Merge branch '2018.12-rc' into task/move-config-to-php-array

This commit is contained in:
Hypolite Petovan 2018-12-27 01:47:53 -05:00 committed by GitHub
commit fabc90e9dd
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
420 changed files with 3127 additions and 2911 deletions

View file

@ -1 +1 @@
2018.12-dev 2018.12-rc

View file

@ -39,7 +39,7 @@ require_once 'include/text.php';
define('FRIENDICA_PLATFORM', 'Friendica'); define('FRIENDICA_PLATFORM', 'Friendica');
define('FRIENDICA_CODENAME', 'The Tazmans Flax-lily'); define('FRIENDICA_CODENAME', 'The Tazmans Flax-lily');
define('FRIENDICA_VERSION', '2018.12-dev'); define('FRIENDICA_VERSION', '2018.12-rc');
define('DFRN_PROTOCOL_VERSION', '2.23'); define('DFRN_PROTOCOL_VERSION', '2.23');
define('NEW_UPDATE_ROUTINE_VERSION', 1170); define('NEW_UPDATE_ROUTINE_VERSION', 1170);
@ -338,41 +338,6 @@ function get_app()
return BaseObject::getApp(); return BaseObject::getApp();
} }
/**
* @brief Multi-purpose function to check variable state.
*
* Usage: x($var) or $x($array, 'key')
*
* returns false if variable/key is not set
* if variable is set, returns 1 if has 'non-zero' value, otherwise returns 0.
* e.g. x('') or x(0) returns 0;
*
* @param string|array $s variable to check
* @param string $k key inside the array to check
*
* @return bool|int
*/
function x($s, $k = null)
{
if ($k != null) {
if ((is_array($s)) && (array_key_exists($k, $s))) {
if ($s[$k]) {
return (int) 1;
}
return (int) 0;
}
return false;
} else {
if (isset($s)) {
if ($s) {
return (int) 1;
}
return (int) 0;
}
return false;
}
}
/** /**
* Return the provided variable value if it exists and is truthy or the provided * Return the provided variable value if it exists and is truthy or the provided
* default value instead. * default value instead.
@ -383,13 +348,12 @@ function x($s, $k = null)
* - defaults($var, $default) * - defaults($var, $default)
* - defaults($array, 'key', $default) * - defaults($array, 'key', $default)
* *
* @param array $args
* @brief Returns a defaut value if the provided variable or array key is falsy * @brief Returns a defaut value if the provided variable or array key is falsy
* @see x()
* @return mixed * @return mixed
*/ */
function defaults() { function defaults(...$args)
$args = func_get_args(); {
if (count($args) < 2) { if (count($args) < 2) {
throw new BadFunctionCallException('defaults() requires at least 2 parameters'); throw new BadFunctionCallException('defaults() requires at least 2 parameters');
} }
@ -400,16 +364,15 @@ function defaults() {
throw new BadFunctionCallException('defaults($arr, $key, $def) $key is null'); throw new BadFunctionCallException('defaults($arr, $key, $def) $key is null');
} }
$default = array_pop($args); // The default value always is the last argument
$return = array_pop($args);
if (call_user_func_array('x', $args)) { if (count($args) == 2 && is_array($args[0]) && !empty($args[0][$args[1]])) {
if (count($args) === 1) { $return = $args[0][$args[1]];
$return = $args[0]; }
} else {
$return = $args[0][$args[1]]; if (count($args) == 1 && !empty($args[0])) {
} $return = $args[0];
} else {
$return = $default;
} }
return $return; return $return;
@ -446,15 +409,15 @@ function public_contact()
{ {
static $public_contact_id = false; static $public_contact_id = false;
if (!$public_contact_id && x($_SESSION, 'authenticated')) { if (!$public_contact_id && !empty($_SESSION['authenticated'])) {
if (x($_SESSION, 'my_address')) { if (!empty($_SESSION['my_address'])) {
// Local user // Local user
$public_contact_id = intval(Contact::getIdForURL($_SESSION['my_address'], 0, true)); $public_contact_id = intval(Contact::getIdForURL($_SESSION['my_address'], 0, true));
} elseif (x($_SESSION, 'visitor_home')) { } elseif (!empty($_SESSION['visitor_home'])) {
// Remote user // Remote user
$public_contact_id = intval(Contact::getIdForURL($_SESSION['visitor_home'], 0, true)); $public_contact_id = intval(Contact::getIdForURL($_SESSION['visitor_home'], 0, true));
} }
} elseif (!x($_SESSION, 'authenticated')) { } elseif (empty($_SESSION['authenticated'])) {
$public_contact_id = false; $public_contact_id = false;
} }
@ -479,7 +442,7 @@ function remote_user()
return false; return false;
} }
if (x($_SESSION, 'authenticated') && x($_SESSION, 'visitor_id')) { if (!empty($_SESSION['authenticated']) && !empty($_SESSION['visitor_id'])) {
return intval($_SESSION['visitor_id']); return intval($_SESSION['visitor_id']);
} }
return false; return false;
@ -499,7 +462,7 @@ function notice($s)
} }
$a = get_app(); $a = get_app();
if (!x($_SESSION, 'sysmsg')) { if (empty($_SESSION['sysmsg'])) {
$_SESSION['sysmsg'] = []; $_SESSION['sysmsg'] = [];
} }
if ($a->interactive) { if ($a->interactive) {
@ -522,7 +485,7 @@ function info($s)
return; return;
} }
if (!x($_SESSION, 'sysmsg_info')) { if (empty($_SESSION['sysmsg_info'])) {
$_SESSION['sysmsg_info'] = []; $_SESSION['sysmsg_info'] = [];
} }
if ($a->interactive) { if ($a->interactive) {
@ -891,3 +854,22 @@ function validate_include(&$file)
// Simply return flag // Simply return flag
return $valid; return $valid;
} }
/**
* PHP 5 compatible dirname() with count parameter
*
* @see http://php.net/manual/en/function.dirname.php#113193
*
* @deprecated with PHP 7
* @param string $path
* @param int $levels
* @return string
*/
function rdirname($path, $levels = 1)
{
if ($levels > 1) {
return dirname(rdirname($path, --$levels));
} else {
return dirname($path);
}
}

View file

@ -34,7 +34,7 @@
use Friendica\Database\DBA; use Friendica\Database\DBA;
if (!defined('DB_UPDATE_VERSION')) { if (!defined('DB_UPDATE_VERSION')) {
define('DB_UPDATE_VERSION', 1290); define('DB_UPDATE_VERSION', 1291);
} }
return [ return [
@ -643,6 +643,7 @@ return [
"uid_contactid_created" => ["uid", "contact-id", "created"], "uid_contactid_created" => ["uid", "contact-id", "created"],
"authorid_created" => ["author-id", "created"], "authorid_created" => ["author-id", "created"],
"ownerid" => ["owner-id"], "ownerid" => ["owner-id"],
"contact-id" => ["contact-id"],
"uid_uri" => ["uid", "uri(190)"], "uid_uri" => ["uid", "uri(190)"],
"resource-id" => ["resource-id"], "resource-id" => ["resource-id"],
"deleted_changed" => ["deleted", "changed"], "deleted_changed" => ["deleted", "changed"],
@ -894,7 +895,9 @@ return [
"fid" => ["type" => "int unsigned", "not null" => "1", "relation" => ["fcontact" => "id"], "comment" => ""], "fid" => ["type" => "int unsigned", "not null" => "1", "relation" => ["fcontact" => "id"], "comment" => ""],
], ],
"indexes" => [ "indexes" => [
"PRIMARY" => ["iid", "server"] "PRIMARY" => ["iid", "server"],
"cid" => ["cid"],
"fid" => ["fid"]
] ]
], ],
"pconfig" => [ "pconfig" => [

View file

@ -248,7 +248,10 @@ Friendica will not work correctly if you cannot perform this step.
If it is not possible to set up a cron job then please activate the "frontend worker" in the administration interface. If it is not possible to set up a cron job then please activate the "frontend worker" in the administration interface.
Once you have installed Friendica and created an admin account as part of the process, you can access the admin panel of your installation and do most of the server wide configuration from there Once you have installed Friendica and created an admin account as part of the process, you can access the admin panel of your installation and do most of the server wide configuration from there.
At this point it is recommended that you set up logging and logrotation.
To do so please visit [Settings](help/Settings) and search the 'Logs' section for more information.
### Set up a backup plan ### Set up a backup plan

View file

@ -181,13 +181,13 @@ Next take the default.php file found in the /view direcotry and exchange the asi
So the central part of the file now looks like this: So the central part of the file now looks like this:
<body> <body>
<?php if(x($page,'nav')) echo $page['nav']; ?> <?php if(!empty($page['nav'])) echo $page['nav']; ?>
<aside><?php if(x($page,'right_aside')) echo $page['right_aside']; ?></aside> <aside><?php if(!empty($page['right_aside'])) echo $page['right_aside']; ?></aside>
<section><?php if(x($page,'content')) echo $page['content']; ?> <section><?php if(!empty($page['content'])) echo $page['content']; ?>
<div id="page-footer"></div> <div id="page-footer"></div>
</section> </section>
<right_aside><?php if(x($page,'aside')) echo $page['aside']; ?></right_aside> <right_aside><?php if(!empty($page['aside'])) echo $page['aside']; ?></right_aside>
<footer><?php if(x($page,'footer')) echo $page['footer']; ?></footer> <footer><?php if(!empty($page['footer'])) echo $page['footer']; ?></footer>
</body> </body>
Finally we need a style.css file, inheriting the definitions from the parent theme and containing out changes for the new theme. Finally we need a style.css file, inheriting the definitions from the parent theme and containing out changes for the new theme.

View file

@ -68,7 +68,7 @@ $called_api = [];
*/ */
function api_user() function api_user()
{ {
if (x($_SESSION, 'allow_api')) { if (!empty($_SESSION['allow_api'])) {
return local_user(); return local_user();
} }
@ -186,8 +186,8 @@ function api_login(App $a)
} }
// workaround for HTTP-auth in CGI mode // workaround for HTTP-auth in CGI mode
if (x($_SERVER, 'REDIRECT_REMOTE_USER')) { if (!empty($_SERVER['REDIRECT_REMOTE_USER'])) {
$userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)) ; $userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6));
if (strlen($userpass)) { if (strlen($userpass)) {
list($name, $password) = explode(':', $userpass); list($name, $password) = explode(':', $userpass);
$_SERVER['PHP_AUTH_USER'] = $name; $_SERVER['PHP_AUTH_USER'] = $name;
@ -195,7 +195,7 @@ function api_login(App $a)
} }
} }
if (!x($_SERVER, 'PHP_AUTH_USER')) { if (empty($_SERVER['PHP_AUTH_USER'])) {
Logger::log('API_login: ' . print_r($_SERVER, true), Logger::DEBUG); Logger::log('API_login: ' . print_r($_SERVER, true), Logger::DEBUG);
header('WWW-Authenticate: Basic realm="Friendica"'); header('WWW-Authenticate: Basic realm="Friendica"');
throw new UnauthorizedException("This API requires login"); throw new UnauthorizedException("This API requires login");
@ -396,7 +396,7 @@ function api_call(App $a)
case "json": case "json":
header("Content-Type: application/json"); header("Content-Type: application/json");
$json = json_encode(end($return)); $json = json_encode(end($return));
if (x($_GET, 'callback')) { if (!empty($_GET['callback'])) {
$json = $_GET['callback'] . "(" . $json . ")"; $json = $_GET['callback'] . "(" . $json . ")";
} }
$return = $json; $return = $json;
@ -550,7 +550,7 @@ function api_get_user(App $a, $contact_id = null)
} }
} }
if (is_null($user) && x($_GET, 'user_id')) { if (is_null($user) && !empty($_GET['user_id'])) {
$user = DBA::escape(api_unique_id_to_nurl($_GET['user_id'])); $user = DBA::escape(api_unique_id_to_nurl($_GET['user_id']));
if ($user == "") { if ($user == "") {
@ -563,7 +563,7 @@ function api_get_user(App $a, $contact_id = null)
$extra_query .= "AND `contact`.`uid`=" . intval(api_user()); $extra_query .= "AND `contact`.`uid`=" . intval(api_user());
} }
} }
if (is_null($user) && x($_GET, 'screen_name')) { if (is_null($user) && !empty($_GET['screen_name'])) {
$user = DBA::escape($_GET['screen_name']); $user = DBA::escape($_GET['screen_name']);
$extra_query = "AND `contact`.`nick` = '%s' "; $extra_query = "AND `contact`.`nick` = '%s' ";
if (api_user() !== false) { if (api_user() !== false) {
@ -571,7 +571,7 @@ function api_get_user(App $a, $contact_id = null)
} }
} }
if (is_null($user) && x($_GET, 'profileurl')) { if (is_null($user) && !empty($_GET['profileurl'])) {
$user = DBA::escape(Strings::normaliseLink($_GET['profileurl'])); $user = DBA::escape(Strings::normaliseLink($_GET['profileurl']));
$extra_query = "AND `contact`.`nurl` = '%s' "; $extra_query = "AND `contact`.`nurl` = '%s' ";
if (api_user() !== false) { if (api_user() !== false) {
@ -643,8 +643,6 @@ function api_get_user(App $a, $contact_id = null)
$contact = DBA::selectFirst('contact', [], ['uid' => 0, 'nurl' => Strings::normaliseLink($url)]); $contact = DBA::selectFirst('contact', [], ['uid' => 0, 'nurl' => Strings::normaliseLink($url)]);
if (DBA::isResult($contact)) { if (DBA::isResult($contact)) {
$network_name = ContactSelector::networkToName($contact['network'], $contact['url']);
// If no nick where given, extract it from the address // If no nick where given, extract it from the address
if (($contact['nick'] == "") || ($contact['name'] == $contact['nick'])) { if (($contact['nick'] == "") || ($contact['name'] == $contact['nick'])) {
$contact['nick'] = api_get_nick($contact["url"]); $contact['nick'] = api_get_nick($contact["url"]);
@ -655,7 +653,7 @@ function api_get_user(App $a, $contact_id = null)
'id_str' => (string) $contact["id"], 'id_str' => (string) $contact["id"],
'name' => $contact["name"], 'name' => $contact["name"],
'screen_name' => (($contact['nick']) ? $contact['nick'] : $contact['name']), 'screen_name' => (($contact['nick']) ? $contact['nick'] : $contact['name']),
'location' => ($contact["location"] != "") ? $contact["location"] : $network_name, 'location' => ($contact["location"] != "") ? $contact["location"] : ContactSelector::networkToName($contact['network'], $contact['url']),
'description' => $contact["about"], 'description' => $contact["about"],
'profile_image_url' => $contact["micro"], 'profile_image_url' => $contact["micro"],
'profile_image_url_https' => $contact["micro"], 'profile_image_url_https' => $contact["micro"],
@ -713,8 +711,6 @@ function api_get_user(App $a, $contact_id = null)
$uinfo[0]['nick'] = api_get_nick($uinfo[0]["url"]); $uinfo[0]['nick'] = api_get_nick($uinfo[0]["url"]);
} }
$network_name = ContactSelector::networkToName($uinfo[0]['network'], $uinfo[0]['url']);
$pcontact_id = Contact::getIdForURL($uinfo[0]['url'], 0, true); $pcontact_id = Contact::getIdForURL($uinfo[0]['url'], 0, true);
if (!empty($profile['about'])) { if (!empty($profile['about'])) {
@ -728,7 +724,7 @@ function api_get_user(App $a, $contact_id = null)
} elseif (!empty($uinfo[0]["location"])) { } elseif (!empty($uinfo[0]["location"])) {
$location = $uinfo[0]["location"]; $location = $uinfo[0]["location"];
} else { } else {
$location = $network_name; $location = ContactSelector::networkToName($uinfo[0]['network'], $uinfo[0]['url']);
} }
$ret = [ $ret = [
@ -980,7 +976,7 @@ function api_account_verify_credentials($type)
unset($_REQUEST["screen_name"]); unset($_REQUEST["screen_name"]);
unset($_GET["screen_name"]); unset($_GET["screen_name"]);
$skip_status = (x($_REQUEST, 'skip_status')?$_REQUEST['skip_status'] : false); $skip_status = defaults($_REQUEST, 'skip_status', false);
$user_info = api_get_user($a); $user_info = api_get_user($a);
@ -1014,10 +1010,10 @@ api_register_func('api/account/verify_credentials', 'api_account_verify_credenti
*/ */
function requestdata($k) function requestdata($k)
{ {
if (x($_POST, $k)) { if (!empty($_POST[$k])) {
return $_POST[$k]; return $_POST[$k];
} }
if (x($_GET, $k)) { if (!empty($_GET[$k])) {
return $_GET[$k]; return $_GET[$k];
} }
return null; return null;
@ -1172,7 +1168,7 @@ function api_statuses_update($type)
} }
} }
if (x($_FILES, 'media')) { if (!empty($_FILES['media'])) {
// upload the image if we have one // upload the image if we have one
$picture = wall_upload_post($a, false); $picture = wall_upload_post($a, false);
if (is_array($picture)) { if (is_array($picture)) {
@ -1199,7 +1195,7 @@ function api_statuses_update($type)
$_REQUEST['api_source'] = true; $_REQUEST['api_source'] = true;
if (!x($_REQUEST, "source")) { if (empty($_REQUEST['source'])) {
$_REQUEST["source"] = api_source(); $_REQUEST["source"] = api_source();
} }
@ -1231,7 +1227,7 @@ function api_media_upload()
api_get_user($a); api_get_user($a);
if (!x($_FILES, 'media')) { if (empty($_FILES['media'])) {
// Output error // Output error
throw new BadRequestException("No media."); throw new BadRequestException("No media.");
} }
@ -1445,7 +1441,7 @@ function api_users_search($type)
$userlist = []; $userlist = [];
if (x($_GET, 'q')) { if (!empty($_GET['q'])) {
$r = q("SELECT id FROM `contact` WHERE `uid` = 0 AND `name` = '%s'", DBA::escape($_GET["q"])); $r = q("SELECT id FROM `contact` WHERE `uid` = 0 AND `name` = '%s'", DBA::escape($_GET["q"]));
if (!DBA::isResult($r)) { if (!DBA::isResult($r)) {
@ -1530,21 +1526,21 @@ function api_search($type)
$data = []; $data = [];
if (!x($_REQUEST, 'q')) { if (empty($_REQUEST['q'])) {
throw new BadRequestException("q parameter is required."); throw new BadRequestException("q parameter is required.");
} }
if (x($_REQUEST, 'rpp')) { if (!empty($_REQUEST['rpp'])) {
$count = $_REQUEST['rpp']; $count = $_REQUEST['rpp'];
} elseif (x($_REQUEST, 'count')) { } elseif (!empty($_REQUEST['count'])) {
$count = $_REQUEST['count']; $count = $_REQUEST['count'];
} else { } else {
$count = 15; $count = 15;
} }
$since_id = (x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0); $since_id = defaults($_REQUEST, 'since_id', 0);
$max_id = (x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0); $max_id = defaults($_REQUEST, 'max_id', 0);
$page = (x($_REQUEST, 'page') ? $_REQUEST['page'] - 1 : 0); $page = (!empty($_REQUEST['page']) ? $_REQUEST['page'] - 1 : 0);
$start = $page * $count; $start = $page * $count;
@ -1598,16 +1594,15 @@ function api_statuses_home_timeline($type)
// get last network messages // get last network messages
// params // params
$count = (x($_REQUEST, 'count') ? $_REQUEST['count'] : 20); $count = defaults($_REQUEST, 'count', 20);
$page = (x($_REQUEST, 'page') ? $_REQUEST['page'] - 1 : 0); $page = (!empty($_REQUEST['page']) ? $_REQUEST['page'] - 1 : 0);
if ($page < 0) { if ($page < 0) {
$page = 0; $page = 0;
} }
$since_id = (x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0); $since_id = defaults($_REQUEST, 'since_id', 0);
$max_id = (x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0); $max_id = defaults($_REQUEST, 'max_id', 0);
//$since_id = 0;//$since_id = (x($_REQUEST, 'since_id')?$_REQUEST['since_id'] : 0); $exclude_replies = !empty($_REQUEST['exclude_replies']);
$exclude_replies = (x($_REQUEST, 'exclude_replies') ? 1 : 0); $conversation_id = defaults($_REQUEST, 'conversation_id', 0);
$conversation_id = (x($_REQUEST, 'conversation_id') ? $_REQUEST['conversation_id'] : 0);
$start = $page * $count; $start = $page * $count;
@ -1618,7 +1613,7 @@ function api_statuses_home_timeline($type)
$condition[0] .= " AND `item`.`id` <= ?"; $condition[0] .= " AND `item`.`id` <= ?";
$condition[] = $max_id; $condition[] = $max_id;
} }
if ($exclude_replies > 0) { if ($exclude_replies) {
$condition[0] .= ' AND `item`.`parent` = `item`.`id`'; $condition[0] .= ' AND `item`.`parent` = `item`.`id`';
} }
if ($conversation_id > 0) { if ($conversation_id > 0) {
@ -1681,19 +1676,17 @@ function api_statuses_public_timeline($type)
// get last network messages // get last network messages
// params // params
$count = (x($_REQUEST, 'count') ? $_REQUEST['count'] : 20); $count = defaults($_REQUEST, 'count', 20);
$page = (x($_REQUEST, 'page') ? $_REQUEST['page'] -1 : 0); $page = (!empty($_REQUEST['page']) ? $_REQUEST['page'] -1 : 0);
if ($page < 0) { if ($page < 0) {
$page = 0; $page = 0;
} }
$since_id = (x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0); $since_id = defaults($_REQUEST, 'since_id', 0);
$max_id = (x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0); $max_id = defaults($_REQUEST, 'max_id', 0);
//$since_id = 0;//$since_id = (x($_REQUEST, 'since_id')?$_REQUEST['since_id'] : 0); $exclude_replies = (!empty($_REQUEST['exclude_replies']) ? 1 : 0);
$exclude_replies = (x($_REQUEST, 'exclude_replies') ? 1 : 0); $conversation_id = defaults($_REQUEST, 'conversation_id', 0);
$conversation_id = (x($_REQUEST, 'conversation_id') ? $_REQUEST['conversation_id'] : 0);
$start = $page * $count; $start = $page * $count;
$sql_extra = '';
if ($exclude_replies && !$conversation_id) { if ($exclude_replies && !$conversation_id) {
$condition = ["`gravity` IN (?, ?) AND `iid` > ? AND NOT `private` AND `wall` AND NOT `user`.`hidewall`", $condition = ["`gravity` IN (?, ?) AND `iid` > ? AND NOT `private` AND `wall` AND NOT `user`.`hidewall`",
@ -1762,12 +1755,12 @@ function api_statuses_networkpublic_timeline($type)
throw new ForbiddenException(); throw new ForbiddenException();
} }
$since_id = x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0; $since_id = defaults($_REQUEST, 'since_id', 0);
$max_id = x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0; $max_id = defaults($_REQUEST, 'max_id', 0);
// pagination // pagination
$count = x($_REQUEST, 'count') ? $_REQUEST['count'] : 20; $count = defaults($_REQUEST, 'count', 20);
$page = x($_REQUEST, 'page') ? $_REQUEST['page'] : 1; $page = defaults($_REQUEST, 'page', 1);
if ($page < 1) { if ($page < 1) {
$page = 1; $page = 1;
} }
@ -2001,7 +1994,7 @@ function api_statuses_repeat($type)
$_REQUEST['profile_uid'] = api_user(); $_REQUEST['profile_uid'] = api_user();
$_REQUEST['api_source'] = true; $_REQUEST['api_source'] = true;
if (!x($_REQUEST, "source")) { if (empty($_REQUEST['source'])) {
$_REQUEST["source"] = api_source(); $_REQUEST["source"] = api_source();
} }
@ -2150,14 +2143,14 @@ function api_statuses_user_timeline($type)
Logger::DEBUG Logger::DEBUG
); );
$since_id = x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0; $since_id = defaults($_REQUEST, 'since_id', 0);
$max_id = x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0; $max_id = defaults($_REQUEST, 'max_id', 0);
$exclude_replies = x($_REQUEST, 'exclude_replies') ? 1 : 0; $exclude_replies = !empty($_REQUEST['exclude_replies']);
$conversation_id = x($_REQUEST, 'conversation_id') ? $_REQUEST['conversation_id'] : 0; $conversation_id = defaults($_REQUEST, 'conversation_id', 0);
// pagination // pagination
$count = x($_REQUEST, 'count') ? $_REQUEST['count'] : 20; $count = defaults($_REQUEST, 'count', 20);
$page = x($_REQUEST, 'page') ? $_REQUEST['page'] : 1; $page = defaults($_REQUEST, 'page', 1);
if ($page < 1) { if ($page < 1) {
$page = 1; $page = 1;
} }
@ -2170,7 +2163,7 @@ function api_statuses_user_timeline($type)
$condition[0] .= ' AND `item`.`wall` '; $condition[0] .= ' AND `item`.`wall` ';
} }
if ($exclude_replies > 0) { if ($exclude_replies) {
$condition[0] .= ' AND `item`.`parent` = `item`.`id`'; $condition[0] .= ' AND `item`.`parent` = `item`.`id`';
} }
@ -2309,10 +2302,10 @@ function api_favorites($type)
$ret = []; $ret = [];
} else { } else {
// params // params
$since_id = (x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0); $since_id = defaults($_REQUEST, 'since_id', 0);
$max_id = (x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0); $max_id = defaults($_REQUEST, 'max_id', 0);
$count = (x($_GET, 'count') ? $_GET['count'] : 20); $count = defaults($_GET, 'count', 20);
$page = (x($_REQUEST, 'page') ? $_REQUEST['page'] -1 : 0); $page = (!empty($_REQUEST['page']) ? $_REQUEST['page'] -1 : 0);
if ($page < 0) { if ($page < 0) {
$page = 0; $page = 0;
} }
@ -2390,7 +2383,7 @@ function api_format_messages($item, $recipient, $sender)
} }
//don't send title to regular StatusNET requests to avoid confusing these apps //don't send title to regular StatusNET requests to avoid confusing these apps
if (x($_GET, 'getText')) { if (!empty($_GET['getText'])) {
$ret['title'] = $item['title']; $ret['title'] = $item['title'];
if ($_GET['getText'] == 'html') { if ($_GET['getText'] == 'html') {
$ret['text'] = BBCode::convert($item['body'], false); $ret['text'] = BBCode::convert($item['body'], false);
@ -2400,7 +2393,7 @@ function api_format_messages($item, $recipient, $sender)
} else { } else {
$ret['text'] = $item['title'] . "\n" . HTML::toPlaintext(BBCode::convert(api_clean_plain_items($item['body']), false, 2, true), 0); $ret['text'] = $item['title'] . "\n" . HTML::toPlaintext(BBCode::convert(api_clean_plain_items($item['body']), false, 2, true), 0);
} }
if (x($_GET, 'getUserObjects') && $_GET['getUserObjects'] == 'false') { if (!empty($_GET['getUserObjects']) && $_GET['getUserObjects'] == 'false') {
unset($ret['sender']); unset($ret['sender']);
unset($ret['recipient']); unset($ret['recipient']);
} }
@ -2530,7 +2523,7 @@ function api_get_attachments(&$body)
*/ */
function api_get_entitities(&$text, $bbcode) function api_get_entitities(&$text, $bbcode)
{ {
$include_entities = strtolower(x($_REQUEST, 'include_entities') ? $_REQUEST['include_entities'] : "false"); $include_entities = strtolower(defaults($_REQUEST, 'include_entities', "false"));
if ($include_entities != "true") { if ($include_entities != "true") {
preg_match_all("/\[img](.*?)\[\/img\]/ism", $bbcode, $images); preg_match_all("/\[img](.*?)\[\/img\]/ism", $bbcode, $images);
@ -3119,15 +3112,15 @@ function api_lists_statuses($type)
} }
// params // params
$count = (x($_REQUEST, 'count') ? $_REQUEST['count'] : 20); $count = defaults($_REQUEST, 'count', 20);
$page = (x($_REQUEST, 'page') ? $_REQUEST['page'] - 1 : 0); $page = (!empty($_REQUEST['page']) ? $_REQUEST['page'] - 1 : 0);
if ($page < 0) { if ($page < 0) {
$page = 0; $page = 0;
} }
$since_id = (x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0); $since_id = defaults($_REQUEST, 'since_id', 0);
$max_id = (x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0); $max_id = defaults($_REQUEST, 'max_id', 0);
$exclude_replies = (x($_REQUEST, 'exclude_replies') ? 1 : 0); $exclude_replies = (!empty($_REQUEST['exclude_replies']) ? 1 : 0);
$conversation_id = (x($_REQUEST, 'conversation_id') ? $_REQUEST['conversation_id'] : 0); $conversation_id = defaults($_REQUEST, 'conversation_id', 0);
$start = $page * $count; $start = $page * $count;
@ -3185,8 +3178,8 @@ function api_statuses_f($qtype)
} }
// pagination // pagination
$count = x($_GET, 'count') ? $_GET['count'] : 20; $count = defaults($_GET, 'count', 20);
$page = x($_GET, 'page') ? $_GET['page'] : 1; $page = defaults($_GET, 'page', 1);
if ($page < 1) { if ($page < 1) {
$page = 1; $page = 1;
} }
@ -3194,7 +3187,7 @@ function api_statuses_f($qtype)
$user_info = api_get_user($a); $user_info = api_get_user($a);
if (x($_GET, 'cursor') && $_GET['cursor'] == 'undefined') { if (!empty($_GET['cursor']) && $_GET['cursor'] == 'undefined') {
/* this is to stop Hotot to load friends multiple times /* this is to stop Hotot to load friends multiple times
* I'm not sure if I'm missing return something or * I'm not sure if I'm missing return something or
* is a bug in hotot. Workaround, meantime * is a bug in hotot. Workaround, meantime
@ -3522,7 +3515,7 @@ function api_direct_messages_new($type)
$replyto = ''; $replyto = '';
$sub = ''; $sub = '';
if (x($_REQUEST, 'replyto')) { if (!empty($_REQUEST['replyto'])) {
$r = q( $r = q(
'SELECT `parent-uri`, `title` FROM `mail` WHERE `uid`=%d AND `id`=%d', 'SELECT `parent-uri`, `title` FROM `mail` WHERE `uid`=%d AND `id`=%d',
intval(api_user()), intval(api_user()),
@ -3531,7 +3524,7 @@ function api_direct_messages_new($type)
$replyto = $r[0]['parent-uri']; $replyto = $r[0]['parent-uri'];
$sub = $r[0]['title']; $sub = $r[0]['title'];
} else { } else {
if (x($_REQUEST, 'title')) { if (!empty($_REQUEST['title'])) {
$sub = $_REQUEST['title']; $sub = $_REQUEST['title'];
} else { } else {
$sub = ((strlen($_POST['text'])>10) ? substr($_POST['text'], 0, 10)."...":$_POST['text']); $sub = ((strlen($_POST['text'])>10) ? substr($_POST['text'], 0, 10)."...":$_POST['text']);
@ -3583,10 +3576,10 @@ function api_direct_messages_destroy($type)
// params // params
$user_info = api_get_user($a); $user_info = api_get_user($a);
//required //required
$id = (x($_REQUEST, 'id') ? $_REQUEST['id'] : 0); $id = defaults($_REQUEST, 'id', 0);
// optional // optional
$parenturi = (x($_REQUEST, 'friendica_parenturi') ? $_REQUEST['friendica_parenturi'] : ""); $parenturi = defaults($_REQUEST, 'friendica_parenturi', "");
$verbose = (x($_GET, 'friendica_verbose') ? strtolower($_GET['friendica_verbose']) : "false"); $verbose = (!empty($_GET['friendica_verbose']) ? strtolower($_GET['friendica_verbose']) : "false");
/// @todo optional parameter 'include_entities' from Twitter API not yet implemented /// @todo optional parameter 'include_entities' from Twitter API not yet implemented
$uid = $user_info['uid']; $uid = $user_info['uid'];
@ -3647,7 +3640,7 @@ api_register_func('api/direct_messages/destroy', 'api_direct_messages_destroy',
/** /**
* Unfollow Contact * Unfollow Contact
* *
* @brief unfollow contact * @brief unfollow contact
* *
* @param string $type Known types are 'atom', 'rss', 'xml' and 'json' * @param string $type Known types are 'atom', 'rss', 'xml' and 'json'
* @return string|array * @return string|array
@ -3838,7 +3831,7 @@ function api_direct_messages_box($type, $box, $verbose)
*/ */
function api_direct_messages_sentbox($type) function api_direct_messages_sentbox($type)
{ {
$verbose = (x($_GET, 'friendica_verbose') ? strtolower($_GET['friendica_verbose']) : "false"); $verbose = !empty($_GET['friendica_verbose']) ? strtolower($_GET['friendica_verbose']) : "false";
return api_direct_messages_box($type, "sentbox", $verbose); return api_direct_messages_box($type, "sentbox", $verbose);
} }
@ -3852,7 +3845,7 @@ function api_direct_messages_sentbox($type)
*/ */
function api_direct_messages_inbox($type) function api_direct_messages_inbox($type)
{ {
$verbose = (x($_GET, 'friendica_verbose') ? strtolower($_GET['friendica_verbose']) : "false"); $verbose = !empty($_GET['friendica_verbose']) ? strtolower($_GET['friendica_verbose']) : "false";
return api_direct_messages_box($type, "inbox", $verbose); return api_direct_messages_box($type, "inbox", $verbose);
} }
@ -3864,7 +3857,7 @@ function api_direct_messages_inbox($type)
*/ */
function api_direct_messages_all($type) function api_direct_messages_all($type)
{ {
$verbose = (x($_GET, 'friendica_verbose') ? strtolower($_GET['friendica_verbose']) : "false"); $verbose = !empty($_GET['friendica_verbose']) ? strtolower($_GET['friendica_verbose']) : "false";
return api_direct_messages_box($type, "all", $verbose); return api_direct_messages_box($type, "all", $verbose);
} }
@ -3876,7 +3869,7 @@ function api_direct_messages_all($type)
*/ */
function api_direct_messages_conversation($type) function api_direct_messages_conversation($type)
{ {
$verbose = (x($_GET, 'friendica_verbose') ? strtolower($_GET['friendica_verbose']) : "false"); $verbose = !empty($_GET['friendica_verbose']) ? strtolower($_GET['friendica_verbose']) : "false";
return api_direct_messages_box($type, "conversation", $verbose); return api_direct_messages_box($type, "conversation", $verbose);
} }
@ -3940,7 +3933,7 @@ function api_fr_photoalbum_delete($type)
throw new ForbiddenException(); throw new ForbiddenException();
} }
// input params // input params
$album = (x($_REQUEST, 'album') ? $_REQUEST['album'] : ""); $album = defaults($_REQUEST, 'album', "");
// we do not allow calls without album string // we do not allow calls without album string
if ($album == "") { if ($album == "") {
@ -3992,8 +3985,8 @@ function api_fr_photoalbum_update($type)
throw new ForbiddenException(); throw new ForbiddenException();
} }
// input params // input params
$album = (x($_REQUEST, 'album') ? $_REQUEST['album'] : ""); $album = defaults($_REQUEST, 'album', "");
$album_new = (x($_REQUEST, 'album_new') ? $_REQUEST['album_new'] : ""); $album_new = defaults($_REQUEST, 'album_new', "");
// we do not allow calls without album string // we do not allow calls without album string
if ($album == "") { if ($album == "") {
@ -4077,15 +4070,15 @@ function api_fr_photo_create_update($type)
throw new ForbiddenException(); throw new ForbiddenException();
} }
// input params // input params
$photo_id = (x($_REQUEST, 'photo_id') ? $_REQUEST['photo_id'] : null); $photo_id = defaults($_REQUEST, 'photo_id', null);
$desc = (x($_REQUEST, 'desc') ? $_REQUEST['desc'] : (array_key_exists('desc', $_REQUEST) ? "" : null)); // extra check necessary to distinguish between 'not provided' and 'empty string' $desc = defaults($_REQUEST, 'desc', (array_key_exists('desc', $_REQUEST) ? "" : null)) ; // extra check necessary to distinguish between 'not provided' and 'empty string'
$album = (x($_REQUEST, 'album') ? $_REQUEST['album'] : null); $album = defaults($_REQUEST, 'album', null);
$album_new = (x($_REQUEST, 'album_new') ? $_REQUEST['album_new'] : null); $album_new = defaults($_REQUEST, 'album_new', null);
$allow_cid = (x($_REQUEST, 'allow_cid') ? $_REQUEST['allow_cid'] : (array_key_exists('allow_cid', $_REQUEST) ? " " : null)); $allow_cid = defaults($_REQUEST, 'allow_cid', (array_key_exists('allow_cid', $_REQUEST) ? " " : null));
$deny_cid = (x($_REQUEST, 'deny_cid') ? $_REQUEST['deny_cid'] : (array_key_exists('deny_cid', $_REQUEST) ? " " : null)); $deny_cid = defaults($_REQUEST, 'deny_cid' , (array_key_exists('deny_cid' , $_REQUEST) ? " " : null));
$allow_gid = (x($_REQUEST, 'allow_gid') ? $_REQUEST['allow_gid'] : (array_key_exists('allow_gid', $_REQUEST) ? " " : null)); $allow_gid = defaults($_REQUEST, 'allow_gid', (array_key_exists('allow_gid', $_REQUEST) ? " " : null));
$deny_gid = (x($_REQUEST, 'deny_gid') ? $_REQUEST['deny_gid'] : (array_key_exists('deny_gid', $_REQUEST) ? " " : null)); $deny_gid = defaults($_REQUEST, 'deny_gid' , (array_key_exists('deny_gid' , $_REQUEST) ? " " : null));
$visibility = (x($_REQUEST, 'visibility') ? (($_REQUEST['visibility'] == "true" || $_REQUEST['visibility'] == 1) ? true : false) : false); $visibility = !empty($_REQUEST['visibility']) && $_REQUEST['visibility'] !== "false";
// do several checks on input parameters // do several checks on input parameters
// we do not allow calls without album string // we do not allow calls without album string
@ -4097,7 +4090,7 @@ function api_fr_photo_create_update($type)
$mode = "create"; $mode = "create";
// error if no media posted in create-mode // error if no media posted in create-mode
if (!x($_FILES, 'media')) { if (empty($_FILES['media'])) {
// Output error // Output error
throw new BadRequestException("no media data submitted"); throw new BadRequestException("no media data submitted");
} }
@ -4188,7 +4181,7 @@ function api_fr_photo_create_update($type)
$nothingtodo = true; $nothingtodo = true;
} }
if (x($_FILES, 'media')) { if (!empty($_FILES['media'])) {
$nothingtodo = false; $nothingtodo = false;
$media = $_FILES['media']; $media = $_FILES['media'];
$data = save_media_to_database("photo", $media, $type, $album, $allow_cid, $deny_cid, $allow_gid, $deny_gid, $desc, 0, $visibility, $photo_id); $data = save_media_to_database("photo", $media, $type, $album, $allow_cid, $deny_cid, $allow_gid, $deny_gid, $desc, 0, $visibility, $photo_id);
@ -4224,7 +4217,7 @@ function api_fr_photo_delete($type)
throw new ForbiddenException(); throw new ForbiddenException();
} }
// input params // input params
$photo_id = (x($_REQUEST, 'photo_id') ? $_REQUEST['photo_id'] : null); $photo_id = defaults($_REQUEST, 'photo_id', null);
// do several checks on input parameters // do several checks on input parameters
// we do not allow calls without photo id // we do not allow calls without photo id
@ -4275,11 +4268,11 @@ function api_fr_photo_detail($type)
if (api_user() === false) { if (api_user() === false) {
throw new ForbiddenException(); throw new ForbiddenException();
} }
if (!x($_REQUEST, 'photo_id')) { if (empty($_REQUEST['photo_id'])) {
throw new BadRequestException("No photo id."); throw new BadRequestException("No photo id.");
} }
$scale = (x($_REQUEST, 'scale') ? intval($_REQUEST['scale']) : false); $scale = (!empty($_REQUEST['scale']) ? intval($_REQUEST['scale']) : false);
$photo_id = $_REQUEST['photo_id']; $photo_id = $_REQUEST['photo_id'];
// prepare json/xml output with data from database for the requested photo // prepare json/xml output with data from database for the requested photo
@ -4308,7 +4301,7 @@ function api_account_update_profile_image($type)
$profile_id = defaults($_REQUEST, 'profile_id', 0); $profile_id = defaults($_REQUEST, 'profile_id', 0);
// error if image data is missing // error if image data is missing
if (!x($_FILES, 'image')) { if (empty($_FILES['image'])) {
throw new BadRequestException("no media data submitted"); throw new BadRequestException("no media data submitted");
} }
@ -4326,9 +4319,9 @@ function api_account_update_profile_image($type)
// get mediadata from image or media (Twitter call api/account/update_profile_image provides image) // get mediadata from image or media (Twitter call api/account/update_profile_image provides image)
$media = null; $media = null;
if (x($_FILES, 'image')) { if (!empty($_FILES['image'])) {
$media = $_FILES['image']; $media = $_FILES['image'];
} elseif (x($_FILES, 'media')) { } elseif (!empty($_FILES['media'])) {
$media = $_FILES['media']; $media = $_FILES['media'];
} }
// save new profile image // save new profile image
@ -4788,8 +4781,8 @@ function prepare_photo_data($type, $scale, $photo_id)
*/ */
function api_friendica_remoteauth() function api_friendica_remoteauth()
{ {
$url = (x($_GET, 'url') ? $_GET['url'] : ''); $url = defaults($_GET, 'url', '');
$c_url = (x($_GET, 'c_url') ? $_GET['c_url'] : ''); $c_url = defaults($_GET, 'c_url', '');
if ($url === '' || $c_url === '') { if ($url === '' || $c_url === '') {
throw new BadRequestException("Wrong parameters."); throw new BadRequestException("Wrong parameters.");
@ -4935,6 +4928,7 @@ function api_share_as_retweet(&$item)
} }
$reshared_item["body"] = $shared_body; $reshared_item["body"] = $shared_body;
$reshared_item["author-id"] = Contact::getIdForURL($profile, 0, true);
$reshared_item["author-name"] = $author; $reshared_item["author-name"] = $author;
$reshared_item["author-link"] = $profile; $reshared_item["author-link"] = $profile;
$reshared_item["author-avatar"] = $avatar; $reshared_item["author-avatar"] = $avatar;
@ -5092,7 +5086,7 @@ function api_in_reply_to($item)
*/ */
function api_clean_plain_items($text) function api_clean_plain_items($text)
{ {
$include_entities = strtolower(x($_REQUEST, 'include_entities') ? $_REQUEST['include_entities'] : "false"); $include_entities = strtolower(defaults($_REQUEST, 'include_entities', "false"));
$text = BBCode::cleanPictureLinks($text); $text = BBCode::cleanPictureLinks($text);
$URLSearchString = "^\[\]"; $URLSearchString = "^\[\]";
@ -5224,7 +5218,7 @@ function api_friendica_group_show($type)
// params // params
$user_info = api_get_user($a); $user_info = api_get_user($a);
$gid = (x($_REQUEST, 'gid') ? $_REQUEST['gid'] : 0); $gid = defaults($_REQUEST, 'gid', 0);
$uid = $user_info['uid']; $uid = $user_info['uid'];
// get data of the specified group id or all groups if not specified // get data of the specified group id or all groups if not specified
@ -5289,8 +5283,8 @@ function api_friendica_group_delete($type)
// params // params
$user_info = api_get_user($a); $user_info = api_get_user($a);
$gid = (x($_REQUEST, 'gid') ? $_REQUEST['gid'] : 0); $gid = defaults($_REQUEST, 'gid', 0);
$name = (x($_REQUEST, 'name') ? $_REQUEST['name'] : ""); $name = defaults($_REQUEST, 'name', "");
$uid = $user_info['uid']; $uid = $user_info['uid'];
// error if no gid specified // error if no gid specified
@ -5351,7 +5345,7 @@ function api_lists_destroy($type)
// params // params
$user_info = api_get_user($a); $user_info = api_get_user($a);
$gid = (x($_REQUEST, 'list_id') ? $_REQUEST['list_id'] : 0); $gid = defaults($_REQUEST, 'list_id', 0);
$uid = $user_info['uid']; $uid = $user_info['uid'];
// error if no gid specified // error if no gid specified
@ -5467,7 +5461,7 @@ function api_friendica_group_create($type)
// params // params
$user_info = api_get_user($a); $user_info = api_get_user($a);
$name = (x($_REQUEST, 'name') ? $_REQUEST['name'] : ""); $name = defaults($_REQUEST, 'name', "");
$uid = $user_info['uid']; $uid = $user_info['uid'];
$json = json_decode($_POST['json'], true); $json = json_decode($_POST['json'], true);
$users = $json['user']; $users = $json['user'];
@ -5496,7 +5490,7 @@ function api_lists_create($type)
// params // params
$user_info = api_get_user($a); $user_info = api_get_user($a);
$name = (x($_REQUEST, 'name') ? $_REQUEST['name'] : ""); $name = defaults($_REQUEST, 'name', "");
$uid = $user_info['uid']; $uid = $user_info['uid'];
$success = group_create($name, $uid); $success = group_create($name, $uid);
@ -5531,8 +5525,8 @@ function api_friendica_group_update($type)
// params // params
$user_info = api_get_user($a); $user_info = api_get_user($a);
$uid = $user_info['uid']; $uid = $user_info['uid'];
$gid = (x($_REQUEST, 'gid') ? $_REQUEST['gid'] : 0); $gid = defaults($_REQUEST, 'gid', 0);
$name = (x($_REQUEST, 'name') ? $_REQUEST['name'] : ""); $name = defaults($_REQUEST, 'name', "");
$json = json_decode($_POST['json'], true); $json = json_decode($_POST['json'], true);
$users = $json['user']; $users = $json['user'];
@ -5604,8 +5598,8 @@ function api_lists_update($type)
// params // params
$user_info = api_get_user($a); $user_info = api_get_user($a);
$gid = (x($_REQUEST, 'list_id') ? $_REQUEST['list_id'] : 0); $gid = defaults($_REQUEST, 'list_id', 0);
$name = (x($_REQUEST, 'name') ? $_REQUEST['name'] : ""); $name = defaults($_REQUEST, 'name', "");
$uid = $user_info['uid']; $uid = $user_info['uid'];
// error if no gid specified // error if no gid specified
@ -5650,7 +5644,7 @@ function api_friendica_activity($type)
$verb = strtolower($a->argv[3]); $verb = strtolower($a->argv[3]);
$verb = preg_replace("|\..*$|", "", $verb); $verb = preg_replace("|\..*$|", "", $verb);
$id = (x($_REQUEST, 'id') ? $_REQUEST['id'] : 0); $id = defaults($_REQUEST, 'id', 0);
$res = Item::performLike($id, $verb); $res = Item::performLike($id, $verb);
@ -5732,7 +5726,7 @@ function api_friendica_notification_seen($type)
throw new BadRequestException("Invalid argument count"); throw new BadRequestException("Invalid argument count");
} }
$id = (x($_REQUEST, 'id') ? intval($_REQUEST['id']) : 0); $id = (!empty($_REQUEST['id']) ? intval($_REQUEST['id']) : 0);
$nm = new NotificationsManager(); $nm = new NotificationsManager();
$note = $nm->getByID($id); $note = $nm->getByID($id);
@ -5775,7 +5769,7 @@ function api_friendica_direct_messages_setseen($type)
// params // params
$user_info = api_get_user($a); $user_info = api_get_user($a);
$uid = $user_info['uid']; $uid = $user_info['uid'];
$id = (x($_REQUEST, 'id') ? $_REQUEST['id'] : 0); $id = defaults($_REQUEST, 'id', 0);
// return error if id is zero // return error if id is zero
if ($id == "") { if ($id == "") {
@ -5824,7 +5818,7 @@ function api_friendica_direct_messages_search($type, $box = "")
// params // params
$user_info = api_get_user($a); $user_info = api_get_user($a);
$searchstring = (x($_REQUEST, 'searchstring') ? $_REQUEST['searchstring'] : ""); $searchstring = defaults($_REQUEST, 'searchstring', "");
$uid = $user_info['uid']; $uid = $user_info['uid'];
// error if no searchstring specified // error if no searchstring specified
@ -5886,7 +5880,7 @@ function api_friendica_profile_show($type)
} }
// input params // input params
$profile_id = (x($_REQUEST, 'profile_id') ? $_REQUEST['profile_id'] : 0); $profile_id = defaults($_REQUEST, 'profile_id', 0);
// retrieve general information about profiles for user // retrieve general information about profiles for user
$multi_profiles = Feature::isEnabled(api_user(), 'multi_profiles'); $multi_profiles = Feature::isEnabled(api_user(), 'multi_profiles');

View file

@ -389,7 +389,7 @@ function visible_activity($item) {
* likes (etc.) can apply to other things besides posts. Check if they are post children, * likes (etc.) can apply to other things besides posts. Check if they are post children,
* in which case we handle them specially * in which case we handle them specially
*/ */
$hidden_activities = [ACTIVITY_LIKE, ACTIVITY_DISLIKE, ACTIVITY_ATTEND, ACTIVITY_ATTENDNO, ACTIVITY_ATTENDMAYBE]; $hidden_activities = [ACTIVITY_LIKE, ACTIVITY_DISLIKE, ACTIVITY_ATTEND, ACTIVITY_ATTENDNO, ACTIVITY_ATTENDMAYBE, ACTIVITY_FOLLOW];
foreach ($hidden_activities as $act) { foreach ($hidden_activities as $act) {
if (activity_match($item['verb'], $act)) { if (activity_match($item['verb'], $act)) {
return false; return false;
@ -462,17 +462,17 @@ function conversation(App $a, array $items, Pager $pager, $mode, $update, $previ
. "<script> var profile_uid = " . $_SESSION['uid'] . "<script> var profile_uid = " . $_SESSION['uid']
. "; var netargs = '" . substr($a->cmd, 8) . "; var netargs = '" . substr($a->cmd, 8)
. '?f=' . '?f='
. ((x($_GET, 'cid')) ? '&cid=' . rawurlencode($_GET['cid']) : '') . (!empty($_GET['cid']) ? '&cid=' . rawurlencode($_GET['cid']) : '')
. ((x($_GET, 'search')) ? '&search=' . rawurlencode($_GET['search']) : '') . (!empty($_GET['search']) ? '&search=' . rawurlencode($_GET['search']) : '')
. ((x($_GET, 'star')) ? '&star=' . rawurlencode($_GET['star']) : '') . (!empty($_GET['star']) ? '&star=' . rawurlencode($_GET['star']) : '')
. ((x($_GET, 'order')) ? '&order=' . rawurlencode($_GET['order']) : '') . (!empty($_GET['order']) ? '&order=' . rawurlencode($_GET['order']) : '')
. ((x($_GET, 'bmark')) ? '&bmark=' . rawurlencode($_GET['bmark']) : '') . (!empty($_GET['bmark']) ? '&bmark=' . rawurlencode($_GET['bmark']) : '')
. ((x($_GET, 'liked')) ? '&liked=' . rawurlencode($_GET['liked']) : '') . (!empty($_GET['liked']) ? '&liked=' . rawurlencode($_GET['liked']) : '')
. ((x($_GET, 'conv')) ? '&conv=' . rawurlencode($_GET['conv']) : '') . (!empty($_GET['conv']) ? '&conv=' . rawurlencode($_GET['conv']) : '')
. ((x($_GET, 'nets')) ? '&nets=' . rawurlencode($_GET['nets']) : '') . (!empty($_GET['nets']) ? '&nets=' . rawurlencode($_GET['nets']) : '')
. ((x($_GET, 'cmin')) ? '&cmin=' . rawurlencode($_GET['cmin']) : '') . (!empty($_GET['cmin']) ? '&cmin=' . rawurlencode($_GET['cmin']) : '')
. ((x($_GET, 'cmax')) ? '&cmax=' . rawurlencode($_GET['cmax']) : '') . (!empty($_GET['cmax']) ? '&cmax=' . rawurlencode($_GET['cmax']) : '')
. ((x($_GET, 'file')) ? '&file=' . rawurlencode($_GET['file']) : '') . (!empty($_GET['file']) ? '&file=' . rawurlencode($_GET['file']) : '')
. "'; var profile_page = " . $pager->getPage() . "; </script>\r\n"; . "'; var profile_page = " . $pager->getPage() . "; </script>\r\n";
} }
@ -482,7 +482,7 @@ function conversation(App $a, array $items, Pager $pager, $mode, $update, $previ
if (!$update) { if (!$update) {
$tab = 'posts'; $tab = 'posts';
if (x($_GET, 'tab')) { if (!empty($_GET['tab'])) {
$tab = Strings::escapeTags(trim($_GET['tab'])); $tab = Strings::escapeTags(trim($_GET['tab']));
} }
if ($tab === 'posts') { if ($tab === 'posts') {
@ -497,7 +497,7 @@ function conversation(App $a, array $items, Pager $pager, $mode, $update, $previ
} }
} }
} elseif ($mode === 'notes') { } elseif ($mode === 'notes') {
$items = conversation_add_children($items, false, $order, $uid); $items = conversation_add_children($items, false, $order, local_user());
$profile_owner = local_user(); $profile_owner = local_user();
if (!$update) { if (!$update) {
@ -798,7 +798,7 @@ function conversation_add_children(array $parents, $block_authors, $order, $uid)
foreach ($parents AS $parent) { foreach ($parents AS $parent) {
$condition = ["`item`.`parent-uri` = ? AND `item`.`uid` IN (0, ?) ", $condition = ["`item`.`parent-uri` = ? AND `item`.`uid` IN (0, ?) ",
$parent['uri'], local_user()]; $parent['uri'], $uid];
if ($block_authors) { if ($block_authors) {
$condition[0] .= "AND NOT `author`.`hidden`"; $condition[0] .= "AND NOT `author`.`hidden`";
} }
@ -951,7 +951,7 @@ function builtin_activity_puller($item, &$conv_responses) {
$url = '<a href="'. $url . '"'. $sparkle .'>' . htmlentities($item['author-name']) . '</a>'; $url = '<a href="'. $url . '"'. $sparkle .'>' . htmlentities($item['author-name']) . '</a>';
if (!x($item, 'thr-parent')) { if (empty($item['thr-parent'])) {
$item['thr-parent'] = $item['parent-uri']; $item['thr-parent'] = $item['parent-uri'];
} }
@ -994,6 +994,7 @@ function builtin_activity_puller($item, &$conv_responses) {
function format_like($cnt, array $arr, $type, $id) { function format_like($cnt, array $arr, $type, $id) {
$o = ''; $o = '';
$expanded = ''; $expanded = '';
$phrase = '';
if ($cnt == 1) { if ($cnt == 1) {
$likers = $arr[0]; $likers = $arr[0];
@ -1064,7 +1065,7 @@ function format_like($cnt, array $arr, $type, $id) {
$expanded .= "\t" . '<div class="wall-item-' . $type . '-expanded" id="' . $type . 'list-' . $id . '" style="display: none;" >' . $explikers . EOL . '</div>'; $expanded .= "\t" . '<div class="wall-item-' . $type . '-expanded" id="' . $type . 'list-' . $id . '" style="display: none;" >' . $explikers . EOL . '</div>';
} }
$phrase .= EOL ; $phrase .= EOL;
$o .= Renderer::replaceMacros(Renderer::getMarkupTemplate('voting_fakelink.tpl'), [ $o .= Renderer::replaceMacros(Renderer::getMarkupTemplate('voting_fakelink.tpl'), [
'$phrase' => $phrase, '$phrase' => $phrase,
'$type' => $type, '$type' => $type,
@ -1079,7 +1080,7 @@ function status_editor(App $a, $x, $notes_cid = 0, $popup = false)
{ {
$o = ''; $o = '';
$geotag = x($x, 'allow_location') ? Renderer::replaceMacros(Renderer::getMarkupTemplate('jot_geotag.tpl'), []) : ''; $geotag = !empty($x['allow_location']) ? Renderer::replaceMacros(Renderer::getMarkupTemplate('jot_geotag.tpl'), []) : '';
$tpl = Renderer::getMarkupTemplate('jot-header.tpl'); $tpl = Renderer::getMarkupTemplate('jot-header.tpl');
$a->page['htmlhead'] .= Renderer::replaceMacros($tpl, [ $a->page['htmlhead'] .= Renderer::replaceMacros($tpl, [
@ -1100,7 +1101,7 @@ function status_editor(App $a, $x, $notes_cid = 0, $popup = false)
// Private/public post links for the non-JS ACL form // Private/public post links for the non-JS ACL form
$private_post = 1; $private_post = 1;
if (x($_REQUEST, 'public')) { if (!empty($_REQUEST['public'])) {
$private_post = 0; $private_post = 0;
} }
@ -1432,11 +1433,11 @@ function sort_thr_commented(array $a, array $b)
} }
function render_location_dummy(array $item) { function render_location_dummy(array $item) {
if (x($item, 'location') && !empty($item['location'])) { if (!empty($item['location']) && !empty($item['location'])) {
return $item['location']; return $item['location'];
} }
if (x($item, 'coord') && !empty($item['coord'])) { if (!empty($item['coord']) && !empty($item['coord'])) {
return $item['coord']; return $item['coord'];
} }
} }

View file

@ -58,7 +58,7 @@ function admin_post(App $a)
// do not allow a page manager to access the admin panel at all. // do not allow a page manager to access the admin panel at all.
if (x($_SESSION, 'submanage') && intval($_SESSION['submanage'])) { if (!empty($_SESSION['submanage'])) {
return; return;
} }
@ -167,14 +167,14 @@ function admin_content(App $a)
return Login::form(); return Login::form();
} }
if (x($_SESSION, 'submanage') && intval($_SESSION['submanage'])) { if (!empty($_SESSION['submanage'])) {
return ""; return "";
} }
// APC deactivated, since there are problems with PHP 5.5 // APC deactivated, since there are problems with PHP 5.5
//if (function_exists("apc_delete")) { //if (function_exists("apc_delete")) {
// $toDelete = new APCIterator('user', APC_ITER_VALUE); // $toDelete = new APCIterator('user', APC_ITER_VALUE);
// apc_delete($toDelete); // apc_delete($toDelete);
//} //}
// Header stuff // Header stuff
$a->page['htmlhead'] .= Renderer::replaceMacros(Renderer::getMarkupTemplate('admin/settings_head.tpl'), []); $a->page['htmlhead'] .= Renderer::replaceMacros(Renderer::getMarkupTemplate('admin/settings_head.tpl'), []);
@ -321,7 +321,7 @@ function admin_page_tos(App $a)
'$title' => L10n::t('Administration'), '$title' => L10n::t('Administration'),
'$page' => L10n::t('Terms of Service'), '$page' => L10n::t('Terms of Service'),
'$displaytos' => ['displaytos', L10n::t('Display Terms of Service'), Config::get('system', 'tosdisplay'), L10n::t('Enable the Terms of Service page. If this is enabled a link to the terms will be added to the registration form and the general information page.')], '$displaytos' => ['displaytos', L10n::t('Display Terms of Service'), Config::get('system', 'tosdisplay'), L10n::t('Enable the Terms of Service page. If this is enabled a link to the terms will be added to the registration form and the general information page.')],
'$displayprivstatement' => ['displayprivstatement', L10n::t('Display Privacy Statement'), Config::get('system','tosprivstatement'), L10n::t('Show some informations regarding the needed information to operate the node according e.g. to <a href="%s" target="_blank">EU-GDPR</a>.','https://en.wikipedia.org/wiki/General_Data_Protection_Regulation')], '$displayprivstatement' => ['displayprivstatement', L10n::t('Display Privacy Statement'), Config::get('system', 'tosprivstatement'), L10n::t('Show some informations regarding the needed information to operate the node according e.g. to <a href="%s" target="_blank">EU-GDPR</a>.', 'https://en.wikipedia.org/wiki/General_Data_Protection_Regulation')],
'$preview' => L10n::t('Privacy Statement Preview'), '$preview' => L10n::t('Privacy Statement Preview'),
'$privtext' => $tos->privacy_complete, '$privtext' => $tos->privacy_complete,
'$tostext' => ['tostext', L10n::t('The Terms of Service'), Config::get('system', 'tostext'), L10n::t('Enter the Terms of Service for your node here. You can use BBCode. Headers of sections should be [h2] and below.')], '$tostext' => ['tostext', L10n::t('The Terms of Service'), Config::get('system', 'tostext'), L10n::t('Enter the Terms of Service for your node here. You can use BBCode. Headers of sections should be [h2] and below.')],
@ -329,6 +329,7 @@ function admin_page_tos(App $a)
'$submit' => L10n::t('Save Settings'), '$submit' => L10n::t('Save Settings'),
]); ]);
} }
/** /**
* @brief Process send data from Admin TOS Page * @brief Process send data from Admin TOS Page
* *
@ -338,13 +339,13 @@ function admin_page_tos_post(App $a)
{ {
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/tos', 'admin_tos'); BaseModule::checkFormSecurityTokenRedirectOnError('/admin/tos', 'admin_tos');
if (!x($_POST, "page_tos")) { if (empty($_POST['page_tos'])) {
return; return;
} }
$displaytos = ((x($_POST, 'displaytos')) ? True : False); $displaytos = !empty($_POST['displaytos']);
$displayprivstatement = ((x($_POST, 'displayprivstatement')) ? True : False); $displayprivstatement = !empty($_POST['displayprivstatement']);
$tostext = ((x($_POST, 'tostext')) ? strip_tags(trim($_POST['tostext'])) : ''); $tostext = (!empty($_POST['tostext']) ? strip_tags(trim($_POST['tostext'])) : '');
Config::set('system', 'tosdisplay', $displaytos); Config::set('system', 'tosdisplay', $displaytos);
Config::set('system', 'tosprivstatement', $displayprivstatement); Config::set('system', 'tosprivstatement', $displayprivstatement);
@ -354,6 +355,7 @@ function admin_page_tos_post(App $a)
return; // NOTREACHED return; // NOTREACHED
} }
/** /**
* @brief Subpage to modify the server wide block list via the admin panel. * @brief Subpage to modify the server wide block list via the admin panel.
* *
@ -407,13 +409,13 @@ function admin_page_blocklist(App $a)
*/ */
function admin_page_blocklist_post(App $a) function admin_page_blocklist_post(App $a)
{ {
if (!x($_POST, "page_blocklist_save") && (!x($_POST['page_blocklist_edit']))) { if (empty($_POST['page_blocklist_save']) && empty($_POST['page_blocklist_edit'])) {
return; return;
} }
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/blocklist', 'admin_blocklist'); BaseModule::checkFormSecurityTokenRedirectOnError('/admin/blocklist', 'admin_blocklist');
if (x($_POST['page_blocklist_save'])) { if (!empty($_POST['page_blocklist_save'])) {
// Add new item to blocklist // Add new item to blocklist
$blocklist = Config::get('system', 'blocklist'); $blocklist = Config::get('system', 'blocklist');
$blocklist[] = [ $blocklist[] = [
@ -429,7 +431,7 @@ function admin_page_blocklist_post(App $a)
// Trimming whitespaces as well as any lingering slashes // Trimming whitespaces as well as any lingering slashes
$domain = Strings::escapeTags(trim($domain, "\x00..\x1F/")); $domain = Strings::escapeTags(trim($domain, "\x00..\x1F/"));
$reason = Strings::escapeTags(trim($_POST['reason'][$id])); $reason = Strings::escapeTags(trim($_POST['reason'][$id]));
if (!x($_POST['delete'][$id])) { if (empty($_POST['delete'][$id])) {
$blocklist[] = [ $blocklist[] = [
'domain' => $domain, 'domain' => $domain,
'reason' => $reason 'reason' => $reason
@ -451,12 +453,12 @@ function admin_page_blocklist_post(App $a)
*/ */
function admin_page_contactblock_post(App $a) function admin_page_contactblock_post(App $a)
{ {
$contact_url = x($_POST, 'contact_url') ? $_POST['contact_url'] : ''; $contact_url = defaults($_POST, 'contact_url', '');
$contacts = x($_POST, 'contacts') ? $_POST['contacts'] : []; $contacts = defaults($_POST, 'contacts', []);
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/contactblock', 'admin_contactblock'); BaseModule::checkFormSecurityTokenRedirectOnError('/admin/contactblock', 'admin_contactblock');
if (x($_POST, 'page_contactblock_block')) { if (!empty($_POST['page_contactblock_block'])) {
$contact_id = Contact::getIdForURL($contact_url); $contact_id = Contact::getIdForURL($contact_url);
if ($contact_id) { if ($contact_id) {
Contact::block($contact_id); Contact::block($contact_id);
@ -465,7 +467,7 @@ function admin_page_contactblock_post(App $a)
notice(L10n::t("Could not find any contact entry for this URL \x28%s\x29", $contact_url)); notice(L10n::t("Could not find any contact entry for this URL \x28%s\x29", $contact_url));
} }
} }
if (x($_POST, 'page_contactblock_unblock')) { if (!empty($_POST['page_contactblock_unblock'])) {
foreach ($contacts as $uid) { foreach ($contacts as $uid) {
Contact::unblock($uid); Contact::unblock($uid);
} }
@ -559,13 +561,13 @@ function admin_page_deleteitem(App $a)
*/ */
function admin_page_deleteitem_post(App $a) function admin_page_deleteitem_post(App $a)
{ {
if (!x($_POST['page_deleteitem_submit'])) { if (empty($_POST['page_deleteitem_submit'])) {
return; return;
} }
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/deleteitem/', 'admin_deleteitem'); BaseModule::checkFormSecurityTokenRedirectOnError('/admin/deleteitem/', 'admin_deleteitem');
if (x($_POST['page_deleteitem_submit'])) { if (!empty($_POST['page_deleteitem_submit'])) {
$guid = trim(Strings::escapeTags($_POST['deleteitemguid'])); $guid = trim(Strings::escapeTags($_POST['deleteitemguid']));
// The GUID should not include a "/", so if there is one, we got an URL // The GUID should not include a "/", so if there is one, we got an URL
// and the last part of it is most likely the GUID. // and the last part of it is most likely the GUID.
@ -838,7 +840,7 @@ function admin_page_workerqueue(App $a, $deferred)
$info = L10n::t('This page lists the currently queued worker jobs. These jobs are handled by the worker cronjob you\'ve set up during install.'); $info = L10n::t('This page lists the currently queued worker jobs. These jobs are handled by the worker cronjob you\'ve set up during install.');
} }
$entries = DBA::select('workerqueue', ['id', 'parameter', 'created', 'priority'], $condition, ['order'=> ['priority']]); $entries = DBA::select('workerqueue', ['id', 'parameter', 'created', 'priority'], $condition, ['order' => ['priority']]);
$r = []; $r = [];
while ($entry = DBA::fetch($entries)) { while ($entry = DBA::fetch($entries)) {
@ -938,7 +940,7 @@ function admin_page_summary(App $a)
$users = 0; $users = 0;
foreach ($r as $u) { foreach ($r as $u) {
$accounts[$u['page-flags']][1] = $u['count']; $accounts[$u['page-flags']][1] = $u['count'];
$users+= $u['count']; $users += $u['count'];
} }
Logger::log('accounts: ' . print_r($accounts, true), Logger::DATA); Logger::log('accounts: ' . print_r($accounts, true), Logger::DATA);
@ -962,10 +964,10 @@ function admin_page_summary(App $a)
$max_allowed_packet = (($r) ? $r[0]['Value'] : 0); $max_allowed_packet = (($r) ? $r[0]['Value'] : 0);
$server_settings = ['label' => L10n::t('Server Settings'), $server_settings = ['label' => L10n::t('Server Settings'),
'php' => ['upload_max_filesize' => ini_get('upload_max_filesize'), 'php' => ['upload_max_filesize' => ini_get('upload_max_filesize'),
'post_max_size' => ini_get('post_max_size'), 'post_max_size' => ini_get('post_max_size'),
'memory_limit' => ini_get('memory_limit')], 'memory_limit' => ini_get('memory_limit')],
'mysql' => ['max_allowed_packet' => $max_allowed_packet]]; 'mysql' => ['max_allowed_packet' => $max_allowed_packet]];
$t = Renderer::getMarkupTemplate('admin/summary.tpl'); $t = Renderer::getMarkupTemplate('admin/summary.tpl');
return Renderer::replaceMacros($t, [ return Renderer::replaceMacros($t, [
@ -1001,17 +1003,17 @@ function admin_page_site_post(App $a)
return; return;
} }
if (!x($_POST, "page_site")) { if (empty($_POST['page_site'])) {
return; return;
} }
// relocate // relocate
if (x($_POST, 'relocate') && x($_POST, 'relocate_url') && $_POST['relocate_url'] != "") { if (!empty($_POST['relocate']) && !empty($_POST['relocate_url']) && $_POST['relocate_url'] != "") {
$new_url = $_POST['relocate_url']; $new_url = $_POST['relocate_url'];
$new_url = rtrim($new_url, "/"); $new_url = rtrim($new_url, "/");
$parsed = @parse_url($new_url); $parsed = @parse_url($new_url);
if (!is_array($parsed) || !x($parsed, 'host') || !x($parsed, 'scheme')) { if (!is_array($parsed) || empty($parsed['host']) || empty($parsed['scheme'])) {
notice(L10n::t("Can not parse base url. Must have at least <scheme>://<domain>")); notice(L10n::t("Can not parse base url. Must have at least <scheme>://<domain>"));
$a->internalRedirect('admin/site'); $a->internalRedirect('admin/site');
} }
@ -1046,6 +1048,7 @@ function admin_page_site_post(App $a)
$a->internalRedirect('admin/site'); $a->internalRedirect('admin/site');
} }
} }
// update tables // update tables
// update profile links in the format "http://server.tld" // update profile links in the format "http://server.tld"
update_table($a, "profile", ['photo', 'thumb'], $old_url, $new_url); update_table($a, "profile", ['photo', 'thumb'], $old_url, $new_url);
@ -1059,7 +1062,7 @@ function admin_page_site_post(App $a)
update_table($a, "gcontact", ['connect', 'addr'], $old_host, $new_host); update_table($a, "gcontact", ['connect', 'addr'], $old_host, $new_host);
// update config // update config
Config::set('system', 'hostname', parse_url($new_url, PHP_URL_HOST)); Config::set('system', 'hostname', parse_url($new_url, PHP_URL_HOST));
Config::set('system', 'url', $new_url); Config::set('system', 'url', $new_url);
$a->setBaseURL($new_url); $a->setBaseURL($new_url);
@ -1076,98 +1079,97 @@ function admin_page_site_post(App $a)
} }
// end relocate // end relocate
$sitename = ((x($_POST,'sitename')) ? Strings::escapeTags(trim($_POST['sitename'])) : ''); $sitename = (!empty($_POST['sitename']) ? Strings::escapeTags(trim($_POST['sitename'])) : '');
$hostname = ((x($_POST,'hostname')) ? Strings::escapeTags(trim($_POST['hostname'])) : ''); $hostname = (!empty($_POST['hostname']) ? Strings::escapeTags(trim($_POST['hostname'])) : '');
$sender_email = ((x($_POST,'sender_email')) ? Strings::escapeTags(trim($_POST['sender_email'])) : ''); $sender_email = (!empty($_POST['sender_email']) ? Strings::escapeTags(trim($_POST['sender_email'])) : '');
$banner = ((x($_POST,'banner')) ? trim($_POST['banner']) : false); $banner = (!empty($_POST['banner']) ? trim($_POST['banner']) : false);
$shortcut_icon = ((x($_POST,'shortcut_icon')) ? Strings::escapeTags(trim($_POST['shortcut_icon'])) : ''); $shortcut_icon = (!empty($_POST['shortcut_icon']) ? Strings::escapeTags(trim($_POST['shortcut_icon'])) : '');
$touch_icon = ((x($_POST,'touch_icon')) ? Strings::escapeTags(trim($_POST['touch_icon'])) : ''); $touch_icon = (!empty($_POST['touch_icon']) ? Strings::escapeTags(trim($_POST['touch_icon'])) : '');
$info = ((x($_POST,'info')) ? trim($_POST['info']) : false); $info = (!empty($_POST['info']) ? trim($_POST['info']) : false);
$language = ((x($_POST,'language')) ? Strings::escapeTags(trim($_POST['language'])) : ''); $language = (!empty($_POST['language']) ? Strings::escapeTags(trim($_POST['language'])) : '');
$theme = ((x($_POST,'theme')) ? Strings::escapeTags(trim($_POST['theme'])) : ''); $theme = (!empty($_POST['theme']) ? Strings::escapeTags(trim($_POST['theme'])) : '');
$theme_mobile = ((x($_POST,'theme_mobile')) ? Strings::escapeTags(trim($_POST['theme_mobile'])) : ''); $theme_mobile = (!empty($_POST['theme_mobile']) ? Strings::escapeTags(trim($_POST['theme_mobile'])) : '');
$maximagesize = ((x($_POST,'maximagesize')) ? intval(trim($_POST['maximagesize'])) : 0); $maximagesize = (!empty($_POST['maximagesize']) ? intval(trim($_POST['maximagesize'])) : 0);
$maximagelength = ((x($_POST,'maximagelength')) ? intval(trim($_POST['maximagelength'])) : MAX_IMAGE_LENGTH); $maximagelength = (!empty($_POST['maximagelength']) ? intval(trim($_POST['maximagelength'])) : MAX_IMAGE_LENGTH);
$jpegimagequality = ((x($_POST,'jpegimagequality')) ? intval(trim($_POST['jpegimagequality'])) : JPEG_QUALITY); $jpegimagequality = (!empty($_POST['jpegimagequality']) ? intval(trim($_POST['jpegimagequality'])) : JPEG_QUALITY);
$register_policy = (!empty($_POST['register_policy']) ? intval(trim($_POST['register_policy'])) : 0);
$daily_registrations = (!empty($_POST['max_daily_registrations']) ? intval(trim($_POST['max_daily_registrations'])) : 0);
$abandon_days = (!empty($_POST['abandon_days']) ? intval(trim($_POST['abandon_days'])) : 0);
$register_policy = ((x($_POST,'register_policy')) ? intval(trim($_POST['register_policy'])) : 0); $register_text = (!empty($_POST['register_text']) ? strip_tags(trim($_POST['register_text'])) : '');
$daily_registrations = ((x($_POST,'max_daily_registrations')) ? intval(trim($_POST['max_daily_registrations'])) :0);
$abandon_days = ((x($_POST,'abandon_days')) ? intval(trim($_POST['abandon_days'])) : 0);
$register_text = ((x($_POST,'register_text')) ? strip_tags(trim($_POST['register_text'])) : ''); $allowed_sites = (!empty($_POST['allowed_sites']) ? Strings::escapeTags(trim($_POST['allowed_sites'])) : '');
$allowed_email = (!empty($_POST['allowed_email']) ? Strings::escapeTags(trim($_POST['allowed_email'])) : '');
$forbidden_nicknames = (!empty($_POST['forbidden_nicknames']) ? strtolower(Strings::escapeTags(trim($_POST['forbidden_nicknames']))) : '');
$no_oembed_rich_content = !empty($_POST['no_oembed_rich_content']);
$allowed_oembed = (!empty($_POST['allowed_oembed']) ? Strings::escapeTags(trim($_POST['allowed_oembed'])) : '');
$block_public = !empty($_POST['block_public']);
$force_publish = !empty($_POST['publish_all']);
$global_directory = (!empty($_POST['directory']) ? Strings::escapeTags(trim($_POST['directory'])) : '');
$newuser_private = !empty($_POST['newuser_private']);
$enotify_no_content = !empty($_POST['enotify_no_content']);
$private_addons = !empty($_POST['private_addons']);
$disable_embedded = !empty($_POST['disable_embedded']);
$allow_users_remote_self = !empty($_POST['allow_users_remote_self']);
$explicit_content = !empty($_POST['explicit_content']);
$allowed_sites = ((x($_POST,'allowed_sites')) ? Strings::escapeTags(trim($_POST['allowed_sites'])) : ''); $no_multi_reg = !empty($_POST['no_multi_reg']);
$allowed_email = ((x($_POST,'allowed_email')) ? Strings::escapeTags(trim($_POST['allowed_email'])) : ''); $no_openid = !empty($_POST['no_openid']);
$forbidden_nicknames = ((x($_POST,'forbidden_nicknames')) ? strtolower(Strings::escapeTags(trim($_POST['forbidden_nicknames']))) : ''); $no_regfullname = !empty($_POST['no_regfullname']);
$no_oembed_rich_content = x($_POST,'no_oembed_rich_content'); $community_page_style = (!empty($_POST['community_page_style']) ? intval(trim($_POST['community_page_style'])) : 0);
$allowed_oembed = ((x($_POST,'allowed_oembed')) ? Strings::escapeTags(trim($_POST['allowed_oembed'])) : ''); $max_author_posts_community_page = (!empty($_POST['max_author_posts_community_page']) ? intval(trim($_POST['max_author_posts_community_page'])) : 0);
$block_public = ((x($_POST,'block_public')) ? True : False);
$force_publish = ((x($_POST,'publish_all')) ? True : False);
$global_directory = ((x($_POST,'directory')) ? Strings::escapeTags(trim($_POST['directory'])) : '');
$newuser_private = ((x($_POST,'newuser_private')) ? True : False);
$enotify_no_content = ((x($_POST,'enotify_no_content')) ? True : False);
$private_addons = ((x($_POST,'private_addons')) ? True : False);
$disable_embedded = ((x($_POST,'disable_embedded')) ? True : False);
$allow_users_remote_self = ((x($_POST,'allow_users_remote_self')) ? True : False);
$explicit_content = ((x($_POST,'explicit_content')) ? True : False);
$no_multi_reg = ((x($_POST,'no_multi_reg')) ? True : False); $verifyssl = !empty($_POST['verifyssl']);
$no_openid = !((x($_POST,'no_openid')) ? True : False); $proxyuser = (!empty($_POST['proxyuser']) ? Strings::escapeTags(trim($_POST['proxyuser'])) : '');
$no_regfullname = !((x($_POST,'no_regfullname')) ? True : False); $proxy = (!empty($_POST['proxy']) ? Strings::escapeTags(trim($_POST['proxy'])) : '');
$community_page_style = ((x($_POST,'community_page_style')) ? intval(trim($_POST['community_page_style'])) : 0); $timeout = (!empty($_POST['timeout']) ? intval(trim($_POST['timeout'])) : 60);
$max_author_posts_community_page = ((x($_POST,'max_author_posts_community_page')) ? intval(trim($_POST['max_author_posts_community_page'])) : 0); $maxloadavg = (!empty($_POST['maxloadavg']) ? intval(trim($_POST['maxloadavg'])) : 50);
$maxloadavg_frontend = (!empty($_POST['maxloadavg_frontend']) ? intval(trim($_POST['maxloadavg_frontend'])) : 50);
$min_memory = (!empty($_POST['min_memory']) ? intval(trim($_POST['min_memory'])) : 0);
$optimize_max_tablesize = (!empty($_POST['optimize_max_tablesize']) ? intval(trim($_POST['optimize_max_tablesize'])) : 100);
$optimize_fragmentation = (!empty($_POST['optimize_fragmentation']) ? intval(trim($_POST['optimize_fragmentation'])) : 30);
$poco_completion = (!empty($_POST['poco_completion']) ? intval(trim($_POST['poco_completion'])) : false);
$poco_requery_days = (!empty($_POST['poco_requery_days']) ? intval(trim($_POST['poco_requery_days'])) : 7);
$poco_discovery = (!empty($_POST['poco_discovery']) ? intval(trim($_POST['poco_discovery'])) : 0);
$poco_discovery_since = (!empty($_POST['poco_discovery_since']) ? intval(trim($_POST['poco_discovery_since'])) : 30);
$poco_local_search = !empty($_POST['poco_local_search']);
$nodeinfo = !empty($_POST['nodeinfo']);
$dfrn_only = !empty($_POST['dfrn_only']);
$ostatus_disabled = !empty($_POST['ostatus_disabled']);
$ostatus_full_threads = !empty($_POST['ostatus_full_threads']);
$diaspora_enabled = !empty($_POST['diaspora_enabled']);
$ssl_policy = (!empty($_POST['ssl_policy']) ? intval($_POST['ssl_policy']) : 0);
$force_ssl = !empty($_POST['force_ssl']);
$hide_help = !empty($_POST['hide_help']);
$dbclean = !empty($_POST['dbclean']);
$dbclean_expire_days = (!empty($_POST['dbclean_expire_days']) ? intval($_POST['dbclean_expire_days']) : 0);
$dbclean_unclaimed = (!empty($_POST['dbclean_unclaimed']) ? intval($_POST['dbclean_unclaimed']) : 0);
$dbclean_expire_conv = (!empty($_POST['dbclean_expire_conv']) ? intval($_POST['dbclean_expire_conv']) : 0);
$suppress_tags = !empty($_POST['suppress_tags']);
$itemcache = (!empty($_POST['itemcache']) ? Strings::escapeTags(trim($_POST['itemcache'])) : '');
$itemcache_duration = (!empty($_POST['itemcache_duration']) ? intval($_POST['itemcache_duration']) : 0);
$max_comments = (!empty($_POST['max_comments']) ? intval($_POST['max_comments']) : 0);
$temppath = (!empty($_POST['temppath']) ? Strings::escapeTags(trim($_POST['temppath'])) : '');
$basepath = (!empty($_POST['basepath']) ? Strings::escapeTags(trim($_POST['basepath'])) : '');
$singleuser = (!empty($_POST['singleuser']) ? Strings::escapeTags(trim($_POST['singleuser'])) : '');
$proxy_disabled = !empty($_POST['proxy_disabled']);
$only_tag_search = !empty($_POST['only_tag_search']);
$rino = (!empty($_POST['rino']) ? intval($_POST['rino']) : 0);
$check_new_version_url = (!empty($_POST['check_new_version_url']) ? Strings::escapeTags(trim($_POST['check_new_version_url'])) : 'none');
$verifyssl = ((x($_POST,'verifyssl')) ? True : False); $worker_queues = (!empty($_POST['worker_queues']) ? intval($_POST['worker_queues']) : 10);
$proxyuser = ((x($_POST,'proxyuser')) ? Strings::escapeTags(trim($_POST['proxyuser'])) : ''); $worker_dont_fork = !empty($_POST['worker_dont_fork']);
$proxy = ((x($_POST,'proxy')) ? Strings::escapeTags(trim($_POST['proxy'])) : ''); $worker_fastlane = !empty($_POST['worker_fastlane']);
$timeout = ((x($_POST,'timeout')) ? intval(trim($_POST['timeout'])) : 60); $worker_frontend = !empty($_POST['worker_frontend']);
$maxloadavg = ((x($_POST,'maxloadavg')) ? intval(trim($_POST['maxloadavg'])) : 50);
$maxloadavg_frontend = ((x($_POST,'maxloadavg_frontend')) ? intval(trim($_POST['maxloadavg_frontend'])) : 50);
$min_memory = ((x($_POST,'min_memory')) ? intval(trim($_POST['min_memory'])) : 0);
$optimize_max_tablesize = ((x($_POST,'optimize_max_tablesize')) ? intval(trim($_POST['optimize_max_tablesize'])): 100);
$optimize_fragmentation = ((x($_POST,'optimize_fragmentation')) ? intval(trim($_POST['optimize_fragmentation'])): 30);
$poco_completion = ((x($_POST,'poco_completion')) ? intval(trim($_POST['poco_completion'])) : false);
$poco_requery_days = ((x($_POST,'poco_requery_days')) ? intval(trim($_POST['poco_requery_days'])) : 7);
$poco_discovery = ((x($_POST,'poco_discovery')) ? intval(trim($_POST['poco_discovery'])) : 0);
$poco_discovery_since = ((x($_POST,'poco_discovery_since')) ? intval(trim($_POST['poco_discovery_since'])) : 30);
$poco_local_search = ((x($_POST,'poco_local_search')) ? intval(trim($_POST['poco_local_search'])) : false);
$nodeinfo = ((x($_POST,'nodeinfo')) ? intval(trim($_POST['nodeinfo'])) : false);
$dfrn_only = ((x($_POST,'dfrn_only')) ? True : False);
$ostatus_disabled = !((x($_POST,'ostatus_disabled')) ? True : False);
$ostatus_full_threads = ((x($_POST,'ostatus_full_threads')) ? True : False);
$diaspora_enabled = ((x($_POST,'diaspora_enabled')) ? True : False);
$ssl_policy = ((x($_POST,'ssl_policy')) ? intval($_POST['ssl_policy']) : 0);
$force_ssl = ((x($_POST,'force_ssl')) ? True : False);
$hide_help = ((x($_POST,'hide_help')) ? True : False);
$dbclean = ((x($_POST,'dbclean')) ? True : False);
$dbclean_expire_days = ((x($_POST,'dbclean_expire_days')) ? intval($_POST['dbclean_expire_days']) : 0);
$dbclean_unclaimed = ((x($_POST,'dbclean_unclaimed')) ? intval($_POST['dbclean_unclaimed']) : 0);
$dbclean_expire_conv = ((x($_POST,'dbclean_expire_conv')) ? intval($_POST['dbclean_expire_conv']) : 0);
$suppress_tags = ((x($_POST,'suppress_tags')) ? True : False);
$itemcache = ((x($_POST,'itemcache')) ? Strings::escapeTags(trim($_POST['itemcache'])) : '');
$itemcache_duration = ((x($_POST,'itemcache_duration')) ? intval($_POST['itemcache_duration']) : 0);
$max_comments = ((x($_POST,'max_comments')) ? intval($_POST['max_comments']) : 0);
$temppath = ((x($_POST,'temppath')) ? Strings::escapeTags(trim($_POST['temppath'])) : '');
$basepath = ((x($_POST,'basepath')) ? Strings::escapeTags(trim($_POST['basepath'])) : '');
$singleuser = ((x($_POST,'singleuser')) ? Strings::escapeTags(trim($_POST['singleuser'])) : '');
$proxy_disabled = ((x($_POST,'proxy_disabled')) ? True : False);
$only_tag_search = ((x($_POST,'only_tag_search')) ? True : False);
$rino = ((x($_POST,'rino')) ? intval($_POST['rino']) : 0);
$check_new_version_url = ((x($_POST, 'check_new_version_url')) ? Strings::escapeTags(trim($_POST['check_new_version_url'])) : 'none');
$worker_queues = ((x($_POST,'worker_queues')) ? intval($_POST['worker_queues']) : 10); $relay_directly = !empty($_POST['relay_directly']);
$worker_dont_fork = ((x($_POST,'worker_dont_fork')) ? True : False); $relay_server = (!empty($_POST['relay_server']) ? Strings::escapeTags(trim($_POST['relay_server'])) : '');
$worker_fastlane = ((x($_POST,'worker_fastlane')) ? True : False); $relay_subscribe = !empty($_POST['relay_subscribe']);
$worker_frontend = ((x($_POST,'worker_frontend')) ? True : False); $relay_scope = (!empty($_POST['relay_scope']) ? Strings::escapeTags(trim($_POST['relay_scope'])) : '');
$relay_server_tags = (!empty($_POST['relay_server_tags']) ? Strings::escapeTags(trim($_POST['relay_server_tags'])) : '');
$relay_directly = ((x($_POST,'relay_directly')) ? True : False); $relay_user_tags = !empty($_POST['relay_user_tags']);
$relay_server = ((x($_POST,'relay_server')) ? Strings::escapeTags(trim($_POST['relay_server'])) : ''); $active_panel = (!empty($_POST['active_panel']) ? "#" . Strings::escapeTags(trim($_POST['active_panel'])) : '');
$relay_subscribe = ((x($_POST,'relay_subscribe')) ? True : False);
$relay_scope = ((x($_POST,'relay_scope')) ? Strings::escapeTags(trim($_POST['relay_scope'])) : '');
$relay_server_tags = ((x($_POST,'relay_server_tags')) ? Strings::escapeTags(trim($_POST['relay_server_tags'])) : '');
$relay_user_tags = ((x($_POST,'relay_user_tags')) ? True : False);
$active_panel = (defaults($_POST, 'active_panel', '') ? "#" . Strings::escapeTags(trim($_POST['active_panel'])) : '');
// Has the directory url changed? If yes, then resubmit the existing profiles there // Has the directory url changed? If yes, then resubmit the existing profiles there
if ($global_directory != Config::get('system', 'directory') && ($global_directory != '')) { if ($global_directory != Config::get('system', 'directory') && ($global_directory != '')) {
@ -1217,24 +1219,24 @@ function admin_page_site_post(App $a)
); );
} }
} }
Config::set('system', 'ssl_policy', $ssl_policy); Config::set('system', 'ssl_policy' , $ssl_policy);
Config::set('system', 'maxloadavg', $maxloadavg); Config::set('system', 'maxloadavg' , $maxloadavg);
Config::set('system', 'maxloadavg_frontend', $maxloadavg_frontend); Config::set('system', 'maxloadavg_frontend' , $maxloadavg_frontend);
Config::set('system', 'min_memory', $min_memory); Config::set('system', 'min_memory' , $min_memory);
Config::set('system', 'optimize_max_tablesize', $optimize_max_tablesize); Config::set('system', 'optimize_max_tablesize', $optimize_max_tablesize);
Config::set('system', 'optimize_fragmentation', $optimize_fragmentation); Config::set('system', 'optimize_fragmentation', $optimize_fragmentation);
Config::set('system', 'poco_completion', $poco_completion); Config::set('system', 'poco_completion' , $poco_completion);
Config::set('system', 'poco_requery_days', $poco_requery_days); Config::set('system', 'poco_requery_days' , $poco_requery_days);
Config::set('system', 'poco_discovery', $poco_discovery); Config::set('system', 'poco_discovery' , $poco_discovery);
Config::set('system', 'poco_discovery_since', $poco_discovery_since); Config::set('system', 'poco_discovery_since' , $poco_discovery_since);
Config::set('system', 'poco_local_search', $poco_local_search); Config::set('system', 'poco_local_search' , $poco_local_search);
Config::set('system', 'nodeinfo', $nodeinfo); Config::set('system', 'nodeinfo' , $nodeinfo);
Config::set('config', 'sitename', $sitename); Config::set('config', 'sitename' , $sitename);
Config::set('config', 'hostname', $hostname); Config::set('config', 'hostname' , $hostname);
Config::set('config', 'sender_email', $sender_email); Config::set('config', 'sender_email' , $sender_email);
Config::set('system', 'suppress_tags', $suppress_tags); Config::set('system', 'suppress_tags' , $suppress_tags);
Config::set('system', 'shortcut_icon', $shortcut_icon); Config::set('system', 'shortcut_icon' , $shortcut_icon);
Config::set('system', 'touch_icon', $touch_icon); Config::set('system', 'touch_icon' , $touch_icon);
if ($banner == "") { if ($banner == "") {
Config::delete('system', 'banner'); Config::delete('system', 'banner');
@ -1261,49 +1263,49 @@ function admin_page_site_post(App $a)
} else { } else {
Config::set('system', 'singleuser', $singleuser); Config::set('system', 'singleuser', $singleuser);
} }
Config::set('system', 'maximagesize', $maximagesize); Config::set('system', 'maximagesize' , $maximagesize);
Config::set('system', 'max_image_length', $maximagelength); Config::set('system', 'max_image_length' , $maximagelength);
Config::set('system', 'jpeg_quality', $jpegimagequality); Config::set('system', 'jpeg_quality' , $jpegimagequality);
Config::set('config', 'register_policy', $register_policy); Config::set('config', 'register_policy' , $register_policy);
Config::set('system', 'max_daily_registrations', $daily_registrations); Config::set('system', 'max_daily_registrations', $daily_registrations);
Config::set('system', 'account_abandon_days', $abandon_days); Config::set('system', 'account_abandon_days' , $abandon_days);
Config::set('config', 'register_text', $register_text); Config::set('config', 'register_text' , $register_text);
Config::set('system', 'allowed_sites', $allowed_sites); Config::set('system', 'allowed_sites' , $allowed_sites);
Config::set('system', 'allowed_email', $allowed_email); Config::set('system', 'allowed_email' , $allowed_email);
Config::set('system', 'forbidden_nicknames', $forbidden_nicknames); Config::set('system', 'forbidden_nicknames' , $forbidden_nicknames);
Config::set('system', 'no_oembed_rich_content', $no_oembed_rich_content); Config::set('system', 'no_oembed_rich_content' , $no_oembed_rich_content);
Config::set('system', 'allowed_oembed', $allowed_oembed); Config::set('system', 'allowed_oembed' , $allowed_oembed);
Config::set('system', 'block_public', $block_public); Config::set('system', 'block_public' , $block_public);
Config::set('system', 'publish_all', $force_publish); Config::set('system', 'publish_all' , $force_publish);
Config::set('system', 'newuser_private', $newuser_private); Config::set('system', 'newuser_private' , $newuser_private);
Config::set('system', 'enotify_no_content', $enotify_no_content); Config::set('system', 'enotify_no_content' , $enotify_no_content);
Config::set('system', 'disable_embedded', $disable_embedded); Config::set('system', 'disable_embedded' , $disable_embedded);
Config::set('system', 'allow_users_remote_self', $allow_users_remote_self); Config::set('system', 'allow_users_remote_self', $allow_users_remote_self);
Config::set('system', 'explicit_content', $explicit_content); Config::set('system', 'explicit_content' , $explicit_content);
Config::set('system', 'check_new_version_url', $check_new_version_url); Config::set('system', 'check_new_version_url' , $check_new_version_url);
Config::set('system', 'block_extended_register', $no_multi_reg); Config::set('system', 'block_extended_register', $no_multi_reg);
Config::set('system', 'no_openid', $no_openid); Config::set('system', 'no_openid' , $no_openid);
Config::set('system', 'no_regfullname', $no_regfullname); Config::set('system', 'no_regfullname' , $no_regfullname);
Config::set('system', 'community_page_style', $community_page_style); Config::set('system', 'community_page_style' , $community_page_style);
Config::set('system', 'max_author_posts_community_page', $max_author_posts_community_page); Config::set('system', 'max_author_posts_community_page', $max_author_posts_community_page);
Config::set('system', 'verifyssl', $verifyssl); Config::set('system', 'verifyssl' , $verifyssl);
Config::set('system', 'proxyuser', $proxyuser); Config::set('system', 'proxyuser' , $proxyuser);
Config::set('system', 'proxy', $proxy); Config::set('system', 'proxy' , $proxy);
Config::set('system', 'curl_timeout', $timeout); Config::set('system', 'curl_timeout' , $timeout);
Config::set('system', 'dfrn_only', $dfrn_only); Config::set('system', 'dfrn_only' , $dfrn_only);
Config::set('system', 'ostatus_disabled', $ostatus_disabled); Config::set('system', 'ostatus_disabled' , $ostatus_disabled);
Config::set('system', 'ostatus_full_threads', $ostatus_full_threads); Config::set('system', 'ostatus_full_threads' , $ostatus_full_threads);
Config::set('system', 'diaspora_enabled', $diaspora_enabled); Config::set('system', 'diaspora_enabled' , $diaspora_enabled);
Config::set('config', 'private_addons', $private_addons); Config::set('config', 'private_addons' , $private_addons);
Config::set('system', 'force_ssl', $force_ssl); Config::set('system', 'force_ssl' , $force_ssl);
Config::set('system', 'hide_help', $hide_help); Config::set('system', 'hide_help' , $hide_help);
Config::set('system', 'dbclean', $dbclean); Config::set('system', 'dbclean' , $dbclean);
Config::set('system', 'dbclean-expire-days', $dbclean_expire_days); Config::set('system', 'dbclean-expire-days' , $dbclean_expire_days);
Config::set('system', 'dbclean_expire_conversation', $dbclean_expire_conv); Config::set('system', 'dbclean_expire_conversation', $dbclean_expire_conv);
if ($dbclean_unclaimed == 0) { if ($dbclean_unclaimed == 0) {
@ -1330,23 +1332,23 @@ function admin_page_site_post(App $a)
$basepath = App::getRealPath($basepath); $basepath = App::getRealPath($basepath);
} }
Config::set('system', 'basepath', $basepath); Config::set('system', 'basepath' , $basepath);
Config::set('system', 'proxy_disabled', $proxy_disabled); Config::set('system', 'proxy_disabled' , $proxy_disabled);
Config::set('system', 'only_tag_search', $only_tag_search); Config::set('system', 'only_tag_search' , $only_tag_search);
Config::set('system', 'worker_queues', $worker_queues); Config::set('system', 'worker_queues' , $worker_queues);
Config::set('system', 'worker_dont_fork', $worker_dont_fork); Config::set('system', 'worker_dont_fork' , $worker_dont_fork);
Config::set('system', 'worker_fastlane', $worker_fastlane); Config::set('system', 'worker_fastlane' , $worker_fastlane);
Config::set('system', 'frontend_worker', $worker_frontend); Config::set('system', 'frontend_worker' , $worker_frontend);
Config::set('system', 'relay_directly', $relay_directly); Config::set('system', 'relay_directly' , $relay_directly);
Config::set('system', 'relay_server', $relay_server); Config::set('system', 'relay_server' , $relay_server);
Config::set('system', 'relay_subscribe', $relay_subscribe); Config::set('system', 'relay_subscribe' , $relay_subscribe);
Config::set('system', 'relay_scope', $relay_scope); Config::set('system', 'relay_scope' , $relay_scope);
Config::set('system', 'relay_server_tags', $relay_server_tags); Config::set('system', 'relay_server_tags', $relay_server_tags);
Config::set('system', 'relay_user_tags', $relay_user_tags); Config::set('system', 'relay_user_tags' , $relay_user_tags);
Config::set('system', 'rino_encrypt', $rino); Config::set('system', 'rino_encrypt' , $rino);
info(L10n::t('Site settings updated.') . EOL); info(L10n::t('Site settings updated.') . EOL);
@ -1442,9 +1444,7 @@ function admin_page_site(App $a)
$banner = '<a href="https://friendi.ca"><img id="logo-img" src="images/friendica-32.png" alt="logo" /></a><span id="logo-text"><a href="https://friendi.ca">Friendica</a></span>'; $banner = '<a href="https://friendi.ca"><img id="logo-img" src="images/friendica-32.png" alt="logo" /></a><span id="logo-text"><a href="https://friendi.ca">Friendica</a></span>';
} }
$banner = htmlspecialchars($banner);
$info = Config::get('config', 'info'); $info = Config::get('config', 'info');
$info = htmlspecialchars($info);
// Automatically create temporary paths // Automatically create temporary paths
get_temppath(); get_temppath();
@ -1484,120 +1484,121 @@ function admin_page_site(App $a)
$t = Renderer::getMarkupTemplate('admin/site.tpl'); $t = Renderer::getMarkupTemplate('admin/site.tpl');
return Renderer::replaceMacros($t, [ return Renderer::replaceMacros($t, [
'$title' => L10n::t('Administration'), '$title' => L10n::t('Administration'),
'$page' => L10n::t('Site'), '$page' => L10n::t('Site'),
'$submit' => L10n::t('Save Settings'), '$submit' => L10n::t('Save Settings'),
'$republish' => L10n::t('Republish users to directory'), '$republish' => L10n::t('Republish users to directory'),
'$registration' => L10n::t('Registration'), '$registration' => L10n::t('Registration'),
'$upload' => L10n::t('File upload'), '$upload' => L10n::t('File upload'),
'$corporate' => L10n::t('Policies'), '$corporate' => L10n::t('Policies'),
'$advanced' => L10n::t('Advanced'), '$advanced' => L10n::t('Advanced'),
'$portable_contacts' => L10n::t('Auto Discovered Contact Directory'), '$portable_contacts' => L10n::t('Auto Discovered Contact Directory'),
'$performance' => L10n::t('Performance'), '$performance' => L10n::t('Performance'),
'$worker_title' => L10n::t('Worker'), '$worker_title' => L10n::t('Worker'),
'$relay_title' => L10n::t('Message Relay'), '$relay_title' => L10n::t('Message Relay'),
'$relocate' => L10n::t('Relocate Instance'), '$relocate' => L10n::t('Relocate Instance'),
'$relocate_warning' => L10n::t('Warning! Advanced function. Could make this server unreachable.'), '$relocate_warning' => L10n::t('Warning! Advanced function. Could make this server unreachable.'),
'$baseurl' => System::baseUrl(true), '$baseurl' => System::baseUrl(true),
// name, label, value, help string, extra data... // name, label, value, help string, extra data...
'$sitename' => ['sitename', L10n::t("Site name"), Config::get('config', 'sitename'),''], '$sitename' => ['sitename', L10n::t("Site name"), Config::get('config', 'sitename'), ''],
'$hostname' => ['hostname', L10n::t("Host name"), Config::get('config', 'hostname'), ""], '$hostname' => ['hostname', L10n::t("Host name"), Config::get('config', 'hostname'), ""],
'$sender_email' => ['sender_email', L10n::t("Sender Email"), Config::get('config', 'sender_email'), L10n::t("The email address your server shall use to send notification emails from."), "", "", "email"], '$sender_email' => ['sender_email', L10n::t("Sender Email"), Config::get('config', 'sender_email'), L10n::t("The email address your server shall use to send notification emails from."), "", "", "email"],
'$banner' => ['banner', L10n::t("Banner/Logo"), $banner, ""], '$banner' => ['banner', L10n::t("Banner/Logo"), $banner, ""],
'$shortcut_icon' => ['shortcut_icon', L10n::t("Shortcut icon"), Config::get('system','shortcut_icon'), L10n::t("Link to an icon that will be used for browsers.")], '$shortcut_icon' => ['shortcut_icon', L10n::t("Shortcut icon"), Config::get('system', 'shortcut_icon'), L10n::t("Link to an icon that will be used for browsers.")],
'$touch_icon' => ['touch_icon', L10n::t("Touch icon"), Config::get('system','touch_icon'), L10n::t("Link to an icon that will be used for tablets and mobiles.")], '$touch_icon' => ['touch_icon', L10n::t("Touch icon"), Config::get('system', 'touch_icon'), L10n::t("Link to an icon that will be used for tablets and mobiles.")],
'$info' => ['info', L10n::t('Additional Info'), $info, L10n::t('For public servers: you can add additional information here that will be listed at %s/servers.', get_server())], '$info' => ['info', L10n::t('Additional Info'), $info, L10n::t('For public servers: you can add additional information here that will be listed at %s/servers.', get_server())],
'$language' => ['language', L10n::t("System language"), Config::get('system','language'), "", $lang_choices], '$language' => ['language', L10n::t("System language"), Config::get('system', 'language'), "", $lang_choices],
'$theme' => ['theme', L10n::t("System theme"), Config::get('system','theme'), L10n::t("Default system theme - may be over-ridden by user profiles - <a href='#' id='cnftheme'>change theme settings</a>"), $theme_choices], '$theme' => ['theme', L10n::t("System theme"), Config::get('system', 'theme'), L10n::t("Default system theme - may be over-ridden by user profiles - <a href='#' id='cnftheme'>change theme settings</a>"), $theme_choices],
'$theme_mobile' => ['theme_mobile', L10n::t("Mobile system theme"), Config::get('system', 'mobile-theme', '---'), L10n::t("Theme for mobile devices"), $theme_choices_mobile], '$theme_mobile' => ['theme_mobile', L10n::t("Mobile system theme"), Config::get('system', 'mobile-theme', '---'), L10n::t("Theme for mobile devices"), $theme_choices_mobile],
'$ssl_policy' => ['ssl_policy', L10n::t("SSL link policy"), (string) intval(Config::get('system','ssl_policy')), L10n::t("Determines whether generated links should be forced to use SSL"), $ssl_choices], '$ssl_policy' => ['ssl_policy', L10n::t("SSL link policy"), (string)intval(Config::get('system', 'ssl_policy')), L10n::t("Determines whether generated links should be forced to use SSL"), $ssl_choices],
'$force_ssl' => ['force_ssl', L10n::t("Force SSL"), Config::get('system','force_ssl'), L10n::t("Force all Non-SSL requests to SSL - Attention: on some systems it could lead to endless loops.")], '$force_ssl' => ['force_ssl', L10n::t("Force SSL"), Config::get('system', 'force_ssl'), L10n::t("Force all Non-SSL requests to SSL - Attention: on some systems it could lead to endless loops.")],
'$hide_help' => ['hide_help', L10n::t("Hide help entry from navigation menu"), Config::get('system','hide_help'), L10n::t("Hides the menu entry for the Help pages from the navigation menu. You can still access it calling /help directly.")], '$hide_help' => ['hide_help', L10n::t("Hide help entry from navigation menu"), Config::get('system', 'hide_help'), L10n::t("Hides the menu entry for the Help pages from the navigation menu. You can still access it calling /help directly.")],
'$singleuser' => ['singleuser', L10n::t("Single user instance"), Config::get('system', 'singleuser', '---'), L10n::t("Make this instance multi-user or single-user for the named user"), $user_names], '$singleuser' => ['singleuser', L10n::t("Single user instance"), Config::get('system', 'singleuser', '---'), L10n::t("Make this instance multi-user or single-user for the named user"), $user_names],
'$maximagesize' => ['maximagesize', L10n::t("Maximum image size"), Config::get('system','maximagesize'), L10n::t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")], '$maximagesize' => ['maximagesize', L10n::t("Maximum image size"), Config::get('system', 'maximagesize'), L10n::t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")],
'$maximagelength' => ['maximagelength', L10n::t("Maximum image length"), Config::get('system','max_image_length'), L10n::t("Maximum length in pixels of the longest side of uploaded images. Default is -1, which means no limits.")], '$maximagelength' => ['maximagelength', L10n::t("Maximum image length"), Config::get('system', 'max_image_length'), L10n::t("Maximum length in pixels of the longest side of uploaded images. Default is -1, which means no limits.")],
'$jpegimagequality' => ['jpegimagequality', L10n::t("JPEG image quality"), Config::get('system','jpeg_quality'), L10n::t("Uploaded JPEGS will be saved at this quality setting [0-100]. Default is 100, which is full quality.")], '$jpegimagequality' => ['jpegimagequality', L10n::t("JPEG image quality"), Config::get('system', 'jpeg_quality'), L10n::t("Uploaded JPEGS will be saved at this quality setting [0-100]. Default is 100, which is full quality.")],
'$register_policy' => ['register_policy', L10n::t("Register policy"), Config::get('config', 'register_policy'), "", $register_choices], '$register_policy' => ['register_policy', L10n::t("Register policy"), Config::get('config', 'register_policy'), "", $register_choices],
'$daily_registrations' => ['max_daily_registrations', L10n::t("Maximum Daily Registrations"), Config::get('system', 'max_daily_registrations'), L10n::t("If registration is permitted above, this sets the maximum number of new user registrations to accept per day. If register is set to closed, this setting has no effect.")], '$daily_registrations' => ['max_daily_registrations', L10n::t("Maximum Daily Registrations"), Config::get('system', 'max_daily_registrations'), L10n::t("If registration is permitted above, this sets the maximum number of new user registrations to accept per day. If register is set to closed, this setting has no effect.")],
'$register_text' => ['register_text', L10n::t("Register text"), Config::get('config', 'register_text'), L10n::t("Will be displayed prominently on the registration page. You can use BBCode here.")], '$register_text' => ['register_text', L10n::t("Register text"), Config::get('config', 'register_text'), L10n::t("Will be displayed prominently on the registration page. You can use BBCode here.")],
'$forbidden_nicknames' => ['forbidden_nicknames', L10n::t('Forbidden Nicknames'), Config::get('system', 'forbidden_nicknames'), L10n::t('Comma separated list of nicknames that are forbidden from registration. Preset is a list of role names according RFC 2142.')], '$forbidden_nicknames' => ['forbidden_nicknames', L10n::t('Forbidden Nicknames'), Config::get('system', 'forbidden_nicknames'), L10n::t('Comma separated list of nicknames that are forbidden from registration. Preset is a list of role names according RFC 2142.')],
'$abandon_days' => ['abandon_days', L10n::t('Accounts abandoned after x days'), Config::get('system','account_abandon_days'), L10n::t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.')], '$abandon_days' => ['abandon_days', L10n::t('Accounts abandoned after x days'), Config::get('system', 'account_abandon_days'), L10n::t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.')],
'$allowed_sites' => ['allowed_sites', L10n::t("Allowed friend domains"), Config::get('system','allowed_sites'), L10n::t("Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains")], '$allowed_sites' => ['allowed_sites', L10n::t("Allowed friend domains"), Config::get('system', 'allowed_sites'), L10n::t("Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains")],
'$allowed_email' => ['allowed_email', L10n::t("Allowed email domains"), Config::get('system','allowed_email'), L10n::t("Comma separated list of domains which are allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains")], '$allowed_email' => ['allowed_email', L10n::t("Allowed email domains"), Config::get('system', 'allowed_email'), L10n::t("Comma separated list of domains which are allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains")],
'$no_oembed_rich_content' => ['no_oembed_rich_content', L10n::t("No OEmbed rich content"), Config::get('system','no_oembed_rich_content'), L10n::t("Don't show the rich content \x28e.g. embedded PDF\x29, except from the domains listed below.")], '$no_oembed_rich_content' => ['no_oembed_rich_content', L10n::t("No OEmbed rich content"), Config::get('system', 'no_oembed_rich_content'), L10n::t("Don't show the rich content \x28e.g. embedded PDF\x29, except from the domains listed below.")],
'$allowed_oembed' => ['allowed_oembed', L10n::t("Allowed OEmbed domains"), Config::get('system','allowed_oembed'), L10n::t("Comma separated list of domains which oembed content is allowed to be displayed. Wildcards are accepted.")], '$allowed_oembed' => ['allowed_oembed', L10n::t("Allowed OEmbed domains"), Config::get('system', 'allowed_oembed'), L10n::t("Comma separated list of domains which oembed content is allowed to be displayed. Wildcards are accepted.")],
'$block_public' => ['block_public', L10n::t("Block public"), Config::get('system','block_public'), L10n::t("Check to block public access to all otherwise public personal pages on this site unless you are currently logged in.")], '$block_public' => ['block_public', L10n::t("Block public"), Config::get('system', 'block_public'), L10n::t("Check to block public access to all otherwise public personal pages on this site unless you are currently logged in.")],
'$force_publish' => ['publish_all', L10n::t("Force publish"), Config::get('system','publish_all'), L10n::t("Check to force all profiles on this site to be listed in the site directory.") . '<strong>' . L10n::t('Enabling this may violate privacy laws like the GDPR') . '</strong>'], '$force_publish' => ['publish_all', L10n::t("Force publish"), Config::get('system', 'publish_all'), L10n::t("Check to force all profiles on this site to be listed in the site directory.") . '<strong>' . L10n::t('Enabling this may violate privacy laws like the GDPR') . '</strong>'],
'$global_directory' => ['directory', L10n::t("Global directory URL"), Config::get('system', 'directory', 'https://dir.friendica.social'), L10n::t("URL to the global directory. If this is not set, the global directory is completely unavailable to the application.")], '$global_directory' => ['directory', L10n::t("Global directory URL"), Config::get('system', 'directory', 'https://dir.friendica.social'), L10n::t("URL to the global directory. If this is not set, the global directory is completely unavailable to the application.")],
'$newuser_private' => ['newuser_private', L10n::t("Private posts by default for new users"), Config::get('system','newuser_private'), L10n::t("Set default post permissions for all new members to the default privacy group rather than public.")], '$newuser_private' => ['newuser_private', L10n::t("Private posts by default for new users"), Config::get('system', 'newuser_private'), L10n::t("Set default post permissions for all new members to the default privacy group rather than public.")],
'$enotify_no_content' => ['enotify_no_content', L10n::t("Don't include post content in email notifications"), Config::get('system','enotify_no_content'), L10n::t("Don't include the content of a post/comment/private message/etc. in the email notifications that are sent out from this site, as a privacy measure.")], '$enotify_no_content' => ['enotify_no_content', L10n::t("Don't include post content in email notifications"), Config::get('system', 'enotify_no_content'), L10n::t("Don't include the content of a post/comment/private message/etc. in the email notifications that are sent out from this site, as a privacy measure.")],
'$private_addons' => ['private_addons', L10n::t("Disallow public access to addons listed in the apps menu."), Config::get('config','private_addons'), L10n::t("Checking this box will restrict addons listed in the apps menu to members only.")], '$private_addons' => ['private_addons', L10n::t("Disallow public access to addons listed in the apps menu."), Config::get('config', 'private_addons'), L10n::t("Checking this box will restrict addons listed in the apps menu to members only.")],
'$disable_embedded' => ['disable_embedded', L10n::t("Don't embed private images in posts"), Config::get('system','disable_embedded'), L10n::t("Don't replace locally-hosted private photos in posts with an embedded copy of the image. This means that contacts who receive posts containing private photos will have to authenticate and load each image, which may take a while.")], '$disable_embedded' => ['disable_embedded', L10n::t("Don't embed private images in posts"), Config::get('system', 'disable_embedded'), L10n::t("Don't replace locally-hosted private photos in posts with an embedded copy of the image. This means that contacts who receive posts containing private photos will have to authenticate and load each image, which may take a while.")],
'$explicit_content' => ['explicit_content', L10n::t('Explicit Content'), Config::get('system', 'explicit_content', False), L10n::t('Set this to announce that your node is used mostly for explicit content that might not be suited for minors. This information will be published in the node information and might be used, e.g. by the global directory, to filter your node from listings of nodes to join. Additionally a note about this will be shown at the user registration page.')], '$explicit_content' => ['explicit_content', L10n::t('Explicit Content'), Config::get('system', 'explicit_content', false), L10n::t('Set this to announce that your node is used mostly for explicit content that might not be suited for minors. This information will be published in the node information and might be used, e.g. by the global directory, to filter your node from listings of nodes to join. Additionally a note about this will be shown at the user registration page.')],
'$allow_users_remote_self' => ['allow_users_remote_self', L10n::t('Allow Users to set remote_self'), Config::get('system','allow_users_remote_self'), L10n::t('With checking this, every user is allowed to mark every contact as a remote_self in the repair contact dialog. Setting this flag on a contact causes mirroring every posting of that contact in the users stream.')], '$allow_users_remote_self'=> ['allow_users_remote_self', L10n::t('Allow Users to set remote_self'), Config::get('system', 'allow_users_remote_self'), L10n::t('With checking this, every user is allowed to mark every contact as a remote_self in the repair contact dialog. Setting this flag on a contact causes mirroring every posting of that contact in the users stream.')],
'$no_multi_reg' => ['no_multi_reg', L10n::t("Block multiple registrations"), Config::get('system','block_extended_register'), L10n::t("Disallow users to register additional accounts for use as pages.")], '$no_multi_reg' => ['no_multi_reg', L10n::t("Block multiple registrations"), Config::get('system', 'block_extended_register'), L10n::t("Disallow users to register additional accounts for use as pages.")],
'$no_openid' => ['no_openid', L10n::t("OpenID support"), !Config::get('system','no_openid'), L10n::t("OpenID support for registration and logins.")], '$no_openid' => ['no_openid', L10n::t("Disable OpenID"), Config::get('system', 'no_openid'), L10n::t("Disable OpenID support for registration and logins.")],
'$no_regfullname' => ['no_regfullname', L10n::t("Fullname check"), !Config::get('system','no_regfullname'), L10n::t("Force users to register with a space between firstname and lastname in Full name, as an antispam measure")], '$no_regfullname' => ['no_regfullname', L10n::t("No Fullname check"), Config::get('system', 'no_regfullname'), L10n::t("Allow users to register without a space between the first name and the last name in their full name.")],
'$community_page_style' => ['community_page_style', L10n::t("Community pages for visitors"), Config::get('system','community_page_style'), L10n::t("Which community pages should be available for visitors. Local users always see both pages."), $community_page_style_choices], '$community_page_style' => ['community_page_style', L10n::t("Community pages for visitors"), Config::get('system', 'community_page_style'), L10n::t("Which community pages should be available for visitors. Local users always see both pages."), $community_page_style_choices],
'$max_author_posts_community_page' => ['max_author_posts_community_page', L10n::t("Posts per user on community page"), Config::get('system','max_author_posts_community_page'), L10n::t("The maximum number of posts per user on the community page. \x28Not valid for 'Global Community'\x29")], '$max_author_posts_community_page' => ['max_author_posts_community_page', L10n::t("Posts per user on community page"), Config::get('system', 'max_author_posts_community_page'), L10n::t("The maximum number of posts per user on the community page. \x28Not valid for 'Global Community'\x29")],
'$ostatus_disabled' => ['ostatus_disabled', L10n::t("Enable OStatus support"), !Config::get('system','ostatus_disabled'), L10n::t("Provide built-in OStatus \x28StatusNet, GNU Social etc.\x29 compatibility. All communications in OStatus are public, so privacy warnings will be occasionally displayed.")], '$ostatus_disabled' => ['ostatus_disabled', L10n::t("Disable OStatus support"), Config::get('system', 'ostatus_disabled'), L10n::t("Disable built-in OStatus (StatusNet, GNU Social etc.) compatibility. All communications in OStatus are public, so privacy warnings will be occasionally displayed.")],
'$ostatus_full_threads' => ['ostatus_full_threads', L10n::t("Only import OStatus/ActivityPub threads from our contacts"), Config::get('system','ostatus_full_threads'), L10n::t("Normally we import every content from our OStatus and ActivityPub contacts. With this option we only store threads that are started by a contact that is known on our system.")], '$ostatus_full_threads' => ['ostatus_full_threads', L10n::t("Only import OStatus/ActivityPub threads from our contacts"), Config::get('system', 'ostatus_full_threads'), L10n::t("Normally we import every content from our OStatus and ActivityPub contacts. With this option we only store threads that are started by a contact that is known on our system.")],
'$ostatus_not_able' => L10n::t("OStatus support can only be enabled if threading is enabled."), '$ostatus_not_able' => L10n::t("OStatus support can only be enabled if threading is enabled."),
'$diaspora_able' => $diaspora_able, '$diaspora_able' => $diaspora_able,
'$diaspora_not_able' => L10n::t("Diaspora support can't be enabled because Friendica was installed into a sub directory."), '$diaspora_not_able' => L10n::t("Diaspora support can't be enabled because Friendica was installed into a sub directory."),
'$diaspora_enabled' => ['diaspora_enabled', L10n::t("Enable Diaspora support"), Config::get('system', 'diaspora_enabled', $diaspora_able), L10n::t("Provide built-in Diaspora network compatibility.")], '$diaspora_enabled' => ['diaspora_enabled', L10n::t("Enable Diaspora support"), Config::get('system', 'diaspora_enabled', $diaspora_able), L10n::t("Provide built-in Diaspora network compatibility.")],
'$dfrn_only' => ['dfrn_only', L10n::t('Only allow Friendica contacts'), Config::get('system','dfrn_only'), L10n::t("All contacts must use Friendica protocols. All other built-in communication protocols disabled.")], '$dfrn_only' => ['dfrn_only', L10n::t('Only allow Friendica contacts'), Config::get('system', 'dfrn_only'), L10n::t("All contacts must use Friendica protocols. All other built-in communication protocols disabled.")],
'$verifyssl' => ['verifyssl', L10n::t("Verify SSL"), Config::get('system','verifyssl'), L10n::t("If you wish, you can turn on strict certificate checking. This will mean you cannot connect \x28at all\x29 to self-signed SSL sites.")], '$verifyssl' => ['verifyssl', L10n::t("Verify SSL"), Config::get('system', 'verifyssl'), L10n::t("If you wish, you can turn on strict certificate checking. This will mean you cannot connect \x28at all\x29 to self-signed SSL sites.")],
'$proxyuser' => ['proxyuser', L10n::t("Proxy user"), Config::get('system','proxyuser'), ""], '$proxyuser' => ['proxyuser', L10n::t("Proxy user"), Config::get('system', 'proxyuser'), ""],
'$proxy' => ['proxy', L10n::t("Proxy URL"), Config::get('system','proxy'), ""], '$proxy' => ['proxy', L10n::t("Proxy URL"), Config::get('system', 'proxy'), ""],
'$timeout' => ['timeout', L10n::t("Network timeout"), Config::get('system', 'curl_timeout', 60), L10n::t("Value is in seconds. Set to 0 for unlimited \x28not recommended\x29.")], '$timeout' => ['timeout', L10n::t("Network timeout"), Config::get('system', 'curl_timeout', 60), L10n::t("Value is in seconds. Set to 0 for unlimited \x28not recommended\x29.")],
'$maxloadavg' => ['maxloadavg', L10n::t("Maximum Load Average"), Config::get('system', 'maxloadavg', 50), L10n::t("Maximum system load before delivery and poll processes are deferred - default 50.")], '$maxloadavg' => ['maxloadavg', L10n::t("Maximum Load Average"), Config::get('system', 'maxloadavg', 50), L10n::t("Maximum system load before delivery and poll processes are deferred - default 50.")],
'$maxloadavg_frontend' => ['maxloadavg_frontend', L10n::t("Maximum Load Average \x28Frontend\x29"), Config::get('system', 'maxloadavg_frontend', 50), L10n::t("Maximum system load before the frontend quits service - default 50.")], '$maxloadavg_frontend' => ['maxloadavg_frontend', L10n::t("Maximum Load Average \x28Frontend\x29"), Config::get('system', 'maxloadavg_frontend', 50), L10n::t("Maximum system load before the frontend quits service - default 50.")],
'$min_memory' => ['min_memory', L10n::t("Minimal Memory"), Config::get('system', 'min_memory', 0), L10n::t("Minimal free memory in MB for the worker. Needs access to /proc/meminfo - default 0 \x28deactivated\x29.")], '$min_memory' => ['min_memory', L10n::t("Minimal Memory"), Config::get('system', 'min_memory', 0), L10n::t("Minimal free memory in MB for the worker. Needs access to /proc/meminfo - default 0 \x28deactivated\x29.")],
'$optimize_max_tablesize'=> ['optimize_max_tablesize', L10n::t("Maximum table size for optimization"), $optimize_max_tablesize, L10n::t("Maximum table size \x28in MB\x29 for the automatic optimization. Enter -1 to disable it.")], '$optimize_max_tablesize' => ['optimize_max_tablesize', L10n::t("Maximum table size for optimization"), $optimize_max_tablesize, L10n::t("Maximum table size \x28in MB\x29 for the automatic optimization. Enter -1 to disable it.")],
'$optimize_fragmentation'=> ['optimize_fragmentation', L10n::t("Minimum level of fragmentation"), Config::get('system', 'optimize_fragmentation', 30), L10n::t("Minimum fragmenation level to start the automatic optimization - default value is 30%.")], '$optimize_fragmentation' => ['optimize_fragmentation', L10n::t("Minimum level of fragmentation"), Config::get('system', 'optimize_fragmentation', 30), L10n::t("Minimum fragmenation level to start the automatic optimization - default value is 30%.")],
'$poco_completion' => ['poco_completion', L10n::t("Periodical check of global contacts"), Config::get('system','poco_completion'), L10n::t("If enabled, the global contacts are checked periodically for missing or outdated data and the vitality of the contacts and servers.")], '$poco_completion' => ['poco_completion', L10n::t("Periodical check of global contacts"), Config::get('system', 'poco_completion'), L10n::t("If enabled, the global contacts are checked periodically for missing or outdated data and the vitality of the contacts and servers.")],
'$poco_requery_days' => ['poco_requery_days', L10n::t("Days between requery"), Config::get('system','poco_requery_days'), L10n::t("Number of days after which a server is requeried for his contacts.")], '$poco_requery_days' => ['poco_requery_days', L10n::t("Days between requery"), Config::get('system', 'poco_requery_days'), L10n::t("Number of days after which a server is requeried for his contacts.")],
'$poco_discovery' => ['poco_discovery', L10n::t("Discover contacts from other servers"), (string) intval(Config::get('system','poco_discovery')), L10n::t("Periodically query other servers for contacts. You can choose between 'users': the users on the remote system, 'Global Contacts': active contacts that are known on the system. The fallback is meant for Redmatrix servers and older friendica servers, where global contacts weren't available. The fallback increases the server load, so the recommened setting is 'Users, Global Contacts'."), $poco_discovery_choices], '$poco_discovery' => ['poco_discovery', L10n::t("Discover contacts from other servers"), (string)intval(Config::get('system', 'poco_discovery')), L10n::t("Periodically query other servers for contacts. You can choose between 'users': the users on the remote system, 'Global Contacts': active contacts that are known on the system. The fallback is meant for Redmatrix servers and older friendica servers, where global contacts weren't available. The fallback increases the server load, so the recommened setting is 'Users, Global Contacts'."), $poco_discovery_choices],
'$poco_discovery_since' => ['poco_discovery_since', L10n::t("Timeframe for fetching global contacts"), (string) intval(Config::get('system','poco_discovery_since')), L10n::t("When the discovery is activated, this value defines the timeframe for the activity of the global contacts that are fetched from other servers."), $poco_discovery_since_choices], '$poco_discovery_since' => ['poco_discovery_since', L10n::t("Timeframe for fetching global contacts"), (string)intval(Config::get('system', 'poco_discovery_since')), L10n::t("When the discovery is activated, this value defines the timeframe for the activity of the global contacts that are fetched from other servers."), $poco_discovery_since_choices],
'$poco_local_search' => ['poco_local_search', L10n::t("Search the local directory"), Config::get('system','poco_local_search'), L10n::t("Search the local directory instead of the global directory. When searching locally, every search will be executed on the global directory in the background. This improves the search results when the search is repeated.")], '$poco_local_search' => ['poco_local_search', L10n::t("Search the local directory"), Config::get('system', 'poco_local_search'), L10n::t("Search the local directory instead of the global directory. When searching locally, every search will be executed on the global directory in the background. This improves the search results when the search is repeated.")],
'$nodeinfo' => ['nodeinfo', L10n::t("Publish server information"), Config::get('system','nodeinfo'), L10n::t("If enabled, general server and usage data will be published. The data contains the name and version of the server, number of users with public profiles, number of posts and the activated protocols and connectors. See <a href='http://the-federation.info/'>the-federation.info</a> for details.")], '$nodeinfo' => ['nodeinfo', L10n::t("Publish server information"), Config::get('system', 'nodeinfo'), L10n::t("If enabled, general server and usage data will be published. The data contains the name and version of the server, number of users with public profiles, number of posts and the activated protocols and connectors. See <a href='http://the-federation.info/'>the-federation.info</a> for details.")],
'$check_new_version_url' => ['check_new_version_url', L10n::t("Check upstream version"), Config::get('system', 'check_new_version_url'), L10n::t("Enables checking for new Friendica versions at github. If there is a new version, you will be informed in the admin panel overview."), $check_git_version_choices], '$check_new_version_url' => ['check_new_version_url', L10n::t("Check upstream version"), Config::get('system', 'check_new_version_url'), L10n::t("Enables checking for new Friendica versions at github. If there is a new version, you will be informed in the admin panel overview."), $check_git_version_choices],
'$suppress_tags' => ['suppress_tags', L10n::t("Suppress Tags"), Config::get('system','suppress_tags'), L10n::t("Suppress showing a list of hashtags at the end of the posting.")], '$suppress_tags' => ['suppress_tags', L10n::t("Suppress Tags"), Config::get('system', 'suppress_tags'), L10n::t("Suppress showing a list of hashtags at the end of the posting.")],
'$dbclean' => ['dbclean', L10n::t("Clean database"), Config::get('system','dbclean', false), L10n::t("Remove old remote items, orphaned database records and old content from some other helper tables.")], '$dbclean' => ['dbclean', L10n::t("Clean database"), Config::get('system', 'dbclean', false), L10n::t("Remove old remote items, orphaned database records and old content from some other helper tables.")],
'$dbclean_expire_days' => ['dbclean_expire_days', L10n::t("Lifespan of remote items"), Config::get('system','dbclean-expire-days', 0), L10n::t("When the database cleanup is enabled, this defines the days after which remote items will be deleted. Own items, and marked or filed items are always kept. 0 disables this behaviour.")], '$dbclean_expire_days' => ['dbclean_expire_days', L10n::t("Lifespan of remote items"), Config::get('system', 'dbclean-expire-days', 0), L10n::t("When the database cleanup is enabled, this defines the days after which remote items will be deleted. Own items, and marked or filed items are always kept. 0 disables this behaviour.")],
'$dbclean_unclaimed' => ['dbclean_unclaimed', L10n::t("Lifespan of unclaimed items"), Config::get('system','dbclean-expire-unclaimed', 90), L10n::t("When the database cleanup is enabled, this defines the days after which unclaimed remote items (mostly content from the relay) will be deleted. Default value is 90 days. Defaults to the general lifespan value of remote items if set to 0.")], '$dbclean_unclaimed' => ['dbclean_unclaimed', L10n::t("Lifespan of unclaimed items"), Config::get('system', 'dbclean-expire-unclaimed', 90), L10n::t("When the database cleanup is enabled, this defines the days after which unclaimed remote items (mostly content from the relay) will be deleted. Default value is 90 days. Defaults to the general lifespan value of remote items if set to 0.")],
'$dbclean_expire_conv' => ['dbclean_expire_conv', L10n::t("Lifespan of raw conversation data"), Config::get('system','dbclean_expire_conversation', 90), L10n::t("The conversation data is used for ActivityPub and OStatus, as well as for debug purposes. It should be safe to remove it after 14 days, default is 90 days.")], '$dbclean_expire_conv' => ['dbclean_expire_conv', L10n::t("Lifespan of raw conversation data"), Config::get('system', 'dbclean_expire_conversation', 90), L10n::t("The conversation data is used for ActivityPub and OStatus, as well as for debug purposes. It should be safe to remove it after 14 days, default is 90 days.")],
'$itemcache' => ['itemcache', L10n::t("Path to item cache"), Config::get('system','itemcache'), L10n::t("The item caches buffers generated bbcode and external images.")], '$itemcache' => ['itemcache', L10n::t("Path to item cache"), Config::get('system', 'itemcache'), L10n::t("The item caches buffers generated bbcode and external images.")],
'$itemcache_duration' => ['itemcache_duration', L10n::t("Cache duration in seconds"), Config::get('system','itemcache_duration'), L10n::t("How long should the cache files be hold? Default value is 86400 seconds \x28One day\x29. To disable the item cache, set the value to -1.")], '$itemcache_duration' => ['itemcache_duration', L10n::t("Cache duration in seconds"), Config::get('system', 'itemcache_duration'), L10n::t("How long should the cache files be hold? Default value is 86400 seconds \x28One day\x29. To disable the item cache, set the value to -1.")],
'$max_comments' => ['max_comments', L10n::t("Maximum numbers of comments per post"), Config::get('system','max_comments'), L10n::t("How much comments should be shown for each post? Default value is 100.")], '$max_comments' => ['max_comments', L10n::t("Maximum numbers of comments per post"), Config::get('system', 'max_comments'), L10n::t("How much comments should be shown for each post? Default value is 100.")],
'$temppath' => ['temppath', L10n::t("Temp path"), Config::get('system','temppath'), L10n::t("If you have a restricted system where the webserver can't access the system temp path, enter another path here.")], '$temppath' => ['temppath', L10n::t("Temp path"), Config::get('system', 'temppath'), L10n::t("If you have a restricted system where the webserver can't access the system temp path, enter another path here.")],
'$basepath' => ['basepath', L10n::t("Base path to installation"), Config::get('system','basepath'), L10n::t("If the system cannot detect the correct path to your installation, enter the correct path here. This setting should only be set if you are using a restricted system and symbolic links to your webroot.")], '$basepath' => ['basepath', L10n::t("Base path to installation"), Config::get('system', 'basepath'), L10n::t("If the system cannot detect the correct path to your installation, enter the correct path here. This setting should only be set if you are using a restricted system and symbolic links to your webroot.")],
'$proxy_disabled' => ['proxy_disabled', L10n::t("Disable picture proxy"), Config::get('system','proxy_disabled'), L10n::t("The picture proxy increases performance and privacy. It shouldn't be used on systems with very low bandwidth.")], '$proxy_disabled' => ['proxy_disabled', L10n::t("Disable picture proxy"), Config::get('system', 'proxy_disabled'), L10n::t("The picture proxy increases performance and privacy. It shouldn't be used on systems with very low bandwidth.")],
'$only_tag_search' => ['only_tag_search', L10n::t("Only search in tags"), Config::get('system','only_tag_search'), L10n::t("On large systems the text search can slow down the system extremely.")], '$only_tag_search' => ['only_tag_search', L10n::t("Only search in tags"), Config::get('system', 'only_tag_search'), L10n::t("On large systems the text search can slow down the system extremely.")],
'$relocate_url' => ['relocate_url', L10n::t("New base url"), System::baseUrl(), L10n::t("Change base url for this server. Sends relocate message to all Friendica and Diaspora* contacts of all users.")], '$relocate_url' => ['relocate_url', L10n::t("New base url"), System::baseUrl(), L10n::t("Change base url for this server. Sends relocate message to all Friendica and Diaspora* contacts of all users.")],
'$rino' => ['rino', L10n::t("RINO Encryption"), intval(Config::get('system','rino_encrypt')), L10n::t("Encryption layer between nodes."), [0 => L10n::t("Disabled"), 1 => L10n::t("Enabled")]], '$rino' => ['rino', L10n::t("RINO Encryption"), intval(Config::get('system', 'rino_encrypt')), L10n::t("Encryption layer between nodes."), [0 => L10n::t("Disabled"), 1 => L10n::t("Enabled")]],
'$worker_queues' => ['worker_queues', L10n::t("Maximum number of parallel workers"), Config::get('system','worker_queues'), L10n::t("On shared hosters set this to %d. On larger systems, values of %d are great. Default value is %d.", 5, 20, 10)], '$worker_queues' => ['worker_queues', L10n::t("Maximum number of parallel workers"), Config::get('system', 'worker_queues'), L10n::t("On shared hosters set this to %d. On larger systems, values of %d are great. Default value is %d.", 5, 20, 10)],
'$worker_dont_fork' => ['worker_dont_fork', L10n::t("Don't use 'proc_open' with the worker"), Config::get('system','worker_dont_fork'), L10n::t("Enable this if your system doesn't allow the use of 'proc_open'. This can happen on shared hosters. If this is enabled you should increase the frequency of worker calls in your crontab.")], '$worker_dont_fork' => ['worker_dont_fork', L10n::t("Don't use 'proc_open' with the worker"), Config::get('system', 'worker_dont_fork'), L10n::t("Enable this if your system doesn't allow the use of 'proc_open'. This can happen on shared hosters. If this is enabled you should increase the frequency of worker calls in your crontab.")],
'$worker_fastlane' => ['worker_fastlane', L10n::t("Enable fastlane"), Config::get('system','worker_fastlane'), L10n::t("When enabed, the fastlane mechanism starts an additional worker if processes with higher priority are blocked by processes of lower priority.")], '$worker_fastlane' => ['worker_fastlane', L10n::t("Enable fastlane"), Config::get('system', 'worker_fastlane'), L10n::t("When enabed, the fastlane mechanism starts an additional worker if processes with higher priority are blocked by processes of lower priority.")],
'$worker_frontend' => ['worker_frontend', L10n::t('Enable frontend worker'), Config::get('system','frontend_worker'), L10n::t('When enabled the Worker process is triggered when backend access is performed \x28e.g. messages being delivered\x29. On smaller sites you might want to call %s/worker on a regular basis via an external cron job. You should only enable this option if you cannot utilize cron/scheduled jobs on your server.', System::baseUrl())], '$worker_frontend' => ['worker_frontend', L10n::t('Enable frontend worker'), Config::get('system', 'frontend_worker'), L10n::t('When enabled the Worker process is triggered when backend access is performed \x28e.g. messages being delivered\x29. On smaller sites you might want to call %s/worker on a regular basis via an external cron job. You should only enable this option if you cannot utilize cron/scheduled jobs on your server.', System::baseUrl())],
'$relay_subscribe' => ['relay_subscribe', L10n::t("Subscribe to relay"), Config::get('system','relay_subscribe'), L10n::t("Enables the receiving of public posts from the relay. They will be included in the search, subscribed tags and on the global community page.")], '$relay_subscribe' => ['relay_subscribe', L10n::t("Subscribe to relay"), Config::get('system', 'relay_subscribe'), L10n::t("Enables the receiving of public posts from the relay. They will be included in the search, subscribed tags and on the global community page.")],
'$relay_server' => ['relay_server', L10n::t("Relay server"), Config::get('system', 'relay_server', 'https://relay.diasp.org'), L10n::t("Address of the relay server where public posts should be send to. For example https://relay.diasp.org")], '$relay_server' => ['relay_server', L10n::t("Relay server"), Config::get('system', 'relay_server', 'https://relay.diasp.org'), L10n::t("Address of the relay server where public posts should be send to. For example https://relay.diasp.org")],
'$relay_directly' => ['relay_directly', L10n::t("Direct relay transfer"), Config::get('system','relay_directly'), L10n::t("Enables the direct transfer to other servers without using the relay servers")], '$relay_directly' => ['relay_directly', L10n::t("Direct relay transfer"), Config::get('system', 'relay_directly'), L10n::t("Enables the direct transfer to other servers without using the relay servers")],
'$relay_scope' => ['relay_scope', L10n::t("Relay scope"), Config::get('system','relay_scope'), L10n::t("Can be 'all' or 'tags'. 'all' means that every public post should be received. 'tags' means that only posts with selected tags should be received."), ['' => L10n::t('Disabled'), 'all' => L10n::t('all'), 'tags' => L10n::t('tags')]], '$relay_scope' => ['relay_scope', L10n::t("Relay scope"), Config::get('system', 'relay_scope'), L10n::t("Can be 'all' or 'tags'. 'all' means that every public post should be received. 'tags' means that only posts with selected tags should be received."), ['' => L10n::t('Disabled'), 'all' => L10n::t('all'), 'tags' => L10n::t('tags')]],
'$relay_server_tags' => ['relay_server_tags', L10n::t("Server tags"), Config::get('system','relay_server_tags'), L10n::t("Comma separated list of tags for the 'tags' subscription.")], '$relay_server_tags' => ['relay_server_tags', L10n::t("Server tags"), Config::get('system', 'relay_server_tags'), L10n::t("Comma separated list of tags for the 'tags' subscription.")],
'$relay_user_tags' => ['relay_user_tags', L10n::t("Allow user tags"), Config::get('system', 'relay_user_tags', true), L10n::t("If enabled, the tags from the saved searches will used for the 'tags' subscription in addition to the 'relay_server_tags'.")], '$relay_user_tags' => ['relay_user_tags', L10n::t("Allow user tags"), Config::get('system', 'relay_user_tags', true), L10n::t("If enabled, the tags from the saved searches will used for the 'tags' subscription in addition to the 'relay_server_tags'.")],
'$form_security_token' => BaseModule::getFormSecurityToken("admin_site"), '$form_security_token' => BaseModule::getFormSecurityToken("admin_site"),
'$relocate_button' => L10n::t('Start Relocation'), '$relocate_button' => L10n::t('Start Relocation'),
]); ]);
} }
@ -1774,14 +1775,14 @@ function admin_page_users_post(App $a)
'body' => $body]); 'body' => $body]);
} }
if (x($_POST, 'page_users_block')) { if (!empty($_POST['page_users_block'])) {
foreach ($users as $uid) { foreach ($users as $uid) {
q("UPDATE `user` SET `blocked` = 1-`blocked` WHERE `uid` = %s", intval($uid) q("UPDATE `user` SET `blocked` = 1-`blocked` WHERE `uid` = %s", intval($uid)
); );
} }
notice(L10n::tt("%s user blocked/unblocked", "%s users blocked/unblocked", count($users))); notice(L10n::tt("%s user blocked/unblocked", "%s users blocked/unblocked", count($users)));
} }
if (x($_POST, 'page_users_delete')) { if (!empty($_POST['page_users_delete'])) {
foreach ($users as $uid) { foreach ($users as $uid) {
if (local_user() != $uid) { if (local_user() != $uid) {
User::remove($uid); User::remove($uid);
@ -1792,13 +1793,13 @@ function admin_page_users_post(App $a)
notice(L10n::tt("%s user deleted", "%s users deleted", count($users))); notice(L10n::tt("%s user deleted", "%s users deleted", count($users)));
} }
if (x($_POST, 'page_users_approve')) { if (!empty($_POST['page_users_approve'])) {
require_once "mod/regmod.php"; require_once "mod/regmod.php";
foreach ($pending as $hash) { foreach ($pending as $hash) {
user_allow($hash); user_allow($hash);
} }
} }
if (x($_POST, 'page_users_deny')) { if (!empty($_POST['page_users_deny'])) {
require_once "mod/regmod.php"; require_once "mod/regmod.php";
foreach ($pending as $hash) { foreach ($pending as $hash) {
user_deny($hash); user_deny($hash);
@ -1872,7 +1873,7 @@ function admin_page_users(App $a)
$order = "contact.name"; $order = "contact.name";
$order_direction = "+"; $order_direction = "+";
if (x($_GET, 'o')) { if (!empty($_GET['o'])) {
$new_order = $_GET['o']; $new_order = $_GET['o'];
if ($new_order[0] === "-") { if ($new_order[0] === "-") {
$order_direction = "-"; $order_direction = "-";
@ -1977,7 +1978,7 @@ function admin_page_users(App $a)
'$h_users' => L10n::t('Users'), '$h_users' => L10n::t('Users'),
'$h_newuser' => L10n::t('New User'), '$h_newuser' => L10n::t('New User'),
'$th_deleted' => [L10n::t('Name'), L10n::t('Email'), L10n::t('Register date'), L10n::t('Last login'), L10n::t('Last item'), L10n::t('Delete in')], '$th_deleted' => [L10n::t('Name'), L10n::t('Email'), L10n::t('Register date'), L10n::t('Last login'), L10n::t('Last item'), L10n::t('Permanent deletion')],
'$th_users' => $th_users, '$th_users' => $th_users,
'$order_users' => $order, '$order_users' => $order,
'$order_direction_users' => $order_direction, '$order_direction_users' => $order_direction,
@ -2098,7 +2099,7 @@ function admin_page_addons(App $a, array $addons_admin)
/* /*
* List addons * List addons
*/ */
if (x($_GET, "a") && $_GET['a'] == "r") { if (!empty($_GET['a']) && $_GET['a'] == "r") {
BaseModule::checkFormSecurityTokenRedirectOnError($a->getBaseURL() . '/admin/addons', 'admin_themes', 't'); BaseModule::checkFormSecurityTokenRedirectOnError($a->getBaseURL() . '/admin/addons', 'admin_themes', 't');
Addon::reload(); Addon::reload();
info("Addons reloaded"); info("Addons reloaded");
@ -2147,14 +2148,14 @@ function admin_page_addons(App $a, array $addons_admin)
} }
/** /**
* @param array $themes * @param array $themes
* @param string $th * @param string $th
* @param int $result * @param int $result
*/ */
function toggle_theme(&$themes, $th, &$result) function toggle_theme(&$themes, $th, &$result)
{ {
$count = count($themes); $count = count($themes);
for ($x = 0; $x < $count; $x ++) { for ($x = 0; $x < $count; $x++) {
if ($themes[$x]['name'] === $th) { if ($themes[$x]['name'] === $th) {
if ($themes[$x]['allowed']) { if ($themes[$x]['allowed']) {
$themes[$x]['allowed'] = 0; $themes[$x]['allowed'] = 0;
@ -2168,14 +2169,14 @@ function toggle_theme(&$themes, $th, &$result)
} }
/** /**
* @param array $themes * @param array $themes
* @param string $th * @param string $th
* @return int * @return int
*/ */
function theme_status($themes, $th) function theme_status($themes, $th)
{ {
$count = count($themes); $count = count($themes);
for ($x = 0; $x < $count; $x ++) { for ($x = 0; $x < $count; $x++) {
if ($themes[$x]['name'] === $th) { if ($themes[$x]['name'] === $th) {
if ($themes[$x]['allowed']) { if ($themes[$x]['allowed']) {
return 1; return 1;
@ -2276,7 +2277,7 @@ function admin_page_themes(App $a)
return ''; return '';
} }
if (x($_GET, "a") && $_GET['a'] == "t") { if (!empty($_GET['a']) && $_GET['a'] == "t") {
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/themes', 'admin_themes', 't'); BaseModule::checkFormSecurityTokenRedirectOnError('/admin/themes', 'admin_themes', 't');
// Toggle theme status // Toggle theme status
@ -2364,7 +2365,7 @@ function admin_page_themes(App $a)
} }
// reload active themes // reload active themes
if (x($_GET, "a") && $_GET['a'] == "r") { if (!empty($_GET['a']) && $_GET['a'] == "r") {
BaseModule::checkFormSecurityTokenRedirectOnError(System::baseUrl() . '/admin/themes', 'admin_themes', 't'); BaseModule::checkFormSecurityTokenRedirectOnError(System::baseUrl() . '/admin/themes', 'admin_themes', 't');
foreach ($themes as $th) { foreach ($themes as $th) {
if ($th['allowed']) { if ($th['allowed']) {
@ -2409,12 +2410,12 @@ function admin_page_themes(App $a)
*/ */
function admin_page_logs_post(App $a) function admin_page_logs_post(App $a)
{ {
if (x($_POST, "page_logs")) { if (!empty($_POST['page_logs'])) {
BaseModule::checkFormSecurityTokenRedirectOnError('/admin/logs', 'admin_logs'); BaseModule::checkFormSecurityTokenRedirectOnError('/admin/logs', 'admin_logs');
$logfile = ((x($_POST,'logfile')) ? Strings::escapeTags(trim($_POST['logfile'])) : ''); $logfile = (!empty($_POST['logfile']) ? Strings::escapeTags(trim($_POST['logfile'])) : '');
$debugging = ((x($_POST,'debugging')) ? true : false); $debugging = !empty($_POST['debugging']);
$loglevel = ((x($_POST,'loglevel')) ? intval(trim($_POST['loglevel'])) : 0); $loglevel = (!empty($_POST['loglevel']) ? intval(trim($_POST['loglevel'])) : 0);
Config::set('system', 'logfile', $logfile); Config::set('system', 'logfile', $logfile);
Config::set('system', 'debugging', $debugging); Config::set('system', 'debugging', $debugging);
@ -2555,14 +2556,14 @@ function admin_page_features_post(App $a)
$feature_state = 'feature_' . $feature; $feature_state = 'feature_' . $feature;
$featurelock = 'featurelock_' . $feature; $featurelock = 'featurelock_' . $feature;
if (x($_POST, $feature_state)) { if (!empty($_POST[$feature_state])) {
$val = intval($_POST[$feature_state]); $val = intval($_POST[$feature_state]);
} else { } else {
$val = 0; $val = 0;
} }
Config::set('feature', $feature, $val); Config::set('feature', $feature, $val);
if (x($_POST, $featurelock)) { if (!empty($_POST[$featurelock])) {
Config::set('feature_lock', $feature, $val); Config::set('feature_lock', $feature, $val);
} else { } else {
Config::delete('feature_lock', $feature); Config::delete('feature_lock', $feature);

View file

@ -81,9 +81,9 @@ function allfriends_content(App $a)
$entry = [ $entry = [
'url' => $rr['url'], 'url' => $rr['url'],
'itemurl' => defaults($contact_details, 'addr', $rr['url']), 'itemurl' => defaults($contact_details, 'addr', $rr['url']),
'name' => htmlentities($contact_details['name']), 'name' => $contact_details['name'],
'thumb' => ProxyUtils::proxifyUrl($contact_details['thumb'], false, ProxyUtils::SIZE_THUMB), 'thumb' => ProxyUtils::proxifyUrl($contact_details['thumb'], false, ProxyUtils::SIZE_THUMB),
'img_hover' => htmlentities($contact_details['name']), 'img_hover' => $contact_details['name'],
'details' => $contact_details['location'], 'details' => $contact_details['location'],
'tags' => $contact_details['keywords'], 'tags' => $contact_details['keywords'],
'about' => $contact_details['about'], 'about' => $contact_details['about'],
@ -100,9 +100,7 @@ function allfriends_content(App $a)
$tab_str = Module\Contact::getTabsHTML($a, $contact, 4); $tab_str = Module\Contact::getTabsHTML($a, $contact, 4);
$tpl = Renderer::getMarkupTemplate('viewcontact_template.tpl'); $tpl = Renderer::getMarkupTemplate('viewcontact_template.tpl');
$o .= Renderer::replaceMacros($tpl, [ $o .= Renderer::replaceMacros($tpl, [
//'$title' => L10n::t('Friends of %s', htmlentities($c[0]['name'])),
'$tab_str' => $tab_str, '$tab_str' => $tab_str,
'$contacts' => $entries, '$contacts' => $entries,
'$paginate' => $pager->renderFull($total), '$paginate' => $pager->renderFull($total),

View file

@ -38,7 +38,7 @@ function api_post(App $a)
return; return;
} }
if (count($a->user) && x($a->user, 'uid') && $a->user['uid'] != local_user()) { if (count($a->user) && !empty($a->user['uid']) && $a->user['uid'] != local_user()) {
notice(L10n::t('Permission denied.') . EOL); notice(L10n::t('Permission denied.') . EOL);
return; return;
} }
@ -62,7 +62,7 @@ function api_content(App $a)
killme(); killme();
} }
if (x($_POST, 'oauth_yes')) { if (!empty($_POST['oauth_yes'])) {
$app = oauth_get_client($request); $app = oauth_get_client($request);
if (is_null($app)) { if (is_null($app)) {
return "Invalid request. Unknown token."; return "Invalid request. Unknown token.";

View file

@ -142,7 +142,7 @@ function babel_content()
$tpl = Renderer::getMarkupTemplate('babel.tpl'); $tpl = Renderer::getMarkupTemplate('babel.tpl');
$o = Renderer::replaceMacros($tpl, [ $o = Renderer::replaceMacros($tpl, [
'$text' => ['text', L10n::t('Source text'), htmlentities(defaults($_REQUEST, 'text', '')), ''], '$text' => ['text', L10n::t('Source text'), defaults($_REQUEST, 'text', ''), ''],
'$type_bbcode' => ['type', L10n::t('BBCode'), 'bbcode', '', defaults($_REQUEST, 'type', 'bbcode') == 'bbcode'], '$type_bbcode' => ['type', L10n::t('BBCode'), 'bbcode', '', defaults($_REQUEST, 'type', 'bbcode') == 'bbcode'],
'$type_markdown' => ['type', L10n::t('Markdown'), 'markdown', '', defaults($_REQUEST, 'type', 'bbcode') == 'markdown'], '$type_markdown' => ['type', L10n::t('Markdown'), 'markdown', '', defaults($_REQUEST, 'type', 'bbcode') == 'markdown'],
'$type_html' => ['type', L10n::t('HTML'), 'html', '', defaults($_REQUEST, 'type', 'bbcode') == 'html'], '$type_html' => ['type', L10n::t('HTML'), 'html', '', defaults($_REQUEST, 'type', 'bbcode') == 'html'],

View file

@ -72,7 +72,7 @@ function cal_init(App $a)
$cal_widget = Widget\CalendarExport::getHTML(); $cal_widget = Widget\CalendarExport::getHTML();
if (!x($a->page, 'aside')) { if (empty($a->page['aside'])) {
$a->page['aside'] = ''; $a->page['aside'] = '';
} }
@ -100,7 +100,7 @@ function cal_content(App $a)
$mode = 'view'; $mode = 'view';
$y = 0; $y = 0;
$m = 0; $m = 0;
$ignored = (x($_REQUEST, 'ignored') ? intval($_REQUEST['ignored']) : 0); $ignored = (!empty($_REQUEST['ignored']) ? intval($_REQUEST['ignored']) : 0);
$format = 'ical'; $format = 'ical';
if ($a->argc == 4 && $a->argv[2] == 'export') { if ($a->argc == 4 && $a->argv[2] == 'export') {
@ -115,7 +115,7 @@ function cal_content(App $a)
$owner_uid = $a->data['user']['uid']; $owner_uid = $a->data['user']['uid'];
$nick = $a->data['user']['nickname']; $nick = $a->data['user']['nickname'];
if (x($_SESSION, 'remote') && is_array($_SESSION['remote'])) { if (!empty($_SESSION['remote']) && is_array($_SESSION['remote'])) {
foreach ($_SESSION['remote'] as $v) { foreach ($_SESSION['remote'] as $v) {
if ($v['uid'] == $a->profile['profile_uid']) { if ($v['uid'] == $a->profile['profile_uid']) {
$contact_id = $v['cid']; $contact_id = $v['cid'];
@ -195,11 +195,11 @@ function cal_content(App $a)
if (!empty($a->argv[2]) && ($a->argv[2] === 'json')) { if (!empty($a->argv[2]) && ($a->argv[2] === 'json')) {
if (x($_GET, 'start')) { if (!empty($_GET['start'])) {
$start = $_GET['start']; $start = $_GET['start'];
} }
if (x($_GET, 'end')) { if (!empty($_GET['end'])) {
$finish = $_GET['end']; $finish = $_GET['end'];
} }
} }
@ -233,7 +233,7 @@ function cal_content(App $a)
$r = Event::sortByDate($r); $r = Event::sortByDate($r);
foreach ($r as $rr) { foreach ($r as $rr) {
$j = $rr['adjust'] ? DateTimeFormat::local($rr['start'], 'j') : DateTimeFormat::utc($rr['start'], 'j'); $j = $rr['adjust'] ? DateTimeFormat::local($rr['start'], 'j') : DateTimeFormat::utc($rr['start'], 'j');
if (!x($links, $j)) { if (empty($links[$j])) {
$links[$j] = System::baseUrl() . '/' . $a->cmd . '#link-' . $j; $links[$j] = System::baseUrl() . '/' . $a->cmd . '#link-' . $j;
} }
} }
@ -248,7 +248,7 @@ function cal_content(App $a)
} }
// links: array('href', 'text', 'extra css classes', 'title') // links: array('href', 'text', 'extra css classes', 'title')
if (x($_GET, 'id')) { if (!empty($_GET['id'])) {
$tpl = Renderer::getMarkupTemplate("event.tpl"); $tpl = Renderer::getMarkupTemplate("event.tpl");
} else { } else {
// if (Config::get('experimentals','new_calendar')==1){ // if (Config::get('experimentals','new_calendar')==1){
@ -284,7 +284,7 @@ function cal_content(App $a)
"list" => L10n::t("list"), "list" => L10n::t("list"),
]); ]);
if (x($_GET, 'id')) { if (!empty($_GET['id'])) {
echo $o; echo $o;
killme(); killme();
} }

View file

@ -50,12 +50,12 @@ function common_content(App $a)
if (DBA::isResult($contact)) { if (DBA::isResult($contact)) {
$vcard_widget = Renderer::replaceMacros(Renderer::getMarkupTemplate("vcard-widget.tpl"), [ $vcard_widget = Renderer::replaceMacros(Renderer::getMarkupTemplate("vcard-widget.tpl"), [
'$name' => htmlentities($contact['name']), '$name' => $contact['name'],
'$photo' => $contact['photo'], '$photo' => $contact['photo'],
'url' => 'contact/' . $cid 'url' => 'contact/' . $cid
]); ]);
if (!x($a->page, 'aside')) { if (empty($a->page['aside'])) {
$a->page['aside'] = ''; $a->page['aside'] = '';
} }
$a->page['aside'] .= $vcard_widget; $a->page['aside'] .= $vcard_widget;
@ -123,7 +123,7 @@ function common_content(App $a)
'itemurl' => defaults($contact_details, 'addr', $common_friend['url']), 'itemurl' => defaults($contact_details, 'addr', $common_friend['url']),
'name' => $contact_details['name'], 'name' => $contact_details['name'],
'thumb' => ProxyUtils::proxifyUrl($contact_details['thumb'], false, ProxyUtils::SIZE_THUMB), 'thumb' => ProxyUtils::proxifyUrl($contact_details['thumb'], false, ProxyUtils::SIZE_THUMB),
'img_hover' => htmlentities($contact_details['name']), 'img_hover' => $contact_details['name'],
'details' => $contact_details['location'], 'details' => $contact_details['location'],
'tags' => $contact_details['keywords'], 'tags' => $contact_details['keywords'],
'about' => $contact_details['about'], 'about' => $contact_details['about'],

View file

@ -40,7 +40,7 @@ function contactgroup_content(App $a)
} }
} }
if (x($change)) { if (!empty($change)) {
if (in_array($change, $preselected)) { if (in_array($change, $preselected)) {
Group::removeMember($group['id'], $change); Group::removeMember($group['id'], $change);
} else { } else {

View file

@ -13,7 +13,7 @@ function credits_content()
{ {
/* fill the page with credits */ /* fill the page with credits */
$credits_string = file_get_contents('CREDITS.txt'); $credits_string = file_get_contents('CREDITS.txt');
$names = explode("\n", htmlspecialchars($credits_string)); $names = explode("\n", $credits_string);
$tpl = Renderer::getMarkupTemplate('credits.tpl'); $tpl = Renderer::getMarkupTemplate('credits.tpl');
return Renderer::replaceMacros($tpl, [ return Renderer::replaceMacros($tpl, [
'$title' => L10n::t('Credits'), '$title' => L10n::t('Credits'),

View file

@ -25,7 +25,7 @@ function crepair_init(App $a)
$contact = DBA::selectFirst('contact', [], ['uid' => local_user(), 'id' => $a->argv[1]]); $contact = DBA::selectFirst('contact', [], ['uid' => local_user(), 'id' => $a->argv[1]]);
} }
if (!x($a->page, 'aside')) { if (empty($a->page['aside'])) {
$a->page['aside'] = ''; $a->page['aside'] = '';
} }
@ -158,8 +158,8 @@ function crepair_content(App $a)
$remote_self_options $remote_self_options
], ],
'$name' => ['name', L10n::t('Name') , htmlentities($contact['name'])], '$name' => ['name', L10n::t('Name') , $contact['name']],
'$nick' => ['nick', L10n::t('Account Nickname'), htmlentities($contact['nick'])], '$nick' => ['nick', L10n::t('Account Nickname'), $contact['nick']],
'$attag' => ['attag', L10n::t('@Tagname - overrides Name/Nickname'), $contact['attag']], '$attag' => ['attag', L10n::t('@Tagname - overrides Name/Nickname'), $contact['attag']],
'$url' => ['url', L10n::t('Account URL'), $contact['url']], '$url' => ['url', L10n::t('Account URL'), $contact['url']],
'$request' => ['request', L10n::t('Friend Request URL'), $contact['request']], '$request' => ['request', L10n::t('Friend Request URL'), $contact['request']],

View file

@ -27,7 +27,7 @@ function delegate_post(App $a)
return; return;
} }
if (count($a->user) && x($a->user, 'uid') && $a->user['uid'] != local_user()) { if (count($a->user) && !empty($a->user['uid']) && $a->user['uid'] != local_user()) {
notice(L10n::t('Permission denied.') . EOL); notice(L10n::t('Permission denied.') . EOL);
return; return;
} }
@ -63,7 +63,7 @@ function delegate_content(App $a)
if ($a->argc > 2 && $a->argv[1] === 'add' && intval($a->argv[2])) { if ($a->argc > 2 && $a->argv[1] === 'add' && intval($a->argv[2])) {
// delegated admins can view but not change delegation permissions // delegated admins can view but not change delegation permissions
if (x($_SESSION, 'submanage')) { if (!empty($_SESSION['submanage'])) {
$a->internalRedirect('delegate'); $a->internalRedirect('delegate');
} }
@ -84,7 +84,7 @@ function delegate_content(App $a)
if ($a->argc > 2 && $a->argv[1] === 'remove' && intval($a->argv[2])) { if ($a->argc > 2 && $a->argv[1] === 'remove' && intval($a->argv[2])) {
// delegated admins can view but not change delegation permissions // delegated admins can view but not change delegation permissions
if (x($_SESSION, 'submanage')) { if (!empty($_SESSION['submanage'])) {
$a->internalRedirect('delegate'); $a->internalRedirect('delegate');
} }
@ -163,6 +163,8 @@ function delegate_content(App $a)
if (!is_null($parent_user)) { if (!is_null($parent_user)) {
$parent_password = ['parent_password', L10n::t('Parent Password:'), '', L10n::t('Please enter the password of the parent account to legitimize your request.')]; $parent_password = ['parent_password', L10n::t('Parent Password:'), '', L10n::t('Please enter the password of the parent account to legitimize your request.')];
} else {
$parent_password = '';
} }
$o = Renderer::replaceMacros(Renderer::getMarkupTemplate('delegate.tpl'), [ $o = Renderer::replaceMacros(Renderer::getMarkupTemplate('delegate.tpl'), [

View file

@ -63,7 +63,7 @@ function dfrn_confirm_post(App $a, $handsfree = null)
* this being a page type which supports automatic friend acceptance. That is also Scenario 1 * this being a page type which supports automatic friend acceptance. That is also Scenario 1
* since we are operating on behalf of our registered user to approve a friendship. * since we are operating on behalf of our registered user to approve a friendship.
*/ */
if (!x($_POST, 'source_url')) { if (empty($_POST['source_url'])) {
$uid = defaults($handsfree, 'uid', local_user()); $uid = defaults($handsfree, 'uid', local_user());
if (!$uid) { if (!$uid) {
notice(L10n::t('Permission denied.') . EOL); notice(L10n::t('Permission denied.') . EOL);
@ -417,7 +417,7 @@ function dfrn_confirm_post(App $a, $handsfree = null)
* In the section above where the confirming party makes a POST and * In the section above where the confirming party makes a POST and
* retrieves xml status information, they are communicating with the following code. * retrieves xml status information, they are communicating with the following code.
*/ */
if (x($_POST, 'source_url')) { if (!empty($_POST['source_url'])) {
// We are processing an external confirmation to an introduction created by our user. // We are processing an external confirmation to an introduction created by our user.
$public_key = defaults($_POST, 'public_key', ''); $public_key = defaults($_POST, 'public_key', '');
$dfrn_id = hex2bin(defaults($_POST, 'dfrn_id' , '')); $dfrn_id = hex2bin(defaults($_POST, 'dfrn_id' , ''));
@ -435,7 +435,7 @@ function dfrn_confirm_post(App $a, $handsfree = null)
// If $aes_key is set, both of these items require unpacking from the hex transport encoding. // If $aes_key is set, both of these items require unpacking from the hex transport encoding.
if (x($aes_key)) { if (!empty($aes_key)) {
$aes_key = hex2bin($aes_key); $aes_key = hex2bin($aes_key);
$public_key = hex2bin($public_key); $public_key = hex2bin($public_key);
} }

View file

@ -39,16 +39,16 @@ function dfrn_notify_post(App $a) {
} }
} }
$dfrn_id = ((x($_POST,'dfrn_id')) ? Strings::escapeTags(trim($_POST['dfrn_id'])) : ''); $dfrn_id = (!empty($_POST['dfrn_id']) ? Strings::escapeTags(trim($_POST['dfrn_id'])) : '');
$dfrn_version = ((x($_POST,'dfrn_version')) ? (float) $_POST['dfrn_version'] : 2.0); $dfrn_version = (!empty($_POST['dfrn_version']) ? (float) $_POST['dfrn_version'] : 2.0);
$challenge = ((x($_POST,'challenge')) ? Strings::escapeTags(trim($_POST['challenge'])) : ''); $challenge = (!empty($_POST['challenge']) ? Strings::escapeTags(trim($_POST['challenge'])) : '');
$data = ((x($_POST,'data')) ? $_POST['data'] : ''); $data = defaults($_POST, 'data', '');
$key = ((x($_POST,'key')) ? $_POST['key'] : ''); $key = defaults($_POST, 'key', '');
$rino_remote = ((x($_POST,'rino')) ? intval($_POST['rino']) : 0); $rino_remote = (!empty($_POST['rino']) ? intval($_POST['rino']) : 0);
$dissolve = ((x($_POST,'dissolve')) ? intval($_POST['dissolve']) : 0); $dissolve = (!empty($_POST['dissolve']) ? intval($_POST['dissolve']) : 0);
$perm = ((x($_POST,'perm')) ? Strings::escapeTags(trim($_POST['perm'])) : 'r'); $perm = (!empty($_POST['perm']) ? Strings::escapeTags(trim($_POST['perm'])) : 'r');
$ssl_policy = ((x($_POST,'ssl_policy')) ? Strings::escapeTags(trim($_POST['ssl_policy'])): 'none'); $ssl_policy = (!empty($_POST['ssl_policy']) ? Strings::escapeTags(trim($_POST['ssl_policy'])): 'none');
$page = ((x($_POST,'page')) ? intval($_POST['page']) : 0); $page = (!empty($_POST['page']) ? intval($_POST['page']) : 0);
$forum = (($page == 1) ? 1 : 0); $forum = (($page == 1) ? 1 : 0);
$prv = (($page == 2) ? 1 : 0); $prv = (($page == 2) ? 1 : 0);
@ -247,7 +247,7 @@ function dfrn_dispatch_private($user, $postdata)
function dfrn_notify_content(App $a) { function dfrn_notify_content(App $a) {
if (x($_GET,'dfrn_id')) { if (!empty($_GET['dfrn_id'])) {
/* /*
* initial communication from external contact, $direction is their direction. * initial communication from external contact, $direction is their direction.
@ -256,7 +256,7 @@ function dfrn_notify_content(App $a) {
$dfrn_id = Strings::escapeTags(trim($_GET['dfrn_id'])); $dfrn_id = Strings::escapeTags(trim($_GET['dfrn_id']));
$dfrn_version = (float) $_GET['dfrn_version']; $dfrn_version = (float) $_GET['dfrn_version'];
$rino_remote = ((x($_GET,'rino')) ? intval($_GET['rino']) : 0); $rino_remote = (!empty($_GET['rino']) ? intval($_GET['rino']) : 0);
$type = ""; $type = "";
$last_update = ""; $last_update = "";
@ -370,7 +370,7 @@ function dfrn_notify_content(App $a) {
. "\t" . '<perm>' . $perm . '</perm>' . "\r\n" . "\t" . '<perm>' . $perm . '</perm>' . "\r\n"
. "\t" . '<dfrn_id>' . $encrypted_id . '</dfrn_id>' . "\r\n" . "\t" . '<dfrn_id>' . $encrypted_id . '</dfrn_id>' . "\r\n"
. "\t" . '<challenge>' . $challenge . '</challenge>' . "\r\n" . "\t" . '<challenge>' . $challenge . '</challenge>' . "\r\n"
. '</dfrn_notify>' . "\r\n" ; . '</dfrn_notify>' . "\r\n";
killme(); killme();
} }

View file

@ -31,7 +31,7 @@ function dfrn_poll_init(App $a)
$sec = defaults($_GET, 'sec' , ''); $sec = defaults($_GET, 'sec' , '');
$dfrn_version = (float) defaults($_GET, 'dfrn_version' , 2.0); $dfrn_version = (float) defaults($_GET, 'dfrn_version' , 2.0);
$perm = defaults($_GET, 'perm' , 'r'); $perm = defaults($_GET, 'perm' , 'r');
$quiet = x($_GET, 'quiet'); $quiet = !empty($_GET['quiet']);
// Possibly it is an OStatus compatible server that requests a user feed // Possibly it is an OStatus compatible server that requests a user feed
$user_agent = defaults($_SERVER, 'HTTP_USER_AGENT', ''); $user_agent = defaults($_SERVER, 'HTTP_USER_AGENT', '');
@ -51,7 +51,7 @@ function dfrn_poll_init(App $a)
$hidewall = false; $hidewall = false;
if (($dfrn_id === '') && (!x($_POST, 'dfrn_id'))) { if (($dfrn_id === '') && empty($_POST['dfrn_id'])) {
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) { if (Config::get('system', 'block_public') && !local_user() && !remote_user()) {
System::httpExit(403); System::httpExit(403);
} }
@ -113,7 +113,7 @@ function dfrn_poll_init(App $a)
if ((int)$xml->status === 1) { if ((int)$xml->status === 1) {
$_SESSION['authenticated'] = 1; $_SESSION['authenticated'] = 1;
if (!x($_SESSION, 'remote')) { if (empty($_SESSION['remote'])) {
$_SESSION['remote'] = []; $_SESSION['remote'] = [];
} }
@ -230,13 +230,13 @@ function dfrn_poll_init(App $a)
function dfrn_poll_post(App $a) function dfrn_poll_post(App $a)
{ {
$dfrn_id = x($_POST,'dfrn_id') ? $_POST['dfrn_id'] : ''; $dfrn_id = defaults($_POST, 'dfrn_id' , '');
$challenge = x($_POST,'challenge') ? $_POST['challenge'] : ''; $challenge = defaults($_POST, 'challenge', '');
$url = x($_POST,'url') ? $_POST['url'] : ''; $url = defaults($_POST, 'url' , '');
$sec = x($_POST,'sec') ? $_POST['sec'] : ''; $sec = defaults($_POST, 'sec' , '');
$ptype = x($_POST,'type') ? $_POST['type'] : ''; $ptype = defaults($_POST, 'type' , '');
$dfrn_version = x($_POST,'dfrn_version') ? (float) $_POST['dfrn_version'] : 2.0; $perm = defaults($_POST, 'perm' , 'r');
$perm = x($_POST,'perm') ? $_POST['perm'] : 'r'; $dfrn_version = !empty($_POST['dfrn_version']) ? (float) $_POST['dfrn_version'] : 2.0;
if ($ptype === 'profile-check') { if ($ptype === 'profile-check') {
if (strlen($challenge) && strlen($sec)) { if (strlen($challenge) && strlen($sec)) {
@ -399,14 +399,13 @@ function dfrn_poll_post(App $a)
function dfrn_poll_content(App $a) function dfrn_poll_content(App $a)
{ {
$dfrn_id = x($_GET,'dfrn_id') ? $_GET['dfrn_id'] : ''; $dfrn_id = defaults($_GET, 'dfrn_id' , '');
$type = x($_GET,'type') ? $_GET['type'] : 'data'; $type = defaults($_GET, 'type' , 'data');
$last_update = x($_GET,'last_update') ? $_GET['last_update'] : ''; $last_update = defaults($_GET, 'last_update' , '');
$destination_url = x($_GET,'destination_url') ? $_GET['destination_url'] : ''; $destination_url = defaults($_GET, 'destination_url', '');
$sec = x($_GET,'sec') ? $_GET['sec'] : ''; $sec = defaults($_GET, 'sec' , '');
$dfrn_version = x($_GET,'dfrn_version') ? (float) $_GET['dfrn_version'] : 2.0; $dfrn_version = !empty($_GET['dfrn_version']) ? (float) $_GET['dfrn_version'] : 2.0;
$perm = x($_GET,'perm') ? $_GET['perm'] : 'r'; $quiet = !empty($_GET['quiet']);
$quiet = x($_GET,'quiet') ? true : false;
$direction = -1; $direction = -1;
if (strpos($dfrn_id, ':') == 1) { if (strpos($dfrn_id, ':') == 1) {
@ -437,7 +436,7 @@ function dfrn_poll_content(App $a)
switch ($direction) { switch ($direction) {
case -1: case -1:
if ($type === 'profile') { if ($type === 'profile') {
$sql_extra = sprintf(" AND ( `dfrn-id` = '%s' OR `issued-id` = '%s' ) ", DBA::escape($dfrn_id), DBA::escape($dfrn_id)); $sql_extra = sprintf(" AND (`dfrn-id` = '%s' OR `issued-id` = '%s') ", DBA::escape($dfrn_id), DBA::escape($dfrn_id));
} else { } else {
$sql_extra = sprintf(" AND `issued-id` = '%s' ", DBA::escape($dfrn_id)); $sql_extra = sprintf(" AND `issued-id` = '%s' ", DBA::escape($dfrn_id));
} }
@ -524,7 +523,7 @@ function dfrn_poll_content(App $a)
if (((int) $xml->status == 0) && ($xml->challenge == $hash) && ($xml->sec == $sec)) { if (((int) $xml->status == 0) && ($xml->challenge == $hash) && ($xml->sec == $sec)) {
$_SESSION['authenticated'] = 1; $_SESSION['authenticated'] = 1;
if (!x($_SESSION, 'remote')) { if (empty($_SESSION['remote'])) {
$_SESSION['remote'] = []; $_SESSION['remote'] = [];
} }
@ -562,11 +561,7 @@ function dfrn_poll_content(App $a)
break; break;
default: default:
$appendix = (strstr($destination_url, '?') ? '&f=&redir=1' : '?f=&redir=1'); $appendix = (strstr($destination_url, '?') ? '&f=&redir=1' : '?f=&redir=1');
if (filter_var($url, FILTER_VALIDATE_URL)) { $a->redirect($destination_url . $appendix);
System::externalRedirect($destination_url . $appendix);
} else {
$a->internalRedirect($destination_url . $appendix);
}
break; break;
} }
// NOTREACHED // NOTREACHED

View file

@ -64,7 +64,7 @@ function dfrn_request_post(App $a)
return; return;
} }
if (x($_POST, 'cancel')) { if (!empty($_POST['cancel'])) {
$a->internalRedirect(); $a->internalRedirect();
} }
@ -73,18 +73,18 @@ function dfrn_request_post(App $a)
* to confirm the request, and then we've clicked submit (perhaps after logging in). * to confirm the request, and then we've clicked submit (perhaps after logging in).
* That brings us here: * That brings us here:
*/ */
if ((x($_POST, 'localconfirm')) && ($_POST['localconfirm'] == 1)) { if (!empty($_POST['localconfirm']) && ($_POST['localconfirm'] == 1)) {
// Ensure this is a valid request // Ensure this is a valid request
if (local_user() && ($a->user['nickname'] == $a->argv[1]) && (x($_POST, 'dfrn_url'))) { if (local_user() && ($a->user['nickname'] == $a->argv[1]) && !empty($_POST['dfrn_url'])) {
$dfrn_url = Strings::escapeTags(trim($_POST['dfrn_url'])); $dfrn_url = Strings::escapeTags(trim($_POST['dfrn_url']));
$aes_allow = (((x($_POST, 'aes_allow')) && ($_POST['aes_allow'] == 1)) ? 1 : 0); $aes_allow = !empty($_POST['aes_allow']);
$confirm_key = ((x($_POST, 'confirm_key')) ? $_POST['confirm_key'] : ""); $confirm_key = defaults($_POST, 'confirm_key', "");
$hidden = ((x($_POST, 'hidden-contact')) ? intval($_POST['hidden-contact']) : 0); $hidden = (!empty($_POST['hidden-contact']) ? intval($_POST['hidden-contact']) : 0);
$contact_record = null; $contact_record = null;
$blocked = 1; $blocked = 1;
$pending = 1; $pending = 1;
if (x($dfrn_url)) { if (!empty($dfrn_url)) {
// Lookup the contact based on their URL (which is the only unique thing we have at the moment) // Lookup the contact based on their URL (which is the only unique thing we have at the moment)
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `nurl` = '%s' AND NOT `self` LIMIT 1", $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `nurl` = '%s' AND NOT `self` LIMIT 1",
intval(local_user()), intval(local_user()),
@ -115,10 +115,10 @@ function dfrn_request_post(App $a)
notice(L10n::t('Profile location is not valid or does not contain profile information.') . EOL); notice(L10n::t('Profile location is not valid or does not contain profile information.') . EOL);
return; return;
} else { } else {
if (!x($parms, 'fn')) { if (empty($parms['fn'])) {
notice(L10n::t('Warning: profile location has no identifiable owner name.') . EOL); notice(L10n::t('Warning: profile location has no identifiable owner name.') . EOL);
} }
if (!x($parms, 'photo')) { if (empty($parms['photo'])) {
notice(L10n::t('Warning: profile location has no profile photo.') . EOL); notice(L10n::t('Warning: profile location has no profile photo.') . EOL);
} }
$invalid = Probe::validDfrn($parms); $invalid = Probe::validDfrn($parms);
@ -238,7 +238,7 @@ function dfrn_request_post(App $a)
$blocked = 1; $blocked = 1;
$pending = 1; $pending = 1;
if (x($_POST, 'dfrn_url')) { if (!empty($_POST['dfrn_url'])) {
// Block friend request spam // Block friend request spam
if ($maxreq) { if ($maxreq) {
$r = q("SELECT * FROM `intro` WHERE `datetime` > '%s' AND `uid` = %d", $r = q("SELECT * FROM `intro` WHERE `datetime` > '%s' AND `uid` = %d",
@ -270,7 +270,7 @@ function dfrn_request_post(App $a)
} }
} }
$real_name = x($_POST, 'realname') ? Strings::escapeTags(trim($_POST['realname'])) : ''; $real_name = !empty($_POST['realname']) ? Strings::escapeTags(trim($_POST['realname'])) : '';
$url = trim($_POST['dfrn_url']); $url = trim($_POST['dfrn_url']);
if (!strlen($url)) { if (!strlen($url)) {
@ -356,10 +356,10 @@ function dfrn_request_post(App $a)
notice(L10n::t('Profile location is not valid or does not contain profile information.') . EOL); notice(L10n::t('Profile location is not valid or does not contain profile information.') . EOL);
$a->internalRedirect($a->cmd); $a->internalRedirect($a->cmd);
} else { } else {
if (!x($parms, 'fn')) { if (empty($parms['fn'])) {
notice(L10n::t('Warning: profile location has no identifiable owner name.') . EOL); notice(L10n::t('Warning: profile location has no identifiable owner name.') . EOL);
} }
if (!x($parms, 'photo')) { if (empty($parms['photo'])) {
notice(L10n::t('Warning: profile location has no profile photo.') . EOL); notice(L10n::t('Warning: profile location has no profile photo.') . EOL);
} }
$invalid = Probe::validDfrn($parms); $invalid = Probe::validDfrn($parms);
@ -423,7 +423,7 @@ function dfrn_request_post(App $a)
VALUES ( %d, %d, 1, %d, '%s', '%s', '%s' )", VALUES ( %d, %d, 1, %d, '%s', '%s', '%s' )",
intval($uid), intval($uid),
intval($contact_record['id']), intval($contact_record['id']),
((x($_POST,'knowyou') && ($_POST['knowyou'] == 1)) ? 1 : 0), intval(!empty($_POST['knowyou'])),
DBA::escape(Strings::escapeTags(trim(defaults($_POST, 'dfrn-request-message', '')))), DBA::escape(Strings::escapeTags(trim(defaults($_POST, 'dfrn-request-message', '')))),
DBA::escape($hash), DBA::escape($hash),
DBA::escape(DateTimeFormat::utcNow()) DBA::escape(DateTimeFormat::utcNow())
@ -484,7 +484,7 @@ function dfrn_request_content(App $a)
// "Homecoming". Make sure we're logged in to this site as the correct user. Then offer a confirm button // "Homecoming". Make sure we're logged in to this site as the correct user. Then offer a confirm button
// to send us to the post section to record the introduction. // to send us to the post section to record the introduction.
if (x($_GET, 'dfrn_url')) { if (!empty($_GET['dfrn_url'])) {
if (!local_user()) { if (!local_user()) {
info(L10n::t("Please login to confirm introduction.") . EOL); info(L10n::t("Please login to confirm introduction.") . EOL);
/* setup the return URL to come back to this page if they use openid */ /* setup the return URL to come back to this page if they use openid */
@ -499,11 +499,11 @@ function dfrn_request_content(App $a)
} }
$dfrn_url = Strings::escapeTags(trim(hex2bin($_GET['dfrn_url']))); $dfrn_url = Strings::escapeTags(trim(hex2bin($_GET['dfrn_url'])));
$aes_allow = x($_GET, 'aes_allow') && $_GET['aes_allow'] == 1 ? 1 : 0; $aes_allow = !empty($_GET['aes_allow']);
$confirm_key = x($_GET, 'confirm_key') ? $_GET['confirm_key'] : ""; $confirm_key = defaults($_GET, 'confirm_key', "");
// Checking fastlane for validity // Checking fastlane for validity
if (x($_SESSION, "fastlane") && (Strings::normaliseLink($_SESSION["fastlane"]) == Strings::normaliseLink($dfrn_url))) { if (!empty($_SESSION['fastlane']) && (Strings::normaliseLink($_SESSION["fastlane"]) == Strings::normaliseLink($dfrn_url))) {
$_POST["dfrn_url"] = $dfrn_url; $_POST["dfrn_url"] = $dfrn_url;
$_POST["confirm_key"] = $confirm_key; $_POST["confirm_key"] = $confirm_key;
$_POST["localconfirm"] = 1; $_POST["localconfirm"] = 1;
@ -512,8 +512,7 @@ function dfrn_request_content(App $a)
dfrn_request_post($a); dfrn_request_post($a);
killme(); exit();
return; // NOTREACHED
} }
$tpl = Renderer::getMarkupTemplate("dfrn_req_confirm.tpl"); $tpl = Renderer::getMarkupTemplate("dfrn_req_confirm.tpl");
@ -521,7 +520,6 @@ function dfrn_request_content(App $a)
'$dfrn_url' => $dfrn_url, '$dfrn_url' => $dfrn_url,
'$aes_allow' => (($aes_allow) ? '<input type="hidden" name="aes_allow" value="1" />' : "" ), '$aes_allow' => (($aes_allow) ? '<input type="hidden" name="aes_allow" value="1" />' : "" ),
'$hidethem' => L10n::t('Hide this contact'), '$hidethem' => L10n::t('Hide this contact'),
'$hidechecked' => '',
'$confirm_key' => $confirm_key, '$confirm_key' => $confirm_key,
'$welcome' => L10n::t('Welcome home %s.', $a->user['username']), '$welcome' => L10n::t('Welcome home %s.', $a->user['username']),
'$please' => L10n::t('Please confirm your introduction/connection request to %s.', $dfrn_url), '$please' => L10n::t('Please confirm your introduction/connection request to %s.', $dfrn_url),
@ -531,7 +529,7 @@ function dfrn_request_content(App $a)
'dfrn_rawurl' => $_GET['dfrn_url'] 'dfrn_rawurl' => $_GET['dfrn_url']
]); ]);
return $o; return $o;
} elseif ((x($_GET, 'confirm_key')) && strlen($_GET['confirm_key'])) { } elseif (!empty($_GET['confirm_key'])) {
// we are the requestee and it is now safe to send our user their introduction, // we are the requestee and it is now safe to send our user their introduction,
// We could just unblock it, but first we have to jump through a few hoops to // We could just unblock it, but first we have to jump through a few hoops to
// send an email, or even to find out if we need to send an email. // send an email, or even to find out if we need to send an email.
@ -607,9 +605,9 @@ function dfrn_request_content(App $a)
// Try to auto-fill the profile address // Try to auto-fill the profile address
// At first look if an address was provided // At first look if an address was provided
// Otherwise take the local address // Otherwise take the local address
if (x($_GET, 'addr') && ($_GET['addr'] != "")) { if (!empty($_GET['addr'])) {
$myaddr = hex2bin($_GET['addr']); $myaddr = hex2bin($_GET['addr']);
} elseif (x($_GET, 'address') && ($_GET['address'] != "")) { } elseif (!empty($_GET['address'])) {
$myaddr = $_GET['address']; $myaddr = $_GET['address'];
} elseif (local_user()) { } elseif (local_user()) {
if (strlen($a->getURLPath())) { if (strlen($a->getURLPath())) {

View file

@ -30,7 +30,7 @@ function directory_init(App $a)
function directory_post(App $a) function directory_post(App $a)
{ {
if (x($_POST, 'search')) { if (!empty($_POST['search'])) {
$a->data['search'] = $_POST['search']; $a->data['search'] = $_POST['search'];
} }
} }
@ -47,10 +47,10 @@ function directory_content(App $a)
$o = ''; $o = '';
Nav::setSelected('directory'); Nav::setSelected('directory');
if (x($a->data, 'search')) { if (!empty($a->data['search'])) {
$search = Strings::escapeTags(trim($a->data['search'])); $search = Strings::escapeTags(trim($a->data['search']));
} else { } else {
$search = ((x($_GET, 'search')) ? Strings::escapeTags(trim(rawurldecode($_GET['search']))) : ''); $search = (!empty($_GET['search']) ? Strings::escapeTags(trim(rawurldecode($_GET['search']))) : '');
} }
$gdirpath = ''; $gdirpath = '';
@ -138,28 +138,28 @@ function directory_content(App $a)
} }
// if(strlen($rr['dob'])) { // if(strlen($rr['dob'])) {
// if(($years = age($rr['dob'],$rr['timezone'],'')) != 0) // if(($years = age($rr['dob'],$rr['timezone'],'')) != 0)
// $details .= '<br />' . L10n::t('Age: ') . $years ; // $details .= '<br />' . L10n::t('Age: ') . $years;
// } // }
// if(strlen($rr['gender'])) // if(strlen($rr['gender']))
// $details .= '<br />' . L10n::t('Gender: ') . $rr['gender']; // $details .= '<br />' . L10n::t('Gender: ') . $rr['gender'];
$profile = $rr; $profile = $rr;
if ((x($profile, 'address') == 1) if (!empty($profile['address'])
|| (x($profile, 'locality') == 1) || !empty($profile['locality'])
|| (x($profile, 'region') == 1) || !empty($profile['region'])
|| (x($profile, 'postal-code') == 1) || !empty($profile['postal-code'])
|| (x($profile, 'country-name') == 1) || !empty($profile['country-name'])
) { ) {
$location = L10n::t('Location:'); $location = L10n::t('Location:');
} else { } else {
$location = ''; $location = '';
} }
$gender = ((x($profile, 'gender') == 1) ? L10n::t('Gender:') : false); $gender = (!empty($profile['gender']) ? L10n::t('Gender:') : false);
$marital = ((x($profile, 'marital') == 1) ? L10n::t('Status:') : false); $marital = (!empty($profile['marital']) ? L10n::t('Status:') : false);
$homepage = ((x($profile, 'homepage') == 1) ? L10n::t('Homepage:') : false); $homepage = (!empty($profile['homepage']) ? L10n::t('Homepage:') : false);
$about = ((x($profile, 'about') == 1) ? L10n::t('About:') : false); $about = (!empty($profile['about']) ? L10n::t('About:') : false);
$location_e = $location; $location_e = $location;

View file

@ -30,7 +30,7 @@ function dirfind_init(App $a) {
return; return;
} }
if (! x($a->page,'aside')) { if (empty($a->page['aside'])) {
$a->page['aside'] = ''; $a->page['aside'] = '';
} }

View file

@ -22,9 +22,14 @@ use Friendica\Model\Profile;
use Friendica\Protocol\ActivityPub; use Friendica\Protocol\ActivityPub;
use Friendica\Protocol\DFRN; use Friendica\Protocol\DFRN;
use Friendica\Util\Strings; use Friendica\Util\Strings;
use Friendica\Module\Objects;
function display_init(App $a) function display_init(App $a)
{ {
if (ActivityPub::isRequest()) {
Objects::rawContent();
}
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) { if (Config::get('system', 'block_public') && !local_user() && !remote_user()) {
return; return;
} }
@ -47,6 +52,7 @@ function display_init(App $a)
} }
$item = null; $item = null;
$item_user = local_user();
$fields = ['id', 'parent', 'author-id', 'body', 'uid', 'guid']; $fields = ['id', 'parent', 'author-id', 'body', 'uid', 'guid'];
@ -60,6 +66,16 @@ function display_init(App $a)
if (DBA::isResult($item)) { if (DBA::isResult($item)) {
$nick = $a->user["nickname"]; $nick = $a->user["nickname"];
} }
// Is this item private but could be visible to the remove visitor?
} elseif (remote_user()) {
$item = Item::selectFirst($fields, ['guid' => $a->argv[1], 'private' => 1]);
if (DBA::isResult($item)) {
if (!Contact::isFollower(remote_user(), $item['uid'])) {
$item = null;
} else {
$item_user = $item['uid'];
}
}
} }
// Is it an item with uid=0? // Is it an item with uid=0?
@ -71,9 +87,7 @@ function display_init(App $a)
} }
if (!DBA::isResult($item)) { if (!DBA::isResult($item)) {
$a->error = 404; System::httpExit(404);
notice(L10n::t('Item not found.') . EOL);
return;
} }
if (!empty($_SERVER['HTTP_ACCEPT']) && strstr($_SERVER['HTTP_ACCEPT'], 'application/atom+xml')) { if (!empty($_SERVER['HTTP_ACCEPT']) && strstr($_SERVER['HTTP_ACCEPT'], 'application/atom+xml')) {
@ -81,10 +95,6 @@ function display_init(App $a)
displayShowFeed($item["id"], false); displayShowFeed($item["id"], false);
} }
if (ActivityPub::isRequest()) {
$a->internalRedirect(str_replace('display/', 'objects/', $a->query_string));
}
if ($item["id"] != $item["parent"]) { if ($item["id"] != $item["parent"]) {
$item = Item::selectFirstForUser(local_user(), $fields, ['id' => $item["parent"]]); $item = Item::selectFirstForUser(local_user(), $fields, ['id' => $item["parent"]]);
} }
@ -224,7 +234,7 @@ function display_content(App $a, $update = false, $update_uid = 0)
if ($a->argc == 2) { if ($a->argc == 2) {
$item_parent = 0; $item_parent = 0;
$fields = ['id', 'parent', 'parent-uri']; $fields = ['id', 'parent', 'parent-uri', 'uid'];
if (local_user()) { if (local_user()) {
$condition = ['guid' => $a->argv[1], 'uid' => local_user()]; $condition = ['guid' => $a->argv[1], 'uid' => local_user()];
@ -234,6 +244,13 @@ function display_content(App $a, $update = false, $update_uid = 0)
$item_parent = $item["parent"]; $item_parent = $item["parent"];
$item_parent_uri = $item['parent-uri']; $item_parent_uri = $item['parent-uri'];
} }
} elseif (remote_user()) {
$item = Item::selectFirst($fields, ['guid' => $a->argv[1], 'private' => 1]);
if (DBA::isResult($item) && Contact::isFollower(remote_user(), $item['uid'])) {
$item_id = $item["id"];
$item_parent = $item["parent"];
$item_parent_uri = $item['parent-uri'];
}
} }
if ($item_parent == 0) { if ($item_parent == 0) {
@ -249,9 +266,7 @@ function display_content(App $a, $update = false, $update_uid = 0)
} }
if (!$item_id) { if (!$item_id) {
$a->error = 404; System::httpExit(404);
notice(L10n::t('Item not found.').EOL);
return;
} }
// We are displaying an "alternate" link if that post was public. See issue 2864 // We are displaying an "alternate" link if that post was public. See issue 2864
@ -270,34 +285,23 @@ function display_content(App $a, $update = false, $update_uid = 0)
'$conversation' => $conversation]); '$conversation' => $conversation]);
$groups = []; $groups = [];
$remote_cid = null;
$contact = null;
$is_remote_contact = false; $is_remote_contact = false;
$item_uid = local_user();
$contact_id = 0; $parent = Item::selectFirst(['uid'], ['uri' => $item_parent_uri, 'wall' => true]);
if (DBA::isResult($parent)) {
if (x($_SESSION, 'remote') && is_array($_SESSION['remote'])) { $a->profile['uid'] = $parent['uid'];
foreach ($_SESSION['remote'] as $v) { $a->profile['profile_uid'] = $parent['uid'];
if ($v['uid'] == $a->profile['uid']) { $is_remote_contact = Contact::isFollower(remote_user(), $a->profile['profile_uid']);
$contact_id = $v['cid'];
break;
}
}
} }
if ($contact_id) { if ($is_remote_contact) {
$groups = Group::getIdsByContactId($contact_id); $cdata = Contact::getPublicAndUserContacID(remote_user(), $a->profile['profile_uid']);
$remote_contact = DBA::selectFirst('contact', [], ['id' => $contact_id, 'uid' => $a->profile['uid']]); if (!empty($cdata['user'])) {
if (DBA::isResult($remote_contact)) { $groups = Group::getIdsByContactId($cdata['user']);
$contact = $remote_contact; $remote_cid = $cdata['user'];
$is_remote_contact = true; $item_uid = $parent['uid'];
}
}
if (!$is_remote_contact) {
if (local_user()) {
$contact_id = $_SESSION['cid'];
$contact = $a->contact;
} }
} }
@ -307,7 +311,7 @@ function display_content(App $a, $update = false, $update_uid = 0)
} }
$is_owner = (local_user() && (in_array($a->profile['profile_uid'], [local_user(), 0])) ? true : false); $is_owner = (local_user() && (in_array($a->profile['profile_uid'], [local_user(), 0])) ? true : false);
if (x($a->profile, 'hidewall') && !$is_owner && !$is_remote_contact) { if (!empty($a->profile['hidewall']) && !$is_owner && !$is_remote_contact) {
notice(L10n::t('Access to this profile has been restricted.') . EOL); notice(L10n::t('Access to this profile has been restricted.') . EOL);
return; return;
} }
@ -327,10 +331,9 @@ function display_content(App $a, $update = false, $update_uid = 0)
]; ];
$o .= status_editor($a, $x, 0, true); $o .= status_editor($a, $x, 0, true);
} }
$sql_extra = Item::getPermissionsSQLByUserId($a->profile['profile_uid'], $is_remote_contact, $groups, $remote_cid);
$sql_extra = Item::getPermissionsSQLByUserId($a->profile['uid'], $is_remote_contact, $groups); if (local_user() && (local_user() == $a->profile['profile_uid'])) {
if (local_user() && (local_user() == $a->profile['uid'])) {
$condition = ['parent-uri' => $item_parent_uri, 'uid' => local_user(), 'unseen' => true]; $condition = ['parent-uri' => $item_parent_uri, 'uid' => local_user(), 'unseen' => true];
$unseen = Item::exists($condition); $unseen = Item::exists($condition);
} else { } else {
@ -341,13 +344,12 @@ function display_content(App $a, $update = false, $update_uid = 0)
return ''; return '';
} }
$condition = ["`id` = ? AND `item`.`uid` IN (0, ?) " . $sql_extra, $item_id, local_user()]; $condition = ["`id` = ? AND `item`.`uid` IN (0, ?) " . $sql_extra, $item_id, $item_uid];
$fields = ['parent-uri', 'body', 'title', 'author-name', 'author-avatar', 'plink']; $fields = ['parent-uri', 'body', 'title', 'author-name', 'author-avatar', 'plink'];
$item = Item::selectFirstForUser(local_user(), $fields, $condition); $item = Item::selectFirstForUser(local_user(), $fields, $condition);
if (!DBA::isResult($item)) { if (!DBA::isResult($item)) {
notice(L10n::t('Item not found.') . EOL); System::httpExit(404);
return $o;
} }
$item['uri'] = $item['parent-uri']; $item['uri'] = $item['parent-uri'];
@ -361,7 +363,7 @@ function display_content(App $a, $update = false, $update_uid = 0)
$o .= "<script> var netargs = '?f=&item_id=" . $item_id . "'; </script>"; $o .= "<script> var netargs = '?f=&item_id=" . $item_id . "'; </script>";
} }
$o .= conversation($a, [$item], new Pager($a->query_string), 'display', $update_uid, false, 'commented', local_user()); $o .= conversation($a, [$item], new Pager($a->query_string), 'display', $update_uid, false, 'commented', $item_uid);
// Preparing the meta header // Preparing the meta header
$description = trim(HTML::toPlaintext(BBCode::convert($item["body"], false), 0, true)); $description = trim(HTML::toPlaintext(BBCode::convert($item["body"], false), 0, true));

View file

@ -6,6 +6,7 @@ use Friendica\App;
use Friendica\Content\Feature; use Friendica\Content\Feature;
use Friendica\Core\Addon; use Friendica\Core\Addon;
use Friendica\Core\Config; use Friendica\Core\Config;
use Friendica\Core\Hook;
use Friendica\Core\L10n; use Friendica\Core\L10n;
use Friendica\Core\Renderer; use Friendica\Core\Renderer;
use Friendica\Core\System; use Friendica\Core\System;
@ -54,8 +55,6 @@ function editpost_content(App $a)
'$nickname' => $a->user['nickname'] '$nickname' => $a->user['nickname']
]); ]);
$tpl = Renderer::getMarkupTemplate("jot.tpl");
if (strlen($item['allow_cid']) || strlen($item['allow_gid']) || strlen($item['deny_cid']) || strlen($item['deny_gid'])) { if (strlen($item['allow_cid']) || strlen($item['allow_gid']) || strlen($item['deny_cid']) || strlen($item['deny_gid'])) {
$lockstate = 'lock'; $lockstate = 'lock';
} else { } else {
@ -84,9 +83,9 @@ function editpost_content(App $a)
} }
} }
Addon::callHooks('jot_tool', $jotplugins); Hook::callAll('jot_tool', $jotplugins);
//Addon::callHooks('jot_networks', $jotnets);
$tpl = Renderer::getMarkupTemplate("jot.tpl");
$o .= Renderer::replaceMacros($tpl, [ $o .= Renderer::replaceMacros($tpl, [
'$is_edit' => true, '$is_edit' => true,
'$return_path' => '/display/' . $item['guid'], '$return_path' => '/display/' . $item['guid'],
@ -119,7 +118,7 @@ function editpost_content(App $a)
'$emailcc' => L10n::t('CC: email addresses'), '$emailcc' => L10n::t('CC: email addresses'),
'$public' => L10n::t('Public post'), '$public' => L10n::t('Public post'),
'$jotnets' => $jotnets, '$jotnets' => $jotnets,
'$title' => htmlspecialchars($item['title']), '$title' => $item['title'],
'$placeholdertitle' => L10n::t('Set title'), '$placeholdertitle' => L10n::t('Set title'),
'$category' => FileTag::fileToList($item['file'], 'category'), '$category' => FileTag::fileToList($item['file'], 'category'),
'$placeholdercategory' => (Feature::isEnabled(local_user(),'categories') ? L10n::t("Categories \x28comma-separated list\x29") : ''), '$placeholdercategory' => (Feature::isEnabled(local_user(),'categories') ? L10n::t("Categories \x28comma-separated list\x29") : ''),

View file

@ -97,13 +97,23 @@ function events_post(App $a)
// and we'll waste a bunch of time responding to it. Time that // and we'll waste a bunch of time responding to it. Time that
// could've been spent doing something else. // could've been spent doing something else.
$summary = Strings::escapeHtml(trim(defaults($_POST, 'summary', ''))); $summary = trim(defaults($_POST, 'summary' , ''));
$desc = Strings::escapeHtml(trim(defaults($_POST, 'desc', ''))); $desc = trim(defaults($_POST, 'desc' , ''));
$location = Strings::escapeHtml(trim(defaults($_POST, 'location', ''))); $location = trim(defaults($_POST, 'location', ''));
$type = 'event'; $type = 'event';
$action = ($event_id == '') ? 'new' : "event/" . $event_id; $params = [
$onerror_path = "events/" . $action . "?summary=$summary&description=$desc&location=$location&start=$start_text&finish=$finish_text&adjust=$adjust&nofinish=$nofinish"; 'summary' => $summary,
'description' => $desc,
'location' => $location,
'start' => $start_text,
'finish' => $finish_text,
'adjust' => $adjust,
'nofinish' => $nofinish,
];
$action = ($event_id == '') ? 'new' : 'event/' . $event_id;
$onerror_path = 'events/' . $action . '?' . http_build_query($params, null, null, PHP_QUERY_RFC3986);
if (strcmp($finish, $start) < 0 && !$nofinish) { if (strcmp($finish, $start) < 0 && !$nofinish) {
notice(L10n::t('Event can not end before it has started.') . EOL); notice(L10n::t('Event can not end before it has started.') . EOL);
@ -137,10 +147,10 @@ function events_post(App $a)
if ($share) { if ($share) {
$str_group_allow = !empty($_POST['group_allow']) ? perms2str($_POST['group_allow']) : ''; $str_group_allow = perms2str(defaults($_POST, 'group_allow' , ''));
$str_contact_allow = !empty($_POST['contact_allow']) ? perms2str($_POST['contact_allow']) : ''; $str_contact_allow = perms2str(defaults($_POST, 'contact_allow', ''));
$str_group_deny = !empty($_POST['group_deny']) ? perms2str($_POST['group_deny']) : ''; $str_group_deny = perms2str(defaults($_POST, 'group_deny' , ''));
$str_contact_deny = !empty($_POST['contact_deny']) ? perms2str($_POST['contact_deny']) : ''; $str_contact_deny = perms2str(defaults($_POST, 'contact_deny' , ''));
// Undo the pseudo-contact of self, since there are real contacts now // Undo the pseudo-contact of self, since there are real contacts now
if (strpos($str_contact_allow, '<' . $self . '>') !== false) { if (strpos($str_contact_allow, '<' . $self . '>') !== false) {
@ -181,7 +191,7 @@ function events_post(App $a)
if (intval($_REQUEST['preview'])) { if (intval($_REQUEST['preview'])) {
$html = Event::getHTML($datarray); $html = Event::getHTML($datarray);
echo $html; echo $html;
killme(); exit();
} }
$item_id = Event::store($datarray); $item_id = Event::store($datarray);
@ -364,8 +374,9 @@ function events_content(App $a)
} }
if ($a->argc > 1 && $a->argv[1] === 'json') { if ($a->argc > 1 && $a->argv[1] === 'json') {
header('Content-Type: application/json');
echo json_encode($events); echo json_encode($events);
killme(); exit();
} }
if (!empty($_GET['id'])) { if (!empty($_GET['id'])) {

View file

@ -27,7 +27,7 @@ function fbrowser_content(App $a)
$template_file = "filebrowser.tpl"; $template_file = "filebrowser.tpl";
$mode = ""; $mode = "";
if (x($_GET, 'mode')) { if (!empty($_GET['mode'])) {
$mode = "?mode=".$_GET['mode']; $mode = "?mode=".$_GET['mode'];
} }
@ -142,7 +142,7 @@ function fbrowser_content(App $a)
break; break;
} }
if (x($_GET, 'mode')) { if (!empty($_GET['mode'])) {
return $o; return $o;
} else { } else {
echo $o; echo $o;

View file

@ -18,8 +18,7 @@ function fetch_init(App $a)
{ {
if (($a->argc != 3) || (!in_array($a->argv[1], ["post", "status_message", "reshare"]))) { if (($a->argc != 3) || (!in_array($a->argv[1], ["post", "status_message", "reshare"]))) {
header($_SERVER["SERVER_PROTOCOL"].' 404 '.L10n::t('Not Found')); System::httpExit(404);
killme();
} }
$guid = $a->argv[2]; $guid = $a->argv[2];
@ -45,15 +44,13 @@ function fetch_init(App $a)
} }
} }
header($_SERVER["SERVER_PROTOCOL"].' 404 '.L10n::t('Not Found')); System::httpExit(404);
killme();
} }
// Fetch some data from the author (We could combine both queries - but I think this is more readable) // Fetch some data from the author (We could combine both queries - but I think this is more readable)
$user = User::getOwnerDataById($item["uid"]); $user = User::getOwnerDataById($item["uid"]);
if (!$user) { if (!$user) {
header($_SERVER["SERVER_PROTOCOL"].' 404 '.L10n::t('Not Found')); System::httpExit(404);
killme();
} }
$status = Diaspora::buildStatus($item, $user); $status = Diaspora::buildStatus($item, $user);

View file

@ -144,11 +144,8 @@ function follow_content(App $a)
$r[0]['about'] = ''; $r[0]['about'] = '';
} }
$header = L10n::t('Connect/Follow');
$o = Renderer::replaceMacros($tpl, [ $o = Renderer::replaceMacros($tpl, [
'$header' => htmlentities($header), '$header' => L10n::t('Connect/Follow'),
//'$photo' => ProxyUtils::proxifyUrl($ret['photo'], false, ProxyUtils::SIZE_SMALL),
'$desc' => '', '$desc' => '',
'$pls_answer' => L10n::t('Please answer the following:'), '$pls_answer' => L10n::t('Please answer the following:'),
'$does_know_you' => ['knowyou', L10n::t('Does %s know you?', $ret['name']), false, '', [L10n::t('No'), L10n::t('Yes')]], '$does_know_you' => ['knowyou', L10n::t('Does %s know you?', $ret['name']), false, '', [L10n::t('No'), L10n::t('Yes')]],
@ -170,13 +167,6 @@ function follow_content(App $a)
'$url_label' => L10n::t('Profile URL'), '$url_label' => L10n::t('Profile URL'),
'$myaddr' => $myaddr, '$myaddr' => $myaddr,
'$request' => $request, '$request' => $request,
/*
* @TODO commented out?
'$location' => Friendica\Content\Text\BBCode::::convert($r[0]['location']),
'$location_label'=> L10n::t('Location:'),
'$about' => Friendica\Content\Text\BBCode::::convert($r[0]['about'], false, false),
'$about_label' => L10n::t('About:'),
*/
'$keywords' => $r[0]['keywords'], '$keywords' => $r[0]['keywords'],
'$keywords_label'=> L10n::t('Tags:') '$keywords_label'=> L10n::t('Tags:')
]); ]);

View file

@ -22,7 +22,7 @@ function friendica_init(App $a)
} }
$sql_extra = ''; $sql_extra = '';
if (x($a->config, 'admin_nickname')) { if (!empty($a->config['admin_nickname'])) {
$sql_extra = sprintf(" AND `nickname` = '%s' ", DBA::escape(Config::get('config', 'admin_nickname'))); $sql_extra = sprintf(" AND `nickname` = '%s' ", DBA::escape(Config::get('config', 'admin_nickname')));
} }
if (!empty(Config::get('config', 'admin_email'))) { if (!empty(Config::get('config', 'admin_email'))) {
@ -41,7 +41,7 @@ function friendica_init(App $a)
Config::load('feature_lock'); Config::load('feature_lock');
$locked_features = []; $locked_features = [];
if (!empty($a->config['feature_lock']) && count($a->config['feature_lock'])) { if (!empty($a->config['feature_lock'])) {
foreach ($a->config['feature_lock'] as $k => $v) { foreach ($a->config['feature_lock'] as $k => $v) {
if ($k === 'config_loaded') { if ($k === 'config_loaded') {
continue; continue;

View file

@ -29,27 +29,27 @@ function hcard_init(App $a)
Profile::load($a, $which, $profile); Profile::load($a, $which, $profile);
if ((x($a->profile, 'page-flags')) && ($a->profile['page-flags'] == Contact::PAGE_COMMUNITY)) { if (!empty($a->profile['page-flags']) && ($a->profile['page-flags'] == Contact::PAGE_COMMUNITY)) {
$a->page['htmlhead'] .= '<meta name="friendica.community" content="true" />'; $a->page['htmlhead'] .= '<meta name="friendica.community" content="true" />';
} }
if (x($a->profile, 'openidserver')) { if (!empty($a->profile['openidserver'])) {
$a->page['htmlhead'] .= '<link rel="openid.server" href="' . $a->profile['openidserver'] . '" />' . "\r\n"; $a->page['htmlhead'] .= '<link rel="openid.server" href="' . $a->profile['openidserver'] . '" />' . "\r\n";
} }
if (x($a->profile, 'openid')) { if (!empty($a->profile['openid'])) {
$delegate = ((strstr($a->profile['openid'], '://')) ? $a->profile['openid'] : 'http://' . $a->profile['openid']); $delegate = ((strstr($a->profile['openid'], '://')) ? $a->profile['openid'] : 'http://' . $a->profile['openid']);
$a->page['htmlhead'] .= '<link rel="openid.delegate" href="' . $delegate . '" />' . "\r\n"; $a->page['htmlhead'] .= '<link rel="openid.delegate" href="' . $delegate . '" />' . "\r\n";
} }
if (!$blocked) { if (!$blocked) {
$keywords = ((x($a->profile, 'pub_keywords')) ? $a->profile['pub_keywords'] : ''); $keywords = defaults($a->profile, 'pub_keywords', '');
$keywords = str_replace([',',' ',',,'], [' ',',',','], $keywords); $keywords = str_replace([',',' ',',,'], [' ',',',','], $keywords);
if (strlen($keywords)) { if (strlen($keywords)) {
$a->page['htmlhead'] .= '<meta name="keywords" content="' . $keywords . '" />' . "\r\n" ; $a->page['htmlhead'] .= '<meta name="keywords" content="' . $keywords . '" />' . "\r\n";
} }
} }
$a->page['htmlhead'] .= '<meta name="dfrn-global-visibility" content="' . (($a->profile['net-publish']) ? 'true' : 'false') . '" />' . "\r\n" ; $a->page['htmlhead'] .= '<meta name="dfrn-global-visibility" content="' . (($a->profile['net-publish']) ? 'true' : 'false') . '" />' . "\r\n";
$a->page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . System::baseUrl() . '/dfrn_poll/' . $which .'" />' . "\r\n" ; $a->page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . System::baseUrl() . '/dfrn_poll/' . $which .'" />' . "\r\n";
$uri = urlencode('acct:' . $a->profile['nickname'] . '@' . $a->getHostName() . (($a->getURLPath()) ? '/' . $a->getURLPath() : '')); $uri = urlencode('acct:' . $a->profile['nickname'] . '@' . $a->getHostName() . (($a->getURLPath()) ? '/' . $a->getURLPath() : ''));
$a->page['htmlhead'] .= '<link rel="lrdd" type="application/xrd+xml" href="' . System::baseUrl() . '/xrd/?uri=' . $uri . '" />' . "\r\n"; $a->page['htmlhead'] .= '<link rel="lrdd" type="application/xrd+xml" href="' . System::baseUrl() . '/xrd/?uri=' . $uri . '" />' . "\r\n";
header('Link: <' . System::baseUrl() . '/xrd/?uri=' . $uri . '>; rel="lrdd"; type="application/xrd+xml"', false); header('Link: <' . System::baseUrl() . '/xrd/?uri=' . $uri . '>; rel="lrdd"; type="application/xrd+xml"', false);

View file

@ -29,10 +29,10 @@ function home_init(App $a) {
if(! function_exists('home_content')) { if(! function_exists('home_content')) {
function home_content(App $a) { function home_content(App $a) {
if (x($_SESSION,'theme')) { if (!empty($_SESSION['theme'])) {
unset($_SESSION['theme']); unset($_SESSION['theme']);
} }
if (x($_SESSION,'mobile-theme')) { if (!empty($_SESSION['mobile-theme'])) {
unset($_SESSION['mobile-theme']); unset($_SESSION['mobile-theme']);
} }

View file

@ -96,20 +96,20 @@ function hovercard_content()
// Move the contact data to the profile array so we can deliver it to // Move the contact data to the profile array so we can deliver it to
$profile = [ $profile = [
'name' => $contact['name'], 'name' => $contact['name'],
'nick' => $contact['nick'], 'nick' => $contact['nick'],
'addr' => defaults($contact, 'addr', $contact['url']), 'addr' => defaults($contact, 'addr', $contact['url']),
'thumb' => ProxyUtils::proxifyUrl($contact['thumb'], false, ProxyUtils::SIZE_THUMB), 'thumb' => ProxyUtils::proxifyUrl($contact['thumb'], false, ProxyUtils::SIZE_THUMB),
'url' => Contact::magicLink($contact['url']), 'url' => Contact::magicLink($contact['url']),
'nurl' => $contact['nurl'], // We additionally store the nurl as identifier 'nurl' => $contact['nurl'], // We additionally store the nurl as identifier
'location' => $contact['location'], 'location' => $contact['location'],
'gender' => $contact['gender'], 'gender' => $contact['gender'],
'about' => $contact['about'], 'about' => $contact['about'],
'network' => Strings::formatNetworkName($contact['network'], $contact['url']), 'network_link' => Strings::formatNetworkName($contact['network'], $contact['url']),
'tags' => $contact['keywords'], 'tags' => $contact['keywords'],
'bd' => $contact['birthday'] <= DBA::NULL_DATE ? '' : $contact['birthday'], 'bd' => $contact['birthday'] <= DBA::NULL_DATE ? '' : $contact['birthday'],
'account_type' => Contact::getAccountType($contact), 'account_type' => Contact::getAccountType($contact),
'actions' => $actions, 'actions' => $actions,
]; ];
if ($datatype == 'html') { if ($datatype == 'html') {
$tpl = Renderer::getMarkupTemplate('hovercard.tpl'); $tpl = Renderer::getMarkupTemplate('hovercard.tpl');

View file

@ -166,7 +166,7 @@ function item_post(App $a) {
// Now check that valid personal details have been provided // Now check that valid personal details have been provided
if (!Security::canWriteToUserWall($profile_uid) && !$allow_comment) { if (!Security::canWriteToUserWall($profile_uid) && !$allow_comment) {
notice(L10n::t('Permission denied.') . EOL) ; notice(L10n::t('Permission denied.') . EOL);
if (!empty($_REQUEST['return'])) { if (!empty($_REQUEST['return'])) {
$a->internalRedirect($return_path); $a->internalRedirect($return_path);
@ -690,7 +690,7 @@ function item_post(App $a) {
} }
$json = ['cancel' => 1]; $json = ['cancel' => 1];
if (!empty($_REQUEST['jsreload']) && strlen($_REQUEST['jsreload'])) { if (!empty($_REQUEST['jsreload'])) {
$json['reload'] = System::baseUrl() . '/' . $_REQUEST['jsreload']; $json['reload'] = System::baseUrl() . '/' . $_REQUEST['jsreload'];
} }
@ -869,7 +869,7 @@ function item_post_return($baseurl, $api_source, $return_path)
} }
$json = ['success' => 1]; $json = ['success' => 1];
if (!empty($_REQUEST['jsreload']) && strlen($_REQUEST['jsreload'])) { if (!empty($_REQUEST['jsreload'])) {
$json['reload'] = $baseurl . '/' . $_REQUEST['jsreload']; $json['reload'] = $baseurl . '/' . $_REQUEST['jsreload'];
} }

View file

@ -27,7 +27,7 @@ function like_content(App $a) {
} }
// See if we've been passed a return path to redirect to // See if we've been passed a return path to redirect to
$return_path = ((x($_REQUEST,'return')) ? $_REQUEST['return'] : ''); $return_path = defaults($_REQUEST, 'return', '');
like_content_return($a, $return_path); like_content_return($a, $return_path);
killme(); // NOTREACHED killme(); // NOTREACHED

View file

@ -42,7 +42,7 @@ function localtime_content(App $a)
$o .= '<p>' . L10n::t('Current timezone: %s', $_REQUEST['timezone']) . '</p>'; $o .= '<p>' . L10n::t('Current timezone: %s', $_REQUEST['timezone']) . '</p>';
} }
if (x($a->data, 'mod-localtime')) { if (!empty($a->data['mod-localtime'])) {
$o .= '<p>' . L10n::t('Converted localtime: %s', $a->data['mod-localtime']) . '</p>'; $o .= '<p>' . L10n::t('Converted localtime: %s', $a->data['mod-localtime']) . '</p>';
} }

View file

@ -21,7 +21,7 @@ function manage_post(App $a) {
$uid = local_user(); $uid = local_user();
$orig_record = $a->user; $orig_record = $a->user;
if((x($_SESSION,'submanage')) && intval($_SESSION['submanage'])) { if(!empty($_SESSION['submanage'])) {
$r = q("select * from user where uid = %d limit 1", $r = q("select * from user where uid = %d limit 1",
intval($_SESSION['submanage']) intval($_SESSION['submanage'])
); );
@ -37,7 +37,7 @@ function manage_post(App $a) {
$submanage = $r; $submanage = $r;
$identity = (x($_POST['identity']) ? intval($_POST['identity']) : 0); $identity = (!empty($_POST['identity']) ? intval($_POST['identity']) : 0);
if (!$identity) { if (!$identity) {
return; return;
} }
@ -101,13 +101,13 @@ function manage_post(App $a) {
unset($_SESSION['mobile-theme']); unset($_SESSION['mobile-theme']);
unset($_SESSION['page_flags']); unset($_SESSION['page_flags']);
unset($_SESSION['return_path']); unset($_SESSION['return_path']);
if (x($_SESSION, 'submanage')) { if (!empty($_SESSION['submanage'])) {
unset($_SESSION['submanage']); unset($_SESSION['submanage']);
} }
if (x($_SESSION, 'sysmsg')) { if (!empty($_SESSION['sysmsg'])) {
unset($_SESSION['sysmsg']); unset($_SESSION['sysmsg']);
} }
if (x($_SESSION, 'sysmsg_info')) { if (!empty($_SESSION['sysmsg_info'])) {
unset($_SESSION['sysmsg_info']); unset($_SESSION['sysmsg_info']);
} }

View file

@ -59,10 +59,10 @@ function message_post(App $a)
return; return;
} }
$replyto = x($_REQUEST, 'replyto') ? Strings::escapeTags(trim($_REQUEST['replyto'])) : ''; $replyto = !empty($_REQUEST['replyto']) ? Strings::escapeTags(trim($_REQUEST['replyto'])) : '';
$subject = x($_REQUEST, 'subject') ? Strings::escapeTags(trim($_REQUEST['subject'])) : ''; $subject = !empty($_REQUEST['subject']) ? Strings::escapeTags(trim($_REQUEST['subject'])) : '';
$body = x($_REQUEST, 'body') ? Strings::escapeHtml(trim($_REQUEST['body'])) : ''; $body = !empty($_REQUEST['body']) ? Strings::escapeHtml(trim($_REQUEST['body'])) : '';
$recipient = x($_REQUEST, 'messageto') ? intval($_REQUEST['messageto']) : 0; $recipient = !empty($_REQUEST['messageto']) ? intval($_REQUEST['messageto']) : 0;
$ret = Mail::send($recipient, $body, $subject, $replyto); $ret = Mail::send($recipient, $body, $subject, $replyto);
$norecip = false; $norecip = false;
@ -247,22 +247,22 @@ function message_content(App $a)
$tpl = Renderer::getMarkupTemplate('prv_message.tpl'); $tpl = Renderer::getMarkupTemplate('prv_message.tpl');
$o .= Renderer::replaceMacros($tpl, [ $o .= Renderer::replaceMacros($tpl, [
'$header' => L10n::t('Send Private Message'), '$header' => L10n::t('Send Private Message'),
'$to' => L10n::t('To:'), '$to' => L10n::t('To:'),
'$showinputs' => 'true', '$showinputs' => 'true',
'$prefill' => $prefill, '$prefill' => $prefill,
'$preid' => $preid, '$preid' => $preid,
'$subject' => L10n::t('Subject:'), '$subject' => L10n::t('Subject:'),
'$subjtxt' => x($_REQUEST, 'subject') ? strip_tags($_REQUEST['subject']) : '', '$subjtxt' => defaults($_REQUEST, 'subject', ''),
'$text' => x($_REQUEST, 'body') ? Strings::escapeHtml(htmlspecialchars($_REQUEST['body'])) : '', '$text' => defaults($_REQUEST, 'body', ''),
'$readonly' => '', '$readonly' => '',
'$yourmessage' => L10n::t('Your message:'), '$yourmessage'=> L10n::t('Your message:'),
'$select' => $select, '$select' => $select,
'$parent' => '', '$parent' => '',
'$upload' => L10n::t('Upload photo'), '$upload' => L10n::t('Upload photo'),
'$insert' => L10n::t('Insert web link'), '$insert' => L10n::t('Insert web link'),
'$wait' => L10n::t('Please wait'), '$wait' => L10n::t('Please wait'),
'$submit' => L10n::t('Submit') '$submit' => L10n::t('Submit')
]); ]);
return $o; return $o;
} }
@ -431,24 +431,56 @@ function message_content(App $a)
} }
} }
function get_messages($user, $lstart, $lend) /**
* @param int $uid
* @param int $start
* @param int $limit
* @return array
*/
function get_messages($uid, $start, $limit)
{ {
//TODO: rewritte with a sub-query to get the first message of each private thread with certainty return DBA::toArray(DBA::p('SELECT
return q("SELECT max(`mail`.`created`) AS `mailcreated`, min(`mail`.`seen`) AS `mailseen`, m.`id`,
ANY_VALUE(`mail`.`id`) AS `id`, ANY_VALUE(`mail`.`uid`) AS `uid`, ANY_VALUE(`mail`.`guid`) AS `guid`, m.`uid`,
ANY_VALUE(`mail`.`from-name`) AS `from-name`, ANY_VALUE(`mail`.`from-photo`) AS `from-photo`, m.`guid`,
ANY_VALUE(`mail`.`from-url`) AS `from-url`, ANY_VALUE(`mail`.`contact-id`) AS `contact-id`, m.`from-name`,
ANY_VALUE(`mail`.`convid`) AS `convid`, ANY_VALUE(`mail`.`title`) AS `title`, ANY_VALUE(`mail`.`body`) AS `body`, m.`from-photo`,
ANY_VALUE(`mail`.`seen`) AS `seen`, ANY_VALUE(`mail`.`reply`) AS `reply`, ANY_VALUE(`mail`.`replied`) AS `replied`, m.`from-url`,
ANY_VALUE(`mail`.`unknown`) AS `unknown`, ANY_VALUE(`mail`.`uri`) AS `uri`, m.`contact-id`,
`mail`.`parent-uri`, m.`convid`,
ANY_VALUE(`mail`.`created`) AS `created`, ANY_VALUE(`contact`.`name`) AS `name`, ANY_VALUE(`contact`.`url`) AS `url`, m.`title`,
ANY_VALUE(`contact`.`thumb`) AS `thumb`, ANY_VALUE(`contact`.`network`) AS `network`, m.`body`,
count( * ) as `count` m.`seen`,
FROM `mail` LEFT JOIN `contact` ON `mail`.`contact-id` = `contact`.`id` m.`reply`,
WHERE `mail`.`uid` = %d GROUP BY `parent-uri` ORDER BY `mailcreated` DESC LIMIT %d , %d ", m.`replied`,
intval($user), intval($lstart), intval($lend) m.`unknown`,
); m.`uri`,
m.`parent-uri`,
m.`created`,
c.`name`,
c.`url`,
c.`thumb`,
c.`network`,
m2.`count`,
m2.`mailcreated`,
m2.`mailseen`
FROM `mail` m
JOIN (
SELECT
`parent-uri`,
MIN(`id`) AS `id`,
COUNT(*) AS `count`,
MAX(`created`) AS `mailcreated`,
MIN(`seen`) AS `mailseen`
FROM `mail`
WHERE `uid` = ?
GROUP BY `parent-uri`
) m2 ON m.`parent-uri` = m2.`parent-uri` AND m.`id` = m2.`id`
LEFT JOIN `contact` c ON m.`contact-id` = c.`id`
WHERE m.`uid` = ?
ORDER BY m2.`mailcreated` DESC
LIMIT ?, ?'
, $uid, $uid, $start, $limit));
} }
function render_messages(array $msg, $t) function render_messages(array $msg, $t)

View file

@ -28,7 +28,7 @@ function modexp_init(App $a) {
$e = $r[0]->asnData[1]->asnData[0]->asnData[1]->asnData; $e = $r[0]->asnData[1]->asnData[0]->asnData[1]->asnData;
header("Content-type: application/magic-public-key"); header("Content-type: application/magic-public-key");
echo 'RSA' . '.' . $m . '.' . $e ; echo 'RSA' . '.' . $m . '.' . $e;
killme(); killme();

View file

@ -42,19 +42,19 @@ function network_init(App $a)
Hook::add('head', __FILE__, 'network_infinite_scroll_head'); Hook::add('head', __FILE__, 'network_infinite_scroll_head');
$search = (x($_GET, 'search') ? Strings::escapeHtml($_GET['search']) : ''); $search = (!empty($_GET['search']) ? Strings::escapeHtml($_GET['search']) : '');
if (($search != '') && !empty($_GET['submit'])) { if (($search != '') && !empty($_GET['submit'])) {
$a->internalRedirect('search?search=' . urlencode($search)); $a->internalRedirect('search?search=' . urlencode($search));
} }
if (x($_GET, 'save')) { if (!empty($_GET['save'])) {
$exists = DBA::exists('search', ['uid' => local_user(), 'term' => $search]); $exists = DBA::exists('search', ['uid' => local_user(), 'term' => $search]);
if (!$exists) { if (!$exists) {
DBA::insert('search', ['uid' => local_user(), 'term' => $search]); DBA::insert('search', ['uid' => local_user(), 'term' => $search]);
} }
} }
if (x($_GET, 'remove')) { if (!empty($_GET['remove'])) {
DBA::delete('search', ['uid' => local_user(), 'term' => $search]); DBA::delete('search', ['uid' => local_user(), 'term' => $search]);
} }
@ -63,9 +63,9 @@ function network_init(App $a)
$group_id = (($a->argc > 1 && is_numeric($a->argv[1])) ? intval($a->argv[1]) : 0); $group_id = (($a->argc > 1 && is_numeric($a->argv[1])) ? intval($a->argv[1]) : 0);
$cid = 0; $cid = 0;
if (x($_GET, 'cid') && intval($_GET['cid']) != 0) { if (!empty($_GET['cid'])) {
$cid = $_GET['cid']; $cid = $_GET['cid'];
$_GET['nets'] = 'all'; $_GET['nets'] = '';
$group_id = 0; $group_id = 0;
} }
@ -86,7 +86,7 @@ function network_init(App $a)
// fetch last used network view and redirect if needed // fetch last used network view and redirect if needed
if (!$is_a_date_query) { if (!$is_a_date_query) {
$sel_nets = defaults($_GET, 'nets', false); $sel_nets = defaults($_GET, 'nets', '');
$sel_tabs = network_query_get_sel_tab($a); $sel_tabs = network_query_get_sel_tab($a);
$sel_groups = network_query_get_sel_group($a); $sel_groups = network_query_get_sel_group($a);
$last_sel_tabs = PConfig::get(local_user(), 'network.view', 'tab.selected'); $last_sel_tabs = PConfig::get(local_user(), 'network.view', 'tab.selected');
@ -137,7 +137,7 @@ function network_init(App $a)
} }
} }
if ($sel_nets !== false) { if ($sel_nets) {
$net_args['nets'] = $sel_nets; $net_args['nets'] = $sel_nets;
} }
@ -151,34 +151,29 @@ function network_init(App $a)
} }
} }
// If nets is set to all, unset it if (empty($a->page['aside'])) {
if (x($_GET, 'nets') && $_GET['nets'] === 'all') {
unset($_GET['nets']);
}
if (!x($a->page, 'aside')) {
$a->page['aside'] = ''; $a->page['aside'] = '';
} }
$a->page['aside'] .= Group::sidebarWidget('network/0', 'network', 'standard', $group_id); $a->page['aside'] .= Group::sidebarWidget('network/0', 'network', 'standard', $group_id);
$a->page['aside'] .= ForumManager::widget(local_user(), $cid); $a->page['aside'] .= ForumManager::widget(local_user(), $cid);
$a->page['aside'] .= posted_date_widget('network', local_user(), false); $a->page['aside'] .= posted_date_widget('network', local_user(), false);
$a->page['aside'] .= Widget::networks('network', (x($_GET, 'nets') ? $_GET['nets'] : '')); $a->page['aside'] .= Widget::networks('network', defaults($_GET, 'nets', '') );
$a->page['aside'] .= saved_searches($search); $a->page['aside'] .= saved_searches($search);
$a->page['aside'] .= Widget::fileAs('network', (x($_GET, 'file') ? $_GET['file'] : '')); $a->page['aside'] .= Widget::fileAs('network', defaults($_GET, 'file', '') );
} }
function saved_searches($search) function saved_searches($search)
{ {
$srchurl = '/network?f=' $srchurl = '/network?f='
. ((x($_GET, 'cid')) ? '&cid=' . rawurlencode($_GET['cid']) : '') . (!empty($_GET['cid']) ? '&cid=' . rawurlencode($_GET['cid']) : '')
. ((x($_GET, 'star')) ? '&star=' . rawurlencode($_GET['star']) : '') . (!empty($_GET['star']) ? '&star=' . rawurlencode($_GET['star']) : '')
. ((x($_GET, 'bmark')) ? '&bmark=' . rawurlencode($_GET['bmark']) : '') . (!empty($_GET['bmark']) ? '&bmark=' . rawurlencode($_GET['bmark']) : '')
. ((x($_GET, 'conv')) ? '&conv=' . rawurlencode($_GET['conv']) : '') . (!empty($_GET['conv']) ? '&conv=' . rawurlencode($_GET['conv']) : '')
. ((x($_GET, 'nets')) ? '&nets=' . rawurlencode($_GET['nets']) : '') . (!empty($_GET['nets']) ? '&nets=' . rawurlencode($_GET['nets']) : '')
. ((x($_GET, 'cmin')) ? '&cmin=' . rawurlencode($_GET['cmin']) : '') . (!empty($_GET['cmin']) ? '&cmin=' . rawurlencode($_GET['cmin']) : '')
. ((x($_GET, 'cmax')) ? '&cmax=' . rawurlencode($_GET['cmax']) : '') . (!empty($_GET['cmax']) ? '&cmax=' . rawurlencode($_GET['cmax']) : '')
. ((x($_GET, 'file')) ? '&file=' . rawurlencode($_GET['file']) : ''); . (!empty($_GET['file']) ? '&file=' . rawurlencode($_GET['file']) : '');
; ;
$terms = DBA::select('search', ['id', 'term'], ['uid' => local_user()]); $terms = DBA::select('search', ['id', 'term'], ['uid' => local_user()]);
@ -233,15 +228,15 @@ function network_query_get_sel_tab(App $a)
$new_active = 'active'; $new_active = 'active';
} }
if (x($_GET, 'star')) { if (!empty($_GET['star'])) {
$starred_active = 'active'; $starred_active = 'active';
} }
if (x($_GET, 'bmark')) { if (!empty($_GET['bmark'])) {
$bookmarked_active = 'active'; $bookmarked_active = 'active';
} }
if (x($_GET, 'conv')) { if (!empty($_GET['conv'])) {
$conv_active = 'active'; $conv_active = 'active';
} }
@ -249,7 +244,7 @@ function network_query_get_sel_tab(App $a)
$no_active = 'active'; $no_active = 'active';
} }
if ($no_active == 'active' && x($_GET, 'order')) { if ($no_active == 'active' && !empty($_GET['order'])) {
switch($_GET['order']) { switch($_GET['order']) {
case 'post' : $postord_active = 'active'; $no_active=''; break; case 'post' : $postord_active = 'active'; $no_active=''; break;
case 'comment' : $all_active = 'active'; $no_active=''; break; case 'comment' : $all_active = 'active'; $no_active=''; break;
@ -672,7 +667,7 @@ function networkThreadedView(App $a, $update, $parent)
$entries[0] = [ $entries[0] = [
'id' => 'network', 'id' => 'network',
'name' => htmlentities($contact['name']), 'name' => $contact['name'],
'itemurl' => defaults($contact, 'addr', $contact['nurl']), 'itemurl' => defaults($contact, 'addr', $contact['nurl']),
'thumb' => ProxyUtils::proxifyUrl($contact['thumb'], false, ProxyUtils::SIZE_THUMB), 'thumb' => ProxyUtils::proxifyUrl($contact['thumb'], false, ProxyUtils::SIZE_THUMB),
'details' => $contact['location'], 'details' => $contact['location'],
@ -914,7 +909,7 @@ function networkThreadedView(App $a, $update, $parent)
$parents_str = implode(', ', $parents_arr); $parents_str = implode(', ', $parents_arr);
} }
if (x($_GET, 'offset')) { if (!empty($_GET['offset'])) {
$date_offset = $_GET['offset']; $date_offset = $_GET['offset'];
} }
@ -968,7 +963,7 @@ function network_tabs(App $a)
$tabs = [ $tabs = [
[ [
'label' => L10n::t('Commented Order'), 'label' => L10n::t('Commented Order'),
'url' => str_replace('/new', '', $cmd) . '?f=&order=comment' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : ''), 'url' => str_replace('/new', '', $cmd) . '?f=&order=comment' . (!empty($_GET['cid']) ? '&cid=' . $_GET['cid'] : ''),
'sel' => $all_active, 'sel' => $all_active,
'title' => L10n::t('Sort by Comment Date'), 'title' => L10n::t('Sort by Comment Date'),
'id' => 'commented-order-tab', 'id' => 'commented-order-tab',
@ -976,7 +971,7 @@ function network_tabs(App $a)
], ],
[ [
'label' => L10n::t('Posted Order'), 'label' => L10n::t('Posted Order'),
'url' => str_replace('/new', '', $cmd) . '?f=&order=post' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : ''), 'url' => str_replace('/new', '', $cmd) . '?f=&order=post' . (!empty($_GET['cid']) ? '&cid=' . $_GET['cid'] : ''),
'sel' => $postord_active, 'sel' => $postord_active,
'title' => L10n::t('Sort by Post Date'), 'title' => L10n::t('Sort by Post Date'),
'id' => 'posted-order-tab', 'id' => 'posted-order-tab',
@ -986,7 +981,7 @@ function network_tabs(App $a)
$tabs[] = [ $tabs[] = [
'label' => L10n::t('Personal'), 'label' => L10n::t('Personal'),
'url' => str_replace('/new', '', $cmd) . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '/?f=') . '&conv=1', 'url' => str_replace('/new', '', $cmd) . (!empty($_GET['cid']) ? '/?f=&cid=' . $_GET['cid'] : '/?f=') . '&conv=1',
'sel' => $conv_active, 'sel' => $conv_active,
'title' => L10n::t('Posts that mention or involve you'), 'title' => L10n::t('Posts that mention or involve you'),
'id' => 'personal-tab', 'id' => 'personal-tab',
@ -996,7 +991,7 @@ function network_tabs(App $a)
if (Feature::isEnabled(local_user(), 'new_tab')) { if (Feature::isEnabled(local_user(), 'new_tab')) {
$tabs[] = [ $tabs[] = [
'label' => L10n::t('New'), 'label' => L10n::t('New'),
'url' => 'network/new' . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : ''), 'url' => 'network/new' . (!empty($_GET['cid']) ? '/?f=&cid=' . $_GET['cid'] : ''),
'sel' => $new_active, 'sel' => $new_active,
'title' => L10n::t('Activity Stream - by date'), 'title' => L10n::t('Activity Stream - by date'),
'id' => 'activitiy-by-date-tab', 'id' => 'activitiy-by-date-tab',
@ -1007,7 +1002,7 @@ function network_tabs(App $a)
if (Feature::isEnabled(local_user(), 'link_tab')) { if (Feature::isEnabled(local_user(), 'link_tab')) {
$tabs[] = [ $tabs[] = [
'label' => L10n::t('Shared Links'), 'label' => L10n::t('Shared Links'),
'url' => str_replace('/new', '', $cmd) . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '/?f=') . '&bmark=1', 'url' => str_replace('/new', '', $cmd) . (!empty($_GET['cid']) ? '/?f=&cid=' . $_GET['cid'] : '/?f=') . '&bmark=1',
'sel' => $bookmarked_active, 'sel' => $bookmarked_active,
'title' => L10n::t('Interesting Links'), 'title' => L10n::t('Interesting Links'),
'id' => 'shared-links-tab', 'id' => 'shared-links-tab',
@ -1017,7 +1012,7 @@ function network_tabs(App $a)
$tabs[] = [ $tabs[] = [
'label' => L10n::t('Starred'), 'label' => L10n::t('Starred'),
'url' => str_replace('/new', '', $cmd) . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '/?f=') . '&star=1', 'url' => str_replace('/new', '', $cmd) . (!empty($_GET['cid']) ? '/?f=&cid=' . $_GET['cid'] : '/?f=') . '&star=1',
'sel' => $starred_active, 'sel' => $starred_active,
'title' => L10n::t('Favourite Posts'), 'title' => L10n::t('Favourite Posts'),
'id' => 'starred-posts-tab', 'id' => 'starred-posts-tab',
@ -1025,7 +1020,7 @@ function network_tabs(App $a)
]; ];
// save selected tab, but only if not in file mode // save selected tab, but only if not in file mode
if (!x($_GET, 'file')) { if (empty($_GET['file'])) {
PConfig::set(local_user(), 'network.view', 'tab.selected', [ PConfig::set(local_user(), 'network.view', 'tab.selected', [
$all_active, $postord_active, $conv_active, $new_active, $starred_active, $bookmarked_active $all_active, $postord_active, $conv_active, $new_active, $starred_active, $bookmarked_active
]); ]);

View file

@ -8,7 +8,8 @@ use Friendica\Core\L10n;
function newmember_content(App $a) function newmember_content(App $a)
{ {
$o = '<h1>' . L10n::t('Welcome to Friendica') . '</h1>'; $o = '<div class="generic-page-wrapper">';
$o .= '<h1>' . L10n::t('Welcome to Friendica') . '</h1>';
$o .= '<h3>' . L10n::t('New Member Checklist') . '</h3>'; $o .= '<h3>' . L10n::t('New Member Checklist') . '</h3>';
$o .= '<div style="font-size: 120%;">'; $o .= '<div style="font-size: 120%;">';
$o .= L10n::t('We would like to offer some tips and links to help make your experience enjoyable. Click any item to visit the relevant page. A link to this page will be visible from your home page for two weeks after your initial registration and then will quietly disappear.'); $o .= L10n::t('We would like to offer some tips and links to help make your experience enjoyable. Click any item to visit the relevant page. A link to this page will be visible from your home page for two weeks after your initial registration and then will quietly disappear.');
@ -54,6 +55,7 @@ function newmember_content(App $a)
$o .= '<li>' . '<a target="newmember" href="help">' . L10n::t('Go to the Help Section') . '</a><br />' . L10n::t('Our <strong>help</strong> pages may be consulted for detail on other program features and resources.') . '</li>' . EOL; $o .= '<li>' . '<a target="newmember" href="help">' . L10n::t('Go to the Help Section') . '</a><br />' . L10n::t('Our <strong>help</strong> pages may be consulted for detail on other program features and resources.') . '</li>' . EOL;
$o .= '</ul>'; $o .= '</ul>';
$o .= '</div>'; $o .= '</div>';
$o .= '</div>';
return $o; return $o;
} }

View file

@ -48,7 +48,7 @@ function noscrape_init(App $a)
exit; exit;
} }
$keywords = ((x($a->profile, 'pub_keywords')) ? $a->profile['pub_keywords'] : ''); $keywords = defaults($a->profile, 'pub_keywords', '');
$keywords = str_replace(['#',',',' ',',,'], ['',' ',',',','], $keywords); $keywords = str_replace(['#',',',' ',',,'], ['',' ',',',','], $keywords);
$keywords = explode(',', $keywords); $keywords = explode(',', $keywords);

View file

@ -59,7 +59,7 @@ function notes_content(App $a, $update = false)
} }
$condition = ['uid' => local_user(), 'post-type' => Item::PT_PERSONAL_NOTE, 'gravity' => GRAVITY_PARENT, $condition = ['uid' => local_user(), 'post-type' => Item::PT_PERSONAL_NOTE, 'gravity' => GRAVITY_PARENT,
'wall' => false, 'contact-id'=> $a->contact['id']]; 'contact-id'=> $a->contact['id']];
$pager = new Pager($a->query_string, 40); $pager = new Pager($a->query_string, 40);
@ -70,7 +70,7 @@ function notes_content(App $a, $update = false)
$count = 0; $count = 0;
if (DBA::isResult($r)) { if (DBA::isResult($r)) {
$notes = DBA::toArray($r); $notes = Item::inArray($r);
$count = count($notes); $count = count($notes);

View file

@ -237,7 +237,7 @@ function notifications_content(App $a)
$notif_content[] = Renderer::replaceMacros($tpl, [ $notif_content[] = Renderer::replaceMacros($tpl, [
'$type' => $notif['label'], '$type' => $notif['label'],
'$header' => htmlentities($header), '$header' => $header,
'$str_notifytype' => L10n::t('Notification type:'), '$str_notifytype' => L10n::t('Notification type:'),
'$notify_type' => $notif['notify_type'], '$notify_type' => $notif['notify_type'],
'$dfrn_text' => $dfrn_text, '$dfrn_text' => $dfrn_text,

View file

@ -33,13 +33,13 @@ function oexchange_content(App $a) {
return; return;
} }
$url = ((x($_REQUEST,'url') && strlen($_REQUEST['url'])) $url = ((!empty($_REQUEST['url']))
? urlencode(Strings::escapeTags(trim($_REQUEST['url']))) : ''); ? urlencode(Strings::escapeTags(trim($_REQUEST['url']))) : '');
$title = ((x($_REQUEST,'title') && strlen($_REQUEST['title'])) $title = ((!empty($_REQUEST['title']))
? '&title=' . urlencode(Strings::escapeTags(trim($_REQUEST['title']))) : ''); ? '&title=' . urlencode(Strings::escapeTags(trim($_REQUEST['title']))) : '');
$description = ((x($_REQUEST,'description') && strlen($_REQUEST['description'])) $description = ((!empty($_REQUEST['description']))
? '&description=' . urlencode(Strings::escapeTags(trim($_REQUEST['description']))) : ''); ? '&description=' . urlencode(Strings::escapeTags(trim($_REQUEST['description']))) : '');
$tags = ((x($_REQUEST,'tags') && strlen($_REQUEST['tags'])) $tags = ((!empty($_REQUEST['tags']))
? '&tags=' . urlencode(Strings::escapeTags(trim($_REQUEST['tags']))) : ''); ? '&tags=' . urlencode(Strings::escapeTags(trim($_REQUEST['tags']))) : '');
$s = Network::fetchUrl(System::baseUrl() . '/parse_url?f=&url=' . $url . $title . $description . $tags); $s = Network::fetchUrl(System::baseUrl() . '/parse_url?f=&url=' . $url . $title . $description . $tags);

View file

@ -20,7 +20,7 @@ function openid_content(App $a) {
Logger::log('mod_openid ' . print_r($_REQUEST,true), Logger::DATA); Logger::log('mod_openid ' . print_r($_REQUEST,true), Logger::DATA);
if((x($_GET,'openid_mode')) && (x($_SESSION,'openid'))) { if(!empty($_GET['openid_mode']) && !empty($_SESSION['openid'])) {
$openid = new LightOpenID($a->getHostName()); $openid = new LightOpenID($a->getHostName());

View file

@ -77,8 +77,8 @@ function ostatus_subscribe_content(App $a)
$o .= '<p>' . $counter . '/' . $total . ': ' . $url; $o .= '<p>' . $counter . '/' . $total . ': ' . $url;
$curlResult = Probe::uri($url); $probed = Probe::uri($url);
if ($curlResult['network'] == Protocol::OSTATUS) { if ($probed['network'] == Protocol::OSTATUS) {
$result = Contact::createFromProbe($uid, $url, true, Protocol::OSTATUS); $result = Contact::createFromProbe($uid, $url, true, Protocol::OSTATUS);
if ($result['success']) { if ($result['success']) {
$o .= ' - ' . L10n::t('success'); $o .= ' - ' . L10n::t('success');

View file

@ -47,8 +47,8 @@ function parse_url_content(App $a)
// Add url scheme if it is missing // Add url scheme if it is missing
$arrurl = parse_url($url); $arrurl = parse_url($url);
if (!x($arrurl, 'scheme')) { if (empty($arrurl['scheme'])) {
if (x($arrurl, 'host')) { if (!empty($arrurl['host'])) {
$url = 'http:' . $url; $url = 'http:' . $url;
} else { } else {
$url = 'http://' . $url; $url = 'http://' . $url;

View file

@ -283,7 +283,7 @@ function photos_post(App $a)
if (DBA::isResult($r)) { if (DBA::isResult($r)) {
foreach ($r as $rr) { foreach ($r as $rr) {
$res[] = "'" . DBA::escape($rr['rid']) . "'" ; $res[] = "'" . DBA::escape($rr['rid']) . "'";
} }
} else { } else {
$a->internalRedirect($_SESSION['photo_return']); $a->internalRedirect($_SESSION['photo_return']);
@ -365,10 +365,10 @@ function photos_post(App $a)
return; // NOTREACHED return; // NOTREACHED
} }
if ($a->argc > 2 && (!empty($_POST['desc']) || !empty($_POST['newtag']) || !empty($_POST['albname']) !== false)) { if ($a->argc > 2 && (!empty($_POST['desc']) || !empty($_POST['newtag']) || isset($_POST['albname']))) {
$desc = !empty($_POST['desc']) ? Strings::escapeTags(trim($_POST['desc'])) : ''; $desc = !empty($_POST['desc']) ? Strings::escapeTags(trim($_POST['desc'])) : '';
$rawtags = !empty($_POST['newtag']) ? Strings::escapeTags(trim($_POST['newtag'])) : ''; $rawtags = !empty($_POST['newtag']) ? Strings::escapeTags(trim($_POST['newtag'])) : '';
$item_id = !empty($_POST['item_id']) ? intval($_POST['item_id']) : 0; $item_id = !empty($_POST['item_id']) ? intval($_POST['item_id']) : 0;
$albname = !empty($_POST['albname']) ? Strings::escapeTags(trim($_POST['albname'])) : ''; $albname = !empty($_POST['albname']) ? Strings::escapeTags(trim($_POST['albname'])) : '';
$origaname = !empty($_POST['origaname']) ? Strings::escapeTags(trim($_POST['origaname'])) : ''; $origaname = !empty($_POST['origaname']) ? Strings::escapeTags(trim($_POST['origaname'])) : '';
@ -681,8 +681,8 @@ function photos_post(App $a)
$arr['tag'] = $tagged[4]; $arr['tag'] = $tagged[4];
$arr['inform'] = $tagged[2]; $arr['inform'] = $tagged[2];
$arr['origin'] = 1; $arr['origin'] = 1;
$arr['body'] = L10n::t('%1$s was tagged in %2$s by %3$s', '[url=' . $tagged[1] . ']' . $tagged[0] . '[/url]', '[url=' . System::baseUrl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . ']' . L10n::t('a photo') . '[/url]', '[url=' . $owner_record['url'] . ']' . $owner_record['name'] . '[/url]') ; $arr['body'] = L10n::t('%1$s was tagged in %2$s by %3$s', '[url=' . $tagged[1] . ']' . $tagged[0] . '[/url]', '[url=' . System::baseUrl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . ']' . L10n::t('a photo') . '[/url]', '[url=' . $owner_record['url'] . ']' . $owner_record['name'] . '[/url]');
$arr['body'] .= "\n\n" . '[url=' . System::baseUrl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . ']' . '[img]' . System::baseUrl() . "/photo/" . $p[0]['resource-id'] . '-' . $best . '.' . $ext . '[/img][/url]' . "\n" ; $arr['body'] .= "\n\n" . '[url=' . System::baseUrl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . ']' . '[img]' . System::baseUrl() . "/photo/" . $p[0]['resource-id'] . '-' . $best . '.' . $ext . '[/img][/url]' . "\n";
$arr['object'] = '<object><type>' . ACTIVITY_OBJ_PERSON . '</type><title>' . $tagged[0] . '</title><id>' . $tagged[1] . '/' . $tagged[0] . '</id>'; $arr['object'] = '<object><type>' . ACTIVITY_OBJ_PERSON . '</type><title>' . $tagged[0] . '</title><id>' . $tagged[1] . '/' . $tagged[0] . '</id>';
$arr['object'] .= '<link>' . XML::escape('<link rel="alternate" type="text/html" href="' . $tagged[1] . '" />' . "\n"); $arr['object'] .= '<link>' . XML::escape('<link rel="alternate" type="text/html" href="' . $tagged[1] . '" />' . "\n");
@ -1353,7 +1353,7 @@ function photos_content(App $a)
} }
if ($prevlink) { if ($prevlink) {
$prevlink = [$prevlink, '<div class="icon prev"></div>'] ; $prevlink = [$prevlink, '<div class="icon prev"></div>'];
} }
$photo = [ $photo = [

View file

@ -188,7 +188,7 @@ function ping_init(App $a)
$intro_count = count($intros1) + count($intros2); $intro_count = count($intros1) + count($intros2);
$intros = $intros1 + $intros2; $intros = $intros1 + $intros2;
$myurl = System::baseUrl() . '/profile/' . $a->user['nickname'] ; $myurl = System::baseUrl() . '/profile/' . $a->user['nickname'];
$mails = q( $mails = q(
"SELECT `id`, `from-name`, `from-url`, `from-photo`, `created` FROM `mail` "SELECT `id`, `from-name`, `from-url`, `from-photo`, `created` FROM `mail`
WHERE `uid` = %d AND `seen` = 0 AND `from-url` != '%s' ", WHERE `uid` = %d AND `seen` = 0 AND `from-url` != '%s' ",
@ -373,12 +373,12 @@ function ping_init(App $a)
$sysmsgs = []; $sysmsgs = [];
$sysmsgs_info = []; $sysmsgs_info = [];
if (x($_SESSION, 'sysmsg')) { if (!empty($_SESSION['sysmsg'])) {
$sysmsgs = $_SESSION['sysmsg']; $sysmsgs = $_SESSION['sysmsg'];
unset($_SESSION['sysmsg']); unset($_SESSION['sysmsg']);
} }
if (x($_SESSION, 'sysmsg_info')) { if (!empty($_SESSION['sysmsg_info'])) {
$sysmsgs_info = $_SESSION['sysmsg_info']; $sysmsgs_info = $_SESSION['sysmsg_info'];
unset($_SESSION['sysmsg_info']); unset($_SESSION['sysmsg_info']);
} }
@ -483,7 +483,7 @@ function ping_get_notifications($uid)
if ($notification["visible"] if ($notification["visible"]
&& !$notification["deleted"] && !$notification["deleted"]
&& !(x($result, $notification["parent"]) && !empty($result[$notification["parent"]])) && empty($result[$notification["parent"]])
) { ) {
// Should we condense the notifications or show them all? // Should we condense the notifications or show them all?
if (PConfig::get(local_user(), 'system', 'detailed_notif')) { if (PConfig::get(local_user(), 'system', 'detailed_notif')) {

View file

@ -88,7 +88,7 @@ function poco_init(App $a) {
if (!empty($cid)) { if (!empty($cid)) {
$sql_extra = sprintf(" AND `contact`.`id` = %d ", intval($cid)); $sql_extra = sprintf(" AND `contact`.`id` = %d ", intval($cid));
} }
if (x($_GET, 'updatedSince')) { if (!empty($_GET['updatedSince'])) {
$update_limit = date(DateTimeFormat::MYSQL, strtotime($_GET['updatedSince'])); $update_limit = date(DateTimeFormat::MYSQL, strtotime($_GET['updatedSince']));
} }
if ($global) { if ($global) {
@ -122,7 +122,7 @@ function poco_init(App $a) {
} else { } else {
$startIndex = 0; $startIndex = 0;
} }
$itemsPerPage = ((x($_GET, 'count') && intval($_GET['count'])) ? intval($_GET['count']) : $totalResults); $itemsPerPage = ((!empty($_GET['count'])) ? intval($_GET['count']) : $totalResults);
if ($global) { if ($global) {
Logger::log("Start global query", Logger::DEBUG); Logger::log("Start global query", Logger::DEBUG);
@ -164,13 +164,13 @@ function poco_init(App $a) {
Logger::log("Query done", Logger::DEBUG); Logger::log("Query done", Logger::DEBUG);
$ret = []; $ret = [];
if (x($_GET, 'sorted')) { if (!empty($_GET['sorted'])) {
$ret['sorted'] = false; $ret['sorted'] = false;
} }
if (x($_GET, 'filtered')) { if (!empty($_GET['filtered'])) {
$ret['filtered'] = false; $ret['filtered'] = false;
} }
if (x($_GET, 'updatedSince') && ! $global) { if (!empty($_GET['updatedSince']) && ! $global) {
$ret['updatedSince'] = false; $ret['updatedSince'] = false;
} }
$ret['startIndex'] = (int) $startIndex; $ret['startIndex'] = (int) $startIndex;
@ -196,7 +196,7 @@ function poco_init(App $a) {
'generation' => false 'generation' => false
]; ];
if ((! x($_GET, 'fields')) || ($_GET['fields'] === '@all')) { if (empty($_GET['fields']) || ($_GET['fields'] === '@all')) {
foreach ($fields_ret as $k => $v) { foreach ($fields_ret as $k => $v) {
$fields_ret[$k] = true; $fields_ret[$k] = true;
} }

View file

@ -54,7 +54,7 @@ function poke_init(App $a)
return; return;
} }
$parent = (x($_GET,'parent') ? intval($_GET['parent']) : 0); $parent = (!empty($_GET['parent']) ? intval($_GET['parent']) : 0);
Logger::log('poke: verb ' . $verb . ' contact ' . $contact_id, Logger::DEBUG); Logger::log('poke: verb ' . $verb . ' contact ' . $contact_id, Logger::DEBUG);
@ -86,7 +86,7 @@ function poke_init(App $a)
$deny_gid = $item['deny_gid']; $deny_gid = $item['deny_gid'];
} }
} else { } else {
$private = (x($_GET,'private') ? intval($_GET['private']) : 0); $private = (!empty($_GET['private']) ? intval($_GET['private']) : 0);
$allow_cid = ($private ? '<' . $target['id']. '>' : $a->user['allow_cid']); $allow_cid = ($private ? '<' . $target['id']. '>' : $a->user['allow_cid']);
$allow_gid = ($private ? '' : $a->user['allow_gid']); $allow_gid = ($private ? '' : $a->user['allow_gid']);
@ -169,7 +169,7 @@ function poke_content(App $a)
]); ]);
$parent = (x($_GET,'parent') ? intval($_GET['parent']) : '0'); $parent = (!empty($_GET['parent']) ? intval($_GET['parent']) : '0');
$verbs = L10n::getPokeVerbs(); $verbs = L10n::getPokeVerbs();

View file

@ -15,7 +15,8 @@ function probe_content(App $a)
killme(); killme();
} }
$o = '<h3>Probe Diagnostic</h3>'; $o = '<div class="generic-page-wrapper">';
$o .= '<h3>Probe Diagnostic</h3>';
$o .= '<form action="probe" method="get">'; $o .= '<form action="probe" method="get">';
$o .= 'Lookup address: <input type="text" style="width: 250px;" name="addr" value="' . defaults($_GET, 'addr', '') . '" />'; $o .= 'Lookup address: <input type="text" style="width: 250px;" name="addr" value="' . defaults($_GET, 'addr', '') . '" />';
@ -30,6 +31,7 @@ function probe_content(App $a)
$o .= str_replace("\n", '<br />', print_r($res, true)); $o .= str_replace("\n", '<br />', print_r($res, true));
$o .= '</pre>'; $o .= '</pre>';
} }
$o .= '</div>';
return $o; return $o;
} }

View file

@ -33,24 +33,16 @@ function profile_init(App $a)
$a->page['aside'] = ''; $a->page['aside'] = '';
} }
if ($a->argc > 1) { if ($a->argc < 2) {
$which = htmlspecialchars($a->argv[1]); System::httpExit(400);
} else {
$r = q("SELECT `nickname` FROM `user` WHERE `blocked` = 0 AND `account_expired` = 0 AND `account_removed` = 0 AND `verified` = 1 ORDER BY RAND() LIMIT 1");
if (DBA::isResult($r)) {
$a->internalRedirect('profile/' . $r[0]['nickname']);
} else {
Logger::log('profile error: mod_profile ' . $a->query_string, Logger::DEBUG);
notice(L10n::t('Requested profile is not available.') . EOL);
$a->error = 404;
return;
}
} }
$which = filter_var($a->argv[1], FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_STRIP_BACKTICK);
$profile = 0; $profile = 0;
if (local_user() && $a->argc > 2 && $a->argv[2] === 'view') { if (local_user() && $a->argc > 2 && $a->argv[2] === 'view') {
$which = $a->user['nickname']; $which = $a->user['nickname'];
$profile = htmlspecialchars($a->argv[1]); $profile = filter_var($a->argv[1], FILTER_SANITIZE_NUMBER_INT);
} else { } else {
DFRN::autoRedir($a, $which); DFRN::autoRedir($a, $which);
} }
@ -139,6 +131,7 @@ function profile_content(App $a, $update = 0)
require_once 'include/items.php'; require_once 'include/items.php';
$groups = []; $groups = [];
$remote_cid = null;
$tab = 'posts'; $tab = 'posts';
$o = ''; $o = '';
@ -150,42 +143,18 @@ function profile_content(App $a, $update = 0)
Nav::setSelected('home'); Nav::setSelected('home');
} }
$contact = null; $remote_contact = Contact::isFollower(remote_user(), $a->profile['profile_uid']);
$remote_contact = false;
$contact_id = 0;
if (!empty($_SESSION['remote'])) {
foreach ($_SESSION['remote'] as $v) {
if ($v['uid'] == $a->profile['profile_uid']) {
$contact_id = $v['cid'];
break;
}
}
}
if ($contact_id) {
$groups = Group::getIdsByContactId($contact_id);
$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($contact_id),
intval($a->profile['profile_uid'])
);
if (DBA::isResult($r)) {
$contact = $r[0];
$remote_contact = true;
}
}
if (!$remote_contact) {
if (local_user()) {
$contact_id = $_SESSION['cid'];
$contact = $a->contact;
}
}
$is_owner = local_user() == $a->profile['profile_uid']; $is_owner = local_user() == $a->profile['profile_uid'];
$last_updated_key = "profile:" . $a->profile['profile_uid'] . ":" . local_user() . ":" . remote_user(); $last_updated_key = "profile:" . $a->profile['profile_uid'] . ":" . local_user() . ":" . remote_user();
if ($remote_contact) {
$cdata = Contact::getPublicAndUserContacID(remote_user(), $a->profile['profile_uid']);
if (!empty($cdata['user'])) {
$groups = Group::getIdsByContactId($cdata['user']);
$remote_cid = $cdata['user'];
}
}
if (!empty($a->profile['hidewall']) && !$is_owner && !$remote_contact) { if (!empty($a->profile['hidewall']) && !$is_owner && !$remote_contact) {
notice(L10n::t('Access to this profile has been restricted.') . EOL); notice(L10n::t('Access to this profile has been restricted.') . EOL);
return; return;
@ -236,13 +205,12 @@ function profile_content(App $a, $update = 0)
} }
} }
// Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups // Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups
$sql_extra = Item::getPermissionsSQLByUserId($a->profile['profile_uid'], $remote_contact, $groups); $sql_extra = Item::getPermissionsSQLByUserId($a->profile['profile_uid'], $remote_contact, $groups, $remote_cid);
$sql_extra2 = ''; $sql_extra2 = '';
if ($update) { if ($update) {
$last_updated = (!empty($_SESSION['last_updated'][$last_updated_key]) ? $_SESSION['last_updated'][$last_updated_key] : 0); $last_updated = (defaults($_SESSION['last_updated'], $last_updated_key, 0));
// If the page user is the owner of the page we should query for unseen // If the page user is the owner of the page we should query for unseen
// items. Otherwise use a timestamp of the last succesful update request. // items. Otherwise use a timestamp of the last succesful update request.
@ -350,7 +318,7 @@ function profile_content(App $a, $update = 0)
} }
} }
$o .= conversation($a, $items, $pager, 'profile', $update, false, 'created', local_user()); $o .= conversation($a, $items, $pager, 'profile', $update, false, 'created', $a->profile['profile_uid']);
if (!$update) { if (!$update) {
$o .= $pager->renderMinimal(count($items)); $o .= $pager->renderMinimal(count($items));

View file

@ -251,7 +251,7 @@ function profiles_post(App $a) {
$marital = Strings::escapeTags(trim($_POST['marital'])); $marital = Strings::escapeTags(trim($_POST['marital']));
$howlong = Strings::escapeTags(trim($_POST['howlong'])); $howlong = Strings::escapeTags(trim($_POST['howlong']));
$with = ((x($_POST,'with')) ? Strings::escapeTags(trim($_POST['with'])) : ''); $with = (!empty($_POST['with']) ? Strings::escapeTags(trim($_POST['with'])) : '');
if (! strlen($howlong)) { if (! strlen($howlong)) {
$howlong = DBA::NULL_DATETIME; $howlong = DBA::NULL_DATETIME;

View file

@ -7,6 +7,7 @@ use Friendica\Database\DBA;
use Friendica\Model\Contact; use Friendica\Model\Contact;
use Friendica\Protocol\OStatus; use Friendica\Protocol\OStatus;
use Friendica\Util\Strings; use Friendica\Util\Strings;
use Friendica\Core\System;
require_once 'include/items.php'; require_once 'include/items.php';
@ -16,7 +17,7 @@ function hub_return($valid, $body)
header($_SERVER["SERVER_PROTOCOL"] . ' 200 OK'); header($_SERVER["SERVER_PROTOCOL"] . ' 200 OK');
echo $body; echo $body;
} else { } else {
header($_SERVER["SERVER_PROTOCOL"] . ' 404 Not Found'); System::httpExit(404);
} }
killme(); killme();
} }
@ -25,8 +26,7 @@ function hub_return($valid, $body)
function hub_post_return() function hub_post_return()
{ {
header($_SERVER["SERVER_PROTOCOL"] . ' 200 OK'); System::httpExit(200);
killme();
} }
function pubsub_init(App $a) function pubsub_init(App $a)

View file

@ -10,7 +10,7 @@ use Friendica\Util\Network;
use Friendica\Util\Strings; use Friendica\Util\Strings;
function post_var($name) { function post_var($name) {
return (x($_POST, $name)) ? Strings::escapeTags(trim($_POST[$name])) : ''; return !empty($_POST[$name]) ? Strings::escapeTags(trim($_POST[$name])) : '';
} }
function pubsubhubbub_init(App $a) { function pubsubhubbub_init(App $a) {

View file

@ -9,6 +9,7 @@ use Friendica\Database\DBA;
use Friendica\Model\Contact; use Friendica\Model\Contact;
use Friendica\Model\Profile; use Friendica\Model\Profile;
use Friendica\Util\Strings; use Friendica\Util\Strings;
use Friendica\Util\Network;
function redir_init(App $a) { function redir_init(App $a) {
@ -34,8 +35,7 @@ function redir_init(App $a) {
$contact_url = $contact['url']; $contact_url = $contact['url'];
if ($contact['network'] !== Protocol::DFRN // Authentication isn't supported for non DFRN contacts. if ((!local_user() && !remote_user()) // Visitors (not logged in or not remotes) can't authenticate.
|| (!local_user() && !remote_user()) // Visitors (not logged in or not remotes) can't authenticate.
|| (!empty($a->contact['id']) && $a->contact['id'] == $cid)) // Local user is already authenticated. || (!empty($a->contact['id']) && $a->contact['id'] == $cid)) // Local user is already authenticated.
{ {
$a->redirect(defaults($url, $contact_url)); $a->redirect(defaults($url, $contact_url));
@ -67,7 +67,7 @@ function redir_init(App $a) {
// for authentification everytime he/she is visiting a profile page of the local // for authentification everytime he/she is visiting a profile page of the local
// contact. // contact.
if ($host == $remotehost if ($host == $remotehost
&& x($_SESSION, 'remote') && !empty($_SESSION['remote'])
&& is_array($_SESSION['remote'])) && is_array($_SESSION['remote']))
{ {
foreach ($_SESSION['remote'] as $v) { foreach ($_SESSION['remote'] as $v) {
@ -81,8 +81,17 @@ function redir_init(App $a) {
} }
} }
// When the remote page does support OWA, then we enforce the use of it
$basepath = Contact::getBasepath($contact_url);
if ($basepath == System::baseUrl()) {
$use_magic = true;
} else {
$serverret = Network::curl($basepath . '/magic');
$use_magic = $serverret->isSuccess();
}
// Doing remote auth with dfrn. // Doing remote auth with dfrn.
if (local_user() && (!empty($contact['dfrn-id']) || !empty($contact['issued-id'])) && empty($contact['pending'])) { if (local_user() && !$use_magic && (!empty($contact['dfrn-id']) || !empty($contact['issued-id'])) && empty($contact['pending'])) {
$dfrn_id = $orig_id = (($contact['issued-id']) ? $contact['issued-id'] : $contact['dfrn-id']); $dfrn_id = $orig_id = (($contact['issued-id']) ? $contact['issued-id'] : $contact['dfrn-id']);
if ($contact['duplex'] && $contact['issued-id']) { if ($contact['duplex'] && $contact['issued-id']) {

View file

@ -84,7 +84,7 @@ function register_post(App $a)
$using_invites = Config::get('system', 'invitation_only'); $using_invites = Config::get('system', 'invitation_only');
$num_invites = Config::get('system', 'number_invites'); $num_invites = Config::get('system', 'number_invites');
$invite_id = ((x($_POST, 'invite_id')) ? Strings::escapeTags(trim($_POST['invite_id'])) : ''); $invite_id = (!empty($_POST['invite_id']) ? Strings::escapeTags(trim($_POST['invite_id'])) : '');
if (intval(Config::get('config', 'register_policy')) === REGISTER_OPEN) { if (intval(Config::get('config', 'register_policy')) === REGISTER_OPEN) {
if ($using_invites && $invite_id) { if ($using_invites && $invite_id) {
@ -93,7 +93,7 @@ function register_post(App $a)
} }
// Only send a password mail when the password wasn't manually provided // Only send a password mail when the password wasn't manually provided
if (!x($_POST, 'password1') || !x($_POST, 'confirm')) { if (empty($_POST['password1']) || empty($_POST['confirm'])) {
$res = Model\User::sendRegisterOpenEmail( $res = Model\User::sendRegisterOpenEmail(
$user, $user,
Config::get('config', 'sitename'), Config::get('config', 'sitename'),
@ -195,38 +195,33 @@ function register_content(App $a)
} }
} }
if (x($_SESSION, 'theme')) { if (!empty($_SESSION['theme'])) {
unset($_SESSION['theme']); unset($_SESSION['theme']);
} }
if (x($_SESSION, 'mobile-theme')) { if (!empty($_SESSION['mobile-theme'])) {
unset($_SESSION['mobile-theme']); unset($_SESSION['mobile-theme']);
} }
$username = x($_REQUEST, 'username') ? $_REQUEST['username'] : ''; $username = defaults($_REQUEST, 'username' , '');
$email = x($_REQUEST, 'email') ? $_REQUEST['email'] : ''; $email = defaults($_REQUEST, 'email' , '');
$openid_url = x($_REQUEST, 'openid_url') ? $_REQUEST['openid_url'] : ''; $openid_url = defaults($_REQUEST, 'openid_url', '');
$nickname = x($_REQUEST, 'nickname') ? $_REQUEST['nickname'] : ''; $nickname = defaults($_REQUEST, 'nickname' , '');
$photo = x($_REQUEST, 'photo') ? $_REQUEST['photo'] : ''; $photo = defaults($_REQUEST, 'photo' , '');
$invite_id = x($_REQUEST, 'invite_id') ? $_REQUEST['invite_id'] : ''; $invite_id = defaults($_REQUEST, 'invite_id' , '');
$noid = Config::get('system', 'no_openid'); $noid = Config::get('system', 'no_openid');
if ($noid) { if ($noid) {
$oidhtml = '';
$fillwith = ''; $fillwith = '';
$fillext = ''; $fillext = '';
$oidlabel = ''; $oidlabel = '';
} else { } else {
$oidhtml = '<label for="register-openid" id="label-register-openid" >$oidlabel</label><input type="text" maxlength="60" size="32" name="openid_url" class="openid" id="register-openid" value="$openid" >';
$fillwith = L10n::t("You may \x28optionally\x29 fill in this form via OpenID by supplying your OpenID and clicking 'Register'."); $fillwith = L10n::t("You may \x28optionally\x29 fill in this form via OpenID by supplying your OpenID and clicking 'Register'.");
$fillext = L10n::t('If you are not familiar with OpenID, please leave that field blank and fill in the rest of the items.'); $fillext = L10n::t('If you are not familiar with OpenID, please leave that field blank and fill in the rest of the items.');
$oidlabel = L10n::t("Your OpenID \x28optional\x29: "); $oidlabel = L10n::t("Your OpenID \x28optional\x29: ");
} }
// I set this and got even more fake names than before...
$realpeople = ''; // L10n::t('Members of this network prefer to communicate with real people who use their real names.');
if (Config::get('system', 'publish_all')) { if (Config::get('system', 'publish_all')) {
$profile_publish = '<input type="hidden" name="profile_publish_reg" value="1" />'; $profile_publish = '<input type="hidden" name="profile_publish_reg" value="1" />';
} else { } else {
@ -244,8 +239,6 @@ function register_content(App $a)
$r = q("SELECT COUNT(*) AS `contacts` FROM `contact`"); $r = q("SELECT COUNT(*) AS `contacts` FROM `contact`");
$passwords = !$r[0]["contacts"]; $passwords = !$r[0]["contacts"];
$license = '';
$tpl = Renderer::getMarkupTemplate("register.tpl"); $tpl = Renderer::getMarkupTemplate("register.tpl");
$arr = ['template' => $tpl]; $arr = ['template' => $tpl];
@ -257,14 +250,12 @@ function register_content(App $a)
$tos = new Tos(); $tos = new Tos();
$o = Renderer::replaceMacros($tpl, [ $o = Renderer::replaceMacros($tpl, [
'$oidhtml' => $oidhtml,
'$invitations' => Config::get('system', 'invitation_only'), '$invitations' => Config::get('system', 'invitation_only'),
'$permonly' => intval(Config::get('config', 'register_policy')) === REGISTER_APPROVE, '$permonly' => intval(Config::get('config', 'register_policy')) === REGISTER_APPROVE,
'$permonlybox' => ['permonlybox', L10n::t('Note for the admin'), '', L10n::t('Leave a message for the admin, why you want to join this node')], '$permonlybox' => ['permonlybox', L10n::t('Note for the admin'), '', L10n::t('Leave a message for the admin, why you want to join this node')],
'$invite_desc' => L10n::t('Membership on this site is by invitation only.'), '$invite_desc' => L10n::t('Membership on this site is by invitation only.'),
'$invite_label' => L10n::t('Your invitation code: '), '$invite_label' => L10n::t('Your invitation code: '),
'$invite_id' => $invite_id, '$invite_id' => $invite_id,
'$realpeople' => $realpeople,
'$regtitle' => L10n::t('Registration'), '$regtitle' => L10n::t('Registration'),
'$registertext' => BBCode::convert(Config::get('config', 'register_text', '')), '$registertext' => BBCode::convert(Config::get('config', 'register_text', '')),
'$fillwith' => $fillwith, '$fillwith' => $fillwith,
@ -284,7 +275,6 @@ function register_content(App $a)
'$username' => $username, '$username' => $username,
'$email' => $email, '$email' => $email,
'$nickname' => $nickname, '$nickname' => $nickname,
'$license' => $license,
'$sitename' => $a->getHostName(), '$sitename' => $a->getHostName(),
'$importh' => L10n::t('Import'), '$importh' => L10n::t('Import'),
'$importt' => L10n::t('Import your profile to this friendica instance'), '$importt' => L10n::t('Import your profile to this friendica instance'),

View file

@ -20,15 +20,15 @@ function removeme_post(App $a)
return; return;
} }
if (x($_SESSION, 'submanage') && intval($_SESSION['submanage'])) { if (!empty($_SESSION['submanage'])) {
return; return;
} }
if ((!x($_POST, 'qxz_password')) || (!strlen(trim($_POST['qxz_password'])))) { if (empty($_POST['qxz_password'])) {
return; return;
} }
if ((!x($_POST, 'verify')) || (!strlen(trim($_POST['verify'])))) { if (empty($_POST['verify'])) {
return; return;
} }

View file

@ -24,7 +24,7 @@ require_once 'mod/dirfind.php';
function search_saved_searches() { function search_saved_searches() {
$o = ''; $o = '';
$search = ((x($_GET,'search')) ? Strings::escapeTags(trim(rawurldecode($_GET['search']))) : ''); $search = (!empty($_GET['search']) ? Strings::escapeTags(trim(rawurldecode($_GET['search']))) : '');
$r = q("SELECT `id`,`term` FROM `search` WHERE `uid` = %d", $r = q("SELECT `id`,`term` FROM `search` WHERE `uid` = %d",
intval(local_user()) intval(local_user())
@ -60,10 +60,10 @@ function search_saved_searches() {
function search_init(App $a) { function search_init(App $a) {
$search = ((x($_GET,'search')) ? Strings::escapeTags(trim(rawurldecode($_GET['search']))) : ''); $search = (!empty($_GET['search']) ? Strings::escapeTags(trim(rawurldecode($_GET['search']))) : '');
if (local_user()) { if (local_user()) {
if (x($_GET,'save') && $search) { if (!empty($_GET['save']) && $search) {
$r = q("SELECT * FROM `search` WHERE `uid` = %d AND `term` = '%s' LIMIT 1", $r = q("SELECT * FROM `search` WHERE `uid` = %d AND `term` = '%s' LIMIT 1",
intval(local_user()), intval(local_user()),
DBA::escape($search) DBA::escape($search)
@ -72,7 +72,7 @@ function search_init(App $a) {
DBA::insert('search', ['uid' => local_user(), 'term' => $search]); DBA::insert('search', ['uid' => local_user(), 'term' => $search]);
} }
} }
if (x($_GET,'remove') && $search) { if (!empty($_GET['remove']) && $search) {
DBA::delete('search', ['uid' => local_user(), 'term' => $search]); DBA::delete('search', ['uid' => local_user(), 'term' => $search]);
} }
@ -92,14 +92,6 @@ function search_init(App $a) {
} }
function search_post(App $a) {
if (x($_POST,'search'))
$a->data['search'] = $_POST['search'];
}
function search_content(App $a) { function search_content(App $a) {
if (Config::get('system','block_public') && !local_user() && !remote_user()) { if (Config::get('system','block_public') && !local_user() && !remote_user()) {
@ -145,16 +137,12 @@ function search_content(App $a) {
Nav::setSelected('search'); Nav::setSelected('search');
$search = ''; $search = (!empty($_REQUEST['search']) ? Strings::escapeTags(trim(rawurldecode($_REQUEST['search']))) : '');
if (x($a->data,'search'))
$search = Strings::escapeTags(trim($a->data['search']));
else
$search = ((x($_GET,'search')) ? Strings::escapeTags(trim(rawurldecode($_GET['search']))) : '');
$tag = false; $tag = false;
if (x($_GET,'tag')) { if (!empty($_GET['tag'])) {
$tag = true; $tag = true;
$search = (x($_GET,'tag') ? '#' . Strings::escapeTags(trim(rawurldecode($_GET['tag']))) : ''); $search = (!empty($_GET['tag']) ? '#' . Strings::escapeTags(trim(rawurldecode($_GET['tag']))) : '');
} }
// contruct a wrapper for the search header // contruct a wrapper for the search header
@ -176,7 +164,7 @@ function search_content(App $a) {
return dirfind_content($a); return dirfind_content($a);
} }
if (x($_GET,'search-option')) if (!empty($_GET['search-option']))
switch($_GET['search-option']) { switch($_GET['search-option']) {
case 'fulltext': case 'fulltext':
break; break;

View file

@ -146,18 +146,18 @@ function settings_post(App $a)
return; return;
} }
if (x($_SESSION, 'submanage') && intval($_SESSION['submanage'])) { if (!empty($_SESSION['submanage'])) {
return; return;
} }
if (count($a->user) && x($a->user, 'uid') && $a->user['uid'] != local_user()) { if (count($a->user) && !empty($a->user['uid']) && $a->user['uid'] != local_user()) {
notice(L10n::t('Permission denied.') . EOL); notice(L10n::t('Permission denied.') . EOL);
return; return;
} }
$old_page_flags = $a->user['page-flags']; $old_page_flags = $a->user['page-flags'];
if (($a->argc > 1) && ($a->argv[1] === 'oauth') && x($_POST, 'remove')) { if (($a->argc > 1) && ($a->argv[1] === 'oauth') && !empty($_POST['remove'])) {
BaseModule::checkFormSecurityTokenRedirectOnError('/settings/oauth', 'settings_oauth'); BaseModule::checkFormSecurityTokenRedirectOnError('/settings/oauth', 'settings_oauth');
$key = $_POST['remove']; $key = $_POST['remove'];
@ -166,7 +166,7 @@ function settings_post(App $a)
return; return;
} }
if (($a->argc > 2) && ($a->argv[1] === 'oauth') && ($a->argv[2] === 'edit'||($a->argv[2] === 'add')) && x($_POST, 'submit')) { if (($a->argc > 2) && ($a->argv[1] === 'oauth') && ($a->argv[2] === 'edit'||($a->argv[2] === 'add')) && !empty($_POST['submit'])) {
BaseModule::checkFormSecurityTokenRedirectOnError('/settings/oauth', 'settings_oauth'); BaseModule::checkFormSecurityTokenRedirectOnError('/settings/oauth', 'settings_oauth');
$name = defaults($_POST, 'name' , ''); $name = defaults($_POST, 'name' , '');
@ -222,23 +222,23 @@ function settings_post(App $a)
if (($a->argc > 1) && ($a->argv[1] == 'connectors')) { if (($a->argc > 1) && ($a->argv[1] == 'connectors')) {
BaseModule::checkFormSecurityTokenRedirectOnError('/settings/connectors', 'settings_connectors'); BaseModule::checkFormSecurityTokenRedirectOnError('/settings/connectors', 'settings_connectors');
if (x($_POST, 'general-submit')) { if (!empty($_POST['general-submit'])) {
PConfig::set(local_user(), 'system', 'disable_cw', intval($_POST['disable_cw'])); PConfig::set(local_user(), 'system', 'disable_cw', intval($_POST['disable_cw']));
PConfig::set(local_user(), 'system', 'no_intelligent_shortening', intval($_POST['no_intelligent_shortening'])); PConfig::set(local_user(), 'system', 'no_intelligent_shortening', intval($_POST['no_intelligent_shortening']));
PConfig::set(local_user(), 'system', 'ostatus_autofriend', intval($_POST['snautofollow'])); PConfig::set(local_user(), 'system', 'ostatus_autofriend', intval($_POST['snautofollow']));
PConfig::set(local_user(), 'ostatus', 'default_group', $_POST['group-selection']); PConfig::set(local_user(), 'ostatus', 'default_group', $_POST['group-selection']);
PConfig::set(local_user(), 'ostatus', 'legacy_contact', $_POST['legacy_contact']); PConfig::set(local_user(), 'ostatus', 'legacy_contact', $_POST['legacy_contact']);
} elseif (x($_POST, 'imap-submit')) { } elseif (!empty($_POST['imap-submit'])) {
$mail_server = ((x($_POST, 'mail_server')) ? $_POST['mail_server'] : ''); $mail_server = defaults($_POST, 'mail_server', '');
$mail_port = ((x($_POST, 'mail_port')) ? $_POST['mail_port'] : ''); $mail_port = defaults($_POST, 'mail_port', '');
$mail_ssl = ((x($_POST, 'mail_ssl')) ? strtolower(trim($_POST['mail_ssl'])) : ''); $mail_ssl = (!empty($_POST['mail_ssl']) ? strtolower(trim($_POST['mail_ssl'])) : '');
$mail_user = ((x($_POST, 'mail_user')) ? $_POST['mail_user'] : ''); $mail_user = defaults($_POST, 'mail_user', '');
$mail_pass = ((x($_POST, 'mail_pass')) ? trim($_POST['mail_pass']) : ''); $mail_pass = (!empty($_POST['mail_pass']) ? trim($_POST['mail_pass']) : '');
$mail_action = ((x($_POST, 'mail_action')) ? trim($_POST['mail_action']) : ''); $mail_action = (!empty($_POST['mail_action']) ? trim($_POST['mail_action']) : '');
$mail_movetofolder = ((x($_POST, 'mail_movetofolder')) ? trim($_POST['mail_movetofolder']) : ''); $mail_movetofolder = (!empty($_POST['mail_movetofolder']) ? trim($_POST['mail_movetofolder']) : '');
$mail_replyto = ((x($_POST, 'mail_replyto')) ? $_POST['mail_replyto'] : ''); $mail_replyto = defaults($_POST, 'mail_replyto', '');
$mail_pubmail = ((x($_POST, 'mail_pubmail')) ? $_POST['mail_pubmail'] : ''); $mail_pubmail = defaults($_POST, 'mail_pubmail', '');
$mail_disabled = ((function_exists('imap_open') && (!Config::get('system', 'imap_disabled'))) ? 0 : 1); $mail_disabled = ((function_exists('imap_open') && (!Config::get('system', 'imap_disabled'))) ? 0 : 1);
@ -315,17 +315,17 @@ function settings_post(App $a)
if (($a->argc > 1) && ($a->argv[1] === 'display')) { if (($a->argc > 1) && ($a->argv[1] === 'display')) {
BaseModule::checkFormSecurityTokenRedirectOnError('/settings/display', 'settings_display'); BaseModule::checkFormSecurityTokenRedirectOnError('/settings/display', 'settings_display');
$theme = x($_POST, 'theme') ? Strings::escapeTags(trim($_POST['theme'])) : $a->user['theme']; $theme = !empty($_POST['theme']) ? Strings::escapeTags(trim($_POST['theme'])) : $a->user['theme'];
$mobile_theme = x($_POST, 'mobile_theme') ? Strings::escapeTags(trim($_POST['mobile_theme'])) : ''; $mobile_theme = !empty($_POST['mobile_theme']) ? Strings::escapeTags(trim($_POST['mobile_theme'])) : '';
$nosmile = x($_POST, 'nosmile') ? intval($_POST['nosmile']) : 0; $nosmile = !empty($_POST['nosmile']) ? intval($_POST['nosmile']) : 0;
$first_day_of_week = x($_POST, 'first_day_of_week') ? intval($_POST['first_day_of_week']) : 0; $first_day_of_week = !empty($_POST['first_day_of_week']) ? intval($_POST['first_day_of_week']) : 0;
$noinfo = x($_POST, 'noinfo') ? intval($_POST['noinfo']) : 0; $noinfo = !empty($_POST['noinfo']) ? intval($_POST['noinfo']) : 0;
$infinite_scroll = x($_POST, 'infinite_scroll') ? intval($_POST['infinite_scroll']) : 0; $infinite_scroll = !empty($_POST['infinite_scroll']) ? intval($_POST['infinite_scroll']) : 0;
$no_auto_update = x($_POST, 'no_auto_update') ? intval($_POST['no_auto_update']) : 0; $no_auto_update = !empty($_POST['no_auto_update']) ? intval($_POST['no_auto_update']) : 0;
$bandwidth_saver = x($_POST, 'bandwidth_saver') ? intval($_POST['bandwidth_saver']) : 0; $bandwidth_saver = !empty($_POST['bandwidth_saver']) ? intval($_POST['bandwidth_saver']) : 0;
$smart_threading = x($_POST, 'smart_threading') ? intval($_POST['smart_threading']) : 0; $smart_threading = !empty($_POST['smart_threading']) ? intval($_POST['smart_threading']) : 0;
$nowarn_insecure = x($_POST, 'nowarn_insecure') ? intval($_POST['nowarn_insecure']) : 0; $nowarn_insecure = !empty($_POST['nowarn_insecure']) ? intval($_POST['nowarn_insecure']) : 0;
$browser_update = x($_POST, 'browser_update') ? intval($_POST['browser_update']) : 0; $browser_update = !empty($_POST['browser_update']) ? intval($_POST['browser_update']) : 0;
if ($browser_update != -1) { if ($browser_update != -1) {
$browser_update = $browser_update * 1000; $browser_update = $browser_update * 1000;
if ($browser_update < 10000) { if ($browser_update < 10000) {
@ -333,11 +333,11 @@ function settings_post(App $a)
} }
} }
$itemspage_network = x($_POST, 'itemspage_network') ? intval($_POST['itemspage_network']) : 40; $itemspage_network = !empty($_POST['itemspage_network']) ? intval($_POST['itemspage_network']) : 40;
if ($itemspage_network > 100) { if ($itemspage_network > 100) {
$itemspage_network = 100; $itemspage_network = 100;
} }
$itemspage_mobile_network = x($_POST, 'itemspage_mobile_network') ? intval($_POST['itemspage_mobile_network']) : 20; $itemspage_mobile_network = !empty($_POST['itemspage_mobile_network']) ? intval($_POST['itemspage_mobile_network']) : 20;
if ($itemspage_mobile_network > 100) { if ($itemspage_mobile_network > 100) {
$itemspage_mobile_network = 100; $itemspage_mobile_network = 100;
} }
@ -379,7 +379,7 @@ function settings_post(App $a)
BaseModule::checkFormSecurityTokenRedirectOnError('/settings', 'settings'); BaseModule::checkFormSecurityTokenRedirectOnError('/settings', 'settings');
if (x($_POST,'resend_relocate')) { if (!empty($_POST['resend_relocate'])) {
Worker::add(PRIORITY_HIGH, 'Notifier', 'relocate', local_user()); Worker::add(PRIORITY_HIGH, 'Notifier', 'relocate', local_user());
info(L10n::t("Relocate message has been send to your contacts")); info(L10n::t("Relocate message has been send to your contacts"));
$a->internalRedirect('settings'); $a->internalRedirect('settings');
@ -387,7 +387,7 @@ function settings_post(App $a)
Addon::callHooks('settings_post', $_POST); Addon::callHooks('settings_post', $_POST);
if (x($_POST, 'password') || x($_POST, 'confirm')) { if (!empty($_POST['password']) || !empty($_POST['confirm'])) {
$newpass = $_POST['password']; $newpass = $_POST['password'];
$confirm = $_POST['confirm']; $confirm = $_POST['confirm'];
@ -397,7 +397,7 @@ function settings_post(App $a)
$err = true; $err = true;
} }
if (!x($newpass) || !x($confirm)) { if (empty($newpass) || empty($confirm)) {
notice(L10n::t('Empty passwords are not allowed. Password unchanged.') . EOL); notice(L10n::t('Empty passwords are not allowed. Password unchanged.') . EOL);
$err = true; $err = true;
} }
@ -423,35 +423,35 @@ function settings_post(App $a)
} }
} }
$username = ((x($_POST, 'username')) ? Strings::escapeTags(trim($_POST['username'])) : ''); $username = (!empty($_POST['username']) ? Strings::escapeTags(trim($_POST['username'])) : '');
$email = ((x($_POST, 'email')) ? Strings::escapeTags(trim($_POST['email'])) : ''); $email = (!empty($_POST['email']) ? Strings::escapeTags(trim($_POST['email'])) : '');
$timezone = ((x($_POST, 'timezone')) ? Strings::escapeTags(trim($_POST['timezone'])) : ''); $timezone = (!empty($_POST['timezone']) ? Strings::escapeTags(trim($_POST['timezone'])) : '');
$language = ((x($_POST, 'language')) ? Strings::escapeTags(trim($_POST['language'])) : ''); $language = (!empty($_POST['language']) ? Strings::escapeTags(trim($_POST['language'])) : '');
$defloc = ((x($_POST, 'defloc')) ? Strings::escapeTags(trim($_POST['defloc'])) : ''); $defloc = (!empty($_POST['defloc']) ? Strings::escapeTags(trim($_POST['defloc'])) : '');
$openid = ((x($_POST, 'openid_url')) ? Strings::escapeTags(trim($_POST['openid_url'])) : ''); $openid = (!empty($_POST['openid_url']) ? Strings::escapeTags(trim($_POST['openid_url'])) : '');
$maxreq = ((x($_POST, 'maxreq')) ? intval($_POST['maxreq']) : 0); $maxreq = (!empty($_POST['maxreq']) ? intval($_POST['maxreq']) : 0);
$expire = ((x($_POST, 'expire')) ? intval($_POST['expire']) : 0); $expire = (!empty($_POST['expire']) ? intval($_POST['expire']) : 0);
$def_gid = ((x($_POST, 'group-selection')) ? intval($_POST['group-selection']) : 0); $def_gid = (!empty($_POST['group-selection']) ? intval($_POST['group-selection']) : 0);
$expire_items = ((x($_POST, 'expire_items')) ? intval($_POST['expire_items']) : 0); $expire_items = (!empty($_POST['expire_items']) ? intval($_POST['expire_items']) : 0);
$expire_notes = ((x($_POST, 'expire_notes')) ? intval($_POST['expire_notes']) : 0); $expire_notes = (!empty($_POST['expire_notes']) ? intval($_POST['expire_notes']) : 0);
$expire_starred = ((x($_POST, 'expire_starred')) ? intval($_POST['expire_starred']) : 0); $expire_starred = (!empty($_POST['expire_starred']) ? intval($_POST['expire_starred']) : 0);
$expire_photos = ((x($_POST, 'expire_photos'))? intval($_POST['expire_photos']) : 0); $expire_photos = (!empty($_POST['expire_photos'])? intval($_POST['expire_photos']) : 0);
$expire_network_only = ((x($_POST, 'expire_network_only'))? intval($_POST['expire_network_only']) : 0); $expire_network_only = (!empty($_POST['expire_network_only'])? intval($_POST['expire_network_only']) : 0);
$allow_location = (((x($_POST, 'allow_location')) && (intval($_POST['allow_location']) == 1)) ? 1: 0); $allow_location = ((!empty($_POST['allow_location']) && (intval($_POST['allow_location']) == 1)) ? 1: 0);
$publish = (((x($_POST, 'profile_in_directory')) && (intval($_POST['profile_in_directory']) == 1)) ? 1: 0); $publish = ((!empty($_POST['profile_in_directory']) && (intval($_POST['profile_in_directory']) == 1)) ? 1: 0);
$net_publish = (((x($_POST, 'profile_in_netdirectory')) && (intval($_POST['profile_in_netdirectory']) == 1)) ? 1: 0); $net_publish = ((!empty($_POST['profile_in_netdirectory']) && (intval($_POST['profile_in_netdirectory']) == 1)) ? 1: 0);
$old_visibility = (((x($_POST, 'visibility')) && (intval($_POST['visibility']) == 1)) ? 1 : 0); $old_visibility = ((!empty($_POST['visibility']) && (intval($_POST['visibility']) == 1)) ? 1 : 0);
$account_type = (((x($_POST, 'account-type')) && (intval($_POST['account-type']))) ? intval($_POST['account-type']) : 0); $account_type = ((!empty($_POST['account-type']) && (intval($_POST['account-type']))) ? intval($_POST['account-type']) : 0);
$page_flags = (((x($_POST, 'page-flags')) && (intval($_POST['page-flags']))) ? intval($_POST['page-flags']) : 0); $page_flags = ((!empty($_POST['page-flags']) && (intval($_POST['page-flags']))) ? intval($_POST['page-flags']) : 0);
$blockwall = (((x($_POST, 'blockwall')) && (intval($_POST['blockwall']) == 1)) ? 0: 1); // this setting is inverted! $blockwall = ((!empty($_POST['blockwall']) && (intval($_POST['blockwall']) == 1)) ? 0: 1); // this setting is inverted!
$blocktags = (((x($_POST, 'blocktags')) && (intval($_POST['blocktags']) == 1)) ? 0: 1); // this setting is inverted! $blocktags = ((!empty($_POST['blocktags']) && (intval($_POST['blocktags']) == 1)) ? 0: 1); // this setting is inverted!
$unkmail = (((x($_POST, 'unkmail')) && (intval($_POST['unkmail']) == 1)) ? 1: 0); $unkmail = ((!empty($_POST['unkmail']) && (intval($_POST['unkmail']) == 1)) ? 1: 0);
$cntunkmail = ((x($_POST, 'cntunkmail')) ? intval($_POST['cntunkmail']) : 0); $cntunkmail = (!empty($_POST['cntunkmail']) ? intval($_POST['cntunkmail']) : 0);
$suggestme = ((x($_POST, 'suggestme')) ? intval($_POST['suggestme']) : 0); $suggestme = (!empty($_POST['suggestme']) ? intval($_POST['suggestme']) : 0);
$hide_friends = (($_POST['hide-friends'] == 1) ? 1: 0); $hide_friends = (($_POST['hide-friends'] == 1) ? 1: 0);
$hidewall = (($_POST['hidewall'] == 1) ? 1: 0); $hidewall = (($_POST['hidewall'] == 1) ? 1: 0);
@ -460,28 +460,28 @@ function settings_post(App $a)
$notify = 0; $notify = 0;
if (x($_POST, 'notify1')) { if (!empty($_POST['notify1'])) {
$notify += intval($_POST['notify1']); $notify += intval($_POST['notify1']);
} }
if (x($_POST, 'notify2')) { if (!empty($_POST['notify2'])) {
$notify += intval($_POST['notify2']); $notify += intval($_POST['notify2']);
} }
if (x($_POST, 'notify3')) { if (!empty($_POST['notify3'])) {
$notify += intval($_POST['notify3']); $notify += intval($_POST['notify3']);
} }
if (x($_POST, 'notify4')) { if (!empty($_POST['notify4'])) {
$notify += intval($_POST['notify4']); $notify += intval($_POST['notify4']);
} }
if (x($_POST, 'notify5')) { if (!empty($_POST['notify5'])) {
$notify += intval($_POST['notify5']); $notify += intval($_POST['notify5']);
} }
if (x($_POST, 'notify6')) { if (!empty($_POST['notify6'])) {
$notify += intval($_POST['notify6']); $notify += intval($_POST['notify6']);
} }
if (x($_POST, 'notify7')) { if (!empty($_POST['notify7'])) {
$notify += intval($_POST['notify7']); $notify += intval($_POST['notify7']);
} }
if (x($_POST, 'notify8')) { if (!empty($_POST['notify8'])) {
$notify += intval($_POST['notify8']); $notify += intval($_POST['notify8']);
} }
@ -666,7 +666,7 @@ function settings_content(App $a)
return Login::form(); return Login::form();
} }
if (x($_SESSION, 'submanage') && intval($_SESSION['submanage'])) { if (!empty($_SESSION['submanage'])) {
notice(L10n::t('Permission denied.') . EOL); notice(L10n::t('Permission denied.') . EOL);
return; return;
} }
@ -796,7 +796,7 @@ function settings_content(App $a)
$default_group = PConfig::get(local_user(), 'ostatus', 'default_group'); $default_group = PConfig::get(local_user(), 'ostatus', 'default_group');
$legacy_contact = PConfig::get(local_user(), 'ostatus', 'legacy_contact'); $legacy_contact = PConfig::get(local_user(), 'ostatus', 'legacy_contact');
if (x($legacy_contact)) { if (!empty($legacy_contact)) {
/// @todo Isn't it supposed to be a $a->internalRedirect() call? /// @todo Isn't it supposed to be a $a->internalRedirect() call?
$a->page['htmlhead'] = '<meta http-equiv="refresh" content="0; URL=' . System::baseUrl().'/ostatus_subscribe?url=' . urlencode($legacy_contact) . '">'; $a->page['htmlhead'] = '<meta http-equiv="refresh" content="0; URL=' . System::baseUrl().'/ostatus_subscribe?url=' . urlencode($legacy_contact) . '">';
} }

View file

@ -33,7 +33,7 @@ function starred_init(App $a) {
Item::update(['starred' => $starred], ['id' => $message_id]); Item::update(['starred' => $starred], ['id' => $message_id]);
// See if we've been passed a return path to redirect to // See if we've been passed a return path to redirect to
$return_path = (x($_REQUEST,'return') ? $_REQUEST['return'] : ''); $return_path = defaults($_REQUEST, 'return', '');
if ($return_path) { if ($return_path) {
$rand = '_=' . time(); $rand = '_=' . time();
if (strpos($return_path, '?')) { if (strpos($return_path, '?')) {

View file

@ -89,7 +89,7 @@ function subthread_content(App $a) {
$post_type = (($item['resource-id']) ? L10n::t('photo') : L10n::t('status')); $post_type = (($item['resource-id']) ? L10n::t('photo') : L10n::t('status'));
$objtype = (($item['resource-id']) ? ACTIVITY_OBJ_IMAGE : ACTIVITY_OBJ_NOTE ); $objtype = (($item['resource-id']) ? ACTIVITY_OBJ_IMAGE : ACTIVITY_OBJ_NOTE );
$link = XML::escape('<link rel="alternate" type="text/html" href="' . System::baseUrl() . '/display/' . $owner['nickname'] . '/' . $item['id'] . '" />' . "\n") ; $link = XML::escape('<link rel="alternate" type="text/html" href="' . System::baseUrl() . '/display/' . $owner['nickname'] . '/' . $item['id'] . '" />' . "\n");
$body = $item['body']; $body = $item['body'];
$obj = <<< EOT $obj = <<< EOT

View file

@ -20,7 +20,7 @@ function suggest_init(App $a)
return; return;
} }
if (x($_GET,'ignore') && intval($_GET['ignore'])) { if (!empty($_GET['ignore'])) {
// Check if we should do HTML-based delete confirmation // Check if we should do HTML-based delete confirmation
if ($_REQUEST['confirm']) { if ($_REQUEST['confirm']) {
// <form> can't take arguments in its "action" parameter // <form> can't take arguments in its "action" parameter

View file

@ -78,7 +78,7 @@ function tagger_content(App $a) {
$href = System::baseUrl() . '/display/' . $item['guid']; $href = System::baseUrl() . '/display/' . $item['guid'];
} }
$link = XML::escape('<link rel="alternate" type="text/html" href="'. $href . '" />' . "\n") ; $link = XML::escape('<link rel="alternate" type="text/html" href="'. $href . '" />' . "\n");
$body = XML::escape($item['body']); $body = XML::escape($item['body']);

View file

@ -17,7 +17,7 @@ function tagrm_post(App $a)
$a->internalRedirect($_SESSION['photo_return']); $a->internalRedirect($_SESSION['photo_return']);
} }
if (x($_POST,'submit') && ($_POST['submit'] === L10n::t('Cancel'))) { if (!empty($_POST['submit']) && ($_POST['submit'] === L10n::t('Cancel'))) {
$a->internalRedirect($_SESSION['photo_return']); $a->internalRedirect($_SESSION['photo_return']);
} }

View file

@ -42,10 +42,10 @@ function uimport_content(App $a)
} }
if (x($_SESSION, 'theme')) { if (!empty($_SESSION['theme'])) {
unset($_SESSION['theme']); unset($_SESSION['theme']);
} }
if (x($_SESSION, 'mobile-theme')) { if (!empty($_SESSION['mobile-theme'])) {
unset($_SESSION['mobile-theme']); unset($_SESSION['mobile-theme']);
} }

View file

@ -114,10 +114,8 @@ function unfollow_content(App $a)
// Makes the connection request for friendica contacts easier // Makes the connection request for friendica contacts easier
$_SESSION['fastlane'] = $contact['url']; $_SESSION['fastlane'] = $contact['url'];
$header = L10n::t('Disconnect/Unfollow');
$o = Renderer::replaceMacros($tpl, [ $o = Renderer::replaceMacros($tpl, [
'$header' => htmlentities($header), '$header' => L10n::t('Disconnect/Unfollow'),
'$desc' => '', '$desc' => '',
'$pls_answer' => '', '$pls_answer' => '',
'$does_know_you' => '', '$does_know_you' => '',

View file

@ -29,18 +29,13 @@ function viewcontacts_init(App $a)
Nav::setSelected('home'); Nav::setSelected('home');
$nick = $a->argv[1]; $user = DBA::selectFirst('user', [], ['nickname' => $a->argv[1], 'blocked' => false]);
$r = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `blocked` = 0 LIMIT 1", if (!DBA::isResult($user)) {
DBA::escape($nick)
);
if (!DBA::isResult($r)) {
System::httpExit(404, ["title" => L10n::t('Page not found.')]); System::httpExit(404, ["title" => L10n::t('Page not found.')]);
} }
$a->data['user'] = $r[0]; $a->data['user'] = $user;
$a->profile_uid = $r[0]['uid']; $a->profile_uid = $user['uid'];
$is_owner = (local_user() && (local_user() == $a->profile_uid));
Profile::load($a, $a->argv[1]); Profile::load($a, $a->argv[1]);
} }
@ -54,82 +49,69 @@ function viewcontacts_content(App $a)
$is_owner = $a->profile['profile_uid'] == local_user(); $is_owner = $a->profile['profile_uid'] == local_user();
$o = "";
// tabs // tabs
$o .= Profile::getTabs($a, $is_owner, $a->data['user']['nickname']); $o = Profile::getTabs($a, $is_owner, $a->data['user']['nickname']);
if (!count($a->profile) || $a->profile['hide-friends']) { if (!count($a->profile) || $a->profile['hide-friends']) {
notice(L10n::t('Permission denied.') . EOL); notice(L10n::t('Permission denied.') . EOL);
return $o; return $o;
} }
$total = 0; $condition = [
$r = q("SELECT COUNT(*) AS `total` FROM `contact` 'uid' => $a->profile['uid'],
WHERE `uid` = %d AND NOT `blocked` AND NOT `pending` 'blocked' => false,
AND NOT `hidden` AND NOT `archive` 'pending' => false,
AND `network` IN ('%s', '%s', '%s', '%s')", 'hidden' => false,
intval($a->profile['uid']), 'archive' => false,
DBA::escape(Protocol::ACTIVITYPUB), 'network' => [Protocol::ACTIVITYPUB, Protocol::DFRN, Protocol::DIASPORA, Protocol::OSTATUS]
DBA::escape(Protocol::DFRN), ];
DBA::escape(Protocol::DIASPORA),
DBA::escape(Protocol::OSTATUS) $total = DBA::count('count', $condition);
);
if (DBA::isResult($r)) {
$total = $r[0]['total'];
}
$pager = new Pager($a->query_string); $pager = new Pager($a->query_string);
$r = q("SELECT * FROM `contact` $params = ['order' => ['name' => false], 'limit' => [$pager->getStart(), $pager->getItemsPerPage()]];
WHERE `uid` = %d AND NOT `blocked` AND NOT `pending`
AND NOT `hidden` AND NOT `archive` $contacts_stmt = DBA::select('contact', [], $condition, $params);
AND `network` IN ('%s', '%s', '%s', '%s')
ORDER BY `name` ASC LIMIT %d, %d", if (!DBA::isResult($contacts_stmt)) {
intval($a->profile['uid']), info(L10n::t('No contacts.') . EOL);
DBA::escape(Protocol::ACTIVITYPUB),
DBA::escape(Protocol::DFRN),
DBA::escape(Protocol::DIASPORA),
DBA::escape(Protocol::OSTATUS),
$pager->getStart(),
$pager->getItemsPerPage()
);
if (!DBA::isResult($r)) {
info(L10n::t('No contacts.').EOL);
return $o; return $o;
} }
$contacts = []; $contacts = [];
foreach ($r as $rr) { while ($contact = DBA::fetch($contacts_stmt)) {
/// @TODO This triggers an E_NOTICE if 'self' is not there /// @TODO This triggers an E_NOTICE if 'self' is not there
if ($rr['self']) { if ($contact['self']) {
continue; continue;
} }
$contact_details = Contact::getDetailsByURL($rr['url'], $a->profile['uid'], $rr); $contact_details = Contact::getDetailsByURL($contact['url'], $a->profile['uid'], $contact);
$contacts[] = [ $contacts[] = [
'id' => $rr['id'], 'id' => $contact['id'],
'img_hover' => L10n::t('Visit %s\'s profile [%s]', $contact_details['name'], $rr['url']), 'img_hover' => L10n::t('Visit %s\'s profile [%s]', $contact_details['name'], $contact['url']),
'photo_menu' => Contact::photoMenu($rr), 'photo_menu' => Contact::photoMenu($contact),
'thumb' => ProxyUtils::proxifyUrl($contact_details['thumb'], false, ProxyUtils::SIZE_THUMB), 'thumb' => ProxyUtils::proxifyUrl($contact_details['thumb'], false, ProxyUtils::SIZE_THUMB),
'name' => htmlentities(substr($contact_details['name'], 0, 20)), 'name' => substr($contact_details['name'], 0, 20),
'username' => htmlentities($contact_details['name']), 'username' => $contact_details['name'],
'details' => $contact_details['location'], 'details' => $contact_details['location'],
'tags' => $contact_details['keywords'], 'tags' => $contact_details['keywords'],
'about' => $contact_details['about'], 'about' => $contact_details['about'],
'account_type' => Contact::getAccountType($contact_details), 'account_type' => Contact::getAccountType($contact_details),
'url' => Contact::magicLink($rr['url']), 'url' => Contact::magicLink($contact['url']),
'sparkle' => '', 'sparkle' => '',
'itemurl' => (($contact_details['addr'] != "") ? $contact_details['addr'] : $rr['url']), 'itemurl' => (($contact_details['addr'] != "") ? $contact_details['addr'] : $contact['url']),
'network' => ContactSelector::networkToName($rr['network'], $rr['url']), 'network' => ContactSelector::networkToName($contact['network'], $contact['url']),
]; ];
} }
DBA::close($contacts_stmt);
$tpl = Renderer::getMarkupTemplate("viewcontact_template.tpl"); $tpl = Renderer::getMarkupTemplate("viewcontact_template.tpl");
$o .= Renderer::replaceMacros($tpl, [ $o .= Renderer::replaceMacros($tpl, [
'$title' => L10n::t('Contacts'), '$title' => L10n::t('Contacts'),
'$contacts' => $contacts, '$contacts' => $contacts,
'$paginate' => $pager->renderFull($total), '$paginate' => $pager->renderFull($total),
]); ]);

View file

@ -15,7 +15,7 @@ use Friendica\Util\Strings;
function wall_attach_post(App $a) { function wall_attach_post(App $a) {
$r_json = (x($_GET,'response') && $_GET['response']=='json'); $r_json = (!empty($_GET['response']) && $_GET['response']=='json');
if ($a->argc > 1) { if ($a->argc > 1) {
$nick = $a->argv[1]; $nick = $a->argv[1];
@ -85,7 +85,7 @@ function wall_attach_post(App $a) {
killme(); killme();
} }
if (! x($_FILES,'userfile')) { if (empty($_FILES['userfile'])) {
if ($r_json) { if ($r_json) {
echo json_encode(['error' => L10n::t('Invalid request.')]); echo json_encode(['error' => L10n::t('Invalid request.')]);
} }
@ -120,7 +120,7 @@ function wall_attach_post(App $a) {
if ($r_json) { if ($r_json) {
echo json_encode(['error' => $msg]); echo json_encode(['error' => $msg]);
} else { } else {
echo $msg . EOL ; echo $msg . EOL;
} }
@unlink($src); @unlink($src);
killme(); killme();
@ -144,7 +144,7 @@ function wall_attach_post(App $a) {
if ($r_json) { if ($r_json) {
echo json_encode(['error' => $msg]); echo json_encode(['error' => $msg]);
} else { } else {
echo $msg . EOL ; echo $msg . EOL;
} }
killme(); killme();
} }
@ -160,7 +160,7 @@ function wall_attach_post(App $a) {
if ($r_json) { if ($r_json) {
echo json_encode(['error' => $msg]); echo json_encode(['error' => $msg]);
} else { } else {
echo $msg . EOL ; echo $msg . EOL;
} }
killme(); killme();
} }

View file

@ -23,11 +23,11 @@ function wall_upload_post(App $a, $desktopmode = true)
{ {
Logger::log("wall upload: starting new upload", Logger::DEBUG); Logger::log("wall upload: starting new upload", Logger::DEBUG);
$r_json = (x($_GET, 'response') && $_GET['response'] == 'json'); $r_json = (!empty($_GET['response']) && $_GET['response'] == 'json');
$album = (x($_GET, 'album') ? Strings::escapeTags(trim($_GET['album'])) : ''); $album = (!empty($_GET['album']) ? Strings::escapeTags(trim($_GET['album'])) : '');
if ($a->argc > 1) { if ($a->argc > 1) {
if (!x($_FILES, 'media')) { if (empty($_FILES['media'])) {
$nick = $a->argv[1]; $nick = $a->argv[1];
$r = q("SELECT `user`.*, `contact`.`id` FROM `user` $r = q("SELECT `user`.*, `contact`.`id` FROM `user`
INNER JOIN `contact` on `user`.`uid` = `contact`.`uid` INNER JOIN `contact` on `user`.`uid` = `contact`.`uid`
@ -110,7 +110,7 @@ function wall_upload_post(App $a, $desktopmode = true)
killme(); killme();
} }
if (!x($_FILES, 'userfile') && !x($_FILES, 'media')) { if (empty($_FILES['userfile']) && empty($_FILES['media'])) {
if ($r_json) { if ($r_json) {
echo json_encode(['error' => L10n::t('Invalid request.')]); echo json_encode(['error' => L10n::t('Invalid request.')]);
} }
@ -121,13 +121,13 @@ function wall_upload_post(App $a, $desktopmode = true)
$filename = ''; $filename = '';
$filesize = 0; $filesize = 0;
$filetype = ''; $filetype = '';
if (x($_FILES, 'userfile')) { if (!empty($_FILES['userfile'])) {
$src = $_FILES['userfile']['tmp_name']; $src = $_FILES['userfile']['tmp_name'];
$filename = basename($_FILES['userfile']['name']); $filename = basename($_FILES['userfile']['name']);
$filesize = intval($_FILES['userfile']['size']); $filesize = intval($_FILES['userfile']['size']);
$filetype = $_FILES['userfile']['type']; $filetype = $_FILES['userfile']['type'];
} elseif (x($_FILES, 'media')) { } elseif (!empty($_FILES['media'])) {
if (!empty($_FILES['media']['tmp_name'])) { if (!empty($_FILES['media']['tmp_name'])) {
if (is_array($_FILES['media']['tmp_name'])) { if (is_array($_FILES['media']['tmp_name'])) {
$src = $_FILES['media']['tmp_name'][0]; $src = $_FILES['media']['tmp_name'][0];

View file

@ -20,8 +20,8 @@ function wallmessage_post(App $a) {
return; return;
} }
$subject = ((x($_REQUEST,'subject')) ? Strings::escapeTags(trim($_REQUEST['subject'])) : ''); $subject = (!empty($_REQUEST['subject']) ? Strings::escapeTags(trim($_REQUEST['subject'])) : '');
$body = ((x($_REQUEST,'body')) ? Strings::escapeHtml(trim($_REQUEST['body'])) : ''); $body = (!empty($_REQUEST['body']) ? Strings::escapeHtml(trim($_REQUEST['body'])) : '');
$recipient = (($a->argc > 1) ? Strings::escapeTags($a->argv[1]) : ''); $recipient = (($a->argc > 1) ? Strings::escapeTags($a->argv[1]) : '');
if ((! $recipient) || (! $body)) { if ((! $recipient) || (! $body)) {
@ -125,20 +125,20 @@ function wallmessage_content(App $a) {
$tpl = Renderer::getMarkupTemplate('wallmessage.tpl'); $tpl = Renderer::getMarkupTemplate('wallmessage.tpl');
$o = Renderer::replaceMacros($tpl, [ $o = Renderer::replaceMacros($tpl, [
'$header' => L10n::t('Send Private Message'), '$header' => L10n::t('Send Private Message'),
'$subheader' => L10n::t('If you wish for %s to respond, please check that the privacy settings on your site allow private mail from unknown senders.', $user['username']), '$subheader' => L10n::t('If you wish for %s to respond, please check that the privacy settings on your site allow private mail from unknown senders.', $user['username']),
'$to' => L10n::t('To:'), '$to' => L10n::t('To:'),
'$subject' => L10n::t('Subject:'), '$subject' => L10n::t('Subject:'),
'$recipname' => $user['username'], '$recipname' => $user['username'],
'$nickname' => $user['nickname'], '$nickname' => $user['nickname'],
'$subjtxt' => ((x($_REQUEST, 'subject')) ? strip_tags($_REQUEST['subject']) : ''), '$subjtxt' => defaults($_REQUEST, 'subject', ''),
'$text' => ((x($_REQUEST, 'body')) ? Strings::escapeHtml(htmlspecialchars($_REQUEST['body'])) : ''), '$text' => defaults($_REQUEST, 'body', ''),
'$readonly' => '', '$readonly' => '',
'$yourmessage' => L10n::t('Your message:'), '$yourmessage'=> L10n::t('Your message:'),
'$parent' => '', '$parent' => '',
'$upload' => L10n::t('Upload photo'), '$upload' => L10n::t('Upload photo'),
'$insert' => L10n::t('Insert web link'), '$insert' => L10n::t('Insert web link'),
'$wait' => L10n::t('Please wait') '$wait' => L10n::t('Please wait')
]); ]);
return $o; return $o;

View file

@ -20,7 +20,8 @@ function webfinger_content(App $a)
killme(); killme();
} }
$o = '<h3>Webfinger Diagnostic</h3>'; $o = '<div class="generic-page-wrapper">';
$o .= '<h3>Webfinger Diagnostic</h3>';
$o .= '<form action="webfinger" method="get">'; $o .= '<form action="webfinger" method="get">';
$o .= 'Lookup address: <input type="text" style="width: 250px;" name="addr" value="' . defaults($_GET, 'addr', '') .'" />'; $o .= 'Lookup address: <input type="text" style="width: 250px;" name="addr" value="' . defaults($_GET, 'addr', '') .'" />';
@ -28,12 +29,14 @@ function webfinger_content(App $a)
$o .= '<br /><br />'; $o .= '<br /><br />';
if (x($_GET, 'addr')) { if (!empty($_GET['addr'])) {
$addr = trim($_GET['addr']); $addr = trim($_GET['addr']);
$res = Probe::lrdd($addr); $res = Probe::lrdd($addr);
$o .= '<pre>'; $o .= '<pre>';
$o .= str_replace("\n", '<br />', print_r($res, true)); $o .= str_replace("\n", '<br />', print_r($res, true));
$o .= '</pre>'; $o .= '</pre>';
} }
$o .= '</div>';
return $o; return $o;
} }

View file

@ -91,7 +91,7 @@ server {
# by denying dot files and rewrite request to the front controller # by denying dot files and rewrite request to the front controller
location ^~ /.well-known/ { location ^~ /.well-known/ {
allow all; allow all;
try_files $uri /index.php?pagename=$uri&$args; rewrite ^ /index.php?pagename=$uri;
} }
include mime.types; include mime.types;

View file

@ -80,7 +80,7 @@ text { font:12px Dialog; }
<text x="149" y="1721" style="font:13px Open Sans">($_POST['localconfirm'] == 1)</text> <text x="149" y="1721" style="font:13px Open Sans">($_POST['localconfirm'] == 1)</text>
<text x="149" y="1744" style="font:13px Open Sans">-----------------------------------------------------------------------</text> <text x="149" y="1744" style="font:13px Open Sans">-----------------------------------------------------------------------</text>
<text x="149" y="1767" style="font:13px Open Sans">- if(local_user() &amp;&amp; ($a-&gt;user['nickname'] == $a-</text> <text x="149" y="1767" style="font:13px Open Sans">- if(local_user() &amp;&amp; ($a-&gt;user['nickname'] == $a-</text>
<text x="149" y="1790" style="font:13px Open Sans">&gt;argv[1]) &amp;&amp; (x($_POST,'dfrn_url')))</text> <text x="149" y="1790" style="font:13px Open Sans">&gt;argv[1]) &amp;&amp; !empty($_POST['dfrn_url']))</text>
<text x="149" y="1813" style="font:13px Open Sans">-&gt;</text> <text x="149" y="1813" style="font:13px Open Sans">-&gt;</text>
<text x="149" y="1859" style="font:13px Open Sans">- $confirm_key comes from $_POST</text> <text x="149" y="1859" style="font:13px Open Sans">- $confirm_key comes from $_POST</text>
<text x="149" y="1905" style="font:13px Open Sans">- get data for contact Karen (contact table) by </text> <text x="149" y="1905" style="font:13px Open Sans">- get data for contact Karen (contact table) by </text>
@ -104,7 +104,7 @@ text { font:12px Dialog; }
<path d="M866,2206 C861.5820313,2206 858,2209.5820313 858,2214 L858,2444 C858,2448.4179688 861.5820313,2452 866,2452 L1434,2452 C1438.4179688,2452 1442,2448.4179688 1442,2444 L1442,2214 C1442,2209.5820313 1438.4179688,2206 1434,2206 Z" style="fill:rgb(255,255,3);stroke:none" clip-path="url(#clip14)" /> <path d="M866,2206 C861.5820313,2206 858,2209.5820313 858,2214 L858,2444 C858,2448.4179688 861.5820313,2452 866,2452 L1434,2452 C1438.4179688,2452 1442,2448.4179688 1442,2444 L1442,2214 C1442,2209.5820313 1438.4179688,2206 1434,2206 Z" style="fill:rgb(255,255,3);stroke:none" clip-path="url(#clip14)" />
<text x="871" y="2228" style="font:13px Open Sans">http://karenhomepage.com/dfrn_request?confirm_key=”ABC123”</text> <text x="871" y="2228" style="font:13px Open Sans">http://karenhomepage.com/dfrn_request?confirm_key=”ABC123”</text>
<text x="871" y="2274" style="font:13px Open Sans">dfrn_request_content() -</text> <text x="871" y="2274" style="font:13px Open Sans">dfrn_request_content() -</text>
<text x="871" y="2297" style="font:13px Open Sans">(elseif((x($_GET,'confirm_key')) &amp;&amp; strlen($_GET['confirm_key'])) )</text> <text x="871" y="2297" style="font:13px Open Sans">elseif (!empty($_GET['confirm_key']))</text>
<text x="871" y="2320" style="font:13px Open Sans">----------------------------------------------------------------------------------------------</text> <text x="871" y="2320" style="font:13px Open Sans">----------------------------------------------------------------------------------------------</text>
<text x="871" y="2366" style="font:13px Open Sans">- select the intro by confirm_key (intro table) -&gt; get contact id</text> <text x="871" y="2366" style="font:13px Open Sans">- select the intro by confirm_key (intro table) -&gt; get contact id</text>
<text x="871" y="2389" style="font:13px Open Sans">- use the intro contact id to get the contact in the contact table</text> <text x="871" y="2389" style="font:13px Open Sans">- use the intro contact id to get the contact in the contact table</text>

Before

Width:  |  Height:  |  Size: 33 KiB

After

Width:  |  Height:  |  Size: 33 KiB

View file

@ -523,7 +523,7 @@ class App
if (!empty($relative_script_path)) { if (!empty($relative_script_path)) {
// Module // Module
if (!empty($_SERVER['QUERY_STRING'])) { if (!empty($_SERVER['QUERY_STRING'])) {
$path = trim(dirname($relative_script_path, substr_count(trim($_SERVER['QUERY_STRING'], '/'), '/') + 1), '/'); $path = trim(rdirname($relative_script_path, substr_count(trim($_SERVER['QUERY_STRING'], '/'), '/') + 1), '/');
} else { } else {
// Root page // Root page
$path = trim($relative_script_path, '/'); $path = trim($relative_script_path, '/');
@ -549,7 +549,7 @@ class App
// Use environment variables for mysql if they are set beforehand // Use environment variables for mysql if they are set beforehand
if (!empty(getenv('MYSQL_HOST')) if (!empty(getenv('MYSQL_HOST'))
&& (!empty(getenv('MYSQL_USERNAME')) || !empty(getenv('MYSQL_USER'))) && !empty(getenv('MYSQL_USERNAME') || !empty(getenv('MYSQL_USER')))
&& getenv('MYSQL_PASSWORD') !== false && getenv('MYSQL_PASSWORD') !== false
&& !empty(getenv('MYSQL_DATABASE'))) && !empty(getenv('MYSQL_DATABASE')))
{ {
@ -668,7 +668,7 @@ class App
$this->hostname = Core\Config::get('config', 'hostname'); $this->hostname = Core\Config::get('config', 'hostname');
} }
return $scheme . '://' . $this->hostname . (!empty($this->getURLPath()) ? '/' . $this->getURLPath() : '' ); return $scheme . '://' . $this->hostname . !empty($this->getURLPath() ? '/' . $this->getURLPath() : '' );
} }
/** /**
@ -1880,7 +1880,7 @@ class App
*/ */
public function internalRedirect($toUrl = '', $ssl = false) public function internalRedirect($toUrl = '', $ssl = false)
{ {
if (filter_var($toUrl, FILTER_VALIDATE_URL)) { if (!empty(parse_url($toUrl, PHP_URL_SCHEME))) {
throw new InternalServerErrorException("'$toUrl is not a relative path, please use System::externalRedirectTo"); throw new InternalServerErrorException("'$toUrl is not a relative path, please use System::externalRedirectTo");
} }
@ -1897,7 +1897,7 @@ class App
*/ */
public function redirect($toUrl) public function redirect($toUrl)
{ {
if (filter_var($toUrl, FILTER_VALIDATE_URL)) { if (!empty(parse_url($toUrl, PHP_URL_SCHEME))) {
Core\System::externalRedirect($toUrl); Core\System::externalRedirect($toUrl);
} else { } else {
$this->internalRedirect($toUrl); $this->internalRedirect($toUrl);

View file

@ -58,7 +58,7 @@ class Nav
public static function build(App $a) public static function build(App $a)
{ {
// Placeholder div for popup panel // Placeholder div for popup panel
$nav = '<div id="panel" style="display: none;"></div>' ; $nav = '<div id="panel" style="display: none;"></div>';
$nav_info = self::getInfo($a); $nav_info = self::getInfo($a);
@ -170,7 +170,7 @@ class Nav
// "Home" should also take you home from an authenticated remote profile connection // "Home" should also take you home from an authenticated remote profile connection
$homelink = Profile::getMyURL(); $homelink = Profile::getMyURL();
if (! $homelink) { if (! $homelink) {
$homelink = ((x($_SESSION, 'visitor_home')) ? $_SESSION['visitor_home'] : ''); $homelink = defaults($_SESSION, 'visitor_home', '');
} }
if (($a->module != 'home') && (! (local_user()))) { if (($a->module != 'home') && (! (local_user()))) {
@ -234,7 +234,7 @@ class Nav
// The following nav links are only show to logged in users // The following nav links are only show to logged in users
if (local_user()) { if (local_user()) {
$nav['network'] = ['network', L10n::t('Network'), '', L10n::t('Conversations from your friends')]; $nav['network'] = ['network', L10n::t('Network'), '', L10n::t('Conversations from your friends')];
$nav['net_reset'] = ['network/0?f=&order=comment&nets=all', L10n::t('Network Reset'), '', L10n::t('Load Network page with no filters')]; $nav['net_reset'] = ['network/?f=', L10n::t('Network Reset'), '', L10n::t('Load Network page with no filters')];
$nav['home'] = ['profile/' . $a->user['nickname'], L10n::t('Home'), '', L10n::t('Your posts and conversations')]; $nav['home'] = ['profile/' . $a->user['nickname'], L10n::t('Home'), '', L10n::t('Your posts and conversations')];

View file

@ -308,12 +308,12 @@ class OEmbed
} }
$domain = parse_url($url, PHP_URL_HOST); $domain = parse_url($url, PHP_URL_HOST);
if (!x($domain)) { if (empty($domain)) {
return false; return false;
} }
$str_allowed = Config::get('system', 'allowed_oembed', ''); $str_allowed = Config::get('system', 'allowed_oembed', '');
if (!x($str_allowed)) { if (empty($str_allowed)) {
return false; return false;
} }
@ -334,7 +334,7 @@ class OEmbed
throw new Exception('OEmbed failed for URL: ' . $url); throw new Exception('OEmbed failed for URL: ' . $url);
} }
if (x($title)) { if (!empty($title)) {
$o->title = $title; $o->title = $title;
} }

View file

@ -130,12 +130,12 @@ class BBCode extends BaseObject
$type = ""; $type = "";
preg_match("/type='(.*?)'/ism", $attributes, $matches); preg_match("/type='(.*?)'/ism", $attributes, $matches);
if (x($matches, 1)) { if (!empty($matches[1])) {
$type = strtolower($matches[1]); $type = strtolower($matches[1]);
} }
preg_match('/type="(.*?)"/ism', $attributes, $matches); preg_match('/type="(.*?)"/ism', $attributes, $matches);
if (x($matches, 1)) { if (!empty($matches[1])) {
$type = strtolower($matches[1]); $type = strtolower($matches[1]);
} }
@ -153,12 +153,12 @@ class BBCode extends BaseObject
$url = ""; $url = "";
preg_match("/url='(.*?)'/ism", $attributes, $matches); preg_match("/url='(.*?)'/ism", $attributes, $matches);
if (x($matches, 1)) { if (!empty($matches[1])) {
$url = $matches[1]; $url = $matches[1];
} }
preg_match('/url="(.*?)"/ism', $attributes, $matches); preg_match('/url="(.*?)"/ism', $attributes, $matches);
if (x($matches, 1)) { if (!empty($matches[1])) {
$url = $matches[1]; $url = $matches[1];
} }
@ -168,12 +168,12 @@ class BBCode extends BaseObject
$title = ""; $title = "";
preg_match("/title='(.*?)'/ism", $attributes, $matches); preg_match("/title='(.*?)'/ism", $attributes, $matches);
if (x($matches, 1)) { if (!empty($matches[1])) {
$title = $matches[1]; $title = $matches[1];
} }
preg_match('/title="(.*?)"/ism', $attributes, $matches); preg_match('/title="(.*?)"/ism', $attributes, $matches);
if (x($matches, 1)) { if (!empty($matches[1])) {
$title = $matches[1]; $title = $matches[1];
} }
@ -186,12 +186,12 @@ class BBCode extends BaseObject
$image = ""; $image = "";
preg_match("/image='(.*?)'/ism", $attributes, $matches); preg_match("/image='(.*?)'/ism", $attributes, $matches);
if (x($matches, 1)) { if (!empty($matches[1])) {
$image = $matches[1]; $image = $matches[1];
} }
preg_match('/image="(.*?)"/ism', $attributes, $matches); preg_match('/image="(.*?)"/ism', $attributes, $matches);
if (x($matches, 1)) { if (!empty($matches[1])) {
$image = $matches[1]; $image = $matches[1];
} }
@ -201,12 +201,12 @@ class BBCode extends BaseObject
$preview = ""; $preview = "";
preg_match("/preview='(.*?)'/ism", $attributes, $matches); preg_match("/preview='(.*?)'/ism", $attributes, $matches);
if (x($matches, 1)) { if (!empty($matches[1])) {
$preview = $matches[1]; $preview = $matches[1];
} }
preg_match('/preview="(.*?)"/ism', $attributes, $matches); preg_match('/preview="(.*?)"/ism', $attributes, $matches);
if (x($matches, 1)) { if (!empty($matches[1])) {
$preview = $matches[1]; $preview = $matches[1];
} }
@ -234,7 +234,7 @@ class BBCode extends BaseObject
*/ */
$has_title = !empty($item['title']); $has_title = !empty($item['title']);
$plink = (!empty($item['plink']) ? $item['plink'] : ''); $plink = defaults($item, 'plink', '');
$post = self::getAttachmentData($body); $post = self::getAttachmentData($body);
// if nothing is found, it maybe having an image. // if nothing is found, it maybe having an image.
@ -626,7 +626,7 @@ class BBCode extends BaseObject
$data["title"] = $data["url"]; $data["title"] = $data["url"];
} }
if (($data["text"] == "") && ($data["title"] != "") && ($data["url"] == "")) { if (empty($data["text"]) && !empty($data["title"]) && empty($data["url"])) {
return $data["title"] . $data["after"]; return $data["title"] . $data["after"];
} }
@ -1662,7 +1662,7 @@ class BBCode extends BaseObject
// Summary (e.g. title) is required, earlier revisions only required description (in addition to // Summary (e.g. title) is required, earlier revisions only required description (in addition to
// start which is always required). Allow desc with a missing summary for compatibility. // start which is always required). Allow desc with a missing summary for compatibility.
if ((x($ev, 'desc') || x($ev, 'summary')) && x($ev, 'start')) { if ((!empty($ev['desc']) || !empty($ev['summary'])) && !empty($ev['start'])) {
$sub = Event::getHTML($ev, $simple_html); $sub = Event::getHTML($ev, $simple_html);
$text = preg_replace("/\[event\-summary\](.*?)\[\/event\-summary\]/ism", '', $text); $text = preg_replace("/\[event\-summary\](.*?)\[\/event\-summary\]/ism", '', $text);

View file

@ -908,7 +908,7 @@ class HTML
public static function micropro($contact, $redirect = false, $class = '', $textmode = false) public static function micropro($contact, $redirect = false, $class = '', $textmode = false)
{ {
// Use the contact URL if no address is available // Use the contact URL if no address is available
if (!x($contact, "addr")) { if (empty($contact['addr'])) {
$contact["addr"] = $contact["url"]; $contact["addr"] = $contact["url"];
} }
@ -924,7 +924,7 @@ class HTML
} }
// If there is some js available we don't need the url // If there is some js available we don't need the url
if (x($contact, 'click')) { if (!empty($contact['click'])) {
$url = ''; $url = '';
} }
@ -961,7 +961,7 @@ class HTML
$save_label = $mode === 'text' ? L10n::t('Save') : L10n::t('Follow'); $save_label = $mode === 'text' ? L10n::t('Save') : L10n::t('Follow');
$values = [ $values = [
'$s' => htmlspecialchars($s), '$s' => $s,
'$id' => $id, '$id' => $id,
'$action_url' => $url, '$action_url' => $url,
'$search_label' => L10n::t('Search'), '$search_label' => L10n::t('Search'),

View file

@ -106,7 +106,7 @@ class Authentication extends BaseObject
$masterUid = $user_record['uid']; $masterUid = $user_record['uid'];
if ((x($_SESSION, 'submanage')) && intval($_SESSION['submanage'])) { if (!empty($_SESSION['submanage'])) {
$user = DBA::selectFirst('user', ['uid'], ['uid' => $_SESSION['submanage']]); $user = DBA::selectFirst('user', ['uid'], ['uid' => $_SESSION['submanage']]);
if (DBA::isResult($user)) { if (DBA::isResult($user)) {
$masterUid = $user['uid']; $masterUid = $user['uid'];

View file

@ -119,11 +119,11 @@ HELP;
$db_data = $this->getOption(['d', 'dbdata'], ($save_db) ? getenv('MYSQL_DATABASE') : ''); $db_data = $this->getOption(['d', 'dbdata'], ($save_db) ? getenv('MYSQL_DATABASE') : '');
$db_user = $this->getOption(['U', 'dbuser'], ($save_db) ? getenv('MYSQL_USER') . getenv('MYSQL_USERNAME') : ''); $db_user = $this->getOption(['U', 'dbuser'], ($save_db) ? getenv('MYSQL_USER') . getenv('MYSQL_USERNAME') : '');
$db_pass = $this->getOption(['P', 'dbpass'], ($save_db) ? getenv('MYSQL_PASSWORD') : ''); $db_pass = $this->getOption(['P', 'dbpass'], ($save_db) ? getenv('MYSQL_PASSWORD') : '');
$url_path = $this->getOption(['u', 'urlpath'], (!empty('FRIENDICA_URL_PATH')) ? getenv('FRIENDICA_URL_PATH') : null); $url_path = $this->getOption(['u', 'urlpath'], !empty('FRIENDICA_URL_PATH') ? getenv('FRIENDICA_URL_PATH') : null);
$php_path = $this->getOption(['b', 'phppath'], (!empty('FRIENDICA_PHP_PATH')) ? getenv('FRIENDICA_PHP_PATH') : null); $php_path = $this->getOption(['b', 'phppath'], !empty('FRIENDICA_PHP_PATH') ? getenv('FRIENDICA_PHP_PATH') : null);
$admin_mail = $this->getOption(['A', 'admin'], (!empty('FRIENDICA_ADMIN_MAIL')) ? getenv('FRIENDICA_ADMIN_MAIL') : ''); $admin_mail = $this->getOption(['A', 'admin'], !empty('FRIENDICA_ADMIN_MAIL') ? getenv('FRIENDICA_ADMIN_MAIL') : '');
$tz = $this->getOption(['T', 'tz'], (!empty('FRIENDICA_TZ')) ? getenv('FRIENDICA_TZ') : ''); $tz = $this->getOption(['T', 'tz'], !empty('FRIENDICA_TZ') ? getenv('FRIENDICA_TZ') : '');
$lang = $this->getOption(['L', 'lang'], (!empty('FRIENDICA_LANG')) ? getenv('FRIENDICA_LANG') : ''); $lang = $this->getOption(['L', 'lang'], !empty('FRIENDICA_LANG') ? getenv('FRIENDICA_LANG') : '');
if (empty($php_path)) { if (empty($php_path)) {
$php_path = $installer->getPHPPath(); $php_path = $installer->getPHPPath();
@ -132,7 +132,7 @@ HELP;
$installer->createConfig( $installer->createConfig(
$php_path, $php_path,
$url_path, $url_path,
((!empty($db_port)) ? $db_host . ':' . $db_port : $db_host), (!empty($db_port) ? $db_host . ':' . $db_port : $db_host),
$db_user, $db_user,
$db_pass, $db_pass,
$db_data, $db_data,

View file

@ -440,6 +440,13 @@ class Installer
); );
$returnVal = $returnVal ? $status : false; $returnVal = $returnVal ? $status : false;
$status = $this->checkFunction('json_encode',
L10n::t('JSON PHP module'),
L10n::t('Error: JSON PHP module required but not installed.'),
true
);
$returnVal = $returnVal ? $status : false;
return $returnVal; return $returnVal;
} }

View file

@ -643,7 +643,7 @@ class NotificationsManager extends BaseObject
'madeby_zrl' => Contact::magicLink($it['url']), 'madeby_zrl' => Contact::magicLink($it['url']),
'madeby_addr' => $it['addr'], 'madeby_addr' => $it['addr'],
'contact_id' => $it['contact-id'], 'contact_id' => $it['contact-id'],
'photo' => ((x($it, 'fphoto')) ? ProxyUtils::proxifyUrl($it['fphoto'], false, ProxyUtils::SIZE_SMALL) : "images/person-300.jpg"), 'photo' => (!empty($it['fphoto']) ? ProxyUtils::proxifyUrl($it['fphoto'], false, ProxyUtils::SIZE_SMALL) : "images/person-300.jpg"),
'name' => $it['fname'], 'name' => $it['fname'],
'url' => $it['furl'], 'url' => $it['furl'],
'zrl' => Contact::magicLink($it['furl']), 'zrl' => Contact::magicLink($it['furl']),
@ -675,7 +675,7 @@ class NotificationsManager extends BaseObject
'uid' => $_SESSION['uid'], 'uid' => $_SESSION['uid'],
'intro_id' => $it['intro_id'], 'intro_id' => $it['intro_id'],
'contact_id' => $it['contact-id'], 'contact_id' => $it['contact-id'],
'photo' => ((x($it, 'photo')) ? ProxyUtils::proxifyUrl($it['photo'], false, ProxyUtils::SIZE_SMALL) : "images/person-300.jpg"), 'photo' => (!empty($it['photo']) ? ProxyUtils::proxifyUrl($it['photo'], false, ProxyUtils::SIZE_SMALL) : "images/person-300.jpg"),
'name' => $it['name'], 'name' => $it['name'],
'location' => BBCode::convert($it['glocation'], false), 'location' => BBCode::convert($it['glocation'], false),
'about' => BBCode::convert($it['gabout'], false), 'about' => BBCode::convert($it['gabout'], false),

View file

@ -48,29 +48,29 @@ class Renderer extends BaseObject
'internal' => '', 'internal' => '',
'smarty3' => '}}' 'smarty3' => '}}'
]; ];
/** /**
* @brief This is our template processor * @brief This is our template processor
* *
* @param string|FriendicaSmarty $s The string requiring macro substitution or an instance of FriendicaSmarty * @param string|FriendicaSmarty $s The string requiring macro substitution or an instance of FriendicaSmarty
* @param array $r key value pairs (search => replace) * @param array $vars key value pairs (search => replace)
* *
* @return string substituted string * @return string substituted string
*/ */
public static function replaceMacros($s, $r) public static function replaceMacros($s, $vars)
{ {
$stamp1 = microtime(true); $stamp1 = microtime(true);
$a = self::getApp(); $a = self::getApp();
// pass $baseurl to all templates // pass $baseurl to all templates
$r['$baseurl'] = System::baseUrl(); $vars['$baseurl'] = System::baseUrl();
$t = self::getTemplateEngine(); $t = self::getTemplateEngine();
try { try {
$output = $t->replaceMacros($s, $r); $output = $t->replaceMacros($s, $vars);
} catch (Exception $e) { } catch (Exception $e) {
echo "<pre><b>" . __FUNCTION__ . "</b>: " . $e->getMessage() . "</pre>"; echo "<pre><b>" . __FUNCTION__ . "</b>: " . $e->getMessage() . "</pre>";
killme(); exit();
} }
$a->saveTimestamp($stamp1, "rendering"); $a->saveTimestamp($stamp1, "rendering");

View file

@ -26,7 +26,7 @@ class DatabaseSessionHandler extends BaseObject implements SessionHandlerInterfa
public function read($session_id) public function read($session_id)
{ {
if (!x($session_id)) { if (empty($session_id)) {
return ''; return '';
} }

View file

@ -126,9 +126,33 @@ class System extends BaseObject
{ {
$err = ''; $err = '';
if ($val >= 400) { if ($val >= 400) {
$err = 'Error'; if (!empty($description['title'])) {
if (!isset($description["title"])) { $err = $description['title'];
$description["title"] = $err." ".$val; } else {
$title = [
'400' => L10n::t('Error 400 - Bad Request'),
'401' => L10n::t('Error 401 - Unauthorized'),
'403' => L10n::t('Error 403 - Forbidden'),
'404' => L10n::t('Error 404 - Not Found'),
'500' => L10n::t('Error 500 - Internal Server Error'),
'503' => L10n::t('Error 503 - Service Unavailable'),
];
$err = defaults($title, $val, 'Error ' . $val);
$description['title'] = $err;
}
if (empty($description['description'])) {
// Explanations are taken from https://en.wikipedia.org/wiki/List_of_HTTP_status_codes
$explanation = [
'400' => L10n::t('The server cannot or will not process the request due to an apparent client error.'),
'401' => L10n::t('Authentication is required and has failed or has not yet been provided.'),
'403' => L10n::t('The request was valid, but the server is refusing action. The user might not have the necessary permissions for a resource, or may need an account.'),
'404' => L10n::t('The requested resource could not be found but may be available in the future.'),
'500' => L10n::t('An unexpected condition was encountered and no more specific message is suitable.'),
'503' => L10n::t('The server is currently unavailable (because it is overloaded or down for maintenance). Please try again later.'),
];
if (!empty($explanation[$val])) {
$description['description'] = $explanation[$val];
}
} }
} }
@ -248,7 +272,7 @@ class System extends BaseObject
*/ */
public static function externalRedirect($url) public static function externalRedirect($url)
{ {
if (!filter_var($url, FILTER_VALIDATE_URL)) { if (empty(parse_url($url, PHP_URL_SCHEME))) {
throw new InternalServerErrorException("'$url' is not a fully qualified URL, please use App->internalRedirect() instead"); throw new InternalServerErrorException("'$url' is not a fully qualified URL, please use App->internalRedirect() instead");
} }

View file

@ -18,6 +18,10 @@ class Update
*/ */
public static function check($via_worker) public static function check($via_worker)
{ {
if (!DBA::connected()) {
return;
}
$build = Config::get('system', 'build'); $build = Config::get('system', 'build');
if (empty($build)) { if (empty($build)) {
@ -118,6 +122,8 @@ class Update
Lock::release('dbupdate'); Lock::release('dbupdate');
} }
} }
} elseif ($force) {
DBStructure::update($verbose, true);
} }
return ''; return '';

View file

@ -105,7 +105,7 @@ class UserImport
} }
if (!x($account, 'version')) { if (empty($account['version'])) {
notice(L10n::t("Error! No version data in file! This is not a Friendica account file?")); notice(L10n::t("Error! No version data in file! This is not a Friendica account file?"));
return; return;
} }

View file

@ -1044,12 +1044,11 @@ class DBA
* @param array $options * @param array $options
* - cascade: If true we delete records in other tables that depend on the one we're deleting through * - cascade: If true we delete records in other tables that depend on the one we're deleting through
* relations (default: true) * relations (default: true)
* @param boolean $in_process Internal use: Only do a commit after the last delete
* @param array $callstack Internal use: prevent endless loops * @param array $callstack Internal use: prevent endless loops
* *
* @return boolean|array was the delete successful? When $in_process is set: deletion data * @return boolean was the delete successful?
*/ */
public static function delete($table, array $conditions, array $options = [], $in_process = false, array &$callstack = []) public static function delete($table, array $conditions, array $options = [], array &$callstack = [])
{ {
if (empty($table) || empty($conditions)) { if (empty($table) || empty($conditions)) {
Logger::log('Table and conditions have to be set'); Logger::log('Table and conditions have to be set');
@ -1098,22 +1097,18 @@ class DBA
if ((count($conditions) == 1) && ($field == array_keys($conditions)[0])) { if ((count($conditions) == 1) && ($field == array_keys($conditions)[0])) {
foreach ($rel_def AS $rel_table => $rel_fields) { foreach ($rel_def AS $rel_table => $rel_fields) {
foreach ($rel_fields AS $rel_field) { foreach ($rel_fields AS $rel_field) {
$retval = self::delete($rel_table, [$rel_field => array_values($conditions)[0]], $options, true, $callstack); $retval = self::delete($rel_table, [$rel_field => array_values($conditions)[0]], $options, $callstack);
$commands = array_merge($commands, $retval);
} }
} }
// We quit when this key already exists in the callstack. // We quit when this key already exists in the callstack.
} elseif (!isset($callstack[$qkey])) { } elseif (!isset($callstack[$qkey])) {
$callstack[$qkey] = true; $callstack[$qkey] = true;
// Fetch all rows that are to be deleted // Fetch all rows that are to be deleted
$data = self::select($table, [$field], $conditions); $data = self::select($table, [$field], $conditions);
while ($row = self::fetch($data)) { while ($row = self::fetch($data)) {
// Now we accumulate the delete commands self::delete($table, [$field => $row[$field]], $options, $callstack);
$retval = self::delete($table, [$field => $row[$field]], $options, true, $callstack);
$commands = array_merge($commands, $retval);
} }
self::close($data); self::close($data);
@ -1123,74 +1118,70 @@ class DBA
} }
} }
if (!$in_process) { // Now we finalize the process
// Now we finalize the process $do_transaction = !self::$in_transaction;
$do_transaction = !self::$in_transaction;
if ($do_transaction) { if ($do_transaction) {
self::transaction(); self::transaction();
}
$compacted = [];
$counter = [];
foreach ($commands AS $command) {
$conditions = $command['conditions'];
reset($conditions);
$first_key = key($conditions);
$condition_string = self::buildCondition($conditions);
if ((count($command['conditions']) > 1) || is_int($first_key)) {
$sql = "DELETE FROM `" . $command['table'] . "`" . $condition_string;
Logger::log(self::replaceParameters($sql, $conditions), Logger::DATA);
if (!self::e($sql, $conditions)) {
if ($do_transaction) {
self::rollback();
}
return false;
}
} else {
$key_table = $command['table'];
$key_condition = array_keys($command['conditions'])[0];
$value = array_values($command['conditions'])[0];
// Split the SQL queries in chunks of 100 values
// We do the $i stuff here to make the code better readable
$i = isset($counter[$key_table][$key_condition]) ? $counter[$key_table][$key_condition] : 0;
if (isset($compacted[$key_table][$key_condition][$i]) && count($compacted[$key_table][$key_condition][$i]) > 100) {
++$i;
}
$compacted[$key_table][$key_condition][$i][$value] = $value;
$counter[$key_table][$key_condition] = $i;
} }
}
foreach ($compacted AS $table => $values) {
foreach ($values AS $field => $field_value_list) {
foreach ($field_value_list AS $field_values) {
$sql = "DELETE FROM `" . $table . "` WHERE `" . $field . "` IN (" .
substr(str_repeat("?, ", count($field_values)), 0, -2) . ");";
$compacted = []; Logger::log(self::replaceParameters($sql, $field_values), Logger::DATA);
$counter = [];
foreach ($commands AS $command) { if (!self::e($sql, $field_values)) {
$conditions = $command['conditions'];
reset($conditions);
$first_key = key($conditions);
$condition_string = self::buildCondition($conditions);
if ((count($command['conditions']) > 1) || is_int($first_key)) {
$sql = "DELETE FROM `" . $command['table'] . "`" . $condition_string;
Logger::log(self::replaceParameters($sql, $conditions), Logger::DATA);
if (!self::e($sql, $conditions)) {
if ($do_transaction) { if ($do_transaction) {
self::rollback(); self::rollback();
} }
return false; return false;
} }
} else {
$key_table = $command['table'];
$key_condition = array_keys($command['conditions'])[0];
$value = array_values($command['conditions'])[0];
// Split the SQL queries in chunks of 100 values
// We do the $i stuff here to make the code better readable
$i = isset($counter[$key_table][$key_condition]) ? $counter[$key_table][$key_condition] : 0;
if (isset($compacted[$key_table][$key_condition][$i]) && count($compacted[$key_table][$key_condition][$i]) > 100) {
++$i;
}
$compacted[$key_table][$key_condition][$i][$value] = $value;
$counter[$key_table][$key_condition] = $i;
} }
} }
foreach ($compacted AS $table => $values) {
foreach ($values AS $field => $field_value_list) {
foreach ($field_value_list AS $field_values) {
$sql = "DELETE FROM `" . $table . "` WHERE `" . $field . "` IN (" .
substr(str_repeat("?, ", count($field_values)), 0, -2) . ");";
Logger::log(self::replaceParameters($sql, $field_values), Logger::DATA);
if (!self::e($sql, $field_values)) {
if ($do_transaction) {
self::rollback();
}
return false;
}
}
}
}
if ($do_transaction) {
self::commit();
}
return true;
} }
if ($do_transaction) {
return $commands; self::commit();
}
return true;
} }
/** /**

View file

@ -538,7 +538,7 @@ class DBStructure
$primary_keys = []; $primary_keys = [];
foreach ($structure["fields"] AS $fieldname => $field) { foreach ($structure["fields"] AS $fieldname => $field) {
$sql_rows[] = "`".DBA::escape($fieldname)."` ".self::FieldCommand($field); $sql_rows[] = "`".DBA::escape($fieldname)."` ".self::FieldCommand($field);
if (x($field,'primary') && $field['primary']!='') { if (!empty($field['primary'])) {
$primary_keys[] = $fieldname; $primary_keys[] = $fieldname;
} }
} }

View file

@ -98,6 +98,48 @@ class Contact extends BaseObject
* @} * @}
*/ */
/**
* @brief Tests if the given contact is a follower
*
* @param int $cid Either public contact id or user's contact id
* @param int $uid User ID
*
* @return boolean is the contact id a follower?
*/
public static function isFollower($cid, $uid)
{
if (self::isBlockedByUser($cid, $uid)) {
return false;
}
$cdata = self::getPublicAndUserContacID($cid, $uid);
if (empty($cdata['user'])) {
return false;
}
$condition = ['id' => $cdata['user'], 'rel' => [self::FOLLOWER, self::FRIEND]];
return DBA::exists('contact', $condition);
}
/**
* @brief Get the basepath for a given contact link
* @todo Add functionality to store this value in the contact table
*
* @param string $url The contact link
*
* @return string basepath
*/
public static function getBasepath($url)
{
$data = Probe::uri($url);
if (!empty($data['baseurl'])) {
return $data['baseurl'];
}
// When we can't probe the server, we use some ugly function that does some pattern matching
return PortableContact::detectServer($url);
}
/** /**
* @brief Returns the contact id for the user and the public contact id for a given contact id * @brief Returns the contact id for the user and the public contact id for a given contact id
* *
@ -106,7 +148,7 @@ class Contact extends BaseObject
* *
* @return array with public and user's contact id * @return array with public and user's contact id
*/ */
private static function getPublicAndUserContacID($cid, $uid) public static function getPublicAndUserContacID($cid, $uid)
{ {
if (empty($uid) || empty($cid)) { if (empty($uid) || empty($cid)) {
return []; return [];
@ -418,7 +460,8 @@ class Contact extends BaseObject
public static function updateSelfFromUserID($uid, $update_avatar = false) public static function updateSelfFromUserID($uid, $update_avatar = false)
{ {
$fields = ['id', 'name', 'nick', 'location', 'about', 'keywords', 'gender', 'avatar', $fields = ['id', 'name', 'nick', 'location', 'about', 'keywords', 'gender', 'avatar',
'xmpp', 'contact-type', 'forum', 'prv', 'avatar-date', 'nurl']; 'xmpp', 'contact-type', 'forum', 'prv', 'avatar-date', 'url', 'nurl',
'photo', 'thumb', 'micro', 'addr', 'request', 'notify', 'poll', 'confirm', 'poco'];
$self = DBA::selectFirst('contact', $fields, ['uid' => $uid, 'self' => true]); $self = DBA::selectFirst('contact', $fields, ['uid' => $uid, 'self' => true]);
if (!DBA::isResult($self)) { if (!DBA::isResult($self)) {
return; return;
@ -481,15 +524,15 @@ class Contact extends BaseObject
$fields['nurl'] = Strings::normaliseLink($fields['url']); $fields['nurl'] = Strings::normaliseLink($fields['url']);
$fields['addr'] = $user['nickname'] . '@' . substr(System::baseUrl(), strpos(System::baseUrl(), '://') + 3); $fields['addr'] = $user['nickname'] . '@' . substr(System::baseUrl(), strpos(System::baseUrl(), '://') + 3);
$fields['request'] = System::baseUrl() . '/dfrn_request/' . $user['nickname']; $fields['request'] = System::baseUrl() . '/dfrn_request/' . $user['nickname'];
$fields['notify'] = System::baseUrl() . '/dfrn_notify/' . $user['nickname']; $fields['notify'] = System::baseUrl() . '/dfrn_notify/' . $user['nickname'];
$fields['poll'] = System::baseUrl() . '/dfrn_poll/' . $user['nickname']; $fields['poll'] = System::baseUrl() . '/dfrn_poll/'. $user['nickname'];
$fields['confirm'] = System::baseUrl() . '/dfrn_confirm/' . $user['nickname']; $fields['confirm'] = System::baseUrl() . '/dfrn_confirm/' . $user['nickname'];
$fields['poco'] = System::baseUrl() . '/poco/' . $user['nickname']; $fields['poco'] = System::baseUrl() . '/poco/' . $user['nickname'];
$update = false; $update = false;
foreach ($fields as $field => $content) { foreach ($fields as $field => $content) {
if (isset($self[$field]) && $self[$field] != $content) { if ($self[$field] != $content) {
$update = true; $update = true;
} }
} }
@ -1061,7 +1104,7 @@ class Contact extends BaseObject
$update_contact = ($contact['avatar-date'] < DateTimeFormat::utc('now -7 days')); $update_contact = ($contact['avatar-date'] < DateTimeFormat::utc('now -7 days'));
// We force the update if the avatar is empty // We force the update if the avatar is empty
if (!x($contact, 'avatar')) { if (empty($contact['avatar'])) {
$update_contact = true; $update_contact = true;
} }
if (!$update_contact || $no_update) { if (!$update_contact || $no_update) {
@ -1147,7 +1190,7 @@ class Contact extends BaseObject
$url = $data["url"]; $url = $data["url"];
if (!$contact_id) { if (!$contact_id) {
DBA::insert('contact', [ $fields = [
'uid' => $uid, 'uid' => $uid,
'created' => DateTimeFormat::utcNow(), 'created' => DateTimeFormat::utcNow(),
'url' => $data["url"], 'url' => $data["url"],
@ -1176,10 +1219,13 @@ class Contact extends BaseObject
'writable' => 1, 'writable' => 1,
'blocked' => 0, 'blocked' => 0,
'readonly' => 0, 'readonly' => 0,
'pending' => 0] 'pending' => 0];
);
$s = DBA::select('contact', ['id'], ['nurl' => Strings::normaliseLink($data["url"]), 'uid' => $uid], ['order' => ['id'], 'limit' => 2]); $condition = ['nurl' => Strings::normaliseLink($data["url"]), 'uid' => $uid, 'deleted' => false];
DBA::update('contact', $fields, $condition, true);
$s = DBA::select('contact', ['id'], $condition, ['order' => ['id'], 'limit' => 2]);
$contacts = DBA::toArray($s); $contacts = DBA::toArray($s);
if (!DBA::isResult($contacts)) { if (!DBA::isResult($contacts)) {
return 0; return 0;
@ -1204,8 +1250,10 @@ class Contact extends BaseObject
} }
if (count($contacts) > 1 && $uid == 0 && $contact_id != 0 && $data["url"] != "") { if (count($contacts) > 1 && $uid == 0 && $contact_id != 0 && $data["url"] != "") {
DBA::delete('contact', ["`nurl` = ? AND `uid` = 0 AND `id` != ? AND NOT `self`", $condition = ["`nurl` = ? AND `uid` = ? AND `id` != ? AND NOT `self`",
Strings::normaliseLink($data["url"]), $contact_id]); Strings::normaliseLink($data["url"]), 0, $contact_id];
Logger::log('Deleting duplicate contact ' . json_encode($condition), Logger::DEBUG);
DBA::delete('contact', $condition);
} }
} }
@ -1618,7 +1666,7 @@ class Contact extends BaseObject
return $result; return $result;
} }
if (x($arr['contact'], 'name')) { if (!empty($arr['contact']['name'])) {
$ret = $arr['contact']; $ret = $arr['contact'];
} else { } else {
$ret = Probe::uri($url, $network, $uid, false); $ret = Probe::uri($url, $network, $uid, false);
@ -1664,16 +1712,15 @@ class Contact extends BaseObject
} }
// do we have enough information? // do we have enough information?
if (empty($ret['name']) || empty($ret['poll']) || (empty($ret['url']) && empty($ret['addr']))) {
if (!((x($ret, 'name')) && (x($ret, 'poll')) && ((x($ret, 'url')) || (x($ret, 'addr'))))) {
$result['message'] .= L10n::t('The profile address specified does not provide adequate information.') . EOL; $result['message'] .= L10n::t('The profile address specified does not provide adequate information.') . EOL;
if (!x($ret, 'poll')) { if (empty($ret['poll'])) {
$result['message'] .= L10n::t('No compatible communication protocols or feeds were discovered.') . EOL; $result['message'] .= L10n::t('No compatible communication protocols or feeds were discovered.') . EOL;
} }
if (!x($ret, 'name')) { if (empty($ret['name'])) {
$result['message'] .= L10n::t('An author or name was not found.') . EOL; $result['message'] .= L10n::t('An author or name was not found.') . EOL;
} }
if (!x($ret, 'url')) { if (empty($ret['url'])) {
$result['message'] .= L10n::t('No browser URL could be matched to this address.') . EOL; $result['message'] .= L10n::t('No browser URL could be matched to this address.') . EOL;
} }
if (strpos($url, '@') !== false) { if (strpos($url, '@') !== false) {
@ -2031,6 +2078,10 @@ class Contact extends BaseObject
*/ */
public static function magicLink($contact_url, $url = '') public static function magicLink($contact_url, $url = '')
{ {
if (!local_user()) {
return $url ?: $contact_url; // Equivalent to: ($url != '') ? $url : $contact_url;
}
$cid = self::getIdForURL($contact_url, 0, true); $cid = self::getIdForURL($contact_url, 0, true);
if (empty($cid)) { if (empty($cid)) {
return $url ?: $contact_url; // Equivalent to: ($url != '') ? $url : $contact_url; return $url ?: $contact_url; // Equivalent to: ($url != '') ? $url : $contact_url;
@ -2064,7 +2115,7 @@ class Contact extends BaseObject
*/ */
public static function magicLinkbyContact($contact, $url = '') public static function magicLinkbyContact($contact, $url = '')
{ {
if ($contact['network'] != Protocol::DFRN) { if (!local_user() || ($contact['network'] != Protocol::DFRN)) {
return $url ?: $contact['url']; // Equivalent to ($url != '') ? $url : $contact['url']; return $url ?: $contact['url']; // Equivalent to ($url != '') ? $url : $contact['url'];
} }

View file

@ -14,9 +14,9 @@ use Friendica\Core\PConfig;
use Friendica\Core\Renderer; use Friendica\Core\Renderer;
use Friendica\Core\System; use Friendica\Core\System;
use Friendica\Database\DBA; use Friendica\Database\DBA;
use Friendica\Model\Contact;
use Friendica\Util\DateTimeFormat; use Friendica\Util\DateTimeFormat;
use Friendica\Util\Map; use Friendica\Util\Map;
use Friendica\Util\Strings;
use Friendica\Util\XML; use Friendica\Util\XML;
require_once 'boot.php'; require_once 'boot.php';
@ -53,11 +53,11 @@ class Event extends BaseObject
if ($simple) { if ($simple) {
if (!empty($event['summary'])) { if (!empty($event['summary'])) {
$o = "<h3>" . BBCode::convert($event['summary'], false, $simple) . "</h3>"; $o = "<h3>" . BBCode::convert(Strings::escapeHtml($event['summary']), false, $simple) . "</h3>";
} }
if (!empty($event['desc'])) { if (!empty($event['desc'])) {
$o .= "<div>" . BBCode::convert($event['desc'], false, $simple) . "</div>"; $o .= "<div>" . BBCode::convert(Strings::escapeHtml($event['desc']), false, $simple) . "</div>";
} }
$o .= "<h4>" . L10n::t('Starts:') . "</h4><p>" . $event_start . "</p>"; $o .= "<h4>" . L10n::t('Starts:') . "</h4><p>" . $event_start . "</p>";
@ -67,7 +67,7 @@ class Event extends BaseObject
} }
if (!empty($event['location'])) { if (!empty($event['location'])) {
$o .= "<h4>" . L10n::t('Location:') . "</h4><p>" . BBCode::convert($event['location'], false, $simple) . "</p>"; $o .= "<h4>" . L10n::t('Location:') . "</h4><p>" . BBCode::convert(Strings::escapeHtml($event['location']), false, $simple) . "</p>";
} }
return $o; return $o;
@ -75,7 +75,7 @@ class Event extends BaseObject
$o = '<div class="vevent">' . "\r\n"; $o = '<div class="vevent">' . "\r\n";
$o .= '<div class="summary event-summary">' . BBCode::convert($event['summary'], false, $simple) . '</div>' . "\r\n"; $o .= '<div class="summary event-summary">' . BBCode::convert(Strings::escapeHtml($event['summary']), false, $simple) . '</div>' . "\r\n";
$o .= '<div class="event-start"><span class="event-label">' . L10n::t('Starts:') . '</span>&nbsp;<span class="dtstart" title="' $o .= '<div class="event-start"><span class="event-label">' . L10n::t('Starts:') . '</span>&nbsp;<span class="dtstart" title="'
. DateTimeFormat::utc($event['start'], (!empty($event['adjust']) ? DateTimeFormat::ATOM : 'Y-m-d\TH:i:s')) . DateTimeFormat::utc($event['start'], (!empty($event['adjust']) ? DateTimeFormat::ATOM : 'Y-m-d\TH:i:s'))
@ -90,12 +90,12 @@ class Event extends BaseObject
} }
if (!empty($event['desc'])) { if (!empty($event['desc'])) {
$o .= '<div class="description event-description">' . BBCode::convert($event['desc'], false, $simple) . '</div>' . "\r\n"; $o .= '<div class="description event-description">' . BBCode::convert(Strings::escapeHtml($event['desc']), false, $simple) . '</div>' . "\r\n";
} }
if (!empty($event['location'])) { if (!empty($event['location'])) {
$o .= '<div class="event-location"><span class="event-label">' . L10n::t('Location:') . '</span>&nbsp;<span class="location">' $o .= '<div class="event-location"><span class="event-label">' . L10n::t('Location:') . '</span>&nbsp;<span class="location">'
. BBCode::convert($event['location'], false, $simple) . BBCode::convert(Strings::escapeHtml($event['location']), false, $simple)
. '</span></div>' . "\r\n"; . '</span></div>' . "\r\n";
// Include a map of the location if the [map] BBCode is used. // Include a map of the location if the [map] BBCode is used.
@ -592,10 +592,9 @@ class Event extends BaseObject
$drop = [System::baseUrl() . '/events/drop/' . $event['id'] , L10n::t('Delete event') , '', '']; $drop = [System::baseUrl() . '/events/drop/' . $event['id'] , L10n::t('Delete event') , '', ''];
} }
$title = strip_tags(html_entity_decode(BBCode::convert($event['summary']), ENT_QUOTES, 'UTF-8')); $title = BBCode::convert(Strings::escapeHtml($event['summary']));
if (!$title) { if (!$title) {
list($title, $_trash) = explode("<br", BBCode::convert($event['desc']), 2); list($title, $_trash) = explode("<br", BBCode::convert(Strings::escapeHtml($event['desc'])), 2);
$title = strip_tags(html_entity_decode($title, ENT_QUOTES, 'UTF-8'));
} }
$author_link = $event['author-link']; $author_link = $event['author-link'];
@ -605,8 +604,9 @@ class Event extends BaseObject
$event['plink'] = Contact::magicLink($author_link, $plink); $event['plink'] = Contact::magicLink($author_link, $plink);
$html = self::getHTML($event); $html = self::getHTML($event);
$event['desc'] = BBCode::convert($event['desc']); $event['summary'] = BBCode::convert(Strings::escapeHtml($event['summary']));
$event['location'] = BBCode::convert($event['location']); $event['desc'] = BBCode::convert(Strings::escapeHtml($event['desc']));
$event['location'] = BBCode::convert(Strings::escapeHtml($event['location']));
$event_list[] = [ $event_list[] = [
'id' => $event['id'], 'id' => $event['id'],
'start' => $start, 'start' => $start,

View file

@ -276,10 +276,10 @@ class FileTag
} }
if ($cat == true) { if ($cat == true) {
$pattern = '<' . self::encode($file) . '>' ; $pattern = '<' . self::encode($file) . '>';
$termtype = TERM_CATEGORY; $termtype = TERM_CATEGORY;
} else { } else {
$pattern = '[' . self::encode($file) . ']' ; $pattern = '[' . self::encode($file) . ']';
$termtype = TERM_FILE; $termtype = TERM_FILE;
} }

View file

@ -966,8 +966,8 @@ class GContact
$statistics = json_decode($curlResult->getBody()); $statistics = json_decode($curlResult->getBody());
if (!empty($statistics->config)) { if (!empty($statistics->config->instance_address)) {
if ($statistics->config->instance_with_ssl) { if (!empty($statistics->config->instance_with_ssl)) {
$server = "https://"; $server = "https://";
} else { } else {
$server = "http://"; $server = "http://";
@ -976,8 +976,8 @@ class GContact
$server .= $statistics->config->instance_address; $server .= $statistics->config->instance_address;
$hostname = $statistics->config->instance_address; $hostname = $statistics->config->instance_address;
} elseif (!empty($statistics)) { } elseif (!empty($statistics->instance_address)) {
if ($statistics->instance_with_ssl) { if (!empty($statistics->instance_with_ssl)) {
$server = "https://"; $server = "https://";
} else { } else {
$server = "http://"; $server = "http://";

View file

@ -33,7 +33,7 @@ class Group extends BaseObject
public static function create($uid, $name) public static function create($uid, $name)
{ {
$return = false; $return = false;
if (x($uid) && x($name)) { if (!empty($uid) && !empty($name)) {
$gid = self::getIdByName($uid, $name); // check for dupes $gid = self::getIdByName($uid, $name); // check for dupes
if ($gid !== false) { if ($gid !== false) {
// This could be a problem. // This could be a problem.
@ -202,7 +202,7 @@ class Group extends BaseObject
*/ */
public static function removeByName($uid, $name) { public static function removeByName($uid, $name) {
$return = false; $return = false;
if (x($uid) && x($name)) { if (!empty($uid) && !empty($name)) {
$gid = self::getIdByName($uid, $name); $gid = self::getIdByName($uid, $name);
$return = self::remove($gid); $return = self::remove($gid);
@ -400,8 +400,8 @@ class Group extends BaseObject
]; ];
} }
// Don't show the groups when there is only one // Don't show the groups on the network page when there is only one
if (count($display_groups) <= 2) { if ((count($display_groups) <= 2) && ($each == 'network')) {
return ''; return '';
} }

View file

@ -1359,15 +1359,15 @@ class Item extends BaseObject
$item['owner-name'] = trim(defaults($item, 'owner-name', '')); $item['owner-name'] = trim(defaults($item, 'owner-name', ''));
$item['owner-link'] = trim(defaults($item, 'owner-link', '')); $item['owner-link'] = trim(defaults($item, 'owner-link', ''));
$item['owner-avatar'] = trim(defaults($item, 'owner-avatar', '')); $item['owner-avatar'] = trim(defaults($item, 'owner-avatar', ''));
$item['received'] = ((x($item, 'received') !== false) ? DateTimeFormat::utc($item['received']) : DateTimeFormat::utcNow()); $item['received'] = (isset($item['received']) ? DateTimeFormat::utc($item['received']) : DateTimeFormat::utcNow());
$item['created'] = ((x($item, 'created') !== false) ? DateTimeFormat::utc($item['created']) : $item['received']); $item['created'] = (isset($item['created']) ? DateTimeFormat::utc($item['created']) : $item['received']);
$item['edited'] = ((x($item, 'edited') !== false) ? DateTimeFormat::utc($item['edited']) : $item['created']); $item['edited'] = (isset($item['edited']) ? DateTimeFormat::utc($item['edited']) : $item['created']);
$item['changed'] = ((x($item, 'changed') !== false) ? DateTimeFormat::utc($item['changed']) : $item['created']); $item['changed'] = (isset($item['changed']) ? DateTimeFormat::utc($item['changed']) : $item['created']);
$item['commented'] = ((x($item, 'commented') !== false) ? DateTimeFormat::utc($item['commented']) : $item['created']); $item['commented'] = (isset($item['commented']) ? DateTimeFormat::utc($item['commented']) : $item['created']);
$item['title'] = trim(defaults($item, 'title', '')); $item['title'] = trim(defaults($item, 'title', ''));
$item['location'] = trim(defaults($item, 'location', '')); $item['location'] = trim(defaults($item, 'location', ''));
$item['coord'] = trim(defaults($item, 'coord', '')); $item['coord'] = trim(defaults($item, 'coord', ''));
$item['visible'] = ((x($item, 'visible') !== false) ? intval($item['visible']) : 1); $item['visible'] = (isset($item['visible']) ? intval($item['visible']) : 1);
$item['deleted'] = 0; $item['deleted'] = 0;
$item['parent-uri'] = trim(defaults($item, 'parent-uri', $item['uri'])); $item['parent-uri'] = trim(defaults($item, 'parent-uri', $item['uri']));
$item['post-type'] = defaults($item, 'post-type', self::PT_ARTICLE); $item['post-type'] = defaults($item, 'post-type', self::PT_ARTICLE);
@ -1626,7 +1626,7 @@ class Item extends BaseObject
// It is mainly used in the "post_local" hook. // It is mainly used in the "post_local" hook.
unset($item['api_source']); unset($item['api_source']);
if (x($item, 'cancel')) { if (!empty($item['cancel'])) {
Logger::log('post cancelled by addon.'); Logger::log('post cancelled by addon.');
return 0; return 0;
} }
@ -3214,7 +3214,7 @@ class Item extends BaseObject
} }
} }
public static function getPermissionsSQLByUserId($owner_id, $remote_verified = false, $groups = null) public static function getPermissionsSQLByUserId($owner_id, $remote_verified = false, $groups = null, $remote_cid = null)
{ {
$local_user = local_user(); $local_user = local_user();
$remote_user = remote_user(); $remote_user = remote_user();
@ -3237,7 +3237,7 @@ class Item extends BaseObject
* If pre-verified, the caller is expected to have already * If pre-verified, the caller is expected to have already
* done this and passed the groups into this function. * done this and passed the groups into this function.
*/ */
$set = PermissionSet::get($owner_id, $remote_user, $groups); $set = PermissionSet::get($owner_id, $remote_cid, $groups);
if (!empty($set)) { if (!empty($set)) {
$sql_set = " OR (`item`.`private` IN (1,2) AND `item`.`wall` AND `item`.`psid` IN (" . implode(',', $set) . "))"; $sql_set = " OR (`item`.`private` IN (1,2) AND `item`.`wall` AND `item`.`psid` IN (" . implode(',', $set) . "))";
@ -3443,7 +3443,7 @@ class Item extends BaseObject
$filesubtype = 'unkn'; $filesubtype = 'unkn';
} }
$title = Strings::escapeHtml(trim(!empty($mtch[4]) ? $mtch[4] : $mtch[1])); $title = Strings::escapeHtml(trim(defaults($mtch, 4, $mtch[1])));
$title .= ' ' . $mtch[2] . ' ' . L10n::t('bytes'); $title .= ' ' . $mtch[2] . ' ' . L10n::t('bytes');
$icon = '<div class="attachtype icon s22 type-' . $filetype . ' subtype-' . $filesubtype . '"></div>'; $icon = '<div class="attachtype icon s22 type-' . $filetype . ' subtype-' . $filesubtype . '"></div>';
@ -3455,7 +3455,7 @@ class Item extends BaseObject
} }
// Map. // Map.
if (strpos($s, '<div class="map">') !== false && x($item, 'coord')) { if (strpos($s, '<div class="map">') !== false && !empty($item['coord'])) {
$x = Map::byCoordinates(trim($item['coord'])); $x = Map::byCoordinates(trim($item['coord']));
if ($x) { if ($x) {
$s = preg_replace('/\<div class\=\"map\"\>/', '$0' . $x, $s); $s = preg_replace('/\<div class\=\"map\"\>/', '$0' . $x, $s);

View file

@ -22,11 +22,14 @@ class ItemURI extends BaseObject
*/ */
public static function insert($fields) public static function insert($fields)
{ {
if (!DBA::exists('item-uri', ['uri' => $fields['uri']])) { // If the URI gets too long we only take the first parts and hope for best
$uri = substr($fields['uri'], 0, 255);
if (!DBA::exists('item-uri', ['uri' => $uri])) {
DBA::insert('item-uri', $fields, true); DBA::insert('item-uri', $fields, true);
} }
$itemuri = DBA::selectFirst('item-uri', ['id'], ['uri' => $fields['uri']]); $itemuri = DBA::selectFirst('item-uri', ['id'], ['uri' => $uri]);
if (!DBA::isResult($itemuri)) { if (!DBA::isResult($itemuri)) {
// This shouldn't happen // This shouldn't happen
@ -45,6 +48,9 @@ class ItemURI extends BaseObject
*/ */
public static function getIdByURI($uri) public static function getIdByURI($uri)
{ {
// If the URI gets too long we only take the first parts and hope for best
$uri = substr($uri, 0, 255);
$itemuri = DBA::selectFirst('item-uri', ['id'], ['uri' => $uri]); $itemuri = DBA::selectFirst('item-uri', ['id'], ['uri' => $uri]);
if (!DBA::isResult($itemuri)) { if (!DBA::isResult($itemuri)) {

View file

@ -97,7 +97,7 @@ class Photo
$photo = DBA::selectFirst( $photo = DBA::selectFirst(
'photo', ['resource-id'], ['uid' => $uid, 'contact-id' => $cid, 'scale' => 4, 'album' => 'Contact Photos'] 'photo', ['resource-id'], ['uid' => $uid, 'contact-id' => $cid, 'scale' => 4, 'album' => 'Contact Photos']
); );
if (x($photo['resource-id'])) { if (!empty($photo['resource-id'])) {
$hash = $photo['resource-id']; $hash = $photo['resource-id'];
} else { } else {
$hash = self::newResource(); $hash = self::newResource();

Some files were not shown because too many files have changed in this diff Show more