Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

1226 lines
32 KiB

  1. <?php
  2. require_once('include/config.php');
  3. require_once('include/network.php');
  4. require_once('include/plugin.php');
  5. require_once('include/text.php');
  6. require_once("include/pgettext.php");
  7. require_once('include/nav.php');
  8. define ( 'FRIENDIKA_PLATFORM', 'Free Friendika');
  9. define ( 'FRIENDIKA_VERSION', '2.3.1137' );
  10. define ( 'DFRN_PROTOCOL_VERSION', '2.21' );
  11. define ( 'DB_UPDATE_VERSION', 1097 );
  12. define ( 'EOL', "<br />\r\n" );
  13. define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' );
  14. /**
  15. *
  16. * Image storage quality. Lower numbers save space at cost of image detail.
  17. * For ease of upgrade, please do not change here. Change jpeg quality with
  18. * set_config('system','jpeg_quality',n) in .htconfig.php
  19. * where n is netween 1 and 100, and with very poor results below about 50
  20. *
  21. */
  22. define ( 'JPEG_QUALITY', 100 );
  23. /**
  24. * SSL redirection policies
  25. */
  26. define ( 'SSL_POLICY_NONE', 0 );
  27. define ( 'SSL_POLICY_FULL', 1 );
  28. define ( 'SSL_POLICY_SELFSIGN', 2 );
  29. /**
  30. * log levels
  31. */
  32. define ( 'LOGGER_NORMAL', 0 );
  33. define ( 'LOGGER_TRACE', 1 );
  34. define ( 'LOGGER_DEBUG', 2 );
  35. define ( 'LOGGER_DATA', 3 );
  36. define ( 'LOGGER_ALL', 4 );
  37. /**
  38. * registration policies
  39. */
  40. define ( 'REGISTER_CLOSED', 0 );
  41. define ( 'REGISTER_APPROVE', 1 );
  42. define ( 'REGISTER_OPEN', 2 );
  43. /**
  44. * relationship types
  45. */
  46. define ( 'CONTACT_IS_FOLLOWER', 1);
  47. define ( 'CONTACT_IS_SHARING', 2);
  48. define ( 'CONTACT_IS_FRIEND', 3);
  49. /**
  50. * Hook array order
  51. */
  52. define ( 'HOOK_HOOK', 0);
  53. define ( 'HOOK_FILE', 1);
  54. define ( 'HOOK_FUNCTION', 2);
  55. /**
  56. *
  57. * page/profile types
  58. *
  59. * PAGE_NORMAL is a typical personal profile account
  60. * PAGE_SOAPBOX automatically approves all friend requests as CONTACT_IS_SHARING, (readonly)
  61. * PAGE_COMMUNITY automatically approves all friend requests as CONTACT_IS_SHARING, but with
  62. * write access to wall and comments (no email and not included in page owner's ACL lists)
  63. * PAGE_FREELOVE automatically approves all friend requests as full friends (CONTACT_IS_FRIEND).
  64. *
  65. */
  66. define ( 'PAGE_NORMAL', 0 );
  67. define ( 'PAGE_SOAPBOX', 1 );
  68. define ( 'PAGE_COMMUNITY', 2 );
  69. define ( 'PAGE_FREELOVE', 3 );
  70. /**
  71. * Network and protocol family types
  72. */
  73. define ( 'NETWORK_ZOT', 'zot!'); // Zot!
  74. define ( 'NETWORK_DFRN', 'dfrn'); // Friendika, Mistpark, other DFRN implementations
  75. define ( 'NETWORK_OSTATUS', 'stat'); // status.net, identi.ca, GNU-social, other OStatus implementations
  76. define ( 'NETWORK_FEED', 'feed'); // RSS/Atom feeds with no known "post/notify" protocol
  77. define ( 'NETWORK_DIASPORA', 'dspr'); // Diaspora
  78. define ( 'NETWORK_MAIL', 'mail'); // IMAP/POP
  79. define ( 'NETWORK_FACEBOOK', 'face'); // Facebook API
  80. /**
  81. * Maximum number of "people who like (or don't like) this" that we will list by name
  82. */
  83. define ( 'MAX_LIKERS', 75);
  84. /**
  85. * Communication timeout
  86. */
  87. define ( 'ZCURL_TIMEOUT' , (-1));
  88. /**
  89. * email notification options
  90. */
  91. define ( 'NOTIFY_INTRO', 0x0001 );
  92. define ( 'NOTIFY_CONFIRM', 0x0002 );
  93. define ( 'NOTIFY_WALL', 0x0004 );
  94. define ( 'NOTIFY_COMMENT', 0x0008 );
  95. define ( 'NOTIFY_MAIL', 0x0010 );
  96. /**
  97. * various namespaces we may need to parse
  98. */
  99. define ( 'NAMESPACE_ZOT', 'http://purl.org/macgirvin/zot' );
  100. define ( 'NAMESPACE_DFRN' , 'http://purl.org/macgirvin/dfrn/1.0' );
  101. define ( 'NAMESPACE_THREAD' , 'http://purl.org/syndication/thread/1.0' );
  102. define ( 'NAMESPACE_TOMB' , 'http://purl.org/atompub/tombstones/1.0' );
  103. define ( 'NAMESPACE_ACTIVITY', 'http://activitystrea.ms/spec/1.0/' );
  104. define ( 'NAMESPACE_ACTIVITY_SCHEMA', 'http://activitystrea.ms/schema/1.0/' );
  105. define ( 'NAMESPACE_MEDIA', 'http://purl.org/syndication/atommedia' );
  106. define ( 'NAMESPACE_SALMON_ME', 'http://salmon-protocol.org/ns/magic-env' );
  107. define ( 'NAMESPACE_OSTATUSSUB', 'http://ostatus.org/schema/1.0/subscribe' );
  108. define ( 'NAMESPACE_GEORSS', 'http://www.georss.org/georss' );
  109. define ( 'NAMESPACE_POCO', 'http://portablecontacts.net/spec/1.0' );
  110. define ( 'NAMESPACE_FEED', 'http://schemas.google.com/g/2010#updates-from' );
  111. define ( 'NAMESPACE_OSTATUS', 'http://ostatus.org/schema/1.0' );
  112. define ( 'NAMESPACE_STATUSNET', 'http://status.net/schema/api/1/' );
  113. define ( 'NAMESPACE_ATOM1', 'http://www.w3.org/2005/Atom' );
  114. /**
  115. * activity stream defines
  116. */
  117. define ( 'ACTIVITY_LIKE', NAMESPACE_ACTIVITY_SCHEMA . 'like' );
  118. define ( 'ACTIVITY_DISLIKE', NAMESPACE_DFRN . '/dislike' );
  119. define ( 'ACTIVITY_OBJ_HEART', NAMESPACE_DFRN . '/heart' );
  120. define ( 'ACTIVITY_FRIEND', NAMESPACE_ACTIVITY_SCHEMA . 'make-friend' );
  121. define ( 'ACTIVITY_REQ_FRIEND', NAMESPACE_ACTIVITY_SCHEMA . 'request-friend' );
  122. define ( 'ACTIVITY_UNFRIEND', NAMESPACE_ACTIVITY_SCHEMA . 'remove-friend' );
  123. define ( 'ACTIVITY_FOLLOW', NAMESPACE_ACTIVITY_SCHEMA . 'follow' );
  124. define ( 'ACTIVITY_UNFOLLOW', NAMESPACE_ACTIVITY_SCHEMA . 'stop-following' );
  125. define ( 'ACTIVITY_POST', NAMESPACE_ACTIVITY_SCHEMA . 'post' );
  126. define ( 'ACTIVITY_UPDATE', NAMESPACE_ACTIVITY_SCHEMA . 'update' );
  127. define ( 'ACTIVITY_TAG', NAMESPACE_ACTIVITY_SCHEMA . 'tag' );
  128. define ( 'ACTIVITY_OBJ_COMMENT', NAMESPACE_ACTIVITY_SCHEMA . 'comment' );
  129. define ( 'ACTIVITY_OBJ_NOTE', NAMESPACE_ACTIVITY_SCHEMA . 'note' );
  130. define ( 'ACTIVITY_OBJ_PERSON', NAMESPACE_ACTIVITY_SCHEMA . 'person' );
  131. define ( 'ACTIVITY_OBJ_PHOTO', NAMESPACE_ACTIVITY_SCHEMA . 'photo' );
  132. define ( 'ACTIVITY_OBJ_P_PHOTO', NAMESPACE_ACTIVITY_SCHEMA . 'profile-photo' );
  133. define ( 'ACTIVITY_OBJ_ALBUM', NAMESPACE_ACTIVITY_SCHEMA . 'photo-album' );
  134. define ( 'ACTIVITY_OBJ_EVENT', NAMESPACE_ACTIVITY_SCHEMA . 'event' );
  135. define ( 'ACTIVITY_OBJ_TAGTERM', NAMESPACE_DFRN . '/tagterm' );
  136. /**
  137. * item weight for query ordering
  138. */
  139. define ( 'GRAVITY_PARENT', 0);
  140. define ( 'GRAVITY_LIKE', 3);
  141. define ( 'GRAVITY_COMMENT', 6);
  142. /**
  143. *
  144. * Reverse the effect of magic_quotes_gpc if it is enabled.
  145. * Please disable magic_quotes_gpc so we don't have to do this.
  146. * See http://php.net/manual/en/security.magicquotes.disabling.php
  147. *
  148. */
  149. function startup() {
  150. error_reporting(E_ERROR | E_WARNING | E_PARSE);
  151. set_time_limit(0);
  152. // This has to be quite large to deal with embedded private photos
  153. ini_set('pcre.backtrack_limit', 350000);
  154. if (get_magic_quotes_gpc()) {
  155. $process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST);
  156. while (list($key, $val) = each($process)) {
  157. foreach ($val as $k => $v) {
  158. unset($process[$key][$k]);
  159. if (is_array($v)) {
  160. $process[$key][stripslashes($k)] = $v;
  161. $process[] = &$process[$key][stripslashes($k)];
  162. } else {
  163. $process[$key][stripslashes($k)] = stripslashes($v);
  164. }
  165. }
  166. }
  167. unset($process);
  168. }
  169. }
  170. /**
  171. *
  172. * class: App
  173. *
  174. * Our main application structure for the life of this page
  175. * Primarily deals with the URL that got us here
  176. * and tries to make some sense of it, and
  177. * stores our page contents and config storage
  178. * and anything else that might need to be passed around
  179. * before we spit the page out.
  180. *
  181. */
  182. if(! class_exists('App')) {
  183. class App {
  184. public $module_loaded = false;
  185. public $query_string;
  186. public $config;
  187. public $page;
  188. public $profile;
  189. public $user;
  190. public $cid;
  191. public $contact;
  192. public $contacts;
  193. public $page_contact;
  194. public $content;
  195. public $data;
  196. public $error = false;
  197. public $cmd;
  198. public $argv;
  199. public $argc;
  200. public $module;
  201. public $pager;
  202. public $strings;
  203. public $path;
  204. public $hooks;
  205. public $timezone;
  206. public $interactive = true;
  207. public $plugins;
  208. public $apps = Array();
  209. public $identities;
  210. private $scheme;
  211. private $hostname;
  212. private $baseurl;
  213. private $db;
  214. private $curl_code;
  215. private $curl_headers;
  216. function __construct() {
  217. $this->config = array();
  218. $this->page = array();
  219. $this->pager= array();
  220. $this->query_string = '';
  221. startup();
  222. $this->scheme = ((isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'])) ? 'https' : 'http' );
  223. if(x($_SERVER,'SERVER_NAME')) {
  224. $this->hostname = $_SERVER['SERVER_NAME'];
  225. if(x($_SERVER,'SERVER_PORT') && $_SERVER['SERVER_PORT'] != 80 && $_SERVER['SERVER_PORT'] != 443)
  226. $this->hostname .= ':' . $_SERVER['SERVER_PORT'];
  227. /**
  228. * Figure out if we are running at the top of a domain
  229. * or in a sub-directory and adjust accordingly
  230. */
  231. $path = trim(dirname($_SERVER['SCRIPT_NAME']),'/\\');
  232. if(isset($path) && strlen($path) && ($path != $this->path))
  233. $this->path = $path;
  234. }
  235. set_include_path(
  236. "include/$this->hostname" . PATH_SEPARATOR
  237. . 'include' . PATH_SEPARATOR
  238. . 'library' . PATH_SEPARATOR
  239. . 'library/phpsec' . PATH_SEPARATOR
  240. . '.' );
  241. if((x($_SERVER,'QUERY_STRING')) && substr($_SERVER['QUERY_STRING'],0,2) === "q=")
  242. $this->query_string = substr($_SERVER['QUERY_STRING'],2);
  243. if(x($_GET,'q'))
  244. $this->cmd = trim($_GET['q'],'/\\');
  245. /**
  246. *
  247. * Break the URL path into C style argc/argv style arguments for our
  248. * modules. Given "http://example.com/module/arg1/arg2", $this->argc
  249. * will be 3 (integer) and $this->argv will contain:
  250. * [0] => 'module'
  251. * [1] => 'arg1'
  252. * [2] => 'arg2'
  253. *
  254. *
  255. * There will always be one argument. If provided a naked domain
  256. * URL, $this->argv[0] is set to "home".
  257. *
  258. */
  259. $this->argv = explode('/',$this->cmd);
  260. $this->argc = count($this->argv);
  261. if((array_key_exists('0',$this->argv)) && strlen($this->argv[0])) {
  262. $this->module = str_replace(".", "_", $this->argv[0]);
  263. }
  264. else {
  265. $this->argc = 1;
  266. $this->argv = array('home');
  267. $this->module = 'home';
  268. }
  269. /**
  270. * Special handling for the webfinger/lrdd host XRD file
  271. */
  272. if($this->cmd === '.well-known/host-meta') {
  273. $this->argc = 1;
  274. $this->argv = array('hostxrd');
  275. $this->module = 'hostxrd';
  276. }
  277. /**
  278. * See if there is any page number information, and initialise
  279. * pagination
  280. */
  281. $this->pager['page'] = ((x($_GET,'page')) ? $_GET['page'] : 1);
  282. $this->pager['itemspage'] = 50;
  283. $this->pager['start'] = ($this->pager['page'] * $this->pager['itemspage']) - $this->pager['itemspage'];
  284. $this->pager['total'] = 0;
  285. }
  286. function get_baseurl($ssl = false) {
  287. $scheme = $this->scheme;
  288. if(x($this->config,'ssl_policy')) {
  289. if(($ssl) || ($this->config['ssl_policy'] == SSL_POLICY_FULL))
  290. $scheme = 'https';
  291. if(($this->config['ssl_policy'] == SSL_POLICY_SELFSIGN) && (local_user() || x($_POST,'auth-params')))
  292. $scheme = 'https';
  293. }
  294. $this->baseurl = $scheme . "://" . $this->hostname . ((isset($this->path) && strlen($this->path)) ? '/' . $this->path : '' );
  295. return $this->baseurl;
  296. }
  297. function set_baseurl($url) {
  298. $parsed = @parse_url($url);
  299. $this->baseurl = $url;
  300. if($parsed) {
  301. $this->scheme = $parsed['scheme'];
  302. $this->hostname = $parsed['host'];
  303. if(x($parsed,'port'))
  304. $this->hostname .= ':' . $parsed['port'];
  305. if(x($parsed,'path'))
  306. $this->path = trim($parsed['path'],'\\/');
  307. }
  308. }
  309. function get_hostname() {
  310. return $this->hostname;
  311. }
  312. function set_hostname($h) {
  313. $this->hostname = $h;
  314. }
  315. function set_path($p) {
  316. $this->path = trim(trim($p),'/');
  317. }
  318. function get_path() {
  319. return $this->path;
  320. }
  321. function set_pager_total($n) {
  322. $this->pager['total'] = intval($n);
  323. }
  324. function set_pager_itemspage($n) {
  325. $this->pager['itemspage'] = intval($n);
  326. $this->pager['start'] = ($this->pager['page'] * $this->pager['itemspage']) - $this->pager['itemspage'];
  327. }
  328. function init_pagehead() {
  329. $this->page['title'] = $this->config['sitename'];
  330. $tpl = file_get_contents('view/head.tpl');
  331. $this->page['htmlhead'] = replace_macros($tpl,array(
  332. '$baseurl' => $this->get_baseurl(), // FIXME for z_path!!!!
  333. '$generator' => 'Friendika' . ' ' . FRIENDIKA_VERSION,
  334. '$delitem' => t('Delete this item?'),
  335. '$comment' => t('Comment')
  336. ));
  337. }
  338. function set_curl_code($code) {
  339. $this->curl_code = $code;
  340. }
  341. function get_curl_code() {
  342. return $this->curl_code;
  343. }
  344. function set_curl_headers($headers) {
  345. $this->curl_headers = $headers;
  346. }
  347. function get_curl_headers() {
  348. return $this->curl_headers;
  349. }
  350. }}
  351. // retrieve the App structure
  352. // useful in functions which require it but don't get it passed to them
  353. if(! function_exists('get_app')) {
  354. function get_app() {
  355. global $a;
  356. return $a;
  357. }};
  358. // Multi-purpose function to check variable state.
  359. // Usage: x($var) or $x($array,'key')
  360. // returns false if variable/key is not set
  361. // if variable is set, returns 1 if has 'non-zero' value, otherwise returns 0.
  362. // e.g. x('') or x(0) returns 0;
  363. if(! function_exists('x')) {
  364. function x($s,$k = NULL) {
  365. if($k != NULL) {
  366. if((is_array($s)) && (array_key_exists($k,$s))) {
  367. if($s[$k])
  368. return (int) 1;
  369. return (int) 0;
  370. }
  371. return false;
  372. }
  373. else {
  374. if(isset($s)) {
  375. if($s) {
  376. return (int) 1;
  377. }
  378. return (int) 0;
  379. }
  380. return false;
  381. }
  382. }}
  383. // called from db initialisation if db is dead.
  384. if(! function_exists('system_unavailable')) {
  385. function system_unavailable() {
  386. include('system_unavailable.php');
  387. system_down();
  388. killme();
  389. }}
  390. function clean_urls() {
  391. global $a;
  392. // if($a->config['system']['clean_urls'])
  393. return true;
  394. // return false;
  395. }
  396. function z_path() {
  397. global $a;
  398. $base = $a->get_baseurl();
  399. if(! clean_urls())
  400. $base .= '/?q=';
  401. return $base;
  402. }
  403. function z_root() {
  404. global $a;
  405. return $a->get_baseurl();
  406. }
  407. function absurl($path) {
  408. if(strpos($path,'/') === 0)
  409. return z_path() . $path;
  410. return $path;
  411. }
  412. // Primarily involved with database upgrade, but also sets the
  413. // base url for use in cmdline programs which don't have
  414. // $_SERVER variables, and synchronising the state of installed plugins.
  415. if(! function_exists('check_config')) {
  416. function check_config(&$a) {
  417. $build = get_config('system','build');
  418. if(! x($build))
  419. $build = set_config('system','build',DB_UPDATE_VERSION);
  420. $url = get_config('system','url');
  421. // if the url isn't set or the stored url is radically different
  422. // than the currently visited url, store the current value accordingly.
  423. // "Radically different" ignores common variations such as http vs https
  424. // and www.example.com vs example.com.
  425. if((! x($url)) || (! link_compare($url,$a->get_baseurl())))
  426. $url = set_config('system','url',$a->get_baseurl());
  427. if($build != DB_UPDATE_VERSION) {
  428. $stored = intval($build);
  429. $current = intval(DB_UPDATE_VERSION);
  430. if(($stored < $current) && file_exists('update.php')) {
  431. load_config('database');
  432. // We're reporting a different version than what is currently installed.
  433. // Run any existing update scripts to bring the database up to current.
  434. require_once('update.php');
  435. // make sure that boot.php and update.php are the same release, we might be
  436. // updating right this very second and the correct version of the update.php
  437. // file may not be here yet. This can happen on a very busy site.
  438. if(DB_UPDATE_VERSION == UPDATE_VERSION) {
  439. for($x = $stored; $x < $current; $x ++) {
  440. if(function_exists('update_' . $x)) {
  441. // There could be a lot of processes running or about to run.
  442. // We want exactly one process to run the update command.
  443. // So store the fact that we're taking responsibility
  444. // after first checking to see if somebody else already has.
  445. // If the update fails or times-out completely you may need to
  446. // delete the config entry to try again.
  447. if(get_config('database','update_' . $x))
  448. break;
  449. set_config('database','update_' . $x, '1');
  450. // call the specific update
  451. $func = 'update_' . $x;
  452. $func($a);
  453. }
  454. }
  455. set_config('system','build', DB_UPDATE_VERSION);
  456. }
  457. }
  458. }
  459. /**
  460. *
  461. * Synchronise plugins:
  462. *
  463. * $a->config['system']['addon'] contains a comma-separated list of names
  464. * of plugins/addons which are used on this system.
  465. * Go through the database list of already installed addons, and if we have
  466. * an entry, but it isn't in the config list, call the uninstall procedure
  467. * and mark it uninstalled in the database (for now we'll remove it).
  468. * Then go through the config list and if we have a plugin that isn't installed,
  469. * call the install procedure and add it to the database.
  470. *
  471. */
  472. $r = q("SELECT * FROM `addon` WHERE `installed` = 1");
  473. if(count($r))
  474. $installed = $r;
  475. else
  476. $installed = array();
  477. $plugins = get_config('system','addon');
  478. $plugins_arr = array();
  479. if($plugins)
  480. $plugins_arr = explode(',',str_replace(' ', '',$plugins));
  481. $a->plugins = $plugins_arr;
  482. $installed_arr = array();
  483. if(count($installed)) {
  484. foreach($installed as $i) {
  485. if(! in_array($i['name'],$plugins_arr)) {
  486. uninstall_plugin($i['name']);
  487. }
  488. else
  489. $installed_arr[] = $i['name'];
  490. }
  491. }
  492. if(count($plugins_arr)) {
  493. foreach($plugins_arr as $p) {
  494. if(! in_array($p,$installed_arr)) {
  495. install_plugin($p);
  496. }
  497. }
  498. }
  499. load_hooks();
  500. return;
  501. }}
  502. function get_guid($size=16) {
  503. $exists = true; // assume by default that we don't have a unique guid
  504. do {
  505. $s = random_string($size);
  506. $r = q("select id from guid where guid = '%s' limit 1", dbesc($s));
  507. if(! count($r))
  508. $exists = false;
  509. } while($exists);
  510. q("insert into guid ( guid ) values ( '%s' ) ", dbesc($s));
  511. return $s;
  512. }
  513. // wrapper for adding a login box. If $register == true provide a registration
  514. // link. This will most always depend on the value of $a->config['register_policy'].
  515. // returns the complete html for inserting into the page
  516. if(! function_exists('login')) {
  517. function login($register = false) {
  518. $o = "";
  519. $reg = false;
  520. if ($register) {
  521. $reg = array(
  522. 'title' => t('Create a New Account'),
  523. 'desc' => t('Register')
  524. );
  525. }
  526. $noid = get_config('system','no_openid');
  527. if(local_user()) {
  528. $tpl = get_markup_template("logout.tpl");
  529. }
  530. else {
  531. $tpl = get_markup_template("login.tpl");
  532. }
  533. $o .= replace_macros($tpl,array(
  534. '$logout' => t('Logout'),
  535. '$login' => t('Login'),
  536. '$lname' => array('username', t('Nickname or Email address: ') , '', ''),
  537. '$lpassword' => array('password', t('Password: '), '', ''),
  538. '$openid' => !$noid,
  539. '$lopenid' => array('openid_url', t('OpenID: '),'',''),
  540. '$register' => $reg,
  541. '$lostpass' => t('Forgot your password?'),
  542. '$lostlink' => t('Password Reset'),
  543. ));
  544. call_hooks('login_hook',$o);
  545. return $o;
  546. }}
  547. // Used to end the current process, after saving session state.
  548. if(! function_exists('killme')) {
  549. function killme() {
  550. session_write_close();
  551. exit;
  552. }}
  553. // redirect to another URL and terminate this process.
  554. if(! function_exists('goaway')) {
  555. function goaway($s) {
  556. header("Location: $s");
  557. killme();
  558. }}
  559. // Returns the uid of locally logged in user or false.
  560. if(! function_exists('local_user')) {
  561. function local_user() {
  562. if((x($_SESSION,'authenticated')) && (x($_SESSION,'uid')))
  563. return intval($_SESSION['uid']);
  564. return false;
  565. }}
  566. // Returns contact id of authenticated site visitor or false
  567. if(! function_exists('remote_user')) {
  568. function remote_user() {
  569. if((x($_SESSION,'authenticated')) && (x($_SESSION,'visitor_id')))
  570. return intval($_SESSION['visitor_id']);
  571. return false;
  572. }}
  573. // contents of $s are displayed prominently on the page the next time
  574. // a page is loaded. Usually used for errors or alerts.
  575. if(! function_exists('notice')) {
  576. function notice($s) {
  577. $a = get_app();
  578. if(! x($_SESSION,'sysmsg')) $_SESSION['sysmsg'] = array();
  579. if($a->interactive)
  580. $_SESSION['sysmsg'][] = $s;
  581. }}
  582. if(! function_exists('info')) {
  583. function info($s) {
  584. $a = get_app();
  585. if(! x($_SESSION,'sysmsg_info')) $_SESSION['sysmsg_info'] = array();
  586. if($a->interactive)
  587. $_SESSION['sysmsg_info'][] = $s;
  588. }}
  589. // wrapper around config to limit the text length of an incoming message
  590. if(! function_exists('get_max_import_size')) {
  591. function get_max_import_size() {
  592. global $a;
  593. return ((x($a->config,'max_import_size')) ? $a->config['max_import_size'] : 0 );
  594. }}
  595. /**
  596. *
  597. * Function : profile_load
  598. * @parameter App $a
  599. * @parameter string $nickname
  600. * @parameter int $profile
  601. *
  602. * Summary: Loads a profile into the page sidebar.
  603. * The function requires a writeable copy of the main App structure, and the nickname
  604. * of a registered local account.
  605. *
  606. * If the viewer is an authenticated remote viewer, the profile displayed is the
  607. * one that has been configured for his/her viewing in the Contact manager.
  608. * Passing a non-zero profile ID can also allow a preview of a selected profile
  609. * by the owner.
  610. *
  611. * Profile information is placed in the App structure for later retrieval.
  612. * Honours the owner's chosen theme for display.
  613. *
  614. */
  615. if(! function_exists('profile_load')) {
  616. function profile_load(&$a, $nickname, $profile = 0) {
  617. if(remote_user()) {
  618. $r = q("SELECT `profile-id` FROM `contact` WHERE `id` = %d LIMIT 1",
  619. intval($_SESSION['visitor_id']));
  620. if(count($r))
  621. $profile = $r[0]['profile-id'];
  622. }
  623. $r = null;
  624. if($profile) {
  625. $profile_int = intval($profile);
  626. $r = q("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `user`.* FROM `profile`
  627. LEFT JOIN `user` ON `profile`.`uid` = `user`.`uid`
  628. WHERE `user`.`nickname` = '%s' AND `profile`.`id` = %d LIMIT 1",
  629. dbesc($nickname),
  630. intval($profile_int)
  631. );
  632. }
  633. if(! count($r)) {
  634. $r = q("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `user`.* FROM `profile`
  635. LEFT JOIN `user` ON `profile`.`uid` = `user`.`uid`
  636. WHERE `user`.`nickname` = '%s' AND `profile`.`is-default` = 1 LIMIT 1",
  637. dbesc($nickname)
  638. );
  639. }
  640. if(($r === false) || (! count($r))) {
  641. notice( t('No profile') . EOL );
  642. $a->error = 404;
  643. return;
  644. }
  645. $a->profile = $r[0];
  646. $a->page['title'] = $a->profile['name'] . " @ " . $a->config['sitename'];
  647. $_SESSION['theme'] = $a->profile['theme'];
  648. if(! (x($a->page,'aside')))
  649. $a->page['aside'] = '';
  650. $block = (((get_config('system','block_public')) && (! local_user()) && (! remote_user())) ? true : false);
  651. $a->page['aside'] .= profile_sidebar($a->profile, $block);
  652. /*if(! $block)
  653. $a->page['aside'] .= contact_block();*/
  654. return;
  655. }}
  656. /**
  657. *
  658. * Function: profile_sidebar
  659. *
  660. * Formats a profile for display in the sidebar.
  661. * It is very difficult to templatise the HTML completely
  662. * because of all the conditional logic.
  663. *
  664. * @parameter: array $profile
  665. *
  666. * Returns HTML string stuitable for sidebar inclusion
  667. * Exceptions: Returns empty string if passed $profile is wrong type or not populated
  668. *
  669. */
  670. if(! function_exists('profile_sidebar')) {
  671. function profile_sidebar($profile, $block = 0) {
  672. $a = get_app();
  673. $o = '';
  674. $location = false;
  675. $address = false;
  676. $pdesc = true;
  677. if((! is_array($profile)) && (! count($profile)))
  678. return $o;
  679. call_hooks('profile_sidebar_enter', $profile);
  680. // don't show connect link to yourself
  681. $connect = (($profile['uid'] != local_user()) ? t('Connect') : False);
  682. // don't show connect link to authenticated visitors either
  683. if((remote_user()) && ($_SESSION['visitor_visiting'] == $profile['uid']))
  684. $connect = False;
  685. // show edit profile to yourself
  686. if ($profile['uid'] == local_user()) {
  687. $profile['edit'] = array($a->get_baseurl(). '/profiles', t('Profiles'),"", t('Manage/edit profiles'));
  688. $r = q("SELECT * FROM `profile` WHERE `uid` = %d",
  689. local_user());
  690. $profile['menu'] = array(
  691. 'chg_photo' => t('Change profile photo'),
  692. 'cr_new' => t('Create New Profile'),
  693. 'entries' => array(),
  694. );
  695. if(count($r)) {
  696. foreach($r as $rr) {
  697. $profile['menu']['entries'][] = array(
  698. 'photo' => $rr['thumb'],
  699. 'id' => $rr['id'],
  700. 'alt' => t('Profile Image'),
  701. 'profile_name' => $rr['profile-name'],
  702. 'isdefault' => $rr['is-default'],
  703. 'visibile_to_everybody' => t('visible to everybody'),
  704. 'edit_visibility' => t('Edit visibility'),
  705. );
  706. }
  707. }
  708. }
  709. if((x($profile,'address') == 1)
  710. || (x($profile,'locality') == 1)
  711. || (x($profile,'region') == 1)
  712. || (x($profile,'postal-code') == 1)
  713. || (x($profile,'country-name') == 1))
  714. $location = t('Location:');
  715. $gender = ((x($profile,'gender') == 1) ? t('Gender:') : False);
  716. $marital = ((x($profile,'marital') == 1) ? t('Status:') : False);
  717. $homepage = ((x($profile,'homepage') == 1) ? t('Homepage:') : False);
  718. if(($profile['hidewall'] || $block) && (! local_user()) && (! remote_user())) {
  719. $location = $pdesc = $connect = $gender = $marital = $homepage = False;
  720. }
  721. $firstname = ((strpos($profile['name'],' '))
  722. ? trim(substr($profile['name'],0,strpos($profile['name'],' '))) : $profile['name']);
  723. $lastname = (($firstname === $profile['name']) ? '' : trim(substr($profile['name'],strlen($firstname))));
  724. $diaspora = array(
  725. 'podloc' => $a->get_baseurl(),
  726. 'searchable' => (($profile['publish'] && $profile['net-publish']) ? 'true' : 'false' ),
  727. 'nickname ' => $profile['nickname'],
  728. 'fullname' => $profile['name'],
  729. 'firstname' => $firstname,
  730. 'lastname' => $lastname,
  731. 'photo300' => $a->get_baseurl() . '/photo/custom/300/' . $profile['uid'] . '.jpg',
  732. 'photo100' => $a->get_baseurl() . '/photo/custom/100/' . $profile['uid'] . '.jpg',
  733. 'photo50' => $a->get_baseurl() . '/photo/custom/50/' . $profile['uid'] . '.jpg',
  734. );
  735. if (!$block){
  736. $contact_block = contact_block();
  737. }
  738. $tpl = get_markup_template('profile_vcard.tpl');
  739. $o .= replace_macros($tpl, array(
  740. '$profile' => $profile,
  741. '$connect' => $connect,
  742. '$location' => template_escape($location),
  743. '$gender' => $gender,
  744. '$pdesc' => $pdesc,
  745. '$marital' => $marital,
  746. '$homepage' => $homepage,
  747. '$diaspora' => $diaspora,
  748. '$contact_block' => $contact_block,
  749. ));
  750. $arr = array('profile' => &$profile, 'entry' => &$o);
  751. call_hooks('profile_sidebar', $arr);
  752. return $o;
  753. }}
  754. if(! function_exists('get_birthdays')) {
  755. function get_birthdays() {
  756. $a = get_app();
  757. $o = '';
  758. if(! local_user())
  759. return $o;
  760. $bd_format = t('g A l F d') ; // 8 AM Friday January 18
  761. $bd_short = t('F d');
  762. $r = q("SELECT `event`.*, `event`.`id` AS `eid`, `contact`.* FROM `event`
  763. LEFT JOIN `contact` ON `contact`.`id` = `event`.`cid`
  764. WHERE `event`.`uid` = %d AND `type` = 'birthday' AND `start` < '%s' AND `finish` > '%s'
  765. ORDER BY `start` DESC ",
  766. intval(local_user()),
  767. dbesc(datetime_convert('UTC','UTC','now + 6 days')),
  768. dbesc(datetime_convert('UTC','UTC','now'))
  769. );
  770. if($r && count($r)) {
  771. $total = 0;
  772. foreach($r as $rr)
  773. if(strlen($rr['name']))
  774. $total ++;
  775. if($total) {
  776. $o .= '<div id="birthday-notice" class="birthday-notice fakelink" onclick=openClose(\'birthday-wrapper\'); >' . t('Birthday Reminders') . ' ' . '(' . $total . ')' . '</div>';
  777. $o .= '<div id="birthday-wrapper" style="display: none;" ><div id="birthday-title">' . t('Birthdays this week:') . '</div>';
  778. // $o .= '<div id="birthday-adjust">' . t("\x28Adjusted for local time\x29") . '</div>';
  779. $o .= '<div id="birthday-title-end"></div>';
  780. foreach($r as $rr) {
  781. if(! strlen($rr['name']))
  782. continue;
  783. $now = strtotime('now');
  784. $today = (((strtotime($rr['start'] . ' +00:00') < $now) && (strtotime($rr['finish'] . ' +00:00') > $now)) ? true : false);
  785. $sparkle = '';
  786. $url = $rr['url'];
  787. if($rr['network'] === NETWORK_DFRN) {
  788. $sparkle = " sparkle";
  789. $url = $a->get_baseurl() . '/redir/' . $rr['cid'];
  790. }
  791. $o .= '<div class="birthday-list" id="birthday-' . $rr['eid'] . '"><a class="birthday-link$sparkle" target="redir" href="'
  792. . $url . '">' . $rr['name'] . '</a> '
  793. . day_translate(datetime_convert('UTC', $a->timezone, $rr['start'], $rr['adjust'] ? $bd_format : $bd_short)) . (($today) ? ' ' . t('[today]') : '')
  794. . '</div>' ;
  795. }
  796. $o .= '</div></div>';
  797. }
  798. }
  799. return $o;
  800. }}
  801. /**
  802. *
  803. * Wrap calls to proc_close(proc_open()) and call hook
  804. * so plugins can take part in process :)
  805. *
  806. * args:
  807. * $cmd program to run
  808. * next args are passed as $cmd command line
  809. *
  810. * e.g.: proc_run("ls","-la","/tmp");
  811. *
  812. * $cmd and string args are surrounded with ""
  813. */
  814. if(! function_exists('proc_run')) {
  815. function proc_run($cmd){
  816. $a = get_app();
  817. $args = func_get_args();
  818. $arr = array('args' => $args, 'run_cmd' => true);
  819. call_hooks("proc_run", $arr);
  820. if(! $arr['run_cmd'])
  821. return;
  822. if(count($args) && $args[0] === 'php')
  823. $args[0] = ((x($a->config,'php_path')) && (strlen($a->config['php_path'])) ? $a->config['php_path'] : 'php');
  824. foreach ($args as $arg){
  825. $arg = escapeshellarg($arg);
  826. }
  827. $cmdline = implode($args," ");
  828. proc_close(proc_open($cmdline." &",array(),$foo));
  829. }}
  830. if(! function_exists('current_theme')) {
  831. function current_theme(){
  832. $app_base_themes = array('duepuntozero', 'loozah');
  833. $a = get_app();
  834. $system_theme = ((isset($a->config['system']['theme'])) ? $a->config['system']['theme'] : '');
  835. $theme_name = ((is_array($_SESSION) && x($_SESSION,'theme')) ? $_SESSION['theme'] : $system_theme);
  836. if($theme_name && file_exists('view/theme/' . $theme_name . '/style.css'))
  837. return($theme_name);
  838. foreach($app_base_themes as $t) {
  839. if(file_exists('view/theme/' . $t . '/style.css'))
  840. return($t);
  841. }
  842. $fallback = glob('view/theme/*/style.css');
  843. if(count($fallback))
  844. return (str_replace('view/theme/','', str_replace("/style.css","",$fallback[0])));
  845. }}
  846. /*
  847. * Return full URL to theme which is currently in effect.
  848. * Provide a sane default if nothing is chosen or the specified theme does not exist.
  849. */
  850. if(! function_exists('current_theme_url')) {
  851. function current_theme_url() {
  852. global $a;
  853. $t = current_theme();
  854. return($a->get_baseurl() . '/view/theme/' . $t . '/style.css');
  855. }}
  856. if(! function_exists('feed_birthday')) {
  857. function feed_birthday($uid,$tz) {
  858. /**
  859. *
  860. * Determine the next birthday, but only if the birthday is published
  861. * in the default profile. We _could_ also look for a private profile that the
  862. * recipient can see, but somebody could get mad at us if they start getting
  863. * public birthday greetings when they haven't made this info public.
  864. *
  865. * Assuming we are able to publish this info, we are then going to convert
  866. * the start time from the owner's timezone to UTC.
  867. *
  868. * This will potentially solve the problem found with some social networks
  869. * where birthdays are converted to the viewer's timezone and salutations from
  870. * elsewhere in the world show up on the wrong day. We will convert it to the
  871. * viewer's timezone also, but first we are going to convert it from the birthday
  872. * person's timezone to GMT - so the viewer may find the birthday starting at
  873. * 6:00PM the day before, but that will correspond to midnight to the birthday person.
  874. *
  875. */
  876. $birthday = '';
  877. $p = q("SELECT `dob` FROM `profile` WHERE `is-default` = 1 AND `uid` = %d LIMIT 1",
  878. intval($uid)
  879. );
  880. if($p && count($p)) {
  881. $tmp_dob = substr($p[0]['dob'],5);
  882. if(intval($tmp_dob)) {
  883. $y = datetime_convert($tz,$tz,'now','Y');
  884. $bd = $y . '-' . $tmp_dob . ' 00:00';
  885. $t_dob = strtotime($bd);
  886. $now = strtotime(datetime_convert($tz,$tz,'now'));
  887. if($t_dob < $now)
  888. $bd = $y + 1 . '-' . $tmp_dob . ' 00:00';
  889. $birthday = datetime_convert($tz,'UTC',$bd,ATOM_TIME);
  890. }
  891. }
  892. return $birthday;
  893. }}
  894. if(! function_exists('is_site_admin')) {
  895. function is_site_admin() {
  896. $a = get_app();
  897. if(local_user() && x($a->user,'email') && x($a->config,'admin_email') && ($a->user['email'] === $a->config['admin_email']))
  898. return true;
  899. return false;
  900. }}
  901. if(! function_exists('load_contact_links')) {
  902. function load_contact_links($uid) {
  903. $a = get_app();
  904. $ret = array();
  905. if(! $uid || x($a->contacts,'empty'))
  906. return;
  907. $r = q("SELECT `id`,`network`,`url`,`thumb` FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 ",
  908. intval($uid)
  909. );
  910. if(count($r)) {
  911. foreach($r as $rr){
  912. $url = normalise_link($rr['url']);
  913. $ret[$url] = $rr;
  914. }
  915. }
  916. else
  917. $ret['empty'] = true;
  918. $a->contacts = $ret;
  919. return;
  920. }}
  921. if(! function_exists('profile_tabs')){
  922. function profile_tabs($a, $is_owner=False, $nickname=Null){
  923. //echo "<pre>"; var_dump($a->user); killme();
  924. if (is_null($nickname))
  925. $nickname = $a->user['nickname'];
  926. if(x($_GET,'tab'))
  927. $tab = notags(trim($_GET['tab']));
  928. $url = $a->get_baseurl() . '/profile/' . $nickname;
  929. $tabs = array(
  930. array(
  931. 'label'=>t('Status'),
  932. 'url' => $url,
  933. 'sel' => ((!isset($tab)&&$a->argv[0]=='profile')?'active':''),
  934. ),
  935. array(
  936. 'label' => t('Profile'),
  937. 'url' => $url.'/?tab=profile',
  938. 'sel' => (($tab=='profile')?'active':''),
  939. ),
  940. array(
  941. 'label' => t('Photos'),
  942. 'url' => $a->get_baseurl() . '/photos/' . $nickname,
  943. 'sel' => ((!isset($tab)&&$a->argv[0]=='photos')?'active':''),
  944. ),
  945. );
  946. if ($is_owner){
  947. $tabs[] = array(
  948. 'label' => t('Events'),
  949. 'url' => $a->get_baseurl() . '/events',
  950. 'sel' =>((!isset($tab)&&$a->argv[0]=='events')?'active':''),
  951. );
  952. $tabs[] = array(
  953. 'label' => t('Personal Notes'),
  954. 'url' => $a->get_baseurl() . '/notes',
  955. 'sel' =>((!isset($tab)&&$a->argv[0]=='notes')?'active':''),
  956. );
  957. }
  958. $tpl = get_markup_template('common_tabs.tpl');
  959. return replace_macros($tpl,array('$tabs'=>$tabs));
  960. }}