Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

650 lines
16 KiB

  1. <?php
  2. /**
  3. * @file boot.php
  4. * This file defines some global constants and includes the central App class.
  5. */
  6. /**
  7. * Friendica
  8. *
  9. * Friendica is a communications platform for integrated social communications
  10. * utilising decentralised communications and linkage to several indie social
  11. * projects - as well as popular mainstream providers.
  12. *
  13. * Our mission is to free our friends and families from the clutches of
  14. * data-harvesting corporations, and pave the way to a future where social
  15. * communications are free and open and flow between alternate providers as
  16. * easily as email does today.
  17. */
  18. use Friendica\Core\Config;
  19. use Friendica\Core\Protocol;
  20. use Friendica\Core\System;
  21. use Friendica\Database\DBA;
  22. use Friendica\DI;
  23. use Friendica\Model\Contact;
  24. use Friendica\Model\Term;
  25. use Friendica\Util\BasePath;
  26. use Friendica\Util\DateTimeFormat;
  27. define('FRIENDICA_PLATFORM', 'Friendica');
  28. define('FRIENDICA_CODENAME', 'Dalmatian Bellflower');
  29. define('FRIENDICA_VERSION', '2020.03-dev');
  30. define('DFRN_PROTOCOL_VERSION', '2.23');
  31. define('NEW_UPDATE_ROUTINE_VERSION', 1170);
  32. /**
  33. * @brief Constant with a HTML line break.
  34. *
  35. * Contains a HTML line break (br) element and a real carriage return with line
  36. * feed for the source.
  37. * This can be used in HTML and JavaScript where needed a line break.
  38. */
  39. define('EOL', "<br />\r\n");
  40. /**
  41. * @brief Image storage quality.
  42. *
  43. * Lower numbers save space at cost of image detail.
  44. * For ease of upgrade, please do not change here. Set system.jpegquality = n in config/local.config.php,
  45. * where n is between 1 and 100, and with very poor results below about 50
  46. */
  47. define('JPEG_QUALITY', 100);
  48. /**
  49. * system.png_quality = n where is between 0 (uncompressed) to 9
  50. */
  51. define('PNG_QUALITY', 8);
  52. /**
  53. * An alternate way of limiting picture upload sizes. Specify the maximum pixel
  54. * length that pictures are allowed to be (for non-square pictures, it will apply
  55. * to the longest side). Pictures longer than this length will be resized to be
  56. * this length (on the longest side, the other side will be scaled appropriately).
  57. * Modify this value using
  58. *
  59. * 'system' => [
  60. * 'max_image_length' => 'n',
  61. * ...
  62. * ],
  63. *
  64. * in config/local.config.php
  65. *
  66. * If you don't want to set a maximum length, set to -1. The default value is
  67. * defined by 'MAX_IMAGE_LENGTH' below.
  68. */
  69. define('MAX_IMAGE_LENGTH', -1);
  70. /**
  71. * Not yet used
  72. */
  73. define('DEFAULT_DB_ENGINE', 'InnoDB');
  74. /** @deprecated since version 2019.03, please use \Friendica\Module\Register::CLOSED instead */
  75. define('REGISTER_CLOSED', \Friendica\Module\Register::CLOSED);
  76. /** @deprecated since version 2019.03, please use \Friendica\Module\Register::APPROVE instead */
  77. define('REGISTER_APPROVE', \Friendica\Module\Register::APPROVE);
  78. /** @deprecated since version 2019.03, please use \Friendica\Module\Register::OPEN instead */
  79. define('REGISTER_OPEN', \Friendica\Module\Register::OPEN);
  80. /**
  81. * @name CP
  82. *
  83. * Type of the community page
  84. * @{
  85. */
  86. define('CP_NO_INTERNAL_COMMUNITY', -2);
  87. define('CP_NO_COMMUNITY_PAGE', -1);
  88. define('CP_USERS_ON_SERVER', 0);
  89. define('CP_GLOBAL_COMMUNITY', 1);
  90. define('CP_USERS_AND_GLOBAL', 2);
  91. /**
  92. * @}
  93. */
  94. /**
  95. * These numbers are used in stored permissions
  96. * and existing allocations MUST NEVER BE CHANGED
  97. * OR RE-ASSIGNED! You may only add to them.
  98. */
  99. $netgroup_ids = [
  100. Protocol::DFRN => (-1),
  101. Protocol::ZOT => (-2),
  102. Protocol::OSTATUS => (-3),
  103. Protocol::FEED => (-4),
  104. Protocol::DIASPORA => (-5),
  105. Protocol::MAIL => (-6),
  106. Protocol::FACEBOOK => (-8),
  107. Protocol::LINKEDIN => (-9),
  108. Protocol::XMPP => (-10),
  109. Protocol::MYSPACE => (-11),
  110. Protocol::GPLUS => (-12),
  111. Protocol::PUMPIO => (-13),
  112. Protocol::TWITTER => (-14),
  113. Protocol::DIASPORA2 => (-15),
  114. Protocol::STATUSNET => (-16),
  115. Protocol::NEWS => (-18),
  116. Protocol::ICALENDAR => (-19),
  117. Protocol::PNUT => (-20),
  118. Protocol::PHANTOM => (-127),
  119. ];
  120. /**
  121. * Maximum number of "people who like (or don't like) this" that we will list by name
  122. */
  123. define('MAX_LIKERS', 75);
  124. /**
  125. * @name Notify
  126. *
  127. * Email notification options
  128. * @{
  129. */
  130. define('NOTIFY_INTRO', 1);
  131. define('NOTIFY_CONFIRM', 2);
  132. define('NOTIFY_WALL', 4);
  133. define('NOTIFY_COMMENT', 8);
  134. define('NOTIFY_MAIL', 16);
  135. define('NOTIFY_SUGGEST', 32);
  136. define('NOTIFY_PROFILE', 64);
  137. define('NOTIFY_TAGSELF', 128);
  138. define('NOTIFY_TAGSHARE', 256);
  139. define('NOTIFY_POKE', 512);
  140. define('NOTIFY_SHARE', 1024);
  141. define('SYSTEM_EMAIL', 16384);
  142. define('NOTIFY_SYSTEM', 32768);
  143. /* @}*/
  144. /** @deprecated since 2019.03, use Term::UNKNOWN instead */
  145. define('TERM_UNKNOWN', Term::UNKNOWN);
  146. /** @deprecated since 2019.03, use Term::HASHTAG instead */
  147. define('TERM_HASHTAG', Term::HASHTAG);
  148. /** @deprecated since 2019.03, use Term::MENTION instead */
  149. define('TERM_MENTION', Term::MENTION);
  150. /** @deprecated since 2019.03, use Term::CATEGORY instead */
  151. define('TERM_CATEGORY', Term::CATEGORY);
  152. /** @deprecated since 2019.03, use Term::PCATEGORY instead */
  153. define('TERM_PCATEGORY', Term::PCATEGORY);
  154. /** @deprecated since 2019.03, use Term::FILE instead */
  155. define('TERM_FILE', Term::FILE);
  156. /** @deprecated since 2019.03, use Term::SAVEDSEARCH instead */
  157. define('TERM_SAVEDSEARCH', Term::SAVEDSEARCH);
  158. /** @deprecated since 2019.03, use Term::CONVERSATION instead */
  159. define('TERM_CONVERSATION', Term::CONVERSATION);
  160. /** @deprecated since 2019.03, use Term::OBJECT_TYPE_POST instead */
  161. define('TERM_OBJ_POST', Term::OBJECT_TYPE_POST);
  162. /** @deprecated since 2019.03, use Term::OBJECT_TYPE_PHOTO instead */
  163. define('TERM_OBJ_PHOTO', Term::OBJECT_TYPE_PHOTO);
  164. /**
  165. * @name Gravity
  166. *
  167. * Item weight for query ordering
  168. * @{
  169. */
  170. define('GRAVITY_PARENT', 0);
  171. define('GRAVITY_ACTIVITY', 3);
  172. define('GRAVITY_COMMENT', 6);
  173. define('GRAVITY_UNKNOWN', 9);
  174. /* @}*/
  175. /**
  176. * @name Priority
  177. *
  178. * Process priority for the worker
  179. * @{
  180. */
  181. define('PRIORITY_UNDEFINED', 0);
  182. define('PRIORITY_CRITICAL', 10);
  183. define('PRIORITY_HIGH', 20);
  184. define('PRIORITY_MEDIUM', 30);
  185. define('PRIORITY_LOW', 40);
  186. define('PRIORITY_NEGLIGIBLE', 50);
  187. /* @}*/
  188. /**
  189. * @name Social Relay settings
  190. *
  191. * See here: https://github.com/jaywink/social-relay
  192. * and here: https://wiki.diasporafoundation.org/Relay_servers_for_public_posts
  193. * @{
  194. */
  195. define('SR_SCOPE_NONE', '');
  196. define('SR_SCOPE_ALL', 'all');
  197. define('SR_SCOPE_TAGS', 'tags');
  198. /* @}*/
  199. // Normally this constant is defined - but not if "pcntl" isn't installed
  200. if (!defined("SIGTERM")) {
  201. define("SIGTERM", 15);
  202. }
  203. /**
  204. * Depending on the PHP version this constant does exist - or not.
  205. * See here: http://php.net/manual/en/curl.constants.php#117928
  206. */
  207. if (!defined('CURLE_OPERATION_TIMEDOUT')) {
  208. define('CURLE_OPERATION_TIMEDOUT', CURLE_OPERATION_TIMEOUTED);
  209. }
  210. /**
  211. * @brief Returns the user id of locally logged in user or false.
  212. *
  213. * @return int|bool user id or false
  214. */
  215. function local_user()
  216. {
  217. if (!empty($_SESSION['authenticated']) && !empty($_SESSION['uid'])) {
  218. return intval($_SESSION['uid']);
  219. }
  220. return false;
  221. }
  222. /**
  223. * @brief Returns the public contact id of logged in user or false.
  224. *
  225. * @return int|bool public contact id or false
  226. */
  227. function public_contact()
  228. {
  229. static $public_contact_id = false;
  230. if (!$public_contact_id && !empty($_SESSION['authenticated'])) {
  231. if (!empty($_SESSION['my_address'])) {
  232. // Local user
  233. $public_contact_id = intval(Contact::getIdForURL($_SESSION['my_address'], 0, true));
  234. } elseif (!empty($_SESSION['visitor_home'])) {
  235. // Remote user
  236. $public_contact_id = intval(Contact::getIdForURL($_SESSION['visitor_home'], 0, true));
  237. }
  238. } elseif (empty($_SESSION['authenticated'])) {
  239. $public_contact_id = false;
  240. }
  241. return $public_contact_id;
  242. }
  243. /**
  244. * @brief Returns contact id of authenticated site visitor or false
  245. *
  246. * @return int|bool visitor_id or false
  247. */
  248. function remote_user()
  249. {
  250. if (empty($_SESSION['authenticated'])) {
  251. return false;
  252. }
  253. if (!empty($_SESSION['visitor_id'])) {
  254. return intval($_SESSION['visitor_id']);
  255. }
  256. return false;
  257. }
  258. /**
  259. * @brief Show an error message to user.
  260. *
  261. * This function save text in session, to be shown to the user at next page load
  262. *
  263. * @param string $s - Text of notice
  264. */
  265. function notice($s)
  266. {
  267. if (empty($_SESSION)) {
  268. return;
  269. }
  270. $a = DI::app();
  271. if (empty($_SESSION['sysmsg'])) {
  272. $_SESSION['sysmsg'] = [];
  273. }
  274. if ($a->interactive) {
  275. $_SESSION['sysmsg'][] = $s;
  276. }
  277. }
  278. /**
  279. * @brief Show an info message to user.
  280. *
  281. * This function save text in session, to be shown to the user at next page load
  282. *
  283. * @param string $s - Text of notice
  284. */
  285. function info($s)
  286. {
  287. $a = DI::app();
  288. if (local_user() && DI::pConfig()->get(local_user(), 'system', 'ignore_info')) {
  289. return;
  290. }
  291. if (empty($_SESSION['sysmsg_info'])) {
  292. $_SESSION['sysmsg_info'] = [];
  293. }
  294. if ($a->interactive) {
  295. $_SESSION['sysmsg_info'][] = $s;
  296. }
  297. }
  298. function feed_birthday($uid, $tz)
  299. {
  300. /**
  301. * Determine the next birthday, but only if the birthday is published
  302. * in the default profile. We _could_ also look for a private profile that the
  303. * recipient can see, but somebody could get mad at us if they start getting
  304. * public birthday greetings when they haven't made this info public.
  305. *
  306. * Assuming we are able to publish this info, we are then going to convert
  307. * the start time from the owner's timezone to UTC.
  308. *
  309. * This will potentially solve the problem found with some social networks
  310. * where birthdays are converted to the viewer's timezone and salutations from
  311. * elsewhere in the world show up on the wrong day. We will convert it to the
  312. * viewer's timezone also, but first we are going to convert it from the birthday
  313. * person's timezone to GMT - so the viewer may find the birthday starting at
  314. * 6:00PM the day before, but that will correspond to midnight to the birthday person.
  315. */
  316. $birthday = '';
  317. if (!strlen($tz)) {
  318. $tz = 'UTC';
  319. }
  320. $profile = DBA::selectFirst('profile', ['dob'], ['is-default' => true, 'uid' => $uid]);
  321. if (DBA::isResult($profile)) {
  322. $tmp_dob = substr($profile['dob'], 5);
  323. if (intval($tmp_dob)) {
  324. $y = DateTimeFormat::timezoneNow($tz, 'Y');
  325. $bd = $y . '-' . $tmp_dob . ' 00:00';
  326. $t_dob = strtotime($bd);
  327. $now = strtotime(DateTimeFormat::timezoneNow($tz));
  328. if ($t_dob < $now) {
  329. $bd = $y + 1 . '-' . $tmp_dob . ' 00:00';
  330. }
  331. $birthday = DateTimeFormat::convert($bd, 'UTC', $tz, DateTimeFormat::ATOM);
  332. }
  333. }
  334. return $birthday;
  335. }
  336. /**
  337. * @brief Check if current user has admin role.
  338. *
  339. * @return bool true if user is an admin
  340. */
  341. function is_site_admin()
  342. {
  343. $a = DI::app();
  344. $admin_email = Config::get('config', 'admin_email');
  345. $adminlist = explode(',', str_replace(' ', '', $admin_email));
  346. return local_user() && $admin_email && in_array($a->user['email'] ?? '', $adminlist);
  347. }
  348. function explode_querystring($query)
  349. {
  350. $arg_st = strpos($query, '?');
  351. if ($arg_st !== false) {
  352. $base = substr($query, 0, $arg_st);
  353. $arg_st += 1;
  354. } else {
  355. $base = '';
  356. $arg_st = 0;
  357. }
  358. $args = explode('&', substr($query, $arg_st));
  359. foreach ($args as $k => $arg) {
  360. /// @TODO really compare type-safe here?
  361. if ($arg === '') {
  362. unset($args[$k]);
  363. }
  364. }
  365. $args = array_values($args);
  366. if (!$base) {
  367. $base = $args[0];
  368. unset($args[0]);
  369. $args = array_values($args);
  370. }
  371. return [
  372. 'base' => $base,
  373. 'args' => $args,
  374. ];
  375. }
  376. /**
  377. * Returns the complete URL of the current page, e.g.: http(s)://something.com/network
  378. *
  379. * Taken from http://webcheatsheet.com/php/get_current_page_url.php
  380. */
  381. function curPageURL()
  382. {
  383. $pageURL = 'http';
  384. if (!empty($_SERVER["HTTPS"]) && ($_SERVER["HTTPS"] == "on")) {
  385. $pageURL .= "s";
  386. }
  387. $pageURL .= "://";
  388. if ($_SERVER["SERVER_PORT"] != "80" && $_SERVER["SERVER_PORT"] != "443") {
  389. $pageURL .= $_SERVER["SERVER_NAME"] . ":" . $_SERVER["SERVER_PORT"] . $_SERVER["REQUEST_URI"];
  390. } else {
  391. $pageURL .= $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"];
  392. }
  393. return $pageURL;
  394. }
  395. function get_temppath()
  396. {
  397. $temppath = Config::get("system", "temppath");
  398. if (($temppath != "") && System::isDirectoryUsable($temppath)) {
  399. // We have a temp path and it is usable
  400. return BasePath::getRealPath($temppath);
  401. }
  402. // We don't have a working preconfigured temp path, so we take the system path.
  403. $temppath = sys_get_temp_dir();
  404. // Check if it is usable
  405. if (($temppath != "") && System::isDirectoryUsable($temppath)) {
  406. // Always store the real path, not the path through symlinks
  407. $temppath = BasePath::getRealPath($temppath);
  408. // To avoid any interferences with other systems we create our own directory
  409. $new_temppath = $temppath . "/" . DI::baseUrl()->getHostname();
  410. if (!is_dir($new_temppath)) {
  411. /// @TODO There is a mkdir()+chmod() upwards, maybe generalize this (+ configurable) into a function/method?
  412. mkdir($new_temppath);
  413. }
  414. if (System::isDirectoryUsable($new_temppath)) {
  415. // The new path is usable, we are happy
  416. Config::set("system", "temppath", $new_temppath);
  417. return $new_temppath;
  418. } else {
  419. // We can't create a subdirectory, strange.
  420. // But the directory seems to work, so we use it but don't store it.
  421. return $temppath;
  422. }
  423. }
  424. // Reaching this point means that the operating system is configured badly.
  425. return '';
  426. }
  427. function get_cachefile($file, $writemode = true)
  428. {
  429. $cache = get_itemcachepath();
  430. if ((!$cache) || (!is_dir($cache))) {
  431. return "";
  432. }
  433. $subfolder = $cache . "/" . substr($file, 0, 2);
  434. $cachepath = $subfolder . "/" . $file;
  435. if ($writemode) {
  436. if (!is_dir($subfolder)) {
  437. mkdir($subfolder);
  438. chmod($subfolder, 0777);
  439. }
  440. }
  441. return $cachepath;
  442. }
  443. function clear_cache($basepath = "", $path = "")
  444. {
  445. if ($path == "") {
  446. $basepath = get_itemcachepath();
  447. $path = $basepath;
  448. }
  449. if (($path == "") || (!is_dir($path))) {
  450. return;
  451. }
  452. if (substr(realpath($path), 0, strlen($basepath)) != $basepath) {
  453. return;
  454. }
  455. $cachetime = (int) Config::get('system', 'itemcache_duration');
  456. if ($cachetime == 0) {
  457. $cachetime = 86400;
  458. }
  459. if (is_writable($path)) {
  460. if ($dh = opendir($path)) {
  461. while (($file = readdir($dh)) !== false) {
  462. $fullpath = $path . "/" . $file;
  463. if ((filetype($fullpath) == "dir") && ($file != ".") && ($file != "..")) {
  464. clear_cache($basepath, $fullpath);
  465. }
  466. if ((filetype($fullpath) == "file") && (filectime($fullpath) < (time() - $cachetime))) {
  467. unlink($fullpath);
  468. }
  469. }
  470. closedir($dh);
  471. }
  472. }
  473. }
  474. function get_itemcachepath()
  475. {
  476. // Checking, if the cache is deactivated
  477. $cachetime = (int) Config::get('system', 'itemcache_duration');
  478. if ($cachetime < 0) {
  479. return "";
  480. }
  481. $itemcache = Config::get('system', 'itemcache');
  482. if (($itemcache != "") && System::isDirectoryUsable($itemcache)) {
  483. return BasePath::getRealPath($itemcache);
  484. }
  485. $temppath = get_temppath();
  486. if ($temppath != "") {
  487. $itemcache = $temppath . "/itemcache";
  488. if (!file_exists($itemcache) && !is_dir($itemcache)) {
  489. mkdir($itemcache);
  490. }
  491. if (System::isDirectoryUsable($itemcache)) {
  492. Config::set("system", "itemcache", $itemcache);
  493. return $itemcache;
  494. }
  495. }
  496. return "";
  497. }
  498. /**
  499. * @brief Returns the path where spool files are stored
  500. *
  501. * @return string Spool path
  502. */
  503. function get_spoolpath()
  504. {
  505. $spoolpath = Config::get('system', 'spoolpath');
  506. if (($spoolpath != "") && System::isDirectoryUsable($spoolpath)) {
  507. // We have a spool path and it is usable
  508. return $spoolpath;
  509. }
  510. // We don't have a working preconfigured spool path, so we take the temp path.
  511. $temppath = get_temppath();
  512. if ($temppath != "") {
  513. // To avoid any interferences with other systems we create our own directory
  514. $spoolpath = $temppath . "/spool";
  515. if (!is_dir($spoolpath)) {
  516. mkdir($spoolpath);
  517. }
  518. if (System::isDirectoryUsable($spoolpath)) {
  519. // The new path is usable, we are happy
  520. Config::set("system", "spoolpath", $spoolpath);
  521. return $spoolpath;
  522. } else {
  523. // We can't create a subdirectory, strange.
  524. // But the directory seems to work, so we use it but don't store it.
  525. return $temppath;
  526. }
  527. }
  528. // Reaching this point means that the operating system is configured badly.
  529. return "";
  530. }
  531. if (!function_exists('exif_imagetype')) {
  532. function exif_imagetype($file)
  533. {
  534. $size = getimagesize($file);
  535. return $size[2];
  536. }
  537. }
  538. function validate_include(&$file)
  539. {
  540. $orig_file = $file;
  541. $file = realpath($file);
  542. if (strpos($file, getcwd()) !== 0) {
  543. return false;
  544. }
  545. $file = str_replace(getcwd() . "/", "", $file, $count);
  546. if ($count != 1) {
  547. return false;
  548. }
  549. if ($orig_file !== $file) {
  550. return false;
  551. }
  552. $valid = false;
  553. if (strpos($file, "include/") === 0) {
  554. $valid = true;
  555. }
  556. if (strpos($file, "addon/") === 0) {
  557. $valid = true;
  558. }
  559. // Simply return flag
  560. return $valid;
  561. }