Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

1359 lines
37 KiB

  1. <?php
  2. require_once('include/config.php');
  3. require_once('include/network.php');
  4. require_once('include/plugin.php');
  5. require_once('include/text.php');
  6. require_once('include/pgettext.php');
  7. require_once('include/nav.php');
  8. require_once('include/cache.php');
  9. define ( 'FRIENDICA_PLATFORM', 'Friendica');
  10. define ( 'FRIENDICA_VERSION', '2.3.1254' );
  11. define ( 'DFRN_PROTOCOL_VERSION', '2.22' );
  12. define ( 'DB_UPDATE_VERSION', 1122 );
  13. define ( 'EOL', "<br />\r\n" );
  14. define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' );
  15. /**
  16. *
  17. * Image storage quality. Lower numbers save space at cost of image detail.
  18. * For ease of upgrade, please do not change here. Change jpeg quality with
  19. * $a->config['system']['jpeg_quality'] = n;
  20. * in .htconfig.php, where n is netween 1 and 100, and with very poor results
  21. * below about 50
  22. *
  23. */
  24. define ( 'JPEG_QUALITY', 100 );
  25. /**
  26. * SSL redirection policies
  27. */
  28. define ( 'SSL_POLICY_NONE', 0 );
  29. define ( 'SSL_POLICY_FULL', 1 );
  30. define ( 'SSL_POLICY_SELFSIGN', 2 );
  31. /**
  32. * log levels
  33. */
  34. define ( 'LOGGER_NORMAL', 0 );
  35. define ( 'LOGGER_TRACE', 1 );
  36. define ( 'LOGGER_DEBUG', 2 );
  37. define ( 'LOGGER_DATA', 3 );
  38. define ( 'LOGGER_ALL', 4 );
  39. /**
  40. * registration policies
  41. */
  42. define ( 'REGISTER_CLOSED', 0 );
  43. define ( 'REGISTER_APPROVE', 1 );
  44. define ( 'REGISTER_OPEN', 2 );
  45. /**
  46. * relationship types
  47. */
  48. define ( 'CONTACT_IS_FOLLOWER', 1);
  49. define ( 'CONTACT_IS_SHARING', 2);
  50. define ( 'CONTACT_IS_FRIEND', 3);
  51. /**
  52. * Hook array order
  53. */
  54. define ( 'HOOK_HOOK', 0);
  55. define ( 'HOOK_FILE', 1);
  56. define ( 'HOOK_FUNCTION', 2);
  57. /**
  58. *
  59. * page/profile types
  60. *
  61. * PAGE_NORMAL is a typical personal profile account
  62. * PAGE_SOAPBOX automatically approves all friend requests as CONTACT_IS_SHARING, (readonly)
  63. * PAGE_COMMUNITY automatically approves all friend requests as CONTACT_IS_SHARING, but with
  64. * write access to wall and comments (no email and not included in page owner's ACL lists)
  65. * PAGE_FREELOVE automatically approves all friend requests as full friends (CONTACT_IS_FRIEND).
  66. *
  67. */
  68. define ( 'PAGE_NORMAL', 0 );
  69. define ( 'PAGE_SOAPBOX', 1 );
  70. define ( 'PAGE_COMMUNITY', 2 );
  71. define ( 'PAGE_FREELOVE', 3 );
  72. define ( 'PAGE_BLOG', 4 );
  73. /**
  74. * Network and protocol family types
  75. */
  76. define ( 'NETWORK_ZOT', 'zot!'); // Zot!
  77. define ( 'NETWORK_DFRN', 'dfrn'); // Friendica, Mistpark, other DFRN implementations
  78. define ( 'NETWORK_OSTATUS', 'stat'); // status.net, identi.ca, GNU-social, other OStatus implementations
  79. define ( 'NETWORK_FEED', 'feed'); // RSS/Atom feeds with no known "post/notify" protocol
  80. define ( 'NETWORK_DIASPORA', 'dspr'); // Diaspora
  81. define ( 'NETWORK_MAIL', 'mail'); // IMAP/POP
  82. define ( 'NETWORK_MAIL2', 'mai2'); // extended IMAP/POP
  83. define ( 'NETWORK_FACEBOOK', 'face'); // Facebook API
  84. define ( 'NETWORK_LINKEDIN', 'lnkd'); // LinkedIn
  85. define ( 'NETWORK_XMPP', 'xmpp'); // XMPP
  86. define ( 'NETWORK_MYSPACE', 'mysp'); // MySpace
  87. define ( 'NETWORK_GPLUS', 'goog'); // Google+
  88. /**
  89. * Maximum number of "people who like (or don't like) this" that we will list by name
  90. */
  91. define ( 'MAX_LIKERS', 75);
  92. /**
  93. * Communication timeout
  94. */
  95. define ( 'ZCURL_TIMEOUT' , (-1));
  96. /**
  97. * email notification options
  98. */
  99. define ( 'NOTIFY_INTRO', 0x0001 );
  100. define ( 'NOTIFY_CONFIRM', 0x0002 );
  101. define ( 'NOTIFY_WALL', 0x0004 );
  102. define ( 'NOTIFY_COMMENT', 0x0008 );
  103. define ( 'NOTIFY_MAIL', 0x0010 );
  104. define ( 'NOTIFY_SUGGEST', 0x0020 );
  105. define ( 'NOTIFY_PROFILE', 0x0040 );
  106. define ( 'NOTIFY_TAGSELF', 0x0080 );
  107. define ( 'NOTIFY_TAGSHARE', 0x0100 );
  108. /**
  109. * various namespaces we may need to parse
  110. */
  111. define ( 'NAMESPACE_ZOT', 'http://purl.org/macgirvin/zot' );
  112. define ( 'NAMESPACE_DFRN' , 'http://purl.org/macgirvin/dfrn/1.0' );
  113. define ( 'NAMESPACE_THREAD' , 'http://purl.org/syndication/thread/1.0' );
  114. define ( 'NAMESPACE_TOMB' , 'http://purl.org/atompub/tombstones/1.0' );
  115. define ( 'NAMESPACE_ACTIVITY', 'http://activitystrea.ms/spec/1.0/' );
  116. define ( 'NAMESPACE_ACTIVITY_SCHEMA', 'http://activitystrea.ms/schema/1.0/' );
  117. define ( 'NAMESPACE_MEDIA', 'http://purl.org/syndication/atommedia' );
  118. define ( 'NAMESPACE_SALMON_ME', 'http://salmon-protocol.org/ns/magic-env' );
  119. define ( 'NAMESPACE_OSTATUSSUB', 'http://ostatus.org/schema/1.0/subscribe' );
  120. define ( 'NAMESPACE_GEORSS', 'http://www.georss.org/georss' );
  121. define ( 'NAMESPACE_POCO', 'http://portablecontacts.net/spec/1.0' );
  122. define ( 'NAMESPACE_FEED', 'http://schemas.google.com/g/2010#updates-from' );
  123. define ( 'NAMESPACE_OSTATUS', 'http://ostatus.org/schema/1.0' );
  124. define ( 'NAMESPACE_STATUSNET', 'http://status.net/schema/api/1/' );
  125. define ( 'NAMESPACE_ATOM1', 'http://www.w3.org/2005/Atom' );
  126. /**
  127. * activity stream defines
  128. */
  129. define ( 'ACTIVITY_LIKE', NAMESPACE_ACTIVITY_SCHEMA . 'like' );
  130. define ( 'ACTIVITY_DISLIKE', NAMESPACE_DFRN . '/dislike' );
  131. define ( 'ACTIVITY_OBJ_HEART', NAMESPACE_DFRN . '/heart' );
  132. define ( 'ACTIVITY_FRIEND', NAMESPACE_ACTIVITY_SCHEMA . 'make-friend' );
  133. define ( 'ACTIVITY_REQ_FRIEND', NAMESPACE_ACTIVITY_SCHEMA . 'request-friend' );
  134. define ( 'ACTIVITY_UNFRIEND', NAMESPACE_ACTIVITY_SCHEMA . 'remove-friend' );
  135. define ( 'ACTIVITY_FOLLOW', NAMESPACE_ACTIVITY_SCHEMA . 'follow' );
  136. define ( 'ACTIVITY_UNFOLLOW', NAMESPACE_ACTIVITY_SCHEMA . 'stop-following' );
  137. define ( 'ACTIVITY_POST', NAMESPACE_ACTIVITY_SCHEMA . 'post' );
  138. define ( 'ACTIVITY_UPDATE', NAMESPACE_ACTIVITY_SCHEMA . 'update' );
  139. define ( 'ACTIVITY_TAG', NAMESPACE_ACTIVITY_SCHEMA . 'tag' );
  140. define ( 'ACTIVITY_FAVORITE', NAMESPACE_ACTIVITY_SCHEMA . 'favorite' );
  141. define ( 'ACTIVITY_OBJ_COMMENT', NAMESPACE_ACTIVITY_SCHEMA . 'comment' );
  142. define ( 'ACTIVITY_OBJ_NOTE', NAMESPACE_ACTIVITY_SCHEMA . 'note' );
  143. define ( 'ACTIVITY_OBJ_PERSON', NAMESPACE_ACTIVITY_SCHEMA . 'person' );
  144. define ( 'ACTIVITY_OBJ_PHOTO', NAMESPACE_ACTIVITY_SCHEMA . 'photo' );
  145. define ( 'ACTIVITY_OBJ_P_PHOTO', NAMESPACE_ACTIVITY_SCHEMA . 'profile-photo' );
  146. define ( 'ACTIVITY_OBJ_ALBUM', NAMESPACE_ACTIVITY_SCHEMA . 'photo-album' );
  147. define ( 'ACTIVITY_OBJ_EVENT', NAMESPACE_ACTIVITY_SCHEMA . 'event' );
  148. define ( 'ACTIVITY_OBJ_TAGTERM', NAMESPACE_DFRN . '/tagterm' );
  149. /**
  150. * item weight for query ordering
  151. */
  152. define ( 'GRAVITY_PARENT', 0);
  153. define ( 'GRAVITY_LIKE', 3);
  154. define ( 'GRAVITY_COMMENT', 6);
  155. /**
  156. *
  157. * Reverse the effect of magic_quotes_gpc if it is enabled.
  158. * Please disable magic_quotes_gpc so we don't have to do this.
  159. * See http://php.net/manual/en/security.magicquotes.disabling.php
  160. *
  161. */
  162. function startup() {
  163. error_reporting(E_ERROR | E_WARNING | E_PARSE);
  164. set_time_limit(0);
  165. // This has to be quite large to deal with embedded private photos
  166. ini_set('pcre.backtrack_limit', 500000);
  167. if (get_magic_quotes_gpc()) {
  168. $process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST);
  169. while (list($key, $val) = each($process)) {
  170. foreach ($val as $k => $v) {
  171. unset($process[$key][$k]);
  172. if (is_array($v)) {
  173. $process[$key][stripslashes($k)] = $v;
  174. $process[] = &$process[$key][stripslashes($k)];
  175. } else {
  176. $process[$key][stripslashes($k)] = stripslashes($v);
  177. }
  178. }
  179. }
  180. unset($process);
  181. }
  182. }
  183. /**
  184. *
  185. * class: App
  186. *
  187. * Our main application structure for the life of this page
  188. * Primarily deals with the URL that got us here
  189. * and tries to make some sense of it, and
  190. * stores our page contents and config storage
  191. * and anything else that might need to be passed around
  192. * before we spit the page out.
  193. *
  194. */
  195. if(! class_exists('App')) {
  196. class App {
  197. public $module_loaded = false;
  198. public $query_string;
  199. public $config;
  200. public $page;
  201. public $profile;
  202. public $user;
  203. public $cid;
  204. public $contact;
  205. public $contacts;
  206. public $page_contact;
  207. public $content;
  208. public $data = array();
  209. public $error = false;
  210. public $cmd;
  211. public $argv;
  212. public $argc;
  213. public $module;
  214. public $pager;
  215. public $strings;
  216. public $path;
  217. public $hooks;
  218. public $timezone;
  219. public $interactive = true;
  220. public $plugins;
  221. public $apps = array();
  222. public $identities;
  223. public $nav_sel;
  224. private $scheme;
  225. private $hostname;
  226. private $baseurl;
  227. private $db;
  228. private $curl_code;
  229. private $curl_headers;
  230. function __construct() {
  231. $this->config = array();
  232. $this->page = array();
  233. $this->pager= array();
  234. $this->query_string = '';
  235. startup();
  236. $this->scheme = ((isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'])) ? 'https' : 'http' );
  237. if(x($_SERVER,'SERVER_NAME')) {
  238. $this->hostname = $_SERVER['SERVER_NAME'];
  239. if(x($_SERVER,'SERVER_PORT') && $_SERVER['SERVER_PORT'] != 80 && $_SERVER['SERVER_PORT'] != 443)
  240. $this->hostname .= ':' . $_SERVER['SERVER_PORT'];
  241. /**
  242. * Figure out if we are running at the top of a domain
  243. * or in a sub-directory and adjust accordingly
  244. */
  245. $path = trim(dirname($_SERVER['SCRIPT_NAME']),'/\\');
  246. if(isset($path) && strlen($path) && ($path != $this->path))
  247. $this->path = $path;
  248. }
  249. set_include_path(
  250. "include/$this->hostname" . PATH_SEPARATOR
  251. . 'include' . PATH_SEPARATOR
  252. . 'library' . PATH_SEPARATOR
  253. . 'library/phpsec' . PATH_SEPARATOR
  254. . '.' );
  255. if((x($_SERVER,'QUERY_STRING')) && substr($_SERVER['QUERY_STRING'],0,2) === "q=")
  256. $this->query_string = substr($_SERVER['QUERY_STRING'],2);
  257. if(x($_GET,'q'))
  258. $this->cmd = trim($_GET['q'],'/\\');
  259. // unix style "homedir"
  260. if(substr($this->cmd,0,1) === '~')
  261. $this->cmd = 'profile/' . substr($this->cmd,1);
  262. // Diaspora style profile url
  263. if(substr($this->cmd,0,2) === 'u/')
  264. $this->cmd = 'profile/' . substr($this->cmd,2);
  265. /**
  266. *
  267. * Break the URL path into C style argc/argv style arguments for our
  268. * modules. Given "http://example.com/module/arg1/arg2", $this->argc
  269. * will be 3 (integer) and $this->argv will contain:
  270. * [0] => 'module'
  271. * [1] => 'arg1'
  272. * [2] => 'arg2'
  273. *
  274. *
  275. * There will always be one argument. If provided a naked domain
  276. * URL, $this->argv[0] is set to "home".
  277. *
  278. */
  279. $this->argv = explode('/',$this->cmd);
  280. $this->argc = count($this->argv);
  281. if((array_key_exists('0',$this->argv)) && strlen($this->argv[0])) {
  282. $this->module = str_replace(".", "_", $this->argv[0]);
  283. }
  284. else {
  285. $this->argc = 1;
  286. $this->argv = array('home');
  287. $this->module = 'home';
  288. }
  289. /**
  290. * Special handling for the webfinger/lrdd host XRD file
  291. */
  292. if($this->cmd === '.well-known/host-meta') {
  293. $this->argc = 1;
  294. $this->argv = array('hostxrd');
  295. $this->module = 'hostxrd';
  296. }
  297. /**
  298. * See if there is any page number information, and initialise
  299. * pagination
  300. */
  301. $this->pager['page'] = ((x($_GET,'page')) ? $_GET['page'] : 1);
  302. $this->pager['itemspage'] = 50;
  303. $this->pager['start'] = ($this->pager['page'] * $this->pager['itemspage']) - $this->pager['itemspage'];
  304. $this->pager['total'] = 0;
  305. }
  306. function get_baseurl($ssl = false) {
  307. $scheme = $this->scheme;
  308. if(x($this->config,'ssl_policy')) {
  309. if(($ssl) || ($this->config['ssl_policy'] == SSL_POLICY_FULL))
  310. $scheme = 'https';
  311. if(($this->config['ssl_policy'] == SSL_POLICY_SELFSIGN) && (local_user() || x($_POST,'auth-params')))
  312. $scheme = 'https';
  313. }
  314. $this->baseurl = $scheme . "://" . $this->hostname . ((isset($this->path) && strlen($this->path)) ? '/' . $this->path : '' );
  315. return $this->baseurl;
  316. }
  317. function set_baseurl($url) {
  318. $parsed = @parse_url($url);
  319. $this->baseurl = $url;
  320. if($parsed) {
  321. $this->scheme = $parsed['scheme'];
  322. $this->hostname = $parsed['host'];
  323. if(x($parsed,'port'))
  324. $this->hostname .= ':' . $parsed['port'];
  325. if(x($parsed,'path'))
  326. $this->path = trim($parsed['path'],'\\/');
  327. }
  328. }
  329. function get_hostname() {
  330. return $this->hostname;
  331. }
  332. function set_hostname($h) {
  333. $this->hostname = $h;
  334. }
  335. function set_path($p) {
  336. $this->path = trim(trim($p),'/');
  337. }
  338. function get_path() {
  339. return $this->path;
  340. }
  341. function set_pager_total($n) {
  342. $this->pager['total'] = intval($n);
  343. }
  344. function set_pager_itemspage($n) {
  345. $this->pager['itemspage'] = intval($n);
  346. $this->pager['start'] = ($this->pager['page'] * $this->pager['itemspage']) - $this->pager['itemspage'];
  347. }
  348. function init_pagehead() {
  349. $interval = ((local_user()) ? get_pconfig(local_user(),'system','update_interval') : 40000);
  350. if($interval < 10000)
  351. $interval = 40000;
  352. $this->page['title'] = $this->config['sitename'];
  353. $tpl = file_get_contents('view/head.tpl');
  354. $this->page['htmlhead'] = replace_macros($tpl,array(
  355. '$baseurl' => $this->get_baseurl(), // FIXME for z_path!!!!
  356. '$generator' => 'Friendica' . ' ' . FRIENDICA_VERSION,
  357. '$delitem' => t('Delete this item?'),
  358. '$comment' => t('Comment'),
  359. '$showmore' => t('show more'),
  360. '$showfewer' => t('show fewer'),
  361. '$update_interval' => $interval
  362. ));
  363. }
  364. function set_curl_code($code) {
  365. $this->curl_code = $code;
  366. }
  367. function get_curl_code() {
  368. return $this->curl_code;
  369. }
  370. function set_curl_headers($headers) {
  371. $this->curl_headers = $headers;
  372. }
  373. function get_curl_headers() {
  374. return $this->curl_headers;
  375. }
  376. }}
  377. // retrieve the App structure
  378. // useful in functions which require it but don't get it passed to them
  379. if(! function_exists('get_app')) {
  380. function get_app() {
  381. global $a;
  382. return $a;
  383. }};
  384. // Multi-purpose function to check variable state.
  385. // Usage: x($var) or $x($array,'key')
  386. // returns false if variable/key is not set
  387. // if variable is set, returns 1 if has 'non-zero' value, otherwise returns 0.
  388. // e.g. x('') or x(0) returns 0;
  389. if(! function_exists('x')) {
  390. function x($s,$k = NULL) {
  391. if($k != NULL) {
  392. if((is_array($s)) && (array_key_exists($k,$s))) {
  393. if($s[$k])
  394. return (int) 1;
  395. return (int) 0;
  396. }
  397. return false;
  398. }
  399. else {
  400. if(isset($s)) {
  401. if($s) {
  402. return (int) 1;
  403. }
  404. return (int) 0;
  405. }
  406. return false;
  407. }
  408. }}
  409. // called from db initialisation if db is dead.
  410. if(! function_exists('system_unavailable')) {
  411. function system_unavailable() {
  412. include('system_unavailable.php');
  413. system_down();
  414. killme();
  415. }}
  416. function clean_urls() {
  417. global $a;
  418. // if($a->config['system']['clean_urls'])
  419. return true;
  420. // return false;
  421. }
  422. function z_path() {
  423. global $a;
  424. $base = $a->get_baseurl();
  425. if(! clean_urls())
  426. $base .= '/?q=';
  427. return $base;
  428. }
  429. function z_root() {
  430. global $a;
  431. return $a->get_baseurl();
  432. }
  433. function absurl($path) {
  434. if(strpos($path,'/') === 0)
  435. return z_path() . $path;
  436. return $path;
  437. }
  438. // Primarily involved with database upgrade, but also sets the
  439. // base url for use in cmdline programs which don't have
  440. // $_SERVER variables, and synchronising the state of installed plugins.
  441. if(! function_exists('check_config')) {
  442. function check_config(&$a) {
  443. $build = get_config('system','build');
  444. if(! x($build))
  445. $build = set_config('system','build',DB_UPDATE_VERSION);
  446. $url = get_config('system','url');
  447. // if the url isn't set or the stored url is radically different
  448. // than the currently visited url, store the current value accordingly.
  449. // "Radically different" ignores common variations such as http vs https
  450. // and www.example.com vs example.com.
  451. if((! x($url)) || (! link_compare($url,$a->get_baseurl())))
  452. $url = set_config('system','url',$a->get_baseurl());
  453. if($build != DB_UPDATE_VERSION) {
  454. $stored = intval($build);
  455. $current = intval(DB_UPDATE_VERSION);
  456. if(($stored < $current) && file_exists('update.php')) {
  457. load_config('database');
  458. // We're reporting a different version than what is currently installed.
  459. // Run any existing update scripts to bring the database up to current.
  460. require_once('update.php');
  461. // make sure that boot.php and update.php are the same release, we might be
  462. // updating right this very second and the correct version of the update.php
  463. // file may not be here yet. This can happen on a very busy site.
  464. if(DB_UPDATE_VERSION == UPDATE_VERSION) {
  465. for($x = $stored; $x < $current; $x ++) {
  466. if(function_exists('update_' . $x)) {
  467. // There could be a lot of processes running or about to run.
  468. // We want exactly one process to run the update command.
  469. // So store the fact that we're taking responsibility
  470. // after first checking to see if somebody else already has.
  471. // If the update fails or times-out completely you may need to
  472. // delete the config entry to try again.
  473. if(get_config('database','update_' . $x))
  474. break;
  475. set_config('database','update_' . $x, '1');
  476. // call the specific update
  477. $func = 'update_' . $x;
  478. $func($a);
  479. }
  480. }
  481. set_config('system','build', DB_UPDATE_VERSION);
  482. }
  483. }
  484. }
  485. /**
  486. *
  487. * Synchronise plugins:
  488. *
  489. * $a->config['system']['addon'] contains a comma-separated list of names
  490. * of plugins/addons which are used on this system.
  491. * Go through the database list of already installed addons, and if we have
  492. * an entry, but it isn't in the config list, call the uninstall procedure
  493. * and mark it uninstalled in the database (for now we'll remove it).
  494. * Then go through the config list and if we have a plugin that isn't installed,
  495. * call the install procedure and add it to the database.
  496. *
  497. */
  498. $r = q("SELECT * FROM `addon` WHERE `installed` = 1");
  499. if(count($r))
  500. $installed = $r;
  501. else
  502. $installed = array();
  503. $plugins = get_config('system','addon');
  504. $plugins_arr = array();
  505. if($plugins)
  506. $plugins_arr = explode(',',str_replace(' ', '',$plugins));
  507. $a->plugins = $plugins_arr;
  508. $installed_arr = array();
  509. if(count($installed)) {
  510. foreach($installed as $i) {
  511. if(! in_array($i['name'],$plugins_arr)) {
  512. uninstall_plugin($i['name']);
  513. }
  514. else
  515. $installed_arr[] = $i['name'];
  516. }
  517. }
  518. if(count($plugins_arr)) {
  519. foreach($plugins_arr as $p) {
  520. if(! in_array($p,$installed_arr)) {
  521. install_plugin($p);
  522. }
  523. }
  524. }
  525. load_hooks();
  526. return;
  527. }}
  528. function get_guid($size=16) {
  529. $exists = true; // assume by default that we don't have a unique guid
  530. do {
  531. $s = random_string($size);
  532. $r = q("select id from guid where guid = '%s' limit 1", dbesc($s));
  533. if(! count($r))
  534. $exists = false;
  535. } while($exists);
  536. q("insert into guid ( guid ) values ( '%s' ) ", dbesc($s));
  537. return $s;
  538. }
  539. // wrapper for adding a login box. If $register == true provide a registration
  540. // link. This will most always depend on the value of $a->config['register_policy'].
  541. // returns the complete html for inserting into the page
  542. if(! function_exists('login')) {
  543. function login($register = false, $hiddens=false) {
  544. $o = "";
  545. $reg = false;
  546. if ($register) {
  547. $reg = array(
  548. 'title' => t('Create a New Account'),
  549. 'desc' => t('Register')
  550. );
  551. }
  552. $noid = get_config('system','no_openid');
  553. if(local_user()) {
  554. $tpl = get_markup_template("logout.tpl");
  555. }
  556. else {
  557. $tpl = get_markup_template("login.tpl");
  558. }
  559. $o .= replace_macros($tpl,array(
  560. '$logout' => t('Logout'),
  561. '$login' => t('Login'),
  562. '$lname' => array('username', t('Nickname or Email address: ') , '', ''),
  563. '$lpassword' => array('password', t('Password: '), '', ''),
  564. '$openid' => !$noid,
  565. '$lopenid' => array('openid_url', t('Or login using OpenID: '),'',''),
  566. '$hiddens' => $hiddens,
  567. '$register' => $reg,
  568. '$lostpass' => t('Forgot your password?'),
  569. '$lostlink' => t('Password Reset'),
  570. ));
  571. call_hooks('login_hook',$o);
  572. return $o;
  573. }}
  574. // Used to end the current process, after saving session state.
  575. if(! function_exists('killme')) {
  576. function killme() {
  577. session_write_close();
  578. exit;
  579. }}
  580. // redirect to another URL and terminate this process.
  581. if(! function_exists('goaway')) {
  582. function goaway($s) {
  583. header("Location: $s");
  584. killme();
  585. }}
  586. // Returns the uid of locally logged in user or false.
  587. if(! function_exists('local_user')) {
  588. function local_user() {
  589. if((x($_SESSION,'authenticated')) && (x($_SESSION,'uid')))
  590. return intval($_SESSION['uid']);
  591. return false;
  592. }}
  593. // Returns contact id of authenticated site visitor or false
  594. if(! function_exists('remote_user')) {
  595. function remote_user() {
  596. if((x($_SESSION,'authenticated')) && (x($_SESSION,'visitor_id')))
  597. return intval($_SESSION['visitor_id']);
  598. return false;
  599. }}
  600. // contents of $s are displayed prominently on the page the next time
  601. // a page is loaded. Usually used for errors or alerts.
  602. if(! function_exists('notice')) {
  603. function notice($s) {
  604. $a = get_app();
  605. if(! x($_SESSION,'sysmsg')) $_SESSION['sysmsg'] = array();
  606. if($a->interactive)
  607. $_SESSION['sysmsg'][] = $s;
  608. }}
  609. if(! function_exists('info')) {
  610. function info($s) {
  611. $a = get_app();
  612. if(! x($_SESSION,'sysmsg_info')) $_SESSION['sysmsg_info'] = array();
  613. if($a->interactive)
  614. $_SESSION['sysmsg_info'][] = $s;
  615. }}
  616. // wrapper around config to limit the text length of an incoming message
  617. if(! function_exists('get_max_import_size')) {
  618. function get_max_import_size() {
  619. global $a;
  620. return ((x($a->config,'max_import_size')) ? $a->config['max_import_size'] : 0 );
  621. }}
  622. /**
  623. *
  624. * Function : profile_load
  625. * @parameter App $a
  626. * @parameter string $nickname
  627. * @parameter int $profile
  628. *
  629. * Summary: Loads a profile into the page sidebar.
  630. * The function requires a writeable copy of the main App structure, and the nickname
  631. * of a registered local account.
  632. *
  633. * If the viewer is an authenticated remote viewer, the profile displayed is the
  634. * one that has been configured for his/her viewing in the Contact manager.
  635. * Passing a non-zero profile ID can also allow a preview of a selected profile
  636. * by the owner.
  637. *
  638. * Profile information is placed in the App structure for later retrieval.
  639. * Honours the owner's chosen theme for display.
  640. *
  641. */
  642. if(! function_exists('profile_load')) {
  643. function profile_load(&$a, $nickname, $profile = 0) {
  644. if(remote_user()) {
  645. $r = q("SELECT `profile-id` FROM `contact` WHERE `id` = %d LIMIT 1",
  646. intval($_SESSION['visitor_id']));
  647. if(count($r))
  648. $profile = $r[0]['profile-id'];
  649. }
  650. $r = null;
  651. if($profile) {
  652. $profile_int = intval($profile);
  653. $r = q("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `contact`.`avatar-date` AS picdate, `user`.* FROM `profile`
  654. left join `contact` on `contact`.`uid` = `profile`.`uid` LEFT JOIN `user` ON `profile`.`uid` = `user`.`uid`
  655. WHERE `user`.`nickname` = '%s' AND `profile`.`id` = %d and `contact`.`self` = 1 LIMIT 1",
  656. dbesc($nickname),
  657. intval($profile_int)
  658. );
  659. }
  660. if((! $r) && (! count($r))) {
  661. $r = q("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `contact`.`avatar-date` AS picdate, `user`.* FROM `profile`
  662. left join `contact` on `contact`.`uid` = `profile`.`uid` LEFT JOIN `user` ON `profile`.`uid` = `user`.`uid`
  663. WHERE `user`.`nickname` = '%s' AND `profile`.`is-default` = 1 and `contact`.`self` = 1 LIMIT 1",
  664. dbesc($nickname)
  665. );
  666. }
  667. if(($r === false) || (! count($r))) {
  668. notice( t('Requested profile is not available.') . EOL );
  669. $a->error = 404;
  670. return;
  671. }
  672. // fetch user tags if this isn't the default profile
  673. if(! $r[0]['is-default']) {
  674. $x = q("select `pub_keywords` from `profile` where uid = %d and `is-default` = 1 limit 1",
  675. intval($profile_uid)
  676. );
  677. if($x && count($x))
  678. $r[0]['pub_keywords'] = $x[0]['pub_keywords'];
  679. }
  680. $a->profile = $r[0];
  681. $a->page['title'] = $a->profile['name'] . " @ " . $a->config['sitename'];
  682. $_SESSION['theme'] = $a->profile['theme'];
  683. /**
  684. * load/reload current theme info
  685. */
  686. $theme_info_file = "view/theme/".current_theme()."/theme.php";
  687. if (file_exists($theme_info_file)){
  688. require_once($theme_info_file);
  689. }
  690. if(! (x($a->page,'aside')))
  691. $a->page['aside'] = '';
  692. if(local_user() && local_user() == $a->profile['uid']) {
  693. $a->page['aside'] .= replace_macros(get_markup_template('profile_edlink.tpl'),array(
  694. '$editprofile' => t('Edit profile'),
  695. '$profid' => $a->profile['id']
  696. ));
  697. }
  698. $block = (((get_config('system','block_public')) && (! local_user()) && (! remote_user())) ? true : false);
  699. $a->page['aside'] .= profile_sidebar($a->profile, $block);
  700. /*if(! $block)
  701. $a->page['aside'] .= contact_block();*/
  702. return;
  703. }}
  704. /**
  705. *
  706. * Function: profile_sidebar
  707. *
  708. * Formats a profile for display in the sidebar.
  709. * It is very difficult to templatise the HTML completely
  710. * because of all the conditional logic.
  711. *
  712. * @parameter: array $profile
  713. *
  714. * Returns HTML string stuitable for sidebar inclusion
  715. * Exceptions: Returns empty string if passed $profile is wrong type or not populated
  716. *
  717. */
  718. if(! function_exists('profile_sidebar')) {
  719. function profile_sidebar($profile, $block = 0) {
  720. $a = get_app();
  721. $o = '';
  722. $location = false;
  723. $address = false;
  724. $pdesc = true;
  725. if((! is_array($profile)) && (! count($profile)))
  726. return $o;
  727. $profile['picdate'] = urlencode($profile['picdate']);
  728. call_hooks('profile_sidebar_enter', $profile);
  729. // don't show connect link to yourself
  730. $connect = (($profile['uid'] != local_user()) ? t('Connect') : False);
  731. // don't show connect link to authenticated visitors either
  732. if((remote_user()) && ($_SESSION['visitor_visiting'] == $profile['uid']))
  733. $connect = False;
  734. // show edit profile to yourself
  735. if ($profile['uid'] == local_user()) {
  736. $profile['edit'] = array($a->get_baseurl(). '/profiles', t('Profiles'),"", t('Manage/edit profiles'));
  737. $r = q("SELECT * FROM `profile` WHERE `uid` = %d",
  738. local_user());
  739. $profile['menu'] = array(
  740. 'chg_photo' => t('Change profile photo'),
  741. 'cr_new' => t('Create New Profile'),
  742. 'entries' => array(),
  743. );
  744. if(count($r)) {
  745. foreach($r as $rr) {
  746. $profile['menu']['entries'][] = array(
  747. 'photo' => $rr['thumb'],
  748. 'id' => $rr['id'],
  749. 'alt' => t('Profile Image'),
  750. 'profile_name' => $rr['profile-name'],
  751. 'isdefault' => $rr['is-default'],
  752. 'visibile_to_everybody' => t('visible to everybody'),
  753. 'edit_visibility' => t('Edit visibility'),
  754. );
  755. }
  756. }
  757. }
  758. if((x($profile,'address') == 1)
  759. || (x($profile,'locality') == 1)
  760. || (x($profile,'region') == 1)
  761. || (x($profile,'postal-code') == 1)
  762. || (x($profile,'country-name') == 1))
  763. $location = t('Location:');
  764. $gender = ((x($profile,'gender') == 1) ? t('Gender:') : False);
  765. $marital = ((x($profile,'marital') == 1) ? t('Status:') : False);
  766. $homepage = ((x($profile,'homepage') == 1) ? t('Homepage:') : False);
  767. if(($profile['hidewall'] || $block) && (! local_user()) && (! remote_user())) {
  768. $location = $pdesc = $gender = $marital = $homepage = False;
  769. }
  770. $firstname = ((strpos($profile['name'],' '))
  771. ? trim(substr($profile['name'],0,strpos($profile['name'],' '))) : $profile['name']);
  772. $lastname = (($firstname === $profile['name']) ? '' : trim(substr($profile['name'],strlen($firstname))));
  773. $diaspora = array(
  774. 'podloc' => $a->get_baseurl(),
  775. 'searchable' => (($profile['publish'] && $profile['net-publish']) ? 'true' : 'false' ),
  776. 'nickname' => $profile['nickname'],
  777. 'fullname' => $profile['name'],
  778. 'firstname' => $firstname,
  779. 'lastname' => $lastname,
  780. 'photo300' => $a->get_baseurl() . '/photo/custom/300/' . $profile['uid'] . '.jpg',
  781. 'photo100' => $a->get_baseurl() . '/photo/custom/100/' . $profile['uid'] . '.jpg',
  782. 'photo50' => $a->get_baseurl() . '/photo/custom/50/' . $profile['uid'] . '.jpg',
  783. );
  784. if (!$block){
  785. $contact_block = contact_block();
  786. }
  787. $tpl = get_markup_template('profile_vcard.tpl');
  788. $o .= replace_macros($tpl, array(
  789. '$profile' => $profile,
  790. '$connect' => $connect,
  791. '$location' => template_escape($location),
  792. '$gender' => $gender,
  793. '$pdesc' => $pdesc,
  794. '$marital' => $marital,
  795. '$homepage' => $homepage,
  796. '$diaspora' => $diaspora,
  797. '$contact_block' => $contact_block,
  798. ));
  799. $arr = array('profile' => &$profile, 'entry' => &$o);
  800. call_hooks('profile_sidebar', $arr);
  801. return $o;
  802. }}
  803. if(! function_exists('get_birthdays')) {
  804. function get_birthdays() {
  805. $a = get_app();
  806. $o = '';
  807. if(! local_user())
  808. return $o;
  809. $bd_format = t('g A l F d') ; // 8 AM Friday January 18
  810. $bd_short = t('F d');
  811. $r = q("SELECT `event`.*, `event`.`id` AS `eid`, `contact`.* FROM `event`
  812. LEFT JOIN `contact` ON `contact`.`id` = `event`.`cid`
  813. WHERE `event`.`uid` = %d AND `type` = 'birthday' AND `start` < '%s' AND `finish` > '%s'
  814. ORDER BY `start` ASC ",
  815. intval(local_user()),
  816. dbesc(datetime_convert('UTC','UTC','now + 6 days')),
  817. dbesc(datetime_convert('UTC','UTC','now'))
  818. );
  819. if($r && count($r)) {
  820. $total = 0;
  821. $now = strtotime('now');
  822. $cids = array();
  823. $istoday = false;
  824. foreach($r as $rr) {
  825. if(strlen($rr['name']))
  826. $total ++;
  827. if((strtotime($rr['start'] . ' +00:00') < $now) && (strtotime($rr['finish'] . ' +00:00') > $now))
  828. $istoday = true;
  829. }
  830. $classtoday = $istoday ? ' birthday-today ' : '';
  831. if($total) {
  832. $o .= '<div id="birthday-notice" class="birthday-notice fakelink' . $classtoday . '" onclick=openClose(\'birthday-wrapper\'); >' . t('Birthday Reminders') . ' ' . '(' . $total . ')' . '</div>';
  833. $o .= '<div id="birthday-wrapper" style="display: none;" ><div id="birthday-title">' . t('Birthdays this week:') . '</div>';
  834. $o .= '<div id="birthday-title-end"></div>';
  835. foreach($r as $rr) {
  836. if(! strlen($rr['name']))
  837. continue;
  838. // avoid duplicates
  839. if(in_array($rr['cid'],$cids))
  840. continue;
  841. $cids[] = $rr['cid'];
  842. $today = (((strtotime($rr['start'] . ' +00:00') < $now) && (strtotime($rr['finish'] . ' +00:00') > $now)) ? true : false);
  843. $sparkle = '';
  844. $url = $rr['url'];
  845. if($rr['network'] === NETWORK_DFRN) {
  846. $sparkle = " sparkle";
  847. $url = $a->get_baseurl() . '/redir/' . $rr['cid'];
  848. }
  849. $o .= '<div class="birthday-list" id="birthday-' . $rr['eid'] . '"><a class="birthday-link$sparkle" target="redir" href="'
  850. . $url . '">' . $rr['name'] . '</a> '
  851. . day_translate(datetime_convert('UTC', $a->timezone, $rr['start'], $rr['adjust'] ? $bd_format : $bd_short)) . (($today) ? ' ' . t('[today]') : '')
  852. . '</div>' ;
  853. }
  854. $o .= '</div></div>';
  855. }
  856. }
  857. return $o;
  858. }}
  859. if(! function_exists('get_events')) {
  860. function get_events() {
  861. require_once('include/bbcode.php');
  862. $a = get_app();
  863. $o = '';
  864. if(! local_user())
  865. return $o;
  866. $bd_format = t('g A l F d') ; // 8 AM Friday January 18
  867. $bd_short = t('F d');
  868. $r = q("SELECT `event`.* FROM `event`
  869. WHERE `event`.`uid` = %d AND `type` != 'birthday' AND `start` < '%s' AND `start` > '%s'
  870. ORDER BY `start` ASC ",
  871. intval(local_user()),
  872. dbesc(datetime_convert('UTC','UTC','now + 6 days')),
  873. dbesc(datetime_convert('UTC','UTC','now - 1 days'))
  874. );
  875. if($r && count($r)) {
  876. $now = strtotime('now');
  877. $istoday = false;
  878. foreach($r as $rr) {
  879. if(strlen($rr['name']))
  880. $total ++;
  881. $strt = datetime_convert('UTC',$rr['convert'] ? $a->timezone : 'UTC',$rr['start'],'Y-m-d');
  882. if($strt === datetime_convert('UTC',$a->timezone,'now','Y-m-d'))
  883. $istoday = true;
  884. }
  885. $classtoday = (($istoday) ? ' event-today ' : '');
  886. $o .= '<div id="event-notice" class="birthday-notice fakelink' . $classtoday . '" onclick=openClose(\'event-wrapper\'); >' . t('Event Reminders') . ' ' . '(' . count($r) . ')' . '</div>';
  887. $o .= '<div id="event-wrapper" style="display: none;" ><div id="event-title">' . t('Events this week:') . '</div>';
  888. $o .= '<div id="event-title-end"></div>';
  889. foreach($r as $rr) {
  890. if($rr['adjust'])
  891. $md = datetime_convert('UTC',$a->timezone,$rr['start'],'Y/m\#\l\i\n\k\-j');
  892. else
  893. $md = datetime_convert('UTC','UTC',$rr['start'],'Y/m\#\l\i\n\k\-j');
  894. $title = substr(strip_tags(bbcode($rr['desc'])),0,32) . '... ';
  895. if(! $title)
  896. $title = t('[No description]');
  897. $strt = datetime_convert('UTC',$rr['convert'] ? $a->timezone : 'UTC',$rr['start']);
  898. $today = ((substr($strt,0,10) === datetime_convert('UTC',$a->timezone,'now','Y-m-d')) ? true : false);
  899. $o .= '<div class="event-list" id="event-' . $rr['eid'] . '"></a> <a href="events/' . $md . '">' . $title . '</a>'
  900. . day_translate(datetime_convert('UTC', $rr['adjust'] ? $a->timezone : 'UTC', $rr['start'], $bd_format)) . (($today) ? ' ' . t('[today]') : '')
  901. . '</div>' ;
  902. }
  903. $o .= '</div></div>';
  904. }
  905. return $o;
  906. }}
  907. /**
  908. *
  909. * Wrap calls to proc_close(proc_open()) and call hook
  910. * so plugins can take part in process :)
  911. *
  912. * args:
  913. * $cmd program to run
  914. * next args are passed as $cmd command line
  915. *
  916. * e.g.: proc_run("ls","-la","/tmp");
  917. *
  918. * $cmd and string args are surrounded with ""
  919. */
  920. if(! function_exists('proc_run')) {
  921. function proc_run($cmd){
  922. $a = get_app();
  923. $args = func_get_args();
  924. $arr = array('args' => $args, 'run_cmd' => true);
  925. call_hooks("proc_run", $arr);
  926. if(! $arr['run_cmd'])
  927. return;
  928. if(count($args) && $args[0] === 'php')
  929. $args[0] = ((x($a->config,'php_path')) && (strlen($a->config['php_path'])) ? $a->config['php_path'] : 'php');
  930. foreach ($args as $arg){
  931. $arg = escapeshellarg($arg);
  932. }
  933. $cmdline = implode($args," ");
  934. proc_close(proc_open($cmdline." &",array(),$foo));
  935. }}
  936. if(! function_exists('current_theme')) {
  937. function current_theme(){
  938. $app_base_themes = array('duepuntozero', 'loozah');
  939. $a = get_app();
  940. $system_theme = ((isset($a->config['system']['theme'])) ? $a->config['system']['theme'] : '');
  941. $theme_name = ((is_array($_SESSION) && x($_SESSION,'theme')) ? $_SESSION['theme'] : $system_theme);
  942. if($theme_name && file_exists('view/theme/' . $theme_name . '/style.css'))
  943. return($theme_name);
  944. foreach($app_base_themes as $t) {
  945. if(file_exists('view/theme/' . $t . '/style.css'))
  946. return($t);
  947. }
  948. $fallback = glob('view/theme/*/style.css');
  949. if(count($fallback))
  950. return (str_replace('view/theme/','', str_replace("/style.css","",$fallback[0])));
  951. }}
  952. /*
  953. * Return full URL to theme which is currently in effect.
  954. * Provide a sane default if nothing is chosen or the specified theme does not exist.
  955. */
  956. if(! function_exists('current_theme_url')) {
  957. function current_theme_url() {
  958. global $a;
  959. $t = current_theme();
  960. return($a->get_baseurl() . '/view/theme/' . $t . '/style.css');
  961. }}
  962. if(! function_exists('feed_birthday')) {
  963. function feed_birthday($uid,$tz) {
  964. /**
  965. *
  966. * Determine the next birthday, but only if the birthday is published
  967. * in the default profile. We _could_ also look for a private profile that the
  968. * recipient can see, but somebody could get mad at us if they start getting
  969. * public birthday greetings when they haven't made this info public.
  970. *
  971. * Assuming we are able to publish this info, we are then going to convert
  972. * the start time from the owner's timezone to UTC.
  973. *
  974. * This will potentially solve the problem found with some social networks
  975. * where birthdays are converted to the viewer's timezone and salutations from
  976. * elsewhere in the world show up on the wrong day. We will convert it to the
  977. * viewer's timezone also, but first we are going to convert it from the birthday
  978. * person's timezone to GMT - so the viewer may find the birthday starting at
  979. * 6:00PM the day before, but that will correspond to midnight to the birthday person.
  980. *
  981. */
  982. $birthday = '';
  983. $p = q("SELECT `dob` FROM `profile` WHERE `is-default` = 1 AND `uid` = %d LIMIT 1",
  984. intval($uid)
  985. );
  986. if($p && count($p)) {
  987. $tmp_dob = substr($p[0]['dob'],5);
  988. if(intval($tmp_dob)) {
  989. $y = datetime_convert($tz,$tz,'now','Y');
  990. $bd = $y . '-' . $tmp_dob . ' 00:00';
  991. $t_dob = strtotime($bd);
  992. $now = strtotime(datetime_convert($tz,$tz,'now'));
  993. if($t_dob < $now)
  994. $bd = $y + 1 . '-' . $tmp_dob . ' 00:00';
  995. $birthday = datetime_convert($tz,'UTC',$bd,ATOM_TIME);
  996. }
  997. }
  998. return $birthday;
  999. }}
  1000. if(! function_exists('is_site_admin')) {
  1001. function is_site_admin() {
  1002. $a = get_app();
  1003. if(local_user() && x($a->user,'email') && x($a->config,'admin_email') && ($a->user['email'] === $a->config['admin_email']))
  1004. return true;
  1005. return false;
  1006. }}
  1007. if(! function_exists('load_contact_links')) {
  1008. function load_contact_links($uid) {
  1009. $a = get_app();
  1010. $ret = array();
  1011. if(! $uid || x($a->contacts,'empty'))
  1012. return;
  1013. $r = q("SELECT `id`,`network`,`url`,`thumb` FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 ",
  1014. intval($uid)
  1015. );
  1016. if(count($r)) {
  1017. foreach($r as $rr){
  1018. $url = normalise_link($rr['url']);
  1019. $ret[$url] = $rr;
  1020. }
  1021. }
  1022. else
  1023. $ret['empty'] = true;
  1024. $a->contacts = $ret;
  1025. return;
  1026. }}
  1027. if(! function_exists('profile_tabs')){
  1028. function profile_tabs($a, $is_owner=False, $nickname=Null){
  1029. //echo "<pre>"; var_dump($a->user); killme();
  1030. if (is_null($nickname))
  1031. $nickname = $a->user['nickname'];
  1032. if(x($_GET,'tab'))
  1033. $tab = notags(trim($_GET['tab']));
  1034. $url = $a->get_baseurl() . '/profile/' . $nickname;
  1035. $tabs = array(
  1036. array(
  1037. 'label'=>t('Status'),
  1038. 'url' => $url,
  1039. 'sel' => ((!isset($tab)&&$a->argv[0]=='profile')?'active':''),
  1040. ),
  1041. array(
  1042. 'label' => t('Profile'),
  1043. 'url' => $url.'/?tab=profile',
  1044. 'sel' => (($tab=='profile')?'active':''),
  1045. ),
  1046. array(
  1047. 'label' => t('Photos'),
  1048. 'url' => $a->get_baseurl() . '/photos/' . $nickname,
  1049. 'sel' => ((!isset($tab)&&$a->argv[0]=='photos')?'active':''),
  1050. ),
  1051. );
  1052. if ($is_owner){
  1053. $tabs[] = array(
  1054. 'label' => t('Events'),
  1055. 'url' => $a->get_baseurl() . '/events',
  1056. 'sel' =>((!isset($tab)&&$a->argv[0]=='events')?'active':''),
  1057. );
  1058. $tabs[] = array(
  1059. 'label' => t('Personal Notes'),
  1060. 'url' => $a->get_baseurl() . '/notes',
  1061. 'sel' =>((!isset($tab)&&$a->argv[0]=='notes')?'active':''),
  1062. );
  1063. }
  1064. $tpl = get_markup_template('common_tabs.tpl');
  1065. return replace_macros($tpl,array('$tabs'=>$tabs));
  1066. }}