Browse Source

Merge commit 'upstream/master'

pull/184/head
Michael Vogel 9 years ago
parent
commit
bdd2754740
598 changed files with 41015 additions and 16498 deletions
  1. +1
    -4
      .htaccess
  2. +25
    -7
      boot.php
  3. +8
    -0
      database.sql
  4. BIN
      images/blank.png
  5. BIN
      images/person-175.jpg
  6. BIN
      images/person-48.jpg
  7. BIN
      images/person-80.jpg
  8. +6
    -0
      include/Contact.php
  9. +3
    -3
      include/Photo.php
  10. +1
    -1
      include/Scrape.php
  11. +8
    -6
      include/acl_selectors.php
  12. +7
    -27
      include/auth.php
  13. +2
    -4
      include/contact_widgets.php
  14. +13
    -3
      include/conversation.php
  15. +12
    -12
      include/dba.php
  16. +2
    -1
      include/delivery.php
  17. +44
    -2
      include/diaspora.php
  18. +1
    -1
      include/email.php
  19. +36
    -5
      include/enotify.php
  20. +64
    -15
      include/items.php
  21. +1
    -1
      include/nav.php
  22. +2
    -2
      include/network.php
  23. +3
    -1
      include/notifier.php
  24. +3
    -2
      include/oembed.php
  25. +11
    -0
      include/plugin.php
  26. +1
    -1
      include/poller.php
  27. +8
    -3
      include/queue.php
  28. +17
    -7
      include/security.php
  29. +7
    -3
      include/socgraph.php
  30. +2
    -2
      include/template_processor.php
  31. +28
    -26
      include/text.php
  32. +2
    -2
      index.php
  33. +8
    -8
      js/country.js
  34. +10
    -10
      js/fk.autocomplete.js
  35. +26
    -4
      js/main.js
  36. +4
    -0
      library/mcefixes/README
  37. +258
    -0
      library/mcefixes/plugins.bbcode.editor_plugin_src.js
  38. BIN
      library/mcefixes/themes.advanced.img.icons.gif
  39. +117
    -0
      library/mcefixes/themes.advanced.skins.default.dialog.css
  40. +213
    -0
      library/mcefixes/themes.advanced.skins.default.ui.css
  41. +453
    -0
      library/tinymce/changelog.txt
  42. +101
    -0
      library/tinymce/examples/accessibility.html
  43. +0
    -0
      library/tinymce/examples/css/content.css
  44. +0
    -0
      library/tinymce/examples/css/word.css
  45. +6
    -2
      library/tinymce/examples/custom_formats.html
  46. +18
    -13
      library/tinymce/examples/full.html
  47. +0
    -0
      library/tinymce/examples/index.html
  48. +0
    -0
      library/tinymce/examples/lists/image_list.js
  49. +0
    -0
      library/tinymce/examples/lists/link_list.js
  50. +5
    -1
      library/tinymce/examples/lists/media_list.js
  51. +0
    -0
      library/tinymce/examples/lists/template_list.js
  52. +0
    -0
      library/tinymce/examples/media/logo.jpg
  53. +0
    -0
      library/tinymce/examples/media/logo_over.jpg
  54. +0
    -0
      library/tinymce/examples/media/sample.avi
  55. +0
    -0
      library/tinymce/examples/media/sample.dcr
  56. BIN
      library/tinymce/examples/media/sample.flv
  57. +0
    -0
      library/tinymce/examples/media/sample.mov
  58. +0
    -0
      library/tinymce/examples/media/sample.ram
  59. +0
    -0
      library/tinymce/examples/media/sample.rm
  60. +0
    -0
      library/tinymce/examples/media/sample.swf
  61. +2
    -1
      library/tinymce/examples/menu.html
  62. +5
    -1
      library/tinymce/examples/simple.html
  63. +9
    -5
      library/tinymce/examples/skins.html
  64. +0
    -0
      library/tinymce/examples/templates/layout1.htm
  65. +0
    -0
      library/tinymce/examples/templates/snippet1.htm
  66. +0
    -80
      library/tinymce/examples/translate.html
  67. +8
    -3
      library/tinymce/examples/word.html
  68. +1
    -170
      library/tinymce/jscripts/tiny_mce/langs/en.js
  69. +0
    -0
      library/tinymce/jscripts/tiny_mce/license.txt
  70. +0
    -0
      library/tinymce/jscripts/tiny_mce/plugins/advhr/css/advhr.css
  71. +0
    -0
      library/tinymce/jscripts/tiny_mce/plugins/advhr/editor_plugin.js
  72. +0
    -0
      library/tinymce/jscripts/tiny_mce/plugins/advhr/editor_plugin_src.js
  73. +0
    -0
      library/tinymce/jscripts/tiny_mce/plugins/advhr/js/rule.js
  74. +1
    -5
      library/tinymce/jscripts/tiny_mce/plugins/advhr/langs/en_dlg.js
  75. +30
    -29
      library/tinymce/jscripts/tiny_mce/plugins/advhr/rule.htm
  76. +0
    -0
      library/tinymce/jscripts/tiny_mce/plugins/advimage/css/advimage.css
  77. +1
    -1
      library/tinymce/jscripts/tiny_mce/plugins/advimage/editor_plugin.js
  78. +1
    -1
      library/tinymce/jscripts/tiny_mce/plugins/advimage/editor_plugin_src.js
  79. +34
    -31
      library/tinymce/jscripts/tiny_mce/plugins/advimage/image.htm
  80. +0
    -0
      library/tinymce/jscripts/tiny_mce/plugins/advimage/img/sample.gif
  81. +32
    -13
      library/tinymce/jscripts/tiny_mce/plugins/advimage/js/image.js
  82. +1
    -43
      library/tinymce/jscripts/tiny_mce/plugins/advimage/langs/en_dlg.js
  83. +0
    -0
      library/tinymce/jscripts/tiny_mce/plugins/advlink/css/advlink.css
  84. +0
    -0
      library/tinymce/jscripts/tiny_mce/plugins/advlink/editor_plugin.js
  85. +0
    -0
      library/tinymce/jscripts/tiny_mce/plugins/advlink/editor_plugin_src.js
  86. +30
    -19
      library/tinymce/jscripts/tiny_mce/plugins/advlink/js/advlink.js
  87. +1
    -52
      library/tinymce/jscripts/tiny_mce/plugins/advlink/langs/en_dlg.js
  88. +35
    -30
      library/tinymce/jscripts/tiny_mce/plugins/advlink/link.htm
  89. +1
    -1
      library/tinymce/jscripts/tiny_mce/plugins/advlist/editor_plugin.js
  90. +31
    -9
      library/tinymce/jscripts/tiny_mce/plugins/advlist/editor_plugin_src.js
  91. +1
    -0
      library/tinymce/jscripts/tiny_mce/plugins/autolink/editor_plugin.js
  92. +174
    -0
      library/tinymce/jscripts/tiny_mce/plugins/autolink/editor_plugin_src.js
  93. +1
    -1
      library/tinymce/jscripts/tiny_mce/plugins/autoresize/editor_plugin.js
  94. +36
    -36
      library/tinymce/jscripts/tiny_mce/plugins/autoresize/editor_plugin_src.js
  95. +1
    -1
      library/tinymce/jscripts/tiny_mce/plugins/autosave/editor_plugin.js
  96. +16
    -7
      library/tinymce/jscripts/tiny_mce/plugins/autosave/editor_plugin_src.js
  97. +0
    -0
      library/tinymce/jscripts/tiny_mce/plugins/autosave/langs/en.js
  98. +1
    -155
      library/tinymce/jscripts/tiny_mce/plugins/bbcode/editor_plugin.js
  99. +0
    -1
      library/tinymce/jscripts/tiny_mce/plugins/bbcode/editor_plugin_cmp.js
  100. +1
    -1
      library/tinymce/jscripts/tiny_mce/plugins/bbcode/editor_plugin_src.js

+ 1
- 4
.htaccess View File

@ -1,13 +1,10 @@
#Options -Indexes
Options -Indexes
AddType application/x-java-archive .jar
AddType audio/ogg .oga
<FilesMatch "\.(out|log)$">
Deny from all
</FilesMatch>
<Files "(include|library)">
Deny from all
</Files>
<IfModule mod_rewrite.c>
RewriteEngine on


+ 25
- 7
boot.php View File

@ -9,9 +9,9 @@ require_once('include/nav.php');
require_once('include/cache.php');
define ( 'FRIENDICA_PLATFORM', 'Friendica');
define ( 'FRIENDICA_VERSION', '2.3.1281' );
define ( 'FRIENDICA_VERSION', '2.3.1294' );
define ( 'DFRN_PROTOCOL_VERSION', '2.23' );
define ( 'DB_UPDATE_VERSION', 1131 );
define ( 'DB_UPDATE_VERSION', 1133 );
define ( 'EOL', "<br />\r\n" );
define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' );
@ -135,6 +135,9 @@ define ( 'NOTIFY_PROFILE', 0x0040 );
define ( 'NOTIFY_TAGSELF', 0x0080 );
define ( 'NOTIFY_TAGSHARE', 0x0100 );
define ( 'NOTIFY_SYSTEM', 0x8000 );
/**
* various namespaces we may need to parse
*/
@ -286,7 +289,12 @@ class App {
startup();
$this->scheme = ((isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'])) ? 'https' : 'http' );
$this->scheme = 'http';
if(x($_SERVER,'HTTPS') && $_SERVER['HTTPS'])
$this->scheme = 'https';
elseif(x($_SERVER,'SERVER_PORT') && (intval($_SERVER['SERVER_PORT']) == 443))
$this->scheme = 'https';
if(x($_SERVER,'SERVER_NAME')) {
$this->hostname = $_SERVER['SERVER_NAME'];
@ -380,7 +388,7 @@ class App {
$scheme = $this->scheme;
if((x($this->config,'system')) && (x($this->config['system'],'ssl_policy'))) {
if($this->config['system']['ssl_policy'] == SSL_POLICY_FULL)
if(intval($this->config['system']['ssl_policy']) === intval(SSL_POLICY_FULL))
$scheme = 'https';
// We need to populate the $ssl flag across the entire program before turning this on.
@ -555,6 +563,10 @@ function absurl($path) {
return $path;
}
function is_ajax() {
return (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest');
}
// Primarily involved with database upgrade, but also sets the
// base url for use in cmdline programs which don't have
@ -708,15 +720,16 @@ function login($register = false, $hiddens=false) {
$noid = get_config('system','no_openid');
$dest_url = $a->get_baseurl(true) . '/' . $a->query_string;
if(local_user()) {
$tpl = get_markup_template("logout.tpl");
}
else {
$tpl = get_markup_template("login.tpl");
$_SESSION['return_url'] = $a->query_string;
}
$dest_url = $a->get_baseurl(true) . '/' . $a->query_string;
$o .= replace_macros($tpl,array(
@ -1372,6 +1385,11 @@ function profile_tabs($a, $is_owner=False, $nickname=Null){
);
}
$arr = array('is_owner' => $is_owner, 'nickname' => $nickname, 'tab' => (($tab) ? $tab : false), 'tabs' => $tabs);
call_hooks('profile_tabs', $arr);
$tpl = get_markup_template('common_tabs.tpl');
return replace_macros($tpl,array('$tabs'=>$tabs));
return replace_macros($tpl,array('$tabs' => $arr['tabs']));
}}

+ 8
- 0
database.sql View File

@ -92,6 +92,7 @@ CREATE TABLE IF NOT EXISTS `contact` (
`blocked` tinyint(1) NOT NULL DEFAULT '1',
`readonly` tinyint(1) NOT NULL DEFAULT '0',
`writable` tinyint(1) NOT NULL DEFAULT '0',
`forum` tinyint(1) NOT NULL DEFAULT '0',
`hidden` tinyint(1) NOT NULL DEFAULT '0',
`pending` tinyint(1) NOT NULL DEFAULT '1',
`rating` tinyint(1) NOT NULL DEFAULT '0',
@ -116,6 +117,7 @@ CREATE TABLE IF NOT EXISTS `contact` (
KEY `dfrn-id` (`dfrn-id`),
KEY `blocked` (`blocked`),
KEY `readonly` (`readonly`),
KEY `forum` (`forum`),
KEY `hidden` (`hidden`),
KEY `pending` (`pending`),
KEY `closeness` (`closeness`)
@ -859,3 +861,9 @@ INDEX ( `term` )
) ENGINE = MyISAM DEFAULT CHARSET=utf8;
CREATE TABLE IF NOT EXISTS `userd` (
`id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
`username` CHAR( 255 ) NOT NULL,
INDEX ( `username` )
) ENGINE = MyISAM DEFAULT CHARSET=utf8;

BIN
images/blank.png View File

Before After
Width: 640  |  Height: 400  |  Size: 1.3 KiB

BIN
images/person-175.jpg View File

Before After
Width: 175  |  Height: 175  |  Size: 8.3 KiB

BIN
images/person-48.jpg View File

Before After
Width: 48  |  Height: 48  |  Size: 1.2 KiB

BIN
images/person-80.jpg View File

Before After
Width: 80  |  Height: 80  |  Size: 2.2 KiB

+ 6
- 0
include/Contact.php View File

@ -15,6 +15,12 @@ function user_remove($uid) {
call_hooks('remove_user',$r[0]);
// save username (actually the nickname as it is guaranteed
// unique), so it cannot be re-registered in the future.
q("insert into userd ( username ) values ( '%s' )",
$r[0]['nickname']
);
q("DELETE FROM `contact` WHERE `uid` = %d", intval($uid));
q("DELETE FROM `group` WHERE `uid` = %d", intval($uid));


+ 3
- 3
include/Photo.php View File

@ -268,9 +268,9 @@ function import_profile_photo($photo,$uid,$cid) {
$photo_failure = true;
if($photo_failure) {
$photo = $a->get_baseurl() . '/images/default-profile.jpg';
$thumb = $a->get_baseurl() . '/images/default-profile-sm.jpg';
$micro = $a->get_baseurl() . '/images/default-profile-mm.jpg';
$photo = $a->get_baseurl() . '/images/person-175.jpg';
$thumb = $a->get_baseurl() . '/images/person-80.jpg';
$micro = $a->get_baseurl() . '/images/person-48.jpg';
}
return(array($photo,$thumb,$micro));


+ 1
- 1
include/Scrape.php View File

@ -684,7 +684,7 @@ function probe_url($url, $mode = PROBE_NORMAL) {
if(! x($vcard,'photo')) {
$a = get_app();
$vcard['photo'] = $a->get_baseurl() . '/images/default-profile.jpg' ;
$vcard['photo'] = $a->get_baseurl() . '/images/person-175.jpg' ;
}
if(! $profile)


+ 8
- 6
include/acl_selectors.php View File

@ -113,11 +113,13 @@ function contact_selector($selname, $selclass, $preselected = false, $options) {
$str_nets = implode(',',$x['networks']);
$sql_extra .= " AND `network` IN ( $str_nets ) ";
}
$tabindex = (x($options, 'tabindex') ? "tabindex=\"" . $options["tabindex"] . "\"" : "");
if($x['single'])
$o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"" . $x['size'] . "\" >\r\n";
$o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"" . $x['size'] . "\" $tabindex >\r\n";
else
$o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"" . $x['size'] . "$\" >\r\n";
$o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"" . $x['size'] . "$\" $tabindex >\r\n";
$r = q("SELECT `id`, `name`, `url`, `network` FROM `contact`
WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 AND `notify` != ''
@ -156,7 +158,7 @@ function contact_selector($selname, $selclass, $preselected = false, $options) {
function contact_select($selname, $selclass, $preselected = false, $size = 4, $privmail = false, $celeb = false, $privatenet = false) {
function contact_select($selname, $selclass, $preselected = false, $size = 4, $privmail = false, $celeb = false, $privatenet = false, $tabindex = null) {
$a = get_app();
@ -178,12 +180,12 @@ function contact_select($selname, $selclass, $preselected = false, $size = 4, $p
$sql_extra .= " AND `network` IN ( 'dfrn', 'mail', 'face', 'dspr' ) ";
}
$tabindex = ($tabindex > 0 ? "tabindex=\"$tabindex\"" : "");
if($privmail)
$o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"$size\" >\r\n";
$o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"$size\" $tabindex >\r\n";
else
$o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\" >\r\n";
$o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\" $tabindex >\r\n";
$r = q("SELECT `id`, `name`, `url`, `network` FROM `contact`
WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 AND `notify` != ''


+ 7
- 27
include/auth.php View File

@ -24,7 +24,7 @@ if((isset($_SESSION)) && (x($_SESSION,'authenticated')) && ((! (x($_POST,'auth-p
if(((x($_POST,'auth-params')) && ($_POST['auth-params'] === 'logout')) || ($a->module === 'logout')) {
// process logout request
call_hooks("logging_out");
nuke_session();
info( t('Logged out.') . EOL);
goaway(z_root());
@ -77,7 +77,7 @@ else {
$noid = get_config('system','no_openid');
$openid_url = trim( (strlen($_POST['openid_url'])?$_POST['openid_url']:$_POST['username']) );
$openid_url = trim((strlen($_POST['openid_url'])?$_POST['openid_url']:$_POST['username']) );
// validate_url alters the calling parameter
@ -99,32 +99,12 @@ else {
$openid->identity = $openid_url;
$_SESSION['openid'] = $openid_url;
$a = get_app();
$openid->returnUrl = $a->get_baseurl() . '/openid';
$r = q("SELECT `uid` FROM `user` WHERE `openid` = '%s' LIMIT 1",
dbesc($openid_url)
);
if(count($r)) {
// existing account
goaway($openid->authUrl());
// NOTREACHED
}
else {
if($a->config['register_policy'] == REGISTER_CLOSED) {
$a = get_app();
notice( t('Login failed.') . EOL);
goaway(z_root());
// NOTREACHED
}
// new account
$_SESSION['register'] = 1;
$openid->required = array('namePerson/friendly', 'contact/email', 'namePerson');
$openid->optional = array('namePerson/first','media/image/aspect11','media/image/default');
goaway($openid->authUrl());
// NOTREACHED
}
$openid->returnUrl = $a->get_baseurl(true) . '/openid';
goaway($openid->authUrl());
// NOTREACHED
}
}
if((x($_POST,'auth-params')) && $_POST['auth-params'] === 'login') {
$record = null;
@ -165,7 +145,7 @@ else {
}
if((! $record) || (! count($record))) {
logger('authenticate: failed login attempt: ' . notags(trim($_POST['username'])));
logger('authenticate: failed login attempt: ' . notags(trim($_POST['username'])) . ' from IP ' . $_SERVER['REMOTE_ADDR']);
notice( t('Login failed.') . EOL );
goaway(z_root());
}


+ 2
- 4
include/contact_widgets.php View File

@ -15,8 +15,6 @@ function findpeople_widget() {
$a = get_app();
$inv = (($a->config['register_policy'] != REGISTER_CLOSED) ? t('Invite Friends') : '');
if(get_config('system','invitation_only')) {
$x = get_pconfig(local_user(),'system','invites_remaining');
if($x || is_site_admin()) {
@ -34,7 +32,7 @@ function findpeople_widget() {
'$findthem' => t('Find'),
'$suggest' => t('Friend Suggestions'),
'$similar' => t('Similar Interests'),
'$inv' => $inv
'$inv' => t('Invite Friends')
));
}
@ -48,7 +46,7 @@ function networks_widget($baseurl,$selected = '') {
return '';
$r = q("select distinct(network) from contact where uid = %d",
$r = q("select distinct(network) from contact where uid = %d and self = 0",
intval(local_user())
);


+ 13
- 3
include/conversation.php View File

@ -649,7 +649,7 @@ function conversation(&$a, $items, $mode, $update, $preview = false) {
// template to use to render item (wall, walltowall, search)
'template' => $template,
'type' => implode("",array_slice(split("/",$item['verb']),-1)),
'type' => implode("",array_slice(explode("/",$item['verb']),-1)),
'tags' => $tags,
'body' => template_escape($body),
'text' => strip_tags(template_escape($body)),
@ -779,6 +779,17 @@ function item_photo_menu($item){
if(($cid) && (! $item['self'])) {
$contact_url = $a->get_baseurl($ssl_state) . '/contacts/' . $cid;
$posts_link = $a->get_baseurl($ssl_state) . '/network/?cid=' . $cid;
$clean_url = normalise_link($item['author-link']);
if((local_user()) && (local_user() == $item['uid'])) {
if(isset($a->contacts) && x($a->contacts,$clean_url)) {
if($a->contacts[$clean_url]['network'] === NETWORK_DIASPORA) {
$pm_url = $a->get_baseurl($ssl_state) . '/message/new/' . $cid;
}
}
}
}
$menu = Array(
@ -886,8 +897,7 @@ function status_editor($a,$x, $notes_cid = 0, $popup=false) {
'$audurl' => t("Please enter an audio link/URL:"),
'$term' => t('Tag term:'),
'$fileas' => t('File as:'),
'$whereareu' => t('Where are you right now?'),
'$title' => t('Enter a title for this item')
'$whereareu' => t('Where are you right now?')
));


+ 12
- 12
include/dba.php View File

@ -1,5 +1,7 @@
<?php
require_once('include/datetime.php');
/**
*
* MySQL database class
@ -104,19 +106,17 @@ class dba {
logger('dba: ' . $str );
}
else {
/**
* If dbfail.out exists, we will write any failed calls directly to it,
* regardless of any logging that may or may nor be in effect.
* These usually indicate SQL syntax errors that need to be resolved.
*/
/**
* If dbfail.out exists, we will write any failed calls directly to it,
* regardless of any logging that may or may nor be in effect.
* These usually indicate SQL syntax errors that need to be resolved.
*/
if($result === false) {
logger('dba: ' . printable($sql) . ' returned false.');
if(file_exists('dbfail.out'))
file_put_contents('dbfail.out', printable($sql) . ' returned false' . "\n", FILE_APPEND);
}
if($result === false) {
logger('dba: ' . printable($sql) . ' returned false.');
if(file_exists('dbfail.out'))
file_put_contents('dbfail.out', datetime_convert() . "\n" . printable($sql) . ' returned false' . "\n", FILE_APPEND);
}
if(($result === true) || ($result === false))
@ -140,7 +140,7 @@ class dba {
if($this->debug)
logger('dba: ' . printable(print_r($r, true)), LOGGER_DATA);
logger('dba: ' . printable(print_r($r, true)));
return($r);
}


+ 2
- 1
include/delivery.php View File

@ -256,7 +256,8 @@ function delivery_run($argv, $argc){
'$picdate' => xmlify(datetime_convert('UTC','UTC',$owner['avatar-date'] . '+00:00' , ATOM_TIME)) ,
'$uridate' => xmlify(datetime_convert('UTC','UTC',$owner['uri-date'] . '+00:00' , ATOM_TIME)) ,
'$namdate' => xmlify(datetime_convert('UTC','UTC',$owner['name-date'] . '+00:00' , ATOM_TIME)) ,
'$birthday' => $birthday
'$birthday' => $birthday,
'$community' => (($owner['page-flags'] == PAGE_COMMUNITY) ? '<dfrn:community>1</dfrn:community>' : '')
));
foreach($items as $item) {


+ 44
- 2
include/diaspora.php View File

@ -1159,6 +1159,48 @@ function diaspora_comment($importer,$xml,$msg) {
proc_run('php','include/notifier.php','comment',$message_id);
}
$myconv = q("SELECT `author-link`, `author-avatar`, `parent` FROM `item` WHERE `parent-uri` = '%s' AND `uid` = %d AND `parent` != 0 ",
dbesc($parent_item['uri']),
intval($importer['uid'])
);
if(count($myconv)) {
$importer_url = $a->get_baseurl() . '/profile/' . $importer['nickname'];
foreach($myconv as $conv) {
// now if we find a match, it means we're in this conversation
if(! link_compare($conv['author-link'],$importer_url))
continue;
require_once('include/enotify.php');
$conv_parent = $conv['parent'];
notification(array(
'type' => NOTIFY_COMMENT,
'notify_flags' => $importer['notify-flags'],
'language' => $importer['language'],
'to_name' => $importer['username'],
'to_email' => $importer['email'],
'uid' => $importer['uid'],
'item' => $datarray,
'link' => $a->get_baseurl() . '/display/' . $importer['nickname'] . '/' . $message_id,
'source_name' => $datarray['author-name'],
'source_link' => $datarray['author-link'],
'source_photo' => $datarray['author-avatar'],
'verb' => ACTIVITY_POST,
'otype' => 'item',
'parent' => $conv_parent,
));
// only send one notification
break;
}
}
return;
}
@ -1695,7 +1737,7 @@ function diaspora_retraction($importer,$xml) {
contact_remove($contact['id']);
}
elseif($type === 'Post') {
$r = q("select * from item where guid = '%s' and uid = %d limit 1",
$r = q("select * from item where guid = '%s' and uid = %d and not file like '%%[%%' limit 1",
dbesc('guid'),
intval($importer['uid'])
);
@ -1743,7 +1785,7 @@ function diaspora_signed_retraction($importer,$xml,$msg) {
}
if($type === 'StatusMessage') {
$r = q("select * from item where guid = '%s' and uid = %d limit 1",
$r = q("select * from item where guid = '%s' and uid = %d and not file like '%%[%%' limit 1",
dbesc($guid),
intval($importer['uid'])
);


+ 1
- 1
include/email.php View File

@ -56,7 +56,7 @@ function email_msg_headers($mbox,$uid) {
$raw_header = (($mbox && $uid) ? @imap_fetchheader($mbox,$uid,FT_UID) : '');
$raw_header = str_replace("\r",'',$raw_header);
$ret = array();
$h = split("\n",$raw_header);
$h = explode("\n",$raw_header);
if(count($h))
foreach($h as $line ) {
if (preg_match("/^[a-zA-Z]/", $line)) {


+ 36
- 5
include/enotify.php View File

@ -5,6 +5,12 @@ function notification($params) {
logger('notification: entry', LOGGER_DEBUG);
$a = get_app();
// from here on everything is in the recipients language
push_lang($params['language']);
$banner = t('Friendica Notification');
$product = FRIENDICA_PLATFORM;
$siteurl = z_path();
@ -153,9 +159,33 @@ function notification($params) {
}
// from here on everything is in the recipients language
if($params['type'] == NOTIFY_SYSTEM) {
}
$h = array(
'params' => $params,
'subject' => $subject,
'preamble' => $preamble,
'epreamble' => $epreamble,
'body' => $body,
'sitelink' => $sitelink,
'tsitelink' => $tsitelink,
'hsitelink' => $hsitelink,
'itemlink' => $itemlink
);
call_hooks('enotify',$h);
$subject = $h['subject'];
$preamble = $h['preamble'];
$epreamble = $h['epreamble'];
$body = $h['body'];
$sitelink = $h['sitelink'];
$tsitelink = $h['tsitelink'];
$hsitelink = $h['hsitelink'];
$itemlink = $h['itemlink'];
push_lang($params['language']);
require_once('include/html2bbcode.php');
@ -207,8 +237,10 @@ function notification($params) {
);
if($r)
$notify_id = $r[0]['id'];
else
else {
pop_lang();
return;
}
$itemlink = $a->get_baseurl() . '/notify/view/' . $notify_id;
$msg = replace_macros($epreamble,array('$itemlink' => $itemlink));
@ -219,11 +251,10 @@ function notification($params) {
);
// send email notification if notification preferences permit
require_once('bbcode.php');
if(intval($params['notify_flags']) & intval($params['type'])) {
if((intval($params['notify_flags']) & intval($params['type'])) || $params['type'] == NOTIFY_SYSTEM) {
logger('notification: sending notification email');


+ 64
- 15
include/items.php View File

@ -7,14 +7,11 @@ require_once('include/crypto.php');
function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0) {
// default permissions - anonymous user
if(! strlen($owner_nick))
killme();
$sitefeed = ((strlen($owner_nick)) ? false : true); // not yet implemented, need to rewrite huge chunks of following logic
$public_feed = (($dfrn_id) ? false : true);
$starred = false;
$converse = false;
$starred = false; // not yet implemented, possible security issues
$converse = false;
if($public_feed && $a->argc > 2) {
for($x = 2; $x < $a->argc; $x++) {
@ -25,10 +22,11 @@ function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0)
}
}
// default permissions - anonymous user
$sql_extra = " AND `allow_cid` = '' AND `allow_gid` = '' AND `deny_cid` = '' AND `deny_gid` = '' ";
$r = q("SELECT `contact`.*, `user`.`uid` AS `user_uid`, `user`.`nickname`, `user`.`timezone`
$r = q("SELECT `contact`.*, `user`.`uid` AS `user_uid`, `user`.`nickname`, `user`.`timezone`, `user`.`page-flags`
FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid`
WHERE `contact`.`self` = 1 AND `user`.`nickname` = '%s' LIMIT 1",
dbesc($owner_nick)
@ -156,7 +154,8 @@ function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0)
'$picdate' => xmlify(datetime_convert('UTC','UTC',$owner['avatar-date'] . '+00:00' , ATOM_TIME)) ,
'$uridate' => xmlify(datetime_convert('UTC','UTC',$owner['uri-date'] . '+00:00' , ATOM_TIME)) ,
'$namdate' => xmlify(datetime_convert('UTC','UTC',$owner['name-date'] . '+00:00' , ATOM_TIME)) ,
'$birthday' => ((strlen($birthday)) ? '<dfrn:birthday>' . xmlify($birthday) . '</dfrn:birthday>' : '')
'$birthday' => ((strlen($birthday)) ? '<dfrn:birthday>' . xmlify($birthday) . '</dfrn:birthday>' : ''),
'$community' => (($owner['page-flags'] == PAGE_COMMUNITY) ? '<dfrn:community>1</dfrn:community>' : '')
));
call_hooks('atom_feed', $atom);
@ -1048,6 +1047,7 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) {
$ssl_val = intval(get_config('system','ssl_policy'));
$ssl_policy = '';
switch($ssl_val){
case SSL_POLICY_FULL:
$ssl_policy = 'full';
@ -1092,6 +1092,7 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) {
$challenge = hex2bin((string) $res->challenge);
$dfrn_version = (float) (($res->dfrn_version) ? $res->dfrn_version : 2.0);
$rino_allowed = ((intval($res->rino) === 1) ? 1 : 0);
$page = (($owner['page-flags'] == PAGE_COMMUNITY) ? 1 : 0);
$final_dfrn_id = '';
@ -1135,6 +1136,9 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) {
$postvars['ssl_policy'] = $ssl_policy;
if($page)
$postvars['page'] = '1';
if($rino && $rino_allowed && (! $dissolve)) {
$key = substr(random_string(),0,16);
$data = bin2hex(aes_encrypt($postvars['data'],$key));
@ -1399,6 +1403,19 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0)
}
$community_page = 0;
$rawtags = $feed->get_feed_tags( NAMESPACE_DFRN, 'community');
if($rawtags) {
$community_page = intval($rawtags[0]['data']);
}
if(is_array($contact) && intval($contact['forum']) != $community_page) {
q("update contact set forum = %d where id = %d limit 1",
intval($community_page),
intval($contact['id'])
);
$contact['forum'] = (string) $community_page;
}
// process any deleted entries
@ -1418,7 +1435,7 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0)
}
if($deleted && is_array($contact)) {
$r = q("SELECT `item`.*, `contact`.`self` FROM `item` left join `contact` on `item`.`contact-id` = `contact`.`id`
WHERE `uri` = '%s' AND `item`.`uid` = %d AND `contact-id` = %d LIMIT 1",
WHERE `uri` = '%s' AND `item`.`uid` = %d AND `contact-id` = %d AND NOT `item`.`file` LIKE '%%[%%' LIMIT 1",
dbesc($uri),
intval($importer['uid']),
intval($contact['id'])
@ -1563,9 +1580,10 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0)
if(count($r)) {
if((x($datarray,'edited') !== false) && (datetime_convert('UTC','UTC',$datarray['edited']) !== $r[0]['edited'])) {
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
dbesc($datarray['title']),
dbesc($datarray['body']),
dbesc($datarray['tag']),
dbesc(datetime_convert('UTC','UTC',$datarray['edited'])),
dbesc($item_id),
intval($importer['uid'])
@ -1708,9 +1726,10 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0)
if(count($r)) {
if((x($datarray,'edited') !== false) && (datetime_convert('UTC','UTC',$datarray['edited']) !== $r[0]['edited'])) {
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
dbesc($datarray['title']),
dbesc($datarray['body']),
dbesc($datarray['tag']),
dbesc(datetime_convert('UTC','UTC',$datarray['edited'])),
dbesc($item_id),
intval($importer['uid'])
@ -1781,7 +1800,7 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0)
// but otherwise there's a possible data mixup on the sender's system.
// the tgroup delivery code called from item_store will correct it if it's a forum,
// but we're going to unconditionally correct it here so that the post will always be owned by our contact.
logger('local_delivery: Correcting item owner.', LOGGER_DEBUG);
logger('consume_feed: Correcting item owner.', LOGGER_DEBUG);
$datarray['owner-name'] = $contact['name'];
$datarray['owner-link'] = $contact['url'];
$datarray['owner-avatar'] = $contact['thumb'];
@ -1877,6 +1896,14 @@ function local_delivery($importer,$data) {
);
if(count($r)) {
$fid = $r[0]['id'];
// OK, we do. Do we already have an introduction for this person ?
$r = q("select id from intro where uid = %d and fid = %d limit 1",
intval($fsugg['uid']),
intval($fid)
);
if(count($r))
return 0;
}
if(! $fid)
$r = q("INSERT INTO `fcontact` ( `name`,`url`,`photo`,`request` ) VALUES ( '%s', '%s', '%s', '%s' ) ",
@ -1897,6 +1924,7 @@ function local_delivery($importer,$data) {
else
return 0;
$hash = random_string();
$r = q("INSERT INTO `intro` ( `uid`, `fid`, `contact-id`, `note`, `hash`, `datetime`, `blocked` )
@ -1982,6 +2010,19 @@ function local_delivery($importer,$data) {
// NOTREACHED
}
$community_page = 0;
$rawtags = $feed->get_feed_tags( NAMESPACE_DFRN, 'community');
if($rawtags) {
$community_page = intval($rawtags[0]['data']);
}
if(intval($importer['forum']) != $community_page) {
q("update contact set forum = %d where id = %d limit 1",
intval($community_page),
intval($importer['id'])
);
$importer['forum'] = (string) $community_page;
}
logger('local_delivery: feed item count = ' . $feed->get_item_quantity());
@ -2004,7 +2045,7 @@ function local_delivery($importer,$data) {
if($deleted) {
$r = q("SELECT `item`.*, `contact`.`self` FROM `item` left join contact on `item`.`contact-id` = `contact`.`id`
WHERE `uri` = '%s' AND `item`.`uid` = %d AND `contact-id` = %d LIMIT 1",
WHERE `uri` = '%s' AND `item`.`uid` = %d AND `contact-id` = %d AND NOT `item`.`file` LIKE '%%[%%' LIMIT 1",
dbesc($uri),
intval($importer['importer_uid']),
intval($importer['id'])
@ -2021,6 +2062,7 @@ function local_delivery($importer,$data) {
if(($item['verb'] === ACTIVITY_TAG) && ($item['object-type'] === ACTVITY_OBJ_TAGTERM)) {
$xo = parse_xml_string($item['object'],false);
$xt = parse_xml_string($item['target'],false);
if($xt->type === ACTIVITY_OBJ_NOTE) {
$i = q("select * from `item` where uri = '%s' and uid = %d limit 1",
dbesc($xt->id),
@ -2299,9 +2341,10 @@ function local_delivery($importer,$data) {
if(count($r)) {
if((x($datarray,'edited') !== false) && (datetime_convert('UTC','UTC',$datarray['edited']) !== $r[0]['edited'])) {
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
dbesc($datarray['title']),
dbesc($datarray['body']),
dbesc($datarray['tag']),
dbesc(datetime_convert('UTC','UTC',$datarray['edited'])),
dbesc($item_id),
intval($importer['importer_uid'])
@ -2464,9 +2507,10 @@ function local_delivery($importer,$data) {
if(count($r)) {
if((x($datarray,'edited') !== false) && (datetime_convert('UTC','UTC',$datarray['edited']) !== $r[0]['edited'])) {
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
dbesc($datarray['title']),
dbesc($datarray['body']),
dbesc($datarray['tag']),
dbesc(datetime_convert('UTC','UTC',$datarray['edited'])),
dbesc($item_id),
intval($importer['importer_uid'])
@ -2892,6 +2936,11 @@ function item_expire($uid,$days) {
foreach($r as $item) {
// don't expire filed items
if(strpos($item['file'],'[') !== false)
continue;
// Only expire posts, not photos and photo comments
if($expire_photos==0 && strlen($item['resource-id']))


+ 1
- 1
include/nav.php View File

@ -55,7 +55,7 @@ function nav(&$a) {
// user info
$r = q("SELECT micro FROM contact WHERE uid=%d AND self=1", intval($a->user['uid']));
$userinfo = array(
'icon' => (count($r) ? $r[0]['micro']: $a->get_baseurl($ssl_state)."/images/default-profile-mm.jpg"),
'icon' => (count($r) ? $r[0]['micro']: $a->get_baseurl($ssl_state)."/images/person-48.jpg"),
'name' => $a->user['username'],
);


+ 2
- 2
include/network.php View File

@ -303,7 +303,7 @@ function webfinger_dfrn($s,&$hcard) {
if(! function_exists('webfinger')) {
function webfinger($s) {
function webfinger($s, $debug = false) {
$host = '';
if(strstr($s,'@')) {
$host = substr($s,strpos($s,'@') + 1);
@ -328,7 +328,7 @@ function webfinger($s) {
}}
if(! function_exists('lrdd')) {
function lrdd($uri) {
function lrdd($uri, $debug = false) {
$a = get_app();


+ 3
- 1
include/notifier.php View File

@ -337,7 +337,9 @@ function notifier_run($argv, $argc){
'$picdate' => xmlify(datetime_convert('UTC','UTC',$owner['avatar-date'] . '+00:00' , ATOM_TIME)) ,
'$uridate' => xmlify(datetime_convert('UTC','UTC',$owner['uri-date'] . '+00:00' , ATOM_TIME)) ,
'$namdate' => xmlify(datetime_convert('UTC','UTC',$owner['name-date'] . '+00:00' , ATOM_TIME)) ,
'$birthday' => $birthday
'$birthday' => $birthday,
'$community' => (($owner['page-flags'] == PAGE_COMMUNITY) ? '<dfrn:community>1</dfrn:community>' : '')
));
if($mail) {


+ 3
- 2
include/oembed.php View File

@ -38,7 +38,8 @@ function oembed_fetch_url($embedurl){
$entries = $xpath->query("//link[@type='application/json+oembed']");
foreach($entries as $e){
$href = $e->getAttributeNode("href")->nodeValue;
$txt = fetch_url($href);
$txt = fetch_url($href . '&maxwidth=425');
break;
}
}
}
@ -46,7 +47,7 @@ function oembed_fetch_url($embedurl){
if ($txt==false || $txt==""){
// try oohembed service
$ourl = "http://oohembed.com/oohembed/?url=".urlencode($embedurl);
$ourl = "http://oohembed.com/oohembed/?url=".urlencode($embedurl).'&maxwidth=425';
$txt = fetch_url($ourl);
}


+ 11
- 0
include/plugin.php View File

@ -249,6 +249,7 @@ function get_theme_info($theme){
list($k,$v) = array_map("trim", explode(":",$l,2));
$k= strtolower($k);
if ($k=="author"){
$r=preg_match("|([^<]+)<([^>]+)>|", $v, $m);
if ($r) {
$info['author'][] = array('name'=>$m[1], 'link'=>$m[2]);
@ -276,3 +277,13 @@ function get_theme_info($theme){
return $info;
}}
function get_theme_screenshot($theme) {
$a = get_app();
$exts = array('.png','.jpg');
foreach($exts as $ext) {
if(file_exists('view/theme/' . $theme . '/screenshot' . $ext))
return($a->get_baseurl() . '/view/theme/' . $theme . '/screenshot' . $ext);
}
return($a->get_baseurl() . '/images/blank.png');
}

+ 1
- 1
include/poller.php View File

@ -232,7 +232,7 @@ function poller_run($argv, $argc){
$importer_uid = $contact['uid'];
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
$r = q("SELECT `contact`.*, `user`.`page-flags` FROM `contact` LEFT JOIN `user` on `contact`.`uid` = `user`.`uid` WHERE `user`.`uid` = %d AND `contact`.`self` = 1 LIMIT 1",
intval($importer_uid)
);
if(! count($r))


+ 8
- 3
include/queue.php View File

@ -61,13 +61,18 @@ function queue_run($argv, $argc){
q("DELETE FROM `queue` WHERE `created` < UTC_TIMESTAMP() - INTERVAL 3 DAY");
}
if($queue_id)
if($queue_id) {
$r = q("SELECT `id` FROM `queue` WHERE `id` = %d LIMIT 1",
intval($queue_id)
);
else
$r = q("SELECT `id` FROM `queue` WHERE `last` < UTC_TIMESTAMP() - INTERVAL 15 MINUTE ");
}
else {
// For the first 12 hours we'll try to deliver every 15 minutes
// After that, we'll only attempt delivery once per hour.
$r = q("SELECT `id` FROM `queue` WHERE (( `created` > UTC_TIMESTAMP() - INTERVAL 12 HOUR && `last` < UTC_TIMESTAMP() - INTERVAL 15 MINUTE ) OR ( `last` < UTC_TIMESTAMP() - INTERVAL 1 HOUR ))");
}
if(! count($r)){
return;
}


+ 17
- 7
include/security.php View File

@ -299,16 +299,16 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null)
* Actually, important actions should not be triggered by Links / GET-Requests at all, but somethimes they still are,
* so this mechanism brings in some damage control (the attacker would be able to forge a request to a form of this type, but not to forms of other types).
*/
function get_form_security_token($typename = "") {
function get_form_security_token($typename = '') {
$a = get_app();
$timestamp = time();
$sec_hash = hash('whirlpool', $a->user["guid"] . $a->user["prvkey"] . session_id() . $timestamp . $typename);
$sec_hash = hash('whirlpool', $a->user['guid'] . $a->user['prvkey'] . session_id() . $timestamp . $typename);
return $timestamp . "." . $sec_hash;
return $timestamp . '.' . $sec_hash;
}
function check_form_security_token($typename = "", $formname = 'form_security_token') {
function check_form_security_token($typename = '', $formname = 'form_security_token') {
if (!x($_REQUEST, $formname)) return false;
$hash = $_REQUEST[$formname];
@ -316,10 +316,10 @@ function check_form_security_token($typename = "", $formname = 'form_security_to
$a = get_app();
$x = explode(".", $hash);
$x = explode('.', $hash);
if (time() > (IntVal($x[0]) + $max_livetime)) return false;
$sec_hash = hash('whirlpool', $a->user["guid"] . $a->user["prvkey"] . session_id() . $x[0] . $typename);
$sec_hash = hash('whirlpool', $a->user['guid'] . $a->user['prvkey'] . session_id() . $x[0] . $typename);
return ($sec_hash == $x[1]);
}
@ -327,10 +327,20 @@ function check_form_security_token($typename = "", $formname = 'form_security_to
function check_form_security_std_err_msg() {
return t('The form security token was not correct. This probably happened because the form has been opened for too long (>3 hours) before subitting it.') . EOL;
}
function check_form_security_token_redirectOnErr($err_redirect, $typename = "", $formname = 'form_security_token') {
function check_form_security_token_redirectOnErr($err_redirect, $typename = '', $formname = 'form_security_token') {
if (!check_form_security_token($typename, $formname)) {
$a = get_app();
logger('check_form_security_token failed: user ' . $a->user['guid'] . ' - form element ' . $typename);
logger('check_form_security_token failed: _REQUEST data: ' . print_r($_REQUEST, true), LOGGER_DATA);
notice( check_form_security_std_err_msg() );
goaway($a->get_baseurl() . $err_redirect );
}
}
function check_form_security_token_ForbiddenOnErr($typename = '', $formname = 'form_security_token') {
if (!check_form_security_token($typename, $formname)) {
logger('check_form_security_token failed: user ' . $a->user['guid'] . ' - form element ' . $typename);
logger('check_form_security_token failed: _REQUEST data: ' . print_r($_REQUEST, true), LOGGER_DATA);
header('HTTP/1.1 403 Forbidden');
killme();
}
}

+ 7
- 3
include/socgraph.php View File

@ -230,19 +230,21 @@ function all_friends($uid,$cid,$start = 0, $limit = 80) {
function suggestion_query($uid, $start = 0, $limit = 40) {
function suggestion_query($uid, $start = 0, $limit = 80) {
if(! $uid)
return array();
$r = q("SELECT count(glink.gcid) as `total`, gcontact.* from gcontact
left join glink on glink.gcid = gcontact.id
where uid = %d and not gcontact.nurl in ( select nurl from contact where uid = %d)
where uid = %d and not gcontact.nurl in ( select nurl from contact where uid = %d )
and not gcontact.name in ( select name from contact where uid = %d )
and not gcontact.id in ( select gcid from gcign where uid = %d )
group by glink.gcid order by total desc limit %d, %d ",
intval($uid),
intval($uid),
intval($uid),
intval($uid),
intval($start),
intval($limit)
);
@ -252,11 +254,13 @@ function suggestion_query($uid, $start = 0, $limit = 40) {
$r2 = q("SELECT gcontact.* from gcontact
left join glink on glink.gcid = gcontact.id
where glink.uid = 0 and glink.cid = 0 and not gcontact.nurl in ( select nurl from contact where uid = %d)
where glink.uid = 0 and glink.cid = 0 and not gcontact.nurl in ( select nurl from contact where uid = %d )
and not gcontact.name in ( select name from contact where uid = %d )
and not gcontact.id in ( select gcid from gcign where uid = %d )
order by rand() limit %d, %d ",
intval($uid),
intval($uid),
intval($uid),
intval($start),
intval($limit)
);


+ 2
- 2
include/template_processor.php View File

@ -96,7 +96,7 @@
$this->_push_stack();
$r = $this->r;
$r[$varname] = $v;
if ($keyname!='') $r[$keyname] = $k;
if ($keyname!='') $r[$keyname] = (($k === 0) ? '0' : $k);
$ret .= $this->replace($args[3], $r);
$this->_pop_stack();
}
@ -203,7 +203,7 @@
$os=$s; $count++;
$s = $this->var_replace($s);
}
return template_unescape($s);
return $s;
}
}


+ 28
- 26
include/text.php View File

@ -20,7 +20,7 @@ function replace_macros($s,$r) {
//$a = get_app();
//$a->page['debug'] .= "$tt <br>\n";
return $r;
return template_unescape($r);
}}
@ -638,7 +638,7 @@ if(! function_exists('search')) {
function search($s,$id='search-box',$url='/search',$save = false) {
$a = get_app();
$o = '<div id="' . $id . '">';
$o .= '<form action="' . $a->get_baseurl() . $url . '" method="get" >';
$o .= '<form action="' . $a->get_baseurl((stristr($url,'network')) ? true : false) . $url . '" method="get" >';
$o .= '<input type="text" name="search" id="search-text" value="' . $s .'" />';
$o .= '<input type="submit" name="submit" id="search-submit" value="' . t('Search') . '" />';
if($save)
@ -694,8 +694,13 @@ function linkify($s) {
if(! function_exists('smilies')) {
function smilies($s, $sample = false) {
$a = get_app();
if(intval(get_config('system','no_smilies'))
|| (local_user() && intval(get_pconfig(local_user(),'system','no_smilies'))))
return $s;
$s = preg_replace_callback('/<pre>(.*?)<\/pre>/ism','smile_encode',$s);
$s = preg_replace_callback('/<code>(.*?)<\/code>/ism','smile_encode',$s);
@ -704,27 +709,21 @@ function smilies($s, $sample = false) {
'&lt;/3',
'&lt;\\3',
':-)',
// ':)',
';-)',
// ';)',
':-(',
// ':(',
':-P',
// ':P',
':-p',
':-"',
':-&quot;',
':-x',
':-X',
':-D',
// ':D',
'8-|',
'8-O',
':-O',
'\\o/',
'o.O',
'O.o',
'\\.../',
'\\ooo/',
":'(",
":-!",
":-/",
@ -734,12 +733,8 @@ function smilies($s, $sample = false) {
':homebrew',
':coffee',
':facepalm',
':headdesk',
'~friendika',
'~friendica',
// 'Diaspora*'
':beard',
':whitebeard'
'~friendica'
);
@ -748,27 +743,21 @@ function smilies($s, $sample = false) {
'<img src="' . $a->get_baseurl() . '/images/smiley-brokenheart.gif" alt="</3" />',
'<img src="' . $a->get_baseurl() . '/images/smiley-brokenheart.gif" alt="<\\3" />',
'<img src="' . $a->get_baseurl() . '/images/smiley-smile.gif" alt=":-)" />',
// '<img src="' . $a->get_baseurl() . '/images/smiley-smile.gif" alt=":)" />',
'<img src="' . $a->get_baseurl() . '/images/smiley-wink.gif" alt=";-)" />',
// '<img src="' . $a->get_baseurl() . '/images/smiley-wink.gif" alt=";)"/>',
'<img src="' . $a->get_baseurl() . '/images/smiley-frown.gif" alt=":-(" />',
// '<img src="' . $a->get_baseurl() . '/images/smiley-frown.gif" alt=":(" />',
'<img src="' . $a->get_baseurl() . '/images/smiley-tongue-out.gif" alt=":-P" />',
// '<img src="' . $a->get_baseurl() . '/images/smiley-tongue-out.gif" alt=":P" />',
'<img src="' . $a->get_baseurl() . '/images/smiley-tongue-out.gif" alt=":-p" />',
'<img src="' . $a->get_baseurl() . '/images/smiley-kiss.gif" alt=":-\"" />',
'<img src="' . $a->get_baseurl() . '/images/smiley-kiss.gif" alt=":-\"" />',
'<img src="' . $a->get_baseurl() . '/images/smiley-kiss.gif" alt=":-x" />',
'<img src="' . $a->get_baseurl() . '/images/smiley-kiss.gif" alt=":-X" />',
'<img src="' . $a->get_baseurl() . '/images/smiley-laughing.gif" alt=":-D" />',
// '<img src="' . $a->get_baseurl() . '/images/smiley-laughing.gif" alt=":D"/>',
'<img src="' . $a->get_baseurl() . '/images/smiley-surprised.gif" alt="8-|" />',
'<img src="' . $a->get_baseurl() . '/images/smiley-surprised.gif" alt="8-O" />',
'<img src="' . $a->get_baseurl() . '/images/smiley-surprised.gif" alt=":-O" />',
'<img src="' . $a->get_baseurl() . '/images/smiley-thumbsup.gif" alt="\\o/" />',
'<img src="' . $a->get_baseurl() . '/images/smiley-Oo.gif" alt="o.O" />',
'<img src="' . $a->get_baseurl() . '/images/smiley-Oo.gif" alt="O.o" />',
'<img src="' . $a->get_baseurl() . '/images/smiley-shaka.gif" alt="\\.../" />',
'<img src="' . $a->get_baseurl() . '/images/smiley-shaka.gif" alt="\\ooo/" />',
'<img src="' . $a->get_baseurl() . '/images/smiley-cry.gif" alt=":\'(" />',
'<img src="' . $a->get_baseurl() . '/images/smiley-foot-in-mouth.gif" alt=":-!" />',
'<img src="' . $a->get_baseurl() . '/images/smiley-undecided.gif" alt=":-/" />',
@ -778,12 +767,8 @@ function smilies($s, $sample = false) {
'<img src="' . $a->get_baseurl() . '/images/beer_mug.gif" alt=":homebrew" />',
'<img src="' . $a->get_baseurl() . '/images/coffee.gif" alt=":coffee" />',
'<img src="' . $a->get_baseurl() . '/images/smiley-facepalm.gif" alt=":facepalm" />',
'<img src="' . $a->get_baseurl() . '/images/smiley-bangheaddesk.gif" alt=":headdesk" />',
'<a href="http://project.friendika.com">~friendika <img src="' . $a->get_baseurl() . '/images/friendika-16.png" alt="~friendika" /></a>',
'<a href="http://friendica.com">~friendica <img src="' . $a->get_baseurl() . '/images/friendica-16.png" alt="~friendica" /></a>',
// '<a href="http://diasporafoundation.org">Diaspora<img src="' . $a->get_baseurl() . '/images/diaspora.png" alt="Diaspora*" /></a>',
'<img src="' . $a->get_baseurl() . '/images/smiley-beard.png" alt=":beard" />',
'<img src="' . $a->get_baseurl() . '/images/smiley-whitebeard.png" alt=":whitebeard" />'
'<a href="http://friendica.com">~friendica <img src="' . $a->get_baseurl() . '/images/friendica-16.png" alt="~friendica" /></a>'
);
$params = array('texts' => $texts, 'icons' => $icons, 'string' => $s);
@ -1345,6 +1330,7 @@ function file_tag_save_file($uid,$item,$file) {
$saved = get_pconfig($uid,'system','filetags');
if((! strlen($saved)) || (! stristr($saved,'[' . file_tag_encode($file) . ']')))
set_pconfig($uid,'system','filetags',$saved . '[' . file_tag_encode($file) . ']');
info( t('Item filed') );
}
return true;
}
@ -1380,3 +1366,19 @@ function file_tag_unsave_file($uid,$item,$file) {
return true;
}
function normalise_openid($s) {
return trim(str_replace(array('http://','https://'),array('',''),$s),'/');
}
function undo_post_tagging($s) {
$matches = null;
$cnt = preg_match_all('/([@#])\[url=(.*?)\](.*?)\[\/url\]/ism',$s,$matches,PREG_SET_ORDER);
if($cnt) {
foreach($matches as $mtch) {
$s = str_replace($mtch[0], $mtch[1] . $mtch[3],$s);
}
}
return $s;
}

+ 2
- 2
index.php View File

@ -342,13 +342,13 @@ $profile = $a->profile;
header("Content-type: text/html; charset=utf-8");
$template = 'view/' . $lang . '/'
$template = 'view/' . current_theme() . '/'
. ((x($a->page,'template')) ? $a->page['template'] : 'default' ) . '.php';
if(file_exists($template))
require_once($template);
else
require_once(str_replace($lang . '/', '', $template));
require_once(str_replace(current_theme() . '/', '', $template));
session_write_close();
exit;

+ 8
- 8
js/country.js View File

@ -52,7 +52,7 @@ aStates[28]="|Central|Chobe|Francistown|Gaborone|Ghanzi|Kgalagadi|Kgatleng|Kwene
aStates[29]="|Acre|Alagoas|Amapa|Amazonas|Bahia|Ceara|Distrito Federal|Espirito Santo|Goias|Maranhao|Mato Grosso|Mato Grosso do Sul|Minas Gerais|Para|Paraiba|Parana|Pernambuco|Piaui|Rio de Janeiro|Rio Grande do Norte|Rio Grande do Sul|Rondonia|Roraima|Santa Catarina|Sao Paulo|Sergipe|Tocantins";
aStates[30]="|Anegada|Jost Van Dyke|Tortola|Virgin Gorda";
aStates[31]="|Belait|Brunei and Muara|Temburong|Tutong";
aStates[32]="|Blagoevgrad|Burgas|Dobrich|Gabrovo|Khaskovo|Kurdzhali|Kyustendil|Lovech|Montana|Pazardzhik|Pernik|Pleven|Plovdiv|Razgrad|Ruse|Shumen|Silistra|Sliven|Smolyan|Sofiya|Sofiya-Grad|Stara Zagora|Turgovishte|Varna|Veliko Turnovo|Vidin|Vratsa|Yambol";
aStates[32]="|Blagoevgrad|Burgas|Dobrich|Gabrovo|Haskovo|Kardzhali|Kyustendil|Lovech|Montana|Pazardzhik|Pernik|Pleven|Plovdiv|Razgrad|Rousse|Shumen|Silistra|Sliven|Smolyan|Sofia|Stara Zagora|Turgovishte|Varna|Veliko Turnovo|Vidin|Vratsa|Yambol";
aStates[33]="|Bale|Bam|Banwa|Bazega|Bougouriba|Boulgou|Boulkiemde|Comoe|Ganzourgou|Gnagna|Gourma|Houet|Ioba|Kadiogo|Kenedougou|Komandjari|Kompienga|Kossi|Koupelogo|Kouritenga|Kourweogo|Leraba|Loroum|Mouhoun|Nahouri|Namentenga|Naumbiel|Nayala|Oubritenga|Oudalan|Passore|Poni|Samentenga|Sanguie|Seno|Sissili|Soum|Sourou|Tapoa|Tuy|Yagha|Yatenga|Ziro|Zondomo|Zoundweogo";
aStates[34]="|Ayeyarwady|Bago|Chin State|Kachin State|Kayah State|Kayin State|Magway|Mandalay|Mon State|Rakhine State|Sagaing|Shan State|Tanintharyi|Yangon";
aStates[35]="|Bubanza|Bujumbura|Bururi|Cankuzo|Cibitoke|Gitega|Karuzi|Kayanza|Kirundo|Makamba|Muramvya|Muyinga|Mwaro|Ngozi|Rutana|Ruyigi";
@ -105,7 +105,7 @@ aStates[79]="|Estuaire|Haut-Ogooue|Moyen-Ogooue|Ngounie|Nyanga|Ogooue-Ivindo|Ogo
aStates[80]="|Banjul|Central River|Lower River|North Bank|Upper River|Western";
aStates[81]="|Gaza Strip";
aStates[82]="|Abashis|Abkhazia or Ap'khazet'is Avtonomiuri Respublika (Sokhumi)|Adigenis|Ajaria or Acharis Avtonomiuri Respublika (Bat'umi)|Akhalgoris|Akhalk'alak'is|Akhalts'ikhis|Akhmetis|Ambrolauris|Aspindzis|Baghdat'is|Bolnisis|Borjomis|Ch'khorotsqus|Ch'okhatauris|Chiat'ura|Dedop'listsqaros|Dmanisis|Dushet'is|Gardabanis|Gori|Goris|Gurjaanis|Javis|K'arelis|K'ut'aisi|Kaspis|Kharagaulis|Khashuris|Khobis|Khonis|Lagodekhis|Lanch'khut'is|Lentekhis|Marneulis|Martvilis|Mestiis|Mts'khet'is|Ninotsmindis|Onis|Ozurget'is|P'ot'i|Qazbegis|Qvarlis|Rust'avi|Sach'kheris|Sagarejos|Samtrediis|Senakis|Sighnaghis|T'bilisi|T'elavis|T'erjolis|T'et'ritsqaros|T'ianet'is|Tqibuli|Ts'ageris|Tsalenjikhis|Tsalkis|Tsqaltubo|Vanis|Zestap'onis|Zugdidi|Zugdidis";
aStates[83]="|Baden-Wuerttemberg|Bayern|Berlin|Brandenburg|Bremen|Hamburg|Hessen|Mecklenburg-Vorpommern|Niedersachsen|Nordrhein-Westfalen|Rheinland-Pfalz|Saarland|Sachsen|Sachsen-Anhalt|Schleswig-Holstein|Thueringen";
aStates[83]="|Baden-Württemberg|Bayern|Berlin|Brandenburg|Bremen|Hamburg|Hessen|Mecklenburg-Vorpommern|Niedersachsen|Nordrhein-Westfalen|Rheinland-Pfalz|Saarland|Sachsen|Sachsen-Anhalt|Schleswig-Holstein|Thüringen";
aStates[84]="|Ashanti|Brong-Ahafo|Central|Eastern|Greater Accra|Northern|Upper East|Upper West|Volta|Western";
aStates[85]="|Gibraltar";
aStates[86]="|Ile du Lys|Ile Glorieuse";
@ -131,8 +131,8 @@ aStates[105]="|Andaman and Nicobar Islands|Andhra Pradesh|Arunachal Pradesh|Assa
aStates[106]="|Aceh|Bali|Banten|Bengkulu|East Timor|Gorontalo|Irian Jaya|Jakarta Raya|Jambi|Jawa Barat|Jawa Tengah|Jawa Timur|Kalimantan Barat|Kalimantan Selatan|Kalimantan Tengah|Kalimantan Timur|Kepulauan Bangka Belitung|Lampung|Maluku|Maluku Utara|Nusa Tenggara Barat|Nusa Tenggara Timur|Riau|Sulawesi Selatan|Sulawesi Tengah|Sulawesi Tenggara|Sulawesi Utara|Sumatera Barat|Sumatera Selatan|Sumatera Utara|Yogyakarta";
aStates[107]="|Ardabil|Azarbayjan-e Gharbi|Azarbayjan-e Sharqi|Bushehr|Chahar Mahall va Bakhtiari|Esfahan|Fars|Gilan|Golestan|Hamadan|Hormozgan|Ilam|Kerman|Kermanshah|Khorasan|Khuzestan|Kohgiluyeh va Buyer Ahmad|Kordestan|Lorestan|Markazi|Mazandaran|Qazvin|Qom|Semnan|Sistan va Baluchestan|Tehran|Yazd|Zanjan";
aStates[108]="|Al Anbar|Al Basrah|Al Muthanna|Al Qadisiyah|An Najaf|Arbil|As Sulaymaniyah|At Ta'mim|Babil|Baghdad|Dahuk|Dhi Qar|Diyala|Karbala'|Maysan|Ninawa|Salah ad Din|Wasit";
aStates[109]="|Carlow|Cavan|Clare|Cork|Donegal|Dublin|Galway|Kerry|Kildare|Kilkenny|Laois|Leitrim|Limerick|Longford|Louth|Mayo|Meath|Monaghan|Offaly|Roscommon|Sligo|Tipperary|Waterford|Westmeath|Wexford|Wicklow";
aStates[110]="|Antrim|Ards|Armagh|Ballymena|Ballymoney|Banbridge|Belfast|Carrickfergus|Castlereagh|Coleraine|Cookstown|Craigavon|Derry|Down|Dungannon|Fermanagh|Larne|Limavady|Lisburn|Magherafelt|Moyle|Newry and Mourne|Newtownabbey|North Down|Omagh|Strabane";
aStates[109]="|Antrim|Armargh|Carlow|Cavan|Clare|Cork|Derry|Donegal|Down|Dún Laoghaire–Rathdown|Fermanagh|Dublin|Fingal|Galway|Kerry|Kildare|Kilkenny|Laois|Leitrim|Limerick|Longford|Louth|Mayo|Meath|Monaghan|Offaly|Roscommon|Sligo|Tipperary|Tyrone|Waterford|Westmeath|Wexford|Wicklow";
aStates[110]="|Antrim|Armagh|Belfast|Down|Fermanagh|Londonderry|Tyrone";
aStates[111]="|Central|Haifa|Jerusalem|Northern|Southern|Tel Aviv";
aStates[112]="|Abruzzi|Basilicata|Calabria|Campania|Emilia-Romagna|Friuli-Venezia Giulia|Lazio|Liguria|Lombardia|Marche|Molise|Piemonte|Puglia|Sardegna|Sicilia|Toscana|Trentino-Alto Adige|Umbria|Valle d'Aosta|Veneto";
aStates[113]="|Clarendon|Hanover|Kingston|Manchester|Portland|Saint Andrew|Saint Ann|Saint Catherine|Saint Elizabeth|Saint James|Saint Mary|Saint Thomas|Trelawny|Westmoreland";
@ -222,7 +222,7 @@ aStates[196]="|A'ana|Aiga-i-le-Tai|Atua|Fa'asaleleaga|Gaga'emauga|Gagaifomauga|P