diff --git a/boot.php b/boot.php index c4bdb1187..4625f64f0 100644 --- a/boot.php +++ b/boot.php @@ -7,8 +7,11 @@ define ( 'DFRN_PROTOCOL_VERSION', '2.0' ); define ( 'EOL', "
\r\n" ); define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' ); - -// log levels +define ( 'DOWN_ARROW', '⇩' ); + +/** + * log levels + */ define ( 'LOGGER_NORMAL', 0 ); define ( 'LOGGER_TRACE', 1 ); @@ -16,37 +19,49 @@ define ( 'LOGGER_DEBUG', 2 ); define ( 'LOGGER_DATA', 3 ); define ( 'LOGGER_ALL', 4 ); -// registration policy +/** + * registration policies + */ define ( 'REGISTER_CLOSED', 0 ); define ( 'REGISTER_APPROVE', 1 ); define ( 'REGISTER_OPEN', 2 ); -// relationship types +/** + * relationship types + */ define ( 'REL_VIP', 1); define ( 'REL_FAN', 2); define ( 'REL_BUD', 3); -// page/profile types -// PAGE_NORMAL is a typical personal profile account -// PAGE_SOAPBOX automatically approves all friend requests as REL_FAN, (readonly) -// PAGE_COMMUNITY automatically approves all friend requests as REL_FAN, but with -// write access to wall and comments (no email and not included in page owner's ACL lists) -// PAGE_FREELOVE automatically approves all friend requests as full friends (REL_BUD). +/** + * + * page/profile types + * + * PAGE_NORMAL is a typical personal profile account + * PAGE_SOAPBOX automatically approves all friend requests as REL_FAN, (readonly) + * PAGE_COMMUNITY automatically approves all friend requests as REL_FAN, but with + * write access to wall and comments (no email and not included in page owner's ACL lists) + * PAGE_FREELOVE automatically approves all friend requests as full friends (REL_BUD). + * + */ define ( 'PAGE_NORMAL', 0 ); define ( 'PAGE_SOAPBOX', 1 ); define ( 'PAGE_COMMUNITY', 2 ); define ( 'PAGE_FREELOVE', 3 ); -// Maximum number of "people who like (or don't like) this" -// that we will list by name +/** + * Maximum number of "people who like (or don't like) this" that we will list by name + */ define ( 'MAX_LIKERS', 75); -// email notification options +/** + * email notification options + */ define ( 'NOTIFY_INTRO', 0x0001 ); define ( 'NOTIFY_CONFIRM', 0x0002 ); @@ -54,7 +69,9 @@ define ( 'NOTIFY_WALL', 0x0004 ); define ( 'NOTIFY_COMMENT', 0x0008 ); define ( 'NOTIFY_MAIL', 0x0010 ); -// various namespaces we may need to parse +/** + * various namespaces we may need to parse + */ define ( 'NAMESPACE_DFRN' , 'http://purl.org/macgirvin/dfrn/1.0' ); define ( 'NAMESPACE_THREAD' , 'http://purl.org/syndication/thread/1.0' ); @@ -68,7 +85,9 @@ define ( 'NAMESPACE_GEORSS', 'http://www.georss.org/georss' ); define ( 'NAMESPACE_POCO', 'http://portablecontacts.net/spec/1.0' ); define ( 'NAMESPACE_FEED', 'http://schemas.google.com/g/2010#updates-from' ); -// activity stream defines +/** + * activity stream defines + */ define ( 'ACTIVITY_LIKE', NAMESPACE_ACTIVITY_SCHEMA . 'like' ); define ( 'ACTIVITY_DISLIKE', NAMESPACE_DFRN . '/dislike' ); @@ -88,14 +107,21 @@ define ( 'ACTIVITY_OBJ_PHOTO', NAMESPACE_ACTIVITY_SCHEMA . 'photo' ); define ( 'ACTIVITY_OBJ_P_PHOTO', NAMESPACE_ACTIVITY_SCHEMA . 'profile-photo' ); define ( 'ACTIVITY_OBJ_ALBUM', NAMESPACE_ACTIVITY_SCHEMA . 'photo-album' ); -// item weight for query ordering +/** + * item weight for query ordering + */ define ( 'GRAVITY_PARENT', 0); define ( 'GRAVITY_LIKE', 3); define ( 'GRAVITY_COMMENT', 6); -// Please disable magic_quotes_gpc so we don't have to do this. -// See http://php.net/manual/en/security.magicquotes.disabling.php +/** + * + * Reverse the effect of magic_quotes_gpc if it is enabled. + * Please disable magic_quotes_gpc so we don't have to do this. + * See http://php.net/manual/en/security.magicquotes.disabling.php + * + */ if (get_magic_quotes_gpc()) { $process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST); @@ -114,12 +140,18 @@ if (get_magic_quotes_gpc()) { } -// Our main application structure for the life of this page -// Primarily deals with the URL that got us here -// and tries to make some sense of it, and -// stores our page contents and config storage -// and anything else that might need to be passed around -// before we spit the page out. +/** + * + * class: App + * + * Our main application structure for the life of this page + * Primarily deals with the URL that got us here + * and tries to make some sense of it, and + * stores our page contents and config storage + * and anything else that might need to be passed around + * before we spit the page out. + * + */ if(! class_exists('App')) { class App { @@ -169,10 +201,31 @@ class App { if(x($_GET,'q')) $this->cmd = trim($_GET['q'],'/'); + /** + * Figure out if we are running at the top of a domain + * or in a sub-directory and adjust accordingly + */ + $path = trim(dirname($_SERVER['SCRIPT_NAME']),'/'); if(isset($path) && strlen($path) && ($path != $this->path)) $this->path = $path; + + /** + * + * Break the URL path into C style argc/argv style arguments for our + * modules. Given "http://example.com/module/arg1/arg2", $this->argc + * will be 3 (integer) and $this->argv will contain: + * [0] => 'module' + * [1] => 'arg1' + * [2] => 'arg2' + * + * + * There will always be one argument. If provided a naked domain + * URL, $this->argv[0] is set to "home". + * + */ + $this->argv = explode('/',$this->cmd); $this->argc = count($this->argv); if((array_key_exists('0',$this->argv)) && strlen($this->argv[0])) { @@ -182,10 +235,20 @@ class App { $this->module = 'home'; } + /** + * Special handling for the webfinger/lrdd host XRD file + * Just spit out the contents and exit. + */ + if($this->cmd === '.well-known/host-meta') require_once('include/hostxrd.php'); + /** + * See if there is any page number information, and initialise + * pagination + */ + $this->pager['page'] = ((x($_GET,'page')) ? $_GET['page'] : 1); $this->pager['itemspage'] = 50; $this->pager['start'] = ($this->pager['page'] * $this->pager['itemspage']) - $this->pager['itemspage']; @@ -424,7 +487,10 @@ function fetch_url($url,$binary = false, &$redirects = 0) { $a->set_curl_code(0); - $s = curl_exec($ch); + // don't let curl abort the entire application + // if it throws any errors. + + $s = @curl_exec($ch); $http_code = intval(curl_getinfo($ch, CURLINFO_HTTP_CODE)); $header = substr($s,0,strpos($s,"\r\n\r\n")); @@ -484,7 +550,10 @@ function post_url($url,$params, $headers = null, &$redirects = 0) { $a->set_curl_code(0); - $s = curl_exec($ch); + // don't let curl abort the entire application + // if it throws any errors. + + $s = @curl_exec($ch); $http_code = intval(curl_getinfo($ch, CURLINFO_HTTP_CODE)); $header = substr($s,0,strpos($s,"\r\n\r\n")); @@ -1610,4 +1679,74 @@ function smilies($s) { '8-|', '8-O' ), $s); -}} \ No newline at end of file +}} + + +/** + * + * Function : profile_load + * @parameter App $a + * @parameter string $nickname + * @parameter int $profile + * + * Summary: Loads a profile into the page sidebar. + * The function requires a writeable copy of the main App structure, and the nickname + * of a registered local account. + * + * If the viewer is an authenticated remote viewer, the profile displayed is the + * one that has been configured for his/her viewing in the Contact manager. + * Passing a non-zero profile ID can also allow a preview of a selected profile + * by the owner. + * + * Profile information is placed in the App structure for later retrieval. + * Honours the owner's chosen theme for display. + * + */ + +if(! function_exists('profile_load')) { +function profile_load(&$a, $nickname, $profile = 0) { + if(remote_user()) { + $r = q("SELECT `profile-id` FROM `contact` WHERE `id` = %d LIMIT 1", + intval($_SESSION['visitor_id'])); + if(count($r)) + $profile = $r[0]['profile-id']; + } + + $r = null; + + if($profile) { + $profile_int = intval($profile); + $r = q("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `user`.* FROM `profile` + LEFT JOIN `user` ON `profile`.`uid` = `user`.`uid` + WHERE `user`.`nickname` = '%s' AND `profile`.`id` = %d LIMIT 1", + dbesc($nickname), + intval($profile_int) + ); + } + if(! count($r)) { + $r = q("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `user`.* FROM `profile` + LEFT JOIN `user` ON `profile`.`uid` = `user`.`uid` + WHERE `user`.`nickname` = '%s' AND `profile`.`is-default` = 1 LIMIT 1", + dbesc($nickname) + ); + } + + if(($r === false) || (! count($r))) { + notice( t('No profile') . EOL ); + $a->error = 404; + return; + } + + $a->profile = $r[0]; + + $a->page['template'] = 'profile'; + + $a->page['title'] = $a->profile['name']; + $_SESSION['theme'] = $a->profile['theme']; + + if(! (x($a->page,'aside'))) + $a->page['aside'] = ''; + $a->page['aside'] .= contact_block(); + + return; +}} diff --git a/htconfig.php b/htconfig.php index 11719a2c6..6f6e3faf9 100644 --- a/htconfig.php +++ b/htconfig.php @@ -52,6 +52,7 @@ $a->config['php_path'] = 'php'; // Location of global directory submission page. $a->config['system']['directory_submit_url'] = 'http://dir.friendika.com/submit'; +$a->config['system']['directory_search_url'] = 'http://dir.friendika.com/directory?search='; // PuSH - aka pubsubhubbub URL. This makes delivery of public posts as fast as private posts diff --git a/include/bbcode.php b/include/bbcode.php index fbae7bc32..351510f6d 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -80,7 +80,7 @@ function bbcode($Text) { // Youtube extensions $Text = preg_replace("/\[youtube\]http:\/\/www.youtube.com\/watch\?v\=(.+?)\[\/youtube\]/",'[youtube]$1[/youtube]',$Text); - $Text = preg_replace("/\[youtube\](.+?)\[\/youtube\]/", '', $Text); + $Text = preg_replace("/\[youtube\](.+?)\[\/youtube\]/", '', $Text); return $Text; } diff --git a/mod/dfrn_confirm.php b/mod/dfrn_confirm.php index 7018bf52b..c20770481 100644 --- a/mod/dfrn_confirm.php +++ b/mod/dfrn_confirm.php @@ -201,7 +201,15 @@ function dfrn_confirm_post(&$a,$handsfree = null) { logger('dfrn_confirm: Confirm: posting data to ' . $dfrn_confirm . ': ' . print_r($params,true), LOGGER_DATA); - // POST all this stuff to the other site. + /** + * + * POST all this stuff to the other site. + * Temporarily raise the network timeout to 120 seconds because the default 60 + * doesn't always give the other side quite enough time to decrypt everything. + * + */ + + $a->config['system']['curl_timeout'] = 120; $res = post_url($dfrn_confirm,$params); diff --git a/mod/dfrn_poll.php b/mod/dfrn_poll.php index 20fdc8f79..a8c27efc1 100644 --- a/mod/dfrn_poll.php +++ b/mod/dfrn_poll.php @@ -353,6 +353,8 @@ function dfrn_poll_content(&$a) { } else { $status = 1; + $challenge = ''; + $encrypted_id = ''; } if(($type === 'profile') && (strlen($sec))) { diff --git a/mod/dfrn_request.php b/mod/dfrn_request.php index 60106661c..ce422aa9f 100644 --- a/mod/dfrn_request.php +++ b/mod/dfrn_request.php @@ -6,7 +6,6 @@ function dfrn_request_init(&$a) { if($a->argc > 1) $which = $a->argv[1]; - require_once('mod/profile.php'); profile_init($a,$which); return; diff --git a/mod/display.php b/mod/display.php index 369161619..1049b28a0 100644 --- a/mod/display.php +++ b/mod/display.php @@ -5,7 +5,6 @@ function display_content(&$a) { $o = '
' . "\r\n"; - require_once('mod/profile.php'); profile_init($a); $item_id = (($a->argc > 2) ? intval($a->argv[2]) : 0); diff --git a/mod/invite.php b/mod/invite.php index fe706a524..9d4497f5d 100644 --- a/mod/invite.php +++ b/mod/invite.php @@ -1,15 +1,22 @@ t('Your message:'), '$default_message' => t('Please join my social network on ') . $a->config['sitename'] . t("\r\n") . t("\r\n") . t('To accept this invitation, please visit:') . t("\r\n") . t("\r\n") . $a->get_baseurl() - . t("\r\n") . t("\r\n") . t('Once you have registered, please make an introduction via my profile page at:') + . t("\r\n") . t("\r\n") . t('Once you have registered, please connect with me via my profile page at:') . t("\r\n") . t("\r\n") . $a->get_baseurl() . '/profile/' . $a->user['nickname'] , '$submit' => t('Submit') )); diff --git a/mod/profile.php b/mod/profile.php index a431f4bdd..b40617d03 100644 --- a/mod/profile.php +++ b/mod/profile.php @@ -1,53 +1,5 @@ error = 404; - return; - } - - $a->profile = $r[0]; - - $a->page['template'] = 'profile'; - - $a->page['title'] = $a->profile['name']; - $_SESSION['theme'] = $a->profile['theme']; - - if(! (x($a->page,'aside'))) - $a->page['aside'] = ''; - $a->page['aside'] .= contact_block(); - - return; -}} - function profile_init(&$a) { if($a->argc > 1) diff --git a/mod/profile_photo.php b/mod/profile_photo.php index 39808776b..64093b2de 100644 --- a/mod/profile_photo.php +++ b/mod/profile_photo.php @@ -8,7 +8,6 @@ function profile_photo_init(&$a) { return; } - require_once("mod/profile.php"); profile_load($a,$a->user['nickname']); } diff --git a/mod/profiles.php b/mod/profiles.php index 604eb2f62..e675af2e4 100644 --- a/mod/profiles.php +++ b/mod/profiles.php @@ -327,7 +327,6 @@ function profiles_content(&$a) { return; } - require_once('mod/profile.php'); profile_load($a,$a->user['nickname'],$r[0]['id']); require_once('include/profile_selectors.php'); diff --git a/mod/settings.php b/mod/settings.php index 7ed7ad32e..a8e02ea40 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -3,7 +3,6 @@ function settings_init(&$a) { if(local_user()) { - require_once("mod/profile.php"); profile_load($a,$a->user['nickname']); } } diff --git a/mod/update_profile.php b/mod/update_profile.php index 9a6729396..13c519d1c 100644 --- a/mod/update_profile.php +++ b/mod/update_profile.php @@ -1,7 +1,11 @@ \r\n"; + + /** + * We can remove this hack once Internet Explorer recognises HTML5 natively + */ + echo (($_GET['msie'] == 1) ? '
' : '
'); - // Grab the page inner contents, but move any image src attributes to another attribute name. - // Some browsers will prefetch all the images for the page even if we don't need them. - // The only ones we need to fetch are those for new page additions, which we'll discover - // on the client side and then swap the image back. + /** + * + * Grab the page inner contents by calling the content function from the profile module directly, + * but move any image src attributes to another attribute name. This is because + * some browsers will prefetch all the images for the page even if we don't need them. + * The only ones we need to fetch are those for new page additions, which we'll discover + * on the client side and then swap the image back. + * + */ - $text = profile_content($a,$profile_uid); - $pattern = "/]*) src=\"([^\"]*)\"/"; - $replace = "' : '
'); echo "\r\n"; killme(); diff --git a/mod/viewcontacts.php b/mod/viewcontacts.php index 562b60c25..bd73b2ffb 100644 --- a/mod/viewcontacts.php +++ b/mod/viewcontacts.php @@ -2,7 +2,6 @@ function viewcontacts_init(&$a) { - require_once("mod/profile.php"); profile_load($a,$a->argv[1]); } diff --git a/mod/wall_upload.php b/mod/wall_upload.php index 25a7ac50e..eb44012d1 100644 --- a/mod/wall_upload.php +++ b/mod/wall_upload.php @@ -19,8 +19,9 @@ function wall_upload_post(&$a) { $can_post = false; $visitor = 0; - $page_owner_uid = $r[0]['uid']; - $community_page = (($r[0]['page-flags'] == PAGE_COMMUNITY) ? true : false); + $page_owner_uid = $r[0]['uid']; + $page_owner_nick = $r[0]['nickname']; + $community_page = (($r[0]['page-flags'] == PAGE_COMMUNITY) ? true : false); if((local_user()) && (local_user() == $page_owner_uid)) $can_post = true; @@ -97,7 +98,7 @@ function wall_upload_post(&$a) { } $basename = basename($filename); - echo "

get_baseurl(). "/photo/{$hash}-{$smallest}.jpg\" alt=\"$basename\" />

"; + echo '

\"$basename\"

"; killme(); return; // NOTREACHED diff --git a/testargs.php b/testargs.php index 65e56ec3e..4c9bce4e9 100644 --- a/testargs.php +++ b/testargs.php @@ -1,5 +1,20 @@ 1) && isset($argv[1])) echo $argv[1]; else diff --git a/update.php b/update.php index ff57c12f3..92b240798 100644 --- a/update.php +++ b/update.php @@ -1,5 +1,40 @@ config['php_path'] = '$phpath'; // Location of global directory submission page. $a->config['system']['directory_submit_url'] = 'http://dir.friendika.com/submit'; +$a->config['system']['directory_search_url'] = 'http://dir.friendika.com/directory?search='; // PuSH - aka pubsubhubbub URL. This makes delivery of public posts as fast as private posts