Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

610 lines
16 KiB

  1. <?php
  2. /**
  3. * @copyright Copyright (C) 2020, Friendica
  4. *
  5. * @license GNU AGPL version 3 or any later version
  6. *
  7. * This program is free software: you can redistribute it and/or modify
  8. * it under the terms of the GNU Affero General Public License as
  9. * published by the Free Software Foundation, either version 3 of the
  10. * License, or (at your option) any later version.
  11. *
  12. * This program is distributed in the hope that it will be useful,
  13. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  15. * GNU Affero General Public License for more details.
  16. *
  17. * You should have received a copy of the GNU Affero General Public License
  18. * along with this program. If not, see <https://www.gnu.org/licenses/>.
  19. *
  20. * Friendica is a communications platform for integrated social communications
  21. * utilising decentralised communications and linkage to several indie social
  22. * projects - as well as popular mainstream providers.
  23. *
  24. * Our mission is to free our friends and families from the clutches of
  25. * data-harvesting corporations, and pave the way to a future where social
  26. * communications are free and open and flow between alternate providers as
  27. * easily as email does today.
  28. */
  29. use Friendica\Core\Protocol;
  30. use Friendica\Core\System;
  31. use Friendica\Database\DBA;
  32. use Friendica\DI;
  33. use Friendica\Model\Contact;
  34. use Friendica\Model\Notify;
  35. use Friendica\Util\BasePath;
  36. use Friendica\Util\DateTimeFormat;
  37. define('FRIENDICA_PLATFORM', 'Friendica');
  38. define('FRIENDICA_CODENAME', 'Red Hot Poker');
  39. define('FRIENDICA_VERSION', '2020.12-dev');
  40. define('DFRN_PROTOCOL_VERSION', '2.23');
  41. define('NEW_UPDATE_ROUTINE_VERSION', 1170);
  42. /**
  43. * Constant with a HTML line break.
  44. *
  45. * Contains a HTML line break (br) element and a real carriage return with line
  46. * feed for the source.
  47. * This can be used in HTML and JavaScript where needed a line break.
  48. */
  49. define('EOL', "<br />\r\n");
  50. /**
  51. * Image storage quality.
  52. *
  53. * Lower numbers save space at cost of image detail.
  54. * For ease of upgrade, please do not change here. Set system.jpegquality = n in config/local.config.php,
  55. * where n is between 1 and 100, and with very poor results below about 50
  56. */
  57. define('JPEG_QUALITY', 100);
  58. /**
  59. * system.png_quality = n where is between 0 (uncompressed) to 9
  60. */
  61. define('PNG_QUALITY', 8);
  62. /**
  63. * An alternate way of limiting picture upload sizes. Specify the maximum pixel
  64. * length that pictures are allowed to be (for non-square pictures, it will apply
  65. * to the longest side). Pictures longer than this length will be resized to be
  66. * this length (on the longest side, the other side will be scaled appropriately).
  67. * Modify this value using
  68. *
  69. * 'system' => [
  70. * 'max_image_length' => 'n',
  71. * ...
  72. * ],
  73. *
  74. * in config/local.config.php
  75. *
  76. * If you don't want to set a maximum length, set to -1. The default value is
  77. * defined by 'MAX_IMAGE_LENGTH' below.
  78. */
  79. define('MAX_IMAGE_LENGTH', -1);
  80. /**
  81. * Not yet used
  82. */
  83. define('DEFAULT_DB_ENGINE', 'InnoDB');
  84. /** @deprecated since version 2019.03, please use \Friendica\Module\Register::CLOSED instead */
  85. define('REGISTER_CLOSED', \Friendica\Module\Register::CLOSED);
  86. /** @deprecated since version 2019.03, please use \Friendica\Module\Register::APPROVE instead */
  87. define('REGISTER_APPROVE', \Friendica\Module\Register::APPROVE);
  88. /** @deprecated since version 2019.03, please use \Friendica\Module\Register::OPEN instead */
  89. define('REGISTER_OPEN', \Friendica\Module\Register::OPEN);
  90. /**
  91. * @name CP
  92. *
  93. * Type of the community page
  94. * @{
  95. */
  96. define('CP_NO_INTERNAL_COMMUNITY', -2);
  97. define('CP_NO_COMMUNITY_PAGE', -1);
  98. define('CP_USERS_ON_SERVER', 0);
  99. define('CP_GLOBAL_COMMUNITY', 1);
  100. define('CP_USERS_AND_GLOBAL', 2);
  101. /**
  102. * @}
  103. */
  104. /**
  105. * These numbers are used in stored permissions
  106. * and existing allocations MUST NEVER BE CHANGED
  107. * OR RE-ASSIGNED! You may only add to them.
  108. */
  109. $netgroup_ids = [
  110. Protocol::DFRN => (-1),
  111. Protocol::ZOT => (-2),
  112. Protocol::OSTATUS => (-3),
  113. Protocol::FEED => (-4),
  114. Protocol::DIASPORA => (-5),
  115. Protocol::MAIL => (-6),
  116. Protocol::FACEBOOK => (-8),
  117. Protocol::LINKEDIN => (-9),
  118. Protocol::XMPP => (-10),
  119. Protocol::MYSPACE => (-11),
  120. Protocol::GPLUS => (-12),
  121. Protocol::PUMPIO => (-13),
  122. Protocol::TWITTER => (-14),
  123. Protocol::DIASPORA2 => (-15),
  124. Protocol::STATUSNET => (-16),
  125. Protocol::NEWS => (-18),
  126. Protocol::ICALENDAR => (-19),
  127. Protocol::PNUT => (-20),
  128. Protocol::PHANTOM => (-127),
  129. ];
  130. /**
  131. * Maximum number of "people who like (or don't like) this" that we will list by name
  132. */
  133. define('MAX_LIKERS', 75);
  134. /**
  135. * @name Notify
  136. *
  137. * Email notification options
  138. * @{
  139. */
  140. /** @deprecated since 2020.03, use Notify\Type::INTRO instead */
  141. define('NOTIFY_INTRO', Notify\Type::INTRO);
  142. /** @deprecated since 2020.03, use Notify\Type::CONFIRM instead */
  143. define('NOTIFY_CONFIRM', Notify\Type::CONFIRM);
  144. /** @deprecated since 2020.03, use Notify\Type::WALL instead */
  145. define('NOTIFY_WALL', Notify\Type::WALL);
  146. /** @deprecated since 2020.03, use Notify\Type::COMMENT instead */
  147. define('NOTIFY_COMMENT', Notify\Type::COMMENT);
  148. /** @deprecated since 2020.03, use Notify\Type::MAIL instead */
  149. define('NOTIFY_MAIL', Notify\Type::MAIL);
  150. /** @deprecated since 2020.03, use Notify\Type::SUGGEST instead */
  151. define('NOTIFY_SUGGEST', Notify\Type::SUGGEST);
  152. /** @deprecated since 2020.03, use Notify\Type::PROFILE instead */
  153. define('NOTIFY_PROFILE', Notify\Type::PROFILE);
  154. /** @deprecated since 2020.03, use Notify\Type::TAG_SELF instead */
  155. define('NOTIFY_TAGSELF', Notify\Type::TAG_SELF);
  156. /** @deprecated since 2020.03, use Notify\Type::TAG_SHARE instead */
  157. define('NOTIFY_TAGSHARE', Notify\Type::TAG_SHARE);
  158. /** @deprecated since 2020.03, use Notify\Type::POKE instead */
  159. define('NOTIFY_POKE', Notify\Type::POKE);
  160. /** @deprecated since 2020.03, use Notify\Type::SHARE instead */
  161. define('NOTIFY_SHARE', Notify\Type::SHARE);
  162. /** @deprecated since 2020.12, use Notify\Type::SYSTEM instead */
  163. define('NOTIFY_SYSTEM', Notify\Type::SYSTEM);
  164. /* @}*/
  165. /**
  166. * @name Gravity
  167. *
  168. * Item weight for query ordering
  169. * @{
  170. */
  171. define('GRAVITY_PARENT', 0);
  172. define('GRAVITY_ACTIVITY', 3);
  173. define('GRAVITY_COMMENT', 6);
  174. define('GRAVITY_UNKNOWN', 9);
  175. /* @}*/
  176. /**
  177. * @name Priority
  178. *
  179. * Process priority for the worker
  180. * @{
  181. */
  182. define('PRIORITY_UNDEFINED', 0);
  183. define('PRIORITY_CRITICAL', 10);
  184. define('PRIORITY_HIGH', 20);
  185. define('PRIORITY_MEDIUM', 30);
  186. define('PRIORITY_LOW', 40);
  187. define('PRIORITY_NEGLIGIBLE', 50);
  188. /* @}*/
  189. /**
  190. * @name Social Relay settings
  191. *
  192. * See here: https://github.com/jaywink/social-relay
  193. * and here: https://wiki.diasporafoundation.org/Relay_servers_for_public_posts
  194. * @{
  195. */
  196. define('SR_SCOPE_NONE', '');
  197. define('SR_SCOPE_ALL', 'all');
  198. define('SR_SCOPE_TAGS', 'tags');
  199. /* @}*/
  200. // Normally this constant is defined - but not if "pcntl" isn't installed
  201. if (!defined("SIGTERM")) {
  202. define("SIGTERM", 15);
  203. }
  204. /**
  205. * Depending on the PHP version this constant does exist - or not.
  206. * See here: http://php.net/manual/en/curl.constants.php#117928
  207. */
  208. if (!defined('CURLE_OPERATION_TIMEDOUT')) {
  209. define('CURLE_OPERATION_TIMEDOUT', CURLE_OPERATION_TIMEOUTED);
  210. }
  211. /**
  212. * Returns the user id of locally logged in user or false.
  213. *
  214. * @return int|bool user id or false
  215. */
  216. function local_user()
  217. {
  218. if (!empty($_SESSION['authenticated']) && !empty($_SESSION['uid'])) {
  219. return intval($_SESSION['uid']);
  220. }
  221. return false;
  222. }
  223. /**
  224. * Returns the public contact id of logged in user or false.
  225. *
  226. * @return int|bool public contact id or false
  227. */
  228. function public_contact()
  229. {
  230. static $public_contact_id = false;
  231. if (!$public_contact_id && !empty($_SESSION['authenticated'])) {
  232. if (!empty($_SESSION['my_address'])) {
  233. // Local user
  234. $public_contact_id = intval(Contact::getIdForURL($_SESSION['my_address'], 0, false));
  235. } elseif (!empty($_SESSION['visitor_home'])) {
  236. // Remote user
  237. $public_contact_id = intval(Contact::getIdForURL($_SESSION['visitor_home'], 0, false));
  238. }
  239. } elseif (empty($_SESSION['authenticated'])) {
  240. $public_contact_id = false;
  241. }
  242. return $public_contact_id;
  243. }
  244. /**
  245. * Returns public contact id of authenticated site visitor or false
  246. *
  247. * @return int|bool visitor_id or false
  248. */
  249. function remote_user()
  250. {
  251. if (empty($_SESSION['authenticated'])) {
  252. return false;
  253. }
  254. if (!empty($_SESSION['visitor_id'])) {
  255. return intval($_SESSION['visitor_id']);
  256. }
  257. return false;
  258. }
  259. /**
  260. * Show an error message to user.
  261. *
  262. * This function save text in session, to be shown to the user at next page load
  263. *
  264. * @param string $s - Text of notice
  265. */
  266. function notice($s)
  267. {
  268. if (empty($_SESSION)) {
  269. return;
  270. }
  271. $a = DI::app();
  272. if (empty($_SESSION['sysmsg'])) {
  273. $_SESSION['sysmsg'] = [];
  274. }
  275. if ($a->interactive) {
  276. $_SESSION['sysmsg'][] = $s;
  277. }
  278. }
  279. /**
  280. * Show an info message to user.
  281. *
  282. * This function save text in session, to be shown to the user at next page load
  283. *
  284. * @param string $s - Text of notice
  285. */
  286. function info($s)
  287. {
  288. $a = DI::app();
  289. if (empty($_SESSION['sysmsg_info'])) {
  290. $_SESSION['sysmsg_info'] = [];
  291. }
  292. if ($a->interactive) {
  293. $_SESSION['sysmsg_info'][] = $s;
  294. }
  295. }
  296. function feed_birthday($uid, $tz)
  297. {
  298. /**
  299. * Determine the next birthday, but only if the birthday is published
  300. * in the default profile. We _could_ also look for a private profile that the
  301. * recipient can see, but somebody could get mad at us if they start getting
  302. * public birthday greetings when they haven't made this info public.
  303. *
  304. * Assuming we are able to publish this info, we are then going to convert
  305. * the start time from the owner's timezone to UTC.
  306. *
  307. * This will potentially solve the problem found with some social networks
  308. * where birthdays are converted to the viewer's timezone and salutations from
  309. * elsewhere in the world show up on the wrong day. We will convert it to the
  310. * viewer's timezone also, but first we are going to convert it from the birthday
  311. * person's timezone to GMT - so the viewer may find the birthday starting at
  312. * 6:00PM the day before, but that will correspond to midnight to the birthday person.
  313. */
  314. $birthday = '';
  315. if (!strlen($tz)) {
  316. $tz = 'UTC';
  317. }
  318. $profile = DBA::selectFirst('profile', ['dob'], ['uid' => $uid]);
  319. if (DBA::isResult($profile)) {
  320. $tmp_dob = substr($profile['dob'], 5);
  321. if (intval($tmp_dob)) {
  322. $y = DateTimeFormat::timezoneNow($tz, 'Y');
  323. $bd = $y . '-' . $tmp_dob . ' 00:00';
  324. $t_dob = strtotime($bd);
  325. $now = strtotime(DateTimeFormat::timezoneNow($tz));
  326. if ($t_dob < $now) {
  327. $bd = $y + 1 . '-' . $tmp_dob . ' 00:00';
  328. }
  329. $birthday = DateTimeFormat::convert($bd, 'UTC', $tz, DateTimeFormat::ATOM);
  330. }
  331. }
  332. return $birthday;
  333. }
  334. /**
  335. * Check if current user has admin role.
  336. *
  337. * @return bool true if user is an admin
  338. */
  339. function is_site_admin()
  340. {
  341. $a = DI::app();
  342. $admin_email = DI::config()->get('config', 'admin_email');
  343. $adminlist = explode(',', str_replace(' ', '', $admin_email));
  344. return local_user() && $admin_email && in_array($a->user['email'] ?? '', $adminlist);
  345. }
  346. /**
  347. * Returns the complete URL of the current page, e.g.: http(s)://something.com/network
  348. *
  349. * Taken from http://webcheatsheet.com/php/get_current_page_url.php
  350. */
  351. function curPageURL()
  352. {
  353. $pageURL = 'http';
  354. if (!empty($_SERVER["HTTPS"]) && ($_SERVER["HTTPS"] == "on")) {
  355. $pageURL .= "s";
  356. }
  357. $pageURL .= "://";
  358. if ($_SERVER["SERVER_PORT"] != "80" && $_SERVER["SERVER_PORT"] != "443") {
  359. $pageURL .= $_SERVER["SERVER_NAME"] . ":" . $_SERVER["SERVER_PORT"] . $_SERVER["REQUEST_URI"];
  360. } else {
  361. $pageURL .= $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"];
  362. }
  363. return $pageURL;
  364. }
  365. function get_temppath()
  366. {
  367. $temppath = DI::config()->get("system", "temppath");
  368. if (($temppath != "") && System::isDirectoryUsable($temppath)) {
  369. // We have a temp path and it is usable
  370. return BasePath::getRealPath($temppath);
  371. }
  372. // We don't have a working preconfigured temp path, so we take the system path.
  373. $temppath = sys_get_temp_dir();
  374. // Check if it is usable
  375. if (($temppath != "") && System::isDirectoryUsable($temppath)) {
  376. // Always store the real path, not the path through symlinks
  377. $temppath = BasePath::getRealPath($temppath);
  378. // To avoid any interferences with other systems we create our own directory
  379. $new_temppath = $temppath . "/" . DI::baseUrl()->getHostname();
  380. if (!is_dir($new_temppath)) {
  381. /// @TODO There is a mkdir()+chmod() upwards, maybe generalize this (+ configurable) into a function/method?
  382. mkdir($new_temppath);
  383. }
  384. if (System::isDirectoryUsable($new_temppath)) {
  385. // The new path is usable, we are happy
  386. DI::config()->set("system", "temppath", $new_temppath);
  387. return $new_temppath;
  388. } else {
  389. // We can't create a subdirectory, strange.
  390. // But the directory seems to work, so we use it but don't store it.
  391. return $temppath;
  392. }
  393. }
  394. // Reaching this point means that the operating system is configured badly.
  395. return '';
  396. }
  397. function get_cachefile($file, $writemode = true)
  398. {
  399. $cache = get_itemcachepath();
  400. if ((!$cache) || (!is_dir($cache))) {
  401. return "";
  402. }
  403. $subfolder = $cache . "/" . substr($file, 0, 2);
  404. $cachepath = $subfolder . "/" . $file;
  405. if ($writemode) {
  406. if (!is_dir($subfolder)) {
  407. mkdir($subfolder);
  408. chmod($subfolder, 0777);
  409. }
  410. }
  411. return $cachepath;
  412. }
  413. function clear_cache($basepath = "", $path = "")
  414. {
  415. if ($path == "") {
  416. $basepath = get_itemcachepath();
  417. $path = $basepath;
  418. }
  419. if (($path == "") || (!is_dir($path))) {
  420. return;
  421. }
  422. if (substr(realpath($path), 0, strlen($basepath)) != $basepath) {
  423. return;
  424. }
  425. $cachetime = (int) DI::config()->get('system', 'itemcache_duration');
  426. if ($cachetime == 0) {
  427. $cachetime = 86400;
  428. }
  429. if (is_writable($path)) {
  430. if ($dh = opendir($path)) {
  431. while (($file = readdir($dh)) !== false) {
  432. $fullpath = $path . "/" . $file;
  433. if ((filetype($fullpath) == "dir") && ($file != ".") && ($file != "..")) {
  434. clear_cache($basepath, $fullpath);
  435. }
  436. if ((filetype($fullpath) == "file") && (filectime($fullpath) < (time() - $cachetime))) {
  437. unlink($fullpath);
  438. }
  439. }
  440. closedir($dh);
  441. }
  442. }
  443. }
  444. function get_itemcachepath()
  445. {
  446. // Checking, if the cache is deactivated
  447. $cachetime = (int) DI::config()->get('system', 'itemcache_duration');
  448. if ($cachetime < 0) {
  449. return "";
  450. }
  451. $itemcache = DI::config()->get('system', 'itemcache');
  452. if (($itemcache != "") && System::isDirectoryUsable($itemcache)) {
  453. return BasePath::getRealPath($itemcache);
  454. }
  455. $temppath = get_temppath();
  456. if ($temppath != "") {
  457. $itemcache = $temppath . "/itemcache";
  458. if (!file_exists($itemcache) && !is_dir($itemcache)) {
  459. mkdir($itemcache);
  460. }
  461. if (System::isDirectoryUsable($itemcache)) {
  462. DI::config()->set("system", "itemcache", $itemcache);
  463. return $itemcache;
  464. }
  465. }
  466. return "";
  467. }
  468. /**
  469. * Returns the path where spool files are stored
  470. *
  471. * @return string Spool path
  472. */
  473. function get_spoolpath()
  474. {
  475. $spoolpath = DI::config()->get('system', 'spoolpath');
  476. if (($spoolpath != "") && System::isDirectoryUsable($spoolpath)) {
  477. // We have a spool path and it is usable
  478. return $spoolpath;
  479. }
  480. // We don't have a working preconfigured spool path, so we take the temp path.
  481. $temppath = get_temppath();
  482. if ($temppath != "") {
  483. // To avoid any interferences with other systems we create our own directory
  484. $spoolpath = $temppath . "/spool";
  485. if (!is_dir($spoolpath)) {
  486. mkdir($spoolpath);
  487. }
  488. if (System::isDirectoryUsable($spoolpath)) {
  489. // The new path is usable, we are happy
  490. DI::config()->set("system", "spoolpath", $spoolpath);
  491. return $spoolpath;
  492. } else {
  493. // We can't create a subdirectory, strange.
  494. // But the directory seems to work, so we use it but don't store it.
  495. return $temppath;
  496. }
  497. }
  498. // Reaching this point means that the operating system is configured badly.
  499. return "";
  500. }
  501. if (!function_exists('exif_imagetype')) {
  502. function exif_imagetype($file)
  503. {
  504. $size = getimagesize($file);
  505. return $size[2];
  506. }
  507. }
  508. function validate_include(&$file)
  509. {
  510. $orig_file = $file;
  511. $file = realpath($file);
  512. if (strpos($file, getcwd()) !== 0) {
  513. return false;
  514. }
  515. $file = str_replace(getcwd() . "/", "", $file, $count);
  516. if ($count != 1) {
  517. return false;
  518. }
  519. if ($orig_file !== $file) {
  520. return false;
  521. }
  522. $valid = false;
  523. if (strpos($file, "include/") === 0) {
  524. $valid = true;
  525. }
  526. if (strpos($file, "addon/") === 0) {
  527. $valid = true;
  528. }
  529. // Simply return flag
  530. return $valid;
  531. }