Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

1156 lines
31 KiB

  1. <?php
  2. require_once('include/config.php');
  3. require_once('include/network.php');
  4. require_once('include/plugin.php');
  5. require_once('include/text.php');
  6. require_once("include/pgettext.php");
  7. require_once('include/nav.php');
  8. define ( 'FRIENDIKA_PLATFORM', 'Free Friendika');
  9. define ( 'FRIENDIKA_VERSION', '2.3.1119' );
  10. define ( 'DFRN_PROTOCOL_VERSION', '2.21' );
  11. define ( 'DB_UPDATE_VERSION', 1093 );
  12. define ( 'EOL', "<br />\r\n" );
  13. define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' );
  14. /**
  15. *
  16. * Image storage quality. Lower numbers save space at cost of image detail.
  17. * For ease of upgrade, please do not change here. Change jpeg quality with
  18. * set_config('system','jpeg_quality',n) in .htconfig.php
  19. * where n is netween 1 and 100, and with very poor results below about 50
  20. *
  21. */
  22. define ( 'JPEG_QUALITY', 100 );
  23. /**
  24. * SSL redirection policies
  25. */
  26. define ( 'SSL_POLICY_NONE', 0 );
  27. define ( 'SSL_POLICY_FULL', 1 );
  28. define ( 'SSL_POLICY_SELFSIGN', 2 );
  29. /**
  30. * log levels
  31. */
  32. define ( 'LOGGER_NORMAL', 0 );
  33. define ( 'LOGGER_TRACE', 1 );
  34. define ( 'LOGGER_DEBUG', 2 );
  35. define ( 'LOGGER_DATA', 3 );
  36. define ( 'LOGGER_ALL', 4 );
  37. /**
  38. * registration policies
  39. */
  40. define ( 'REGISTER_CLOSED', 0 );
  41. define ( 'REGISTER_APPROVE', 1 );
  42. define ( 'REGISTER_OPEN', 2 );
  43. /**
  44. * relationship types
  45. */
  46. define ( 'CONTACT_IS_FOLLOWER', 1);
  47. define ( 'CONTACT_IS_SHARING', 2);
  48. define ( 'CONTACT_IS_FRIEND', 3);
  49. /**
  50. * Hook array order
  51. */
  52. define ( 'HOOK_HOOK', 0);
  53. define ( 'HOOK_FILE', 1);
  54. define ( 'HOOK_FUNCTION', 2);
  55. /**
  56. *
  57. * page/profile types
  58. *
  59. * PAGE_NORMAL is a typical personal profile account
  60. * PAGE_SOAPBOX automatically approves all friend requests as CONTACT_IS_SHARING, (readonly)
  61. * PAGE_COMMUNITY automatically approves all friend requests as CONTACT_IS_SHARING, but with
  62. * write access to wall and comments (no email and not included in page owner's ACL lists)
  63. * PAGE_FREELOVE automatically approves all friend requests as full friends (CONTACT_IS_FRIEND).
  64. *
  65. */
  66. define ( 'PAGE_NORMAL', 0 );
  67. define ( 'PAGE_SOAPBOX', 1 );
  68. define ( 'PAGE_COMMUNITY', 2 );
  69. define ( 'PAGE_FREELOVE', 3 );
  70. /**
  71. * Network and protocol family types
  72. */
  73. define ( 'NETWORK_ZOT', 'zot!'); // Zot!
  74. define ( 'NETWORK_DFRN', 'dfrn'); // Friendika, Mistpark, other DFRN implementations
  75. define ( 'NETWORK_OSTATUS', 'stat'); // status.net, identi.ca, GNU-social, other OStatus implementations
  76. define ( 'NETWORK_FEED', 'feed'); // RSS/Atom feeds with no known "post/notify" protocol
  77. define ( 'NETWORK_DIASPORA', 'dspr'); // Diaspora
  78. define ( 'NETWORK_MAIL', 'mail'); // IMAP/POP
  79. define ( 'NETWORK_FACEBOOK', 'face'); // Facebook API
  80. /**
  81. * Maximum number of "people who like (or don't like) this" that we will list by name
  82. */
  83. define ( 'MAX_LIKERS', 75);
  84. /**
  85. * Communication timeout
  86. */
  87. define ( 'ZCURL_TIMEOUT' , (-1));
  88. /**
  89. * email notification options
  90. */
  91. define ( 'NOTIFY_INTRO', 0x0001 );
  92. define ( 'NOTIFY_CONFIRM', 0x0002 );
  93. define ( 'NOTIFY_WALL', 0x0004 );
  94. define ( 'NOTIFY_COMMENT', 0x0008 );
  95. define ( 'NOTIFY_MAIL', 0x0010 );
  96. /**
  97. * various namespaces we may need to parse
  98. */
  99. define ( 'NAMESPACE_ZOT', 'http://purl.org/macgirvin/zot' );
  100. define ( 'NAMESPACE_DFRN' , 'http://purl.org/macgirvin/dfrn/1.0' );
  101. define ( 'NAMESPACE_THREAD' , 'http://purl.org/syndication/thread/1.0' );
  102. define ( 'NAMESPACE_TOMB' , 'http://purl.org/atompub/tombstones/1.0' );
  103. define ( 'NAMESPACE_ACTIVITY', 'http://activitystrea.ms/spec/1.0/' );
  104. define ( 'NAMESPACE_ACTIVITY_SCHEMA', 'http://activitystrea.ms/schema/1.0/' );
  105. define ( 'NAMESPACE_MEDIA', 'http://purl.org/syndication/atommedia' );
  106. define ( 'NAMESPACE_SALMON_ME', 'http://salmon-protocol.org/ns/magic-env' );
  107. define ( 'NAMESPACE_OSTATUSSUB', 'http://ostatus.org/schema/1.0/subscribe' );
  108. define ( 'NAMESPACE_GEORSS', 'http://www.georss.org/georss' );
  109. define ( 'NAMESPACE_POCO', 'http://portablecontacts.net/spec/1.0' );
  110. define ( 'NAMESPACE_FEED', 'http://schemas.google.com/g/2010#updates-from' );
  111. define ( 'NAMESPACE_OSTATUS', 'http://ostatus.org/schema/1.0' );
  112. define ( 'NAMESPACE_STATUSNET', 'http://status.net/schema/api/1/' );
  113. define ( 'NAMESPACE_ATOM1', 'http://www.w3.org/2005/Atom' );
  114. /**
  115. * activity stream defines
  116. */
  117. define ( 'ACTIVITY_LIKE', NAMESPACE_ACTIVITY_SCHEMA . 'like' );
  118. define ( 'ACTIVITY_DISLIKE', NAMESPACE_DFRN . '/dislike' );
  119. define ( 'ACTIVITY_OBJ_HEART', NAMESPACE_DFRN . '/heart' );
  120. define ( 'ACTIVITY_FRIEND', NAMESPACE_ACTIVITY_SCHEMA . 'make-friend' );
  121. define ( 'ACTIVITY_FOLLOW', NAMESPACE_ACTIVITY_SCHEMA . 'follow' );
  122. define ( 'ACTIVITY_UNFOLLOW', NAMESPACE_ACTIVITY_SCHEMA . 'stop-following' );
  123. define ( 'ACTIVITY_POST', NAMESPACE_ACTIVITY_SCHEMA . 'post' );
  124. define ( 'ACTIVITY_UPDATE', NAMESPACE_ACTIVITY_SCHEMA . 'update' );
  125. define ( 'ACTIVITY_TAG', NAMESPACE_ACTIVITY_SCHEMA . 'tag' );
  126. define ( 'ACTIVITY_OBJ_COMMENT', NAMESPACE_ACTIVITY_SCHEMA . 'comment' );
  127. define ( 'ACTIVITY_OBJ_NOTE', NAMESPACE_ACTIVITY_SCHEMA . 'note' );
  128. define ( 'ACTIVITY_OBJ_PERSON', NAMESPACE_ACTIVITY_SCHEMA . 'person' );
  129. define ( 'ACTIVITY_OBJ_PHOTO', NAMESPACE_ACTIVITY_SCHEMA . 'photo' );
  130. define ( 'ACTIVITY_OBJ_P_PHOTO', NAMESPACE_ACTIVITY_SCHEMA . 'profile-photo' );
  131. define ( 'ACTIVITY_OBJ_ALBUM', NAMESPACE_ACTIVITY_SCHEMA . 'photo-album' );
  132. define ( 'ACTIVITY_OBJ_EVENT', NAMESPACE_ACTIVITY_SCHEMA . 'event' );
  133. define ( 'ACTIVITY_OBJ_TAGTERM', NAMESPACE_DFRN . '/tagterm' );
  134. /**
  135. * item weight for query ordering
  136. */
  137. define ( 'GRAVITY_PARENT', 0);
  138. define ( 'GRAVITY_LIKE', 3);
  139. define ( 'GRAVITY_COMMENT', 6);
  140. /**
  141. *
  142. * Reverse the effect of magic_quotes_gpc if it is enabled.
  143. * Please disable magic_quotes_gpc so we don't have to do this.
  144. * See http://php.net/manual/en/security.magicquotes.disabling.php
  145. *
  146. */
  147. function startup() {
  148. error_reporting(E_ERROR | E_WARNING | E_PARSE);
  149. set_time_limit(0);
  150. // This has to be quite large to deal with embedded private photos
  151. ini_set('pcre.backtrack_limit', 350000);
  152. if (get_magic_quotes_gpc()) {
  153. $process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST);
  154. while (list($key, $val) = each($process)) {
  155. foreach ($val as $k => $v) {
  156. unset($process[$key][$k]);
  157. if (is_array($v)) {
  158. $process[$key][stripslashes($k)] = $v;
  159. $process[] = &$process[$key][stripslashes($k)];
  160. } else {
  161. $process[$key][stripslashes($k)] = stripslashes($v);
  162. }
  163. }
  164. }
  165. unset($process);
  166. }
  167. }
  168. /**
  169. *
  170. * class: App
  171. *
  172. * Our main application structure for the life of this page
  173. * Primarily deals with the URL that got us here
  174. * and tries to make some sense of it, and
  175. * stores our page contents and config storage
  176. * and anything else that might need to be passed around
  177. * before we spit the page out.
  178. *
  179. */
  180. if(! class_exists('App')) {
  181. class App {
  182. public $module_loaded = false;
  183. public $query_string;
  184. public $config;
  185. public $page;
  186. public $profile;
  187. public $user;
  188. public $cid;
  189. public $contact;
  190. public $contacts;
  191. public $page_contact;
  192. public $content;
  193. public $data;
  194. public $error = false;
  195. public $cmd;
  196. public $argv;
  197. public $argc;
  198. public $module;
  199. public $pager;
  200. public $strings;
  201. public $path;
  202. public $hooks;
  203. public $timezone;
  204. public $interactive = true;
  205. public $plugins;
  206. public $apps = Array();
  207. public $identities;
  208. private $scheme;
  209. private $hostname;
  210. private $baseurl;
  211. private $db;
  212. private $curl_code;
  213. private $curl_headers;
  214. function __construct() {
  215. $this->config = array();
  216. $this->page = array();
  217. $this->pager= array();
  218. $this->query_string = '';
  219. startup();
  220. $this->scheme = ((isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'])) ? 'https' : 'http' );
  221. if(x($_SERVER,'SERVER_NAME')) {
  222. $this->hostname = $_SERVER['SERVER_NAME'];
  223. if(x($_SERVER,'SERVER_PORT') && $_SERVER['SERVER_PORT'] != 80 && $_SERVER['SERVER_PORT'] != 443)
  224. $this->hostname .= ':' . $_SERVER['SERVER_PORT'];
  225. /**
  226. * Figure out if we are running at the top of a domain
  227. * or in a sub-directory and adjust accordingly
  228. */
  229. $path = trim(dirname($_SERVER['SCRIPT_NAME']),'/\\');
  230. if(isset($path) && strlen($path) && ($path != $this->path))
  231. $this->path = $path;
  232. }
  233. set_include_path(
  234. "include/$this->hostname" . PATH_SEPARATOR
  235. . 'include' . PATH_SEPARATOR
  236. . 'library' . PATH_SEPARATOR
  237. . 'library/phpsec' . PATH_SEPARATOR
  238. . '.' );
  239. if((x($_SERVER,'QUERY_STRING')) && substr($_SERVER['QUERY_STRING'],0,2) === "q=")
  240. $this->query_string = substr($_SERVER['QUERY_STRING'],2);
  241. if(x($_GET,'q'))
  242. $this->cmd = trim($_GET['q'],'/\\');
  243. /**
  244. *
  245. * Break the URL path into C style argc/argv style arguments for our
  246. * modules. Given "http://example.com/module/arg1/arg2", $this->argc
  247. * will be 3 (integer) and $this->argv will contain:
  248. * [0] => 'module'
  249. * [1] => 'arg1'
  250. * [2] => 'arg2'
  251. *
  252. *
  253. * There will always be one argument. If provided a naked domain
  254. * URL, $this->argv[0] is set to "home".
  255. *
  256. */
  257. $this->argv = explode('/',$this->cmd);
  258. $this->argc = count($this->argv);
  259. if((array_key_exists('0',$this->argv)) && strlen($this->argv[0])) {
  260. $this->module = str_replace(".", "_", $this->argv[0]);
  261. }
  262. else {
  263. $this->argc = 1;
  264. $this->argv = array('home');
  265. $this->module = 'home';
  266. }
  267. /**
  268. * Special handling for the webfinger/lrdd host XRD file
  269. */
  270. if($this->cmd === '.well-known/host-meta') {
  271. $this->argc = 1;
  272. $this->argv = array('hostxrd');
  273. $this->module = 'hostxrd';
  274. }
  275. /**
  276. * See if there is any page number information, and initialise
  277. * pagination
  278. */
  279. $this->pager['page'] = ((x($_GET,'page')) ? $_GET['page'] : 1);
  280. $this->pager['itemspage'] = 50;
  281. $this->pager['start'] = ($this->pager['page'] * $this->pager['itemspage']) - $this->pager['itemspage'];
  282. $this->pager['total'] = 0;
  283. }
  284. function get_baseurl($ssl = false) {
  285. $scheme = $this->scheme;
  286. if(x($this->config,'ssl_policy')) {
  287. if(($ssl) || ($this->config['ssl_policy'] == SSL_POLICY_FULL))
  288. $scheme = 'https';
  289. if(($this->config['ssl_policy'] == SSL_POLICY_SELFSIGN) && (local_user() || x($_POST,'auth-params')))
  290. $scheme = 'https';
  291. }
  292. $this->baseurl = $scheme . "://" . $this->hostname . ((isset($this->path) && strlen($this->path)) ? '/' . $this->path : '' );
  293. return $this->baseurl;
  294. }
  295. function set_baseurl($url) {
  296. $parsed = @parse_url($url);
  297. $this->baseurl = $url;
  298. if($parsed) {
  299. $this->scheme = $parsed['scheme'];
  300. $this->hostname = $parsed['host'];
  301. if(x($parsed,'port'))
  302. $this->hostname .= ':' . $parsed['port'];
  303. if(x($parsed,'path'))
  304. $this->path = trim($parsed['path'],'\\/');
  305. }
  306. }
  307. function get_hostname() {
  308. return $this->hostname;
  309. }
  310. function set_hostname($h) {
  311. $this->hostname = $h;
  312. }
  313. function set_path($p) {
  314. $this->path = trim(trim($p),'/');
  315. }
  316. function get_path() {
  317. return $this->path;
  318. }
  319. function set_pager_total($n) {
  320. $this->pager['total'] = intval($n);
  321. }
  322. function set_pager_itemspage($n) {
  323. $this->pager['itemspage'] = intval($n);
  324. $this->pager['start'] = ($this->pager['page'] * $this->pager['itemspage']) - $this->pager['itemspage'];
  325. }
  326. function init_pagehead() {
  327. $this->page['title'] = $this->config['sitename'];
  328. $tpl = file_get_contents('view/head.tpl');
  329. $this->page['htmlhead'] = replace_macros($tpl,array(
  330. '$baseurl' => $this->get_baseurl(), // FIXME for z_path!!!!
  331. '$generator' => 'Friendika' . ' ' . FRIENDIKA_VERSION,
  332. '$delitem' => t('Delete this item?'),
  333. '$comment' => t('Comment')
  334. ));
  335. }
  336. function set_curl_code($code) {
  337. $this->curl_code = $code;
  338. }
  339. function get_curl_code() {
  340. return $this->curl_code;
  341. }
  342. function set_curl_headers($headers) {
  343. $this->curl_headers = $headers;
  344. }
  345. function get_curl_headers() {
  346. return $this->curl_headers;
  347. }
  348. }}
  349. // retrieve the App structure
  350. // useful in functions which require it but don't get it passed to them
  351. if(! function_exists('get_app')) {
  352. function get_app() {
  353. global $a;
  354. return $a;
  355. }};
  356. // Multi-purpose function to check variable state.
  357. // Usage: x($var) or $x($array,'key')
  358. // returns false if variable/key is not set
  359. // if variable is set, returns 1 if has 'non-zero' value, otherwise returns 0.
  360. // e.g. x('') or x(0) returns 0;
  361. if(! function_exists('x')) {
  362. function x($s,$k = NULL) {
  363. if($k != NULL) {
  364. if((is_array($s)) && (array_key_exists($k,$s))) {
  365. if($s[$k])
  366. return (int) 1;
  367. return (int) 0;
  368. }
  369. return false;
  370. }
  371. else {
  372. if(isset($s)) {
  373. if($s) {
  374. return (int) 1;
  375. }
  376. return (int) 0;
  377. }
  378. return false;
  379. }
  380. }}
  381. // called from db initialisation if db is dead.
  382. if(! function_exists('system_unavailable')) {
  383. function system_unavailable() {
  384. include('system_unavailable.php');
  385. system_down();
  386. killme();
  387. }}
  388. function clean_urls() {
  389. global $a;
  390. // if($a->config['system']['clean_urls'])
  391. return true;
  392. // return false;
  393. }
  394. function z_path() {
  395. global $a;
  396. $base = $a->get_baseurl();
  397. if(! clean_urls())
  398. $base .= '/?q=';
  399. return $base;
  400. }
  401. function z_root() {
  402. global $a;
  403. return $a->get_baseurl();
  404. }
  405. function absurl($path) {
  406. if(strpos($path,'/') === 0)
  407. return z_path() . $path;
  408. return $path;
  409. }
  410. // Primarily involved with database upgrade, but also sets the
  411. // base url for use in cmdline programs which don't have
  412. // $_SERVER variables, and synchronising the state of installed plugins.
  413. if(! function_exists('check_config')) {
  414. function check_config(&$a) {
  415. $build = get_config('system','build');
  416. if(! x($build))
  417. $build = set_config('system','build',DB_UPDATE_VERSION);
  418. $url = get_config('system','url');
  419. // if the url isn't set or the stored url is radically different
  420. // than the currently visited url, store the current value accordingly.
  421. // "Radically different" ignores common variations such as http vs https
  422. // and www.example.com vs example.com.
  423. if((! x($url)) || (! link_compare($url,$a->get_baseurl())))
  424. $url = set_config('system','url',$a->get_baseurl());
  425. if($build != DB_UPDATE_VERSION) {
  426. $stored = intval($build);
  427. $current = intval(DB_UPDATE_VERSION);
  428. if(($stored < $current) && file_exists('update.php')) {
  429. // We're reporting a different version than what is currently installed.
  430. // Run any existing update scripts to bring the database up to current.
  431. require_once('update.php');
  432. // make sure that boot.php and update.php are the same release, we might be
  433. // updating right this very second and the correct version of the update.php
  434. // file may not be here yet. This can happen on a very busy site.
  435. if(DB_UPDATE_VERSION == UPDATE_VERSION) {
  436. for($x = $stored; $x < $current; $x ++) {
  437. if(function_exists('update_' . $x)) {
  438. $func = 'update_' . $x;
  439. $func($a);
  440. }
  441. }
  442. set_config('system','build', DB_UPDATE_VERSION);
  443. }
  444. }
  445. }
  446. /**
  447. *
  448. * Synchronise plugins:
  449. *
  450. * $a->config['system']['addon'] contains a comma-separated list of names
  451. * of plugins/addons which are used on this system.
  452. * Go through the database list of already installed addons, and if we have
  453. * an entry, but it isn't in the config list, call the uninstall procedure
  454. * and mark it uninstalled in the database (for now we'll remove it).
  455. * Then go through the config list and if we have a plugin that isn't installed,
  456. * call the install procedure and add it to the database.
  457. *
  458. */
  459. $r = q("SELECT * FROM `addon` WHERE `installed` = 1");
  460. if(count($r))
  461. $installed = $r;
  462. else
  463. $installed = array();
  464. $plugins = get_config('system','addon');
  465. $plugins_arr = array();
  466. if($plugins)
  467. $plugins_arr = explode(',',str_replace(' ', '',$plugins));
  468. $a->plugins = $plugins_arr;
  469. $installed_arr = array();
  470. if(count($installed)) {
  471. foreach($installed as $i) {
  472. if(! in_array($i['name'],$plugins_arr)) {
  473. uninstall_plugin($i['name']);
  474. }
  475. else
  476. $installed_arr[] = $i['name'];
  477. }
  478. }
  479. if(count($plugins_arr)) {
  480. foreach($plugins_arr as $p) {
  481. if(! in_array($p,$installed_arr)) {
  482. install_plugin($p);
  483. }
  484. }
  485. }
  486. load_hooks();
  487. return;
  488. }}
  489. function get_guid($size=16) {
  490. $exists = true; // assume by default that we don't have a unique guid
  491. do {
  492. $s = random_string($size);
  493. $r = q("select id from guid where guid = '%s' limit 1", dbesc($s));
  494. if(! count($r))
  495. $exists = false;
  496. } while($exists);
  497. q("insert into guid ( guid ) values ( '%s' ) ", dbesc($s));
  498. return $s;
  499. }
  500. // wrapper for adding a login box. If $register == true provide a registration
  501. // link. This will most always depend on the value of $a->config['register_policy'].
  502. // returns the complete html for inserting into the page
  503. if(! function_exists('login')) {
  504. function login($register = false) {
  505. $o = "";
  506. $register_tpl = (($register) ? get_markup_template("register-link.tpl") : "");
  507. $register_html = replace_macros($register_tpl,array(
  508. '$title' => t('Create a New Account'),
  509. '$desc' => t('Register')
  510. ));
  511. $noid = get_config('system','no_openid');
  512. if($noid) {
  513. $classname = 'no-openid';
  514. $namelabel = t('Nickname or Email address: ');
  515. $passlabel = t('Password: ');
  516. $login = t('Login');
  517. }
  518. else {
  519. $classname = 'openid';
  520. $namelabel = t('Nickname/Email/OpenID: ');
  521. $passlabel = t("Password \x28if not OpenID\x29: ");
  522. $login = t('Login');
  523. }
  524. $lostpass = t('Forgot your password?');
  525. $lostlink = t('Password Reset');
  526. if(local_user()) {
  527. $tpl = get_markup_template("logout.tpl");
  528. }
  529. else {
  530. $tpl = get_markup_template("login.tpl");
  531. }
  532. $o = '<script type="text/javascript"> $(document).ready(function() { $("#login-name").focus();} );</script>';
  533. $o .= replace_macros($tpl,array(
  534. '$logout' => t('Logout'),
  535. '$register_html' => $register_html,
  536. '$classname' => $classname,
  537. '$namelabel' => $namelabel,
  538. '$passlabel' => $passlabel,
  539. '$login' => $login,
  540. '$lostpass' => $lostpass,
  541. '$lostlink' => $lostlink
  542. ));
  543. call_hooks('login_hook',$o);
  544. return $o;
  545. }}
  546. // Used to end the current process, after saving session state.
  547. if(! function_exists('killme')) {
  548. function killme() {
  549. session_write_close();
  550. exit;
  551. }}
  552. // redirect to another URL and terminate this process.
  553. if(! function_exists('goaway')) {
  554. function goaway($s) {
  555. header("Location: $s");
  556. killme();
  557. }}
  558. // Returns the uid of locally logged in user or false.
  559. if(! function_exists('local_user')) {
  560. function local_user() {
  561. if((x($_SESSION,'authenticated')) && (x($_SESSION,'uid')))
  562. return intval($_SESSION['uid']);
  563. return false;
  564. }}
  565. // Returns contact id of authenticated site visitor or false
  566. if(! function_exists('remote_user')) {
  567. function remote_user() {
  568. if((x($_SESSION,'authenticated')) && (x($_SESSION,'visitor_id')))
  569. return intval($_SESSION['visitor_id']);
  570. return false;
  571. }}
  572. // contents of $s are displayed prominently on the page the next time
  573. // a page is loaded. Usually used for errors or alerts.
  574. if(! function_exists('notice')) {
  575. function notice($s) {
  576. $a = get_app();
  577. if(! x($_SESSION,'sysmsg')) $_SESSION['sysmsg'] = array();
  578. if($a->interactive)
  579. $_SESSION['sysmsg'][] = $s;
  580. }}
  581. if(! function_exists('info')) {
  582. function info($s) {
  583. $a = get_app();
  584. if(! x($_SESSION,'sysmsg_info')) $_SESSION['sysmsg_info'] = array();
  585. if($a->interactive)
  586. $_SESSION['sysmsg_info'][] = $s;
  587. }}
  588. // wrapper around config to limit the text length of an incoming message
  589. if(! function_exists('get_max_import_size')) {
  590. function get_max_import_size() {
  591. global $a;
  592. return ((x($a->config,'max_import_size')) ? $a->config['max_import_size'] : 0 );
  593. }}
  594. /**
  595. *
  596. * Function : profile_load
  597. * @parameter App $a
  598. * @parameter string $nickname
  599. * @parameter int $profile
  600. *
  601. * Summary: Loads a profile into the page sidebar.
  602. * The function requires a writeable copy of the main App structure, and the nickname
  603. * of a registered local account.
  604. *
  605. * If the viewer is an authenticated remote viewer, the profile displayed is the
  606. * one that has been configured for his/her viewing in the Contact manager.
  607. * Passing a non-zero profile ID can also allow a preview of a selected profile
  608. * by the owner.
  609. *
  610. * Profile information is placed in the App structure for later retrieval.
  611. * Honours the owner's chosen theme for display.
  612. *
  613. */
  614. if(! function_exists('profile_load')) {
  615. function profile_load(&$a, $nickname, $profile = 0) {
  616. if(remote_user()) {
  617. $r = q("SELECT `profile-id` FROM `contact` WHERE `id` = %d LIMIT 1",
  618. intval($_SESSION['visitor_id']));
  619. if(count($r))
  620. $profile = $r[0]['profile-id'];
  621. }
  622. $r = null;
  623. if($profile) {
  624. $profile_int = intval($profile);
  625. $r = q("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `user`.* FROM `profile`
  626. LEFT JOIN `user` ON `profile`.`uid` = `user`.`uid`
  627. WHERE `user`.`nickname` = '%s' AND `profile`.`id` = %d LIMIT 1",
  628. dbesc($nickname),
  629. intval($profile_int)
  630. );
  631. }
  632. if(! count($r)) {
  633. $r = q("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `user`.* FROM `profile`
  634. LEFT JOIN `user` ON `profile`.`uid` = `user`.`uid`
  635. WHERE `user`.`nickname` = '%s' AND `profile`.`is-default` = 1 LIMIT 1",
  636. dbesc($nickname)
  637. );
  638. }
  639. if(($r === false) || (! count($r))) {
  640. notice( t('No profile') . EOL );
  641. $a->error = 404;
  642. return;
  643. }
  644. $a->profile = $r[0];
  645. $a->page['title'] = $a->profile['name'] . " @ " . $a->config['sitename'];
  646. $_SESSION['theme'] = $a->profile['theme'];
  647. if(! (x($a->page,'aside')))
  648. $a->page['aside'] = '';
  649. $block = (((get_config('system','block_public')) && (! local_user()) && (! remote_user())) ? true : false);
  650. $a->page['aside'] .= profile_sidebar($a->profile, $block);
  651. /*if(! $block)
  652. $a->page['aside'] .= contact_block();*/
  653. return;
  654. }}
  655. /**
  656. *
  657. * Function: profile_sidebar
  658. *
  659. * Formats a profile for display in the sidebar.
  660. * It is very difficult to templatise the HTML completely
  661. * because of all the conditional logic.
  662. *
  663. * @parameter: array $profile
  664. *
  665. * Returns HTML string stuitable for sidebar inclusion
  666. * Exceptions: Returns empty string if passed $profile is wrong type or not populated
  667. *
  668. */
  669. if(! function_exists('profile_sidebar')) {
  670. function profile_sidebar($profile, $block = 0) {
  671. $a = get_app();
  672. $o = '';
  673. $location = false;
  674. $address = false;
  675. $pdesc = true;
  676. if((! is_array($profile)) && (! count($profile)))
  677. return $o;
  678. call_hooks('profile_sidebar_enter', $profile);
  679. // don't show connect link to yourself
  680. $connect = (($profile['uid'] != local_user()) ? t('Connect') : False);
  681. // don't show connect link to authenticated visitors either
  682. if((remote_user()) && ($_SESSION['visitor_visiting'] == $profile['uid']))
  683. $connect = False;
  684. // show edit profile to yourself
  685. if ($profile['uid'] == local_user()) {
  686. $profile['edit'] = array($a->get_baseurl(). '/profiles', t('Profiles'),"", t('Manage/edit profiles'));
  687. $r = q("SELECT * FROM `profile` WHERE `uid` = %d",
  688. local_user());
  689. $profile['menu'] = array(
  690. 'chg_photo' => t('Change profile photo'),
  691. 'cr_new' => t('Create New Profile'),
  692. 'entries' => array(),
  693. );
  694. if(count($r)) {
  695. foreach($r as $rr) {
  696. $profile['menu']['entries'][] = array(
  697. 'photo' => $rr['thumb'],
  698. 'id' => $rr['id'],
  699. 'alt' => t('Profile Image'),
  700. 'profile_name' => $rr['profile-name'],
  701. 'isdefault' => $rr['is-default'],
  702. 'visibile_to_everybody' => t('visible to everybody'),
  703. 'edit_visibility' => t('Edit visibility'),
  704. );
  705. }
  706. }
  707. }
  708. if((x($profile,'address') == 1)
  709. || (x($profile,'locality') == 1)
  710. || (x($profile,'region') == 1)
  711. || (x($profile,'postal-code') == 1)
  712. || (x($profile,'country-name') == 1))
  713. $location = t('Location:');
  714. $gender = ((x($profile,'gender') == 1) ? t('Gender:') : False);
  715. $marital = ((x($profile,'marital') == 1) ? t('Status:') : False);
  716. $homepage = ((x($profile,'homepage') == 1) ? t('Homepage:') : False);
  717. if(($profile['hidewall'] || $block) && (! local_user()) && (! remote_user())) {
  718. $location = $pdesc = $connect = $gender = $marital = $homepage = False;
  719. }
  720. $diaspora = array(
  721. 'podloc' => $a->get_baseurl(),
  722. 'searchable' => (($profile['publish'] && $profile['net-publish']) ? 'true' : 'false' ),
  723. 'nickname ' => $profile['nickname'],
  724. 'fullname' => $profile['name'],
  725. 'photo300' => $a->get_baseurl() . '/photo/custom/300/' . $profile['uid'] . '.jpg',
  726. 'photo100' => $a->get_baseurl() . '/photo/custom/100/' . $profile['uid'] . '.jpg',
  727. 'photo50' => $a->get_baseurl() . '/photo/custom/50/' . $profile['uid'] . '.jpg',
  728. );
  729. if (!$block){
  730. $contact_block = contact_block();
  731. }
  732. $tpl = get_markup_template('profile_vcard.tpl');
  733. $o .= replace_macros($tpl, array(
  734. '$profile' => $profile,
  735. '$connect' => $connect,
  736. '$location' => template_escape($location),
  737. '$gender' => $gender,
  738. '$pdesc' => $pdesc,
  739. '$marital' => $marital,
  740. '$homepage' => $homepage,
  741. '$diaspora' => $diaspora,
  742. '$contact_block' => $contact_block,
  743. ));
  744. $arr = array('profile' => &$profile, 'entry' => &$o);
  745. call_hooks('profile_sidebar', $arr);
  746. return $o;
  747. }}
  748. if(! function_exists('get_birthdays')) {
  749. function get_birthdays() {
  750. $a = get_app();
  751. $o = '';
  752. if(! local_user())
  753. return $o;
  754. $bd_format = t('g A l F d') ; // 8 AM Friday January 18
  755. $r = q("SELECT `event`.*, `event`.`id` AS `eid`, `contact`.* FROM `event`
  756. LEFT JOIN `contact` ON `contact`.`id` = `event`.`cid`
  757. WHERE `event`.`uid` = %d AND `type` = 'birthday' AND `start` < '%s' AND `finish` > '%s'
  758. ORDER BY `start` DESC ",
  759. intval(local_user()),
  760. dbesc(datetime_convert('UTC','UTC','now + 6 days')),
  761. dbesc(datetime_convert('UTC','UTC','now'))
  762. );
  763. if($r && count($r)) {
  764. $total = 0;
  765. foreach($r as $rr)
  766. if(strlen($rr['name']))
  767. $total ++;
  768. if($total) {
  769. $o .= '<div id="birthday-notice" class="birthday-notice fakelink" onclick=openClose(\'birthday-wrapper\'); >' . t('Birthday Reminders') . ' ' . '(' . $total . ')' . '</div>';
  770. $o .= '<div id="birthday-wrapper" style="display: none;" ><div id="birthday-title">' . t('Birthdays this week:') . '</div>';
  771. $o .= '<div id="birthday-adjust">' . t("\x28Adjusted for local time\x29") . '</div>';
  772. $o .= '<div id="birthday-title-end"></div>';
  773. foreach($r as $rr) {
  774. if(! strlen($rr['name']))
  775. continue;
  776. $now = strtotime('now');
  777. $today = (((strtotime($rr['start'] . ' +00:00') < $now) && (strtotime($rr['finish'] . ' +00:00') > $now)) ? true : false);
  778. $o .= '<div class="birthday-list" id="birthday-' . $rr['eid'] . '"><a class="sparkle" target="redir" href="'
  779. . $a->get_baseurl() . '/redir/' . $rr['cid'] . '">' . $rr['name'] . '</a> '
  780. . day_translate(datetime_convert('UTC', $a->timezone, $rr['start'], $bd_format)) . (($today) ? ' ' . t('[today]') : '')
  781. . '</div>' ;
  782. }
  783. $o .= '</div></div>';
  784. }
  785. }
  786. return $o;
  787. }}
  788. /**
  789. *
  790. * Wrap calls to proc_close(proc_open()) and call hook
  791. * so plugins can take part in process :)
  792. *
  793. * args:
  794. * $cmd program to run
  795. * next args are passed as $cmd command line
  796. *
  797. * e.g.: proc_run("ls","-la","/tmp");
  798. *
  799. * $cmd and string args are surrounded with ""
  800. */
  801. if(! function_exists('proc_run')) {
  802. function proc_run($cmd){
  803. $a = get_app();
  804. $args = func_get_args();
  805. $arr = array('args' => $args, 'run_cmd' => true);
  806. call_hooks("proc_run", $arr);
  807. if(! $arr['run_cmd'])
  808. return;
  809. if(count($args) && $args[0] === 'php')
  810. $args[0] = ((x($a->config,'php_path')) && (strlen($a->config['php_path'])) ? $a->config['php_path'] : 'php');
  811. foreach ($args as $arg){
  812. $arg = escapeshellarg($arg);
  813. }
  814. $cmdline = implode($args," ");
  815. proc_close(proc_open($cmdline." &",array(),$foo));
  816. }}
  817. if(! function_exists('current_theme')) {
  818. function current_theme(){
  819. $app_base_themes = array('duepuntozero', 'loozah');
  820. $a = get_app();
  821. $system_theme = ((isset($a->config['system']['theme'])) ? $a->config['system']['theme'] : '');
  822. $theme_name = ((is_array($_SESSION) && x($_SESSION,'theme')) ? $_SESSION['theme'] : $system_theme);
  823. if($theme_name && file_exists('view/theme/' . $theme_name . '/style.css'))
  824. return($theme_name);
  825. foreach($app_base_themes as $t) {
  826. if(file_exists('view/theme/' . $t . '/style.css'))
  827. return($t);
  828. }
  829. $fallback = glob('view/theme/*/style.css');
  830. if(count($fallback))
  831. return (str_replace('view/theme/','', str_replace("/style.css","",$fallback[0])));
  832. }}
  833. /*
  834. * Return full URL to theme which is currently in effect.
  835. * Provide a sane default if nothing is chosen or the specified theme does not exist.
  836. */
  837. if(! function_exists('current_theme_url')) {
  838. function current_theme_url() {
  839. global $a;
  840. $t = current_theme();
  841. return($a->get_baseurl() . '/view/theme/' . $t . '/style.css');
  842. }}
  843. if(! function_exists('feed_birthday')) {
  844. function feed_birthday($uid,$tz) {
  845. /**
  846. *
  847. * Determine the next birthday, but only if the birthday is published
  848. * in the default profile. We _could_ also look for a private profile that the
  849. * recipient can see, but somebody could get mad at us if they start getting
  850. * public birthday greetings when they haven't made this info public.
  851. *
  852. * Assuming we are able to publish this info, we are then going to convert
  853. * the start time from the owner's timezone to UTC.
  854. *
  855. * This will potentially solve the problem found with some social networks
  856. * where birthdays are converted to the viewer's timezone and salutations from
  857. * elsewhere in the world show up on the wrong day. We will convert it to the
  858. * viewer's timezone also, but first we are going to convert it from the birthday
  859. * person's timezone to GMT - so the viewer may find the birthday starting at
  860. * 6:00PM the day before, but that will correspond to midnight to the birthday person.
  861. *
  862. */
  863. $birthday = '';
  864. $p = q("SELECT `dob` FROM `profile` WHERE `is-default` = 1 AND `uid` = %d LIMIT 1",
  865. intval($uid)
  866. );
  867. if($p && count($p)) {
  868. $tmp_dob = substr($p[0]['dob'],5);
  869. if(intval($tmp_dob)) {
  870. $y = datetime_convert($tz,$tz,'now','Y');
  871. $bd = $y . '-' . $tmp_dob . ' 00:00';
  872. $t_dob = strtotime($bd);
  873. $now = strtotime(datetime_convert($tz,$tz,'now'));
  874. if($t_dob < $now)
  875. $bd = $y + 1 . '-' . $tmp_dob . ' 00:00';
  876. $birthday = datetime_convert($tz,'UTC',$bd,ATOM_TIME);
  877. }
  878. }
  879. return $birthday;
  880. }}
  881. if(! function_exists('is_site_admin')) {
  882. function is_site_admin() {
  883. $a = get_app();
  884. if(local_user() && x($a->user,'email') && x($a->config,'admin_email') && ($a->user['email'] === $a->config['admin_email']))
  885. return true;
  886. return false;
  887. }}
  888. if(! function_exists('load_contact_links')) {
  889. function load_contact_links($uid) {
  890. $a = get_app();
  891. $ret = array();
  892. if(! $uid || x($a->contacts,'empty'))
  893. return;
  894. $r = q("SELECT `id`,`network`,`url`,`thumb` FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 ",
  895. intval($uid)
  896. );
  897. if(count($r)) {
  898. foreach($r as $rr){
  899. $url = normalise_link($rr['url']);
  900. $ret[$url] = $rr;
  901. }
  902. }
  903. else
  904. $ret['empty'] = true;
  905. $a->contacts = $ret;
  906. return;
  907. }}