Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

1363 lines
37 KiB

  1. <?php
  2. require_once('include/config.php');
  3. require_once('include/network.php');
  4. require_once('include/plugin.php');
  5. require_once('include/text.php');
  6. require_once('include/pgettext.php');
  7. require_once('include/nav.php');
  8. require_once('include/cache.php');
  9. define ( 'FRIENDICA_PLATFORM', 'Friendica');
  10. define ( 'FRIENDICA_VERSION', '2.3.1263' );
  11. define ( 'DFRN_PROTOCOL_VERSION', '2.22' );
  12. define ( 'DB_UPDATE_VERSION', 1125 );
  13. define ( 'EOL', "<br />\r\n" );
  14. define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' );
  15. /**
  16. *
  17. * Image storage quality. Lower numbers save space at cost of image detail.
  18. * For ease of upgrade, please do not change here. Change jpeg quality with
  19. * $a->config['system']['jpeg_quality'] = n;
  20. * in .htconfig.php, where n is netween 1 and 100, and with very poor results
  21. * below about 50
  22. *
  23. */
  24. define ( 'JPEG_QUALITY', 100 );
  25. /**
  26. * SSL redirection policies
  27. */
  28. define ( 'SSL_POLICY_NONE', 0 );
  29. define ( 'SSL_POLICY_FULL', 1 );
  30. define ( 'SSL_POLICY_SELFSIGN', 2 );
  31. /**
  32. * log levels
  33. */
  34. define ( 'LOGGER_NORMAL', 0 );
  35. define ( 'LOGGER_TRACE', 1 );
  36. define ( 'LOGGER_DEBUG', 2 );
  37. define ( 'LOGGER_DATA', 3 );
  38. define ( 'LOGGER_ALL', 4 );
  39. /**
  40. * registration policies
  41. */
  42. define ( 'REGISTER_CLOSED', 0 );
  43. define ( 'REGISTER_APPROVE', 1 );
  44. define ( 'REGISTER_OPEN', 2 );
  45. /**
  46. * relationship types
  47. */
  48. define ( 'CONTACT_IS_FOLLOWER', 1);
  49. define ( 'CONTACT_IS_SHARING', 2);
  50. define ( 'CONTACT_IS_FRIEND', 3);
  51. /**
  52. * Hook array order
  53. */
  54. define ( 'HOOK_HOOK', 0);
  55. define ( 'HOOK_FILE', 1);
  56. define ( 'HOOK_FUNCTION', 2);
  57. /**
  58. *
  59. * page/profile types
  60. *
  61. * PAGE_NORMAL is a typical personal profile account
  62. * PAGE_SOAPBOX automatically approves all friend requests as CONTACT_IS_SHARING, (readonly)
  63. * PAGE_COMMUNITY automatically approves all friend requests as CONTACT_IS_SHARING, but with
  64. * write access to wall and comments (no email and not included in page owner's ACL lists)
  65. * PAGE_FREELOVE automatically approves all friend requests as full friends (CONTACT_IS_FRIEND).
  66. *
  67. */
  68. define ( 'PAGE_NORMAL', 0 );
  69. define ( 'PAGE_SOAPBOX', 1 );
  70. define ( 'PAGE_COMMUNITY', 2 );
  71. define ( 'PAGE_FREELOVE', 3 );
  72. define ( 'PAGE_BLOG', 4 );
  73. /**
  74. * Network and protocol family types
  75. */
  76. define ( 'NETWORK_ZOT', 'zot!'); // Zot!
  77. define ( 'NETWORK_DFRN', 'dfrn'); // Friendica, Mistpark, other DFRN implementations
  78. define ( 'NETWORK_OSTATUS', 'stat'); // status.net, identi.ca, GNU-social, other OStatus implementations
  79. define ( 'NETWORK_FEED', 'feed'); // RSS/Atom feeds with no known "post/notify" protocol
  80. define ( 'NETWORK_DIASPORA', 'dspr'); // Diaspora
  81. define ( 'NETWORK_MAIL', 'mail'); // IMAP/POP
  82. define ( 'NETWORK_MAIL2', 'mai2'); // extended IMAP/POP
  83. define ( 'NETWORK_FACEBOOK', 'face'); // Facebook API
  84. define ( 'NETWORK_LINKEDIN', 'lnkd'); // LinkedIn
  85. define ( 'NETWORK_XMPP', 'xmpp'); // XMPP
  86. define ( 'NETWORK_MYSPACE', 'mysp'); // MySpace
  87. define ( 'NETWORK_GPLUS', 'goog'); // Google+
  88. /**
  89. * Maximum number of "people who like (or don't like) this" that we will list by name
  90. */
  91. define ( 'MAX_LIKERS', 75);
  92. /**
  93. * Communication timeout
  94. */
  95. define ( 'ZCURL_TIMEOUT' , (-1));
  96. /**
  97. * email notification options
  98. */
  99. define ( 'NOTIFY_INTRO', 0x0001 );
  100. define ( 'NOTIFY_CONFIRM', 0x0002 );
  101. define ( 'NOTIFY_WALL', 0x0004 );
  102. define ( 'NOTIFY_COMMENT', 0x0008 );
  103. define ( 'NOTIFY_MAIL', 0x0010 );
  104. define ( 'NOTIFY_SUGGEST', 0x0020 );
  105. define ( 'NOTIFY_PROFILE', 0x0040 );
  106. define ( 'NOTIFY_TAGSELF', 0x0080 );
  107. define ( 'NOTIFY_TAGSHARE', 0x0100 );
  108. /**
  109. * various namespaces we may need to parse
  110. */
  111. define ( 'NAMESPACE_ZOT', 'http://purl.org/macgirvin/zot' );
  112. define ( 'NAMESPACE_DFRN' , 'http://purl.org/macgirvin/dfrn/1.0' );
  113. define ( 'NAMESPACE_THREAD' , 'http://purl.org/syndication/thread/1.0' );
  114. define ( 'NAMESPACE_TOMB' , 'http://purl.org/atompub/tombstones/1.0' );
  115. define ( 'NAMESPACE_ACTIVITY', 'http://activitystrea.ms/spec/1.0/' );
  116. define ( 'NAMESPACE_ACTIVITY_SCHEMA', 'http://activitystrea.ms/schema/1.0/' );
  117. define ( 'NAMESPACE_MEDIA', 'http://purl.org/syndication/atommedia' );
  118. define ( 'NAMESPACE_SALMON_ME', 'http://salmon-protocol.org/ns/magic-env' );
  119. define ( 'NAMESPACE_OSTATUSSUB', 'http://ostatus.org/schema/1.0/subscribe' );
  120. define ( 'NAMESPACE_GEORSS', 'http://www.georss.org/georss' );
  121. define ( 'NAMESPACE_POCO', 'http://portablecontacts.net/spec/1.0' );
  122. define ( 'NAMESPACE_FEED', 'http://schemas.google.com/g/2010#updates-from' );
  123. define ( 'NAMESPACE_OSTATUS', 'http://ostatus.org/schema/1.0' );
  124. define ( 'NAMESPACE_STATUSNET', 'http://status.net/schema/api/1/' );
  125. define ( 'NAMESPACE_ATOM1', 'http://www.w3.org/2005/Atom' );
  126. /**
  127. * activity stream defines
  128. */
  129. define ( 'ACTIVITY_LIKE', NAMESPACE_ACTIVITY_SCHEMA . 'like' );
  130. define ( 'ACTIVITY_DISLIKE', NAMESPACE_DFRN . '/dislike' );
  131. define ( 'ACTIVITY_OBJ_HEART', NAMESPACE_DFRN . '/heart' );
  132. define ( 'ACTIVITY_FRIEND', NAMESPACE_ACTIVITY_SCHEMA . 'make-friend' );
  133. define ( 'ACTIVITY_REQ_FRIEND', NAMESPACE_ACTIVITY_SCHEMA . 'request-friend' );
  134. define ( 'ACTIVITY_UNFRIEND', NAMESPACE_ACTIVITY_SCHEMA . 'remove-friend' );
  135. define ( 'ACTIVITY_FOLLOW', NAMESPACE_ACTIVITY_SCHEMA . 'follow' );
  136. define ( 'ACTIVITY_UNFOLLOW', NAMESPACE_ACTIVITY_SCHEMA . 'stop-following' );
  137. define ( 'ACTIVITY_POST', NAMESPACE_ACTIVITY_SCHEMA . 'post' );
  138. define ( 'ACTIVITY_UPDATE', NAMESPACE_ACTIVITY_SCHEMA . 'update' );
  139. define ( 'ACTIVITY_TAG', NAMESPACE_ACTIVITY_SCHEMA . 'tag' );
  140. define ( 'ACTIVITY_FAVORITE', NAMESPACE_ACTIVITY_SCHEMA . 'favorite' );
  141. define ( 'ACTIVITY_OBJ_COMMENT', NAMESPACE_ACTIVITY_SCHEMA . 'comment' );
  142. define ( 'ACTIVITY_OBJ_NOTE', NAMESPACE_ACTIVITY_SCHEMA . 'note' );
  143. define ( 'ACTIVITY_OBJ_PERSON', NAMESPACE_ACTIVITY_SCHEMA . 'person' );
  144. define ( 'ACTIVITY_OBJ_PHOTO', NAMESPACE_ACTIVITY_SCHEMA . 'photo' );
  145. define ( 'ACTIVITY_OBJ_P_PHOTO', NAMESPACE_ACTIVITY_SCHEMA . 'profile-photo' );
  146. define ( 'ACTIVITY_OBJ_ALBUM', NAMESPACE_ACTIVITY_SCHEMA . 'photo-album' );
  147. define ( 'ACTIVITY_OBJ_EVENT', NAMESPACE_ACTIVITY_SCHEMA . 'event' );
  148. define ( 'ACTIVITY_OBJ_TAGTERM', NAMESPACE_DFRN . '/tagterm' );
  149. /**
  150. * item weight for query ordering
  151. */
  152. define ( 'GRAVITY_PARENT', 0);
  153. define ( 'GRAVITY_LIKE', 3);
  154. define ( 'GRAVITY_COMMENT', 6);
  155. /**
  156. *
  157. * Reverse the effect of magic_quotes_gpc if it is enabled.
  158. * Please disable magic_quotes_gpc so we don't have to do this.
  159. * See http://php.net/manual/en/security.magicquotes.disabling.php
  160. *
  161. */
  162. function startup() {
  163. error_reporting(E_ERROR | E_WARNING | E_PARSE);
  164. set_time_limit(0);
  165. // This has to be quite large to deal with embedded private photos
  166. ini_set('pcre.backtrack_limit', 500000);
  167. if (get_magic_quotes_gpc()) {
  168. $process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST);
  169. while (list($key, $val) = each($process)) {
  170. foreach ($val as $k => $v) {
  171. unset($process[$key][$k]);
  172. if (is_array($v)) {
  173. $process[$key][stripslashes($k)] = $v;
  174. $process[] = &$process[$key][stripslashes($k)];
  175. } else {
  176. $process[$key][stripslashes($k)] = stripslashes($v);
  177. }
  178. }
  179. }
  180. unset($process);
  181. }
  182. }
  183. /**
  184. *
  185. * class: App
  186. *
  187. * Our main application structure for the life of this page
  188. * Primarily deals with the URL that got us here
  189. * and tries to make some sense of it, and
  190. * stores our page contents and config storage
  191. * and anything else that might need to be passed around
  192. * before we spit the page out.
  193. *
  194. */
  195. if(! class_exists('App')) {
  196. class App {
  197. public $module_loaded = false;
  198. public $query_string;
  199. public $config;
  200. public $page;
  201. public $profile;
  202. public $user;
  203. public $cid;
  204. public $contact;
  205. public $contacts;
  206. public $page_contact;
  207. public $content;
  208. public $data = array();
  209. public $error = false;
  210. public $cmd;
  211. public $argv;
  212. public $argc;
  213. public $module;
  214. public $pager;
  215. public $strings;
  216. public $path;
  217. public $hooks;
  218. public $timezone;
  219. public $interactive = true;
  220. public $plugins;
  221. public $apps = array();
  222. public $identities;
  223. public $nav_sel;
  224. private $scheme;
  225. private $hostname;
  226. private $baseurl;
  227. private $db;
  228. private $curl_code;
  229. private $curl_headers;
  230. function __construct() {
  231. $this->config = array();
  232. $this->page = array();
  233. $this->pager= array();
  234. $this->query_string = '';
  235. startup();
  236. $this->scheme = ((isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'])) ? 'https' : 'http' );
  237. if(x($_SERVER,'SERVER_NAME')) {
  238. $this->hostname = $_SERVER['SERVER_NAME'];
  239. if(x($_SERVER,'SERVER_PORT') && $_SERVER['SERVER_PORT'] != 80 && $_SERVER['SERVER_PORT'] != 443)
  240. $this->hostname .= ':' . $_SERVER['SERVER_PORT'];
  241. /**
  242. * Figure out if we are running at the top of a domain
  243. * or in a sub-directory and adjust accordingly
  244. */
  245. $path = trim(dirname($_SERVER['SCRIPT_NAME']),'/\\');
  246. if(isset($path) && strlen($path) && ($path != $this->path))
  247. $this->path = $path;
  248. }
  249. set_include_path(
  250. "include/$this->hostname" . PATH_SEPARATOR
  251. . 'include' . PATH_SEPARATOR
  252. . 'library' . PATH_SEPARATOR
  253. . 'library/phpsec' . PATH_SEPARATOR
  254. . '.' );
  255. if((x($_SERVER,'QUERY_STRING')) && substr($_SERVER['QUERY_STRING'],0,2) === "q=") {
  256. $this->query_string = substr($_SERVER['QUERY_STRING'],2);
  257. // removing trailing / - maybe a nginx problem
  258. if (substr($this->query_string, 0, 1) == "/")
  259. $this->query_string = substr($this->query_string, 1);
  260. }
  261. if(x($_GET,'q'))
  262. $this->cmd = trim($_GET['q'],'/\\');
  263. // unix style "homedir"
  264. if(substr($this->cmd,0,1) === '~')
  265. $this->cmd = 'profile/' . substr($this->cmd,1);
  266. // Diaspora style profile url
  267. if(substr($this->cmd,0,2) === 'u/')
  268. $this->cmd = 'profile/' . substr($this->cmd,2);
  269. /**
  270. *
  271. * Break the URL path into C style argc/argv style arguments for our
  272. * modules. Given "http://example.com/module/arg1/arg2", $this->argc
  273. * will be 3 (integer) and $this->argv will contain:
  274. * [0] => 'module'
  275. * [1] => 'arg1'
  276. * [2] => 'arg2'
  277. *
  278. *
  279. * There will always be one argument. If provided a naked domain
  280. * URL, $this->argv[0] is set to "home".
  281. *
  282. */
  283. $this->argv = explode('/',$this->cmd);
  284. $this->argc = count($this->argv);
  285. if((array_key_exists('0',$this->argv)) && strlen($this->argv[0])) {
  286. $this->module = str_replace(".", "_", $this->argv[0]);
  287. }
  288. else {
  289. $this->argc = 1;
  290. $this->argv = array('home');
  291. $this->module = 'home';
  292. }
  293. /**
  294. * Special handling for the webfinger/lrdd host XRD file
  295. */
  296. if($this->cmd === '.well-known/host-meta') {
  297. $this->argc = 1;
  298. $this->argv = array('hostxrd');
  299. $this->module = 'hostxrd';
  300. }
  301. /**
  302. * See if there is any page number information, and initialise
  303. * pagination
  304. */
  305. $this->pager['page'] = ((x($_GET,'page')) ? $_GET['page'] : 1);
  306. $this->pager['itemspage'] = 50;
  307. $this->pager['start'] = ($this->pager['page'] * $this->pager['itemspage']) - $this->pager['itemspage'];
  308. $this->pager['total'] = 0;
  309. }
  310. function get_baseurl($ssl = false) {
  311. $scheme = $this->scheme;
  312. if(x($this->config,'ssl_policy')) {
  313. if(($ssl) || ($this->config['ssl_policy'] == SSL_POLICY_FULL))
  314. $scheme = 'https';
  315. if(($this->config['ssl_policy'] == SSL_POLICY_SELFSIGN) && (local_user() || x($_POST,'auth-params')))
  316. $scheme = 'https';
  317. }
  318. $this->baseurl = $scheme . "://" . $this->hostname . ((isset($this->path) && strlen($this->path)) ? '/' . $this->path : '' );
  319. return $this->baseurl;
  320. }
  321. function set_baseurl($url) {
  322. $parsed = @parse_url($url);
  323. $this->baseurl = $url;
  324. if($parsed) {
  325. $this->scheme = $parsed['scheme'];
  326. $this->hostname = $parsed['host'];
  327. if(x($parsed,'port'))
  328. $this->hostname .= ':' . $parsed['port'];
  329. if(x($parsed,'path'))
  330. $this->path = trim($parsed['path'],'\\/');
  331. }
  332. }
  333. function get_hostname() {
  334. return $this->hostname;
  335. }
  336. function set_hostname($h) {
  337. $this->hostname = $h;
  338. }
  339. function set_path($p) {
  340. $this->path = trim(trim($p),'/');
  341. }
  342. function get_path() {
  343. return $this->path;
  344. }
  345. function set_pager_total($n) {
  346. $this->pager['total'] = intval($n);
  347. }
  348. function set_pager_itemspage($n) {
  349. $this->pager['itemspage'] = intval($n);
  350. $this->pager['start'] = ($this->pager['page'] * $this->pager['itemspage']) - $this->pager['itemspage'];
  351. }
  352. function init_pagehead() {
  353. $interval = ((local_user()) ? get_pconfig(local_user(),'system','update_interval') : 40000);
  354. if($interval < 10000)
  355. $interval = 40000;
  356. $this->page['title'] = $this->config['sitename'];
  357. $tpl = file_get_contents('view/head.tpl');
  358. $this->page['htmlhead'] = replace_macros($tpl,array(
  359. '$baseurl' => $this->get_baseurl(), // FIXME for z_path!!!!
  360. '$generator' => 'Friendica' . ' ' . FRIENDICA_VERSION,
  361. '$delitem' => t('Delete this item?'),
  362. '$comment' => t('Comment'),
  363. '$showmore' => t('show more'),
  364. '$showfewer' => t('show fewer'),
  365. '$update_interval' => $interval
  366. ));
  367. }
  368. function set_curl_code($code) {
  369. $this->curl_code = $code;
  370. }
  371. function get_curl_code() {
  372. return $this->curl_code;
  373. }
  374. function set_curl_headers($headers) {
  375. $this->curl_headers = $headers;
  376. }
  377. function get_curl_headers() {
  378. return $this->curl_headers;
  379. }
  380. }}
  381. // retrieve the App structure
  382. // useful in functions which require it but don't get it passed to them
  383. if(! function_exists('get_app')) {
  384. function get_app() {
  385. global $a;
  386. return $a;
  387. }};
  388. // Multi-purpose function to check variable state.
  389. // Usage: x($var) or $x($array,'key')
  390. // returns false if variable/key is not set
  391. // if variable is set, returns 1 if has 'non-zero' value, otherwise returns 0.
  392. // e.g. x('') or x(0) returns 0;
  393. if(! function_exists('x')) {
  394. function x($s,$k = NULL) {
  395. if($k != NULL) {
  396. if((is_array($s)) && (array_key_exists($k,$s))) {
  397. if($s[$k])
  398. return (int) 1;
  399. return (int) 0;
  400. }
  401. return false;
  402. }
  403. else {
  404. if(isset($s)) {
  405. if($s) {
  406. return (int) 1;
  407. }
  408. return (int) 0;
  409. }
  410. return false;
  411. }
  412. }}
  413. // called from db initialisation if db is dead.
  414. if(! function_exists('system_unavailable')) {
  415. function system_unavailable() {
  416. include('system_unavailable.php');
  417. system_down();
  418. killme();
  419. }}
  420. function clean_urls() {
  421. global $a;
  422. // if($a->config['system']['clean_urls'])
  423. return true;
  424. // return false;
  425. }
  426. function z_path() {
  427. global $a;
  428. $base = $a->get_baseurl();
  429. if(! clean_urls())
  430. $base .= '/?q=';
  431. return $base;
  432. }
  433. function z_root() {
  434. global $a;
  435. return $a->get_baseurl();
  436. }
  437. function absurl($path) {
  438. if(strpos($path,'/') === 0)
  439. return z_path() . $path;
  440. return $path;
  441. }
  442. // Primarily involved with database upgrade, but also sets the
  443. // base url for use in cmdline programs which don't have
  444. // $_SERVER variables, and synchronising the state of installed plugins.
  445. if(! function_exists('check_config')) {
  446. function check_config(&$a) {
  447. $build = get_config('system','build');
  448. if(! x($build))
  449. $build = set_config('system','build',DB_UPDATE_VERSION);
  450. $url = get_config('system','url');
  451. // if the url isn't set or the stored url is radically different
  452. // than the currently visited url, store the current value accordingly.
  453. // "Radically different" ignores common variations such as http vs https
  454. // and www.example.com vs example.com.
  455. if((! x($url)) || (! link_compare($url,$a->get_baseurl())))
  456. $url = set_config('system','url',$a->get_baseurl());
  457. if($build != DB_UPDATE_VERSION) {
  458. $stored = intval($build);
  459. $current = intval(DB_UPDATE_VERSION);
  460. if(($stored < $current) && file_exists('update.php')) {
  461. load_config('database');
  462. // We're reporting a different version than what is currently installed.
  463. // Run any existing update scripts to bring the database up to current.
  464. require_once('update.php');
  465. // make sure that boot.php and update.php are the same release, we might be
  466. // updating right this very second and the correct version of the update.php
  467. // file may not be here yet. This can happen on a very busy site.
  468. if(DB_UPDATE_VERSION == UPDATE_VERSION) {
  469. for($x = $stored; $x < $current; $x ++) {
  470. if(function_exists('update_' . $x)) {
  471. // There could be a lot of processes running or about to run.
  472. // We want exactly one process to run the update command.
  473. // So store the fact that we're taking responsibility
  474. // after first checking to see if somebody else already has.
  475. // If the update fails or times-out completely you may need to
  476. // delete the config entry to try again.
  477. if(get_config('database','update_' . $x))
  478. break;
  479. set_config('database','update_' . $x, '1');
  480. // call the specific update
  481. $func = 'update_' . $x;
  482. $func($a);
  483. }
  484. }
  485. set_config('system','build', DB_UPDATE_VERSION);
  486. }
  487. }
  488. }
  489. /**
  490. *
  491. * Synchronise plugins:
  492. *
  493. * $a->config['system']['addon'] contains a comma-separated list of names
  494. * of plugins/addons which are used on this system.
  495. * Go through the database list of already installed addons, and if we have
  496. * an entry, but it isn't in the config list, call the uninstall procedure
  497. * and mark it uninstalled in the database (for now we'll remove it).
  498. * Then go through the config list and if we have a plugin that isn't installed,
  499. * call the install procedure and add it to the database.
  500. *
  501. */
  502. $r = q("SELECT * FROM `addon` WHERE `installed` = 1");
  503. if(count($r))
  504. $installed = $r;
  505. else
  506. $installed = array();
  507. $plugins = get_config('system','addon');
  508. $plugins_arr = array();
  509. if($plugins)
  510. $plugins_arr = explode(',',str_replace(' ', '',$plugins));
  511. $a->plugins = $plugins_arr;
  512. $installed_arr = array();
  513. if(count($installed)) {
  514. foreach($installed as $i) {
  515. if(! in_array($i['name'],$plugins_arr)) {
  516. uninstall_plugin($i['name']);
  517. }
  518. else
  519. $installed_arr[] = $i['name'];
  520. }
  521. }
  522. if(count($plugins_arr)) {
  523. foreach($plugins_arr as $p) {
  524. if(! in_array($p,$installed_arr)) {
  525. install_plugin($p);
  526. }
  527. }
  528. }
  529. load_hooks();
  530. return;
  531. }}
  532. function get_guid($size=16) {
  533. $exists = true; // assume by default that we don't have a unique guid
  534. do {
  535. $s = random_string($size);
  536. $r = q("select id from guid where guid = '%s' limit 1", dbesc($s));
  537. if(! count($r))
  538. $exists = false;
  539. } while($exists);
  540. q("insert into guid ( guid ) values ( '%s' ) ", dbesc($s));
  541. return $s;
  542. }
  543. // wrapper for adding a login box. If $register == true provide a registration
  544. // link. This will most always depend on the value of $a->config['register_policy'].
  545. // returns the complete html for inserting into the page
  546. if(! function_exists('login')) {
  547. function login($register = false, $hiddens=false) {
  548. $o = "";
  549. $reg = false;
  550. if ($register) {
  551. $reg = array(
  552. 'title' => t('Create a New Account'),
  553. 'desc' => t('Register')
  554. );
  555. }
  556. $noid = get_config('system','no_openid');
  557. if(local_user()) {
  558. $tpl = get_markup_template("logout.tpl");
  559. }
  560. else {
  561. $tpl = get_markup_template("login.tpl");
  562. }
  563. $o .= replace_macros($tpl,array(
  564. '$logout' => t('Logout'),
  565. '$login' => t('Login'),
  566. '$lname' => array('username', t('Nickname or Email address: ') , '', ''),
  567. '$lpassword' => array('password', t('Password: '), '', ''),
  568. '$openid' => !$noid,
  569. '$lopenid' => array('openid_url', t('Or login using OpenID: '),'',''),
  570. '$hiddens' => $hiddens,
  571. '$register' => $reg,
  572. '$lostpass' => t('Forgot your password?'),
  573. '$lostlink' => t('Password Reset'),
  574. ));
  575. call_hooks('login_hook',$o);
  576. return $o;
  577. }}
  578. // Used to end the current process, after saving session state.
  579. if(! function_exists('killme')) {
  580. function killme() {
  581. session_write_close();
  582. exit;
  583. }}
  584. // redirect to another URL and terminate this process.
  585. if(! function_exists('goaway')) {
  586. function goaway($s) {
  587. header("Location: $s");
  588. killme();
  589. }}
  590. // Returns the uid of locally logged in user or false.
  591. if(! function_exists('local_user')) {
  592. function local_user() {
  593. if((x($_SESSION,'authenticated')) && (x($_SESSION,'uid')))
  594. return intval($_SESSION['uid']);
  595. return false;
  596. }}
  597. // Returns contact id of authenticated site visitor or false
  598. if(! function_exists('remote_user')) {
  599. function remote_user() {
  600. if((x($_SESSION,'authenticated')) && (x($_SESSION,'visitor_id')))
  601. return intval($_SESSION['visitor_id']);
  602. return false;
  603. }}
  604. // contents of $s are displayed prominently on the page the next time
  605. // a page is loaded. Usually used for errors or alerts.
  606. if(! function_exists('notice')) {
  607. function notice($s) {
  608. $a = get_app();
  609. if(! x($_SESSION,'sysmsg')) $_SESSION['sysmsg'] = array();
  610. if($a->interactive)
  611. $_SESSION['sysmsg'][] = $s;
  612. }}
  613. if(! function_exists('info')) {
  614. function info($s) {
  615. $a = get_app();
  616. if(! x($_SESSION,'sysmsg_info')) $_SESSION['sysmsg_info'] = array();
  617. if($a->interactive)
  618. $_SESSION['sysmsg_info'][] = $s;
  619. }}
  620. // wrapper around config to limit the text length of an incoming message
  621. if(! function_exists('get_max_import_size')) {
  622. function get_max_import_size() {
  623. global $a;
  624. return ((x($a->config,'max_import_size')) ? $a->config['max_import_size'] : 0 );
  625. }}
  626. /**
  627. *
  628. * Function : profile_load
  629. * @parameter App $a
  630. * @parameter string $nickname
  631. * @parameter int $profile
  632. *
  633. * Summary: Loads a profile into the page sidebar.
  634. * The function requires a writeable copy of the main App structure, and the nickname
  635. * of a registered local account.
  636. *
  637. * If the viewer is an authenticated remote viewer, the profile displayed is the
  638. * one that has been configured for his/her viewing in the Contact manager.
  639. * Passing a non-zero profile ID can also allow a preview of a selected profile
  640. * by the owner.
  641. *
  642. * Profile information is placed in the App structure for later retrieval.
  643. * Honours the owner's chosen theme for display.
  644. *
  645. */
  646. if(! function_exists('profile_load')) {
  647. function profile_load(&$a, $nickname, $profile = 0) {
  648. if(remote_user()) {
  649. $r = q("SELECT `profile-id` FROM `contact` WHERE `id` = %d LIMIT 1",
  650. intval($_SESSION['visitor_id']));
  651. if(count($r))
  652. $profile = $r[0]['profile-id'];
  653. }
  654. $r = null;
  655. if($profile) {
  656. $profile_int = intval($profile);
  657. $r = q("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `contact`.`avatar-date` AS picdate, `user`.* FROM `profile`
  658. left join `contact` on `contact`.`uid` = `profile`.`uid` LEFT JOIN `user` ON `profile`.`uid` = `user`.`uid`
  659. WHERE `user`.`nickname` = '%s' AND `profile`.`id` = %d and `contact`.`self` = 1 LIMIT 1",
  660. dbesc($nickname),
  661. intval($profile_int)
  662. );
  663. }
  664. if((! $r) && (! count($r))) {
  665. $r = q("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `contact`.`avatar-date` AS picdate, `user`.* FROM `profile`
  666. left join `contact` on `contact`.`uid` = `profile`.`uid` LEFT JOIN `user` ON `profile`.`uid` = `user`.`uid`
  667. WHERE `user`.`nickname` = '%s' AND `profile`.`is-default` = 1 and `contact`.`self` = 1 LIMIT 1",
  668. dbesc($nickname)
  669. );
  670. }
  671. if(($r === false) || (! count($r))) {
  672. notice( t('Requested profile is not available.') . EOL );
  673. $a->error = 404;
  674. return;
  675. }
  676. // fetch user tags if this isn't the default profile
  677. if(! $r[0]['is-default']) {
  678. $x = q("select `pub_keywords` from `profile` where uid = %d and `is-default` = 1 limit 1",
  679. intval($profile_uid)
  680. );
  681. if($x && count($x))
  682. $r[0]['pub_keywords'] = $x[0]['pub_keywords'];
  683. }
  684. $a->profile = $r[0];
  685. $a->page['title'] = $a->profile['name'] . " @ " . $a->config['sitename'];
  686. $_SESSION['theme'] = $a->profile['theme'];
  687. /**
  688. * load/reload current theme info
  689. */
  690. $theme_info_file = "view/theme/".current_theme()."/theme.php";
  691. if (file_exists($theme_info_file)){
  692. require_once($theme_info_file);
  693. }
  694. if(! (x($a->page,'aside')))
  695. $a->page['aside'] = '';
  696. if(local_user() && local_user() == $a->profile['uid']) {
  697. $a->page['aside'] .= replace_macros(get_markup_template('profile_edlink.tpl'),array(
  698. '$editprofile' => t('Edit profile'),
  699. '$profid' => $a->profile['id']
  700. ));
  701. }
  702. $block = (((get_config('system','block_public')) && (! local_user()) && (! remote_user())) ? true : false);
  703. $a->page['aside'] .= profile_sidebar($a->profile, $block);
  704. /*if(! $block)
  705. $a->page['aside'] .= contact_block();*/
  706. return;
  707. }}
  708. /**
  709. *
  710. * Function: profile_sidebar
  711. *
  712. * Formats a profile for display in the sidebar.
  713. * It is very difficult to templatise the HTML completely
  714. * because of all the conditional logic.
  715. *
  716. * @parameter: array $profile
  717. *
  718. * Returns HTML string stuitable for sidebar inclusion
  719. * Exceptions: Returns empty string if passed $profile is wrong type or not populated
  720. *
  721. */
  722. if(! function_exists('profile_sidebar')) {
  723. function profile_sidebar($profile, $block = 0) {
  724. $a = get_app();
  725. $o = '';
  726. $location = false;
  727. $address = false;
  728. $pdesc = true;
  729. if((! is_array($profile)) && (! count($profile)))
  730. return $o;
  731. $profile['picdate'] = urlencode($profile['picdate']);
  732. call_hooks('profile_sidebar_enter', $profile);
  733. // don't show connect link to yourself
  734. $connect = (($profile['uid'] != local_user()) ? t('Connect') : False);
  735. // don't show connect link to authenticated visitors either
  736. if((remote_user()) && ($_SESSION['visitor_visiting'] == $profile['uid']))
  737. $connect = False;
  738. // show edit profile to yourself
  739. if ($profile['uid'] == local_user()) {
  740. $profile['edit'] = array($a->get_baseurl(). '/profiles', t('Profiles'),"", t('Manage/edit profiles'));
  741. $r = q("SELECT * FROM `profile` WHERE `uid` = %d",
  742. local_user());
  743. $profile['menu'] = array(
  744. 'chg_photo' => t('Change profile photo'),
  745. 'cr_new' => t('Create New Profile'),
  746. 'entries' => array(),
  747. );
  748. if(count($r)) {
  749. foreach($r as $rr) {
  750. $profile['menu']['entries'][] = array(
  751. 'photo' => $rr['thumb'],
  752. 'id' => $rr['id'],
  753. 'alt' => t('Profile Image'),
  754. 'profile_name' => $rr['profile-name'],
  755. 'isdefault' => $rr['is-default'],
  756. 'visibile_to_everybody' => t('visible to everybody'),
  757. 'edit_visibility' => t('Edit visibility'),
  758. );
  759. }
  760. }
  761. }
  762. if((x($profile,'address') == 1)
  763. || (x($profile,'locality') == 1)
  764. || (x($profile,'region') == 1)
  765. || (x($profile,'postal-code') == 1)
  766. || (x($profile,'country-name') == 1))
  767. $location = t('Location:');
  768. $gender = ((x($profile,'gender') == 1) ? t('Gender:') : False);
  769. $marital = ((x($profile,'marital') == 1) ? t('Status:') : False);
  770. $homepage = ((x($profile,'homepage') == 1) ? t('Homepage:') : False);
  771. if(($profile['hidewall'] || $block) && (! local_user()) && (! remote_user())) {
  772. $location = $pdesc = $gender = $marital = $homepage = False;
  773. }
  774. $firstname = ((strpos($profile['name'],' '))
  775. ? trim(substr($profile['name'],0,strpos($profile['name'],' '))) : $profile['name']);
  776. $lastname = (($firstname === $profile['name']) ? '' : trim(substr($profile['name'],strlen($firstname))));
  777. $diaspora = array(
  778. 'podloc' => $a->get_baseurl(),
  779. 'searchable' => (($profile['publish'] && $profile['net-publish']) ? 'true' : 'false' ),
  780. 'nickname' => $profile['nickname'],
  781. 'fullname' => $profile['name'],
  782. 'firstname' => $firstname,
  783. 'lastname' => $lastname,
  784. 'photo300' => $a->get_baseurl() . '/photo/custom/300/' . $profile['uid'] . '.jpg',
  785. 'photo100' => $a->get_baseurl() . '/photo/custom/100/' . $profile['uid'] . '.jpg',
  786. 'photo50' => $a->get_baseurl() . '/photo/custom/50/' . $profile['uid'] . '.jpg',
  787. );
  788. if (!$block){
  789. $contact_block = contact_block();
  790. }
  791. $tpl = get_markup_template('profile_vcard.tpl');
  792. $o .= replace_macros($tpl, array(
  793. '$profile' => $profile,
  794. '$connect' => $connect,
  795. '$location' => template_escape($location),
  796. '$gender' => $gender,
  797. '$pdesc' => $pdesc,
  798. '$marital' => $marital,
  799. '$homepage' => $homepage,
  800. '$diaspora' => $diaspora,
  801. '$contact_block' => $contact_block,
  802. ));
  803. $arr = array('profile' => &$profile, 'entry' => &$o);
  804. call_hooks('profile_sidebar', $arr);
  805. return $o;
  806. }}
  807. if(! function_exists('get_birthdays')) {
  808. function get_birthdays() {
  809. $a = get_app();
  810. $o = '';
  811. if(! local_user())
  812. return $o;
  813. $bd_format = t('g A l F d') ; // 8 AM Friday January 18
  814. $bd_short = t('F d');
  815. $r = q("SELECT `event`.*, `event`.`id` AS `eid`, `contact`.* FROM `event`
  816. LEFT JOIN `contact` ON `contact`.`id` = `event`.`cid`
  817. WHERE `event`.`uid` = %d AND `type` = 'birthday' AND `start` < '%s' AND `finish` > '%s'
  818. ORDER BY `start` ASC ",
  819. intval(local_user()),
  820. dbesc(datetime_convert('UTC','UTC','now + 6 days')),
  821. dbesc(datetime_convert('UTC','UTC','now'))
  822. );
  823. if($r && count($r)) {
  824. $total = 0;
  825. $now = strtotime('now');
  826. $cids = array();
  827. $istoday = false;
  828. foreach($r as $rr) {
  829. if(strlen($rr['name']))
  830. $total ++;
  831. if((strtotime($rr['start'] . ' +00:00') < $now) && (strtotime($rr['finish'] . ' +00:00') > $now))
  832. $istoday = true;
  833. }
  834. $classtoday = $istoday ? ' birthday-today ' : '';
  835. if($total) {
  836. $o .= '<div id="birthday-notice" class="birthday-notice fakelink' . $classtoday . '" onclick=openClose(\'birthday-wrapper\'); >' . t('Birthday Reminders') . ' ' . '(' . $total . ')' . '</div>';
  837. $o .= '<div id="birthday-wrapper" style="display: none;" ><div id="birthday-title">' . t('Birthdays this week:') . '</div>';
  838. $o .= '<div id="birthday-title-end"></div>';
  839. foreach($r as $rr) {
  840. if(! strlen($rr['name']))
  841. continue;
  842. // avoid duplicates
  843. if(in_array($rr['cid'],$cids))
  844. continue;
  845. $cids[] = $rr['cid'];
  846. $today = (((strtotime($rr['start'] . ' +00:00') < $now) && (strtotime($rr['finish'] . ' +00:00') > $now)) ? true : false);
  847. $sparkle = '';
  848. $url = $rr['url'];
  849. if($rr['network'] === NETWORK_DFRN) {
  850. $sparkle = " sparkle";
  851. $url = $a->get_baseurl() . '/redir/' . $rr['cid'];
  852. }
  853. $o .= '<div class="birthday-list" id="birthday-' . $rr['eid'] . '"><a class="birthday-link$sparkle" target="redir" href="'
  854. . $url . '">' . $rr['name'] . '</a> '
  855. . day_translate(datetime_convert('UTC', $a->timezone, $rr['start'], $rr['adjust'] ? $bd_format : $bd_short)) . (($today) ? ' ' . t('[today]') : '')
  856. . '</div>' ;
  857. }
  858. $o .= '</div></div>';
  859. }
  860. }
  861. return $o;
  862. }}
  863. if(! function_exists('get_events')) {
  864. function get_events() {
  865. require_once('include/bbcode.php');
  866. $a = get_app();
  867. $o = '';
  868. if(! local_user())
  869. return $o;
  870. $bd_format = t('g A l F d') ; // 8 AM Friday January 18
  871. $bd_short = t('F d');
  872. $r = q("SELECT `event`.* FROM `event`
  873. WHERE `event`.`uid` = %d AND `type` != 'birthday' AND `start` < '%s' AND `start` > '%s'
  874. ORDER BY `start` ASC ",
  875. intval(local_user()),
  876. dbesc(datetime_convert('UTC','UTC','now + 6 days')),
  877. dbesc(datetime_convert('UTC','UTC','now - 1 days'))
  878. );
  879. if($r && count($r)) {
  880. $now = strtotime('now');
  881. $istoday = false;
  882. foreach($r as $rr) {
  883. if(strlen($rr['name']))
  884. $total ++;
  885. $strt = datetime_convert('UTC',$rr['convert'] ? $a->timezone : 'UTC',$rr['start'],'Y-m-d');
  886. if($strt === datetime_convert('UTC',$a->timezone,'now','Y-m-d'))
  887. $istoday = true;
  888. }
  889. $classtoday = (($istoday) ? ' event-today ' : '');
  890. $o .= '<div id="event-notice" class="birthday-notice fakelink' . $classtoday . '" onclick=openClose(\'event-wrapper\'); >' . t('Event Reminders') . ' ' . '(' . count($r) . ')' . '</div>';
  891. $o .= '<div id="event-wrapper" style="display: none;" ><div id="event-title">' . t('Events this week:') . '</div>';
  892. $o .= '<div id="event-title-end"></div>';
  893. foreach($r as $rr) {
  894. if($rr['adjust'])
  895. $md = datetime_convert('UTC',$a->timezone,$rr['start'],'Y/m\#\l\i\n\k\-j');
  896. else
  897. $md = datetime_convert('UTC','UTC',$rr['start'],'Y/m\#\l\i\n\k\-j');
  898. $title = substr(strip_tags(bbcode($rr['desc'])),0,32) . '... ';
  899. if(! $title)
  900. $title = t('[No description]');
  901. $strt = datetime_convert('UTC',$rr['convert'] ? $a->timezone : 'UTC',$rr['start']);
  902. $today = ((substr($strt,0,10) === datetime_convert('UTC',$a->timezone,'now','Y-m-d')) ? true : false);
  903. $o .= '<div class="event-list" id="event-' . $rr['eid'] . '"></a> <a href="events/' . $md . '">' . $title . '</a>'
  904. . day_translate(datetime_convert('UTC', $rr['adjust'] ? $a->timezone : 'UTC', $rr['start'], $bd_format)) . (($today) ? ' ' . t('[today]') : '')
  905. . '</div>' ;
  906. }
  907. $o .= '</div></div>';
  908. }
  909. return $o;
  910. }}
  911. /**
  912. *
  913. * Wrap calls to proc_close(proc_open()) and call hook
  914. * so plugins can take part in process :)
  915. *
  916. * args:
  917. * $cmd program to run
  918. * next args are passed as $cmd command line
  919. *
  920. * e.g.: proc_run("ls","-la","/tmp");
  921. *
  922. * $cmd and string args are surrounded with ""
  923. */
  924. if(! function_exists('proc_run')) {
  925. function proc_run($cmd){
  926. $a = get_app();
  927. $args = func_get_args();
  928. $arr = array('args' => $args, 'run_cmd' => true);
  929. call_hooks("proc_run", $arr);
  930. if(! $arr['run_cmd'])
  931. return;
  932. if(count($args) && $args[0] === 'php')
  933. $args[0] = ((x($a->config,'php_path')) && (strlen($a->config['php_path'])) ? $a->config['php_path'] : 'php');
  934. foreach ($args as $arg){
  935. $arg = escapeshellarg($arg);
  936. }
  937. $cmdline = implode($args," ");
  938. proc_close(proc_open($cmdline." &",array(),$foo));
  939. }}
  940. if(! function_exists('current_theme')) {
  941. function current_theme(){
  942. $app_base_themes = array('duepuntozero', 'loozah');
  943. $a = get_app();
  944. $system_theme = ((isset($a->config['system']['theme'])) ? $a->config['system']['theme'] : '');
  945. $theme_name = ((is_array($_SESSION) && x($_SESSION,'theme')) ? $_SESSION['theme'] : $system_theme);
  946. if($theme_name && file_exists('view/theme/' . $theme_name . '/style.css'))
  947. return($theme_name);
  948. foreach($app_base_themes as $t) {
  949. if(file_exists('view/theme/' . $t . '/style.css'))
  950. return($t);
  951. }
  952. $fallback = glob('view/theme/*/style.css');
  953. if(count($fallback))
  954. return (str_replace('view/theme/','', str_replace("/style.css","",$fallback[0])));
  955. }}
  956. /*
  957. * Return full URL to theme which is currently in effect.
  958. * Provide a sane default if nothing is chosen or the specified theme does not exist.
  959. */
  960. if(! function_exists('current_theme_url')) {
  961. function current_theme_url() {
  962. global $a;
  963. $t = current_theme();
  964. return($a->get_baseurl() . '/view/theme/' . $t . '/style.css');
  965. }}
  966. if(! function_exists('feed_birthday')) {
  967. function feed_birthday($uid,$tz) {
  968. /**
  969. *
  970. * Determine the next birthday, but only if the birthday is published
  971. * in the default profile. We _could_ also look for a private profile that the
  972. * recipient can see, but somebody could get mad at us if they start getting
  973. * public birthday greetings when they haven't made this info public.
  974. *
  975. * Assuming we are able to publish this info, we are then going to convert
  976. * the start time from the owner's timezone to UTC.
  977. *
  978. * This will potentially solve the problem found with some social networks
  979. * where birthdays are converted to the viewer's timezone and salutations from
  980. * elsewhere in the world show up on the wrong day. We will convert it to the
  981. * viewer's timezone also, but first we are going to convert it from the birthday
  982. * person's timezone to GMT - so the viewer may find the birthday starting at
  983. * 6:00PM the day before, but that will correspond to midnight to the birthday person.
  984. *
  985. */
  986. $birthday = '';
  987. $p = q("SELECT `dob` FROM `profile` WHERE `is-default` = 1 AND `uid` = %d LIMIT 1",
  988. intval($uid)
  989. );
  990. if($p && count($p)) {
  991. $tmp_dob = substr($p[0]['dob'],5);
  992. if(intval($tmp_dob)) {
  993. $y = datetime_convert($tz,$tz,'now','Y');
  994. $bd = $y . '-' . $tmp_dob . ' 00:00';
  995. $t_dob = strtotime($bd);
  996. $now = strtotime(datetime_convert($tz,$tz,'now'));
  997. if($t_dob < $now)
  998. $bd = $y + 1 . '-' . $tmp_dob . ' 00:00';
  999. $birthday = datetime_convert($tz,'UTC',$bd,ATOM_TIME);
  1000. }
  1001. }
  1002. return $birthday;
  1003. }}
  1004. if(! function_exists('is_site_admin')) {
  1005. function is_site_admin() {
  1006. $a = get_app();
  1007. if(local_user() && x($a->user,'email') && x($a->config,'admin_email') && ($a->user['email'] === $a->config['admin_email']))
  1008. return true;
  1009. return false;
  1010. }}
  1011. if(! function_exists('load_contact_links')) {
  1012. function load_contact_links($uid) {
  1013. $a = get_app();
  1014. $ret = array();
  1015. if(! $uid || x($a->contacts,'empty'))
  1016. return;
  1017. $r = q("SELECT `id`,`network`,`url`,`thumb` FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 ",
  1018. intval($uid)
  1019. );
  1020. if(count($r)) {
  1021. foreach($r as $rr){
  1022. $url = normalise_link($rr['url']);
  1023. $ret[$url] = $rr;
  1024. }
  1025. }
  1026. else
  1027. $ret['empty'] = true;
  1028. $a->contacts = $ret;
  1029. return;
  1030. }}
  1031. if(! function_exists('profile_tabs')){
  1032. function profile_tabs($a, $is_owner=False, $nickname=Null){
  1033. //echo "<pre>"; var_dump($a->user); killme();
  1034. if (is_null($nickname))
  1035. $nickname = $a->user['nickname'];
  1036. if(x($_GET,'tab'))
  1037. $tab = notags(trim($_GET['tab']));
  1038. $url = $a->get_baseurl() . '/profile/' . $nickname;
  1039. $tabs = array(
  1040. array(
  1041. 'label'=>t('Status'),
  1042. 'url' => $url,
  1043. 'sel' => ((!isset($tab)&&$a->argv[0]=='profile')?'active':''),
  1044. ),
  1045. array(
  1046. 'label' => t('Profile'),
  1047. 'url' => $url.'/?tab=profile',
  1048. 'sel' => (($tab=='profile')?'active':''),
  1049. ),
  1050. array(
  1051. 'label' => t('Photos'),
  1052. 'url' => $a->get_baseurl() . '/photos/' . $nickname,
  1053. 'sel' => ((!isset($tab)&&$a->argv[0]=='photos')?'active':''),
  1054. ),
  1055. );
  1056. if ($is_owner){
  1057. $tabs[] = array(
  1058. 'label' => t('Events'),
  1059. 'url' => $a->get_baseurl() . '/events',
  1060. 'sel' =>((!isset($tab)&&$a->argv[0]=='events')?'active':''),
  1061. );
  1062. $tabs[] = array(
  1063. 'label' => t('Personal Notes'),
  1064. 'url' => $a->get_baseurl() . '/notes',
  1065. 'sel' =>((!isset($tab)&&$a->argv[0]=='notes')?'active':''),
  1066. );
  1067. }
  1068. $tpl = get_markup_template('common_tabs.tpl');
  1069. return replace_macros($tpl,array('$tabs'=>$tabs));
  1070. }}