInUserId(), ['uid', 'nickname', 'allow_location', 'default-location']);
$x['allow_location'] = $x['allow_location'] ?? $user['allow_location'];
$x['default_location'] = $x['default_location'] ?? $user['default-location'];
$x['nickname'] = $x['nickname'] ?? $user['nickname'];
$x['lockstate'] = $x['lockstate'] ?? ACL::getLockstateForUserId($user['uid']) ? 'lock' : 'unlock';
$x['acl'] = $x['acl'] ?? ACL::getFullSelectorHTML(DI::page(), $user['uid'], true);
$x['bang'] = $x['bang'] ?? '';
$x['visitor'] = $x['visitor'] ?? 'block';
$x['is_owner'] = $x['is_owner'] ?? true;
$x['profile_uid'] = $x['profile_uid'] ?? local_user();
$geotag = !empty($x['allow_location']) ? Renderer::replaceMacros(Renderer::getMarkupTemplate('jot_geotag.tpl'), []) : '';
$tpl = Renderer::getMarkupTemplate('jot-header.tpl');

7
mod/api.php
View File

@ -26,12 +26,7 @@ require_once __DIR__ . '/../include/api.php';
function api_post(App $a)
{
if (!local_user()) {
notice(DI::l10n()->t('Permission denied.'));
return;
}
if (count($a->user) && !empty($a->user['uid']) && $a->user['uid'] != local_user()) {
if (!$a->isLoggedIn()) {
notice(DI::l10n()->t('Permission denied.'));
return;
}

2
mod/cal.php
View File

@ -127,7 +127,7 @@ function cal_content(App $a)
$sql_extra = " AND `event`.`cid` = 0 " . $sql_perms;
// get the tab navigation bar
$tabs = BaseProfile::getTabsHTML($a, 'cal', false, $owner);
$tabs = BaseProfile::getTabsHTML($a, 'cal', false, $owner['nickname'], $owner['hide-friends']);
// The view mode part is similiar to /mod/events.php
if ($mode == 'view') {

16
mod/display.php
View File

@ -22,7 +22,6 @@
use Friendica\App;
use Friendica\Content\Text\BBCode;
use Friendica\Content\Widget;
use Friendica\Core\ACL;
use Friendica\Core\Logger;
use Friendica\Core\Protocol;
use Friendica\Core\Renderer;
@ -63,7 +62,7 @@ function display_init(App $a)
if (local_user()) {
$item = Post::selectFirstForUser(local_user(), $fields, ['guid' => DI::args()->getArgv()[1], 'uid' => local_user()]);
if (DBA::isResult($item)) {
$nick = $a->user['nickname'];
$nick = $a->getLoggedInUserNickname();
}
}
@ -273,18 +272,7 @@ function display_content(App $a, $update = false, $update_uid = 0)
// We need the editor here to be able to reshare an item.
if ($is_owner && !$update) {
$x = [
'is_owner' => true,
'allow_location' => $a->user['allow_location'],
'default_location' => $a->user['default-location'],
'nickname' => $a->user['nickname'],
'lockstate' => (is_array($a->user) && (strlen($a->user['allow_cid']) || strlen($a->user['allow_gid']) || strlen($a->user['deny_cid']) || strlen($a->user['deny_gid'])) ? 'lock' : 'unlock'),
'acl' => ACL::getFullSelectorHTML(DI::page(), $a->user, true),
'bang' => '',
'visitor' => 'block',
'profile_uid' => local_user(),
];
$o .= status_editor($a, $x, 0, true);
$o .= status_editor($a, [], 0, true);
}
$sql_extra = Item::getPermissionsSQLByUserId($page_uid);

7
mod/editpost.php
View File

@ -27,6 +27,7 @@ use Friendica\Database\DBA;
use Friendica\DI;
use Friendica\Model\Contact;
use Friendica\Model\Post;
use Friendica\Model\User;
use Friendica\Util\Crypto;
function editpost_content(App $a)
@ -55,6 +56,8 @@ function editpost_content(App $a)
return;
}
$user = User::getById(local_user());
$geotag = '';
$o .= Renderer::replaceMacros(Renderer::getMarkupTemplate("section_title.tpl"), [
@ -65,7 +68,7 @@ function editpost_content(App $a)
DI::page()['htmlhead'] .= Renderer::replaceMacros($tpl, [
'$ispublic' => '&nbsp;', // DI::l10n()->t('Visible to <strong>everybody</strong>'),
'$geotag' => $geotag,
'$nickname' => $a->user['nickname'],
'$nickname' => $a->getLoggedInUserNickname(),
'$is_mobile' => DI::mode()->isMobile(),
]);
@ -107,7 +110,7 @@ function editpost_content(App $a)
'$posttype' => $item['post-type'],
'$content' => undo_post_tagging($item['body']),
'$post_id' => $post_id,
'$defloc' => $a->user['default-location'],
'$defloc' => $user['default-location'],
'$visitor' => 'none',
'$pvisit' => 'none',
'$emailcc' => DI::l10n()->t('CC: email addresses'),

4
mod/events.php
View File

@ -280,7 +280,7 @@ function events_content(App $a)
$tabs = '';
// tabs
if ($a->getThemeInfoValue('events_in_profile')) {
$tabs = BaseProfile::getTabsHTML($a, 'events', true, $a->user);
$tabs = BaseProfile::getTabsHTML($a, 'events', true, $a->getLoggedInUserNickname(), false);
}
$mode = 'view';
@ -513,7 +513,7 @@ function events_content(App $a)
$fminute = !empty($orig_event) ? DateTimeFormat::convert($fdt, $tz, 'UTC', 'i') : '00';
if (!$cid && in_array($mode, ['new', 'copy'])) {
$acl = ACL::getFullSelectorHTML(DI::page(), $a->user, false, ACL::getDefaultUserPermissions($orig_event));
$acl = ACL::getFullSelectorHTML(DI::page(), $a->getLoggedInUserId(), false, ACL::getDefaultUserPermissions($orig_event));
} else {
$acl = '';
}

6
mod/fbrowser.php
View File

@ -88,7 +88,7 @@ function fbrowser_content(App $a)
}
return [
DI::baseUrl() . '/photos/' . $a->user['nickname'] . '/image/' . $rr['resource-id'],
DI::baseUrl() . '/photos/' . $a->getLoggedInUserNickname() . '/image/' . $rr['resource-id'],
$filename_e,
DI::baseUrl() . '/photo/' . $rr['resource-id'] . '-' . $scale . '.'. $ext
];
@ -103,7 +103,7 @@ function fbrowser_content(App $a)
'$folders' => $albums,
'$files' => $files,
'$cancel' => DI::l10n()->t('Cancel'),
'$nickname' => $a->user['nickname'],
'$nickname' => $a->getLoggedInUserNickname(),
'$upload' => DI::l10n()->t('Upload')
]);
@ -132,7 +132,7 @@ function fbrowser_content(App $a)
'$folders' => false,
'$files' => $files,
'$cancel' => DI::l10n()->t('Cancel'),
'$nickname' => $a->user['nickname'],
'$nickname' => $a->getLoggedInUserNickname(),
'$upload' => DI::l10n()->t('Upload')
]);
}

2
mod/follow.php
View File

@ -175,7 +175,7 @@ function follow_process(App $a, string $url)
{
$return_path = 'follow?url=' . urlencode($url);
$result = Contact::createFromProbe($a->user, $url, true);
$result = Contact::createFromProbeForUser($a->getLoggedInUserId(), $url);
if ($result['success'] == false) {
// Possibly it is a remote item and not an account

1
mod/item.php
View File

@ -55,7 +55,6 @@ use Friendica\Model\User;
use Friendica\Network\HTTPException;
use Friendica\Object\EMail\ItemCCEMail;
use Friendica\Protocol\Activity;
use Friendica\Protocol\Diaspora;
use Friendica\Security\Security;
use Friendica\Util\DateTimeFormat;
use Friendica\Util\ParseUrl;

8
mod/message.php
View File

@ -112,7 +112,7 @@ function message_content(App $a)
return Login::form();
}
$myprofile = DI::baseUrl() . '/profile/' . $a->user['nickname'];
$myprofile = DI::baseUrl() . '/profile/' . $a->getLoggedInUserNickname();
$tpl = Renderer::getMarkupTemplate('mail_head.tpl');
if (DI::args()->getArgc() > 1 && DI::args()->getArgv()[1] == 'new') {
@ -179,7 +179,7 @@ function message_content(App $a)
$tpl = Renderer::getMarkupTemplate('msg-header.tpl');
DI::page()['htmlhead'] .= Renderer::replaceMacros($tpl, [
'$baseurl' => DI::baseUrl()->get(true),
'$nickname' => $a->user['nickname'],
'$nickname' => $a->getLoggedInUserNickname(),
'$linkurl' => DI::l10n()->t('Please enter a link URL:')
]);
@ -292,7 +292,7 @@ function message_content(App $a)
$tpl = Renderer::getMarkupTemplate('msg-header.tpl');
DI::page()['htmlhead'] .= Renderer::replaceMacros($tpl, [
'$baseurl' => DI::baseUrl()->get(true),
'$nickname' => $a->user['nickname'],
'$nickname' => $a->getLoggedInUserNickname(),
'$linkurl' => DI::l10n()->t('Please enter a link URL:')
]);
@ -431,7 +431,7 @@ function render_messages(array $msg, $t)
$tpl = Renderer::getMarkupTemplate($t);
$rslt = '';
$myprofile = DI::baseUrl() . '/profile/' . $a->user['nickname'];
$myprofile = DI::baseUrl() . '/profile/' . $a->getLoggedInUserNickname();
foreach ($msg as $rr) {
if ($rr['unknown']) {

9
mod/notes.php
View File

@ -45,21 +45,14 @@ function notes_content(App $a, $update = false)
return;
}
$o = BaseProfile::getTabsHTML($a, 'notes', true, $a->user);
$o = BaseProfile::getTabsHTML($a, 'notes', true, $a->getLoggedInUserNickname(), false);
if (!$update) {
$o .= '<h3>' . DI::l10n()->t('Personal Notes') . '</h3>';
$x = [
'is_owner' => true,
'allow_location' => (($a->user['allow_location']) ? true : false),
'default_location' => $a->user['default-location'],
'nickname' => $a->user['nickname'],
'lockstate' => 'lock',
'acl' => \Friendica\Core\ACL::getSelfOnlyHTML(local_user(), DI::l10n()->t('Personal notes are visible only by yourself.')),
'bang' => '',
'visitor' => 'block',
'profile_uid' => local_user(),
'button' => DI::l10n()->t('Save'),
'acl_data' => '',
];

2
mod/ostatus_subscribe.php
View File

@ -111,7 +111,7 @@ function ostatus_subscribe_content(App $a)
$probed = Contact::getByURL($url);
if (in_array($probed['network'], Protocol::FEDERATED)) {
$result = Contact::createFromProbe($a->user, $probed['url']);
$result = Contact::createFromProbeForUser($a->getLoggedInUserId(), $probed['url']);
if ($result['success']) {
$o .= ' - ' . DI::l10n()->t('success');
} else {

18
mod/photos.php
View File

@ -38,6 +38,7 @@ use Friendica\Model\Contact;
use Friendica\Model\Item;
use Friendica\Model\Photo;
use Friendica\Model\Post;
use Friendica\Model\Profile;
use Friendica\Model\Tag;
use Friendica\Model\User;
use Friendica\Module\BaseProfile;
@ -223,7 +224,7 @@ function photos_post(App $a)
// Update the photo albums cache
Photo::clearAlbumCache($page_owner_uid);
DI::baseUrl()->redirect('photos/' . $a->user['nickname'] . '/album/' . bin2hex($newalbum));
DI::baseUrl()->redirect('photos/' . $a->getLoggedInUserNickname() . '/album/' . bin2hex($newalbum));
return; // NOTREACHED
}
@ -830,6 +831,8 @@ function photos_content(App $a)
return;
}
$profile = Profile::getByUID($user['uid']);
$phototypes = Images::supportedTypes();
$_SESSION['photo_return'] = DI::args()->getCommand();
@ -903,7 +906,7 @@ function photos_content(App $a)
// tabs
$is_owner = (local_user() && (local_user() == $owner_uid));
$o .= BaseProfile::getTabsHTML($a, 'photos', $is_owner, $user);
$o .= BaseProfile::getTabsHTML($a, 'photos', $is_owner, $user['nickname'], $profile['hide-friends']);
// Display upload form
if ($datatype === 'upload') {
@ -945,7 +948,7 @@ function photos_content(App $a)
$tpl = Renderer::getMarkupTemplate('photos_upload.tpl');
$aclselect_e = ($visitor ? '' : ACL::getFullSelectorHTML(DI::page(), $a->user));
$aclselect_e = ($visitor ? '' : ACL::getFullSelectorHTML(DI::page(), $a->getLoggedInUserId()));
$o .= Renderer::replaceMacros($tpl,[
'$pagename' => DI::l10n()->t('Upload Photos'),
@ -958,12 +961,7 @@ function photos_content(App $a)
'$albumselect' => $albumselect,
'$permissions' => DI::l10n()->t('Permissions'),
'$aclselect' => $aclselect_e,
'$lockstate' => is_array($a->user)
&& (strlen($a->user['allow_cid'])
|| strlen($a->user['allow_gid'])
|| strlen($a->user['deny_cid'])
|| strlen($a->user['deny_gid'])
) ? 'lock' : 'unlock',
'$lockstate' => ACL::getLockstateForUserId($a->getLoggedInUserId()) ? 'lock' : 'unlock',
'$alt_uploader' => $ret['addon_text'],
'$default_upload_box' => ($ret['default_upload'] ? $default_upload_box : ''),
'$default_upload_submit' => ($ret['default_upload'] ? $default_upload_submit : ''),
@ -1309,7 +1307,7 @@ function photos_content(App $a)
$album_e = $ph[0]['album'];
$caption_e = $ph[0]['desc'];
$aclselect_e = ACL::getFullSelectorHTML(DI::page(), $a->user, false, ACL::getDefaultUserPermissions($ph[0]));
$aclselect_e = ACL::getFullSelectorHTML(DI::page(), $a->getLoggedInUserId(), false, ACL::getDefaultUserPermissions($ph[0]));
$edit = Renderer::replaceMacros($edit_tpl, [
'$id' => $ph[0]['id'],

2
mod/ping.php
View File

@ -193,7 +193,7 @@ function ping_init(App $a)
$intro_count = count($intros1) + count($intros2);
$intros = $intros1 + $intros2;
$myurl = DI::baseUrl() . '/profile/' . $a->user['nickname'];
$myurl = DI::baseUrl() . '/profile/' . $a->getLoggedInUserNickname();
$mails = q(
"SELECT `id`, `from-name`, `from-url`, `from-photo`, `created` FROM `mail`
WHERE `uid` = %d AND `seen` = 0 AND `from-url` != '%s' ",

4
mod/removeme.php
View File

@ -69,8 +69,8 @@ function removeme_post(App $a)
DI::emailer()->send($email);
}
if (User::getIdFromPasswordAuthentication($a->user, trim($_POST['qxz_password']))) {
User::remove($a->user['uid']);
if (User::getIdFromPasswordAuthentication($a->getLoggedInUserId(), trim($_POST['qxz_password']))) {
User::remove($a->getLoggedInUserId());
unset($_SESSION['authenticated']);
unset($_SESSION['uid']);

2
mod/repair_ostatus.php
View File

@ -70,7 +70,7 @@ function repair_ostatus_content(App $a) {
$o .= "<p>".DI::l10n()->t("Keep this window open until done.")."</p>";
Contact::createFromProbe($a->user, $r[0]["url"], true);
Contact::createFromProbeForUser($a->getLoggedInUserId(), $r[0]["url"]);
DI::page()['htmlhead'] = '<meta http-equiv="refresh" content="1; URL=' . DI::baseUrl() . '/repair_ostatus?counter='.$counter.'">';

90
mod/settings.php
View File

@ -53,7 +53,8 @@ function settings_init(App $a)
function settings_post(App $a)
{
if (!local_user()) {
if (!$a->isLoggedIn()) {
notice(DI::l10n()->t('Permission denied.'));
return;
}
@ -61,11 +62,6 @@ function settings_post(App $a)
return;
}
if (count($a->user) && !empty($a->user['uid']) && $a->user['uid'] != local_user()) {
notice(DI::l10n()->t('Permission denied.'));
return;
}
if ((DI::args()->getArgc() > 1) && (DI::args()->getArgv()[1] == 'addon')) {
BaseModule::checkFormSecurityTokenRedirectOnError('/settings/addon', 'settings_addon');
@ -73,6 +69,8 @@ function settings_post(App $a)
return;
}
$user = User::getById($a->getLoggedInUserId());
if ((DI::args()->getArgc() > 1) && (DI::args()->getArgv()[1] == 'connectors')) {
BaseModule::checkFormSecurityTokenRedirectOnError('/settings/connectors', 'settings_connectors');
@ -108,7 +106,7 @@ function settings_post(App $a)
}
if (strlen($mail_pass)) {
$pass = '';
openssl_public_encrypt($mail_pass, $pass, $a->user['pubkey']);
openssl_public_encrypt($mail_pass, $pass, $user['pubkey']);
DBA::update('mailacct', ['pass' => bin2hex($pass)], ['uid' => local_user()]);
}
$r = q("UPDATE `mailacct` SET `server` = '%s', `port` = %d, `ssltype` = '%s', `user` = '%s',
@ -134,7 +132,7 @@ function settings_post(App $a)
if (strlen($eacct['server'])) {
$dcrpass = '';
openssl_private_decrypt(hex2bin($eacct['pass']), $dcrpass, $a->user['prvkey']);
openssl_private_decrypt(hex2bin($eacct['pass']), $dcrpass, $user['prvkey']);
$mbox = Email::connect($mb, $mail_user, $dcrpass);
unset($dcrpass);
if (!$mbox) {
@ -309,7 +307,7 @@ function settings_post(App $a)
$err = '';
if ($username != $a->user['username']) {
if ($username != $user['username']) {
if (strlen($username) > 40) {
$err .= DI::l10n()->t('Please use a shorter name.');
}
@ -318,11 +316,11 @@ function settings_post(App $a)
}
}
if ($email != $a->user['email']) {
if ($email != $user['email']) {
// check for the correct password
if (!User::authenticate(intval(local_user()), $_POST['mpassword'])) {
$err .= DI::l10n()->t('Wrong Password.');
$email = $a->user['email'];
$email = $user['email'];
}
// check the email is valid
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
@ -333,7 +331,7 @@ function settings_post(App $a)
$adminlist = explode(",", str_replace(" ", "", strtolower(DI::config()->get('config', 'admin_email'))));
if (in_array(strtolower($email), $adminlist)) {
$err .= DI::l10n()->t('Cannot change to that email.');
$email = $a->user['email'];
$email = $user['email'];
}
}
}
@ -343,7 +341,7 @@ function settings_post(App $a)
return;
}
if (($timezone != $a->user['timezone']) && strlen($timezone)) {
if (($timezone != $user['timezone']) && strlen($timezone)) {
date_default_timezone_set($timezone);
}
@ -592,18 +590,20 @@ function settings_content(App $a)
return;
}
$username = $a->user['username'];
$email = $a->user['email'];
$nickname = $a->user['nickname'];
$timezone = $a->user['timezone'];
$language = $a->user['language'];
$notify = $a->user['notify-flags'];
$defloc = $a->user['default-location'];
$openid = $a->user['openid'];
$maxreq = $a->user['maxreq'];
$expire = ((intval($a->user['expire'])) ? $a->user['expire'] : '');
$unkmail = $a->user['unkmail'];
$cntunkmail = $a->user['cntunkmail'];
$user = User::getById($a->getLoggedInUserId());
$username = $user['username'];
$email = $user['email'];
$nickname = $a->getLoggedInUserNickname();
$timezone = $user['timezone'];
$language = $user['language'];
$notify = $user['notify-flags'];
$defloc = $user['default-location'];
$openid = $user['openid'];
$maxreq = $user['maxreq'];
$expire = ((intval($user['expire'])) ? $user['expire'] : '');
$unkmail = $user['unkmail'];
$cntunkmail = $user['cntunkmail'];
$expire_items = DI::pConfig()->get(local_user(), 'expire', 'items', true);
$expire_notes = DI::pConfig()->get(local_user(), 'expire', 'notes', true);
@ -611,15 +611,15 @@ function settings_content(App $a)
$expire_photos = DI::pConfig()->get(local_user(), 'expire', 'photos', false);
$expire_network_only = DI::pConfig()->get(local_user(), 'expire', 'network_only', false);
if (!strlen($a->user['timezone'])) {
if (!strlen($user['timezone'])) {
$timezone = date_default_timezone_get();
}
// Set the account type to "Community" when the page is a community page but the account type doesn't fit
// This is only happening on the first visit after the update
if (in_array($a->user['page-flags'], [User::PAGE_FLAGS_COMMUNITY, User::PAGE_FLAGS_PRVGROUP]) &&
($a->user['account-type'] != User::ACCOUNT_TYPE_COMMUNITY))
$a->user['account-type'] = User::ACCOUNT_TYPE_COMMUNITY;
if (in_array($user['page-flags'], [User::PAGE_FLAGS_COMMUNITY, User::PAGE_FLAGS_PRVGROUP]) &&
($user['account-type'] != User::ACCOUNT_TYPE_COMMUNITY))
$user['account-type'] = User::ACCOUNT_TYPE_COMMUNITY;
$pageset_tpl = Renderer::getMarkupTemplate('settings/pagetypes.tpl');
@ -627,7 +627,7 @@ function settings_content(App $a)
'$account_types' => DI::l10n()->t("Account Types"),
'$user' => DI::l10n()->t("Personal Page Subtypes"),
'$community' => DI::l10n()->t("Community Forum Subtypes"),
'$account_type' => $a->user['account-type'],
'$account_type' => $user['account-type'],
'$type_person' => User::ACCOUNT_TYPE_PERSON,
'$type_organisation' => User::ACCOUNT_TYPE_ORGANISATION,
'$type_news' => User::ACCOUNT_TYPE_NEWS,
@ -635,39 +635,39 @@ function settings_content(App $a)
'$account_person' => ['account-type', DI::l10n()->t('Personal Page'), User::ACCOUNT_TYPE_PERSON,
DI::l10n()->t('Account for a personal profile.'),
($a->user['account-type'] == User::ACCOUNT_TYPE_PERSON)],
($user['account-type'] == User::ACCOUNT_TYPE_PERSON)],
'$account_organisation' => ['account-type', DI::l10n()->t('Organisation Page'), User::ACCOUNT_TYPE_ORGANISATION,
DI::l10n()->t('Account for an organisation that automatically approves contact requests as "Followers".'),
($a->user['account-type'] == User::ACCOUNT_TYPE_ORGANISATION)],
($user['account-type'] == User::ACCOUNT_TYPE_ORGANISATION)],
'$account_news' => ['account-type', DI::l10n()->t('News Page'), User::ACCOUNT_TYPE_NEWS,
DI::l10n()->t('Account for a news reflector that automatically approves contact requests as "Followers".'),
($a->user['account-type'] == User::ACCOUNT_TYPE_NEWS)],
($user['account-type'] == User::ACCOUNT_TYPE_NEWS)],
'$account_community' => ['account-type', DI::l10n()->t('Community Forum'), User::ACCOUNT_TYPE_COMMUNITY,
DI::l10n()->t('Account for community discussions.'),
($a->user['account-type'] == User::ACCOUNT_TYPE_COMMUNITY)],
($user['account-type'] == User::ACCOUNT_TYPE_COMMUNITY)],
'$page_normal' => ['page-flags', DI::l10n()->t('Normal Account Page'), User::PAGE_FLAGS_NORMAL,
DI::l10n()->t('Account for a regular personal profile that requires manual approval of "Friends" and "Followers".'),
($a->user['page-flags'] == User::PAGE_FLAGS_NORMAL)],
($user['page-flags'] == User::PAGE_FLAGS_NORMAL)],
'$page_soapbox' => ['page-flags', DI::l10n()->t('Soapbox Page'), User::PAGE_FLAGS_SOAPBOX,
DI::l10n()->t('Account for a public profile that automatically approves contact requests as "Followers".'),
($a->user['page-flags'] == User::PAGE_FLAGS_SOAPBOX)],
($user['page-flags'] == User::PAGE_FLAGS_SOAPBOX)],
'$page_community' => ['page-flags', DI::l10n()->t('Public Forum'), User::PAGE_FLAGS_COMMUNITY,
DI::l10n()->t('Automatically approves all contact requests.'),
($a->user['page-flags'] == User::PAGE_FLAGS_COMMUNITY)],
($user['page-flags'] == User::PAGE_FLAGS_COMMUNITY)],
'$page_freelove' => ['page-flags', DI::l10n()->t('Automatic Friend Page'), User::PAGE_FLAGS_FREELOVE,
DI::l10n()->t('Account for a popular profile that automatically approves contact requests as "Friends".'),
($a->user['page-flags'] == User::PAGE_FLAGS_FREELOVE)],
($user['page-flags'] == User::PAGE_FLAGS_FREELOVE)],
'$page_prvgroup' => ['page-flags', DI::l10n()->t('Private Forum [Experimental]'), User::PAGE_FLAGS_PRVGROUP,
DI::l10n()->t('Requires manual approval of contact requests.'),
($a->user['page-flags'] == User::PAGE_FLAGS_PRVGROUP)],
($user['page-flags'] == User::PAGE_FLAGS_PRVGROUP)],
]);
@ -731,7 +731,7 @@ function settings_content(App $a)
'$timezone' => ['timezone_select' , DI::l10n()->t('Your Timezone:'), Temporal::getTimezoneSelect($timezone), ''],
'$language' => ['language', DI::l10n()->t('Your Language:'), $language, DI::l10n()->t('Set the language we use to show you friendica interface and to send you emails'), $lang_choices],
'$defloc' => ['defloc', DI::l10n()->t('Default Post Location:'), $defloc, ''],
'$allowloc' => ['allow_location', DI::l10n()->t('Use Browser Location:'), ($a->user['allow_location'] == 1), ''],
'$allowloc' => ['allow_location', DI::l10n()->t('Use Browser Location:'), ($user['allow_location'] == 1), ''],
'$h_prv' => DI::l10n()->t('Security and Privacy Settings'),
'$visibility' => $profile['net-publish'],
@ -739,16 +739,16 @@ function settings_content(App $a)
'$profile_in_dir' => $profile_in_dir,
'$profile_in_net_dir' => ['profile_in_netdirectory', DI::l10n()->t('Allow your profile to be searchable globally?'), $profile['net-publish'], DI::l10n()->t("Activate this setting if you want others to easily find and follow you. Your profile will be searchable on remote systems. This setting also determines whether Friendica will inform search engines that your profile should be indexed or not.") . $net_pub_desc],
'$hide_friends' => ['hide-friends', DI::l10n()->t('Hide your contact/friend list from viewers of your profile?'), $profile['hide-friends'], DI::l10n()->t('A list of your contacts is displayed on your profile page. Activate this option to disable the display of your contact list.')],
'$hide_wall' => ['hidewall', DI::l10n()->t('Hide your profile details from anonymous viewers?'), $a->user['hidewall'], DI::l10n()->t('Anonymous visitors will only see your profile picture, your display name and the nickname you are using on your profile page. Your public posts and replies will still be accessible by other means.')],
'$hide_wall' => ['hidewall', DI::l10n()->t('Hide your profile details from anonymous viewers?'), $user['hidewall'], DI::l10n()->t('Anonymous visitors will only see your profile picture, your display name and the nickname you are using on your profile page. Your public posts and replies will still be accessible by other means.')],
'$unlisted' => ['unlisted', DI::l10n()->t('Make public posts unlisted'), DI::pConfig()->get(local_user(), 'system', 'unlisted'), DI::l10n()->t('Your public posts will not appear on the community pages or in search results, nor be sent to relay servers. However they can still appear on public feeds on remote servers.')],
'$accessiblephotos' => ['accessible-photos', DI::l10n()->t('Make all posted pictures accessible'), DI::pConfig()->get(local_user(), 'system', 'accessible-photos'), DI::l10n()->t("This option makes every posted picture accessible via the direct link. This is a workaround for the problem that most other networks can't handle permissions on pictures. Non public pictures still won't be visible for the public on your photo albums though.")],
'$blockwall' => ['blockwall', DI::l10n()->t('Allow friends to post to your profile page?'), (intval($a->user['blockwall']) ? '0' : '1'), DI::l10n()->t('Your contacts may write posts on your profile wall. These posts will be distributed to your contacts')], // array('blockwall', DI::l10n()->t('Allow friends to post to your profile page:'), !$blockwall, ''),
'$blocktags' => ['blocktags', DI::l10n()->t('Allow friends to tag your posts?'), (intval($a->user['blocktags']) ? '0' : '1'), DI::l10n()->t('Your contacts can add additional tags to your posts.')], // array('blocktags', DI::l10n()->t('Allow friends to tag your posts:'), !$blocktags, ''),
'$blockwall' => ['blockwall', DI::l10n()->t('Allow friends to post to your profile page?'), (intval($user['blockwall']) ? '0' : '1'), DI::l10n()->t('Your contacts may write posts on your profile wall. These posts will be distributed to your contacts')], // array('blockwall', DI::l10n()->t('Allow friends to post to your profile page:'), !$blockwall, ''),
'$blocktags' => ['blocktags', DI::l10n()->t('Allow friends to tag your posts?'), (intval($user['blocktags']) ? '0' : '1'), DI::l10n()->t('Your contacts can add additional tags to your posts.')], // array('blocktags', DI::l10n()->t('Allow friends to tag your posts:'), !$blocktags, ''),
'$unkmail' => ['unkmail', DI::l10n()->t('Permit unknown people to send you private mail?'), $unkmail, DI::l10n()->t('Friendica network users may send you private messages even if they are not in your contact list.')],
'$cntunkmail' => ['cntunkmail', DI::l10n()->t('Maximum private messages per day from unknown people:'), $cntunkmail , DI::l10n()->t("\x28to prevent spam abuse\x29")],
'$group_select' => Group::displayGroupSelection(local_user(), $a->user['def_gid']),
'$group_select' => Group::displayGroupSelection(local_user(), $user['def_gid']),
'$permissions' => DI::l10n()->t('Default Post Permissions'),
'$aclselect' => ACL::getFullSelectorHTML(DI::page(), $a->user),
'$aclselect' => ACL::getFullSelectorHTML(DI::page(), $a->getLoggedInUserId()),
'$expire' => [
'label' => DI::l10n()->t('Expiration settings'),

4
mod/videos.php
View File

@ -29,6 +29,7 @@ use Friendica\Database\DBA;
use Friendica\DI;
use Friendica\Model\Attach;
use Friendica\Model\Item;
use Friendica\Model\Profile;
use Friendica\Model\User;
use Friendica\Module\BaseProfile;
use Friendica\Security\Security;
@ -120,6 +121,7 @@ function videos_content(App $a)
return;
}
$profile = Profile::getByUID($user['uid']);
//$phototypes = Photo::supportedTypes();
$_SESSION['video_return'] = DI::args()->getCommand();
@ -171,7 +173,7 @@ function videos_content(App $a)
// tabs
$_is_owner = (local_user() && (local_user() == $user['uid']));
$o .= BaseProfile::getTabsHTML($a, 'videos', $_is_owner, $user);
$o .= BaseProfile::getTabsHTML($a, 'videos', $_is_owner, $user['nickname'], $profile['hide-friends']);
//
// dispatch request

49
src/App.php
View File

@ -56,8 +56,6 @@ use Psr\Log\LoggerInterface;
*/
class App
{
public $user;
// Allow themes to control internal parameters
// by changing App values in theme.php
private $theme_info = [
@ -66,6 +64,8 @@ class App
'events_in_profile' => true
];
private $user_id = 0;
private $nickname = '';
private $timezone = '';
private $profile_owner = 0;
private $contact_id = 0;
@ -126,6 +126,51 @@ class App
*/
private $pConfig;
/**
* Set the user ID
*
* @param int $user_id
* @return void
*/
public function setLoggedInUserId(int $user_id)
{
$this->user_id = $user_id;
}
/**
* Set the nickname
*
* @param int $user_id
* @return void
*/
public function setLoggedInUserNickname(string $nickname)
{
$this->nickname = $nickname;
}
public function isLoggedIn()
{
return local_user() && $this->user_id && ($this->user_id == local_user());
}
/**
* Fetch the user id
* @return int
*/
public function getLoggedInUserId()
{
return $this->user_id;
}
/**
* Fetch the user nick name
* @return string
*/
public function getLoggedInUserNickname()
{
return $this->nickname;
}
/**
* Set the profile owner ID
*

4
src/App/Page.php
View File

@ -277,8 +277,8 @@ class Page implements ArrayAccess
// If you're just visiting, let javascript take you home
if (!empty($_SESSION['visitor_home'])) {
$homebase = $_SESSION['visitor_home'];
} elseif (!empty($app->user['nickname'])) {
$homebase = 'profile/' . $app->user['nickname'];
} elseif (!empty($app->getLoggedInUserNickname())) {
$homebase = 'profile/' . $app->getLoggedInUserNickname();
}
if (isset($homebase)) {

16
src/BaseModule.php
View File

@ -22,6 +22,7 @@
namespace Friendica;
use Friendica\Core\Logger;
use Friendica\Model\User;
/**
* All modules in Friendica should extend BaseModule, although not all modules
@ -135,10 +136,9 @@ abstract class BaseModule
*/
public static function getFormSecurityToken($typename = '')
{
$a = DI::app();
$user = User::getById(DI::app()->getLoggedInUserId(), ['guid', 'prvkey']);
$timestamp = time();
$sec_hash = hash('whirlpool', ($a->user['guid'] ?? '') . ($a->user['prvkey'] ?? '') . session_id() . $timestamp . $typename);
$sec_hash = hash('whirlpool', ($user['guid'] ?? '') . ($user['prvkey'] ?? '') . session_id() . $timestamp . $typename);
return $timestamp . '.' . $sec_hash;
}
@ -163,14 +163,14 @@ abstract class BaseModule
$max_livetime = 10800; // 3 hours
$a = DI::app();
$user = User::getById(DI::app()->getLoggedInUserId(), ['guid', 'prvkey']);
$x = explode('.', $hash);
if (time() > (intval($x[0]) + $max_livetime)) {
return false;
}
$sec_hash = hash('whirlpool', ($a->user['guid'] ?? '') . ($a->user['prvkey'] ?? '') . session_id() . $x[0] . $typename);
$sec_hash = hash('whirlpool', ($user['guid'] ?? '') . ($user['prvkey'] ?? '') . session_id() . $x[0] . $typename);
return ($sec_hash == $x[1]);
}
@ -183,8 +183,7 @@ abstract class BaseModule
public static function checkFormSecurityTokenRedirectOnError($err_redirect, $typename = '', $formname = 'form_security_token')
{
if (!self::checkFormSecurityToken($typename, $formname)) {
$a = DI::app();
Logger::log('checkFormSecurityToken failed: user ' . $a->user['guid'] . ' - form element ' . $typename);
Logger::log('checkFormSecurityToken failed: user ' . DI::app()->getLoggedInUserNickname() . ' - form element ' . $typename);
Logger::log('checkFormSecurityToken failed: _REQUEST data: ' . print_r($_REQUEST, true), Logger::DATA);
notice(self::getFormSecurityStandardErrorMessage());
DI::baseUrl()->redirect($err_redirect);
@ -194,8 +193,7 @@ abstract class BaseModule
public static function checkFormSecurityTokenForbiddenOnError($typename = '', $formname = 'form_security_token')
{
if (!self::checkFormSecurityToken($typename, $formname)) {
$a = DI::app();
Logger::log('checkFormSecurityToken failed: user ' . $a->user['guid'] . ' - form element ' . $typename);
Logger::log('checkFormSecurityToken failed: user ' . DI::app()->getLoggedInUserNickname() . ' - form element ' . $typename);
Logger::log('checkFormSecurityToken failed: _REQUEST data: ' . print_r($_REQUEST, true), Logger::DATA);
throw new \Friendica\Network\HTTPException\ForbiddenException();

2
src/Console/Contact.php
View File

@ -164,7 +164,7 @@ HELP;
$network = CliPrompt::prompt();
}
$result = ContactModel::createFromProbe($user, $url, false, $network);
$result = ContactModel::createFromProbeForUser($user['uid'], $url, $network);
if ($result['success']) {
$this->out('User ' . $user['nickname'] . ' now connected to ' . $url . ', contact ID ' . $result['cid']);

38
src/Content/Nav.php
View File

@ -154,7 +154,7 @@ class Nav
* Display the current site location as a navigation aid.
*/
$myident = ((is_array($a->user) && isset($a->user['nickname'])) ? $a->user['nickname'] . '@' : '');
$myident = !empty($a->getLoggedInUserNickname()) ? $a->getLoggedInUserNickname() . '@' : '';
$sitelocation = $myident . substr(DI::baseUrl()->get($ssl_state), strpos(DI::baseUrl()->get($ssl_state), '//') + 2);
@ -185,25 +185,21 @@ class Nav
$nav['login'] = ['login', DI::l10n()->t('Login'), (DI::module()->getName() == 'login' ? 'selected' : ''), DI::l10n()->t('Sign in')];
}
if (local_user()) {
if (!empty($a->user)) {
// user menu
$nav['usermenu'][] = ['profile/' . $a->user['nickname'], DI::l10n()->t('Status'), '', DI::l10n()->t('Your posts and conversations')];
$nav['usermenu'][] = ['profile/' . $a->user['nickname'] . '/profile', DI::l10n()->t('Profile'), '', DI::l10n()->t('Your profile page')];
$nav['usermenu'][] = ['photos/' . $a->user['nickname'], DI::l10n()->t('Photos'), '', DI::l10n()->t('Your photos')];
$nav['usermenu'][] = ['videos/' . $a->user['nickname'], DI::l10n()->t('Videos'), '', DI::l10n()->t('Your videos')];
$nav['usermenu'][] = ['events/', DI::l10n()->t('Events'), '', DI::l10n()->t('Your events')];
$nav['usermenu'][] = ['notes/', DI::l10n()->t('Personal notes'), '', DI::l10n()->t('Your personal notes')];
if ($a->isLoggedIn()) {
// user menu
$nav['usermenu'][] = ['profile/' . $a->getLoggedInUserNickname(), DI::l10n()->t('Status'), '', DI::l10n()->t('Your posts and conversations')];
$nav['usermenu'][] = ['profile/' . $a->getLoggedInUserNickname() . '/profile', DI::l10n()->t('Profile'), '', DI::l10n()->t('Your profile page')];
$nav['usermenu'][] = ['photos/' . $a->getLoggedInUserNickname(), DI::l10n()->t('Photos'), '', DI::l10n()->t('Your photos')];
$nav['usermenu'][] = ['videos/' . $a->getLoggedInUserNickname(), DI::l10n()->t('Videos'), '', DI::l10n()->t('Your videos')];
$nav['usermenu'][] = ['events/', DI::l10n()->t('Events'), '', DI::l10n()->t('Your events')];
$nav['usermenu'][] = ['notes/', DI::l10n()->t('Personal notes'), '', DI::l10n()->t('Your personal notes')];
// user info
$contact = DBA::selectFirst('contact', ['micro'], ['uid' => $a->user['uid'], 'self' => true]);
$userinfo = [
'icon' => (DBA::isResult($contact) ? DI::baseUrl()->remove($contact['micro']) : Contact::DEFAULT_AVATAR_MICRO),
'name' => $a->user['username'],
];
} else {
DI::logger()->warning('Empty $a->user for local user', ['local_user' => local_user(), '$a' => $a]);
}
// user info
$contact = DBA::selectFirst('contact', ['id', 'url', 'avatar', 'micro', 'name', 'nick', 'baseurl', 'updated'], ['uid' => $a->getLoggedInUserId(), 'self' => true]);
$userinfo = [
'icon' => Contact::getMicro($contact),
'name' => $contact['name'],
];
}
// "Home" should also take you home from an authenticated remote profile connection
@ -271,10 +267,10 @@ class Nav
}
// The following nav links are only show to logged in users
if (local_user() && !empty($a->user)) {
if (local_user() && !empty($a->getLoggedInUserNickname())) {
$nav['network'] = ['network', DI::l10n()->t('Network'), '', DI::l10n()->t('Conversations from your friends')];
$nav['home'] = ['profile/' . $a->user['nickname'], DI::l10n()->t('Home'), '', DI::l10n()->t('Your posts and conversations')];
$nav['home'] = ['profile/' . $a->getLoggedInUserNickname(), DI::l10n()->t('Home'), '', DI::l10n()->t('Your posts and conversations')];
// Don't show notifications for public communities
if (Session::get('page_flags', '') != User::PAGE_FLAGS_COMMUNITY) {

20
src/Core/ACL.php
View File

@ -26,12 +26,24 @@ use Friendica\Database\DBA;
use Friendica\DI;
use Friendica\Model\Contact;
use Friendica\Model\Group;
use Friendica\Model\User;
/**
* Handle ACL management and display
*/
class ACL
{
/**
* Returns the default lock state for the given user id
* @param int $uid
* @return bool "true" if the default settings are non public
*/
public static function getLockstateForUserId(int $uid)
{
$user = User::getById($uid, ['allow_cid', 'allow_gid', 'deny_cid', 'deny_gid']);
return !empty($user['allow_cid']) || !empty($user['allow_gid']) || !empty($user['deny_cid']) || !empty($user['deny_gid']);
}
/**
* Returns a select input tag for private message recipient
*
@ -210,7 +222,7 @@ class ACL
* Return the full jot ACL selector HTML
*
* @param Page $page
* @param array $user User array
* @param int $uid User ID
* @param bool $for_federation
* @param array $default_permissions Static defaults permission array:
* [
@ -226,18 +238,20 @@ class ACL
*/
public static function getFullSelectorHTML(
Page $page,
array $user = null,
int $uid = null,
bool $for_federation = false,
array $default_permissions = [],
array $condition = [],
$form_prefix = ''
) {
if (empty($user['uid'])) {
if (empty($uid)) {
return '';
}
static $input_group_id = 0;
$user = User::getById($uid);
$input_group_id++;
$page->registerFooterScript(Theme::getPathForFile('asset/typeahead.js/dist/typeahead.bundle.js'));

2
src/Factory/Notification/Introduction.php
View File

@ -68,7 +68,7 @@ class Introduction extends BaseFactory
$this->l10n = $l10n;
$this->pConfig = $pConfig;
$this->session = $session;
$this->nick = $app->user['nickname'] ?? '';
$this->nick = $app->getLoggedInUserNickname() ?? '';
}
/**

30
src/Model/Contact.php
View File

@ -2311,16 +2311,15 @@ class Contact
*
* Takes a $uid and a url/handle and adds a new contact
*
* @param array $user The user the contact should be created for
* @param int $uid The user id the contact should be created for
* @param string $url The profile URL of the contact
* @param bool $interactive
* @param string $network
* @return array
* @throws HTTPException\InternalServerErrorException
* @throws HTTPException\NotFoundException
* @throws \ImagickException
*/
public static function createFromProbe(array $user, $url, $interactive = false, $network = '')
public static function createFromProbeForUser(int $uid, $url, $network = '')
{
$result = ['cid' => -1, 'success' => false, 'message' => ''];
@ -2356,7 +2355,7 @@ class Contact
$ret = $arr['contact'];
} else {
$probed = true;
$ret = Probe::uri($url, $network, $user['uid']);
$ret = Probe::uri($url, $network, $uid);
}
if (($network != '') && ($ret['network'] != $network)) {
@ -2368,10 +2367,10 @@ class Contact
// the poll url is more reliable than the profile url, as we may have
// indirect links or webfinger links
$condition = ['uid' => $user['uid'], 'poll' => [$ret['poll'], Strings::normaliseLink($ret['poll'])], 'network' => $ret['network'], 'pending' => false];
$condition = ['uid' => $uid, 'poll' => [$ret['poll'], Strings::normaliseLink($ret['poll'])], 'network' => $ret['network'], 'pending' => false];
$contact = DBA::selectFirst('contact', ['id', 'rel'], $condition);
if (!DBA::isResult($contact)) {
$condition = ['uid' => $user['uid'], 'nurl' => Strings::normaliseLink($ret['url']), 'network' => $ret['network'], 'pending' => false];
$condition = ['uid' => $uid, 'nurl' => Strings::normaliseLink($ret['url']), 'network' => $ret['network'], 'pending' => false];
$contact = DBA::selectFirst('contact', ['id', 'rel'], $condition);
}
@ -2436,7 +2435,7 @@ class Contact
// create contact record
self::insert([
'uid' => $user['uid'],
'uid' => $uid,
'created' => DateTimeFormat::utcNow(),
'url' => $ret['url'],
'nurl' => Strings::normaliseLink($ret['url']),
@ -2464,7 +2463,7 @@ class Contact
]);
}
$contact = DBA::selectFirst('contact', [], ['url' => $ret['url'], 'network' => $ret['network'], 'uid' => $user['uid']]);
$contact = DBA::selectFirst('contact', [], ['url' => $ret['url'], 'network' => $ret['network'], 'uid' => $uid]);
if (!DBA::isResult($contact)) {
$result['message'] .= DI::l10n()->t('Unable to retrieve contact information.') . EOL;
return $result;
@ -2473,7 +2472,7 @@ class Contact
$contact_id = $contact['id'];
$result['cid'] = $contact_id;
Group::addMember(User::getDefaultGroup($user['uid'], $contact["network"]), $contact_id);
Group::addMember(User::getDefaultGroup($uid, $contact["network"]), $contact_id);
// Update the avatar
self::updateAvatar($contact_id, $ret['photo']);
@ -2489,7 +2488,7 @@ class Contact
Worker::add(PRIORITY_HIGH, 'UpdateContact', $contact_id);
}
$owner = User::getOwnerDataById($user['uid']);
$owner = User::getOwnerDataById($uid);
if (DBA::isResult($owner)) {
if (in_array($protocol, [Protocol::OSTATUS, Protocol::DFRN])) {
@ -2518,7 +2517,7 @@ class Contact
return false;
}
$ret = ActivityPub\Transmitter::sendActivity('Follow', $contact['url'], $user['uid'], $activity_id);
$ret = ActivityPub\Transmitter::sendActivity('Follow', $contact['url'], $uid, $activity_id);
Logger::log('Follow returns: ' . $ret);
}
}
@ -2579,14 +2578,9 @@ class Contact
*/
public static function follow(int $cid, int $uid)
{
$user = User::getById($uid);
if (empty($user)) {
return false;
}
$contact = self::getById($cid, ['url']);
$result = self::createFromProbe($user, $contact['url'], false);
$result = self::createFromProbeForUser($uid, $contact['url']);
return $result['cid'];
}
@ -2744,7 +2738,7 @@ class Contact
}
} elseif (DBA::isResult($user) && in_array($user['page-flags'], [User::PAGE_FLAGS_SOAPBOX, User::PAGE_FLAGS_FREELOVE, User::PAGE_FLAGS_COMMUNITY])) {
if (($user['page-flags'] == User::PAGE_FLAGS_FREELOVE) && ($network != Protocol::DIASPORA)) {
self::createFromProbe($importer, $url, false, $network);
self::createFromProbeForUser($importer['uid'], $url, $network);
}
$condition = ['uid' => $importer['uid'], 'url' => $url, 'pending' => true];

2
src/Model/Mail.php
View File

@ -173,7 +173,7 @@ class Mail
$recip_host = substr($recip_host, 0, strpos($recip_host, '/'));
$recip_handle = (($contact['addr']) ? $contact['addr'] : $contact['nick'] . '@' . $recip_host);
$sender_handle = $a->user['nickname'] . '@' . substr(DI::baseUrl(), strpos(DI::baseUrl(), '://') + 3);
$sender_handle = $a->getLoggedInUserNickname() . '@' . substr(DI::baseUrl(), strpos(DI::baseUrl(), '://') + 3);
$conv_guid = System::createUUID();
$convuri = $recip_handle . ':' . $conv_guid;

2
src/Model/User.php
View File

@ -155,6 +155,8 @@ class User
$system['region'] = '';
$system['country-name'] = '';
$system['net-publish'] = false;
$system['picdate'] = '';
$system['theme'] = '';
// Ensure that the user contains data
$user = DBA::selectFirst('user', ['prvkey', 'guid'], ['uid' => 0]);

16
src/Module/BaseApi.php
View File

@ -75,9 +75,7 @@ class BaseApi extends BaseModule
{
self::checkAllowedScope(self::SCOPE_WRITE);
$a = DI::app();
if (!empty($a->user['uid']) && $a->user['uid'] != self::getCurrentUserID()) {
if (!DI::app()->isLoggedIn()) {
throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
}
}
@ -86,9 +84,7 @@ class BaseApi extends BaseModule
{
self::checkAllowedScope(self::SCOPE_WRITE);
$a = DI::app();
if (!empty($a->user['uid']) && $a->user['uid'] != self::getCurrentUserID()) {
if (!DI::app()->isLoggedIn()) {
throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
}
}
@ -97,9 +93,7 @@ class BaseApi extends BaseModule
{
self::checkAllowedScope(self::SCOPE_WRITE);
$a = DI::app();
if (!empty($a->user['uid']) && $a->user['uid'] != self::getCurrentUserID()) {
if (!DI::app()->isLoggedIn()) {
throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
}
}
@ -108,9 +102,7 @@ class BaseApi extends BaseModule
{
self::checkAllowedScope(self::SCOPE_WRITE);
$a = DI::app();
if (!empty($a->user['uid']) && $a->user['uid'] != self::getCurrentUserID()) {
if (!DI::app()->isLoggedIn()) {
throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
}
}

6
src/Module/BaseProfile.php
View File

@ -39,10 +39,8 @@ class BaseProfile extends BaseModule
* @return string
* @throws \Friendica\Network\HTTPException\InternalServerErrorException
*/
public static function getTabsHTML(App $a, string $current, bool $is_owner, array $profile)
public static function getTabsHTML(App $a, string $current, bool $is_owner, string $nickname, bool $hide_friends)
{
$nickname = $profile['nickname'];
$baseProfileUrl = DI::baseUrl() . '/profile/' . $nickname;
$tabs = [
@ -123,7 +121,7 @@ class BaseProfile extends BaseModule
];
}
if (empty($profile['hide-friends'])) {
if (!$hide_friends) {
$tabs[] = [
'label' => DI::l10n()->t('Contacts'),
'url' => $baseProfileUrl . '/contacts',

11
src/Module/Bookmarklet.php
View File

@ -23,7 +23,6 @@ namespace Friendica\Module;
use Friendica\BaseModule;
use Friendica\Content\PageInfo;
use Friendica\Core\ACL;
use Friendica\DI;
use Friendica\Module\Security\Login;
use Friendica\Network\HTTPException;
@ -59,16 +58,6 @@ class Bookmarklet extends BaseModule
$content = "\n" . PageInfo::getFooterFromUrl($_REQUEST['url']);
$x = [
'is_owner' => true,
'allow_location' => $app->user['allow_location'],
'default_location' => $app->user['default-location'],
'nickname' => $app->user['nickname'],
'lockstate' => ((is_array($app->user) && ((strlen($app->user['allow_cid'])) || (strlen($app->user['allow_gid'])) || (strlen($app->user['deny_cid'])) || (strlen($app->user['deny_gid'])))) ? 'lock' : 'unlock'),
'default_perms' => ACL::getDefaultUserPermissions($app->user),
'acl' => ACL::getFullSelectorHTML(DI::page(), $app->user, true),
'bang' => '',
'visitor' => 'block',
'profile_uid' => local_user(),
'title' => trim($_REQUEST['title'] ?? '', '*'),
'content' => $content
];

17
src/Module/Contact.php
View File

@ -27,7 +27,6 @@ use Friendica\Content\Nav;
use Friendica\Content\Pager;
use Friendica\Content\Text\BBCode;
use Friendica\Content\Widget;
use Friendica\Core\ACL;
use Friendica\Core\Hook;
use Friendica\Core\Protocol;
use Friendica\Core\Renderer;
@ -169,8 +168,7 @@ class Contact extends BaseModule
}
if ($contact['network'] == Protocol::OSTATUS) {
$user = Model\User::getById($contact['uid']);
$result = Model\Contact::createFromProbe($user, $contact['url'], false, $contact['network']);
$result = Model\Contact::createFromProbeForUser($contact['uid'], $contact['url'], $contact['network']);
if ($result['success']) {
DBA::update('contact', ['subhub' => 1], ['id' => $contact_id]);
@ -937,18 +935,7 @@ class Contact extends BaseModule
if (!$update) {
// We need the editor here to be able to reshare an item.
if (local_user()) {
$x = [
'is_owner' => true,
'allow_location' => $a->user['allow_location'],
'default_location' => $a->user['default-location'],
'nickname' => $a->user['nickname'],
'lockstate' => (is_array($a->user) && (strlen($a->user['allow_cid']) || strlen($a->user['allow_gid']) || strlen($a->user['deny_cid']) || strlen($a->user['deny_gid'])) ? 'lock' : 'unlock'),
'acl' => ACL::getFullSelectorHTML(DI::page(), $a->user, true),
'bang' => '',
'visitor' => 'block',
'profile_uid' => local_user(),
];
$o = status_editor($a, $x, 0, true);
$o = status_editor($a, [], 0, true);
}
}

9
src/Module/Contact/Poke.php
View File

@ -55,10 +55,11 @@ class Poke extends BaseModule
$private = !empty($_POST['private']) ? Model\Item::PRIVATE : Model\Item::PUBLIC;
$allow_cid = ($private ? '<' . $contact['id']. '>' : $a->user['allow_cid']);
$allow_gid = ($private ? '' : $a->user['allow_gid']);
$deny_cid = ($private ? '' : $a->user['deny_cid']);
$deny_gid = ($private ? '' : $a->user['deny_gid']);
$user = Model\User::getById($a->getLoggedInUserId());
$allow_cid = ($private ? '<' . $contact['id']. '>' : $user['allow_cid']);
$allow_gid = ($private ? '' : $user['allow_gid']);
$deny_cid = ($private ? '' : $user['deny_cid']);
$deny_gid = ($private ? '' : $user['deny_gid']);
$actor = Contact::getById($a->getContactId());

14
src/Module/Conversation/Community.php
View File

@ -29,7 +29,6 @@ use Friendica\Content\Nav;
use Friendica\Content\Text\HTML;
use Friendica\Content\Widget;
use Friendica\Content\Widget\TrendingTags;
use Friendica\Core\ACL;
use Friendica\Core\Renderer;
use Friendica\Core\Session;
use Friendica\Database\DBA;
@ -128,18 +127,7 @@ class Community extends BaseModule
// We need the editor here to be able to reshare an item.
if (Session::isAuthenticated()) {
$x = [
'is_owner' => true,
'allow_location' => DI::app()->user['allow_location'],
'default_location' => DI::app()->user['default-location'],
'nickname' => DI::app()->user['nickname'],
'lockstate' => (is_array(DI::app()->user) && (strlen(DI::app()->user['allow_cid']) || strlen(DI::app()->user['allow_gid']) || strlen(DI::app()->user['deny_cid']) || strlen(DI::app()->user['deny_gid'])) ? 'lock' : 'unlock'),
'acl' => ACL::getFullSelectorHTML(DI::page(), DI::app()->user, true),
'bang' => '',
'visitor' => 'block',
'profile_uid' => local_user(),
];
$o .= status_editor(DI::app(), $x, 0, true);
$o .= status_editor(DI::app(), [], 0, true);
}
}

13
src/Module/Conversation/Network.php
View File

@ -139,18 +139,9 @@ class Network extends BaseModule
}
$x = [
'is_owner' => true,
'allow_location' => $a->user['allow_location'],
'default_location' => $a->user['default-location'],
'nickname' => $a->user['nickname'],
'lockstate' => (self::$groupId || self::$forumContactId || self::$network || (is_array($a->user) &&
(strlen($a->user['allow_cid']) || strlen($a->user['allow_gid']) ||
strlen($a->user['deny_cid']) || strlen($a->user['deny_gid']))) ? 'lock' : 'unlock'),
'default_perms' => ACL::getDefaultUserPermissions($a->user),
'acl' => ACL::getFullSelectorHTML(DI::page(), $a->user, true, $default_permissions),
'lockstate' => self::$groupId || self::$forumContactId || self::$network || ACL::getLockstateForUserId($a->getLoggedInUserId()) ? 'lock' : 'unlock',
'acl' => ACL::getFullSelectorHTML(DI::page(), $a->getLoggedInUserId(), true, $default_permissions),
'bang' => ((self::$groupId || self::$forumContactId || self::$network) ? '!' : ''),
'visitor' => 'block',
'profile_uid' => local_user(),
'content' => $content,
];

6
src/Module/Delegation.php
View File

@ -45,7 +45,7 @@ class Delegation extends BaseModule
}
$uid = local_user();
$orig_record = DI::app()->user;
$orig_record = User::getById(DI::app()->getLoggedInUserId());
if (Session::get('submanage')) {
$user = User::getById(Session::get('submanage'));
@ -109,7 +109,7 @@ class Delegation extends BaseModule
$ret = [];
Hook::callAll('home_init', $ret);
DI::baseUrl()->redirect('profile/' . DI::app()->user['nickname']);
DI::baseUrl()->redirect('profile/' . DI::app()->getLoggedInUserNickname());
// NOTREACHED
}
@ -130,7 +130,7 @@ class Delegation extends BaseModule
$identities[$key]['thumb'] = Contact::getAvatarUrlForId($self['id'], Proxy::SIZE_THUMB, $self['updated']);
$identities[$key]['selected'] = ($identity['nickname'] === DI::app()->user['nickname']);
$identities[$key]['selected'] = ($identity['nickname'] === DI::app()->getLoggedInUserNickname());
$condition = ["`uid` = ? AND `msg` != '' AND NOT (`type` IN (?, ?)) AND NOT `seen`", $identity['uid'], Notification\Type::INTRO, Notification\Type::MAIL];
$params = ['distinct' => true, 'expression' => 'parent'];

2
src/Module/HCard.php
View File

@ -40,7 +40,7 @@ class HCard extends BaseModule
if ((local_user()) && ($parameters['action'] ?? '') === 'view') {
// A logged in user views a profile of a user
$nickname = $a->user['nickname'];
$nickname = $a->getLoggedInUserNickname();
} elseif (empty($parameters['action'])) {
// Show the profile hCard
$nickname = $parameters['profile'];

2
src/Module/Home.php
View File

@ -42,7 +42,7 @@ class Home extends BaseModule
Hook::callAll('home_init', $ret);
if (local_user() && ($app->user['nickname'])) {
if (local_user() && ($app->getLoggedInUserNickname())) {
DI::baseUrl()->redirect('network');
}

7
src/Module/Invite.php
View File

@ -25,6 +25,7 @@ use Friendica\BaseModule;
use Friendica\Core\Renderer;
use Friendica\DI;
use Friendica\Model;
use Friendica\Model\User;
use Friendica\Network\HTTPException;
use Friendica\Protocol\Email;
use Friendica\Util\Strings;
@ -71,6 +72,8 @@ class Invite extends BaseModule
}
}
$user = User::getById(local_user());
foreach ($recipients as $recipient) {
$recipient = trim($recipient);
@ -95,7 +98,7 @@ class Invite extends BaseModule
$nmessage = $message;
}
$additional_headers = 'From: "' . $app->user['email'] . '" <' . DI::emailer()->getSiteEmailAddress() . ">\n"
$additional_headers = 'From: "' . $user['email'] . '" <' . DI::emailer()->getSiteEmailAddress() . ">\n"
. 'Content-type: text/plain; charset=UTF-8' . "\n"
. 'Content-transfer-encoding: 8bit';
@ -168,7 +171,7 @@ class Invite extends BaseModule
DI::l10n()->t('You are cordially invited to join me and other close friends on Friendica - and help us to create a better social web.') . "\r\n" . "\r\n"
. $linkTxt
. "\r\n" . "\r\n" . (($inviteOnly) ? DI::l10n()->t('You will need to supply this invitation code: $invite_code') . "\r\n" . "\r\n" : '') . DI::l10n()->t('Once you have registered, please connect with me via my profile page at:')
. "\r\n" . "\r\n" . DI::baseUrl()->get() . '/profile/' . $app->user['nickname']
. "\r\n" . "\r\n" . DI::baseUrl()->get() . '/profile/' . $app->getLoggedInUserNickname()
. "\r\n" . "\r\n" . DI::l10n()->t('For more information about the Friendica project and why we feel it is important, please visit http://friendi.ca') . "\r\n" . "\r\n",
],
'$submit' => DI::l10n()->t('Submit')

2
src/Module/Item/Compose.php
View File

@ -186,7 +186,7 @@ class Compose extends BaseModule
'$jotplugins' => $jotplugins,
'$rand_num' => Crypto::randomDigits(12),
'$acl_selector' => ACL::getFullSelectorHTML(DI::page(), $a->user, $doesFederate, [
'$acl_selector' => ACL::getFullSelectorHTML(DI::page(), $a->getLoggedInUserId(), $doesFederate, [
'allow_cid' => $contact_allow_list,
'allow_gid' => $group_allow_list,
'deny_cid' => $contact_deny_list,

73
src/Module/Magic.php
View File

@ -27,6 +27,7 @@ use Friendica\Core\System;
use Friendica\Database\DBA;
use Friendica\DI;
use Friendica\Model\Contact;
use Friendica\Model\User;
use Friendica\Util\HTTPSignature;
use Friendica\Util\Strings;
@ -76,52 +77,50 @@ class Magic extends BaseModule
System::externalRedirect($dest);
}
if (local_user()) {
$user = $a->user;
// OpenWebAuth
if (local_user() && $owa) {
$user = User::getById(local_user());
// OpenWebAuth
if ($owa) {
// Extract the basepath
// NOTE: we need another solution because this does only work
// for friendica contacts :-/ . We should have the basepath
// of a contact also in the contact table.
$exp = explode('/profile/', $contact['url']);
$basepath = $exp[0];
// Extract the basepath
// NOTE: we need another solution because this does only work
// for friendica contacts :-/ . We should have the basepath
// of a contact also in the contact table.
$exp = explode('/profile/', $contact['url']);
$basepath = $exp[0];
$header = [];
$header['Accept'] = 'application/x-dfrn+json, application/x-zot+json';
$header['X-Open-Web-Auth'] = Strings::getRandomHex();
$header = [];
$header['Accept'] = 'application/x-dfrn+json, application/x-zot+json';
$header['X-Open-Web-Auth'] = Strings::getRandomHex();
// Create a header that is signed with the local users private key.
$header = HTTPSignature::createSig(
$header,
$user['prvkey'],
'acct:' . $user['nickname'] . '@' . DI::baseUrl()->getHostname() . (DI::baseUrl()->getUrlPath() ? '/' . DI::baseUrl()->getUrlPath() : '')
);
// Create a header that is signed with the local users private key.
$header = HTTPSignature::createSig(
$header,
$user['prvkey'],
'acct:' . $user['nickname'] . '@' . DI::baseUrl()->getHostname() . (DI::baseUrl()->getUrlPath() ? '/' . DI::baseUrl()->getUrlPath() : '')
);
// Try to get an authentication token from the other instance.
$curlResult = DI::httpRequest()->get($basepath . '/owa', ['header' => $header]);
// Try to get an authentication token from the other instance.
$curlResult = DI::httpRequest()->get($basepath . '/owa', ['header' => $header]);
if ($curlResult->isSuccess()) {
$j = json_decode($curlResult->getBody(), true);
if ($curlResult->isSuccess()) {
$j = json_decode($curlResult->getBody(), true);
if ($j['success']) {
$token = '';
if ($j['encrypted_token']) {
// The token is encrypted. If the local user is really the one the other instance
// thinks he/she is, the token can be decrypted with the local users public key.
openssl_private_decrypt(Strings::base64UrlDecode($j['encrypted_token']), $token, $user['prvkey']);
} else {
$token = $j['token'];
}
$args = (strpbrk($dest, '?&') ? '&' : '?') . 'owt=' . $token;
Logger::info('Redirecting', ['path' => $dest . $args]);
System::externalRedirect($dest . $args);
if ($j['success']) {
$token = '';
if ($j['encrypted_token']) {
// The token is encrypted. If the local user is really the one the other instance
// thinks he/she is, the token can be decrypted with the local users public key.
openssl_private_decrypt(Strings::base64UrlDecode($j['encrypted_token']), $token, $user['prvkey']);
} else {
$token = $j['token'];
}
$args = (strpbrk($dest, '?&') ? '&' : '?') . 'owt=' . $token;
Logger::info('Redirecting', ['path' => $dest . $args]);
System::externalRedirect($dest . $args);
}
System::externalRedirect($dest);
}
System::externalRedirect($dest);
}
if ($test) {

2
src/Module/NoScrape.php
View File

@ -45,7 +45,7 @@ class NoScrape extends BaseModule
$which = $parameters['nick'];
} elseif (local_user() && isset($parameters['profile']) && DI::args()->get(2) == 'view') {
// view infos about a known profile (needs a login)
$which = $a->user['nickname'];
$which = $a->getLoggedInUserNickname();
} else {
System::jsonError(403, 'Authentication required');
}

2
src/Module/Profile/Common.php
View File

@ -62,7 +62,7 @@ class Common extends BaseProfile
$a->redirect('profile/' . $nickname . '/contacts');
};
$o = self::getTabsHTML($a, 'contacts', false, $profile);
$o = self::getTabsHTML($a, 'contacts', false, $profile['nickname'], $profile['hide-friends']);
$tabs = self::getContactFilterTabs('profile/' . $nickname, 'common', $displayCommonTab);

3
src/Module/Profile/Contacts.php
View File

@ -23,7 +23,6 @@ namespace Friendica\Module\Profile;
use Friendica\Content\Nav;
use Friendica\Content\Pager;
use Friendica\Content\Widget;
use Friendica\Core\Protocol;
use Friendica\Core\Renderer;
use Friendica\Core\Session;
@ -59,7 +58,7 @@ class Contacts extends Module\BaseProfile
Nav::setSelected('home');
$o = self::getTabsHTML($a, 'contacts', $is_owner, $profile);
$o = self::getTabsHTML($a, 'contacts', $is_owner, $profile['nickname'], $profile['hide-friends']);
$tabs = self::getContactFilterTabs('profile/' . $nickname, $type, Session::isAuthenticated() && $profile['uid'] != local_user());

3
src/Module/Profile/Profile.php
View File

@ -26,7 +26,6 @@ use Friendica\Content\ForumManager;
use Friendica\Content\Nav;
use Friendica\Content\Text\BBCode;
use Friendica\Content\Text\HTML;
use Friendica\Content\Widget;
use Friendica\Core\Hook;
use Friendica\Core\Protocol;
use Friendica\Core\Renderer;
@ -104,7 +103,7 @@ class Profile extends BaseProfile
Nav::setSelected('home');
$is_owner = local_user() == $profile['uid'];
$o = self::getTabsHTML($a, 'profile', $is_owner, $profile);
$o = self::getTabsHTML($a, 'profile', $is_owner, $profile['nickname'], $profile['hide-friends']);
if (!empty($profile['hidewall']) && !$is_owner && !$remote_contact_id) {
notice(DI::l10n()->t('Access to this profile has been restricted.'));

2
src/Module/Profile/Schedule.php
View File

@ -58,7 +58,7 @@ class Schedule extends BaseProfile
$a = DI::app();
$o = self::getTabsHTML($a, 'schedule', true, $a->user);
$o = self::getTabsHTML($a, 'schedule', true, $a->getLoggedInUserNickname(), false);
$schedule = [];
$delayed = DBA::select('delayed-post', [], ['uid' => local_user()]);

13
src/Module/Profile/Status.php
View File

@ -110,7 +110,7 @@ class Status extends BaseProfile
return '';
}
$o .= self::getTabsHTML($a, 'status', $is_owner, $profile);
$o .= self::getTabsHTML($a, 'status', $is_owner, $profile['nickname'], $profile['hide-friends']);
$o .= Widget::commonFriendsVisitor($profile['uid'], $profile['nickname']);
@ -125,16 +125,9 @@ class Status extends BaseProfile
$x = [
'is_owner' => $is_owner,
'allow_location' => ($is_owner || $commvisitor) && $profile['allow_location'],
'default_location' => $is_owner ? $a->user['default-location'] : '',
'default_location' => $is_owner ? $profile['default-location'] : '',
'nickname' => $profile['nickname'],
'lockstate' => is_array($a->user)
&& (strlen($a->user['allow_cid'])
|| strlen($a->user['allow_gid'])
|| strlen($a->user['deny_cid'])
|| strlen($a->user['deny_gid'])
) ? 'lock' : 'unlock',
'acl' => $is_owner ? ACL::getFullSelectorHTML(DI::page(), $a->user, true) : '',
'bang' => '',
'acl' => $is_owner ? ACL::getFullSelectorHTML(DI::page(), $a->getLoggedInUserId(), true) : '',
'visitor' => $is_owner || $commvisitor ? 'block' : 'none',
'profile_uid' => $profile['uid'],
];

3
src/Module/Security/TwoFactor/Recovery.php
View File

@ -25,6 +25,7 @@ use Friendica\BaseModule;
use Friendica\Core\Renderer;
use Friendica\Core\Session;
use Friendica\DI;
use Friendica\Model\User;
use Friendica\Security\TwoFactor\Model\RecoveryCode;
/**
@ -59,7 +60,7 @@ class Recovery extends BaseModule
Session::set('2fa', true);
info(DI::l10n()->t('Remaining recovery codes: %d', RecoveryCode::countValidForUser(local_user())));
DI::auth()->setForUser($a, $a->user, true, true);
DI::auth()->setForUser($a, User::getById($a->getLoggedInUserId()), true, true);
} else {
notice(DI::l10n()->t('Invalid code, please retry.'));
}

3
src/Module/Security/TwoFactor/Verify.php
View File

@ -25,6 +25,7 @@ use Friendica\BaseModule;
use Friendica\Core\Renderer;
use Friendica\Core\Session;
use Friendica\DI;
use Friendica\Model\User;
use PragmaRX\Google2FA\Google2FA;
use Friendica\Security\TwoFactor;
@ -70,7 +71,7 @@ class Verify extends BaseModule
}
// Resume normal login workflow
DI::auth()->setForUser($a, $a->user, true, true);
DI::auth()->setForUser($a, User::getById($a->getLoggedInUserId()), true, true);
} else {
self::$errors[] = DI::l10n()->t('Invalid code, please retry.');
}

2
src/Module/Settings/Delegation.php
View File

@ -38,7 +38,7 @@ class Delegation extends BaseSettings
{
public static function post(array $parameters = [])
{
if (!local_user() || !empty(DI::app()->user['uid']) && DI::app()->user['uid'] != local_user()) {
if (!DI::app()->isLoggedIn()) {
throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
}

13
src/Module/Settings/Display.php
View File

@ -27,6 +27,7 @@ use Friendica\Core\Session;
use Friendica\Core\Theme;
use Friendica\Database\DBA;
use Friendica\DI;
use Friendica\Model\User;
use Friendica\Module\BaseSettings;
use Friendica\Network\HTTPException;
use Friendica\Util\Strings;
@ -38,13 +39,15 @@ class Display extends BaseSettings
{
public static function post(array $parameters = [])
{
if (!local_user() || !empty(DI::app()->user['uid']) && DI::app()->user['uid'] != local_user()) {
if (!DI::app()->isLoggedIn()) {
throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
}
self::checkFormSecurityTokenRedirectOnError('/settings/display', 'settings_display');
$theme = !empty($_POST['theme']) ? Strings::escapeTags(trim($_POST['theme'])) : DI::app()->user['theme'];
$user = User::getById(local_user());
$theme = !empty($_POST['theme']) ? Strings::escapeTags(trim($_POST['theme'])) : $user['theme'];
$mobile_theme = !empty($_POST['mobile_theme']) ? Strings::escapeTags(trim($_POST['mobile_theme'])) : '';
$nosmile = !empty($_POST['nosmile']) ? intval($_POST['nosmile']) : 0;
$first_day_of_week = !empty($_POST['first_day_of_week']) ? intval($_POST['first_day_of_week']) : 0;
@ -92,7 +95,7 @@ class Display extends BaseSettings
DI::pConfig()->set(local_user(), 'system', 'first_day_of_week' , $first_day_of_week);
if (in_array($theme, Theme::getAllowedList())) {
if ($theme == DI::app()->user['theme']) {
if ($theme == $user['theme']) {
// call theme_post only if theme has not been changed
if (($themeconfigfile = Theme::getConfigFile($theme)) !== null) {
require_once $themeconfigfile;
@ -128,6 +131,8 @@ class Display extends BaseSettings
$default_mobile_theme = 'none';
}
$user = User::getById(local_user());
$allowed_themes = Theme::getAllowedList();
$themes = [];
@ -152,7 +157,7 @@ class Display extends BaseSettings
}
}
$theme_selected = DI::app()->user['theme'] ?: $default_theme;
$theme_selected = $user['theme'] ?: $default_theme;
$mobile_theme_selected = Session::get('mobile-theme', $default_mobile_theme);
$itemspage_network = intval(DI::pConfig()->get(local_user(), 'system', 'itemspage_network'));

23
src/Module/Settings/Profile/Index.php
View File

@ -25,12 +25,9 @@ use Friendica\Core\ACL;
use Friendica\Core\Hook;
use Friendica\Core\Protocol;
use Friendica\Core\Renderer;
use Friendica\Core\Session;
use Friendica\Core\Theme;
use Friendica\Core\Worker;
use Friendica\Database\DBA;
use Friendica\DI;
use Friendica\Model\Contact;
use Friendica\Model\Profile;
use Friendica\Model\ProfileField;
use Friendica\Model\User;
@ -149,7 +146,7 @@ class Index extends BaseSettings
$o = '';
$profile = Profile::getByUID(local_user());
$profile = User::getOwnerDataById(local_user());
if (!DBA::isResult($profile)) {
throw new HTTPException\NotFoundException();
}
@ -174,7 +171,7 @@ class Index extends BaseSettings
'value' => ['profile_field[' . $profileField->id . '][value]', DI::l10n()->t('Value:'), $profileField->value],
'acl' => ACL::getFullSelectorHTML(
DI::page(),
$a->user,
$a->getLoggedInUserId(),
false,
$defaultPermissions,
['network' => Protocol::DFRN],
@ -194,7 +191,7 @@ class Index extends BaseSettings
'value' => ['profile_field[new][value]', DI::l10n()->t('Value:')],
'acl' => ACL::getFullSelectorHTML(
DI::page(),
$a->user,
$a->getLoggedInUserId(),
false,
['allow_cid' => []],
['network' => Protocol::DFRN],
@ -209,7 +206,7 @@ class Index extends BaseSettings
'$baseurl' => DI::baseUrl()->get(true),
]);
$personal_account = !in_array($a->user['page-flags'], [User::PAGE_FLAGS_COMMUNITY, User::PAGE_FLAGS_PRVGROUP]);
$personal_account = !in_array($profile['page-flags'], [User::PAGE_FLAGS_COMMUNITY, User::PAGE_FLAGS_PRVGROUP]);
$tpl = Renderer::getMarkupTemplate('settings/profile/index.tpl');
$o .= Renderer::replaceMacros($tpl, [
@ -222,7 +219,7 @@ class Index extends BaseSettings
'$banner' => DI::l10n()->t('Edit Profile Details'),
'$submit' => DI::l10n()->t('Submit'),
'$profpic' => DI::l10n()->t('Change Profile Photo'),
'$profpiclink' => '/photos/' . $a->user['nickname'],
'$profpiclink' => '/photos/' . $profile['nickname'],
'$viewprof' => DI::l10n()->t('View Profile'),
'$lbl_personal_section' => DI::l10n()->t('Personal'),
@ -234,17 +231,17 @@ class Index extends BaseSettings
'$lbl_profile_photo' => DI::l10n()->t('Upload Profile Photo'),
'$baseurl' => DI::baseUrl()->get(true),
'$nickname' => $a->user['nickname'],
'$nickname' => $profile['nickname'],
'$name' => ['name', DI::l10n()->t('Display name:'), $profile['name']],
'$about' => ['about', DI::l10n()->t('Description:'), $profile['about']],
'$dob' => Temporal::getDateofBirthField($profile['dob'], $a->user['timezone']),
'$dob' => Temporal::getDateofBirthField($profile['dob'], $profile['timezone']),
'$address' => ['address', DI::l10n()->t('Street Address:'), $profile['address']],
'$locality' => ['locality', DI::l10n()->t('Locality/City:'), $profile['locality']],
'$region' => ['region', DI::l10n()->t('Region/State:'), $profile['region']],
'$postal_code' => ['postal_code', DI::l10n()->t('Postal/Zip Code:'), $profile['postal-code']],
'$country_name' => ['country_name', DI::l10n()->t('Country:'), $profile['country-name']],
'$age' => ((intval($profile['dob'])) ? '(' . DI::l10n()->t('Age: ') . DI::l10n()->tt('%d year old', '%d years old', Temporal::getAgeByTimezone($profile['dob'], $a->user['timezone'])) . ')' : ''),
'$xmpp' => ['xmpp', DI::l10n()->t('XMPP (Jabber) address:'), $profile['xmpp'], DI::l10n()->t('The XMPP address will be published so that people can follow you there.')],
'$age' => ((intval($profile['dob'])) ? '(' . DI::l10n()->t('Age: ') . DI::l10n()->tt('%d year old', '%d years old', Temporal::getAgeByTimezone($profile['dob'], $profile['timezone'])) . ')' : ''),
'$xmpp' => ['xmpp', DI::l10n()->t('XMPP (Jabber) address:'), $profile['xmpp'], DI::l10n()->t('The XMPP address will be propagated to your contacts so that they can follow you.')],
'$matrix' => ['matrix', DI::l10n()->t('Matrix (Element) address:'), $profile['matrix'], DI::l10n()->t('The Matrix address will be published so that people can follow you there.')],
'$homepage' => ['homepage', DI::l10n()->t('Homepage URL:'), $profile['homepage']],
'$pub_keywords' => ['pub_keywords', DI::l10n()->t('Public Keywords:'), $profile['pub_keywords'], DI::l10n()->t('(Used for suggesting potential friends, can be seen by others)')],
@ -254,7 +251,7 @@ class Index extends BaseSettings
<p>Reorder by dragging the field title.</p>
<p>Empty the label field to remove a custom field.</p>
<p>Non-public fields can only be seen by the selected Friendica contacts or the Friendica contacts in the selected groups.</p>",
'profile/' . $a->user['nickname']
'profile/' . $profile['nickname']
),
'$custom_fields' => $custom_fields,
]);

5
src/Module/Settings/Profile/Photo/Crop.php
View File

@ -23,7 +23,6 @@ namespace Friendica\Module\Settings\Profile\Photo;
use Friendica\Core\Renderer;
use Friendica\Core\Session;
use Friendica\Core\Worker;
use Friendica\Database\DBA;
use Friendica\DI;
use Friendica\Model\Contact;
@ -57,7 +56,7 @@ class Crop extends BaseSettings
$selectionW = intval($_POST['width'] ?? 0);
$selectionH = intval($_POST['height'] ?? 0);
$path = 'profile/' . DI::app()->user['nickname'];
$path = 'profile/' . DI::app()->getLoggedInUserNickname();
$base_image = Photo::selectFirst([], ['resource-id' => $resource_id, 'uid' => local_user(), 'scale' => $scale]);
if (DBA::isResult($base_image)) {
@ -185,7 +184,7 @@ class Crop extends BaseSettings
info(DI::l10n()->t('Profile picture successfully updated.'));
DI::baseUrl()->redirect('profile/' . DI::app()->user['nickname']);
DI::baseUrl()->redirect('profile/' . DI::app()->getLoggedInUserNickname());
}
$Image = Photo::getImageForPhoto($photos[0]);

3
src/Module/Settings/Profile/Photo/Index.php
View File

@ -21,7 +21,6 @@
namespace Friendica\Module\Settings\Profile\Photo;
use Friendica\App\Arguments;
use Friendica\Core\Renderer;
use Friendica\Core\Session;
use Friendica\DI;
@ -134,7 +133,7 @@ class Index extends BaseSettings
DI::l10n()->t('or'),
($newuser) ?
'<a href="' . DI::baseUrl() . '">' . DI::l10n()->t('skip this step') . '</a>'
: '<a href="' . DI::baseUrl() . '/photos/' . DI::app()->user['nickname'] . '">'
: '<a href="' . DI::baseUrl() . '/photos/' . DI::app()->getLoggedInUserNickname() . '">'
. DI::l10n()->t('select a photo from your photo albums') . '</a>'
),
]);

10
src/Module/Settings/UserExport.php
View File

@ -21,7 +21,6 @@
namespace Friendica\Module\Settings;
use Friendica\App;
use Friendica\Core\Hook;
use Friendica\Core\Renderer;
use Friendica\Database\DBA;
@ -90,7 +89,7 @@ class UserExport extends BaseSettings
*/
public static function rawContent(array $parameters = [])
{
if (!local_user() || !empty(DI::app()->user['uid']) && DI::app()->user['uid'] != local_user()) {
if (!DI::app()->isLoggedIn()) {
throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
}
@ -98,21 +97,20 @@ class UserExport extends BaseSettings
if ($args->getArgc() == 3) {
// @TODO Replace with router-provided arguments
$action = $args->get(2);
$user = DI::app()->user;
switch ($action) {
case "backup":
header("Content-type: application/json");
header('Content-Disposition: attachment; filename="' . $user['nickname'] . '.' . $action . '"');
header('Content-Disposition: attachment; filename="' . DI::app()->getLoggedInUserNickname() . '.' . $action . '"');
self::exportAll(local_user());
break;
case "account":
header("Content-type: application/json");
header('Content-Disposition: attachment; filename="' . $user['nickname'] . '.' . $action . '"');
header('Content-Disposition: attachment; filename="' . DI::app()->getLoggedInUserNickname() . '.' . $action . '"');
self::exportAccount(local_user());
break;
case "contact":
header("Content-type: application/csv");
header('Content-Disposition: attachment; filename="' . $user['nickname'] . '-contacts.csv' . '"');
header('Content-Disposition: attachment; filename="' . DI::app()->getLoggedInUserNickname() . '-contacts.csv' . '"');
self::exportContactsAsCSV(local_user());
break;
}

13
src/Object/EMail/ItemCCEMail.php
View File

@ -26,6 +26,7 @@ use Friendica\App\BaseURL;
use Friendica\Content\Text\HTML;
use Friendica\Core\L10n;
use Friendica\Model\Item;
use Friendica\Model\User;
use Friendica\Object\Email;
use Friendica\Protocol\Email as EmailProtocol;
@ -36,20 +37,22 @@ class ItemCCEMail extends Email
{
public function __construct(App $a, L10n $l10n, BaseURL $baseUrl, array $item, string $toAddress, string $authorThumb)
{
$disclaimer = '<hr />' . $l10n->t('This message was sent to you by %s, a member of the Friendica social network.', $a->user['username'])
$user = User::getById($a->getLoggedInUserId());
$disclaimer = '<hr />' . $l10n->t('This message was sent to you by %s, a member of the Friendica social network.', $user['username'])
. '<br />';
$disclaimer .= $l10n->t('You may visit them online at %s', $baseUrl . '/profile/' . $a->user['nickname']) . EOL;
$disclaimer .= $l10n->t('You may visit them online at %s', $baseUrl . '/profile/' . $a->getLoggedInUserNickname()) . EOL;
$disclaimer .= $l10n->t('Please contact the sender by replying to this post if you do not wish to receive these messages.') . EOL;
if (!$item['title'] == '') {
$subject = EmailProtocol::encodeHeader($item['title'], 'UTF-8');
} else {
$subject = EmailProtocol::encodeHeader('[Friendica]' . ' ' . $l10n->t('%s posted an update.', $a->user['username']), 'UTF-8');
$subject = EmailProtocol::encodeHeader('[Friendica]' . ' ' . $l10n->t('%s posted an update.', $user['username']), 'UTF-8');
}
$link = '<a href="' . $baseUrl . '/profile/' . $a->user['nickname'] . '"><img src="' . $authorThumb . '" alt="' . $a->user['username'] . '" /></a><br /><br />';
$link = '<a href="' . $baseUrl . '/profile/' . $a->getLoggedInUserNickname() . '"><img src="' . $authorThumb . '" alt="' . $user['username'] . '" /></a><br /><br />';
$html = Item::prepareBody($item);
$message = '<html><body>' . $link . $html . $disclaimer . '</body></html>';;
parent::__construct($a->user['username'], $a->user['email'], $a->user['email'], $toAddress,
parent::__construct($user['username'], $user['email'], $user['email'], $toAddress,
$subject, $message, HTML::toPlaintext($html . $disclaimer));
}
}

2
src/Object/Post.php
View File

@ -870,7 +870,7 @@ class Post
return '';
}
$owner = User::getOwnerDataById($a->user['uid']);
$owner = User::getOwnerDataById($a->getLoggedInUserId());
if (!Feature::isEnabled(local_user(), 'explicit_mentions')) {
return '';

6
src/Security/Authentication.php
View File

@ -39,7 +39,6 @@ use Friendica\Util\Network;
use Friendica\Util\Strings;
use LightOpenID;
use Friendica\Core\L10n;
use Friendica\Core\Logger;
use Psr\Log\LoggerInterface;
/**
@ -353,10 +352,11 @@ class Authentication
}
}
$a->user = $user_record;
$a->setLoggedInUserId($user_record['uid']);
$a->setLoggedInUserNickname($user_record['nickname']);
if ($login_initial) {
Hook::callAll('logged_in', $a->user);
Hook::callAll('logged_in', $user_record);
if (DI::module()->getName() !== 'home' && $this->session->exists('return_path')) {
$this->baseUrl->redirect($this->session->get('return_path'));

2
src/Security/BasicAuth.php
View File

@ -184,7 +184,7 @@ class BasicAuth
Session::set('allow_api', true);
Hook::callAll('logged_in', $a->user);
Hook::callAll('logged_in', $record);
if (Session::get('allow_api')) {
self::$current_user_id = local_user();

7
src/Worker/AddContact.php
View File

@ -23,7 +23,6 @@ namespace Friendica\Worker;
use Friendica\Core\Logger;
use Friendica\Model\Contact;
use Friendica\Model\User;
class AddContact
{
@ -41,11 +40,7 @@ class AddContact
return;
}
$user = User::getById($uid);
if (empty($user)) {
return;
}
$result = Contact::createFromProbe($user, $url, '', false);
$result = Contact::createFromProbeForUser($uid, $url);
Logger::info('Added contact', ['uid' => $uid, 'url' => $url, 'result' => $result]);
}
}

8
tests/legacy/ApiTest.php
View File

@ -1949,7 +1949,7 @@ class ApiTest extends FixtureTest
*/
public function testApiStatusesMentions()
{
$this->app->user = ['nickname' => $this->selfUser['nick']];
$this->app->setLoggedInUserNickname($this->selfUser['nick']);
$_REQUEST['max_id'] = 10;
$result = api_statuses_mentions('json');
self::assertEmpty($result['status']);
@ -2865,7 +2865,7 @@ class ApiTest extends FixtureTest
*/
public function testApiDirectMessagesNewWithScreenName()
{
$this->app->user = ['nickname' => $this->selfUser['nick']];
$this->app->setLoggedInUserNickname($this->selfUser['nick']);
$_POST['text'] = 'message_text';
$_POST['screen_name'] = $this->friendUser['nick'];
$result = api_direct_messages_new('json');
@ -2881,7 +2881,7 @@ class ApiTest extends FixtureTest
*/
public function testApiDirectMessagesNewWithTitle()
{
$this->app->user = ['nickname' => $this->selfUser['nick']];
$this->app->setLoggedInUserNickname($this->selfUser['nick']);
$_POST['text'] = 'message_text';
$_POST['screen_name'] = $this->friendUser['nick'];
$_REQUEST['title'] = 'message_title';
@ -2899,7 +2899,7 @@ class ApiTest extends FixtureTest
*/
public function testApiDirectMessagesNewWithRss()
{
$this->app->user = ['nickname' => $this->selfUser['nick']];
$this->app->setLoggedInUserNickname($this->selfUser['nick']);
$_POST['text'] = 'message_text';
$_POST['screen_name'] = $this->friendUser['nick'];
$result = api_direct_messages_new('rss');

1538
view/lang/C/messages.po
View File

File diff suppressed because it is too large Load Diff

6
view/theme/frio/theme.php
View File

@ -200,9 +200,9 @@ function frio_remote_nav(App $a, array &$nav_info)
// since $userinfo isn't available for the hook we write it to the nav array
// this isn't optimal because the contact query will be done now twice
$fields = ['id', 'url', 'avatar', 'micro', 'name', 'nick', 'baseurl'];
if (local_user() && !empty($a->user['uid'])) {
$remoteUser = Contact::selectFirst($fields, ['uid' => $a->user['uid'], 'self' => true]);
$fields = ['id', 'url', 'avatar', 'micro', 'name', 'nick', 'baseurl', 'updated'];
if ($a->isLoggedIn()) {
$remoteUser = Contact::selectFirst($fields, ['uid' => $a->getLoggedInUserId(), 'self' => true]);
} elseif (!local_user() && remote_user()) {
$remoteUser = Contact::getById(remote_user(), $fields);
$nav_info['nav']['remote'] = DI::l10n()->t('Guest');

2
view/theme/vier/theme.php
View File

@ -27,7 +27,7 @@ function vier_init(App $a)
$args = DI::args();
if ($args->get(0) === 'profile' && $args->get(1) === ($a->user['nickname'] ?? '') || $args->get(0) === 'network' && local_user()
if ($args->get(0) === 'profile' && $args->get(1) === ($a->getLoggedInUserNickname() ?? '') || $args->get(0) === 'network' && local_user()
) {
vier_community_info();