Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

1332 lines
36 KiB

  1. <?php
  2. require_once('include/config.php');
  3. require_once('include/network.php');
  4. require_once('include/plugin.php');
  5. require_once('include/text.php');
  6. require_once("include/pgettext.php");
  7. require_once('include/nav.php');
  8. require_once('include/cache.php');
  9. define ( 'FRIENDICA_PLATFORM', 'Friendica');
  10. define ( 'FRIENDICA_VERSION', '2.3.1195' );
  11. define ( 'DFRN_PROTOCOL_VERSION', '2.22' );
  12. define ( 'DB_UPDATE_VERSION', 1111 );
  13. define ( 'EOL', "<br />\r\n" );
  14. define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' );
  15. /**
  16. *
  17. * Image storage quality. Lower numbers save space at cost of image detail.
  18. * For ease of upgrade, please do not change here. Change jpeg quality with
  19. * $a->config['system']['jpeg_quality'] = n;
  20. * in .htconfig.php, where n is netween 1 and 100, and with very poor results
  21. * below about 50
  22. *
  23. */
  24. define ( 'JPEG_QUALITY', 100 );
  25. /**
  26. * SSL redirection policies
  27. */
  28. define ( 'SSL_POLICY_NONE', 0 );
  29. define ( 'SSL_POLICY_FULL', 1 );
  30. define ( 'SSL_POLICY_SELFSIGN', 2 );
  31. /**
  32. * log levels
  33. */
  34. define ( 'LOGGER_NORMAL', 0 );
  35. define ( 'LOGGER_TRACE', 1 );
  36. define ( 'LOGGER_DEBUG', 2 );
  37. define ( 'LOGGER_DATA', 3 );
  38. define ( 'LOGGER_ALL', 4 );
  39. /**
  40. * registration policies
  41. */
  42. define ( 'REGISTER_CLOSED', 0 );
  43. define ( 'REGISTER_APPROVE', 1 );
  44. define ( 'REGISTER_OPEN', 2 );
  45. /**
  46. * relationship types
  47. */
  48. define ( 'CONTACT_IS_FOLLOWER', 1);
  49. define ( 'CONTACT_IS_SHARING', 2);
  50. define ( 'CONTACT_IS_FRIEND', 3);
  51. /**
  52. * Hook array order
  53. */
  54. define ( 'HOOK_HOOK', 0);
  55. define ( 'HOOK_FILE', 1);
  56. define ( 'HOOK_FUNCTION', 2);
  57. /**
  58. *
  59. * page/profile types
  60. *
  61. * PAGE_NORMAL is a typical personal profile account
  62. * PAGE_SOAPBOX automatically approves all friend requests as CONTACT_IS_SHARING, (readonly)
  63. * PAGE_COMMUNITY automatically approves all friend requests as CONTACT_IS_SHARING, but with
  64. * write access to wall and comments (no email and not included in page owner's ACL lists)
  65. * PAGE_FREELOVE automatically approves all friend requests as full friends (CONTACT_IS_FRIEND).
  66. *
  67. */
  68. define ( 'PAGE_NORMAL', 0 );
  69. define ( 'PAGE_SOAPBOX', 1 );
  70. define ( 'PAGE_COMMUNITY', 2 );
  71. define ( 'PAGE_FREELOVE', 3 );
  72. /**
  73. * Network and protocol family types
  74. */
  75. define ( 'NETWORK_ZOT', 'zot!'); // Zot!
  76. define ( 'NETWORK_DFRN', 'dfrn'); // Friendica, Mistpark, other DFRN implementations
  77. define ( 'NETWORK_OSTATUS', 'stat'); // status.net, identi.ca, GNU-social, other OStatus implementations
  78. define ( 'NETWORK_FEED', 'feed'); // RSS/Atom feeds with no known "post/notify" protocol
  79. define ( 'NETWORK_DIASPORA', 'dspr'); // Diaspora
  80. define ( 'NETWORK_MAIL', 'mail'); // IMAP/POP
  81. define ( 'NETWORK_FACEBOOK', 'face'); // Facebook API
  82. define ( 'NETWORK_LINKEDIN', 'lnkd'); // LinkedIn
  83. define ( 'NETWORK_XMPP', 'xmpp'); // XMPP
  84. /**
  85. * Maximum number of "people who like (or don't like) this" that we will list by name
  86. */
  87. define ( 'MAX_LIKERS', 75);
  88. /**
  89. * Communication timeout
  90. */
  91. define ( 'ZCURL_TIMEOUT' , (-1));
  92. /**
  93. * email notification options
  94. */
  95. define ( 'NOTIFY_INTRO', 0x0001 );
  96. define ( 'NOTIFY_CONFIRM', 0x0002 );
  97. define ( 'NOTIFY_WALL', 0x0004 );
  98. define ( 'NOTIFY_COMMENT', 0x0008 );
  99. define ( 'NOTIFY_MAIL', 0x0010 );
  100. /**
  101. * various namespaces we may need to parse
  102. */
  103. define ( 'NAMESPACE_ZOT', 'http://purl.org/macgirvin/zot' );
  104. define ( 'NAMESPACE_DFRN' , 'http://purl.org/macgirvin/dfrn/1.0' );
  105. define ( 'NAMESPACE_THREAD' , 'http://purl.org/syndication/thread/1.0' );
  106. define ( 'NAMESPACE_TOMB' , 'http://purl.org/atompub/tombstones/1.0' );
  107. define ( 'NAMESPACE_ACTIVITY', 'http://activitystrea.ms/spec/1.0/' );
  108. define ( 'NAMESPACE_ACTIVITY_SCHEMA', 'http://activitystrea.ms/schema/1.0/' );
  109. define ( 'NAMESPACE_MEDIA', 'http://purl.org/syndication/atommedia' );
  110. define ( 'NAMESPACE_SALMON_ME', 'http://salmon-protocol.org/ns/magic-env' );
  111. define ( 'NAMESPACE_OSTATUSSUB', 'http://ostatus.org/schema/1.0/subscribe' );
  112. define ( 'NAMESPACE_GEORSS', 'http://www.georss.org/georss' );
  113. define ( 'NAMESPACE_POCO', 'http://portablecontacts.net/spec/1.0' );
  114. define ( 'NAMESPACE_FEED', 'http://schemas.google.com/g/2010#updates-from' );
  115. define ( 'NAMESPACE_OSTATUS', 'http://ostatus.org/schema/1.0' );
  116. define ( 'NAMESPACE_STATUSNET', 'http://status.net/schema/api/1/' );
  117. define ( 'NAMESPACE_ATOM1', 'http://www.w3.org/2005/Atom' );
  118. /**
  119. * activity stream defines
  120. */
  121. define ( 'ACTIVITY_LIKE', NAMESPACE_ACTIVITY_SCHEMA . 'like' );
  122. define ( 'ACTIVITY_DISLIKE', NAMESPACE_DFRN . '/dislike' );
  123. define ( 'ACTIVITY_OBJ_HEART', NAMESPACE_DFRN . '/heart' );
  124. define ( 'ACTIVITY_FRIEND', NAMESPACE_ACTIVITY_SCHEMA . 'make-friend' );
  125. define ( 'ACTIVITY_REQ_FRIEND', NAMESPACE_ACTIVITY_SCHEMA . 'request-friend' );
  126. define ( 'ACTIVITY_UNFRIEND', NAMESPACE_ACTIVITY_SCHEMA . 'remove-friend' );
  127. define ( 'ACTIVITY_FOLLOW', NAMESPACE_ACTIVITY_SCHEMA . 'follow' );
  128. define ( 'ACTIVITY_UNFOLLOW', NAMESPACE_ACTIVITY_SCHEMA . 'stop-following' );
  129. define ( 'ACTIVITY_POST', NAMESPACE_ACTIVITY_SCHEMA . 'post' );
  130. define ( 'ACTIVITY_UPDATE', NAMESPACE_ACTIVITY_SCHEMA . 'update' );
  131. define ( 'ACTIVITY_TAG', NAMESPACE_ACTIVITY_SCHEMA . 'tag' );
  132. define ( 'ACTIVITY_OBJ_COMMENT', NAMESPACE_ACTIVITY_SCHEMA . 'comment' );
  133. define ( 'ACTIVITY_OBJ_NOTE', NAMESPACE_ACTIVITY_SCHEMA . 'note' );
  134. define ( 'ACTIVITY_OBJ_PERSON', NAMESPACE_ACTIVITY_SCHEMA . 'person' );
  135. define ( 'ACTIVITY_OBJ_PHOTO', NAMESPACE_ACTIVITY_SCHEMA . 'photo' );
  136. define ( 'ACTIVITY_OBJ_P_PHOTO', NAMESPACE_ACTIVITY_SCHEMA . 'profile-photo' );
  137. define ( 'ACTIVITY_OBJ_ALBUM', NAMESPACE_ACTIVITY_SCHEMA . 'photo-album' );
  138. define ( 'ACTIVITY_OBJ_EVENT', NAMESPACE_ACTIVITY_SCHEMA . 'event' );
  139. define ( 'ACTIVITY_OBJ_TAGTERM', NAMESPACE_DFRN . '/tagterm' );
  140. /**
  141. * item weight for query ordering
  142. */
  143. define ( 'GRAVITY_PARENT', 0);
  144. define ( 'GRAVITY_LIKE', 3);
  145. define ( 'GRAVITY_COMMENT', 6);
  146. /**
  147. *
  148. * Reverse the effect of magic_quotes_gpc if it is enabled.
  149. * Please disable magic_quotes_gpc so we don't have to do this.
  150. * See http://php.net/manual/en/security.magicquotes.disabling.php
  151. *
  152. */
  153. function startup() {
  154. error_reporting(E_ERROR | E_WARNING | E_PARSE);
  155. set_time_limit(0);
  156. // This has to be quite large to deal with embedded private photos
  157. ini_set('pcre.backtrack_limit', 500000);
  158. if (get_magic_quotes_gpc()) {
  159. $process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST);
  160. while (list($key, $val) = each($process)) {
  161. foreach ($val as $k => $v) {
  162. unset($process[$key][$k]);
  163. if (is_array($v)) {
  164. $process[$key][stripslashes($k)] = $v;
  165. $process[] = &$process[$key][stripslashes($k)];
  166. } else {
  167. $process[$key][stripslashes($k)] = stripslashes($v);
  168. }
  169. }
  170. }
  171. unset($process);
  172. }
  173. }
  174. /**
  175. *
  176. * class: App
  177. *
  178. * Our main application structure for the life of this page
  179. * Primarily deals with the URL that got us here
  180. * and tries to make some sense of it, and
  181. * stores our page contents and config storage
  182. * and anything else that might need to be passed around
  183. * before we spit the page out.
  184. *
  185. */
  186. if(! class_exists('App')) {
  187. class App {
  188. public $module_loaded = false;
  189. public $query_string;
  190. public $config;
  191. public $page;
  192. public $profile;
  193. public $user;
  194. public $cid;
  195. public $contact;
  196. public $contacts;
  197. public $page_contact;
  198. public $content;
  199. public $data = array();
  200. public $error = false;
  201. public $cmd;
  202. public $argv;
  203. public $argc;
  204. public $module;
  205. public $pager;
  206. public $strings;
  207. public $path;
  208. public $hooks;
  209. public $timezone;
  210. public $interactive = true;
  211. public $plugins;
  212. public $apps = array();
  213. public $identities;
  214. public $nav_sel;
  215. private $scheme;
  216. private $hostname;
  217. private $baseurl;
  218. private $db;
  219. private $curl_code;
  220. private $curl_headers;
  221. function __construct() {
  222. $this->config = array();
  223. $this->page = array();
  224. $this->pager= array();
  225. $this->query_string = '';
  226. startup();
  227. $this->scheme = ((isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'])) ? 'https' : 'http' );
  228. if(x($_SERVER,'SERVER_NAME')) {
  229. $this->hostname = $_SERVER['SERVER_NAME'];
  230. if(x($_SERVER,'SERVER_PORT') && $_SERVER['SERVER_PORT'] != 80 && $_SERVER['SERVER_PORT'] != 443)
  231. $this->hostname .= ':' . $_SERVER['SERVER_PORT'];
  232. /**
  233. * Figure out if we are running at the top of a domain
  234. * or in a sub-directory and adjust accordingly
  235. */
  236. $path = trim(dirname($_SERVER['SCRIPT_NAME']),'/\\');
  237. if(isset($path) && strlen($path) && ($path != $this->path))
  238. $this->path = $path;
  239. }
  240. set_include_path(
  241. "include/$this->hostname" . PATH_SEPARATOR
  242. . 'include' . PATH_SEPARATOR
  243. . 'library' . PATH_SEPARATOR
  244. . 'library/phpsec' . PATH_SEPARATOR
  245. . '.' );
  246. if((x($_SERVER,'QUERY_STRING')) && substr($_SERVER['QUERY_STRING'],0,2) === "q=")
  247. $this->query_string = substr($_SERVER['QUERY_STRING'],2);
  248. if(x($_GET,'q'))
  249. $this->cmd = trim($_GET['q'],'/\\');
  250. // unix style "homedir"
  251. if(substr($this->cmd,0,1) === '~')
  252. $this->cmd = 'profile/' . substr($this->cmd,1);
  253. // Diaspora style profile url
  254. if(substr($this->cmd,0,2) === 'u/')
  255. $this->cmd = 'profile/' . substr($this->cmd,2);
  256. /**
  257. *
  258. * Break the URL path into C style argc/argv style arguments for our
  259. * modules. Given "http://example.com/module/arg1/arg2", $this->argc
  260. * will be 3 (integer) and $this->argv will contain:
  261. * [0] => 'module'
  262. * [1] => 'arg1'
  263. * [2] => 'arg2'
  264. *
  265. *
  266. * There will always be one argument. If provided a naked domain
  267. * URL, $this->argv[0] is set to "home".
  268. *
  269. */
  270. $this->argv = explode('/',$this->cmd);
  271. $this->argc = count($this->argv);
  272. if((array_key_exists('0',$this->argv)) && strlen($this->argv[0])) {
  273. $this->module = str_replace(".", "_", $this->argv[0]);
  274. }
  275. else {
  276. $this->argc = 1;
  277. $this->argv = array('home');
  278. $this->module = 'home';
  279. }
  280. /**
  281. * Special handling for the webfinger/lrdd host XRD file
  282. */
  283. if($this->cmd === '.well-known/host-meta') {
  284. $this->argc = 1;
  285. $this->argv = array('hostxrd');
  286. $this->module = 'hostxrd';
  287. }
  288. /**
  289. * See if there is any page number information, and initialise
  290. * pagination
  291. */
  292. $this->pager['page'] = ((x($_GET,'page')) ? $_GET['page'] : 1);
  293. $this->pager['itemspage'] = 50;
  294. $this->pager['start'] = ($this->pager['page'] * $this->pager['itemspage']) - $this->pager['itemspage'];
  295. $this->pager['total'] = 0;
  296. }
  297. function get_baseurl($ssl = false) {
  298. $scheme = $this->scheme;
  299. if(x($this->config,'ssl_policy')) {
  300. if(($ssl) || ($this->config['ssl_policy'] == SSL_POLICY_FULL))
  301. $scheme = 'https';
  302. if(($this->config['ssl_policy'] == SSL_POLICY_SELFSIGN) && (local_user() || x($_POST,'auth-params')))
  303. $scheme = 'https';
  304. }
  305. $this->baseurl = $scheme . "://" . $this->hostname . ((isset($this->path) && strlen($this->path)) ? '/' . $this->path : '' );
  306. return $this->baseurl;
  307. }
  308. function set_baseurl($url) {
  309. $parsed = @parse_url($url);
  310. $this->baseurl = $url;
  311. if($parsed) {
  312. $this->scheme = $parsed['scheme'];
  313. $this->hostname = $parsed['host'];
  314. if(x($parsed,'port'))
  315. $this->hostname .= ':' . $parsed['port'];
  316. if(x($parsed,'path'))
  317. $this->path = trim($parsed['path'],'\\/');
  318. }
  319. }
  320. function get_hostname() {
  321. return $this->hostname;
  322. }
  323. function set_hostname($h) {
  324. $this->hostname = $h;
  325. }
  326. function set_path($p) {
  327. $this->path = trim(trim($p),'/');
  328. }
  329. function get_path() {
  330. return $this->path;
  331. }
  332. function set_pager_total($n) {
  333. $this->pager['total'] = intval($n);
  334. }
  335. function set_pager_itemspage($n) {
  336. $this->pager['itemspage'] = intval($n);
  337. $this->pager['start'] = ($this->pager['page'] * $this->pager['itemspage']) - $this->pager['itemspage'];
  338. }
  339. function init_pagehead() {
  340. $interval = ((local_user()) ? get_pconfig(local_user(),'system','update_interval') : 40000);
  341. if($interval < 10000)
  342. $interval = 40000;
  343. $this->page['title'] = $this->config['sitename'];
  344. $tpl = file_get_contents('view/head.tpl');
  345. $this->page['htmlhead'] = replace_macros($tpl,array(
  346. '$baseurl' => $this->get_baseurl(), // FIXME for z_path!!!!
  347. '$generator' => 'Friendica' . ' ' . FRIENDICA_VERSION,
  348. '$delitem' => t('Delete this item?'),
  349. '$comment' => t('Comment'),
  350. '$showmore' => t('show more'),
  351. '$showfewer' => t('show fewer'),
  352. '$update_interval' => $interval
  353. ));
  354. }
  355. function set_curl_code($code) {
  356. $this->curl_code = $code;
  357. }
  358. function get_curl_code() {
  359. return $this->curl_code;
  360. }
  361. function set_curl_headers($headers) {
  362. $this->curl_headers = $headers;
  363. }
  364. function get_curl_headers() {
  365. return $this->curl_headers;
  366. }
  367. }}
  368. // retrieve the App structure
  369. // useful in functions which require it but don't get it passed to them
  370. if(! function_exists('get_app')) {
  371. function get_app() {
  372. global $a;
  373. return $a;
  374. }};
  375. // Multi-purpose function to check variable state.
  376. // Usage: x($var) or $x($array,'key')
  377. // returns false if variable/key is not set
  378. // if variable is set, returns 1 if has 'non-zero' value, otherwise returns 0.
  379. // e.g. x('') or x(0) returns 0;
  380. if(! function_exists('x')) {
  381. function x($s,$k = NULL) {
  382. if($k != NULL) {
  383. if((is_array($s)) && (array_key_exists($k,$s))) {
  384. if($s[$k])
  385. return (int) 1;
  386. return (int) 0;
  387. }
  388. return false;
  389. }
  390. else {
  391. if(isset($s)) {
  392. if($s) {
  393. return (int) 1;
  394. }
  395. return (int) 0;
  396. }
  397. return false;
  398. }
  399. }}
  400. // called from db initialisation if db is dead.
  401. if(! function_exists('system_unavailable')) {
  402. function system_unavailable() {
  403. include('system_unavailable.php');
  404. system_down();
  405. killme();
  406. }}
  407. function clean_urls() {
  408. global $a;
  409. // if($a->config['system']['clean_urls'])
  410. return true;
  411. // return false;
  412. }
  413. function z_path() {
  414. global $a;
  415. $base = $a->get_baseurl();
  416. if(! clean_urls())
  417. $base .= '/?q=';
  418. return $base;
  419. }
  420. function z_root() {
  421. global $a;
  422. return $a->get_baseurl();
  423. }
  424. function absurl($path) {
  425. if(strpos($path,'/') === 0)
  426. return z_path() . $path;
  427. return $path;
  428. }
  429. // Primarily involved with database upgrade, but also sets the
  430. // base url for use in cmdline programs which don't have
  431. // $_SERVER variables, and synchronising the state of installed plugins.
  432. if(! function_exists('check_config')) {
  433. function check_config(&$a) {
  434. $build = get_config('system','build');
  435. if(! x($build))
  436. $build = set_config('system','build',DB_UPDATE_VERSION);
  437. $url = get_config('system','url');
  438. // if the url isn't set or the stored url is radically different
  439. // than the currently visited url, store the current value accordingly.
  440. // "Radically different" ignores common variations such as http vs https
  441. // and www.example.com vs example.com.
  442. if((! x($url)) || (! link_compare($url,$a->get_baseurl())))
  443. $url = set_config('system','url',$a->get_baseurl());
  444. if($build != DB_UPDATE_VERSION) {
  445. $stored = intval($build);
  446. $current = intval(DB_UPDATE_VERSION);
  447. if(($stored < $current) && file_exists('update.php')) {
  448. load_config('database');
  449. // We're reporting a different version than what is currently installed.
  450. // Run any existing update scripts to bring the database up to current.
  451. require_once('update.php');
  452. // make sure that boot.php and update.php are the same release, we might be
  453. // updating right this very second and the correct version of the update.php
  454. // file may not be here yet. This can happen on a very busy site.
  455. if(DB_UPDATE_VERSION == UPDATE_VERSION) {
  456. for($x = $stored; $x < $current; $x ++) {
  457. if(function_exists('update_' . $x)) {
  458. // There could be a lot of processes running or about to run.
  459. // We want exactly one process to run the update command.
  460. // So store the fact that we're taking responsibility
  461. // after first checking to see if somebody else already has.
  462. // If the update fails or times-out completely you may need to
  463. // delete the config entry to try again.
  464. if(get_config('database','update_' . $x))
  465. break;
  466. set_config('database','update_' . $x, '1');
  467. // call the specific update
  468. $func = 'update_' . $x;
  469. $func($a);
  470. }
  471. }
  472. set_config('system','build', DB_UPDATE_VERSION);
  473. }
  474. }
  475. }
  476. /**
  477. *
  478. * Synchronise plugins:
  479. *
  480. * $a->config['system']['addon'] contains a comma-separated list of names
  481. * of plugins/addons which are used on this system.
  482. * Go through the database list of already installed addons, and if we have
  483. * an entry, but it isn't in the config list, call the uninstall procedure
  484. * and mark it uninstalled in the database (for now we'll remove it).
  485. * Then go through the config list and if we have a plugin that isn't installed,
  486. * call the install procedure and add it to the database.
  487. *
  488. */
  489. $r = q("SELECT * FROM `addon` WHERE `installed` = 1");
  490. if(count($r))
  491. $installed = $r;
  492. else
  493. $installed = array();
  494. $plugins = get_config('system','addon');
  495. $plugins_arr = array();
  496. if($plugins)
  497. $plugins_arr = explode(',',str_replace(' ', '',$plugins));
  498. $a->plugins = $plugins_arr;
  499. $installed_arr = array();
  500. if(count($installed)) {
  501. foreach($installed as $i) {
  502. if(! in_array($i['name'],$plugins_arr)) {
  503. uninstall_plugin($i['name']);
  504. }
  505. else
  506. $installed_arr[] = $i['name'];
  507. }
  508. }
  509. if(count($plugins_arr)) {
  510. foreach($plugins_arr as $p) {
  511. if(! in_array($p,$installed_arr)) {
  512. install_plugin($p);
  513. }
  514. }
  515. }
  516. load_hooks();
  517. return;
  518. }}
  519. function get_guid($size=16) {
  520. $exists = true; // assume by default that we don't have a unique guid
  521. do {
  522. $s = random_string($size);
  523. $r = q("select id from guid where guid = '%s' limit 1", dbesc($s));
  524. if(! count($r))
  525. $exists = false;
  526. } while($exists);
  527. q("insert into guid ( guid ) values ( '%s' ) ", dbesc($s));
  528. return $s;
  529. }
  530. // wrapper for adding a login box. If $register == true provide a registration
  531. // link. This will most always depend on the value of $a->config['register_policy'].
  532. // returns the complete html for inserting into the page
  533. if(! function_exists('login')) {
  534. function login($register = false, $hiddens=false) {
  535. $o = "";
  536. $reg = false;
  537. if ($register) {
  538. $reg = array(
  539. 'title' => t('Create a New Account'),
  540. 'desc' => t('Register')
  541. );
  542. }
  543. $noid = get_config('system','no_openid');
  544. if(local_user()) {
  545. $tpl = get_markup_template("logout.tpl");
  546. }
  547. else {
  548. $tpl = get_markup_template("login.tpl");
  549. }
  550. $o .= replace_macros($tpl,array(
  551. '$logout' => t('Logout'),
  552. '$login' => t('Login'),
  553. '$lname' => array('username', t('Nickname or Email address: ') , '', ''),
  554. '$lpassword' => array('password', t('Password: '), '', ''),
  555. '$openid' => !$noid,
  556. '$lopenid' => array('openid_url', t('OpenID: '),'',''),
  557. '$hiddens' => $hiddens,
  558. '$register' => $reg,
  559. '$lostpass' => t('Forgot your password?'),
  560. '$lostlink' => t('Password Reset'),
  561. ));
  562. call_hooks('login_hook',$o);
  563. return $o;
  564. }}
  565. // Used to end the current process, after saving session state.
  566. if(! function_exists('killme')) {
  567. function killme() {
  568. session_write_close();
  569. exit;
  570. }}
  571. // redirect to another URL and terminate this process.
  572. if(! function_exists('goaway')) {
  573. function goaway($s) {
  574. header("Location: $s");
  575. killme();
  576. }}
  577. // Returns the uid of locally logged in user or false.
  578. if(! function_exists('local_user')) {
  579. function local_user() {
  580. if((x($_SESSION,'authenticated')) && (x($_SESSION,'uid')))
  581. return intval($_SESSION['uid']);
  582. return false;
  583. }}
  584. // Returns contact id of authenticated site visitor or false
  585. if(! function_exists('remote_user')) {
  586. function remote_user() {
  587. if((x($_SESSION,'authenticated')) && (x($_SESSION,'visitor_id')))
  588. return intval($_SESSION['visitor_id']);
  589. return false;
  590. }}
  591. // contents of $s are displayed prominently on the page the next time
  592. // a page is loaded. Usually used for errors or alerts.
  593. if(! function_exists('notice')) {
  594. function notice($s) {
  595. $a = get_app();
  596. if(! x($_SESSION,'sysmsg')) $_SESSION['sysmsg'] = array();
  597. if($a->interactive)
  598. $_SESSION['sysmsg'][] = $s;
  599. }}
  600. if(! function_exists('info')) {
  601. function info($s) {
  602. $a = get_app();
  603. if(! x($_SESSION,'sysmsg_info')) $_SESSION['sysmsg_info'] = array();
  604. if($a->interactive)
  605. $_SESSION['sysmsg_info'][] = $s;
  606. }}
  607. // wrapper around config to limit the text length of an incoming message
  608. if(! function_exists('get_max_import_size')) {
  609. function get_max_import_size() {
  610. global $a;
  611. return ((x($a->config,'max_import_size')) ? $a->config['max_import_size'] : 0 );
  612. }}
  613. /**
  614. *
  615. * Function : profile_load
  616. * @parameter App $a
  617. * @parameter string $nickname
  618. * @parameter int $profile
  619. *
  620. * Summary: Loads a profile into the page sidebar.
  621. * The function requires a writeable copy of the main App structure, and the nickname
  622. * of a registered local account.
  623. *
  624. * If the viewer is an authenticated remote viewer, the profile displayed is the
  625. * one that has been configured for his/her viewing in the Contact manager.
  626. * Passing a non-zero profile ID can also allow a preview of a selected profile
  627. * by the owner.
  628. *
  629. * Profile information is placed in the App structure for later retrieval.
  630. * Honours the owner's chosen theme for display.
  631. *
  632. */
  633. if(! function_exists('profile_load')) {
  634. function profile_load(&$a, $nickname, $profile = 0) {
  635. if(remote_user()) {
  636. $r = q("SELECT `profile-id` FROM `contact` WHERE `id` = %d LIMIT 1",
  637. intval($_SESSION['visitor_id']));
  638. if(count($r))
  639. $profile = $r[0]['profile-id'];
  640. }
  641. $r = null;
  642. if($profile) {
  643. $profile_int = intval($profile);
  644. $r = q("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `contact`.`avatar-date` AS picdate, `user`.* FROM `profile`
  645. left join `contact` on `contact`.`uid` = `profile`.`uid` LEFT JOIN `user` ON `profile`.`uid` = `user`.`uid`
  646. WHERE `user`.`nickname` = '%s' AND `profile`.`id` = %d and `contact`.`self` = 1 LIMIT 1",
  647. dbesc($nickname),
  648. intval($profile_int)
  649. );
  650. }
  651. if(! count($r)) {
  652. $r = q("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `contact`.`avatar-date` AS picdate, `user`.* FROM `profile`
  653. left join `contact` on `contact`.`uid` = `profile`.`uid` LEFT JOIN `user` ON `profile`.`uid` = `user`.`uid`
  654. WHERE `user`.`nickname` = '%s' AND `profile`.`is-default` = 1 and `contact`.`self` = 1 LIMIT 1",
  655. dbesc($nickname)
  656. );
  657. }
  658. if(($r === false) || (! count($r))) {
  659. notice( t('No profile') . EOL );
  660. $a->error = 404;
  661. return;
  662. }
  663. $a->profile = $r[0];
  664. $a->page['title'] = $a->profile['name'] . " @ " . $a->config['sitename'];
  665. $_SESSION['theme'] = $a->profile['theme'];
  666. /**
  667. * load/reload current theme info
  668. */
  669. $theme_info_file = "view/theme/".current_theme()."/theme.php";
  670. if (file_exists($theme_info_file)){
  671. require_once($theme_info_file);
  672. }
  673. if(! (x($a->page,'aside')))
  674. $a->page['aside'] = '';
  675. if(local_user() && local_user() == $a->profile['uid']) {
  676. $a->page['aside'] .= replace_macros(get_markup_template('profile_edlink.tpl'),array(
  677. '$editprofile' => t('Edit profile'),
  678. '$profid' => $a->profile['id']
  679. ));
  680. }
  681. $block = (((get_config('system','block_public')) && (! local_user()) && (! remote_user())) ? true : false);
  682. $a->page['aside'] .= profile_sidebar($a->profile, $block);
  683. /*if(! $block)
  684. $a->page['aside'] .= contact_block();*/
  685. return;
  686. }}
  687. /**
  688. *
  689. * Function: profile_sidebar
  690. *
  691. * Formats a profile for display in the sidebar.
  692. * It is very difficult to templatise the HTML completely
  693. * because of all the conditional logic.
  694. *
  695. * @parameter: array $profile
  696. *
  697. * Returns HTML string stuitable for sidebar inclusion
  698. * Exceptions: Returns empty string if passed $profile is wrong type or not populated
  699. *
  700. */
  701. if(! function_exists('profile_sidebar')) {
  702. function profile_sidebar($profile, $block = 0) {
  703. $a = get_app();
  704. $o = '';
  705. $location = false;
  706. $address = false;
  707. $pdesc = true;
  708. if((! is_array($profile)) && (! count($profile)))
  709. return $o;
  710. $profile['picdate'] = urlencode($profile['picdate']);
  711. call_hooks('profile_sidebar_enter', $profile);
  712. // don't show connect link to yourself
  713. $connect = (($profile['uid'] != local_user()) ? t('Connect') : False);
  714. // don't show connect link to authenticated visitors either
  715. if((remote_user()) && ($_SESSION['visitor_visiting'] == $profile['uid']))
  716. $connect = False;
  717. // show edit profile to yourself
  718. if ($profile['uid'] == local_user()) {
  719. $profile['edit'] = array($a->get_baseurl(). '/profiles', t('Profiles'),"", t('Manage/edit profiles'));
  720. $r = q("SELECT * FROM `profile` WHERE `uid` = %d",
  721. local_user());
  722. $profile['menu'] = array(
  723. 'chg_photo' => t('Change profile photo'),
  724. 'cr_new' => t('Create New Profile'),
  725. 'entries' => array(),
  726. );
  727. if(count($r)) {
  728. foreach($r as $rr) {
  729. $profile['menu']['entries'][] = array(
  730. 'photo' => $rr['thumb'],
  731. 'id' => $rr['id'],
  732. 'alt' => t('Profile Image'),
  733. 'profile_name' => $rr['profile-name'],
  734. 'isdefault' => $rr['is-default'],
  735. 'visibile_to_everybody' => t('visible to everybody'),
  736. 'edit_visibility' => t('Edit visibility'),
  737. );
  738. }
  739. }
  740. }
  741. if((x($profile,'address') == 1)
  742. || (x($profile,'locality') == 1)
  743. || (x($profile,'region') == 1)
  744. || (x($profile,'postal-code') == 1)
  745. || (x($profile,'country-name') == 1))
  746. $location = t('Location:');
  747. $gender = ((x($profile,'gender') == 1) ? t('Gender:') : False);
  748. $marital = ((x($profile,'marital') == 1) ? t('Status:') : False);
  749. $homepage = ((x($profile,'homepage') == 1) ? t('Homepage:') : False);
  750. if(($profile['hidewall'] || $block) && (! local_user()) && (! remote_user())) {
  751. $location = $pdesc = $connect = $gender = $marital = $homepage = False;
  752. }
  753. $firstname = ((strpos($profile['name'],' '))
  754. ? trim(substr($profile['name'],0,strpos($profile['name'],' '))) : $profile['name']);
  755. $lastname = (($firstname === $profile['name']) ? '' : trim(substr($profile['name'],strlen($firstname))));
  756. $diaspora = array(
  757. 'podloc' => $a->get_baseurl(),
  758. 'searchable' => (($profile['publish'] && $profile['net-publish']) ? 'true' : 'false' ),
  759. 'nickname' => $profile['nickname'],
  760. 'fullname' => $profile['name'],
  761. 'firstname' => $firstname,
  762. 'lastname' => $lastname,
  763. 'photo300' => $a->get_baseurl() . '/photo/custom/300/' . $profile['uid'] . '.jpg',
  764. 'photo100' => $a->get_baseurl() . '/photo/custom/100/' . $profile['uid'] . '.jpg',
  765. 'photo50' => $a->get_baseurl() . '/photo/custom/50/' . $profile['uid'] . '.jpg',
  766. );
  767. if (!$block){
  768. $contact_block = contact_block();
  769. }
  770. $tpl = get_markup_template('profile_vcard.tpl');
  771. $o .= replace_macros($tpl, array(
  772. '$profile' => $profile,
  773. '$connect' => $connect,
  774. '$location' => template_escape($location),
  775. '$gender' => $gender,
  776. '$pdesc' => $pdesc,
  777. '$marital' => $marital,
  778. '$homepage' => $homepage,
  779. '$diaspora' => $diaspora,
  780. '$contact_block' => $contact_block,
  781. ));
  782. $arr = array('profile' => &$profile, 'entry' => &$o);
  783. call_hooks('profile_sidebar', $arr);
  784. return $o;
  785. }}
  786. if(! function_exists('get_birthdays')) {
  787. function get_birthdays() {
  788. $a = get_app();
  789. $o = '';
  790. if(! local_user())
  791. return $o;
  792. $bd_format = t('g A l F d') ; // 8 AM Friday January 18
  793. $bd_short = t('F d');
  794. $r = q("SELECT `event`.*, `event`.`id` AS `eid`, `contact`.* FROM `event`
  795. LEFT JOIN `contact` ON `contact`.`id` = `event`.`cid`
  796. WHERE `event`.`uid` = %d AND `type` = 'birthday' AND `start` < '%s' AND `finish` > '%s'
  797. ORDER BY `start` ASC ",
  798. intval(local_user()),
  799. dbesc(datetime_convert('UTC','UTC','now + 6 days')),
  800. dbesc(datetime_convert('UTC','UTC','now'))
  801. );
  802. if($r && count($r)) {
  803. $total = 0;
  804. $now = strtotime('now');
  805. $istoday = false;
  806. foreach($r as $rr) {
  807. if(strlen($rr['name']))
  808. $total ++;
  809. if((strtotime($rr['start'] . ' +00:00') < $now) && (strtotime($rr['finish'] . ' +00:00') > $now))
  810. $istoday = true;
  811. }
  812. $classtoday = $istoday ? ' birthday-today ' : '';
  813. if($total) {
  814. $o .= '<div id="birthday-notice" class="birthday-notice fakelink' . $classtoday . '" onclick=openClose(\'birthday-wrapper\'); >' . t('Birthday Reminders') . ' ' . '(' . $total . ')' . '</div>';
  815. $o .= '<div id="birthday-wrapper" style="display: none;" ><div id="birthday-title">' . t('Birthdays this week:') . '</div>';
  816. $o .= '<div id="birthday-title-end"></div>';
  817. foreach($r as $rr) {
  818. if(! strlen($rr['name']))
  819. continue;
  820. $today = (((strtotime($rr['start'] . ' +00:00') < $now) && (strtotime($rr['finish'] . ' +00:00') > $now)) ? true : false);
  821. $sparkle = '';
  822. $url = $rr['url'];
  823. if($rr['network'] === NETWORK_DFRN) {
  824. $sparkle = " sparkle";
  825. $url = $a->get_baseurl() . '/redir/' . $rr['cid'];
  826. }
  827. $o .= '<div class="birthday-list" id="birthday-' . $rr['eid'] . '"><a class="birthday-link$sparkle" target="redir" href="'
  828. . $url . '">' . $rr['name'] . '</a> '
  829. . day_translate(datetime_convert('UTC', $a->timezone, $rr['start'], $rr['adjust'] ? $bd_format : $bd_short)) . (($today) ? ' ' . t('[today]') : '')
  830. . '</div>' ;
  831. }
  832. $o .= '</div></div>';
  833. }
  834. }
  835. return $o;
  836. }}
  837. if(! function_exists('get_events')) {
  838. function get_events() {
  839. require_once('include/bbcode.php');
  840. $a = get_app();
  841. $o = '';
  842. if(! local_user())
  843. return $o;
  844. $bd_format = t('g A l F d') ; // 8 AM Friday January 18
  845. $bd_short = t('F d');
  846. $r = q("SELECT `event`.* FROM `event`
  847. WHERE `event`.`uid` = %d AND `type` != 'birthday' AND `start` < '%s' AND `start` > '%s'
  848. ORDER BY `start` ASC ",
  849. intval(local_user()),
  850. dbesc(datetime_convert('UTC','UTC','now + 6 days')),
  851. dbesc(datetime_convert('UTC','UTC','now - 1 days'))
  852. );
  853. if($r && count($r)) {
  854. $now = strtotime('now');
  855. $istoday = false;
  856. foreach($r as $rr) {
  857. if(strlen($rr['name']))
  858. $total ++;
  859. $strt = datetime_convert('UTC',$rr['convert'] ? $a->timezone : 'UTC',$rr['start'],'Y-m-d');
  860. if($strt === datetime_convert('UTC',$a->timezone,'now','Y-m-d'))
  861. $istoday = true;
  862. }
  863. $classtoday = (($istoday) ? ' event-today ' : '');
  864. $o .= '<div id="event-notice" class="birthday-notice fakelink' . $classtoday . '" onclick=openClose(\'event-wrapper\'); >' . t('Event Reminders') . ' ' . '(' . count($r) . ')' . '</div>';
  865. $o .= '<div id="event-wrapper" style="display: none;" ><div id="event-title">' . t('Events this week:') . '</div>';
  866. $o .= '<div id="event-title-end"></div>';
  867. foreach($r as $rr) {
  868. if($rr['adjust'])
  869. $md = datetime_convert('UTC',$a->timezone,$rr['start'],'Y/m\#\l\i\n\k\-j');
  870. else
  871. $md = datetime_convert('UTC','UTC',$rr['start'],'Y/m\#\l\i\n\k\-j');
  872. $title = substr(strip_tags(bbcode($rr['desc'])),0,32) . '... ';
  873. if(! $title)
  874. $title = t('[No description]');
  875. $strt = datetime_convert('UTC',$rr['convert'] ? $a->timezone : 'UTC',$rr['start']);
  876. $today = ((substr($strt,0,10) === datetime_convert('UTC',$a->timezone,'now','Y-m-d')) ? true : false);
  877. $o .= '<div class="event-list" id="event-' . $rr['eid'] . '"></a> <a href="events/' . $md . '">' . $title . '</a>'
  878. . day_translate(datetime_convert('UTC', $rr['adjust'] ? $a->timezone : 'UTC', $rr['start'], $bd_format)) . (($today) ? ' ' . t('[today]') : '')
  879. . '</div>' ;
  880. }
  881. $o .= '</div></div>';
  882. }
  883. return $o;
  884. }}
  885. /**
  886. *
  887. * Wrap calls to proc_close(proc_open()) and call hook
  888. * so plugins can take part in process :)
  889. *
  890. * args:
  891. * $cmd program to run
  892. * next args are passed as $cmd command line
  893. *
  894. * e.g.: proc_run("ls","-la","/tmp");
  895. *
  896. * $cmd and string args are surrounded with ""
  897. */
  898. if(! function_exists('proc_run')) {
  899. function proc_run($cmd){
  900. $a = get_app();
  901. $args = func_get_args();
  902. $arr = array('args' => $args, 'run_cmd' => true);
  903. call_hooks("proc_run", $arr);
  904. if(! $arr['run_cmd'])
  905. return;
  906. if(count($args) && $args[0] === 'php')
  907. $args[0] = ((x($a->config,'php_path')) && (strlen($a->config['php_path'])) ? $a->config['php_path'] : 'php');
  908. foreach ($args as $arg){
  909. $arg = escapeshellarg($arg);
  910. }
  911. $cmdline = implode($args," ");
  912. proc_close(proc_open($cmdline." &",array(),$foo));
  913. }}
  914. if(! function_exists('current_theme')) {
  915. function current_theme(){
  916. $app_base_themes = array('duepuntozero', 'loozah');
  917. $a = get_app();
  918. $system_theme = ((isset($a->config['system']['theme'])) ? $a->config['system']['theme'] : '');
  919. $theme_name = ((is_array($_SESSION) && x($_SESSION,'theme')) ? $_SESSION['theme'] : $system_theme);
  920. if($theme_name && file_exists('view/theme/' . $theme_name . '/style.css'))
  921. return($theme_name);
  922. foreach($app_base_themes as $t) {
  923. if(file_exists('view/theme/' . $t . '/style.css'))
  924. return($t);
  925. }
  926. $fallback = glob('view/theme/*/style.css');
  927. if(count($fallback))
  928. return (str_replace('view/theme/','', str_replace("/style.css","",$fallback[0])));
  929. }}
  930. /*
  931. * Return full URL to theme which is currently in effect.
  932. * Provide a sane default if nothing is chosen or the specified theme does not exist.
  933. */
  934. if(! function_exists('current_theme_url')) {
  935. function current_theme_url() {
  936. global $a;
  937. $t = current_theme();
  938. return($a->get_baseurl() . '/view/theme/' . $t . '/style.css');
  939. }}
  940. if(! function_exists('feed_birthday')) {
  941. function feed_birthday($uid,$tz) {
  942. /**
  943. *
  944. * Determine the next birthday, but only if the birthday is published
  945. * in the default profile. We _could_ also look for a private profile that the
  946. * recipient can see, but somebody could get mad at us if they start getting
  947. * public birthday greetings when they haven't made this info public.
  948. *
  949. * Assuming we are able to publish this info, we are then going to convert
  950. * the start time from the owner's timezone to UTC.
  951. *
  952. * This will potentially solve the problem found with some social networks
  953. * where birthdays are converted to the viewer's timezone and salutations from
  954. * elsewhere in the world show up on the wrong day. We will convert it to the
  955. * viewer's timezone also, but first we are going to convert it from the birthday
  956. * person's timezone to GMT - so the viewer may find the birthday starting at
  957. * 6:00PM the day before, but that will correspond to midnight to the birthday person.
  958. *
  959. */
  960. $birthday = '';
  961. $p = q("SELECT `dob` FROM `profile` WHERE `is-default` = 1 AND `uid` = %d LIMIT 1",
  962. intval($uid)
  963. );
  964. if($p && count($p)) {
  965. $tmp_dob = substr($p[0]['dob'],5);
  966. if(intval($tmp_dob)) {
  967. $y = datetime_convert($tz,$tz,'now','Y');
  968. $bd = $y . '-' . $tmp_dob . ' 00:00';
  969. $t_dob = strtotime($bd);
  970. $now = strtotime(datetime_convert($tz,$tz,'now'));
  971. if($t_dob < $now)
  972. $bd = $y + 1 . '-' . $tmp_dob . ' 00:00';
  973. $birthday = datetime_convert($tz,'UTC',$bd,ATOM_TIME);
  974. }
  975. }
  976. return $birthday;
  977. }}
  978. if(! function_exists('is_site_admin')) {
  979. function is_site_admin() {
  980. $a = get_app();
  981. if(local_user() && x($a->user,'email') && x($a->config,'admin_email') && ($a->user['email'] === $a->config['admin_email']))
  982. return true;
  983. return false;
  984. }}
  985. if(! function_exists('load_contact_links')) {
  986. function load_contact_links($uid) {
  987. $a = get_app();
  988. $ret = array();
  989. if(! $uid || x($a->contacts,'empty'))
  990. return;
  991. $r = q("SELECT `id`,`network`,`url`,`thumb` FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 ",
  992. intval($uid)
  993. );
  994. if(count($r)) {
  995. foreach($r as $rr){
  996. $url = normalise_link($rr['url']);
  997. $ret[$url] = $rr;
  998. }
  999. }
  1000. else
  1001. $ret['empty'] = true;
  1002. $a->contacts = $ret;
  1003. return;
  1004. }}
  1005. if(! function_exists('profile_tabs')){
  1006. function profile_tabs($a, $is_owner=False, $nickname=Null){
  1007. //echo "<pre>"; var_dump($a->user); killme();
  1008. if (is_null($nickname))
  1009. $nickname = $a->user['nickname'];
  1010. if(x($_GET,'tab'))
  1011. $tab = notags(trim($_GET['tab']));
  1012. $url = $a->get_baseurl() . '/profile/' . $nickname;
  1013. $tabs = array(
  1014. array(
  1015. 'label'=>t('Status'),
  1016. 'url' => $url,
  1017. 'sel' => ((!isset($tab)&&$a->argv[0]=='profile')?'active':''),
  1018. ),
  1019. array(
  1020. 'label' => t('Profile'),
  1021. 'url' => $url.'/?tab=profile',
  1022. 'sel' => (($tab=='profile')?'active':''),
  1023. ),
  1024. array(
  1025. 'label' => t('Photos'),
  1026. 'url' => $a->get_baseurl() . '/photos/' . $nickname,
  1027. 'sel' => ((!isset($tab)&&$a->argv[0]=='photos')?'active':''),
  1028. ),
  1029. );
  1030. if ($is_owner){
  1031. $tabs[] = array(
  1032. 'label' => t('Events'),
  1033. 'url' => $a->get_baseurl() . '/events',
  1034. 'sel' =>((!isset($tab)&&$a->argv[0]=='events')?'active':''),
  1035. );
  1036. $tabs[] = array(
  1037. 'label' => t('Personal Notes'),
  1038. 'url' => $a->get_baseurl() . '/notes',
  1039. 'sel' =>((!isset($tab)&&$a->argv[0]=='notes')?'active':''),
  1040. );
  1041. }
  1042. $tpl = get_markup_template('common_tabs.tpl');
  1043. return replace_macros($tpl,array('$tabs'=>$tabs));
  1044. }}