Merge commit 'upstream/master'

9 years ago · bdd2754740
--- a/.htaccess
+++ b/.htaccess
@ -1,13 +1,10 @@
 #Options -Indexes
 Options -Indexes
 AddType application/x-java-archive .jar
 AddType audio/ogg .oga

 <FilesMatch "\.(out|log)$">
 Deny from all
 </FilesMatch>
 <Files "(include|library)">
 Deny from all
 </Files>

 <IfModule mod_rewrite.c>
  RewriteEngine on
--- a/boot.php
+++ b/boot.php
@ -9,9 +9,9 @@ require_once('include/nav.php');
 require_once('include/cache.php');

 define ( 'FRIENDICA_PLATFORM',     'Friendica');
 define ( 'FRIENDICA_VERSION',      '2.3.1281' );
 define ( 'FRIENDICA_VERSION',      '2.3.1294' );
 define ( 'DFRN_PROTOCOL_VERSION',  '2.23'    );
 define ( 'DB_UPDATE_VERSION',      1131      );
 define ( 'DB_UPDATE_VERSION',      1133      );

 define ( 'EOL',                    "<br />\r\n"     );
 define ( 'ATOM_TIME',              'Y-m-d\TH:i:s\Z' );
@ -135,6 +135,9 @@ define ( 'NOTIFY_PROFILE',  0x0040 );
 define ( 'NOTIFY_TAGSELF',  0x0080 );
 define ( 'NOTIFY_TAGSHARE', 0x0100 );

 define ( 'NOTIFY_SYSTEM',   0x8000 );


 /**
 * various namespaces we may need to parse
 */
@ -286,7 +289,12 @@ class App {

 		startup();

 		$this->scheme = ((isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS']))	?  'https' : 'http' );
 		$this->scheme = 'http';
 		if(x($_SERVER,'HTTPS') && $_SERVER['HTTPS'])
 			$this->scheme = 'https';
 		elseif(x($_SERVER,'SERVER_PORT') && (intval($_SERVER['SERVER_PORT']) == 443)) 
 			$this->scheme = 'https';


 		if(x($_SERVER,'SERVER_NAME')) {
 			$this->hostname = $_SERVER['SERVER_NAME'];
@ -380,7 +388,7 @@ class App {
 		$scheme = $this->scheme;

 		if((x($this->config,'system')) && (x($this->config['system'],'ssl_policy'))) {
 			if($this->config['system']['ssl_policy'] == SSL_POLICY_FULL) 
 			if(intval($this->config['system']['ssl_policy']) === intval(SSL_POLICY_FULL)) 
 				$scheme = 'https';

 //			We need to populate the $ssl flag across the entire program before turning this on.
@ -555,6 +563,10 @@ function absurl($path) {
 	return $path;
 }

 function is_ajax() {
 	return (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest');
 }


 // Primarily involved with database upgrade, but also sets the 
 // base url for use in cmdline programs which don't have
@ -708,15 +720,16 @@ function login($register = false, $hiddens=false) {

 	$noid = get_config('system','no_openid');
 	
 	$dest_url = $a->get_baseurl(true) . '/' . $a->query_string;

 	if(local_user()) {
 		$tpl = get_markup_template("logout.tpl");
 	}
 	else {
 		$tpl = get_markup_template("login.tpl");

 		$_SESSION['return_url'] = $a->query_string;
 	}

 	$dest_url = $a->get_baseurl(true) . '/' . $a->query_string;

 	$o .= replace_macros($tpl,array(

@ -1372,6 +1385,11 @@ function profile_tabs($a, $is_owner=False, $nickname=Null){
 		);
 	}


 	$arr = array('is_owner' => $is_owner, 'nickname' => $nickname, 'tab' => (($tab) ? $tab : false), 'tabs' => $tabs);
 	call_hooks('profile_tabs', $arr);
 	
 	$tpl = get_markup_template('common_tabs.tpl');
 	return replace_macros($tpl,array('$tabs'=>$tabs));

 	return replace_macros($tpl,array('$tabs' => $arr['tabs']));
 }}	
--- a/database.sql
+++ b/database.sql
@ -92,6 +92,7 @@ CREATE TABLE IF NOT EXISTS `contact` (
  `blocked` tinyint(1) NOT NULL DEFAULT '1',
  `readonly` tinyint(1) NOT NULL DEFAULT '0',
  `writable` tinyint(1) NOT NULL DEFAULT '0',
  `forum` tinyint(1) NOT NULL DEFAULT '0',
  `hidden` tinyint(1) NOT NULL DEFAULT '0',
  `pending` tinyint(1) NOT NULL DEFAULT '1',
  `rating` tinyint(1) NOT NULL DEFAULT '0',
@ -116,6 +117,7 @@ CREATE TABLE IF NOT EXISTS `contact` (
  KEY `dfrn-id` (`dfrn-id`),
  KEY `blocked` (`blocked`),
  KEY `readonly` (`readonly`),
  KEY `forum` (`forum`),
  KEY `hidden` (`hidden`),
  KEY `pending` (`pending`),
  KEY `closeness` (`closeness`)  
@ -859,3 +861,9 @@ INDEX ( `term` )
 ) ENGINE = MyISAM DEFAULT CHARSET=utf8;


 CREATE TABLE IF NOT EXISTS `userd` (
 `id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
 `username` CHAR( 255 ) NOT NULL,
 INDEX ( `username` )
 ) ENGINE = MyISAM DEFAULT CHARSET=utf8;

--- a/images/blank.png
+++ b/images/blank.png
--- a/images/person-175.jpg
+++ b/images/person-175.jpg
--- a/images/person-48.jpg
+++ b/images/person-48.jpg
--- a/images/person-80.jpg
+++ b/images/person-80.jpg
--- a/include/Contact.php
+++ b/include/Contact.php
@ -15,6 +15,12 @@ function user_remove($uid) {

 	call_hooks('remove_user',$r[0]);

 	// save username (actually the nickname as it is guaranteed 
 	// unique), so it cannot be re-registered in the future.

 	q("insert into userd ( username ) values ( '%s' )",
 		$r[0]['nickname']
 	);

 	q("DELETE FROM `contact` WHERE `uid` = %d", intval($uid));
 	q("DELETE FROM `group` WHERE `uid` = %d", intval($uid));
--- a/include/Photo.php
+++ b/include/Photo.php
@ -268,9 +268,9 @@ function import_profile_photo($photo,$uid,$cid) {
 		$photo_failure = true;

 	if($photo_failure) {
 		$photo = $a->get_baseurl() . '/images/default-profile.jpg';
 		$thumb = $a->get_baseurl() . '/images/default-profile-sm.jpg';
 		$micro = $a->get_baseurl() . '/images/default-profile-mm.jpg';
 		$photo = $a->get_baseurl() . '/images/person-175.jpg';
 		$thumb = $a->get_baseurl() . '/images/person-80.jpg';
 		$micro = $a->get_baseurl() . '/images/person-48.jpg';
 	}

 	return(array($photo,$thumb,$micro));
--- a/include/Scrape.php
+++ b/include/Scrape.php
@ -684,7 +684,7 @@ function probe_url($url, $mode = PROBE_NORMAL) {

 	if(! x($vcard,'photo')) {
 		$a = get_app();
 		$vcard['photo'] = $a->get_baseurl() . '/images/default-profile.jpg' ; 
 		$vcard['photo'] = $a->get_baseurl() . '/images/person-175.jpg' ; 
 	}

 	if(! $profile)
--- a/include/acl_selectors.php
+++ b/include/acl_selectors.php
@ -113,11 +113,13 @@ function contact_selector($selname, $selclass, $preselected = false, $options) {
 		$str_nets = implode(',',$x['networks']);
 		$sql_extra .= " AND `network` IN ( $str_nets ) ";
 	}
 	
 	$tabindex = (x($options, 'tabindex') ? "tabindex=\"" . $options["tabindex"] . "\"" : "");

 	if($x['single'])
 		$o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"" . $x['size'] . "\" >\r\n";
 		$o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"" . $x['size'] . "\" $tabindex >\r\n";
 	else 
 		$o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"" . $x['size'] . "$\" >\r\n";
 		$o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"" . $x['size'] . "$\" $tabindex >\r\n";

 	$r = q("SELECT `id`, `name`, `url`, `network` FROM `contact` 
 		WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 AND `notify` != ''
@ -156,7 +158,7 @@ function contact_selector($selname, $selclass, $preselected = false, $options) {



 function contact_select($selname, $selclass, $preselected = false, $size = 4, $privmail = false, $celeb = false, $privatenet = false) {
 function contact_select($selname, $selclass, $preselected = false, $size = 4, $privmail = false, $celeb = false, $privatenet = false, $tabindex = null) {

 	$a = get_app();

@ -178,12 +180,12 @@ function contact_select($selname, $selclass, $preselected = false, $size = 4, $p
 		$sql_extra .= " AND `network` IN ( 'dfrn', 'mail', 'face', 'dspr' ) ";
 	}


 	$tabindex = ($tabindex > 0 ? "tabindex=\"$tabindex\"" : "");

 	if($privmail)
 		$o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"$size\" >\r\n";
 		$o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"$size\" $tabindex >\r\n";
 	else 
 		$o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\" >\r\n";
 		$o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\" $tabindex >\r\n";

 	$r = q("SELECT `id`, `name`, `url`, `network` FROM `contact` 
 		WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 AND `notify` != ''
--- a/include/auth.php
+++ b/include/auth.php
@ -24,7 +24,7 @@ if((isset($_SESSION)) && (x($_SESSION,'authenticated')) && ((! (x($_POST,'auth-p
 	if(((x($_POST,'auth-params')) && ($_POST['auth-params'] === 'logout')) || ($a->module === 'logout')) {
 	
 		// process logout request

 		call_hooks("logging_out");
 		nuke_session();
 		info( t('Logged out.') . EOL);
 		goaway(z_root());
@ -77,7 +77,7 @@ else {

 			$noid = get_config('system','no_openid');

 			$openid_url = trim(  (strlen($_POST['openid_url'])?$_POST['openid_url']:$_POST['username']) );
 			$openid_url = trim((strlen($_POST['openid_url'])?$_POST['openid_url']:$_POST['username']) );

 			// validate_url alters the calling parameter

@ -99,32 +99,12 @@ else {
 			$openid->identity = $openid_url;
 			$_SESSION['openid'] = $openid_url;
 			$a = get_app();
 			$openid->returnUrl = $a->get_baseurl() . '/openid'; 

 			$r = q("SELECT `uid` FROM `user` WHERE `openid` = '%s' LIMIT 1",
 				dbesc($openid_url)
 			);
 			if(count($r)) { 
 				// existing account
 				goaway($openid->authUrl());
 				// NOTREACHED	
 			}
 			else {
 				if($a->config['register_policy'] == REGISTER_CLOSED) {
 					$a = get_app();
 					notice( t('Login failed.') . EOL);
 					goaway(z_root());
 					// NOTREACHED
 				}
 				// new account
 				$_SESSION['register'] = 1;
 				$openid->required = array('namePerson/friendly', 'contact/email', 'namePerson');
 				$openid->optional = array('namePerson/first','media/image/aspect11','media/image/default');
 				goaway($openid->authUrl());
 				// NOTREACHED	
 			}
 			$openid->returnUrl = $a->get_baseurl(true) . '/openid'; 
 			goaway($openid->authUrl());
 			// NOTREACHED
 		}
 	}

 	if((x($_POST,'auth-params')) && $_POST['auth-params'] === 'login') {

 		$record = null;
@ -165,7 +145,7 @@ else {
 		}

 		if((! $record) || (! count($record))) {
 			logger('authenticate: failed login attempt: ' . notags(trim($_POST['username']))); 
 			logger('authenticate: failed login attempt: ' . notags(trim($_POST['username'])) . ' from IP ' . $_SERVER['REMOTE_ADDR']); 
 			notice( t('Login failed.') . EOL );
 			goaway(z_root());
  		}
--- a/include/contact_widgets.php
+++ b/include/contact_widgets.php
@ -15,8 +15,6 @@ function findpeople_widget() {

 	$a = get_app();

 	$inv = (($a->config['register_policy'] != REGISTER_CLOSED) ? t('Invite Friends') : '');

 	if(get_config('system','invitation_only')) {
 		$x = get_pconfig(local_user(),'system','invites_remaining');
 		if($x || is_site_admin()) {
@ -34,7 +32,7 @@ function findpeople_widget() {
 		'$findthem' => t('Find'),
 		'$suggest' => t('Friend Suggestions'),
 		'$similar' => t('Similar Interests'),
 		'$inv' => $inv
 		'$inv' => t('Invite Friends')
 	));

 }
@ -48,7 +46,7 @@ function networks_widget($baseurl,$selected = '') {
 		return '';

 	
 	$r = q("select distinct(network) from contact where uid = %d",
 	$r = q("select distinct(network) from contact where uid = %d and self = 0",
 		intval(local_user())
 	);

--- a/include/conversation.php
+++ b/include/conversation.php
@ -649,7 +649,7 @@ function conversation(&$a, $items, $mode, $update, $preview = false) {
 					// template to use to render item (wall, walltowall, search)
 					'template' => $template,
 					
 					'type' => implode("",array_slice(split("/",$item['verb']),-1)),
 					'type' => implode("",array_slice(explode("/",$item['verb']),-1)),
 					'tags' => $tags,
 					'body' => template_escape($body),
 					'text' => strip_tags(template_escape($body)),
@ -779,6 +779,17 @@ function item_photo_menu($item){
 	if(($cid) && (! $item['self'])) {
 		$contact_url = $a->get_baseurl($ssl_state) . '/contacts/' . $cid;
 		$posts_link = $a->get_baseurl($ssl_state) . '/network/?cid=' . $cid;

 		$clean_url = normalise_link($item['author-link']);

 		if((local_user()) && (local_user() == $item['uid'])) {
 			if(isset($a->contacts) && x($a->contacts,$clean_url)) {
 				if($a->contacts[$clean_url]['network'] === NETWORK_DIASPORA) {
 					$pm_url = $a->get_baseurl($ssl_state) . '/message/new/' . $cid;
 				}
 			}
 		}

 	}

 	$menu = Array(
@ -886,8 +897,7 @@ function status_editor($a,$x, $notes_cid = 0, $popup=false) {
 		'$audurl' => t("Please enter an audio link/URL:"),
 		'$term' => t('Tag term:'),
 		'$fileas' => t('File as:'),
 		'$whereareu' => t('Where are you right now?'),
 		'$title' => t('Enter a title for this item') 
 		'$whereareu' => t('Where are you right now?')
 	));


--- a/include/dba.php
+++ b/include/dba.php
@ -1,5 +1,7 @@
 <?php

 require_once('include/datetime.php');

 /**
 *
 * MySQL database class
@ -104,19 +106,17 @@ class dba {

 			logger('dba: ' . $str );
 		}
 		else {

 			/**
 			 * If dbfail.out exists, we will write any failed calls directly to it,
 			 * regardless of any logging that may or may nor be in effect.
 			 * These usually indicate SQL syntax errors that need to be resolved.
 			 */
 		/**
 		 * If dbfail.out exists, we will write any failed calls directly to it,
 		 * regardless of any logging that may or may nor be in effect.
 		 * These usually indicate SQL syntax errors that need to be resolved.
 		 */

 			if($result === false) {
 				logger('dba: ' . printable($sql) . ' returned false.');
 				if(file_exists('dbfail.out'))
 					file_put_contents('dbfail.out', printable($sql) . ' returned false' . "\n", FILE_APPEND);
 			}
 		if($result === false) {
 			logger('dba: ' . printable($sql) . ' returned false.');
 			if(file_exists('dbfail.out'))
 				file_put_contents('dbfail.out', datetime_convert() . "\n" . printable($sql) . ' returned false' . "\n", FILE_APPEND);
 		}

 		if(($result === true) || ($result === false))
@ -140,7 +140,7 @@ class dba {

    
 		if($this->debug)
 			logger('dba: ' . printable(print_r($r, true)), LOGGER_DATA);
 			logger('dba: ' . printable(print_r($r, true)));
 		return($r);
 	}

--- a/include/delivery.php
+++ b/include/delivery.php
@ -256,7 +256,8 @@ function delivery_run($argv, $argc){
 					'$picdate'      => xmlify(datetime_convert('UTC','UTC',$owner['avatar-date'] . '+00:00' , ATOM_TIME)) ,
 					'$uridate'      => xmlify(datetime_convert('UTC','UTC',$owner['uri-date']    . '+00:00' , ATOM_TIME)) ,
 					'$namdate'      => xmlify(datetime_convert('UTC','UTC',$owner['name-date']   . '+00:00' , ATOM_TIME)) ,
 					'$birthday'     => $birthday
 					'$birthday'     => $birthday,
 					'$community'    => (($owner['page-flags'] == PAGE_COMMUNITY) ? '<dfrn:community>1</dfrn:community>' : '')
 			));

 			foreach($items as $item) {
--- a/include/diaspora.php
+++ b/include/diaspora.php
@ -1159,6 +1159,48 @@ function diaspora_comment($importer,$xml,$msg) {

 		proc_run('php','include/notifier.php','comment',$message_id);
 	}

 	$myconv = q("SELECT `author-link`, `author-avatar`, `parent` FROM `item` WHERE `parent-uri` = '%s' AND `uid` = %d AND `parent` != 0 ",
 		dbesc($parent_item['uri']),
 		intval($importer['uid'])
 	);

 	if(count($myconv)) {
 		$importer_url = $a->get_baseurl() . '/profile/' . $importer['nickname'];

 		foreach($myconv as $conv) {

 			// now if we find a match, it means we're in this conversation
 	
 			if(! link_compare($conv['author-link'],$importer_url))
 				continue;

 			require_once('include/enotify.php');
 								
 			$conv_parent = $conv['parent'];

 			notification(array(
 				'type'         => NOTIFY_COMMENT,
 				'notify_flags' => $importer['notify-flags'],
 				'language'     => $importer['language'],
 				'to_name'      => $importer['username'],
 				'to_email'     => $importer['email'],
 				'uid'          => $importer['uid'],
 				'item'         => $datarray,
 				'link'		   => $a->get_baseurl() . '/display/' . $importer['nickname'] . '/' . $message_id,
 				'source_name'  => $datarray['author-name'],
 				'source_link'  => $datarray['author-link'],
 				'source_photo' => $datarray['author-avatar'],
 				'verb'         => ACTIVITY_POST,
 				'otype'        => 'item',
 				'parent'       => $conv_parent,

 			));

 			// only send one notification
 			break;
 		}
 	}
 	return;
 }

@ -1695,7 +1737,7 @@ function diaspora_retraction($importer,$xml) {
 		contact_remove($contact['id']);
 	}
 	elseif($type === 'Post') {
 		$r = q("select * from item where guid = '%s' and uid = %d limit 1",
 		$r = q("select * from item where guid = '%s' and uid = %d and not file like '%%[%%' limit 1",
 			dbesc('guid'),
 			intval($importer['uid'])
 		);
@ -1743,7 +1785,7 @@ function diaspora_signed_retraction($importer,$xml,$msg) {
 	}

 	if($type === 'StatusMessage') {
 		$r = q("select * from item where guid = '%s' and uid = %d limit 1",
 		$r = q("select * from item where guid = '%s' and uid = %d and not file like '%%[%%' limit 1",
 			dbesc($guid),
 			intval($importer['uid'])
 		);
--- a/include/email.php
+++ b/include/email.php
@ -56,7 +56,7 @@ function email_msg_headers($mbox,$uid) {
 	$raw_header = (($mbox && $uid) ? @imap_fetchheader($mbox,$uid,FT_UID) : '');
 	$raw_header = str_replace("\r",'',$raw_header);
 	$ret = array();
 	$h = split("\n",$raw_header);
 	$h = explode("\n",$raw_header);
 	if(count($h))
 	foreach($h as $line ) {
 	    if (preg_match("/^[a-zA-Z]/", $line)) {
--- a/include/enotify.php
+++ b/include/enotify.php
@ -5,6 +5,12 @@ function notification($params) {
 	logger('notification: entry', LOGGER_DEBUG);

 	$a = get_app();

 	// from here on everything is in the recipients language

 	push_lang($params['language']);


 	$banner = t('Friendica Notification');
 	$product = FRIENDICA_PLATFORM;
 	$siteurl = z_path();
@ -153,9 +159,33 @@ function notification($params) {

 	}

 	// from here on everything is in the recipients language
 	if($params['type'] == NOTIFY_SYSTEM) {
 		
 	}

 	$h = array(
 		'params'    => $params, 
 		'subject'   => $subject,
 		'preamble'  => $preamble, 
 		'epreamble' => $epreamble, 
 		'body'      => $body, 
 		'sitelink'  => $sitelink,
 		'tsitelink' => $tsitelink,
 		'hsitelink' => $hsitelink,
 		'itemlink'  => $itemlink
 	);
 		
 	call_hooks('enotify',$h);

 	$subject   = $h['subject'];
 	$preamble  = $h['preamble'];
 	$epreamble = $h['epreamble'];
 	$body      = $h['body'];
 	$sitelink  = $h['sitelink'];
 	$tsitelink = $h['tsitelink'];
 	$hsitelink = $h['hsitelink'];
 	$itemlink  = $h['itemlink']; 

 	push_lang($params['language']);

 	require_once('include/html2bbcode.php');	

@ -207,8 +237,10 @@ function notification($params) {
 	);
 	if($r)
 		$notify_id = $r[0]['id'];
 	else
 	else {
 		pop_lang();
 		return;
 	}

 	$itemlink = $a->get_baseurl() . '/notify/view/' . $notify_id;
 	$msg = replace_macros($epreamble,array('$itemlink' => $itemlink));
@ -219,11 +251,10 @@ function notification($params) {
 	);
 		


 	// send email notification if notification preferences permit

 	require_once('bbcode.php');
 	if(intval($params['notify_flags']) & intval($params['type'])) {
 	if((intval($params['notify_flags']) & intval($params['type'])) || $params['type'] == NOTIFY_SYSTEM) {

 		logger('notification: sending notification email');

--- a/include/items.php
+++ b/include/items.php
@ -7,14 +7,11 @@ require_once('include/crypto.php');

 function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0) {

 	// default permissions - anonymous user

 	if(! strlen($owner_nick))
 		killme();

 	$sitefeed    = ((strlen($owner_nick)) ? false : true); // not yet implemented, need to rewrite huge chunks of following logic
 	$public_feed = (($dfrn_id) ? false : true);
 	$starred = false;
 	$converse = false;
 	$starred     = false;   // not yet implemented, possible security issues
 	$converse    = false;

 	if($public_feed && $a->argc > 2) {
 		for($x = 2; $x < $a->argc; $x++) {
@ -25,10 +22,11 @@ function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0)
 		}
 	}

 	// default permissions - anonymous user

 	$sql_extra = " AND `allow_cid` = '' AND `allow_gid` = '' AND `deny_cid`  = '' AND `deny_gid`  = '' ";

 	$r = q("SELECT `contact`.*, `user`.`uid` AS `user_uid`, `user`.`nickname`, `user`.`timezone`
 	$r = q("SELECT `contact`.*, `user`.`uid` AS `user_uid`, `user`.`nickname`, `user`.`timezone`, `user`.`page-flags`
 		FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid`
 		WHERE `contact`.`self` = 1 AND `user`.`nickname` = '%s' LIMIT 1",
 		dbesc($owner_nick)
@ -156,7 +154,8 @@ function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0)
 		'$picdate'      => xmlify(datetime_convert('UTC','UTC',$owner['avatar-date'] . '+00:00' , ATOM_TIME)) ,
 		'$uridate'      => xmlify(datetime_convert('UTC','UTC',$owner['uri-date']    . '+00:00' , ATOM_TIME)) ,
 		'$namdate'      => xmlify(datetime_convert('UTC','UTC',$owner['name-date']   . '+00:00' , ATOM_TIME)) , 
 		'$birthday'     => ((strlen($birthday)) ? '<dfrn:birthday>' . xmlify($birthday) . '</dfrn:birthday>' : '')
 		'$birthday'     => ((strlen($birthday)) ? '<dfrn:birthday>' . xmlify($birthday) . '</dfrn:birthday>' : ''),
 		'$community'    => (($owner['page-flags'] == PAGE_COMMUNITY) ? '<dfrn:community>1</dfrn:community>' : '')
 	));

 	call_hooks('atom_feed', $atom);
@ -1048,6 +1047,7 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) {

 	$ssl_val = intval(get_config('system','ssl_policy'));
 	$ssl_policy = '';

 	switch($ssl_val){
 		case SSL_POLICY_FULL:
 			$ssl_policy = 'full';
@ -1092,6 +1092,7 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) {
 	$challenge    = hex2bin((string) $res->challenge);
 	$dfrn_version = (float) (($res->dfrn_version) ? $res->dfrn_version : 2.0);
 	$rino_allowed = ((intval($res->rino) === 1) ? 1 : 0);
 	$page         = (($owner['page-flags'] == PAGE_COMMUNITY) ? 1 : 0);

 	$final_dfrn_id = '';

@ -1135,6 +1136,9 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) {

 	$postvars['ssl_policy'] = $ssl_policy;

 	if($page)
 		$postvars['page'] = '1';
 	
 	if($rino && $rino_allowed && (! $dissolve)) {
 		$key = substr(random_string(),0,16);
 		$data = bin2hex(aes_encrypt($postvars['data'],$key));
@ -1399,6 +1403,19 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0)

 	}

 	$community_page = 0;
 	$rawtags = $feed->get_feed_tags( NAMESPACE_DFRN, 'community');
 	if($rawtags) {
 		$community_page = intval($rawtags[0]['data']);
 	}
 	if(is_array($contact) && intval($contact['forum']) != $community_page) {
 		q("update contact set forum = %d where id = %d limit 1",
 			intval($community_page),
 			intval($contact['id'])
 		);
 		$contact['forum'] = (string) $community_page;
 	}


 	// process any deleted entries

@ -1418,7 +1435,7 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0)
 			}
 			if($deleted && is_array($contact)) {
 				$r = q("SELECT `item`.*, `contact`.`self` FROM `item` left join `contact` on `item`.`contact-id` = `contact`.`id` 
 					WHERE `uri` = '%s' AND `item`.`uid` = %d AND `contact-id` = %d LIMIT 1",
 					WHERE `uri` = '%s' AND `item`.`uid` = %d AND `contact-id` = %d AND NOT `item`.`file` LIKE '%%[%%' LIMIT 1",
 					dbesc($uri),
 					intval($importer['uid']),
 					intval($contact['id'])
@ -1563,9 +1580,10 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0)

 				if(count($r)) {
 					if((x($datarray,'edited') !== false) && (datetime_convert('UTC','UTC',$datarray['edited']) !== $r[0]['edited'])) {  
 						$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
 						$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
 							dbesc($datarray['title']),
 							dbesc($datarray['body']),
 							dbesc($datarray['tag']),
 							dbesc(datetime_convert('UTC','UTC',$datarray['edited'])),
 							dbesc($item_id),
 							intval($importer['uid'])
@ -1708,9 +1726,10 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0)

 				if(count($r)) {
 					if((x($datarray,'edited') !== false) && (datetime_convert('UTC','UTC',$datarray['edited']) !== $r[0]['edited'])) {  
 						$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
 						$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
 							dbesc($datarray['title']),
 							dbesc($datarray['body']),
 							dbesc($datarray['tag']),
 							dbesc(datetime_convert('UTC','UTC',$datarray['edited'])),
 							dbesc($item_id),
 							intval($importer['uid'])
@ -1781,7 +1800,7 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0)
 					// but otherwise there's a possible data mixup on the sender's system.
 					// the tgroup delivery code called from item_store will correct it if it's a forum,
 					// but we're going to unconditionally correct it here so that the post will always be owned by our contact. 
 					logger('local_delivery: Correcting item owner.', LOGGER_DEBUG);
 					logger('consume_feed: Correcting item owner.', LOGGER_DEBUG);
 					$datarray['owner-name']   = $contact['name'];
 					$datarray['owner-link']   = $contact['url'];
 					$datarray['owner-avatar'] = $contact['thumb'];
@ -1877,6 +1896,14 @@ function local_delivery($importer,$data) {
 		);
 		if(count($r)) {
 			$fid = $r[0]['id'];

 			// OK, we do. Do we already have an introduction for this person ?
 			$r = q("select id from intro where uid = %d and fid = %d limit 1",
 				intval($fsugg['uid']),
 				intval($fid)
 			);
 			if(count($r))
 				return 0;
 		}
 		if(! $fid)
 			$r = q("INSERT INTO `fcontact` ( `name`,`url`,`photo`,`request` ) VALUES ( '%s', '%s', '%s', '%s' ) ",
@ -1897,6 +1924,7 @@ function local_delivery($importer,$data) {
 		else
 			return 0;


 		$hash = random_string();
 
 		$r = q("INSERT INTO `intro` ( `uid`, `fid`, `contact-id`, `note`, `hash`, `datetime`, `blocked` )
@ -1982,6 +2010,19 @@ function local_delivery($importer,$data) {

 		// NOTREACHED
 	}	

 	$community_page = 0;
 	$rawtags = $feed->get_feed_tags( NAMESPACE_DFRN, 'community');
 	if($rawtags) {
 		$community_page = intval($rawtags[0]['data']);
 	}
 	if(intval($importer['forum']) != $community_page) {
 		q("update contact set forum = %d where id = %d limit 1",
 			intval($community_page),
 			intval($importer['id'])
 		);
 		$importer['forum'] = (string) $community_page;
 	}
 	
 	logger('local_delivery: feed item count = ' . $feed->get_item_quantity());

@ -2004,7 +2045,7 @@ function local_delivery($importer,$data) {
 			if($deleted) {

 				$r = q("SELECT `item`.*, `contact`.`self` FROM `item` left join contact on `item`.`contact-id` = `contact`.`id`
 					WHERE `uri` = '%s' AND `item`.`uid` = %d AND `contact-id` = %d LIMIT 1",
 					WHERE `uri` = '%s' AND `item`.`uid` = %d AND `contact-id` = %d AND NOT `item`.`file` LIKE '%%[%%' LIMIT 1",
 					dbesc($uri),
 					intval($importer['importer_uid']),
 					intval($importer['id'])
@ -2021,6 +2062,7 @@ function local_delivery($importer,$data) {
 					if(($item['verb'] === ACTIVITY_TAG) && ($item['object-type'] === ACTVITY_OBJ_TAGTERM)) {
 						$xo = parse_xml_string($item['object'],false);
 						$xt = parse_xml_string($item['target'],false);

 						if($xt->type === ACTIVITY_OBJ_NOTE) {
 							$i = q("select * from `item` where uri = '%s' and uid = %d limit 1",
 								dbesc($xt->id),
@ -2299,9 +2341,10 @@ function local_delivery($importer,$data) {

 				if(count($r)) {
 					if((x($datarray,'edited') !== false) && (datetime_convert('UTC','UTC',$datarray['edited']) !== $r[0]['edited'])) {  
 						$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
 						$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
 							dbesc($datarray['title']),
 							dbesc($datarray['body']),
 							dbesc($datarray['tag']),
 							dbesc(datetime_convert('UTC','UTC',$datarray['edited'])),
 							dbesc($item_id),
 							intval($importer['importer_uid'])
@ -2464,9 +2507,10 @@ function local_delivery($importer,$data) {

 			if(count($r)) {
 				if((x($datarray,'edited') !== false) && (datetime_convert('UTC','UTC',$datarray['edited']) !== $r[0]['edited'])) {  
 					$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
 					$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
 						dbesc($datarray['title']),
 						dbesc($datarray['body']),
 						dbesc($datarray['tag']),
 						dbesc(datetime_convert('UTC','UTC',$datarray['edited'])),
 						dbesc($item_id),
 						intval($importer['importer_uid'])
@ -2892,6 +2936,11 @@ function item_expire($uid,$days) {

 	foreach($r as $item) {

 		// don't expire filed items

 		if(strpos($item['file'],'[') !== false)
 			continue;

 		// Only expire posts, not photos and photo comments

 		if($expire_photos==0 && strlen($item['resource-id']))
--- a/include/nav.php
+++ b/include/nav.php
@ -55,7 +55,7 @@ function nav(&$a) {
 		// user info
 		$r = q("SELECT micro FROM contact WHERE uid=%d AND self=1", intval($a->user['uid']));
 		$userinfo = array(
 			'icon' => (count($r) ? $r[0]['micro']: $a->get_baseurl($ssl_state)."/images/default-profile-mm.jpg"),
 			'icon' => (count($r) ? $r[0]['micro']: $a->get_baseurl($ssl_state)."/images/person-48.jpg"),
 			'name' => $a->user['username'],
 		);
 		
--- a/include/network.php
+++ b/include/network.php
@ -303,7 +303,7 @@ function webfinger_dfrn($s,&$hcard) {


 if(! function_exists('webfinger')) {
 function webfinger($s) {
 function webfinger($s, $debug = false) {
 	$host = '';
 	if(strstr($s,'@')) {
 		$host = substr($s,strpos($s,'@') + 1);
@ -328,7 +328,7 @@ function webfinger($s) {
 }}

 if(! function_exists('lrdd')) {
 function lrdd($uri) {
 function lrdd($uri, $debug = false) {

 	$a = get_app();

--- a/include/notifier.php
+++ b/include/notifier.php
@ -337,7 +337,9 @@ function notifier_run($argv, $argc){
 			'$picdate'      => xmlify(datetime_convert('UTC','UTC',$owner['avatar-date'] . '+00:00' , ATOM_TIME)) ,
 			'$uridate'      => xmlify(datetime_convert('UTC','UTC',$owner['uri-date']    . '+00:00' , ATOM_TIME)) ,
 			'$namdate'      => xmlify(datetime_convert('UTC','UTC',$owner['name-date']   . '+00:00' , ATOM_TIME)) ,
 			'$birthday'     => $birthday
 			'$birthday'     => $birthday,
 			'$community'    => (($owner['page-flags'] == PAGE_COMMUNITY) ? '<dfrn:community>1</dfrn:community>' : '')

 	));

 	if($mail) {
--- a/include/oembed.php
+++ b/include/oembed.php
@ -38,7 +38,8 @@ function oembed_fetch_url($embedurl){
 					$entries = $xpath->query("//link[@type='application/json+oembed']");
 					foreach($entries as $e){
 						$href = $e->getAttributeNode("href")->nodeValue;
 						$txt = fetch_url($href);
 						$txt = fetch_url($href . '&maxwidth=425');
 						break;
 					}
 				}
 			}
@ -46,7 +47,7 @@ function oembed_fetch_url($embedurl){
 		
 		if ($txt==false || $txt==""){
 			// try oohembed service
 			$ourl = "http://oohembed.com/oohembed/?url=".urlencode($embedurl);  
 			$ourl = "http://oohembed.com/oohembed/?url=".urlencode($embedurl).'&maxwidth=425';  
 			$txt = fetch_url($ourl);
 		}
 		
--- a/include/plugin.php
+++ b/include/plugin.php
@ -249,6 +249,7 @@ function get_theme_info($theme){
 				list($k,$v) = array_map("trim", explode(":",$l,2));
 				$k= strtolower($k);
 				if ($k=="author"){

 					$r=preg_match("|([^<]+)<([^>]+)>|", $v, $m);
 					if ($r) {
 						$info['author'][] = array('name'=>$m[1], 'link'=>$m[2]);
@ -276,3 +277,13 @@ function get_theme_info($theme){
 	return $info;
 }}


 function get_theme_screenshot($theme) {
 	$a = get_app();
 	$exts = array('.png','.jpg');
 	foreach($exts as $ext) {
 		if(file_exists('view/theme/' . $theme . '/screenshot' . $ext))
 			return($a->get_baseurl() . '/view/theme/' . $theme . '/screenshot' . $ext);
 	}
 	return($a->get_baseurl() . '/images/blank.png');
 }
--- a/include/poller.php
+++ b/include/poller.php
@ -232,7 +232,7 @@ function poller_run($argv, $argc){

 			$importer_uid = $contact['uid'];
 		
 			$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
 			$r = q("SELECT `contact`.*, `user`.`page-flags` FROM `contact` LEFT JOIN `user` on `contact`.`uid` = `user`.`uid` WHERE `user`.`uid` = %d AND `contact`.`self` = 1 LIMIT 1",
 				intval($importer_uid)
 			);
 			if(! count($r))
--- a/include/queue.php
+++ b/include/queue.php
@ -61,13 +61,18 @@ function queue_run($argv, $argc){
 		q("DELETE FROM `queue` WHERE `created` < UTC_TIMESTAMP() - INTERVAL 3 DAY");
 	}
 		
 	if($queue_id)
 	if($queue_id) {
 		$r = q("SELECT `id` FROM `queue` WHERE `id` = %d LIMIT 1",
 			intval($queue_id)
 		);
 	else
 		$r = q("SELECT `id` FROM `queue` WHERE `last` < UTC_TIMESTAMP() - INTERVAL 15 MINUTE ");
 	}
 	else {

 		// For the first 12 hours we'll try to deliver every 15 minutes
 		// After that, we'll only attempt delivery once per hour. 

 		$r = q("SELECT `id` FROM `queue` WHERE (( `created` > UTC_TIMESTAMP() - INTERVAL 12 HOUR && `last` < UTC_TIMESTAMP() - INTERVAL 15 MINUTE ) OR ( `last` < UTC_TIMESTAMP() - INTERVAL 1 HOUR ))");
 	}
 	if(! count($r)){
 		return;
 	}
--- a/include/security.php
+++ b/include/security.php
@ -299,16 +299,16 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null)
 *    Actually, important actions should not be triggered by Links / GET-Requests at all, but somethimes they still are,
 *    so this mechanism brings in some damage control (the attacker would be able to forge a request to a form of this type, but not to forms of other types).
 */ 
 function get_form_security_token($typename = "") {
 function get_form_security_token($typename = '') {
 	$a = get_app();
 	
 	$timestamp = time();
 	$sec_hash = hash('whirlpool', $a->user["guid"] . $a->user["prvkey"] . session_id() . $timestamp . $typename);
 	$sec_hash = hash('whirlpool', $a->user['guid'] . $a->user['prvkey'] . session_id() . $timestamp . $typename);
 	
 	return $timestamp . "." . $sec_hash;
 	return $timestamp . '.' . $sec_hash;
 }

 function check_form_security_token($typename = "", $formname = 'form_security_token') {
 function check_form_security_token($typename = '', $formname = 'form_security_token') {
 	if (!x($_REQUEST, $formname)) return false;
 	$hash = $_REQUEST[$formname];
 	
@ -316,10 +316,10 @@ function check_form_security_token($typename = "", $formname = 'form_security_to
 	
 	$a = get_app();
 	
 	$x = explode(".", $hash);
 	$x = explode('.', $hash);
 	if (time() > (IntVal($x[0]) + $max_livetime)) return false;
 	
 	$sec_hash = hash('whirlpool', $a->user["guid"] . $a->user["prvkey"] . session_id() . $x[0] . $typename);
 	$sec_hash = hash('whirlpool', $a->user['guid'] . $a->user['prvkey'] . session_id() . $x[0] . $typename);
 	
 	return ($sec_hash == $x[1]);
 }
@ -327,10 +327,20 @@ function check_form_security_token($typename = "", $formname = 'form_security_to
 function check_form_security_std_err_msg() {
 	return t('The form security token was not correct. This probably happened because the form has been opened for too long (>3 hours) before subitting it.') . EOL;
 }
 function check_form_security_token_redirectOnErr($err_redirect, $typename = "", $formname = 'form_security_token') {
 function check_form_security_token_redirectOnErr($err_redirect, $typename = '', $formname = 'form_security_token') {
 	if (!check_form_security_token($typename, $formname)) {
 		$a = get_app();
 		logger('check_form_security_token failed: user ' . $a->user['guid'] . ' - form element ' . $typename);
 		logger('check_form_security_token failed: _REQUEST data: ' . print_r($_REQUEST, true), LOGGER_DATA);
 		notice( check_form_security_std_err_msg() );
 		goaway($a->get_baseurl() . $err_redirect );
 	}
 }
 function check_form_security_token_ForbiddenOnErr($typename = '', $formname = 'form_security_token') {
 	if (!check_form_security_token($typename, $formname)) {
 		logger('check_form_security_token failed: user ' . $a->user['guid'] . ' - form element ' . $typename);
 		logger('check_form_security_token failed: _REQUEST data: ' . print_r($_REQUEST, true), LOGGER_DATA);
 		header('HTTP/1.1 403 Forbidden');
 		killme();
 	}
 }
--- a/include/socgraph.php
+++ b/include/socgraph.php
@ -230,19 +230,21 @@ function all_friends($uid,$cid,$start = 0, $limit = 80) {



 function suggestion_query($uid, $start = 0, $limit = 40) {
 function suggestion_query($uid, $start = 0, $limit = 80) {

 	if(! $uid)
 		return array();

 	$r = q("SELECT count(glink.gcid) as `total`, gcontact.* from gcontact 
 		left join glink on glink.gcid = gcontact.id 
 		where uid = %d and not gcontact.nurl in ( select nurl from contact where uid = %d)
 		where uid = %d and not gcontact.nurl in ( select nurl from contact where uid = %d )
 		and not gcontact.name in ( select name from contact where uid = %d )
 		and not gcontact.id in ( select gcid from gcign where uid = %d )
 		group by glink.gcid order by total desc limit %d, %d ",
 		intval($uid),
 		intval($uid),
 		intval($uid),
 		intval($uid),
 		intval($start),
 		intval($limit)
 	);
@ -252,11 +254,13 @@ function suggestion_query($uid, $start = 0, $limit = 40) {

 	$r2 = q("SELECT gcontact.* from gcontact 
 		left join glink on glink.gcid = gcontact.id 
 		where glink.uid = 0 and glink.cid = 0 and not gcontact.nurl in ( select nurl from contact where uid = %d)
 		where glink.uid = 0 and glink.cid = 0 and not gcontact.nurl in ( select nurl from contact where uid = %d )
 		and not gcontact.name in ( select name from contact where uid = %d )
 		and not gcontact.id in ( select gcid from gcign where uid = %d )
 		order by rand() limit %d, %d ",
 		intval($uid),
 		intval($uid),
 		intval($uid),
 		intval($start),
 		intval($limit)
 	);
--- a/include/template_processor.php
+++ b/include/template_processor.php
@ -96,7 +96,7 @@
 				$this->_push_stack();
 				$r = $this->r;
 				$r[$varname] = $v;
 				if ($keyname!='') $r[$keyname] = $k;
 				if ($keyname!='') $r[$keyname] = (($k === 0) ? '0' : $k);
 				$ret .=  $this->replace($args[3], $r);
 				$this->_pop_stack();
 			}
@ -203,7 +203,7 @@
 				$os=$s; $count++;
 				$s = $this->var_replace($s);
 			}
 			return template_unescape($s);
 			return $s;
 		}
 	}
 	
--- a/include/text.php
+++ b/include/text.php
@ -20,7 +20,7 @@ function replace_macros($s,$r) {
 	
 	//$a = get_app();
 	//$a->page['debug'] .= "$tt <br>\n";
 	return $r;
 	return template_unescape($r);

 }}

@ -638,7 +638,7 @@ if(! function_exists('search')) {
 function search($s,$id='search-box',$url='/search',$save = false) {
 	$a = get_app();
 	$o  = '<div id="' . $id . '">';
 	$o .= '<form action="' . $a->get_baseurl() . $url . '" method="get" >';
 	$o .= '<form action="' . $a->get_baseurl((stristr($url,'network')) ? true : false) . $url . '" method="get" >';
 	$o .= '<input type="text" name="search" id="search-text" value="' . $s .'" />';
 	$o .= '<input type="submit" name="submit" id="search-submit" value="' . t('Search') . '" />'; 
 	if($save)
@ -694,8 +694,13 @@ function linkify($s) {

 if(! function_exists('smilies')) {
 function smilies($s, $sample = false) {

 	$a = get_app();

 	if(intval(get_config('system','no_smilies')) 
 		|| (local_user() && intval(get_pconfig(local_user(),'system','no_smilies'))))
 		return $s;

 	$s = preg_replace_callback('/<pre>(.*?)<\/pre>/ism','smile_encode',$s);
 	$s = preg_replace_callback('/<code>(.*?)<\/code>/ism','smile_encode',$s);

@ -704,27 +709,21 @@ function smilies($s, $sample = false) {
 		'&lt;/3', 
 		'&lt;\\3', 
 		':-)', 
 //		':)', 
 		';-)', 
 //		';)', 
 		':-(', 
 //		':(', 
 		':-P', 
 //		':P', 
 		':-p', 
 		':-"', 
 		':-&quot;', 
 		':-x', 
 		':-X', 
 		':-D', 
 //		':D', 
 		'8-|', 
 		'8-O', 
 		':-O', 
 		'\\o/', 
 		'o.O', 
 		'O.o', 
 		'\\.../', 
 		'\\ooo/', 
 		":'(", 
 		":-!", 
 		":-/", 
@ -734,12 +733,8 @@ function smilies($s, $sample = false) {
 		':homebrew', 
 		':coffee', 
 		':facepalm',
 		':headdesk',
 		'~friendika', 
 		'~friendica', 
 //		'Diaspora*' 
 		':beard',
 		':whitebeard'
 		'~friendica'

 	);

@ -748,27 +743,21 @@ function smilies($s, $sample = false) {
 		'<img src="' . $a->get_baseurl() . '/images/smiley-brokenheart.gif" alt="</3" />',
 		'<img src="' . $a->get_baseurl() . '/images/smiley-brokenheart.gif" alt="<\\3" />',
 		'<img src="' . $a->get_baseurl() . '/images/smiley-smile.gif" alt=":-)" />',
 //		'<img src="' . $a->get_baseurl() . '/images/smiley-smile.gif" alt=":)" />',
 		'<img src="' . $a->get_baseurl() . '/images/smiley-wink.gif" alt=";-)" />',
 //		'<img src="' . $a->get_baseurl() . '/images/smiley-wink.gif" alt=";)"/>',                
 		'<img src="' . $a->get_baseurl() . '/images/smiley-frown.gif" alt=":-(" />',
 //		'<img src="' . $a->get_baseurl() . '/images/smiley-frown.gif" alt=":(" />',
 		'<img src="' . $a->get_baseurl() . '/images/smiley-tongue-out.gif" alt=":-P" />',
 //		'<img src="' . $a->get_baseurl() . '/images/smiley-tongue-out.gif" alt=":P" />',
 		'<img src="' . $a->get_baseurl() . '/images/smiley-tongue-out.gif" alt=":-p" />',
 		'<img src="' . $a->get_baseurl() . '/images/smiley-kiss.gif" alt=":-\"" />',
 		'<img src="' . $a->get_baseurl() . '/images/smiley-kiss.gif" alt=":-\"" />',
 		'<img src="' . $a->get_baseurl() . '/images/smiley-kiss.gif" alt=":-x" />',
 		'<img src="' . $a->get_baseurl() . '/images/smiley-kiss.gif" alt=":-X" />',
 		'<img src="' . $a->get_baseurl() . '/images/smiley-laughing.gif" alt=":-D" />',
 //		'<img src="' . $a->get_baseurl() . '/images/smiley-laughing.gif" alt=":D"/>',                
 		'<img src="' . $a->get_baseurl() . '/images/smiley-surprised.gif" alt="8-|" />',
 		'<img src="' . $a->get_baseurl() . '/images/smiley-surprised.gif" alt="8-O" />',
 		'<img src="' . $a->get_baseurl() . '/images/smiley-surprised.gif" alt=":-O" />',                
 		'<img src="' . $a->get_baseurl() . '/images/smiley-thumbsup.gif" alt="\\o/" />',
 		'<img src="' . $a->get_baseurl() . '/images/smiley-Oo.gif" alt="o.O" />',
 		'<img src="' . $a->get_baseurl() . '/images/smiley-Oo.gif" alt="O.o" />',
 		'<img src="' . $a->get_baseurl() . '/images/smiley-shaka.gif" alt="\\.../" />',
 		'<img src="' . $a->get_baseurl() . '/images/smiley-shaka.gif" alt="\\ooo/" />',
 		'<img src="' . $a->get_baseurl() . '/images/smiley-cry.gif" alt=":\'(" />',
 		'<img src="' . $a->get_baseurl() . '/images/smiley-foot-in-mouth.gif" alt=":-!" />',
 		'<img src="' . $a->get_baseurl() . '/images/smiley-undecided.gif" alt=":-/" />',
@ -778,12 +767,8 @@ function smilies($s, $sample = false) {
 		'<img src="' . $a->get_baseurl() . '/images/beer_mug.gif" alt=":homebrew" />',
 		'<img src="' . $a->get_baseurl() . '/images/coffee.gif" alt=":coffee" />',
 		'<img src="' . $a->get_baseurl() . '/images/smiley-facepalm.gif" alt=":facepalm" />',
 		'<img src="' . $a->get_baseurl() . '/images/smiley-bangheaddesk.gif" alt=":headdesk" />',
 		'<a href="http://project.friendika.com">~friendika <img src="' . $a->get_baseurl() . '/images/friendika-16.png" alt="~friendika" /></a>',
 		'<a href="http://friendica.com">~friendica <img src="' . $a->get_baseurl() . '/images/friendica-16.png" alt="~friendica" /></a>',
 //		'<a href="http://diasporafoundation.org">Diaspora<img src="' . $a->get_baseurl() . '/images/diaspora.png" alt="Diaspora*" /></a>',
 		'<img src="' . $a->get_baseurl() . '/images/smiley-beard.png" alt=":beard" />',
 		'<img src="' . $a->get_baseurl() . '/images/smiley-whitebeard.png" alt=":whitebeard" />'
 		'<a href="http://friendica.com">~friendica <img src="' . $a->get_baseurl() . '/images/friendica-16.png" alt="~friendica" /></a>'
 	);

 	$params = array('texts' => $texts, 'icons' => $icons, 'string' => $s);
@ -1345,6 +1330,7 @@ function file_tag_save_file($uid,$item,$file) {
 		$saved = get_pconfig($uid,'system','filetags');
 		if((! strlen($saved)) || (! stristr($saved,'[' . file_tag_encode($file) . ']')))
 			set_pconfig($uid,'system','filetags',$saved . '[' . file_tag_encode($file) . ']');
 		info( t('Item filed') );
 	}
 	return true;
 }
@ -1380,3 +1366,19 @@ function file_tag_unsave_file($uid,$item,$file) {
 	return true;
 }

 function normalise_openid($s) {
 	return trim(str_replace(array('http://','https://'),array('',''),$s),'/');
 }


 function undo_post_tagging($s) {
 	$matches = null;
 	$cnt = preg_match_all('/([@#])\[url=(.*?)\](.*?)\[\/url\]/ism',$s,$matches,PREG_SET_ORDER);
 	if($cnt) {
 		foreach($matches as $mtch) {
 			$s = str_replace($mtch[0], $mtch[1] . $mtch[3],$s);
 		}
 	}
 	return $s;
 }

--- a/index.php
+++ b/index.php
@ -342,13 +342,13 @@ $profile = $a->profile;

 header("Content-type: text/html; charset=utf-8");

 $template = 'view/' . $lang . '/' 
 $template = 'view/' . current_theme() . '/' 
 	. ((x($a->page,'template')) ? $a->page['template'] : 'default' ) . '.php';

 if(file_exists($template))
 	require_once($template);
 else
 	require_once(str_replace($lang . '/', '', $template));
 	require_once(str_replace(current_theme() . '/', '', $template));

 session_write_close();
 exit;
--- a/js/country.js
+++ b/js/country.js
@ -52,7 +52,7 @@ aStates[28]="|Central|Chobe|Francistown|Gaborone|Ghanzi|Kgalagadi|Kgatleng|Kwene
 aStates[29]="|Acre|Alagoas|Amapa|Amazonas|Bahia|Ceara|Distrito Federal|Espirito Santo|Goias|Maranhao|Mato Grosso|Mato Grosso do Sul|Minas Gerais|Para|Paraiba|Parana|Pernambuco|Piaui|Rio de Janeiro|Rio Grande do Norte|Rio Grande do Sul|Rondonia|Roraima|Santa Catarina|Sao Paulo|Sergipe|Tocantins";
 aStates[30]="|Anegada|Jost Van Dyke|Tortola|Virgin Gorda";
 aStates[31]="|Belait|Brunei and Muara|Temburong|Tutong";
 aStates[32]="|Blagoevgrad|Burgas|Dobrich|Gabrovo|Khaskovo|Kurdzhali|Kyustendil|Lovech|Montana|Pazardzhik|Pernik|Pleven|Plovdiv|Razgrad|Ruse|Shumen|Silistra|Sliven|Smolyan|Sofiya|Sofiya-Grad|Stara Zagora|Turgovishte|Varna|Veliko Turnovo|Vidin|Vratsa|Yambol";
 aStates[32]="|Blagoevgrad|Burgas|Dobrich|Gabrovo|Haskovo|Kardzhali|Kyustendil|Lovech|Montana|Pazardzhik|Pernik|Pleven|Plovdiv|Razgrad|Rousse|Shumen|Silistra|Sliven|Smolyan|Sofia|Stara Zagora|Turgovishte|Varna|Veliko Turnovo|Vidin|Vratsa|Yambol";
 aStates[33]="|Bale|Bam|Banwa|Bazega|Bougouriba|Boulgou|Boulkiemde|Comoe|Ganzourgou|Gnagna|Gourma|Houet|Ioba|Kadiogo|Kenedougou|Komandjari|Kompienga|Kossi|Koupelogo|Kouritenga|Kourweogo|Leraba|Loroum|Mouhoun|Nahouri|Namentenga|Naumbiel|Nayala|Oubritenga|Oudalan|Passore|Poni|Samentenga|Sanguie|Seno|Sissili|Soum|Sourou|Tapoa|Tuy|Yagha|Yatenga|Ziro|Zondomo|Zoundweogo";
 aStates[34]="|Ayeyarwady|Bago|Chin State|Kachin State|Kayah State|Kayin State|Magway|Mandalay|Mon State|Rakhine State|Sagaing|Shan State|Tanintharyi|Yangon";
 aStates[35]="|Bubanza|Bujumbura|Bururi|Cankuzo|Cibitoke|Gitega|Karuzi|Kayanza|Kirundo|Makamba|Muramvya|Muyinga|Mwaro|Ngozi|Rutana|Ruyigi";
@ -105,7 +105,7 @@ aStates[79]="|Estuaire|Haut-Ogooue|Moyen-Ogooue|Ngounie|Nyanga|Ogooue-Ivindo|Ogo
 aStates[80]="|Banjul|Central River|Lower River|North Bank|Upper River|Western";
 aStates[81]="|Gaza Strip";
 aStates[82]="|Abashis|Abkhazia or Ap'khazet'is Avtonomiuri Respublika (Sokhumi)|Adigenis|Ajaria or Acharis Avtonomiuri Respublika (Bat'umi)|Akhalgoris|Akhalk'alak'is|Akhalts'ikhis|Akhmetis|Ambrolauris|Aspindzis|Baghdat'is|Bolnisis|Borjomis|Ch'khorotsqus|Ch'okhatauris|Chiat'ura|Dedop'listsqaros|Dmanisis|Dushet'is|Gardabanis|Gori|Goris|Gurjaanis|Javis|K'arelis|K'ut'aisi|Kaspis|Kharagaulis|Khashuris|Khobis|Khonis|Lagodekhis|Lanch'khut'is|Lentekhis|Marneulis|Martvilis|Mestiis|Mts'khet'is|Ninotsmindis|Onis|Ozurget'is|P'ot'i|Qazbegis|Qvarlis|Rust'avi|Sach'kheris|Sagarejos|Samtrediis|Senakis|Sighnaghis|T'bilisi|T'elavis|T'erjolis|T'et'ritsqaros|T'ianet'is|Tqibuli|Ts'ageris|Tsalenjikhis|Tsalkis|Tsqaltubo|Vanis|Zestap'onis|Zugdidi|Zugdidis";
 aStates[83]="|Baden-Wuerttemberg|Bayern|Berlin|Brandenburg|Bremen|Hamburg|Hessen|Mecklenburg-Vorpommern|Niedersachsen|Nordrhein-Westfalen|Rheinland-Pfalz|Saarland|Sachsen|Sachsen-Anhalt|Schleswig-Holstein|Thueringen";
 aStates[83]="|Baden-Württemberg|Bayern|Berlin|Brandenburg|Bremen|Hamburg|Hessen|Mecklenburg-Vorpommern|Niedersachsen|Nordrhein-Westfalen|Rheinland-Pfalz|Saarland|Sachsen|Sachsen-Anhalt|Schleswig-Holstein|Thüringen";
 aStates[84]="|Ashanti|Brong-Ahafo|Central|Eastern|Greater Accra|Northern|Upper East|Upper West|Volta|Western";
 aStates[85]="|Gibraltar";
 aStates[86]="|Ile du Lys|Ile Glorieuse";
@ -131,8 +131,8 @@ aStates[105]="|Andaman and Nicobar Islands|Andhra Pradesh|Arunachal Pradesh|Assa
 aStates[106]="|Aceh|Bali|Banten|Bengkulu|East Timor|Gorontalo|Irian Jaya|Jakarta Raya|Jambi|Jawa Barat|Jawa Tengah|Jawa Timur|Kalimantan Barat|Kalimantan Selatan|Kalimantan Tengah|Kalimantan Timur|Kepulauan Bangka Belitung|Lampung|Maluku|Maluku Utara|Nusa Tenggara Barat|Nusa Tenggara Timur|Riau|Sulawesi Selatan|Sulawesi Tengah|Sulawesi Tenggara|Sulawesi Utara|Sumatera Barat|Sumatera Selatan|Sumatera Utara|Yogyakarta";
 aStates[107]="|Ardabil|Azarbayjan-e Gharbi|Azarbayjan-e Sharqi|Bushehr|Chahar Mahall va Bakhtiari|Esfahan|Fars|Gilan|Golestan|Hamadan|Hormozgan|Ilam|Kerman|Kermanshah|Khorasan|Khuzestan|Kohgiluyeh va Buyer Ahmad|Kordestan|Lorestan|Markazi|Mazandaran|Qazvin|Qom|Semnan|Sistan va Baluchestan|Tehran|Yazd|Zanjan";
 aStates[108]="|Al Anbar|Al Basrah|Al Muthanna|Al Qadisiyah|An Najaf|Arbil|As Sulaymaniyah|At Ta'mim|Babil|Baghdad|Dahuk|Dhi Qar|Diyala|Karbala'|Maysan|Ninawa|Salah ad Din|Wasit";
 aStates[109]="|Carlow|Cavan|Clare|Cork|Donegal|Dublin|Galway|Kerry|Kildare|Kilkenny|Laois|Leitrim|Limerick|Longford|Louth|Mayo|Meath|Monaghan|Offaly|Roscommon|Sligo|Tipperary|Waterford|Westmeath|Wexford|Wicklow";
 aStates[110]="|Antrim|Ards|Armagh|Ballymena|Ballymoney|Banbridge|Belfast|Carrickfergus|Castlereagh|Coleraine|Cookstown|Craigavon|Derry|Down|Dungannon|Fermanagh|Larne|Limavady|Lisburn|Magherafelt|Moyle|Newry and Mourne|Newtownabbey|North Down|Omagh|Strabane";
 aStates[109]="|Antrim|Armargh|Carlow|Cavan|Clare|Cork|Derry|Donegal|Down|Dún Laoghaire–Rathdown|Fermanagh|Dublin|Fingal|Galway|Kerry|Kildare|Kilkenny|Laois|Leitrim|Limerick|Longford|Louth|Mayo|Meath|Monaghan|Offaly|Roscommon|Sligo|Tipperary|Tyrone|Waterford|Westmeath|Wexford|Wicklow";
 aStates[110]="|Antrim|Armagh|Belfast|Down|Fermanagh|Londonderry|Tyrone";
 aStates[111]="|Central|Haifa|Jerusalem|Northern|Southern|Tel Aviv";
 aStates[112]="|Abruzzi|Basilicata|Calabria|Campania|Emilia-Romagna|Friuli-Venezia Giulia|Lazio|Liguria|Lombardia|Marche|Molise|Piemonte|Puglia|Sardegna|Sicilia|Toscana|Trentino-Alto Adige|Umbria|Valle d'Aosta|Veneto";
 aStates[113]="|Clarendon|Hanover|Kingston|Manchester|Portland|Saint Andrew|Saint Ann|Saint Catherine|Saint Elizabeth|Saint James|Saint Mary|Saint Thomas|Trelawny|Westmoreland";
@ -222,7 +222,7 @@ aStates[196]="|A'ana|Aiga-i-le-Tai|Atua|Fa'asaleleaga|Gaga'emauga|Gagaifomauga|P