tobias/friendica
1
0
Fork 0
Code Pull requests Activity

Merge remote-tracking branch 'upstream/develop' into community

Browse source
This commit is contained in:
Michael 2018-01-03 01:15:27 +00:00
commit 6925299e5a
65 changed files with 3063 additions and 4000 deletions
Download patch file Download diff file Expand all files Collapse all files

5
mod/admin.php
View file

@ -534,7 +534,7 @@ function admin_page_federation(App $a)
// off one % two of them are needed in the query
// Add more platforms if you like, when one returns 0 known nodes it is not
// displayed on the stats page.
$platforms = array('Friendi%%a', 'Diaspora', '%%red%%', 'Hubzilla', 'BlaBlaNet', 'GNU Social', 'StatusNet', 'Mastodon', 'Pleroma');
$platforms = array('Friendi%%a', 'Diaspora', '%%red%%', 'Hubzilla', 'BlaBlaNet', 'GNU Social', 'StatusNet', 'Mastodon', 'Pleroma', 'socialhome');
$colors = array(
'Friendi%%a' => '#ffc018', // orange from the logo
'Diaspora' => '#a1a1a1', // logo is black and white, makes a gray
@ -544,7 +544,8 @@ function admin_page_federation(App $a)
'GNU Social' => '#a22430', // dark red from the logo
'StatusNet' => '#789240', // the green from the logo (red and blue have already others
'Mastodon' => '#1a9df9', // blue from the Mastodon logo
'Pleroma' => '#E46F0F' // Orange from the text that is used on Pleroma instances
'Pleroma' => '#E46F0F', // Orange from the text that is used on Pleroma instances
'socialhome' => '#52056b' // lilac from the Django Image used at the Socialhome homepage
);
$counts = array();
$total = 0;

82
mod/contacts.php
View file

@ -13,6 +13,7 @@ use Friendica\Network\Probe;
require_once 'include/contact_selectors.php';
require_once 'mod/proxy.php';
require_once 'include/follow.php';
function contacts_init(App $a) {
if (! local_user()) {
@ -34,8 +35,9 @@ function contacts_init(App $a) {
require_once 'include/contact_widgets.php';
if ($_GET['nets'] == "all") {
$_GET['nets'] = "";
$nets = defaults($_GET, 'nets', '');
if ($nets == "all") {
$nets = "";
}
if (! x($a->page,'aside')) {
@ -62,22 +64,22 @@ function contacts_init(App $a) {
'$account_type' => Contact::getAccountType($a->data['contact'])
));
$finpeople_widget = '';
$findpeople_widget = '';
$follow_widget = '';
$networks_widget = '';
} else {
$vcard_widget = '';
$networks_widget .= networks_widget('contacts',$_GET['nets']);
$networks_widget = networks_widget('contacts', $nets);
if (isset($_GET['add'])) {
$follow_widget = follow_widget($_GET['add']);
} else {
$follow_widget = follow_widget();
}
$findpeople_widget .= findpeople_widget();
$findpeople_widget = findpeople_widget();
}
$groups_widget .= Group::sidebarWidget('contacts','group','full',0,$contact_id);
$groups_widget = Group::sidebarWidget('contacts','group','full',0,$contact_id);
$a->page['aside'] .= replace_macros(get_markup_template("contacts-widget-sidebar.tpl"),array(
'$vcard_widget' => $vcard_widget,
@ -514,8 +516,6 @@ function contacts_content(App $a) {
require_once 'include/contact_selectors.php';
$tpl = get_markup_template("contact_edit.tpl");
switch($contact['rel']) {
case CONTACT_IS_FRIEND:
$dir_icon = 'images/lrarrow.gif';
@ -576,6 +576,7 @@ function contacts_content(App $a) {
$lost_contact = (($contact['archive'] && $contact['term-date'] > NULL_DATE && $contact['term-date'] < datetime_convert('','','now')) ? t('Communications lost with this contact!') : '');
$fetch_further_information = null;
if ($contact['network'] == NETWORK_FEED) {
$fetch_further_information = array('fetch_further_information',
t('Fetch further information for feeds'),
@ -586,12 +587,19 @@ function contacts_content(App $a) {
'3' => t('Fetch keywords'),
'2' => t('Fetch information and keywords')));
}
if (in_array($contact['network'], array(NETWORK_FEED, NETWORK_MAIL)))
$poll_interval = null;
if (in_array($contact['network'], array(NETWORK_FEED, NETWORK_MAIL))) {
$poll_interval = contact_poll_interval($contact['priority'],(! $poll_enabled));
}
if ($contact['network'] == NETWORK_DFRN)
$profile_select = null;
if ($contact['network'] == NETWORK_DFRN) {
$profile_select = contact_profile_assign($contact['profile-id'],(($contact['network'] !== NETWORK_DFRN) ? true : false));
}
$follow = '';
$follow_text = '';
if (in_array($contact['network'], array(NETWORK_DIASPORA, NETWORK_OSTATUS))) {
if ($contact['rel'] == CONTACT_IS_FOLLOWER) {
$follow = System::baseUrl(true)."/follow?url=".urlencode($contact["url"]);
@ -605,7 +613,7 @@ function contacts_content(App $a) {
// Load contactact related actions like hide, suggest, delete and others
$contact_actions = contact_actions($contact);
$tpl = get_markup_template("contact_edit.tpl");
$o .= replace_macros($tpl, array(
//'$header' => t('Contact Editor'),
'$header' => t("Contact"),
@ -617,9 +625,7 @@ function contacts_content(App $a) {
'$lbl_info2' => t('Their personal note'),
'$reason' => trim(notags($contact['reason'])),
'$infedit' => t('Edit contact notes'),
'$common_text' => $common_text,
'$common_link' => 'common/loc/' . local_user() . '/' . $contact['id'],
'$all_friends' => $all_friends,
'$relation_text' => $relation_text,
'$visit' => sprintf( t('Visit %s\'s profile [%s]'),$contact['name'],$contact['url']),
'$blockunblock' => t('Block/Unblock contact'),
@ -657,7 +663,6 @@ function contacts_content(App $a) {
'$photo' => $contact['photo'],
'$name' => htmlentities($contact['name']),
'$dir_icon' => $dir_icon,
'$alt_text' => $alt_text,
'$sparkle' => $sparkle,
'$url' => $url,
'$profileurllabel' => t('Profile URL'),
@ -687,36 +692,33 @@ function contacts_content(App $a) {
}
$blocked = false;
$hidden = false;
$ignored = false;
$all = false;
$blocked = false;
$hidden = false;
$ignored = false;
$archived = false;
$all = false;
if(($a->argc == 2) && ($a->argv[1] === 'all')) {
$sql_extra = '';
$all = true;
}
elseif(($a->argc == 2) && ($a->argv[1] === 'blocked')) {
} elseif(($a->argc == 2) && ($a->argv[1] === 'blocked')) {
$sql_extra = " AND `blocked` = 1 ";
$blocked = true;
}
elseif(($a->argc == 2) && ($a->argv[1] === 'hidden')) {
} elseif(($a->argc == 2) && ($a->argv[1] === 'hidden')) {
$sql_extra = " AND `hidden` = 1 ";
$hidden = true;
}
elseif(($a->argc == 2) && ($a->argv[1] === 'ignored')) {
} elseif(($a->argc == 2) && ($a->argv[1] === 'ignored')) {
$sql_extra = " AND `readonly` = 1 ";
$ignored = true;
}
elseif(($a->argc == 2) && ($a->argv[1] === 'archived')) {
} elseif(($a->argc == 2) && ($a->argv[1] === 'archived')) {
$sql_extra = " AND `archive` = 1 ";
$archived = true;
}
else
} else {
$sql_extra = " AND `blocked` = 0 ";
}
$search = ((x($_GET,'search')) ? notags(trim($_GET['search'])) : '');
$nets = ((x($_GET,'nets')) ? notags(trim($_GET['nets'])) : '');
$search = x($_GET, 'search') ? notags(trim($_GET['search'])) : '';
$nets = x($_GET, 'nets') ? notags(trim($_GET['nets'])) : '';
$tabs = array(
array(
@ -785,25 +787,25 @@ function contacts_content(App $a) {
$tab_tpl = get_markup_template('common_tabs.tpl');
$t = replace_macros($tab_tpl, array('$tabs'=>$tabs));
$searching = false;
if($search) {
$search_hdr = null;
if ($search) {
$search_hdr = $search;
$search_txt = dbesc(protect_sprintf(preg_quote($search)));
$searching = true;
}
$sql_extra .= (($searching) ? " AND (name REGEXP '$search_txt' OR url REGEXP '$search_txt' OR nick REGEXP '$search_txt') " : "");
if($nets)
if ($nets) {
$sql_extra .= sprintf(" AND network = '%s' ", dbesc($nets));
}
$sql_extra2 = ((($sort_type > 0) && ($sort_type <= CONTACT_IS_FRIEND)) ? sprintf(" AND `rel` = %d ",intval($sort_type)) : '');
$r = q("SELECT COUNT(*) AS `total` FROM `contact`
WHERE `uid` = %d AND `self` = 0 AND `pending` = 0 $sql_extra $sql_extra2 ",
intval($_SESSION['uid']));
intval($_SESSION['uid'])
);
if (DBM::is_result($r)) {
$a->set_pager_total($r[0]['total']);
$total = $r[0]['total'];
@ -833,7 +835,7 @@ function contacts_content(App $a) {
'$total' => $total,
'$search' => $search_hdr,
'$desc' => t('Search your contacts'),
'$finding' => (($searching) ? sprintf(t('Results for: %s'),$search) : ""),
'$finding' => $searching ? t('Results for: %s', $search) : "",
'$submit' => t('Find'),
'$cmd' => $a->cmd,
'$contacts' => $contacts,
@ -848,7 +850,6 @@ function contacts_content(App $a) {
),
'$h_batch_actions' => t('Batch Actions'),
'$paginate' => paginate($a),
));
return $o;
@ -926,12 +927,11 @@ function contact_posts($a, $contact_id) {
$contact = $r[0];
$a->page['aside'] = "";
profile_load($a, "", 0, Contact::getDetailsByURL($contact["url"]));
} else
$profile = "";
}
$tab_str = contacts_tab($a, $contact_id, 1);
$o .= $tab_str;
$o = $tab_str;
$o .= Contact::getPostsFromUrl($contact["url"]);

112
mod/crepair.php
View file

@ -1,4 +1,5 @@
<?php
/**
* @file mod/crepair.php
*/
@ -10,65 +11,68 @@ use Friendica\Model\Contact;
require_once 'include/contact_selectors.php';
require_once 'mod/contacts.php';
function crepair_init(App $a) {
if (! local_user()) {
function crepair_init(App $a)
{
if (!local_user()) {
return;
}
$contact_id = 0;
if(($a->argc == 2) && intval($a->argv[1])) {
if (($a->argc == 2) && intval($a->argv[1])) {
$contact_id = intval($a->argv[1]);
$r = q("SELECT * FROM `contact` WHERE `uid` = %d and `id` = %d LIMIT 1",
intval(local_user()),
intval($contact_id)
);
if (! DBM::is_result($r)) {
if (!DBM::is_result($r)) {
$contact_id = 0;
}
}
if(! x($a->page,'aside'))
if (!x($a->page, 'aside')) {
$a->page['aside'] = '';
}
if($contact_id) {
if ($contact_id) {
$a->data['contact'] = $r[0];
$contact = $r[0];
profile_load($a, "", 0, Contact::getDetailsByURL($contact["url"]));
}
}
function crepair_post(App $a) {
if (! local_user()) {
function crepair_post(App $a)
{
if (!local_user()) {
return;
}
$cid = (($a->argc > 1) ? intval($a->argv[1]) : 0);
if($cid) {
if ($cid) {
$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($cid),
intval(local_user())
);
}
if (! DBM::is_result($r)) {
if (!DBM::is_result($r)) {
return;
}
$contact = $r[0];
$name = ((x($_POST,'name')) ? $_POST['name'] : $contact['name']);
$nick = ((x($_POST,'nick')) ? $_POST['nick'] : '');
$url = ((x($_POST,'url')) ? $_POST['url'] : '');
$request = ((x($_POST,'request')) ? $_POST['request'] : '');
$confirm = ((x($_POST,'confirm')) ? $_POST['confirm'] : '');
$notify = ((x($_POST,'notify')) ? $_POST['notify'] : '');
$poll = ((x($_POST,'poll')) ? $_POST['poll'] : '');
$attag = ((x($_POST,'attag')) ? $_POST['attag'] : '');
$photo = ((x($_POST,'photo')) ? $_POST['photo'] : '');
$remote_self = ((x($_POST,'remote_self')) ? $_POST['remote_self'] : false);
$nurl = normalise_link($url);
$name = defaults($_POST, 'name' , $contact['name']);
$nick = defaults($_POST, 'nick' , '');
$url = defaults($_POST, 'url' , '');
$request = defaults($_POST, 'request' , '');
$confirm = defaults($_POST, 'confirm' , '');
$notify = defaults($_POST, 'notify' , '');
$poll = defaults($_POST, 'poll' , '');
$attag = defaults($_POST, 'attag' , '');
$photo = defaults($_POST, 'photo' , '');
$remote_self = defaults($_POST, 'remote_self', false);
$nurl = normalise_link($url);
$r = q("UPDATE `contact` SET `name` = '%s', `nick` = '%s', `url` = '%s', `nurl` = '%s', `request` = '%s', `confirm` = '%s', `notify` = '%s', `poll` = '%s', `attag` = '%s' , `remote_self` = %d
WHERE `id` = %d AND `uid` = %d",
@ -101,26 +105,24 @@ function crepair_post(App $a) {
return;
}
function crepair_content(App $a) {
if (! local_user()) {
notice( t('Permission denied.') . EOL);
function crepair_content(App $a)
{
if (!local_user()) {
notice(t('Permission denied.') . EOL);
return;
}
$cid = (($a->argc > 1) ? intval($a->argv[1]) : 0);
if($cid) {
if ($cid) {
$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($cid),
intval(local_user())
);
}
if (! DBM::is_result($r)) {
notice( t('Contact not found.') . EOL);
if (!DBM::is_result($r)) {
notice(t('Contact not found.') . EOL);
return;
}
@ -131,45 +133,44 @@ function crepair_content(App $a) {
$returnaddr = "contacts/$cid";
$allow_remote_self = Config::get('system','allow_users_remote_self');
$allow_remote_self = Config::get('system', 'allow_users_remote_self');
// Disable remote self for everything except feeds.
// There is an issue when you repeat an item from maybe twitter and you got comments from friendica and twitter
// Problem is, you couldn't reply to both networks.
if (!in_array($contact['network'], array(NETWORK_FEED, NETWORK_DFRN, NETWORK_DIASPORA)))
if (!in_array($contact['network'], array(NETWORK_FEED, NETWORK_DFRN, NETWORK_DIASPORA))) {
$allow_remote_self = false;
}
if ($contact['network'] == NETWORK_FEED)
$remote_self_options = array('0'=>t('No mirroring'), '1'=>t('Mirror as forwarded posting'), '2'=>t('Mirror as my own posting'));
else
$remote_self_options = array('0'=>t('No mirroring'), '2'=>t('Mirror as my own posting'));
if ($contact['network'] == NETWORK_FEED) {
$remote_self_options = array('0' => t('No mirroring'), '1' => t('Mirror as forwarded posting'), '2' => t('Mirror as my own posting'));
} else {
$remote_self_options = array('0' => t('No mirroring'), '2' => t('Mirror as my own posting'));
}
$update_profile = in_array($contact['network'], array(NETWORK_DFRN, NETWORK_DSPR, NETWORK_OSTATUS));
$update_profile = in_array($contact['network'], array(NETWORK_DFRN, NETWORK_DIASPORA, NETWORK_OSTATUS));
$tab_str = contacts_tab($a, $contact['id'], 5);
$tpl = get_markup_template('crepair.tpl');
$o .= replace_macros($tpl, array(
//'$title' => t('Repair Contact Settings'),
'$tab_str' => $tab_str,
'$warning' => $warning,
'$info' => $info,
'$returnaddr' => $returnaddr,
'$return' => t('Return to contact editor'),
'$update_profile' => update_profile,
'$udprofilenow' => t('Refetch contact data'),
'$contact_id' => $contact['id'],
'$lbl_submit' => t('Submit'),
$o = replace_macros($tpl, array(
'$tab_str' => $tab_str,
'$warning' => $warning,
'$info' => $info,
'$returnaddr' => $returnaddr,
'$return' => t('Return to contact editor'),
'$update_profile' => $update_profile,
'$udprofilenow' => t('Refetch contact data'),
'$contact_id' => $contact['id'],
'$lbl_submit' => t('Submit'),
'$label_remote_self' => t('Remote Self'),
'$allow_remote_self' => $allow_remote_self,
'$remote_self' => array('remote_self',
t('Mirror postings from this contact'),
$contact['remote_self'],
t('Mark this contact as remote_self, this will cause friendica to repost new entries from this contact.'),
$remote_self_options
),
t('Mirror postings from this contact'),
$contact['remote_self'],
t('Mark this contact as remote_self, this will cause friendica to repost new entries from this contact.'),
$remote_self_options
),
'$name' => array('name', t('Name') , htmlentities($contact['name'])),
'$nick' => array('nick', t('Account Nickname'), htmlentities($contact['nick'])),
@ -183,5 +184,4 @@ function crepair_content(App $a) {
));
return $o;
}

5
mod/dfrn_confirm.php
View file

@ -29,6 +29,7 @@ use Friendica\Model\Group;
use Friendica\Model\User;
use Friendica\Network\Probe;
use Friendica\Protocol\Diaspora;
use Friendica\Util\Crypto;
require_once 'include/enotify.php';
@ -162,9 +163,7 @@ function dfrn_confirm_post(App $a, $handsfree = null) {
* worried about key leakage than anybody cracking it.
*
*/
require_once 'include/crypto.php';
$res = new_keypair(4096);
$res = Crypto::newKeypair(4096);
$private_key = $res['prvkey'];

324
mod/dfrn_poll.php
View file

@ -1,4 +1,5 @@
<?php
/**
* @file mod/dfrn_poll.php
*/
@ -12,47 +13,48 @@ use Friendica\Protocol\OStatus;
require_once 'include/items.php';
require_once 'include/auth.php';
function dfrn_poll_init(App $a) {
$dfrn_id = ((x($_GET,'dfrn_id')) ? $_GET['dfrn_id'] : '');
$type = ((x($_GET,'type')) ? $_GET['type'] : 'data');
$last_update = ((x($_GET,'last_update')) ? $_GET['last_update'] : '');
$destination_url = ((x($_GET,'destination_url')) ? $_GET['destination_url'] : '');
$challenge = ((x($_GET,'challenge')) ? $_GET['challenge'] : '');
$sec = ((x($_GET,'sec')) ? $_GET['sec'] : '');
$dfrn_version = ((x($_GET,'dfrn_version')) ? (float) $_GET['dfrn_version'] : 2.0);
$perm = ((x($_GET,'perm')) ? $_GET['perm'] : 'r');
$quiet = ((x($_GET,'quiet')) ? true : false);
function dfrn_poll_init(App $a)
{
$dfrn_id = x($_GET,'dfrn_id') ? $_GET['dfrn_id'] : '';
$type = x($_GET,'type') ? $_GET['type'] : 'data';
$last_update = x($_GET,'last_update') ? $_GET['last_update'] : '';
$destination_url = x($_GET,'destination_url') ? $_GET['destination_url'] : '';
$challenge = x($_GET,'challenge') ? $_GET['challenge'] : '';
$sec = x($_GET,'sec') ? $_GET['sec'] : '';
$dfrn_version = x($_GET,'dfrn_version') ? (float) $_GET['dfrn_version'] : 2.0;
$perm = x($_GET,'perm') ? $_GET['perm'] : 'r';
$quiet = x($_GET,'quiet') ? true : false;
// Possibly it is an OStatus compatible server that requests a user feed
if (($a->argc > 1) && ($dfrn_id == '') && !strstr($_SERVER["HTTP_USER_AGENT"], 'Friendica')) {
$nickname = $a->argv[1];
header("Content-type: application/atom+xml");
echo OStatus::feed($a, $nickname, $last_update, 10);
echo OStatus::feed($nickname, $last_update, 10);
killme();
}
$direction = (-1);
$direction = -1;
if(strpos($dfrn_id,':') == 1) {
$direction = intval(substr($dfrn_id,0,1));
$dfrn_id = substr($dfrn_id,2);
if (strpos($dfrn_id, ':') == 1) {
$direction = intval(substr($dfrn_id, 0, 1));
$dfrn_id = substr($dfrn_id, 2);
}
$hidewall = false;
if(($dfrn_id === '') && (! x($_POST,'dfrn_id'))) {
if((Config::get('system','block_public')) && (! local_user()) && (! remote_user())) {
if (($dfrn_id === '') && (!x($_POST, 'dfrn_id'))) {
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) {
http_status_exit(403);
}
$user = '';
if($a->argc > 1) {
if ($a->argc > 1) {
$r = q("SELECT `hidewall`,`nickname` FROM `user` WHERE `user`.`nickname` = '%s' LIMIT 1",
dbesc($a->argv[1])
);
if (!$r)
if (!$r) {
http_status_exit(404);
}
$hidewall = ($r[0]['hidewall'] && !local_user());
@ -61,16 +63,15 @@ function dfrn_poll_init(App $a) {
logger('dfrn_poll: public feed request from ' . $_SERVER['REMOTE_ADDR'] . ' for ' . $user);
header("Content-type: application/atom+xml");
echo DFRN::feed('', $user,$last_update, 0, $hidewall);
echo DFRN::feed('', $user, $last_update, 0, $hidewall);
killme();
}
if(($type === 'profile') && (! strlen($sec))) {
if (($type === 'profile') && (!strlen($sec))) {
$sql_extra = '';
switch($direction) {
case (-1):
$sql_extra = sprintf(" AND ( `dfrn-id` = '%s' OR `issued-id` = '%s' ) ", dbesc($dfrn_id),dbesc($dfrn_id));
switch ($direction) {
case -1:
$sql_extra = sprintf(" AND ( `dfrn-id` = '%s' OR `issued-id` = '%s' ) ", dbesc($dfrn_id), dbesc($dfrn_id));
$my_id = $dfrn_id;
break;
case 0:
@ -94,28 +95,29 @@ function dfrn_poll_init(App $a) {
);
if (DBM::is_result($r)) {
$s = fetch_url($r[0]['poll'] . '?dfrn_id=' . $my_id . '&type=profile-check');
logger("dfrn_poll: old profile returns " . $s, LOGGER_DATA);
if(strlen($s)) {
if (strlen($s)) {
$xml = parse_xml_string($s);
if((int) $xml->status == 1) {
if ((int) $xml->status === 1) {
$_SESSION['authenticated'] = 1;
if(! x($_SESSION,'remote'))
if (!x($_SESSION, 'remote')) {
$_SESSION['remote'] = array();
}
$_SESSION['remote'][] = array('cid' => $r[0]['id'],'uid' => $r[0]['uid'],'url' => $r[0]['url']);
$_SESSION['remote'][] = array('cid' => $r[0]['id'], 'uid' => $r[0]['uid'], 'url' => $r[0]['url']);
$_SESSION['visitor_id'] = $r[0]['id'];
$_SESSION['visitor_home'] = $r[0]['url'];
$_SESSION['visitor_handle'] = $r[0]['addr'];
$_SESSION['visitor_visiting'] = $r[0]['uid'];
if(!$quiet)
info( sprintf(t('%1$s welcomes %2$s'), $r[0]['username'] , $r[0]['name']) . EOL);
if (!$quiet) {
info(sprintf(t('%1$s welcomes %2$s'), $r[0]['username'], $r[0]['name']) . EOL);
}
// Visitors get 1 day session.
$session_id = session_id();
$expire = time() + 86400;
@ -129,53 +131,53 @@ function dfrn_poll_init(App $a) {
goaway((strlen($destination_url)) ? $destination_url : System::baseUrl() . '/profile/' . $profile);
}
goaway(System::baseUrl());
}
if($type === 'profile-check' && $dfrn_version < 2.2 ) {
if((strlen($challenge)) && (strlen($sec))) {
if ($type === 'profile-check' && $dfrn_version < 2.2) {
if ((strlen($challenge)) && (strlen($sec))) {
q("DELETE FROM `profile_check` WHERE `expire` < " . intval(time()));
$r = q("SELECT * FROM `profile_check` WHERE `sec` = '%s' ORDER BY `expire` DESC LIMIT 1",
dbesc($sec)
);
if (! DBM::is_result($r)) {
if (!DBM::is_result($r)) {
xml_status(3, 'No ticket');
// NOTREACHED
}
$orig_id = $r[0]['dfrn_id'];
if(strpos($orig_id, ':'))
$orig_id = substr($orig_id,2);
if (strpos($orig_id, ':')) {
$orig_id = substr($orig_id, 2);
}
$c = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1",
intval($r[0]['cid'])
);
if (! DBM::is_result($c)) {
if (!DBM::is_result($c)) {
xml_status(3, 'No profile');
}
$contact = $c[0];
$sent_dfrn_id = hex2bin($dfrn_id);
$challenge = hex2bin($challenge);
$challenge = hex2bin($challenge);
$final_dfrn_id = '';
if(($contact['duplex']) && strlen($contact['prvkey'])) {
openssl_private_decrypt($sent_dfrn_id,$final_dfrn_id,$contact['prvkey']);
openssl_private_decrypt($challenge,$decoded_challenge,$contact['prvkey']);
}
else {
openssl_public_decrypt($sent_dfrn_id,$final_dfrn_id,$contact['pubkey']);
openssl_public_decrypt($challenge,$decoded_challenge,$contact['pubkey']);
if (($contact['duplex']) && strlen($contact['prvkey'])) {
openssl_private_decrypt($sent_dfrn_id, $final_dfrn_id, $contact['prvkey']);
openssl_private_decrypt($challenge, $decoded_challenge, $contact['prvkey']);
} else {
openssl_public_decrypt($sent_dfrn_id, $final_dfrn_id, $contact['pubkey']);
openssl_public_decrypt($challenge, $decoded_challenge, $contact['pubkey']);
}
$final_dfrn_id = substr($final_dfrn_id, 0, strpos($final_dfrn_id, '.'));
if(strpos($final_dfrn_id,':') == 1)
$final_dfrn_id = substr($final_dfrn_id,2);
if (strpos($final_dfrn_id, ':') == 1) {
$final_dfrn_id = substr($final_dfrn_id, 2);
}
if($final_dfrn_id != $orig_id) {
if ($final_dfrn_id != $orig_id) {
logger('profile_check: ' . $final_dfrn_id . ' != ' . $orig_id, LOGGER_DEBUG);
// did not decode properly - cannot trust this site
xml_status(3, 'Bad decryption');
@ -185,11 +187,9 @@ function dfrn_poll_init(App $a) {
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?><dfrn_poll><status>0</status><challenge>$decoded_challenge</challenge><sec>$sec</sec></dfrn_poll>";
killme();
// NOTREACHED
}
else {
// old protocol
switch($direction) {
} else {
// old protocol
switch ($direction) {
case 1:
$dfrn_id = '0:' . $dfrn_id;
break;
@ -200,7 +200,6 @@ function dfrn_poll_init(App $a) {
break;
}
q("DELETE FROM `profile_check` WHERE `expire` < " . intval(time()));
$r = q("SELECT * FROM `profile_check` WHERE `dfrn_id` = '%s' ORDER BY `expire` DESC",
dbesc($dfrn_id));
@ -212,67 +211,65 @@ function dfrn_poll_init(App $a) {
return; // NOTREACHED
}
}
}
function dfrn_poll_post(App $a)
{
$dfrn_id = x($_POST,'dfrn_id') ? $_POST['dfrn_id'] : '';
$challenge = x($_POST,'challenge') ? $_POST['challenge'] : '';
$url = x($_POST,'url') ? $_POST['url'] : '';
$sec = x($_POST,'sec') ? $_POST['sec'] : '';
$ptype = x($_POST,'type') ? $_POST['type'] : '';
$dfrn_version = x($_POST,'dfrn_version') ? (float) $_POST['dfrn_version'] : 2.0;
$perm = x($_POST,'perm') ? $_POST['perm'] : 'r';
function dfrn_poll_post(App $a) {
$dfrn_id = ((x($_POST,'dfrn_id')) ? $_POST['dfrn_id'] : '');
$challenge = ((x($_POST,'challenge')) ? $_POST['challenge'] : '');
$url = ((x($_POST,'url')) ? $_POST['url'] : '');
$sec = ((x($_POST,'sec')) ? $_POST['sec'] : '');
$ptype = ((x($_POST,'type')) ? $_POST['type'] : '');
$dfrn_version = ((x($_POST,'dfrn_version')) ? (float) $_POST['dfrn_version'] : 2.0);
$perm = ((x($_POST,'perm')) ? $_POST['perm'] : 'r');
if($ptype === 'profile-check') {
if((strlen($challenge)) && (strlen($sec))) {
if ($ptype === 'profile-check') {
if (strlen($challenge) && strlen($sec)) {
logger('dfrn_poll: POST: profile-check');
q("DELETE FROM `profile_check` WHERE `expire` < " . intval(time()));
$r = q("SELECT * FROM `profile_check` WHERE `sec` = '%s' ORDER BY `expire` DESC LIMIT 1",
dbesc($sec)
);
if (! DBM::is_result($r)) {
if (!DBM::is_result($r)) {
xml_status(3, 'No ticket');
// NOTREACHED
}
$orig_id = $r[0]['dfrn_id'];
if(strpos($orig_id, ':'))
$orig_id = substr($orig_id,2);
if (strpos($orig_id, ':')) {
$orig_id = substr($orig_id, 2);
}
$c = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1",
intval($r[0]['cid'])
);
if (! DBM::is_result($c)) {
if (!DBM::is_result($c)) {
xml_status(3, 'No profile');
}
$contact = $c[0];
$sent_dfrn_id = hex2bin($dfrn_id);
$challenge = hex2bin($challenge);
$challenge = hex2bin($challenge);
$final_dfrn_id = '';
if(($contact['duplex']) && strlen($contact['prvkey'])) {
openssl_private_decrypt($sent_dfrn_id,$final_dfrn_id,$contact['prvkey']);
openssl_private_decrypt($challenge,$decoded_challenge,$contact['prvkey']);
}
else {
openssl_public_decrypt($sent_dfrn_id,$final_dfrn_id,$contact['pubkey']);
openssl_public_decrypt($challenge,$decoded_challenge,$contact['pubkey']);
if ($contact['duplex'] && strlen($contact['prvkey'])) {
openssl_private_decrypt($sent_dfrn_id, $final_dfrn_id, $contact['prvkey']);
openssl_private_decrypt($challenge, $decoded_challenge, $contact['prvkey']);
} else {
openssl_public_decrypt($sent_dfrn_id, $final_dfrn_id, $contact['pubkey']);
openssl_public_decrypt($challenge, $decoded_challenge, $contact['pubkey']);
}
$final_dfrn_id = substr($final_dfrn_id, 0, strpos($final_dfrn_id, '.'));
if(strpos($final_dfrn_id,':') == 1)
$final_dfrn_id = substr($final_dfrn_id,2);
if (strpos($final_dfrn_id, ':') == 1) {
$final_dfrn_id = substr($final_dfrn_id, 2);
}
if($final_dfrn_id != $orig_id) {
if ($final_dfrn_id != $orig_id) {
logger('profile_check: ' . $final_dfrn_id . ' != ' . $orig_id, LOGGER_DEBUG);
// did not decode properly - cannot trust this site
xml_status(3, 'Bad decryption');
@ -283,22 +280,20 @@ function dfrn_poll_post(App $a) {
killme();
// NOTREACHED
}
}
$direction = (-1);
if(strpos($dfrn_id,':') == 1) {
$direction = intval(substr($dfrn_id,0,1));
$dfrn_id = substr($dfrn_id,2);
$direction = -1;
if (strpos($dfrn_id, ':') == 1) {
$direction = intval(substr($dfrn_id, 0, 1));
$dfrn_id = substr($dfrn_id, 2);
}
$r = q("SELECT * FROM `challenge` WHERE `dfrn-id` = '%s' AND `challenge` = '%s' LIMIT 1",
dbesc($dfrn_id),
dbesc($challenge)
);
if (! DBM::is_result($r)) {
if (!DBM::is_result($r)) {
killme();
}
@ -312,8 +307,8 @@ function dfrn_poll_post(App $a) {
$sql_extra = '';
switch($direction) {
case (-1):
switch ($direction) {
case -1:
$sql_extra = sprintf(" AND `issued-id` = '%s' ", dbesc($dfrn_id));
$my_id = $dfrn_id;
break;
@ -330,11 +325,8 @@ function dfrn_poll_post(App $a) {
break; // NOTREACHED
}
$r = q("SELECT * FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 $sql_extra LIMIT 1");
if (! DBM::is_result($r)) {
if (!DBM::is_result($r)) {
killme();
}
@ -342,8 +334,7 @@ function dfrn_poll_post(App $a) {
$owner_uid = $r[0]['uid'];
$contact_id = $r[0]['id'];
if($type === 'reputation' && strlen($url)) {
if ($type === 'reputation' && strlen($url)) {
$r = q("SELECT * FROM `contact` WHERE `url` = '%s' AND `uid` = %d LIMIT 1",
dbesc($url),
intval($owner_uid)
@ -355,7 +346,7 @@ function dfrn_poll_post(App $a) {
$reputation = $r[0]['rating'];
$text = $r[0]['reason'];
if($r[0]['id'] == $contact_id) { // inquiring about own reputation not allowed
if ($r[0]['id'] == $contact_id) { // inquiring about own reputation not allowed
$reputation = 0;
$text = '';
}
@ -370,18 +361,17 @@ function dfrn_poll_post(App $a) {
";
killme();
// NOTREACHED
}
else {
} else {
// Update the writable flag if it changed
logger('dfrn_poll: post request feed: ' . print_r($_POST,true),LOGGER_DATA);
if($dfrn_version >= 2.21) {
if($perm === 'rw')
logger('dfrn_poll: post request feed: ' . print_r($_POST, true), LOGGER_DATA);
if ($dfrn_version >= 2.21) {
if ($perm === 'rw') {
$writable = 1;
else
} else {
$writable = 0;
}
if($writable != $contact['writable']) {
if ($writable != $contact['writable']) {
q("UPDATE `contact` SET `writable` = %d WHERE `id` = %d",
intval($writable),
intval($contact_id)
@ -393,29 +383,27 @@ function dfrn_poll_post(App $a) {
$o = DFRN::feed($dfrn_id, $a->argv[1], $last_update, $direction);
echo $o;
killme();
}
}
function dfrn_poll_content(App $a) {
function dfrn_poll_content(App $a)
{
$dfrn_id = x($_GET,'dfrn_id') ? $_GET['dfrn_id'] : '';
$type = x($_GET,'type') ? $_GET['type'] : 'data';
$last_update = x($_GET,'last_update') ? $_GET['last_update'] : '';
$destination_url = x($_GET,'destination_url') ? $_GET['destination_url'] : '';
$sec = x($_GET,'sec') ? $_GET['sec'] : '';
$dfrn_version = x($_GET,'dfrn_version') ? (float) $_GET['dfrn_version'] : 2.0;
$perm = x($_GET,'perm') ? $_GET['perm'] : 'r';
$quiet = x($_GET,'quiet') ? true : false;
$dfrn_id = ((x($_GET,'dfrn_id')) ? $_GET['dfrn_id'] : '');
$type = ((x($_GET,'type')) ? $_GET['type'] : 'data');
$last_update = ((x($_GET,'last_update')) ? $_GET['last_update'] : '');
$destination_url = ((x($_GET,'destination_url')) ? $_GET['destination_url'] : '');
$sec = ((x($_GET,'sec')) ? $_GET['sec'] : '');
$dfrn_version = ((x($_GET,'dfrn_version')) ? (float) $_GET['dfrn_version'] : 2.0);
$perm = ((x($_GET,'perm')) ? $_GET['perm'] : 'r');
$quiet = ((x($_GET,'quiet')) ? true : false);
$direction = (-1);
if(strpos($dfrn_id,':') == 1) {
$direction = intval(substr($dfrn_id,0,1));
$dfrn_id = substr($dfrn_id,2);
$direction = -1;
if (strpos($dfrn_id, ':') == 1) {
$direction = intval(substr($dfrn_id, 0, 1));
$dfrn_id = substr($dfrn_id, 2);
}
if($dfrn_id != '') {
if ($dfrn_id != '') {
// initial communication from external contact
$hash = random_string();
@ -423,7 +411,7 @@ function dfrn_poll_content(App $a) {
$r = q("DELETE FROM `challenge` WHERE `expire` < " . intval(time()));
if($type !== 'profile') {
if ($type !== 'profile') {
$r = q("INSERT INTO `challenge` ( `challenge`, `dfrn-id`, `expire` , `type`, `last_update` )
VALUES( '%s', '%s', '%s', '%s', '%s' ) ",
dbesc($hash),
@ -433,13 +421,16 @@ function dfrn_poll_content(App $a) {
dbesc($last_update)
);
}
$sql_extra = '';
switch($direction) {
case (-1):
if($type === 'profile')
$sql_extra = sprintf(" AND ( `dfrn-id` = '%s' OR `issued-id` = '%s' ) ", dbesc($dfrn_id),dbesc($dfrn_id));
else
switch ($direction) {
case -1:
if ($type === 'profile') {
$sql_extra = sprintf(" AND ( `dfrn-id` = '%s' OR `issued-id` = '%s' ) ", dbesc($dfrn_id), dbesc($dfrn_id));
} else {
$sql_extra = sprintf(" AND `issued-id` = '%s' ", dbesc($dfrn_id));
}
$my_id = $dfrn_id;
break;
case 0:
@ -463,36 +454,30 @@ function dfrn_poll_content(App $a) {
AND `user`.`nickname` = '%s' $sql_extra LIMIT 1",
dbesc($nickname)
);
if (DBM::is_result($r)) {
$challenge = '';
$encrypted_id = '';
$id_str = $my_id . '.' . mt_rand(1000,9999);
$id_str = $my_id . '.' . mt_rand(1000, 9999);
if(($r[0]['duplex'] && strlen($r[0]['pubkey'])) || (! strlen($r[0]['prvkey']))) {
openssl_public_encrypt($hash,$challenge,$r[0]['pubkey']);
openssl_public_encrypt($id_str,$encrypted_id,$r[0]['pubkey']);
}
else {
openssl_private_encrypt($hash,$challenge,$r[0]['prvkey']);
openssl_private_encrypt($id_str,$encrypted_id,$r[0]['prvkey']);
if (($r[0]['duplex'] && strlen($r[0]['pubkey'])) || !strlen($r[0]['prvkey'])) {
openssl_public_encrypt($hash, $challenge, $r[0]['pubkey']);
openssl_public_encrypt($id_str, $encrypted_id, $r[0]['pubkey']);
} else {
openssl_private_encrypt($hash, $challenge, $r[0]['prvkey']);
openssl_private_encrypt($id_str, $encrypted_id, $r[0]['prvkey']);
}
$challenge = bin2hex($challenge);
$encrypted_id = bin2hex($encrypted_id);
}
else {
} else {
$status = 1;
$challenge = '';
$encrypted_id = '';
}
if(($type === 'profile') && (strlen($sec))) {
if (($type === 'profile') && (strlen($sec))) {
// URL reply
if($dfrn_version < 2.2) {
if ($dfrn_version < 2.2) {
$s = fetch_url($r[0]['poll']
. '?dfrn_id=' . $encrypted_id
. '&type=profile-check'
@ -500,8 +485,7 @@ function dfrn_poll_content(App $a) {
. '&challenge=' . $challenge
. '&sec=' . $sec
);
}
else {
} else {
$s = post_url($r[0]['poll'], array(
'dfrn_id' => $encrypted_id,
'type' => 'profile-check',
@ -513,7 +497,7 @@ function dfrn_poll_content(App $a) {
$profile = ((DBM::is_result($r) && $r[0]['nickname']) ? $r[0]['nickname'] : $nickname);
switch($destination_url) {
switch ($destination_url) {
case 'profile':
$dest = System::baseUrl() . '/profile/' . $profile . '?f=&tab=profile';
break;
@ -532,26 +516,28 @@ function dfrn_poll_content(App $a) {
logger("dfrn_poll: sec profile: " . $s, LOGGER_DATA);
if(strlen($s) && strstr($s,'<?xml')) {
if (strlen($s) && strstr($s, '<?xml')) {
$xml = parse_xml_string($s);
logger('dfrn_poll: profile: parsed xml: ' . print_r($xml,true), LOGGER_DATA);
logger('dfrn_poll: profile: parsed xml: ' . print_r($xml, true), LOGGER_DATA);
logger('dfrn_poll: secure profile: challenge: ' . $xml->challenge . ' expecting ' . $hash);
logger('dfrn_poll: secure profile: sec: ' . $xml->sec . ' expecting ' . $sec);
if(((int) $xml->status == 0) && ($xml->challenge == $hash) && ($xml->sec == $sec)) {
if (((int) $xml->status == 0) && ($xml->challenge == $hash) && ($xml->sec == $sec)) {
$_SESSION['authenticated'] = 1;
if(! x($_SESSION,'remote'))
if (!x($_SESSION, 'remote')) {
$_SESSION['remote'] = array();
$_SESSION['remote'][] = array('cid' => $r[0]['id'],'uid' => $r[0]['uid'],'url' => $r[0]['url']);
}
$_SESSION['remote'][] = array('cid' => $r[0]['id'], 'uid' => $r[0]['uid'], 'url' => $r[0]['url']);
$_SESSION['visitor_id'] = $r[0]['id'];
$_SESSION['visitor_home'] = $r[0]['url'];
$_SESSION['visitor_visiting'] = $r[0]['uid'];
if(!$quiet)
info( sprintf(t('%1$s welcomes %2$s'), $r[0]['username'] , $r[0]['name']) . EOL);
if (!$quiet) {
info(sprintf(t('%1$s welcomes %2$s'), $r[0]['username'], $r[0]['name']) . EOL);
}
// Visitors get 1 day session.
$session_id = session_id();
$expire = time() + 86400;
@ -565,9 +551,7 @@ function dfrn_poll_content(App $a) {
}
goaway($dest);
// NOTREACHED
}
else {
} else {
// XML reply
header("Content-type: text/xml");
echo '<?xml version="1.0" encoding="UTF-8"?>' . "\r\n"
@ -576,7 +560,7 @@ function dfrn_poll_content(App $a) {
. "\t" . '<dfrn_version>' . DFRN_PROTOCOL_VERSION . '</dfrn_version>' . "\r\n"
. "\t" . '<dfrn_id>' . $encrypted_id . '</dfrn_id>' . "\r\n"
. "\t" . '<challenge>' . $challenge . '</challenge>' . "\r\n"
. '</dfrn_poll>' . "\r\n" ;
. '</dfrn_poll>' . "\r\n";
killme();
// NOTREACHED
}

7
mod/display.php
View file

@ -201,8 +201,9 @@ function display_content(App $a, $update = false, $update_uid = 0) {
if ($update) {
$item_id = $_REQUEST['item_id'];
$item = dba::select('item', ['uid'], ['id' => $item_id], ['limit' => 1]);
$item = dba::select('item', ['uid', 'parent'], ['id' => $item_id], ['limit' => 1]);
$a->profile = array('uid' => intval($item['uid']), 'profile_uid' => intval($item['uid']));
$item_parent = $item['parent'];
} else {
$item_id = (($a->argc > 2) ? $a->argv[2] : 0);
@ -260,7 +261,7 @@ function display_content(App $a, $update = false, $update_uid = 0) {
$contact_id = 0;
if (is_array($_SESSION['remote'])) {
if (x($_SESSION, 'remote') && is_array($_SESSION['remote'])) {
foreach ($_SESSION['remote'] as $v) {
if ($v['uid'] == $a->profile['uid']) {
$contact_id = $v['cid'];
@ -294,7 +295,7 @@ function display_content(App $a, $update = false, $update_uid = 0) {
}
$is_owner = (local_user() && (in_array($a->profile['profile_uid'], [local_user(), 0])) ? true : false);
if ($a->profile['hidewall'] && !$is_owner && !$remote_contact) {
if (x($a->profile, 'hidewall') && !$is_owner && !$remote_contact) {
notice(t('Access to this profile has been restricted.') . EOL);
return;
}

16
mod/events.php
View file

@ -20,7 +20,7 @@ function events_init(App $a) {
return;
}
if ($a->argc == 1) {
if ($a->argc > 1) {
// If it's a json request abort here because we don't
// need the widget data
if ($a->argv[1] === 'json') {
@ -234,6 +234,7 @@ function events_content(App $a) {
));
$o = '';
$tabs = '';
// tabs
if ($a->theme_events_in_profile) {
$tabs = profile_tabs($a, true);
@ -309,10 +310,13 @@ function events_content(App $a) {
$start = sprintf('%d-%d-%d %d:%d:%d', $y, $m, 1, 0, 0, 0);
$finish = sprintf('%d-%d-%d %d:%d:%d', $y, $m, $dim, 23, 59, 59);
if ($a->argv[1] === 'json') {
if (x($_GET, 'start')) {$start = $_GET['start'];}
if (x($_GET, 'end')) {$finish = $_GET['end'];}
if ($a->argc > 1 && $a->argv[1] === 'json') {
if (x($_GET, 'start')) {
$start = $_GET['start'];
}
if (x($_GET, 'end')) {
$finish = $_GET['end'];
}
}
$start = datetime_convert('UTC', 'UTC', $start);
@ -358,7 +362,7 @@ function events_content(App $a) {
$events = process_events($r);
}
if ($a->argv[1] === 'json'){
if ($a->argc > 1 && $a->argv[1] === 'json'){
echo json_encode($events);
killme();
}

2
mod/fetch.php
View file

@ -8,8 +8,6 @@ use Friendica\Core\System;
use Friendica\Protocol\Diaspora;
use Friendica\Util\XML;
require_once "include/crypto.php";
function fetch_init(App $a)
{

21
mod/follow.php
View file

@ -11,8 +11,8 @@ require_once 'include/contact_selectors.php';
function follow_post(App $a) {
if (! local_user()) {
notice( t('Permission denied.') . EOL);
if (!local_user()) {
notice(t('Permission denied.') . EOL);
goaway($_SESSION['return_url']);
// NOTREACHED
}
@ -40,7 +40,7 @@ function follow_post(App $a) {
goaway(System::baseUrl().'/contacts/'.$result['cid']);
}
info( t('Contact added').EOL);
info(t('Contact added').EOL);
if (strstr($return_url,'contacts')) {
goaway(System::baseUrl().'/contacts/'.$contact_id);
@ -52,8 +52,8 @@ function follow_post(App $a) {
function follow_content(App $a) {
if (! local_user()) {
notice( t('Permission denied.') . EOL);
if (!local_user()) {
notice(t('Permission denied.') . EOL);
goaway($_SESSION['return_url']);
// NOTREACHED
}
@ -81,21 +81,21 @@ function follow_content(App $a) {
$ret = Probe::uri($url);
if (($ret["network"] == NETWORK_DIASPORA) && !Config::get('system','diaspora_enabled')) {
notice( t("Diaspora support isn't enabled. Contact can't be added.") . EOL);
notice(t("Diaspora support isn't enabled. Contact can't be added.") . EOL);
$submit = "";
//goaway($_SESSION['return_url']);
// NOTREACHED
}
if (($ret["network"] == NETWORK_OSTATUS) && Config::get('system','ostatus_disabled')) {
notice( t("OStatus support is disabled. Contact can't be added.") . EOL);
notice(t("OStatus support is disabled. Contact can't be added.") . EOL);
$submit = "";
//goaway($_SESSION['return_url']);
// NOTREACHED
}
if ($ret["network"] == NETWORK_PHANTOM) {
notice( t("The network type couldn't be detected. Contact can't be added.") . EOL);
notice(t("The network type couldn't be detected. Contact can't be added.") . EOL);
$submit = "";
//goaway($_SESSION['return_url']);
// NOTREACHED
@ -116,7 +116,7 @@ function follow_content(App $a) {
$r = q("SELECT `url` FROM `contact` WHERE `uid` = %d AND `self` LIMIT 1", intval($uid));
if (!$r) {
notice( t('Permission denied.') . EOL);
notice(t('Permission denied.') . EOL);
goaway($_SESSION['return_url']);
// NOTREACHED
}
@ -176,7 +176,8 @@ function follow_content(App $a) {
));
$a->page['aside'] = "";
profile_load($a, "", 0, Contact::getDetailsByURL($ret["url"]));
profile_load($a, "", 0, Contact::getDetailsByURL($ret["url"]), false);
if ($gcontact_id <> 0) {
$o .= replace_macros(get_markup_template('section_title.tpl'),

2
mod/fsuggest.php
View file

@ -4,6 +4,8 @@ use Friendica\App;
use Friendica\Core\Worker;
use Friendica\Database\DBM;
require_once 'include/follow.php';
function fsuggest_post(App $a) {
if (! local_user()) {

23
mod/hostxrd.php
View file

@ -1,18 +1,21 @@
<?php
/**
* @file mod/hostxrd.php
*/
use Friendica\App;
use Friendica\Core\Config;
use Friendica\Core\System;
use Friendica\Protocol\Salmon;
use Friendica\Util\Crypto;
require_once('include/crypto.php');
function hostxrd_init(App $a) {
function hostxrd_init(App $a)
{
header('Access-Control-Allow-Origin: *');
header("Content-type: text/xml");
$pubkey = Config::get('system','site_pubkey');
$pubkey = Config::get('system', 'site_pubkey');
if(! $pubkey) {
$res = new_keypair(1024);
if (! $pubkey) {
$res = Crypto::newKeypair(1024);
Config::set('system','site_prvkey', $res['prvkey']);
Config::set('system','site_pubkey', $res['pubkey']);
@ -23,8 +26,8 @@ function hostxrd_init(App $a) {
'$zhost' => $a->get_hostname(),
'$zroot' => System::baseUrl(),
'$domain' => System::baseUrl(),
'$bigkey' => salmon_key(Config::get('system','site_pubkey')),
));
exit();
'$bigkey' => Salmon::salmonKey(Config::get('system', 'site_pubkey')))
);
exit();
}

89
mod/hovercard.php
View file

@ -7,90 +7,87 @@
* Author: Rabuzarus <https://github.com/rabuzarus>
* License: GNU AFFERO GENERAL PUBLIC LICENSE (Version 3)
*/
use Friendica\App;
use Friendica\Core\Config;
use Friendica\Model\Contact;
use Friendica\Model\GContact;
function hovercard_init(App $a) {
function hovercard_init(App $a)
{
// Just for testing purposes
$_GET["mode"] = "minimal";
$_GET['mode'] = 'minimal';
}
function hovercard_content() {
$profileurl = (x($_REQUEST,'profileurl') ? $_REQUEST['profileurl'] : "");
$datatype = (x($_REQUEST,'datatype') ?$_REQUEST['datatype'] : "json");
function hovercard_content()
{
$profileurl = defaults($_REQUEST, 'profileurl', '');
$datatype = defaults($_REQUEST, 'datatype' , 'json');
// Get out if the system doesn't have public access allowed
if(intval(Config::get('system','block_public')))
if (intval(Config::get('system', 'block_public'))) {
http_status_exit(401);
}
// Return the raw content of the template. We use this to make templates usable for js functions.
// Look at hovercard.js (function getHoverCardTemplate()).
// This part should be moved in it's own module. Maybe we could make more templates accessabel.
// (We need to discuss possible security lacks before doing this)
if ($datatype == "tpl") {
$templatecontent = get_template_content("hovercard.tpl");
// This part should be moved in its own module. Maybe we could make more templates accessible.
// (We need to discuss possible security leaks before doing this)
if ($datatype == 'tpl') {
$templatecontent = get_template_content('hovercard.tpl');
echo $templatecontent;
killme();
}
// If a contact is connected the url is internally changed to "redir/CID". We need the pure url to search for
// If a contact is connected the url is internally changed to 'redir/CID'. We need the pure url to search for
// the contact. So we strip out the contact id from the internal url and look in the contact table for
// the real url (nurl)
if (local_user() && strpos($profileurl, "redir/") === 0) {
$cid = 0;
if (local_user() && strpos($profileurl, 'redir/') === 0) {
$cid = intval(substr($profileurl, 6));
$r = dba::select('contact', array('nurl', 'self'), array('id' => $cid), array('limit' => 1));
$profileurl = ($r["nurl"] ? $r["nurl"] : "");
$self = ($r["self"] ? $r["self"] : "");
$r = dba::select('contact', array('nurl'), array('id' => $cid), array('limit' => 1));
$profileurl = defaults($r, 'nurl', '');
}
$contact = [];
// if it's the url containing https it should be converted to http
$nurl = normalise_link(GContact::cleanContactUrl($profileurl));
if($nurl) {
if ($nurl) {
// Search for contact data
$contact = Contact::getDetailsByURL($nurl);
}
if(!is_array($contact))
if (!count($contact)) {
return;
}
// Get the photo_menu - the menu if possible contact actions
if(local_user())
if (local_user()) {
$actions = Contact::photoMenu($contact);
}
// Move the contact data to the profile array so we can deliver it to
//
$profile = array(
'name' => $contact["name"],
'nick' => $contact["nick"],
'addr' => (($contact["addr"] != "") ? $contact["addr"] : $contact["url"]),
'thumb' => proxy_url($contact["thumb"], false, PROXY_SIZE_THUMB),
'url' => ($cid ? ("redir/".$cid) : zrl($contact["url"])),
'nurl' => $contact["nurl"], // We additionally store the nurl as identifier
// 'alias' => $contact["alias"],
'location' => $contact["location"],
'gender' => $contact["gender"],
'about' => $contact["about"],
'network' => format_network_name($contact["network"], $contact["url"]),
'tags' => $contact["keywords"],
// 'nsfw' => intval($contact["nsfw"]),
// 'server_url' => $contact["server_url"],
'bd' => (($contact["birthday"] <= '0001-01-01') ? "" : $contact["birthday"]),
// 'generation' => $contact["generation"],
'name' => $contact['name'],
'nick' => $contact['nick'],
'addr' => defaults($contact, 'addr', $contact['url']),
'thumb' => proxy_url($contact['thumb'], false, PROXY_SIZE_THUMB),
'url' => $cid ? ('redir/' . $cid) : zrl($contact['url']),
'nurl' => $contact['nurl'], // We additionally store the nurl as identifier
'location' => $contact['location'],
'gender' => $contact['gender'],
'about' => $contact['about'],
'network' => format_network_name($contact['network'], $contact['url']),
'tags' => $contact['keywords'],
'bd' => $contact['birthday'] <= '0001-01-01' ? '' : $contact['birthday'],
'account_type' => Contact::getAccountType($contact),
'actions' => $actions,
'actions' => $actions,
);
if($datatype == "html") {
$t = get_markup_template("hovercard.tpl");
$o = replace_macros($t, array(
if ($datatype == 'html') {
$tpl = get_markup_template('hovercard.tpl');
$o = replace_macros($tpl, array(
'$profile' => $profile,
));
return $o;
} else {
json_return_and_die($profile);
}
@ -104,15 +101,15 @@ function hovercard_content() {
*
* @return string|bool Output the raw content if existent, otherwise false
*/
function get_template_content($template, $root = "") {
function get_template_content($template, $root = '')
{
// We load the whole template system to get the filename.
// Maybe we can do it a little bit smarter if I get time.
$t = get_markup_template($template, $root);
$filename = $t->filename;
// Get the content of the template file
if(file_exists($filename)) {
if (file_exists($filename)) {
$content = file_get_contents($filename);
return $content;

1
mod/item.php
View file

@ -29,7 +29,6 @@ use Friendica\Protocol\Diaspora;
use Friendica\Protocol\Email;
use Friendica\Util\Emailer;
require_once 'include/crypto.php';
require_once 'include/enotify.php';
require_once 'include/tags.php';
require_once 'include/files.php';

29
mod/like.php
View file

@ -3,33 +3,35 @@
use Friendica\App;
use Friendica\Core\System;
require_once('include/security.php');
require_once('include/bbcode.php');
require_once('include/items.php');
require_once('include/like.php');
require_once 'include/security.php';
require_once 'include/bbcode.php';
require_once 'include/items.php';
require_once 'include/like.php';
function like_content(App $a) {
if(! local_user() && ! remote_user()) {
if (!local_user() && !remote_user()) {
return false;
}
$verb = notags(trim($_GET['verb']));
if(! $verb)
if (!$verb) {
$verb = 'like';
}
$item_id = (($a->argc > 1) ? notags(trim($a->argv[1])) : 0);
$r = do_like($item_id, $verb);
if (!$r) return;
if (!$r) {
return;
}
// See if we've been passed a return path to redirect to
$return_path = ((x($_REQUEST,'return')) ? $_REQUEST['return'] : '');
like_content_return(System::baseUrl(), $return_path);
killme(); // NOTREACHED
// return; // NOTREACHED
}
@ -37,15 +39,16 @@ function like_content(App $a) {
// then redirect back to the calling page. If not, just quietly end
function like_content_return($baseurl, $return_path) {
if($return_path) {
if ($return_path) {
$rand = '_=' . time();
if(strpos($return_path, '?')) $rand = "&$rand";
else $rand = "?$rand";
if (strpos($return_path, '?')) {
$rand = "&$rand";
} else {
$rand = "?$rand";
}
goaway($baseurl . "/" . $return_path . $rand);
}
killme();
}

168
mod/message.php
View file

@ -10,107 +10,104 @@ require_once 'include/acl_selectors.php';
require_once 'include/message.php';
require_once 'include/conversation.php';
function message_init(App $a) {
function message_init(App $a)
{
$tabs = '';
if ($a->argc >1 && is_numeric($a->argv[1])) {
$tabs = render_messages(get_messages(local_user(),0,5), 'mail_list.tpl');
if ($a->argc > 1 && is_numeric($a->argv[1])) {
$tabs = render_messages(get_messages(local_user(), 0, 5), 'mail_list.tpl');
}
$new = array(
'label' => t('New Message'),
'url' => 'message/new',
'sel'=> ($a->argv[1] == 'new'),
'sel' => $a->argc > 1 && $a->argv[1] == 'new',
'accesskey' => 'm',
);
$tpl = get_markup_template('message_side.tpl');
$a->page['aside'] = replace_macros($tpl, array(
'$tabs'=>$tabs,
'$new'=>$new,
'$tabs' => $tabs,
'$new' => $new,
));
$base = System::baseUrl();
$head_tpl = get_markup_template('message-head.tpl');
$a->page['htmlhead'] .= replace_macros($head_tpl,array(
$a->page['htmlhead'] .= replace_macros($head_tpl, array(
'$baseurl' => System::baseUrl(true),
'$base' => $base
));
$end_tpl = get_markup_template('message-end.tpl');
$a->page['end'] .= replace_macros($end_tpl,array(
$a->page['end'] .= replace_macros($end_tpl, array(
'$baseurl' => System::baseUrl(true),
'$base' => $base
));
}
function message_post(App $a) {
if (! local_user()) {
notice( t('Permission denied.') . EOL);
function message_post(App $a)
{
if (!local_user()) {
notice(t('Permission denied.') . EOL);
return;
}
$replyto = ((x($_REQUEST,'replyto')) ? notags(trim($_REQUEST['replyto'])) : '');
$subject = ((x($_REQUEST,'subject')) ? notags(trim($_REQUEST['subject'])) : '');
$body = ((x($_REQUEST,'body')) ? escape_tags(trim($_REQUEST['body'])) : '');
$recipient = ((x($_REQUEST,'messageto')) ? intval($_REQUEST['messageto']) : 0 );
$replyto = x($_REQUEST, 'replyto') ? notags(trim($_REQUEST['replyto'])) : '';
$subject = x($_REQUEST, 'subject') ? notags(trim($_REQUEST['subject'])) : '';
$body = x($_REQUEST, 'body') ? escape_tags(trim($_REQUEST['body'])) : '';
$recipient = x($_REQUEST, 'messageto') ? intval($_REQUEST['messageto']) : 0;
$ret = send_message($recipient, $body, $subject, $replyto);
$norecip = false;
switch($ret){
switch ($ret) {
case -1:
notice( t('No recipient selected.') . EOL );
notice(t('No recipient selected.') . EOL);
$norecip = true;
break;
case -2:
notice( t('Unable to locate contact information.') . EOL );
notice(t('Unable to locate contact information.') . EOL);
break;
case -3:
notice( t('Message could not be sent.') . EOL );
notice(t('Message could not be sent.') . EOL);
break;
case -4:
notice( t('Message collection failure.') . EOL );
notice(t('Message collection failure.') . EOL);
break;
default:
info( t('Message sent.') . EOL );
info(t('Message sent.') . EOL);
}
// fake it to go back to the input form if no recipient listed
if ($norecip) {
$a->argc = 2;
$a->argv[1] = 'new';
} else
} else {
goaway($_SESSION['return_url']);
}
}
function message_content(App $a) {
function message_content(App $a)
{
$o = '';
nav_set_selected('messages');
if (! local_user()) {
notice( t('Permission denied.') . EOL);
if (!local_user()) {
notice(t('Permission denied.') . EOL);
return;
}
$myprofile = System::baseUrl().'/profile/' . $a->user['nickname'];
$myprofile = System::baseUrl() . '/profile/' . $a->user['nickname'];
$tpl = get_markup_template('mail_head.tpl');
$header = replace_macros($tpl, array(
'$messages' => t('Messages'),
'$tab_content' => $tab_content
));
if (($a->argc == 3) && ($a->argv[1] === 'drop' || $a->argv[1] === 'dropconv')) {
if (! intval($a->argv[2]))
if (!intval($a->argv[2])) {
return;
}
// Check if we should do HTML-based delete confirmation
if ($_REQUEST['confirm']) {
@ -118,7 +115,7 @@ function message_content(App $a) {
// so add any arguments as hidden inputs
$query = explode_querystring($a->query_string);
$inputs = array();
foreach($query['args'] as $arg) {
foreach ($query['args'] as $arg) {
if (strpos($arg, 'confirm=') === false) {
$arg_parts = explode('=', $arg);
$inputs[] = array('name' => $arg_parts[0], 'value' => $arg_parts[1]);
@ -148,7 +145,7 @@ function message_content(App $a) {
intval(local_user())
);
if ($r) {
info( t('Message deleted.') . EOL );
info(t('Message deleted.') . EOL);
}
//goaway(System::baseUrl(true) . '/message' );
goaway($_SESSION['return_url']);
@ -170,24 +167,22 @@ function message_content(App $a) {
// Actually if we do this, we can never receive another reply to that conversation,
// as we will never again have the info we need to re-create it.
// We'll just have to orphan it.
//if ($convid) {
// q("delete from conv where id = %d limit 1",
// intval($convid)
// );
//}
if ($r)
info( t('Conversation removed.') . EOL );
if ($r) {
info(t('Conversation removed.') . EOL);
}
}
//goaway(System::baseUrl(true) . '/message' );
goaway($_SESSION['return_url']);
}
}
if (($a->argc > 1) && ($a->argv[1] === 'new')) {
$o .= $header;
$tpl = get_markup_template('msg-header.tpl');
@ -204,8 +199,7 @@ function message_content(App $a) {
'$linkurl' => t('Please enter a link URL:')
));
$preselect = (isset($a->argv[2])?array($a->argv[2]):false);
$preselect = isset($a->argv[2]) ? array($a->argv[2]) : false;
$prename = $preurl = $preid = '';
@ -233,18 +227,18 @@ function message_content(App $a) {
$preurl = $r[0]['url'];
$preid = $r[0]['id'];
$preselect = array($preid);
} else
} else {
$preselect = false;
}
}
$prefill = (($preselect) ? $prename : '');
$prefill = $preselect ? $prename : '';
// the ugly select box
$select = contact_select('messageto','message-to-select', $preselect, 4, true, false, false, 10);
$select = contact_select('messageto', 'message-to-select', $preselect, 4, true, false, false, 10);
$tpl = get_markup_template('prv_message.tpl');
$o .= replace_macros($tpl,array(
$o .= replace_macros($tpl, array(
'$header' => t('Send Private Message'),
'$to' => t('To:'),
'$showinputs' => 'true',
@ -252,8 +246,8 @@ function message_content(App $a) {
'$autocomp' => $autocomp,
'$preid' => $preid,
'$subject' => t('Subject:'),
'$subjtxt' => ((x($_REQUEST,'subject')) ? strip_tags($_REQUEST['subject']) : ''),
'$text' => ((x($_REQUEST,'body')) ? escape_tags(htmlspecialchars($_REQUEST['body'])) : ''),
'$subjtxt' => x($_REQUEST, 'subject') ? strip_tags($_REQUEST['subject']) : '',
'$text' => x($_REQUEST, 'body') ? escape_tags(htmlspecialchars($_REQUEST['body'])) : '',
'$readonly' => '',
'$yourmessage' => t('Your message:'),
'$select' => $select,
@ -286,8 +280,8 @@ function message_content(App $a) {
$r = get_messages(local_user(), $a->pager['start'], $a->pager['itemspage']);
if (! DBM::is_result($r)) {
info( t('No messages.') . EOL);
if (!DBM::is_result($r)) {
info(t('No messages.') . EOL);
return $o;
}
@ -325,8 +319,8 @@ function message_content(App $a) {
intval(local_user())
);
}
if (! count($messages)) {
notice( t('Message not available.') . EOL );
if (!count($messages)) {
notice(t('Message not available.') . EOL);
return $o;
}
@ -355,24 +349,24 @@ function message_content(App $a) {
$seen = 0;
$unknown = false;
foreach($messages as $message) {
foreach ($messages as $message) {
if ($message['unknown'])
$unknown = true;
if ($message['from-url'] == $myprofile) {
$from_url = $myprofile;
$sparkle = '';
} elseif ($message['contact-id'] != 0) {
$from_url = 'redir/'.$message['contact-id'];
$from_url = 'redir/' . $message['contact-id'];
$sparkle = ' sparkle';
} else {
$from_url = $message['from-url']."?zrl=".urlencode($myprofile);
$from_url = $message['from-url'] . "?zrl=" . urlencode($myprofile);
$sparkle = ' sparkle';
}
$extracted = item_extract_images($message['body']);
if ($extracted['images'])
if ($extracted['images']) {
$message['body'] = item_redir_and_replace_images($extracted['body'], $extracted['images'], $message['contact-id']);
}
$from_name_e = $message['from-name'];
$subject_e = $message['title'];
@ -380,10 +374,11 @@ function message_content(App $a) {
$to_name_e = $message['name'];
$contact = Contact::getDetailsByURL($message['from-url']);
if (isset($contact["thumb"]))
if (isset($contact["thumb"])) {
$from_photo = $contact["thumb"];
else
} else {
$from_photo = $message['from-photo'];
}
$mails[] = array(
'id' => $message['id'],
@ -396,26 +391,22 @@ function message_content(App $a) {
'body' => $body_e,
'delete' => t('Delete message'),
'to_name' => $to_name_e,
'date' => datetime_convert('UTC',date_default_timezone_get(),$message['created'],'D, d M Y - g:i A'),
'ago' => relative_date($message['created']),
'date' => datetime_convert('UTC', date_default_timezone_get(), $message['created'], 'D, d M Y - g:i A'),
'ago' => relative_date($message['created']),
);
$seen = $message['seen'];
}
$select = $message['name'] . '<input type="hidden" name="messageto" value="' . $contact_id . '" />';
$parent = '<input type="hidden" name="replyto" value="' . $message['parent-uri'] . '" />';
$tpl = get_markup_template('mail_display.tpl');
$subjtxt_e = $message['title'];
$o = replace_macros($tpl, array(
'$thread_id' => $a->argv[1],
'$thread_subject' => $message['title'],
'$thread_seen' => $seen,
'$delete' => t('Delete conversation'),
'$delete' => t('Delete conversation'),
'$canreply' => (($unknown) ? false : '1'),
'$unknown_text' => t("No secure communications available. You <strong>may</strong> be able to respond from the sender's profile page."),
'$mails' => $mails,
@ -425,7 +416,7 @@ function message_content(App $a) {
'$to' => t('To:'),
'$showinputs' => '',
'$subject' => t('Subject:'),
'$subjtxt' => $subjtxt_e,
'$subjtxt' => $message['title'],
'$readonly' => ' readonly="readonly" style="background: #BBBBBB;" ',
'$yourmessage' => t('Your message:'),
'$text' => '',
@ -435,14 +426,14 @@ function message_content(App $a) {
'$insert' => t('Insert web link'),
'$submit' => t('Submit'),
'$wait' => t('Please wait')
));
return $o;
}
}
function get_messages($user, $lstart, $lend) {
function get_messages($user, $lstart, $lend)
{
//TODO: rewritte with a sub-query to get the first message of each private thread with certainty
return q("SELECT max(`mail`.`created`) AS `mailcreated`, min(`mail`.`seen`) AS `mailseen`,
ANY_VALUE(`mail`.`id`) AS `id`, ANY_VALUE(`mail`.`uid`) AS `uid`, ANY_VALUE(`mail`.`guid`) AS `guid`,
@ -461,33 +452,34 @@ function get_messages($user, $lstart, $lend) {
);
}
function render_messages(array $msg, $t) {
function render_messages(array $msg, $t)
{
$a = get_app();
$tpl = get_markup_template($t);
$rslt = '';
$myprofile = System::baseUrl().'/profile/' . $a->user['nickname'];
$myprofile = System::baseUrl() . '/profile/' . $a->user['nickname'];
foreach($msg as $rr) {
if ($rr['unknown'])
$participants = sprintf( t("Unknown sender - %s"),$rr['from-name']);
elseif (link_compare($rr['from-url'], $myprofile))
$participants = sprintf( t("You and %s"), $rr['name']);
else
$participants = sprintf(t("%s and You"), $rr['from-name']);
foreach ($msg as $rr) {
if ($rr['unknown']) {
$participants = t("Unknown sender - %s", $rr['from-name']);
} elseif (link_compare($rr['from-url'], $myprofile)) {
$participants = t("You and %s", $rr['name']);
} else {
$participants = t("%s and You", $rr['from-name']);
}
$subject_e = (($rr['mailseen']) ? $rr['title'] : '<strong>' . $rr['title'] . '</strong>');
$body_e = $rr['body'];
$to_name_e = $rr['name'];
$contact = Contact::getDetailsByURL($rr['url']);
if (isset($contact["thumb"]))
if (isset($contact["thumb"])) {
$from_photo = $contact["thumb"];
else
} else {
$from_photo = (($rr['thumb']) ? $rr['thumb'] : $rr['from-photo']);
}
$rslt .= replace_macros($tpl, array(
'$id' => $rr['id'],
@ -500,10 +492,10 @@ function render_messages(array $msg, $t) {
'$delete' => t('Delete conversation'),
'$body' => $body_e,
'$to_name' => $to_name_e,
'$date' => datetime_convert('UTC',date_default_timezone_get(),$rr['mailcreated'], t('D, d M Y - g:i A')),
'$ago' => relative_date($rr['mailcreated']),
'$date' => datetime_convert('UTC', date_default_timezone_get(), $rr['mailcreated'], t('D, d M Y - g:i A')),
'$ago' => relative_date($rr['mailcreated']),
'$seen' => $rr['mailseen'],
'$count' => sprintf( tt('%d message', '%d messages', $rr['count']), $rr['count']),
'$count' => tt('%d message', '%d messages', $rr['count']),
));
}

36
mod/network.php
View file

@ -365,7 +365,7 @@ function networkConversation($a, $items, $mode, $update) {
// Set this so that the conversation function can find out contact info for our wall-wall items
$a->page_contact = $a->contact;
$o .= conversation($a, $items, $mode, $update);
$o = conversation($a, $items, $mode, $update);
if (!$update) {
if (PConfig::get(local_user(), 'system', 'infinite_scroll')) {
@ -568,9 +568,9 @@ function networkThreadedView(App $a, $update = 0) {
if ($group) {
if (($t = Contact::getOStatusCountByGroupId($group)) && !PConfig::get(local_user(), 'system', 'nowarn_insecure')) {
notice(sprintf(tt("Warning: This group contains %s member from a network that doesn't allow non public messages.",
notice(tt("Warning: This group contains %s member from a network that doesn't allow non public messages.",
"Warning: This group contains %s members from a network that doesn't allow non public messages.",
$t), $t).EOL);
$t) . EOL);
notice(t("Messages in this group won't be send to these receivers.").EOL);
}
}
@ -664,7 +664,7 @@ function networkThreadedView(App $a, $update = 0) {
}
$o = replace_macros(get_markup_template("section_title.tpl"),array(
'$title' => sprintf(t('Group: %s'), $r['name'])
'$title' => t('Group: %s', $r['name'])
)) . $o;
} elseif ($cid) {
@ -716,13 +716,6 @@ function networkThreadedView(App $a, $update = 0) {
$sql_order = "";
$order_mode = "received";
if (strlen($file)) {
$sql_post_table .= sprintf("INNER JOIN (SELECT `oid` FROM `term` WHERE `term` = '%s' AND `otype` = %d AND `type` = %d AND `uid` = %d ORDER BY `tid` DESC) AS `term` ON `item`.`id` = `term`.`oid` ",
dbesc(protect_sprintf($file)), intval(TERM_OBJ_POST), intval(TERM_FILE), intval(local_user()));
$sql_order = "`item`.`id`";
$order_mode = "id";
}
if ($conv) {
$sql_extra3 .= " AND $sql_table.`mention`";
}
@ -744,7 +737,7 @@ function networkThreadedView(App $a, $update = 0) {
$sql_order = "$sql_table.$ordering";
}
if (($_GET["offset"] != "")) {
if (x($_GET, 'offset')) {
$sql_extra3 .= sprintf(" AND $sql_order <= '%s'", dbesc($_GET["offset"]));
}
@ -816,9 +809,10 @@ function networkThreadedView(App $a, $update = 0) {
$parents_str = '';
$date_offset = "";
$items = array();
if (DBM::is_result($r)) {
foreach ($r as $rr) {
if (!in_array($rr['item_id'],$parents_arr)) {
if (!in_array($rr['item_id'], $parents_arr)) {
$parents_arr[] = $rr['item_id'];
}
}
@ -833,12 +827,10 @@ function networkThreadedView(App $a, $update = 0) {
$max_comments = 100;
}
$items = array();
foreach ($parents_arr AS $parents) {
$thread_items = dba::p(item_query()." AND `item`.`uid` = ?
$thread_items = dba::p(item_query() . " AND `item`.`uid` = ?
AND `item`.`parent` = ?
ORDER BY `item`.`commented` DESC LIMIT ".intval($max_comments + 1),
ORDER BY `item`.`commented` DESC LIMIT " . intval($max_comments + 1),
local_user(),
$parents
);
@ -847,15 +839,15 @@ function networkThreadedView(App $a, $update = 0) {
$items = array_merge($items, dba::inArray($thread_items));
}
}
$items = conv_sort($items,$ordering);
} else {
$items = array();
$items = conv_sort($items, $ordering);
}
if ($_GET["offset"] == "") {
if (x($_GET, 'offset')) {
$date_offset = $_GET["offset"];
} elseif(count($items)) {
$date_offset = $items[0][$order_mode];
} else {
$date_offset = $_GET["offset"];
$date_offset = '';
}
$a->page_offset = $date_offset;

9
mod/nogroup.php
View file

@ -41,28 +41,25 @@ function nogroup_content(App $a)
$contact_details = Contact::getDetailsByURL($rr['url'], local_user(), $rr);
$contacts[] = array(
'img_hover' => sprintf(t('Visit %s\'s profile [%s]'), $contact_details['name'], $rr['url']),
'img_hover' => t('Visit %s\'s profile [%s]', $contact_details['name'], $rr['url']),
'edit_hover' => t('Edit contact'),
'photo_menu' => Contact::photoMenu($rr),
'id' => $rr['id'],
'alt_text' => $alt_text,
'dir_icon' => $dir_icon,
'thumb' => proxy_url($contact_details['thumb'], false, PROXY_SIZE_THUMB),
'name' => $contact_details['name'],
'username' => $contact_details['name'],
'details' => $contact_details['location'],
'tags' => $contact_details['keywords'],
'about' => $contact_details['about'],
'sparkle' => $sparkle,
'itemurl' => (($contact_details['addr'] != "") ? $contact_details['addr'] : $rr['url']),
'url' => $rr['url'],
'network' => network_to_name($rr['network'], $url),
'network' => network_to_name($rr['network'], $rr['url']),
);
}
}
$tpl = get_markup_template("nogroup-template.tpl");
$o .= replace_macros(
$o = replace_macros(
$tpl,
array(
'$header' => t('Contacts who are not members of a group'),

38
mod/oembed.php
View file

@ -1,38 +0,0 @@
<?php
use Friendica\App;
require_once("include/oembed.php");
function oembed_content(App $a) {
// logger('mod_oembed ' . $a->query_string, LOGGER_ALL);
if ($a->argv[1]=='b2h'){
$url = array( "", trim(hex2bin($_REQUEST['url'])));
echo oembed_replacecb($url);
killme();
}
if ($a->argv[1]=='h2b'){
$text = trim(hex2bin($_REQUEST['text']));
echo oembed_html2bbcode($text);
killme();
}
if ($a->argc == 2){
echo "<html><body>";
$url = base64url_decode($a->argv[1]);
$j = oembed_fetch_url($url);
// workaround for media.ccc.de (and any other endpoint that return size 0)
if (substr($j->html, 0, 7) == "<iframe" && strstr($j->html, 'width="0"')) {
$j->html = '<style>html,body{margin:0;padding:0;} iframe{width:100%;height:100%;}</style>'. $j->html;
$j->html = str_replace('width="0"', '', $j->html);
$j->html = str_replace('height="0"', '', $j->html);
}
echo $j->html;
// logger('mod-oembed ' . $j->html, LOGGER_ALL);
echo "</body></html>";
}
killme();
}

54
mod/photo.php
View file

@ -1,4 +1,5 @@
<?php
/**
* @file mod/photo.php
*/
@ -8,7 +9,8 @@ use Friendica\Object\Image;
require_once 'include/security.php';
function photo_init(App $a) {
function photo_init(App $a)
{
global $_SERVER;
$prvcachecontrol = false;
@ -37,8 +39,8 @@ function photo_init(App $a) {
if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE'])) {
header('HTTP/1.1 304 Not Modified');
header("Last-Modified: " . gmdate("D, d M Y H:i:s", time()) . " GMT");
header('Etag: '.$_SERVER['HTTP_IF_NONE_MATCH']);
header("Expires: " . gmdate("D, d M Y H:i:s", time() + (31536000)) . " GMT");
header('Etag: ' . $_SERVER['HTTP_IF_NONE_MATCH']);
header("Expires: " . gmdate("D, d M Y H:i:s", time() + (31536000)) . " GMT");
header("Cache-Control: max-age=31536000");
if (function_exists('header_remove')) {
header_remove('Last-Modified');
@ -49,15 +51,11 @@ function photo_init(App $a) {
}
$default = 'images/person-175.jpg';
$public = true;
if (isset($type)) {
/**
* Profile photos
*/
// Profile photos
switch ($type) {
case 'profile':
case 'custom':
$resolution = 4;
@ -76,7 +74,7 @@ function photo_init(App $a) {
$uid = str_replace(array('.jpg', '.png', '.gif'), array('', '', ''), $person);
foreach (Image::supportedTypes() AS $m => $e) {
$uid = str_replace('.'.$e, '', $uid);
$uid = str_replace('.' . $e, '', $uid);
}
$r = q("SELECT * FROM `photo` WHERE `scale` = %d AND `uid` = %d AND `profile` = 1 LIMIT 1",
@ -92,16 +90,12 @@ function photo_init(App $a) {
$mimetype = 'image/jpeg';
}
} else {
/**
* Other photos
*/
// Other photos
$resolution = 0;
$photo = str_replace(array('.jpg', '.png', '.gif'), array('', '', ''), $photo);
foreach (Image::supportedTypes() AS $m => $e) {
$photo = str_replace('.'.$e, '', $photo);
$photo = str_replace('.' . $e, '', $photo);
}
if (substr($photo, -2, 1) == '-') {
@ -115,22 +109,18 @@ function photo_init(App $a) {
intval($resolution)
);
if (DBM::is_result($r)) {
$sql_extra = permissions_sql($r[0]['uid']);
// Now we'll see if we can access the photo
$r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `scale` <= %d $sql_extra ORDER BY scale DESC LIMIT 1",
dbesc($photo),
intval($resolution)
);
$public = (DBM::is_result($r)) && ($r[0]['allow_cid'] == '') && ($r[0]['allow_gid'] == '') && ($r[0]['deny_cid'] == '') && ($r[0]['deny_gid'] == '');
if (DBM::is_result($r)) {
$resolution = $r[0]['scale'];
$data = $r[0]['data'];
$mimetype = $r[0]['type'];
$public = $r[0]['allow_cid'] == '' && $r[0]['allow_gid'] == '' && $r[0]['deny_cid'] == '' && $r[0]['deny_gid'] == '';
} else {
// The picure exists. We already checked with the first query.
// obviously, this is not an authorized viev!
@ -145,7 +135,6 @@ function photo_init(App $a) {
if (empty($data)) {
if (isset($resolution)) {
switch ($resolution) {
case 4:
$data = file_get_contents('images/person-175.jpg');
$mimetype = 'image/jpeg';
@ -167,7 +156,7 @@ function photo_init(App $a) {
}
// Resize only if its not a GIF and it is supported by the library
if (($mimetype != "image/gif") && in_array($mimetype, Image::supportedTypes())) {
if ($mimetype != "image/gif" && in_array($mimetype, Image::supportedTypes())) {
$Image = new Image($data, $mimetype);
if ($Image->isValid()) {
if (isset($customres) && $customres > 0 && $customres < 500) {
@ -183,36 +172,33 @@ function photo_init(App $a) {
header_remove('pragma');
}
header("Content-type: ".$mimetype);
header("Content-type: " . $mimetype);
if ($prvcachecontrol) {
// it is a private photo that they have no permission to view.
// tell the browser not to cache it, in case they authenticate
// and subsequently have permission to see it
header("Cache-Control: no-store, no-cache, must-revalidate");
} else {
header("Last-Modified: " . gmdate("D, d M Y H:i:s", time()) . " GMT");
header('Etag: "'.md5($data).'"');
header("Expires: " . gmdate("D, d M Y H:i:s", time() + (31536000)) . " GMT");
header('Etag: "' . md5($data) . '"');
header("Expires: " . gmdate("D, d M Y H:i:s", time() + (31536000)) . " GMT");
header("Cache-Control: max-age=31536000");
}
echo $data;
// If the photo is public and there is an existing photo directory store the photo there
if ($public and ($file != "")) {
if ($public and $file != '') {
// If the photo path isn't there, try to create it
$basepath = $a->get_basepath();
if (!is_dir($basepath."/photo")) {
if (!is_dir($basepath . "/photo")) {
if (is_writable($basepath)) {
mkdir($basepath."/photo");
mkdir($basepath . "/photo");
}
}
if (is_dir($basepath."/photo")) {
file_put_contents($basepath."/photo/".$file, $data);
if (is_dir($basepath . "/photo")) {
file_put_contents($basepath . "/photo/" . $file, $data);
}
}

483
mod/photos.php
View file

File diff suppressed because it is too large Load diff

10
mod/ping.php
View file

@ -164,8 +164,8 @@ function ping_init(App $a)
if (intval(Feature::isEnabled(local_user(), 'forumlist_widget'))) {
$forum_counts = ForumManager::countUnseenItems();
if (DBM::is_result($forums_counts)) {
foreach ($forums_counts as $forum_count) {
if (DBM::is_result($forum_counts)) {
foreach ($forum_counts as $forum_count) {
if ($forum_count['count'] > 0) {
$forums_unseen[] = $forum_count;
}
@ -490,8 +490,10 @@ function ping_get_notifications($uid)
$notification["href"] = System::baseUrl() . "/notify/view/" . $notification["id"];
if ($notification["visible"] && !$notification["spam"]
&& !$notification["deleted"] && !is_array($result[$notification["parent"]])
if ($notification["visible"]
&& !$notification["spam"]
&& !$notification["deleted"]
&& !(x($result, $notification["parent"]) && is_array($result[$notification["parent"]]))
) {
// Should we condense the notifications or show them all?
if (PConfig::get(local_user(), 'system', 'detailed_notif')) {

185
mod/profile.php
View file

@ -6,78 +6,80 @@ use Friendica\Core\PConfig;
use Friendica\Core\System;
use Friendica\Database\DBM;
require_once('include/contact_widgets.php');
require_once('include/redir.php');
require_once 'include/contact_widgets.php';
require_once 'include/redir.php';
function profile_init(App $a) {
if(! x($a->page,'aside'))
function profile_init(App $a)
{
if (!x($a->page, 'aside')) {
$a->page['aside'] = '';
}
if($a->argc > 1)
if ($a->argc > 1) {
$which = htmlspecialchars($a->argv[1]);
else {
$r = q("select nickname from user where blocked = 0 and account_expired = 0 and account_removed = 0 and verified = 1 order by rand() limit 1");
} else {
$r = q("SELECT `nickname` FROM `user` WHERE `blocked` = 0 AND `account_expired` = 0 AND `account_removed` = 0 AND `verified` = 1 ORDER BY RAND() LIMIT 1");
if (DBM::is_result($r)) {
goaway(System::baseUrl() . '/profile/' . $r[0]['nickname']);
}
else {
} else {
logger('profile error: mod_profile ' . $a->query_string, LOGGER_DEBUG);
notice( t('Requested profile is not available.') . EOL );
notice(t('Requested profile is not available.') . EOL);
$a->error = 404;
return;
}
}
$profile = 0;
if((local_user()) && ($a->argc > 2) && ($a->argv[2] === 'view')) {
if (local_user() && $a->argc > 2 && $a->argv[2] === 'view') {
$which = $a->user['nickname'];
$profile = htmlspecialchars($a->argv[1]);
}
else {
} else {
auto_redir($a, $which);
}
profile_load($a,$which,$profile);
profile_load($a, $which, $profile);
$blocked = (((Config::get('system','block_public')) && (! local_user()) && (! remote_user())) ? true : false);
$userblock = (($a->profile['hidewall'] && (! local_user()) && (! remote_user())) ? true : false);
$blocked = !local_user() && !remote_user() && Config::get('system', 'block_public');
$userblock = !local_user() && !remote_user() && $a->profile['hidewall'];
if((x($a->profile,'page-flags')) && ($a->profile['page-flags'] == PAGE_COMMUNITY)) {
if (x($a->profile, 'page-flags') && $a->profile['page-flags'] == PAGE_COMMUNITY) {
$a->page['htmlhead'] .= '<meta name="friendica.community" content="true" />';
}
if (x($a->profile,'openidserver')) {
if (x($a->profile, 'openidserver')) {
$a->page['htmlhead'] .= '<link rel="openid.server" href="' . $a->profile['openidserver'] . '" />' . "\r\n";
}
if (x($a->profile,'openid')) {
$delegate = ((strstr($a->profile['openid'],'://')) ? $a->profile['openid'] : 'https://' . $a->profile['openid']);
if (x($a->profile, 'openid')) {
$delegate = strstr($a->profile['openid'], '://') ? $a->profile['openid'] : 'https://' . $a->profile['openid'];
$a->page['htmlhead'] .= '<link rel="openid.delegate" href="' . $delegate . '" />' . "\r\n";
}
// site block
if ((! $blocked) && (! $userblock)) {
$keywords = ((x($a->profile,'pub_keywords')) ? $a->profile['pub_keywords'] : '');
$keywords = str_replace(array('#',',',' ',',,'),array('',' ',',',','),$keywords);
if(strlen($keywords))
$a->page['htmlhead'] .= '<meta name="keywords" content="' . $keywords . '" />' . "\r\n" ;
if (!$blocked && !$userblock) {
$keywords = str_replace(array('#', ',', ' ', ',,'), array('', ' ', ',', ','), defaults($a->profile, 'pub_keywords', ''));
if (strlen($keywords)) {
$a->page['htmlhead'] .= '<meta name="keywords" content="' . $keywords . '" />' . "\r\n";
}
}
$a->page['htmlhead'] .= '<meta name="dfrn-global-visibility" content="' . (($a->profile['net-publish']) ? 'true' : 'false') . '" />' . "\r\n" ;
$a->page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . System::baseUrl() . '/dfrn_poll/' . $which .'" />' . "\r\n" ;
$uri = urlencode('acct:' . $a->profile['nickname'] . '@' . $a->get_hostname() . (($a->path) ? '/' . $a->path : ''));
$a->page['htmlhead'] .= '<meta name="dfrn-global-visibility" content="' . ($a->profile['net-publish'] ? 'true' : 'false') . '" />' . "\r\n";
$a->page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . System::baseUrl() . '/feed/' . $which . '/" title="' . t('%s\'s posts', $a->profile['username']) . '"/>' . "\r\n";
$a->page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . System::baseUrl() . '/feed/' . $which . '/comments" title="' . t('%s\'s comments', $a->profile['username']) . '"/>' . "\r\n";
$a->page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . System::baseUrl() . '/feed/' . $which . '/activity" title="' . t('%s\'s timeline', $a->profile['username']) . '"/>' . "\r\n";
$uri = urlencode('acct:' . $a->profile['nickname'] . '@' . $a->get_hostname() . ($a->path ? '/' . $a->path : ''));
$a->page['htmlhead'] .= '<link rel="lrdd" type="application/xrd+xml" href="' . System::baseUrl() . '/xrd/?uri=' . $uri . '" />' . "\r\n";
header('Link: <' . System::baseUrl() . '/xrd/?uri=' . $uri . '>; rel="lrdd"; type="application/xrd+xml"', false);
$dfrn_pages = array('request', 'confirm', 'notify', 'poll');
foreach ($dfrn_pages as $dfrn) {
$a->page['htmlhead'] .= "<link rel=\"dfrn-{$dfrn}\" href=\"".System::baseUrl()."/dfrn_{$dfrn}/{$which}\" />\r\n";
$a->page['htmlhead'] .= "<link rel=\"dfrn-{$dfrn}\" href=\"" . System::baseUrl() . "/dfrn_{$dfrn}/{$which}\" />\r\n";
}
$a->page['htmlhead'] .= "<link rel=\"dfrn-poco\" href=\"".System::baseUrl()."/poco/{$which}\" />\r\n";
$a->page['htmlhead'] .= '<link rel="dfrn-poco" href="' . System::baseUrl() . "/poco/{$which}\" />\r\n";
}
function profile_content(App $a, $update = 0) {
function profile_content(App $a, $update = 0)
{
$category = $datequery = $datequery2 = '';
if ($a->argc > 2) {
@ -94,21 +96,21 @@ function profile_content(App $a, $update = 0) {
}
}
if (! x($category)) {
$category = ((x($_GET,'category')) ? $_GET['category'] : '');
if (!x($category)) {
$category = defaults($_GET, 'category', '');
}
$hashtags = (x($_GET, 'tag') ? $_GET['tag'] : '');
$hashtags = defaults($_GET, 'tag', '');
if (Config::get('system','block_public') && (! local_user()) && (! remote_user())) {
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) {
return login();
}
require_once("include/bbcode.php");
require_once('include/security.php');
require_once('include/conversation.php');
require_once('include/acl_selectors.php');
require_once('include/items.php');
require_once 'include/bbcode.php';
require_once 'include/security.php';
require_once 'include/conversation.php';
require_once 'include/acl_selectors.php';
require_once 'include/items.php';
$groups = array();
@ -127,7 +129,7 @@ function profile_content(App $a, $update = 0) {
$contact_id = 0;
if (is_array($_SESSION['remote'])) {
if (x($_SESSION, 'remote') && is_array($_SESSION['remote'])) {
foreach ($_SESSION['remote'] as $v) {
if ($v['uid'] == $a->profile['profile_uid']) {
$contact_id = $v['cid'];
@ -148,74 +150,75 @@ function profile_content(App $a, $update = 0) {
}
}
if (! $remote_contact) {
if (!$remote_contact) {
if (local_user()) {
$contact_id = $_SESSION['cid'];
$contact = $a->contact;
}
}
$is_owner = ((local_user()) && (local_user() == $a->profile['profile_uid']) ? true : false);
$is_owner = local_user() == $a->profile['profile_uid'];
$last_updated_key = "profile:" . $a->profile['profile_uid'] . ":" . local_user() . ":" . remote_user();
if ($a->profile['hidewall'] && (! $is_owner) && (! $remote_contact)) {
notice( t('Access to this profile has been restricted.') . EOL);
if (x($a->profile, 'hidewall') && !$is_owner && !$remote_contact) {
notice(t('Access to this profile has been restricted.') . EOL);
return;
}
if (! $update) {
if (x($_GET,'tab')) {
if (!$update) {
$tab = false;
if (x($_GET, 'tab')) {
$tab = notags(trim($_GET['tab']));
}
$o.=profile_tabs($a, $is_owner, $a->profile['nickname']);
$o .= profile_tabs($a, $is_owner, $a->profile['nickname']);
if ($tab === 'profile') {
$o .= advanced_profile($a);
call_hooks('profile_advanced',$o);
call_hooks('profile_advanced', $o);
return $o;
}
$o .= common_friends_visitor_widget($a->profile['profile_uid']);
if (x($_SESSION,'new_member') && $_SESSION['new_member'] && $is_owner) {
if (x($_SESSION, 'new_member') && $is_owner) {
$o .= '<a href="newmember" id="newmember-tips" style="font-size: 1.2em;"><b>' . t('Tips for New Members') . '</b></a>' . EOL;
}
$commpage = (($a->profile['page-flags'] == PAGE_COMMUNITY) ? true : false);
$commvisitor = (($commpage && $remote_contact == true) ? true : false);
$commpage = $a->profile['page-flags'] == PAGE_COMMUNITY;
$commvisitor = $commpage && $remote_contact;
$a->page['aside'] .= posted_date_widget(System::baseUrl(true) . '/profile/' . $a->profile['nickname'],$a->profile['profile_uid'],true);
$a->page['aside'] .= categories_widget(System::baseUrl(true) . '/profile/' . $a->profile['nickname'],(x($category) ? xmlify($category) : ''));
$a->page['aside'] .= posted_date_widget(System::baseUrl(true) . '/profile/' . $a->profile['nickname'], $a->profile['profile_uid'], true);
$a->page['aside'] .= categories_widget(System::baseUrl(true) . '/profile/' . $a->profile['nickname'], (x($category) ? xmlify($category) : ''));
$a->page['aside'] .= tagcloud_wall_widget();
if (can_write_wall($a,$a->profile['profile_uid'])) {
if (can_write_wall($a, $a->profile['profile_uid'])) {
$x = array(
'is_owner' => $is_owner,
'allow_location' => ((($is_owner || $commvisitor) && $a->profile['allow_location']) ? true : false),
'default_location' => (($is_owner) ? $a->user['default-location'] : ''),
'allow_location' => ($is_owner || $commvisitor) && $a->profile['allow_location'],
'default_location' => $is_owner ? $a->user['default-location'] : '',
'nickname' => $a->profile['nickname'],
'lockstate' => (((is_array($a->user) && ((strlen($a->user['allow_cid'])) ||
(strlen($a->user['allow_gid'])) || (strlen($a->user['deny_cid'])) ||
(strlen($a->user['deny_gid']))))) ? 'lock' : 'unlock'),
'acl' => (($is_owner) ? populate_acl($a->user, true) : ''),
'lockstate' => is_array($a->user)
&& (strlen($a->user['allow_cid'])
|| strlen($a->user['allow_gid'])
|| strlen($a->user['deny_cid'])
|| strlen($a->user['deny_gid'])
) ? 'lock' : 'unlock',
'acl' => $is_owner ? populate_acl($a->user, true) : '',
'bang' => '',
'visitor' => (($is_owner || $commvisitor) ? 'block' : 'none'),
'visitor' => $is_owner || $commvisitor ? 'block' : 'none',
'profile_uid' => $a->profile['profile_uid'],
'acl_data' => ( $is_owner ? construct_acl_data($a, $a->user) : '' ), // For non-Javascript ACL selector
'acl_data' => $is_owner ? construct_acl_data($a, $a->user) : '', // For non-Javascript ACL selector
);
$o .= status_editor($a,$x);
$o .= status_editor($a, $x);
}
}
/**
* Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups
*/
$sql_extra = item_permissions_sql($a->profile['profile_uid'],$remote_contact,$groups);
// Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups
$sql_extra = item_permissions_sql($a->profile['profile_uid'], $remote_contact, $groups);
$sql_extra2 = '';
if ($update) {
$last_updated = (x($_SESSION['last_updated'], $last_updated_key) ? $_SESSION['last_updated'][$last_updated_key] : 0);
@ -233,7 +236,7 @@ function profile_content(App $a, $update = 0) {
FROM `item` INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND
(`item`.`deleted` = 0 OR item.verb = '" . ACTIVITY_LIKE ."'
(`item`.`deleted` = 0 OR item.verb = '" . ACTIVITY_LIKE . "'
OR item.verb = '" . ACTIVITY_DISLIKE . "' OR item.verb = '" . ACTIVITY_ATTEND . "'
OR item.verb = '" . ACTIVITY_ATTENDNO . "' OR item.verb = '" . ACTIVITY_ATTENDMAYBE . "')
AND `item`.`moderated` = 0
@ -247,14 +250,12 @@ function profile_content(App $a, $update = 0) {
if (!DBM::is_result($r)) {
return '';
}
} else {
$sql_post_table = "";
if (x($category)) {
$sql_post_table = sprintf("INNER JOIN (SELECT `oid` FROM `term` WHERE `term` = '%s' AND `otype` = %d AND `type` = %d AND `uid` = %d ORDER BY `tid` DESC) AS `term` ON `item`.`id` = `term`.`oid` ",
dbesc(protect_sprintf($category)), intval(TERM_OBJ_POST), intval(TERM_CATEGORY), intval($a->profile['profile_uid']));
//$sql_extra .= protect_sprintf(file_tag_file_query('item',$category,'category'));
}
if (x($hashtags)) {
@ -263,10 +264,10 @@ function profile_content(App $a, $update = 0) {
}
if ($datequery) {
$sql_extra2 .= protect_sprintf(sprintf(" AND `thread`.`created` <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery))));
$sql_extra2 .= protect_sprintf(sprintf(" AND `thread`.`created` <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(), '', $datequery))));
}
if ($datequery2) {
$sql_extra2 .= protect_sprintf(sprintf(" AND `thread`.`created` >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery2))));
$sql_extra2 .= protect_sprintf(sprintf(" AND `thread`.`created` >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(), '', $datequery2))));
}
// Belongs the profile page to a forum?
@ -274,7 +275,8 @@ function profile_content(App $a, $update = 0) {
$r = q("SELECT `uid` FROM `user` WHERE `uid` = %d AND `page-flags` IN (%d, %d)",
intval($a->profile['profile_uid']),
intval(PAGE_COMMUNITY),
intval(PAGE_PRVGROUP));
intval(PAGE_PRVGROUP)
);
if (!DBM::is_result($r)) {
$sql_extra3 = sprintf(" AND `thread`.`contact-id` = %d ", intval(intval($a->profile['contact_id'])));
@ -283,20 +285,20 @@ function profile_content(App $a, $update = 0) {
// check if we serve a mobile device and get the user settings
// accordingly
if ($a->is_mobile) {
$itemspage_network = PConfig::get(local_user(),'system','itemspage_mobile_network');
$itemspage_network = ((intval($itemspage_network)) ? $itemspage_network : 10);
$itemspage_network = PConfig::get(local_user(), 'system', 'itemspage_mobile_network', 10);
} else {
$itemspage_network = PConfig::get(local_user(),'system','itemspage_network');
$itemspage_network = ((intval($itemspage_network)) ? $itemspage_network : 20);
$itemspage_network = PConfig::get(local_user(), 'system', 'itemspage_network', 20);
}
// now that we have the user settings, see if the theme forces
// a maximum item number which is lower then the user choice
if(($a->force_max_items > 0) && ($a->force_max_items < $itemspage_network))
if (($a->force_max_items > 0) && ($a->force_max_items < $itemspage_network)) {
$itemspage_network = $a->force_max_items;
}
$a->set_pager_itemspage($itemspage_network);
$pager_sql = sprintf(" LIMIT %d, %d ",intval($a->pager['start']), intval($a->pager['itemspage']));
$pager_sql = sprintf(" LIMIT %d, %d ", intval($a->pager['start']), intval($a->pager['itemspage']));
$r = q("SELECT `thread`.`iid` AS `item_id`, `thread`.`network` AS `item_network`
FROM `thread`
@ -312,7 +314,6 @@ function profile_content(App $a, $update = 0) {
ORDER BY `thread`.`created` DESC $pager_sql",
intval($a->profile['profile_uid'])
);
}
$parents_arr = array();
@ -323,23 +324,25 @@ function profile_content(App $a, $update = 0) {
$_SESSION['last_updated'][$last_updated_key] = time();
if (DBM::is_result($r)) {
foreach($r as $rr)
foreach ($r as $rr) {
$parents_arr[] = $rr['item_id'];
}
$parents_str = implode(', ', $parents_arr);
$items = q(item_query()." AND `item`.`uid` = %d
$items = q(item_query() . " AND `item`.`uid` = %d
AND `item`.`parent` IN (%s)
$sql_extra ",
intval($a->profile['profile_uid']),
dbesc($parents_str)
);
$items = conv_sort($items,'created');
$items = conv_sort($items, 'created');
} else {
$items = array();
}
if($is_owner && (! $update) && (! Config::get('theme','hide_eventlist'))) {
if ($is_owner && !$update && !Config::get('theme', 'hide_eventlist')) {
$o .= get_birthdays();
$o .= get_events();
}

2
mod/receive.php
View file

@ -9,8 +9,6 @@ use Friendica\Core\Config;
use Friendica\Database\DBM;
use Friendica\Protocol\Diaspora;
require_once 'include/crypto.php';
/**
* @param object $a App
* @return void

10
mod/salmon.php
View file

@ -7,8 +7,8 @@ use Friendica\Core\PConfig;
use Friendica\Database\DBM;
use Friendica\Protocol\OStatus;
use Friendica\Protocol\Salmon;
use Friendica\Util\Crypto;
require_once 'include/crypto.php';
require_once 'include/items.php';
require_once 'include/follow.php';
@ -117,23 +117,23 @@ function salmon_post(App $a) {
logger('mod-salmon: key details: ' . print_r($key_info,true), LOGGER_DEBUG);
$pubkey = metopem($m,$e);
$pubkey = Crypto::meToPem($m, $e);
// We should have everything we need now. Let's see if it verifies.
// Try GNU Social format
$verify = rsa_verify($signed_data, $signature, $pubkey);
$verify = Crypto::rsaVerify($signed_data, $signature, $pubkey);
$mode = 1;
if (! $verify) {
logger('mod-salmon: message did not verify using protocol. Trying compliant format.');
$verify = rsa_verify($compliant_format, $signature, $pubkey);
$verify = Crypto::rsaVerify($compliant_format, $signature, $pubkey);
$mode = 2;
}
if (! $verify) {
logger('mod-salmon: message did not verify using padding. Trying old statusnet format.');
$verify = rsa_verify($stnet_signed_data, $signature, $pubkey);
$verify = Crypto::rsaVerify($stnet_signed_data, $signature, $pubkey);
$mode = 3;
}

21
mod/videos.php
View file

@ -7,11 +7,11 @@ use Friendica\Core\Worker;
use Friendica\Database\DBM;
use Friendica\Model\Contact;
require_once('include/items.php');
require_once('include/acl_selectors.php');
require_once('include/bbcode.php');
require_once('include/security.php');
require_once('include/redir.php');
require_once 'include/items.php';
require_once 'include/acl_selectors.php';
require_once 'include/bbcode.php';
require_once 'include/security.php';
require_once 'include/redir.php';
function videos_init(App $a) {
@ -44,12 +44,12 @@ function videos_init(App $a) {
$tpl = get_markup_template("vcard-widget.tpl");
$vcard_widget .= replace_macros($tpl, array(
$vcard_widget = replace_macros($tpl, array(
'$name' => $profile['name'],
'$photo' => $profile['photo'],
'$addr' => (($profile['addr'] != "") ? $profile['addr'] : ""),
'$addr' => defaults($profile, 'addr', ''),
'$account_type' => $account_type,
'$pdesc' => (($profile['pdesc'] != "") ? $profile['pdesc'] : ""),
'$pdesc' => defaults($profile, 'pdesc', ''),
));
@ -280,8 +280,9 @@ function videos_content(App $a) {
}
}
// perhaps they're visiting - but not a community page, so they wouldn't have write access
$groups = [];
// perhaps they're visiting - but not a community page, so they wouldn't have write access
if(remote_user() && (! $visitor)) {
$contact_id = 0;
if(is_array($_SESSION['remote'])) {
@ -317,7 +318,7 @@ function videos_content(App $a) {
return;
}
$sql_extra = permissions_sql($owner_uid,$remote_contact,$groups);
$sql_extra = permissions_sql($owner_uid, $remote_contact, $groups);
$o = "";

24
mod/xrd.php
View file

@ -1,12 +1,14 @@
<?php
/**
* @file mod/xrd.php
*/
use Friendica\App;
use Friendica\Core\System;
use Friendica\Database\DBM;
use Friendica\Protocol\Salmon;
require_once('include/crypto.php');
function xrd_init(App $a) {
function xrd_init(App $a)
{
if ($a->argv[0] == 'xrd') {
$uri = urldecode(notags(trim($_GET['uri'])));
if ($_SERVER['HTTP_ACCEPT'] == 'application/jrd+json') {
@ -54,8 +56,9 @@ function xrd_init(App $a) {
}
}
function xrd_json($a, $uri, $alias, $profile_url, $r) {
$salmon_key = salmon_key($r['spubkey']);
function xrd_json($a, $uri, $alias, $profile_url, $r)
{
$salmon_key = Salmon::salmonKey($r['spubkey']);
header('Access-Control-Allow-Origin: *');
header("Content-type: application/json; charset=utf-8");
@ -79,8 +82,9 @@ function xrd_json($a, $uri, $alias, $profile_url, $r) {
killme();
}
function xrd_xml($a, $uri, $alias, $profile_url, $r) {
$salmon_key = salmon_key($r['spubkey']);
function xrd_xml($a, $uri, $alias, $profile_url, $r)
{
$salmon_key = Salmon::salmonKey($r['spubkey']);
header('Access-Control-Allow-Origin: *');
header("Content-type: text/xml");
@ -100,8 +104,8 @@ function xrd_xml($a, $uri, $alias, $profile_url, $r) {
'$salmon' => System::baseUrl() . '/salmon/' . $r['nickname'],
'$salmen' => System::baseUrl() . '/salmon/' . $r['nickname'] . '/mention',
'$subscribe' => System::baseUrl() . '/follow?url={uri}',
'$modexp' => 'data:application/magic-public-key,' . $salmon_key,
));
'$modexp' => 'data:application/magic-public-key,' . $salmon_key)
);
$arr = array('user' => $r, 'xml' => $o);
call_hooks('personal_xrd', $arr);