Merge remote-tracking branch 'remotes/upstream/master'

* remotes/upstream/master:
  service class restrict the email connector
  stray s
  typos
  add event titles to discovered birthday events
  change required doco
  change event behaviour so that title is required but description is not
  event summary/title
  propagate remote deletes
  remove possibly unnecessary checks for likes or comments created by Diaspora users
  store signature info for remote users too
  was passing the wrong arguments to the signature storage function
  add some debug logging
  revert extra Diaspora disabling changes to try to eliminate Mustard double-posting
  Clean up the Diaspora connectivity:
  improve remote delete forwarding
  typos in bbcode, add service class restrictions to jot uploads
  rev update
This commit is contained in:
Simon L'nu 2012-06-26 22:31:15 -04:00
commit 5b35a02d26
22 changed files with 777 additions and 475 deletions

View file

@ -10,9 +10,9 @@ require_once('include/nav.php');
require_once('include/cache.php');
define ( 'FRIENDICA_PLATFORM', 'Friendica');
define ( 'FRIENDICA_VERSION', '3.0.1384' );
define ( 'FRIENDICA_VERSION', '3.0.1386' );
define ( 'DFRN_PROTOCOL_VERSION', '2.23' );
define ( 'DB_UPDATE_VERSION', 1150 );
define ( 'DB_UPDATE_VERSION', 1151 );
define ( 'EOL', "<br />\r\n" );
define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' );

View file

@ -254,6 +254,7 @@ CREATE TABLE IF NOT EXISTS `event` (
`edited` datetime NOT NULL,
`start` datetime NOT NULL,
`finish` datetime NOT NULL,
`summary` text NOT NULL,
`desc` text NOT NULL,
`location` text NOT NULL,
`type` char(255) NOT NULL,
@ -263,7 +264,14 @@ CREATE TABLE IF NOT EXISTS `event` (
`allow_gid` mediumtext NOT NULL,
`deny_cid` mediumtext NOT NULL,
`deny_gid` mediumtext NOT NULL,
PRIMARY KEY (`id`)
PRIMARY KEY (`id`),
KEY `uid` ( `uid` ),
KEY `cid` ( `cid` ),
KEY `uri` ( `uri` ),
KEY `type` ( `type` ),
KEY `start` ( `start` ),
KEY `finish` ( `finish` ),
KEY `adjust` ( `adjust` )
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
-- --------------------------------------------------------

View file

@ -565,7 +565,7 @@
if(requestdata('lat') && requestdata('long'))
$_REQUEST['coord'] = sprintf("%s %s",requestdata('lat'),requestdata('long'));
$_REQUEST['profile_uid'] = local_user();
// if(requestdata('parent'))
if($parent)
$_REQUEST['type'] = 'net-comment';
else {

View file

@ -113,7 +113,7 @@ function bb2diaspora($Text,$preserve_nl = false) {
// to define the closing tag for the list elements. So nested lists
// are going to be flattened out in Diaspora for now
$endlessloop = 0;
while ((strpos($Text, "[/list]") !== false) && (strpos($Text, "[list") !== false)
while ((strpos($Text, "[/list]") !== false) && (strpos($Text, "[list") !== false) &&
(strpos($Text, "[/ol]") !== false) && (strpos($Text, "[ol]") !== false) &&
(strpos($Text, "[/ul]") !== false) && (strpos($Text, "[ul]") !== false) && (++$endlessloop < 20)) {
$Text = preg_replace_callback("/\[list\](.*?)\[\/list\]/is", 'diaspora_ul', $Text);

View file

@ -162,7 +162,8 @@ function bbcode($Text,$preserve_nl = false, $tryoembed = true) {
// handle nested lists
$endlessloop = 0;
while ((strpos($Text, "[/list]") !== false) && (strpos($Text, "[list]") !== false) &&
while ((strpos($Text, "[/list]") !== false) && (strpos($Text, "[list") !== false) &&
(strpos($Text, "[/ol]") !== false) && (strpos($Text, "[ol]") !== false) &&
(strpos($Text, "[/ul]") !== false) && (strpos($Text, "[ul]") !== false) && (++$endlessloop < 20)) {
$Text = preg_replace("/\[list\](.*?)\[\/list\]/ism", '<ul class="listbullet" style="list-style-type: circle;">$1</ul>' ,$Text);
@ -296,12 +297,16 @@ function bbcode($Text,$preserve_nl = false, $tryoembed = true) {
$Text = oembed_bbcode2html($Text);
// If we found an event earlier, strip out all the event code and replace with a reformatted version.
// Replace the event-start section with the entire formatted event. The other bbcode is stripped.
// Summary (e.g. title) is required, earlier revisions only required description (in addition to
// start which is always required). Allow desc with a missing summary for compatibility.
if(x($ev,'desc') && x($ev,'start')) {
if((x($ev,'desc') || x($ev,'summary')) && x($ev,'start')) {
$sub = format_event_html($ev);
$Text = preg_replace("/\[event\-description\](.*?)\[\/event\-description\]/ism",$sub,$Text);
$Text = preg_replace("/\[event\-start\](.*?)\[\/event\-start\]/ism",'',$Text);
$Text = preg_replace("/\[event\-summary\](.*?)\[\/event\-summary\]/ism",'',$Text);
$Text = preg_replace("/\[event\-description\](.*?)\[\/event\-description\]/ism",'',$Text);
$Text = preg_replace("/\[event\-start\](.*?)\[\/event\-start\]/ism",$sub,$Text);
$Text = preg_replace("/\[event\-finish\](.*?)\[\/event\-finish\]/ism",'',$Text);
$Text = preg_replace("/\[event\-location\](.*?)\[\/event\-location\]/ism",'',$Text);
$Text = preg_replace("/\[event\-adjust\](.*?)\[\/event\-adjust\]/ism",'',$Text);

View file

@ -447,11 +447,13 @@ function update_contact_birthdays() {
*
*/
$bdtext = t('Birthday:') . ' [url=' . $rr['url'] . ']' . $rr['name'] . '[/url]' ;
$bdtext = sprintf( t('%s\'s birthday'), $rr['name']);
$bdtext2 = sprintf( t('Happy Birthday %s'), ' [url=' . $rr['url'] . ']' . $rr['name'] . '[/url]') ;
$r = q("INSERT INTO `event` (`uid`,`cid`,`created`,`edited`,`start`,`finish`,`desc`,`type`,`adjust`)
VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%d' ) ",
$r = q("INSERT INTO `event` (`uid`,`cid`,`created`,`edited`,`start`,`finish`,`summary`,`desc`,`type`,`adjust`)
VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%d' ) ",
intval($rr['uid']),
intval($rr['id']),
dbesc(datetime_convert()),
@ -459,6 +461,7 @@ function update_contact_birthdays() {
dbesc(datetime_convert('UTC','UTC', $nextbd)),
dbesc(datetime_convert('UTC','UTC', $nextbd . ' + 1 day ')),
dbesc($bdtext),
dbesc($bdtext2),
dbesc('birthday'),
intval(0)
);

View file

@ -113,7 +113,7 @@ function delivery_run($argv, $argc){
$uid = $r[0]['uid'];
$updated = $r[0]['edited'];
// The following seems superfluous. We've already checked for "if (! intval($r[0]['parent']))" a few lines up
// POSSIBLE CLEANUP --> The following seems superfluous. We've already checked for "if (! intval($r[0]['parent']))" a few lines up
if(! $parent_id)
continue;

View file

@ -12,6 +12,9 @@ function format_event_html($ev) {
$o = '<div class="vevent">' . "\r\n";
$o .= '<p class="summary event-summary">' . bbcode($ev['summary']) . '</p>' . "\r\n";
$o .= '<p class="description event-description">' . bbcode($ev['desc']) . '</p>' . "\r\n";
$o .= '<p class="event-start">' . t('Starts:') . ' <abbr class="dtstart" title="'
@ -114,6 +117,9 @@ function format_event_bbcode($ev) {
$o = '';
if($ev['summary'])
$o .= '[event-summary]' . $ev['summary'] . '[/event-summary]';
if($ev['desc'])
$o .= '[event-description]' . $ev['desc'] . '[/event-description]';
@ -147,6 +153,9 @@ function bbtoevent($s) {
$ev = array();
$match = '';
if(preg_match("/\[event\-summary\](.*?)\[\/event\-summary\]/is",$s,$match))
$ev['summary'] = $match[1];
$match = '';
if(preg_match("/\[event\-description\](.*?)\[\/event\-description\]/is",$s,$match))
$ev['desc'] = $match[1];
@ -244,6 +253,7 @@ function event_store($arr) {
`edited` = '%s',
`start` = '%s',
`finish` = '%s',
`summary` = '%s',
`desc` = '%s',
`location` = '%s',
`type` = '%s',
@ -258,6 +268,7 @@ function event_store($arr) {
dbesc($arr['edited']),
dbesc($arr['start']),
dbesc($arr['finish']),
dbesc($arr['summary']),
dbesc($arr['desc']),
dbesc($arr['location']),
dbesc($arr['type']),
@ -306,9 +317,9 @@ function event_store($arr) {
// New event. Store it.
$r = q("INSERT INTO `event` ( `uid`,`cid`,`uri`,`created`,`edited`,`start`,`finish`,`desc`,`location`,`type`,
$r = q("INSERT INTO `event` ( `uid`,`cid`,`uri`,`created`,`edited`,`start`,`finish`,`summary`, `desc`,`location`,`type`,
`adjust`,`nofinish`,`allow_cid`,`allow_gid`,`deny_cid`,`deny_gid`)
VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', '%s', '%s', '%s' ) ",
VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', '%s', '%s', '%s' ) ",
intval($arr['uid']),
intval($arr['cid']),
dbesc($arr['uri']),
@ -316,6 +327,7 @@ function event_store($arr) {
dbesc($arr['edited']),
dbesc($arr['start']),
dbesc($arr['finish']),
dbesc($arr['summary']),
dbesc($arr['desc']),
dbesc($arr['location']),
dbesc($arr['type']),

View file

@ -1457,11 +1457,12 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0)
*
*/
$bdtext = t('Birthday:') . ' [url=' . $contact['url'] . ']' . $contact['name'] . '[/url]' ;
$bdtext = sprintf( t('%s\'s birthday'), $contact['name']);
$bdtext2 = sprintf( t('Happy Birthday %s'), ' [url=' . $contact['url'] . ']' . $contact['name'] . '[/url]' ) ;
$r = q("INSERT INTO `event` (`uid`,`cid`,`created`,`edited`,`start`,`finish`,`desc`,`type`)
VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s' ) ",
$r = q("INSERT INTO `event` (`uid`,`cid`,`created`,`edited`,`start`,`finish`,`summary`,`desc`,`type`)
VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ",
intval($contact['uid']),
intval($contact['id']),
dbesc(datetime_convert()),
@ -1469,6 +1470,7 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0)
dbesc(datetime_convert('UTC','UTC', $birthday)),
dbesc(datetime_convert('UTC','UTC', $birthday . ' + 1 day ')),
dbesc($bdtext),
dbesc($bdtext2),
dbesc('birthday')
);
@ -2148,6 +2150,67 @@ function local_delivery($importer,$data) {
}
if($deleted) {
// check for relayed deletes to our conversation
$is_reply = false;
$r = q("select * from item where uri = '%s' and uid = %d limit 1",
dbesc($uri),
intval($importer['importer_uid'])
);
if(count($r)) {
$parent_uri = $r[0]['parent-uri'];
if($r[0]['id'] != $r[0]['parent'])
$is_reply = true;
}
if($is_reply) {
$community = false;
if($importer['page-flags'] == PAGE_COMMUNITY || $importer['page-flags'] == PAGE_PRVGROUP ) {
$sql_extra = '';
$community = true;
logger('local_delivery: possible community delete');
}
else
$sql_extra = " and contact.self = 1 and item.wall = 1 ";
// was the top-level post for this reply written by somebody on this site?
// Specifically, the recipient?
$is_a_remote_delete = false;
$r = q("select `item`.`id`, `item`.`uri`, `item`.`tag`, `item`.`forum_mode`,`item`.`origin`,`item`.`wall`,
`contact`.`name`, `contact`.`url`, `contact`.`thumb` from `item`
LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
WHERE `item`.`uri` = '%s' AND (`item`.`parent-uri` = '%s' or `item`.`thr-parent` = '%s')
AND `item`.`uid` = %d
$sql_extra
LIMIT 1",
dbesc($parent_uri),
dbesc($parent_uri),
dbesc($parent_uri),
intval($importer['importer_uid'])
);
if($r && count($r))
$is_a_remote_delete = true;
// Does this have the characteristics of a community or private group comment?
// If it's a reply to a wall post on a community/prvgroup page it's a
// valid community comment. Also forum_mode makes it valid for sure.
// If neither, it's not.
if($is_a_remote_delete && $community) {
if((! $r[0]['forum_mode']) && (! $r[0]['wall'])) {
$is_a_remote_delete = false;
logger('local_delivery: not a community delete');
}
}
if($is_a_remote_delete) {
logger('local_delivery: received remote delete');
}
}
$r = q("SELECT `item`.*, `contact`.`self` FROM `item` left join contact on `item`.`contact-id` = `contact`.`id`
WHERE `uri` = '%s' AND `item`.`uid` = %d AND `contact-id` = %d AND NOT `item`.`file` LIKE '%%[%%' LIMIT 1",
dbesc($uri),
@ -2235,7 +2298,11 @@ function local_delivery($importer,$data) {
);
}
}
}
// if this is a relayed delete, propagate it to other recipients
if($is_a_remote_delete)
proc_run('php',"include/notifier.php","drop",$item['id']);
}
}
}
}
@ -2268,6 +2335,7 @@ function local_delivery($importer,$data) {
$is_a_remote_comment = false;
// POSSIBLE CLEANUP --> Why select so many fields when only forum_mode and wall are used?
$r = q("select `item`.`id`, `item`.`uri`, `item`.`tag`, `item`.`forum_mode`,`item`.`origin`,`item`.`wall`,
`contact`.`name`, `contact`.`url`, `contact`.`thumb` from `item`
LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
@ -3359,40 +3427,8 @@ function drop_item($id,$interactive = true) {
);
}
// Add a relayable_retraction signature for Diaspora. Note that we can't add a target_author_signature
// if the comment was deleted by a remote user. That should be ok, because if a remote user is deleting
// the comment, that means we're the home of the post, and Diaspora will only
// check the parent_author_signature of retractions that it doesn't have to relay further
//
// I don't think this function gets called for an "unlike," but I'll check anyway
$signed_text = $item['guid'] . ';' . ( ($item['verb'] === ACTIVITY_LIKE) ? 'Like' : 'Comment');
if(local_user() == $item['uid']) {
$handle = $a->user['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3);
$authorsig = base64_encode(rsa_sign($signed_text,$a->user['prvkey'],'sha256'));
}
else {
$r = q("SELECT `nick`, `url` FROM `contact` WHERE `id` = '%d' LIMIT 1",
$item['contact-id']
);
if(count($r)) {
// The below handle only works for NETWORK_DFRN. I think that's ok, because this function
// only handles DFRN deletes
$handle_baseurl_start = strpos($r['url'],'://') + 3;
$handle_baseurl_length = strpos($r['url'],'/profile') - $handle_baseurl_start;
$handle = $r['nick'] . '@' . substr($r['url'], $handle_baseurl_start, $handle_baseurl_length);
$authorsig = '';
}
}
if(isset($handle))
q("insert into sign (`retract_iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
intval($item['id']),
dbesc($signed_text),
dbesc($authorsig),
dbesc($handle)
);
// Add a relayable_retraction signature for Diaspora.
store_diaspora_retract_sig($item, $a->user, $a->get_baseurl());
}
$drop_id = intval($item['id']);
@ -3479,4 +3515,53 @@ function posted_date_widget($url,$uid,$wall) {
'$dates' => $ret
));
return $o;
}
}
function store_diaspora_retract_sig($item, $user, $baseurl) {
// Note that we can't add a target_author_signature
// if the comment was deleted by a remote user. That should be ok, because if a remote user is deleting
// the comment, that means we're the home of the post, and Diaspora will only
// check the parent_author_signature of retractions that it doesn't have to relay further
//
// I don't think this function gets called for an "unlike," but I'll check anyway
$enabled = intval(get_config('system','diaspora_enabled'));
if(! $enabled) {
logger('drop_item: diaspora support disabled, not storing retraction signature', LOGGER_DEBUG);
return;
}
logger('drop_item: storing diaspora retraction signature');
$signed_text = $item['guid'] . ';' . ( ($item['verb'] === ACTIVITY_LIKE) ? 'Like' : 'Comment');
if(local_user() == $item['uid']) {
$handle = $user['nickname'] . '@' . substr($baseurl, strpos($baseurl,'://') + 3);
$authorsig = base64_encode(rsa_sign($signed_text,$user['prvkey'],'sha256'));
}
else {
$r = q("SELECT `nick`, `url` FROM `contact` WHERE `id` = '%d' LIMIT 1",
$item['contact-id']
);
if(count($r)) {
// The below handle only works for NETWORK_DFRN. I think that's ok, because this function
// only handles DFRN deletes
$handle_baseurl_start = strpos($r['url'],'://') + 3;
$handle_baseurl_length = strpos($r['url'],'/profile') - $handle_baseurl_start;
$handle = $r['nick'] . '@' . substr($r['url'], $handle_baseurl_start, $handle_baseurl_length);
$authorsig = '';
}
}
if(isset($handle))
q("insert into sign (`retract_iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
intval($item['id']),
dbesc($signed_text),
dbesc($authorsig),
dbesc($handle)
);
return;
}

View file

@ -125,7 +125,7 @@ function notifier_run($argv, $argc){
$uid = $r[0]['uid'];
$updated = $r[0]['edited'];
// The following seems superfluous. We've already checked for "if (! intval($r[0]['parent']))" a few lines up
// POSSIBLE CLEANUP --> The following seems superfluous. We've already checked for "if (! intval($r[0]['parent']))" a few lines up
if(! $parent_id)
return;

View file

@ -380,20 +380,23 @@ function service_class_fetch($uid,$property) {
}
function upgrade_link() {
function upgrade_link($bbcode = false) {
$l = get_config('service_class','upgrade_link');
$t = sprintf('<a href="%s">' . t('Click here to upgrade.') . '</div>', $l);
if($l)
return $t;
return '';
if(! $l)
return '';
if($bbcode)
$t = sprintf('[url=%s]' . t('Click here to upgrade.') . '[/url]', $l);
else
$t = sprintf('<a href="%s">' . t('Click here to upgrade.') . '</div>', $l);
return $t;
}
function upgrade_message() {
$x = upgrade_link();
function upgrade_message($bbcode = false) {
$x = upgrade_link($bbcode);
return t('This action exceeds the limits set by your subscription plan.') . (($x) ? ' ' . $x : '') ;
}
function upgrade_bool_message() {
$x = upgrade_link();
function upgrade_bool_message($bbcode = false) {
$x = upgrade_link($bbcode);
return t('This action is not available under your subscription plan.') . (($x) ? ' ' . $x : '') ;
}

View file

@ -57,12 +57,13 @@ function events_post(&$a) {
if(strcmp($finish,$start) < 0)
$finish = $start;
$summary = escape_tags(trim($_POST['summary']));
$desc = escape_tags(trim($_POST['desc']));
$location = escape_tags(trim($_POST['location']));
$type = 'event';
if((! $desc) || (! $start)) {
notice( t('Event description and start time are required.') . EOL);
if((! $summary) || (! $start)) {
notice( t('Event title and start time are required.') . EOL);
goaway($a->get_baseurl() . '/events/new');
}
@ -107,6 +108,7 @@ function events_post(&$a) {
$datarray = array();
$datarray['start'] = $start;
$datarray['finish'] = $finish;
$datarray['summary'] = $summary;
$datarray['desc'] = $desc;
$datarray['location'] = $location;
$datarray['type'] = $type;
@ -278,9 +280,11 @@ function events_content(&$a) {
$last_date = $d;
$edit = ((! $rr['cid']) ? array($a->get_baseurl().'/events/event/'.$rr['id'],t('Edit event'),'','') : null);
list($title, $_trash) = explode("<br",bbcode($rr['desc']),2);
$title = strip_tags($title);
$title = strip_tags(bbcode($rr['summary']));
if(! $title) {
list($title, $_trash) = explode("<br",bbcode($rr['desc']),2);
$title = strip_tags($title);
}
$html = format_event_html($rr);
$rr['desc'] = bbcode($rr['desc']);
$rr['location'] = bbcode($rr['location']);
@ -351,6 +355,7 @@ function events_content(&$a) {
$n_checked = ((x($orig_event) && $orig_event['nofinish']) ? ' checked="checked" ' : '');
$a_checked = ((x($orig_event) && $orig_event['adjust']) ? ' checked="checked" ' : '');
$t_orig = ((x($orig_event)) ? $orig_event['summary'] : '');
$d_orig = ((x($orig_event)) ? $orig_event['desc'] : '');
$l_orig = ((x($orig_event)) ? $orig_event['location'] : '');
$eid = ((x($orig_event)) ? $orig_event['id'] : 0);
@ -405,10 +410,11 @@ function events_content(&$a) {
'$eid' => $eid,
'$cid' => $cid,
'$uri' => $uri,
'$title' => t('Event details'),
'$desc' => sprintf( t('Format is %s %s. Starting date and Description are required.'),$dateformat,$timeformat),
'$desc' => sprintf( t('Format is %s %s. Starting date and Title are required.'),$dateformat,$timeformat),
'$s_text' => t('Event Starts:') . ' <span class="required">*</span> ',
'$s_text' => t('Event Starts:') . ' <span class="required" title="' . t('Required') . '">*</span>',
'$s_dsel' => datesel($f,'start',$syear+5,$syear,false,$syear,$smonth,$sday),
'$s_tsel' => timesel('start',$shour,$sminute),
'$n_text' => t('Finish date/time is not known or not relevant'),
@ -418,10 +424,12 @@ function events_content(&$a) {
'$f_tsel' => timesel('finish',$fhour,$fminute),
'$a_text' => t('Adjust for viewer timezone'),
'$a_checked' => $a_checked,
'$d_text' => t('Description:') . ' <span class="required">*</span>',
'$d_text' => t('Description:'),
'$d_orig' => $d_orig,
'$l_text' => t('Location:'),
'$l_orig' => $l_orig,
'$t_text' => t('Title:') . ' <span class="required" title="' . t('Required') . '">*</span>',
'$t_orig' => $t_orig,
'$sh_text' => t('Share this event'),
'$sh_checked' => $sh_checked,
'$acl' => (($cid) ? '' : populate_acl(((x($orig_event)) ? $orig_event : $a->user),false)),

View file

@ -728,26 +728,10 @@ function item_post(&$a) {
}
// We won't be able to sign Diaspora comments for authenticated visitors - we don't have their private key
if($self) {
require_once('include/bb2diaspora.php');
$signed_body = html_entity_decode(bb2diaspora($datarray['body']));
$myaddr = $a->user['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3);
if($datarray['verb'] === ACTIVITY_LIKE)
$signed_text = $datarray['guid'] . ';' . 'Post' . ';' . $parent_item['guid'] . ';' . 'true' . ';' . $myaddr;
else
$signed_text = $datarray['guid'] . ';' . $parent_item['guid'] . ';' . $signed_body . ';' . $myaddr;
// Store the comment signature information in case we need to relay to Diaspora
store_diaspora_comment_sig($datarray, $author, ($self ? $a->user['prvkey'] : false), $parent_item, $post_id);
$authorsig = base64_encode(rsa_sign($signed_text,$a->user['prvkey'],'sha256'));
q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
intval($post_id),
dbesc($signed_text),
dbesc(base64_encode($authorsig)),
dbesc($myaddr)
);
}
}
else {
$parent = $post_id;
@ -1038,3 +1022,47 @@ function handle_tag($a, &$body, &$inform, &$str_tags, $profile_uid, $tag) {
return array('replaced' => $replaced, 'contact' => $r[0]);
}
function store_diaspora_comment_sig($datarray, $author, $uprvkey, $parent_item, $post_id) {
// We won't be able to sign Diaspora comments for authenticated visitors - we don't have their private key
$enabled = intval(get_config('system','diaspora_enabled'));
if(! $enabled) {
logger('mod_item: diaspora support disabled, not storing comment signature', LOGGER_DEBUG);
return;
}
logger('mod_item: storing diaspora comment signature');
require_once('include/bb2diaspora.php');
$signed_body = html_entity_decode(bb2diaspora($datarray['body']));
// $myaddr = $user['nickname'] . '@' . substr($baseurl, strpos($baseurl,'://') + 3);
// if( $author['network'] === NETWORK_DIASPORA)
// $diaspora_handle = $author['addr'];
// else {
// Only works for NETWORK_DFRN
$contact_baseurl_start = strpos($author['url'],'://') + 3;
$contact_baseurl_length = strpos($author['url'],'/profile') - $contact_baseurl_start;
$contact_baseurl = substr($author['url'], $contact_baseurl_start, $contact_baseurl_length);
$diaspora_handle = $author['nick'] . '@' . $contact_baseurl;
// }
$signed_text = $datarray['guid'] . ';' . $parent_item['guid'] . ';' . $signed_body . ';' . $diaspora_handle;
if( $uprvkey !== false )
$authorsig = base64_encode(rsa_sign($signed_text,$uprvkey,'sha256'));
else
$authorsig = '';
q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
intval($post_id),
dbesc($signed_text),
dbesc(base64_encode($authorsig)),
dbesc($diaspora_handle)
);
return;
}

View file

@ -121,57 +121,16 @@ function like_content(&$a) {
intval($like_item['id'])
);
// Clean up the `sign` table
// Clean up the Diaspora signatures for this like
// Go ahead and do it even if Diaspora support is disabled. We still want to clean up
// if it had been enabled in the past
$r = q("DELETE FROM `sign` WHERE `iid` = %d",
intval($like_item['id'])
);
// Save the author information for the unlike in case we need to relay to Diaspora
// Note that we can only create a signature for a user of the local server. We don't have
// a key for remote users. That is ok, because if a remote user is "unlike"ing a post, it
// means we are the relay, and for relayable_retractions, Diaspora
// only checks the parent_author_signature if it doesn't have to relay further
//
// If $item['resource-id'] exists, it means the item is a photo. Diaspora doesn't support
// likes on photos, so don't bother.
if(($activity === ACTIVITY_LIKE) && (! $item['resource-id'])) {
$signed_text = $like_item['guid'] . ';' . 'Like';
if( $contact['network'] === NETWORK_DIASPORA)
$diaspora_handle = $contact['addr'];
else { // Only works for NETWORK_DFRN
$contact_baseurl_start = strpos($contact['url'],'://') + 3;
$contact_baseurl_length = strpos($contact['url'],'/profile') - $contact_baseurl_start;
$contact_baseurl = substr($contact['url'], $contact_baseurl_start, $contact_baseurl_length);
$diaspora_handle = $contact['nick'] . '@' . $contact_baseurl;
// Get contact's private key if he's a user of the local Friendica server
$r = q("SELECT `contact`.`uid` FROM `contact` WHERE `url` = '%s' AND `self` = 1 LIMIT 1",
dbesc($contact['url'])
);
if( $r) {
$contact_uid = $r['uid'];
$r = q("SELECT prvkey FROM user WHERE uid = %d LIMIT 1",
intval($contact_uid)
);
if( $r)
$authorsig = base64_encode(rsa_sign($signed_text,$r['prvkey'],'sha256'));
}
}
if(! isset($authorsig))
$authorsig = '';
q("insert into sign (`retract_iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
intval($like_item['id']),
dbesc($signed_text),
dbesc($authorsig),
dbesc($diaspora_handle)
);
}
store_diaspora_like_retract_sig($activity, $item, $like_item, $contact);
// proc_run('php',"include/notifier.php","like","$post_id"); // $post_id isn't defined here!
@ -252,35 +211,118 @@ EOT;
// Save the author information for the like in case we need to relay to Diaspora
store_diaspora_like_sig($activity, $post_type, $contact, $post_id);
$arr['id'] = $post_id;
call_hooks('post_local_end', $arr);
proc_run('php',"include/notifier.php","like","$post_id");
killme();
// return; // NOTREACHED
}
function store_diaspora_like_retract_sig($activity, $item, $like_item, $contact) {
// Note that we can only create a signature for a user of the local server. We don't have
// a key for remote users. That is ok, because if a remote user is "unlike"ing a post, it
// means we are the relay, and for relayable_retractions, Diaspora
// only checks the parent_author_signature if it doesn't have to relay further
//
// If $item['resource-id'] exists, it means the item is a photo. Diaspora doesn't support
// likes on photos, so don't bother.
$enabled = intval(get_config('system','diaspora_enabled'));
if(! $enabled) {
logger('mod_like: diaspora support disabled, not storing like retraction signature', LOGGER_DEBUG);
return;
}
logger('mod_like: storing diaspora like retraction signature');
if(($activity === ACTIVITY_LIKE) && (! $item['resource-id'])) {
$signed_text = $like_item['guid'] . ';' . 'Like';
// if( $contact['network'] === NETWORK_DIASPORA)
// $diaspora_handle = $contact['addr'];
// else {
// Only works for NETWORK_DFRN
$contact_baseurl_start = strpos($contact['url'],'://') + 3;
$contact_baseurl_length = strpos($contact['url'],'/profile') - $contact_baseurl_start;
$contact_baseurl = substr($contact['url'], $contact_baseurl_start, $contact_baseurl_length);
$diaspora_handle = $contact['nick'] . '@' . $contact_baseurl;
// Get contact's private key if he's a user of the local Friendica server
$r = q("SELECT `contact`.`uid` FROM `contact` WHERE `url` = '%s' AND `self` = 1 LIMIT 1",
dbesc($contact['url'])
);
if( $r) {
$contact_uid = $r['uid'];
$r = q("SELECT prvkey FROM user WHERE uid = %d LIMIT 1",
intval($contact_uid)
);
if( $r)
$authorsig = base64_encode(rsa_sign($signed_text,$r['prvkey'],'sha256'));
}
// }
if(! isset($authorsig))
$authorsig = '';
q("insert into sign (`retract_iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
intval($like_item['id']),
dbesc($signed_text),
dbesc($authorsig),
dbesc($diaspora_handle)
);
}
return;
}
function store_diaspora_like_sig($activity, $post_type, $contact, $post_id) {
// Note that we can only create a signature for a user of the local server. We don't have
// a key for remote users. That is ok, because if a remote user is "unlike"ing a post, it
// means we are the relay, and for relayable_retractions, Diaspora
// only checks the parent_author_signature if it doesn't have to relay further
if(($activity === ACTIVITY_LIKE) && ($post_type === t('status'))) {
if( $contact['network'] === NETWORK_DIASPORA)
$diaspora_handle = $contact['addr'];
else { // Only works for NETWORK_DFRN
$contact_baseurl_start = strpos($contact['url'],'://') + 3;
$contact_baseurl_length = strpos($contact['url'],'/profile') - $contact_baseurl_start;
$contact_baseurl = substr($contact['url'], $contact_baseurl_start, $contact_baseurl_length);
$diaspora_handle = $contact['nick'] . '@' . $contact_baseurl;
$enabled = intval(get_config('system','diaspora_enabled'));
if(! $enabled) {
logger('mod_like: diaspora support disabled, not storing like signature', LOGGER_DEBUG);
return;
}
// Get contact's private key if he's a user of the local Friendica server
$r = q("SELECT `contact`.`uid` FROM `contact` WHERE `url` = '%s' AND `self` = 1 LIMIT 1",
dbesc($contact['url'])
logger('mod_like: storing diaspora like signature');
if(($activity === ACTIVITY_LIKE) && ($post_type === t('status'))) {
// if( $contact['network'] === NETWORK_DIASPORA)
// $diaspora_handle = $contact['addr'];
// else {
// Only works for NETWORK_DFRN
$contact_baseurl_start = strpos($contact['url'],'://') + 3;
$contact_baseurl_length = strpos($contact['url'],'/profile') - $contact_baseurl_start;
$contact_baseurl = substr($contact['url'], $contact_baseurl_start, $contact_baseurl_length);
$diaspora_handle = $contact['nick'] . '@' . $contact_baseurl;
// Get contact's private key if he's a user of the local Friendica server
$r = q("SELECT `contact`.`uid` FROM `contact` WHERE `url` = '%s' AND `self` = 1 LIMIT 1",
dbesc($contact['url'])
);
if( $r) {
$contact_uid = $r['uid'];
$r = q("SELECT prvkey FROM user WHERE uid = %d LIMIT 1",
intval($contact_uid)
);
if( $r) {
$contact_uid = $r['uid'];
$r = q("SELECT prvkey FROM user WHERE uid = %d LIMIT 1",
intval($contact_uid)
);
if( $r)
$contact_uprvkey = $r['prvkey'];
}
if( $r)
$contact_uprvkey = $r['prvkey'];
}
// }
$r = q("SELECT guid, parent FROM `item` WHERE id = %d LIMIT 1",
intval($post_id)
@ -308,13 +350,5 @@ EOT;
}
}
$arr['id'] = $post_id;
call_hooks('post_local_end', $arr);
proc_run('php',"include/notifier.php","like","$post_id");
killme();
// return; // NOTREACHED
return;
}

View file

@ -677,6 +677,14 @@ function settings_content(&$a) {
$tpl = get_markup_template("settings_connectors.tpl");
if(! service_class_allows(local_user(),'email_connect')) {
$mail_disabled_message = upgrade_bool_message();
}
else {
$mail_disabled_message = (($mail_disabled) ? t('Email access is disabled on this site.') : '');
}
$o .= replace_macros($tpl, array(
'$form_security_token' => get_form_security_token("settings_connectors"),
@ -688,7 +696,7 @@ function settings_content(&$a) {
'$h_imap' => t('Email/Mailbox Setup'),
'$imap_desc' => t("If you wish to communicate with email contacts using this service \x28optional\x29, please specify how to connect to your mailbox."),
'$imap_lastcheck' => array('imap_lastcheck', t('Last successful email check:'), $mail_chk,''),
'$mail_disabled' => (($mail_disabled) ? t('Email access is disabled on this site.') : ''),
'$mail_disabled' => $mail_disabled_message,
'$mail_server' => array('mail_server', t('IMAP server name:'), $mail_server, ''),
'$mail_port' => array('mail_port', t('IMAP port:'), $mail_port, ''),
'$mail_ssl' => array('mail_ssl', t('Security:'), strtoupper($mail_ssl), '', array( 'notls'=>t('None'), 'TLS'=>'TLS', 'SSL'=>'SSL')),
@ -921,18 +929,12 @@ function settings_content(&$a) {
));
$invisible = (((! $profile['publish']) && (! $profile['net-publish']))
? true : false);
if($invisible)
info( t('Profile is <strong>not published</strong>.') . EOL );
$subdir = ((strlen($a->get_path())) ? '<br />' . t('or') . ' ' . $a->get_baseurl(true) . '/profile/' . $nickname : '');
@ -1029,17 +1031,6 @@ function settings_content(&$a) {
'$h_descadvn' => t('Change the behaviour of this account for special situations'),
'$pagetype' => $pagetype,
));
call_hooks('settings_form',$o);

View file

@ -60,6 +60,19 @@ function wall_attach_post(&$a) {
return;
}
$r = q("select sum(octet_length(data)) as total from attach where uid = %d ",
intval($page_owner_uid)
);
$limit = service_class_fetch($page_owner_uid,'attach_upload_limit');
if(($limit !== false) && (($r[0]['total'] + strlen($imagedata)) > $limit)) {
echo upgrade_message(true) . EOL ;
@unlink($src);
killme();
}
$filedata = @file_get_contents($src);
$mimetype = z_mime_content_type($filename);
$hash = random_string();

View file

@ -79,6 +79,19 @@ function wall_upload_post(&$a) {
killme();
}
$r = q("select sum(octet_length(data)) as total from photo where uid = %d and scale = 0 and album != 'Contact Photos' ",
intval($page_owner_uid)
);
$limit = service_class_fetch($page_owner_uid,'photo_upload_limit');
if(($limit !== false) && (($r[0]['total'] + strlen($imagedata)) > $limit)) {
echo upgrade_message(true) . EOL ;
@unlink($src);
killme();
}
$imagedata = @file_get_contents($src);
$ph = new Photo($imagedata, $filetype);

View file

@ -1,6 +1,6 @@
<?php
define( 'UPDATE_VERSION' , 1150 );
define( 'UPDATE_VERSION' , 1151 );
/**
*
@ -1298,3 +1298,12 @@ function update_1149() {
return UPDATE_FAILED;
return UPDATE_SUCCESS;
}
function update_1150() {
$r = q("ALTER TABLE event ADD summary text NOT NULL after finish, add index ( uid ), add index ( cid ), add index ( uri ), add index ( `start` ), add index ( finish ), add index ( `type` ), add index ( adjust ) ");
if(! $r)
return UPDATE_FAILED;
return UPDATE_SUCCESS;
}

File diff suppressed because it is too large Load diff

View file

@ -26,6 +26,10 @@ $f_dsel $f_tsel
<div id="event-adjust-break"></div>
<div id="event-summary-text">$t_text</div>
<input type="text" id="event-summary" name="summary" value="$t_orig" />
<div id="event-desc-text">$d_text</div>
<textarea id="event-desc-textarea" name="desc">$d_orig</textarea>

View file

@ -70,7 +70,7 @@
<div style="display: none;">
<div id="profile-jot-acl-wrapper" style="width:auto;height:auto;overflow:auto;">
$acl
<hr style="clear:both"/>
<hr style="clear:both;"/>
<div id="profile-jot-email-label">$emailcc</div><input type="text" name="emailcc" id="profile-jot-email" title="$emtitle" />
<div id="profile-jot-email-end"></div>
$jotnets

View file

@ -2421,9 +2421,40 @@ aside input[type='text'] {
font-size: 20px;
}
#event-summary-text {
margin-top: 15px;
}
#event-share-checkbox {
float: left;
margin-top: 10px;
}
#event-share-text {
float: left;
margin-top: 10px;
margin-left: 5px;
}
#event-share-break {
clear: both;
margin-bottom: 10px;
}
#event-summary {
width: 400px;
}
.vevent {
border: 1px solid #CCCCCC;
}
.vevent .event-summary {
margin-left: 10px;
margin-right: 10px;
font-weight: bold;
}
.vevent .event-description, .vevent .event-location {
margin-left: 10px;
margin-right: 10px;