version 3.6

Escape internal quotes in translation on export

See merge request hubzilla/core!1237

(cherry picked from commit 84e57d040b)

64efd07f Escape internal quotes in translation on export
87857fe5 Update hmessages.po
3342fc22 Update hstrings.php

.gitignore

@@ -14,19 +14,25 @@
 *.rej
 # OSX .DS_Store files
 .DS_Store
+# version scripts (repo master only)
+.version*
 Thumbs.db
 
 
-## Ignore RedMatrix site specific files and folders
+## Ignore site specific files and folders
 .htconfig.php
 favicon.*
 addon/
+widget/
 custom/
 /store/
 # site apps
 apps/
+!doc/context/*/apps
 # default startpage
 home.html
+# page header plugin
+pageheader.html
 # Ignore site TOS
 doc/SiteTOS.md
 # themes except for redbasic
@@ -40,7 +46,8 @@ doc/html/
 .zotshrc
 # external repositories for themes/addons
 extend/
-
+# files generated by phpunit
+tests/results/
 
 ## exclude IDE files
 # config files and folders from Eclipse
@@ -56,11 +63,15 @@ nbproject/
 .idea/
 
 
-# composer files (at the moment composer is not officially supported and only used to add SabreDAV, we should add these)
-composer.* 
-
-# When we include composer we should exclude vendor/
+## composer
+# locally installed composer binary
+composer.phar
+# allow composer.lock, as it is required to have a common state
+!composer.lock
+# vendor/ is managed by composer, no need to include in our repository
+# requires new deployment and needs discussion first
 #vendor/
-# Exclude at least some vendor test files, examples, etc.
-vendor/sabre/*/tests/
+# Exclude at least some vendor test files, examples, etc. so far
+vendor/**/tests/
+vendor/**/Test/
 vendor/sabre/*/examples/

.homeinstall/README.md

@@ -0,0 +1,245 @@
+# Hubzilla at Home next to your Router
+
+Run hubzilla-setup.sh for an unattended installation of hubzilla.
+
+The script is known to work without adjustments with
+
++ Hardware
+  - Mini-PC with Debian-9.2-amd64, or
+  - Rapberry 3 with Raspbian, Debian-9.3
++ DynDNS
+  - selfHOST.de
+  - freedns.afraid.org
+
+## Disclaimers
+
+- This script does work with Debian 9 only.
+- This script has to be used on a fresh debian install only (it does not take account for a possibly already installed and configured webserver or sql implementation).
+
+# Step-by-Step Overwiew
+
+## Preconditions
+
+Hardware
+
++ Internet connection and router at home
++ Mini-pc connected to your router (a Raspberry 3 will do for very small Hubs)
++ USB drive for backups
+
+Software
+
++ Fresh installation of Debian 9 (Stretch)
++ Router with open ports 80 and 443 for your Hub
+
+## The basic steps (quick overview)
+
++ Register your own domain (for example at selfHOST) or a free subdomain (for example at freeDNS)
++ Log on to your fresh Debian
+  - apt-get install git
+  - mkdir -p /var/www
+  - cd /var/www
+  - git clone https://github.com/redmatrix/hubzilla.git html
+  - cd html/.homeinstall
+  - cp hubzilla-config.txt.template hubzilla-config.txt
+  - nano hubzilla-config.txt
+    - Read the comments carefully
+    - Enter your values: db pass, domain, values for dyn DNS
+  - Make sure your external drive (for backups) is mounted
+  - hubzilla-setup.sh as root
+    - ... wait, wait, wait until the script is finised
+  - reboot
++ Open your domain with a browser and step throught the initial configuration of hubzilla.
+
+## Troubleshooting
+
+If the check of the mail address fails when you try to register the very first user in the browser. Do...
+
+    cd /var/www/html
+    util/config system.do_not_check_dns 1
+
+## Optional - Set path to imagemagick
+
+In Admin settings of hubzilla or via terminal
+
+    cd /var/www/html
+    util/config system.imagick_convert_path /usr/bin/convert
+
+# Step-by-Step in Detail
+
+## Preparations Hardware
+
+### Mini-PC
+
+### Recommended: USB Drive for Backups
+
+The installation will create a daily backup written to an external drive.
+
+The USB drive must be compatible with the filesystems
+
+- ext4 (if you do not want to encrypt the USB) 
+- LUKS + ext4 (if you want to encrypt the USB) 
+
+The backup includes 
+
+- Hubzilla DB
+- Hubzilla installation /var/www/html
+- Certificates for letsencrypt
+
+## Preparations Software
+
+### Install Debian Linux on the Mini-PC
+
+Download the stable Debian at https://www.debian.org/  
+(Debian 8 is no longer supported.)
+
+Create bootable USB drive with Debian on it.You could use
+
+- unetbootin, https://en.wikipedia.org/wiki/UNetbootin
+- or simply the linux command "dd"
+
+Example for command dd...
+
+    su -
+    dd if=2017-11-29-raspbian-stretch.img of=/dev/mmcblk0
+
+Do not forget to unmount the SD card before and check if unmounted like in this example...
+
+    su -
+    umount /dev/mmcblk0*
+    df -h
+
+
+Switch off your mini pc, plug in your USB drive and start the mini pc from the
+stick. Install Debian. Follow the instructions of the installation.
+
+### Configure your Router
+
+Open the ports 80 and 443 on your router for your Debian
+
+## Preparations Dynamic IP Address
+
+Your Hubzilla must be reachable by a domain that you can type in your browser
+
+    cooldomain.org
+
+You can use subdomains as well
+
+    my.cooldomain.org
+
+There are two ways to get a domain...
+
+### Method 1: Buy a Domain 
+
+...for example buy at selfHOST.de  
+
+The cost are around 10,- € once and 1,50 € per month (2017).
+
+### Method 2: Register a free subdomain
+
+...for example register at freedns.afraid.org
+
+Follow the instructions in .homeinstall/hubzilla-config.txt.  
+
+
+## Install Hubzilla on your Debian
+
+Login to your debian
+(Provided your username is "you" and the name of the mini pc is "debian". You
+could take the IP address instead of "debian")
+
+    ssh -X you@debian
+
+Change to root user
+
+    su -l
+
+Install git
+
+    apt-get install git
+
+Make the directory for apache and change diretory to it
+
+    mkdir /var/www
+    cd /var/www/
+
+Clone hubzilla from git ("git pull" will update it later)
+
+    git clone https://framagit.org/hubzilla/core html
+
+Change to the install script
+
+    cd html/.homeinstall/
+    
+Copy the template file
+    
+    cp hubzilla-config.txt.template hubzilla-config.txt
+
+Modify the file "hubzilla-config.txt". Read the instructions there carefully and enter your values.
+
+    nano hubzilla-config.txt
+
+Make sure your external drive (for backups) is plugged in and can be mounted as configured in "hubzilla-config.txt". Otherwise the daily backups will not work.
+
+Run the script
+
+     ./hubzilla-setup.sh
+
+Wait... The script should not finish with an error message.
+
+In a webbrowser open your domain.
+Expected: A test page of hubzilla is shown. All checks there should be
+successfull. Go on...
+Expected: A page for the Hubzilla server configuration shows up.
+
+Leave db server name "127.0.0.1" and port "0" untouched.
+
+Enter
+
+- DB user name = hubzilla
+- DB pass word = This is the password you entered in "hubzilla-config.txt"
+- DB name = hubzilla
+
+Leave db type "MySQL" untouched.
+
+Follow the instructions in the next pages.
+
+Recommended: Set path to imagemagick
+
+- in admin settings of hubzilla or 
+- via terminal
+
+    util/config system.imagick_convert_path /usr/bin/convert
+
+After the daily script was executed at 05:30 (am)
+
+- look at /var/www/html/hubzilla-daily.log
+- check your backup on the external drive
+- optionally view the daily log under yourdomain.org/admin/logs/
+  - set the logfile to var/www/html/hubzilla-daily.log
+
+## Note for the Rasperry 
+
+The script was tested with an Raspberry 3 under Raspian (Debian 9.3, 2017-11-29-raspbian-stretch.img).
+
+It is recommended to deinstall these programms to avoid endless updates. Use...
+
+    sudo apt-get purge wolfram-engine sonic-pi
+    sudo apt-get autoremove
+
+It is recommended to run the Raspi without graphical frontend (X-Server). Use...
+
+    sudo raspi-config
+
+to boot the Rapsi to the client console.
+
+DO NOT FORGET TO CHANGE THE DEFAULT PASSWORD FOR USER PI!
+
+On a Raspian Stretch (Debian 9) the validation of the mail address fails for the very first user.
+This used to happen on some *bsd distros but there was some work to fix that a year ago (2017).
+
+So if your system isn't registered in DNS or DNS isn't active do
+
+    cd /var/www/html
+    util/config system.do_not_check_dns 1
+
+

.homeinstall/hubzilla-config.txt.template

@@ -0,0 +1,158 @@
+###############################################
+### MANDATORY - database password #############
+#
+# Please give your database password
+#   Example: db_pass=pass_word_with_no_blanks_in_it
+#   Example: db_pass="this password has blanks in it"
+db_pass=
+
+###############################################
+### MANDATORY - let's encrypt #################
+#
+# Hubilla requires encrypted communication via secure HTTP (HTTPS).
+# This script automates installation of an SSL certificate from
+# Let's Encrypt (https://letsencrypt.org)
+#
+# Please give the domain name of your hub
+#
+#     Example: my.cooldomain.org
+#     Example: cooldomain.org
+#
+# Email is optional
+#
+#
+le_domain=
+le_email=
+
+###############################################
+### OPTIONAL - selfHOST - dynamic IP address ##
+#
+# 1. Register a domain at selfhost.de
+#    - choose offer "DOMAIN dynamisch" 1,50€/mon at 08.01.2016
+# 2. Get your configuration for dynamic IP update
+#    - Log in at selfhost.de
+#    - go to "DynDNS Accounte"
+#    - klick "Details" of your (freshly) registered domain
+#    - You will find the configuration there
+#      - Benutzername (user name) > use this for "selfhost_user="
+#      - Passwort (pass word) > use this for "selfhost_pass="
+#
+#
+selfhost_user=
+selfhost_pass=
+
+###############################################
+### OPTIONAL - FreeDNS - dynamic IP address ###
+#
+# Please give the alpha-numeric-key of freedns
+#
+# Get a free subdomain from freedns and use it for your dynamic ip address
+# Documentation under http://www.techjawab.com/2013/06/setup-dynamic-dns-dyndns-for-free-on.html
+#
+# - Register for a Free domain at http://freedns.afraid.org/signup/
+# - WATCH THIS: Make sure you choose a domain with as less subdomains as
+#   possible. Why? Let's encrpyt issues a limited count of certificates each
+#   day. Possible other users of this domain will try to issue a certificate
+#   at the same day.
+# - Logon to FreeDNS (where you just registered)
+# - Goto http://freedns.afraid.org/dynamic/
+# - Right click on "Direct Link" and copy the URL and paste it somewhere.
+# - You should notice a large and unique alpha-numeric key in the URL
+#
+#       http://freedns.afraid.org/dynamic/update.php?alpha-numeric-key
+#
+#   Provided your url from freedns is
+#
+#	http://freedns.afraid.org/dynamic/update.php?U1Z6aGt2R0NzMFNPNWRjbWxxZGpsd093OjE1Mzg5NDE5
+#
+#   Then you have to provide
+#
+#       freedns_key=U1Z6aGt2R0NzMFNPNWRjbWxxZGpsd093OjE1Mzg5NDE5
+#
+#
+freedns_key=
+
+
+###############################################
+### OPTIONAL - Backup to external device ######
+#
+# The script can use an external device for the daily backup.
+# The file system of the device (USB stick for example) must be compatible with
+#
+# - encrypted LUKS + ext4, or
+# - ext4
+#
+# You should test to mount the device befor you run the script
+# (hubzilla-setup.sh).
+# How to find your (pluged-in) devices?
+#
+#     fdisk -l
+#
+# Provided your device was listed as is /dev/sdb1. You could check with:
+#
+#     blkid | grep /dev/sdb1
+#
+# Try to decrypt
+# (You might install cryptsetup befor using apt-get install.
+#
+#     apt-get install cryptsetup
+#     cryptsetup luksOpen /dev/sdb1 cryptobackup
+#
+# Try to mount
+# You might create the directory /media/hubzilla_backup it it does not exist
+# using mkdir.
+#
+#     mkdir /media/hubzilla_backup
+#     mount /dev/mapper/cryptobackup /media/hubzilla_backup
+# 
+# Unmounting device goes like this
+# 
+#     umount /media/hubzilla_backup
+#     cryptsetup luksClose cryptobackup
+#
+# To check if still mounted
+#
+#     lsof /media/hubzilla_backup
+#
+# If you leave the following parameters
+#
+# - "backup_device_name" and
+# - "backup_device_pass"
+#
+# empty the script will create daily backups on the internal disk (which could
+# save you as well).
+#
+#   Example: backup_device_name=/dev/sdc1
+#
+# Leave "backup_device_pass=" empty if the external device is not encrypted.
+#
+backup_device_name=
+backup_device_pass=
+
+
+###############################################
+### OPTIONAL - do not mess with things below ##
+#              (...if you are not certain)
+#
+# Usually you are done here
+# Everything below is OPTIONAL
+#
+###############################################
+#
+# Database for hubzilla
+hubzilla_db_name=hubzilla
+hubzilla_db_user=hubzilla
+hubzilla_db_pass=$db_pass
+# 
+#
+# Password for package mysql-server
+#   Example: mysqlpass=aberhallo
+#   Example: mysqlpass="aber hallo has blanks in it"
+#
+mysqlpass=$db_pass
+
+# Password for package phpmyadmin
+#   Example: phpmyadminpass=aberhallo
+#   Example: phpmyadminpass="aber hallo has blanks in it"
+phpmyadminpass=$db_pass
+

.homeinstall/hubzilla-setup.sh

@@ -0,0 +1,830 @@
+#!/bin/bash
+#
+# How to use
+# ----------
+# 
+# This file automates the installation of hubzilla under Debian Linux
+#
+# 1) Copy the file "hubzilla-config.txt.template" to "hubzilla-config.txt"
+#       Follow the instuctions there
+# 
+# 2) Switch to user "root" by typing "su -"
+# 
+# 3) Run with "./hubzilla-setup.sh"
+#       If this fails check if you can execute the script.
+#       - To make it executable type "chmod +x hubzilla-setup.sh"
+#       - or run "bash hubzilla-setup.sh"
+# 
+# 
+# What does this script do basically?
+# -----------------------------------
+# 
+# This file automates the installation of hubzilla under Debian Linux
+# - install
+#        * apache webserer, 
+#        * php,  
+#        * mysql - the database for hubzilla,  
+#        * phpmyadmin,  
+#        * git to download and update hubzilla itself
+# - download hubzilla core and addons
+# - configure cron
+#        * "poller.php" for regular background prozesses of hubzilla
+#        * to_do "apt-get update" and "apt-get dist-upgrade" to keep linux
+#          up-to-date
+#        * to_do backup hubzillas database and files (rsnapshot)
+# - configure dynamic ip with cron
+# - to_do letsencrypt
+# - to_do redirection to https
+# 
+# 
+# Discussion
+# ----------
+# 
+# Security - password  is the same for mysql-server, phpmyadmin and hubzilla db
+# - The script runs into installation errors for phpmyadmin if it uses
+#   different passwords. For the sake of simplicity one singel password.
+# 
+# Security - suhosin for PHP
+# - The script does not install suhosin.
+# - Is the security package suhosin usefull or not usefull?
+#
+# Hubzilla - email verification
+# - The script switches off email verification off in all htconfig.tpl.
+#   Example: /var/www/html/view/en/htconfig.tpl
+# - Is this a silly idea or not?
+#
+# 
+# Remove Hubzilla (for a fresh start using the script)
+# ----------------------------------------------------
+#
+# You could use /var/www/hubzilla-remove.sh
+# that is created by hubzilla-setup.sh.
+#
+# The script will remove (almost everything) what was installed by the script.
+# After the removal you could run the script again to have a fresh install
+# of all applications including hubzilla and its database.
+# 
+# How to restore from backup
+# --------------------------
+#
+# Daily backup
+# - - - - - - 
+# 
+# The installation
+# - writes a script /var/www/hubzilla-daily.sh
+# - creates a daily cron that runs the hubzilla-daily.sh
+#
+# hubzilla-daily.sh makes a (daily) backup of all relevant files
+# - /var/lib/mysql/ > hubzilla database
+# - /var/www/html/ > hubzilla from github
+# - /var/www/letsencrypt/ > certificates
+# 
+# hubzilla-daily.sh writes the backup
+# - either to an external disk compatible to LUKS+ext4 (see hubzilla-config.txt)
+# - or to /var/cache/rsnapshot in case the external disk is not plugged in
+# 
+# Restore backup
+# - - - - - - - 
+# 
+# This was not tested yet.
+# Bacically you can copy the files from the backup to the server.
+# 
+# Credits
+# -------
+#
+# The script is based on Thomas Willinghams script "debian-setup.sh"
+# which he used to install the red#matrix.
+#
+# The script uses another script from https://github.com/lukas2511/letsencrypt.sh
+#
+# The documentation for bash is here
+# https://www.gnu.org/software/bash/manual/bash.html
+#
+function check_sanity {
+    # Do some sanity checking.
+    print_info "Sanity check..."
+    if [ $(/usr/bin/id -u) != "0" ]
+    then
+        die 'Must be run by root user'
+    fi
+
+    if [ -f /etc/lsb-release ]
+    then
+        die "Distribution is not supported"
+    fi
+    if [ ! -f /etc/debian_version ]
+    then
+        die "Debian is supported only"
+    fi
+    if ! grep -q 'Linux 9' /etc/issue
+    then
+        die "Linux 9 (stretch) is supported only"x
+    fi
+}
+
+function check_config {
+    print_info "config check..."
+    # Check for required parameters
+    if [ -z "$db_pass" ]
+    then
+        die "db_pass not set in $configfile"
+    fi     
+    if [ -z "$le_domain" ]
+    then
+        die "le_domain not set in $configfile"
+    fi   
+    # backup is important and should be checked
+	if [ -n "$backup_device_name" ]
+	then
+            if [ ! -d "$backup_mount_point" ]
+            then
+                mkdir "$backup_mount_point"
+	    fi
+            device_mounted=0
+		if fdisk -l | grep -i "$backup_device_name.*linux"
+		then
+		    print_info "ok - filesystem of external device is linux"
+	        if [ -n "$backup_device_pass" ]
+	        then
+	            echo "$backup_device_pass" | cryptsetup luksOpen $backup_device_name cryptobackup
+	            if mount /dev/mapper/cryptobackup /media/hubzilla_backup
+	            then
+                    device_mounted=1
+	                print_info "ok - could encrypt and mount external backup device"
+                	umount /media/hubzilla_backup
+	            else
+            		print_warn "backup to external device will fail because encryption failed"
+	            fi
+                cryptsetup luksClose cryptobackup
+            else
+	            if mount $backup_device_name /media/hubzilla_backup
+	            then
+                    device_mounted=1
+	                print_info "ok - could mount external backup device"
+                	umount /media/hubzilla_backup
+	            else
+            		print_warn "backup to external device will fail because mount failed"
+	            fi
+            fi
+		else
+        	print_warn "backup to external device will fail because filesystem is either not linux or 'backup_device_name' is not correct in $configfile"
+		fi
+        if [ $device_mounted == 0 ]
+        then
+            die "backup device not ready"
+        fi
+	fi
+}
+
+function die {
+    echo "ERROR: $1" > /dev/null 1>&2
+    exit 1
+}
+
+
+function update_upgrade {
+    print_info "updated and upgrade..."
+    # Run through the apt-get update/upgrade first. This should be done before
+    # we try to install any package
+    apt-get -q -y update && apt-get -q -y dist-upgrade
+    print_info "updated and upgraded linux"
+}
+
+function check_install {
+    if [ -z "`which "$1" 2>/dev/null`" ]
+    then
+        # export DEBIAN_FRONTEND=noninteractive ... answers from the package
+        # configuration database
+        # - q ... without progress information
+        # - y ... answer interactive questions with "yes"
+        # DEBIAN_FRONTEND=noninteractive apt-get --no-install-recommends -q -y install $2
+        DEBIAN_FRONTEND=noninteractive apt-get -q -y install $2
+        print_info "installed $2 installed for $1"
+    else
+        print_warn "$2 already installed"
+    fi
+}
+
+function nocheck_install {
+    # export DEBIAN_FRONTEND=noninteractive ... answers from the package configuration database
+    # - q ... without progress information
+    # - y ... answer interactive questions with "yes"
+    # DEBIAN_FRONTEND=noninteractive apt-get --no-install-recommends -q -y install $2
+    # DEBIAN_FRONTEND=noninteractive apt-get --install-suggests -q -y install $1
+    DEBIAN_FRONTEND=noninteractive apt-get -q -y install $1
+    print_info "installed $1"
+}
+
+
+function print_info {
+    echo -n -e '\e[1;34m'
+    echo -n $1
+    echo -e '\e[0m'
+}
+
+function print_warn {
+    echo -n -e '\e[1;31m'
+    echo -n $1
+    echo -e '\e[0m'
+}
+
+function stop_hubzilla {
+    if [ -d /etc/apache2 ]
+    then
+        print_info "stopping apache webserver..."
+        service apache2 stop
+    fi
+    if [ -f /etc/init.d/mysql ]
+    then
+        print_info "stopping mysql db..."
+        /etc/init.d/mysql stop
+    fi
+}
+
+function install_apache {
+    print_info "installing apache..."
+    nocheck_install "apache2 apache2-utils"
+}
+
+function install_imagemagick {
+    print_info "installing imagemagick..."
+    nocheck_install "imagemagick"
+}
+
+function install_curl {
+    print_info "installing curl..."
+    nocheck_install "curl"
+}
+
+function install_sendmail {
+    print_info "installing sendmail..."
+    nocheck_install "sendmail sendmail-bin"
+}
+
+function install_php {
+    # openssl and mbstring are included in libapache2-mod-php
+    print_info "installing php..."
+    nocheck_install "libapache2-mod-php php php-pear php-curl php-mcrypt php-gd"
+    sed -i "s/^upload_max_filesize =.*/upload_max_filesize = 100M/g" /etc/php/7.0/apache2/php.ini
+    sed -i "s/^post_max_size =.*/post_max_size = 100M/g" /etc/php/7.0/apache2/php.ini
+}
+
+function install_mysql {
+    # http://www.microhowto.info/howto/perform_an_unattended_installation_of_a_debian_package.html
+    # 
+    # To determine the required package name, key and type you can perform
+    # a trial installation then search the configuration database.
+    # 
+    #     debconf-get-selections | grep mysql-server
+    #
+    # The command debconf-get-selections is provided by the package
+    # debconf-utils, which you may need to install.
+    #
+    #    apt-get install debconf-utils
+    #
+    # If you want to supply an answer to a configuration question but do not 
+    # want to be prompted for it then this can be arranged by preseeding the
+    # DebConf database with the required information.
+    #
+    #     echo mysql-server mysql-server/root_password password xyzzy | debconf-set-selections
+    #     echo mysql-server mysql-server/root_password_again password xyzzy | debconf-set-selections
+    #
+    print_info "installing mysql..."
+    if [ -z "$mysqlpass" ]
+    then
+        die "mysqlpass not set in $configfile"
+    fi
+    echo mysql-server mysql-server/root_password password $mysqlpass | debconf-set-selections
+    echo mysql-server mysql-server/root_password_again password $mysqlpass | debconf-set-selections
+    nocheck_install "php-mysql mysql-server mysql-client"
+}
+
+function install_phpmyadmin {
+    print_info "installing phpmyadmin..."
+    if [ -z "$phpmyadminpass" ]
+    then
+        die "phpmyadminpass not set in $configfile"
+    fi
+    echo phpmyadmin    phpmyadmin/setup-password password $phpmyadminpass | debconf-set-selections
+    echo phpmyadmin    phpmyadmin/mysql/app-pass password $phpmyadminpass | debconf-set-selections
+    echo phpmyadmin    phpmyadmin/app-password-confirm password $phpmyadminpass | debconf-set-selections
+    echo phpmyadmin    phpmyadmin/mysql/admin-pass    password $phpmyadminpass | debconf-set-selections
+    echo phpmyadmin    phpmyadmin/password-confirm    password $phpmyadminpass | debconf-set-selections
+    echo phpmyadmin    phpmyadmin/reconfigure-webserver multiselect apache2 | debconf-set-selections
+    nocheck_install "phpmyadmin"
+
+    # It seems to be not neccessary to check rewrite.load because it comes
+    # with the installation. To be sure you could check this manually by:
+    #
+    #    nano /etc/apache2/mods-available/rewrite.load
+    #
+    # You should find the content:
+    #
+    #    LoadModule rewrite_module /usr/lib/apache2/modules/mod_rewrite.so
+
+    a2enmod rewrite
+    if [ ! -f /etc/apache2/apache2.conf ]
+    then
+        die "could not find file /etc/apache2/apache2.conf"
+    fi
+    sed -i \
+        "s/AllowOverride None/AllowOverride all/" \
+        /etc/apache2/apache2.conf
+    if [ -z "`grep 'Include /etc/phpmyadmin/apache.conf' /etc/apache2/apache2.conf`" ]
+    then
+        echo "Include /etc/phpmyadmin/apache.conf" >> /etc/apache2/apache2.conf
+    fi
+    service apache2 restart
+    /etc/init.d/mysql start
+}
+
+function create_hubzilla_db {
+    print_info "creating hubzilla database..." 
+    if [ -z "$hubzilla_db_name" ]
+    then
+        die "hubzilla_db_name not set in $configfile"
+    fi     
+    if [ -z "$hubzilla_db_user" ]
+    then
+        die "hubzilla_db_user not set in $configfile"
+    fi     
+    if [ -z "$hubzilla_db_pass" ]
+    then
+        die "hubzilla_db_pass not set in $configfile"
+    fi
+    Q1="CREATE DATABASE IF NOT EXISTS $hubzilla_db_name;"
+    Q2="GRANT USAGE ON *.* TO $hubzilla_db_user@localhost IDENTIFIED BY '$hubzilla_db_pass';"
+    Q3="GRANT ALL PRIVILEGES ON $hubzilla_db_name.* to $hubzilla_db_user@localhost identified by '$hubzilla_db_pass';"
+    Q4="FLUSH PRIVILEGES;"
+    SQL="${Q1}${Q2}${Q3}${Q4}"     
+    mysql -uroot -p$phpmyadminpass -e "$SQL"
+}
+
+function run_freedns {
+    print_info "run freedns (dynamic IP)..."
+    if [ -z "$freedns_key" ]
+    then
+        print_info "freedns was not started because 'freedns_key' is empty in $configfile"
+    else
+        if [ -n "$selfhost_user" ]
+        then
+            die "You can not use freeDNS AND selfHOST for dynamic IP updates ('freedns_key' AND 'selfhost_user' set in $configfile)"
+        fi
+        wget --no-check-certificate -O - https://freedns.afraid.org/dynamic/update.php?$freedns_key       
+    fi
+}
+
+function install_run_selfhost {
+    print_info "install and start selfhost (dynamic IP)..."
+    if [ -z "$selfhost_user" ]
+    then
+        print_info "selfHOST was not started because 'selfhost_user' is empty in $configfile"
+    else
+        if [ -n "$freedns_key" ]
+        then
+            die "You can not use freeDNS AND selfHOST for dynamic IP updates ('freedns_key' AND 'selfhost_user' set in $configfile)"
+        fi
+        if [ -z "$selfhost_pass" ]
+        then
+            die "selfHOST was not started because 'selfhost_pass' is empty in $configfile"
+        fi
+        if [ ! -d $selfhostdir ]
+        then
+            mkdir $selfhostdir
+        fi
+        # the old way
+        # https://carol.selfhost.de/update?username=123456&password=supersafe
+        #
+        # the prefered way
+        wget --output-document=$selfhostdir/$selfhostscript http://jonaspasche.de/selfhost-updater
+        echo "router" > $selfhostdir/device
+        echo "$selfhost_user" > $selfhostdir/user
+        echo "$selfhost_pass" > $selfhostdir/pass
+        bash $selfhostdir/$selfhostscript update
+    fi
+}
+
+function ping_domain {
+    print_info "ping domain $domain..."
+    # Is the domain resolved? Try to ping 6 times à 10 seconds 
+    COUNTER=0    
+    for i in {1..6}
+    do
+        print_info "loop $i for ping -c 1 $domain ..."     
+        if ping -c 4 -W 1 $le_domain    
+        then
+            print_info "$le_domain resolved"
+            break
+        else 
+            if [ $i -gt 5 ]
+            then
+                die "Failed to: ping -c 1 $domain not resolved"
+            fi            
+        fi 
+        sleep 10
+    done
+    sleep 5
+}
+
+function configure_cron_freedns {
+    print_info "configure cron for freedns..."
+    if [ -z "$freedns_key" ]
+    then
+        print_info "freedns is not configured because freedns_key is empty in $configfile"
+    else
+        # Use cron for dynamich ip update
+        #   - at reboot
+        #   - every 30 minutes
+        if [ -z "`grep 'freedns.afraid.org' /etc/crontab`" ]
+        then
+            echo "@reboot root https://freedns.afraid.org/dynamic/update.php?$freedns_key > /dev/null 2>&1" >> /etc/crontab
+            echo "*/30 * * * * root wget --no-check-certificate -O - https://freedns.afraid.org/dynamic/update.php?$freedns_key > /dev/null 2>&1" >> /etc/crontab
+        else
+            print_info "cron for freedns was configured already"
+        fi       
+    fi
+}
+
+function configure_cron_selfhost {
+    print_info "configure cron for selfhost..."
+    if [ -z "$selfhost_user" ]
+    then
+        print_info "freedns is not configured because freedns_key is empty in $configfile"
+    else
+        # Use cron for dynamich ip update
+        #   - at reboot
+        #   - every 30 minutes
+        if [ -z "`grep 'selfhost-updater.sh' /etc/crontab`" ]
+        then
+            echo "@reboot root bash /etc/selfhost/selfhost-updater.sh update > /dev/null 2>&1" >> /etc/crontab
+            echo "*/5 * * * * root /bin/bash /etc/selfhost/selfhost-updater.sh update > /dev/null 2>&1" >> /etc/crontab
+        else
+            print_info "cron for selfhost was configured already"
+        fi        
+    fi
+}
+
+function install_letsencrypt {
+    print_info "installing let's encrypt ..."
+    # check if user gave domain
+    if [ -z "$le_domain" ]
+    then
+        die "Failed to install let's encrypt: 'le_domain' is empty in $configfile"
+    fi
+    # configure apache
+    apache_le_conf=/etc/apache2/sites-available/le-default.conf    
+    if [ -f $apache_le_conf ]
+    then
+        print_info "$apache_le_conf exist already"
+    else
+        cat > $apache_le_conf <<END
+# letsencrypt default Apache configuration
+Alias /.well-known/acme-challenge /var/www/letsencrypt
+
+<Directory /var/www/letsencrypt>
+    Options FollowSymLinks
+	Allow from all
+</Directory>
+END
+        a2ensite le-default.conf
+        service apache2 restart
+    fi
+    # download the shell script
+    if [ -d $le_dir ]
+    then
+        print_info "letsenrypt exists already (nothing downloaded > no certificate created and registered)"
+        return 0
+    fi
+    git clone https://github.com/lukas2511/dehydrated $le_dir
+    cd $le_dir
+    # create config file for letsencrypt.sh
+    echo "WELLKNOWN=$le_dir" > $le_dir/config.sh
+    if [ -n "$le_email" ]
+    then
+        echo "CONTACT_EMAIL=$le_email" >> $le_dir/config.sh
+    fi
+    # create domain file for letsencrypt.sh
+    # WATCH THIS:
+    #    - It did not work wit "sub.domain.org www.sub.domain.org".
+    #    - So just use "sub.domain.org" only!
+    echo "$le_domain" > $le_dir/domains.txt
+    # test apache config for letsencrpyt
+    url_http=http://$le_domain/.well-known/acme-challenge/domains.txt
+    wget_output=$(wget -nv --spider --max-redirect 0 $url_http)
+    if [ $? -ne 0 ]
+    then
+        die "Failed to load $url_http"
+    fi
+    # accept terms of service of letsencrypt
+    ./dehydrated --register --accept-terms
+    # run script dehydrated
+    # 
+    ./dehydrated --cron --config $le_dir/config.sh
+}
+
+function configure_apache_for_https {
+    print_info "configuring apache to use httpS ..."
+    # letsencrypt.sh
+    #
+    #   "${BASEDIR}/certs/${domain}/privkey.pem"
+    #   "${BASEDIR}/certs/${domain}/cert.pem"
+    #   "${BASEDIR}/certs/${domain}/fullchain.pem"
+    #
+    SSLCertificateFile=${le_dir}/certs/${le_domain}/cert.pem
+    SSLCertificateKeyFile=${le_dir}/certs/${le_domain}/privkey.pem
+    SSLCertificateChainFile=${le_dir}/certs/${le_domain}/fullchain.pem
+    if [ ! -f $SSLCertificateFile ]
+    then
+        print_warn "Failed to configure apache for httpS: Missing certificate file $SSLCertificateFile" 
+        return 0  
+    fi
+    # make sure that the ssl mode is enabled
+    print_info "...configuring apache to use httpS - a2enmod ssl ..."
+    a2enmod ssl
+    # modify apach' ssl conf file 
+    if grep -i "ServerName" $sslconf
+    then
+        print_info "seems that apache was already configered to use httpS with $sslconf"
+    else
+        sed -i "s/ServerAdmin.*$/ServerAdmin webmaster@localhost\\n        ServerName ${le_domain}/" $sslconf 
+    fi     
+    sed -i s#/etc/ssl/certs/ssl-cert-snakeoil.pem#$SSLCertificateFile# $sslconf 
+    sed -i s#/etc/ssl/private/ssl-cert-snakeoil.key#$SSLCertificateKeyFile# $sslconf 
+    sed -i s#/etc/apache2/ssl.crt/server-ca.crt#$SSLCertificateChainFile# $sslconf 
+    sed -i s/#SSLCertificateChainFile/SSLCertificateChainFile/ $sslconf 
+    # apply changes
+    a2ensite default-ssl.conf
+    service apache2 restart
+}
+
+function check_https {
+    print_info "checking httpS > testing ..."
+    url_https=https://$le_domain
+    wget_output=$(wget -nv --spider --max-redirect 0 $url_https)
+    if [ $? -ne 0 ]
+    then
+        print_warn "check not ok"
+    else
+        print_info "check ok"
+    fi
+}
+
+function install_hubzilla {
+    print_info "installing hubzilla addons..."
+    cd /var/www/html/
+    util/add_addon_repo https://framagit.org/hubzilla/addons.git hzaddons
+    mkdir -p "store/[data]/smarty3"
+    chmod -R 777 store
+    touch .htconfig.php
+    chmod ou+w .htconfig.php
+    cd /var/www/
+    chown -R www-data:www-data html
+	chown root:www-data /var/www/html/
+	chown root:www-data /var/www/html/.htaccess
+	chmod 0644 /var/www/html/.htaccess
+    # try to switch off email registration
+    sed -i "s/verify_email.*1/verify_email'] = 0/" /var/www/html/view/*/ht*
+    if [ -n "`grep -r 'verify_email.*1' /var/www/html/view/`" ]
+    then
+        print_warn "Hubzillas registration prozess might have email verification switched on."
+    fi
+    print_info "installed hubzilla"
+}
+
+function rewrite_to_https {
+    print_info "configuring apache to redirect http to httpS ..."
+    htaccessfile=/var/www/html/.htaccess
+    if grep -i "https" $htaccessfile
+    then
+        print_info "...configuring apache to redirect http to httpS was already done in $htaccessfile"
+    else
+        sed -i "s#QSA]#QSA]\\n  RewriteCond %{SERVER_PORT} !^443$\\n  RewriteRule (.*) https://%{HTTP_HOST}/$1 [R=301,L]#" $htaccessfile 
+    fi     
+    service apache2 restart
+}
+
+# This will allways overwrite both config files
+#   - internal disk
+#   - external disk (LUKS + ext4)
+#  of rsnapshot for hubzilla
+function install_rsnapshot {
+    print_info "installing rsnapshot..."
+    nocheck_install "rsnapshot"
+    # internal disk
+    cp -f /etc/rsnapshot.conf $snapshotconfig
+    sed -i "s/^cmd_cp/#cmd_cp/" $snapshotconfig
+    sed -i "s/^backup/#backup/" $snapshotconfig
+	echo "backup	/var/lib/mysql/	localhost/" >> $snapshotconfig
+	echo "backup	/var/www/html/	localhost/" >> $snapshotconfig
+	echo "backup	/var/www/letsencrypt/	localhost/" >> $snapshotconfig
+	# external disk
+	if [ -n "$backup_device_name" ]
+	then
+		cp -f /etc/rsnapshot.conf $snapshotconfig_external_device   
+		sed -i "s#snapshot_root.*#snapshot_root	$backup_mount_point#" $snapshotconfig_external_device
+		sed -i "/alpha/s/6/30/" $snapshotconfig_external_device 
+		sed -i "s/^cmd_cp/#cmd_cp/" $snapshotconfig_external_device
+		sed -i "s/^backup/#backup/" $snapshotconfig_external_device
+		if [ -z "`grep 'letsencrypt' $snapshotconfig_external_device`" ]
+		then
+			echo "backup	/var/lib/mysql/	localhost/" >> $snapshotconfig_external_device
+			echo "backup	/var/www/html/	localhost/" >> $snapshotconfig_external_device
+			echo "backup	/var/www/letsencrypt/	localhost/" >> $snapshotconfig_external_device
+		fi
+    else
+        print_info "No backup configuration (rsnapshot) for external device configured. Reason: backup_device_name and/or backup_device_pass not given in $configfile"
+	fi
+}
+
+function install_cryptosetup {
+    print_info "installing cryptsetup..."
+    nocheck_install "cryptsetup"
+}
+
+function configure_cron_daily {
+    print_info "configuring cron..."
+    # every 10 min for poller.php
+    if [ -z "`grep 'poller.php' /etc/crontab`" ]
+    then
+        echo "*/10 * * * * www-data cd /var/www/html; php Zotlabs/Daemon/Master.php Cron >> /dev/null 2>&1" >> /etc/crontab
+    fi
+    # Run external script daily at 05:30
+    # - stop apache and mysql-server
+    # - backup hubzilla
+    # - update hubzilla core and addon
+    # - update and upgrade linux
+    # - reboot
+echo "#!/bin/sh" > /var/www/$hubzilladaily
+echo "#" >> /var/www/$hubzilladaily
+echo "echo \" \"" >> /var/www/$hubzilladaily
+echo "echo \"+++ \$(date) +++\"" >> /var/www/$hubzilladaily
+echo "echo \" \"" >> /var/www/$hubzilladaily
+echo "echo \"\$(date) - renew certificate...\"" >> /var/www/$hubzilladaily
+echo "bash $le_dir/dehydrated --cron --config $le_dir/config.sh" >> /var/www/$hubzilladaily
+echo "#" >> /var/www/$hubzilladaily
+echo "# stop hubzilla" >> /var/www/$hubzilladaily
+echo "echo \"\$(date) - stoping apache and mysql...\"" >> /var/www/$hubzilladaily
+echo "service apache2 stop" >> /var/www/$hubzilladaily
+echo "/etc/init.d/mysql stop # to avoid inconsistancies" >> /var/www/$hubzilladaily
+echo "#" >> /var/www/$hubzilladaily
+echo "# backup" >> /var/www/$hubzilladaily
+echo "echo \"\$(date) - try to mount external device for backup...\"" >> /var/www/$hubzilladaily
+echo "backup_device_name=$backup_device_name" >> /var/www/$hubzilladaily
+echo "backup_device_pass=$backup_device_pass" >> /var/www/$hubzilladaily
+echo "backup_mount_point=$backup_mount_point" >> /var/www/$hubzilladaily
+echo "device_mounted=0" >> /var/www/$hubzilladaily
+echo "if [ -n \"$backup_device_name\" ]" >> /var/www/$hubzilladaily
+echo "then" >> /var/www/$hubzilladaily
+echo "    if blkid | grep $backup_device_name" >> /var/www/$hubzilladaily
+echo "    then" >> /var/www/$hubzilladaily
+	if [ -n "$backup_device_pass" ]
+	then
+echo "        echo \"decrypting backup device...\"" >> /var/www/$hubzilladaily
+echo "        echo "\"$backup_device_pass\"" | cryptsetup luksOpen $backup_device_name cryptobackup" >> /var/www/$hubzilladaily
+    fi
+echo "        if [ ! -d $backup_mount_point ]" >> /var/www/$hubzilladaily
+echo "        then" >> /var/www/$hubzilladaily
+echo "            mkdir $backup_mount_point" >> /var/www/$hubzilladaily
+echo "        fi" >> /var/www/$hubzilladaily
+echo "        echo \"mounting backup device...\"" >> /var/www/$hubzilladaily
+	if [ -n "$backup_device_pass" ]
+	then
+echo "        if mount /dev/mapper/cryptobackup $backup_mount_point" >> /var/www/$hubzilladaily
+	else
+echo "        if mount $backup_device_name $backup_mount_point" >> /var/www/$hubzilladaily
+	fi
+echo "        then" >> /var/www/$hubzilladaily
+echo "            device_mounted=1" >> /var/www/$hubzilladaily
+echo "            echo \"device $backup_device_name is now mounted. Starting backup...\"" >> /var/www/$hubzilladaily
+echo "			rsnapshot -c $snapshotconfig_external_device alpha" >> /var/www/$hubzilladaily
+echo "			echo \"\$(date) - disk sizes...\"" >> /var/www/$hubzilladaily
+echo "			df -h" >> /var/www/$hubzilladaily
+echo "			echo \"\$(date) - db size...\"" >> /var/www/$hubzilladaily
+echo "			du -h $backup_mount_point | grep mysql/hubzilla" >> /var/www/$hubzilladaily
+echo "            echo \"unmounting backup device...\"" >> /var/www/$hubzilladaily
+echo "            umount $backup_mount_point" >> /var/www/$hubzilladaily
+echo "        else" >> /var/www/$hubzilladaily
+echo "            echo \"failed to mount device $backup_device_name\"" >> /var/www/$hubzilladaily
+echo "        fi" >> /var/www/$hubzilladaily
+	if [ -n "$backup_device_pass" ]
+	then
+echo "        echo \"closing decrypted backup device...\"" >> /var/www/$hubzilladaily
+echo "        cryptsetup luksClose cryptobackup" >> /var/www/$hubzilladaily
+	fi
+echo "    fi" >> /var/www/$hubzilladaily
+echo "fi" >> /var/www/$hubzilladaily
+echo "if [ \$device_mounted == 0 ]" >> /var/www/$hubzilladaily
+echo "then" >> /var/www/$hubzilladaily
+echo "    echo \"device could not be mounted $backup_device_name. No backup written.\"" >> /var/www/$hubzilladaily
+echo "fi" >> /var/www/$hubzilladaily
+echo "#" >> /var/www/$hubzilladaily
+echo "echo \"\$(date) - db size...\"" >> /var/www/$hubzilladaily
+echo "du -h /var/lib/mysql/ | grep mysql/hubzilla" >> /var/www/$hubzilladaily
+echo "#" >> /var/www/$hubzilladaily
+echo "# update" >> /var/www/$hubzilladaily
+echo "echo \"\$(date) - updating dehydrated...\"" >> /var/www/$hubzilladaily
+echo "git -C /var/www/letsencrypt/ pull" >> /var/www/$hubzilladaily
+echo "echo \"\$(date) - updating hubhilla core...\"" >> /var/www/$hubzilladaily
+echo "(cd /var/www/html/ ; util/udall)" >> /var/www/$hubzilladaily
+echo "chown -R www-data:www-data /var/www/html/ # make all accessable for the webserver" >> /var/www/$hubzilladaily
+echo "chown root:www-data /var/www/html/.htaccess" >> /var/www/$hubzilladaily
+echo "chmod 0644 /var/www/html/.htaccess # www-data can read but not write it" >> /var/www/$hubzilladaily
+echo "echo \"\$(date) - updating linux...\"" >> /var/www/$hubzilladaily
+echo "apt-get -q -y update && apt-get -q -y dist-upgrade && apt-get -q -y autoremove # update linux and upgrade" >> /var/www/$hubzilladaily
+echo "echo \"\$(date) - Backup hubzilla and update linux finished. Rebooting...\"" >> /var/www/$hubzilladaily
+echo "#" >> /var/www/$hubzilladaily
+echo "reboot" >> /var/www/$hubzilladaily
+
+    if [ -z "`grep 'hubzilla-daily.sh' /etc/crontab`" ]
+    then
+        echo "30 05 * * * root /bin/bash /var/www/$hubzilladaily >> /var/www/html/hubzilla-daily.log 2>&1" >> /etc/crontab
+        echo "0 0 1 * * root rm /var/www/html/hubzilla-daily.log" >> /etc/crontab
+    fi
+
+    # This is active after either "reboot" or "/etc/init.d/cron reload"
+    print_info "configured cron for updates/upgrades"
+}
+
+function write_uninstall_script {
+    print_info "writing uninstall script..."
+
+    cat > /var/www/hubzilla-remove.sh <<END
+#!/bin/sh
+#
+# This script removes Hubzilla.
+# You might do this for a fresh start using the script.
+# The script will remove (almost everything) what was installed by the script,
+# all applications including hubzilla and its database.
+#
+# Backup the certificates of letsencrypt (you never know)
+cp -a /var/www/letsencrypt/ ~/backup_le_certificats
+#
+# Removal
+apt-get remove apache2 apache2-utils libapache2-mod-php5 php5 php-pear php5-xcache php5-curl php5-mcrypt php5-gd php5-mysql mysql-server mysql-client phpmyadmin
+apt-get purge apache2 apache2-utils libapache2-mod-php5 php5 php-pear php5-xcache php5-curl php5-mcrypt php5-gd php5-mysql mysql-server mysql-client phpmyadmin
+apt-get autoremove
+apt-get clean
+rm /etc/rsnapshot_hubzilla.conf
+rm /etc/rsnapshot_hubzilla_external_device.conf
+rm -R /etc/apache2/
+rm -R /var/lib/mysql/
+rm -R /var/www
+rm -R /etc/selfhost/
+# uncomment the next line if you want to remove the backups
+# rm -R /var/cache/rsnapshot
+nano /etc/crontab # remove entries there manually
+END
+    chmod -x /var/www/hubzilla-remove.sh
+}
+
+########################################################################
+# START OF PROGRAM 
+########################################################################
+export PATH=/bin:/usr/bin:/sbin:/usr/sbin
+
+check_sanity
+
+# Read config file edited by user
+configfile=hubzilla-config.txt
+source $configfile
+
+selfhostdir=/etc/selfhost
+selfhostscript=selfhost-updater.sh
+hubzilladaily=hubzilla-daily.sh
+plugins_update=.homeinstall/plugins_update.sh
+snapshotconfig=/etc/rsnapshot_hubzilla.conf
+snapshotconfig_external_device=/etc/rsnapshot_hubzilla_external_device.conf
+backup_mount_point=/media/hubzilla_backup
+le_dir=/var/www/letsencrypt
+sslconf=/etc/apache2/sites-available/default-ssl.conf
+
+#set -x    # activate debugging from here
+
+check_config
+stop_hubzilla
+update_upgrade
+install_curl
+install_sendmail
+install_apache
+install_imagemagick
+install_php
+install_mysql
+install_phpmyadmin
+create_hubzilla_db
+run_freedns
+install_run_selfhost
+ping_domain
+configure_cron_freedns
+configure_cron_selfhost
+install_letsencrypt
+configure_apache_for_https
+check_https
+install_hubzilla
+rewrite_to_https
+install_rsnapshot
+configure_cron_daily
+install_cryptosetup
+write_uninstall_script
+
+#set +x    # stop debugging from here
+

.htaccess

@@ -24,6 +24,9 @@ AddType audio/ogg .oga
   # Also place auth information into REMOTE_USER for sites running
   # in CGI mode.
 
+  RewriteCond %{REQUEST_URI} ^/\.well\-known/.*
+  RewriteRule ^(.*)$ index.php?q=$1 [E=REMOTE_USER:%{HTTP:Authorization},L,QSA]
+
   RewriteCond %{REQUEST_FILENAME} !-f
   RewriteCond %{REQUEST_FILENAME} !-d
   RewriteRule ^(.*)$ index.php?q=$1 [E=REMOTE_USER:%{HTTP:Authorization},L,QSA]

.openshift/action_hooks/deploy

@@ -179,8 +179,11 @@ echo "chmod done, permissions set to 777 on poller script."
 
 # Hubzilla configuration - changes to default settings
 # to make Hubzilla on OpenShift a more pleasant experience 
-echo "Changing default configuration to conserve space"
+echo "Changing default configuration to conserve space and autocreate a social private channel upon account registration"
 cd ${OPENSHIFT_REPO_DIR}
+util/config system auto_channel_create
+util/config system default_permissions_role social_private
+util/config system workflow_channel_next channel
 util/config system expire_delivery_reports 3
 util/config system feed_contacts 0
 util/config system diaspora_enabled 0
@@ -194,12 +197,22 @@ echo "Try to add or update Hubzilla addons"
 cd ${OPENSHIFT_REPO_DIR}
 util/add_addon_repo https://github.com/redmatrix/hubzilla-addons.git HubzillaAddons 
 
-# Hubzilla themes
-echo "Try to add or update Hubzilla themes"
+# Hubzilla themes - unofficial repo
+echo "Try to add or update Hubzilla themes - unofficial repo"
 cd ${OPENSHIFT_REPO_DIR}
-util/add_theme_repo https://github.com/DeadSuperHero/redmatrix-themes.git DeadSuperHeroThemes 
+util/add_theme_repo https://github.com/DeadSuperHero/hubzilla-themes.git DeadSuperHeroThemes insecure
 
-# Hubzilla ownMapp
-echo "Try to add or update Hubzilla ownMapp"
+# Hubzilla ownMapp - unofficial repo
+echo "Try to add or update Hubzilla ownMapp - unofficial repo"
 cd ${OPENSHIFT_REPO_DIR}
-util/add_addon_repo https://gitlab.com/zot/ownmapp.git ownMapp
+util/add_addon_repo https://gitlab.com/zot/ownmapp.git ownMapp insecure
+
+# Hubzilla Chess - unofficial repo
+echo "Try to add or update Hubzilla chess - unofficial repo"
+cd ${OPENSHIFT_REPO_DIR}
+util/add_addon_repo https://gitlab.com/zot/hubzilla-chess.git Chess insecure
+
+# Hubzilla Hubsites - unofficial repo
+echo "Try to add or update Hubzilla Hubsites - unofficial repo"
+cd ${OPENSHIFT_REPO_DIR}
+util/add_addon_repo https://gitlab.com/zot/hubsites.git Hubsites insecure

.travis.yml

@@ -1,46 +1,186 @@
+#
+# Travis-CI configuration file for Hubzilla
+#
+## configure things
+#
+
 # see http://about.travis-ci.org/docs/user/languages/php/ for more hints
 language: php
 
-# list any PHP version you want to test against
+# use newer 'trusty' based distro, old one is 'precise'
+dist: trusty
+# use docker based containers
+sudo: false
+
+# Git branches whitelist to build on Travis CI
+branches:
+  only:
+  - master
+  - dev
+  # whitelist our tags for release deployments e.g. 2.2
+  - /^\d+\.\d+(\.\d+)?(-\S*)?$/
+
+# Install additional software
+addons:
+  # Install dependencies for generating API documentation with doxygen
+  apt:
+    packages:
+      - doxygen
+      - doxygen-latex
+      - graphviz
+      - ttf-liberation
+
+# enable and start databases on a per job basis
+#services:
+#  - mariadb
+#  - postgresql
+
+# any PHP version we want to test against, current stable phpunit requires PHP >= 7.0
 php:
-  # using major version aliases
+  - '7.0'
+  - '7.1'
+  - '7.2'
+  # HHVM does not fulfil PHPUnit platform requirements as being compatible with PHP7 yet
+  #- 'hhvm'
 
-  # aliased to a recent 5.4.x version
-  - 5.4
-  # aliased to a recent 5.5.x version
-  - 5.5
-  # aliased to a recent 5.6.x version
-  - 5.6
-  # aliased to a recent 7.x version
-  - 7.0
-  # aliased to a recent hhvm version
-  - hhvm
+# list of environments to test
+env:
+  global:
+    # used for doxygen deployment script
+    - DOXYFILE: $TRAVIS_BUILD_DIR/util/Doxyfile
+    # Uncomment if a newer/specific version of Doxygen should be used
+    #- DOXY_VER: 1.8.12
+    # Code Coverage is slow, no need to have it in every build
+    - PHPUCOV: "--no-coverage"
+  # use matrix only for PHP and MySQL, all other combinations added through includes
+  matrix:
+    # trusty default MySQL 5.6
+    - DB=mysql MYSQL_VERSION=5.6
 
-# optionally specify a list of environments, for example to test different RDBMS
-#env:
-#  - DB=mysql
-#  - DB=pgsql
-
-# optionally set up exclutions and allowed failures in the matrix
+# Matrix configuration details
 matrix:
+  fast_finish: true
+  # Additional check combinations
+  include:
+    # PHP7.2, mariadb 10.2
+    - php: '7.2'
+      env: DB=mariadb MARIADB_VERSION=10.2 CODECOV=1
+      # use mariadb instead of MySQL
+      addons:
+        mariadb: '10.2'
+    # PHP7.2, PostgreSQL 9.6
+    - php: '7.2'
+      env: DB=pgsql POSTGRESQL_VERSION=9.6 PHPUNITFILE=phpunit-pgsql.xml
+      # Use newer postgres than 9.2 default
+      addons:
+        postgresql: '9.6'
+      services:
+        - postgresql
+    # PostgreSQL 10 with Docker container
+    - php: '7.2'
+      env: DB=pgsql POSTGRESQL_VERSION=10 PHPUNITFILE=phpunit-pgsql.xml
+      sudo: required
+      services:
+        - docker
+    # PHP7.2, old precise distribution with MySQL 5.5
+    - php: '7.2'
+      env: DB=mysql MYSQL_VERSION=5.5
+      dist: precise
+      services:
+        - mysql
+    # MySQL 5.7 with Docker container
+    - php: '7.2'
+      env: DB=mysql MYSQL_VERSION=5.7
+      sudo: required
+      services:
+        - docker
+   # Excludes from default matrix combinations
 #  exclude:
 #    - php: hhvm
 #      env: DB=pgsql  # PDO driver for pgsql is unsupported by HHVM (3rd party install for support)
-  allow_failures:
-    - php: 7.0
-    - php: hhvm
+
+# cache composer downloads between runs
+cache:
+  directories:
+    - $HOME/.composer/cache
+    #- $HOME/doxygen/doxygen-$DOXY_VER/bin
+
+
+
+#
+## execute things
+#
+
+before_install:
+  - travis_retry composer self-update
+  # Start MySQL 5.7 Docker container, needs some time to come up
+  - if [[ "$MYSQL_VERSION" == "5.7" ]]; then sudo service mysql stop; docker run -d -p 3306:3306 -e MYSQL_ALLOW_EMPTY_PASSWORD=yes mysql:5.7 && sleep 25 && docker ps; fi
+  # Start PostgreSQL 10 Docker container, needs some time to come up
+  - if [[ "$POSTGRESQL_VERSION" == "10" ]]; then sudo service postgresql stop; docker run -d -p 5432:5432 postgres:10-alpine && sleep 35 && docker ps; fi
+
+# Install composer dev libs
+install:
+  - travis_retry composer install --optimize-autoloader --no-progress
 
 # execute any number of scripts before the test run, custom env's are available as variables
-#before_script:
-#  - if [[ "$DB" == "pgsql" ]]; then psql -c "DROP DATABASE IF EXISTS hello_world_test;" -U postgres; fi
-#  - if [[ "$DB" == "pgsql" ]]; then psql -c "create database hello_world_test;" -U postgres; fi
-#  - if [[ "$DB" == "mysql" ]]; then mysql -e "create database IF NOT EXISTS hello_world_test;" -uroot; fi
+before_script:
+  # Use code coverage config for phpunit
+  - if [[ ! -z $CODECOV ]]; then export PHPUCOV=""; fi
+  # Some preparation tasks of environment
+  - ./tests/travis/prepare.sh
+  # DB specific prepare scripts
+  - if [[ "$DB" == "mysql" ]]; then ./tests/travis/prepare_mysql.sh; fi
+  - if [[ "$DB" == "mariadb" ]]; then ./tests/travis/prepare_mysql.sh; fi
+  - if [[ "$DB" == "pgsql" ]]; then ./tests/travis/prepare_pgsql.sh; fi
 
 # omitting "script:" will default to phpunit
-# use the $DB env variable to determine the phpunit.xml to use
-script: phpunit  tests/*php
+script:
+  - ./vendor/bin/phpunit $PHPUCOV -c tests/$PHPUNITFILE
+
+after_success:
+  - cat tests/results/testdox.txt
+  # Generate API documentation and prepare for deployment
+  - ./tests/travis/gen_apidocs.sh
+after_failure:
+  - cat tests/results/testdox.txt
+
+# Deploying release and API documentation to GitHub
+before_deploy:
+  - if [[ "$CODECOV" == "1" ]]; then zip -9 -r -q tests/hubzilla-testresults.zip tests/results; fi
+deploy:
+  - provider: pages
+    skip_cleanup: true
+    local_dir: $TRAVIS_BUILD_DIR/doc/html
+    github_token: $GH_TOKEN
+    on:
+      repo: redmatrix/hubzilla
+      branch: master
+      condition: '(-n "$GH_TOKEN") && ("$TRAVIS_JOB_NUMBER" == "${TRAVIS_BUILD_NUMBER}.1")'
+  # add API documentation to release, could also be used to provide full packages if we want to drop vendor from our repo
+  - provider: releases
+    skip_cleanup: true
+    api_key: $GH_TOKEN
+    file: 'doc/hubzilla-api-documentation.zip'
+    on:
+      repo: redmatrix/hubzilla
+      tags: true
+      condition: '(-n "$GH_TOKEN") && ("$TRAVIS_JOB_NUMBER" == "${TRAVIS_BUILD_NUMBER}.1")'
+  # add code coverage and test results to release
+  - provider: releases
+    skip_cleanup: true
+    api_key: $GH_TOKEN
+    file: 'tests/hubzilla-testresults.zip'
+    on:
+      repo: redmatrix/hubzilla
+      tags: true
+      condition: '(-n "$GH_TOKEN") && ("$CODECOV" == "1")'
+#after_deploy:
+
+#after_script:
+
+
 
 # configure notifications (email, IRC, campfire etc)
-notifications:
+#notifications:
 #  irc: "irc.freenode.org#yourfavouriteroomfortravis"
-# a plugin/script to post to a hubzilla channel would be neat here
+# a plugin/script to post to a hubzilla channel would be neat here

DEVELOPERS

@@ -0,0 +1,37 @@
+Developer Certificate of Origin
+Version 1.1
+
+Copyright (C) 2004, 2006 The Linux Foundation and its contributors.
+1 Letterman Drive
+Suite D4700
+San Francisco, CA, 94129
+
+Everyone is permitted to copy and distribute verbatim copies of this
+license document, but changing it is not allowed.
+
+
+Developer's Certificate of Origin 1.1
+
+By making a contribution to this project, I certify that:
+
+(a) The contribution was created in whole or in part by me and I
+    have the right to submit it under the open source license
+    indicated in the file; or
+
+(b) The contribution is based upon previous work that, to the best
+    of my knowledge, is covered under an appropriate open source
+    license and I have the right under that license to submit that
+    work with modifications, whether created in whole or in part
+    by me, under the same open source license (unless I am
+    permitted to submit under a different license), as indicated
+    in the file; or
+
+(c) The contribution was provided directly to me by some other
+    person who certified (a), (b) or (c) and I have not modified
+    it.
+
+(d) I understand and agree that this project and the contribution
+    are public and that a record of the contribution (including all
+    personal information I submit with it, including my sign-off) is
+    maintained indefinitely and may be redistributed consistent with
+    this project or the open source license(s) involved.

LICENSE

@@ -1,4 +1,4 @@
-Copyright (c) 2010-2015 Hubzilla
+Copyright (c) 2010-2018 the Hubzilla Community
 All rights reserved.
 
 Permission is hereby granted, free of charge, to any person obtaining a copy

README.md

@@ -3,38 +3,27 @@
 Hubzilla - Community Server
 ===========================
 
-Help us redefine the web - using integrated and united community websites. 
---------------------------------------------------------------------------
+
+<p align="center" markdown="1">
+<em><a href="https://framagit.org/hubzilla/core/blob/master/install/INSTALL.txt">Installing Hubzilla</a></em> 
+</p>
+
+**What is Hubzilla?**
+
+Hubzilla is a general purpose communication server integrated with a web publishing system and a decentralised permission system. If this sounds like a bunch of technical mumbo-jumbo to you, just think of it as an independent platform for sharing stuff online (publicly or privately). 
+
+Hubzilla contains some social network bits, some cloud storage bits, some blog and forum bits, and some content management bits. These are all integrated within a common privacy framework - and it is all decentralised. 
+
+Everything you publish or share can be restricted to those channels and people you wish to share them with; and these permissions work completely invisibly - **even with channels on different servers or other communications services**.
+
+Migration and live backups of your connections, settings, and everything you publish are built-in, so you never need worry about server failure. 
+
+Hubzilla is completely decentralised and open source, for you modify or adapt to your needs and desires. Plugins, themes, and numerous configuration options extend the overall capabilities to do anything you can imagine. 
+
+
+**Who Are We?**
+
+The Hubzilla community consists of passionate volunteers creating an open source commons of decentralised services which are highly integrated and can rival the feature set of large centralised providers. We do our best to provide ethical software which places you in control of your online communications and privacy expectations.
+
 
 [![Build Status](https://travis-ci.org/redmatrix/hubzilla.svg)](https://travis-ci.org/redmatrix/hubzilla)
-
-**What are Hubs?**
-
-Hubs are independent general-purpose websites that not only connect with their associated members and viewers, but also connect together to exchange personal communications and other information with each other.  
-This allows hub members on any hub to securely and privately share anything; with anybody, on any hub - anywhere; or share stuff publicly with anybody on the internet if desired. 
-
-**Hubzilla** is the server software which makes this possible. It is a sophisticated and unique combination of an open source content management system and a decentralised identity, communications, and permissions framework and protocol suite, built using common webserver technology (PHP/MySQL/Apache, although Mariadb or Postgres and Nginx could also be used - we're pretty easy). The end result is a level of systems integration, privacy control, and communications features that you wouldn't think are possible in either a content management system or a decentralised communications network. It also brings a new level of cooperation and privacy to the web and introduces the concept of personally owned "single sign-on" to web services across the entire internet. 
-
-Hubzilla hubs are
-
-* decentralised
-* inherently social
-* optionally inter-networked with other hubs
-* privacy-enabled (privacy exclusions work across the entire internet to any registered identity on any compatible hubs)
-
-Possible website applications include
-
-* decentralised social networking nodes
-* personal cloud storage
-* file dropboxes
-* managing organisational communications and activities
-* collaboration and community decision-making
-* small business websites
-* public and private media/file libraries
-* blogs
-* event promotion
-* feed aggregation and republishing
-* forums
-* dating websites
-* pretty much anything you can do on a traditional blog or community website, but that you could do better if you could easily connect it with other websites or privately share things across website boundaries. 
-

Zotlabs/Access/AccessList.php

@@ -0,0 +1,164 @@
+<?php
+
+namespace Zotlabs\Access;
+
+/**
+ * @brief AccessList class which represents individual content ACLs.
+ *
+ * A class to hold an AccessList object with allowed and denied contacts and
+ * groups.
+ *
+ * After evaluating @ref ::Zotlabs::Access::PermissionLimits "PermissionLimits"
+ * and @ref ::Zotlabs::Lib::Permcat "Permcat"s individual content ACLs are evaluated.
+ * These answer the question "Can Joe view *this* album/photo?".
+ */
+class AccessList {
+	/**
+	 * @brief Allow contacts
+	 * @var string
+	 */
+	private $allow_cid;
+	/**
+	 * @brief Allow groups
+	 * @var string
+	 */
+	private $allow_gid;
+	/**
+	 * @brief Deny contacts
+	 * @var string
+	 */
+	private $deny_cid;
+	/**
+	 * @brief Deny groups
+	 * @var string
+	 */
+	private $deny_gid;
+	/**
+	 * @brief Indicates if we are using the default constructor values or
+	 * values that have been set explicitly.
+	 * @var boolean
+	 */
+	private $explicit;
+
+
+	/**
+	 * @brief Constructor for AccessList class.
+	 *
+	 * @note The array to pass to the constructor is different from the array
+	 * that you provide to the set() or set_from_array() functions.
+	 *
+	 * @param array $channel A channel array, where these entries are evaluated:
+	 *   * \e string \b channel_allow_cid => string of allowed cids
+	 *   * \e string \b channel_allow_gid => string of allowed gids
+	 *   * \e string \b channel_deny_cid => string of denied cids
+	 *   * \e string \b channel_deny_gid => string of denied gids
+	 */
+	function __construct($channel) {
+		if($channel) {
+			$this->allow_cid = $channel['channel_allow_cid'];
+			$this->allow_gid = $channel['channel_allow_gid'];
+			$this->deny_cid  = $channel['channel_deny_cid'];
+			$this->deny_gid  = $channel['channel_deny_gid'];
+		}
+		else {
+			$this->allow_cid = '';
+			$this->allow_gid = '';
+			$this->deny_cid  = '';
+			$this->deny_gid  = '';
+		}
+
+		$this->explicit = false;
+	}
+
+	/**
+	 * @brief Get if we are using the default constructor values
+	 * or values that have been set explicitly.
+	 *
+	 * @return boolean
+	 */
+	function get_explicit() {
+		return $this->explicit;
+	}
+
+	/**
+	 * @brief Set access list from strings such as those in already
+	 * existing stored data items.
+	 *
+	 * @note The array to pass to this set function is different from the array
+	 * that you provide to the constructor or set_from_array().
+	 *
+	 * @param array $arr
+	 *   * \e string \b allow_cid => string of allowed cids
+	 *   * \e string \b allow_gid => string of allowed gids
+	 *   * \e string \b deny_cid  => string of denied cids
+	 *   * \e string \b deny_gid  => string of denied gids
+	 * @param boolean $explicit (optional) default true
+	 */
+	function set($arr, $explicit = true) {
+		$this->allow_cid = $arr['allow_cid'];
+		$this->allow_gid = $arr['allow_gid'];
+		$this->deny_cid  = $arr['deny_cid'];
+		$this->deny_gid  = $arr['deny_gid'];
+
+		$this->explicit  = $explicit;
+	}
+
+	/**
+	 * @brief Return an array consisting of the current access list components
+	 * where the elements are directly storable.
+	 *
+	 * @return array An associative array with:
+	 *   * \e string \b allow_cid => string of allowed cids
+	 *   * \e string \b allow_gid => string of allowed gids
+	 *   * \e string \b deny_cid  => string of denied cids
+	 *   * \e string \b deny_gid  => string of denied gids
+	 */
+	function get() {
+		return [
+			'allow_cid' => $this->allow_cid,
+			'allow_gid' => $this->allow_gid,
+			'deny_cid'  => $this->deny_cid,
+			'deny_gid'  => $this->deny_gid,
+		];
+	}
+
+	/**
+	 * @brief Set access list components from arrays, such as those provided by
+	 * acl_selector().
+	 *
+	 * For convenience, a string (or non-array) input is assumed to be a
+	 * comma-separated list and auto-converted into an array.
+	 *
+	 * @note The array to pass to this set function is different from the array
+	 * that you provide to the constructor or set().
+	 *
+	 * @param array $arr An associative array with:
+	 *   * \e array|string \b contact_allow => array with cids or comma-seperated string
+	 *   * \e array|string \b group_allow   => array with gids or comma-seperated string
+	 *   * \e array|string \b contact_deny  => array with cids or comma-seperated string
+	 *   * \e array|string \b group_deny    => array with gids or comma-seperated string
+	 * @param boolean $explicit (optional) default true
+	 */
+	function set_from_array($arr, $explicit = true) {
+		$this->allow_cid = perms2str((is_array($arr['contact_allow']))
+			? $arr['contact_allow'] : explode(',', $arr['contact_allow']));
+		$this->allow_gid = perms2str((is_array($arr['group_allow']))
+			? $arr['group_allow'] : explode(',', $arr['group_allow']));
+		$this->deny_cid  = perms2str((is_array($arr['contact_deny']))
+			? $arr['contact_deny'] : explode(',', $arr['contact_deny']));
+		$this->deny_gid  = perms2str((is_array($arr['group_deny']))
+			? $arr['group_deny'] : explode(',', $arr['group_deny']));
+
+		$this->explicit = $explicit;
+	}
+
+	/**
+	 * @brief Returns true if any access lists component is set.
+	 *
+	 * @return boolean Return true if any of allow_* deny_* values is set.
+	 */
+	function is_private() {
+		return (($this->allow_cid || $this->allow_gid || $this->deny_cid || $this->deny_gid) ? true : false);
+	}
+
+}

Zotlabs/Access/PermissionLimits.php

@@ -0,0 +1,91 @@
+<?php
+
+namespace Zotlabs\Access;
+
+use Zotlabs\Lib\PConfig;
+
+/**
+ * @brief Permission limits.
+ *
+ * Permission limits are a very high level permission setting. They are hard
+ * limits by design.
+ * "Who can view my photos (at all)?"
+ * "Who can post photos in my albums (at all)?"
+ *
+ * For viewing permissions we generally set these to 'anybody' and for write
+ * permissions we generally set them to 'those I allow', though many people
+ * restrict the viewing permissions further for things like 'Can view my connections'.
+ *
+ * People get confused enough by permissions that we wanted a place to set their
+ * privacy expectations once and be done with it.
+ *
+ * Connection related permissions like "Can Joe view my photos?" are handled by
+ * @ref ::Zotlabs::Lib::Permcat "Permcat" and inherit from the channel's Permission
+ * limits.
+ *
+ * @see Permissions
+ */
+class PermissionLimits {
+
+	/**
+	 * @brief Get standard permission limits.
+	 *
+	 * Viewing permissions and post_comments permission are set to 'anybody',
+	 * other permissions are set to 'those I allow'.
+	 *
+	 * The list of permissions comes from Permissions::Perms().
+	 *
+	 * @return array
+	 */
+	static public function Std_Limits() {
+		$limits = [];
+		$perms = Permissions::Perms();
+
+		foreach($perms as $k => $v) {
+			if(strstr($k, 'view'))
+				$limits[$k] = PERMS_PUBLIC;
+			else
+				$limits[$k] = PERMS_SPECIFIC;
+		}
+
+		return $limits;
+	}
+
+	/**
+	 * @brief Sets a permission limit for a channel.
+	 *
+	 * @param int $channel_id
+	 * @param string $perm
+	 * @param int $perm_limit one of PERMS_* constants
+	 */
+	static public function Set($channel_id, $perm, $perm_limit) {
+		PConfig::Set($channel_id, 'perm_limits', $perm, $perm_limit);
+	}
+
+	/**
+	 * @brief Get a channel's permission limits.
+	 *
+	 * Return a channel's permission limits from PConfig. If $perm is set just
+	 * return this permission limit, if not set, return an array with all
+	 * permission limits.
+	 *
+	 * @param int $channel_id
+	 * @param string $perm (optional)
+	 * @return
+	 *   * \b false if no perm_limits set for this channel
+	 *   * \b int if $perm is set, return one of PERMS_* constants for this permission, default 0
+	 *   * \b array with all permission limits, if $perm is not set
+	 */
+	static public function Get($channel_id, $perm = '') {
+		if($perm) {
+			return intval(PConfig::Get($channel_id, 'perm_limits', $perm));
+		}
+
+		PConfig::Load($channel_id);
+		if(array_key_exists($channel_id, \App::$config)
+				&& array_key_exists('perm_limits', \App::$config[$channel_id]))
+			return \App::$config[$channel_id]['perm_limits'];
+
+		return false;
+	}
+}

Zotlabs/Access/PermissionRoles.php

@@ -0,0 +1,316 @@
+<?php
+
+namespace Zotlabs\Access;
+
+/**
+ * @brief PermissionRoles class.
+ *
+ * @see Permissions
+ */
+class PermissionRoles {
+
+	/**
+	 * @brief PermissionRoles version.
+	 *
+	 * This must match the version in Permissions.php before permission updates can run.
+	 *
+	 * @return number
+	 */
+	static public function version() {
+		return 2;
+	}
+
+	static function role_perms($role) {
+
+		$ret = array();
+
+		$ret['role'] = $role;
+
+		switch($role) {
+			case 'social':
+				$ret['perms_auto'] = false;
+				$ret['default_collection'] = false;
+				$ret['directory_publish'] = true;
+				$ret['online'] = true;
+				$ret['perms_connect'] = [
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+					'view_pages', 'view_wiki', 'send_stream', 'post_wall', 'post_comments',
+					'post_mail', 'chat', 'post_like', 'republish'
+				];
+				$ret['limits'] = PermissionLimits::Std_Limits();
+
+				break;
+
+			case 'social_federation':
+				$ret['perms_auto'] = false;
+				$ret['default_collection'] = false;
+				$ret['directory_publish'] = true;
+				$ret['online'] = true;
+				$ret['perms_connect'] = [
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+					'view_pages', 'view_wiki', 'send_stream', 'post_wall', 'post_comments',
+					'post_mail', 'chat', 'post_like', 'republish'
+				];
+				$ret['limits'] = PermissionLimits::Std_Limits();
+				$ret['limits']['post_comments'] = PERMS_AUTHED;
+				$ret['limits']['post_mail'] = PERMS_AUTHED;
+				$ret['limits']['post_like'] = PERMS_AUTHED;
+				$ret['limits']['chat'] = PERMS_AUTHED;
+				break;
+
+
+			case 'social_restricted':
+				$ret['perms_auto'] = false;
+				$ret['default_collection'] = true;
+				$ret['directory_publish'] = true;
+				$ret['online'] = true;
+				$ret['perms_connect'] = [
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+					'view_pages', 'view_wiki', 'send_stream', 'post_wall', 'post_comments',
+					'post_mail', 'chat', 'post_like'
+				];
+				$ret['limits'] = PermissionLimits::Std_Limits();
+
+				break;
+
+			case 'social_private':
+				$ret['perms_auto'] = false;
+				$ret['default_collection'] = true;
+				$ret['directory_publish'] = false;
+				$ret['online'] = false;
+				$ret['perms_connect'] = [
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+					'view_pages', 'view_wiki', 'send_stream', 'post_wall', 'post_comments',
+					'post_mail', 'post_like'
+				];
+				$ret['limits'] = PermissionLimits::Std_Limits();
+				$ret['limits']['view_contacts'] = PERMS_SPECIFIC;
+				$ret['limits']['view_storage'] = PERMS_SPECIFIC;
+
+				break;
+
+			case 'forum':
+				$ret['perms_auto'] = true;
+				$ret['default_collection'] = false;
+				$ret['directory_publish'] = true;
+				$ret['online'] = false;
+				$ret['perms_connect'] = [
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+					'view_pages', 'view_wiki', 'post_wall', 'post_comments', 'tag_deliver',
+					'post_mail', 'post_like' , 'republish', 'chat'
+				];
+				$ret['limits'] = PermissionLimits::Std_Limits();
+
+				break;
+
+			case 'forum_restricted':
+				$ret['perms_auto'] = false;
+				$ret['default_collection'] = true;
+				$ret['directory_publish'] = true;
+				$ret['online'] = false;
+				$ret['perms_connect'] = [
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+					'view_pages', 'view_wiki', 'post_wall', 'post_comments', 'tag_deliver',
+					'post_mail', 'post_like' , 'chat' ];
+				$ret['limits'] = PermissionLimits::Std_Limits();
+
+				break;
+
+			case 'forum_private':
+				$ret['perms_auto'] = false;
+				$ret['default_collection'] = true;
+				$ret['directory_publish'] = false;
+				$ret['online'] = false;
+				$ret['perms_connect'] = [
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+					'view_pages', 'view_wiki', 'post_wall', 'post_comments',
+					'post_mail', 'post_like' , 'chat'
+				];
+				$ret['limits'] = PermissionLimits::Std_Limits();
+				$ret['limits']['view_profile']  = PERMS_SPECIFIC;
+				$ret['limits']['view_contacts'] = PERMS_SPECIFIC;
+				$ret['limits']['view_storage']  = PERMS_SPECIFIC;
+				$ret['limits']['view_pages']    = PERMS_SPECIFIC;
+				$ret['limits']['view_wiki']     = PERMS_SPECIFIC;
+
+				break;
+
+			case 'feed':
+				$ret['perms_auto'] = true;
+				$ret['default_collection'] = false;
+				$ret['directory_publish'] = true;
+				$ret['online'] = false;
+				$ret['perms_connect'] = [
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+					'view_pages', 'view_wiki', 'send_stream', 'post_wall', 'post_comments',
+					'post_mail', 'post_like' , 'republish'
+				];
+				$ret['limits'] = PermissionLimits::Std_Limits();
+
+				break;
+
+			case 'feed_restricted':
+				$ret['perms_auto'] = false;
+				$ret['default_collection'] = true;
+				$ret['directory_publish'] = false;
+				$ret['online'] = false;
+				$ret['perms_connect'] = [
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+					'view_pages', 'view_wiki', 'send_stream', 'post_wall', 'post_comments',
+					'post_mail', 'post_like' , 'republish'
+				];
+				$ret['limits'] = PermissionLimits::Std_Limits();
+
+				break;
+
+			case 'soapbox':
+				$ret['perms_auto'] = true;
+				$ret['default_collection'] = false;
+				$ret['directory_publish'] = true;
+				$ret['online'] = false;
+				$ret['perms_connect'] = [
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+					'view_pages', 'view_wiki', 'post_like' , 'republish'
+				];
+				$ret['limits'] = PermissionLimits::Std_Limits();
+
+				break;
+
+			case 'repository':
+				$ret['perms_auto'] = true;
+				$ret['default_collection'] = false;
+				$ret['directory_publish'] = true;
+				$ret['online'] = false;
+				$ret['perms_connect'] = [
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+					'view_pages', 'view_wiki', 'write_storage', 'write_pages', 'post_wall', 'post_comments', 'tag_deliver',
+					'post_mail', 'post_like' , 'republish', 'chat', 'write_wiki'
+				];
+				$ret['limits'] = PermissionLimits::Std_Limits();
+
+				break;
+
+			case 'custom':
+			default:
+				break;
+		}
+
+		$x = get_config('system','role_perms');
+		// let system settings over-ride any or all
+		if($x && is_array($x) && array_key_exists($role,$x))
+			$ret = array_merge($ret,$x[$role]);
+
+		/**
+		 * @hooks get_role_perms
+		 *   * \e array
+		 */
+		call_hooks('get_role_perms', $ret);
+
+		return $ret;
+	}
+
+	static public function new_custom_perms($uid,$perm,$abooks) {
+
+		// set permissionlimits for this permission here, for example:
+
+		// if($perm === 'mynewperm')
+		//     \Zotlabs\Access\PermissionLimits::Set($uid,$perm,1);
+
+		if($perm === 'view_wiki')
+			\Zotlabs\Access\PermissionLimits::Set($uid, $perm, PERMS_PUBLIC);
+
+		if($perm === 'write_wiki')
+			\Zotlabs\Access\PermissionLimits::Set($uid, $perm, PERMS_SPECIFIC);
+
+
+		// set autoperms here if applicable
+		// choices are to set to 0, 1, or the value of an existing perm
+
+		if(get_pconfig($uid,'system','autoperms')) {
+
+			$c = channelx_by_n($uid);
+			$value = 0;
+
+			// if($perm === 'mynewperm')
+			//	 $value = get_abconfig($uid,$c['channel_hash'],'autoperms','someexistingperm');
+
+			if($perm === 'view_wiki')
+				$value = get_abconfig($uid,$c['channel_hash'],'autoperms','view_pages');
+
+			if($perm === 'write_wiki')
+				$value = get_abconfig($uid,$c['channel_hash'],'autoperms','write_pages');
+
+			if($c) {
+				set_abconfig($uid,$c['channel_hash'],'autoperms',$perm,$value);
+			}
+		}
+
+		// now set something for all existing connections.
+
+		if($abooks) {
+			foreach($abooks as $ab) {
+				switch($perm) {
+					// case 'mynewperm':
+					// choices are to set to 1, set to 0, or clone an existing perm
+					// set_abconfig($uid,$ab['abook_xchan'],'my_perms',$perm,
+					//		intval(get_abconfig($uid,$ab['abook_xchan'],'my_perms','someexistingperm')));
+
+					case 'view_wiki':
+						set_abconfig($uid,$ab['abook_xchan'],'my_perms',$perm,
+							intval(get_abconfig($uid,$ab['abook_xchan'],'my_perms','view_pages')));
+
+					case 'write_wiki':
+						set_abconfig($uid,$ab['abook_xchan'],'my_perms',$perm,
+							intval(get_abconfig($uid,$ab['abook_xchan'],'my_perms','write_pages')));
+
+					default:
+						break;
+				}
+			}
+		}
+	}
+
+	/**
+	 * @brief Array with translated role names and grouping.
+	 *
+	 * Return an associative array with grouped role names that can be used
+	 * to create select groups like in \e field_select_grouped.tpl.
+	 *
+	 * @return array
+	 */
+	static public function roles() {
+		$roles = [
+			t('Social Networking') => [
+				'social_federation' => t('Social - Federation'),
+				'social' => t('Social - Mostly Public'),
+				'social_restricted' => t('Social - Restricted'),
+				'social_private' => t('Social - Private')
+			],
+
+			t('Community Forum') => [
+				'forum' => t('Forum - Mostly Public'),
+				'forum_restricted' => t('Forum - Restricted'),
+				'forum_private' => t('Forum - Private')
+			],
+
+			t('Feed Republish') => [
+				'feed' => t('Feed - Mostly Public'),
+				'feed_restricted' => t('Feed - Restricted')
+			],
+
+			t('Special Purpose') => [
+				'soapbox' => t('Special - Celebrity/Soapbox'),
+				'repository' => t('Special - Group Repository')
+			],
+
+			t('Other') => [
+				'custom' => t('Custom/Expert Mode')
+			]
+		];
+
+		call_hooks('list_permission_roles',$roles);
+
+		return $roles;
+	}
+
+}

Zotlabs/Access/Permissions.php

@@ -0,0 +1,286 @@
+<?php
+
+namespace Zotlabs\Access;
+
+use Zotlabs\Lib as Zlib;
+
+/**
+ * @brief Extensible permissions.
+ *
+ * To add new permissions, add to the list of $perms below, with a simple description.
+ *
+ * Also visit PermissionRoles.php and add to the $ret['perms_connect'] property for any role
+ * if this permission should be granted to new connections.
+ *
+ * Next look at PermissionRoles::new_custom_perms() and provide a handler for updating custom
+ * permission roles. You will want to set a default PermissionLimit for each channel and also
+ * provide a sane default for any existing connections. You may or may not wish to provide a
+ * default auto permission. If in doubt, leave this alone as custom permissions by definition
+ * are the responsibility of the channel owner to manage. You just don't want to create any
+ * suprises or break things so you have an opportunity to provide sane settings.
+ *
+ * Update the version here and in PermissionRoles.
+ *
+ *
+ * Permissions with 'view' in the name are considered read permissions. Anything
+ * else requires authentication. Read permission limits are PERMS_PUBLIC and anything else
+ * is given PERMS_SPECIFIC.
+ *
+ * PermissionLimits::Std_limits() retrieves the standard limits. A permission role
+ * MAY alter an individual setting after retrieving the Std_limits if you require
+ * something different for a specific permission within the given role.
+ *
+ */
+class Permissions {
+
+	/**
+	 * @brief Permissions version.
+	 *
+	 * This must match the version in PermissionRoles.php before permission updates can run.
+	 *
+	 * @return number
+	 */
+	static public function version() {
+		return 2;
+	}
+
+	/**
+	 * @brief Return an array with Permissions.
+	 *
+	 * @param string $filter (optional) only passed to hook permissions_list
+	 * @return array Associative array with permissions and short description.
+	 */
+	static public function Perms($filter = '') {
+
+		$perms = [
+			'view_stream'   => t('Can view my channel stream and posts'),
+			'send_stream'   => t('Can send me their channel stream and posts'),
+			'view_profile'  => t('Can view my default channel profile'),
+			'view_contacts' => t('Can view my connections'),
+			'view_storage'  => t('Can view my file storage and photos'),
+			'write_storage' => t('Can upload/modify my file storage and photos'),
+			'view_pages'    => t('Can view my channel webpages'),
+			'view_wiki'     => t('Can view my wiki pages'),
+			'write_pages'   => t('Can create/edit my channel webpages'),
+			'write_wiki'    => t('Can write to my wiki pages'),
+			'post_wall'     => t('Can post on my channel (wall) page'),
+			'post_comments' => t('Can comment on or like my posts'),
+			'post_mail'     => t('Can send me private mail messages'),
+			'post_like'     => t('Can like/dislike profiles and profile things'),
+			'tag_deliver'   => t('Can forward to all my channel connections via ! mentions in posts'),
+			'chat'          => t('Can chat with me'),
+			'republish'     => t('Can source my public posts in derived channels'),
+			'delegate'      => t('Can administer my channel')
+		];
+
+		$x = [
+			'permissions' => $perms,
+			'filter' => $filter
+		];
+		/**
+		 * @hooks permissions_list
+		 *   * \e array \b permissions
+		 *   * \e string \b filter
+		 */
+		call_hooks('permissions_list', $x);
+
+		return($x['permissions']);
+	}
+
+	/**
+	 * @brief Perms from the above list that are blocked from anonymous observers.
+	 *
+	 * e.g. you must be authenticated.
+	 *
+	 * @return array Associative array with permissions and short description.
+	 */
+	static public function BlockedAnonPerms() {
+
+		$res = [];
+		$perms = PermissionLimits::Std_limits();
+		foreach($perms as $perm => $limit) {
+			if($limit != PERMS_PUBLIC) {
+				$res[] = $perm;
+			}
+		}
+
+		$x = ['permissions' => $res];
+		/**
+		 * @hooks write_perms
+		 *   * \e array \b permissions
+		 */
+		call_hooks('write_perms', $x);
+
+		return($x['permissions']);
+	}
+
+	/**
+	 * @brief Converts indexed perms array to associative perms array.
+	 *
+	 * Converts [ 0 => 'view_stream', ... ]
+	 * to [ 'view_stream' => 1 ] for any permissions in $arr;
+	 * Undeclared permissions which exist in Perms() are added and set to 0.
+ 	 *
+	 * @param array $arr
+	 * @return array
+	 */
+	static public function FilledPerms($arr) {
+		if(is_null($arr)) {
+			btlogger('FilledPerms: null');
+			$arr = [];
+		}
+
+		$everything = self::Perms();
+		$ret = [];
+		foreach($everything as $k => $v) {
+			if(in_array($k, $arr))
+				$ret[$k] = 1;
+			else
+				$ret[$k] = 0;
+		}
+
+		return $ret;
+	}
+
+	/**
+	 * @brief Convert perms array to indexed array.
+	 *
+	 * Converts [ 'view_stream' => 1 ] for any permissions in $arr
+	 * to [ 0 => ['name' => 'view_stream', 'value' => 1], ... ]
+	 *
+	 * @param array $arr associative perms array 'view_stream' => 1
+	 * @return array Indexed array with elements that look like
+	 *   * \e string \b name the perm name (e.g. view_stream)
+	 *   * \e int \b value the value of the perm (e.g. 1)
+	 */
+	static public function OPerms($arr) {
+		$ret = [];
+		if($arr) {
+			foreach($arr as $k => $v) {
+				$ret[] = [ 'name' => $k, 'value' => $v ];
+			}
+		}
+		return $ret;
+	}
+
+	/**
+	 * @brief
+	 *
+	 * @param int $channel_id
+	 * @return boolean|array
+	 */
+	static public function FilledAutoperms($channel_id) {
+		if(! intval(get_pconfig($channel_id,'system','autoperms')))
+			return false;
+
+		$arr = [];
+		$r = q("select * from pconfig where uid = %d and cat = 'autoperms'",
+			intval($channel_id)
+		);
+		if($r) {
+			foreach($r as $rr) {
+				$arr[$rr['k']] = intval($rr['v']);
+			}
+		}
+		return $arr;
+	}
+
+	/**
+	 * @brief Compares that all Permissions from $p1 exist also in $p2.
+	 *
+	 * @param array $p1 The perms that have to exist in $p2
+	 * @param array $p2 The perms to compare against
+	 * @return boolean true if all perms from $p1 exist also in $p2
+	 */
+	static public function PermsCompare($p1, $p2) {
+		foreach($p1 as $k => $v) {
+			if(! array_key_exists($k, $p2))
+				return false;
+
+			if($p1[$k] != $p2[$k])
+				return false;
+		}
+
+		return true;
+	}
+
+	/**
+	 * @brief
+	 *
+	 * @param int $channel_id A channel id
+	 * @return array Associative array with
+	 *   * \e array \b perms Permission array
+	 *   * \e int \b automatic 0 or 1
+	 */
+	static public function connect_perms($channel_id) {
+
+		$my_perms = [];
+		$permcat = null;
+		$automatic = 0;
+
+		// If a default permcat exists, use that
+
+		$pc = ((feature_enabled($channel_id,'permcats')) ? get_pconfig($channel_id,'system','default_permcat') : 'default');
+		if(! in_array($pc, [ '','default' ])) {
+			$pcp = new Zlib\Permcat($channel_id);
+			$permcat = $pcp->fetch($pc);
+			if($permcat && $permcat['perms']) {
+				foreach($permcat['perms'] as $p) {
+					$my_perms[$p['name']] = $p['value'];
+				}
+			}
+		}
+
+		// look up the permission role to see if it specified auto-connect
+		// and if there was no permcat or a default permcat, set the perms
+		// from the role
+
+		$role = get_pconfig($channel_id,'system','permissions_role');
+		if($role) {
+			$xx = PermissionRoles::role_perms($role);
+			if($xx['perms_auto'])
+				$automatic = 1;
+
+			if((! $my_perms) && ($xx['perms_connect'])) {
+				$default_perms = $xx['perms_connect'];
+				$my_perms = Permissions::FilledPerms($default_perms);
+			}
+		}
+
+		// If we reached this point without having any permission information,
+		// it is likely a custom permissions role. First see if there are any
+		// automatic permissions.
+
+		if(! $my_perms) {
+			$m = Permissions::FilledAutoperms($channel_id);
+			if($m) {
+				$automatic = 1;
+				$my_perms = $m;
+			}
+		}
+
+		// If we reached this point with no permissions, the channel is using
+		// custom perms but they are not automatic. They will be stored in abconfig with
+		// the channel's channel_hash (the 'self' connection).
+
+		if(! $my_perms) {
+			$r = q("select channel_hash from channel where channel_id = %d",
+				intval($channel_id)
+			);
+			if($r) {
+				$x = q("select * from abconfig where chan = %d and xchan = '%s' and cat = 'my_perms'",
+					intval($channel_id),
+					dbesc($r[0]['channel_hash'])
+				);
+				if($x) {
+					foreach($x as $xv) {
+						$my_perms[$xv['k']] = intval($xv['v']);
+					}
+				}
+			}
+		}
+
+		return ( [ 'perms' => $my_perms, 'automatic' => $automatic ] );
+	}
+
+}

Zotlabs/Daemon/Addon.php

@@ -0,0 +1,14 @@
+<?php
+
+namespace Zotlabs\Daemon;
+
+require_once('include/zot.php');
+
+class Addon {
+
+	static public function run($argc,$argv) {
+
+		call_hooks('daemon_addon',$argv);
+
+	}
+}

Zotlabs/Daemon/Checksites.php

@@ -0,0 +1,54 @@
+<?php /** @file */
+
+namespace Zotlabs\Daemon;
+
+require_once('include/zot.php');
+
+
+class Checksites {
+
+	static public function run($argc,$argv) {
+
+		logger('checksites: start');
+	
+		if(($argc > 1) && ($argv[1]))
+			$site_id = $argv[1];
+
+		if($site_id)
+			$sql_options = " and site_url = '" . dbesc($argv[1]) . "' ";
+
+		$days = intval(get_config('system','sitecheckdays'));
+		if($days < 1)
+			$days = 30;
+
+		$r = q("select * from site where site_dead = 0 and site_update < %s - INTERVAL %s and site_type = %d $sql_options ",
+			db_utcnow(), db_quoteinterval($days . ' DAY'),
+			intval(SITE_TYPE_ZOT)
+		);
+
+		if(! $r)
+			return;
+
+		foreach($r as $rr) {
+			if(! strcasecmp($rr['site_url'],z_root()))
+				continue;
+
+			$x = ping_site($rr['site_url']);
+			if($x['success']) {
+				logger('checksites: ' . $rr['site_url']);
+				q("update site set site_update = '%s' where site_url = '%s' ",
+					dbesc(datetime_convert()),
+					dbesc($rr['site_url'])
+				);
+			}
+			else {
+				logger('marking dead site: ' . $x['message']);
+				q("update site set site_dead = 1 where site_url = '%s' ",
+					dbesc($rr['site_url'])
+				);
+			}
+		}
+
+		return;
+	}
+}

Zotlabs/Daemon/Cli_suggest.php

@@ -0,0 +1,14 @@
+<?php /** @file */
+
+namespace Zotlabs\Daemon;
+
+require_once('include/socgraph.php');
+
+class Cli_suggest {
+
+	static public function run($argc,$argv) {
+
+		update_suggestions();
+
+	}
+}

Zotlabs/Daemon/Cron.php

@@ -0,0 +1,213 @@
+<?php /** @file */
+
+namespace Zotlabs\Daemon;
+
+class Cron {
+
+	static public function run($argc,$argv) {
+
+		$maxsysload = intval(get_config('system','maxloadavg'));
+		if($maxsysload < 1)
+			$maxsysload = 50;
+		if(function_exists('sys_getloadavg')) {
+			$load = sys_getloadavg();
+			if(intval($load[0]) > $maxsysload) {
+				logger('system: load ' . $load . ' too high. Cron deferred to next scheduled run.');
+				return;
+			}
+		}
+
+		// Check for a lockfile.  If it exists, but is over an hour old, it's stale.  Ignore it.
+		$lockfile = 'store/[data]/cron';
+		if((file_exists($lockfile)) && (filemtime($lockfile) > (time() - 3600)) 
+			&& (! get_config('system','override_cron_lockfile'))) {
+			logger("cron: Already running");
+			return;
+		}
+	
+		// Create a lockfile.  Needs two vars, but $x doesn't need to contain anything.
+		file_put_contents($lockfile, $x);
+
+		logger('cron: start');
+	
+		// run queue delivery process in the background
+
+		Master::Summon(array('Queue'));
+
+		Master::Summon(array('Poller'));
+
+		// maintenance for mod sharedwithme - check for updated items and remove them
+
+		require_once('include/sharedwithme.php');
+		apply_updates();
+	
+		// expire any expired mail
+
+		q("delete from mail where expires > '%s' and expires < %s ",
+			dbesc(NULL_DATE),
+			db_utcnow()
+		);
+
+		// expire any expired items
+
+		$r = q("select id,item_wall from item where expires > '2001-01-01 00:00:00' and expires < %s 
+			and item_deleted = 0 ",
+			db_utcnow()
+		);
+		if($r) {
+			require_once('include/items.php');
+			foreach($r as $rr) {
+				drop_item($rr['id'],false,(($rr['item_wall']) ? DROPITEM_PHASE1 : DROPITEM_NORMAL));
+				if($rr['item_wall']) {
+					// The notifier isn't normally invoked unless item_drop is interactive.
+					Zotlabs\Daemon\Master::Summon( [ 'Notifier', 'drop', $rr['id'] ] );
+				}
+			}
+		}
+
+
+		// delete expired access tokens
+
+		$r = q("select atoken_id from atoken where atoken_expires > '%s' and atoken_expires < %s",
+			dbesc(NULL_DATE),
+			db_utcnow()
+		);
+		if($r) {
+			require_once('include/security.php');
+			foreach($r as $rr) {
+				atoken_delete($rr['atoken_id']);
+			}
+		}
+
+		// Ensure that every channel pings a directory server once a month. This way we can discover
+		// channels and sites that quietly vanished and prevent the directory from accumulating stale
+		// or dead entries.
+
+		$r = q("select channel_id from channel where channel_dirdate < %s - INTERVAL %s and channel_removed = 0",
+			db_utcnow(), 
+			db_quoteinterval('30 DAY')
+		);
+		if($r) {
+			foreach($r as $rr) {
+				Master::Summon(array('Directory',$rr['channel_id'],'force'));
+				if($interval)
+					@time_sleep_until(microtime(true) + (float) $interval);
+			}
+		}
+
+		// publish any applicable items that were set to be published in the future
+		// (time travel posts). Restrict to items that have come of age in the last
+		// couple of days to limit the query to something reasonable. 
+
+		$r = q("select id from item where item_delayed = 1 and created <= %s  and created > '%s' ",
+			db_utcnow(),
+			dbesc(datetime_convert('UTC','UTC','now - 2 days'))
+		);
+		if($r) {
+			foreach($r as $rr) {
+				$x = q("update item set item_delayed = 0 where id = %d",
+					intval($rr['id'])
+				);
+				if($x) {
+					$z = q("select * from item where id = %d",
+						intval($message_id)
+					);
+					if($z) {
+						xchan_query($z);
+						$sync_item = fetch_post_tags($z);
+						build_sync_packet($sync_item[0]['uid'],
+							[ 
+								'item' => [ encode_item($sync_item[0],true) ]
+							]
+						);
+					}
+					Master::Summon(array('Notifier','wall-new',$rr['id']));
+				}
+			}
+		}
+
+		require_once('include/attach.php');
+		attach_upgrade();
+
+		$abandon_days = intval(get_config('system','account_abandon_days'));
+		if($abandon_days < 1)
+			$abandon_days = 0;
+
+	
+		// once daily run birthday_updates and then expire in background
+
+		// FIXME: add birthday updates, both locally and for xprof for use
+		// by directory servers
+
+		$d1 = intval(get_config('system','last_expire_day'));
+		$d2 = intval(datetime_convert('UTC','UTC','now','d'));
+
+		// Allow somebody to staggger daily activities if they have more than one site on their server,
+		// or if it happens at an inconvenient (busy) hour.
+
+		$h1 = intval(get_config('system','cron_hour'));
+		$h2 = intval(datetime_convert('UTC','UTC','now','G'));
+
+
+		if(($d2 != $d1) && ($h1 == $h2)) {
+			Master::Summon(array('Cron_daily'));
+		}
+
+		// update any photos which didn't get imported properly
+		// This should be rare
+
+		$r = q("select xchan_photo_l, xchan_hash from xchan where xchan_photo_l != '' and xchan_photo_m = '' 
+			and xchan_photo_date < %s - INTERVAL %s",
+			db_utcnow(), 
+			db_quoteinterval('1 DAY')
+		);
+		if($r) {
+			require_once('include/photo/photo_driver.php');
+			foreach($r as $rr) {
+				$photos = import_xchan_photo($rr['xchan_photo_l'],$rr['xchan_hash']);
+				$x = q("update xchan set xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s'
+					where xchan_hash = '%s'",
+					dbesc($photos[0]),
+					dbesc($photos[1]),
+					dbesc($photos[2]),
+					dbesc($photos[3]),
+					dbesc($rr['xchan_hash'])
+				);
+			}
+		}
+
+
+		// pull in some public posts
+
+		$disable_discover_tab = get_config('system','disable_discover_tab') || get_config('system','disable_discover_tab') === false;
+		if(! $disable_discover_tab)
+			Master::Summon(array('Externals'));
+
+		$generation = 0;
+
+		$restart    = false;
+
+		if(($argc > 1) && ($argv[1] == 'restart')) {
+			$restart = true;
+			$generation = intval($argv[2]);
+			if(! $generation)
+				killme();		
+		}
+
+		reload_plugins();
+
+		$d = datetime_convert();
+
+		// TODO check to see if there are any cronhooks before wasting a process
+
+		if(! $restart)
+			Master::Summon(array('Cronhooks'));
+
+		set_config('system','lastcron',datetime_convert());
+
+		//All done - clear the lockfile	
+		@unlink($lockfile);
+
+		return;
+	}
+}

Zotlabs/Daemon/Cron_daily.php

@@ -0,0 +1,97 @@
+<?php /** @file */
+
+namespace Zotlabs\Daemon;
+
+class Cron_daily {
+
+	static public function run($argc,$argv) {
+
+		logger('cron_daily: start');
+
+		/**
+		 * Cron Daily
+		 *
+		 */
+
+
+		require_once('include/dir_fns.php');
+		check_upstream_directory();
+
+
+		// Fire off the Cron_weekly process if it's the correct day.
+ 
+		$d3 = intval(datetime_convert('UTC','UTC','now','N'));
+		if($d3 == 7) {
+			Master::Summon(array('Cron_weekly'));
+		}
+
+		// once daily run birthday_updates and then expire in background
+
+		// FIXME: add birthday updates, both locally and for xprof for use
+		// by directory servers
+
+		update_birthdays();
+
+		// expire any read notifications over a month old
+
+		q("delete from notify where seen = 1 and created < %s - INTERVAL %s",
+			db_utcnow(), db_quoteinterval('30 DAY')
+		);
+
+		// expire any unread notifications over a year old
+
+		q("delete from notify where seen = 0 and created < %s - INTERVAL %s",
+			db_utcnow(), db_quoteinterval('1 YEAR')
+		);
+
+
+		//update statistics in config
+		require_once('include/statistics_fns.php');
+		update_channels_total_stat();
+		update_channels_active_halfyear_stat();
+		update_channels_active_monthly_stat();
+		update_local_posts_stat();
+		update_local_comments_stat();
+
+
+		// expire old delivery reports
+
+		$keep_reports = intval(get_config('system','expire_delivery_reports'));
+		if($keep_reports === 0)
+			$keep_reports = 10;
+
+		q("delete from dreport where dreport_time < %s - INTERVAL %s",
+			db_utcnow(),
+			db_quoteinterval($keep_reports . ' DAY')
+		);
+
+		// expire any expired accounts
+		downgrade_accounts();
+
+		// If this is a directory server, request a sync with an upstream
+		// directory at least once a day, up to once every poll interval. 
+		// Pull remote changes and push local changes.
+		// potential issue: how do we keep from creating an endless update loop? 
+
+		$dirmode = get_config('system','directory_mode');
+
+		if($dirmode == DIRECTORY_MODE_SECONDARY || $dirmode == DIRECTORY_MODE_PRIMARY) {
+			require_once('include/dir_fns.php');
+			sync_directories($dirmode);
+		}
+
+
+		Master::Summon(array('Expire'));
+		Master::Summon(array('Cli_suggest'));
+
+		remove_obsolete_hublocs();
+
+		call_hooks('cron_daily',datetime_convert());
+
+		set_config('system','last_expire_day',intval(datetime_convert('UTC','UTC','now','d')));
+
+		/**
+		 * End Cron Daily
+		 */
+	}
+}

Zotlabs/Daemon/Cron_weekly.php

@@ -0,0 +1,62 @@
+<?php
+
+namespace Zotlabs\Daemon;
+
+class Cron_weekly {
+
+	static public function run($argc,$argv) {		
+
+		/**
+		 * Cron Weekly
+		 * 
+		 * Actions in the following block are executed once per day only on Sunday (once per week).
+		 *
+		 */
+
+		call_hooks('cron_weekly',datetime_convert());
+
+		z_check_cert();
+
+		prune_hub_reinstalls();
+	
+		mark_orphan_hubsxchans();
+
+		// Find channels that were removed in the last three weeks, but 
+		// haven't been finally cleaned up. These should be older than 10
+		// days to ensure that "purgeall" messages have gone out or bounced 
+		// or timed out. 
+
+		$r = q("select channel_id from channel where channel_removed = 1 and 
+			channel_deleted >  %s - INTERVAL %s and channel_deleted < %s - INTERVAL %s",
+			db_utcnow(), db_quoteinterval('21 DAY'),
+			db_utcnow(), db_quoteinterval('10 DAY')
+		);
+		if($r) {
+			foreach($r as $rv) {
+				channel_remove_final($rv['channel_id']);
+			}
+		}
+
+		// get rid of really old poco records
+
+		q("delete from xlink where xlink_updated < %s - INTERVAL %s and xlink_static = 0 ",
+			db_utcnow(), db_quoteinterval('14 DAY')
+		);
+
+		$dirmode = intval(get_config('system','directory_mode'));
+		if($dirmode === DIRECTORY_MODE_SECONDARY || $dirmode === DIRECTORY_MODE_PRIMARY) {
+			logger('regdir: ' . print_r(z_fetch_url(get_directory_primary() . '/regdir?f=&url=' . urlencode(z_root()) . '&realm=' . urlencode(get_directory_realm())),true));
+		}
+
+		// Check for dead sites
+		Master::Summon(array('Checksites'));
+			
+		// update searchable doc indexes
+		Master::Summon(array('Importdoc'));
+
+		/**
+		 * End Cron Weekly
+		 */
+
+	}
+}

Zotlabs/Daemon/Cronhooks.php

@@ -0,0 +1,17 @@
+<?php /** @file */
+
+namespace Zotlabs\Daemon;
+
+class Cronhooks {
+
+	static public function run($argc,$argv){
+
+		logger('cronhooks: start');
+	
+		$d = datetime_convert();
+
+		call_hooks('cron', $d);
+
+		return;
+	}
+}

Zotlabs/Daemon/CurlAuth.php

@@ -0,0 +1,55 @@
+<?php
+
+namespace Zotlabs\Daemon;
+
+// generate a curl compatible cookie file with an authenticated session for the given channel_id. 
+// If this file is then used with curl and the destination url is sent through zid() or manually 
+// manipulated to add a zid, it should allow curl to provide zot magic-auth across domains.
+
+// Handles expiration of stale cookies currently by deleting them and rewriting the file.  
+
+class CurlAuth {
+
+	static public function run($argc,$argv) {
+
+		if($argc != 2)
+			killme();
+
+		\App::$session->start();
+
+		$_SESSION['authenticated'] = 1;
+		$_SESSION['uid'] = $argv[1];
+
+		$x = session_id();
+
+		$f = 'store/[data]/cookie_' . $argv[1];
+		$c = 'store/[data]/cookien_' . $argv[1];
+
+		$e = file_exists($f);
+
+		$output = '';
+
+		if($e) {
+			$lines = file($f);
+			if($lines) {
+				foreach($lines as $line) {
+					if(strlen($line) > 0 && $line[0] != '#' && substr_count($line, "\t") == 6) {
+						$tokens = explode("\t", $line);
+						$tokens = array_map('trim', $tokens);
+						if($tokens[4] > time()) {
+							$output .= $line . "\n";
+						}
+					}
+					else
+						$output .= $line;
+				}
+			}
+		}
+		$t = time() + (24 * 3600);
+		file_put_contents($f, $output . 'HttpOnly_' . \App::get_hostname() . "\tFALSE\t/\tTRUE\t$t\tPHPSESSID\t" . $x, (($e) ? FILE_APPEND : 0));
+
+		file_put_contents($c,$x);
+
+		killme();
+	}
+}

Zotlabs/Daemon/Deliver.php

@@ -0,0 +1,90 @@
+<?php /** @file */
+
+namespace Zotlabs\Daemon;
+
+require_once('include/zot.php');
+require_once('include/queue_fn.php');
+
+
+class Deliver {
+	
+	static public function run($argc,$argv) {
+
+		if($argc < 2)
+			return;
+
+		logger('deliver: invoked: ' . print_r($argv,true), LOGGER_DATA);
+
+		for($x = 1; $x < $argc; $x ++) {
+
+			if(! $argv[$x])
+				continue;
+
+			$dresult = null;
+			$r = q("select * from outq where outq_hash = '%s' limit 1",
+				dbesc($argv[$x])
+			);
+			if($r) {
+
+				$notify = json_decode($r[0]['outq_notify'],true);
+
+				// Messages without an outq_msg will need to go via the web, even if it's a
+				// local delivery. This includes conversation requests and refresh packets.
+
+				if(($r[0]['outq_posturl'] === z_root() . '/post') && ($r[0]['outq_msg'])) {
+					logger('deliver: local delivery', LOGGER_DEBUG);
+
+					// local delivery
+					// we should probably batch these and save a few delivery processes
+
+					if($r[0]['outq_msg']) {
+						$m = json_decode($r[0]['outq_msg'],true);
+						if(array_key_exists('message_list',$m)) {
+							foreach($m['message_list'] as $mm) {
+								$msg = array('body' => json_encode(array('success' => true, 'pickup' => array(array('notify' => $notify,'message' => $mm)))));
+								zot_import($msg,z_root());
+							}
+						}	
+						else {	
+							$msg = array('body' => json_encode(array('success' => true, 'pickup' => array(array('notify' => $notify,'message' => $m)))));
+							$dresult = zot_import($msg,z_root());
+						}
+
+						remove_queue_item($r[0]['outq_hash']);
+
+						if($dresult && is_array($dresult)) {
+
+							// delivery reports for local deliveries do not require encryption
+
+							foreach($dresult as $xx) {
+								if(is_array($xx) && array_key_exists('message_id',$xx)) {
+									if(delivery_report_is_storable($xx)) {
+										q("insert into dreport ( dreport_mid, dreport_site, dreport_recip, dreport_result, dreport_time, dreport_xchan ) values ( '%s', '%s','%s','%s','%s','%s' ) ",
+											dbesc($xx['message_id']),
+											dbesc($xx['location']),
+											dbesc($xx['recipient']),
+											dbesc($xx['status']),
+											dbesc(datetime_convert($xx['date'])),
+											dbesc($xx['sender'])
+										);
+									}
+								}
+							}
+						}
+
+						q("delete from dreport where dreport_queue = '%s'",
+							dbesc($argv[$x])
+						);
+					
+						continue;
+					}
+				}
+
+				// otherwise it's a remote delivery - call queue_deliver() with the $immediate flag
+
+				queue_deliver($r[0],true);
+
+			}
+		}
+	}
+}

Zotlabs/Daemon/Deliver_hooks.php

@@ -0,0 +1,24 @@
+<?php
+
+namespace Zotlabs\Daemon;
+
+require_once('include/zot.php');
+
+class Deliver_hooks {
+
+	static public function run($argc,$argv) {
+
+		if($argc < 2)
+			return;
+
+
+		$r = q("select * from item where id = '%d'",
+			intval($argv[1])
+		);
+		if($r)
+			call_hooks('notifier_normal',$r[0]);
+
+	}
+}
+
+

Zotlabs/Daemon/Directory.php

@@ -0,0 +1,100 @@
+<?php
+
+namespace Zotlabs\Daemon;
+
+require_once('include/zot.php');
+require_once('include/dir_fns.php');
+require_once('include/queue_fn.php');
+
+
+class Directory {
+
+	static public function run($argc,$argv){
+
+		if($argc < 2)
+			return;
+
+		$force = false;
+		$pushall = true;
+
+		if($argc > 2) {
+			if($argv[2] === 'force')
+				$force = true;
+			if($argv[2] === 'nopush')
+				$pushall = false;
+		}	
+
+		logger('directory update', LOGGER_DEBUG);
+
+		$dirmode = get_config('system','directory_mode');
+		if($dirmode === false)
+			$dirmode = DIRECTORY_MODE_NORMAL;
+
+		$x = q("select * from channel where channel_id = %d limit 1",
+			intval($argv[1])
+		);
+		if(! $x)
+			return;
+
+		$channel = $x[0];
+
+		if($dirmode != DIRECTORY_MODE_NORMAL) {
+
+			// this is an in-memory update and we don't need to send a network packet.
+
+			local_dir_update($argv[1],$force);
+
+			q("update channel set channel_dirdate = '%s' where channel_id = %d",
+				dbesc(datetime_convert()),
+				intval($channel['channel_id'])
+			);
+
+			// Now update all the connections
+			if($pushall) 
+				Master::Summon(array('Notifier','refresh_all',$channel['channel_id']));
+
+			return;
+		}
+
+		// otherwise send the changes upstream
+
+		$directory = find_upstream_directory($dirmode);
+		$url = $directory['url'] . '/post';
+
+		// ensure the upstream directory is updated
+
+		$packet = zot_build_packet($channel,(($force) ? 'force_refresh' : 'refresh'));
+		$z = zot_zot($url,$packet);
+
+		// re-queue if unsuccessful
+
+		if(! $z['success']) {
+
+			/** @FIXME we aren't updating channel_dirdate if we have to queue
+			 * the directory packet. That means we'll try again on the next poll run.
+			 */
+
+			$hash = random_string();
+
+			queue_insert(array(
+				'hash'       => $hash,
+				'account_id' => $channel['channel_account_id'],
+				'channel_id' => $channel['channel_id'],
+				'posturl'    => $url,
+				'notify'     => $packet,
+			));
+
+		}
+		else {
+			q("update channel set channel_dirdate = '%s' where channel_id = %d",
+				dbesc(datetime_convert()),
+				intval($channel['channel_id'])
+			);
+		}
+
+		// Now update all the connections
+		if($pushall)
+			Master::Summon(array('Notifier','refresh_all',$channel['channel_id']));
+
+	}
+}

Zotlabs/Daemon/Expire.php

@@ -0,0 +1,94 @@
+<?php
+
+namespace Zotlabs\Daemon;
+
+
+class Expire {
+
+	static public function run($argc,$argv){
+
+		cli_startup();
+
+		// perform final cleanup on previously delete items
+
+		$r = q("select id from item where item_deleted = 1 and item_pending_remove = 0 and changed < %s - INTERVAL %s",
+			db_utcnow(), db_quoteinterval('10 DAY')
+		);
+		if ($r) {
+			foreach ($r as $rr) {
+				drop_item($rr['id'], false, DROPITEM_PHASE2);
+			}
+		}
+
+		// physically remove anything that has been deleted for more than two months
+		/** @FIXME - this is a wretchedly inefficient query */
+
+		$r = q("delete from item where item_pending_remove = 1 and changed < %s - INTERVAL %s",
+			db_utcnow(), db_quoteinterval('36 DAY')
+		);
+
+		/** @FIXME make this optional as it could have a performance impact on large sites */
+
+		if (intval(get_config('system', 'optimize_items')))
+			q("optimize table item");
+
+		logger('expire: start', LOGGER_DEBUG);
+
+		$site_expire = intval(get_config('system', 'default_expire_days'));
+		$commented_days = intval(get_config('system','active_expire_days'));
+
+		logger('site_expire: ' . $site_expire);
+
+		$r = q("SELECT channel_id, channel_system, channel_address, channel_expire_days from channel where true");
+
+		if ($r) {
+			foreach ($r as $rr) {
+
+				// expire the sys channel separately
+				if (intval($rr['channel_system']))
+					continue;
+
+				// service class default (if non-zero) over-rides the site default
+
+				$service_class_expire = service_class_fetch($rr['channel_id'], 'expire_days');
+				if (intval($service_class_expire))
+					$channel_expire = $service_class_expire;
+				else
+					$channel_expire = $site_expire;
+	
+				if (intval($channel_expire) && (intval($channel_expire) < intval($rr['channel_expire_days'])) ||
+					intval($rr['channel_expire_days'] == 0)) {
+					$expire_days = $channel_expire;
+				} else {
+					$expire_days = $rr['channel_expire_days'];
+				}
+
+				// if the site or service class expiration is non-zero and less than person expiration, use that
+				logger('Expire: ' . $rr['channel_address'] . ' interval: ' . $expire_days, LOGGER_DEBUG);
+				item_expire($rr['channel_id'], $expire_days, $commented_days);
+			}
+		}
+
+		$x = get_sys_channel();
+		if ($x) {
+
+			// this should probably just fetch the channel_expire_days from the sys channel,
+			// but there's no convenient way to set it.
+
+			$expire_days = get_config('system', 'sys_expire_days');
+			if ($expire_days === false)
+				$expire_days = 30;
+
+			if (intval($site_expire) && (intval($site_expire) < intval($expire_days))) {
+				$expire_days = $site_expire;
+			}
+
+			logger('Expire: sys interval: ' . $expire_days, LOGGER_DEBUG);
+	
+			if ($expire_days)
+				item_expire($x['channel_id'], $expire_days, $commented_days);
+
+			logger('Expire: sys: done', LOGGER_DEBUG);
+		}
+	}
+}

Zotlabs/Daemon/Externals.php

@@ -0,0 +1,98 @@
+<?php /** @file */
+
+namespace Zotlabs\Daemon;
+
+require_once('include/zot.php');
+require_once('include/channel.php');
+
+
+class Externals {
+
+	static public function run($argc,$argv){
+
+		$total = 0;
+		$attempts = 0;
+
+		logger('externals: startup', LOGGER_DEBUG);
+
+		// pull in some public posts
+
+
+		while($total == 0 && $attempts < 3) {
+			$arr = array('url' => '');
+			call_hooks('externals_url_select',$arr);
+
+			if($arr['url']) {
+				$url = $arr['url'];
+			} 
+			else {
+				$randfunc = db_getfunc('RAND');
+
+				// fixme this query does not deal with directory realms. 
+
+				$r = q("select site_url, site_pull from site where site_url != '%s' and site_flags != %d and site_type = %d and site_dead = 0 order by $randfunc limit 1",
+					dbesc(z_root()),
+					intval(DIRECTORY_MODE_STANDALONE),
+					intval(SITE_TYPE_ZOT)
+				);
+				if($r)
+					$url = $r[0]['site_url'];
+			}
+
+			$blacklisted = false;
+
+			if(! check_siteallowed($url)) {
+				logger('blacklisted site: ' . $url);
+				$blacklisted = true;
+			}
+
+			$attempts ++;
+
+			// make sure we can eventually break out if somebody blacklists all known sites
+
+			if($blacklisted) {
+				if($attempts > 20)
+					break;
+				$attempts --;
+				continue;
+			}
+
+			if($url) {
+				if($r[0]['site_pull'] > NULL_DATE)
+					$mindate = urlencode(datetime_convert('','',$r[0]['site_pull'] . ' - 1 day'));
+				else {
+					$days = get_config('externals','since_days');
+					if($days === false)
+						$days = 15;
+					$mindate = urlencode(datetime_convert('','','now - ' . intval($days) . ' days'));
+				}
+
+				$feedurl = $url . '/zotfeed?f=&mindate=' . $mindate;
+
+				logger('externals: pulling public content from ' . $feedurl, LOGGER_DEBUG);
+
+				$x = z_fetch_url($feedurl);
+				if(($x) && ($x['success'])) {
+
+					q("update site set site_pull = '%s' where site_url = '%s'",
+						dbesc(datetime_convert()),
+						dbesc($url)
+					);
+
+					$j = json_decode($x['body'],true);
+					if($j['success'] && $j['messages']) {
+						$sys = get_sys_channel();
+						foreach($j['messages'] as $message) {
+							// on these posts, clear any route info. 
+							$message['route'] = '';
+							$results = process_delivery(array('hash' => 'undefined'), get_item_elements($message),
+								array(array('hash' => $sys['xchan_hash'])), false, true);
+							$total ++;
+						}
+						logger('externals: import_public_posts: ' . $total . ' messages imported', LOGGER_DEBUG);
+					}
+				}
+			}
+		}
+	}
+}

Zotlabs/Daemon/Gprobe.php

@@ -0,0 +1,33 @@
+<?php /** @file */
+
+namespace Zotlabs\Daemon;
+
+require_once('include/zot.php');
+
+// performs zot_finger on $argv[1], which is a hex_encoded webbie/reddress
+
+class Gprobe {
+	static public function run($argc,$argv) {
+
+		if($argc != 2)
+			return;
+
+		$url = hex2bin($argv[1]);
+
+		if(! strpos($url,'@'))
+			return;
+
+		$r = q("select * from hubloc where hubloc_addr = '%s' limit 1",
+			dbesc($url)
+		);
+
+		if(! $r) {
+			$j = \Zotlabs\Zot\Finger::run($url,null);
+			if($j['success']) {
+				$y = import_xchan($j);
+			}
+		}
+
+		return;
+	}
+}

Zotlabs/Daemon/Importdoc.php

@@ -0,0 +1,41 @@
+<?php
+
+namespace Zotlabs\Daemon;
+
+
+class Importdoc {
+
+	static public function run($argc,$argv) {
+
+		require_once('include/help.php');
+
+		self::update_docs_dir('doc/*');
+
+	}
+
+	static public function update_docs_dir($s) {
+		$f = basename($s);
+		$d = dirname($s);
+		if($s === 'doc/html')
+			return;
+		$files = glob("$d/$f");
+		if($files) {
+			foreach($files as $fi) {
+				if($fi === 'doc/html') {
+					continue;
+				}
+				if(is_dir($fi)) {
+					self::update_docs_dir("$fi/*");
+				}
+				else {
+					// don't update media content
+					if(strpos(z_mime_content_type($fi),'text') === 0) {
+						store_doc_file($fi);
+					}
+				}
+			}
+		}
+	}
+}
+
+

Zotlabs/Daemon/Importfile.php

@@ -0,0 +1,47 @@
+<?php /** @file */
+
+namespace Zotlabs\Daemon;
+
+class Importfile {
+
+	static public function run($argc,$argv){
+
+		logger('Importfile: ' . print_r($argv,true));
+
+		if($argc < 3)
+			return;
+
+		$channel = channelx_by_n($argv[1]);
+		if(! $channel)
+			return;
+
+		$srcfile = $argv[2];
+		$folder  = (($argc > 3) ? $argv[3] : '');
+		$dstname = (($argc > 4) ? $argv[4] : '');
+
+		$hash = random_string();
+
+		$arr = [
+			'src'               => $srcfile,
+			'filename'          => (($dstname) ? $dstname : basename($srcfile)),
+			'hash'              => $hash,
+			'allow_cid'         => $channel['channel_allow_cid'],
+			'allow_gid'         => $channel['channel_allow_gid'],
+			'deny_cid'          => $channel['channel_deny_cid'],
+			'deny_gid'          => $channel['channel_deny_gid'],
+			'preserve_original' => true,
+			'replace'           => true
+		];
+
+		if($folder)
+			$arr['folder'] = $folder;
+
+		attach_store($channel,$channel['channel_hash'],'import',$arr);
+
+		$sync = attach_export_data($channel,$hash);
+		if($sync)
+			build_sync_packet($channel['channel_id'],array('file' => array($sync)));
+	
+		return;
+	}
+}

Zotlabs/Daemon/Master.php

@@ -0,0 +1,30 @@
+<?php
+
+namespace Zotlabs\Daemon;
+
+if(array_search( __file__ , get_included_files()) === 0) {
+
+	require_once('include/cli_startup.php');
+	array_shift($argv);
+	$argc = count($argv);
+
+	if($argc)
+		Master::Release($argc,$argv);
+	killme();
+}
+
+
+
+class Master {
+
+	static public function Summon($arr) {
+		proc_run('php','Zotlabs/Daemon/Master.php',$arr);
+	}
+
+	static public function Release($argc,$argv) {
+		cli_startup();
+		logger('Master: release: ' . print_r($argv,true), LOGGER_ALL,LOG_DEBUG);
+		$cls = '\\Zotlabs\\Daemon\\' . $argv[0];
+		$cls::run($argc,$argv);
+	}	
+}

Zotlabs/Daemon/Notifier.php

@@ -0,0 +1,705 @@
+<?php /** @file */
+
+namespace Zotlabs\Daemon;
+
+require_once('include/queue_fn.php');
+require_once('include/html2plain.php');
+require_once('include/conversation.php');
+require_once('include/zot.php');
+require_once('include/items.php');
+require_once('include/bbcode.php');
+
+
+
+/*
+ * This file was at one time responsible for doing all deliveries, but this caused
+ * big problems on shared hosting systems, where the process might get killed by the 
+ * hosting provider and nothing would get delivered. 
+ * It now only delivers one message under certain cases, and invokes a queued
+ * delivery mechanism (include/deliver.php) to deliver individual contacts at 
+ * controlled intervals.
+ * This has a much better chance of surviving random processes getting killed
+ * by the hosting provider. 
+ *
+ * The basic flow is:
+ *   Identify the type of message
+ *   Collect any information that needs to be sent
+ *   Convert it into a suitable generic format for sending
+ *   Figure out who the recipients are and if we need to relay 
+ *       through a conversation owner
+ *   Once we know what recipients are involved, collect a list of 
+ *       destination sites
+ *   Build and store a queue item for each unique site and invoke
+ *       a delivery process for each site or a small number of sites (1-3)
+ *       and add a slight delay between each delivery invocation if desired (usually)
+ *   
+ */
+
+/*
+ * The notifier is typically called with:
+ *
+ *		Zotlabs\Daemon\Master::Summon(array('Notifier', COMMAND, ITEM_ID));
+ *
+ * where COMMAND is one of the following:
+ *
+ *		activity				(in diaspora.php, dfrn_confirm.php, profiles.php)
+ *		comment-import			(in diaspora.php, items.php)
+ *		comment-new				(in item.php)
+ *		drop					(in diaspora.php, items.php, photos.php)
+ *		edit_post				(in item.php)
+ *		event					(in events.php)
+ *		expire					(in items.php)
+ *		like					(in like.php, poke.php)
+ *		mail					(in message.php)
+ *		tag						(in photos.php, poke.php, tagger.php)
+ *		tgroup					(in items.php)
+ *		wall-new				(in photos.php, item.php)
+ *
+ * and ITEM_ID is the id of the item in the database that needs to be sent to others.
+ *
+ * ZOT 
+ *       permission_create      abook_id
+ *       permission_accept      abook_id
+ *       permission_reject      abook_id
+ *       permission_update      abook_id
+ *       refresh_all            channel_id
+ *       purge_all              channel_id
+ *       expire                 channel_id
+ *       relay					item_id (item was relayed to owner, we will deliver it as owner)
+ *       single_activity        item_id (deliver to a singleton network from the appropriate clone)
+ *       single_mail            mail_id (deliver to a singleton network from the appropriate clone)
+ *       location               channel_id
+ *       request                channel_id            xchan_hash             message_id
+ *       rating                 xlink_id
+ *       keychange              channel_id
+ *
+ */
+
+
+
+class Notifier {
+
+	static public function run($argc,$argv){
+
+		if($argc < 3)
+			return;
+
+		logger('notifier: invoked: ' . print_r($argv,true), LOGGER_DEBUG);
+
+		$cmd = $argv[1];
+
+		$item_id = $argv[2];
+
+		if(! $item_id)
+			return;
+
+		$sys = get_sys_channel();
+
+		$deliveries = array();
+
+		$request = false;
+		$mail = false;
+		$top_level = false;
+		$location  = false;
+		$recipients = array();
+		$url_recipients = array();
+		$normal_mode = true;
+		$packet_type = 'undefined';
+
+		if($cmd === 'mail' || $cmd === 'single_mail') {
+			$normal_mode = false;
+			$mail = true;
+			$private = true;
+			$message = q("SELECT * FROM mail WHERE id = %d LIMIT 1",
+					intval($item_id)
+			);
+			if(! $message) {
+				return;
+			}
+			xchan_mail_query($message[0]);
+			$uid = $message[0]['channel_id'];
+			$recipients[] = $message[0]['from_xchan']; // include clones
+			$recipients[] = $message[0]['to_xchan'];
+			$item = $message[0];
+
+			$encoded_item = encode_mail($item);
+
+			$s = q("select * from channel where channel_id = %d limit 1",
+				intval($item['channel_id'])
+			);
+			if($s)
+				$channel = $s[0];
+
+		}
+		elseif($cmd === 'request') {
+			$channel_id = $item_id;
+			$xchan = $argv[3];
+			$request_message_id = $argv[4];
+
+			$s = q("select * from channel where channel_id = %d limit 1",
+				intval($channel_id)
+			);
+			if($s)
+				$channel = $s[0];
+
+			$private = true;
+			$recipients[] = $xchan;
+			$packet_type = 'request';
+			$normal_mode = false;
+		}
+		elseif($cmd === 'keychange') {
+			$channel = channelx_by_n($item_id);
+			$r = q("select abook_xchan from abook where abook_channel = %d",
+				intval($item_id)
+			);
+			if($r) {
+				foreach($r as $rr) {
+					$recipients[] = $rr['abook_xchan'];
+				}
+			}
+			$private = false;
+			$packet_type = 'keychange';
+			$normal_mode = false;
+		}
+		elseif(in_array($cmd, [ 'permission_update', 'permission_reject', 'permission_accept', 'permission_create' ])) {
+			// Get the (single) recipient	
+			$r = q("select * from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d and abook_self = 0",
+				intval($item_id)
+			);
+			if($r) {
+				$uid = $r[0]['abook_channel'];
+				// Get the sender
+				$channel = channelx_by_n($uid);
+				if($channel) {
+					$perm_update = array('sender' => $channel, 'recipient' => $r[0], 'success' => false, 'deliveries' => '');	
+
+					if($cmd === 'permission_create')
+						call_hooks('permissions_create',$perm_update);
+					elseif($cmd === 'permission_accept')
+						call_hooks('permissions_accept',$perm_update);
+					elseif($cmd === 'permission_reject')
+						call_hooks('permissions_reject',$perm_update);
+					else
+						call_hooks('permissions_update',$perm_update);
+
+					if($perm_update['success']) {
+						if($perm_update['deliveries']) {
+							$deliveries[] = $perm_update['deliveries'];
+							do_delivery($deliveries);
+						}
+						return;				
+					}
+					else {
+						$recipients[] = $r[0]['abook_xchan'];
+						$private = false;
+						$packet_type = 'refresh';
+						$packet_recips = array(array('guid' => $r[0]['xchan_guid'],'guid_sig' => $r[0]['xchan_guid_sig'],'hash' => $r[0]['xchan_hash']));
+					}
+				}
+			}
+		}
+		elseif($cmd === 'refresh_all') {
+			logger('notifier: refresh_all: ' . $item_id);
+			$uid = $item_id;
+			$channel = channelx_by_n($item_id);
+			$r = q("select abook_xchan from abook where abook_channel = %d",
+				intval($item_id)
+			);
+			if($r) {
+				foreach($r as $rr) {
+					$recipients[] = $rr['abook_xchan'];
+				}
+			}
+			$private = false;
+			$packet_type = 'refresh';
+		}
+		elseif($cmd === 'location') {
+			logger('notifier: location: ' . $item_id);
+			$s = q("select * from channel where channel_id = %d limit 1",
+				intval($item_id)
+			);
+			if($s)
+				$channel = $s[0];
+			$uid = $item_id;
+			$recipients = array();
+			$r = q("select abook_xchan from abook where abook_channel = %d",
+				intval($item_id)
+			);
+			if($r) {
+				foreach($r as $rr) {
+					$recipients[] = $rr['abook_xchan'];
+				}
+			}
+
+			$encoded_item = array('locations' => zot_encode_locations($channel),'type' => 'location', 'encoding' => 'zot');
+			$target_item = array('aid' => $channel['channel_account_id'],'uid' => $channel['channel_id']);
+			$private = false;
+			$packet_type = 'location';
+			$location = true;
+		}
+		elseif($cmd === 'purge_all') {
+			logger('notifier: purge_all: ' . $item_id);
+			$s = q("select * from channel where channel_id = %d limit 1",
+				intval($item_id)
+			);
+			if($s)
+				$channel = $s[0];
+			$uid = $item_id;
+			$recipients = array();
+			$r = q("select abook_xchan from abook where abook_channel = %d and abook_self = 0",
+				intval($item_id)
+			);
+			if($r) {
+				foreach($r as $rr) {
+					$recipients[] = $rr['abook_xchan'];
+				}
+			}
+			$private = false;
+			$packet_type = 'purge';
+		}
+		else {
+
+			// Normal items
+
+			// Fetch the target item
+
+			$r = q("SELECT * FROM item WHERE id = %d and parent != 0 LIMIT 1",
+				intval($item_id)
+			);
+
+			if(! $r)
+				return;
+
+			xchan_query($r);
+
+			$r = fetch_post_tags($r);
+		
+			$target_item = $r[0];
+			$deleted_item = false;
+
+			if(intval($target_item['item_deleted'])) {
+				logger('notifier: target item ITEM_DELETED', LOGGER_DEBUG);
+				$deleted_item = true;
+			}
+
+			if(! in_array(intval($target_item['item_type']), [ ITEM_TYPE_POST ] )) {
+				logger('notifier: target item not forwardable: type ' . $target_item['item_type'], LOGGER_DEBUG);
+				return;
+			}
+
+			// Check for non published items, but allow an exclusion for transmitting hidden file activities
+
+			if(intval($target_item['item_unpublished']) || intval($target_item['item_delayed']) ||
+				intval($target_item['item_blocked']) || 
+				( intval($target_item['item_hidden']) && ($target_item['obj_type'] !== ACTIVITY_OBJ_FILE))) {
+				logger('notifier: target item not published, so not forwardable', LOGGER_DEBUG);
+				return;
+			}
+
+			if(strpos($target_item['postopts'],'nodeliver') !== false) {
+				logger('notifier: target item is undeliverable', LOGGER_DEBUG);
+				return;
+			}
+
+			$s = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_id = %d limit 1",
+				intval($target_item['uid'])
+			);
+			if($s)
+				$channel = $s[0];
+
+			if($channel['channel_hash'] !== $target_item['author_xchan'] && $channel['channel_hash'] !== $target_item['owner_xchan']) {
+				logger("notifier: Sending channel {$channel['channel_hash']} is not owner {$target_item['owner_xchan']} or author {$target_item['author_xchan']}", LOGGER_NORMAL, LOG_WARNING);
+				return;
+			}
+
+
+			if($target_item['mid'] === $target_item['parent_mid']) {
+				$parent_item = $target_item;
+				$top_level_post = true;
+			}
+			else {
+				// fetch the parent item
+				$r = q("SELECT * from item where id = %d order by id asc",
+					intval($target_item['parent'])
+				);
+
+				if(! $r)
+					return;
+
+				if(strpos($r[0]['postopts'],'nodeliver') !== false) {
+					logger('notifier: target item is undeliverable', LOGGER_DEBUG, LOG_NOTICE);
+					return;
+				}
+
+				xchan_query($r);
+				$r = fetch_post_tags($r);
+		
+				$parent_item = $r[0];
+				$top_level_post = false;
+			}
+
+			// avoid looping of discover items 12/4/2014
+
+			if($sys && $parent_item['uid'] == $sys['channel_id'])
+				return;
+
+			$encoded_item = encode_item($target_item);
+		
+			// Send comments to the owner to re-deliver to everybody in the conversation
+			// We only do this if the item in question originated on this site. This prevents looping.
+			// To clarify, a site accepting a new comment is responsible for sending it to the owner for relay.
+			// Relaying should never be initiated on a post that arrived from elsewhere.  
+
+			// We should normally be able to rely on ITEM_ORIGIN, but start_delivery_chain() incorrectly set this
+			// flag on comments for an extended period. So we'll also call comment_local_origin() which looks at
+			// the hostname in the message_id and provides a second (fallback) opinion. 
+
+			$relay_to_owner = (((! $top_level_post) && (intval($target_item['item_origin'])) && comment_local_origin($target_item)) ? true : false);
+
+
+
+			$uplink = false;
+
+			// $cmd === 'relay' indicates the owner is sending it to the original recipients
+			// don't allow the item in the relay command to relay to owner under any circumstances, it will loop
+
+			logger('notifier: relay_to_owner: ' . (($relay_to_owner) ? 'true' : 'false'), LOGGER_DATA, LOG_DEBUG);
+			logger('notifier: top_level_post: ' . (($top_level_post) ? 'true' : 'false'), LOGGER_DATA, LOG_DEBUG);
+
+			// tag_deliver'd post which needs to be sent back to the original author
+
+			if(($cmd === 'uplink') && intval($parent_item['item_uplink']) && (! $top_level_post)) {
+				logger('notifier: uplink');			
+				$uplink = true;
+			} 
+
+			if(($relay_to_owner || $uplink) && ($cmd !== 'relay')) {
+				logger('notifier: followup relay', LOGGER_DEBUG);
+				$recipients = array(($uplink) ? $parent_item['source_xchan'] : $parent_item['owner_xchan']);
+				$private = true;
+				if(! $encoded_item['flags'])
+					$encoded_item['flags'] = array();
+				$encoded_item['flags'][] = 'relay';
+				$upstream = true;
+			}
+			else {
+				logger('notifier: normal distribution', LOGGER_DEBUG);
+				if($cmd === 'relay')
+					logger('notifier: owner relay');
+				$upstream = false;
+				// if our parent is a tag_delivery recipient, uplink to the original author causing
+				// a delivery fork. 
+	
+				if(($parent_item) && intval($parent_item['item_uplink']) && (! $top_level_post) && ($cmd !== 'uplink')) {
+					// don't uplink a relayed post to the relay owner
+					if($parent_item['source_xchan'] !== $parent_item['owner_xchan']) {
+						logger('notifier: uplinking this item');
+						Master::Summon(array('Notifier','uplink',$item_id));
+					}
+				}
+
+				$private = false;
+				$recipients = collect_recipients($parent_item,$private);
+
+				// FIXME add any additional recipients such as mentions, etc.
+
+				// don't send deletions onward for other people's stuff
+				// TODO verify this is needed - copied logic from same place in old code
+
+				if(intval($target_item['item_deleted']) && (! intval($target_item['item_wall']))) {
+					logger('notifier: ignoring delete notification for non-wall item', LOGGER_NORMAL, LOG_NOTICE);
+					return;
+				}
+			}
+		}
+
+		$walltowall = (($top_level_post && $channel['xchan_hash'] === $target_item['author_xchan']) ? true : false); 
+
+		// Generic delivery section, we have an encoded item and recipients
+		// Now start the delivery process
+
+		$x = $encoded_item;
+		$x['title'] = 'private';
+		$x['body'] = 'private';
+		logger('notifier: encoded item: ' . print_r($x,true), LOGGER_DATA, LOG_DEBUG);
+
+		stringify_array_elms($recipients);
+		if(! $recipients) {
+			logger('no recipients');
+			return;
+		}
+
+		//	logger('notifier: recipients: ' . print_r($recipients,true), LOGGER_NORMAL, LOG_DEBUG);
+
+		$env_recips = (($private) ? array() : null);
+
+		$details = q("select xchan_hash, xchan_instance_url, xchan_network, xchan_addr, xchan_guid, xchan_guid_sig from xchan where xchan_hash in (" . protect_sprintf(implode(',',$recipients)) . ")");
+
+
+		$recip_list = array();
+
+		if($details) {
+			foreach($details as $d) {
+
+				$recip_list[] = $d['xchan_addr'] . ' (' . $d['xchan_hash'] . ')'; 
+				if($private) {
+					$env_recips[] = [
+						'guid'     => $d['xchan_guid'],
+						'guid_sig' => $d['xchan_guid_sig'],
+						'hash'     => $d['xchan_hash']
+					];
+				}
+			}
+		}
+
+
+		$narr = [
+			'channel'        => $channel,
+			'upstream'       => $upstream,
+			'env_recips'     => $env_recips,
+			'packet_recips'  => $packet_recips,
+			'recipients'     => $recipients,
+			'item'           => $item,
+			'target_item'    => $target_item,
+			'parent_item'    => $parent_item,
+			'top_level_post' => $top_level_post,
+			'private'        => $private,
+			'relay_to_owner' => $relay_to_owner,
+			'uplink'         => $uplink,
+			'cmd'            => $cmd,
+			'mail'           => $mail,
+			'single'         => (($cmd === 'single_mail' || $cmd === 'single_activity') ? true : false),
+			'location'       => $location,
+			'request'        => $request,
+			'normal_mode'    => $normal_mode,
+			'packet_type'    => $packet_type,
+			'walltowall'     => $walltowall,
+			'queued'         => []
+		];
+
+		call_hooks('notifier_process', $narr);
+		if($narr['queued']) {
+			foreach($narr['queued'] as $pq)
+				$deliveries[] = $pq;
+		}
+
+		// notifier_process can alter the recipient list
+
+		$recipients    = $narr['recipients'];
+		$env_recips    = $narr['env_recips'];
+		$packet_recips = $narr['packet_recips'];
+
+		if(($private) && (! $env_recips)) {
+			// shouldn't happen
+			logger('notifier: private message with no envelope recipients.' . print_r($argv,true), LOGGER_NORMAL, LOG_NOTICE);
+		}
+	
+		logger('notifier: recipients (may be delivered to more if public): ' . print_r($recip_list,true), LOGGER_DEBUG);
+	
+
+		// Now we have collected recipients (except for external mentions, FIXME)
+		// Let's reduce this to a set of hubs; checking that the site is not dead.
+
+		$r = q("select hubloc.*, site.site_crypto, site.site_flags from hubloc left join site on site_url = hubloc_url where hubloc_hash in (" . protect_sprintf(implode(',',$recipients)) . ") 
+			and hubloc_error = 0 and hubloc_deleted = 0 and ( site_dead = 0 OR site_dead is null ) "
+		);		
+ 
+
+		if(! $r) {
+			logger('notifier: no hubs', LOGGER_NORMAL, LOG_NOTICE);
+			return;
+		}
+
+		$hubs = $r;
+
+		/**
+		 * Reduce the hubs to those that are unique. For zot hubs, we need to verify uniqueness by the sitekey, 
+		 * since it may have been a re-install which has not yet been detected and pruned.
+		 * For other networks which don't have or require sitekeys, we'll have to use the URL
+		 */
+
+
+		$hublist = []; // this provides an easily printable list for the logs
+		$dhubs   = []; // delivery hubs where we store our resulting unique array
+		$keys    = []; // array of keys to check uniquness for zot hubs
+		$urls    = []; // array of urls to check uniqueness of hubs from other networks
+		$hub_env = []; // per-hub envelope so we don't broadcast the entire envelope to all
+
+		foreach($hubs as $hub) {
+
+			if($env_recips) {
+				foreach($env_recips as $er) {
+					if($hub['hubloc_hash'] === $er['hash']) {
+						if(! array_key_exists($hub['hubloc_host'] . $hub['hubloc_sitekey'], $hub_env)) {
+							$hub_env[$hub['hubloc_host'] . $hub['hubloc_sitekey']] = [];
+						}
+						$hub_env[$hub['hubloc_host'] . $hub['hubloc_sitekey']][] = $er;
+					}
+				}
+			}
+			
+
+			if($hub['hubloc_network'] == 'zot') {
+				if(! in_array($hub['hubloc_sitekey'],$keys)) {
+					$hublist[] = $hub['hubloc_host'] . ' ' . $hub['hubloc_network'];
+					$dhubs[]   = $hub;
+					$keys[]    = $hub['hubloc_sitekey'];
+				}
+			}
+			else {
+				if(! in_array($hub['hubloc_url'],$urls)) {
+					$hublist[] = $hub['hubloc_host'] . ' ' . $hub['hubloc_network'];
+					$dhubs[]   = $hub;
+					$urls[]    = $hub['hubloc_url'];
+				}
+			}
+		}
+
+		logger('notifier: will notify/deliver to these hubs: ' . print_r($hublist,true), LOGGER_DEBUG, LOG_DEBUG);
+
+		foreach($dhubs as $hub) {
+
+			if($hub['hubloc_network'] !== 'zot') {
+				$narr = [
+					'channel'        => $channel,
+					'upstream'       => $upstream,
+					'env_recips'     => $env_recips,
+					'packet_recips'  => $packet_recips,
+					'recipients'     => $recipients,
+					'item'           => $item,
+					'target_item'    => $target_item,
+					'parent_item'    => $parent_item,
+					'hub'            => $hub,
+					'top_level_post' => $top_level_post,
+					'private'        => $private,
+					'relay_to_owner' => $relay_to_owner,
+					'uplink'         => $uplink,
+					'cmd'            => $cmd,
+					'mail'           => $mail,
+					'single'         => (($cmd === 'single_mail' || $cmd === 'single_activity') ? true : false),
+					'location'       => $location,
+					'request'        => $request,
+					'normal_mode'    => $normal_mode,
+					'packet_type'    => $packet_type,
+					'walltowall'     => $walltowall,
+					'queued'         => []
+				];
+
+
+				call_hooks('notifier_hub',$narr);
+				if($narr['queued']) {
+					foreach($narr['queued'] as $pq)
+						$deliveries[] = $pq;
+				}
+				continue;
+
+			}
+
+			// singleton deliveries by definition 'not got zot'.
+            // Single deliveries are other federated networks (plugins) and we're essentially
+			// delivering only to those that have this site url in their abook_instance
+			// and only from within a sync operation. This means if you post from a clone,
+			// and a connection is connected to one of your other clones; assuming that hub
+			// is running it will receive a sync packet. On receipt of this sync packet it
+			// will invoke a delivery to those connections which are connected to just that
+			// hub instance.
+
+			if($cmd === 'single_mail' || $cmd === 'single_activity') {
+				continue;
+			}
+
+			// default: zot protocol
+
+			$hash   = random_string();
+			$packet = null;
+			$pmsg   = '';
+
+			if($packet_type === 'refresh' || $packet_type === 'purge') {
+				$packet = zot_build_packet($channel,$packet_type,(($packet_recips) ? $packet_recips : null));
+			}
+			if($packet_type === 'keychange') {
+				$pmsg = get_pconfig($channel['channel_id'],'system','keychange');
+				$packet = zot_build_packet($channel,$packet_type,(($packet_recips) ? $packet_recips : null));
+			}
+			elseif($packet_type === 'request') {
+				$env = (($hub_env && $hub_env[$hub['hubloc_host'] . $hub['hubloc_sitekey']]) ? $hub_env[$hub['hubloc_host'] . $hub['hubloc_sitekey']] : '');
+				$packet = zot_build_packet($channel,$packet_type,$env,$hub['hubloc_sitekey'],$hub['site_crypto'],
+					$hash, array('message_id' => $request_message_id)
+				);
+			}
+
+			if($packet) {
+				queue_insert(array(
+					'hash'       => $hash,
+					'account_id' => $channel['channel_account_id'],
+					'channel_id' => $channel['channel_id'],
+					'posturl'    => $hub['hubloc_callback'],
+					'notify'     => $packet,
+					'msg'        => (($pmsg) ? json_encode($pmsg) : '')
+				));
+			}
+			else {
+				$env = (($hub_env && $hub_env[$hub['hubloc_host'] . $hub['hubloc_sitekey']]) ? $hub_env[$hub['hubloc_host'] . $hub['hubloc_sitekey']] : '');
+
+				// currently zot6 delivery is only performed on normal items and not sync items or mail or anything else
+				// Eventually we will do this for all deliveries, but for now ensure this is precisely what we are dealing 
+				// with before switching to zot6 as the primary zot6 handler checks for the existence of a message delivery report
+				// to trigger dequeue'ing
+
+				$z6 = (($encoded_item && $encoded_item['type'] === 'activity' && (! array_key_exists('allow_cid',$encoded_item))) ? true : false);
+				if($z6) {
+					$packet = zot6_build_packet($channel,'notify',$env, json_encode($encoded_item), (($private) ? $hub['hubloc_sitekey'] : null), $hub['site_crypto'],$hash);
+				}
+				else {
+					$packet = zot_build_packet($channel,'notify',$env, (($private) ? $hub['hubloc_sitekey'] : null), $hub['site_crypto'],$hash);
+
+				}	
+
+				queue_insert(
+					[
+						'hash'       => $hash,
+						'account_id' => $target_item['aid'],
+						'channel_id' => $target_item['uid'],
+						'posturl'    => $hub['hubloc_callback'],
+						'notify'     => $packet,
+						'msg'        => json_encode($encoded_item)
+					]
+				);
+
+				// only create delivery reports for normal undeleted items
+				if(is_array($target_item) && array_key_exists('postopts',$target_item) && (! $target_item['item_deleted']) && (! get_config('system','disable_dreport'))) {
+					q("insert into dreport ( dreport_mid, dreport_site, dreport_recip, dreport_result, dreport_time, dreport_xchan, dreport_queue ) values ( '%s','%s','%s','%s','%s','%s','%s' ) ",
+						dbesc($target_item['mid']),
+						dbesc($hub['hubloc_host']),
+						dbesc($hub['hubloc_host']),
+						dbesc('queued'),
+						dbesc(datetime_convert()),
+						dbesc($channel['channel_hash']),
+						dbesc($hash)
+					);
+				}
+			}
+
+			$deliveries[] = $hash;	
+		}
+	
+		if($normal_mode) {
+			$x = q("select * from hook where hook = 'notifier_normal'");
+			if($x) {
+				Master::Summon( [ 'Deliver_hooks', $target_item['id'] ] );
+			}
+		}
+
+		if($deliveries)
+			do_delivery($deliveries);
+
+		logger('notifier: basic loop complete.', LOGGER_DEBUG);
+
+		call_hooks('notifier_end',$target_item);
+
+		logger('notifer: complete.');
+		return;
+
+	}
+}
+

Zotlabs/Daemon/Onedirsync.php

@@ -0,0 +1,76 @@
+<?php /** @file */
+
+namespace Zotlabs\Daemon;
+
+require_once('include/zot.php');
+require_once('include/dir_fns.php');
+
+
+class Onedirsync {
+
+	static public function run($argc,$argv) {
+
+		logger('onedirsync: start ' . intval($argv[1]));
+	
+		if(($argc > 1) && (intval($argv[1])))
+			$update_id = intval($argv[1]);
+
+		if(! $update_id) {
+			logger('onedirsync: no update');
+			return;
+		}
+	
+		$r = q("select * from updates where ud_id = %d limit 1",
+			intval($update_id)
+		);
+
+		if(! $r)
+			return;
+		if(($r[0]['ud_flags'] & UPDATE_FLAGS_UPDATED) || (! $r[0]['ud_addr']))
+			return;
+
+		// Have we probed this channel more recently than the other directory server
+		// (where we received this update from) ?
+		// If we have, we don't need to do anything except mark any older entries updated
+
+		$x = q("select * from updates where ud_addr = '%s' and ud_date > '%s' and ( ud_flags & %d )>0 order by ud_date desc limit 1",
+			dbesc($r[0]['ud_addr']),
+			dbesc($r[0]['ud_date']),
+			intval(UPDATE_FLAGS_UPDATED)
+		);
+		if($x) {
+			$y = q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and ( ud_flags & %d ) = 0 and ud_date != '%s'",
+				intval(UPDATE_FLAGS_UPDATED),
+				dbesc($r[0]['ud_addr']),
+				intval(UPDATE_FLAGS_UPDATED),
+				dbesc($x[0]['ud_date'])
+			);
+			return;
+		}
+
+		// ignore doing an update if this ud_addr refers to a known dead hubloc
+
+		$h = q("select * from hubloc where hubloc_addr = '%s' limit 1",
+			dbesc($r[0]['ud_addr'])
+		);
+		if(($h) && ($h[0]['hubloc_status'] & HUBLOC_OFFLINE)) {
+			$y = q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and ( ud_flags & %d ) = 0 ",
+				intval(UPDATE_FLAGS_UPDATED),
+				dbesc($r[0]['ud_addr']),
+				intval(UPDATE_FLAGS_UPDATED)
+			);
+
+			return;
+		}
+
+		// we might have to pull this out some day, but for now update_directory_entry() 
+		// runs zot_finger() and is kind of zot specific
+
+		if($h && $h[0]['hubloc_network'] !== 'zot')
+			return;
+
+		update_directory_entry($r[0]);		
+
+		return;
+	}
+}

Zotlabs/Daemon/Onepoll.php

@@ -0,0 +1,179 @@
+<?php /** @file */
+
+namespace Zotlabs\Daemon;
+
+require_once('include/zot.php');
+require_once('include/socgraph.php');
+
+
+class Onepoll {
+
+	static public function run($argc,$argv) {
+
+		logger('onepoll: start');
+	
+		if(($argc > 1) && (intval($argv[1])))
+			$contact_id = intval($argv[1]);
+
+		if(! $contact_id) {
+			logger('onepoll: no contact');
+			return;
+		}
+
+		$d = datetime_convert();
+
+		$contacts = q("SELECT abook.*, xchan.*, account.*
+			FROM abook LEFT JOIN account on abook_account = account_id left join xchan on xchan_hash = abook_xchan 
+			where abook_id = %d
+			and abook_pending = 0 and abook_archived = 0 and abook_blocked = 0 and abook_ignored = 0
+			AND (( account_flags = %d ) OR ( account_flags = %d )) limit 1",
+			intval($contact_id),
+			intval(ACCOUNT_OK),
+			intval(ACCOUNT_UNVERIFIED)
+		);	
+
+		if(! $contacts) {
+			logger('onepoll: abook_id not found: ' . $contact_id);
+			return;
+		}
+
+		$contact = $contacts[0];
+
+		$t = $contact['abook_updated'];
+
+		$importer_uid = $contact['abook_channel'];
+		
+		$r = q("SELECT * from channel left join xchan on channel_hash = xchan_hash where channel_id = %d limit 1",
+			intval($importer_uid)
+		);
+
+		if(! $r)
+			return;
+
+		$importer = $r[0];
+
+		logger("onepoll: poll: ({$contact['id']}) IMPORTER: {$importer['xchan_name']}, CONTACT: {$contact['xchan_name']}");
+
+		$last_update = ((($contact['abook_updated'] === $contact['abook_created']) || ($contact['abook_updated'] <= NULL_DATE))	
+			? datetime_convert('UTC','UTC','now - 7 days')
+			: datetime_convert('UTC','UTC',$contact['abook_updated'] . ' - 2 days')
+		);
+
+		if($contact['xchan_network'] === 'rss') {
+			logger('onepoll: processing feed ' . $contact['xchan_name'], LOGGER_DEBUG);
+			handle_feed($importer['channel_id'],$contact_id,$contact['xchan_hash']);
+			q("update abook set abook_connected = '%s' where abook_id = %d",
+				dbesc(datetime_convert()),
+				intval($contact['abook_id'])
+			);
+			return;
+		}
+	
+		if($contact['xchan_network'] !== 'zot')
+			return;
+
+		// update permissions
+
+		$x = zot_refresh($contact,$importer);
+
+		$responded = false;
+		$updated   = datetime_convert();
+		$connected = datetime_convert();
+		if(! $x) {
+			// mark for death by not updating abook_connected, this is caught in include/poller.php
+			q("update abook set abook_updated = '%s' where abook_id = %d",
+				dbesc($updated),
+				intval($contact['abook_id'])
+			);
+		}
+		else {
+			q("update abook set abook_updated = '%s', abook_connected = '%s' where abook_id = %d",
+				dbesc($updated),
+				dbesc($connected),
+				intval($contact['abook_id'])
+			);
+			$responded = true;
+		}
+
+		if(! $responded)
+			return;
+
+		if($contact['xchan_connurl']) {
+			$fetch_feed = true;
+			$x = null;
+
+			// They haven't given us permission to see their stream
+
+			$can_view_stream = intval(get_abconfig($importer_uid,$contact['abook_xchan'],'their_perms','view_stream'));
+
+			if(! $can_view_stream)
+				$fetch_feed = false;
+
+			// we haven't given them permission to send us their stream
+
+			$can_send_stream = intval(get_abconfig($importer_uid,$contact['abook_xchan'],'my_perms','send_stream'));
+			
+			if(! $can_send_stream)
+				$fetch_feed = false;
+
+			if($fetch_feed) {
+
+				if(strpos($contact['xchan_connurl'],z_root()) === 0) {
+					// local channel - save a network fetch
+					$c = channelx_by_hash($contact['xchan_hash']);
+					if($c) {
+						$x = [ 
+							'success' => true, 
+							'body' => json_encode( [ 
+								'success' => true,
+								'messages' => zot_feed($c['channel_id'], $importer['xchan_hash'], [ 'mindate' => $last_update ])
+							])
+						];
+					}
+				}
+				else {
+					// remote fetch	
+
+					$feedurl = str_replace('/poco/','/zotfeed/',$contact['xchan_connurl']);		
+					$feedurl .= '?f=&mindate=' . urlencode($last_update) . '&zid=' . $importer['channel_address'] . '@' . \App::get_hostname();
+					$recurse = 0;
+					$x = z_fetch_url($feedurl, false, $recurse, [ 'session' => true ]);
+				}
+
+				logger('feed_update: ' . print_r($x,true), LOGGER_DATA);
+			}
+
+			if(($x) && ($x['success'])) {
+				$total = 0;
+				logger('onepoll: feed update ' . $contact['xchan_name'] . ' ' . $feedurl);
+
+				$j = json_decode($x['body'],true);
+				if($j['success'] && $j['messages']) {
+					foreach($j['messages'] as $message) {
+						$results = process_delivery(array('hash' => $contact['xchan_hash']), get_item_elements($message),
+							array(array('hash' => $importer['xchan_hash'])), false);
+						logger('onepoll: feed_update: process_delivery: ' . print_r($results,true), LOGGER_DATA);
+						$total ++;
+					}
+					logger("onepoll: $total messages processed");
+				}
+			}
+		}
+			
+
+		// update the poco details for this connection
+
+		if($contact['xchan_connurl']) {	
+			$r = q("SELECT xlink_id from xlink 
+				where xlink_xchan = '%s' and xlink_updated > %s - INTERVAL %s and xlink_static = 0 limit 1",
+				intval($contact['xchan_hash']),
+				db_utcnow(), db_quoteinterval('1 DAY')
+			);
+			if(! $r) {
+				poco_load($contact['xchan_hash'],$contact['xchan_connurl']);
+			}
+		}
+
+		return;
+	}
+}

Zotlabs/Daemon/Poller.php

@@ -0,0 +1,206 @@
+<?php /** @file */
+
+namespace Zotlabs\Daemon;
+
+class Poller {
+
+	static public function run($argc,$argv) {
+
+		$maxsysload = intval(get_config('system','maxloadavg'));
+		if($maxsysload < 1)
+			$maxsysload = 50;
+		if(function_exists('sys_getloadavg')) {
+			$load = sys_getloadavg();
+			if(intval($load[0]) > $maxsysload) {
+				logger('system: load ' . $load . ' too high. Poller deferred to next scheduled run.');
+				return;
+			}
+		}
+
+		$interval = intval(get_config('system','poll_interval'));
+		if(! $interval) 
+			$interval = ((get_config('system','delivery_interval') === false) ? 3 : intval(get_config('system','delivery_interval')));
+
+		// Check for a lockfile.  If it exists, but is over an hour old, it's stale.  Ignore it.
+		$lockfile = 'store/[data]/poller';
+		if((file_exists($lockfile)) && (filemtime($lockfile) > (time() - 3600)) 
+			&& (! get_config('system','override_poll_lockfile'))) {
+			logger("poller: Already running");
+			return;
+		}
+	
+		// Create a lockfile.  Needs two vars, but $x doesn't need to contain anything.
+		file_put_contents($lockfile, $x);
+
+		logger('poller: start');
+	
+		$manual_id  = 0;
+		$generation = 0;
+
+		$force      = false;
+		$restart    = false;
+
+		if(($argc > 1) && ($argv[1] == 'force'))
+			$force = true;
+
+		if(($argc > 1) && ($argv[1] == 'restart')) {
+			$restart = true;
+			$generation = intval($argv[2]);
+			if(! $generation)
+				killme();		
+		}
+
+		if(($argc > 1) && intval($argv[1])) {
+			$manual_id = intval($argv[1]);
+			$force     = true;
+		}
+
+
+		$sql_extra = (($manual_id) ? " AND abook_id = " . intval($manual_id) . " " : "");
+
+		reload_plugins();
+
+		$d = datetime_convert();
+
+		// Only poll from those with suitable relationships
+
+		$abandon_sql = (($abandon_days) 
+			? sprintf(" AND account_lastlog > %s - INTERVAL %s ", db_utcnow(), db_quoteinterval(intval($abandon_days).' DAY')) 
+			: '' 
+		);
+
+		$randfunc = db_getfunc('RAND');
+	
+		$contacts = q("SELECT abook.abook_updated, abook.abook_connected, abook.abook_feed,
+			abook.abook_channel, abook.abook_id, abook.abook_archived, abook.abook_pending,
+			abook.abook_ignored, abook.abook_blocked,
+			xchan.xchan_network,
+			account.account_lastlog, account.account_flags 
+			FROM abook LEFT JOIN xchan on abook_xchan = xchan_hash 
+			LEFT JOIN account on abook_account = account_id
+			where abook_self = 0
+			$sql_extra 
+			AND (( account_flags = %d ) OR ( account_flags = %d )) $abandon_sql ORDER BY $randfunc",
+			intval(ACCOUNT_OK),
+			intval(ACCOUNT_UNVERIFIED)     // FIXME
+		);
+
+		if($contacts) {
+
+			foreach($contacts as $contact) {
+
+				$update  = false;
+
+				$t = $contact['abook_updated'];
+				$c = $contact['abook_connected'];
+
+				if(intval($contact['abook_feed'])) {
+					$min = service_class_fetch($contact['abook_channel'],'minimum_feedcheck_minutes');
+					if(! $min)
+						$min = intval(get_config('system','minimum_feedcheck_minutes'));
+					if(! $min)
+						$min = 60;
+					$x = datetime_convert('UTC','UTC',"now - $min minutes");
+					if($c < $x) {
+						Master::Summon(array('Onepoll',$contact['abook_id']));
+						if($interval)
+							@time_sleep_until(microtime(true) + (float) $interval);
+					}
+					continue;
+				}
+
+
+				if($contact['xchan_network'] !== 'zot')
+					continue;
+
+				if($c == $t) {
+					if(datetime_convert('UTC','UTC', 'now') > datetime_convert('UTC','UTC', $t . " + 1 day"))
+						$update = true;
+				}
+				else {
+	
+					// if we've never connected with them, start the mark for death countdown from now
+	
+					if($c <= NULL_DATE) {
+						$r = q("update abook set abook_connected = '%s'  where abook_id = %d",
+							dbesc(datetime_convert()),
+							intval($contact['abook_id'])
+						);
+						$c = datetime_convert();
+						$update = true;
+					}
+
+					// He's dead, Jim
+
+					if(strcmp(datetime_convert('UTC','UTC', 'now'),datetime_convert('UTC','UTC', $c . " + 30 day")) > 0) {	
+						$r = q("update abook set abook_archived = 1 where abook_id = %d",
+							intval($contact['abook_id'])
+						);
+						$update = false;
+						continue;
+					}
+
+					if(intval($contact['abook_archived'])) {
+						$update = false;
+						continue;
+					}
+
+					// might be dead, so maybe don't poll quite so often
+	
+					// recently deceased, so keep up the regular schedule for 3 days
+ 
+					if((strcmp(datetime_convert('UTC','UTC', 'now'),datetime_convert('UTC','UTC', $c . " + 3 day")) > 0)
+					 && (strcmp(datetime_convert('UTC','UTC', 'now'),datetime_convert('UTC','UTC', $t . " + 1 day")) > 0))
+						$update = true;
+
+					// After that back off and put them on a morphine drip
+
+					if(strcmp(datetime_convert('UTC','UTC', 'now'),datetime_convert('UTC','UTC', $t . " + 2 day")) > 0) {	
+						$update = true;
+					}
+
+				}
+
+				if(intval($contact['abook_pending']) || intval($contact['abook_archived']) || intval($contact['abook_ignored']) || intval($contact['abook_blocked']))
+					continue;
+
+				if((! $update) && (! $force))
+						continue;
+
+				Master::Summon(array('Onepoll',$contact['abook_id']));
+				if($interval)
+					@time_sleep_until(microtime(true) + (float) $interval);
+
+			}
+		}
+
+		if($dirmode == DIRECTORY_MODE_SECONDARY || $dirmode == DIRECTORY_MODE_PRIMARY) {
+			$r = q("SELECT u.ud_addr, u.ud_id, u.ud_last FROM updates AS u INNER JOIN (SELECT ud_addr, max(ud_id) AS ud_id FROM updates WHERE ( ud_flags & %d ) = 0 AND ud_addr != '' AND ( ud_last <= '%s' OR ud_last > %s - INTERVAL %s ) GROUP BY ud_addr) AS s ON s.ud_id = u.ud_id ",
+				intval(UPDATE_FLAGS_UPDATED),
+				dbesc(NULL_DATE),
+				db_utcnow(), db_quoteinterval('7 DAY')
+			);
+			if($r) {
+				foreach($r as $rr) {
+
+					// If they didn't respond when we attempted before, back off to once a day
+					// After 7 days we won't bother anymore
+
+					if($rr['ud_last'] > NULL_DATE)
+						if($rr['ud_last'] > datetime_convert('UTC','UTC', 'now - 1 day'))
+							continue;
+					Master::Summon(array('Onedirsync',$rr['ud_id']));
+					if($interval)
+						@time_sleep_until(microtime(true) + (float) $interval);
+				}
+			}
+		}	
+
+		set_config('system','lastpoll',datetime_convert());
+
+		//All done - clear the lockfile	
+		@unlink($lockfile);
+
+		return;
+	}
+}

Zotlabs/Daemon/Queue.php

@@ -0,0 +1,76 @@
+<?php /** @file */
+
+namespace Zotlabs\Daemon;
+
+require_once('include/queue_fn.php');
+require_once('include/zot.php');
+
+class Queue {
+
+	static public function run($argc,$argv) {
+
+		require_once('include/items.php');
+		require_once('include/bbcode.php');
+
+
+		if($argc > 1)
+			$queue_id = $argv[1];
+		else
+			$queue_id = EMPTY_STR;
+
+		logger('queue: start');
+
+		// delete all queue items more than 3 days old
+		// but first mark these sites dead if we haven't heard from them in a month
+
+		$r = q("select outq_posturl from outq where outq_created < %s - INTERVAL %s",
+			db_utcnow(), db_quoteinterval('3 DAY')
+		);
+		if($r) {
+			foreach($r as $rr) {
+				$site_url = '';
+				$h = parse_url($rr['outq_posturl']);
+				$desturl = $h['scheme'] . '://' . $h['host'] . (($h['port']) ? ':' . $h['port'] : '');
+				q("update site set site_dead = 1 where site_dead = 0 and site_url = '%s' and site_update < %s - INTERVAL %s",
+					dbesc($desturl),
+					db_utcnow(), db_quoteinterval('1 MONTH')
+				);
+			}
+		}
+
+		$r = q("DELETE FROM outq WHERE outq_created < %s - INTERVAL %s",
+			db_utcnow(), db_quoteinterval('3 DAY')
+		);
+
+		if($queue_id) {
+			$r = q("SELECT * FROM outq WHERE outq_hash = '%s' LIMIT 1",
+				dbesc($queue_id)
+			);
+		}
+		else {
+
+			// For the first 12 hours we'll try to deliver every 15 minutes
+			// After that, we'll only attempt delivery once per hour. 
+			// This currently only handles the default queue drivers ('zot' or '') which we will group by posturl 
+			// so that we don't start off a thousand deliveries for a couple of dead hubs.
+			// The zot driver will deliver everything destined for a single hub once contact is made (*if* contact is made).
+			// Other drivers will have to do something different here and may need their own query.
+	
+			// Note: this requires some tweaking as new posts to long dead hubs once a day will keep them in the 
+			// "every 15 minutes" category. We probably need to prioritise them when inserted into the queue
+			// or just prior to this query based on recent and long-term delivery history. If we have good reason to believe
+			// the site is permanently down, there's no reason to attempt delivery at all, or at most not more than once 
+			// or twice a day. 
+	
+			$r = q("SELECT * FROM outq WHERE outq_delivered = 0 and outq_scheduled < %s ",
+				db_utcnow()
+			);
+		}
+		if(! $r)
+			return;
+
+		foreach($r as $rv) {
+			queue_deliver($rv);
+		}
+	}
+}

Zotlabs/Daemon/README.md

@@ -0,0 +1,43 @@
+Daemon (background) Processes
+=============================
+
+
+This directory provides background tasks which are executed by a 
+command-line process and detached from normal web processing.
+
+Background tasks are invoked by calling
+
+
+	Zotlabs\Daemon\Master::Summon([ $cmd, $arg1, $argn... ]); 
+
+The Master class loads the desired command file and passes the arguments.
+
+
+To create a background task 'Foo' use the following template.
+
+	<?php
+	
+	namespace Zotlabs\Daemon;
+	
+	class Foo {
+	
+		static public function run($argc,$argv) {
+			// do something
+		}
+	}
+
+
+The Master class "summons" the command by creating an executable script
+from the provided arguments, then it invokes "Release" to execute the script
+detached from web processing. This process calls the static::run() function
+with any command line arguments using the traditional argc, argv format. 
+
+Please note: These are *real* $argc, $argv variables passed from the command
+line, and not the parsed argc() and argv() functions/variables which were 
+obtained from parsing path components of the request URL by web processes.
+
+Background processes do not emit displayable output except through logs. They 
+should also not make any assumptions about their HTML and web environment 
+(as they do not have a web environment), particularly with respect to global
+variables such as $_SERVER, $_REQUEST, $_GET, $_POST, $_COOKIES, and $_SESSION.
+

Zotlabs/Daemon/Ratenotif.php

@@ -0,0 +1,121 @@
+<?php
+
+namespace Zotlabs\Daemon;
+
+require_once('include/zot.php');
+require_once('include/queue_fn.php');
+
+
+class Ratenotif {
+
+	static public function run($argc,$argv) {
+
+		require_once("datetime.php");
+		require_once('include/items.php');
+
+		if($argc < 3)
+			return;
+
+
+		logger('ratenotif: invoked: ' . print_r($argv,true), LOGGER_DEBUG);
+
+		$cmd = $argv[1];
+
+		$item_id = $argv[2];
+
+
+		if($cmd === 'rating') {
+			$r = q("select * from xlink where xlink_id = %d and xlink_static = 1 limit 1",
+				intval($item_id)
+			);
+			if(! $r) {
+				logger('rating not found');
+				return;
+			}
+
+			$encoded_item = array(
+				'type' => 'rating', 
+				'encoding' => 'zot',
+				'target' => $r[0]['xlink_link'],
+				'rating' => intval($r[0]['xlink_rating']),
+				'rating_text' => $r[0]['xlink_rating_text'],
+				'signature' => $r[0]['xlink_sig'],
+				'edited' => $r[0]['xlink_updated']
+			);
+		}
+
+		$channel = channelx_by_hash($r[0]['xlink_xchan']);
+		if(! $channel) {
+			logger('no channel');
+			return;
+		}
+
+
+		$primary = get_directory_primary();
+	
+		if(! $primary)
+			return;
+
+
+		$interval = ((get_config('system','delivery_interval') !== false) 
+			? intval(get_config('system','delivery_interval')) : 2 );
+
+		$deliveries_per_process = intval(get_config('system','delivery_batch_count'));
+
+		if($deliveries_per_process <= 0)
+			$deliveries_per_process = 1;
+
+		$deliver = array();
+
+		$x = z_fetch_url($primary . '/regdir');
+		if($x['success']) {
+			$j = json_decode($x['body'],true);
+			if($j && $j['success'] && is_array($j['directories'])) {
+
+				foreach($j['directories'] as $h) {
+					if($h == z_root())
+						continue;
+
+					$hash = random_string();
+					$n = zot_build_packet($channel,'notify',null,null,'',$hash);
+
+					queue_insert(array(
+						'hash'       => $hash,
+						'account_id' => $channel['channel_account_id'],
+						'channel_id' => $channel['channel_id'],
+						'posturl'    => $h . '/post',
+						'notify'     => $n,
+						'msg'        => json_encode($encoded_item)
+					));
+
+
+					$x = q("select count(outq_hash) as total from outq where outq_delivered = 0");
+					if(intval($x[0]['total']) > intval(get_config('system','force_queue_threshold',300))) {
+						logger('immediate delivery deferred.', LOGGER_DEBUG, LOG_INFO);
+						update_queue_item($hash);
+						continue;
+					}
+
+					$deliver[] = $hash;
+	
+					if(count($deliver) >= $deliveries_per_process) {
+						Master::Summon(array('Deliver',$deliver));
+						$deliver = array();
+						if($interval)
+							@time_sleep_until(microtime(true) + (float) $interval);
+					}
+				}
+	
+				// catch any stragglers
+	
+				if(count($deliver)) {
+					Master::Summon(array('Deliver',$deliver));
+				}
+			}
+		}
+		
+		logger('ratenotif: complete.');
+		return;
+
+	}
+}

Zotlabs/Daemon/Thumbnail.php

@@ -0,0 +1,78 @@
+<?php /** @file */
+
+namespace Zotlabs\Daemon;
+
+
+class Thumbnail {
+
+	static public function run($argc,$argv) {
+
+		if(! $argc == 2)
+			return;
+
+		$c = q("select * from attach where hash = '%s' ",
+			dbesc($argv[1])
+		);
+
+		if(! $c)
+			return;
+
+		$attach = $c[0];
+
+		$preview_style   = intval(get_config('system','thumbnail_security',0));
+		$preview_width   = intval(get_config('system','thumbnail_width',300));
+		$preview_height  = intval(get_config('system','thumbnail_height',300));
+
+		$p = [
+			'attach'         => $attach,
+			'preview_style'  => $preview_style,
+			'preview_width'  => $preview_width,
+			'preview_height' => $preview_height,
+			'thumbnail' => null
+		];
+
+		/**
+		 * @hooks thumbnail
+		 *  * \e array \b attach
+		 *  * \e int \b preview_style
+		 *  * \e int \b preview_width
+		 *  * \e int \b preview_height
+		 *  * \e string \b thumbnail
+		 */
+
+		call_hooks('thumbnail',$p);
+		if($p['thumbnail']) {
+			return;
+		}
+
+
+		$default_controller = null;
+		
+		$files = glob('Zotlabs/Thumbs/*.php');
+		if($files) {
+			foreach($files as $f) {
+				$clsname = '\\Zotlabs\\Thumbs\\' . ucfirst(basename($f,'.php'));
+				if(class_exists($clsname)) {
+					$x = new $clsname();
+					if(method_exists($x,'Match')) {
+						$matched = $x->Match($attach['filetype']);
+						if($matched) {
+							$x->Thumb($attach,$preview_style,$preview_width,$preview_height);
+						}
+					}
+					if(method_exists($x,'MatchDefault')) {
+						$default_matched = $x->MatchDefault(substr($attach['filetype'],0,strpos($attach['filetype'],'/')));
+						if($default_matched) {
+							$default_controller = $x;
+						}
+					}
+				}
+			}
+		}
+		if(($default_controller) 
+			&& ((! file_exists(dbunescbin($attach['content']) . '.thumb')) 
+				|| (filectime(dbunescbin($attach['content']) . 'thumb') < (time() - 60)))) {
+			$default_controller->Thumb($attach,$preview_style,$preview_width,$preview_height);
+		}
+	}
+}

Zotlabs/Extend/Hook.php

@@ -0,0 +1,122 @@
+<?php
+
+namespace Zotlabs\Extend;
+
+use App;
+
+/**
+ * @brief Hook class.
+ *
+ */
+class Hook {
+
+	static public function register($hook,$file,$function,$version = 1,$priority = 0) {
+		if(is_array($function)) {
+			$function = serialize($function);
+		}
+
+		$r = q("SELECT * FROM hook WHERE hook = '%s' AND file = '%s' AND fn = '%s' and priority = %d and hook_version = %d LIMIT 1",
+			dbesc($hook),
+			dbesc($file),
+			dbesc($function),
+			intval($priority),
+			intval($version)
+		);
+		if($r)
+			return true;
+
+		// To aid in upgrade and transition, remove old settings for any registered hooks that match in all respects except
+		// for priority or hook_version
+
+		$r = q("DELETE FROM hook where hook = '%s' and file = '%s' and fn = '%s'",
+			dbesc($hook),
+			dbesc($file),
+			dbesc($function)
+		);
+
+		$r = q("INSERT INTO hook (hook, file, fn, priority, hook_version) VALUES ( '%s', '%s', '%s', %d, %d )",
+			dbesc($hook),
+			dbesc($file),
+			dbesc($function),
+			intval($priority),
+			intval($version)
+		);
+
+		return $r;
+	}
+
+	static public function register_array($file,$arr) {
+		if($arr) {
+			foreach($arr as $k => $v) {
+				self::register($k,$file,$v);
+			}
+		}
+	}
+
+
+	static public function unregister($hook,$file,$function,$version = 1,$priority = 0) {
+		if(is_array($function)) {
+			$function = serialize($function);
+		}
+		$r = q("DELETE FROM hook WHERE hook = '%s' AND file = '%s' AND fn = '%s' and priority = %d and hook_version = %d",
+			dbesc($hook),
+			dbesc($file),
+			dbesc($function),
+			intval($priority),
+			intval($version)
+		);
+
+		return $r;
+	}
+
+	/**
+	 * @brief Unregister all hooks with this file component.
+	 *
+	 * Useful for addon upgrades where you want to clean out old interfaces.
+	 *
+	 * @param string $file
+	 */
+	static public function unregister_by_file($file) {
+		$r = q("DELETE FROM hook WHERE file = '%s' ",
+			dbesc($file)
+		);
+
+		return $r;
+	}
+
+	/**
+	 * @brief Inserts a hook into a page request.
+	 *
+	 * Insert a short-lived hook into the running page request.
+	 * Hooks are normally persistent so that they can be called
+	 * across asynchronous processes such as delivery and poll
+	 * processes.
+	 *
+	 * insert_hook lets you attach a hook callback immediately
+	 * which will not persist beyond the life of this page request
+	 * or the current process.
+	 *
+	 * @param string $hook
+	 *     name of hook to attach callback
+	 * @param string $fn
+	 *     function name of callback handler
+	 * @param int $version
+	 *     hook interface version, 0 uses two callback params, 1 uses one callback param
+	 * @param int $priority
+	 *     currently not implemented in this function, would require the hook array to be resorted
+	 */
+	static public function insert($hook, $fn, $version = 0, $priority = 0) {
+		if(is_array($fn)) {
+			$fn = serialize($fn);
+		}
+
+		if(! is_array(App::$hooks))
+			App::$hooks = array();
+
+		if(! array_key_exists($hook, App::$hooks))
+			App::$hooks[$hook] = array();
+
+		App::$hooks[$hook][] = array('', $fn, $priority, $version);
+	}
+
+}

Zotlabs/Identity/BasicId.php

@@ -0,0 +1,18 @@
+<?php
+
+namespace Zotlabs\Identity\BasicId;
+
+class BasicId {
+
+	private $name;
+	private $profile_photo;
+	private $profile_url;
+	private $address;
+	private $protocol;
+
+
+
+
+
+}
+

Zotlabs/Identity/OAuth2Server.php

@@ -0,0 +1,34 @@
+<?php
+
+namespace Zotlabs\Identity;
+
+class OAuth2Server extends \OAuth2\Server {
+
+	public function __construct(OAuth2Storage $storage, $config = []) {
+
+		if(! is_array($config)) {
+			$config = [
+				'use_openid_connect' => true,
+				'issuer' => \Zotlabs\Lib\System::get_site_name()
+			];
+		}
+
+		parent::__construct($storage, $config);
+
+		// Add the "Client Credentials" grant type (it is the simplest of the grant types)
+		$this->addGrantType(new \OAuth2\GrantType\ClientCredentials($storage));
+
+		// Add the "Authorization Code" grant type (this is where the oauth magic happens)
+		$this->addGrantType(new \OAuth2\GrantType\AuthorizationCode($storage));
+
+		$keyStorage = new \OAuth2\Storage\Memory( [
+			'keys' => [
+				'public_key'  => get_config('system', 'pubkey'),
+				'private_key' => get_config('system', 'prvkey')
+			]
+		]);
+
+		$this->addStorage($keyStorage, 'public_key');
+	}
+
+}

Zotlabs/Identity/OAuth2Storage.php

@@ -0,0 +1,81 @@
+<?php
+
+namespace Zotlabs\Identity;
+
+
+class OAuth2Storage extends \OAuth2\Storage\Pdo {
+
+    /**
+     * @param string $username
+     * @param string $password
+     * @return bool
+     */
+    public function checkUserCredentials($username, $password)
+    {
+        if ($user = $this->getUser($username)) {
+            return $this->checkPassword($user, $password);
+        }
+
+        return false;
+    }
+
+    /**
+     * @param string $username
+     * @return array|bool
+     */
+    public function getUserDetails($username)
+    {
+        return $this->getUser($username);
+    }
+
+
+    /**
+     *
+     * @param array $user
+     * @param string $password
+     * @return bool
+     */
+    protected function checkPassword($user, $password)
+    {
+
+		$x = account_verify_password($user,$password);
+		return((array_key_exists('channel',$x) && ! empty($x['channel'])) ? true : false);
+
+    }
+
+    /**
+     * @param string $username
+     * @return array|bool
+     */
+    public function getUser($username)
+    {
+
+		$x = channelx_by_nick($username);
+		if(! $x) {
+			return false;
+		}
+
+		return( [
+			'username'  => $x['channel_address'],
+			'user_id'   => $x['channel_id'],
+			'firstName' => $x['channel_name'],
+			'lastName'  => '',
+			'password'  => 'NotARealPassword'
+		] );
+    }
+
+    /**
+     * plaintext passwords are bad!  Override this for your application
+     *
+     * @param string $username
+     * @param string $password
+     * @param string $firstName
+     * @param string $lastName
+     * @return bool
+     */
+    public function setUser($username, $password, $firstName = null, $lastName = null)
+    {
+        return true;
+    }
+
+}

Zotlabs/Identity/ProfilePhoto.php

@@ -0,0 +1,16 @@
+<?php
+namespace Zotlabs\Identity\ProfilePhoto;
+
+class ProfilePhoto {
+
+	private $photo_large_url;
+	private $photo_medium_url;
+	private $photo_small_url;
+	private $photo_mimetype;
+	private $photo_updated;
+
+
+
+
+}
+

Zotlabs/Lib/AConfig.php

@@ -0,0 +1,25 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+// account configuration storage is built on top of the under-utilised xconfig
+
+class AConfig {
+
+	static public function Load($account_id) {
+		return XConfig::Load('a_' . $account_id);
+	}
+
+	static public function Get($account_id,$family,$key,$default = false) {
+		return XConfig::Get('a_' . $account_id,$family,$key, $default);
+	}
+
+	static public function Set($account_id,$family,$key,$value) {
+		return XConfig::Set('a_' . $account_id,$family,$key,$value);
+	}
+
+	static public function Delete($account_id,$family,$key) {
+		return XConfig::Delete('a_' . $account_id,$family,$key);
+	}
+
+}

Zotlabs/Lib/AbConfig.php

@@ -0,0 +1,75 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+
+class AbConfig {
+
+	static public function Load($chan,$xhash,$family = '') {
+		if($family)
+			$where = sprintf(" and cat = '%s' ",dbesc($family));
+		$r = q("select * from abconfig where chan = %d and xchan = '%s' $where",
+			intval($chan),
+			dbesc($xhash)
+		);
+		return $r;
+	}
+
+
+	static public function Get($chan,$xhash,$family,$key, $default = false) {
+		$r = q("select * from abconfig where chan = %d and xchan = '%s' and cat = '%s' and k = '%s' limit 1",
+			intval($chan),
+			dbesc($xhash),
+			dbesc($family),
+			dbesc($key)		
+		);
+		if($r) {
+			return ((preg_match('|^a:[0-9]+:{.*}$|s', $r[0]['v'])) ? unserialize($r[0]['v']) : $r[0]['v']);
+		}
+		return $default;
+	}
+
+
+	static public function Set($chan,$xhash,$family,$key,$value) {
+
+		$dbvalue = ((is_array($value))  ? serialize($value) : $value);
+		$dbvalue = ((is_bool($dbvalue)) ? intval($dbvalue)  : $dbvalue);
+
+		if(self::Get($chan,$xhash,$family,$key) === false) {
+			$r = q("insert into abconfig ( chan, xchan, cat, k, v ) values ( %d, '%s', '%s', '%s', '%s' ) ",
+				intval($chan),
+				dbesc($xhash),
+				dbesc($family),
+				dbesc($key),
+				dbesc($dbvalue)		
+			);
+		}
+		else {
+			$r = q("update abconfig set v = '%s' where chan = %d and xchan = '%s' and cat = '%s' and k = '%s' ",
+				dbesc($dbvalue),		
+				dbesc($chan),
+				dbesc($xhash),
+				dbesc($family),
+				dbesc($key)
+			);
+		}
+	
+		if($r)
+			return $value;
+		return false;
+	}
+
+
+	static public function Delete($chan,$xhash,$family,$key) {
+
+		$r = q("delete from abconfig where chan = %d and xchan = '%s' and cat = '%s' and k = '%s' ",
+			intval($chan),
+			dbesc($xhash),
+			dbesc($family),
+			dbesc($key)
+		);
+
+		return $r;
+	}
+
+}

Zotlabs/Lib/ActivityStreams.php

@@ -0,0 +1,276 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+/**
+ * @brief ActivityStreams class.
+ *
+ * Parses an ActivityStream JSON string.
+ */
+class ActivityStreams {
+
+	public $raw    = null;
+	public $data;
+	public $valid  = false;
+	public $id     = '';
+	public $type   = '';
+	public $actor  = null;
+	public $obj    = null;
+	public $tgt    = null;
+	public $origin = null;
+	public $owner  = null;
+	public $signer = null;
+	public $ldsig  = null;
+	public $sigok  = false;
+	public $recips = null;
+	public $raw_recips = null;
+
+	/**
+	 * @brief Constructor for ActivityStreams.
+	 *
+	 * Takes a JSON string as parameter, decodes it and sets up this object.
+	 *
+	 * @param string $string
+	 */
+	function __construct($string) {
+
+		$this->raw  = $string;
+		$this->data = json_decode($string, true);
+
+		if($this->data) {
+			$this->valid = true;
+		}
+
+		if($this->is_valid()) {
+			$this->id     = $this->get_property_obj('id');
+			$this->type   = $this->get_primary_type();
+			$this->actor  = $this->get_compound_property('actor');
+			$this->obj    = $this->get_compound_property('object');
+			$this->tgt    = $this->get_compound_property('target');
+			$this->origin = $this->get_compound_property('origin');
+			$this->recips = $this->collect_recips();
+
+			$this->ldsig = $this->get_compound_property('signature');
+			if($this->ldsig) {
+				$this->signer = $this->get_compound_property('creator',$this->ldsig);
+				if($this->signer && $this->signer['publicKey'] && $this->signer['publicKey']['publicKeyPem']) {
+					$this->sigok = \Zotlabs\Lib\LDSignatures::verify($this->data,$this->signer['publicKey']['publicKeyPem']);
+				}
+			}
+
+			if(($this->type === 'Note') && (! $this->obj)) {
+				$this->obj = $this->data;
+				$this->type = 'Create';
+			}
+		}
+	}
+
+	/**
+	 * @brief Return if instantiated ActivityStream is valid.
+	 *
+	 * @return boolean Return true if the JSON string could be decoded.
+	 */
+	function is_valid() {
+		return $this->valid;
+	}
+
+	function set_recips($arr) {
+		$this->saved_recips = $arr;
+	}
+
+	/**
+	 * @brief Collects all recipients.
+	 *
+	 * @param string $base
+	 * @param string $namespace (optional) default empty
+	 * @return array
+	 */
+	function collect_recips($base = '', $namespace = '') {
+		$x = [];
+		$fields = [ 'to', 'cc', 'bto', 'bcc', 'audience'];
+		foreach($fields as $f) {
+			$y = $this->get_compound_property($f, $base, $namespace);
+			if($y) {
+				$x = array_merge($x, $y);
+				if(! is_array($this->raw_recips))
+					$this->raw_recips = [];
+
+				$this->raw_recips[$f] = $x;
+			}
+		}
+// not yet ready for prime time
+//		$x = $this->expand($x,$base,$namespace);
+		return $x;
+	}
+
+	function expand($arr,$base = '',$namespace = '') {
+		$ret = [];
+
+		// right now use a hardwired recursion depth of 5
+
+		for($z = 0; $z < 5; $z ++) {
+			if(is_array($arr) && $arr) {
+				foreach($arr as $a) {
+					if(is_array($a)) {
+						$ret[] = $a;
+					}
+					else {
+						$x = $this->get_compound_property($a,$base,$namespace);
+						if($x) {
+							$ret = array_merge($ret,$x);
+						}
+					}
+				}
+			}
+		}
+
+		/// @fixme de-duplicate
+
+		return $ret;
+	}
+
+	/**
+	 * @brief
+	 *
+	 * @param array $base
+	 * @param string $namespace if not set return empty string
+	 * @return string|NULL
+	 */
+	function get_namespace($base, $namespace) {
+
+		if(! $namespace)
+			return '';
+
+		$key = null;
+
+		foreach( [ $this->data, $base ] as $b ) {
+			if(! $b)
+				continue;
+
+			if(array_key_exists('@context', $b)) {
+				if(is_array($b['@context'])) {
+					foreach($b['@context'] as $ns) {
+						if(is_array($ns)) {
+							foreach($ns as $k => $v) {
+								if($namespace === $v)
+									$key = $k;
+							}
+						}
+						else {
+							if($namespace === $ns) {
+								$key = '';
+							}
+						}
+					}
+				}
+				else {
+					if($namespace === $b['@context']) {
+						$key = '';
+					}
+				}
+			}
+		}
+
+		return $key;
+	}
+
+	/**
+	 * @brief
+	 *
+	 * @param string $property
+	 * @param array $base (optional)
+	 * @param string $namespace (optional) default empty
+	 * @return NULL|mixed
+	 */
+	function get_property_obj($property, $base = '', $namespace = '') {
+		$prefix = $this->get_namespace($base, $namespace);
+		if($prefix === null)
+			return null;
+
+		$base = (($base) ? $base : $this->data);
+		$propname = (($prefix) ? $prefix . ':' : '') . $property;
+
+		return ((array_key_exists($propname, $base)) ? $base[$propname] : null);
+	}
+
+	/**
+	 * @brief Fetches a property from an URL.
+	 *
+	 * @param string $url
+	 * @return NULL|mixed
+	 */
+	function fetch_property($url) {
+		$redirects = 0;
+		if(! check_siteallowed($url)) {
+			logger('blacklisted: ' . $url);
+			return null;
+		}
+
+		$x = z_fetch_url($url, true, $redirects,
+			['headers' => [ 'Accept: application/activity+json, application/ld+json; profile="https://www.w3.org/ns/activitystreams"' ]]);
+		if($x['success'])
+			return json_decode($x['body'], true);
+
+		return null;
+	}
+
+	/**
+	 * @brief
+	 *
+	 * @param string $property
+	 * @param array $base
+	 * @param string $namespace (optional) default empty
+	 * @return NULL|mixed
+	 */
+	function get_compound_property($property, $base = '', $namespace = '') {
+		$x = $this->get_property_obj($property, $base, $namespace);
+		if($this->is_url($x)) {
+			$x = $this->fetch_property($x);
+		}
+
+		return $x;
+	}
+
+	/**
+	 * @brief Check if string starts with http.
+	 *
+	 * @param string $url
+	 * @return boolean
+	 */
+	function is_url($url) {
+		if(($url) && (! is_array($url)) && (strpos($url, 'http') === 0)) {
+			return true;
+		}
+
+		return false;
+	}
+
+	/**
+	 * @brief Gets the type property.
+	 *
+	 * @param array $base
+	 * @param string $namespace (optional) default empty
+	 * @return NULL|mixed
+	 */
+	function get_primary_type($base = '', $namespace = '') {
+		if(! $base)
+			$base = $this->data;
+
+		$x = $this->get_property_obj('type', $base, $namespace);
+		if(is_array($x)) {
+			foreach($x as $y) {
+				if(strpos($y, ':') === false) {
+					return $y;
+				}
+			}
+		}
+
+		return $x;
+	}
+
+	function debug() {
+		$x = var_export($this, true);
+		return $x;
+	}
+
+}

Zotlabs/Lib/Api_router.php

@@ -0,0 +1,24 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+
+class Api_router {
+
+	static private $routes = array();
+
+	static function register($path,$fn,$auth_required) {
+		self::$routes[$path] = [ 'func' => $fn, 'auth' => $auth_required ];
+	}
+
+	static function find($path) {
+		if(array_key_exists($path,self::$routes))
+			return self::$routes[$path];
+		return null;
+	}
+
+	static function dbg() {
+		return self::$routes;
+	}
+
+}

Zotlabs/Lib/Cache.php

@@ -0,0 +1,51 @@
+<?php /** @file */
+
+namespace Zotlabs\Lib;
+
+	/**
+	 *  cache api
+	 */
+	 
+class Cache {
+	public static function get($key) {
+
+		$hash = hash('whirlpool',$key);
+
+		$r = q("SELECT v FROM cache WHERE k = '%s' limit 1",
+			dbesc($hash)
+		);
+			
+		if ($r)
+			return $r[0]['v'];
+		return null;
+	}
+		
+	public static function set($key,$value) {
+
+		$hash = hash('whirlpool',$key);
+
+		$r = q("SELECT * FROM cache WHERE k = '%s' limit 1",
+			dbesc($hash)
+		);
+		if($r) {
+			q("UPDATE cache SET v = '%s', updated = '%s' WHERE k = '%s'",
+				dbesc($value),
+				dbesc(datetime_convert()),
+				dbesc($hash));
+		}
+		else {
+			q("INSERT INTO cache ( k, v, updated) VALUES ('%s','%s','%s')",
+				dbesc($hash),
+				dbesc($value),
+				dbesc(datetime_convert()));
+		}
+	}
+
+		
+	public static function clear() {
+		q("DELETE FROM cache WHERE updated < '%s'",
+			dbesc(datetime_convert('UTC','UTC',"now - 30 days")));			
+	}
+		
+}
+	 

Zotlabs/Lib/Chatroom.php

@@ -0,0 +1,275 @@
+<?php
+namespace Zotlabs\Lib;
+
+/**
+ * @brief A class with chatroom related static methods.
+ */
+class Chatroom {
+	/**
+	 * @brief Creates a chatroom.
+	 *
+	 * @param array $channel
+	 * @param array $arr
+	 * @return array An associative array containing:
+	 *   * \e boolean \b success - A boolean success status
+	 *   * \e string \b message - (optional) A string
+	 */
+	static public function create($channel, $arr) {
+
+		$ret = array('success' => false);
+
+		$name = trim($arr['name']);
+		if(! $name) {
+			$ret['message'] = t('Missing room name');
+			return $ret;
+		}
+
+		$r = q("select cr_id from chatroom where cr_uid = %d and cr_name = '%s' limit 1",
+			intval($channel['channel_id']),
+			dbesc($name)
+		);
+		if($r) {
+			$ret['message'] = t('Duplicate room name');
+			return $ret;
+		}
+
+		$r = q("select count(cr_id) as total from chatroom where cr_aid = %d",
+			intval($channel['channel_account_id'])
+		);
+		if($r)
+			$limit = service_class_fetch($channel['channel_id'], 'chatrooms');
+
+		if(($r) && ($limit !== false) && ($r[0]['total'] >= $limit)) {
+			$ret['message'] = upgrade_message();
+			return $ret;
+		}
+
+		if(! array_key_exists('expire', $arr))
+			$arr['expire'] = 120;  // minutes, e.g. 2 hours
+
+		$created = datetime_convert();
+
+		$x = q("insert into chatroom ( cr_aid, cr_uid, cr_name, cr_created, cr_edited, cr_expire, allow_cid, allow_gid, deny_cid, deny_gid )
+			values ( %d, %d , '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s' ) ",
+			intval($channel['channel_account_id']),
+			intval($channel['channel_id']),
+			dbesc($name),
+			dbesc($created),
+			dbesc($created),
+			intval($arr['expire']),
+			dbesc($arr['allow_cid']),
+			dbesc($arr['allow_gid']),
+			dbesc($arr['deny_cid']),
+			dbesc($arr['deny_gid'])
+		);
+
+		if($x)
+			$ret['success'] = true;
+
+		return $ret;
+	}
+
+
+	static public function destroy($channel,$arr) {
+
+		$ret = array('success' => false);
+
+		if(intval($arr['cr_id']))
+			$sql_extra = " and cr_id = " . intval($arr['cr_id']) . " ";
+		elseif(trim($arr['cr_name']))
+			$sql_extra = " and cr_name = '" . protect_sprintf(dbesc(trim($arr['cr_name']))) . "' ";
+		else {
+			$ret['message'] = t('Invalid room specifier.');
+			return $ret;
+		}
+
+		$r = q("select * from chatroom where cr_uid = %d $sql_extra limit 1",
+			intval($channel['channel_id'])
+		);
+		if(! $r) {
+			$ret['message'] = t('Invalid room specifier.');
+			return $ret;
+		}
+
+		build_sync_packet($channel['channel_id'],array('chatroom' => $r));
+
+		q("delete from chatroom where cr_id = %d",
+			intval($r[0]['cr_id'])
+		);
+		if($r[0]['cr_id']) {
+			q("delete from chatpresence where cp_room = %d",
+				intval($r[0]['cr_id'])
+			);
+			q("delete from chat where chat_room = %d",
+				intval($r[0]['cr_id'])
+			);
+		}
+
+		$ret['success'] = true;
+		return $ret;
+	}
+
+
+	static public function enter($observer_xchan, $room_id, $status, $client) {
+
+		if(! $room_id || ! $observer_xchan)
+			return;
+
+		$r = q("select * from chatroom where cr_id = %d limit 1",
+			intval($room_id)
+		);
+		if(! $r) {
+			notice( t('Room not found.') . EOL);
+			return false;
+		}
+		require_once('include/security.php');
+		$sql_extra = permissions_sql($r[0]['cr_uid']);
+
+		$x = q("select * from chatroom where cr_id = %d and cr_uid = %d $sql_extra limit 1",
+			intval($room_id),
+			intval($r[0]['cr_uid'])
+		);
+		if(! $x) {
+			notice( t('Permission denied.') . EOL);
+			return false;
+		}
+
+		$limit = service_class_fetch($r[0]['cr_uid'], 'chatters_inroom');
+		if($limit !== false) {
+			$y = q("select count(*) as total from chatpresence where cp_room = %d",
+				intval($room_id)
+			);
+			if($y && $y[0]['total'] > $limit) {
+				notice( t('Room is full') . EOL);
+				return false;
+			}
+		}
+
+		if(intval($x[0]['cr_expire'])) {
+			$r = q("delete from chat where created < %s - INTERVAL %s and chat_room = %d",
+				db_utcnow(),
+				db_quoteinterval( intval($x[0]['cr_expire']) . ' MINUTE' ),
+				intval($x[0]['cr_id'])
+			);
+		}
+
+		$r = q("select * from chatpresence where cp_xchan = '%s' and cp_room = %d limit 1",
+			dbesc($observer_xchan),
+			intval($room_id)
+		);
+		if($r) {
+			q("update chatpresence set cp_last = '%s' where cp_id = %d and cp_client = '%s'",
+				dbesc(datetime_convert()),
+				intval($r[0]['cp_id']),
+				dbesc($client)
+			);
+			return true;
+		}
+
+		$r = q("insert into chatpresence ( cp_room, cp_xchan, cp_last, cp_status, cp_client )
+			values ( %d, '%s', '%s', '%s', '%s' )",
+			intval($room_id),
+			dbesc($observer_xchan),
+			dbesc(datetime_convert()),
+			dbesc($status),
+			dbesc($client)
+		);
+
+		return $r;
+	}
+
+
+	function leave($observer_xchan, $room_id, $client) {
+		if(! $room_id || ! $observer_xchan)
+			return;
+
+		$r = q("select * from chatpresence where cp_xchan = '%s' and cp_room = %d and cp_client = '%s' limit 1",
+			dbesc($observer_xchan),
+			intval($room_id),
+			dbesc($client)
+		);
+		if($r) {
+			q("delete from chatpresence where cp_id = %d",
+				intval($r[0]['cp_id'])
+			);
+		}
+
+		return true;
+	}
+
+
+	static public function roomlist($uid) {
+		require_once('include/security.php');
+		$sql_extra = permissions_sql($uid);
+
+		$r = q("select allow_cid, allow_gid, deny_cid, deny_gid, cr_name, cr_expire, cr_id, count(cp_id) as cr_inroom from chatroom left join chatpresence on cr_id = cp_room where cr_uid = %d $sql_extra group by cr_name, cr_id order by cr_name",
+			intval($uid)
+		);
+
+		return $r;
+	}
+
+	static public function list_count($uid) {
+		require_once('include/security.php');
+		$sql_extra = permissions_sql($uid);
+
+		$r = q("select count(*) as total from chatroom where cr_uid = %d $sql_extra",
+			intval($uid)
+		);
+
+		return $r[0]['total'];
+	}
+
+	/**
+	 * @brief Create a chat message via API.
+	 *
+	 * It is the caller's responsibility to enter the room.
+	 *
+	 * @param int $uid
+	 * @param int $room_id
+	 * @param string $xchan
+	 * @param string $text
+	 * @return array
+	 */
+	static public function message($uid, $room_id, $xchan, $text) {
+
+		$ret = array('success' => false);
+
+		if(! $text)
+			return;
+
+		$sql_extra = permissions_sql($uid);
+
+		$r = q("select * from chatroom where cr_uid = %d and cr_id = %d $sql_extra",
+			intval($uid),
+			intval($room_id)
+		);
+		if(! $r)
+			return $ret;
+
+		$arr = [
+			'chat_room' => $room_id,
+			'chat_xchan' => $xchan,
+			'chat_text' => $text
+		];
+		/**
+		 * @hooks chat_message
+		 *   Called to create a chat message.
+		 *   * \e int \b chat_room
+		 *   * \e string \b chat_xchan
+		 *   * \e string \b chat_text
+		 */
+		call_hooks('chat_message', $arr);
+
+		$x = q("insert into chat ( chat_room, chat_xchan, created, chat_text )
+			values( %d, '%s', '%s', '%s' )",
+			intval($room_id),
+			dbesc($xchan),
+			dbesc(datetime_convert()),
+			dbesc(str_rot47(base64url_encode($arr['chat_text'])))
+		);
+
+		$ret['success'] = true;
+		return $ret;
+	}
+}

Zotlabs/Lib/Config.php

@@ -0,0 +1,165 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+
+class Config {
+
+	/**
+	 * @brief Loads the hub's configuration from database to a cached storage.
+	 *
+	 * Retrieve a category ($family) of config variables from database to a cached
+	 * storage in the global App::$config[$family].
+	 *
+	 * @param string $family
+	 *  The category of the configuration value
+	 */
+	static public function Load($family) {
+		if(! array_key_exists($family, \App::$config))
+			\App::$config[$family] = array();
+
+		if(! array_key_exists('config_loaded', \App::$config[$family])) {
+			$r = q("SELECT * FROM config WHERE cat = '%s'", dbesc($family));
+			if($r !== false) {
+				if($r) {
+					foreach($r as $rr) {
+						$k = $rr['k'];
+						\App::$config[$family][$k] = $rr['v'];
+					}
+				}
+				\App::$config[$family]['config_loaded'] = true;
+			}
+		}
+	}
+
+	/**
+	 * @brief Sets a configuration value for the hub.
+	 *
+	 * Stores a config value ($value) in the category ($family) under the key ($key).
+	 *
+	 * @param string $family
+	 *  The category of the configuration value
+	 * @param string $key
+	 *  The configuration key to set
+	 * @param mixed $value
+	 *  The value to store in the configuration
+	 * @return mixed
+	 *  Return the set value, or false if the database update failed
+	 */
+	static public function Set($family, $key, $value) {
+		// manage array value
+		$dbvalue = ((is_array($value))  ? serialize($value) : $value);
+		$dbvalue = ((is_bool($dbvalue)) ? intval($dbvalue)  : $dbvalue);
+
+		if(self::Get($family, $key) === false || (! self::get_from_storage($family, $key))) {
+			$ret = q("INSERT INTO config ( cat, k, v ) VALUES ( '%s', '%s', '%s' ) ",
+				dbesc($family),
+				dbesc($key),
+				dbesc($dbvalue)
+			);
+			if($ret) {
+				\App::$config[$family][$key] = $value;
+				$ret = $value;
+			}
+			return $ret;
+		}
+
+		$ret = q("UPDATE config SET v = '%s' WHERE cat = '%s' AND k = '%s'",
+			dbesc($dbvalue),
+			dbesc($family),
+			dbesc($key)
+		);
+
+		if($ret) {
+			\App::$config[$family][$key] = $value;
+			$ret = $value;
+		}
+
+		return $ret;
+	}
+
+	/**
+	 * @brief Get a particular config variable given the category name ($family)
+	 * and a key.
+	 *
+	 * Get a particular config variable from the given category ($family) and the
+	 * $key from a cached storage in App::$config[$family]. If a key is found in the
+	 * DB but does not exist in local config cache, pull it into the cache so we
+	 * do not have to hit the DB again for this item.
+	 *
+	 * Returns false if not set.
+	 *
+	 * @param string $family
+	 *  The category of the configuration value
+	 * @param string $key
+	 *  The configuration key to query
+	 * @param string $default (optional) default false
+	 * @return mixed Return value or false on error or if not set
+	 */
+	static public function Get($family, $key, $default = false) {
+		if((! array_key_exists($family, \App::$config)) || (! array_key_exists('config_loaded', \App::$config[$family])))
+			self::Load($family);
+
+		if(array_key_exists('config_loaded', \App::$config[$family])) {
+			if(! array_key_exists($key, \App::$config[$family])) {
+				return $default;
+			}
+			return ((! is_array(\App::$config[$family][$key])) && (preg_match('|^a:[0-9]+:{.*}$|s', \App::$config[$family][$key]))
+				? unserialize(\App::$config[$family][$key])
+				: \App::$config[$family][$key]
+			);
+		}
+
+		return $default;
+	}
+
+	/**
+	 * @brief Deletes the given key from the hub's configuration database.
+	 *
+	 * Removes the configured value from the stored cache in App::$config[$family]
+	 * and removes it from the database.
+	 *
+	 * @param string $family
+	 *  The category of the configuration value
+	 * @param string $key
+	 *  The configuration key to delete
+	 * @return mixed
+	 */
+	static public function Delete($family, $key) {
+
+		$ret = false;
+
+		if(array_key_exists($family, \App::$config) && array_key_exists($key, \App::$config[$family]))
+			unset(\App::$config[$family][$key]);
+
+		$ret = q("DELETE FROM config WHERE cat = '%s' AND k = '%s'",
+			dbesc($family),
+			dbesc($key)
+		);
+
+		return $ret;
+	}
+
+
+	/**
+	 * @brief Returns a record directly from the database configuration storage.
+	 *
+	 * This function queries directly the database and bypasses the cached storage
+	 * from get_config($family, $key).
+	 *
+	 * @param string $family
+	 *  The category of the configuration value
+	 * @param string $key
+	 *  The configuration key to query
+	 * @return mixed
+	 */
+	static private function get_from_storage($family,$key) {
+		$ret = q("SELECT * FROM config WHERE cat = '%s' AND k = '%s' LIMIT 1",
+			dbesc($family),
+			dbesc($key)
+		);
+
+		return $ret;
+	}
+
+}

Zotlabs/Lib/DB_Upgrade.php

@@ -0,0 +1,107 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+
+class DB_Upgrade {
+
+	public $config_name = '';
+	public $func_prefix = '';
+
+	function __construct($db_revision) {
+
+		$this->config_name = 'db_version';
+		$this->func_prefix = '_';
+
+		$build = get_config('system', 'db_version', 0);
+		if(! intval($build))
+			$build = set_config('system', 'db_version', $db_revision);
+
+		if($build == $db_revision) {
+			// Nothing to be done.
+			return;
+		}
+		else {
+			$stored = intval($build);
+			if(! $stored) {
+				logger('Critical: check_config unable to determine database schema version');
+				return;
+			}
+		
+			$current = intval($db_revision);
+
+			if($stored < $current) {
+
+				// The last update we performed was $stored.
+				// Start at $stored + 1 and continue until we have completed $current
+
+				for($x = $stored + 1; $x <= $current; $x ++) {
+					$s = '_' . $x;
+					$cls = '\\Zotlabs\Update\\' . $s ;
+					if(! class_exists($cls)) {					
+						return;
+					}
+
+					// There could be a lot of processes running or about to run.
+					// We want exactly one process to run the update command.
+					// So store the fact that we're taking responsibility
+					// after first checking to see if somebody else already has.
+
+					// If the update fails or times-out completely you may need to
+					// delete the config entry to try again.
+
+					Config::Load('database');
+
+					if(get_config('database', $s))
+						break;
+					set_config('database',$s, '1');
+					
+
+					$c =  new $cls();
+					$retval = $c->run();
+
+					if($retval != UPDATE_SUCCESS) {
+
+						// Prevent sending hundreds of thousands of emails by creating
+						// a lockfile.  
+
+						$lockfile = 'store/[data]/mailsent';
+
+						if ((file_exists($lockfile)) && (filemtime($lockfile) > (time() - 86400)))
+							return;
+						@unlink($lockfile);
+						//send the administrator an e-mail
+						file_put_contents($lockfile, $x);
+							
+						$r = q("select account_language from account where account_email = '%s' limit 1",
+							dbesc(\App::$config['system']['admin_email'])
+						);
+						push_lang(($r) ? $r[0]['account_language'] : 'en');
+						z_mail(
+							[
+								'toEmail'        => \App::$config['system']['admin_email'],
+								'messageSubject' => sprintf( t('Update Error at %s'), z_root()),
+								'textVersion'    => replace_macros(get_intltext_template('update_fail_eml.tpl'), 
+									[
+										'$sitename' => \App::$config['system']['sitename'],
+										'$siteurl' =>  z_root(),
+										'$update' => $x,
+										'$error' => sprintf( t('Update %s failed. See error logs.'), $x)
+									]
+								)
+							]
+						);
+
+						//try the logger
+						logger('CRITICAL: Update Failed: ' . $x);
+						pop_lang();
+					}
+					else {
+						set_config('database',$s, 'success');
+					}
+				}
+			}
+			set_config('system', 'db_version', $db_revision);
+		}
+	}
+}

Zotlabs/Lib/DReport.php

@@ -1,5 +1,5 @@
 <?php
-
+namespace Zotlabs\Lib;
 
 class DReport {
 

Zotlabs/Lib/Enotify.php

@@ -0,0 +1,843 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+/**
+ * @brief File with functions and a class for generating system and email notifications.
+ */
+
+
+class Enotify {
+
+	/**
+	 * @brief
+	 *
+	 * @param array $params an assoziative array with:
+	 *  * \e string \b from_xchan sender xchan hash
+	 *  * \e string \b to_xchan recipient xchan hash
+	 *  * \e array \b item an assoziative array
+	 *  * \e int \b type one of the NOTIFY_* constants from boot.php
+	 *  * \e string \b link
+	 *  * \e string \b parent_mid
+	 *  * \e string \b otype
+	 *  * \e string \b verb
+	 *  * \e string \b activity
+	 */
+
+
+	static public function submit($params) {
+
+		logger('notification: entry', LOGGER_DEBUG);
+
+		// throw a small amount of entropy into the system to breakup duplicates arriving at the same precise instant.
+		usleep(mt_rand(0, 10000));
+
+		if ($params['from_xchan']) {
+			$x = q("select * from xchan where xchan_hash = '%s' limit 1",
+				dbesc($params['from_xchan'])
+			);
+		}
+		if ($params['to_xchan']) {
+			$y = q("select channel.*, account.* from channel left join account on channel_account_id = account_id
+				where channel_hash = '%s' and channel_removed = 0 limit 1",
+				dbesc($params['to_xchan'])
+			);
+		}
+		if ($x & $y) {
+			$sender = $x[0];
+			$recip = $y[0];
+		} else {
+			logger('notification: no sender or recipient.');
+			logger('sender: ' . $params['from_xchan']);
+			logger('recip: ' . $params['to_xchan']);
+			return;
+		}
+
+		// from here on everything is in the recipients language
+
+		push_lang($recip['account_language']); // should probably have a channel language
+
+		$banner     = t('$Projectname Notification');
+		$product    = t('$projectname'); // PLATFORM_NAME;
+		$siteurl    = z_root();
+		$thanks     = t('Thank You,');
+		$sitename   = get_config('system','sitename');
+		$site_admin = sprintf( t('%s Administrator'), $sitename);
+		$opt_out1   = sprintf( t('This email was sent by %1$s at %2$s.'), t('$Projectname'), \App::get_hostname());
+		$opt_out2   = sprintf( t('To stop receiving these messages, please adjust your Notification Settings at %s'), z_root() . '/settings');		
+		$hopt_out2  = sprintf( t('To stop receiving these messages, please adjust your %s.'), '<a href="' . z_root() . '/settings' . '">' . t('Notification Settings')  . '</a>');
+		$sender_name = $product;
+		$hostname = \App::get_hostname();
+		if(strpos($hostname,':'))
+			$hostname = substr($hostname,0,strpos($hostname,':'));
+
+		// Do not translate 'noreply' as it must be a legal 7-bit email address
+
+		$reply_email = get_config('system','reply_address');
+		if(! $reply_email)
+			$reply_email = 'noreply' . '@' . $hostname;
+
+		$sender_email = get_config('system','from_email');
+		if(! $sender_email)
+			$sender_email = 'Administrator' . '@' . $hostname;
+	
+		$sender_name = get_config('system','from_email_name');
+		if(! $sender_name)
+			$sender_name = \Zotlabs\Lib\System::get_site_name();
+
+
+		$additional_mail_header = "";
+
+		if(array_key_exists('item', $params)) {
+			require_once('include/conversation.php');
+			// if it's a normal item...
+			if (array_key_exists('verb', $params['item'])) {
+				// localize_item() alters the original item so make a copy first
+				$i = $params['item'];
+				logger('calling localize');
+				localize_item($i);
+				$title = $i['title'];
+				$body = $i['body'];
+				$private = (($i['item_private']) || intval($i['item_obscured']));
+			}
+			else {
+				$title = $params['item']['title'];
+				$body = $params['item']['body'];
+			}
+			if($params['item']['created'] < datetime_convert('UTC','UTC','now - 1 month')) {
+				logger('notification invoked for an old item which may have been refetched.',LOGGER_DEBUG,LOG_INFO);
+				return;
+			}
+		} 
+		else {
+			$title = $body = '';
+		}
+
+
+	$always_show_in_notices = get_pconfig($recip['channel_id'],'system','always_show_in_notices');
+	$vnotify = get_pconfig($recip['channel_id'],'system','vnotify');
+
+	$salutation = $recip['channel_name'];
+
+	// e.g. "your post", "David's photo", etc.
+	$possess_desc = t('%s <!item_type!>');
+
+	if ($params['type'] == NOTIFY_MAIL) {
+		logger('notification: mail');
+		$subject = 	sprintf( t('[$Projectname:Notify] New mail received at %s'),$sitename);
+
+		$preamble = sprintf( t('%1$s sent you a new private message at %2$s.'), $sender['xchan_name'],$sitename);
+		$epreamble = sprintf( t('%1$s sent you %2$s.'),'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]', '[zrl=$itemlink]' . t('a private message') . '[/zrl]');
+		$sitelink = t('Please visit %s to view and/or reply to your private messages.');
+		$tsitelink = sprintf( $sitelink, $siteurl . '/mail/' . $params['item']['id'] );
+		$hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '/mail/' . $params['item']['id'] . '">' . $sitename . '</a>');
+		$itemlink = $siteurl . '/mail/' . $params['item']['id'];
+	}
+
+	if ($params['type'] == NOTIFY_COMMENT) {
+		//logger("notification: params = " . print_r($params, true), LOGGER_DEBUG);
+
+		$moderated = (($params['item']['item_blocked'] == ITEM_MODERATED) ? true : false);
+
+		$itemlink = $params['link'];
+
+		$action = t('commented on');
+
+		if(array_key_exists('item',$params) && in_array($params['item']['verb'], [ACTIVITY_LIKE, ACTIVITY_DISLIKE])) {
+
+			if(! $always_show_in_notices || !($vnotify & VNOTIFY_LIKE)) {
+				logger('notification: not a visible activity. Ignoring.');
+				pop_lang();
+				return;
+			}
+
+			if(activity_match($params['verb'], ACTIVITY_LIKE))
+				$action = t('liked');
+
+			if(activity_match($params['verb'], ACTIVITY_DISLIKE))
+				$action = t('disliked');
+
+		}
+
+		$parent_mid = $params['parent_mid'];
+
+		// Check to see if there was already a notify for this post.
+		// If so don't create a second notification
+
+		$p = null;
+		$p = q("select id from notify where link = '%s' and uid = %d limit 1",
+			dbesc($params['link']),
+			intval($recip['channel_id'])
+		);
+		if ($p) {
+			logger('notification: comment already notified');
+			pop_lang();
+			return;
+		}
+	
+
+		// if it's a post figure out who's post it is.
+
+		$p = null;
+
+		if($params['otype'] === 'item' && $parent_mid) {
+			$p = q("select * from item where mid = '%s' and uid = %d limit 1",
+				dbesc($parent_mid),
+				intval($recip['channel_id'])
+			);
+		}
+
+		xchan_query($p);
+
+		$item_post_type = item_post_type($p[0]);
+//		$private = $p[0]['item_private'];
+		$parent_id = $p[0]['id'];
+
+		$parent_item = $p[0];
+
+		//$possess_desc = str_replace('<!item_type!>',$possess_desc);
+
+		// "a post"
+		$dest_str = sprintf(t('%1$s %2$s [zrl=%3$s]a %4$s[/zrl]'),
+			'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
+			$action,
+			$itemlink,
+			$item_post_type);
+
+		// "George Bull's post"
+		if($p)
+			$dest_str = sprintf(t('%1$s %2$s [zrl=%3$s]%4$s\'s %5$s[/zrl]'),
+				'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
+				$action,
+				$itemlink,
+				$p[0]['author']['xchan_name'],
+				$item_post_type);
+		
+		// "your post"
+		if($p[0]['owner']['xchan_name'] == $p[0]['author']['xchan_name'] && intval($p[0]['item_wall']))
+			$dest_str = sprintf(t('%1$s %2$s [zrl=%3$s]your %4$s[/zrl]'),
+				'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
+				$action,
+				$itemlink,
+				$item_post_type);
+
+		// Some mail softwares relies on subject field for threading.
+		// So, we cannot have different subjects for notifications of the same thread.
+		// Before this we have the name of the replier on the subject rendering 
+		// differents subjects for messages on the same thread.
+
+		if($moderated)
+			$subject = sprintf( t('[$Projectname:Notify] Moderated Comment to conversation #%1$d by %2$s'), $parent_id, $sender['xchan_name']);
+		else
+			$subject = sprintf( t('[$Projectname:Notify] Comment to conversation #%1$d by %2$s'), $parent_id, $sender['xchan_name']);
+		$preamble = sprintf( t('%1$s commented on an item/conversation you have been following.'), $sender['xchan_name']); 
+		$epreamble = $dest_str; 
+
+		$sitelink = t('Please visit %s to view and/or reply to the conversation.');
+		$tsitelink = sprintf( $sitelink, $siteurl );
+		$hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '">' . $sitename . '</a>');
+		if($moderated) {
+			$tsitelink .= "\n\n" . sprintf( t('Please visit %s to approve or reject this comment.'), z_root() . '/moderate' );
+			$hsitelink .= "<br><br>" . sprintf( t('Please visit %s to approve or reject this comment.'), '<a href="' . z_root() . '/moderate">' . z_root() . '/moderate</a>' );
+		}
+		
+	}
+
+	if ($params['type'] == NOTIFY_LIKE) {
+//		logger("notification: params = " . print_r($params, true), LOGGER_DEBUG);
+
+		$itemlink =  $params['link'];
+
+		if (array_key_exists('item',$params) && (! activity_match($params['item']['verb'],ACTIVITY_LIKE))) {
+			if(! $always_show_in_notices  || !($vnotify & VNOTIFY_LIKE)) {
+				logger('notification: not a visible activity. Ignoring.');
+				pop_lang();
+				return;
+			}
+		}
+
+		$parent_mid = $params['parent_mid'];
+
+		// Check to see if there was already a notify for this post.
+		// If so don't create a second notification
+
+		$p = null;
+		$p = q("select id from notify where link = '%s' and uid = %d limit 1",
+			dbesc($params['link']),
+			intval($recip['channel_id'])
+		);
+		if ($p) {
+			logger('notification: like already notified');
+			pop_lang();
+			return;
+		}
+	
+
+		// if it's a post figure out who's post it is.
+
+		$p = null;
+
+		if($params['otype'] === 'item' && $parent_mid) {
+			$p = q("select * from item where mid = '%s' and uid = %d limit 1",
+				dbesc($parent_mid),
+				intval($recip['channel_id'])
+			);
+		}
+
+		xchan_query($p);
+
+
+		$item_post_type = item_post_type($p[0]);
+//		$private = $p[0]['item_private'];
+		$parent_id = $p[0]['id'];
+
+		$parent_item = $p[0];
+
+
+		// "your post"
+		if($p[0]['owner']['xchan_name'] == $p[0]['author']['xchan_name'] && intval($p[0]['item_wall']))
+			$dest_str = sprintf(t('%1$s liked [zrl=%2$s]your %3$s[/zrl]'),
+				'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
+				$itemlink,
+				$item_post_type);
+		else {
+			pop_lang();
+			return;
+		}
+
+		// Some mail softwares relies on subject field for threading.
+		// So, we cannot have different subjects for notifications of the same thread.
+		// Before this we have the name of the replier on the subject rendering 
+		// differents subjects for messages on the same thread.
+
+		$subject = sprintf( t('[$Projectname:Notify] Like received to conversation #%1$d by %2$s'), $parent_id, $sender['xchan_name']);
+		$preamble = sprintf( t('%1$s liked an item/conversation you created.'), $sender['xchan_name']); 
+		$epreamble = $dest_str; 
+
+		$sitelink = t('Please visit %s to view and/or reply to the conversation.');
+		$tsitelink = sprintf( $sitelink, $siteurl );
+		$hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '">' . $sitename . '</a>');
+	}
+
+
+
+	if($params['type'] == NOTIFY_WALL) {
+		$subject = sprintf( t('[$Projectname:Notify] %s posted to your profile wall') , $sender['xchan_name']);
+
+		$preamble = sprintf( t('%1$s posted to your profile wall at %2$s') , $sender['xchan_name'], $sitename);
+
+		$epreamble = sprintf( t('%1$s posted to [zrl=%2$s]your wall[/zrl]') ,
+			'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
+			$params['link']); 
+
+		$sitelink = t('Please visit %s to view and/or reply to the conversation.');
+		$tsitelink = sprintf( $sitelink, $siteurl );
+		$hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '">' . $sitename . '</a>');
+		$itemlink =  $params['link'];
+	}
+
+	if ($params['type'] == NOTIFY_TAGSELF) {
+
+		$p = null;
+		$p = q("select id from notify where link = '%s' and uid = %d limit 1",
+			dbesc($params['link']),
+			intval($recip['channel_id'])
+		);
+		if ($p) {
+			logger('enotify: tag: already notified about this post');
+			pop_lang();
+			return;
+		}
+	
+		$subject =	sprintf( t('[$Projectname:Notify] %s tagged you') , $sender['xchan_name']);
+		$preamble = sprintf( t('%1$s tagged you at %2$s') , $sender['xchan_name'], $sitename);
+		$epreamble = sprintf( t('%1$s [zrl=%2$s]tagged you[/zrl].') ,
+			'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
+			$params['link']); 
+
+		$sitelink = t('Please visit %s to view and/or reply to the conversation.');
+		$tsitelink = sprintf( $sitelink, $siteurl );
+		$hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '">' . $sitename . '</a>');
+		$itemlink =  $params['link'];
+	}
+
+	if ($params['type'] == NOTIFY_POKE) {
+		$subject =	sprintf( t('[$Projectname:Notify] %1$s poked you') , $sender['xchan_name']);
+		$preamble = sprintf( t('%1$s poked you at %2$s') , $sender['xchan_name'], $sitename);
+		$epreamble = sprintf( t('%1$s [zrl=%2$s]poked you[/zrl].') ,
+			'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
+			$params['link']); 
+
+		$subject = str_replace('poked', t($params['activity']), $subject);
+		$preamble = str_replace('poked', t($params['activity']), $preamble);
+		$epreamble = str_replace('poked', t($params['activity']), $epreamble);
+
+		$sitelink = t('Please visit %s to view and/or reply to the conversation.');
+		$tsitelink = sprintf( $sitelink, $siteurl );
+		$hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '">' . $sitename . '</a>');
+		$itemlink =  $params['link'];
+	}
+
+	if ($params['type'] == NOTIFY_TAGSHARE) {
+		$subject =	sprintf( t('[$Projectname:Notify] %s tagged your post') , $sender['xchan_name']);
+		$preamble = sprintf( t('%1$s tagged your post at %2$s'),$sender['xchan_name'], $sitename);
+		$epreamble = sprintf( t('%1$s tagged [zrl=%2$s]your post[/zrl]') ,
+			'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
+			$itemlink); 
+
+		$sitelink = t('Please visit %s to view and/or reply to the conversation.');
+		$tsitelink = sprintf( $sitelink, $siteurl );
+		$hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '">' . $sitename . '</a>');
+		$itemlink =  $params['link'];
+	}
+
+	if ($params['type'] == NOTIFY_INTRO) {
+		$subject = sprintf( t('[$Projectname:Notify] Introduction received'));
+		$preamble = sprintf( t('You\'ve received an new connection request from \'%1$s\' at %2$s'), $sender['xchan_name'], $sitename); 
+		$epreamble = sprintf( t('You\'ve received [zrl=%1$s]a new connection request[/zrl] from %2$s.'),
+			$siteurl . '/connections/ifpending',
+			'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]'); 
+		$body = sprintf( t('You may visit their profile at %s'),$sender['xchan_url']);
+
+		$sitelink = t('Please visit %s to approve or reject the connection request.');
+		$tsitelink = sprintf( $sitelink, $siteurl . '/connections/ifpending');
+		$hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '/connections/ifpending">' . $sitename . '</a>');
+		$itemlink = $params['link'];
+	}
+
+	if ($params['type'] == NOTIFY_SUGGEST) {
+		$subject = sprintf( t('[$Projectname:Notify] Friend suggestion received'));
+		$preamble = sprintf( t('You\'ve received a friend suggestion from \'%1$s\' at %2$s'), $sender['xchan_name'], $sitename); 
+		$epreamble = sprintf( t('You\'ve received [zrl=%1$s]a friend suggestion[/zrl] for %2$s from %3$s.'),
+			$itemlink,
+			'[zrl=' . $params['item']['url'] . ']' . $params['item']['name'] . '[/zrl]',
+			'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]'); 
+
+		$body = t('Name:') . ' ' . $params['item']['name'] . "\n";
+		$body .= t('Photo:') . ' ' . $params['item']['photo'] . "\n";
+		$body .= sprintf( t('You may visit their profile at %s'),$params['item']['url']);
+
+		$sitelink = t('Please visit %s to approve or reject the suggestion.');
+		$tsitelink = sprintf( $sitelink, $siteurl );
+		$hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '">' . $sitename . '</a>');
+		$itemlink =  $params['link'];
+	}
+
+	if ($params['type'] == NOTIFY_CONFIRM) {
+		// ?
+	}
+
+	if ($params['type'] == NOTIFY_SYSTEM) {
+		// ?
+	}
+
+	$h = array(
+		'params'    => $params,
+		'subject'   => $subject,
+		'preamble'  => $preamble,
+		'epreamble' => $epreamble,
+		'body'      => $body,
+		'sitelink'  => $sitelink,
+		'sitename'  => $sitename,
+		'tsitelink' => $tsitelink,
+		'hsitelink' => $hsitelink,
+		'itemlink'  => $itemlink,
+		'sender'    => $sender,
+		'recipient' => $recip
+	);
+
+	call_hooks('enotify', $h);
+
+	$subject   = $h['subject'];
+	$preamble  = $h['preamble'];
+	$epreamble = $h['epreamble'];
+	$body      = $h['body'];
+	$sitelink  = $h['sitelink'];
+	$tsitelink = $h['tsitelink'];
+	$hsitelink = $h['hsitelink'];
+	$itemlink  = $h['itemlink']; 
+
+
+	require_once('include/html2bbcode.php');
+
+	do {
+		$dups = false;
+		$hash = random_string();
+		$r = q("SELECT id FROM notify WHERE hash = '%s' LIMIT 1",
+			dbesc($hash));
+		if ($r)
+			$dups = true;
+	} while ($dups === true);
+
+
+	$datarray = array();
+	$datarray['hash']   = $hash;
+	$datarray['sender_hash'] = $sender['xchan_hash'];
+	$datarray['xname']   = $sender['xchan_name'];
+	$datarray['url']    = $sender['xchan_url'];
+	$datarray['photo']  = $sender['xchan_photo_s'];
+	$datarray['created']   = datetime_convert();
+	$datarray['aid']    = $recip['channel_account_id'];
+	$datarray['uid']    = $recip['channel_id'];
+	$datarray['link']   = $itemlink;
+	$datarray['parent'] = $parent_mid;
+	$datarray['parent_item'] = $parent_item;
+	$datarray['ntype']   = $params['type'];
+	$datarray['verb']   = $params['verb'];
+	$datarray['otype']  = $params['otype'];
+ 	$datarray['abort']  = false;
+
+	$datarray['item'] = $params['item'];
+
+	call_hooks('enotify_store', $datarray);
+
+	if ($datarray['abort']) {
+		pop_lang();
+		return;
+	}
+
+
+	// create notification entry in DB
+	$seen = 0;
+
+	// Mark some notifications as seen right away
+	// Note! The notification have to be created, because they are used to send emails
+	// So easiest solution to hide them from Notices is to mark them as seen right away.
+	// Another option would be to not add them to the DB, and change how emails are handled 
+	// (probably would be better that way)
+
+	if (!$always_show_in_notices) {
+		if (($params['type'] == NOTIFY_WALL) || ($params['type'] == NOTIFY_MAIL) || ($params['type'] == NOTIFY_INTRO)) {
+			$seen = 1;
+		}
+	}
+
+	$r = q("insert into notify (hash,xname,url,photo,created,msg,aid,uid,link,parent,seen,ntype,verb,otype)
+		values('%s','%s','%s','%s','%s','%s',%d,%d,'%s','%s',%d,%d,'%s','%s')",
+		dbesc($datarray['hash']),
+		dbesc($datarray['xname']),
+		dbesc($datarray['url']),
+		dbesc($datarray['photo']),
+		dbesc($datarray['created']),
+		dbesc(''),      // will fill this in below after the record is created
+		intval($datarray['aid']),
+		intval($datarray['uid']),
+		dbesc($datarray['link']),
+		dbesc($datarray['parent']),
+		intval($seen),
+		intval($datarray['ntype']),
+		dbesc($datarray['verb']),
+		dbesc($datarray['otype'])
+	);
+
+	$r = q("select id from notify where hash = '%s' and uid = %d limit 1",
+		dbesc($hash),
+		intval($recip['channel_id'])
+	);
+	if ($r) {
+		$notify_id = $r[0]['id'];
+	} else {
+		logger('notification not found.');
+		pop_lang();
+		return;
+	}
+
+	$itemlink = z_root() . '/notify/view/' . $notify_id;
+	$msg = str_replace('$itemlink',$itemlink,$epreamble);
+
+	// wretched hack, but we don't want to duplicate all the preamble variations and we also don't want to screw up a translation
+
+	if ((\App::$language === 'en' || (! \App::$language)) && strpos($msg,', '))
+		$msg = substr($msg,strpos($msg,', ')+1);	
+
+	$r = q("update notify set msg = '%s' where id = %d and uid = %d",
+		dbesc($msg),
+		intval($notify_id),
+		intval($datarray['uid'])
+	);
+
+	// send email notification if notification preferences permit
+
+	require_once('bbcode.php');
+	if ((intval($recip['channel_notifyflags']) & intval($params['type'])) || $params['type'] == NOTIFY_SYSTEM) {
+
+		logger('notification: sending notification email');
+
+		$hn = get_pconfig($recip['channel_id'],'system','email_notify_host');
+		if($hn && (! stristr(\App::get_hostname(),$hn))) {
+			// this isn't the email notification host
+			pop_lang();
+			return;
+		}
+
+		$textversion = strip_tags(html_entity_decode(bbcode(stripslashes(str_replace(array("\\r", "\\n"), array( "", "\n"), $body))),ENT_QUOTES,'UTF-8'));
+
+		$htmlversion = bbcode(stripslashes(str_replace(array("\\r","\\n"), array("","<br />\n"),$body)));
+
+
+		// use $_SESSION['zid_override'] to force zid() to use 
+		// the recipient address instead of the current observer
+
+		$_SESSION['zid_override'] = channel_reddress($recip);
+		$_SESSION['zrl_override'] = z_root() . '/channel/' . $recip['channel_address'];
+		
+		$textversion = zidify_links($textversion);
+		$htmlversion = zidify_links($htmlversion);
+
+		// unset when done to revert to normal behaviour
+
+		unset($_SESSION['zid_override']);
+		unset($_SESSION['zrl_override']);
+
+		$datarray = array();
+		$datarray['banner']       = $banner;
+		$datarray['product']      = $product;
+		$datarray['preamble']     = $preamble;
+		$datarray['sitename']     = $sitename;
+		$datarray['siteurl']      = $siteurl;
+		$datarray['type']         = $params['type'];
+		$datarray['parent']       = $params['parent_mid'];
+		$datarray['source_name']  = $sender['xchan_name'];
+		$datarray['source_link']  = $sender['xchan_url'];
+		$datarray['source_photo'] = $sender['xchan_photo_s'];
+		$datarray['uid']          = $recip['channel_id'];
+		$datarray['username']     = $recip['channel_name'];
+		$datarray['hsitelink']    = $hsitelink;
+		$datarray['tsitelink']    = $tsitelink;
+		$datarray['hitemlink']    = '<a href="' . $itemlink . '">' . $itemlink . '</a>';
+		$datarray['titemlink']    = $itemlink;
+		$datarray['thanks']       = $thanks;
+		$datarray['site_admin']   = $site_admin;
+		$datarray['opt_out1']     = $opt_out1;
+		$datarray['opt_out2']     = $opt_out2;
+		$datarray['hopt_out2']    = $hopt_out2;
+		$datarray['title']        = stripslashes($title);
+		$datarray['htmlversion']  = $htmlversion;
+		$datarray['textversion']  = $textversion;
+		$datarray['subject']      = $subject;
+		$datarray['headers']      = $additional_mail_header;
+		$datarray['email_secure'] = false;
+
+		call_hooks('enotify_mail', $datarray);
+
+		// Default to private - don't disclose message contents over insecure channels (such as email)
+		// Might be interesting to use GPG,PGP,S/MIME encryption instead
+		// but we'll save that for a clever plugin developer to implement
+
+		$private_activity = false;
+
+		if (! $datarray['email_secure']) {
+			switch ($params['type']) {
+				case NOTIFY_WALL:
+				case NOTIFY_TAGSELF:
+				case NOTIFY_POKE:
+				case NOTIFY_COMMENT:
+					if (! $private)
+						break;
+					$private_activity = true;
+				case NOTIFY_MAIL:
+					$datarray['textversion'] = $datarray['htmlversion'] = $datarray['title'] = '';
+					$datarray['subject'] = preg_replace('/' . preg_quote(t('[$Projectname:Notify]')) . '/','$0*',$datarray['subject']);
+					break;
+				default:
+					break;
+			}
+		}
+
+		if ($private_activity
+			&& intval(get_pconfig($datarray['uid'], 'system', 'ignore_private_notifications'))) {
+
+			pop_lang();
+			return;
+		}
+
+		// load the template for private message notifications
+		$tpl = get_markup_template('email_notify_html.tpl');
+		$email_html_body = replace_macros($tpl,array(
+			'$banner'       => $datarray['banner'],
+			'$notify_icon'  => \Zotlabs\Lib\System::get_notify_icon(),
+			'$product'      => $datarray['product'],
+			'$preamble'     => $salutation . '<br><br>' . $datarray['preamble'],
+			'$sitename'     => $datarray['sitename'],
+			'$siteurl'      => $datarray['siteurl'],
+			'$source_name'  => $datarray['source_name'],
+			'$source_link'  => $datarray['source_link'],
+			'$source_photo' => $datarray['source_photo'],
+			'$username'     => $datarray['to_name'],
+			'$hsitelink'    => $datarray['hsitelink'],
+			'$hitemlink'    => $datarray['hitemlink'],
+			'$thanks'       => $datarray['thanks'],
+			'$site_admin'   => $datarray['site_admin'],
+			'$opt_out1'     => $datarray['opt_out1'],
+			'$opt_out2'     => $datarray['hopt_out2'],
+			'$title'        => $datarray['title'],
+			'$htmlversion'  => $datarray['htmlversion'],
+		));
+
+		// load the template for private message notifications
+		$tpl = get_markup_template('email_notify_text.tpl');
+		$email_text_body = replace_macros($tpl, array(
+			'$banner'       => $datarray['banner'],
+			'$product'      => $datarray['product'],
+			'$preamble'     => $salutation . "\n\n" . $datarray['preamble'],
+			'$sitename'     => $datarray['sitename'],
+			'$siteurl'      => $datarray['siteurl'],
+			'$source_name'  => $datarray['source_name'],
+			'$source_link'  => $datarray['source_link'],
+			'$source_photo' => $datarray['source_photo'],
+			'$username'     => $datarray['to_name'],
+			'$tsitelink'    => $datarray['tsitelink'],
+			'$titemlink'    => $datarray['titemlink'],
+			'$thanks'       => $datarray['thanks'],
+			'$site_admin'   => $datarray['site_admin'],
+			'$opt_out1'     => $datarray['opt_out1'],
+			'$opt_out2'     => $datarray['opt_out2'],
+			'$title'        => $datarray['title'],
+			'$textversion'  => $datarray['textversion'],
+		));
+
+//		logger('text: ' . $email_text_body);
+
+		// use the EmailNotification library to send the message
+
+		self::send(array(
+			'fromName'             => $sender_name,
+			'fromEmail'            => $sender_email,
+			'replyTo'              => $reply_email,
+			'toEmail'              => $recip['account_email'],
+			'messageSubject'       => $datarray['subject'],
+			'htmlVersion'          => $email_html_body,
+			'textVersion'          => $email_text_body,
+			'additionalMailHeader' => $datarray['headers'],
+		));
+	}
+
+	pop_lang();
+
+}
+
+
+	/**
+	 * @brief Send a multipart/alternative message with Text and HTML versions.
+	 *
+	 * @param array $params an assoziative array with:
+	 *  * \e string \b fromName        name of the sender
+	 *  * \e string \b fromEmail       email of the sender
+	 *  * \e string \b replyTo         replyTo address to direct responses
+	 *  * \e string \b toEmail         destination email address
+	 *  * \e string \b messageSubject  subject of the message
+	 *  * \e string \b htmlVersion     html version of the message
+	 *  * \e string \b textVersion     text only version of the message
+	 *  * \e string \b additionalMailHeader  additions to the smtp mail header
+	 */
+	static public function send($params) {
+
+		$params['sent']   = false;
+		$params['result'] = false;
+
+		call_hooks('email_send', $params);
+
+		if($params['sent']) {
+			logger("notification: enotify::send (addon) returns " . (($params['result']) ? 'success' : 'failure'), LOGGER_DEBUG);
+			return $params['result'];
+		}
+
+		$fromName = email_header_encode(html_entity_decode($params['fromName'],ENT_QUOTES,'UTF-8'),'UTF-8'); 
+		$messageSubject = email_header_encode(html_entity_decode($params['messageSubject'],ENT_QUOTES,'UTF-8'),'UTF-8');
+
+		// generate a mime boundary
+		$mimeBoundary = rand(0, 9) . "-"
+				.rand(100000000, 999999999) . "-"
+				.rand(100000000, 999999999) . "=:"
+				.rand(10000, 99999);
+
+		// generate a multipart/alternative message header
+		$messageHeader =
+			$params['additionalMailHeader'] .
+			"From: $fromName <{$params['fromEmail']}>\n" .
+			"Reply-To: $fromName <{$params['replyTo']}>\n" .
+			"MIME-Version: 1.0\n" .
+			"Content-Type: multipart/alternative; boundary=\"{$mimeBoundary}\"";
+
+		// assemble the final multipart message body with the text and html types included
+		$textBody = chunk_split(base64_encode($params['textVersion']));
+		$htmlBody = chunk_split(base64_encode($params['htmlVersion']));
+
+		$multipartMessageBody =
+			"--" . $mimeBoundary . "\n" .					// plain text section
+			"Content-Type: text/plain; charset=UTF-8\n" .
+			"Content-Transfer-Encoding: base64\n\n" .
+			$textBody . "\n" .
+			"--" . $mimeBoundary . "\n" .					// text/html section
+			"Content-Type: text/html; charset=UTF-8\n" .
+			"Content-Transfer-Encoding: base64\n\n" .
+			$htmlBody . "\n" .
+			"--" . $mimeBoundary . "--\n";					// message ending
+
+		// send the message
+		$res = mail(
+			$params['toEmail'],								// send to address
+			$messageSubject,								// subject
+			$multipartMessageBody,							// message body
+			$messageHeader									// message headers
+		);
+		logger("notification: enotify::send returns " . (($res) ? 'success' : 'failure'), LOGGER_DEBUG);
+		return $res;
+	}
+
+	static public function format($item) {
+
+		$ret = '';
+
+		require_once('include/conversation.php');
+
+		// Call localize_item to get a one line status for activities. 
+		// This should set $item['localized'] to indicate we have a brief summary.
+		// and perhaps $item['shortlocalized'] for an even briefer summary
+
+		localize_item($item);
+
+		if($item['shortlocalize']) {
+			$itemem_text = $item['shortlocalize'];
+		}
+		elseif($item['localize']) {
+			$itemem_text = $item['localize'];
+		}
+		else {
+			$itemem_text = (($item['item_thread_top'])
+				? t('created a new post')
+				: sprintf( t('commented on %s\'s post'), $item['owner']['xchan_name']));
+		}
+
+		$edit = false;
+
+		if($item['edited'] > $item['created']) {
+			if($item['item_thread_top']) {
+				$itemem_text = sprintf( t('edited a post dated %s'), relative_date($item['created']));
+				$edit = true;
+			}
+			else {
+				$itemem_text = sprintf( t('edited a comment dated %s'), relative_date($item['created']));
+				$edit = true;
+			}
+		}
+
+
+		// convert this logic into a json array just like the system notifications
+
+		return array(
+			'notify_link' => $item['llink'],
+			'name' => $item['author']['xchan_name'],
+			'url' => $item['author']['xchan_url'],
+			'photo' => $item['author']['xchan_photo_s'],
+			'when' => relative_date(($edit)? $item['edited'] : $item['created']), 
+			'class' => (intval($item['item_unseen']) ? 'notify-unseen' : 'notify-seen'),
+			'b64mid' => ((in_array($item['verb'], [ACTIVITY_LIKE, ACTIVITY_DISLIKE])) ? 'b64.' . base64url_encode($item['thr_parent']) : 'b64.' . base64url_encode($item['mid'])),
+			'notify_id' => 'undefined',
+			'thread_top' => (($item['item_thread_top']) ? true : false),
+			'message' => strip_tags(bbcode($itemem_text))
+		);
+
+	}
+
+}

Zotlabs/Lib/ExtendedZip.php

@@ -0,0 +1,57 @@
+<?php
+
+/*
+ * To change this license header, choose License Headers in Project Properties.
+ * To change this template file, choose Tools | Templates
+ * and open the template in the editor.
+ */
+
+namespace Zotlabs\Lib;
+
+/**
+ * Description of ExtendedZip
+ *
+ * @author andrew
+ */
+class ExtendedZip extends \ZipArchive {
+		
+		// Member function to add a whole file system subtree to the archive
+		public function addTree($dirname, $localname = '') {
+				if ($localname)
+						$this->addEmptyDir($localname);
+				$this->_addTree($dirname, $localname);
+		}
+
+		// Internal function, to recurse
+		protected function _addTree($dirname, $localname) {
+				$dir = opendir($dirname);
+				while ($filename = readdir($dir)) {
+						// Discard . and ..
+						if ($filename == '.' || $filename == '..')
+								continue;
+
+						// Proceed according to type
+						$path = $dirname . '/' . $filename;
+						$localpath = $localname ? ($localname . '/' . $filename) : $filename;
+						if (is_dir($path)) {
+								// Directory: add & recurse
+								$this->addEmptyDir($localpath);
+								$this->_addTree($path, $localpath);
+						}
+						else if (is_file($path)) {
+								// File: just add
+								$this->addFile($path, $localpath);
+						}
+				}
+				closedir($dir);
+		}
+
+		// Helper function
+		public static function zipTree($dirname, $zipFilename, $flags = 0, $localname = '') {
+				$zip = new self();
+				$zip->open($zipFilename, $flags);
+				$zip->addTree($dirname, $localname);
+				$zip->close();
+		}
+		
+}

Zotlabs/Lib/IConfig.php

@@ -0,0 +1,165 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+
+
+class IConfig {
+
+	static public function Load(&$item) {
+		return;
+	}
+
+	static public function Get(&$item, $family, $key, $default = false) {
+
+		$is_item = false;
+	
+		if(is_array($item)) {
+			$is_item = true;
+			if((! array_key_exists('iconfig',$item)) || (! is_array($item['iconfig'])))
+				$item['iconfig'] = array();
+
+			if(array_key_exists('item_id',$item))
+				$iid = $item['item_id'];
+			else
+				$iid = $item['id'];
+		}
+		elseif(intval($item))
+			$iid = $item;
+
+		if(! $iid)
+			return $default;
+
+		if(is_array($item) && array_key_exists('iconfig',$item) && is_array($item['iconfig'])) {
+			foreach($item['iconfig'] as $c) {
+				if($c['iid'] == $iid && $c['cat'] == $family && $c['k'] == $key)
+					return $c['v'];
+			}
+		}
+		 
+		$r = q("select * from iconfig where iid = %d and cat = '%s' and k = '%s' limit 1",
+			intval($iid),
+			dbesc($family),
+			dbesc($key)
+		);
+		if($r) {
+			$r[0]['v'] = ((preg_match('|^a:[0-9]+:{.*}$|s',$r[0]['v'])) ? unserialize($r[0]['v']) : $r[0]['v']);
+			if($is_item)
+				$item['iconfig'][] = $r[0];
+			return $r[0]['v'];
+		}
+		return $default;
+
+	}
+
+	/**
+	 * IConfig::Set(&$item, $family, $key, $value, $sharing = false);
+	 *
+	 * $item - item array or item id. If passed an array the iconfig meta information is
+	 *    added to the item structure (which will need to be saved with item_store eventually).
+	 *    If passed an id, the DB is updated, but may not be federated and/or cloned.
+	 * $family - namespace of meta variable
+	 * $key - key of meta variable
+	 * $value - value of meta variable
+	 * $sharing - boolean (default false); if true the meta information is propagated with the item
+	 *   to other sites/channels, mostly useful when $item is an array and has not yet been stored/delivered.
+	 *   If the meta information is added after delivery and you wish it to be shared, it may be necessary to 
+	 *   alter the item edited timestamp and invoke the delivery process on the updated item. The edited 
+	 *   timestamp needs to be altered in order to trigger an item_store_update() at the receiving end.
+	 */
+ 
+
+	static public function Set(&$item, $family, $key, $value, $sharing = false) {
+
+		$dbvalue = ((is_array($value))  ? serialize($value) : $value);
+		$dbvalue = ((is_bool($dbvalue)) ? intval($dbvalue)  : $dbvalue);
+
+		$is_item = false;
+		$idx = null;
+
+		if(is_array($item)) {
+			$is_item = true;
+			if((! array_key_exists('iconfig',$item)) || (! is_array($item['iconfig'])))
+				$item['iconfig'] = array();
+			elseif($item['iconfig']) {
+				for($x = 0; $x < count($item['iconfig']); $x ++) {
+					if($item['iconfig'][$x]['cat'] == $family && $item['iconfig'][$x]['k'] == $key) {
+						$idx = $x;
+					}
+				}
+			}
+			$entry = array('cat' => $family, 'k' => $key, 'v' => $value, 'sharing' => $sharing);
+
+			if(is_null($idx))
+				$item['iconfig'][] = $entry;
+			else
+				$item['iconfig'][$idx] = $entry;
+			return $value;
+		}
+
+		if(intval($item))
+			$iid = intval($item);
+
+		if(! $iid)
+			return false;
+
+		if(self::Get($item, $family, $key) === false) {
+			$r = q("insert into iconfig( iid, cat, k, v, sharing ) values ( %d, '%s', '%s', '%s', %d ) ",
+				intval($iid),
+				dbesc($family),
+				dbesc($key),
+				dbesc($dbvalue),
+				intval($sharing)
+			);
+		}
+		else {
+			$r = q("update iconfig set v = '%s', sharing = %d where iid = %d and cat = '%s' and  k = '%s' ",
+				dbesc($dbvalue),
+				intval($sharing),
+				intval($iid),
+				dbesc($family),
+				dbesc($key)
+			);
+		}
+
+		if(! $r)
+			return false;
+
+		return $value;
+	}
+
+
+
+	static public function Delete(&$item, $family, $key) {
+
+
+		$is_item = false;
+		$idx = null;
+
+		if(is_array($item)) {
+			$is_item = true;
+			if(is_array($item['iconfig'])) {
+				for($x = 0; $x < count($item['iconfig']); $x ++) {
+					if($item['iconfig'][$x]['cat'] == $family && $item['iconfig'][$x]['k'] == $key) {
+						unset($item['iconfig'][$x]);
+					}
+				}
+			}
+			return true;
+		}
+
+		if(intval($item))
+			$iid = intval($item);
+
+		if(! $iid)
+			return false;
+
+		return q("delete from iconfig where iid = %d and cat = '%s' and  k = '%s' ",
+			intval($iid),
+			dbesc($family),
+			dbesc($key)
+		);
+
+	}
+
+}

Zotlabs/Lib/Img_filesize.php

@@ -0,0 +1,122 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+class Img_filesize {
+
+	private $url;
+
+	function __construct($url) {
+		$this->url = $url;
+	}
+
+	function getSize() {
+		$size = null;
+
+		if(stripos($this->url,z_root() . '/photo') !== false) {
+			$size = self::getLocalFileSize($this->url);
+		}
+		if(! $size) {
+			$size = getRemoteFileSize($this->url);
+		}
+
+		return $size;
+	}
+
+
+	static function getLocalFileSize($url) {
+	
+		$fname = basename($url);
+		$resolution = 0;
+	
+		if(strpos($fname,'.') !== false)
+			$fname = substr($fname,0,strpos($fname,'.'));
+	
+		if(substr($fname,-2,1) == '-') {
+			$resolution = intval(substr($fname,-1,1));
+			$fname = substr($fname,0,-2);
+		}
+			
+		$r = q("SELECT filesize FROM photo WHERE resource_id = '%s' AND imgscale = %d LIMIT 1",
+			dbesc($fname),
+			intval($resolution)
+		);
+		if($r) {
+			return $r[0]['filesize'];
+		}
+		return null;
+	}
+
+}
+
+/**
+ * Try to determine the size of a remote file by making an HTTP request for
+ * a byte range, or look for the content-length header in the response.
+ * The function aborts the transfer as soon as the size is found, or if no
+ * length headers are returned, it aborts the transfer.
+ *
+ * @return int|null null if size could not be determined, or length of content
+ */
+function getRemoteFileSize($url)
+{
+    $ch = curl_init($url);
+
+    $headers = array(
+        'Range: bytes=0-1',
+        'Connection: close',
+    );
+
+    $in_headers = true;
+    $size       = null;
+
+    curl_setopt($ch, CURLOPT_HEADER, 1);
+    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+    curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2450.0 Iron/46.0.2450.0');
+    curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
+    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
+    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
+    curl_setopt($ch, CURLOPT_VERBOSE, 0); // set to 1 to debug
+    curl_setopt($ch, CURLOPT_STDERR, fopen('php://output', 'r'));
+
+    curl_setopt($ch, CURLOPT_HEADERFUNCTION, function($curl, $line) use (&$in_headers, &$size) {
+        $length = strlen($line);
+
+        if (trim($line) == '') {
+            $in_headers = false;
+        }
+
+        list($header, $content) = explode(':', $line, 2);
+        $header = strtolower(trim($header));
+
+        if ($header == 'content-range') {
+            // found a content-range header
+            list($rng, $s) = explode('/', $content, 2);
+            $size = (int)$s;
+            return 0; // aborts transfer
+        } else if ($header == 'content-length' && 206 != curl_getinfo($curl, CURLINFO_HTTP_CODE)) {
+            // found content-length header and this is not a 206 Partial Content response (range response)
+            $size = (int)$content;
+            return 0;
+        } else {
+            // continue
+            return $length;
+        }
+    });
+
+    curl_setopt($ch, CURLOPT_WRITEFUNCTION, function($curl, $data) use ($in_headers) {
+        if (!$in_headers) {
+            // shouldn't be here unless we couldn't determine file size
+            // abort transfer
+            return 0;
+        }
+
+        // write function is also called when reading headers
+        return strlen($data);
+    });
+
+    curl_exec($ch);
+    curl_getinfo($ch);
+	curl_close($ch);
+
+    return $size;
+}

Zotlabs/Lib/JSalmon.php

@@ -0,0 +1,38 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+
+class JSalmon {
+
+	static function sign($data,$key_id,$key) {
+
+		$arr       = $data;
+		$data      = json_encode($data,JSON_UNESCAPED_SLASHES);
+		$data      = base64url_encode($data, false); // do not strip padding
+		$data_type = 'application/x-zot+json';
+		$encoding  = 'base64url';
+		$algorithm = 'RSA-SHA256';
+
+		$data = preg_replace('/\s+/','',$data);
+
+		// precomputed base64url encoding of data_type, encoding, algorithm concatenated with periods
+
+		$precomputed = '.' . base64url_encode($data_type,false) . '.YmFzZTY0dXJs.UlNBLVNIQTI1Ng==';
+
+		$signature  = base64url_encode(rsa_sign($data . $precomputed, $key), false);
+
+		return ([
+			'signed'    => true,
+			'data'      => $data,
+			'data_type' => $data_type,
+			'encoding'  => $encoding,
+			'alg'       => $algorithm,
+			'sigs'      => [
+				'value'  => $signature,
+				'key_id' => base64url_encode($key_id)
+			]
+		]);
+
+	}
+}

Zotlabs/Lib/LDSignatures.php

@@ -0,0 +1,135 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+require_once('library/jsonld/jsonld.php');
+
+class LDSignatures {
+
+
+	static function verify($data,$pubkey) {
+
+		$ohash = self::hash(self::signable_options($data['signature']));
+		$dhash = self::hash(self::signable_data($data));
+
+		$x = rsa_verify($ohash . $dhash,base64_decode($data['signature']['signatureValue']), $pubkey);
+		logger('LD-verify: ' . intval($x));
+
+		return $x;
+	}
+
+	static function dopplesign(&$data,$channel) {
+	// remove for the time being - performance issues
+	//	$data['magicEnv'] = self::salmon_sign($data,$channel);
+		return self::sign($data,$channel);
+	}
+
+	static function sign($data,$channel) {
+
+		$options = [
+			'type' => 'RsaSignature2017',
+			'nonce' => random_string(64),
+			'creator' => z_root() . '/channel/' . $channel['channel_address'] . '/public_key_pem',
+			'created' => datetime_convert('UTC','UTC', 'now', 'Y-m-d\Th:i:s\Z')
+		];
+
+		$ohash = self::hash(self::signable_options($options));
+		$dhash = self::hash(self::signable_data($data));
+		$options['signatureValue'] = base64_encode(rsa_sign($ohash . $dhash,$channel['channel_prvkey']));
+
+		$signed = array_merge([
+			'@context' => [ 
+				ACTIVITYSTREAMS_JSONLD_REV, 
+				'https://w3id.org/security/v1' ],
+			],$options);
+
+		return $signed;
+	}
+
+
+	static function signable_data($data) {
+
+		$newdata = [];
+		if($data) {
+			foreach($data as $k => $v) {
+				if(! in_array($k,[ 'signature' ])) {
+					$newdata[$k] = $v;
+				}
+			}
+		}
+		return json_encode($newdata,JSON_UNESCAPED_SLASHES);
+	}
+
+
+	static function signable_options($options) {
+
+		$newopts = [ '@context' => 'https://w3id.org/identity/v1' ];
+		if($options) {
+			foreach($options as $k => $v) {
+				if(! in_array($k,[ 'type','id','signatureValue' ])) {
+					$newopts[$k] = $v;
+				}
+			}
+		}
+		return json_encode($newopts,JSON_UNESCAPED_SLASHES);
+	}
+
+	static function hash($obj) {
+
+		return hash('sha256',self::normalise($obj));
+	}
+
+	static function normalise($data) {
+		if(is_string($data)) {
+			$data = json_decode($data);
+		}
+
+		if(! is_object($data))
+			return '';
+
+		jsonld_set_document_loader('jsonld_document_loader');
+	
+		try {
+			$d = jsonld_normalize($data,[ 'algorithm' => 'URDNA2015', 'format' => 'application/nquads' ]);
+		}
+		catch (\Exception $e) {
+			logger('normalise error:' . print_r($e,true));
+			logger('normalise error: ' . print_r($data,true));
+		}
+
+		return $d;
+	}
+
+	static function salmon_sign($data,$channel) {
+
+		$arr       = $data;
+		$data      = json_encode($data,JSON_UNESCAPED_SLASHES);
+		$data      = base64url_encode($data, false); // do not strip padding
+		$data_type = 'application/activity+json';
+		$encoding  = 'base64url';
+		$algorithm = 'RSA-SHA256';
+		$keyhash   = base64url_encode(z_root() . '/channel/' . $channel['channel_address']);
+
+		$data = str_replace(array(" ","\t","\r","\n"),array("","","",""),$data);
+
+		// precomputed base64url encoding of data_type, encoding, algorithm concatenated with periods
+
+		$precomputed = '.' . base64url_encode($data_type,false) . '.YmFzZTY0dXJs.UlNBLVNIQTI1Ng==';
+
+		$signature  = base64url_encode(rsa_sign($data . $precomputed,$channel['channel_prvkey']));
+
+		return ([
+			'id'          => $arr['id'],
+			'meData'      => $data,
+			'meDataType'  => $data_type,
+			'meEncoding'  => $encoding,
+			'meAlgorithm' => $algorithm,
+			'meCreator'   => z_root() . '/channel/' . $channel['channel_address'] . '/public_key_pem',
+			'meSignatureValue' => $signature
+		]);
+
+	}
+
+
+
+}

Zotlabs/Lib/MarkdownSoap.php

@@ -0,0 +1,132 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+/**
+ * @brief MarkdownSoap class.
+ *
+ * Purify Markdown for storage
+ * @code{.php}
+ *   $x = new MarkdownSoap($string_to_be_cleansed);
+ *   $text = $x->clean();
+ * @endcode
+ * What this does:
+ * 1. extracts code blocks and privately escapes them from processing
+ * 2. Run html purifier on the content
+ * 3. put back the code blocks
+ * 4. run htmlspecialchars on the entire content for safe storage
+ *
+ * At render time:
+ * @code{.php}
+ *    $markdown = \Zotlabs\Lib\MarkdownSoap::unescape($text);
+ *    $html = \Michelf\MarkdownExtra::DefaultTransform($markdown);
+ * @endcode
+ */
+class MarkdownSoap {
+
+	/**
+	 * @var string
+	 */
+	private $str;
+	/**
+	 * @var string
+	 */
+	private $token;
+
+
+	function __construct($s) {
+		$this->str   = $s;
+		$this->token = random_string(20);
+	}
+
+	function clean() {
+
+		$x = $this->extract_code($this->str);
+
+		$x = $this->purify($x);
+
+		$x = $this->putback_code($x);
+
+		$x = $this->escape($x);
+
+		return $x;
+	}
+
+	/**
+	 * @brief Extracts code blocks and privately escapes them from processing.
+	 *
+	 * @see encode_code()
+	 * @see putback_code()
+	 *
+	 * @param string $s
+	 * @return string
+	 */
+	function extract_code($s) {
+
+		$text = preg_replace_callback('{
+					(?:\n\n|\A\n?)
+					(	            # $1 = the code block -- one or more lines, starting with a space/tab
+					  (?>
+						[ ]{'.'4'.'}  # Lines must start with a tab or a tab-width of spaces
+						.*\n+
+					  )+
+					)
+					((?=^[ ]{0,'.'4'.'}\S)|\Z)	# Lookahead for non-space at line-start, or end of doc
+				}xm',
+				[ $this , 'encode_code' ], $s);
+
+		return $text;
+	}
+
+	function encode_code($matches) {
+		return $this->token . ';' . base64_encode($matches[0]) . ';' ;
+	}
+
+	function decode_code($matches) {
+		return base64_decode($matches[1]);
+	}
+
+	/**
+	 * @brief Put back the code blocks.
+	 *
+	 * @see extract_code()
+	 * @see decode_code()
+	 *
+	 * @param string $s
+	 * @return string
+	 */
+	function putback_code($s) {
+		$text = preg_replace_callback('{' . $this->token . '\;(.*?)\;}xm', [ $this, 'decode_code' ], $s);
+		return $text;
+	}
+
+	function purify($s) {
+		$s = $this->protect_autolinks($s);
+		$s = purify_html($s);
+		$s = $this->unprotect_autolinks($s);
+		return $s;
+	}
+
+	function protect_autolinks($s) {
+		$s = preg_replace('/\<(https?\:\/\/)(.*?)\>/', '[$1$2]($1$2)', $s);
+		return $s;
+	}
+
+	function unprotect_autolinks($s) {
+		return $s;
+	}
+
+	function escape($s) {
+		return htmlspecialchars($s, ENT_QUOTES, 'UTF-8', false);
+	}
+
+	/**
+	 * @brief Converts special HTML entities back to characters.
+	 *
+	 * @param string $s
+	 * @return string
+	 */
+	static public function unescape($s) {
+		return htmlspecialchars_decode($s, ENT_QUOTES);
+	}
+}

Zotlabs/Lib/MessageFilter.php

@@ -0,0 +1,79 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+
+
+class MessageFilter {
+
+
+	static public function evaluate($item,$incl,$excl) {
+
+		require_once('include/html2plain.php');
+
+		unobscure($item);
+
+		$text = prepare_text($item['body'],$item['mimetype']);
+		$text = html2plain(($item['title']) ? $item['title'] . ' ' . $text : $text);
+
+
+		$lang = null;
+
+		if((strpos($incl,'lang=') !== false) || (strpos($excl,'lang=') !== false)) {
+			$lang = detect_language($text);
+		}
+
+		$tags = ((is_array($item['term']) && count($item['term'])) ? $item['term'] : false);
+
+		// exclude always has priority
+
+		$exclude = (($excl) ? explode("\n",$excl) : null);
+
+		if($exclude) {
+			foreach($exclude as $word) {
+				$word = trim($word);
+				if(! $word)
+					continue;
+				if(substr($word,0,1) === '#' && $tags) {
+					foreach($tags as $t)
+						if((($t['ttype'] == TERM_HASHTAG) || ($t['ttype'] == TERM_COMMUNITYTAG)) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*')))
+							return false;
+				}
+				elseif((strpos($word,'/') === 0) && preg_match($word,$text))
+					return false;
+				elseif((strpos($word,'lang=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,5))) == 0))
+					return false;
+				elseif(stristr($text,$word) !== false)
+					return false;
+			}
+		}
+
+		$include = (($incl) ? explode("\n",$incl) : null);
+
+		if($include) {
+			foreach($include as $word) {
+				$word = trim($word);
+				if(! $word)
+					continue;
+				if(substr($word,0,1) === '#' && $tags) {
+					foreach($tags as $t)
+						if((($t['ttype'] == TERM_HASHTAG) || ($t['ttype'] == TERM_COMMUNITYTAG)) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*')))
+							return true;
+				}
+				elseif((strpos($word,'/') === 0) && preg_match($word,$text))
+					return true;
+				elseif((strpos($word,'lang=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,5))) == 0))
+					return true;
+				elseif(stristr($text,$word) !== false)
+					return true;
+			}
+		}
+		else {
+			return true;
+		}
+
+		return false;
+	}
+
+
+}

Zotlabs/Lib/NativeWiki.php

@@ -0,0 +1,289 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+define ( 'NWIKI_ITEM_RESOURCE_TYPE', 'nwiki' );
+
+class NativeWiki {
+
+
+	static public function listwikis($channel, $observer_hash) {
+
+		$sql_extra = item_permissions_sql($channel['channel_id'], $observer_hash);
+		$wikis = q("SELECT * FROM item 
+			WHERE resource_type = '%s' AND mid = parent_mid AND uid = %d AND item_deleted = 0 $sql_extra", 
+			dbesc(NWIKI_ITEM_RESOURCE_TYPE),
+			intval($channel['channel_id'])
+		);
+
+		if($wikis) {
+			foreach($wikis as &$w) {
+
+				$w['json_allow_cid']  = acl2json($w['allow_cid']);
+				$w['json_allow_gid']  = acl2json($w['allow_gid']);
+				$w['json_deny_cid']   = acl2json($w['deny_cid']);
+				$w['json_deny_gid']   = acl2json($w['deny_gid']);
+
+				$w['rawName']  = get_iconfig($w, 'wiki', 'rawName');
+				$w['htmlName'] = escape_tags($w['rawName']);
+				$w['urlName']  = urlencode(urlencode($w['rawName']));
+				$w['mimeType'] = get_iconfig($w, 'wiki', 'mimeType');
+				$w['typelock'] = get_iconfig($w, 'wiki', 'typelock');
+				$w['lockstate']     = (($w['allow_cid'] || $w['allow_gid'] || $w['deny_cid'] || $w['deny_gid']) ? 'lock' : 'unlock');
+			}
+		}
+		// TODO: query db for wikis the observer can access. Return with two lists, for read and write access
+		return array('wikis' => $wikis);
+	}
+
+
+	function create_wiki($channel, $observer_hash, $wiki, $acl) {
+
+		// Generate unique resource_id using the same method as item_message_id()
+		do {
+			$dups = false;
+			$resource_id = random_string();
+			$r = q("SELECT mid FROM item WHERE resource_id = '%s' AND resource_type = '%s' AND uid = %d LIMIT 1", 
+				dbesc($resource_id), 
+				dbesc(NWIKI_ITEM_RESOURCE_TYPE),
+				intval($channel['channel_id'])
+			);
+			if($r)
+				$dups = true;
+		} while($dups == true);
+
+		$ac = $acl->get();
+		$mid = item_message_id();
+
+		$arr = array();	// Initialize the array of parameters for the post
+		$item_hidden = ((intval($wiki['postVisible']) === 0) ? 1 : 0); 
+		$wiki_url = z_root() . '/wiki/' . $channel['channel_address'] . '/' . $wiki['urlName'];
+		$arr['aid'] = $channel['channel_account_id'];
+		$arr['uid'] = $channel['channel_id'];
+		$arr['mid'] = $mid;
+		$arr['parent_mid'] = $mid;
+		$arr['item_hidden'] = $item_hidden;
+		$arr['resource_type'] = NWIKI_ITEM_RESOURCE_TYPE;
+		$arr['resource_id'] = $resource_id;
+		$arr['owner_xchan'] = $channel['channel_hash'];
+		$arr['author_xchan'] = $observer_hash;
+		$arr['plink'] = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . urlencode($arr['mid']);
+		$arr['llink'] = $arr['plink'];
+		$arr['title'] = $wiki['htmlName'];  // name of new wiki;
+		$arr['allow_cid'] = $ac['allow_cid'];
+		$arr['allow_gid'] = $ac['allow_gid'];
+		$arr['deny_cid'] = $ac['deny_cid'];
+		$arr['deny_gid'] = $ac['deny_gid'];
+		$arr['item_wall'] = 1;
+		$arr['item_origin'] = 1;
+		$arr['item_thread_top'] = 1;
+		$arr['item_private'] = intval($acl->is_private());
+		$arr['verb'] = ACTIVITY_CREATE;
+		$arr['obj_type'] = ACTIVITY_OBJ_WIKI;
+		$arr['body'] = '[table][tr][td][h1]New Wiki[/h1][/td][/tr][tr][td][zrl=' . $wiki_url . ']' . $wiki['htmlName'] . '[/zrl][/td][/tr][/table]';
+
+		$arr['public_policy'] = map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_wiki'),true);
+
+		// Save the wiki name information using iconfig. This is shareable.
+		if(! set_iconfig($arr, 'wiki', 'rawName', $wiki['rawName'], true)) {
+			return array('item' => null, 'success' => false);
+		}
+		if(! set_iconfig($arr, 'wiki', 'mimeType', $wiki['mimeType'], true)) {
+			return array('item' => null, 'success' => false);
+		}
+
+		set_iconfig($arr,'wiki','typelock',$wiki['typelock'],true);
+
+		$post = item_store($arr);
+
+		$item_id = $post['item_id'];
+
+		if($item_id) {
+			\Zotlabs\Daemon\Master::Summon(array('Notifier', 'activity', $item_id));
+			return array('item' => $post['item'], 'item_id' => $item_id, 'success' => true);
+		}
+		else {
+			return array('item' => null, 'success' => false);
+		}
+	}
+
+	function update_wiki($channel_id, $observer_hash, $arr, $acl) {
+
+		$w = self::get_wiki($channel_id, $observer_hash, $arr['resource_id']);
+		$item = $w['wiki'];
+
+		if(! $item) {
+			return array('item' => null, 'success' => false);
+		}
+
+		$x = $acl->get();
+
+		$item['allow_cid']    = $x['allow_cid'];
+		$item['allow_gid']    = $x['allow_gid'];
+		$item['deny_cid']     = $x['deny_cid'];
+		$item['deny_gid']     = $x['deny_gid'];
+		$item['item_private'] = intval($acl->is_private());
+
+		$update_title = false;
+
+		if($item['title'] !== $arr['updateRawName']) {
+			$update_title = true;
+			$item['title'] = $arr['updateRawName'];
+		}
+
+		$update = item_store_update($item);
+
+		$item_id = $update['item_id'];
+
+		// update acl for any existing wiki pages
+
+		q("update item set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d where resource_type = 'nwikipage' and resource_id = '%s'",
+			dbesc($item['allow_cid']), 
+			dbesc($item['allow_gid']), 
+			dbesc($item['deny_cid']), 
+			dbesc($item['deny_gid']), 
+			dbesc($item['item_private']), 
+			dbesc($arr['resource_id'])
+		); 
+
+
+		if($update['item_id']) {
+			info( t('Wiki updated successfully'));
+			if($update_title) {
+				// Update the wiki name information using iconfig.
+				if(! set_iconfig($update['item_id'], 'wiki', 'rawName', $arr['updateRawName'], true)) {
+					return array('item' => null, 'success' => false);
+				}
+			}
+			return array('item' => $update['item'], 'item_id' => $update['item_id'], 'success' => $update['success']);
+		}
+		else {
+			return array('item' => null, 'success' => false);
+		}
+	}
+
+	static public function sync_a_wiki_item($uid,$id,$resource_id) {
+
+
+		$r = q("SELECT * from item WHERE uid = %d AND ( id = %d OR ( resource_type = '%s' and resource_id = '%s' )) ",
+			intval($uid),
+			intval($id),
+			dbesc(NWIKI_ITEM_RESOURCE_TYPE),
+			dbesc($resource_id)
+		);
+
+		if($r) {
+			$q = q("select * from item where resource_type = 'nwikipage' and resource_id = '%s'",
+				dbesc($r[0]['resource_id'])
+			);
+			if($q) {
+				$r = array_merge($r,$q);
+			}
+			xchan_query($r);
+			$sync_item = fetch_post_tags($r);
+			if($sync_item) {
+				$pkt = [];
+				foreach($sync_item as $w) {
+					$pkt[] = encode_item($w,true);
+				}
+				build_sync_packet($uid,array('wiki' => $pkt));
+			}
+		}
+	}
+
+	function delete_wiki($channel_id,$observer_hash,$resource_id) {
+
+		$w = self::get_wiki($channel_id,$observer_hash,$resource_id);
+		$item = $w['wiki'];
+		if(! $item) {
+			return array('item' => null, 'success' => false);
+		} 
+		else {
+			$drop = drop_item($item['id'], false, DROPITEM_NORMAL, true);
+		}
+
+		info( t('Wiki files deleted successfully'));
+
+		return array('item' => $item, 'item_id' => $item['id'], 'success' => (($drop === 1) ? true : false));
+	}
+
+
+	static public function get_wiki($channel_id, $observer_hash, $resource_id) {
+		
+		$sql_extra = item_permissions_sql($channel_id,$observer_hash);
+
+		$item = q("SELECT * FROM item WHERE uid = %d AND resource_type = '%s' AND resource_id = '%s' AND item_deleted = 0 
+			$sql_extra limit 1",
+			intval($channel_id), 
+			dbesc(NWIKI_ITEM_RESOURCE_TYPE),
+			dbesc($resource_id)
+		);
+		if(! $item) {
+			return array('wiki' => null);
+		}
+		else {
+		
+			$w = $item[0];	// wiki item table record
+			// Get wiki metadata
+			$rawName  = get_iconfig($w, 'wiki', 'rawName');
+			$mimeType = get_iconfig($w, 'wiki', 'mimeType');
+			$typelock = get_iconfig($w, 'wiki', 'typelock');
+
+			return array(
+				'wiki'     => $w,
+				'rawName'  => $rawName,
+				'htmlName' => escape_tags($rawName),
+				'urlName'  => urlencode(urlencode($rawName)),
+				'mimeType' => $mimeType,
+				'typelock' => $typelock
+			);
+		}
+	}
+
+
+	static public function exists_by_name($uid, $urlName) {
+
+		$sql_extra = item_permissions_sql($uid);		
+
+		$item = q("SELECT item.id, resource_id FROM item left join iconfig on iconfig.iid = item.id 
+			WHERE resource_type = '%s' AND iconfig.v = '%s' AND uid = %d 
+			AND item_deleted = 0 $sql_extra limit 1", 
+			dbesc(NWIKI_ITEM_RESOURCE_TYPE), 
+			dbesc(urldecode($urlName)), 
+			intval($uid)
+		);
+
+		if($item) {
+			return array('id' => $item[0]['id'], 'resource_id' => $item[0]['resource_id']);
+		} 
+		else {
+			return array('id' => null, 'resource_id' => null);
+		}
+	}
+
+
+	static public function get_permissions($resource_id, $owner_id, $observer_hash) {
+		// TODO: For now, only the owner can edit
+		$sql_extra = item_permissions_sql($owner_id, $observer_hash);
+
+		if(local_channel() && local_channel() == $owner_id) {
+			return [ 'read' => true, 'write' => true, 'success' => true ];
+		}
+
+		$r = q("SELECT * FROM item WHERE uid = %d and resource_type = '%s' AND resource_id = '%s' $sql_extra LIMIT 1",
+			intval($owner_id),
+			dbesc(NWIKI_ITEM_RESOURCE_TYPE), 
+			dbesc($resource_id)
+		);
+
+		if(! $r) {
+			return array('read' => false, 'write' => false, 'success' => true);
+		}
+		else {
+			// TODO: Create a new permission setting for wiki analogous to webpages. Until
+			// then, use webpage permissions
+			$write = perm_is_allowed($owner_id, $observer_hash,'write_wiki');
+			return array('read' => true, 'write' => $write, 'success' => true);
+		}
+	}
+}

Zotlabs/Lib/NativeWikiPage.php

@@ -0,0 +1,695 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+use \Zotlabs\Lib as Zlib;
+
+class NativeWikiPage {
+
+	static public function page_list($channel_id,$observer_hash, $resource_id) {
+
+		// TODO: Create item table records for pages so that metadata like title can be applied
+		$w = Zlib\NativeWiki::get_wiki($channel_id,$observer_hash,$resource_id);
+
+		$pages[] = [
+			'resource_id' => '',
+			'title'       => 'Home',
+			'url'         => 'Home',
+			'link_id'     => 'id_wiki_home_0'
+		];
+
+		$sql_extra = item_permissions_sql($channel_id,$observer_hash);
+
+		$r = q("select * from item where resource_type = 'nwikipage' and resource_id = '%s' and uid = %d and item_deleted = 0 
+			$sql_extra order by title asc",
+			dbesc($resource_id),
+			intval($channel_id)
+		);
+		if($r) {
+			$x = [];
+			$y = [];
+
+			foreach($r as $rv) {
+				if(! in_array($rv['mid'],$x)) {
+					$y[] = $rv;
+					$x[] = $rv['mid'];
+				}
+			}
+
+			$items = fetch_post_tags($y,true);
+
+			foreach($items as $page_item) {
+				$title = get_iconfig($page_item['id'],'nwikipage','pagetitle',t('(No Title)'));
+				if(urldecode($title) !== 'Home') {
+					$pages[] = [
+						'resource_id' => $resource_id,
+						'title'       => escape_tags($title),
+						'url'         => str_replace('%2F','/',urlencode(str_replace('%2F','/',urlencode($title)))),
+						'link_id'     => 'id_' . substr($resource_id, 0, 10) . '_' . $page_item['id']
+					];
+				}
+			}
+		}
+
+		return array('pages' => $pages, 'wiki' => $w);
+	}
+
+
+	static public function create_page($channel_id, $observer_hash, $name, $resource_id, $mimetype = 'text/bbcode') {
+
+		logger('mimetype: ' . $mimetype);
+
+		if(! in_array($mimetype,[ 'text/markdown','text/bbcode','text/plain','text/html' ]))
+			$mimetype = 'text/markdown';
+
+		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
+
+		if (! $w['wiki']) {
+			return array('content' => null, 'message' => 'Error reading wiki', 'success' => false);
+		}
+
+		// backslashes won't work well in the javascript functions
+		$name = str_replace('\\','',$name);
+
+		// create an empty activity
+
+		$arr = [];
+		$arr['uid']           = $channel_id;
+		$arr['author_xchan']  = $observer_hash;
+		$arr['mimetype']      = $mimetype;
+		$arr['title']         = $name;
+		$arr['resource_type'] = 'nwikipage';
+		$arr['resource_id']   = $resource_id;
+		$arr['allow_cid']     = $w['wiki']['allow_cid'];
+		$arr['allow_gid']     = $w['wiki']['allow_gid'];
+		$arr['deny_cid']      = $w['wiki']['deny_cid'];
+		$arr['deny_gid']      = $w['wiki']['deny_gid'];
+
+		$arr['public_policy'] = map_scope(\Zotlabs\Access\PermissionLimits::Get($channel_id,'view_wiki'),true);
+
+		// We may wish to change this some day.
+		$arr['item_unpublished'] = 1;
+
+		set_iconfig($arr,'nwikipage','pagetitle',(($name) ? $name : t('(No Title)')),true);
+
+		$p = post_activity_item($arr, false, false);
+
+		if($p['item_id']) {
+			$page = [ 
+				'rawName'  => $name,
+				'htmlName' => escape_tags($name),
+				'urlName'  => urlencode($name), 
+
+			];
+
+			return array('page' => $page, 'item_id' => $p['item_id'], 'item' => $p['activity'], 'wiki' => $w, 'message' => '', 'success' => true);
+		}
+		return [ 'success' => false, 'message' => t('Wiki page create failed.') ];
+	}
+
+	static public function rename_page($arr) {
+
+		$pageUrlName   = ((array_key_exists('pageUrlName',$arr))   ? $arr['pageUrlName']   : '');
+		$pageNewName   = ((array_key_exists('pageNewName',$arr))   ? $arr['pageNewName']   : '');
+		$resource_id   = ((array_key_exists('resource_id',$arr))   ? $arr['resource_id']   : '');
+		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash'] : '');
+		$channel_id    = ((array_key_exists('channel_id',$arr))    ? $arr['channel_id']    : 0);
+
+		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
+		if(! $w['wiki']) {
+			return array('message' => t('Wiki not found.'), 'success' => false);
+		}
+
+
+		$ic = q("select * from iconfig left join item on iconfig.iid = item.id 
+			where uid = %d and cat = 'nwikipage' and k = 'pagetitle' and v = '%s'",
+			intval($channel_id),
+			dbesc($pageNewName)
+		);
+
+		if($ic) {
+			return [ 'success' => false, 'message' => t('Destination name already exists') ];
+		}
+
+
+		$ids = [];
+
+		$ic = q("select *, item.id as item_id from iconfig left join item on iconfig.iid = item.id 
+			where uid = %d and cat = 'nwikipage' and k = 'pagetitle' and v = '%s'",
+			intval($channel_id),
+			dbesc($pageUrlName)
+		);
+
+		if($ic) {
+			foreach($ic as $c) {
+				set_iconfig($c['item_id'],'nwikipage','pagetitle',$pageNewName);
+				$ids[] = $c['item_id'];
+			}
+
+			$str_ids = implode(',', $ids);
+			q("update item set title = '%s' where id in ($str_ids)",
+				dbesc($pageNewName)
+			);
+
+			$page = [ 
+				'rawName'  => $pageNewName, 
+				'htmlName' => escape_tags($pageNewName), 
+				'urlName'  => urlencode(escape_tags($pageNewName))
+			];
+
+			return [ 'success' => true, 'page' => $page ];
+		}
+
+		return [ 'success' => false, 'item_id' => $c['item_id'], 'message' => t('Page not found') ];
+	
+	}
+
+	static public function get_page_content($arr) {
+		$pageUrlName   = ((array_key_exists('pageUrlName',$arr))   ? $arr['pageUrlName']        : '');
+		$resource_id   = ((array_key_exists('resource_id',$arr))   ? $arr['resource_id']        : '');
+		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash']      : '');
+		$channel_id    = ((array_key_exists('channel_id',$arr))    ? intval($arr['channel_id']) : 0);
+		$revision      = ((array_key_exists('revision',$arr))      ? intval($arr['revision'])   : (-1));
+
+
+		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
+		if (! $w['wiki']) {
+			return array('content' => null, 'message' => 'Error reading wiki', 'success' => false);
+		}
+
+		$item = self::load_page($arr);
+
+		if($item) {
+			$content = $item['body'];
+
+			return [ 
+				'content'      => $content,
+				'mimeType'     => $w['mimeType'],
+				'pageMimeType' => $item['mimetype'], 
+				'message'      => '', 
+				'success'      => true
+			];
+		}
+	
+		return array('content' => null, 'message' => t('Error reading page content'), 'success' => false);
+
+	}
+
+	static public function page_history($arr) {
+		$pageUrlName = ((array_key_exists('pageUrlName',$arr)) ? $arr['pageUrlName'] : '');
+		$resource_id = ((array_key_exists('resource_id',$arr)) ? $arr['resource_id'] : '');
+		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash'] : '');
+		$channel_id    = ((array_key_exists('channel_id',$arr))    ? $arr['channel_id']    : 0);
+
+		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
+		if (!$w['wiki']) {
+			return array('history' => null, 'message' => 'Error reading wiki', 'success' => false);
+		}
+
+		$items = self::load_page_history($arr);
+
+		$history = [];
+
+		if($items) {
+			$processed = 0;
+			foreach($items as $item) {
+				if($processed > 1000)
+					break;
+				$processed ++;
+				$history[] = [ 
+					'revision' => $item['revision'],
+					'date' => datetime_convert('UTC',date_default_timezone_get(),$item['edited']),
+					'name' => $item['author']['xchan_name'],
+					'title' => get_iconfig($item,'nwikipage','commit_msg') 
+				];
+
+			}
+
+			return [ 'success' => true, 'history' => $history ];
+		}
+
+		return [ 'success' => false ];
+
+	}
+	
+
+	static public function load_page($arr) {
+
+		$pageUrlName   = ((array_key_exists('pageUrlName',$arr))   ? $arr['pageUrlName']     : '');
+		$resource_id   = ((array_key_exists('resource_id',$arr))   ? $arr['resource_id']     : '');
+		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash']   : '');
+		$channel_id    = ((array_key_exists('channel_id',$arr))    ? $arr['channel_id']      : 0);
+		$revision      = ((array_key_exists('revision',$arr))      ? $arr['revision']        : (-1));
+
+		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
+
+		if (! $w['wiki']) {
+			return array('content' => null, 'message' => 'Error reading wiki', 'success' => false);
+		}
+
+		$ids = '';
+
+		$ic = q("select * from iconfig left join item on iconfig.iid = item.id where uid = %d and cat = 'nwikipage' and k = 'pagetitle' and v = '%s'",
+			intval($channel_id),
+			dbesc($pageUrlName)
+		);
+
+		if($ic) {
+			foreach($ic as $c) {
+				if($ids)
+					$ids .= ',';
+				$ids .= intval($c['iid']);
+			}
+		}
+
+		$sql_extra = item_permissions_sql($channel_id,$observer_hash);
+
+		if($revision == (-1))
+			$sql_extra .= " order by revision desc ";
+		elseif($revision)
+			$sql_extra .= " and revision = " . intval($revision) . " ";
+
+		$r = null;
+
+
+		if($ids) {
+			$r = q("select * from item where resource_type = 'nwikipage' and resource_id = '%s' and uid = %d and id in ( $ids ) $sql_extra limit 1",
+				dbesc($resource_id),
+				intval($channel_id)
+			);
+
+			if($r) {
+				$items = fetch_post_tags($r,true);
+				return $items[0];
+			}
+		}
+
+		return null;
+	}
+
+	static public function load_page_history($arr) {
+
+		$pageUrlName   = ((array_key_exists('pageUrlName',$arr))   ? $arr['pageUrlName']     : '');
+		$resource_id   = ((array_key_exists('resource_id',$arr))   ? $arr['resource_id']     : '');
+		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash']   : '');
+		$channel_id    = ((array_key_exists('channel_id',$arr))    ? $arr['channel_id']      : 0);
+		$revision      = ((array_key_exists('revision',$arr))      ? $arr['revision']        : (-1));
+
+		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
+		if (! $w['wiki']) {
+			return array('content' => null, 'message' => 'Error reading wiki', 'success' => false);
+		}
+
+		$ids = '';
+
+		$ic = q("select * from iconfig left join item on iconfig.iid = item.id where uid = %d and cat = 'nwikipage' and k = 'pagetitle' and v = '%s'",
+			intval($channel_id),
+			dbesc($pageUrlName)
+		);
+	
+		if($ic) {
+			foreach($ic as $c) {
+				if($ids)
+					$ids .= ',';
+				$ids .= intval($c['iid']);
+			}
+		}
+
+		$sql_extra = item_permissions_sql($channel_id,$observer_hash);
+
+		$sql_extra .= " order by revision desc ";
+
+		$r = null;
+		if($ids) {
+			$r = q("select * from item where resource_type = 'nwikipage' and resource_id = '%s' and uid = %d and id in ( $ids ) and item_deleted = 0 $sql_extra",
+				dbesc($resource_id),
+				intval($channel_id)
+			);
+			if($r) {
+				xchan_query($r);
+				$items = fetch_post_tags($r,true);
+				return $items;
+			}
+		}
+
+		return null;
+	}
+
+	static public function save_page($arr) {
+
+		$pageUrlName   = ((array_key_exists('pageUrlName',$arr))   ? $arr['pageUrlName']   : '');
+		$content       = ((array_key_exists('content',$arr))       ? $arr['content']       : '');
+		$resource_id   = ((array_key_exists('resource_id',$arr))   ? $arr['resource_id']   : '');
+		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash'] : '');
+		$channel_id    = ((array_key_exists('channel_id',$arr))    ? $arr['channel_id']    : 0);
+		$revision      = ((array_key_exists('revision',$arr))      ? $arr['revision']      : 0);
+
+		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
+
+		if (!$w['wiki']) {
+			return array('message' => t('Error reading wiki'), 'success' => false);
+		}
+
+	
+		// fetch the most recently saved revision. 
+
+		$item = self::load_page($arr);
+
+		if(! $item) {
+			return array('message' => t('Page not found'), 'success' => false);
+		}
+
+		$mimetype = $item['mimetype'];
+
+		// change just the fields we need to change to create a revision; 
+
+		unset($item['id']);
+		unset($item['author']);
+
+		$item['parent']       = 0;
+		$item['body']         = $content;
+		$item['author_xchan'] = $observer_hash;
+		$item['revision']     = (($arr['revision']) ? intval($arr['revision']) + 1 : intval($item['revision']) + 1);
+		$item['edited']       = datetime_convert();
+		$item['mimetype']     = $mimetype;
+
+		if($item['iconfig'] && is_array($item['iconfig']) && count($item['iconfig'])) {
+			for($x = 0; $x < count($item['iconfig']); $x ++) {
+				unset($item['iconfig'][$x]['id']);
+				unset($item['iconfig'][$x]['iid']);
+			}
+		}
+
+		$ret = item_store($item, false, false);
+
+		if($ret['item_id'])
+			return array('message' => '', 'item_id' => $ret['item_id'], 'filename' => $filename, 'success' => true);
+		else
+			return array('message' => t('Page update failed.'), 'success' => false);
+	}	
+
+	static public function delete_page($arr) {
+		$pageUrlName = ((array_key_exists('pageUrlName',$arr)) ? $arr['pageUrlName'] : '');
+		$resource_id = ((array_key_exists('resource_id',$arr)) ? $arr['resource_id'] : '');
+		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash'] : '');
+		$channel_id    = ((array_key_exists('channel_id',$arr))    ? $arr['channel_id']    : 0);
+
+		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
+
+		if(! $w['wiki']) {
+			return [ 'success' => false, 'message' => t('Error reading wiki') ];
+		}
+
+		$ids = [];
+
+		$ic = q("select * from iconfig left join item on iconfig.iid = item.id 
+			where uid = %d and cat = 'nwikipage' and k = 'pagetitle' and v = '%s'",
+			intval($channel_id),
+			dbesc($pageUrlName)
+		);
+
+		if($ic) {
+			foreach($ic as $c) {
+				$ids[] = intval($c['iid']);
+			}
+		}
+
+		if($ids) {
+			drop_items($ids);
+			return [ 'success' => true ];
+		}
+
+		return [ 'success' => false, 'message' => t('Nothing deleted') ];	
+	}
+	
+	static public function revert_page($arr) {
+		$pageUrlName   = ((array_key_exists('pageUrlName',$arr))   ? $arr['pageUrlName']   : '');
+		$resource_id   = ((array_key_exists('resource_id',$arr))   ? $arr['resource_id']   : '');
+		$commitHash    = ((array_key_exists('commitHash',$arr))    ? $arr['commitHash']    : null);
+		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash'] : '');
+		$channel_id    = ((array_key_exists('channel_id',$arr))    ? $arr['channel_id']    : 0);
+
+		if (! $commitHash) {
+			return array('content' => $content, 'message' => 'No commit was provided', 'success' => false);
+		}
+
+		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
+		if (!$w['wiki']) {
+			return array('content' => $content, 'message' => 'Error reading wiki', 'success' => false);
+		}
+
+		$x = $arr;
+
+		if(intval($commitHash) > 0) {
+			unset($x['commitHash']);
+			$x['revision'] = intval($commitHash) - 1;
+			$loaded = self::load_page($x);
+
+			if($loaded) {
+				$content = $loaded['body'];
+				return [ 'content' => $content, 'success' => true ];
+			}
+			return [ 'content' => $content, 'success' => false ]; 
+		}
+	}
+	
+	static public function compare_page($arr) {
+		$pageUrlName = ((array_key_exists('pageUrlName',$arr)) ? $arr['pageUrlName'] : '');
+		$resource_id = ((array_key_exists('resource_id',$arr)) ? $arr['resource_id'] : '');
+		$currentCommit = ((array_key_exists('currentCommit',$arr)) ? $arr['currentCommit'] : (-1));
+		$compareCommit = ((array_key_exists('compareCommit',$arr)) ? $arr['compareCommit'] : 0);
+		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash'] : '');
+		$channel_id    = ((array_key_exists('channel_id',$arr))    ? $arr['channel_id']    : 0);
+
+		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
+
+		if (!$w['wiki']) {
+			return array('message' => t('Error reading wiki'), 'success' => false);
+		}
+
+		$x = $arr;
+		$x['revision'] = (-1);
+
+		$currpage = self::load_page($x);
+		if($currpage)
+			$currentContent = $currpage['body'];
+
+		$x['revision'] = $compareCommit;
+		$comppage = self::load_page($x);
+		if($comppage)
+			$compareContent = $comppage['body'];
+
+		if($currpage && $comppage) {
+			require_once('library/class.Diff.php');
+			$diff = \Diff::toTable(\Diff::compare($currentContent, $compareContent));
+
+			return [ 'success' => true, 'diff' => $diff ];
+		}
+		return [ 'success' => false, 'message' =>  t('Compare: object not found.') ];
+
+	}
+	
+	static public function commit($arr) {
+
+		$commit_msg    = ((array_key_exists('commit_msg', $arr))   ? $arr['commit_msg']    : t('Page updated'));
+		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash'] : '');
+		$channel_id    = ((array_key_exists('channel_id',$arr))    ? $arr['channel_id']    : 0);
+		$pageUrlName   = ((array_key_exists('pageUrlName',$arr))   ? $arr['pageUrlName']   : t('Untitled'));
+
+		if(array_key_exists('resource_id', $arr)) {
+			$resource_id = $arr['resource_id'];
+		}
+		else {
+			return array('message' => t('Wiki resource_id required for git commit'), 'success' => false);
+		}
+
+		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
+		if (! $w['wiki']) {
+			return array('message' => t('Error reading wiki'), 'success' => false);
+		}
+
+
+		$page = self::load_page($arr);
+
+		if($page) {
+			set_iconfig($page['id'],'nwikipage','commit_msg',escape_tags($commit_msg),true);
+			return [ 'success' => true, 'item_id' => $page['id'], 'page' => $page ];
+		}
+
+		return [ 'success' => false, 'message' => t('Page not found.') ];
+
+	}
+	
+	static public function convert_links($s, $wikiURL) {
+		
+		if (strpos($s,'[[') !== false) {
+			preg_match_all("/\[\[(.*?)\]\]/", $s, $match);
+			$pages = $pageURLs = array();
+			foreach ($match[1] as $m) {
+				// TODO: Why do we need to double urlencode for this to work?
+				$pageURLs[] = urlencode(urlencode(escape_tags($m)));
+				$pages[] = $m;
+			}
+			$idx = 0;
+			while(strpos($s,'[[') !== false) {
+			$replace = '<a href="'.$wikiURL.'/'.$pageURLs[$idx].'">'.$pages[$idx].'</a>';
+				$s = preg_replace("/\[\[(.*?)\]\]/", $replace, $s, 1);
+				$idx++;
+			}
+		}
+		return $s;
+	}
+
+	static public function render_page_history($arr) {
+
+		$pageUrlName = ((array_key_exists('pageUrlName', $arr)) ? $arr['pageUrlName'] : '');
+		$resource_id = ((array_key_exists('resource_id', $arr)) ? $arr['resource_id'] : '');
+
+		$pageHistory = self::page_history([
+			'channel_id'    => \App::$profile_uid, 
+			'observer_hash' => get_observer_hash(),
+			'resource_id'   => $resource_id,
+			'pageUrlName'   => $pageUrlName
+		]);
+
+		return replace_macros(get_markup_template('nwiki_page_history.tpl'), array(
+			'$pageHistory' => $pageHistory['history'],
+			'$permsWrite'  => $arr['permsWrite'],
+			'$name_lbl'    => t('Name'),
+			'$msg_label'   => t('Message','wiki_history')
+		));
+
+	}
+
+
+	
+	/**
+	 * Replace the instances of the string [toc] with a list element that will be populated by
+	 * a table of contents by the JavaScript library
+	 * @param string $s
+	 * @return string
+	 */
+	static public function generate_toc($s) {
+		if (strpos($s,'[toc]') !== false) {
+			//$toc_md = wiki_toc($s);	// Generate Markdown-formatted list prior to HTML render
+			$toc_md = '<ul id="wiki-toc"></ul>'; // use the available jQuery plugin http://ndabas.github.io/toc/
+			$s = preg_replace("/\[toc\]/", $toc_md, $s, -1);
+		}
+		return $s;
+	}
+	
+	/**
+	 *  Converts a select set of bbcode tags. Much of the code is copied from include/bbcode.php
+	 * @param string $s
+	 * @return string
+	 */
+	static public function bbcode($s) {
+			
+		$s = str_replace(array('[baseurl]', '[sitename]'), array(z_root(), get_config('system', 'sitename')), $s);
+			
+		$s = preg_replace_callback("/\[observer\.language\=(.*?)\](.*?)\[\/observer\]/ism",'oblanguage_callback', $s);
+
+		$s = preg_replace_callback("/\[observer\.language\!\=(.*?)\](.*?)\[\/observer\]/ism",'oblanguage_necallback', $s);
+
+
+		$observer = \App::get_observer();
+		if ($observer) {
+			$s1 = '<span class="bb_observer" title="' . t('Different viewers will see this text differently') . '">';
+			$s2 = '</span>';
+			$obsBaseURL = $observer['xchan_connurl'];
+			$obsBaseURL = preg_replace("/\/poco\/.*$/", '', $obsBaseURL);
+			$s = str_replace('[observer.baseurl]', $obsBaseURL, $s);
+			$s = str_replace('[observer.url]', $observer['xchan_url'], $s);
+			$s = str_replace('[observer.name]', $s1 . $observer['xchan_name'] . $s2, $s);
+			$s = str_replace('[observer.address]', $s1 . $observer['xchan_addr'] . $s2, $s);
+			$s = str_replace('[observer.webname]', substr($observer['xchan_addr'], 0, strpos($observer['xchan_addr'], '@')), $s);
+			$s = str_replace('[observer.photo]', '', $s);
+		} 
+		else {
+			$s = str_replace('[observer.baseurl]', '', $s);
+			$s = str_replace('[observer.url]', '', $s);
+			$s = str_replace('[observer.name]', '', $s);
+			$s = str_replace('[observer.address]', '', $s);
+			$s = str_replace('[observer.webname]', '', $s);
+			$s = str_replace('[observer.photo]', '', $s);
+		}
+	
+		return $s;
+	}
+	
+	static public function get_file_ext($arr) {
+		if($arr['mimetype'] === 'text/bbcode')
+			return '.bb';
+		elseif($arr['mimetype'] === 'text/markdown')
+			return '.md';
+		elseif($arr['mimetype'] === 'text/plain')
+			return '.txt';
+
+	}
+	
+	// This function is derived from 
+	// http://stackoverflow.com/questions/32068537/generate-table-of-contents-from-markdown-in-php
+	static public function toc($content) {
+	  // ensure using only "\n" as line-break
+	  $source = str_replace(["\r\n", "\r"], "\n", $content);
+	
+	  // look for markdown TOC items
+	  preg_match_all(
+		'/^(?:=|-|#).*$/m',
+		$source,
+		$matches,
+		PREG_PATTERN_ORDER | PREG_OFFSET_CAPTURE
+	  );
+	
+	  // preprocess: iterate matched lines to create an array of items
+	  // where each item is an array(level, text)
+	  $file_size = strlen($source);
+	  foreach ($matches[0] as $item) {
+		$found_mark = substr($item[0], 0, 1);
+		if ($found_mark == '#') {
+		  // text is the found item
+		  $item_text = $item[0];
+		  $item_level = strrpos($item_text, '#') + 1;
+		  $item_text = substr($item_text, $item_level);
+		} else {
+		  // text is the previous line (empty if <hr>)
+		  $item_offset = $item[1];
+		  $prev_line_offset = strrpos($source, "\n", -($file_size - $item_offset + 2));
+		  $item_text =
+			substr($source, $prev_line_offset, $item_offset - $prev_line_offset - 1);
+		  $item_text = trim($item_text);
+		  $item_level = $found_mark == '=' ? 1 : 2;
+		}
+		if (!trim($item_text) OR strpos($item_text, '|') !== FALSE) {
+		  // item is an horizontal separator or a table header, don't mind
+		  continue;
+		}
+		$raw_toc[] = ['level' => $item_level, 'text' => trim($item_text)];
+	  }
+		$o = '';
+		foreach($raw_toc as $t) {
+			$level = intval($t['level']);
+			$text = $t['text'];
+			switch ($level) {
+				case 1:
+					$li = '* ';
+					break;
+				case 2:
+					$li = '  * ';
+					break;
+				case 3:
+					$li = '    * ';
+					break;
+				case 4:
+					$li = '      * ';
+					break;
+				default:
+					$li = '* ';
+					break;
+			}
+			$o .= $li . $text . "\n";
+		}
+	  return $o;
+	}
+
+}

Zotlabs/Lib/PConfig.php

@@ -0,0 +1,211 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+/**
+ * @brief Class for handling channel specific configurations.
+ *
+ * <b>PConfig</b> is used for channel specific configurations and takes a
+ * <i>channel_id</i> as identifier. It stores for example which features are
+ * enabled per channel. The storage is of size MEDIUMTEXT.
+ *
+ * @code{.php}$var = Zotlabs\Lib\PConfig::Get('uid', 'category', 'key');
+ * // with default value for non existent key
+ * $var = Zotlabs\Lib\PConfig::Get('uid', 'category', 'unsetkey', 'defaultvalue');@endcode
+ *
+ * The old (deprecated?) way to access a PConfig value is:
+ * @code{.php}$var = get_pconfig(local_channel(), 'category', 'key');@endcode
+ */
+class PConfig {
+
+	/**
+	 * @brief Loads all configuration values of a channel into a cached storage.
+	 *
+	 * All configuration values of the given channel are stored in global cache
+	 * which is available under the global variable App::$config[$uid].
+	 *
+	 * @param string $uid
+	 *  The channel_id
+	 * @return void|false Nothing or false if $uid is null or false
+	 */
+	static public function Load($uid) {
+		if(is_null($uid) || $uid === false)
+			return false;
+
+		if(! is_array(\App::$config)) {
+			btlogger('App::$config not an array');
+		}
+
+		if(! array_key_exists($uid, \App::$config)) {
+			\App::$config[$uid] = array();
+		}
+
+		if(! is_array(\App::$config[$uid])) {
+			btlogger('App::$config[$uid] not an array: ' . $uid);
+		}
+
+		$r = q("SELECT * FROM pconfig WHERE uid = %d",
+			intval($uid)
+		);
+
+		if($r) {
+			foreach($r as $rr) {
+				$k = $rr['k'];
+				$c = $rr['cat'];
+				if(! array_key_exists($c, \App::$config[$uid])) {
+					\App::$config[$uid][$c] = array();
+					\App::$config[$uid][$c]['config_loaded'] = true;
+				}
+				\App::$config[$uid][$c][$k] = $rr['v'];
+			}
+		}
+	}
+
+	/**
+	 * @brief Get a particular channel's config variable given the category name
+	 * ($family) and a key.
+	 *
+	 * Get a particular channel's config value from the given category ($family)
+	 * and the $key from a cached storage in App::$config[$uid].
+	 *
+	 * Returns false if not set.
+	 *
+	 * @param string $uid
+	 *  The channel_id
+	 * @param string $family
+	 *  The category of the configuration value
+	 * @param string $key
+	 *  The configuration key to query
+	 * @param mixed $default (optional, default false)
+	 *  Default value to return if key does not exist
+	 * @return mixed Stored value or false if it does not exist
+	 */
+	static public function Get($uid, $family, $key, $default = false) {
+
+		if(is_null($uid) || $uid === false)
+			return $default;
+
+		if(! array_key_exists($uid, \App::$config))
+			self::Load($uid);
+
+		if((! array_key_exists($family, \App::$config[$uid])) || (! array_key_exists($key, \App::$config[$uid][$family])))
+			return $default;
+
+		return ((! is_array(\App::$config[$uid][$family][$key])) && (preg_match('|^a:[0-9]+:{.*}$|s', \App::$config[$uid][$family][$key]))
+			? unserialize(\App::$config[$uid][$family][$key])
+			: \App::$config[$uid][$family][$key]
+		);
+	}
+
+	/**
+	 * @brief Sets a configuration value for a channel.
+	 *
+	 * Stores a config value ($value) in the category ($family) under the key ($key)
+	 * for the channel_id $uid.
+	 *
+	 * @param string $uid
+	 *  The channel_id
+	 * @param string $family
+	 *  The category of the configuration value
+	 * @param string $key
+	 *  The configuration key to set
+	 * @param string $value
+	 *  The value to store
+	 * @return mixed Stored $value or false
+	 */
+	static public function Set($uid, $family, $key, $value) {
+
+		// this catches subtle errors where this function has been called
+		// with local_channel() when not logged in (which returns false)
+		// and throws an error in array_key_exists below.
+		// we provide a function backtrace in the logs so that we can find
+		// and fix the calling function.
+
+		if(is_null($uid) || $uid === false) {
+			btlogger('UID is FALSE!', LOGGER_NORMAL, LOG_ERR);
+			return;
+		}
+
+		// manage array value
+		$dbvalue = ((is_array($value))  ? serialize($value) : $value);
+		$dbvalue = ((is_bool($dbvalue)) ? intval($dbvalue)  : $dbvalue);
+
+		if(self::Get($uid, $family, $key) === false) {
+			if(! array_key_exists($uid, \App::$config))
+				\App::$config[$uid] = array();
+			if(! array_key_exists($family, \App::$config[$uid]))
+				\App::$config[$uid][$family] = array();
+
+			$ret = q("INSERT INTO pconfig ( uid, cat, k, v ) VALUES ( %d, '%s', '%s', '%s' ) ",
+				intval($uid),
+				dbesc($family),
+				dbesc($key),
+				dbesc($dbvalue)
+			);
+		}
+		else {
+
+			$ret = q("UPDATE pconfig SET v = '%s' WHERE uid = %d and cat = '%s' AND k = '%s'",
+				dbesc($dbvalue),
+				intval($uid),
+				dbesc($family),
+				dbesc($key)
+			);
+		}
+
+		// keep a separate copy for all variables which were
+		// set in the life of this page. We need this to
+		// synchronise channel clones.
+
+		if(! array_key_exists('transient', \App::$config[$uid]))
+			\App::$config[$uid]['transient'] = array();
+		if(! array_key_exists($family, \App::$config[$uid]['transient']))
+			\App::$config[$uid]['transient'][$family] = array();
+
+		\App::$config[$uid][$family][$key] = $value;
+		\App::$config[$uid]['transient'][$family][$key] = $value;
+
+		if($ret)
+			return $value;
+
+		return $ret;
+	}
+
+
+	/**
+	 * @brief Deletes the given key from the channel's configuration.
+	 *
+	 * Removes the configured value from the stored cache in App::$config[$uid]
+	 * and removes it from the database.
+	 *
+	 * @param string $uid
+	 *  The channel_id
+	 * @param string $family
+	 *  The category of the configuration value
+	 * @param string $key
+	 *  The configuration key to delete
+	 * @return mixed
+	 */
+	static public function Delete($uid, $family, $key) {
+
+		if(is_null($uid) || $uid === false)
+			return false;
+
+		$ret = false;
+
+		if(array_key_exists($uid,\App::$config)
+			&& is_array(\App::$config['uid'])
+			&& array_key_exists($family,\App::$config['uid'])
+			&& array_key_exists($key, \App::$config[$uid][$family]))
+			unset(\App::$config[$uid][$family][$key]);
+
+		$ret = q("DELETE FROM pconfig WHERE uid = %d AND cat = '%s' AND k = '%s'",
+			intval($uid),
+			dbesc($family),
+			dbesc($key)
+		);
+
+		return $ret;
+	}
+
+}

Zotlabs/Lib/Permcat.php

@@ -0,0 +1,186 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+use Zotlabs\Access\PermissionRoles;
+use Zotlabs\Access\Permissions;
+
+/**
+ * @brief Permission Categories. Permission rules for various classes of connections.
+ *
+ * Connection permissions answer the question "Can Joe view my photos?"
+ *
+ * Some permissions may be inherited from the channel's "privacy settings"
+ * (@ref ::Zotlabs::Access::PermissionLimits "PermissionLimits") "Who can view my
+ * photos (at all)?" which have higher priority than individual connection settings.
+ * We evaluate permission limits first, and then fall through to connection
+ * permissions if the permission limits didn't already make a definitive decision.
+ *
+ * After PermissionLimits and connection permissions are evaluated, individual
+ * content ACLs are evaluated (@ref ::Zotlabs::Access::AccessList "AccessList").
+ * These answer the question "Can Joe view *this* album/photo?".
+ */
+class Permcat {
+
+	/**
+	 * @var array
+	 */
+	private $permcats = [];
+
+	/**
+	 * @brief Permcat constructor.
+	 *
+	 * @param int $channel_id
+	 */
+	public function __construct($channel_id) {
+
+		$perms = [];
+
+		// first check role perms for a perms_connect setting
+
+		$role = get_pconfig($channel_id,'system','permissions_role');
+		if($role) {
+			$x = PermissionRoles::role_perms($role);
+			if($x['perms_connect']) {
+				$perms = Permissions::FilledPerms($x['perms_connect']);
+			}
+		}
+
+		// if no role perms it may be a custom role, see if there any autoperms
+
+		if(! $perms) {
+			$perms = Permissions::FilledAutoPerms($channel_id);
+		}
+
+		// if no autoperms it may be a custom role with manual perms
+
+		if(! $perms) {
+			$r = q("select channel_hash from channel where channel_id = %d",
+				intval($channel_id)
+			);
+			if($r) {
+				$x = q("select * from abconfig where chan = %d and xchan = '%s' and cat = 'my_perms'",
+					intval($channel_id),
+					dbesc($r[0]['channel_hash'])
+				);
+				if($x) {
+					foreach($x as $xv) {
+						$perms[$xv['k']] = intval($xv['v']);
+					}
+				}
+			}
+		}
+
+		// nothing was found - create a filled permission array where all permissions are 0
+
+		if(! $perms) {
+			$perms = Permissions::FilledPerms([]);
+		}
+
+		$this->permcats[] = [
+			'name'      => 'default',
+			'localname' => t('default','permcat'),
+			'perms'     => Permissions::Operms($perms),
+			'system'    => 1
+		];
+
+
+		$p = $this->load_permcats($channel_id);
+		if($p) {
+			for($x = 0; $x < count($p); $x++) {
+				$this->permcats[] = [
+					'name'      => $p[$x][0],
+					'localname' => $p[$x][1],
+					'perms'     => Permissions::Operms(Permissions::FilledPerms($p[$x][2])),
+					'system'    => intval($p[$x][3])
+				];
+			}
+		}
+	}
+
+	/**
+	 * @brief Return array with permcats.
+	 *
+	 * @return array
+	 */
+	public function listing() {
+		return $this->permcats;
+	}
+
+	/**
+	 * @brief
+	 *
+	 * @param string $name
+	 * @return array
+	 *   * \e array with permcats
+	 *   * \e bool \b error if $name not found in permcats true
+	 */
+	public function fetch($name) {
+		if($name && $this->permcats) {
+			foreach($this->permcats as $permcat) {
+				if(strcasecmp($permcat['name'], $name) === 0) {
+					return $permcat;
+				}
+			}
+		}
+
+		return ['error' => true];
+	}
+
+	public function load_permcats($uid) {
+
+		$permcats = [
+			[ 'follower', t('follower','permcat'),
+				[ 'view_stream','view_profile','view_contacts','view_storage','view_pages','view_wiki',
+				  'post_like' ], 1
+			],
+			[ 'contributor', t('contributor','permcat'),
+				[ 'view_stream','view_profile','view_contacts','view_storage','view_pages','view_wiki',
+				  'post_wall','post_comments','write_wiki','post_like','tag_deliver','chat' ], 1
+			],
+			[ 'publisher', t('publisher','permcat'),
+				[ 'view_stream','view_profile','view_contacts','view_storage','view_pages',
+				  'write_storage','post_wall','write_pages','write_wiki','post_comments','post_like','tag_deliver',
+				  'chat', 'republish' ], 1
+			]
+		];
+
+		if($uid) {
+			$x = q("select * from pconfig where uid = %d and cat = 'permcat'",
+				intval($uid)
+			);
+			if($x) {
+				foreach($x as $xv) {
+					$value = ((preg_match('|^a:[0-9]+:{.*}$|s', $xv['v'])) ? unserialize($xv['v']) : $xv['v']);
+					$permcats[] = [ $xv['k'], $xv['k'], $value, 0 ];
+				}
+			}
+		}
+
+		/**
+		 * @hooks permcats
+		 *   * \e array
+		 */
+		call_hooks('permcats', $permcats);
+
+		return $permcats;
+	}
+
+	static public function find_permcat($arr, $name) {
+		if((! $arr) || (! $name))
+			return false;
+
+		foreach($arr as $p)
+			if($p['name'] == $name)
+				return $p['value'];
+	}
+
+	static public function update($channel_id, $name, $permarr) {
+		PConfig::Set($channel_id, 'permcat', $name, $permarr);
+	}
+
+	static public function delete($channel_id, $name) {
+		PConfig::Delete($channel_id, 'permcat', $name);
+	}
+
+}

Zotlabs/Lib/PermissionDescription.php

@@ -0,0 +1,159 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+require_once("include/permissions.php");
+require_once("include/language.php");
+require_once("include/text.php");
+
+
+/**
+ * Encapsulates information the ACL dialog requires to describe
+ * permission settings for an item with an empty ACL.
+ * i.e the caption, icon, and tooltip for the no-ACL option in the ACL dialog.
+ */
+class PermissionDescription {
+
+	private $global_perm;
+	private $channel_perm;
+	private $fallback_description;
+
+	/**
+	 * Constructor is private.
+	 * Use static methods fromGlobalPermission(), fromStandalonePermission(),
+	 * or fromDescription() to create instances.
+	 *
+	 * @internal
+	 * @param int $global_perm
+	 * @param int $channel_perm
+	 * @param string $description (optional) default empty
+	 */
+	private function __construct($global_perm, $channel_perm, $description = '') {
+		$this->global_perm  = $global_perm;
+		$this->channel_perm = $channel_perm;
+		$this->fallback_description = ($description  == '') ? t('Visible to your default audience') : $description;
+	}
+
+	/**
+	 * If the interpretation of an empty ACL can't be summarised with a global default permission
+	 * or a specific permission setting then use this method and describe what it means instead.
+	 * Remember to localize the description first.
+	 *
+	 * @param  string $description - the localized caption for the no-ACL option in the ACL dialog.
+	 * @return a new instance of PermissionDescription
+	 */
+	public static function fromDescription($description) {
+		return new PermissionDescription('', 0x80000, $description);
+	}
+
+	/**
+	 * Use this method only if the interpretation of an empty ACL doesn't fall back to a global
+	 * default permission. You should pass one of the constants from boot.php - PERMS_PUBLIC,
+	 * PERMS_NETWORK etc.
+	 *
+	 * @param  integer $perm - a single enumerated constant permission - PERMS_PUBLIC, PERMS_NETWORK etc.
+	 * @return a new instance of PermissionDescription
+	 */
+	public static function fromStandalonePermission($perm) {
+
+		$result = new PermissionDescription('', $perm);
+
+		$checkPerm = $result->get_permission_description();
+		if($checkPerm == $result->fallback_description) {
+			$result = null;
+			logger('null PermissionDescription from unknown standalone permission: ' . $perm, LOGGER_DEBUG, LOG_ERR);
+		}
+
+		return $result;
+	}
+
+	/**
+	 * This is the preferred way to create a PermissionDescription, as it provides the most details.
+	 * Use this method if you know an empty ACL will result in one of the global default permissions
+	 * being used, such as channel_r_stream (for which you would pass 'view_stream').
+	 *
+	 * @param  string $permname - a key for the global perms array from get_perms() in permissions.php,
+	 *         e.g. 'view_stream', 'view_profile', etc.
+	 * @return a new instance of PermissionDescription
+	 */
+	public static function fromGlobalPermission($permname) {
+
+		$result = null;
+
+		$global_perms = \Zotlabs\Access\Permissions::Perms();
+
+		if(array_key_exists($permname, $global_perms)) {
+
+			$channelPerm = \Zotlabs\Access\PermissionLimits::Get(\App::$channel['channel_id'], $permname);
+
+			$result = new PermissionDescription('', $channelPerm);
+		} else {
+			// The acl dialog can handle null arguments, but it shouldn't happen
+			logger('null PermissionDescription from unknown global permission: ' . $permname, LOGGER_DEBUG, LOG_ERR);
+		}
+
+		return $result;
+	}
+
+	/**
+	 * Gets a localized description of the permission, or a generic message if the permission
+	 * is unknown.
+	 *
+	 * @return string description
+	 */
+	public function get_permission_description() {
+
+		switch($this->channel_perm) {
+			case 0:              return t('Only me');
+			case PERMS_PUBLIC:   return t('Public');
+			case PERMS_NETWORK:  return t('Anybody in the $Projectname network');
+			case PERMS_SITE:     return sprintf(t('Any account on %s'), \App::get_hostname());
+			case PERMS_CONTACTS: return t('Any of my connections');
+			case PERMS_SPECIFIC: return t('Only connections I specifically allow');
+			case PERMS_AUTHED:   return t('Anybody authenticated (could include visitors from other networks)');
+			case PERMS_PENDING:  return t('Any connections including those who haven\'t yet been approved');
+			default:             return $this->fallback_description;
+		}
+	}
+
+	/**
+	 * Returns an icon css class name if an appropriate one is available, e.g. "fa-globe" for Public,
+	 * otherwise returns empty string.
+	 *
+	 * @return string icon css class name (often FontAwesome)
+	 */
+	public function get_permission_icon() {
+
+		switch($this->channel_perm) {
+			case 0:/* only me */ return 'fa-eye-slash';
+			case PERMS_PUBLIC:   return 'fa-globe';
+			case PERMS_NETWORK:  return 'fa-share-alt-square'; // fa-share-alt-square is very similiar to the hubzilla logo, but we should create our own logo class to use
+			case PERMS_SITE:     return 'fa-sitemap';
+			case PERMS_CONTACTS: return 'fa-group';
+			case PERMS_SPECIFIC: return 'fa-list';
+			case PERMS_AUTHED:   return '';
+			case PERMS_PENDING:  return '';
+			default:             return '';
+		}
+	}
+
+	/**
+	 * Returns a localized description of where the permission came from, if this is known.
+	 * If it's not know, or if the permission is standalone and didn't come from a default
+	 * permission setting, then empty string is returned.
+	 *
+	 * @return string description or empty string
+	*/
+	public function get_permission_origin_description() {
+
+		switch($this->global_perm) {
+			case PERMS_R_STREAM:  return t('This is your default setting for the audience of your normal stream, and posts.');
+			case PERMS_R_PROFILE: return t('This is your default setting for who can view your default channel profile');
+			case PERMS_R_ABOOK:   return t('This is your default setting for who can view your connections');
+			case PERMS_R_STORAGE: return t('This is your default setting for who can view your file storage and photos');
+			case PERMS_R_PAGES:   return t('This is your default setting for the audience of your webpages');
+			default:              return '';
+		}
+	}
+
+}

Zotlabs/Lib/SConfig.php

@@ -0,0 +1,28 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+/**
+ * @brief Account configuration storage is built on top of the under-utilised xconfig.
+ *
+ * @see XConfig
+ */
+class SConfig {
+
+	static public function Load($server_id) {
+		return XConfig::Load('s_' . $server_id);
+	}
+
+	static public function Get($server_id,$family,$key,$default = false) {
+		return XConfig::Get('s_' . $server_id,$family,$key, $default);
+	}
+
+	static public function Set($server_id,$family,$key,$value) {
+		return XConfig::Set('s_' . $server_id,$family,$key,$value);
+	}
+
+	static public function Delete($server_id,$family,$key) {
+		return XConfig::Delete('s_' . $server_id,$family,$key);
+	}
+
+}

Zotlabs/Lib/Share.php

@@ -0,0 +1,143 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+
+class Share {
+
+	private $item = null;
+
+
+	public function __construct($post_id) {
+	
+		if(! $post_id)
+			return;
+	
+		if(! (local_channel() || remote_channel()))
+			return;
+	
+		$r = q("SELECT * from item left join xchan on author_xchan = xchan_hash WHERE id = %d  LIMIT 1",
+			intval($post_id)
+		);
+		if(! $r)
+			return;
+
+		if(($r[0]['item_private']) && ($r[0]['xchan_network'] !== 'rss'))
+			return;
+	
+		$sql_extra = item_permissions_sql($r[0]['uid']);
+	
+		$r = q("select * from item where id = %d $sql_extra",
+			intval($post_id)
+		);
+		if(! $r)
+			return;
+	
+		if($r[0]['mimetype'] !== 'text/bbcode')
+			return;
+	
+		/** @FIXME eventually we want to post remotely via rpost on your home site */
+		// When that works remove this next bit:
+	
+		if(! local_channel())
+			return;
+
+		xchan_query($r);
+	
+		$this->item = $r[0];
+		return;
+	}
+
+	public function obj() {
+		$obj = [];
+
+		if(! $this->item)
+			return $obj;
+
+		$obj['type']         = $this->item['obj_type'];
+		$obj['id']           = $this->item['mid'];
+		$obj['content']      = $this->item['body'];
+		$obj['content_type'] = $this->item['mimetype'];
+		$obj['title']        = $this->item['title'];
+		$obj['created']      = $this->item['created'];
+		$obj['edited']       = $this->item['edited'];
+		$obj['author'] = [
+			'name'     => $this->item['author']['xchan_name'],
+			'address'  => $this->item['author']['xchan_addr'],
+			'network'  => $this->item['author']['xchan_network'],
+			'link'     => [
+				[ 
+					'rel'  => 'alternate', 
+					'type' => 'text/html', 
+					'href' => $this->item['author']['xchan_url']
+				],
+				[
+					'rel'  => 'photo', 
+					'type' => $this->item['author']['xchan_photo_mimetype'], 
+					'href' => $this->item['author']['xchan_photo_m']
+				]
+			]
+		];
+
+		$obj['owner'] = [
+			'name'     => $this->item['owner']['xchan_name'],
+			'address'  => $this->item['owner']['xchan_addr'],
+			'network'  => $this->item['owner']['xchan_network'],
+			'link'     => [
+				[ 
+					'rel'  => 'alternate', 
+					'type' => 'text/html', 
+					'href' => $this->item['owner']['xchan_url']
+				],
+				[
+					'rel'  => 'photo', 
+					'type' => $this->item['owner']['xchan_photo_mimetype'], 
+					'href' => $this->item['owner']['xchan_photo_m']
+				]
+			]
+		];
+
+		$obj['link'] = [
+			'rel'  => 'alternate',
+			'type' => 'text/html',
+			'href' => $this->item['plink']
+		];
+
+		return $obj;
+	}
+
+	public function bbcode() {
+		$bb = EMPTY_STR;
+
+		if(! $this->item)
+			return $bb;
+
+		$is_photo = (($this->item['obj_type'] === ACTIVITY_OBJ_PHOTO) ? true : false);
+		if($is_photo) {
+			$object = json_decode($this->item['obj'],true);
+			$photo_bb = $object['body'];
+		}
+	
+		if (strpos($this->item['body'], "[/share]") !== false) {
+			$pos = strpos($this->item['body'], "[share");
+			$bb = substr($this->item['body'], $pos);
+		} else {
+			$bb = "[share author='".urlencode($this->item['author']['xchan_name']).
+				"' profile='"    . $this->item['author']['xchan_url'] .
+				"' avatar='"     . $this->item['author']['xchan_photo_s'] .
+				"' link='"       . $this->item['plink'] .
+				"' auth='"       . (($this->item['author']['network'] === 'zot') ? 'true' : 'false') .
+				"' posted='"     . $this->item['created'] .
+				"' message_id='" . $this->item['mid'] .
+			"']";
+			if($this->item['title'])
+				$bb .= '[b]'.$this->item['title'].'[/b]'."\r\n";
+			$bb .= (($is_photo) ? $photo_bb . "\r\n" . $this->item['body'] : $this->item['body']);
+			$bb .= "[/share]";
+		}
+
+		return $bb;
+
+	}
+
+}

Zotlabs/Lib/SuperCurl.php

@@ -0,0 +1,127 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+/**
+ * @brief wrapper for z_fetch_url() which can be instantiated with several built-in parameters and 
+ * these can be modified and re-used. Useful for CalDAV and other processes which need to authenticate
+ * and set lots of CURL options (many of which stay the same from one call to the next). 
+ */
+
+
+
+
+class SuperCurl {
+
+	
+    private $auth;
+    private $url;
+
+	private $curlopt = array();
+
+	private $headers = null;
+    public $filepos = 0;
+	public $filehandle = 0;
+    public $request_data = '';
+
+	private $request_method = 'GET';
+	private $upload = false;
+	private $cookies = false;
+
+
+    private function set_data($s) {
+        $this->request_data = $s;
+        $this->filepos = 0;
+    }
+
+    public function curl_read($ch,$fh,$size) {
+
+        if($this->filepos < 0) {
+            unset($fh);
+            return '';
+        }
+
+        $s = substr($this->request_data,$this->filepos,$size);
+
+        if(strlen($s) < $size)
+            $this->filepos = (-1);
+        else
+            $this->filepos = $this->filepos + $size;
+
+        return $s;
+    }
+
+
+	public function __construct($opts = array()) {
+		$this->set($opts);
+	}
+
+	private function set($opts = array()) {
+		if($opts) {
+			foreach($opts as $k => $v) {
+				switch($k) {
+					case 'http_auth':
+						$this->auth = $v;
+						break;
+					case 'magicauth':
+						// currently experimental
+						$this->magicauth = $v;
+						\Zotlabs\Daemon\Master::Summon([ 'CurlAuth', $v ]);
+						break;
+					case 'custom':
+						$this->request_method = $v;
+						break;
+					case 'url':
+						$this->url = $v;
+						break;
+					case 'data':
+						$this->set_data($v);
+						if($v) {
+							$this->upload = true;
+						}
+						else {
+							$this->upload = false;
+						}							
+						break;
+					case 'headers':
+						$this->headers = $v;
+						break;
+					default:
+						$this->curlopts[$k] = $v;
+						break;
+				}
+			}
+		}
+	}
+
+	function exec() {
+		$opts = $this->curlopts;
+		$url = $this->url;
+		if($this->auth)
+			$opts['http_auth'] = $this->auth;
+		if($this->magicauth) {
+			$opts['cookiejar']  = 'store/[data]/cookie_' . $this->magicauth;
+			$opts['cookiefile'] = 'store/[data]/cookie_' . $this->magicauth;
+			$opts['cookie'] = 'PHPSESSID=' . trim(file_get_contents('store/[data]/cookien_' . $this->magicauth));
+			$c = channelx_by_n($this->magicauth);
+			if($c)
+				$url = zid($this->url,channel_reddress($c));
+		}	
+		if($this->custom)
+			$opts['custom'] = $this->custom;
+		if($this->headers)
+			$opts['headers'] = $this->headers;
+		if($this->upload) {
+			$opts['upload'] = true;
+			$opts['infile'] = $this->filehandle;
+			$opts['infilesize'] = strlen($this->request_data);
+			$opts['readfunc'] = [ $this, 'curl_read' ] ;
+		}
+
+		$recurse = 0;
+		return z_fetch_url($this->url,true,$recurse,(($opts) ? $opts : null)); 
+		
+	}
+		
+	
+}

Zotlabs/Lib/System.php

@@ -0,0 +1,85 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+class System {
+
+	static public function get_platform_name() {
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && array_key_exists('platform_name',\App::$config['system']))
+			return \App::$config['system']['platform_name'];
+		return PLATFORM_NAME;
+	}
+
+	static public function get_site_name() {
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['sitename'])
+			return \App::$config['system']['sitename'];
+		return '';
+	}
+
+	static public function get_project_version() {
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['hide_version'])
+			return '';
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && array_key_exists('std_version',\App::$config['system']))
+			return \App::$config['system']['std_version'];
+
+		return self::get_std_version();
+	}
+
+	static public function get_update_version() {
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['hide_version'])
+			return '';
+		return DB_UPDATE_VERSION;
+	}
+
+
+	static public function get_notify_icon() {
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['email_notify_icon_url'])
+			return \App::$config['system']['email_notify_icon_url'];
+		return z_root() . DEFAULT_NOTIFY_ICON;
+	}
+
+	static public function get_site_icon() {
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['site_icon_url'])
+			return \App::$config['system']['site_icon_url'];
+		return z_root() . DEFAULT_PLATFORM_ICON ;
+	}
+
+
+	static public function get_project_link() {
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['project_link'])
+			return \App::$config['system']['project_link'];
+		return 'https://hubzilla.org';
+	}
+
+	static public function get_project_srclink() {
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['project_srclink'])
+			return \App::$config['system']['project_srclink'];
+		return 'https://framagit.org/hubzilla/core.git';
+	}
+
+	static public function get_server_role() {
+		return 'pro';
+	}
+
+
+	static public function get_zot_revision() {
+		$x = [ 'revision' => ZOT_REVISION ]; 
+		call_hooks('zot_revision',$x);
+		return $x['revision'];
+	}
+
+	static public function get_std_version() {
+		if(defined('STD_VERSION'))
+			return STD_VERSION;
+		return '0.0.0';
+	}
+
+	static public function compatible_project($p) {
+
+		if(get_directory_realm() != DIRECTORY_REALM)
+			return true;
+		if(in_array(strtolower($p),['hubzilla','zap','red']))
+			return true;
+		return false;
+	}
+}

Zotlabs/Lib/Techlevels.php

@@ -0,0 +1,21 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+
+class Techlevels {
+
+	static public function levels() {
+		$techlevels = [
+			'0' => t('0. Beginner/Basic'),
+			'1' => t('1. Novice - not skilled but willing to learn'),
+			'2' => t('2. Intermediate - somewhat comfortable'),
+			'3' => t('3. Advanced - very comfortable'),
+			'4' => t('4. Expert - I can write computer code'),			
+			'5' => t('5. Wizard - I probably know more than you do')
+		];
+		return $techlevels;
+	}
+
+}
+

Zotlabs/Lib/ThreadItem.php

@@ -0,0 +1,834 @@
+<?php /** @file */
+
+namespace Zotlabs\Lib;
+
+require_once('include/text.php');
+
+/**
+ * A thread item
+ */
+
+class ThreadItem {
+
+	public  $data = array();
+	private $template = 'conv_item.tpl';
+	private $comment_box_template = 'comment_item.tpl';
+	private $commentable = false;
+	// list of supported reaction emojis - a site can over-ride this via config system.reactions
+	private $reactions = ['1f60a','1f44f','1f37e','1f48b','1f61e','2665','1f606','1f62e','1f634','1f61c','1f607','1f608'];
+	private $toplevel = false;
+	private $children = array();
+	private $parent = null;
+	private $conversation = null;
+	private $redirect_url = null;
+	private $owner_url = '';
+	private $owner_photo = '';
+	private $owner_name = '';
+	private $wall_to_wall = false;
+	private $threaded = false;
+	private $visiting = false;
+	private $channel = null;
+	private $display_mode = 'normal';
+	private $reload = '';
+
+
+	public function __construct($data) {
+				
+		$this->data = $data;
+		$this->toplevel = ($this->get_id() == $this->get_data_value('parent'));
+
+		// Prepare the children
+		if($data['children']) {
+			foreach($data['children'] as $item) {
+
+				/*
+				 * Only add those that will be displayed
+				 */
+
+				if((! visible_activity($item)) || array_key_exists('blocked',$item)) {
+					continue;
+				}
+
+				$child = new ThreadItem($item);
+				$this->add_child($child);
+			}
+		}
+
+		// allow a site to configure the order and content of the reaction emoji list
+		if($this->toplevel) {
+			$x = get_config('system','reactions');
+			if($x && is_array($x) && count($x)) {
+				$this->reactions = $x;
+			}
+		}
+	}
+
+	/**
+	 * Get data in a form usable by a conversation template
+	 *
+	 * Returns:
+	 *      _ The data requested on success
+	 *      _ false on failure
+	 */
+
+	public function get_template_data($conv_responses, $thread_level=1) {
+	
+		$result = array();
+
+		$item     = $this->get_data();
+
+		$commentww = '';
+		$sparkle = '';
+		$buttons = '';
+		$dropping = false;
+		$star = false;
+		$isstarred = "unstarred fa-star-o";
+		$is_comment = false;
+		$is_item = false;
+		$osparkle = '';
+		$total_children = $this->count_descendants();
+		$unseen_comments = (($item['real_uid']) ? 0 : $this->count_unseen_descendants());
+
+		$conv = $this->get_conversation();
+		$observer = $conv->get_observer();
+
+		$lock = ((($item['item_private'] == 1) || (($item['uid'] == local_channel()) && (strlen($item['allow_cid']) || strlen($item['allow_gid']) 
+			|| strlen($item['deny_cid']) || strlen($item['deny_gid']))))
+			? t('Private Message')
+			: false);
+		$shareable = ((($conv->get_profile_owner() == local_channel() && local_channel()) && ($item['item_private'] != 1)) ? true : false);
+
+		// allow an exemption for sharing stuff from your private feeds
+		if($item['author']['xchan_network'] === 'rss')
+			$shareable = true;
+
+		$privacy_warning = false;
+		if(($item['item_private'] == 1) && ($item['owner']['xchan_network'] === 'activitypub')) {
+			$recips = get_iconfig($item['parent'], 'activitypub', 'recips');
+
+			if(! in_array($observer['xchan_url'], $recips['to']))
+				$privacy_warning = true;
+		}
+
+		$mode = $conv->get_mode();
+
+		switch($item['item_type']) {
+			case ITEM_TYPE_CARD:
+				$edlink = 'card_edit';
+				break;
+			case ITEM_TYPE_ARTICLE:
+				$edlink = 'article_edit';
+				break;
+			default:
+				$edlink = 'editpost';
+				break;
+		}
+
+		if(local_channel() && $observer['xchan_hash'] === $item['author_xchan'])
+			$edpost = array(z_root() . '/' . $edlink . '/' . $item['id'], t('Edit'));
+		else
+			$edpost = false;
+
+
+		if($observer['xchan_hash'] == $this->get_data_value('author_xchan') 
+			|| $observer['xchan_hash'] == $this->get_data_value('owner_xchan') 
+			|| $this->get_data_value('uid') == local_channel())
+			$dropping = true;
+
+
+		if(array_key_exists('real_uid',$item)) {
+			$edpost = false;
+			$dropping = false;
+		}
+
+
+		if($dropping) {
+			$drop = array(
+				'dropping' => $dropping,
+				'delete' => t('Delete'),
+			);
+		}		
+		elseif(is_site_admin()) {
+			$drop = [ 'dropping' => true, 'delete' => t('Admin Delete') ];
+		}
+
+// FIXME
+		if($observer_is_pageowner) {		
+			$multidrop = array(
+				'select' => t('Select'), 
+			);
+		}
+
+		$filer = ((($conv->get_profile_owner() == local_channel()) && (! array_key_exists('real_uid',$item))) ? t("Save to Folder") : false);
+
+		$profile_avatar = $item['author']['xchan_photo_m'];
+		$profile_link   = chanlink_hash($item['author_xchan']);
+		$profile_name   = $item['author']['xchan_name'];
+
+		$location = format_location($item);
+		$isevent = false;
+		$attend = null;
+		$canvote = false;
+
+		// process action responses - e.g. like/dislike/attend/agree/whatever
+		$response_verbs = array('like');
+		if(feature_enabled($conv->get_profile_owner(),'dislike'))
+			$response_verbs[] = 'dislike';
+		if($item['obj_type'] === ACTIVITY_OBJ_EVENT) {
+			$response_verbs[] = 'attendyes';
+			$response_verbs[] = 'attendno';
+			$response_verbs[] = 'attendmaybe';
+			if($this->is_commentable() && $observer) {
+				$isevent = true;
+				$attend = array( t('I will attend'), t('I will not attend'), t('I might attend'));
+			}
+		}
+
+		$consensus = (intval($item['item_consensus']) ? true : false);
+		if($consensus) {
+			$response_verbs[] = 'agree';
+			$response_verbs[] = 'disagree';
+			$response_verbs[] = 'abstain';
+			if($this->is_commentable() && $observer) {
+				$conlabels = array( t('I agree'), t('I disagree'), t('I abstain'));
+				$canvote = true;
+			}
+		}
+
+		if(! feature_enabled($conv->get_profile_owner(),'dislike'))
+			unset($conv_responses['dislike']);
+  
+		$responses = get_responses($conv_responses,$response_verbs,$this,$item);
+
+		$my_responses = [];
+		foreach($response_verbs as $v) {
+			$my_responses[$v] = (($conv_responses[$v][$item['mid'] . '-m']) ? 1 : 0);
+		}
+
+		$like_count = ((x($conv_responses['like'],$item['mid'])) ? $conv_responses['like'][$item['mid']] : '');
+		$like_list = ((x($conv_responses['like'],$item['mid'])) ? $conv_responses['like'][$item['mid'] . '-l'] : '');
+		if (($like_list) && (count($like_list) > MAX_LIKERS)) {
+			$like_list_part = array_slice($like_list, 0, MAX_LIKERS);
+			array_push($like_list_part, '<a class="dropdown-item" href="#" data-toggle="modal" data-target="#likeModal-' . $this->get_id() . '"><b>' . t('View all') . '</b></a>');
+		} else {
+			$like_list_part = '';
+		}
+		$like_button_label = tt('Like','Likes',$like_count,'noun');
+
+		if (feature_enabled($conv->get_profile_owner(),'dislike')) {
+			$dislike_count = ((x($conv_responses['dislike'],$item['mid'])) ? $conv_responses['dislike'][$item['mid']] : '');
+			$dislike_list = ((x($conv_responses['dislike'],$item['mid'])) ? $conv_responses['dislike'][$item['mid'] . '-l'] : '');
+			$dislike_button_label = tt('Dislike','Dislikes',$dislike_count,'noun');
+			if (($dislike_list) && (count($dislike_list) > MAX_LIKERS)) {
+				$dislike_list_part = array_slice($dislike_list, 0, MAX_LIKERS);
+				array_push($dislike_list_part, '<a class="dropdown-item" href="#" data-toggle="modal" data-target="#dislikeModal-' . $this->get_id() . '"><b>' . t('View all') . '</b></a>');
+			} else {
+				$dislike_list_part = '';
+			}
+		}
+
+		$showlike    = ((x($conv_responses['like'],$item['mid'])) ? format_like($conv_responses['like'][$item['mid']],$conv_responses['like'][$item['mid'] . '-l'],'like',$item['mid']) : '');
+		$showdislike = ((x($conv_responses['dislike'],$item['mid']) && feature_enabled($conv->get_profile_owner(),'dislike'))  
+				? format_like($conv_responses['dislike'][$item['mid']],$conv_responses['dislike'][$item['mid'] . '-l'],'dislike',$item['mid']) : '');
+
+		/*
+		 * We should avoid doing this all the time, but it depends on the conversation mode
+		 * And the conv mode may change when we change the conv, or it changes its mode
+		 * Maybe we should establish a way to be notified about conversation changes
+		 */
+
+		$this->check_wall_to_wall();
+		
+		if($this->is_toplevel()) {
+			// FIXME check this permission
+			if(($conv->get_profile_owner() == local_channel()) && (! array_key_exists('real_uid',$item))) {
+
+				$star = array(
+					'toggle' => t("Toggle Star Status"),
+					'isstarred' => ((intval($item['item_starred'])) ? true : false),
+				);
+
+			}
+		} 
+		else {
+			$is_comment = true;
+		}
+
+
+		$verified = (intval($item['item_verified']) ? t('Message signature validated') : '');
+		$forged = ((($item['sig']) && (! intval($item['item_verified']))) ? t('Message signature incorrect') : '');
+		$unverified = '' ; // (($this->is_wall_to_wall() && (! intval($item['item_verified']))) ? t('Message cannot be verified') : '');
+
+
+
+		// FIXME - check this permission
+		if($conv->get_profile_owner() == local_channel()) {
+			$tagger = array(
+				'tagit' => t("Add Tag"),
+				'classtagger' => "",
+			);
+		}
+
+		$has_bookmarks = false;
+		if(is_array($item['term'])) {
+			foreach($item['term'] as $t) {
+				if((get_account_techlevel() > 0) && ($t['ttype'] == TERM_BOOKMARK))
+					$has_bookmarks = true;
+			}
+		}
+
+		$has_event = false;
+		if(($item['obj_type'] === ACTIVITY_OBJ_EVENT) && $conv->get_profile_owner() == local_channel())
+			$has_event = true;
+
+		if($this->is_commentable() && $observer) {
+			$like = array( t("I like this \x28toggle\x29"), t("like"));
+			$dislike = array( t("I don't like this \x28toggle\x29"), t("dislike"));
+		}
+
+		if ($shareable)
+			$share = array( t('Share This'), t('share'));
+
+		$dreport = '';
+
+		$keep_reports = intval(get_config('system','expire_delivery_reports'));
+		if($keep_reports === 0)
+			$keep_reports = 10;
+
+		if((! get_config('system','disable_dreport')) && strcmp(datetime_convert('UTC','UTC',$item['created']),datetime_convert('UTC','UTC',"now - $keep_reports days")) > 0)
+			$dreport = t('Delivery Report');
+
+		if(strcmp(datetime_convert('UTC','UTC',$item['created']),datetime_convert('UTC','UTC','now - 12 hours')) > 0)
+			$is_new = true;
+
+
+		localize_item($item);
+
+		$body = prepare_body($item,true);
+
+		// $viewthread (below) is only valid in list mode. If this is a channel page, build the thread viewing link
+		// since we can't depend on llink or plink pointing to the right local location.
+ 
+		$owner_address = substr($item['owner']['xchan_addr'],0,strpos($item['owner']['xchan_addr'],'@'));
+		$viewthread = $item['llink'];
+		if($conv->get_mode() === 'channel')
+			$viewthread = z_root() . '/channel/' . $owner_address . '?f=&mid=' . urlencode($item['mid']);
+
+		$comment_count_txt = sprintf( tt('%d comment','%d comments',$total_children),$total_children );
+		$list_unseen_txt = (($unseen_comments) ? sprintf('%d unseen',$unseen_comments) : '');
+		
+		
+
+		
+
+		$children = $this->get_children();
+
+		$has_tags = (($body['tags'] || $body['categories'] || $body['mentions'] || $body['attachments'] || $body['folders']) ? true : false);
+
+		$tmp_item = array(
+			'template' => $this->get_template(),
+			'mode' => $mode,
+			'item_type' => intval($item['item_type']),			
+			'type' => implode("",array_slice(explode("/",$item['verb']),-1)),
+			'body' => $body['html'],
+			'tags' => $body['tags'],
+			'categories' => $body['categories'],
+			'mentions' => $body['mentions'],
+			'attachments' => $body['attachments'],
+			'folders' => $body['folders'],
+			'text' => strip_tags($body['html']),
+			'id' => $this->get_id(),
+			'mid' => $item['mid'],
+			'isevent' => $isevent,
+			'attend' => $attend,
+			'consensus' => $consensus,
+			'conlabels' => $conlabels,
+			'canvote' => $canvote,
+			'linktitle' => sprintf( t('View %s\'s profile - %s'), $profile_name, $item['author']['xchan_addr']),
+			'olinktitle' => sprintf( t('View %s\'s profile - %s'), $this->get_owner_name(), $item['owner']['xchan_addr']),
+			'llink' => $item['llink'],
+			'viewthread' => $viewthread,
+			'to' => t('to'),
+			'via' => t('via'),
+			'wall' => t('Wall-to-Wall'),
+			'vwall' => t('via Wall-To-Wall:'),
+			'profile_url' => $profile_link,
+			'thread_action_menu' => thread_action_menu($item,$conv->get_mode()),
+			'thread_author_menu' => thread_author_menu($item,$conv->get_mode()),
+			'dreport' => $dreport,
+			'name' => $profile_name,
+			'thumb' => $profile_avatar,
+			'osparkle' => $osparkle,
+			'sparkle' => $sparkle,
+			'title' => $item['title'],
+			'title_tosource' => get_pconfig($conv->get_profile_owner(),'system','title_tosource'),
+			'ago' => relative_date($item['created']),
+			'app' => $item['app'],
+			'str_app' => sprintf( t('from %s'), $item['app']),
+			'isotime' => datetime_convert('UTC', date_default_timezone_get(), $item['created'], 'c'),
+			'localtime' => datetime_convert('UTC', date_default_timezone_get(), $item['created'], 'r'),
+			'editedtime' => (($item['edited'] != $item['created']) ? sprintf( t('last edited: %s'), datetime_convert('UTC', date_default_timezone_get(), $item['edited'], 'r')) : ''),
+			'expiretime' => (($item['expires'] > NULL_DATE) ? sprintf( t('Expires: %s'), datetime_convert('UTC', date_default_timezone_get(), $item['expires'], 'r')):''),
+			'lock' => $lock,
+			'privacy_warning' => $privacy_warning,
+			'verified' => $verified,
+			'unverified' => $unverified,
+			'forged' => $forged,
+			'location' => $location,
+			'divider' => get_pconfig($conv->get_profile_owner(),'system','item_divider'),
+			'attend_label' => t('Attend'),
+			'attend_title' => t('Attendance Options'),
+			'vote_label' => t('Vote'),
+			'vote_title' => t('Voting Options'),
+			'is_comment' => $is_comment,
+			'is_new' => $is_new,
+			'owner_url' => $this->get_owner_url(),
+			'owner_photo' => $this->get_owner_photo(),
+			'owner_name' => $this->get_owner_name(),
+			'photo' => $body['photo'],
+			'event' => $body['event'],
+			'has_tags' => $has_tags,
+			'reactions' => $this->reactions,
+// Item toolbar buttons
+			'emojis'   => (($this->is_toplevel() && $this->is_commentable() && $observer && feature_enabled($conv->get_profile_owner(),'emojis')) ? '1' : ''),
+			'like'      => $like,
+			'dislike'   => ((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike : ''),
+			'share'     => $share,
+			'rawmid'	=> $item['mid'],
+			'plink'     => get_plink($item),
+			'edpost'    => $edpost, // ((feature_enabled($conv->get_profile_owner(),'edit_posts')) ? $edpost : ''),
+			'star'      => ((feature_enabled($conv->get_profile_owner(),'star_posts')) ? $star : ''),
+			'tagger'    => ((feature_enabled($conv->get_profile_owner(),'commtag')) ? $tagger : ''),
+			'filer'     => ((feature_enabled($conv->get_profile_owner(),'filing')) ? $filer : ''),
+			'bookmark'  => (($conv->get_profile_owner() == local_channel() && local_channel() && $has_bookmarks) ? t('Save Bookmarks') : ''),
+			'addtocal'  => (($has_event) ? t('Add to Calendar') : ''),
+			'drop'      => $drop,
+			'multidrop' => ((feature_enabled($conv->get_profile_owner(),'multi_delete')) ? $multidrop : ''),
+// end toolbar buttons
+
+			'unseen_comments' => $unseen_comments,
+			'comment_count' => $total_children,
+			'comment_count_txt' => $comment_count_txt,
+			'list_unseen_txt' => $list_unseen_txt,
+			'markseen' => t('Mark all seen'),
+			'responses' => $responses,
+			'my_responses' => $my_responses,
+			'like_count' => $like_count,
+			'like_list' => $like_list,
+			'like_list_part' => $like_list_part,
+			'like_button_label' => $like_button_label,
+			'like_modal_title' => t('Likes','noun'),
+			'dislike_modal_title' => t('Dislikes','noun'),
+			'dislike_count' => ((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_count : ''),
+			'dislike_list' => ((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_list : ''),
+			'dislike_list_part' => ((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_list_part : ''),
+			'dislike_button_label' => ((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_button_label : ''),
+			'modal_dismiss' => t('Close'),
+			'showlike' => $showlike,
+			'showdislike' => $showdislike,
+			'comment' => $this->get_comment_box($indent),
+			'previewing' => ($conv->is_preview() ? true : false ),
+			'preview_lbl' => t('This is an unsaved preview'),
+			'wait' => t('Please wait'),
+			'submid' => str_replace(['+','='], ['',''], base64_encode($item['mid'])),
+			'thread_level' => $thread_level
+		);
+
+		$arr = array('item' => $item, 'output' => $tmp_item);
+		call_hooks('display_item', $arr);
+
+		$result = $arr['output'];
+
+		$result['children'] = array();
+		$nb_children = count($children);
+
+		$visible_comments = get_config('system','expanded_comments');
+		if($visible_comments === false)
+			$visible_comments = 3;
+
+//		needed for scroll to comment from notification but needs more work
+//		as we do not want to open all comments unless there is actually an #item_xx anchor
+//		and the url fragment is not sent to the server. 
+//		if(in_array(\App::$module,['display','update_display'])) 
+//			$visible_comments = 99999;
+
+		if(($this->get_display_mode() === 'normal') && ($nb_children > 0)) {
+			foreach($children as $child) {
+				$result['children'][] = $child->get_template_data($conv_responses, $thread_level + 1);
+			}
+			// Collapse
+			if(($nb_children > $visible_comments) || ($thread_level > 1)) {
+				$result['children'][0]['comment_firstcollapsed'] = true;
+				$result['children'][0]['num_comments'] = $comment_count_txt;
+				$result['children'][0]['hide_text'] = sprintf( t('%s show all'), '<i class="fa fa-chevron-down"></i>');
+				if($thread_level > 1) {
+					$result['children'][$nb_children - 1]['comment_lastcollapsed'] = true;
+				}
+				else {
+					$result['children'][$nb_children - ($visible_comments + 1)]['comment_lastcollapsed'] = true;
+				}
+			}
+		}
+		
+		$result['private'] = $item['item_private'];
+		$result['toplevel'] = ($this->is_toplevel() ? 'toplevel_item' : '');
+
+		if($this->is_threaded()) {
+			$result['flatten'] = false;
+			$result['threaded'] = true;
+		}
+		else {
+			$result['flatten'] = true;
+			$result['threaded'] = false;
+		}
+
+		return $result;
+	}
+	
+	public function get_id() {
+		return $this->get_data_value('id');
+	}
+
+	public function get_display_mode() {
+		return $this->display_mode;
+	}
+
+	public function set_display_mode($mode) {
+		$this->display_mode = $mode;
+	}
+
+	public function is_threaded() {
+		return $this->threaded;
+	}
+
+	public function set_reload($val) {
+		$this->reload = $val;
+	}
+
+	public function get_reload() {
+		return $this->reload;
+	}
+
+	public function set_commentable($val) {
+		$this->commentable = $val;
+		foreach($this->get_children() as $child)
+			$child->set_commentable($val);
+	}
+
+	public function is_commentable() {
+		return $this->commentable;
+	}
+
+	/**
+	 * Add a child item
+	 */
+	public function add_child($item) {
+		$item_id = $item->get_id();
+		if(!$item_id) {
+			logger('[ERROR] Item::add_child : Item has no ID!!', LOGGER_DEBUG);
+			return false;
+		}
+		if($this->get_child($item->get_id())) {
+			logger('[WARN] Item::add_child : Item already exists ('. $item->get_id() .').', LOGGER_DEBUG);
+			return false;
+		}
+		/*
+		 * Only add what will be displayed
+		 */
+
+		if(activity_match($item->get_data_value('verb'),ACTIVITY_LIKE) || activity_match($item->get_data_value('verb'),ACTIVITY_DISLIKE)) {
+			return false;
+		}
+		
+		$item->set_parent($this);
+		$this->children[] = $item;
+		return end($this->children);
+	}
+
+	/**
+	 * Get a child by its ID
+	 */
+	public function get_child($id) {
+		foreach($this->get_children() as $child) {
+			if($child->get_id() == $id)
+				return $child;
+		}
+		return null;
+	}
+
+	/**
+	 * Get all our children
+	 */
+	public function get_children() {
+		return $this->children;
+	}
+
+	/**
+	 * Set our parent
+	 */
+	protected function set_parent($item) {
+		$parent = $this->get_parent();
+		if($parent) {
+			$parent->remove_child($this);
+		}
+		$this->parent = $item;
+		$this->set_conversation($item->get_conversation());
+	}
+
+	/**
+	 * Remove our parent
+	 */
+	protected function remove_parent() {
+		$this->parent = null;
+		$this->conversation = null;
+	}
+
+	/**
+	 * Remove a child
+	 */
+	public function remove_child($item) {
+		$id = $item->get_id();
+		foreach($this->get_children() as $key => $child) {
+			if($child->get_id() == $id) {
+				$child->remove_parent();
+				unset($this->children[$key]);
+				// Reindex the array, in order to make sure there won't be any trouble on loops using count()
+				$this->children = array_values($this->children);
+				return true;
+			}
+		}
+		logger('[WARN] Item::remove_child : Item is not a child ('. $id .').', LOGGER_DEBUG);
+		return false;
+	}
+
+	/**
+	 * Get parent item
+	 */
+	protected function get_parent() {
+		return $this->parent;
+	}
+
+	/**
+	 * set conversation
+	 */
+	public function set_conversation($conv) {
+		$previous_mode = ($this->conversation ? $this->conversation->get_mode() : '');
+		
+		$this->conversation = $conv;
+
+		// Set it on our children too
+		foreach($this->get_children() as $child)
+			$child->set_conversation($conv);
+	}
+
+	/**
+	 * get conversation
+	 */
+	public function get_conversation() {
+		return $this->conversation;
+	}
+
+	/**
+	 * Get raw data
+	 *
+	 * We shouldn't need this
+	 */
+	public function get_data() {
+		return $this->data;
+	}
+
+	/**
+	 * Get a data value
+	 *
+	 * Returns:
+	 *      _ value on success
+	 *      _ false on failure
+	 */
+	public function get_data_value($name) {
+		if(!isset($this->data[$name])) {
+//			logger('[ERROR] Item::get_data_value : Item has no value name "'. $name .'".', LOGGER_DEBUG);
+			return false;
+		}
+
+		return $this->data[$name];
+	}
+
+	/**
+	 * Get template
+	 */
+	public function get_template() {
+		return $this->template;
+	}
+
+
+	public function set_template($t) {
+		$this->template = $t;
+	}
+
+	/**
+	 * Check if this is a toplevel post
+	 */
+	private function is_toplevel() {
+		return $this->toplevel;
+	}
+
+	/**
+	 * Count the total of our descendants
+	 */
+	private function count_descendants() {
+		$children = $this->get_children();
+		$total = count($children);
+		if($total > 0) {
+			foreach($children as $child) {
+				$total += $child->count_descendants();
+			}
+		}
+		return $total;
+	}
+
+	private function count_unseen_descendants() {
+		$children = $this->get_children();
+		$total = count($children);
+		if($total > 0) {
+			$total = 0;
+			foreach($children as $child) {
+				if((! visible_activity($child->data)) || array_key_exists('author_blocked',$child->data)) {
+					continue;
+				}
+				if(intval($child->data['item_unseen']))
+					$total ++;
+			}
+		}
+		return $total;
+	}
+
+
+	/**
+	 * Get the template for the comment box
+	 */
+	private function get_comment_box_template() {
+		return $this->comment_box_template;
+	}
+
+	/**
+	 * Get the comment box
+	 *
+	 * Returns:
+	 *      _ The comment box string (empty if no comment box)
+	 *      _ false on failure
+	 */
+	private function get_comment_box($indent) {
+
+		if(!$this->is_toplevel() && !get_config('system','thread_allow')) {
+			return '';
+		}
+		
+		$comment_box = '';
+		$conv = $this->get_conversation();
+
+//		logger('Commentable conv: ' . $conv->is_commentable());
+
+		if(! $this->is_commentable())
+			return;
+
+		$template = get_markup_template($this->get_comment_box_template());
+
+		$observer = $conv->get_observer();
+
+		$arr = array('comment_buttons' => '','id' => $this->get_id());
+		call_hooks('comment_buttons',$arr);
+		$comment_buttons = $arr['comment_buttons'];
+		
+		$feature_auto_save_draft = ((feature_enabled($conv->get_profile_owner(), 'auto_save_draft')) ? "true" : "false");
+
+		$comment_box = replace_macros($template,array(
+			'$return_path' => '',
+			'$threaded' => $this->is_threaded(),
+			'$jsreload' => $conv->reload,
+			'$type' => (($conv->get_mode() === 'channel') ? 'wall-comment' : 'net-comment'),
+			'$id' => $this->get_id(),
+			'$parent' => $this->get_id(),
+			'$comment_buttons' => $comment_buttons,
+			'$profile_uid' =>  $conv->get_profile_owner(),
+			'$mylink' => $observer['xchan_url'],
+			'$mytitle' => t('This is you'),
+			'$myphoto' => $observer['xchan_photo_s'],
+			'$comment' => t('Comment'),
+			'$submit' => t('Submit'),
+			'$edbold' => t('Bold'),
+			'$editalic' => t('Italic'),
+			'$eduline' => t('Underline'),
+			'$edquote' => t('Quote'),
+			'$edcode' => t('Code'),
+			'$edimg' => t('Image'),
+			'$edatt' => t('Attach/Upload file'),
+			'$edurl' => t('Insert Link'),
+			'$edvideo' => t('Video'),
+			'$preview' => t('Preview'), // ((feature_enabled($conv->get_profile_owner(),'preview')) ? t('Preview') : ''),
+			'$indent' => $indent,
+			'$can_upload' => (perm_is_allowed($conv->get_profile_owner(),get_observer_hash(),'write_storage') && $conv->is_uploadable()),
+			'$feature_encrypt' => ((feature_enabled($conv->get_profile_owner(),'content_encrypt')) ? true : false),
+			'$encrypt' => t('Encrypt text'),
+			'$cipher' => $conv->get_cipher(),
+			'$sourceapp' => \App::$sourcename,
+			'$observer' => get_observer_hash(),
+			'$anoncomments' => ((($conv->get_mode() === 'channel' || $conv->get_mode() === 'display') && perm_is_allowed($conv->get_profile_owner(),'','post_comments')) ? true : false),
+			'$anonname' => [ 'anonname', t('Your full name (required)') ],
+			'$anonmail' => [ 'anonmail', t('Your email address (required)') ],
+			'$anonurl'  => [ 'anonurl',  t('Your website URL (optional)') ],
+			'$auto_save_draft' => $feature_auto_save_draft,
+		));
+
+		return $comment_box;
+	}
+
+	private function get_redirect_url() {
+		return $this->redirect_url;
+	}
+
+	/**
+	 * Check if we are a wall to wall item and set the relevant properties
+	 */
+	protected function check_wall_to_wall() {
+		$conv = $this->get_conversation();
+		$this->wall_to_wall = false;
+		$this->owner_url = '';
+		$this->owner_photo = '';
+		$this->owner_name = '';
+
+		if($conv->get_mode() === 'channel')
+			return;
+		
+		if($this->is_toplevel() && ($this->get_data_value('author_xchan') != $this->get_data_value('owner_xchan'))) {
+			$this->owner_url = chanlink_hash($this->data['owner']['xchan_hash']);
+			$this->owner_photo = $this->data['owner']['xchan_photo_m'];
+			$this->owner_name = $this->data['owner']['xchan_name'];
+			$this->wall_to_wall = true;
+		}
+	}
+
+	private function is_wall_to_wall() {
+		return $this->wall_to_wall;
+	}
+
+	private function get_owner_url() {
+		return $this->owner_url;
+	}
+
+	private function get_owner_photo() {
+		return $this->owner_photo;
+	}
+
+	private function get_owner_name() {
+		return $this->owner_name;
+	}
+
+	private function is_visiting() {
+		return $this->visiting;
+	}
+
+
+
+
+}
+

Zotlabs/Lib/ThreadStream.php

@@ -0,0 +1,251 @@
+<?php /** @file */
+
+namespace Zotlabs\Lib;
+
+require_once('boot.php');
+require_once('include/text.php');
+require_once('include/items.php');
+
+/**
+ * A list of threads
+ *
+ */
+
+class ThreadStream {
+
+	private $threads = array();
+	private $mode = null;
+	private $observer = null;
+	private $writable = false;
+	private $commentable = false;
+	private $uploadable = false;
+	private $profile_owner = 0;
+	private $preview = false;
+	private $prepared_item = '';
+	public $reload = '';
+	private $cipher = 'aes256';
+
+	// $prepared_item is for use by alternate conversation structures such as photos
+	// wherein we've already prepared a top level item which doesn't look anything like
+	// a normal "post" item
+
+	public function __construct($mode, $preview, $uploadable, $prepared_item = '') {
+		$this->set_mode($mode);
+		$this->preview = $preview;
+		$this->uploadable = $uploadable;
+		$this->prepared_item = $prepared_item;
+		$c = ((local_channel()) ? get_pconfig(local_channel(),'system','default_cipher') : '');
+		if($c)
+			$this->cipher = $c;
+	}
+
+	/**
+	 * Set the mode we'll be displayed on
+	 */
+	private function set_mode($mode) {
+		if($this->get_mode() == $mode)
+			return;
+
+		$this->observer = \App::get_observer();
+		$ob_hash = (($this->observer) ? $this->observer['xchan_hash'] : '');
+
+		switch($mode) {
+			case 'network':
+				$this->profile_owner = local_channel();
+				$this->writable = true;
+				break;
+			case 'pubstream':
+				$this->profile_owner = local_channel();
+				$this->writable = ((local_channel()) ? true : false);
+				break;
+			case 'hq':
+				$this->profile_owner = local_channel();
+				$this->writable = true;
+				break;
+			case 'channel':
+				$this->profile_owner = \App::$profile['profile_uid'];
+				$this->writable = perm_is_allowed($this->profile_owner,$ob_hash,'post_comments');
+				break;
+			case 'cards':
+				$this->profile_owner = \App::$profile['profile_uid'];
+				$this->writable = perm_is_allowed($this->profile_owner,$ob_hash,'post_comments');
+				$this->reload = $_SESSION['return_url'];
+				break;
+			case 'articles':
+				$this->profile_owner = \App::$profile['profile_uid'];
+				$this->writable = perm_is_allowed($this->profile_owner,$ob_hash,'post_comments');
+				$this->reload = $_SESSION['return_url'];
+				break;
+			case 'display':
+				// in this mode we set profile_owner after initialisation (from conversation()) and then 
+				// pull some trickery which allows us to re-invoke this function afterward
+				// it's an ugly hack so @FIXME
+				$this->writable = perm_is_allowed($this->profile_owner,$ob_hash,'post_comments');
+				$this->uploadable = perm_is_allowed($this->profile_owner,$ob_hash,'write_storage');
+				break;
+			case 'page':
+				$this->profile_owner = \App::$profile['uid'];
+				$this->writable = perm_is_allowed($this->profile_owner,$ob_hash,'post_comments');
+				break;
+			default:
+				logger('[ERROR] Conversation::set_mode : Unhandled mode ('. $mode .').', LOGGER_DEBUG);
+				return false;
+				break;
+		}
+		$this->mode = $mode;
+	}
+
+	/**
+	 * Get mode
+	 */
+	public function get_mode() {
+		return $this->mode;
+	}
+
+	/**
+	 * Check if page is writable
+	 */
+	public function is_writable() {
+		return $this->writable;
+	}
+
+	public function is_commentable() {
+		return $this->commentable;
+	}
+
+	public function is_uploadable() {
+		return $this->uploadable;
+	}
+
+
+	/**
+	 * Check if page is a preview
+	 */
+	public function is_preview() {
+		return $this->preview;
+	}
+
+	/**
+	 * Get profile owner
+	 */
+	public function get_profile_owner() {
+		return $this->profile_owner;
+	}
+
+	public function set_profile_owner($uid) {
+		$this->profile_owner = $uid;
+		$mode = $this->get_mode();
+		$this->mode = null;
+		$this->set_mode($mode);
+	}
+
+	public function get_observer() {
+		return $this->observer;
+	}
+
+	public function get_cipher() {
+		return $this->cipher;
+	}
+
+
+	/**
+	 * Add a thread to the conversation
+	 *
+	 * Returns:
+	 *      _ The inserted item on success
+	 *      _ false on failure
+	 */
+	public function add_thread($item) {
+		$item_id = $item->get_id();
+		if(!$item_id) {
+			logger('Item has no ID!!', LOGGER_DEBUG, LOG_ERR);
+			return false;
+		}
+		if($this->get_thread($item->get_id())) {
+			logger('Thread already exists ('. $item->get_id() .').', LOGGER_DEBUG, LOG_WARNING);
+			return false;
+		}
+
+		/*
+		 * Only add things that will be displayed
+		 */
+
+		
+		if(($item->get_data_value('id') != $item->get_data_value('parent')) && (activity_match($item->get_data_value('verb'),ACTIVITY_LIKE) || activity_match($item->get_data_value('verb'),ACTIVITY_DISLIKE))) {
+			return false;
+		}
+
+		$item->set_commentable(false);
+		$ob_hash = (($this->observer) ? $this->observer['xchan_hash'] : '');
+		
+		if(! comments_are_now_closed($item->get_data())) {
+			if(($item->get_data_value('author_xchan') === $ob_hash) || ($item->get_data_value('owner_xchan') === $ob_hash))
+				$item->set_commentable(true);
+
+			if(intval($item->get_data_value('item_nocomment'))) {
+				$item->set_commentable(false);
+			}
+			elseif(! $item->is_commentable()) {
+				if((array_key_exists('owner',$item->data)) && intval($item->data['owner']['abook_self']))
+					$item->set_commentable(perm_is_allowed($this->profile_owner,$ob_hash,'post_comments'));
+				else
+					$item->set_commentable(can_comment_on_post($ob_hash,$item->data));
+			}
+		}
+		if($this->mode === 'pubstream' && (! local_channel())) {
+			$item->set_commentable(false);
+		} 
+
+		require_once('include/channel.php');
+
+		$item->set_conversation($this);
+		$this->threads[] = $item;
+		return end($this->threads);
+	}
+
+	/**
+	 * Get data in a form usable by a conversation template
+	 *
+	 * We should find a way to avoid using those arguments (at least most of them)
+	 *
+	 * Returns:
+	 *      _ The data requested on success
+	 *      _ false on failure
+	 */
+	public function get_template_data($conv_responses) {
+		$result = array();
+
+		foreach($this->threads as $item) {
+
+			if(($item->get_data_value('id') == $item->get_data_value('parent')) && $this->prepared_item) {
+				$item_data = $this->prepared_item;
+			}
+			else {
+				$item_data = $item->get_template_data($conv_responses);
+			}
+			if(!$item_data) {
+				logger('Failed to get item template data ('. $item->get_id() .').', LOGGER_DEBUG, LOG_ERR);
+				return false;
+			}
+			$result[] = $item_data;
+		}
+
+		return $result;
+	}
+
+	/**
+	 * Get a thread based on its item id
+	 *
+	 * Returns:
+	 *      _ The found item on success
+	 *      _ false on failure
+	 */
+	private function get_thread($id) {
+		foreach($this->threads as $item) {
+			if($item->get_id() == $id)
+				return $item;
+		}
+
+		return false;
+	}
+}

Zotlabs/Lib/Verify.php

@@ -0,0 +1,63 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+
+class Verify {
+
+	function create($type,$channel_id,$token,$meta) {
+		return q("insert into verify ( vtype, channel, token, meta, created ) values ( '%s', %d, '%s', '%s', '%s' )",
+			dbesc($type),
+			intval($channel_id),
+			dbesc($token),
+			dbesc($meta),
+			dbesc(datetime_convert())
+		);
+	}
+
+	function match($type,$channel_id,$token,$meta) {
+		$r = q("select id from verify where vtype = '%s' and channel = %d and token = '%s' and meta = '%s' limit 1",
+			dbesc($type),
+			intval($channel_id),
+			dbesc($token),
+			dbesc($meta)
+		);
+		if($r) {
+			q("delete from verify where id = %d",
+				intval($r[0]['id'])
+			);
+			return true;
+		}
+		return false;
+	}
+
+	function get_meta($type,$channel_id,$token) {
+		$r = q("select id, meta from verify where vtype = '%s' and channel = %d and token = '%s' limit 1",
+			dbesc($type),
+			intval($channel_id),
+			dbesc($token)
+		);
+		if($r) {
+			q("delete from verify where id = %d",
+				intval($r[0]['id'])
+			);
+			return $r[0]['meta'];
+		}
+		return false;
+	}
+
+	/**
+	 * @brief Purge entries of a verify-type older than interval.
+	 *
+	 * @param string $type Verify type
+	 * @param string $interval SQL compatible time interval
+	 */
+	function purge($type, $interval) {
+		q("delete from verify where vtype = '%s' and created < %s - INTERVAL %s",
+			dbesc($type),
+			db_utcnow(),
+			db_quoteinterval($interval)
+		);
+	}
+
+}

Zotlabs/Lib/XConfig.php

@@ -0,0 +1,177 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+/**
+ * @brief Class for handling observer's config.
+ *
+ * <b>XConfig</b> is comparable to <i>PConfig</i>, except that it uses <i>xchan</i>
+ * (an observer hash) as an identifier.
+ *
+ * <b>XConfig</b> is used for observer specific configurations and takes a
+ * <i>xchan</i> as identifier.
+ * The storage is of size MEDIUMTEXT.
+ *
+ * @code{.php}$var = Zotlabs\Lib\XConfig::Get('xchan', 'category', 'key');
+ * // with default value for non existent key
+ * $var = Zotlabs\Lib\XConfig::Get('xchan', 'category', 'unsetkey', 'defaultvalue');@endcode
+ *
+ * The old (deprecated?) way to access a XConfig value is:
+ * @code{.php}$observer = App::get_observer_hash();
+ * if ($observer) {
+ *     $var = get_xconfig($observer, 'category', 'key');
+ * }@endcode
+ */
+class XConfig {
+
+	/**
+	 * @brief Loads a full xchan's configuration into a cached storage.
+	 *
+	 * All configuration values of the given observer hash are stored in global
+	 * cache which is available under the global variable App::$config[$xchan].
+	 *
+	 * @param string $xchan
+	 *  The observer's hash
+	 * @return void|false Returns false if xchan is not set
+	 */
+	static public function Load($xchan) {
+
+		if(! $xchan)
+			return false;
+
+		if(! array_key_exists($xchan, \App::$config))
+			\App::$config[$xchan] = array();
+
+		$r = q("SELECT * FROM xconfig WHERE xchan = '%s'",
+			dbesc($xchan)
+		);
+
+		if($r) {
+			foreach($r as $rr) {
+				$k = $rr['k'];
+				$c = $rr['cat'];
+				if(! array_key_exists($c, \App::$config[$xchan])) {
+					\App::$config[$xchan][$c] = array();
+					\App::$config[$xchan][$c]['config_loaded'] = true;
+				}
+				\App::$config[$xchan][$c][$k] = $rr['v'];
+			}
+		}
+	}
+
+	/**
+	 * @brief Get a particular observer's config variable given the category
+	 * name ($family) and a key.
+	 *
+	 * Get a particular observer's config value from the given category ($family)
+	 * and the $key from a cached storage in App::$config[$xchan].
+	 *
+	 * Returns false if not set.
+	 *
+	 * @param string $xchan
+	 *  The observer's hash
+	 * @param string $family
+	 *  The category of the configuration value
+	 * @param string $key
+	 *  The configuration key to query
+	 * @param boolean $default (optional) default false
+	 * @return mixed Stored $value or false if it does not exist
+	 */
+	static public function Get($xchan, $family, $key, $default = false) {
+
+		if(! $xchan)
+			return $default;
+
+		if(! array_key_exists($xchan, \App::$config))
+			load_xconfig($xchan);
+
+		if((! array_key_exists($family, \App::$config[$xchan])) || (! array_key_exists($key, \App::$config[$xchan][$family])))
+			return $default;
+
+		return ((! is_array(\App::$config[$xchan][$family][$key])) && (preg_match('|^a:[0-9]+:{.*}$|s', \App::$config[$xchan][$family][$key]))
+			? unserialize(\App::$config[$xchan][$family][$key])
+			: \App::$config[$xchan][$family][$key]
+		);
+	}
+
+	/**
+	 * @brief Sets a configuration value for an observer.
+	 *
+	 * Stores a config value ($value) in the category ($family) under the key ($key)
+	 * for the observer's $xchan hash.
+	 *
+	 * @param string $xchan
+	 *  The observer's hash
+	 * @param string $family
+	 *  The category of the configuration value
+	 * @param string $key
+	 *  The configuration key to set
+	 * @param string $value
+	 *  The value to store
+	 * @return mixed Stored $value or false
+	 */
+	static public function Set($xchan, $family, $key, $value) {
+
+		// manage array value
+		$dbvalue = ((is_array($value))  ? serialize($value) : $value);
+		$dbvalue = ((is_bool($dbvalue)) ? intval($dbvalue)  : $dbvalue);
+
+		if(self::Get($xchan, $family, $key) === false) {
+			if(! array_key_exists($xchan, \App::$config))
+				\App::$config[$xchan] = array();
+			if(! array_key_exists($family, \App::$config[$xchan]))
+				\App::$config[$xchan][$family] = array();
+
+			$ret = q("INSERT INTO xconfig ( xchan, cat, k, v ) VALUES ( '%s', '%s', '%s', '%s' )",
+				dbesc($xchan),
+				dbesc($family),
+				dbesc($key),
+				dbesc($dbvalue)
+			);
+		}
+		else {
+			$ret = q("UPDATE xconfig SET v = '%s' WHERE xchan = '%s' and cat = '%s' AND k = '%s'",
+				dbesc($dbvalue),
+				dbesc($xchan),
+				dbesc($family),
+				dbesc($key)
+			);
+		}
+
+		\App::$config[$xchan][$family][$key] = $value;
+
+		if($ret)
+			return $value;
+
+		return $ret;
+	}
+
+	/**
+	 * @brief Deletes the given key from the observer's config.
+	 *
+	 * Removes the configured value from the stored cache in App::$config[$xchan]
+	 * and removes it from the database.
+	 *
+	 * @param string $xchan
+	 *  The observer's hash
+	 * @param string $family
+	 *  The category of the configuration value
+	 * @param string $key
+	 *  The configuration key to delete
+	 * @return mixed
+	 */
+	static public function Delete($xchan, $family, $key) {
+
+		if(x(\App::$config[$xchan][$family], $key))
+			unset(\App::$config[$xchan][$family][$key]);
+
+		$ret = q("DELETE FROM xconfig WHERE xchan = '%s' AND cat = '%s' AND k = '%s'",
+			dbesc($xchan),
+			dbesc($family),
+			dbesc($key)
+		);
+
+		return $ret;
+	}
+
+}

Zotlabs/Module/Achievements.php

@@ -0,0 +1,93 @@
+<?php
+namespace Zotlabs\Module;
+
+
+class Achievements extends \Zotlabs\Web\Controller {
+
+	function get() {
+		// This doesn't work, so
+		if (! is_developer())
+			return;
+	
+		if(argc() > 1)
+			$which = argv(1);
+		else {
+			notice( t('Requested profile is not available.') . EOL );
+			return;
+	}
+	
+		$profile = 0;
+		$profile = argv(1);		
+		profile_load($which,$profile);
+	
+		$r = q("select channel_id from channel where channel_address = '%s'",
+				dbesc($which)
+				);
+		if($r) {
+			$owner = intval($r[0]['channel_id']);
+			}
+	
+		$observer = \App::get_observer();
+		$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
+		$perms = get_all_perms($owner,$ob_hash);
+		if(! $perms['view_profile']) {
+			notice( t('Permission denied.') . EOL);
+		return;
+	    }
+	
+		$newmembertext = t('Some blurb about what to do when you\'re new here');
+	
+	
+	//	By default, all badges are false
+		$contactbadge = false;
+		$profilebadge = false;
+		$keywordsbadge = false;
+		
+	// Check number of contacts.  Award a badge if over 10
+	// We'll figure these out on each page load instead of 
+	// writing them to the DB because that will mean one needs
+	// to retain their achievements - eg, you can't add
+	// a bunch of channels just to get your badge, and then
+	// delete them all again.  If these become popular or
+	// used in profiles or something, we may need to reconsider
+	// and add a table for this - because this won't scale.
+	    
+	    $r = q("select * from abook where abook_channel = %d",
+		intval($owner)
+		);
+	
+		if (count($r))
+			$contacts = count($r);
+		// We're checking for 11 to adjust for the abook record for self
+		if ($contacts >= 11)
+				$contactbadge = true;
+			
+	//	Check if an about field in the profile has been created.
+	
+		$r = q("select * from profile where uid = %d and about <> ''",
+				intval($owner)
+		);
+		
+		if ($r)
+			$profilebadge = 1;
+	
+	// Check if keywords have been set
+	
+		$r = q("select * from profile where uid = %d and keywords <> ''",
+				intval($owner)
+		);
+		
+		if($r)
+			$keywordsbadge = 1;
+	
+	    return replace_macros(get_markup_template("achievements.tpl"), array(
+	                '$newmembertext' => $newmembertext,
+	                '$profilebadge' => $profilebadge,
+	                '$contactbadge' => $contactbadge,
+	                '$keywordsbadge' => $keywordsbadge,
+	                '$channelsbadge' => $channelsbadge
+	));
+	
+	}
+	
+}

Zotlabs/Module/Acl.php

@@ -0,0 +1,450 @@
+<?php
+
+namespace Zotlabs\Module;
+
+require_once 'include/acl_selectors.php';
+require_once 'include/group.php';
+
+/**
+ * @brief ACL selector json backend.
+ *
+ * This module provides JSON lists of connections and local/remote channels
+ * (xchans) to populate various tools such as the ACL (AccessControlList) popup
+ * and various auto-complete functions (such as email recipients, search, and
+ * mention targets.
+ *
+ * There are two primary output structural formats. One for the ACL widget and
+ * the other for auto-completion.
+ *
+ * Many of the behaviour variations are triggered on the use of single character
+ * keys however this functionality has grown in an ad-hoc manner and has gotten
+ * quite messy over time.
+ */
+class Acl extends \Zotlabs\Web\Controller {
+
+	function init() {
+
+		// logger('mod_acl: ' . print_r($_GET,true),LOGGER_DATA);
+
+		$start    = (x($_REQUEST,'start')  ? $_REQUEST['start']  : 0);
+		$count    = (x($_REQUEST,'count')  ? $_REQUEST['count']  : 500);
+		$search   = (x($_REQUEST,'search') ? $_REQUEST['search'] : '');
+		$type     = (x($_REQUEST,'type')   ? $_REQUEST['type']   : '');
+		$noforums = (x($_REQUEST,'n')      ? $_REQUEST['n']      : false);
+
+
+		// $type =
+		//  ''   =>  standard ACL request
+		//  'g'  =>  Groups only ACL request
+		//  'f'  =>  forums only ACL request
+		//  'c'  =>  Connections only ACL request or editor (textarea) mention request
+		// $_REQUEST['search'] contains ACL search text.
+
+
+		// $type =
+		//  'm'  =>  autocomplete private mail recipient (checks post_mail permission)
+		//  'a'  =>  autocomplete connections (mod_connections, mod_poke, mod_sources, mod_photos)
+		//  'x'  =>  nav search bar autocomplete (match any xchan)
+		// $_REQUEST['query'] contains autocomplete search text.
+	
+		// List of channels whose connections to also suggest, 
+		// e.g. currently viewed channel or channels mentioned in a post
+
+		$extra_channels = (x($_REQUEST,'extra_channels') ? $_REQUEST['extra_channels'] : array());
+	
+		// The different autocomplete libraries use different names for the search text
+		// parameter. Internally we'll use $search to represent the search text no matter
+		// what request variable it was attached to. 
+	
+		if(array_key_exists('query',$_REQUEST)) {
+			$search = $_REQUEST['query'];
+		}
+	
+		if( (! local_channel()) && (! in_array($type, [ 'x', 'c', 'f' ])))
+			killme();
+
+		$permitted = [];
+
+		if(in_array($type, [ 'm', 'a', 'c', 'f' ])) {
+
+			// These queries require permission checking. We'll create a simple array of xchan_hash for those with
+			// the requisite permissions which we can check against. 
+
+			$x = q("select xchan from abconfig where chan = %d and cat = 'their_perms' and k = '%s' and v = '1'",
+				intval(local_channel()),
+				dbesc(($type === 'm') ? 'post_mail' : 'tag_deliver')
+			);
+
+			$permitted = ids_to_array($x,'xchan');
+
+		}
+
+
+		if($search) {
+			$sql_extra = " AND groups.gname LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " ";
+			$sql_extra2 = "AND ( xchan_name LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " OR xchan_addr LIKE " . protect_sprintf( "'%" . dbesc(punify($search)) . ((strpos($search,'@') === false) ? "%@%'"  : "%'")) . ") ";
+	
+			// This horrible mess is needed because position also returns 0 if nothing is found. 
+			// Would be MUCH easier if it instead returned a very large value
+			// Otherwise we could just 
+			// order by LEAST(POSITION($search IN xchan_name),POSITION($search IN xchan_addr)).
+
+			$order_extra2 = "CASE WHEN xchan_name LIKE " 
+					. protect_sprintf( "'%" . dbesc($search) . "%'" ) 
+					. " then POSITION('" . protect_sprintf(dbesc($search)) 
+					. "' IN xchan_name) else position('" . protect_sprintf(dbesc(punify($search))) . "' IN xchan_addr) end, ";
+
+			$sql_extra3 = "AND ( xchan_addr like " . protect_sprintf( "'%" . dbesc(punify($search)) . "%'" ) . " OR xchan_name like " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " ) ";
+	
+		}
+		else {
+			$sql_extra = $sql_extra2 = $sql_extra3 = "";
+		}
+		
+		
+		$groups = array();
+		$contacts = array();
+		
+		if($type == '' || $type == 'g') {
+
+			// virtual groups based on private profile viewing ability
+
+			$r = q("select id, profile_guid, profile_name from profile where is_default = 0 and uid = %d",
+				intval(local_channel())
+			);	
+			if($r) {
+				foreach($r as $rv) {
+					$groups[] = array(
+						"type"  => "g",
+						"photo" => "images/twopeople.png",
+						"name"  => t('Profile','acl') . ' ' . $rv['profile_name'],
+						"id"	=> 'vp' . $rv['id'],
+						"xid"   => 'vp.' . $rv['profile_guid'],
+						"uids"  => group_get_profile_members_xchan(local_channel(), $rv['id']),
+						"link"  => ''
+					);
+				}
+			}
+
+			// Normal privacy groups
+
+			$r = q("SELECT groups.id, groups.hash, groups.gname
+					FROM groups, group_member 
+					WHERE groups.deleted = 0 AND groups.uid = %d 
+					AND group_member.gid = groups.id
+					$sql_extra
+					GROUP BY groups.id
+					ORDER BY groups.gname 
+					LIMIT %d OFFSET %d",
+				intval(local_channel()),
+				intval($count),
+				intval($start)
+			);
+
+			if($r) {	
+				foreach($r as $g){
+		//		logger('acl: group: ' . $g['gname'] . ' members: ' . group_get_members_xchan($g['id']));
+					$groups[] = array(
+						"type"  => "g",
+						"photo" => "images/twopeople.png",
+						"name"  => $g['gname'],
+						"id"	=> $g['id'],
+						"xid"   => $g['hash'],
+						"uids"  => group_get_members_xchan($g['id']),
+						"link"  => ''
+					);
+				}
+			}
+		}
+	
+		if($type == '' || $type == 'c' || $type === 'f') {
+
+			$extra_channels_sql  = ''; 
+
+			// Only include channels who allow the observer to view their connections
+			if($extra_channels) {
+				foreach($extra_channels as $channel) {
+					if(perm_is_allowed(intval($channel), get_observer_hash(),'view_contacts')) {
+						if($extra_channel_sql)
+							$extra_channels_sql .= ',';
+						$extra_channels_sql .= intval($channel);
+					}
+				}
+			}
+	
+			// Getting info from the abook is better for local users because it contains info about permissions
+			if(local_channel()) {
+				if($extra_channels_sql != '')
+					$extra_channels_sql = " OR (abook_channel IN ($extra_channels_sql)) and abook_hidden = 0 ";
+
+
+				// Add atokens belonging to the local channel
+
+				if($search) {
+					$sql_extra_atoken = "AND ( atoken_name LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . ") ";
+				}
+				else {
+					$sql_extra_atoken = '';
+				}
+
+				$r2 = null;
+
+				$r1 = q("select * from atoken where atoken_uid = %d $sql_extra_atoken",
+					intval(local_channel())
+				);
+
+				if($r1) {
+					require_once('include/security.php');
+					$r2 = array();
+					foreach($r1 as $rr) {
+						$x = atoken_xchan($rr);
+						$r2[] = [ 
+							'id' => 'a' . $rr['atoken_id'] ,
+							'hash' => $x['xchan_hash'],
+							'name' => $x['xchan_name'],
+							'micro' => $x['xchan_photo_m'],
+							'url' => z_root(),
+							'nick' => $x['xchan_addr'],
+							'abook_their_perms' => 0,
+							'abook_flags' => 0,
+							'abook_self' => 0
+						];
+					}
+				} 
+
+				// add connections
+	
+				$r = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, xchan_pubforum, abook_flags, abook_self 
+					FROM abook left join xchan on abook_xchan = xchan_hash 
+					WHERE (abook_channel = %d $extra_channels_sql) AND abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc" ,
+					intval(local_channel())
+				);
+				if($r2)
+					$r = array_merge($r2,$r);
+
+			}
+			else { // Visitors
+				$r = q("SELECT xchan_hash as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_their_perms, 0 as abook_flags, 0 as abook_self
+					FROM xchan left join xlink on xlink_link = xchan_hash
+					WHERE xlink_xchan  = '%s' AND xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc" ,
+					dbesc(get_observer_hash())
+				);
+	
+				// Find contacts of extra channels
+				// This is probably more complicated than it needs to be
+				if($extra_channels_sql) {
+					// Build a list of hashes that we got previously so we don't get them again
+					$known_hashes = array("'".get_observer_hash()."'");
+					if($r)
+						foreach($r as $rr) 
+							$known_hashes[] = "'".$rr['hash']."'";
+					$known_hashes_sql = 'AND xchan_hash not in ('.join(',',$known_hashes).')';
+	
+					$r2 = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, abook_flags, abook_self 
+						FROM abook left join xchan on abook_xchan = xchan_hash 
+						WHERE abook_channel IN ($extra_channels_sql) $known_hashes_sql AND abook_blocked = 0 and abook_pending = 0 and abook_hidden = 0 and xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc");
+					if($r2)
+						$r = array_merge($r,$r2);
+	
+					// Sort accoring to match position, then alphabetically. This could be avoided if the above two SQL queries could be combined into one, and the sorting could be done on the SQl server (like in the case of a local user)
+					$matchpos = function($x) use($search) {
+						$namepos = strpos($x['name'],$search);
+						$nickpos = strpos($x['nick'],$search);
+						// Use a large position if not found
+						return min($namepos === false ? 9999 : $namepos, $nickpos === false ? 9999 : $nickpos);
+					};
+					// This could be made simpler if PHP supported stable sorting
+					usort($r,function($a,$b) use($matchpos) {
+						$pos1 = $matchpos($a);
+						$pos2 = $matchpos($b);
+						if($pos1 == $pos2) { // Order alphabetically if match position is the same
+							if($a['name'] == $b['name'])
+								return 0;
+							else
+								return ($a['name'] < $b['name']) ? -1 : 1;
+						}
+						return ($pos1 < $pos2) ? -1 : 1;
+					});
+				}
+			}
+			if((count($r) < 100) && $type == 'c') {
+				$r2 = q("SELECT substr(xchan_hash,1,18) as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_their_perms, 0 as abook_flags, 0 as abook_self 
+					FROM xchan 
+					WHERE xchan_deleted = 0 and not xchan_network  in ('rss','anon','unknown') $sql_extra2 order by $order_extra2 xchan_name asc" 
+				);
+				if($r2) {
+					$r = array_merge($r,$r2);
+					$r = unique_multidim_array($r,'hash');
+				}		
+			}
+		}
+		elseif($type == 'm') {
+
+			$r = array();
+			$z = q("SELECT xchan_hash as hash, xchan_name as name, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url 
+				FROM abook left join xchan on abook_xchan = xchan_hash
+				WHERE abook_channel = %d 
+				and xchan_deleted = 0
+				$sql_extra3
+				ORDER BY xchan_name ASC ",
+				intval(local_channel())
+			);
+			if($z) {
+				foreach($z as $zz) {
+					if(in_array($zz['hash'],$permitted)) {
+						$r[] = $zz;
+					}
+				}
+			}
+			
+		}
+		elseif($type == 'a') {
+	
+			$r = q("SELECT abook_id as id, xchan_name as name, xchan_hash as hash, xchan_addr as nick, xchan_photo_s as micro, xchan_network as network, xchan_url as url, xchan_addr as attag , abook_their_perms FROM abook left join xchan on abook_xchan = xchan_hash
+				WHERE abook_channel = %d
+				and xchan_deleted = 0
+				$sql_extra3
+				ORDER BY xchan_name ASC ",
+				intval(local_channel())
+			);
+	
+		}
+		elseif($type == 'x') {
+			$r = $this->navbar_complete($a);
+			$contacts = array();
+			if($r) {
+				foreach($r as $g) {
+					$contacts[] = array(
+						"photo"    => $g['photo'],
+						"name"     => $g['name'],
+						"nick"     => $g['address']
+					);
+				}
+			}
+	
+			$o = array(
+				'start' => $start,
+				'count'	=> $count,
+				'items'	=> $contacts,
+			);
+			echo json_encode($o);
+			killme();
+		}
+		else
+			$r = array();
+	
+		if($r) {
+			foreach($r as $g) {
+	
+				if(in_array($g['network'],['rss','anon','unknown']) && ($type != 'a'))
+					continue;
+
+				$g['hash'] = urlencode($g['hash']);
+				
+				if(! $g['nick']) {
+					$g['nick'] = $g['url'];
+				}
+
+				if(in_array($g['hash'],$permitted) && $type === 'f' && (! $noforums)) {
+					$contacts[] = array(
+						"type"     => "c",
+						"photo"    => "images/twopeople.png",
+						"name"     => $g['name'],
+						"id"	   => urlencode($g['id']),
+						"xid"      => $g['hash'],
+						"link"     => (($g['nick']) ? $g['nick'] : $g['url']),
+						"nick"     => substr($g['nick'],0,strpos($g['nick'],'@')),
+						"self"     => (intval($g['abook_self']) ? 'abook-self' : ''),
+						"taggable" => 'taggable',
+						"label"    => t('network')
+					);
+				}
+				if($type !== 'f') {
+					$contacts[] = array(
+						"type"     => "c",
+						"photo"    => $g['micro'],
+						"name"     => $g['name'],
+						"id"	   => urlencode($g['id']),
+						"xid"      => $g['hash'],
+						"link"     => (($g['nick']) ? $g['nick'] : $g['url']),
+						"nick"     => ((strpos($g['nick'],'@')) ? substr($g['nick'],0,strpos($g['nick'],'@')) : $g['nick']),
+						"self"     => (intval($g['abook_self']) ? 'abook-self' : ''),
+						"taggable" => '',
+						"label"    => '',
+					);
+				}
+			}			
+		}
+			
+		$items = array_merge($groups, $contacts);
+		
+		$o = array(
+			'start' => $start,
+			'count'	=> $count,
+			'items'	=> $items,
+		);
+
+		echo json_encode($o);
+
+		killme();
+	}
+
+
+	function navbar_complete(&$a) {
+	
+	//	logger('navbar_complete');
+	
+		if(observer_prohibited()) {
+			return;
+		}
+	
+		$dirmode = intval(get_config('system','directory_mode'));
+		$search = ((x($_REQUEST,'search')) ? htmlentities($_REQUEST['search'],ENT_COMPAT,'UTF-8',false) : '');
+		if(! $search || mb_strlen($search) < 2)
+			return array();
+	
+		$star = false;
+		$address = false;
+	
+		if(substr($search,0,1) === '@')
+			$search = substr($search,1);
+	
+		if(substr($search,0,1) === '*') {
+			$star = true;
+			$search = substr($search,1);
+		}
+	
+		if(strpos($search,'@') !== false) {
+			$address = true;
+		}
+	
+		if(($dirmode == DIRECTORY_MODE_PRIMARY) || ($dirmode == DIRECTORY_MODE_STANDALONE)) {
+			$url = z_root() . '/dirsearch';
+		}
+	
+		if(! $url) {
+			require_once("include/dir_fns.php");
+			$directory = find_upstream_directory($dirmode);
+			$url = $directory['url'] . '/dirsearch';
+		}
+
+		$token = get_config('system','realm_token');
+	
+		$count = (x($_REQUEST,'count') ?  $_REQUEST['count'] : 100);
+		if($url) {
+			$query = $url . '?f=' . (($token) ? '&t=' . urlencode($token) : '');
+			$query .= '&name=' . urlencode($search) . "&limit=$count" . (($address) ? '&address=' . urlencode(punify($search)) : '');
+	
+			$x = z_fetch_url($query);
+			if($x['success']) {
+				$t = 0;
+				$j = json_decode($x['body'],true);
+				if($j && $j['results']) {
+					return $j['results'];
+				}
+			}
+		}
+		return array();
+	}
+
+}

Zotlabs/Module/Admin.php

@@ -0,0 +1,156 @@
+<?php
+/**
+ * @file Zotlabs/Module/Admin.php
+ * @brief Hubzilla's admin controller.
+ *
+ * Controller for the /admin/ area.
+ */
+
+namespace Zotlabs\Module;
+
+require_once('include/queue_fn.php');
+require_once('include/account.php');
+
+/**
+ * @brief Admin area.
+ *
+ */
+class Admin extends \Zotlabs\Web\Controller {
+
+	private $sm = null;
+
+	function __construct() {
+		$this->sm = new \Zotlabs\Web\SubModule();
+	}
+
+	function post(){
+		logger('admin_post', LOGGER_DEBUG);
+
+		if(! is_site_admin()) {
+			return;
+		}
+		if (argc() > 1) {
+			$this->sm->call('post');
+		}
+
+		goaway(z_root() . '/admin' );
+	}
+
+	/**
+	 * @return string
+	 */
+
+	function get() {
+
+		logger('admin_content', LOGGER_DEBUG);
+
+		if(! is_site_admin()) {
+			return login(false);
+		}
+
+		/*
+		 * Page content
+		 */
+
+		nav_set_selected('Admin');
+
+		$o = '';
+
+		if(argc() > 1) {
+			$o = $this->sm->call('get');
+			if($o === false) {
+				notice( t('Item not found.') );
+			}
+		}
+		else {
+			$o = $this->admin_page_summary();
+		}
+
+		if(is_ajax()) {
+			echo $o;
+			killme();
+			return '';
+		}
+		else {
+			return $o;
+		}
+	}
+
+
+	/**
+	 * @brief Returns content for Admin Summary Page.
+	 *
+	 * @return string HTML from parsed admin_summary.tpl
+	 */
+	function admin_page_summary() {
+
+		// list total user accounts, expirations etc.
+		$accounts = array();
+		$r = q("SELECT COUNT(*) AS total, COUNT(CASE WHEN account_expires > %s THEN 1 ELSE NULL END) AS expiring, COUNT(CASE WHEN account_expires < %s AND account_expires > '%s' THEN 1 ELSE NULL END) AS expired, COUNT(CASE WHEN (account_flags & %d)>0 THEN 1 ELSE NULL END) AS blocked FROM account",
+			db_utcnow(),
+			db_utcnow(),
+			dbesc(NULL_DATE),
+			intval(ACCOUNT_BLOCKED)
+		);
+		if ($r) {
+			$accounts['total']    = array('label' => t('Accounts'), 'val' => $r[0]['total']);
+			$accounts['blocked']  = array('label' => t('Blocked accounts'), 'val' => $r[0]['blocked']);
+			$accounts['expired']  = array('label' => t('Expired accounts'), 'val' => $r[0]['expired']);
+			$accounts['expiring'] = array('label' => t('Expiring accounts'), 'val' => $r[0]['expiring']);
+		}
+
+		// pending registrations
+
+		$pdg = q("SELECT account.*, register.hash from account left join register on account_id = register.uid where (account_flags & %d ) > 0 ",
+			intval(ACCOUNT_PENDING)
+		);
+
+		$pending = (($pdg) ? count($pdg) : 0);
+
+		// available channels, primary and clones
+		$channels = array();
+		$r = q("SELECT COUNT(*) AS total, COUNT(CASE WHEN channel_primary = 1 THEN 1 ELSE NULL END) AS main, COUNT(CASE WHEN channel_primary = 0 THEN 1 ELSE NULL END) AS clones FROM channel WHERE channel_removed = 0");
+		if ($r) {
+			$channels['total']  = array('label' => t('Channels'), 'val' => $r[0]['total']);
+			$channels['main']   = array('label' => t('Primary'), 'val' => $r[0]['main']);
+			$channels['clones'] = array('label' => t('Clones'), 'val' => $r[0]['clones']);
+		}
+
+		// We can do better, but this is a quick queue status
+		$r = q("SELECT COUNT(outq_delivered) AS total FROM outq WHERE outq_delivered = 0");
+		$queue = (($r) ? $r[0]['total'] : 0);
+		$queues = array( 'label' => t('Message queues'), 'queue' => $queue );
+
+		// If no plugins active return 0, otherwise list of plugin names
+		$plugins = (count(\App::$plugins) == 0) ? count(\App::$plugins) : \App::$plugins;
+
+		if(is_array($plugins))
+			sort($plugins);
+
+		// Could be extended to provide also other alerts to the admin
+		$alertmsg = '';
+
+		$vmaster = get_repository_version('master');
+		$vdev = get_repository_version('dev');
+
+		$upgrade = ((version_compare(STD_VERSION,$vmaster) < 0) ? t('Your software should be updated') : '');
+
+		$t = get_markup_template('admin_summary.tpl');
+		return replace_macros($t, array(
+			'$title' => t('Administration'),
+			'$page' => t('Summary'),
+			'$adminalertmsg' => $alertmsg,
+			'$queues'   => $queues,
+			'$accounts' => array( t('Registered accounts'), $accounts),
+			'$pending'  => array( t('Pending registrations'), $pending),
+			'$channels' => array( t('Registered channels'), $channels),
+			'$plugins'  => array( t('Active addons'), $plugins ),
+			'$version'  => array( t('Version'), STD_VERSION),
+			'$vmaster'  => array( t('Repository version (master)'), $vmaster),
+			'$vdev'     => array( t('Repository version (dev)'), $vdev),
+			'$upgrade'  => $upgrade,
+			'$build'    => get_config('system', 'db_version')
+		));
+	}
+
+}

Zotlabs/Module/Admin/Account_edit.php

@@ -0,0 +1,84 @@
+<?php
+
+namespace Zotlabs\Module\Admin;
+
+
+
+class Account_edit {
+
+	function post() {
+
+		$account_id = $_REQUEST['aid'];
+
+		if(! $account_id)
+			return;
+
+		$pass1 = trim($_REQUEST['pass1']);
+		$pass2 = trim($_REQUEST['pass2']);
+		if($pass1 && $pass2 && ($pass1 === $pass2)) {
+			$salt = random_string(32);
+			$password_encoded = hash('whirlpool', $salt . $pass1);
+			$r = q("update account set account_salt = '%s', account_password = '%s', 
+				account_password_changed = '%s' where account_id = %d",
+				dbesc($salt),
+				dbesc($password_encoded),
+				dbesc(datetime_convert()),
+				intval($account_id)
+			);
+			if($r)
+				info( sprintf( t('Password changed for account %d.'), $account_id). EOL);
+
+		}
+
+		$service_class = trim($_REQUEST['service_class']);
+		$account_level = intval(trim($_REQUEST['account_level']));
+		$account_language = trim($_REQUEST['account_language']);
+
+		$r = q("update account set account_service_class = '%s', account_level = %d, account_language = '%s' 
+			where account_id = %d",
+			dbesc($service_class),
+			intval($account_level),
+			dbesc($account_language),
+			intval($account_id)
+		);
+
+		if($r)
+			info( t('Account settings updated.') . EOL);
+
+		goaway(z_root() . '/admin/accounts');
+	}
+
+
+	function get() {
+		if(argc() > 2)
+			$account_id = argv(2);
+
+		$x = q("select * from account where account_id = %d limit 1",
+			intval($account_id)
+		);
+
+		if(! $x) {
+			notice ( t('Account not found.') . EOL);
+			return '';
+		}
+
+
+		$a = replace_macros(get_markup_template('admin_account_edit.tpl'), [
+			'$account' => $x[0],
+			'$title' => t('Account Edit'),
+			'$pass1' => [ 'pass1', t('New Password'), ' ','' ],
+			'$pass2' => [ 'pass2', t('New Password again'), ' ','' ],
+			'$account_level' => [ 'account_level', t('Technical skill level'), $x[0]['account_level'], '', \Zotlabs\Lib\Techlevels::levels() ],
+			'$account_language' => [ 'account_language' , t('Account language (for emails)'), $x[0]['account_language'], '', language_list() ],
+			'$service_class' => [ 'service_class', t('Service class'), $x[0]['account_service_class'], '' ],
+			'$submit' => t('Submit'),
+			]
+		);
+
+		return $a;
+
+
+	}
+
+
+}

Zotlabs/Module/Admin/Accounts.php

@@ -0,0 +1,207 @@
+<?php
+
+namespace Zotlabs\Module\Admin;
+
+
+
+class Accounts {
+	
+	/**
+	 * @brief Handle POST actions on accounts admin page.
+	 *
+	 * This function is called when on the admin user/account page the form was
+	 * submitted to handle multiple operations at once. If one of the icons next
+	 * to an entry are pressed the function admin_page_accounts() will handle this.
+	 *
+	 */
+
+	function post() {
+
+		$pending = ( x($_POST, 'pending') ? $_POST['pending'] : array() );
+		$users   = ( x($_POST, 'user')    ? $_POST['user']    : array() );
+		$blocked = ( x($_POST, 'blocked') ? $_POST['blocked'] : array() );
+	
+		check_form_security_token_redirectOnErr('/admin/accounts', 'admin_accounts');
+	
+		// change to switch structure?
+		// account block/unblock button was submitted
+		if (x($_POST, 'page_accounts_block')) {
+			for ($i = 0; $i < count($users); $i++) {
+				// if account is blocked remove blocked bit-flag, otherwise add blocked bit-flag
+				$op = ($blocked[$i]) ? '& ~' : '| ';
+				q("UPDATE account SET account_flags = (account_flags $op%d) WHERE account_id = %d",
+					intval(ACCOUNT_BLOCKED),
+					intval($users[$i])
+				);
+			}
+			notice( sprintf( tt("%s account blocked/unblocked", "%s account blocked/unblocked", count($users)), count($users)) );
+		}
+		// account delete button was submitted
+		if (x($_POST, 'page_accounts_delete')) {
+			foreach ($users as $uid){
+				account_remove($uid, true, false);
+			}
+			notice( sprintf( tt("%s account deleted", "%s accounts deleted", count($users)), count($users)) );
+		}
+		// registration approved button was submitted
+		if (x($_POST, 'page_accounts_approve')) {
+			foreach ($pending as $hash) {
+				account_allow($hash);
+			}
+		}
+		// registration deny button was submitted
+		if (x($_POST, 'page_accounts_deny')) {
+			foreach ($pending as $hash) {
+				account_deny($hash);
+			}
+		}
+	
+		goaway(z_root() . '/admin/accounts' );
+	}
+
+	/**
+	 * @brief Generate accounts admin page and handle single item operations.
+	 *
+	 * This function generates the accounts/account admin page and handles the actions
+	 * if an icon next to an entry was clicked. If several items were selected and
+	 * the form was submitted it is handled by the function admin_page_accounts_post().
+	 *
+	 * @return string
+	 */
+
+	function get(){
+		if (argc() > 2) {
+			$uid = argv(3);
+			$account = q("SELECT * FROM account WHERE account_id = %d",
+				intval($uid)
+			);
+	
+			if (! $account) {
+				notice( t('Account not found') . EOL);
+				goaway(z_root() . '/admin/accounts' );
+			}
+	
+			check_form_security_token_redirectOnErr('/admin/accounts', 'admin_accounts', 't');
+	
+			switch (argv(2)){
+				case 'delete':
+					// delete user
+					account_remove($uid,true,false);
+	
+					notice( sprintf(t("Account '%s' deleted"), $account[0]['account_email']) . EOL);
+					break;
+				case 'block':
+					q("UPDATE account SET account_flags = ( account_flags | %d ) WHERE account_id = %d",
+						intval(ACCOUNT_BLOCKED),
+						intval($uid)
+					);
+	
+					notice( sprintf( t("Account '%s' blocked") , $account[0]['account_email']) . EOL);
+					break;
+				case 'unblock':
+					q("UPDATE account SET account_flags = ( account_flags & ~%d ) WHERE account_id = %d",
+							intval(ACCOUNT_BLOCKED),
+							intval($uid)
+					);
+	
+					notice( sprintf( t("Account '%s' unblocked"), $account[0]['account_email']) . EOL);
+					break;
+			}
+	
+			goaway(z_root() . '/admin/accounts' );
+		}
+	
+		/* get pending */
+		$pending = q("SELECT account.*, register.hash from account left join register on account_id = register.uid where (account_flags & %d )>0 ",
+			intval(ACCOUNT_PENDING)
+		);
+	
+		/* get accounts */
+	
+		$total = q("SELECT count(*) as total FROM account");
+		if (count($total)) {
+			\App::set_pager_total($total[0]['total']);
+			\App::set_pager_itemspage(100);
+		}
+	
+		$serviceclass = (($_REQUEST['class']) ? " and account_service_class = '" . dbesc($_REQUEST['class']) . "' " : '');
+
+		$key = (($_REQUEST['key']) ? dbesc($_REQUEST['key']) : 'account_id');
+		$dir = 'asc';
+		if(array_key_exists('dir',$_REQUEST))
+			$dir = ((intval($_REQUEST['dir'])) ? 'asc' : 'desc');
+
+		$base = z_root() . '/admin/accounts?f=';
+		$odir = (($dir === 'asc') ? '0' : '1');
+
+		$users = q("SELECT account_id , account_email, account_lastlog, account_created, account_expires, account_service_class, ( account_flags & %d ) > 0 as blocked, 
+			(SELECT %s FROM channel as ch WHERE ch.channel_account_id = ac.account_id and ch.channel_removed = 0 ) as channels FROM account as ac 
+			where true $serviceclass and account_flags != %d order by $key $dir limit %d offset %d ",
+			intval(ACCOUNT_BLOCKED),
+			db_concat('ch.channel_address', ' '),
+			intval(ACCOUNT_BLOCKED | ACCOUNT_PENDING),
+			intval(\App::$pager['itemspage']),
+			intval(\App::$pager['start'])
+		);
+	
+	//	function _setup_users($e){
+	//		$accounts = Array(
+	//			t('Normal Account'), 
+	//			t('Soapbox Account'),
+	//			t('Community/Celebrity Account'),
+	//			t('Automatic Friend Account')
+	//		);
+	
+	//		$e['page_flags'] = $accounts[$e['page-flags']];
+	//		$e['register_date'] = relative_date($e['register_date']);
+	//		$e['login_date'] = relative_date($e['login_date']);
+	//		$e['lastitem_date'] = relative_date($e['lastitem_date']);
+	//		return $e;
+	//	}
+	//	$users = array_map("_setup_users", $users);
+	
+		$t = get_markup_template('admin_accounts.tpl');
+		$o = replace_macros($t, array(
+			// strings //
+			'$title' => t('Administration'),
+			'$page' => t('Accounts'),
+			'$submit' => t('Submit'),
+			'$select_all' => t('select all'),
+			'$h_pending' => t('Registrations waiting for confirm'),
+			'$th_pending' => array( t('Request date'), t('Email') ),
+			'$no_pending' =>  t('No registrations.'),
+			'$approve' => t('Approve'),
+			'$deny' => t('Deny'),
+			'$delete' => t('Delete'),
+			'$block' => t('Block'),
+			'$unblock' => t('Unblock'),
+			'$odir' => $odir,
+			'$base' => $base,
+			'$h_users' => t('Accounts'),
+			'$th_users' => array( 
+				[ t('ID'), 'account_id' ],
+				[ t('Email'), 'account_email' ],
+				[ t('All Channels'), 'channels' ],
+				[ t('Register date'), 'account_created' ],
+				[ t('Last login'), 'account_lastlog' ],
+				[ t('Expires'), 'account_expires' ],
+				[ t('Service Class'), 'account_service_class'] ),
+	
+			'$confirm_delete_multi' => t('Selected accounts will be deleted!\n\nEverything these accounts had posted on this site will be permanently deleted!\n\nAre you sure?'),
+			'$confirm_delete' => t('The account {0} will be deleted!\n\nEverything this account has posted on this site will be permanently deleted!\n\nAre you sure?'),
+	
+			'$form_security_token' => get_form_security_token("admin_accounts"),
+	
+			// values //
+			'$baseurl' => z_root(),
+	
+			'$pending' => $pending,
+			'$users' => $users,
+		));
+		$o .= paginate($a);
+	
+		return $o;
+	}
+	
+
+}

Zotlabs/Module/Admin/Addons.php

@@ -0,0 +1,479 @@
+<?php
+
+namespace Zotlabs\Module\Admin;
+
+use \Zotlabs\Storage\GitRepo;
+use \Michelf\MarkdownExtra;
+
+class Addons {
+
+	/**
+	 * @brief
+	 *
+	 */
+	function post() {
+
+		if(argc() > 2 && is_file("addon/" . argv(2) . "/" . argv(2) . ".php")) {
+			@include_once("addon/" . argv(2) . "/" . argv(2) . ".php");
+			if(function_exists(argv(2).'_plugin_admin_post')) {
+				$func = argv(2) . '_plugin_admin_post';
+				$func($a);
+			}
+
+			goaway(z_root() . '/admin/addons/' . argv(2) );
+		}
+		elseif(argc() > 2) {
+			switch(argv(2)) {
+				case 'updaterepo':
+					if (array_key_exists('repoName', $_REQUEST)) {
+						$repoName = $_REQUEST['repoName'];
+					}
+					else {
+						json_return_and_die(array('message' => 'No repo name provided.', 'success' => false));
+					}
+					$extendDir = 'store/[data]/git/sys/extend';
+					$addonDir = $extendDir . '/addon';
+					if (!file_exists($extendDir)) {
+						if (!mkdir($extendDir, 0770, true)) {
+							logger('Error creating extend folder: ' . $extendDir);
+							json_return_and_die(array('message' => 'Error creating extend folder: ' . $extendDir, 'success' => false));
+						}
+						else {
+							if (!symlink(realpath('extend/addon'), $addonDir)) {
+								logger('Error creating symlink to addon folder: ' . $addonDir);
+								json_return_and_die(array('message' => 'Error creating symlink to addon folder: ' . $addonDir, 'success' => false));
+							}
+						}
+					}
+					$repoDir = 'store/[data]/git/sys/extend/addon/' . $repoName;
+					if (!is_dir($repoDir)) {
+						logger('Repo directory does not exist: ' . $repoDir);
+						json_return_and_die(array('message' => 'Invalid addon repo.', 'success' => false));
+					}
+					if (!is_writable($repoDir)) {
+						logger('Repo directory not writable to web server: ' . $repoDir);
+						json_return_and_die(array('message' => 'Repo directory not writable to web server.', 'success' => false));
+					}
+					$git = new GitRepo('sys', null, false, $repoName, $repoDir);
+					try {
+						if ($git->pull()) {
+							$files = array_diff(scandir($repoDir), array('.', '..'));
+							foreach ($files as $file) {
+								if (is_dir($repoDir . '/' . $file) && $file !== '.git') {
+									$source = '../extend/addon/' . $repoName . '/' . $file;
+									$target = realpath('addon/') . '/' . $file;
+									unlink($target);
+									if (!symlink($source, $target)) {
+										logger('Error linking addons to /addon');
+										json_return_and_die(array('message' => 'Error linking addons to /addon', 'success' => false));
+									}
+								}
+							}
+							json_return_and_die(array('message' => 'Repo updated.', 'success' => true));
+						} else {
+							json_return_and_die(array('message' => 'Error updating addon repo.', 'success' => false));
+						}
+					} catch (\PHPGit\Exception\GitException $e) {
+						json_return_and_die(array('message' => 'Error updating addon repo.', 'success' => false));
+					}
+				case 'removerepo':
+					if (array_key_exists('repoName', $_REQUEST)) {
+						$repoName = $_REQUEST['repoName'];
+					} else {
+						json_return_and_die(array('message' => 'No repo name provided.', 'success' => false));
+					}
+					$extendDir = 'store/[data]/git/sys/extend';
+					$addonDir = $extendDir . '/addon';
+					if (!file_exists($extendDir)) {
+						if (!mkdir($extendDir, 0770, true)) {
+							logger('Error creating extend folder: ' . $extendDir);
+							json_return_and_die(array('message' => 'Error creating extend folder: ' . $extendDir, 'success' => false));
+						} else {
+							if (!symlink(realpath('extend/addon'), $addonDir)) {
+								logger('Error creating symlink to addon folder: ' . $addonDir);
+								json_return_and_die(array('message' => 'Error creating symlink to addon folder: ' . $addonDir, 'success' => false));
+							}
+						}
+					}
+					$repoDir = 'store/[data]/git/sys/extend/addon/' . $repoName;
+					if (!is_dir($repoDir)) {
+						logger('Repo directory does not exist: ' . $repoDir);
+						json_return_and_die(array('message' => 'Invalid addon repo.', 'success' => false));
+					}
+					if (!is_writable($repoDir)) {
+						logger('Repo directory not writable to web server: ' . $repoDir);
+						json_return_and_die(array('message' => 'Repo directory not writable to web server.', 'success' => false));
+					}
+					/// @TODO remove directory and unlink /addon/files
+					if (rrmdir($repoDir)) {
+						json_return_and_die(array('message' => 'Repo deleted.', 'success' => true));
+					} else {
+						json_return_and_die(array('message' => 'Error deleting addon repo.', 'success' => false));
+					}
+				case 'installrepo':
+					if (array_key_exists('repoURL', $_REQUEST)) {
+						require_once('library/PHPGit.autoload.php');			// Load PHPGit dependencies
+						$repoURL = $_REQUEST['repoURL'];
+						$extendDir = 'store/[data]/git/sys/extend';
+						$addonDir = $extendDir . '/addon';
+						if (!file_exists($extendDir)) {
+							if (!mkdir($extendDir, 0770, true)) {
+								logger('Error creating extend folder: ' . $extendDir);
+								json_return_and_die(array('message' => 'Error creating extend folder: ' . $extendDir, 'success' => false));
+							} else {
+								if (!symlink(realpath('extend/addon'), $addonDir)) {
+									logger('Error creating symlink to addon folder: ' . $addonDir);
+									json_return_and_die(array('message' => 'Error creating symlink to addon folder: ' . $addonDir, 'success' => false));
+								}
+							}
+						}
+						if (!is_writable($extendDir)) {
+							logger('Directory not writable to web server: ' . $extendDir);
+							json_return_and_die(array('message' => 'Directory not writable to web server.', 'success' => false));
+						}
+						$repoName = null;
+						if (array_key_exists('repoName', $_REQUEST) && $_REQUEST['repoName'] !== '') {
+							$repoName = $_REQUEST['repoName'];
+						} else {
+							$repoName = GitRepo::getRepoNameFromURL($repoURL);
+						}
+						if (!$repoName) {
+							logger('Invalid git repo');
+							json_return_and_die(array('message' => 'Invalid git repo', 'success' => false));
+						}
+						$repoDir = $addonDir . '/' . $repoName;
+						$tempRepoBaseDir = 'store/[data]/git/sys/temp/';
+						$tempAddonDir = $tempRepoBaseDir . $repoName;
+
+						if (!is_writable($addonDir) || !is_writable($tempAddonDir)) {
+							logger('Temp repo directory or /extend/addon not writable to web server: ' . $tempAddonDir);
+							json_return_and_die(array('message' => 'Temp repo directory not writable to web server.', 'success' => false));
+						}
+						rename($tempAddonDir, $repoDir);
+
+						if (!is_writable(realpath('addon/'))) {
+							logger('/addon directory not writable to web server: ' . $tempAddonDir);
+							json_return_and_die(array('message' => '/addon directory not writable to web server.', 'success' => false));
+						}
+						$files = array_diff(scandir($repoDir), array('.', '..'));
+						foreach ($files as $file) {
+							if (is_dir($repoDir . '/' . $file) && $file !== '.git') {
+								$source = '../extend/addon/' . $repoName . '/' . $file;
+								$target = realpath('addon/') . '/' . $file;
+								unlink($target);
+								if (!symlink($source, $target)) {
+									logger('Error linking addons to /addon');
+									json_return_and_die(array('message' => 'Error linking addons to /addon', 'success' => false));
+								}
+							}
+						}
+						$git = new GitRepo('sys', $repoURL, false, $repoName, $repoDir);
+						$repo = $git->probeRepo();
+						json_return_and_die(array('repo' => $repo, 'message' => '', 'success' => true));
+					}
+				case 'addrepo':
+					if (array_key_exists('repoURL', $_REQUEST)) {
+						require_once('library/PHPGit.autoload.php');	 // Load PHPGit dependencies
+						$repoURL = $_REQUEST['repoURL'];
+						$extendDir = 'store/[data]/git/sys/extend';
+						$addonDir = $extendDir . '/addon';
+						$tempAddonDir = realpath('store/[data]') . '/git/sys/temp';
+						if (!file_exists($extendDir)) {
+							if (!mkdir($extendDir, 0770, true)) {
+								logger('Error creating extend folder: ' . $extendDir);
+								json_return_and_die(array('message' => 'Error creating extend folder: ' . $extendDir, 'success' => false));
+							} else {
+								if (!symlink(realpath('extend/addon'), $addonDir)) {
+									logger('Error creating symlink to addon folder: ' . $addonDir);
+									json_return_and_die(array('message' => 'Error creating symlink to addon folder: ' . $addonDir, 'success' => false));
+								}
+							}
+						}
+						if (!is_dir($tempAddonDir)) {
+							if (!mkdir($tempAddonDir, 0770, true)) {
+								logger('Error creating temp plugin repo folder: ' . $tempAddonDir);
+								json_return_and_die(array('message' => 'Error creating temp plugin repo folder: ' . $tempAddonDir, 'success' => false));
+							}
+						}
+						$repoName = null;
+						if (array_key_exists('repoName', $_REQUEST) && $_REQUEST['repoName'] !== '') {
+							$repoName = $_REQUEST['repoName'];
+						} else {
+							$repoName = GitRepo::getRepoNameFromURL($repoURL);
+						}
+						if (!$repoName) {
+							logger('Invalid git repo');
+							json_return_and_die(array('message' => 'Invalid git repo: ' . $repoName, 'success' => false));
+						}
+						$repoDir = $tempAddonDir . '/' . $repoName;
+						if (!is_writable($tempAddonDir)) {
+							logger('Temporary directory for new addon repo is not writable to web server: ' . $tempAddonDir);
+							json_return_and_die(array('message' => 'Temporary directory for new addon repo is not writable to web server.', 'success' => false));
+						}
+						// clone the repo if new automatically
+						$git = new GitRepo('sys', $repoURL, true, $repoName, $repoDir);
+
+						$remotes = $git->git->remote();
+						$fetchURL = $remotes['origin']['fetch'];
+						if ($fetchURL !== $git->url) {
+							if (rrmdir($repoDir)) {
+								$git = new GitRepo('sys', $repoURL, true, $repoName, $repoDir);
+							} else {
+								json_return_and_die(array('message' => 'Error deleting existing addon repo.', 'success' => false));
+							}
+						}
+						$repo = $git->probeRepo();
+						$repo['readme'] = $repo['manifest'] = null;
+						foreach ($git->git->tree('master') as $object) {
+							if ($object['type'] == 'blob' && (strtolower($object['file']) === 'readme.md' || strtolower($object['file']) === 'readme')) {
+								$repo['readme'] = MarkdownExtra::defaultTransform($git->git->cat->blob($object['hash']));
+							} else if ($object['type'] == 'blob' && strtolower($object['file']) === 'manifest.json') {
+								$repo['manifest'] = $git->git->cat->blob($object['hash']);
+							}
+						}
+						json_return_and_die(array('repo' => $repo, 'message' => '', 'success' => true));
+					} else {
+						json_return_and_die(array('message' => 'No repo URL provided', 'success' => false));
+					}
+					break;
+				default:
+					break;
+			}
+		}
+	}
+
+	/**
+	 * @brief Addons admin page.
+	 *
+	 * @return string with parsed HTML
+	 */
+	function get() {
+
+		/*
+		 * Single plugin
+		 */
+
+		if (\App::$argc == 3){
+			$plugin = \App::$argv[2];
+			if (!is_file("addon/$plugin/$plugin.php")){
+				notice( t("Item not found.") );
+				return '';
+			}
+
+			$enabled = in_array($plugin,\App::$plugins);
+			$info = get_plugin_info($plugin);
+			$x = check_plugin_versions($info);
+
+			// disable plugins which are installed but incompatible versions
+
+			if($enabled && ! $x) {
+				$enabled = false;
+				$idz = array_search($plugin, \App::$plugins);
+				if ($idz !== false) {
+					unset(\App::$plugins[$idz]);
+					uninstall_plugin($plugin);
+					set_config("system","addon", implode(", ",\App::$plugins));
+				}
+			}
+			$info['disabled'] = 1-intval($x);
+
+			if (x($_GET,"a") && $_GET['a']=="t"){
+				check_form_security_token_redirectOnErr('/admin/addons', 'admin_addons', 't');
+				$pinstalled = false;
+				// Toggle plugin status
+				$idx = array_search($plugin, \App::$plugins);
+				if ($idx !== false){
+					unset(\App::$plugins[$idx]);
+					uninstall_plugin($plugin);
+					$pinstalled = false;
+					info( sprintf( t("Plugin %s disabled."), $plugin ) );
+				} else {
+					\App::$plugins[] = $plugin;
+					install_plugin($plugin);
+					$pinstalled = true;
+					info( sprintf( t("Plugin %s enabled."), $plugin ) );
+				}
+				set_config("system","addon", implode(", ",\App::$plugins));
+
+				if($pinstalled) {
+					@require_once("addon/$plugin/$plugin.php");
+					if(function_exists($plugin.'_plugin_admin'))
+						goaway(z_root() . '/admin/addons/' . $plugin);
+				}
+				goaway(z_root() . '/admin/addons' );
+			}
+
+			// display plugin details
+
+			if (in_array($plugin, \App::$plugins)){
+				$status = 'on';
+				$action = t('Disable');
+			} else {
+				$status = 'off';
+				$action =  t('Enable');
+			}
+
+			$readme = null;
+			if (is_file("addon/$plugin/README.md")){
+				$readme = file_get_contents("addon/$plugin/README.md");
+				$readme = MarkdownExtra::defaultTransform($readme);
+			} else if (is_file("addon/$plugin/README")){
+				$readme = "<pre>". file_get_contents("addon/$plugin/README") ."</pre>";
+			}
+
+			$admin_form = '';
+
+			$r = q("select * from addon where plugin_admin = 1 and aname = '%s' limit 1",
+				dbesc($plugin)
+			);
+
+			if($r) {
+				@require_once("addon/$plugin/$plugin.php");
+				if(function_exists($plugin.'_plugin_admin')) {
+					$func = $plugin.'_plugin_admin';
+					$func($a, $admin_form);
+				}
+			}
+
+
+			$t = get_markup_template('admin_plugins_details.tpl');
+			return replace_macros($t, array(
+				'$title' => t('Administration'),
+				'$page' => t('Addons'),
+				'$toggle' => t('Toggle'),
+				'$settings' => t('Settings'),
+				'$baseurl' => z_root(),
+
+				'$plugin' => $plugin,
+				'$status' => $status,
+				'$action' => $action,
+				'$info' => $info,
+				'$str_author' => t('Author: '),
+				'$str_maintainer' => t('Maintainer: '),
+				'$str_minversion' => t('Minimum project version: '),
+				'$str_maxversion' => t('Maximum project version: '),
+				'$str_minphpversion' => t('Minimum PHP version: '),
+				'$str_serverroles' => t('Compatible Server Roles: '),
+				'$str_requires' => t('Requires: '),
+				'$disabled' => t('Disabled - version incompatibility'),
+
+				'$admin_form' => $admin_form,
+				'$function' => 'addons',
+				'$screenshot' => '',
+				'$readme' => $readme,
+
+				'$form_security_token' => get_form_security_token('admin_addons'),
+			));
+		}
+
+
+		/*
+		 * List plugins
+		 */
+		$plugins = array();
+		$files = glob('addon/*/');
+		if($files) {
+			foreach($files as $file) {
+				if (is_dir($file)){
+					list($tmp, $id) = array_map('trim', explode('/', $file));
+					$info = get_plugin_info($id);
+					$enabled = in_array($id,\App::$plugins);
+					$x = check_plugin_versions($info);
+
+					// disable plugins which are installed but incompatible versions
+
+					if($enabled && ! $x) {
+						$enabled = false;
+						$idz = array_search($id, \App::$plugins);
+						if ($idz !== false) {
+							unset(\App::$plugins[$idz]);
+							uninstall_plugin($id);
+							set_config("system","addon", implode(", ",\App::$plugins));
+						}
+					}
+					$info['disabled'] = 1-intval($x);
+
+					$plugins[] = array( $id, (($enabled)?"on":"off") , $info);
+				}
+			}
+		}
+
+		usort($plugins,'self::plugin_sort');
+
+		$allowManageRepos = false;
+		if(is_writable('extend/addon') && is_writable('store/[data]')) {
+			$allowManageRepos = true;
+		}
+
+		$admin_plugins_add_repo_form= replace_macros(
+			get_markup_template('admin_plugins_addrepo.tpl'), array(
+				'$post' => 'admin/addons/addrepo',
+				'$desc' => t('Enter the public git repository URL of the addon repo.'),
+				'$repoURL' => array('repoURL', t('Addon repo git URL'), '', ''),
+				'$repoName' => array('repoName', t('Custom repo name'), '', '', t('(optional)')),
+				'$submit' => t('Download Addon Repo')
+			)
+		);
+		$newRepoModalID = random_string(3);
+		$newRepoModal = replace_macros(
+			get_markup_template('generic_modal.tpl'), array(
+				'$id' => $newRepoModalID,
+				'$title' => t('Install new repo'),
+				'$ok' => t('Install'),
+				'$cancel' => t('Cancel')
+			)
+		);
+
+		$reponames = $this->listAddonRepos();
+		$addonrepos = [];
+		foreach($reponames as $repo) {
+			$addonrepos[] = array('name' => $repo, 'description' => '');
+			/// @TODO Parse repo info to provide more information about repos
+		}
+
+		$t = get_markup_template('admin_plugins.tpl');
+		return replace_macros($t, array(
+			'$title' => t('Administration'),
+			'$page' => t('Addons'),
+			'$submit' => t('Submit'),
+			'$baseurl' => z_root(),
+			'$function' => 'addons',
+			'$plugins' => $plugins,
+			'$disabled' => t('Disabled - version incompatibility'),
+			'$form_security_token' => get_form_security_token('admin_addons'),
+			'$allowManageRepos' => $allowManageRepos,
+			'$managerepos' => t('Manage Repos'),
+			'$installedtitle' => t('Installed Addon Repositories'),
+			'$addnewrepotitle' =>	t('Install a New Addon Repository'),
+			'$expandform' => false,
+			'$form' => $admin_plugins_add_repo_form,
+			'$newRepoModal' => $newRepoModal,
+			'$newRepoModalID' => $newRepoModalID,
+			'$addonrepos' => $addonrepos,
+			'$repoUpdateButton' => t('Update'),
+			'$repoBranchButton' => t('Switch branch'),
+			'$repoRemoveButton' => t('Remove')
+		));
+	}
+
+	function listAddonRepos() {
+		$addonrepos = [];
+		$addonDir = 'extend/addon/';
+		if(is_dir($addonDir)) {
+			if ($handle = opendir($addonDir)) {
+				while (false !== ($entry = readdir($handle))) {
+					if ($entry != "." && $entry != "..") {
+						$addonrepos[] = $entry;
+					}
+				}
+				closedir($handle);
+			}
+		}
+		return $addonrepos;
+	}
+
+	static public function plugin_sort($a,$b) {
+		return(strcmp(strtolower($a[2]['name']),strtolower($b[2]['name'])));
+	}
+
+}

Zotlabs/Module/Admin/Channels.php

@@ -0,0 +1,176 @@
+<?php
+
+namespace Zotlabs\Module\Admin;
+
+/**
+ * @brief Admin Module for Channels.
+ *
+ */
+class Channels {
+
+	/**
+	 * @brief Handle POST actions on channels admin page.
+	 *
+	 */
+	function post() {
+
+		$channels = ( x($_POST, 'channel') ? $_POST['channel'] : Array() );
+
+		check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels');
+
+		$xor = db_getfunc('^');
+
+		if(x($_POST, 'page_channels_block')) {
+			foreach($channels as $uid) {
+				q("UPDATE channel SET channel_pageflags = ( channel_pageflags $xor %d ) where channel_id = %d",
+					intval(PAGE_CENSORED),
+					intval( $uid )
+				);
+				\Zotlabs\Daemon\Master::Summon(array('Directory', $uid, 'nopush'));
+			}
+			notice( sprintf( tt("%s channel censored/uncensored", "%s channels censored/uncensored", count($channels)), count($channels)) );
+		}
+		if(x($_POST, 'page_channels_code')) {
+			foreach($channels as $uid) {
+				q("UPDATE channel SET channel_pageflags = ( channel_pageflags $xor %d ) where channel_id = %d",
+					intval(PAGE_ALLOWCODE),
+					intval( $uid )
+				);
+			}
+			notice( sprintf( tt("%s channel code allowed/disallowed", "%s channels code allowed/disallowed", count($channels)), count($channels)) );
+		}
+		if(x($_POST, 'page_channels_delete')) {
+			foreach($channels as $uid) {
+				channel_remove($uid, true);
+			}
+			notice( sprintf( tt("%s channel deleted", "%s channels deleted", count($channels)), count($channels)) );
+		}
+
+		goaway(z_root() . '/admin/channels' );
+	}
+
+	/**
+	 * @brief Generate channels admin page and handle single item operations.
+	 *
+	 * @return string with parsed HTML
+	 */
+	function get() {
+		if(argc() > 2) {
+			$uid = argv(3);
+			$channel = q("SELECT * FROM channel WHERE channel_id = %d",
+				intval($uid)
+			);
+
+			if(! $channel) {
+				notice( t('Channel not found') . EOL);
+				goaway(z_root() . '/admin/channels' );
+			}
+
+			switch(argv(2)) {
+				case "delete":{
+					check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't');
+					// delete channel
+					channel_remove($uid,true);
+
+					notice( sprintf(t("Channel '%s' deleted"), $channel[0]['channel_name']) . EOL);
+				}; break;
+
+				case "block":{
+					check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't');
+					$pflags = $channel[0]['channel_pageflags'] ^ PAGE_CENSORED;
+					q("UPDATE channel SET channel_pageflags = %d where channel_id = %d",
+						intval($pflags),
+						intval( $uid )
+					);
+					\Zotlabs\Daemon\Master::Summon(array('Directory',$uid,'nopush'));
+
+					notice( sprintf( (($pflags & PAGE_CENSORED) ? t("Channel '%s' censored"): t("Channel '%s' uncensored")) , $channel[0]['channel_name'] . ' (' . $channel[0]['channel_address'] . ')' ) . EOL);
+				}; break;
+
+				case "code":{
+					check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't');
+					$pflags = $channel[0]['channel_pageflags'] ^ PAGE_ALLOWCODE;
+					q("UPDATE channel SET channel_pageflags = %d where channel_id = %d",
+						intval($pflags),
+						intval( $uid )
+					);
+
+					notice( sprintf( (($pflags & PAGE_ALLOWCODE) ? t("Channel '%s' code allowed"): t("Channel '%s' code disallowed")) , $channel[0]['channel_name'] . ' (' . $channel[0]['channel_address'] . ')' ) . EOL);
+				}; break;
+
+				default:
+					break;
+			}
+			goaway(z_root() . '/admin/channels' );
+		}
+
+		$key = (($_REQUEST['key']) ? dbesc($_REQUEST['key']) : 'channel_id');
+		$dir = 'asc';
+		if(array_key_exists('dir',$_REQUEST))
+			$dir = ((intval($_REQUEST['dir'])) ? 'asc' : 'desc');
+
+		$base = z_root() . '/admin/channels?f=';
+		$odir = (($dir === 'asc') ? '0' : '1');
+
+		/* get channels */
+
+		$total = q("SELECT count(*) as total FROM channel where channel_removed = 0 and channel_system = 0");
+		if($total) {
+			\App::set_pager_total($total[0]['total']);
+			\App::set_pager_itemspage(100);
+		}
+
+		$channels = q("SELECT * from channel where channel_removed = 0 and channel_system = 0 order by $key $dir limit %d offset %d ",
+			intval(\App::$pager['itemspage']),
+			intval(\App::$pager['start'])
+		);
+
+		if($channels) {
+			for($x = 0; $x < count($channels); $x ++) {
+				if($channels[$x]['channel_pageflags'] & PAGE_CENSORED)
+					$channels[$x]['blocked'] = true;
+				else
+					$channels[$x]['blocked'] = false;
+
+				if($channels[$x]['channel_pageflags'] & PAGE_ALLOWCODE)
+					$channels[$x]['allowcode'] = true;
+				else
+					$channels[$x]['allowcode'] = false;
+			}
+		}
+
+		$t = get_markup_template('admin_channels.tpl');
+		$o = replace_macros($t, array(
+			// strings //
+			'$title' => t('Administration'),
+			'$page' => t('Channels'),
+			'$submit' => t('Submit'),
+			'$select_all' => t('select all'),
+			'$delete' => t('Delete'),
+			'$block' => t('Censor'),
+			'$unblock' => t('Uncensor'),
+			'$code' => t('Allow Code'),
+			'$uncode' => t('Disallow Code'),
+			'$h_channels' => t('Channel'),
+			'$base' => $base,
+			'$odir' => $odir,
+			'$th_channels' => array(
+					[ t('UID'), 'channel_id' ],
+					[ t('Name'), 'channel_name' ],
+					[ t('Address'), 'channel_address' ]),
+
+			'$confirm_delete_multi' => t('Selected channels will be deleted!\n\nEverything that was posted in these channels on this site will be permanently deleted!\n\nAre you sure?'),
+			'$confirm_delete' => t('The channel {0} will be deleted!\n\nEverything that was posted in this channel on this site will be permanently deleted!\n\nAre you sure?'),
+
+			'$form_security_token' => get_form_security_token('admin_channels'),
+
+			// values //
+			'$baseurl' => z_root(),
+			'$channels' => $channels,
+		));
+		$o .= paginate($a);
+
+		return $o;
+	}
+
+}

Zotlabs/Module/Admin/Dbsync.php

@@ -0,0 +1,72 @@
+<?php
+
+namespace Zotlabs\Module\Admin;
+
+
+
+class Dbsync {
+	
+
+	function get() {
+		$o = '';
+	
+		if(argc() > 3 && intval(argv(3)) && argv(2) === 'mark') {
+			// remove the old style config if it exists
+			del_config('database', 'update_r' . intval(argv(3)));
+			set_config('database', '_' . intval(argv(3)), 'success');
+			if(intval(get_config('system','db_version')) < intval(argv(3)))
+				set_config('system','db_version',intval(argv(3)));
+			info( t('Update has been marked successful') . EOL);
+			goaway(z_root() . '/admin/dbsync');
+		}
+	
+		if(argc() > 2 && intval(argv(2))) {
+			$x = intval(argv(2));
+			$s = '_' . $x;
+			$cls = '\\Zotlabs\Update\\' . $s ;
+			if(class_exists($cls)) {
+				$c =  new $cls();
+				$retval = $c->run();
+				if($retval === UPDATE_FAILED) {
+					$o .= sprintf( t('Executing %s failed. Check system logs.'), $s); 
+				}
+				elseif($retval === UPDATE_SUCCESS) {
+					$o .= sprintf( t('Update %s was successfully applied.'), $s);
+					set_config('database',$s, 'success');
+				}
+				else
+					$o .= sprintf( t('Update %s did not return a status. Unknown if it succeeded.'), $s);
+			}
+			else
+				$o .= sprintf( t('Update function %s could not be found.'), $s);
+	
+			return $o;
+		}
+	
+		$failed = array();
+		$r = q("select * from config where cat = 'database' ");
+		if(count($r)) {
+			foreach($r as $rr) {
+				$upd = intval(substr($rr['k'],-4));
+				if($rr['v'] === 'success')
+					continue;
+				$failed[] = $upd;
+			}
+		}
+		if(count($failed)) {
+			$o = replace_macros(get_markup_template('failed_updates.tpl'),array(
+				'$base'   => z_root(),
+				'$banner' => t('Failed Updates'),
+				'$desc'   => '',
+				'$mark'   => t('Mark success (if update was manually applied)'),
+				'$apply'  => t('Attempt to execute this update step automatically'),
+				'$failed' => $failed
+		));
+		}
+		else {
+			return '<div class="generic-content-wrapper-styled"><h3>' . t('No failed updates.') . '</h3></div>';
+		}
+	
+		return $o;
+	}
+}

Zotlabs/Module/Admin/Features.php

@@ -0,0 +1,74 @@
+<?php
+
+namespace Zotlabs\Module\Admin;
+
+
+
+class Features {
+
+	
+	function post() {
+	
+		check_form_security_token_redirectOnErr('/admin/features', 'admin_manage_features');
+	
+		logger('postvars: ' . print_r($_POST,true));
+	
+		$arr = array();
+		$features = get_features(false);
+	
+		foreach($features as $fname => $fdata) {
+			foreach(array_slice($fdata,1) as $f) {
+				$feature = $f[0];
+	
+				if(array_key_exists('feature_' . $feature,$_POST))
+					$val = intval($_POST['feature_' . $feature]);
+				else
+					$val = 0;
+				set_config('feature',$feature,$val);
+	
+				if(array_key_exists('featurelock_' . $feature,$_POST))
+					set_config('feature_lock',$feature,$val);
+				else
+					del_config('feature_lock',$feature);
+			}
+		}
+	
+		goaway(z_root() . '/admin/features' );
+	
+	}
+	
+	function get() {
+		
+		if((argc() > 1) && (argv(1) === 'features')) {
+			$arr = array();
+			$features = get_features(false);
+	
+			foreach($features as $fname => $fdata) {
+				$arr[$fname] = array();
+				$arr[$fname][0] = $fdata[0];
+				foreach(array_slice($fdata,1) as $f) {
+	
+					$set = get_config('feature',$f[0]);
+					if($set === false)
+						$set = $f[3];
+					$arr[$fname][1][] = array(
+						array('feature_' .$f[0],$f[1],$set,$f[2],array(t('Off'),t('On'))),
+						array('featurelock_' .$f[0],sprintf( t('Lock feature %s'),$f[1]),(($f[4] !== false) ? 1 : 0),'',array(t('Off'),t('On')))
+					);
+				}
+			}
+			
+			$tpl = get_markup_template("admin_settings_features.tpl");
+			$o .= replace_macros($tpl, array(
+				'$form_security_token' => get_form_security_token("admin_manage_features"),
+				'$title'	=> t('Manage Additional Features'),
+				'$features' => $arr,
+				'$submit'   => t('Submit'),
+			));
+	
+			return $o;
+		}
+	}
+	
+
+}

Zotlabs/Module/Admin/Logs.php

@@ -0,0 +1,101 @@
+<?php
+
+namespace Zotlabs\Module\Admin;
+
+
+class Logs {
+
+
+	
+	/**
+	 * @brief POST handler for logs admin page.
+	 *
+	 */
+
+	function post() {
+		if (x($_POST, 'page_logs')) {
+			check_form_security_token_redirectOnErr('/admin/logs', 'admin_logs');
+	
+			$logfile   = ((x($_POST,'logfile'))   ? notags(trim($_POST['logfile'])) : '');
+			$debugging = ((x($_POST,'debugging')) ? true : false);
+			$loglevel  = ((x($_POST,'loglevel'))  ? intval(trim($_POST['loglevel'])) : 0);
+	
+			set_config('system','logfile', $logfile);
+			set_config('system','debugging',  $debugging);
+			set_config('system','loglevel', $loglevel);
+		}
+	
+		info( t('Log settings updated.') );
+		goaway(z_root() . '/admin/logs' );
+	}
+	
+	/**
+	 * @brief Logs admin page.
+	 *
+	 * @return string
+	 */
+
+	function get() {
+	
+		$log_choices = Array(
+			LOGGER_NORMAL => 'Normal',
+			LOGGER_TRACE => 'Trace',
+			LOGGER_DEBUG => 'Debug',
+			LOGGER_DATA => 'Data',
+			LOGGER_ALL => 'All'
+		);
+	
+		$t = get_markup_template('admin_logs.tpl');
+	
+		$f = get_config('system', 'logfile');
+	
+		$data = '';
+	
+		if(!file_exists($f)) {
+			$data = t("Error trying to open <strong>$f</strong> log file.\r\n<br/>Check to see if file $f exist and is 
+	readable.");
+		}
+		else {
+			$fp = fopen($f, 'r');
+			if(!$fp) {
+				$data = t("Couldn't open <strong>$f</strong> log file.\r\n<br/>Check to see if file $f is readable.");
+			}
+			else {
+				$fstat = fstat($fp);
+				$size = $fstat['size'];
+				if($size != 0)
+				{
+					if($size > 5000000 || $size < 0)
+						$size = 5000000;
+					$seek = fseek($fp,0-$size,SEEK_END);
+					if($seek === 0) {
+						$data = escape_tags(fread($fp,$size));
+						while(! feof($fp))
+							$data .= escape_tags(fread($fp,4096));
+					}
+				}
+				fclose($fp);
+			}
+		}
+	
+		return replace_macros($t, array(
+			'$title' => t('Administration'),
+			'$page' => t('Logs'),
+			'$submit' => t('Submit'),
+			'$clear' => t('Clear'),
+			'$data' => $data,
+			'$baseurl' => z_root(),
+			'$logname' =>  get_config('system','logfile'),
+	
+			// name, label, value, help string, extra data...
+			'$debugging' => array('debugging', t("Debugging"),get_config('system','debugging'), ""),
+			'$logfile'   => array('logfile', t("Log file"), get_config('system','logfile'), t("Must be writable by web server. Relative to your top-level webserver directory.")),
+			'$loglevel'  => array('loglevel', t("Log level"), get_config('system','loglevel'), "", $log_choices),
+	
+			'$form_security_token' => get_form_security_token('admin_logs'),
+		));
+	}
+	
+
+
+}

Zotlabs/Module/Admin/Profs.php

@@ -0,0 +1,190 @@
+<?php
+
+namespace Zotlabs\Module\Admin;
+
+
+class Profs {
+
+	function post() {
+	
+		if(array_key_exists('basic',$_REQUEST)) {
+			$arr = explode(',',$_REQUEST['basic']);
+			array_walk($arr,'array_trim');
+			$narr = [];
+			if(count($arr)) {
+				foreach($arr as $a) {
+					if(strlen($a)) {
+						$narr[] = $a;
+					}
+				}
+			}
+			if(! $narr)
+				del_config('system','profile_fields_basic');
+			else
+				set_config('system','profile_fields_basic',$narr);
+
+
+			if(array_key_exists('advanced',$_REQUEST)) {
+				$arr = explode(',',$_REQUEST['advanced']);
+				array_walk($arr,'array_trim');
+				$narr = [];
+				if(count($arr)) {
+					foreach($arr as $a) {
+						if(strlen($a)) {
+							$narr[] = $a;
+						}
+					}
+				}
+				if(! $narr)
+					del_config('system','profile_fields_advanced');
+				else
+					set_config('system','profile_fields_advanced',$narr);
+
+			}
+			goaway(z_root() . '/admin/profs');
+		}
+	
+	
+		if(array_key_exists('field_name',$_REQUEST)) {
+			if($_REQUEST['id']) {
+				$r = q("update profdef set field_name = '%s', field_type = '%s', field_desc = '%s' field_help = '%s', field_inputs = '%s' where id = %d",
+					dbesc($_REQUEST['field_name']),
+					dbesc($_REQUEST['field_type']),
+					dbesc($_REQUEST['field_desc']),
+					dbesc($_REQUEST['field_help']),
+					dbesc($_REQUEST['field_inputs']),
+					intval($_REQUEST['id'])
+				);
+			}
+			else {
+				$r = q("insert into profdef ( field_name, field_type, field_desc, field_help, field_inputs ) values ( '%s' , '%s', '%s', '%s', '%s' )",
+					dbesc($_REQUEST['field_name']),
+					dbesc($_REQUEST['field_type']),
+					dbesc($_REQUEST['field_desc']),
+					dbesc($_REQUEST['field_help']),
+					dbesc($_REQUEST['field_inputs'])
+				);
+			}
+		}
+	
+	
+		// add to chosen array basic or advanced
+	
+		goaway(z_root() . '/admin/profs');
+	}
+	
+	function get() {
+	
+		if((argc() > 3) && argv(2) == 'drop' && intval(argv(3))) {
+			$r = q("delete from profdef where id = %d",
+				intval(argv(3))
+			);
+			// remove from allowed fields
+	
+			goaway(z_root() . '/admin/profs');	
+		}
+	
+		if((argc() > 2) && argv(2) === 'new') {
+			return replace_macros(get_markup_template('profdef_edit.tpl'),array(
+				'$header' => t('New Profile Field'),
+				'$field_name' => array('field_name',t('Field nickname'),$_REQUEST['field_name'],t('System name of field')),
+				'$field_type' => array('field_type',t('Input type'),(($_REQUEST['field_type']) ? $_REQUEST['field_type'] : 'text'),''),
+				'$field_desc' => array('field_desc',t('Field Name'),$_REQUEST['field_desc'],t('Label on profile pages')),
+				'$field_help' => array('field_help',t('Help text'),$_REQUEST['field_help'],t('Additional info (optional)')),
+				'$submit' => t('Save')
+			));
+		}
+	
+		if((argc() > 2) && intval(argv(2))) {
+			$r = q("select * from profdef where id = %d limit 1",
+				intval(argv(2))
+			);
+			if(! $r) {
+				notice( t('Field definition not found') . EOL);
+				goaway(z_root() . '/admin/profs');
+			}
+	
+			return replace_macros(get_markup_template('profdef_edit.tpl'),array(
+				'$id' => intval($r[0]['id']),
+				'$header' => t('Edit Profile Field'),
+				'$field_name' => array('field_name',t('Field nickname'),$r[0]['field_name'],t('System name of field')),
+				'$field_type' => array('field_type',t('Input type'),$r[0]['field_type'],''),
+				'$field_desc' => array('field_desc',t('Field Name'),$r[0]['field_desc'],t('Label on profile pages')),
+				'$field_help' => array('field_help',t('Help text'),$r[0]['field_help'],t('Additional info (optional)')),
+				'$submit' => t('Save')
+			));
+		}
+	
+		$basic = '';
+		$barr = array();
+		$fields = get_profile_fields_basic();
+
+		if(! $fields)
+			$fields = get_profile_fields_basic(1);
+		if($fields) {
+			foreach($fields as $k => $v) {
+				if($basic)
+					$basic .= ', ';
+				$basic .= trim($k);
+				$barr[] = trim($k);
+			}
+		}
+	
+		$advanced = '';
+		$fields = get_profile_fields_advanced();
+		if(! $fields)
+			$fields = get_profile_fields_advanced(1);
+		if($fields) {
+			foreach($fields as $k => $v) {
+				if(in_array(trim($k),$barr))
+					continue;
+				if($advanced)
+					$advanced .= ', ';
+				$advanced .= trim($k);
+			}
+		}
+	
+		$all = '';
+		$fields = get_profile_fields_advanced(1);
+		if($fields) {
+			foreach($fields as $k => $v) {
+				if($all)
+					$all .= ', ';
+				$all .= trim($k);
+			}
+		}
+	
+		$r = q("select * from profdef where true");
+		if($r) {
+			foreach($r as $rr) {
+				if($all)
+					$all .= ', ';
+				$all .= $rr['field_name'];
+			}
+		}
+	
+		
+		$o = replace_macros(get_markup_template('admin_profiles.tpl'),array(
+			'$title' => t('Profile Fields'),
+			'$basic' => array('basic',t('Basic Profile Fields'),$basic,''),
+			'$advanced' => array('advanced',t('Advanced Profile Fields'),$advanced,t('(In addition to basic fields)')),
+			'$all' => $all,
+			'$all_desc' => t('All available fields'),
+			'$cust_field_desc' => t('Custom Fields'),
+			'$cust_fields' => $r,
+			'$edit' => t('Edit'),
+			'$drop' => t('Delete'),
+			'$new' => t('Create Custom Field'),		
+			'$submit' => t('Submit')
+		));
+	
+		return $o;
+	
+	
+	}
+
+
+
+
+
+}

Zotlabs/Module/Admin/Queue.php

@@ -0,0 +1,53 @@
+<?php
+
+namespace Zotlabs\Module\Admin;
+
+
+
+class Queue {
+
+
+	
+	function get() {
+
+		$o = '';
+	
+		$expert = ((array_key_exists('expert',$_REQUEST)) ? intval($_REQUEST['expert']) : 0);
+	
+		if($_REQUEST['drophub']) {
+			hubloc_mark_as_down($_REQUEST['drophub']);
+			remove_queue_by_posturl($_REQUEST['drophub']);
+		}
+	
+		if($_REQUEST['emptyhub']) {
+			remove_queue_by_posturl($_REQUEST['emptyhub']);
+		}
+	
+		$r = q("select count(outq_posturl) as total, max(outq_priority) as priority, outq_posturl from outq 
+			where outq_delivered = 0 group by outq_posturl order by total desc");
+	
+		for($x = 0; $x < count($r); $x ++) {
+			$r[$x]['eurl'] = urlencode($r[$x]['outq_posturl']);
+			$r[$x]['connected'] = datetime_convert('UTC',date_default_timezone_get(),$r[$x]['connected'],'Y-m-d');
+		}
+	
+		$o = replace_macros(get_markup_template('admin_queue.tpl'), array(
+			'$banner' => t('Queue Statistics'),
+			'$numentries' => t('Total Entries'),
+			'$priority' => t('Priority'),
+			'$desturl' => t('Destination URL'),
+			'$nukehub' => t('Mark hub permanently offline'),
+			'$empty' => t('Empty queue for this hub'),
+			'$lastconn' => t('Last known contact'),
+			'$hasentries' => ((count($r)) ? true : false),
+			'$entries' => $r,
+			'$expert' => $expert
+		));
+	
+		return $o;
+	}
+	
+
+
+
+}

Zotlabs/Module/Admin/Security.php

@@ -0,0 +1,131 @@
+<?php
+
+namespace Zotlabs\Module\Admin;
+
+
+class Security {
+
+	function post() {
+		check_form_security_token_redirectOnErr('/admin/security', 'admin_security');
+	
+		$allowed_email        = ((x($_POST,'allowed_email'))	    ? notags(trim($_POST['allowed_email']))		: '');
+		$not_allowed_email    = ((x($_POST,'not_allowed_email'))	? notags(trim($_POST['not_allowed_email']))		: '');
+
+		set_config('system','allowed_email', $allowed_email);
+		set_config('system','not_allowed_email', $not_allowed_email);	
+
+		$block_public         = ((x($_POST,'block_public'))		? True	: False);
+		set_config('system','block_public',$block_public);
+
+		$cloud_noroot         = ((x($_POST,'cloud_noroot'))		? 1	: 0);
+		set_config('system','cloud_disable_siteroot',1 - $cloud_noroot);
+
+		$cloud_disksize       = ((x($_POST,'cloud_disksize'))	? 1	: 0);
+		set_config('system','cloud_report_disksize',$cloud_disksize);
+
+		$ws = $this->trim_array_elems(explode("\n",$_POST['whitelisted_sites']));
+		set_config('system','whitelisted_sites',$ws);
+	
+		$bs = $this->trim_array_elems(explode("\n",$_POST['blacklisted_sites']));
+		set_config('system','blacklisted_sites',$bs);
+	
+		$wc = $this->trim_array_elems(explode("\n",$_POST['whitelisted_channels']));
+		set_config('system','whitelisted_channels',$wc);
+	
+		$bc = $this->trim_array_elems(explode("\n",$_POST['blacklisted_channels']));
+		set_config('system','blacklisted_channels',$bc);
+	
+		$embed_sslonly         = ((x($_POST,'embed_sslonly'))		? True	: False);
+		set_config('system','embed_sslonly',$embed_sslonly);
+	
+		$we = $this->trim_array_elems(explode("\n",$_POST['embed_allow']));
+		set_config('system','embed_allow',$we);
+	
+		$be = $this->trim_array_elems(explode("\n",$_POST['embed_deny']));
+		set_config('system','embed_deny',$be);
+	
+		$ts = ((x($_POST,'transport_security')) ? True : False);
+		set_config('system','transport_security_header',$ts);
+
+		$cs = ((x($_POST,'content_security')) ? True : False);
+		set_config('system','content_security_policy',$cs);
+
+		goaway(z_root() . '/admin/security');
+	}
+	
+	
+
+	function get() {
+	
+		$whitesites = get_config('system','whitelisted_sites');
+		$whitesites_str = ((is_array($whitesites)) ? implode("\n",$whitesites) : '');
+	
+		$blacksites = get_config('system','blacklisted_sites');
+		$blacksites_str = ((is_array($blacksites)) ? implode("\n",$blacksites) : '');
+	
+	
+		$whitechannels = get_config('system','whitelisted_channels');
+		$whitechannels_str = ((is_array($whitechannels)) ? implode("\n",$whitechannels) : '');
+	
+		$blackchannels = get_config('system','blacklisted_channels');
+		$blackchannels_str = ((is_array($blackchannels)) ? implode("\n",$blackchannels) : '');
+	
+	
+		$whiteembeds = get_config('system','embed_allow');
+		$whiteembeds_str = ((is_array($whiteembeds)) ? implode("\n",$whiteembeds) : '');
+	
+		$blackembeds = get_config('system','embed_deny');
+		$blackembeds_str = ((is_array($blackembeds)) ? implode("\n",$blackembeds) : '');
+	
+		$embed_coop = intval(get_config('system','embed_coop'));
+	
+		if((! $whiteembeds) && (! $blackembeds)) {
+			$embedhelp1 = t("By default, unfiltered HTML is allowed in embedded media. This is inherently insecure.");
+		}
+
+		$embedhelp2 = t("The recommended setting is to only allow unfiltered HTML from the following sites:"); 
+		$embedhelp3 = t("https://youtube.com/<br />https://www.youtube.com/<br />https://youtu.be/<br />https://vimeo.com/<br />https://soundcloud.com/<br />");
+		$embedhelp4 = t("All other embedded content will be filtered, <strong>unless</strong> embedded content from that site is explicitly blocked.");
+	
+		$t = get_markup_template('admin_security.tpl');
+		return replace_macros($t, array(
+			'$title' => t('Administration'),
+			'$page' => t('Security'),
+			'$form_security_token' => get_form_security_token('admin_security'),
+	        '$block_public'     => array('block_public', t("Block public"), get_config('system','block_public'), t("Check to block public access to all otherwise public personal pages on this site unless you are currently authenticated.")),
+			'$cloud_noroot'     => [ 'cloud_noroot', t('Provide a cloud root directory'), 1 - intval(get_config('system','cloud_disable_siteroot')), t('The cloud root directory lists all channel names which provide public files') ], 
+			'$cloud_disksize'     => [ 'cloud_disksize', t('Show total disk space available to cloud uploads'), intval(get_config('system','cloud_report_disksize')), '' ],
+			'$transport_security' => array('transport_security', t('Set "Transport Security" HTTP header'),intval(get_config('system','transport_security_header')),''),
+			'$content_security' => array('content_security', t('Set "Content Security Policy" HTTP header'),intval(get_config('system','content_security_policy')),''),
+			'$allowed_email'	=> array('allowed_email', t("Allowed email domains"), get_config('system','allowed_email'), t("Comma separated list of domains which are allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains")),
+			'$not_allowed_email'	=> array('not_allowed_email', t("Not allowed email domains"), get_config('system','not_allowed_email'), t("Comma separated list of domains which are not allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains, unless allowed domains have been defined.")),
+			'$whitelisted_sites' => array('whitelisted_sites', t('Allow communications only from these sites'), $whitesites_str, t('One site per line. Leave empty to allow communication from anywhere by default')),
+			'$blacklisted_sites' => array('blacklisted_sites', t('Block communications from these sites'), $blacksites_str, ''),
+			'$whitelisted_channels' => array('whitelisted_channels', t('Allow communications only from these channels'), $whitechannels_str, t('One channel (hash) per line. Leave empty to allow from any channel by default')),
+			'$blacklisted_channels' => array('blacklisted_channels', t('Block communications from these channels'), $blackchannels_str, ''),
+			'$embed_sslonly' => array('embed_sslonly',t('Only allow embeds from secure (SSL) websites and links.'), intval(get_config('system','embed_sslonly')),''),
+			'$embed_allow' => array('embed_allow', t('Allow unfiltered embedded HTML content only from these domains'), $whiteembeds_str, t('One site per line. By default embedded content is filtered.')),
+			'$embed_deny' => array('embed_deny', t('Block embedded HTML from these domains'), $blackembeds_str, ''),
+	
+//	        '$embed_coop'     => array('embed_coop', t('Cooperative embed security'), $embed_coop, t('Enable to share embed security with other compatible sites/hubs')),
+
+			'$submit' => t('Submit')
+		));
+	}
+
+
+	function trim_array_elems($arr) {
+		$narr = array();
+	
+		if($arr && is_array($arr)) {
+			for($x = 0; $x < count($arr); $x ++) {
+				$y = trim($arr[$x]);
+				if($y)
+					$narr[] = $y;
+			}
+		}
+		return $narr;
+	}
+	
+	
+}

Zotlabs/Module/Admin/Site.php

@@ -0,0 +1,383 @@
+<?php
+
+namespace Zotlabs\Module\Admin;
+
+
+class Site {
+
+	/**
+	 * @brief POST handler for Admin Site Page.
+	 *
+	 */
+	function post(){
+		if (!x($_POST, 'page_site')) {
+			return;
+		}
+
+		check_form_security_token_redirectOnErr('/admin/site', 'admin_site');
+
+		$sitename 			=	((x($_POST,'sitename'))			? notags(trim($_POST['sitename']))			: '');
+
+		$banner				=	((x($_POST,'banner'))			? trim($_POST['banner'])				: false);
+
+		$admininfo			=	((x($_POST,'admininfo'))		? trim($_POST['admininfo'])				: false);
+		$siteinfo			=	((x($_POST,'siteinfo'))		    ? trim($_POST['siteinfo'])				: '');
+		$language			=	((x($_POST,'language'))			? notags(trim($_POST['language']))			: '');
+		$theme				=	((x($_POST,'theme'))			? notags(trim($_POST['theme']))				: '');
+//		$theme_mobile			=	((x($_POST,'theme_mobile'))		? notags(trim($_POST['theme_mobile']))			: '');
+//		$site_channel			=	((x($_POST,'site_channel'))	? notags(trim($_POST['site_channel']))				: '');
+		$maximagesize		=	((x($_POST,'maximagesize'))		? intval(trim($_POST['maximagesize']))				:  0);
+
+		$register_policy	=	((x($_POST,'register_policy'))	? intval(trim($_POST['register_policy']))	:  0);
+		$minimum_age           = ((x($_POST,'minimum_age'))          ? intval(trim($_POST['minimum_age']))    : 13);
+		$access_policy	=	((x($_POST,'access_policy'))	? intval(trim($_POST['access_policy']))	:  0);
+		$invite_only	= ((x($_POST,'invite_only'))		? True	: False);
+		$abandon_days	=	((x($_POST,'abandon_days'))	    ? intval(trim($_POST['abandon_days']))	    :  0);
+
+		$register_text		=	((x($_POST,'register_text'))	? notags(trim($_POST['register_text']))		: '');
+		$site_sellpage		=	((x($_POST,'site_sellpage'))	? notags(trim($_POST['site_sellpage']))		: '');
+		$site_location		=	((x($_POST,'site_location'))	? notags(trim($_POST['site_location']))		: '');
+		$frontpage			=	((x($_POST,'frontpage'))	? notags(trim($_POST['frontpage']))		: '');
+		$firstpage		    =	((x($_POST,'firstpage'))	? notags(trim($_POST['firstpage']))		: 'profiles');
+		$first_page		    =	((x($_POST,'first_page'))	? notags(trim($_POST['first_page']))		: 'profiles');
+		// check value after trim
+		if(! $first_page) {
+			$first_page = 'profiles';
+		}
+		$mirror_frontpage	=	((x($_POST,'mirror_frontpage'))	? intval(trim($_POST['mirror_frontpage']))		: 0);
+		$directory_server	=	((x($_POST,'directory_server')) ? trim($_POST['directory_server']) : '');
+		$allowed_sites		=	((x($_POST,'allowed_sites'))	? notags(trim($_POST['allowed_sites']))		: '');
+		$force_publish		=	((x($_POST,'publish_all'))		? True	: False);
+		$disable_discover_tab =	((x($_POST,'disable_discover_tab'))		? False	:	True);
+		$site_firehose      =   ((x($_POST,'site_firehose')) ? True : False);
+		$open_pubstream     =   ((x($_POST,'open_pubstream')) ? True : False);
+		$login_on_homepage	=	((x($_POST,'login_on_homepage'))		? True	:	False);
+		$enable_context_help = ((x($_POST,'enable_context_help'))		? True	:	False);
+		$global_directory     = ((x($_POST,'directory_submit_url'))	? notags(trim($_POST['directory_submit_url']))	: '');
+		$no_community_page    = !((x($_POST,'no_community_page'))	? True	:	False);
+		$default_expire_days  = ((array_key_exists('default_expire_days',$_POST)) ? intval($_POST['default_expire_days']) : 0);
+		$active_expire_days  = ((array_key_exists('active_expire_days',$_POST)) ? intval($_POST['active_expire_days']) : 7);
+
+		$reply_address      = ((array_key_exists('reply_address',$_POST) && trim($_POST['reply_address'])) ? trim($_POST['reply_address']) : 'noreply@' . \App::get_hostname());
+		$from_email         = ((array_key_exists('from_email',$_POST) && trim($_POST['from_email'])) ? trim($_POST['from_email']) : 'Administrator@' . \App::get_hostname());
+		$from_email_name    = ((array_key_exists('from_email_name',$_POST) && trim($_POST['from_email_name'])) ? trim($_POST['from_email_name']) : \Zotlabs\Lib\System::get_site_name());
+
+		$verifyssl         = ((x($_POST,'verifyssl'))        ? True : False);
+		$proxyuser         = ((x($_POST,'proxyuser'))        ? notags(trim($_POST['proxyuser']))  : '');
+		$proxy             = ((x($_POST,'proxy'))            ? notags(trim($_POST['proxy']))      : '');
+		$timeout           = ((x($_POST,'timeout'))          ? intval(trim($_POST['timeout']))    : 60);
+		$delivery_interval = ((x($_POST,'delivery_interval'))? intval(trim($_POST['delivery_interval'])) : 0);
+		$delivery_batch_count = ((x($_POST,'delivery_batch_count') && $_POST['delivery_batch_count'] > 0)? intval(trim($_POST['delivery_batch_count'])) : 1);
+		$poll_interval     = ((x($_POST,'poll_interval'))    ? intval(trim($_POST['poll_interval'])) : 0);
+		$maxloadavg        = ((x($_POST,'maxloadavg'))       ? intval(trim($_POST['maxloadavg'])) : 50);
+		$feed_contacts     = ((x($_POST,'feed_contacts'))    ? intval($_POST['feed_contacts'])    : 0);
+		$verify_email      = ((x($_POST,'verify_email'))     ? 1 : 0);
+		$techlevel_lock    = ((x($_POST,'techlock'))         ? intval($_POST['techlock'])   : 0);
+		$imagick_path      = ((x($_POST,'imagick_path'))     ? trim($_POST['imagick_path'])   : '');
+		$thumbnail_security  = ((x($_POST,'thumbnail_security'))     ? intval($_POST['thumbnail_security'])   : 0);
+		$force_queue       = ((intval($_POST['force_queue']) > 0) ? intval($_POST['force_queue'])   : 3000);
+		$pub_incl = escape_tags(trim($_POST['pub_incl']));
+		$pub_excl = escape_tags(trim($_POST['pub_excl']));
+
+		$permissions_role = escape_tags(trim($_POST['permissions_role']));
+
+		$techlevel         = null;
+		if(array_key_exists('techlevel', $_POST))
+			$techlevel = intval($_POST['techlevel']);
+
+		set_config('system', 'feed_contacts', $feed_contacts);
+		set_config('system', 'delivery_interval', $delivery_interval);
+		set_config('system', 'delivery_batch_count', $delivery_batch_count);
+		set_config('system', 'poll_interval', $poll_interval);
+		set_config('system', 'maxloadavg', $maxloadavg);
+		set_config('system', 'frontpage', $frontpage);
+		set_config('system', 'sellpage', $site_sellpage);
+		set_config('system', 'workflow_channel_next', $first_page);
+		set_config('system', 'site_location', $site_location);
+		set_config('system', 'mirror_frontpage', $mirror_frontpage);
+		set_config('system', 'sitename', $sitename);
+		set_config('system', 'login_on_homepage', $login_on_homepage);
+		set_config('system', 'enable_context_help', $enable_context_help);
+		set_config('system', 'verify_email', $verify_email);
+		set_config('system', 'default_expire_days', $default_expire_days);
+		set_config('system', 'active_expire_days', $active_expire_days);
+		set_config('system', 'reply_address', $reply_address);
+		set_config('system', 'from_email', $from_email);
+		set_config('system', 'from_email_name' , $from_email_name);
+		set_config('system', 'imagick_convert_path' , $imagick_path);
+		set_config('system', 'thumbnail_security' , $thumbnail_security);
+		set_config('system', 'default_permissions_role', $permissions_role);
+		set_config('system', 'pubstream_incl',$pub_incl);
+		set_config('system', 'pubstream_excl',$pub_excl);
+
+		set_config('system', 'techlevel_lock', $techlevel_lock);
+
+
+
+		if(! is_null($techlevel))
+			set_config('system', 'techlevel', $techlevel);
+
+		if($directory_server)
+			set_config('system','directory_server',$directory_server);
+
+		if ($banner == '') {
+			del_config('system', 'banner');
+		} else {
+			set_config('system', 'banner', $banner);
+		}
+
+		if ($admininfo == ''){
+			del_config('system', 'admininfo');
+		} else {
+			require_once('include/text.php');
+			linkify_tags($a, $admininfo, local_channel());
+			set_config('system', 'admininfo', $admininfo);
+		}
+		set_config('system','siteinfo',$siteinfo);
+		set_config('system', 'language', $language);
+		set_config('system', 'theme', $theme);
+//		if ( $theme_mobile === '---' ) {
+//			del_config('system', 'mobile_theme');
+//		} else {
+//			set_config('system', 'mobile_theme', $theme_mobile);
+//		}
+	//	set_config('system','site_channel', $site_channel);
+		set_config('system','maximagesize', $maximagesize);
+
+		set_config('system','register_policy', $register_policy);
+		set_config('system','minimum_age', $minimum_age);
+		set_config('system','invitation_only', $invite_only);
+		set_config('system','access_policy', $access_policy);
+		set_config('system','account_abandon_days', $abandon_days);
+		set_config('system','register_text', $register_text);
+		set_config('system','allowed_sites', $allowed_sites);
+		set_config('system','publish_all', $force_publish);
+		set_config('system','disable_discover_tab', $disable_discover_tab);
+		set_config('system','site_firehose', $site_firehose);
+		set_config('system','open_pubstream', $open_pubstream);
+		set_config('system','force_queue_threshold', $force_queue);
+		if ($global_directory == '') {
+			del_config('system', 'directory_submit_url');
+		} else {
+			set_config('system', 'directory_submit_url', $global_directory);
+		}
+
+		set_config('system','no_community_page', $no_community_page);
+		set_config('system','no_utf', $no_utf);
+		set_config('system','verifyssl', $verifyssl);
+		set_config('system','proxyuser', $proxyuser);
+		set_config('system','proxy', $proxy);
+		set_config('system','curl_timeout', $timeout);
+
+		info( t('Site settings updated.') . EOL);
+		goaway(z_root() . '/admin/site' );
+	}
+
+	/**
+	 * @brief Admin page site.
+	 *
+	 * @return string with HTML
+	 */
+	function get() {
+
+		/* Installed langs */
+		$lang_choices = array();
+		$langs = glob('view/*/hstrings.php');
+
+		if(is_array($langs) && count($langs)) {
+			if(! in_array('view/en/hstrings.php',$langs))
+				$langs[] = 'view/en/';
+			asort($langs);
+			foreach($langs as $l) {
+				$t = explode("/",$l);
+				$lang_choices[$t[1]] = $t[1];
+			}
+		}
+
+		/* Installed themes */
+		$theme_choices_mobile["---"] = t("Default");
+		$theme_choices = array();
+		$files = glob('view/theme/*');
+		if($files) {
+			foreach($files as $file) {
+				$vars = '';
+				$f = basename($file);
+
+				$info = get_theme_info($f);
+				$compatible = check_plugin_versions($info);
+				if(!$compatible) {
+					$theme_choices[$f] = $theme_choices_mobile[$f] = sprintf(t('%s - (Incompatible)'), $f);
+					continue;
+				}
+
+				if (file_exists($file . '/library'))
+					continue;
+				if (file_exists($file . '/mobile'))
+					$vars = t('mobile');
+				if (file_exists($file . '/experimental'))
+					$vars .= t('experimental');
+				if (file_exists($file . '/unsupported'))
+					$vars .= t('unsupported');
+				if ($vars) {
+					$theme_choices[$f] = $f . ' (' . $vars . ')';
+					$theme_choices_mobile[$f] = $f . ' (' . $vars . ')';
+				}
+				else {
+					$theme_choices[$f] = $f;
+					$theme_choices_mobile[$f] = $f;
+				}
+			}
+		}
+
+		$dir_choices = null;
+		$dirmode = get_config('system','directory_mode');
+		$realm = get_directory_realm();
+
+		// directory server should not be set or settable unless we are a directory client
+		// avoid older redmatrix servers which don't have modern encryption
+
+		if($dirmode == DIRECTORY_MODE_NORMAL) {
+			$x = q("select site_url from site where site_flags in (%d,%d) and site_realm = '%s' and site_dead = 0 and site_project != 'redmatrix'",
+				intval(DIRECTORY_MODE_SECONDARY),
+				intval(DIRECTORY_MODE_PRIMARY),
+				dbesc($realm)
+			);
+			if($x) {
+				$dir_choices = array();
+				foreach($x as $xx) {
+					$dir_choices[$xx['site_url']] = $xx['site_url'];
+				}
+			}
+		}
+
+		/* Banner */
+
+		$banner = get_config('system', 'banner');
+		if($banner === false)
+			$banner = get_config('system','sitename');
+
+		$banner = htmlspecialchars($banner);
+
+		/* Admin Info */
+		$admininfo = get_config('system', 'admininfo');
+
+		/* Register policy */
+		$register_choices = Array(
+			REGISTER_CLOSED  => t("No"),
+			REGISTER_APPROVE => t("Yes - with approval"),
+			REGISTER_OPEN    => t("Yes")
+		);
+
+		/* Acess policy */
+		$access_choices = Array(
+			ACCESS_PRIVATE => t("My site is not a public server"),
+			ACCESS_PAID => t("My site has paid access only"),
+			ACCESS_FREE => t("My site has free access only"),
+			ACCESS_TIERED => t("My site offers free accounts with optional paid upgrades")
+		);
+
+		$discover_tab = get_config('system','disable_discover_tab');
+
+		// $disable public streams by default
+		if($discover_tab === false)
+			$discover_tab = 1;
+		// now invert the logic for the setting.
+		$discover_tab = (1 - $discover_tab);
+
+		$techlevels = [
+			'0' => t('Beginner/Basic'),
+			'1' => t('Novice - not skilled but willing to learn'),
+			'2' => t('Intermediate - somewhat comfortable'),
+			'3' => t('Advanced - very comfortable'),
+			'4' => t('Expert - I can write computer code'),
+			'5' => t('Wizard - I probably know more than you do')
+		];
+
+		$perm_roles = \Zotlabs\Access\PermissionRoles::roles();
+		$default_role = get_config('system','default_permissions_role','social');
+
+		$role = array('permissions_role' , t('Default permission role for new accounts'), $default_role, t('This role will be used for the first channel created after registration.'),$perm_roles);
+
+
+		$homelogin = get_config('system','login_on_homepage');
+		$enable_context_help = get_config('system','enable_context_help');
+
+		$t = get_markup_template("admin_site.tpl");
+		return replace_macros($t, array(
+			'$title' => t('Administration'),
+			'$page' => t('Site'),
+			'$submit' => t('Submit'),
+			'$registration' => t('Registration'),
+			'$upload' => t('File upload'),
+			'$corporate' => t('Policies'),
+			'$advanced' => t('Advanced'),
+
+			'$baseurl' => z_root(),
+			// name, label, value, help string, extra data...
+			'$sitename' 		=> array('sitename', t("Site name"), htmlspecialchars(get_config('system','sitename'), ENT_QUOTES, 'UTF-8'),''),
+
+			'$techlevel' => [ 'techlevel', t('Site default technical skill level'), get_config('system','techlevel'), t('Used to provide a member experience matched to technical comfort level'), $techlevels ],
+
+			'$techlock' => [ 'techlock', t('Lock the technical skill level setting'), get_config('system','techlevel_lock'), t('Members can set their own technical comfort level by default') ],
+
+			'$banner'			=> array('banner', t("Banner/Logo"), $banner, t('Unfiltered HTML/CSS/JS is allowed')),
+			'$admininfo'		=> array('admininfo', t("Administrator Information"), $admininfo, t("Contact information for site administrators.  Displayed on siteinfo page.  BBCode can be used here")),
+			'$siteinfo'		=> array('siteinfo', t('Site Information'), get_config('system','siteinfo'), t("Publicly visible description of this site.  Displayed on siteinfo page.  BBCode can be used here")),
+			'$language' 		=> array('language', t("System language"), get_config('system','language'), "", $lang_choices),
+			'$theme' 			=> array('theme', t("System theme"), get_config('system','theme'), t("Default system theme - may be over-ridden by user profiles - <a href='#' id='cnftheme'>change theme settings</a>"), $theme_choices),
+//			'$theme_mobile' 	=> array('theme_mobile', t("Mobile system theme"), get_config('system','mobile_theme'), t("Theme for mobile devices"), $theme_choices_mobile),
+//			'$site_channel' 	=> array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")),
+			'$feed_contacts'    => array('feed_contacts', t('Allow Feeds as Connections'),get_config('system','feed_contacts'),t('(Heavy system resource usage)')),
+			'$maximagesize'		=> array('maximagesize', t("Maximum image size"), intval(get_config('system','maximagesize')), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")),
+			'$register_policy'	=> array('register_policy', t("Does this site allow new member registration?"), get_config('system','register_policy'), "", $register_choices),
+			'$invite_only'		=> array('invite_only', t("Invitation only"), get_config('system','invitation_only'), t("Only allow new member registrations with an invitation code. Above register policy must be set to Yes.")),
+			'$minimum_age'		=> array('minimum_age', t("Minimum age"), (x(get_config('system','minimum_age'))?get_config('system','minimum_age'):13), t("Minimum age (in years) for who may register on this site.")),
+			'$access_policy'	=> array('access_policy', t("Which best describes the types of account offered by this hub?"), get_config('system','access_policy'), "This is displayed on the public server site list.", $access_choices),
+			'$register_text'	=> array('register_text', t("Register text"), htmlspecialchars(get_config('system','register_text'), ENT_QUOTES, 'UTF-8'), t("Will be displayed prominently on the registration page.")),
+			'$role'         => $role,
+			'$frontpage'	=> array('frontpage', t("Site homepage to show visitors (default: login box)"), get_config('system','frontpage'), t("example: 'public' to show public stream, 'page/sys/home' to show a system webpage called 'home' or 'include:home.html' to include a file.")),
+			'$mirror_frontpage'	=> array('mirror_frontpage', t("Preserve site homepage URL"), get_config('system','mirror_frontpage'), t('Present the site homepage in a frame at the original location instead of redirecting')),
+			'$abandon_days'     => array('abandon_days', t('Accounts abandoned after x days'), get_config('system','account_abandon_days'), t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.')),
+			'$allowed_sites'	=> array('allowed_sites', t("Allowed friend domains"), get_config('system','allowed_sites'), t("Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains")),
+			'$verify_email'		=> array('verify_email', t("Verify Email Addresses"), get_config('system','verify_email'), t("Check to verify email addresses used in account registration (recommended).")),
+			'$force_publish'	=> array('publish_all', t("Force publish"), get_config('system','publish_all'), t("Check to force all profiles on this site to be listed in the site directory.")),
+			'$disable_discover_tab'	=> array('disable_discover_tab', t('Import Public Streams'), $discover_tab, t('Import and allow access to public content pulled from other sites. Warning: this content is unmoderated.')),
+			'$site_firehose'	=> array('site_firehose', t('Site only Public Streams'), get_config('system','site_firehose'), t('Allow access to public content originating only from this site if Imported Public Streams are disabled.')),
+			'$open_pubstream'	=> array('open_pubstream', t('Allow anybody on the internet to access the Public streams'), get_config('system','open_pubstream',1), t('Disable to require authentication before viewing. Warning: this content is unmoderated.')),
+			'$incl'           => array('pub_incl',t('Only import Public stream posts with this text'), get_config('system','pubstream_incl'),t('words one per line or #tags or /patterns/ or lang=xx, leave blank to import all posts')),
+			'$excl'           => array('pub_excl',t('Do not import Public stream posts with this text'), get_config('system','pubstream_excl'),t('words one per line or #tags or /patterns/ or lang=xx, leave blank to import all posts')),
+
+
+			'$login_on_homepage'	=> array('login_on_homepage', t("Login on Homepage"),((intval($homelogin) || $homelogin === false) ? 1 : '') , t("Present a login box to visitors on the home page if no other content has been configured.")),
+			'$enable_context_help'	=> array('enable_context_help', t("Enable context help"),((intval($enable_context_help) === 1 || $enable_context_help === false) ? 1 : 0) , t("Display contextual help for the current page when the help button is pressed.")),
+
+			'$reply_address' => [ 'reply_address', t('Reply-to email address for system generated email.'), get_config('system','reply_address','noreply@' . \App::get_hostname()),'' ],
+			'$from_email' => [ 'from_email', t('Sender (From) email address for system generated email.'), get_config('system','from_email','Administrator@' . \App::get_hostname()),'' ],
+			'$from_email_name' => [ 'from_email_name', t('Name of email sender for system generated email.'), get_config('system','from_email_name',\Zotlabs\Lib\System::get_site_name()),'' ],
+
+			'$directory_server' => (($dir_choices) ? array('directory_server', t("Directory Server URL"), get_config('system','directory_server'), t("Default directory server"), $dir_choices) : null),
+
+			'$proxyuser'		=> array('proxyuser', t("Proxy user"), get_config('system','proxyuser'), ""),
+			'$proxy'			=> array('proxy', t("Proxy URL"), get_config('system','proxy'), ""),
+			'$timeout'			=> array('timeout', t("Network timeout"), (x(get_config('system','curl_timeout'))?get_config('system','curl_timeout'):60), t("Value is in seconds. Set to 0 for unlimited (not recommended).")),
+			'$delivery_interval'			=> array('delivery_interval', t("Delivery interval"), (x(get_config('system','delivery_interval'))?get_config('system','delivery_interval'):2), t("Delay background delivery processes by this many seconds to reduce system load. Recommend: 4-5 for shared hosts, 2-3 for virtual private servers. 0-1 for large dedicated servers.")),
+			'$delivery_batch_count' => array('delivery_batch_count', t('Deliveries per process'),(x(get_config('system','delivery_batch_count'))?get_config('system','delivery_batch_count'):1), t("Number of deliveries to attempt in a single operating system process. Adjust if necessary to tune system performance. Recommend: 1-5.")),
+			'$force_queue'			=> array('force_queue', t("Queue Threshold"), get_config('system','force_queue_threshold',3000), t("Always defer immediate delivery if queue contains more than this number of entries.")),
+			'$poll_interval'			=> array('poll_interval', t("Poll interval"), (x(get_config('system','poll_interval'))?get_config('system','poll_interval'):2), t("Delay background polling processes by this many seconds to reduce system load. If 0, use delivery interval.")),
+			'$imagick_path'			=> array('imagick_path', t("Path to ImageMagick convert program"), get_config('system','imagick_convert_path'), t("If set, use this program to generate photo thumbnails for huge images ( > 4000 pixels in either dimension), otherwise memory exhaustion may occur. Example: /usr/bin/convert")),
+			'$thumbnail_security'			=> array('thumbnail_security', t("Allow SVG thumbnails in file browser"), get_config('system','thumbnail_security',0), t("WARNING: SVG images may contain malicious code.")),
+			'$maxloadavg'			=> array('maxloadavg', t("Maximum Load Average"), ((intval(get_config('system','maxloadavg')) > 0)?get_config('system','maxloadavg'):50), t("Maximum system load before delivery and poll processes are deferred - default 50.")),
+			'$default_expire_days' => array('default_expire_days', t('Expiration period in days for imported (grid/network) content'), intval(get_config('system','default_expire_days')), t('0 for no expiration of imported content')),
+			'$active_expire_days' => array('active_expire_days', t('Do not expire any posts which have comments less than this many days ago'), intval(get_config('system','active_expire_days',7)), ''),
+
+			'$sellpage' => array('site_sellpage', t('Public servers: Optional landing (marketing) webpage for new registrants'), get_config('system','sellpage',''), sprintf( t('Create this page first. Default is %s/register'),z_root())),
+			'$first_page' => array('first_page', t('Page to display after creating a new channel'), get_config('system','workflow_channel_next','profiles'), t('Default: profiles')),
+
+			'$location' => array('site_location', t('Optional: site location'), get_config('system','site_location',''), t('Region or country')),
+
+
+			'$form_security_token' => get_form_security_token("admin_site"),
+		));
+	}
+
+}

Zotlabs/Module/Admin/Themes.php

@@ -0,0 +1,228 @@
+<?php
+
+namespace Zotlabs\Module\Admin;
+
+use \Michelf\MarkdownExtra;
+
+/**
+ * @brief Admin area theme settings.
+ */
+class Themes {
+
+	/**
+	 * @brief
+	 *
+	 */
+	function post() {
+
+		$theme = argv(2);
+		if (is_file("view/theme/$theme/php/config.php")){
+			require_once("view/theme/$theme/php/config.php");
+			/// @FIXME add parent theme if derived
+			if (function_exists('theme_admin_post')){
+				theme_admin_post($a);
+			}
+		}
+		info(t('Theme settings updated.'));
+		if(is_ajax())
+			return;
+
+		goaway(z_root() . '/admin/themes/' . $theme );
+	}
+
+
+	/**
+	 * @brief Themes admin page.
+	 *
+	 * @return string with parsed HTML
+	 */
+	function get(){
+		$allowed_themes_str = get_config('system', 'allowed_themes');
+		$allowed_themes_raw = explode(',', $allowed_themes_str);
+		$allowed_themes = array();
+		if(count($allowed_themes_raw))
+			foreach($allowed_themes_raw as $x)
+				if(strlen(trim($x)))
+					$allowed_themes[] = trim($x);
+
+		$themes = array();
+		$files = glob('view/theme/*');
+		if($files) {
+			foreach($files as $file) {
+				$f = basename($file);
+				$is_experimental = intval(file_exists($file . '/.experimental'));
+				$is_supported = 1-(intval(file_exists($file . '/.unsupported'))); // Is not used yet
+				$is_allowed = intval(in_array($f,$allowed_themes));
+				$themes[] = array('name' => $f, 'experimental' => $is_experimental, 'supported' => $is_supported, 'allowed' => $is_allowed);
+			}
+		}
+
+		if(! count($themes)) {
+			notice( t('No themes found.'));
+			return '';
+		}
+
+		/*
+		 * Single theme
+		 */
+
+		if (\App::$argc == 3){
+			$theme = \App::$argv[2];
+			if(! is_dir("view/theme/$theme")){
+				notice( t("Item not found.") );
+				return '';
+			}
+
+			if (x($_GET,"a") && $_GET['a']=="t"){
+				check_form_security_token_redirectOnErr('/admin/themes', 'admin_themes', 't');
+
+				// Toggle theme status
+
+				$this->toggle_theme($themes, $theme, $result);
+				$s = $this->rebuild_theme_table($themes);
+				if($result)
+					info( sprintf('Theme %s enabled.', $theme));
+				else
+					info( sprintf('Theme %s disabled.', $theme));
+
+				set_config('system', 'allowed_themes', $s);
+				goaway(z_root() . '/admin/themes' );
+			}
+
+			// display theme details
+
+			if ($this->theme_status($themes,$theme)) {
+				$status="on"; $action= t("Disable");
+			} else {
+				$status="off"; $action= t("Enable");
+			}
+
+			$readme=Null;
+			if (is_file("view/theme/$theme/README.md")){
+				$readme = file_get_contents("view/theme/$theme/README.md");
+				$readme = MarkdownExtra::defaultTransform($readme);
+			} else if (is_file("view/theme/$theme/README")){
+				$readme = '<pre>'. file_get_contents("view/theme/$theme/README") .'</pre>';
+			}
+
+			$admin_form = '';
+			if (is_file("view/theme/$theme/php/config.php")){
+				require_once("view/theme/$theme/php/config.php");
+				if(function_exists("theme_admin")){
+					$admin_form = theme_admin($a);
+				}
+			}
+
+			$screenshot = array( get_theme_screenshot($theme), t('Screenshot'));
+			if(! stristr($screenshot[0],$theme))
+				$screenshot = null;
+
+			$t = get_markup_template('admin_plugins_details.tpl');
+			return replace_macros($t, array(
+				'$title' => t('Administration'),
+				'$page' => t('Themes'),
+				'$toggle' => t('Toggle'),
+				'$settings' => t('Settings'),
+				'$baseurl' => z_root(),
+
+				'$plugin' => $theme,
+				'$status' => $status,
+				'$action' => $action,
+				'$info' => get_theme_info($theme),
+				'$function' => 'themes',
+				'$admin_form' => $admin_form,
+				'$str_author' => t('Author: '),
+				'$str_maintainer' => t('Maintainer: '),
+				'$screenshot' => $screenshot,
+				'$readme' => $readme,
+
+				'$form_security_token' => get_form_security_token('admin_themes'),
+			));
+		}
+
+		/*
+		 * List themes
+		 */
+
+		$xthemes = array();
+		if($themes) {
+			foreach($themes as $th) {
+				$xthemes[] = array($th['name'],(($th['allowed']) ? "on" : "off"), get_theme_info($th['name']));
+			}
+		}
+
+		$t = get_markup_template('admin_plugins.tpl');
+		return replace_macros($t, array(
+			'$title' => t('Administration'),
+			'$page' => t('Themes'),
+			'$submit' => t('Submit'),
+			'$baseurl' => z_root(),
+			'$function' => 'themes',
+			'$plugins' => $xthemes,
+			'$experimental' => t('[Experimental]'),
+			'$unsupported' => t('[Unsupported]'),
+			'$form_security_token' => get_form_security_token('admin_themes'),
+		));
+	}
+
+
+	/**
+	 * @brief Toggle a theme.
+	 *
+	 * @param array &$themes
+	 * @param[in] string $th
+	 * @param[out] int &$result
+	 */
+	function toggle_theme(&$themes, $th, &$result) {
+		for($x = 0; $x < count($themes); $x ++) {
+			if($themes[$x]['name'] === $th) {
+				if($themes[$x]['allowed']) {
+					$themes[$x]['allowed'] = 0;
+					$result = 0;
+				}
+				else {
+					$themes[$x]['allowed'] = 1;
+					$result = 1;
+				}
+			}
+		}
+	}
+
+	/**
+	 * @param array $themes
+	 * @param string $th
+	 * @return int
+	 */
+	function theme_status($themes, $th) {
+		for($x = 0; $x < count($themes); $x ++) {
+			if($themes[$x]['name'] === $th) {
+				if($themes[$x]['allowed']) {
+					return 1;
+				}
+				else {
+					return 0;
+				}
+			}
+		}
+		return 0;
+	}
+
+	/**
+	 * @param array $themes
+	 * @return string
+	 */
+	function rebuild_theme_table($themes) {
+		$o = '';
+		if(count($themes)) {
+			foreach($themes as $th) {
+				if($th['allowed']) {
+					if(strlen($o))
+						$o .= ',';
+					$o .= $th['name'];
+				}
+			}
+		}
+		return $o;
+	}
+
+}

Zotlabs/Module/Api.php

@@ -0,0 +1,127 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/api.php');
+
+class Api extends \Zotlabs\Web\Controller {
+
+
+	function init() {
+		zot_api_init();
+
+		api_register_func('api/client/register', 'api_client_register', false);
+		api_register_func('api/oauth/request_token', 'api_oauth_request_token', false);
+		api_register_func('api/oauth/access_token', 'api_oauth_access_token', false);
+
+		$args = [];
+		call_hooks('api_register',$args);
+
+		return;
+	}
+
+	function post() {
+		if(! local_channel()) {
+			notice( t('Permission denied.') . EOL);
+			return;
+		}
+	
+	}
+	
+	function get() {
+
+		if(\App::$cmd === 'api/oauth/authorize'){
+	
+			/* 
+			 * api/oauth/authorize interact with the user. return a standard page
+			 */
+			
+			\App::$page['template'] = 'minimal';
+					
+			// get consumer/client from request token
+			try {
+				$request = \OAuth1Request::from_request();
+			}
+			catch(\Exception $e) {
+				logger('OAuth exception: ' . print_r($e,true));
+				// echo "<pre>"; var_dump($e); 
+				killme();
+			}
+			
+			
+			if(x($_POST,'oauth_yes')){
+			
+				$app = $this->oauth_get_client($request);
+				if (is_null($app)) 
+					return "Invalid request. Unknown token.";
+
+				$consumer = new \OAuth1Consumer($app['client_id'], $app['pw'], $app['redirect_uri']);
+	
+				$verifier = md5($app['secret'] . local_channel());
+				set_config('oauth', $verifier, local_channel());
+				
+				
+				if($consumer->callback_url != null) {
+					$params = $request->get_parameters();
+					$glue = '?';
+					if(strstr($consumer->callback_url,$glue))
+						$glue = '?';
+					goaway($consumer->callback_url . $glue . "oauth_token=" . \OAuth1Util::urlencode_rfc3986($params['oauth_token']) . "&oauth_verifier=" . \OAuth1Util::urlencode_rfc3986($verifier));
+					killme();
+				}
+							
+				$tpl = get_markup_template("oauth_authorize_done.tpl");
+				$o = replace_macros($tpl, array(
+					'$title' => t('Authorize application connection'),
+					'$info' => t('Return to your app and insert this Security Code:'),
+					'$code' => $verifier,
+				));
+			
+				return $o;
+			}
+			
+			
+			if(! local_channel()) {
+				//TODO: we need login form to redirect to this page
+				notice( t('Please login to continue.') . EOL );
+				return login(false,'api-login',$request->get_parameters());
+			}
+			
+			$app = $this->oauth_get_client($request);
+			if (is_null($app))
+				return "Invalid request. Unknown token.";
+						
+			$tpl = get_markup_template('oauth_authorize.tpl');
+			$o = replace_macros($tpl, array(
+				'$title'     => t('Authorize application connection'),
+				'$app'       => $app,
+				'$authorize' => t('Do you want to authorize this application to access your posts and contacts, and/or create new posts for you?'),
+				'$yes'	     => t('Yes'),
+				'$no'	     => t('No'),
+			));
+			
+			//echo "<pre>"; var_dump($app); killme();
+			
+			return $o;
+		}
+		
+		echo api_call();
+		killme();
+	}
+
+	function oauth_get_client($request){
+
+		$params = $request->get_parameters();
+		$token  = $params['oauth_token'];
+	
+		$r = q("SELECT clients.* FROM clients, tokens WHERE clients.client_id = tokens.client_id 
+			AND tokens.id = '%s' AND tokens.auth_scope = 'request' ",
+			dbesc($token)
+		);
+		if($r)
+			return $r[0];
+
+		return null;
+	
+	}
+	
+}

Zotlabs/Module/Appman.php

@@ -0,0 +1,158 @@
+<?php /** @file */
+
+namespace Zotlabs\Module; 
+
+//require_once('include/apps.php');
+
+use \Zotlabs\Lib as Zlib;
+
+class Appman extends \Zotlabs\Web\Controller {
+
+	function post() {
+	
+		if(! local_channel())
+			return;
+	
+		if($_POST['url']) {
+			$arr = array(
+				'uid' => intval($_REQUEST['uid']),
+				'url' => escape_tags($_REQUEST['url']),
+				'guid' => escape_tags($_REQUEST['guid']),
+				'author' => escape_tags($_REQUEST['author']),
+				'addr' => escape_tags($_REQUEST['addr']),
+				'name' => escape_tags($_REQUEST['name']),
+				'desc' => escape_tags($_REQUEST['desc']),
+				'photo' => escape_tags($_REQUEST['photo']),
+				'version' => escape_tags($_REQUEST['version']),
+				'price' => escape_tags($_REQUEST['price']),
+				'page' => escape_tags($_REQUEST['page']),
+				'requires' => escape_tags($_REQUEST['requires']),
+				'system' => intval($_REQUEST['system']),
+				'plugin' => escape_tags($_REQUEST['plugin']),
+				'sig' => escape_tags($_REQUEST['sig']),
+				'categories' => escape_tags($_REQUEST['categories'])
+			);
+	
+			$_REQUEST['appid'] = Zlib\Apps::app_install(local_channel(),$arr);
+	
+			if(Zlib\Apps::app_installed(local_channel(),$arr))
+				info( t('App installed.') . EOL);
+
+			goaway(z_root() . '/apps');
+			return; //not reached
+		}
+	
+	
+		$papp = Zlib\Apps::app_decode($_POST['papp']);
+	
+		if(! is_array($papp)) {
+			notice( t('Malformed app.') . EOL);
+			return;
+		}
+	
+		if($_POST['install']) {
+			Zlib\Apps::app_install(local_channel(),$papp);
+			if(Zlib\Apps::app_installed(local_channel(),$papp))
+				info( t('App installed.') . EOL);
+		}
+	
+		if($_POST['delete']) {
+			Zlib\Apps::app_destroy(local_channel(),$papp);
+		}
+
+		if($_POST['edit']) {
+			return;
+		}
+
+		if($_POST['feature']) {
+			Zlib\Apps::app_feature(local_channel(), $papp, $_POST['feature']);
+		}
+
+		if($_POST['pin']) {
+			Zlib\Apps::app_feature(local_channel(), $papp, $_POST['pin']);
+		}
+
+		if($_SESSION['return_url']) 
+			goaway(z_root() . '/' . $_SESSION['return_url']);
+
+		goaway(z_root() . '/apps');
+	
+	
+	}
+	
+	
+	function get() {
+	
+		if(! local_channel()) {
+			notice( t('Permission denied.') . EOL);
+			return;
+		}
+
+		$channel = \App::get_channel();
+
+		if(argc() > 2) {
+			if(argv(2) === 'moveup') {
+				Zlib\Apps::moveup(local_channel(),argv(1));
+			}
+			if(argv(2) === 'movedown') {
+				Zlib\Apps::movedown(local_channel(),argv(1));
+			}
+			goaway(z_root() . '/apporder');
+		}
+
+
+
+
+		$app = null;
+		$embed = null;
+		if($_REQUEST['appid']) {
+			$r = q("select * from app where app_id = '%s' and app_channel = %d limit 1",
+				dbesc($_REQUEST['appid']),
+				dbesc(local_channel())
+			);
+			if($r) {
+				$app = $r[0];
+
+				$term = q("select * from term where otype = %d and oid = %d",
+					intval(TERM_OBJ_APP),
+					intval($r[0]['id'])
+				);
+				if($term) {
+					$app['categories'] = '';
+					foreach($term as $t) {
+						if($app['categories'])
+							$app['categories'] .= ',';
+						$app['categories'] .= $t['term'];
+					}
+				}
+			}
+
+			$embed = array('embed', t('Embed code'), Zlib\Apps::app_encode($app,true),'', 'onclick="this.select();"');
+	
+		}
+				
+		return replace_macros(get_markup_template('app_create.tpl'), array(
+	
+			'$banner' => (($app) ? t('Edit App') : t('Create App')),
+			'$app' => $app,
+			'$guid' => (($app) ? $app['app_id'] : ''),
+			'$author' => (($app) ? $app['app_author'] : $channel['channel_hash']),
+			'$addr' => (($app) ? $app['app_addr'] : $channel['xchan_addr']),
+			'$name' => array('name', t('Name of app'),(($app) ? $app['app_name'] : ''), t('Required')),
+			'$url' => array('url', t('Location (URL) of app'),(($app) ? $app['app_url'] : ''), t('Required')),
+	 		'$desc' => array('desc', t('Description'),(($app) ? $app['app_desc'] : ''), ''),
+			'$photo' => array('photo', t('Photo icon URL'),(($app) ? $app['app_photo'] : ''), t('80 x 80 pixels - optional')),
+			'$categories' => array('categories',t('Categories (optional, comma separated list)'),(($app) ? $app['categories'] : ''),''),
+			'$version' => array('version', t('Version ID'),(($app) ? $app['app_version'] : ''), ''),
+			'$price' => array('price', t('Price of app'),(($app) ? $app['app_price'] : ''), ''),
+			'$page' => array('page', t('Location (URL) to purchase app'),(($app) ? $app['app_page'] : ''), ''),
+			'$system' => (($app) ? intval($app['app_system']) : 0),
+			'$plugin' => (($app) ? $app['app_plugin'] : ''),
+			'$requires' => (($app) ? $app['app_requires'] : ''),
+			'$embed' => $embed,
+			'$submit' => t('Submit')
+		));
+	
+	}
+	
+}

Zotlabs/Module/Apporder.php

@@ -0,0 +1,51 @@
+<?php
+
+namespace Zotlabs\Module;
+
+use \Zotlabs\Lib as Zlib;
+
+class Apporder extends \Zotlabs\Web\Controller {
+
+	function post() {
+
+	}
+
+	function get() {
+
+		if(! local_channel())
+			return;
+
+		nav_set_selected('Order Apps');
+
+		$syslist = array();
+		$list = Zlib\Apps::app_list(local_channel(), false, ['nav_featured_app', 'nav_pinned_app']);
+		if($list) {
+			foreach($list as $li) {
+				$syslist[] = Zlib\Apps::app_encode($li);
+			}
+		}
+		Zlib\Apps::translate_system_apps($syslist);
+
+		usort($syslist,'Zotlabs\\Lib\\Apps::app_name_compare');
+
+		$syslist = Zlib\Apps::app_order(local_channel(),$syslist);
+
+		foreach($syslist as $app) {
+			if(strpos($app['categories'],'nav_pinned_app') !== false) {
+				$navbar_apps[] = Zlib\Apps::app_render($app,'nav-order');
+			}
+			else {
+				$nav_apps[] = Zlib\Apps::app_render($app,'nav-order');
+			}
+		}
+
+		return replace_macros(get_markup_template('apporder.tpl'),
+			[
+				'$header' => [t('Change Order of Pinned Navbar Apps'), t('Change Order of App Tray Apps')],
+				'$desc' => [t('Use arrows to move the corresponding app left (top) or right (bottom) in the navbar'), t('Use arrows to move the corresponding app up or down in the app tray')],
+				'$nav_apps' => $nav_apps,
+				'$navbar_apps' => $navbar_apps
+			]
+		);
+	}
+}

Zotlabs/Module/Apps.php

@@ -0,0 +1,59 @@
+<?php
+namespace Zotlabs\Module;
+
+
+use \Zotlabs\Lib as Zlib;
+
+class Apps extends \Zotlabs\Web\Controller {
+
+	function get() {
+
+		nav_set_selected('Apps');
+	
+		if(argc() == 2 && argv(1) == 'edit')
+			$mode = 'edit';
+		else
+			$mode = 'list';
+
+		$available = ((argc() == 2 && argv(1) === 'available') ? true : false);
+
+		$_SESSION['return_url'] = \App::$query_string;
+	
+		$apps = array();
+	
+		if(local_channel()) {
+			Zlib\Apps::import_system_apps();
+			$syslist = array();
+			$cat = ((array_key_exists('cat',$_GET) && $_GET['cat']) ? [ escape_tags($_GET['cat']) ] : '');
+			$list = Zlib\Apps::app_list((($available) ? 0 : local_channel()), (($mode == 'edit') ? true : false), $cat);
+			if($list) {
+				foreach($list as $x) {
+					$syslist[] = Zlib\Apps::app_encode($x);
+				}
+			}
+			Zlib\Apps::translate_system_apps($syslist);
+		}
+		else
+			$syslist = Zlib\Apps::get_system_apps(true);
+
+		usort($syslist,'Zotlabs\\Lib\\Apps::app_name_compare');
+	
+	//	logger('apps: ' . print_r($syslist,true));
+	
+		foreach($syslist as $app) {
+			$apps[] = Zlib\Apps::app_render($app,(($available) ? 'install' : $mode));
+		}
+
+		return replace_macros(get_markup_template('myapps.tpl'), array(
+			'$sitename' => get_config('system','sitename'),
+			'$cat' => $cat,
+			'$title' => t('Apps'),
+			'$apps' => $apps,
+			'$authed' => ((local_channel()) ? true : false),
+			'$manage' => (($available) ? '' : t('Manage apps')),
+			'$create' => (($mode == 'edit') ? t('Create new app') : '')
+		));
+	
+	}
+	
+}

Zotlabs/Module/Article_edit.php

@@ -0,0 +1,139 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/channel.php');
+require_once('include/acl_selectors.php');
+require_once('include/conversation.php');
+
+class Article_edit extends \Zotlabs\Web\Controller {
+
+
+	function get() {
+
+		// Figure out which post we're editing
+		$post_id = ((argc() > 1) ? intval(argv(1)) : 0);
+
+		if(! $post_id) {
+			notice( t('Item not found') . EOL);
+			return;
+		}
+
+		$itm = q("SELECT * FROM item WHERE id = %d and item_type = %d LIMIT 1",
+			intval($post_id),
+			intval(ITEM_TYPE_ARTICLE)
+		);
+		if($itm) {
+			$item_id = q("select * from iconfig where cat = 'system' and k = 'ARTICLE' and iid = %d limit 1",
+				intval($itm[0]['id'])
+			);
+			if($item_id)
+				$card_title = $item_id[0]['v'];
+		}
+		else {
+			notice( t('Item not found') . EOL);
+			return;
+		}
+
+		$owner = $itm[0]['uid'];
+		$uid = local_channel();
+
+		$observer = \App::get_observer();
+
+		$channel = channelx_by_n($owner);
+		if(! $channel) {
+			notice( t('Channel not found.') . EOL);
+			return;
+		}
+
+		$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
+
+		if(! perm_is_allowed($owner,$ob_hash,'write_pages')) {
+			notice( t('Permission denied.') . EOL);
+			return;
+		}
+
+		$is_owner = (($uid && $uid == $owner) ? true : false);
+
+		$o = '';
+
+
+
+		$category = '';
+		$catsenabled = ((feature_enabled($owner,'categories')) ? 'categories' : '');
+
+		if ($catsenabled){
+		        $itm = fetch_post_tags($itm);
+	
+	                $cats = get_terms_oftype($itm[0]['term'], TERM_CATEGORY);
+	
+		        foreach ($cats as $cat) {
+		                if (strlen($category))
+		                        $category .= ', ';
+		                $category .= $cat['term'];
+		        }
+		}
+
+		if($itm[0]['attach']) {
+			$j = json_decode($itm[0]['attach'],true);
+			if($j) {
+				foreach($j as $jj) {
+					$itm[0]['body'] .= "\n" . '[attachment]' . basename($jj['href']) . ',' . $jj['revision'] . '[/attachment]' . "\n";
+				}
+			}
+		}
+
+
+		$mimetype = $itm[0]['mimetype'];
+
+		$content = $itm[0]['body'];
+
+
+
+		$rp = 'articles/' . $channel['channel_address'];
+
+		$x = array(
+			'nickname' => $channel['channel_address'],
+			'bbco_autocomplete'=> 'bbcode',
+			'return_path' => $rp,
+			'webpage' => ITEM_TYPE_ARTICLE,
+			'button' => t('Edit'),
+			'writefiles' => perm_is_allowed($owner, get_observer_hash(), 'write_pages'),
+			'weblink' => t('Insert web link'),
+			'hide_voting' => false,
+			'hide_future' => false,
+			'hide_location' => false,
+			'hide_expire' => false,
+			'showacl' => true,
+			'acl' => populate_acl($itm[0],false,\Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_pages')),
+			'permissions' => $itm[0],
+			'lockstate' => (($itm[0]['allow_cid'] || $itm[0]['allow_gid'] || $itm[0]['deny_cid'] || $itm[0]['deny_gid']) ? 'lock' : 'unlock'),
+			'ptyp' => $itm[0]['type'],
+			'mimeselect' => false,
+			'mimetype' => $itm[0]['mimetype'],
+			'body' => undo_post_tagging($content),
+			'post_id' => $post_id,
+			'visitor' => true,
+			'title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'),
+			'placeholdertitle' => t('Title (optional)'),
+			'pagetitle' => $card_title,
+			'profile_uid' => (intval($channel['channel_id'])),
+			'catsenabled' => $catsenabled,
+			'category' => $category,
+			'bbcode' => (($mimetype  == 'text/bbcode') ? true : false)
+		);
+
+		$editor = status_editor($a, $x);
+
+		$o .= replace_macros(get_markup_template('edpost_head.tpl'), array(
+			'$title' => t('Edit Article'),
+			'$delete' => ((($itm[0]['author_xchan'] === $ob_hash) || ($itm[0]['owner_xchan'] === $ob_hash)) ? t('Delete') : false),
+			'$id' => $itm[0]['id'],
+			'$cancel' => t('Cancel'),
+			'$editor' => $editor
+		));
+
+		return $o;
+
+	}
+
+}

Zotlabs/Module/Articles.php

@@ -0,0 +1,200 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/channel.php');
+require_once('include/conversation.php');
+require_once('include/acl_selectors.php');
+
+
+class Articles extends \Zotlabs\Web\Controller {
+
+	function init() {
+	
+		if(argc() > 1)
+			$which = argv(1);
+		else
+			return;
+	
+		profile_load($which);
+	
+	}
+	
+	function get($update = 0, $load = false) {
+	
+		if(observer_prohibited(true)) {
+			return login();
+		}
+
+		if(! \App::$profile) {
+			notice( t('Requested profile is not available.') . EOL );
+			\App::$error = 404;
+			return;
+		}
+
+		if(! feature_enabled(\App::$profile_uid,'articles')) {
+			return;
+		}
+
+		nav_set_selected(t('Articles'));
+
+		head_add_link([ 
+			'rel'   => 'alternate',
+			'type'  => 'application/json+oembed',
+			'href'  => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string),
+			'title' => 'oembed'
+		]);
+
+
+		$category = (($_REQUEST['cat']) ? escape_tags(trim($_REQUEST['cat'])) : '');
+					
+		if($category) {
+			$sql_extra2 .= protect_sprintf(term_item_parent_query(\App::$profile['profile_uid'],'item', $category, TERM_CATEGORY));
+		}
+
+
+		$which = argv(1);
+		
+		$selected_card = ((argc() > 2) ? argv(2) : '');
+
+		$_SESSION['return_url'] = \App::$query_string;
+	
+		$uid      = local_channel();
+		$owner    = \App::$profile_uid;
+		$observer = \App::get_observer();
+	
+		$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
+		
+		if(! perm_is_allowed($owner,$ob_hash,'view_pages')) {
+			notice( t('Permission denied.') . EOL);
+			return;
+		}
+		
+		$is_owner = ($uid && $uid == $owner);
+	
+		$channel = channelx_by_n($owner);
+
+		if($channel) {
+			$channel_acl = array(
+				'allow_cid' => $channel['channel_allow_cid'],
+				'allow_gid' => $channel['channel_allow_gid'],
+				'deny_cid'  => $channel['channel_deny_cid'],
+				'deny_gid'  => $channel['channel_deny_gid']
+			);
+		}
+		else {
+			$channel_acl = [ 'allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '' ];
+		}
+	
+
+
+		if(perm_is_allowed($owner,$ob_hash,'write_pages')) {
+
+			$x = [
+				'webpage'           => ITEM_TYPE_ARTICLE,
+				'is_owner'          => true,
+				'content_label'     => t('Add Article'),
+				'button'            => t('Create'),
+				'nickname'          => $channel['channel_address'],
+				'lockstate'         => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] 
+					|| $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
+				'acl'               => (($is_owner) ? populate_acl($channel_acl, false, 
+					\Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_pages')) : ''),
+				'permissions'       => $channel_acl,
+				'showacl'           => (($is_owner) ? true : false),
+				'visitor'           => true,
+				'body'              => '[summary][/summary]',
+				'hide_location'     => false,
+				'hide_voting'       => false,
+				'profile_uid'       => intval($owner),
+				'mimetype'          => 'text/bbcode',
+				'mimeselect'        => false,
+				'layoutselect'      => false,
+				'expanded'          => false,
+				'novoting'          => false,
+				'catsenabled'       => feature_enabled($owner,'categories'),
+				'bbco_autocomplete' => 'bbcode',
+				'bbcode'            => true
+			];
+
+			if($_REQUEST['title'])
+				$x['title'] = $_REQUEST['title'];
+			if($_REQUEST['body'])
+				$x['body'] = $_REQUEST['body'];
+			$editor = status_editor($a,$x);
+
+		}
+		else {
+			$editor = '';
+		}
+		
+		$itemspage = get_pconfig(local_channel(),'system','itemspage');
+		\App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 20));
+		$pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(\App::$pager['itemspage']), intval(\App::$pager['start']));
+
+		
+		$sql_extra = item_permissions_sql($owner);
+		$sql_item = '';
+
+		if($selected_card) {
+			$r = q("select * from iconfig where iconfig.cat = 'system' and iconfig.k = 'ARTICLE' and iconfig.v = '%s' limit 1",
+				dbesc($selected_card)
+			);
+			if($r) {
+				$sql_item = "and item.id = " . intval($r[0]['iid']) . " ";
+			}
+		}
+				
+		$r = q("select * from item 
+			where item.uid = %d and item_type = %d 
+			$sql_extra $sql_item order by item.created desc $pager_sql",
+			intval($owner),
+			intval(ITEM_TYPE_ARTICLE)
+		);
+
+		$item_normal = " and item.item_hidden = 0 and item.item_type in (0,7) and item.item_deleted = 0
+			and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_pending_remove = 0
+			and item.item_blocked = 0 ";
+
+		if($r) {
+
+			$pager_total = count($r);
+
+			$parents_str = ids_to_querystr($r,'id');
+
+			$items = q("SELECT item.*, item.id AS item_id
+				FROM item
+				WHERE item.uid = %d $item_normal
+				AND item.parent IN ( %s )
+				$sql_extra $sql_extra2 ",
+				intval(\App::$profile['profile_uid']),
+				dbesc($parents_str)
+			);
+			if($items) {
+				xchan_query($items);
+				$items = fetch_post_tags($items, true);
+				$items = conv_sort($items,'updated');
+			}
+			else
+				$items = [];
+		}
+
+		$mode = 'articles';
+			
+		if(get_pconfig(local_channel(),'system','articles_list_mode') && (! $selected_card))
+            $page_mode = 'pager_list';
+        else
+            $page_mode = 'traditional';
+
+     	$content = conversation($items,$mode,false,$page_mode);
+
+		$o = replace_macros(get_markup_template('cards.tpl'), [
+			'$title' => t('Articles'),
+			'$editor' => $editor,
+			'$content' => $content,
+			'$pager' => alt_pager($pager_total)
+		]);
+
+        return $o;
+    }
+
+}

Zotlabs/Module/Attach.php

@@ -0,0 +1,61 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/security.php');
+require_once('include/attach.php');
+
+
+class Attach extends \Zotlabs\Web\Controller {
+
+	function init() {
+	
+		if(argc() < 2) {
+			notice( t('Item not available.') . EOL);
+			return;
+		}
+	
+		$r = attach_by_hash(argv(1),get_observer_hash(),((argc() > 2) ? intval(argv(2)) : 0));
+	
+		if(! $r['success']) {
+			notice( $r['message'] . EOL);
+			return;
+		}
+	
+		$c = q("select channel_address from channel where channel_id = %d limit 1",
+			intval($r['data']['uid'])
+		);
+	
+		if(! $c)
+			return;
+	
+	
+		$unsafe_types = array('text/html','text/css','application/javascript');
+	
+		if(in_array($r['data']['filetype'],$unsafe_types) && (! channel_codeallowed($r['data']['uid']))) {
+				header('Content-type: text/plain');
+		}
+		else {
+			header('Content-type: ' . $r['data']['filetype']);
+		}
+	
+		header('Content-disposition: attachment; filename="' . $r['data']['filename'] . '"');
+		if(intval($r['data']['os_storage'])) {
+			$fname = dbunescbin($r['data']['content']);
+			if(strpos($fname,'store') !== false)
+				$istream = fopen($fname,'rb');
+			else
+				$istream = fopen('store/' . $c[0]['channel_address'] . '/' . $fname,'rb');
+			$ostream = fopen('php://output','wb');
+			if($istream && $ostream) {
+				pipe_streams($istream,$ostream);
+				fclose($istream);
+				fclose($ostream);
+			}
+		}
+		else
+			echo dbunescbin($r['data']['content']);
+		killme();
+	
+	}
+	
+}

Zotlabs/Module/Authorize.php

@@ -0,0 +1,96 @@
+<?php
+
+namespace Zotlabs\Module;
+
+use Zotlabs\Identity\OAuth2Storage;
+
+class Authorize extends \Zotlabs\Web\Controller {
+
+	function get() {
+		if (!local_channel()) {
+			return login();
+		} else {
+			// TODO: Fully implement the dynamic client registration protocol:
+			// OpenID Connect Dynamic Client Registration 1.0 Client Metadata
+			// http://openid.net/specs/openid-connect-registration-1_0.html
+			$app = array(
+				'name' => (x($_REQUEST, 'client_name') ? urldecode($_REQUEST['client_name']) : t('Unknown App')),
+				'icon' => (x($_REQUEST, 'logo_uri')    ? urldecode($_REQUEST['logo_uri']) : z_root() . '/images/icons/plugin.png'),
+				'url'  => (x($_REQUEST, 'client_uri')  ? urldecode($_REQUEST['client_uri']) : ''),
+			);
+			$o .= replace_macros(get_markup_template('oauth_authorize.tpl'), array(
+				'$title' => t('Authorize'),
+				'$authorize' => sprintf( t('Do you authorize the app %s to access your channel data?'), '<a style="float: none;" href="' . $app['url'] . '">' . $app['name'] . '</a> '),
+				'$app' => $app,
+				'$yes' => t('Allow'),
+				'$no' => t('Deny'),
+				'$client_id' => (x($_REQUEST, 'client_id') ? $_REQUEST['client_id'] : ''),
+				'$redirect_uri' => (x($_REQUEST, 'redirect_uri') ? $_REQUEST['redirect_uri'] : ''),
+				'$state' => (x($_REQUEST, 'state') ? $_REQUEST['state'] : ''),
+			));
+			return $o;
+		}
+	}
+
+	function post() {
+		if (! local_channel()) {
+			return;
+		}
+
+		$storage = new OAuth2Storage(\DBA::$dba->db);
+		$s = new \Zotlabs\Identity\OAuth2Server($storage);
+
+		// TODO: The automatic client registration protocol below should adhere more
+		// closely to "OAuth 2.0 Dynamic Client Registration Protocol" defined
+		// at https://tools.ietf.org/html/rfc7591
+		
+		// If no client_id was provided, generate a new one.
+		if (x($_POST, 'client_id')) {
+			$client_id = $_POST['client_id'];
+		} else {
+			$client_id = $_POST['client_id'] = random_string(16);
+		}
+		// If no redirect_uri was provided, generate a fake one.
+		if (x($_POST, 'redirect_uri')) {
+			$redirect_uri = $_POST['redirect_uri'];
+		} else {
+			$redirect_uri = $_POST['redirect_uri'] = 'https://fake.example.com/oauth';
+		}
+
+		$request = \OAuth2\Request::createFromGlobals();
+		$response = new \OAuth2\Response();
+
+		// If the client is not registered, add to the database
+		if (!$client = $storage->getClientDetails($client_id)) {
+			$client_secret = random_string(16);
+			// Client apps are registered per channel
+			$user_id = local_channel();
+			$storage->setClientDetails($client_id, $client_secret, $redirect_uri, 'authorization_code', null, $user_id);
+			
+		}
+		if (!$client = $storage->getClientDetails($client_id)) {
+			// There was an error registering the client.
+			$response->send();
+			killme();
+		}
+		$response->setParameter('client_secret', $client['client_secret']);
+
+		// validate the authorize request
+		if (!$s->validateAuthorizeRequest($request, $response)) {
+			$response->send();
+			killme();
+		}
+
+		// print the authorization code if the user has authorized your client
+		$is_authorized = ($_POST['authorize'] === 'allow');
+		$s->handleAuthorizeRequest($request, $response, $is_authorized, local_channel());
+		if ($is_authorized) {
+			$code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=') + 5, 40);
+			logger('Authorization Code: ' .  $code);
+		}
+
+		$response->send();
+		killme();
+	}
+
+}