Release version 1.14

[TASK] Replace deprecated Sabre functions.

.homeinstall/README.md

@@ -27,9 +27,9 @@ Software
 + Register your own domain (for example at selfHOST) or a free subdomain (for example at freeDNS)
 + Log on to your new debian (server)
   - apt-get install git
-  - mkdir -p /var/www/html
-  - cd /var/www/html
-  - git clone https://github.com/redmatrix/hubzilla.git .
+  - mkdir -p /var/www
+  - cd /var/www
+  - git clone https://github.com/redmatrix/hubzilla.git html
   - cp .homeinstall/hubzilla-config.txt.template .homeinstall/hubzilla-config.txt
   - nano .homeinstall/hubzilla-config.txt
     - Enter your values there: db pass, domain, values for dyn DNS

.homeinstall/hubzilla-setup.sh

@@ -513,7 +513,7 @@ END
     fi
     # run letsencrypt.sh
     # 
-    ./letsencrypt.sh --cron
+    ./letsencrypt.sh --cron --config $le_dir/config.sh
 }
 
 function configure_apache_for_https {
@@ -668,45 +668,6 @@ function rewrite_to_https {
     service apache2 restart
 }
 
-
-function install_owncloud {
-    if [ -z "$owncloud" ]
-    then
-    	print_info "Do not install owncloud"
-        return 0
-    fi  
-    if [ -f /etc/apt/sources.list.d/owncloud.list ]
-    then
-        print_info "owncloud is already installed and is left untouched"
-        return 0
-    fi
-    print_info "installing owncloud..."
-    # add the repository key to apt
-    wget -nv https://download.owncloud.org/download/repositories/stable/Debian_8.0/Release.key -O Release.key
-    apt-key add - < Release.key
-    # add the repository and install from there
-    sh -c "echo 'deb http://download.owncloud.org/download/repositories/stable/Debian_8.0/ /' >> /etc/apt/sources.list.d/owncloud.list"
-    apt-get update
-    nocheck_install "owncloud"
-    chown -R www-data:www-data /var/www/owncloud/
-	# set strong permissions
-    ocpath='/var/www/owncloud'
-    htuser='www-data'
-    htgroup='www-data'
-    rootuser='root' # On QNAP this is admin
-    find ${ocpath}/ -type f -print0 | xargs -0 chmod 0640
-    find ${ocpath}/ -type d -print0 | xargs -0 chmod 0750
-    chown -R ${rootuser}:${htgroup} ${ocpath}/
-    chown -R ${htuser}:${htgroup} ${ocpath}/apps/
-    chown -R ${htuser}:${htgroup} ${ocpath}/config/
-    chown -R ${htuser}:${htgroup} ${ocpath}/data/
-    chown -R ${htuser}:${htgroup} ${ocpath}/themes/
-    chown ${rootuser}:${htgroup} ${ocpath}/.htaccess
-    chown ${rootuser}:${htgroup} ${ocpath}/data/.htaccess
-    chmod 0644 ${ocpath}/.htaccess
-    chmod 0644 ${ocpath}/data/.htaccess
-}
-
 # This will allways overwrite both config files
 #   - internal disk
 #   - external disk (LUKS + ext4)
@@ -769,11 +730,11 @@ echo "#" >> /var/www/$hubzilladaily
 echo "echo \" \"" >> /var/www/$hubzilladaily
 echo "echo \"+++ \$(date) +++\"" >> /var/www/$hubzilladaily
 echo "echo \" \"" >> /var/www/$hubzilladaily
-echo "echo \"\$(date) - renew certificat if 30 days old...\"" >> /var/www/$hubzilladaily
-echo "bash /var/www/letsencrypt/letsencrypt.sh --cron" >> /var/www/$hubzilladaily
+echo "echo \"\$(date) - renew certificat...\"" >> /var/www/$hubzilladaily
+echo "bash $le_dir/letsencrypt.sh --cron --config $le_dir/config.sh" >> /var/www/$hubzilladaily
 echo "#" >> /var/www/$hubzilladaily
 echo "# stop hubzilla" >> /var/www/$hubzilladaily
-echo "echo \"\$(date) - stoping apaache and mysql...\"" >> /var/www/$hubzilladaily
+echo "echo \"\$(date) - stoping apache and mysql...\"" >> /var/www/$hubzilladaily
 echo "service apache2 stop" >> /var/www/$hubzilladaily
 echo "/etc/init.d/mysql stop # to avoid inconsistancies" >> /var/www/$hubzilladaily
 echo "#" >> /var/www/$hubzilladaily
@@ -939,7 +900,6 @@ configure_apache_for_https
 check_https
 install_hubzilla
 rewrite_to_https
-# install_owncloud # deprecated
 install_rsnapshot
 configure_cron_daily
 install_cryptosetup

CHANGELOG

@@ -1,3 +1,114 @@
+Hubzilla 1.14 (2016-10-13)
+	- New hook bbcode_filter
+	- Unify the various mail sending instance to enotify::send() and z_mail()
+	- Provide ability for admin to change account password
+	- Replace deprecated Sabre functions
+	- Add plugin hook for 'get_profile_photo'
+	- Convert NULL_DATE to a legal date for compatibility with MySQL strict mode
+	- Allow a site to over-ride the help table-of-contents files
+	- Autoscroll to target post/comment when in single-thread mode
+	- Indicator for own response verb activity
+	- Add server role documentation
+	- Pro: remove 'Additional Features' link for techlevel 0
+	- Upgrade fullcalendar library to version 3
+	- Whitelist button tag in htmlpurifier
+	- Upgrade justifiedGallery library to version 3.6.3
+	- Pubsites improvements
+	- Upgrade foundation library to version 6.2.3
+	- Ability to move photos to another album
+	- Submodules for settings page
+	- Submodules for admin page
+	- Remove chatroom suggestions
+	- Revamped and improved theme select backend
+	- Theme preview
+	- Implement techlevels for pro server role
+	- BBcode checklist
+	- Improve save to folder modal dialog
+	- Case insensitive sort apps
+	- Add authors to post distribution
+	- Redirect to plugin page after enabling to show configuration settings if applicable
+	- Move allowed email domains to admin->security page
+	- Display text around the searched query in documentation search
+	- Comanche observer conditionals
+	- Remove ratings
+	- Context help for /connedit
+	- Provide configurable sidebar table-of-contents indexes for different levels of the help hierarchy
+	- Comanche conditionals
+	- Cover photo enhancements (does not disappear after initial scrolldown)
+	- Website import/export
+	- Server roles (basic, standard and pro)
+
+	Bugfixes
+	- Fix connected time not shown on ajax loaded connections
+	- API issues
+	- Fix readmore.js collapsing on scrolldirection change in some mobile browsers
+	- Personalize Server Emails
+	- Audio player doesn't automatically show for m4a files
+	- Fix ajax page update with /channel?f=&mid=hash
+	- Angle bracket characters in DB password not recognised
+	- Regression: files/photos were not synchronising to channel clones properly
+	- Missing categories in preview mode
+	- attach_store() sql issue
+	- Rename id share_container to distr_container - share_container seem to be blacklisted in various security browser plugins
+	- Add 'map' extension to files served natively by nginx without using the project controller
+	- Zot discovery wasn't returning in all cases (after discovering zot)
+	- Do not show hidden channels in /randprof
+	- Numerous postgres fixes
+	- Illegal offset errors in include/conversation:status_editor() when no permissions array is passed
+	- Patch foundation-6.2.3 to work with jquery-3.1
+	- Custom/expert permissions bug
+	- Mail: return array instead of object
+	- Don't send purge_all notification to self
+	- Saved search: tags and connection searches weren't being saved
+	- Do not allow PERMS_PUBLIC as a choice for writable permission limits
+	- Force cover photos as well as profile photos to be public. As a side effect 'thing' photos will also be considered public
+	- Make lock switching actually work with multiple acl forms
+	- Create smarty dir before any templates can be initialised
+	- Fix aconfig
+	- Broken doc search
+	- Public forum check with custom/expert permissions
+
+	Plugins
+	- Standard Embed: update to convert old corporate bbcodes
+	- Cdav security: fix rw permission check
+	- Cdav: add partial support for recurring events in the browser client (editing/creating is not implemented)
+	- New plugin phpmailer: use phpmailer class instead of php's built-in mail() function
+	- Diaspora: third party on other network comment issue
+	- Diaspora: comment fix (hubzilla originated comment with plugin activated by comment author not making it to Diaspora)
+	- Cdav: provide calendar list view
+	- Diaspora: allow comments on public diaspora posts which were imported by subscribing to public tags.
+	- Wppost: add blog_id parameter for WordPress MU sites such as WordPress.com
+	- Wppost: don't log the password in normal mode
+	- Hubwall: provide choice of sender addresses, the real admin email, postmaster, or noreply.
+	- Chord: General cleanup of chord app
+	- Chord: Update chord binary for modern linux systems
+	- Start grouping addons by server_role
+
+Hubzilla 1.12
+	- extensible permissions so you can create a new permission rule such as "can write to my wiki" or "can see me naked". 
+	- guest access tokens can do anything you let them, including create posts and administer your channel 
+	- ACLs can be set on files and directories prior to creation.
+	- ACL tool can now be used in multiple forms within a page 
+	- a myriad of new drag/drop features (drop files or photos into /cloud or a post, or drop link into a post or comment, etc.)
+	- multiple file uploads
+	- improvements to website import
+	- UNO replaced with extensible server roles
+	- select bbcode elements (such as baseurl) supported in wiki pages
+	- addons:
+    	Diaspora Protocol - additional updates to maintain compatibility with 0.6.0.0 and stop showing likes as wall-to-wall comments (except when the liker does not have any Diaspora protocol ability)
+    	Cdav - continued improvements to the web UI
+    	Pong - the classic pong game
+    	Dfedfix - removed, no longer needed
+    	Openid - moved from core to addon
+	- bugfixes
+    	unable to delete privacy groups
+    	weird display interaction with code blocks and escaped base64 content containing 8 - O
+    	workaround WordPress oembeds which are almost completely javascript and therefore filtered
+    	restrict oembed cache url to 254 chars to avoid spurious failures caching google map urls
+    	"Page not found" appeared twice
+    	birthdays weren't being automatically added to event calendar
+    	some iCal entries had malformed descriptions
+
 Hubzilla 1.10
 	Wiki:
 		Lots of enhanced functionality, usability improvements, and bugfixes from v1.8

Zotlabs/Access/PermissionLimits.php

@@ -0,0 +1,36 @@
+<?php
+
+namespace Zotlabs\Access;
+
+use \Zotlabs\Lib as ZLib;
+
+class PermissionLimits {
+
+	static public function Std_Limits() {
+		$perms = Permissions::Perms();
+		$limits = array();
+		foreach($perms as $k => $v) {
+			if(strstr($k,'view'))
+				$limits[$k] = PERMS_PUBLIC;
+			else
+				$limits[$k] = PERMS_SPECIFIC;
+		}
+		return $limits;
+	}
+
+	static public function Set($channel_id,$perm,$perm_limit) {
+		ZLib\PConfig::Set($channel_id,'perm_limits',$perm,$perm_limit);
+	}
+
+	static public function Get($channel_id,$perm = '') {
+		if($perm) {
+			return Zlib\PConfig::Get($channel_id,'perm_limits',$perm);
+		}
+		else {
+			Zlib\PConfig::Load($channel_id);
+			if(array_key_exists($channel_id,\App::$config) && array_key_exists('perm_limits',\App::$config[$channel_id]))
+				return \App::$config[$channel_id]['perm_limits'];
+			return false;
+		}
+	}	
+}

Zotlabs/Access/PermissionRoles.php

@@ -0,0 +1,215 @@
+<?php
+
+
+namespace Zotlabs\Access;
+
+use Zotlabs\Lib as Zlib;
+
+class PermissionRoles {
+
+
+	static function role_perms($role) {
+
+		$ret = array();
+
+		$ret['role'] = $role;
+
+		switch($role) {
+			case 'social':
+				$ret['perms_auto'] = false;
+				$ret['default_collection'] = false;
+				$ret['directory_publish'] = true;
+				$ret['online'] = true;
+				$ret['perms_connect'] = [ 
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+					'view_pages', 'send_stream', 'post_wall', 'post_comments', 
+					'post_mail', 'chat', 'post_like', 'republish' ];
+
+				$ret['limits'] = PermissionLimits::Std_Limits();
+				break;
+
+			case 'social_restricted':
+				$ret['perms_auto'] = false;
+				$ret['default_collection'] = true;
+				$ret['directory_publish'] = true;
+				$ret['online'] = true;
+				$ret['perms_connect'] = [ 
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+					'view_pages', 'send_stream', 'post_wall', 'post_comments', 
+					'post_mail', 'chat', 'post_like' ];
+
+				$ret['limits'] = PermissionLimits::Std_Limits();
+
+				break;
+
+			case 'social_private':
+				$ret['perms_auto'] = false;
+				$ret['default_collection'] = true;
+				$ret['directory_publish'] = false;
+				$ret['online'] = false;
+				$ret['perms_connect'] = [ 
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+					'view_pages', 'send_stream', 'post_wall', 'post_comments', 
+					'post_mail', 'post_like' ];
+				$ret['limits'] = PermissionLimits::Std_Limits();
+				$ret['limits']['view_contacts'] = PERMS_SPECIFIC;
+				$ret['limits']['view_storage'] = PERMS_SPECIFIC;
+
+				break;
+
+			case 'forum':
+				$ret['perms_auto'] = true;
+				$ret['default_collection'] = false;
+				$ret['directory_publish'] = true;
+				$ret['online'] = false;
+				$ret['perms_connect'] = [ 
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+					'view_pages', 'post_wall', 'post_comments', 'tag_deliver',
+					'post_mail', 'post_like' , 'republish', 'chat' ];
+
+				$ret['limits'] = PermissionLimits::Std_Limits();
+				break;
+
+			case 'forum_restricted':
+				$ret['perms_auto'] = false;
+				$ret['default_collection'] = true;
+				$ret['directory_publish'] = true;
+				$ret['online'] = false;
+				$ret['perms_connect'] = [ 
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+					'view_pages', 'post_wall', 'post_comments', 'tag_deliver',
+					'post_mail', 'post_like' , 'chat' ];
+
+				$ret['limits'] = PermissionLimits::Std_Limits();
+
+				break;
+
+			case 'forum_private':
+				$ret['perms_auto'] = false;
+				$ret['default_collection'] = true;
+				$ret['directory_publish'] = false;
+				$ret['online'] = false;
+
+				$ret['perms_connect'] = [ 
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+					'view_pages', 'post_wall', 'post_comments',
+					'post_mail', 'post_like' , 'chat' ];
+
+				$ret['limits'] = PermissionLimits::Std_Limits();
+				$ret['limits']['view_profile']  = PERMS_SPECIFIC;
+				$ret['limits']['view_contacts'] = PERMS_SPECIFIC;
+				$ret['limits']['view_storage']  = PERMS_SPECIFIC;
+				$ret['limits']['view_pages']    = PERMS_SPECIFIC;
+
+				break;
+
+			case 'feed':
+				$ret['perms_auto'] = true;
+				$ret['default_collection'] = false;
+				$ret['directory_publish'] = true;
+				$ret['online'] = false;
+
+				$ret['perms_connect'] = [ 
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+					'view_pages', 'send_stream', 'post_wall', 'post_comments', 
+					'post_mail', 'post_like' , 'republish' ];
+	
+				$ret['limits'] = PermissionLimits::Std_Limits();
+
+				break;
+
+			case 'feed_restricted':
+				$ret['perms_auto'] = false;
+				$ret['default_collection'] = true;
+				$ret['directory_publish'] = false;
+				$ret['online'] = false;
+				$ret['perms_connect'] = [ 
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+					'view_pages', 'send_stream', 'post_wall', 'post_comments', 
+					'post_mail', 'post_like' , 'republish' ];
+
+				$ret['limits'] = PermissionLimits::Std_Limits();
+
+				break;
+
+			case 'soapbox':
+				$ret['perms_auto'] = true;
+				$ret['default_collection'] = false;
+				$ret['directory_publish'] = true;
+				$ret['online'] = false;
+
+				$ret['perms_connect'] = [ 
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+					'view_pages', 'post_like' , 'republish' ];
+
+				$ret['limits'] = PermissionLimits::Std_Limits();
+
+				break;
+
+			case 'repository':
+				$ret['perms_auto'] = true;
+				$ret['default_collection'] = false;
+				$ret['directory_publish'] = true;
+				$ret['online'] = false;
+
+				$ret['perms_connect'] = [ 
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+					'view_pages', 'write_storage', 'write_pages', 'post_wall', 'post_comments', 'tag_deliver',
+					'post_mail', 'post_like' , 'republish', 'chat' ];
+
+				$ret['limits'] = PermissionLimits::Std_Limits();
+				break;
+
+			default:
+				break;
+		}
+
+		$x = get_config('system','role_perms');
+		// let system settings over-ride any or all 
+		if($x && is_array($x) && array_key_exists($role,$x))
+			$ret = array_merge($ret,$x[$role]);
+
+		call_hooks('get_role_perms',$ret);
+
+		return $ret;
+	}
+
+
+
+
+	static public function roles() {
+	    $roles = [
+			t('Social Networking') => [
+				'social' => t('Social - Mostly Public'), 
+				'social_restricted' => t('Social - Restricted'), 
+				'social_private' => t('Social - Private')
+			],
+
+			t('Community Forum') => [
+				'forum' => t('Forum - Mostly Public'), 
+				'forum_restricted' => t('Forum - Restricted'), 
+				'forum_private' => t('Forum - Private')
+			],
+
+			t('Feed Republish') => [
+				'feed' => t('Feed - Mostly Public'), 
+				'feed_restricted' => t('Feed - Restricted')
+			],
+
+			t('Special Purpose') => [
+				'soapbox' => t('Special - Celebrity/Soapbox'), 
+				'repository' => t('Special - Group Repository')
+			],
+
+			t('Other') => [
+				'custom' => t('Custom/Expert Mode')
+			]
+    
+		];
+
+    	return $roles;
+	}
+
+
+
+}

Zotlabs/Access/Permissions.php

@@ -0,0 +1,116 @@
+<?php
+
+
+namespace Zotlabs\Access;
+
+use Zotlabs\Lib as Zlib;
+
+class Permissions {
+
+	/**
+	 * Extensible permissions.
+	 * To add new permissions, add to the list of $perms below, with a simple description.
+	 * Also visit PermissionRoles.php and add to the $ret['perms_connect'] property for any role
+	 * if this permission should be granted to new connections.
+	 *
+	 * Permissions with 'view' in the name are considered read permissions. Anything
+	 * else requires authentication. Read permission limits are PERMS_PUBLIC and anything else
+	 * is given PERMS_SPECIFIC.
+	 *
+	 * PermissionLimits::Std_limits() retrieves the standard limits. A permission role
+	 * MAY alter an individual setting after retrieving the Std_limits if you require
+	 * something different for a specific permission within the given role.  
+	 *
+	 */
+
+
+	static public function Perms($filter = '') {
+
+		$perms = [
+			'view_stream'   => t('Can view my channel stream and posts'),
+			'send_stream'   => t('Can send me their channel stream and posts'),
+			'view_profile'  => t('Can view my default channel profile'),
+			'view_contacts' => t('Can view my connections'),
+			'view_storage'  => t('Can view my file storage and photos'),
+			'write_storage' => t('Can upload/modify my file storage and photos'),
+			'view_pages'    => t('Can view my channel webpages'),
+			'write_pages'   => t('Can create/edit my channel webpages'),
+			'post_wall'     => t('Can post on my channel (wall) page'),
+			'post_comments' => t('Can comment on or like my posts'),
+			'post_mail'     => t('Can send me private mail messages'),
+			'post_like'     => t('Can like/dislike profiles and profile things'),
+			'tag_deliver'   => t('Can forward to all my channel connections via @+ mentions in posts'),
+			'chat'          => t('Can chat with me'),
+			'republish'     => t('Can source my public posts in derived channels'),
+			'delegate'      => t('Can administer my channel')
+		];
+
+		$x = array('permissions' => $perms, 'filter' => $filter);
+		call_hooks('permissions_list',$x);
+		return($x['permissions']);
+
+	}
+
+	static public function BlockedAnonPerms() {
+
+		// Perms from the above list that are blocked from anonymous observers.
+		// e.g. you must be authenticated.
+
+		$res = array();
+		$perms = PermissionLimits::Std_limits();
+		foreach($perms as $perm => $limit) {
+			if($limit != PERMS_PUBLIC) {
+				$res[] = $perm;
+			}
+		}
+
+		$x = array('permissions' => $res);
+		call_hooks('write_perms',$x);
+		return($x['permissions']);
+
+	}
+
+	// converts [ 0 => 'view_stream', ... ]
+	// to [ 'view_stream' => 1 ]
+	// for any permissions in $arr;
+	// Undeclared permissions are set to 0
+
+	static public function FilledPerms($arr) {
+		$everything = self::Perms();
+		$ret = [];
+		foreach($everything as $k => $v) {
+			if(in_array($k,$arr))
+				$ret[$k] = 1;
+			else
+				$ret[$k] = 0;
+		}
+		return $ret;
+
+	}
+
+	static public function FilledAutoperms($channel_id) {
+		if(! intval(get_pconfig($channel_id,'system','autoperms')))
+			return false;
+
+		$arr = [];
+		$r = q("select * from pconfig where uid = %d and cat = 'autoperms'",
+			intval($channel_id)
+		);
+		if($r) {
+			foreach($r as $rr) {
+				$arr[$rr['k']] = $arr[$rr['v']];
+			}
+		}
+		return $arr;
+	}
+
+	static public function PermsCompare($p1,$p2) {
+		foreach($p1 as $k => $v) {
+			if(! array_key_exists($k,$p2))
+				return false;
+			if($p1[$k] != $p2[$k])
+				return false;
+		}
+		return true;
+	}
+}

Zotlabs/Daemon/Cron.php

@@ -43,16 +43,15 @@ class Cron {
 	
 		// expire any expired mail
 
-		q("delete from mail where expires != '%s' and expires < %s ",
+		q("delete from mail where expires > '%s' and expires < %s ",
 			dbesc(NULL_DATE),
 			db_utcnow()
 		);
 
 		// expire any expired items
 
-		$r = q("select id from item where expires != '%s' and expires < %s 
+		$r = q("select id from item where expires > '2001-01-01 00:00:00' and expires < %s 
 			and item_deleted = 0 ",
-			dbesc(NULL_DATE),
 			db_utcnow()
 		);
 		if($r) {
@@ -64,12 +63,16 @@ class Cron {
 
 		// delete expired access tokens
 
-		q("delete from atoken where atoken_expires != '%s' && atoken_expires < %s",
+		$r = q("select atoken_id from atoken where atoken_expires > '%s' and atoken_expires < %s",
 			dbesc(NULL_DATE),
 			db_utcnow()
 		);
-
-
+		if($r) {
+			require_once('include/security.php');
+			foreach($r as $rr) {
+				atoken_delete($rr['atoken_id']);
+			}
+		}
 
 		// Ensure that every channel pings a directory server once a month. This way we can discover
 		// channels and sites that quietly vanished and prevent the directory from accumulating stale

Zotlabs/Daemon/Externals.php

@@ -58,7 +58,7 @@ class Externals {
 			}
 
 			if($url) {
-				if($r[0]['site_pull'] !== NULL_DATE)
+				if($r[0]['site_pull'] > NULL_DATE)
 					$mindate = urlencode(datetime_convert('','',$r[0]['site_pull'] . ' - 1 day'));
 				else {
 					$days = get_config('externals','since_days');

Zotlabs/Daemon/Notifier.php

@@ -238,7 +238,7 @@ class Notifier {
 				$channel = $s[0];
 			$uid = $item_id;
 			$recipients = array();
-			$r = q("select abook_xchan from abook where abook_channel = %d",
+			$r = q("select abook_xchan from abook where abook_channel = %d and abook_self = 0",
 				intval($item_id)
 			);
 			if($r) {

Zotlabs/Daemon/Onepoll.php

@@ -54,7 +54,7 @@ class Onepoll {
 
 		logger("onepoll: poll: ({$contact['id']}) IMPORTER: {$importer['xchan_name']}, CONTACT: {$contact['xchan_name']}");
 
-		$last_update = ((($contact['abook_updated'] === $contact['abook_created']) || ($contact['abook_updated'] === NULL_DATE))	
+		$last_update = ((($contact['abook_updated'] === $contact['abook_created']) || ($contact['abook_updated'] <= NULL_DATE))	
 			? datetime_convert('UTC','UTC','now - 7 days')
 			: datetime_convert('UTC','UTC',$contact['abook_updated'] . ' - 2 days')
 		);
@@ -102,7 +102,18 @@ class Onepoll {
 			$fetch_feed = true;
 			$x = null;
 
-			if(! ($contact['abook_their_perms'] & PERMS_R_STREAM ))
+			// They haven't given us permission to see their stream
+
+			$can_view_stream = intval(get_abconfig($importer_uid,$contact['abook_xchan'],'their_perms','view_stream'));
+
+			if(! $can_view_stream)
+				$fetch_feed = false;
+
+			// we haven't given them permission to send us their stream
+
+			$can_send_stream = intval(get_abconfig($importer_uid,$contact['abook_xchan'],'my_perms','send_stream'));
+			
+			if(! $can_send_stream)
 				$fetch_feed = false;
 
 			if($fetch_feed) {

Zotlabs/Daemon/Poller.php

@@ -117,7 +117,7 @@ class Poller {
 	
 					// if we've never connected with them, start the mark for death countdown from now
 	
-					if($c == NULL_DATE) {
+					if($c <= NULL_DATE) {
 						$r = q("update abook set abook_connected = '%s'  where abook_id = %d",
 							dbesc(datetime_convert()),
 							intval($contact['abook_id'])
@@ -171,7 +171,7 @@ class Poller {
 		}
 
 		if($dirmode == DIRECTORY_MODE_SECONDARY || $dirmode == DIRECTORY_MODE_PRIMARY) {
-			$r = q("SELECT u.ud_addr, u.ud_id, u.ud_last FROM updates AS u INNER JOIN (SELECT ud_addr, max(ud_id) AS ud_id FROM updates WHERE ( ud_flags & %d ) = 0 AND ud_addr != '' AND ( ud_last = '%s' OR ud_last > %s - INTERVAL %s ) GROUP BY ud_addr) AS s ON s.ud_id = u.ud_id ",
+			$r = q("SELECT u.ud_addr, u.ud_id, u.ud_last FROM updates AS u INNER JOIN (SELECT ud_addr, max(ud_id) AS ud_id FROM updates WHERE ( ud_flags & %d ) = 0 AND ud_addr != '' AND ( ud_last <= '%s' OR ud_last > %s - INTERVAL %s ) GROUP BY ud_addr) AS s ON s.ud_id = u.ud_id ",
 				intval(UPDATE_FLAGS_UPDATED),
 				dbesc(NULL_DATE),
 				db_utcnow(), db_quoteinterval('7 DAY')
@@ -182,7 +182,7 @@ class Poller {
 					// If they didn't respond when we attempted before, back off to once a day
 					// After 7 days we won't bother anymore
 
-					if($rr['ud_last'] != NULL_DATE)
+					if($rr['ud_last'] > NULL_DATE)
 						if($rr['ud_last'] > datetime_convert('UTC','UTC', 'now - 1 day'))
 							continue;
 					Master::Summon(array('Onedirsync',$rr['ud_id']));

Zotlabs/Lib/AConfig.php

@@ -15,7 +15,7 @@ class AConfig {
 	}
 
 	static public function Set($account_id,$family,$key,$value) {
-		return XConfig::Get('a_' . $account_id,$family,$key,$value);
+		return XConfig::Set('a_' . $account_id,$family,$key,$value);
 	}
 
 	static public function Delete($account_id,$family,$key) {

Zotlabs/Lib/AbConfig.php

@@ -7,7 +7,7 @@ class AbConfig {
 
 	static public function Load($chan,$xhash,$family = '') {
 		if($family)
-			$where = sprintf(" and family = '%s' ",dbesc($family));
+			$where = sprintf(" and cat = '%s' ",dbesc($family));
 		$r = q("select * from abconfig where chan = %d and xchan = '%s' $where",
 			intval($chan),
 			dbesc($xhash)

Zotlabs/Lib/Api_router.php

@@ -0,0 +1,24 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+
+class Api_router {
+
+	static private $routes = array();
+
+	static function register($path,$fn,$auth_required) {
+		self::$routes[$path] = [ 'func' => $fn, 'auth' => $auth_required ];
+	}
+
+	static function find($path) {
+		if(array_key_exists($path,self::$routes))
+			return self::$routes[$path];
+		return null;
+	}
+
+	static function dbg() {
+		return self::$routes;
+	}
+
+}

Zotlabs/Lib/Apps.php

@@ -112,7 +112,7 @@ class Apps {
 
 
 	static public function app_name_compare($a,$b) {
-		return strcmp($a['name'],$b['name']);
+		return strcasecmp($a['name'],$b['name']);
 	}
 
 

Zotlabs/Lib/Cache.php

@@ -8,6 +8,9 @@ namespace Zotlabs\Lib;
 	 
 class Cache {
 	public static function get($key) {
+
+		$key = substr($key,0,254);
+
 		$r = q("SELECT v FROM cache WHERE k = '%s' limit 1",
 			dbesc($key)
 		);
@@ -19,6 +22,8 @@ class Cache {
 		
 	public static function set($key,$value) {
 
+		$key = substr($key,0,254);
+
 		$r = q("SELECT * FROM cache WHERE k = '%s' limit 1",
 			dbesc($key)
 		);

Zotlabs/Lib/Enotify.php

@@ -70,7 +70,22 @@ class Enotify {
 		$hostname = substr($hostname,0,strpos($hostname,':'));
 
 		// Do not translate 'noreply' as it must be a legal 7-bit email address
-		$sender_email = 'noreply' . '@' . $hostname;
+
+		$reply_email = get_config('system','reply_address');
+		if(! $reply_email)
+			$reply_email = 'noreply' . '@' . $hostname;
+
+		$sender_email = get_config('system','from_email');
+		if(! $sender_email)
+			$sender_email = 'Administrator' . '@' . \App::get_hostname();
+
+	
+		$sender_name = get_config('system','from_email_name');
+		if(! $sender_name)
+			$sender_name = \Zotlabs\Lib\System::get_site_name();
+
+
+
 
 		$additional_mail_header = "";
 
@@ -101,7 +116,7 @@ class Enotify {
 
 	if ($params['type'] == NOTIFY_MAIL) {
 		logger('notification: mail');
-		$subject = 	sprintf( t('[Hubzilla:Notify] New mail received at %s'),$sitename);
+		$subject = 	sprintf( t('[$Projectname:Notify] New mail received at %s'),$sitename);
 
 		$preamble = sprintf( t('%1$s, %2$s sent you a new private message at %3$s.'),$recip['channel_name'], $sender['xchan_name'],$sitename);
 		$epreamble = sprintf( t('%1$s sent you %2$s.'),'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]', '[zrl=$itemlink]' . t('a private message') . '[/zrl]');
@@ -116,10 +131,13 @@ class Enotify {
 
 		$itemlink =  $params['link'];
 
-		// ignore like/unlike activity on posts - they probably require a sepearate notification preference
+		// ignore like/unlike activity on posts - they probably require a separate notification preference
 
-		if (array_key_exists('item',$params) && (! visible_activity($params['item'])))
+		if (array_key_exists('item',$params) && (! visible_activity($params['item']))) {
+			logger('notification: not a visible activity. Ignoring.');
+			pop_lang();
 			return;
+		}
 
 		$parent_mid = $params['parent_mid'];
 
@@ -189,7 +207,7 @@ class Enotify {
 		// Before this we have the name of the replier on the subject rendering 
 		// differents subjects for messages on the same thread.
 
-		$subject = sprintf( t('[Hubzilla:Notify] Comment to conversation #%1$d by %2$s'), $parent_id, $sender['xchan_name']);
+		$subject = sprintf( t('[$Projectname:Notify] Comment to conversation #%1$d by %2$s'), $parent_id, $sender['xchan_name']);
 		$preamble = sprintf( t('%1$s, %2$s commented on an item/conversation you have been following.'), $recip['channel_name'], $sender['xchan_name']); 
 		$epreamble = $dest_str; 
 
@@ -199,7 +217,7 @@ class Enotify {
 	}
 
 	if($params['type'] == NOTIFY_WALL) {
-		$subject = sprintf( t('[Hubzilla:Notify] %s posted to your profile wall') , $sender['xchan_name']);
+		$subject = sprintf( t('[$Projectname:Notify] %s posted to your profile wall') , $sender['xchan_name']);
 
 		$preamble = sprintf( t('%1$s, %2$s posted to your profile wall at %3$s') , $recip['channel_name'], $sender['xchan_name'], $sitename);
 
@@ -227,7 +245,7 @@ class Enotify {
 			return;
 		}
 	
-		$subject =	sprintf( t('[Hubzilla:Notify] %s tagged you') , $sender['xchan_name']);
+		$subject =	sprintf( t('[$Projectname:Notify] %s tagged you') , $sender['xchan_name']);
 		$preamble = sprintf( t('%1$s, %2$s tagged you at %3$s') , $recip['channel_name'], $sender['xchan_name'], $sitename);
 		$epreamble = sprintf( t('%1$s, %2$s [zrl=%3$s]tagged you[/zrl].') ,
 			$recip['channel_name'],
@@ -241,7 +259,7 @@ class Enotify {
 	}
 
 	if ($params['type'] == NOTIFY_POKE) {
-		$subject =	sprintf( t('[Hubzilla:Notify] %1$s poked you') , $sender['xchan_name']);
+		$subject =	sprintf( t('[$Projectname:Notify] %1$s poked you') , $sender['xchan_name']);
 		$preamble = sprintf( t('%1$s, %2$s poked you at %3$s') , $recip['channel_name'], $sender['xchan_name'], $sitename);
 		$epreamble = sprintf( t('%1$s, %2$s [zrl=%2$s]poked you[/zrl].') ,
 			$recip['channel_name'], 
@@ -259,7 +277,7 @@ class Enotify {
 	}
 
 	if ($params['type'] == NOTIFY_TAGSHARE) {
-		$subject =	sprintf( t('[Hubzilla:Notify] %s tagged your post') , $sender['xchan_name']);
+		$subject =	sprintf( t('[$Projectname:Notify] %s tagged your post') , $sender['xchan_name']);
 		$preamble = sprintf( t('%1$s, %2$s tagged your post at %3$s') , $recip['channel_name'],$sender['xchan_name'], $sitename);
 		$epreamble = sprintf( t('%1$s, %2$s tagged [zrl=%3$s]your post[/zrl]') ,
 			$recip['channel_name'],
@@ -273,7 +291,7 @@ class Enotify {
 	}
 
 	if ($params['type'] == NOTIFY_INTRO) {
-		$subject = sprintf( t('[Hubzilla:Notify] Introduction received'));
+		$subject = sprintf( t('[$Projectname:Notify] Introduction received'));
 		$preamble = sprintf( t('%1$s, you\'ve received an new connection request from \'%2$s\' at %3$s'), $recip['channel_name'], $sender['xchan_name'], $sitename); 
 		$epreamble = sprintf( t('%1$s, you\'ve received [zrl=%2$s]a new connection request[/zrl] from %3$s.'),
 			$recip['channel_name'],
@@ -288,7 +306,7 @@ class Enotify {
 	}
 
 	if ($params['type'] == NOTIFY_SUGGEST) {
-		$subject = sprintf( t('[Hubzilla:Notify] Friend suggestion received'));
+		$subject = sprintf( t('[$Projectname:Notify] Friend suggestion received'));
 		$preamble = sprintf( t('%1$s, you\'ve received a friend suggestion from \'%2$s\' at %3$s'), $recip['channel_name'], $sender['xchan_name'], $sitename); 
 		$epreamble = sprintf( t('%1$s, you\'ve received [zrl=%2$s]a friend suggestion[/zrl] for %3$s from %4$s.'),
 			$recip['channel_name'],
@@ -386,8 +404,11 @@ class Enotify {
 	// Mark some notifications as seen right away
 	// Note! The notification have to be created, because they are used to send emails
 	// So easiest solution to hide them from Notices is to mark them as seen right away.
-	// Another option would be to not add them to the DB, and change how emails are handled (probably would be better that way)
+	// Another option would be to not add them to the DB, and change how emails are handled 
+	// (probably would be better that way)
+
 	$always_show_in_notices = get_pconfig($recip['channel_id'],'system','always_show_in_notices');
+
 	if (!$always_show_in_notices) {
 		if (($params['type'] == NOTIFY_WALL) || ($params['type'] == NOTIFY_MAIL) || ($params['type'] == NOTIFY_INTRO)) {
 			$seen = 1;
@@ -459,7 +480,7 @@ class Enotify {
 		// use $_SESSION['zid_override'] to force zid() to use 
 		// the recipient address instead of the current observer
 
-		$_SESSION['zid_override'] = $recip['channel_address'] . '@' . \App::get_hostname();
+		$_SESSION['zid_override'] = channel_reddress($recip);
 		$_SESSION['zrl_override'] = z_root() . '/channel/' . $recip['channel_address'];
 		
 		$textversion = zidify_links($textversion);
@@ -515,7 +536,7 @@ class Enotify {
 					$private_activity = true;
 				case NOTIFY_MAIL:
 					$datarray['textversion'] = $datarray['htmlversion'] = $datarray['title'] = '';
-					$datarray['subject'] = preg_replace('/' . preg_quote(t('[Hubzilla:Notify]')) . '/','$0*',$datarray['subject']);
+					$datarray['subject'] = preg_replace('/' . preg_quote(t('[$Projectname:Notify]')) . '/','$0*',$datarray['subject']);
 					break;
 				default:
 					break;
@@ -577,7 +598,7 @@ class Enotify {
 		self::send(array(
 			'fromName'             => $sender_name,
 			'fromEmail'            => $sender_email,
-			'replyTo'              => $sender_email,
+			'replyTo'              => $reply_email,
 			'toEmail'              => $recip['account_email'],
 			'messageSubject'       => $datarray['subject'],
 			'htmlVersion'          => $email_html_body,
@@ -606,6 +627,16 @@ class Enotify {
 	 */
 	static public function send($params) {
 
+		$params['sent']   = false;
+		$params['result'] = false;
+
+		call_hooks('email_send', $params);
+
+		if($params['sent']) {
+			logger("notification: enotify::send (addon) returns " . $params['result'], LOGGER_DEBUG);
+			return $params['result'];
+		}
+
 		$fromName = email_header_encode(html_entity_decode($params['fromName'],ENT_QUOTES,'UTF-8'),'UTF-8'); 
 		$messageSubject = email_header_encode(html_entity_decode($params['messageSubject'],ENT_QUOTES,'UTF-8'),'UTF-8');
 
@@ -646,6 +677,7 @@ class Enotify {
 			$messageHeader									// message headers
 		);
 		logger("notification: enotify::send returns " . $res, LOGGER_DEBUG);
+		return $res;
 	}
 
 	static public function format($item) {
@@ -654,12 +686,12 @@ class Enotify {
 
 		require_once('include/conversation.php');
 
-		// Call localize_item with the "brief" flag to get a one line status for activities. 
+		// Call localize_item to get a one line status for activities. 
 		// This should set $item['localized'] to indicate we have a brief summary.
 
 		localize_item($item);
 
-		if($item_localize) {
+		if($item['localize']) {
 			$itemem_text = $item['localize'];
 		}
 		else {
@@ -671,7 +703,7 @@ class Enotify {
 		// convert this logic into a json array just like the system notifications
 
 		return array(
-			'notify_link' => $item['llink'], 
+			'notify_link' => $item['llink'],
 			'name' => $item['author']['xchan_name'],
 			'url' => $item['author']['xchan_url'],
 			'photo' => $item['author']['xchan_photo_s'],

Zotlabs/Lib/ExtendedZip.php

@@ -0,0 +1,57 @@
+<?php
+
+/*
+ * To change this license header, choose License Headers in Project Properties.
+ * To change this template file, choose Tools | Templates
+ * and open the template in the editor.
+ */
+
+namespace Zotlabs\Lib;
+
+/**
+ * Description of ExtendedZip
+ *
+ * @author andrew
+ */
+class ExtendedZip extends \ZipArchive {
+		
+		// Member function to add a whole file system subtree to the archive
+		public function addTree($dirname, $localname = '') {
+				if ($localname)
+						$this->addEmptyDir($localname);
+				$this->_addTree($dirname, $localname);
+		}
+
+		// Internal function, to recurse
+		protected function _addTree($dirname, $localname) {
+				$dir = opendir($dirname);
+				while ($filename = readdir($dir)) {
+						// Discard . and ..
+						if ($filename == '.' || $filename == '..')
+								continue;
+
+						// Proceed according to type
+						$path = $dirname . '/' . $filename;
+						$localpath = $localname ? ($localname . '/' . $filename) : $filename;
+						if (is_dir($path)) {
+								// Directory: add & recurse
+								$this->addEmptyDir($localpath);
+								$this->_addTree($path, $localpath);
+						}
+						else if (is_file($path)) {
+								// File: just add
+								$this->addFile($path, $localpath);
+						}
+				}
+				closedir($dir);
+		}
+
+		// Helper function
+		public static function zipTree($dirname, $zipFilename, $flags = 0, $localname = '') {
+				$zip = new self();
+				$zip->open($zipFilename, $flags);
+				$zip->addTree($dirname, $localname);
+				$zip->close();
+		}
+		
+}

Zotlabs/Lib/PConfig.php

@@ -17,12 +17,20 @@ class PConfig {
 	 */
 
 	static public function Load($uid) {
-		if($uid === false)
+		if(is_null($uid) || $uid === false)
 			return false;
 
 		if(! array_key_exists($uid, \App::$config))
 			\App::$config[$uid] = array();
 
+		if(! is_array(\App::$config)) {
+			btlogger('App::$config not an array: ' . $uid);
+		}
+
+		if(! is_array(\App::$config[$uid])) {
+			btlogger('App::$config[$uid] not an array: ' . $uid);
+		}
+
 		$r = q("SELECT * FROM pconfig WHERE uid = %d",
 			intval($uid)
 		);
@@ -61,7 +69,7 @@ class PConfig {
 
 	static public function Get($uid,$family,$key,$instore = false) {
 
-		if($uid === false)
+		if(is_null($uid) || $uid === false)
 			return false;
 
 		if(! array_key_exists($uid, \App::$config))
@@ -102,7 +110,7 @@ class PConfig {
 		// we provide a function backtrace in the logs so that we can find
 		// and fix the calling function.
 
-		if($uid === false) {
+		if(is_null($uid) || $uid === false) {
 			btlogger('UID is FALSE!', LOGGER_NORMAL, LOG_ERR);
 			return;
 		}
@@ -172,6 +180,9 @@ class PConfig {
  
 	static public function Delete($uid, $family, $key) {
 
+		if(is_null($uid) || $uid === false)
+			return false;
+
 		$ret = false;
 
 		if(array_key_exists($key, \App::$config[$uid][$family]))

Zotlabs/Lib/PermissionDescription.php

@@ -78,22 +78,13 @@ class PermissionDescription  {
 
 		$result = null;
 
-		$global_perms = get_perms();
+		$global_perms = \Zotlabs\Access\Permissions::Perms();
 
 		if (array_key_exists($permname, $global_perms)) {
 
-			$permDetails = $global_perms[$permname];
+			$channelPerm = \Zotlabs\Access\PermissionLimits::Get(\App::$channel['channel_id'],$permname);
 
-			// It should be OK to always just read the permissions from App::$channel
-			//
-			// App::$profile is a union of channel and profile fields.
-			// The distinction is basically that App::$profile is pointing to the resource
-			// being observed. App::$channel is referring to the current logged-in channel
-			// member (if this is a local channel) e.g. the observer. We only show the ACL
-			// widget to the page owner (observer and observed are the same) so in that case
-			// I believe either may be safely used here.
-			$channelPerm = \App::$channel[$permDetails[0]];
-			$result = new PermissionDescription($permDetails[1], $channelPerm);
+			$result = new PermissionDescription('', $channelPerm);
 		} else {
 			// The acl dialog can handle null arguments, but it shouldn't happen
 			logger('null PermissionDescription from unknown global permission: ' . $permname ,LOGGER_DEBUG, LOG_ERROR);

Zotlabs/Lib/SuperCurl.php

@@ -105,7 +105,7 @@ class SuperCurl {
 			$opts['cookie'] = 'PHPSESSID=' . trim(file_get_contents('store/[data]/cookien_' . $this->magicauth));
 			$c = channelx_by_n($this->magicauth);
 			if($c)
-				$url = zid($this->url,$c['channel_address'] . '@' . \App::get_hostname());
+				$url = zid($this->url,channel_reddress($c));
 		}	
 		if($this->custom)
 			$opts['custom'] = $this->custom;

Zotlabs/Lib/System.php

@@ -43,9 +43,9 @@ class System {
 
 
 	static public function get_server_role() {
-		if(UNO)
-			return 'basic';
-		return 'pro';
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['server_role'])
+			return \App::$config['system']['server_role'];
+		return 'standard';
 	}
 
 	static public function get_std_version() {

Zotlabs/Lib/ThreadItem.php

@@ -174,6 +174,11 @@ class ThreadItem {
   
 		$responses = get_responses($conv_responses,$response_verbs,$this,$item);
 
+		$my_responses = [];
+		foreach($response_verbs as $v) {
+			$my_responses[$v] = (($conv_responses[$v][$item['mid'] . '-m']) ? 1 : 0);
+		}
+
 		$like_count = ((x($conv_responses['like'],$item['mid'])) ? $conv_responses['like'][$item['mid']] : '');
 		$like_list = ((x($conv_responses['like'],$item['mid'])) ? $conv_responses['like'][$item['mid'] . '-l'] : '');
 		if (count($like_list) > MAX_LIKERS) {
@@ -245,10 +250,12 @@ class ThreadItem {
 			);
 		}
 
+		$server_role = get_config('system','server_role');
+
 		$has_bookmarks = false;
 		if(is_array($item['term'])) {
 			foreach($item['term'] as $t) {
-				if(!UNO && $t['ttype'] == TERM_BOOKMARK)
+				if((get_account_techlevel() > 0) && ($t['ttype'] == TERM_BOOKMARK))
 					$has_bookmarks = true;
 			}
 		}
@@ -342,7 +349,7 @@ class ThreadItem {
 			'isotime' => datetime_convert('UTC', date_default_timezone_get(), $item['created'], 'c'),
 			'localtime' => datetime_convert('UTC', date_default_timezone_get(), $item['created'], 'r'),
 			'editedtime' => (($item['edited'] != $item['created']) ? sprintf( t('last edited: %s'), datetime_convert('UTC', date_default_timezone_get(), $item['edited'], 'r')) : ''),
-			'expiretime' => (($item['expires'] !== NULL_DATE) ? sprintf( t('Expires: %s'), datetime_convert('UTC', date_default_timezone_get(), $item['expires'], 'r')):''),
+			'expiretime' => (($item['expires'] > NULL_DATE) ? sprintf( t('Expires: %s'), datetime_convert('UTC', date_default_timezone_get(), $item['expires'], 'r')):''),
 			'lock' => $lock,
 			'verified' => $verified,
 			'unverified' => $unverified,
@@ -379,6 +386,7 @@ class ThreadItem {
 			'list_unseen_txt' => $list_unseen_txt,
 			'markseen' => t('Mark all seen'),
 			'responses' => $responses,
+			'my_responses' => $my_responses,
 			'like_count' => $like_count,
 			'like_list' => $like_list,
 			'like_list_part' => $like_list_part,
@@ -395,6 +403,7 @@ class ThreadItem {
 			'comment' => $this->get_comment_box($indent),
 			'previewing' => ($conv->is_preview() ? ' preview ' : ''),
 			'wait' => t('Please wait'),
+			'submid' => substr($item['mid'],0,32),
 			'thread_level' => $thread_level
 		);
 
@@ -410,6 +419,12 @@ class ThreadItem {
 		if($visible_comments === false)
 			$visible_comments = 3;
 
+//		needed for scroll to comment from notification but needs more work
+//		as we do not want to open all comments unless there is actually an #item_xx anchor
+//		and the url fragment is not sent to the server. 
+//		if(in_array(\App::$module,['display','update_display'])) 
+//			$visible_comments = 99999;
+
 		if(($this->get_display_mode() === 'normal') && ($nb_children > 0)) {
 			foreach($children as $child) {
 				$result['children'][] = $child->get_template_data($conv_responses, $thread_level + 1);

Zotlabs/Module/Acl.php

@@ -58,7 +58,24 @@ class Acl extends \Zotlabs\Web\Controller {
 	
 		if( (! local_channel()) && (! ($type == 'x' || $type == 'c')))
 			killme();
-	
+
+		$permitted = [];
+
+		if(in_array($type, [ 'm', 'a', 'c' ])) {
+
+			// These queries require permission checking. We'll create a simple array of xchan_hash for those with
+			// the requisite permissions which we can check against. 
+
+			$x = q("select xchan from abconfig where chan = %d and cat = 'their_perms' and k = '%s' and v = '1'",
+				intval(local_channel()),
+				dbesc(($type === 'm') ? 'post_mail' : 'tag_deliver')
+			);
+
+			$permitted = ids_to_array($x,'xchan');
+
+		}
+
+
 		if($search) {
 			$sql_extra = " AND `name` LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " ";
 			$sql_extra2 = "AND ( xchan_name LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " OR xchan_addr LIKE " . protect_sprintf( "'%" . dbesc($search) . ((strpos($search,'@') === false) ? "%@%'"  : "%'")) . ") ";
@@ -87,13 +104,13 @@ class Acl extends \Zotlabs\Web\Controller {
 		
 		if($type == '' || $type == 'g') {
 	
-			$r = q("SELECT `groups`.`id`, `groups`.`hash`, `groups`.`gname`
-					FROM `groups`,`group_member` 
-					WHERE `groups`.`deleted` = 0 AND `groups`.`uid` = %d 
-					AND `group_member`.`gid`=`groups`.`id`
+			$r = q("SELECT groups.id, groups.hash, groups.gname
+					FROM groups,group_member 
+					WHERE groups.deleted = 0 AND groups.uid = %d 
+					AND group_member.gid=groups.id
 					$sql_extra
-					GROUP BY `groups`.`id`
-					ORDER BY `groups`.`gname` 
+					GROUP BY groups.id
+					ORDER BY groups.gname 
 					LIMIT %d OFFSET %d",
 				intval(local_channel()),
 				intval($count),
@@ -156,7 +173,7 @@ class Acl extends \Zotlabs\Web\Controller {
 				} 
 
 	
-				$r = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, abook_flags, abook_self 
+				$r = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, xchan_pubforum, abook_flags, abook_self 
 					FROM abook left join xchan on abook_xchan = xchan_hash 
 					WHERE (abook_channel = %d $extra_channels_sql) AND abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc" ,
 					intval(local_channel())
@@ -221,16 +238,24 @@ class Acl extends \Zotlabs\Web\Controller {
 			}
 		}
 		elseif($type == 'm') {
-	
-			$r = q("SELECT xchan_hash as hash, xchan_name as name, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url 
+
+			$r = array();
+			$z = q("SELECT xchan_hash as hash, xchan_name as name, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url 
 				FROM abook left join xchan on abook_xchan = xchan_hash
-				WHERE abook_channel = %d and ( (abook_their_perms = null) or (abook_their_perms & %d )>0)
+				WHERE abook_channel = %d 
 				and xchan_deleted = 0
 				$sql_extra3
-				ORDER BY `xchan_name` ASC ",
-				intval(local_channel()),
-				intval(PERMS_W_MAIL)
+				ORDER BY xchan_name ASC ",
+				intval(local_channel())
 			);
+			if($z) {
+				foreach($z as $zz) {
+					if(in_array($zz['hash'],$permitted)) {
+						$r[] = $zz;
+					}
+				}
+			}
+			
 		}
 		elseif($type == 'a') {
 	
@@ -274,7 +299,7 @@ class Acl extends \Zotlabs\Web\Controller {
 				if(strpos($g['hash'],'/') && $type != 'a')
 					continue;
 	
-				if(($g['abook_their_perms'] & PERMS_W_TAGWALL) && $type == 'c' && (! $noforums)) {
+				if(in_array($g['hash'],$permitted) && $type == 'c' && (! $noforums)) {
 					$contacts[] = array(
 						"type"     => "c",
 						"photo"    => "images/twopeople.png",

Zotlabs/Module/Admin/Account_edit.php

@@ -0,0 +1,64 @@
+<?php
+
+namespace Zotlabs\Module\Admin;
+
+
+
+class Account_edit {
+
+	function post() {
+
+		$account_id = $_REQUEST['aid'];
+
+		if(! $account_id)
+			return;
+
+		$pass1 = trim($_REQUEST['pass1']);
+		$pass2 = trim($_REQUEST['pass2']);
+		if($pass1 && $pass2 && ($pass1 === $pass2)) {
+			$salt = random_string(32);
+			$password_encoded = hash('whirlpool', $salt . $pass1);
+			$r = q("update account set account_salt = '%s', account_password = '%s', 
+				account_password_changed = '%s' where account_id = %d",
+				dbesc($salt),
+				dbesc($password_encoded),
+				dbesc(datetime_convert()),
+				intval($account_id)
+			);
+			if($r)
+				info( sprintf( t('Password changed for account %d.'), $account_id). EOL);
+
+		}
+		goaway(z_root() . '/admin/accounts');
+	}
+
+
+	function get() {
+		if(argc() > 2)
+			$account_id = argv(2);
+
+		$x = q("select * from account where account_id = %d limit 1",
+			intval($account_id)
+		);
+
+		if(! $x) {
+			notice ( t('Account not found.') . EOL);
+			return '';
+		}
+
+		$a = replace_macros(get_markup_template('admin_account_edit.tpl'), [
+			'$account' => $x[0],
+			'$title' => t('Account Edit'),
+			'$pass1' => [ 'pass1', t('New Password'), ' ','' ],
+			'$pass2' => [ 'pass2', t('New Password again'), ' ','' ],
+			'$submit' => t('Submit'),
+			]
+		);
+
+		return $a;
+
+
+	}
+
+
+}

Zotlabs/Module/Admin/Accounts.php

@@ -0,0 +1,206 @@
+<?php
+
+namespace Zotlabs\Module\Admin;
+
+
+
+class Accounts {
+	
+	/**
+	 * @brief Handle POST actions on accounts admin page.
+	 *
+	 * This function is called when on the admin user/account page the form was
+	 * submitted to handle multiple operations at once. If one of the icons next
+	 * to an entry are pressed the function admin_page_accounts() will handle this.
+	 *
+	 */
+
+	function post() {
+		$pending = ( x($_POST, 'pending') ? $_POST['pending'] : array() );
+		$users   = ( x($_POST, 'user')    ? $_POST['user']    : array() );
+		$blocked = ( x($_POST, 'blocked') ? $_POST['blocked'] : array() );
+	
+		check_form_security_token_redirectOnErr('/admin/accounts', 'admin_accounts');
+	
+		// change to switch structure?
+		// account block/unblock button was submitted
+		if (x($_POST, 'page_users_block')) {
+			for ($i = 0; $i < count($users); $i++) {
+				// if account is blocked remove blocked bit-flag, otherwise add blocked bit-flag
+				$op = ($blocked[$i]) ? '& ~' : '| ';
+				q("UPDATE account SET account_flags = (account_flags $op%d) WHERE account_id = %d",
+					intval(ACCOUNT_BLOCKED),
+					intval($users[$i])
+				);
+			}
+			notice( sprintf( tt("%s account blocked/unblocked", "%s account blocked/unblocked", count($users)), count($users)) );
+		}
+		// account delete button was submitted
+		if (x($_POST, 'page_accounts_delete')) {
+			foreach ($users as $uid){
+				account_remove($uid, true, false);
+			}
+			notice( sprintf( tt("%s account deleted", "%s accounts deleted", count($users)), count($users)) );
+		}
+		// registration approved button was submitted
+		if (x($_POST, 'page_users_approve')) {
+			foreach ($pending as $hash) {
+				account_allow($hash);
+			}
+		}
+		// registration deny button was submitted
+		if (x($_POST, 'page_users_deny')) {
+			foreach ($pending as $hash) {
+				account_deny($hash);
+			}
+		}
+	
+		goaway(z_root() . '/admin/accounts' );
+	}
+
+	/**
+	 * @brief Generate accounts admin page and handle single item operations.
+	 *
+	 * This function generates the accounts/account admin page and handles the actions
+	 * if an icon next to an entry was clicked. If several items were selected and
+	 * the form was submitted it is handled by the function admin_page_accounts_post().
+	 *
+	 * @return string
+	 */
+
+	function get(){
+		if (argc() > 2) {
+			$uid = argv(3);
+			$account = q("SELECT * FROM account WHERE account_id = %d",
+				intval($uid)
+			);
+	
+			if (! $account) {
+				notice( t('Account not found') . EOL);
+				goaway(z_root() . '/admin/accounts' );
+			}
+	
+			check_form_security_token_redirectOnErr('/admin/accounts', 'admin_accounts', 't');
+	
+			switch (argv(2)){
+				case 'delete':
+					// delete user
+					account_remove($uid,true,false);
+	
+					notice( sprintf(t("Account '%s' deleted"), $account[0]['account_email']) . EOL);
+					break;
+				case 'block':
+					q("UPDATE account SET account_flags = ( account_flags | %d ) WHERE account_id = %d",
+						intval(ACCOUNT_BLOCKED),
+						intval($uid)
+					);
+	
+					notice( sprintf( t("Account '%s' blocked") , $account[0]['account_email']) . EOL);
+					break;
+				case 'unblock':
+					q("UPDATE account SET account_flags = ( account_flags & ~%d ) WHERE account_id = %d",
+							intval(ACCOUNT_BLOCKED),
+							intval($uid)
+					);
+	
+					notice( sprintf( t("Account '%s' unblocked"), $account[0]['account_email']) . EOL);
+					break;
+			}
+	
+			goaway(z_root() . '/admin/accounts' );
+		}
+	
+		/* get pending */
+		$pending = q("SELECT account.*, register.hash from account left join register on account_id = register.uid where (account_flags & %d )>0 ",
+			intval(ACCOUNT_PENDING)
+		);
+	
+		/* get accounts */
+	
+		$total = q("SELECT count(*) as total FROM account");
+		if (count($total)) {
+			\App::set_pager_total($total[0]['total']);
+			\App::set_pager_itemspage(100);
+		}
+	
+		$serviceclass = (($_REQUEST['class']) ? " and account_service_class = '" . dbesc($_REQUEST['class']) . "' " : '');
+
+		$key = (($_REQUEST['key']) ? dbesc($_REQUEST['key']) : 'account_id');
+		$dir = 'asc';
+		if(array_key_exists('dir',$_REQUEST))
+			$dir = ((intval($_REQUEST['dir'])) ? 'asc' : 'desc');
+
+		$base = z_root() . '/admin/accounts?f=';
+		$odir = (($dir === 'asc') ? '0' : '1');
+	
+		$users = q("SELECT `account_id` , `account_email`, `account_lastlog`, `account_created`, `account_expires`, " . 			"`account_service_class`, ( account_flags & %d ) > 0 as `blocked`, " .
+				"(SELECT %s FROM channel as ch " .
+				"WHERE ch.channel_account_id = ac.account_id and ch.channel_removed = 0 ) as `channels` " .
+			"FROM account as ac where true $serviceclass order by $key $dir limit %d offset %d ",
+			intval(ACCOUNT_BLOCKED),
+			db_concat('ch.channel_address', ' '),
+			intval(\App::$pager['itemspage']),
+			intval(\App::$pager['start'])
+		);
+	
+	//	function _setup_users($e){
+	//		$accounts = Array(
+	//			t('Normal Account'), 
+	//			t('Soapbox Account'),
+	//			t('Community/Celebrity Account'),
+	//			t('Automatic Friend Account')
+	//		);
+	
+	//		$e['page_flags'] = $accounts[$e['page-flags']];
+	//		$e['register_date'] = relative_date($e['register_date']);
+	//		$e['login_date'] = relative_date($e['login_date']);
+	//		$e['lastitem_date'] = relative_date($e['lastitem_date']);
+	//		return $e;
+	//	}
+	//	$users = array_map("_setup_users", $users);
+	
+		$t = get_markup_template('admin_accounts.tpl');
+		$o = replace_macros($t, array(
+			// strings //
+			'$title' => t('Administration'),
+			'$page' => t('Accounts'),
+			'$submit' => t('Submit'),
+			'$select_all' => t('select all'),
+			'$h_pending' => t('Registrations waiting for confirm'),
+			'$th_pending' => array( t('Request date'), t('Email') ),
+			'$no_pending' =>  t('No registrations.'),
+			'$approve' => t('Approve'),
+			'$deny' => t('Deny'),
+			'$delete' => t('Delete'),
+			'$block' => t('Block'),
+			'$unblock' => t('Unblock'),
+			'$odir' => $odir,
+			'$base' => $base,
+			'$h_users' => t('Accounts'),
+			'$th_users' => array( 
+				[ t('ID'), 'account_id' ],
+				[ t('Email'), 'account_email' ],
+				[ t('All Channels'), 'channels' ],
+				[ t('Register date'), 'account_created' ],
+				[ t('Last login'), 'account_lastlog' ],
+				[ t('Expires'), 'account_expires' ],
+				[ t('Service Class'), 'account_service_class'] ),
+	
+			'$confirm_delete_multi' => t('Selected accounts will be deleted!\n\nEverything these accounts had posted on this site will be permanently deleted!\n\nAre you sure?'),
+			'$confirm_delete' => t('The account {0} will be deleted!\n\nEverything this account has posted on this site will be permanently deleted!\n\nAre you sure?'),
+	
+			'$form_security_token' => get_form_security_token("admin_accounts"),
+	
+			// values //
+			'$baseurl' => z_root(),
+	
+			'$pending' => $pending,
+			'$users' => $users,
+		));
+		$o .= paginate($a);
+	
+		return $o;
+	}
+	
+
+}

Zotlabs/Module/Admin/Channels.php

@@ -0,0 +1,186 @@
+<?php
+
+namespace Zotlabs\Module\Admin;
+
+
+class Channels {
+
+	
+	/**
+	 * @brief Channels admin page.
+	 *
+	 * @param App &$a
+	 */
+	function post() {
+
+		$channels = ( x($_POST, 'channel') ? $_POST['channel'] : Array() );
+	
+		check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels');
+		
+		$xor = db_getfunc('^');
+	
+		if (x($_POST,'page_channels_block')){
+			foreach($channels as $uid){
+				q("UPDATE channel SET channel_pageflags = ( channel_pageflags $xor %d ) where channel_id = %d",
+					intval(PAGE_CENSORED),
+					intval( $uid )
+				);
+				\Zotlabs\Daemon\Master::Summon(array('Directory',$uid,'nopush'));
+			}
+			notice( sprintf( tt("%s channel censored/uncensored", "%s channels censored/uncensored", count($channels)), count($channels)) );
+		}
+		if (x($_POST,'page_channels_code')){
+			foreach($channels as $uid){
+				q("UPDATE channel SET channel_pageflags = ( channel_pageflags $xor %d ) where channel_id = %d",
+					intval(PAGE_ALLOWCODE),
+					intval( $uid )
+				);
+			}
+			notice( sprintf( tt("%s channel code allowed/disallowed", "%s channels code allowed/disallowed", count($channels)), count($channels)) );
+		}
+		if (x($_POST,'page_channels_delete')){
+			foreach($channels as $uid){
+				channel_remove($uid,true);
+			}
+			notice( sprintf( tt("%s channel deleted", "%s channels deleted", count($channels)), count($channels)) );
+		}
+	
+		goaway(z_root() . '/admin/channels' );
+	}
+	
+
+	/**
+	 * @brief
+	 *
+	 * @return string
+	 */
+
+	function get() {
+		if(argc() > 2) {
+			$uid = argv(3);
+			$channel = q("SELECT * FROM channel WHERE channel_id = %d",
+				intval($uid)
+			);
+	
+			if(! $channel) {
+				notice( t('Channel not found') . EOL);
+				goaway(z_root() . '/admin/channels' );
+			}
+	
+			switch(argv(2)) {
+				case "delete":{
+					check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't');
+					// delete channel
+					channel_remove($uid,true);
+					
+					notice( sprintf(t("Channel '%s' deleted"), $channel[0]['channel_name']) . EOL);
+				}; break;
+	
+				case "block":{
+					check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't');
+					$pflags = $channel[0]['channel_pageflags'] ^ PAGE_CENSORED; 
+					q("UPDATE channel SET channel_pageflags = %d where channel_id = %d",
+						intval($pflags),
+						intval( $uid )
+					);
+					\Zotlabs\Daemon\Master::Summon(array('Directory',$uid,'nopush'));
+	
+					notice( sprintf( (($pflags & PAGE_CENSORED) ? t("Channel '%s' censored"): t("Channel '%s' uncensored")) , $channel[0]['channel_name'] . ' (' . $channel[0]['channel_address'] . ')' ) . EOL);
+				}; break;
+	
+				case "code":{
+					check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't');
+					$pflags = $channel[0]['channel_pageflags'] ^ PAGE_ALLOWCODE; 
+					q("UPDATE channel SET channel_pageflags = %d where channel_id = %d",
+						intval($pflags),
+						intval( $uid )
+					);
+	
+					notice( sprintf( (($pflags & PAGE_ALLOWCODE) ? t("Channel '%s' code allowed"): t("Channel '%s' code disallowed")) , $channel[0]['channel_name'] . ' (' . $channel[0]['channel_address'] . ')' ) . EOL);
+				}; break;
+	
+				default: 
+					break;
+			}
+			goaway(z_root() . '/admin/channels' );
+		}
+
+
+		$key = (($_REQUEST['key']) ? dbesc($_REQUEST['key']) : 'channel_id');
+		$dir = 'asc';
+		if(array_key_exists('dir',$_REQUEST))
+			$dir = ((intval($_REQUEST['dir'])) ? 'asc' : 'desc');
+
+		$base = z_root() . '/admin/channels?f=';
+		$odir = (($dir === 'asc') ? '0' : '1');
+
+
+	
+		/* get channels */
+	
+		$total = q("SELECT count(*) as total FROM channel where channel_removed = 0 and channel_system = 0");
+		if($total) {
+			\App::set_pager_total($total[0]['total']);
+			\App::set_pager_itemspage(100);
+		}
+
+		$channels = q("SELECT * from channel where channel_removed = 0 and channel_system = 0 order by $key $dir limit %d offset %d ",
+			intval(\App::$pager['itemspage']),
+			intval(\App::$pager['start'])
+		);
+
+		if($channels) {
+			for($x = 0; $x < count($channels); $x ++) {
+				if($channels[$x]['channel_pageflags'] & PAGE_CENSORED)
+					$channels[$x]['blocked'] = true;
+				else
+					$channels[$x]['blocked'] = false;
+	
+				if($channels[$x]['channel_pageflags'] & PAGE_ALLOWCODE)
+					$channels[$x]['allowcode'] = true;
+				else
+					$channels[$x]['allowcode'] = false;
+			}
+		}
+	
+		$t = get_markup_template("admin_channels.tpl");
+		$o = replace_macros($t, array(
+			// strings //
+			'$title' => t('Administration'),
+			'$page' => t('Channels'),
+			'$submit' => t('Submit'),
+			'$select_all' => t('select all'),
+			'$delete' => t('Delete'),
+			'$block' => t('Censor'),
+			'$unblock' => t('Uncensor'),
+			'$code' => t('Allow Code'),
+			'$uncode' => t('Disallow Code'),
+			'$h_channels' => t('Channel'),
+			'$base' => $base,
+			'$odir' => $odir,
+			'$th_channels' => array( 
+					[ t('UID'), 'channel_id' ],
+					[ t('Name'), 'channel_name' ],
+					[ t('Address'), 'channel_address' ]),
+	
+			'$confirm_delete_multi' => t('Selected channels will be deleted!\n\nEverything that was posted in these channels on this site will be permanently deleted!\n\nAre you sure?'),
+			'$confirm_delete' => t('The channel {0} will be deleted!\n\nEverything that was posted in this channel on this site will be permanently deleted!\n\nAre you sure?'),
+	
+			'$form_security_token' => get_form_security_token("admin_channels"),
+	
+			// values //
+			'$baseurl' => z_root(),
+			'$channels' => $channels,
+		));
+		$o .= paginate($a);
+	
+		return $o;
+	}
+	
+
+
+
+
+
+
+}

Zotlabs/Module/Admin/Dbsync.php

@@ -0,0 +1,68 @@
+<?php
+
+namespace Zotlabs\Module\Admin;
+
+
+
+class Dbsync {
+	
+
+
+
+	function get() {
+		$o = '';
+	
+		if(argc() > 3 && intval(argv(3)) && argv(2) === 'mark') {
+			set_config('database', 'update_r' . intval(argv(3)), 'success');
+			if(intval(get_config('system','db_version')) <= intval(argv(3)))
+				set_config('system','db_version',intval(argv(3)) + 1);
+			info( t('Update has been marked successful') . EOL);
+			goaway(z_root() . '/admin/dbsync');
+		}
+	
+		if(argc() > 2 && intval(argv(2))) {
+			require_once('install/update.php');
+			$func = 'update_r' . intval(argv(2));
+			if(function_exists($func)) {
+				$retval = $func();
+				if($retval === UPDATE_FAILED) {
+					$o .= sprintf( t('Executing %s failed. Check system logs.'), $func); 
+				}
+				elseif($retval === UPDATE_SUCCESS) {
+					$o .= sprintf( t('Update %s was successfully applied.'), $func);
+					set_config('database',$func, 'success');
+				}
+				else
+					$o .= sprintf( t('Update %s did not return a status. Unknown if it succeeded.'), $func);
+			}
+			else
+				$o .= sprintf( t('Update function %s could not be found.'), $func);
+	
+			return $o;
+		}
+	
+		$failed = array();
+		$r = q("select * from config where `cat` = 'database' ");
+		if(count($r)) {
+			foreach($r as $rr) {
+				$upd = intval(substr($rr['k'],8));
+				if($rr['v'] === 'success')
+					continue;
+				$failed[] = $upd;
+			}
+		}
+		if(! count($failed))
+			return '<div class="generic-content-wrapper-styled"><h3>' . t('No failed updates.') . '</h3></div>';
+	
+		$o = replace_macros(get_markup_template('failed_updates.tpl'),array(
+			'$base' => z_root(),
+			'$banner' => t('Failed Updates'),
+			'$desc' => '',
+			'$mark' => t('Mark success (if update was manually applied)'),
+			'$apply' => t('Attempt to execute this update step automatically'),
+			'$failed' => $failed
+		));
+	
+		return $o;
+	}
+}

Zotlabs/Module/Admin/Features.php

@@ -0,0 +1,74 @@
+<?php
+
+namespace Zotlabs\Module\Admin;
+
+
+
+class Features {
+
+	
+	function post() {
+	
+		check_form_security_token_redirectOnErr('/admin/features', 'admin_manage_features');
+	
+		logger('postvars: ' . print_r($_POST,true));
+	
+		$arr = array();
+		$features = get_features(false);
+	
+		foreach($features as $fname => $fdata) {
+			foreach(array_slice($fdata,1) as $f) {
+				$feature = $f[0];
+	
+				if(array_key_exists('feature_' . $feature,$_POST))
+					$val = intval($_POST['feature_' . $feature]);
+				else
+					$val = 0;
+				set_config('feature',$feature,$val);
+	
+				if(array_key_exists('featurelock_' . $feature,$_POST))
+					set_config('feature_lock',$feature,$val);
+				else
+					del_config('feature_lock',$feature);
+			}
+		}
+	
+		goaway(z_root() . '/admin/features' );
+	
+	}
+	
+	function get() {
+		
+		if((argc() > 1) && (argv(1) === 'features')) {
+			$arr = array();
+			$features = get_features(false);
+	
+			foreach($features as $fname => $fdata) {
+				$arr[$fname] = array();
+				$arr[$fname][0] = $fdata[0];
+				foreach(array_slice($fdata,1) as $f) {
+	
+					$set = get_config('feature',$f[0]);
+					if($set === false)
+						$set = $f[3];
+					$arr[$fname][1][] = array(
+						array('feature_' .$f[0],$f[1],$set,$f[2],array(t('Off'),t('On'))),
+						array('featurelock_' .$f[0],sprintf( t('Lock feature %s'),$f[1]),(($f[4] !== false) ? 1 : 0),'',array(t('Off'),t('On')))
+					);
+				}
+			}
+			
+			$tpl = get_markup_template("admin_settings_features.tpl");
+			$o .= replace_macros($tpl, array(
+				'$form_security_token' => get_form_security_token("admin_manage_features"),
+				'$title'	=> t('Manage Additional Features'),
+				'$features' => $arr,
+				'$submit'   => t('Submit'),
+			));
+	
+			return $o;
+		}
+	}
+	
+
+}

Zotlabs/Module/Admin/Logs.php

@@ -0,0 +1,101 @@
+<?php
+
+namespace Zotlabs\Module\Admin;
+
+
+class Logs {
+
+
+	
+	/**
+	 * @brief POST handler for logs admin page.
+	 *
+	 */
+
+	function post() {
+		if (x($_POST, 'page_logs')) {
+			check_form_security_token_redirectOnErr('/admin/logs', 'admin_logs');
+	
+			$logfile   = ((x($_POST,'logfile'))   ? notags(trim($_POST['logfile'])) : '');
+			$debugging = ((x($_POST,'debugging')) ? true : false);
+			$loglevel  = ((x($_POST,'loglevel'))  ? intval(trim($_POST['loglevel'])) : 0);
+	
+			set_config('system','logfile', $logfile);
+			set_config('system','debugging',  $debugging);
+			set_config('system','loglevel', $loglevel);
+		}
+	
+		info( t('Log settings updated.') );
+		goaway(z_root() . '/admin/logs' );
+	}
+	
+	/**
+	 * @brief Logs admin page.
+	 *
+	 * @return string
+	 */
+
+	function get() {
+	
+		$log_choices = Array(
+			LOGGER_NORMAL => 'Normal',
+			LOGGER_TRACE => 'Trace',
+			LOGGER_DEBUG => 'Debug',
+			LOGGER_DATA => 'Data',
+			LOGGER_ALL => 'All'
+		);
+	
+		$t = get_markup_template('admin_logs.tpl');
+	
+		$f = get_config('system', 'logfile');
+	
+		$data = '';
+	
+		if(!file_exists($f)) {
+			$data = t("Error trying to open <strong>$f</strong> log file.\r\n<br/>Check to see if file $f exist and is 
+	readable.");
+		}
+		else {
+			$fp = fopen($f, 'r');
+			if(!$fp) {
+				$data = t("Couldn't open <strong>$f</strong> log file.\r\n<br/>Check to see if file $f is readable.");
+			}
+			else {
+				$fstat = fstat($fp);
+				$size = $fstat['size'];
+				if($size != 0)
+				{
+					if($size > 5000000 || $size < 0)
+						$size = 5000000;
+					$seek = fseek($fp,0-$size,SEEK_END);
+					if($seek === 0) {
+						$data = escape_tags(fread($fp,$size));
+						while(! feof($fp))
+							$data .= escape_tags(fread($fp,4096));
+					}
+				}
+				fclose($fp);
+			}
+		}
+	
+		return replace_macros($t, array(
+			'$title' => t('Administration'),
+			'$page' => t('Logs'),
+			'$submit' => t('Submit'),
+			'$clear' => t('Clear'),
+			'$data' => $data,
+			'$baseurl' => z_root(),
+			'$logname' =>  get_config('system','logfile'),
+	
+			// name, label, value, help string, extra data...
+			'$debugging' => array('debugging', t("Debugging"),get_config('system','debugging'), ""),
+			'$logfile'   => array('logfile', t("Log file"), get_config('system','logfile'), t("Must be writable by web server. Relative to your top-level webserver directory.")),
+			'$loglevel'  => array('loglevel', t("Log level"), get_config('system','loglevel'), "", $log_choices),
+	
+			'$form_security_token' => get_form_security_token('admin_logs'),
+		));
+	}
+	
+
+
+}

Zotlabs/Module/Admin/Plugins.php

@@ -0,0 +1,470 @@
+<?php
+
+namespace Zotlabs\Module\Admin;
+
+use \Zotlabs\Storage\GitRepo as GitRepo;
+
+class Plugins {
+
+
+	function post() {
+
+		if(argc() > 2 && is_file("addon/" . argv(2) . "/" . argv(2) . ".php")) {
+			@include_once("addon/" . argv(2) . "/" . argv(2) . ".php");
+			if(function_exists(argv(2).'_plugin_admin_post')) {
+				$func = argv(2) . '_plugin_admin_post';
+				$func($a);
+			}
+				
+			goaway(z_root() . '/admin/plugins/' . argv(2) );
+
+		}
+		elseif(argc() > 2) {
+			switch(argv(2)) {
+				case 'updaterepo':
+					if (array_key_exists('repoName', $_REQUEST)) {
+						$repoName = $_REQUEST['repoName'];
+					} 
+					else {
+						json_return_and_die(array('message' => 'No repo name provided.', 'success' => false));
+					}
+					$extendDir = 'store/[data]/git/sys/extend';
+					$addonDir = $extendDir . '/addon';
+					if (!file_exists($extendDir)) {
+						if (!mkdir($extendDir, 0770, true)) {
+							logger('Error creating extend folder: ' . $extendDir);
+							json_return_and_die(array('message' => 'Error creating extend folder: ' . $extendDir, 'success' => false));
+						}
+						else {
+							if (!symlink('extend/addon', $addonDir)) {
+								logger('Error creating symlink to addon folder: ' . $addonDir);
+								json_return_and_die(array('message' => 'Error creating symlink to addon folder: ' . $addonDir, 'success' => false));
+							}
+						}
+					}
+					$repoDir = 'store/[data]/git/sys/extend/addon/' . $repoName;
+					if (!is_dir($repoDir)) {
+						logger('Repo directory does not exist: ' . $repoDir);
+						json_return_and_die(array('message' => 'Invalid addon repo.', 'success' => false));
+					}
+					if (!is_writable($repoDir)) {
+						logger('Repo directory not writable to web server: ' . $repoDir);
+						json_return_and_die(array('message' => 'Repo directory not writable to web server.', 'success' => false));
+					}
+					$git = new GitRepo('sys', null, false, $repoName, $repoDir);
+					try {
+						if ($git->pull()) {
+							$files = array_diff(scandir($repoDir), array('.', '..'));
+							foreach ($files as $file) {
+								if (is_dir($repoDir . '/' . $file) && $file !== '.git') {
+									$source = 'extend/addon/' . $repoName . '/' . $file;
+									$target = realpath('addon/') . '/' . $file;
+									unlink($target);
+									if (!symlink($source, $target)) {
+										logger('Error linking addons to /addon');
+										json_return_and_die(array('message' => 'Error linking addons to /addon', 'success' => false));
+									}
+								}
+							}
+							json_return_and_die(array('message' => 'Repo updated.', 'success' => true));
+						} else {
+							json_return_and_die(array('message' => 'Error updating addon repo.', 'success' => false));
+						}
+					} catch (\PHPGit\Exception\GitException $e) {
+						json_return_and_die(array('message' => 'Error updating addon repo.', 'success' => false));
+					}
+				case 'removerepo':
+					if (array_key_exists('repoName', $_REQUEST)) {
+						$repoName = $_REQUEST['repoName'];
+					} else {
+						json_return_and_die(array('message' => 'No repo name provided.', 'success' => false));
+					}
+					$extendDir = 'store/[data]/git/sys/extend';
+					$addonDir = $extendDir . '/addon';
+					if (!file_exists($extendDir)) {
+						if (!mkdir($extendDir, 0770, true)) {
+							logger('Error creating extend folder: ' . $extendDir);
+							json_return_and_die(array('message' => 'Error creating extend folder: ' . $extendDir, 'success' => false));
+						} else {
+							if (!symlink('extend/addon', $addonDir)) {
+								logger('Error creating symlink to addon folder: ' . $addonDir);
+								json_return_and_die(array('message' => 'Error creating symlink to addon folder: ' . $addonDir, 'success' => false));
+							}
+						}
+					}
+					$repoDir = 'store/[data]/git/sys/extend/addon/' . $repoName;
+					if (!is_dir($repoDir)) {
+						logger('Repo directory does not exist: ' . $repoDir);
+						json_return_and_die(array('message' => 'Invalid addon repo.', 'success' => false));
+					}
+					if (!is_writable($repoDir)) {
+						logger('Repo directory not writable to web server: ' . $repoDir);
+						json_return_and_die(array('message' => 'Repo directory not writable to web server.', 'success' => false));
+					}
+					// TODO: remove directory and unlink /addon/files
+					if (rrmdir($repoDir)) {
+						json_return_and_die(array('message' => 'Repo deleted.', 'success' => true));
+					} else {
+						json_return_and_die(array('message' => 'Error deleting addon repo.', 'success' => false));
+					}
+				case 'installrepo':
+					require_once('library/markdown.php');
+					if (array_key_exists('repoURL', $_REQUEST)) {
+						require_once('library/PHPGit.autoload.php');			// Load PHPGit dependencies					
+						$repoURL = $_REQUEST['repoURL'];
+						$extendDir = 'store/[data]/git/sys/extend';
+						$addonDir = $extendDir . '/addon';
+						if (!file_exists($extendDir)) {
+							if (!mkdir($extendDir, 0770, true)) {
+								logger('Error creating extend folder: ' . $extendDir);
+								json_return_and_die(array('message' => 'Error creating extend folder: ' . $extendDir, 'success' => false));
+							} else {
+								if (!symlink('extend/addon', $addonDir)) {
+									logger('Error creating symlink to addon folder: ' . $addonDir);
+									json_return_and_die(array('message' => 'Error creating symlink to addon folder: ' . $addonDir, 'success' => false));
+								}
+							}
+						}
+						if (!is_writable($extendDir)) {
+							logger('Directory not writable to web server: ' . $extendDir);
+							json_return_and_die(array('message' => 'Directory not writable to web server.', 'success' => false));
+						}
+						$repoName = null;
+						if (array_key_exists('repoName', $_REQUEST) && $_REQUEST['repoName'] !== '') {
+							$repoName = $_REQUEST['repoName'];
+						} else {
+							$repoName = GitRepo::getRepoNameFromURL($repoURL);
+						}
+						if (!$repoName) {
+							logger('Invalid git repo');
+							json_return_and_die(array('message' => 'Invalid git repo', 'success' => false));
+						}
+						$repoDir = $addonDir . '/' . $repoName;
+						$tempRepoBaseDir = 'store/[data]/git/sys/temp/';
+						$tempAddonDir = $tempRepoBaseDir . $repoName;
+
+						if (!is_writable($addonDir) || !is_writable($tempAddonDir)) {
+							logger('Temp repo directory or /extend/addon not writable to web server: ' . $tempAddonDir);
+							json_return_and_die(array('message' => 'Temp repo directory not writable to web server.', 'success' => false));
+						}
+						rename($tempAddonDir, $repoDir);
+
+						if (!is_writable(realpath('addon/'))) {
+							logger('/addon directory not writable to web server: ' . $tempAddonDir);
+							json_return_and_die(array('message' => '/addon directory not writable to web server.', 'success' => false));
+						}
+						$files = array_diff(scandir($repoDir), array('.', '..'));
+						foreach ($files as $file) {
+							if (is_dir($repoDir . '/' . $file) && $file !== '.git') {
+								$source = 'extend/addon/' . $repoName . '/' . $file;
+								$target = realpath('addon/') . '/' . $file;
+								unlink($target);
+								if (!symlink($source, $target)) {
+									logger('Error linking addons to /addon');
+									json_return_and_die(array('message' => 'Error linking addons to /addon', 'success' => false));
+								}
+							}
+						}
+						$git = new GitRepo('sys', $repoURL, false, $repoName, $repoDir);
+						$repo = $git->probeRepo();
+						json_return_and_die(array('repo' => $repo, 'message' => '', 'success' => true));
+					}
+				case 'addrepo':
+					require_once('library/markdown.php');
+					if (array_key_exists('repoURL', $_REQUEST)) {
+						require_once('library/PHPGit.autoload.php');	 // Load PHPGit dependencies					
+						$repoURL = $_REQUEST['repoURL'];
+						$extendDir = 'store/[data]/git/sys/extend';
+						$addonDir = $extendDir . '/addon';
+						$tempAddonDir = 'store/[data]/git/sys/temp';
+						if (!file_exists($extendDir)) {
+							if (!mkdir($extendDir, 0770, true)) {
+								logger('Error creating extend folder: ' . $extendDir);
+								json_return_and_die(array('message' => 'Error creating extend folder: ' . $extendDir, 'success' => false));
+							} else {
+								if (!symlink('extend/addon', $addonDir)) {
+									logger('Error creating symlink to addon folder: ' . $addonDir);
+									json_return_and_die(array('message' => 'Error creating symlink to addon folder: ' . $addonDir, 'success' => false));
+								}
+							}
+						}
+						if (!is_dir($tempAddonDir)) {
+							if (!mkdir($tempAddonDir, 0770, true)) {
+								logger('Error creating temp plugin repo folder: ' . $tempAddonDir);
+								json_return_and_die(array('message' => 'Error creating temp plugin repo folder: ' . $tempAddonDir, 'success' => false));
+							}
+						}
+						$repoName = null;
+						if (array_key_exists('repoName', $_REQUEST) && $_REQUEST['repoName'] !== '') {
+							$repoName = $_REQUEST['repoName'];
+						} else {
+							$repoName = GitRepo::getRepoNameFromURL($repoURL);
+						}
+						if (!$repoName) {
+							logger('Invalid git repo');
+							json_return_and_die(array('message' => 'Invalid git repo: ' . $repoName, 'success' => false));
+						}
+						$repoDir = $tempAddonDir . '/' . $repoName;
+						if (!is_writable($tempAddonDir)) {
+							logger('Temporary directory for new addon repo is not writable to web server: ' . $tempAddonDir);
+							json_return_and_die(array('message' => 'Temporary directory for new addon repo is not writable to web server.', 'success' => false));
+						}
+						// clone the repo if new automatically
+						$git = new GitRepo('sys', $repoURL, true, $repoName, $repoDir);
+
+						$remotes = $git->git->remote();
+						$fetchURL = $remotes['origin']['fetch'];
+						if ($fetchURL !== $git->url) {
+							if (rrmdir($repoDir)) {
+								$git = new GitRepo('sys', $repoURL, true, $repoName, $repoDir);
+							} else {
+								json_return_and_die(array('message' => 'Error deleting existing addon repo.', 'success' => false));
+							}
+						}
+						$repo = $git->probeRepo();
+						$repo['readme'] = $repo['manifest'] = null;
+						foreach ($git->git->tree('master') as $object) {
+							if ($object['type'] == 'blob' && (strtolower($object['file']) === 'readme.md' || strtolower($object['file']) === 'readme')) {
+								$repo['readme'] = Markdown($git->git->cat->blob($object['hash']));
+							} else if ($object['type'] == 'blob' && strtolower($object['file']) === 'manifest.json') {
+								$repo['manifest'] = $git->git->cat->blob($object['hash']);
+							}
+						}
+						json_return_and_die(array('repo' => $repo, 'message' => '', 'success' => true));
+					} else {
+						json_return_and_die(array('message' => 'No repo URL provided', 'success' => false));
+					}
+					break;
+				default:
+					break;
+			}
+		}
+	}
+
+
+	function get() {
+
+		/*
+		 * Single plugin
+		 */
+
+		if (\App::$argc == 3){
+			$plugin = \App::$argv[2];
+			if (!is_file("addon/$plugin/$plugin.php")){
+				notice( t("Item not found.") );
+				return '';
+			}
+	
+			$enabled = in_array($plugin,\App::$plugins);
+			$info = get_plugin_info($plugin);
+			$x = check_plugin_versions($info);
+	
+			// disable plugins which are installed but incompatible versions
+	
+			if($enabled && ! $x) {
+				$enabled = false;
+				$idz = array_search($plugin, \App::$plugins);
+				if ($idz !== false) {
+					unset(\App::$plugins[$idz]);
+					uninstall_plugin($plugin);
+					set_config("system","addon", implode(", ",\App::$plugins));
+				}
+			}
+			$info['disabled'] = 1-intval($x);
+	
+			if (x($_GET,"a") && $_GET['a']=="t"){
+				check_form_security_token_redirectOnErr('/admin/plugins', 'admin_plugins', 't');
+				$pinstalled = false;
+				// Toggle plugin status
+				$idx = array_search($plugin, \App::$plugins);
+				if ($idx !== false){
+					unset(\App::$plugins[$idx]);
+					uninstall_plugin($plugin);
+					$pinstalled = false;
+					info( sprintf( t("Plugin %s disabled."), $plugin ) );
+				} else {
+					\App::$plugins[] = $plugin;
+					install_plugin($plugin);
+					$pinstalled = true;
+					info( sprintf( t("Plugin %s enabled."), $plugin ) );
+				}
+				set_config("system","addon", implode(", ",\App::$plugins));
+
+				if($pinstalled) {
+					@require_once("addon/$plugin/$plugin.php");
+					if(function_exists($plugin.'_plugin_admin'))
+						goaway(z_root() . '/admin/plugins/' . $plugin);
+				}
+				goaway(z_root() . '/admin/plugins' );
+			}
+			// display plugin details
+			require_once('library/markdown.php');
+	
+			if (in_array($plugin, \App::$plugins)){
+				$status = 'on';
+				$action = t('Disable');
+			} else {
+				$status = 'off';
+				$action =  t('Enable');
+			}
+	
+			$readme = null;
+			if (is_file("addon/$plugin/README.md")){
+				$readme = file_get_contents("addon/$plugin/README.md");
+				$readme = Markdown($readme);
+			} else if (is_file("addon/$plugin/README")){
+				$readme = "<pre>". file_get_contents("addon/$plugin/README") ."</pre>";
+			}
+	
+			$admin_form = '';
+	
+			$r = q("select * from addon where plugin_admin = 1 and aname = '%s' limit 1",
+				dbesc($plugin)
+			);
+	
+			if($r) {
+				@require_once("addon/$plugin/$plugin.php");
+				if(function_exists($plugin.'_plugin_admin')) {
+					$func = $plugin.'_plugin_admin';
+					$func($a, $admin_form);
+				}
+			}
+	
+	
+			$t = get_markup_template('admin_plugins_details.tpl');
+			return replace_macros($t, array(
+				'$title' => t('Administration'),
+				'$page' => t('Plugins'),
+				'$toggle' => t('Toggle'),
+				'$settings' => t('Settings'),
+				'$baseurl' => z_root(),
+	
+				'$plugin' => $plugin,
+				'$status' => $status,
+				'$action' => $action,
+				'$info' => $info,
+				'$str_author' => t('Author: '),
+				'$str_maintainer' => t('Maintainer: '),
+				'$str_minversion' => t('Minimum project version: '),
+				'$str_maxversion' => t('Maximum project version: '),
+				'$str_minphpversion' => t('Minimum PHP version: '),
+				'$str_serverroles' => t('Compatible Server Roles: '),
+				'$str_requires' => t('Requires: '),
+				'$disabled' => t('Disabled - version incompatibility'),
+	
+				'$admin_form' => $admin_form,
+				'$function' => 'plugins',
+				'$screenshot' => '',
+				'$readme' => $readme,
+	
+				'$form_security_token' => get_form_security_token('admin_plugins'),
+			));
+		}
+	
+	
+		/*
+		 * List plugins
+		 */
+		$plugins = array();
+		$files = glob('addon/*/');
+		if($files) {
+			foreach($files as $file) {
+				if (is_dir($file)){
+					list($tmp, $id) = array_map('trim', explode('/', $file));
+					$info = get_plugin_info($id);
+					$enabled = in_array($id,\App::$plugins);
+					$x = check_plugin_versions($info);
+	
+					// disable plugins which are installed but incompatible versions
+	
+					if($enabled && ! $x) {
+						$enabled = false;
+						$idz = array_search($id, \App::$plugins);
+						if ($idz !== false) {
+							unset(\App::$plugins[$idz]);
+							uninstall_plugin($id);
+							set_config("system","addon", implode(", ",\App::$plugins));
+						}
+					}
+					$info['disabled'] = 1-intval($x);
+	
+					$plugins[] = array( $id, (($enabled)?"on":"off") , $info);
+				}
+			}
+		}
+	
+		usort($plugins,'self::plugin_sort');
+
+		
+		$admin_plugins_add_repo_form= replace_macros(
+			get_markup_template('admin_plugins_addrepo.tpl'), array(
+				'$post' => 'admin/plugins/addrepo',
+				'$desc' => t('Enter the public git repository URL of the plugin repo.'),
+				'$repoURL' => array('repoURL', t('Plugin repo git URL'), '', ''),
+				'$repoName' => array('repoName', t('Custom repo name'), '', '', t('(optional)')),
+				'$submit' => t('Download Plugin Repo')
+			)
+		);
+		$newRepoModalID = random_string(3);
+		$newRepoModal = replace_macros(
+			get_markup_template('generic_modal.tpl'), array(
+				'$id' => $newRepoModalID,
+				'$title' => t('Install new repo'),
+				'$ok' => t('Install'),
+				'$cancel' => t('Cancel')
+			)
+		);
+			
+		$reponames = $this->listAddonRepos();
+		$addonrepos = [];
+		foreach($reponames as $repo) {
+			$addonrepos[] = array('name' => $repo, 'description' => '');
+			// TODO: Parse repo info to provide more information about repos
+		}
+		
+		$t = get_markup_template('admin_plugins.tpl');
+		return replace_macros($t, array(
+			'$title' => t('Administration'),
+			'$page' => t('Plugins'),
+			'$submit' => t('Submit'),
+			'$baseurl' => z_root(),
+			'$function' => 'plugins',
+			'$plugins' => $plugins,
+			'$disabled' => t('Disabled - version incompatibility'),
+			'$form_security_token' => get_form_security_token('admin_plugins'),
+			'$managerepos' => t('Manage Repos'),
+			'$installedtitle' => t('Installed Plugin Repositories'),
+			'$addnewrepotitle' =>	t('Install a New Plugin Repository'),
+			'$expandform' => false,
+			'$form' => $admin_plugins_add_repo_form,
+			'$newRepoModal' => $newRepoModal,
+			'$newRepoModalID' => $newRepoModalID,
+			'$addonrepos' => $addonrepos,
+			'$repoUpdateButton' => t('Update'),
+			'$repoBranchButton' => t('Switch branch'),
+			'$repoRemoveButton' => t('Remove')
+		));
+	}
+
+	function listAddonRepos() {
+		$addonrepos = [];
+		$addonDir = 'extend/addon/';
+		if(is_dir($addonDir)) {
+			if ($handle = opendir($addonDir)) {
+				while (false !== ($entry = readdir($handle))) {
+					if ($entry != "." && $entry != "..") {
+						$addonrepos[] = $entry;
+					}
+				}
+				closedir($handle);
+			}
+		}
+		return $addonrepos;
+	}
+
+	static public function plugin_sort($a,$b) {
+		return(strcmp(strtolower($a[2]['name']),strtolower($b[2]['name'])));
+	}
+
+
+}

Zotlabs/Module/Admin/Profs.php

@@ -0,0 +1,169 @@
+<?php
+
+namespace Zotlabs\Module\Admin;
+
+
+class Profs {
+
+	function post() {
+	
+		if(array_key_exists('basic',$_REQUEST)) {
+			$arr = explode(',',$_REQUEST['basic']);
+			for($x = 0; $x < count($arr); $x ++) 
+				if(trim($arr[$x]))
+					$arr[$x] = trim($arr[$x]);
+			set_config('system','profile_fields_basic',$arr);
+	
+			if(array_key_exists('advanced',$_REQUEST)) {
+				$arr = explode(',',$_REQUEST['advanced']);
+				for($x = 0; $x < count($arr); $x ++)
+					if(trim($arr[$x]))
+						$arr[$x] = trim($arr[$x]);
+				set_config('system','profile_fields_advanced',$arr);
+			}
+			goaway(z_root() . '/admin/profs');
+		}
+	
+	
+		if(array_key_exists('field_name',$_REQUEST)) {
+			if($_REQUEST['id']) {
+				$r = q("update profdef set field_name = '%s', field_type = '%s', field_desc = '%s' field_help = '%s', field_inputs = '%s' where id = %d",
+					dbesc($_REQUEST['field_name']),
+					dbesc($_REQUEST['field_type']),
+					dbesc($_REQUEST['field_desc']),
+					dbesc($_REQUEST['field_help']),
+					dbesc($_REQUEST['field_inputs']),
+					intval($_REQUEST['id'])
+				);
+			}
+			else {
+				$r = q("insert into profdef ( field_name, field_type, field_desc, field_help, field_inputs ) values ( '%s' , '%s', '%s', '%s', '%s' )",
+					dbesc($_REQUEST['field_name']),
+					dbesc($_REQUEST['field_type']),
+					dbesc($_REQUEST['field_desc']),
+					dbesc($_REQUEST['field_help']),
+					dbesc($_REQUEST['field_inputs'])
+				);
+			}
+		}
+	
+	
+		// add to chosen array basic or advanced
+	
+		goaway(z_root() . '/admin/profs');
+	}
+	
+	function get() {
+	
+		if((argc() > 3) && argv(2) == 'drop' && intval(argv(3))) {
+			$r = q("delete from profdef where id = %d",
+				intval(argv(3))
+			);
+			// remove from allowed fields
+	
+			goaway(z_root() . '/admin/profs');	
+		}
+	
+		if((argc() > 2) && argv(2) === 'new') {
+			return replace_macros(get_markup_template('profdef_edit.tpl'),array(
+				'$header' => t('New Profile Field'),
+				'$field_name' => array('field_name',t('Field nickname'),$_REQUEST['field_name'],t('System name of field')),
+				'$field_type' => array('field_type',t('Input type'),(($_REQUEST['field_type']) ? $_REQUEST['field_type'] : 'text'),''),
+				'$field_desc' => array('field_desc',t('Field Name'),$_REQUEST['field_desc'],t('Label on profile pages')),
+				'$field_help' => array('field_help',t('Help text'),$_REQUEST['field_help'],t('Additional info (optional)')),
+				'$submit' => t('Save')
+			));
+		}
+	
+		if((argc() > 2) && intval(argv(2))) {
+			$r = q("select * from profdef where id = %d limit 1",
+				intval(argv(2))
+			);
+			if(! $r) {
+				notice( t('Field definition not found') . EOL);
+				goaway(z_root() . '/admin/profs');
+			}
+	
+			return replace_macros(get_markup_template('profdef_edit.tpl'),array(
+				'$id' => intval($r[0]['id']),
+				'$header' => t('Edit Profile Field'),
+				'$field_name' => array('field_name',t('Field nickname'),$r[0]['field_name'],t('System name of field')),
+				'$field_type' => array('field_type',t('Input type'),$r[0]['field_type'],''),
+				'$field_desc' => array('field_desc',t('Field Name'),$r[0]['field_desc'],t('Label on profile pages')),
+				'$field_help' => array('field_help',t('Help text'),$r[0]['field_help'],t('Additional info (optional)')),
+				'$submit' => t('Save')
+			));
+		}
+	
+		$basic = '';
+		$barr = array();
+		$fields = get_profile_fields_basic();
+		if(! $fields)
+			$fields = get_profile_fields_basic(1);
+		if($fields) {
+			foreach($fields as $k => $v) {
+				if($basic)
+					$basic .= ', ';
+				$basic .= trim($k);
+				$barr[] = trim($k);
+			}
+		}
+	
+		$advanced = '';
+		$fields = get_profile_fields_advanced();
+		if(! $fields)
+			$fields = get_profile_fields_advanced(1);
+		if($fields) {
+			foreach($fields as $k => $v) {
+				if(in_array(trim($k),$barr))
+					continue;
+				if($advanced)
+					$advanced .= ', ';
+				$advanced .= trim($k);
+			}
+		}
+	
+		$all = '';
+		$fields = get_profile_fields_advanced(1);
+		if($fields) {
+			foreach($fields as $k => $v) {
+				if($all)
+					$all .= ', ';
+				$all .= trim($k);
+			}
+		}
+	
+		$r = q("select * from profdef where true");
+		if($r) {
+			foreach($r as $rr) {
+				if($all)
+					$all .= ', ';
+				$all .= $rr['field_name'];
+			}
+		}
+	
+		
+		$o = replace_macros(get_markup_template('admin_profiles.tpl'),array(
+			'$title' => t('Profile Fields'),
+			'$basic' => array('basic',t('Basic Profile Fields'),$basic,''),
+			'$advanced' => array('advanced',t('Advanced Profile Fields'),$advanced,t('(In addition to basic fields)')),
+			'$all' => $all,
+			'$all_desc' => t('All available fields'),
+			'$cust_field_desc' => t('Custom Fields'),
+			'$cust_fields' => $r,
+			'$edit' => t('Edit'),
+			'$drop' => t('Delete'),
+			'$new' => t('Create Custom Field'),		
+			'$submit' => t('Submit')
+		));
+	
+		return $o;
+	
+	
+	}
+
+
+
+
+
+}

Zotlabs/Module/Admin/Queue.php

@@ -0,0 +1,54 @@
+<?php
+
+namespace Zotlabs\Module\Admin;
+
+
+
+class Queue {
+
+
+	
+	function get() {
+
+		$o = '';
+	
+		$expert = ((array_key_exists('expert',$_REQUEST)) ? intval($_REQUEST['expert']) : 0);
+	
+		if($_REQUEST['drophub']) {
+			require_once('hubloc.php');
+			hubloc_mark_as_down($_REQUEST['drophub']);
+			remove_queue_by_posturl($_REQUEST['drophub']);
+		}
+	
+		if($_REQUEST['emptyhub']) {
+			remove_queue_by_posturl($_REQUEST['emptyhub']);
+		}
+	
+		$r = q("select count(outq_posturl) as total, max(outq_priority) as priority, outq_posturl from outq 
+			where outq_delivered = 0 group by outq_posturl order by total desc");
+	
+		for($x = 0; $x < count($r); $x ++) {
+			$r[$x]['eurl'] = urlencode($r[$x]['outq_posturl']);
+			$r[$x]['connected'] = datetime_convert('UTC',date_default_timezone_get(),$r[$x]['connected'],'Y-m-d');
+		}
+	
+		$o = replace_macros(get_markup_template('admin_queue.tpl'), array(
+			'$banner' => t('Queue Statistics'),
+			'$numentries' => t('Total Entries'),
+			'$priority' => t('Priority'),
+			'$desturl' => t('Destination URL'),
+			'$nukehub' => t('Mark hub permanently offline'),
+			'$empty' => t('Empty queue for this hub'),
+			'$lastconn' => t('Last known contact'),
+			'$hasentries' => ((count($r)) ? true : false),
+			'$entries' => $r,
+			'$expert' => $expert
+		));
+	
+		return $o;
+	}
+	
+
+
+
+}

Zotlabs/Module/Admin/Security.php

@@ -0,0 +1,123 @@
+<?php
+
+namespace Zotlabs\Module\Admin;
+
+
+class Security {
+
+	function post() {
+		check_form_security_token_redirectOnErr('/admin/security', 'admin_security');
+	
+		$allowed_email        = ((x($_POST,'allowed_email'))	    ? notags(trim($_POST['allowed_email']))		: '');
+		$not_allowed_email    = ((x($_POST,'not_allowed_email'))	? notags(trim($_POST['not_allowed_email']))		: '');
+
+		set_config('system','allowed_email', $allowed_email);
+		set_config('system','not_allowed_email', $not_allowed_email);	
+
+		$block_public         = ((x($_POST,'block_public'))		? True	: False);
+		set_config('system','block_public',$block_public);
+	
+		$ws = $this->trim_array_elems(explode("\n",$_POST['whitelisted_sites']));
+		set_config('system','whitelisted_sites',$ws);
+	
+		$bs = $this->trim_array_elems(explode("\n",$_POST['blacklisted_sites']));
+		set_config('system','blacklisted_sites',$bs);
+	
+		$wc = $this->trim_array_elems(explode("\n",$_POST['whitelisted_channels']));
+		set_config('system','whitelisted_channels',$wc);
+	
+		$bc = $this->trim_array_elems(explode("\n",$_POST['blacklisted_channels']));
+		set_config('system','blacklisted_channels',$bc);
+	
+		$embed_sslonly         = ((x($_POST,'embed_sslonly'))		? True	: False);
+		set_config('system','embed_sslonly',$embed_sslonly);
+	
+		$we = $this->trim_array_elems(explode("\n",$_POST['embed_allow']));
+		set_config('system','embed_allow',$we);
+	
+		$be = $this->trim_array_elems(explode("\n",$_POST['embed_deny']));
+		set_config('system','embed_deny',$be);
+	
+		$ts = ((x($_POST,'transport_security')) ? True : False);
+		set_config('system','transport_security_header',$ts);
+
+		$cs = ((x($_POST,'content_security')) ? True : False);
+		set_config('system','content_security_policy',$cs);
+
+		goaway(z_root() . '/admin/security');
+	}
+	
+	
+
+	function get() {
+	
+		$whitesites = get_config('system','whitelisted_sites');
+		$whitesites_str = ((is_array($whitesites)) ? implode($whitesites,"\n") : '');
+	
+		$blacksites = get_config('system','blacklisted_sites');
+		$blacksites_str = ((is_array($blacksites)) ? implode($blacksites,"\n") : '');
+	
+	
+		$whitechannels = get_config('system','whitelisted_channels');
+		$whitechannels_str = ((is_array($whitechannels)) ? implode($whitechannels,"\n") : '');
+	
+		$blackchannels = get_config('system','blacklisted_channels');
+		$blackchannels_str = ((is_array($blackchannels)) ? implode($blackchannels,"\n") : '');
+	
+	
+		$whiteembeds = get_config('system','embed_allow');
+		$whiteembeds_str = ((is_array($whiteembeds)) ? implode($whiteembeds,"\n") : '');
+	
+		$blackembeds = get_config('system','embed_deny');
+		$blackembeds_str = ((is_array($blackembeds)) ? implode($blackembeds,"\n") : '');
+	
+		$embed_coop = intval(get_config('system','embed_coop'));
+	
+		if((! $whiteembeds) && (! $blackembeds)) {
+			$embedhelp1 = t("By default, unfiltered HTML is allowed in embedded media. This is inherently insecure.");
+		}
+
+		$embedhelp2 = t("The recommended setting is to only allow unfiltered HTML from the following sites:"); 
+		$embedhelp3 = t("https://youtube.com/<br />https://www.youtube.com/<br />https://youtu.be/<br />https://vimeo.com/<br />https://soundcloud.com/<br />");
+		$embedhelp4 = t("All other embedded content will be filtered, <strong>unless</strong> embedded content from that site is explicitly blocked.");
+	
+		$t = get_markup_template('admin_security.tpl');
+		return replace_macros($t, array(
+			'$title' => t('Administration'),
+			'$page' => t('Security'),
+			'$form_security_token' => get_form_security_token('admin_security'),
+	        '$block_public'     => array('block_public', t("Block public"), get_config('system','block_public'), t("Check to block public access to all otherwise public personal pages on this site unless you are currently authenticated.")),
+			'$transport_security' => array('transport_security', t('Set "Transport Security" HTTP header'),intval(get_config('system','transport_security_header')),''),
+			'$content_security' => array('content_security', t('Set "Content Security Policy" HTTP header'),intval(get_config('system','content_security_policy')),''),
+			'$allowed_email'	=> array('allowed_email', t("Allowed email domains"), get_config('system','allowed_email'), t("Comma separated list of domains which are allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains")),
+			'$not_allowed_email'	=> array('not_allowed_email', t("Not allowed email domains"), get_config('system','not_allowed_email'), t("Comma separated list of domains which are not allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains, unless allowed domains have been defined.")),
+			'$whitelisted_sites' => array('whitelisted_sites', t('Allow communications only from these sites'), $whitesites_str, t('One site per line. Leave empty to allow communication from anywhere by default')),
+			'$blacklisted_sites' => array('blacklisted_sites', t('Block communications from these sites'), $blacksites_str, ''),
+			'$whitelisted_channels' => array('whitelisted_channels', t('Allow communications only from these channels'), $whitechannels_str, t('One channel (hash) per line. Leave empty to allow from any channel by default')),
+			'$blacklisted_channels' => array('blacklisted_channels', t('Block communications from these channels'), $blackchannels_str, ''),
+			'$embed_sslonly' => array('embed_sslonly',t('Only allow embeds from secure (SSL) websites and links.'), intval(get_config('system','embed_sslonly')),''),
+			'$embed_allow' => array('embed_allow', t('Allow unfiltered embedded HTML content only from these domains'), $whiteembeds_str, t('One site per line. By default embedded content is filtered.')),
+			'$embed_deny' => array('embed_deny', t('Block embedded HTML from these domains'), $blackembeds_str, ''),
+	
+//	        '$embed_coop'     => array('embed_coop', t('Cooperative embed security'), $embed_coop, t('Enable to share embed security with other compatible sites/hubs')),
+
+			'$submit' => t('Submit')
+		));
+	}
+
+
+	function trim_array_elems($arr) {
+		$narr = array();
+	
+		if($arr && is_array($arr)) {
+			for($x = 0; $x < count($arr); $x ++) {
+				$y = trim($arr[$x]);
+				if($y)
+					$narr[] = $y;
+			}
+		}
+		return $narr;
+	}
+	
+	
+}

Zotlabs/Module/Admin/Site.php

@@ -0,0 +1,323 @@
+<?php
+
+namespace Zotlabs\Module\Admin;
+
+
+class Site {
+
+	
+	/**
+	 * @brief POST handler for Admin Site Page.
+	 *
+	 * @param App &$a
+	 */
+	function post(){
+		if (!x($_POST, 'page_site')) {
+			return;
+		}
+
+		check_form_security_token_redirectOnErr('/admin/site', 'admin_site');
+	
+		$sitename 			=	((x($_POST,'sitename'))			? notags(trim($_POST['sitename']))			: '');
+		$server_role 		=	((x($_POST,'server_role'))		? notags(trim($_POST['server_role']))		: 'standard');
+
+		$banner				=	((x($_POST,'banner'))      		? trim($_POST['banner'])				: false);
+
+		$admininfo			=	((x($_POST,'admininfo'))		? trim($_POST['admininfo'])				: false);
+		$language			=	((x($_POST,'language'))			? notags(trim($_POST['language']))			: '');
+		$theme				=	((x($_POST,'theme'))			? notags(trim($_POST['theme']))				: '');
+		$theme_mobile			=	((x($_POST,'theme_mobile'))		? notags(trim($_POST['theme_mobile']))			: '');
+	//	$site_channel			=	((x($_POST,'site_channel'))	? notags(trim($_POST['site_channel']))				: '');
+		$maximagesize		=	((x($_POST,'maximagesize'))		? intval(trim($_POST['maximagesize']))				:  0);
+	
+		$register_policy	=	((x($_POST,'register_policy'))	? intval(trim($_POST['register_policy']))	:  0);
+		
+		$access_policy	=	((x($_POST,'access_policy'))	? intval(trim($_POST['access_policy']))	:  0);
+		$invite_only        = ((x($_POST,'invite_only'))		? True	: False);
+		$abandon_days	    =	((x($_POST,'abandon_days'))	    ? intval(trim($_POST['abandon_days']))	    :  0);
+	
+		$register_text		=	((x($_POST,'register_text'))	? notags(trim($_POST['register_text']))		: '');
+		$frontpage		    =	((x($_POST,'frontpage'))	? notags(trim($_POST['frontpage']))		: '');
+		$mirror_frontpage   =	((x($_POST,'mirror_frontpage'))	? intval(trim($_POST['mirror_frontpage']))		: 0);
+		$directory_server   =   ((x($_POST,'directory_server')) ? trim($_POST['directory_server']) : '');
+		$allowed_sites        = ((x($_POST,'allowed_sites'))	? notags(trim($_POST['allowed_sites']))		: '');
+		$force_publish        = ((x($_POST,'publish_all'))		? True	: False);
+		$disable_discover_tab = ((x($_POST,'disable_discover_tab'))		? False	:	True);
+		$login_on_homepage    = ((x($_POST,'login_on_homepage'))		? True	:	False);
+		$enable_context_help    = ((x($_POST,'enable_context_help'))		? True	:	False);
+		$global_directory     = ((x($_POST,'directory_submit_url'))	? notags(trim($_POST['directory_submit_url']))	: '');
+		$no_community_page    = !((x($_POST,'no_community_page'))	? True	:	False);
+		$default_expire_days  = ((array_key_exists('default_expire_days',$_POST)) ? intval($_POST['default_expire_days']) : 0);
+	
+		$verifyssl         = ((x($_POST,'verifyssl'))        ? True : False);
+		$proxyuser         = ((x($_POST,'proxyuser'))        ? notags(trim($_POST['proxyuser']))  : '');
+		$proxy             = ((x($_POST,'proxy'))            ? notags(trim($_POST['proxy']))      : '');
+		$timeout           = ((x($_POST,'timeout'))          ? intval(trim($_POST['timeout']))    : 60);
+		$delivery_interval = ((x($_POST,'delivery_interval'))? intval(trim($_POST['delivery_interval'])) : 0);
+		$delivery_batch_count = ((x($_POST,'delivery_batch_count') && $_POST['delivery_batch_count'] > 0)? intval(trim($_POST['delivery_batch_count'])) : 1);
+		$poll_interval     = ((x($_POST,'poll_interval'))    ? intval(trim($_POST['poll_interval'])) : 0);
+		$maxloadavg        = ((x($_POST,'maxloadavg'))       ? intval(trim($_POST['maxloadavg'])) : 50);
+		$feed_contacts     = ((x($_POST,'feed_contacts'))    ? intval($_POST['feed_contacts'])    : 0);
+		$verify_email      = ((x($_POST,'verify_email'))     ? 1 : 0);
+		$techlevel_lock    = ((x($_POST,'techlock'))   ? intval($_POST['techlock'])   : 0);
+
+		$techlevel         = null;
+		if(array_key_exists('techlevel',$_POST))
+			$techlevel = intval($_POST['techlevel']);
+
+	
+
+		set_config('system', 'server_role', $server_role);
+		set_config('system', 'feed_contacts', $feed_contacts);
+		set_config('system', 'delivery_interval', $delivery_interval);
+		set_config('system', 'delivery_batch_count', $delivery_batch_count);
+		set_config('system', 'poll_interval', $poll_interval);
+		set_config('system', 'maxloadavg', $maxloadavg);
+		set_config('system', 'frontpage', $frontpage);
+		set_config('system', 'mirror_frontpage', $mirror_frontpage);
+		set_config('system', 'sitename', $sitename);
+		set_config('system', 'login_on_homepage', $login_on_homepage);
+		set_config('system', 'enable_context_help', $enable_context_help);
+		set_config('system', 'verify_email', $verify_email);
+		set_config('system', 'default_expire_days', $default_expire_days);
+		set_config('system', 'techlevel_lock', $techlevel_lock);
+
+		if(! is_null($techlevel))
+			set_config('system', 'techlevel', $techlevel);
+	
+		if($directory_server)
+			set_config('system','directory_server',$directory_server);
+	
+		if ($banner == '') {
+			del_config('system', 'banner');
+		} else {
+			set_config('system', 'banner', $banner);
+		}
+	
+		if ($admininfo == ''){
+			del_config('system', 'admininfo');
+		} else {
+			require_once('include/text.php');
+			linkify_tags($a, $admininfo, local_channel());
+			set_config('system', 'admininfo', $admininfo);
+		}
+		set_config('system', 'language', $language);
+		set_config('system', 'theme', $theme);
+		if ( $theme_mobile === '---' ) {
+			del_config('system', 'mobile_theme');
+		} else {
+			set_config('system', 'mobile_theme', $theme_mobile);
+		}
+	//	set_config('system','site_channel', $site_channel);
+		set_config('system','maximagesize', $maximagesize);
+	
+		set_config('system','register_policy', $register_policy);
+		set_config('system','invitation_only', $invite_only);	
+		set_config('system','access_policy', $access_policy);
+		set_config('system','account_abandon_days', $abandon_days);
+		set_config('system','register_text', $register_text);
+		set_config('system','allowed_sites', $allowed_sites);
+		set_config('system','publish_all', $force_publish);
+		set_config('system','disable_discover_tab', $disable_discover_tab);
+		if ($global_directory == '') {
+			del_config('system', 'directory_submit_url');
+		} else {
+			set_config('system', 'directory_submit_url', $global_directory);
+		}
+	
+		set_config('system','no_community_page', $no_community_page);
+		set_config('system','no_utf', $no_utf);
+		set_config('system','verifyssl', $verifyssl);
+		set_config('system','proxyuser', $proxyuser);
+		set_config('system','proxy', $proxy);
+		set_config('system','curl_timeout', $timeout);
+	
+		info( t('Site settings updated.') . EOL);
+		goaway(z_root() . '/admin/site' );
+	}
+
+	/**
+	 * @brief Admin page site.
+	 *
+	 * @return string
+	 */
+
+	function get() {
+	
+		/* Installed langs */
+		$lang_choices = array();
+		$langs = glob('view/*/hstrings.php');
+	
+		if(is_array($langs) && count($langs)) {
+			if(! in_array('view/en/hstrings.php',$langs))
+				$langs[] = 'view/en/';
+			asort($langs);
+			foreach($langs as $l) {
+				$t = explode("/",$l);
+				$lang_choices[$t[1]] = $t[1];
+			}
+		}
+	
+		/* Installed themes */
+		$theme_choices_mobile["---"] = t("Default");
+		$theme_choices = array();
+		$files = glob('view/theme/*');
+		if($files) {
+			foreach($files as $file) {
+				$vars = '';
+				$f = basename($file);
+				if (file_exists($file . '/library'))
+					continue;
+				if (file_exists($file . '/mobile'))
+					$vars = t('mobile');
+				if (file_exists($file . '/experimental'))
+					$vars .= t('experimental');
+				if (file_exists($file . '/unsupported'))
+					$vars .= t('unsupported');
+				if ($vars) {
+					$theme_choices[$f] = $f . ' (' . $vars . ')';
+					$theme_choices_mobile[$f] = $f . ' (' . $vars . ')';
+				}
+				else {
+					$theme_choices[$f] = $f;
+					$theme_choices_mobile[$f] = $f;
+				}
+			}
+		}
+	
+		$dir_choices = null;
+		$dirmode = get_config('system','directory_mode');
+		$realm = get_directory_realm();
+	
+		// directory server should not be set or settable unless we are a directory client
+	
+		if($dirmode == DIRECTORY_MODE_NORMAL) {
+			$x = q("select site_url from site where site_flags in (%d,%d) and site_realm = '%s'",
+				intval(DIRECTORY_MODE_SECONDARY),
+				intval(DIRECTORY_MODE_PRIMARY),
+				dbesc($realm)
+			);
+			if($x) {
+				$dir_choices = array();
+				foreach($x as $xx) {
+					$dir_choices[$xx['site_url']] = $xx['site_url'];
+				}
+			}
+		}
+	
+		/* Banner */
+	
+		$banner = get_config('system', 'banner');
+		if($banner === false) 
+			$banner = get_config('system','sitename');
+	
+		$banner = htmlspecialchars($banner);
+	
+		/* Admin Info */
+		$admininfo = get_config('system', 'admininfo');
+	
+		/* Register policy */
+		$register_choices = Array(
+			REGISTER_CLOSED  => t("No"),
+			REGISTER_APPROVE => t("Yes - with approval"),
+			REGISTER_OPEN    => t("Yes")
+		);
+	
+		/* Acess policy */
+		$access_choices = Array(
+			ACCESS_PRIVATE => t("My site is not a public server"),
+			ACCESS_PAID => t("My site has paid access only"),
+			ACCESS_FREE => t("My site has free access only"),
+			ACCESS_TIERED => t("My site offers free accounts with optional paid upgrades")
+		);
+	
+		$discover_tab = get_config('system','disable_discover_tab');
+		// $disable public streams by default
+		if($discover_tab === false)
+			$discover_tab = 1;
+		// now invert the logic for the setting.
+		$discover_tab = (1 - $discover_tab);
+	
+		$server_roles = [
+			'basic'    => t('Basic/Minimal Social Networking'),
+			'standard' => t('Standard Configuration (default)'),
+			'pro'      => t('Professional')
+		];
+
+
+		$techlevels = [
+			'0' => t('Beginner/Basic'),
+			'1' => t('Novice - not skilled but willing to learn'),
+			'2' => t('Intermediate - somewhat comfortable'),
+			'3' => t('Advanced - very comfortable'),
+			'4' => t('Expert - I can write computer code'),			
+			'5' => t('Wizard - I probably know more than you do')
+		];
+
+
+
+	
+		$homelogin = get_config('system','login_on_homepage');
+		$enable_context_help = get_config('system','enable_context_help');
+	
+		$t = get_markup_template("admin_site.tpl");
+		return replace_macros($t, array(
+			'$title' => t('Administration'),
+			'$page' => t('Site'),
+			'$submit' => t('Submit'),
+			'$registration' => t('Registration'),
+			'$upload' => t('File upload'),
+			'$corporate' => t('Policies'),
+			'$advanced' => t('Advanced'),
+	
+			'$baseurl' => z_root(),
+			// name, label, value, help string, extra data...
+			'$sitename' 		=> array('sitename', t("Site name"), htmlspecialchars(get_config('system','sitename'), ENT_QUOTES, 'UTF-8'),''),
+
+			'$server_role' 		=> array('server_role', t("Server Configuration/Role"), get_config('system','server_role'),'',$server_roles),
+
+			'$techlevel' => [ 'techlevel', t('Site default technical skill level'), get_config('system','techlevel'), t('Used to provide a member experience matched to technical comfort level'), $techlevels ],
+
+			'$techlock' => [ 'techlock', t('Lock the technical skill level setting'), get_config('system','techlevel_lock'), t('Members can set their own technical comfort level by default') ],
+
+
+			'$banner'			=> array('banner', t("Banner/Logo"), $banner, ""),
+			'$admininfo'		=> array('admininfo', t("Administrator Information"), $admininfo, t("Contact information for site administrators.  Displayed on siteinfo page.  BBCode can be used here")),
+			'$language' 		=> array('language', t("System language"), get_config('system','language'), "", $lang_choices),
+			'$theme' 			=> array('theme', t("System theme"), get_config('system','theme'), t("Default system theme - may be over-ridden by user profiles - <a href='#' id='cnftheme'>change theme settings</a>"), $theme_choices),
+			'$theme_mobile' 	=> array('theme_mobile', t("Mobile system theme"), get_config('system','mobile_theme'), t("Theme for mobile devices"), $theme_choices_mobile),
+	//		'$site_channel' 	=> array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")),
+			'$feed_contacts'    => array('feed_contacts', t('Allow Feeds as Connections'),get_config('system','feed_contacts'),t('(Heavy system resource usage)')), 
+			'$maximagesize'		=> array('maximagesize', t("Maximum image size"), intval(get_config('system','maximagesize')), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")),
+			'$register_policy'	=> array('register_policy', t("Does this site allow new member registration?"), get_config('system','register_policy'), "", $register_choices),
+			'$invite_only'		=> array('invite_only', t("Invitation only"), get_config('system','invitation_only'), t("Only allow new member registrations with an invitation code. Above register policy must be set to Yes.")),
+			'$access_policy'	=> array('access_policy', t("Which best describes the types of account offered by this hub?"), get_config('system','access_policy'), "This is displayed on the public server site list.", $access_choices),
+			'$register_text'	=> array('register_text', t("Register text"), htmlspecialchars(get_config('system','register_text'), ENT_QUOTES, 'UTF-8'), t("Will be displayed prominently on the registration page.")),
+			'$frontpage'	=> array('frontpage', t("Site homepage to show visitors (default: login box)"), get_config('system','frontpage'), t("example: 'public' to show public stream, 'page/sys/home' to show a system webpage called 'home' or 'include:home.html' to include a file.")),
+			'$mirror_frontpage'	=> array('mirror_frontpage', t("Preserve site homepage URL"), get_config('system','mirror_frontpage'), t('Present the site homepage in a frame at the original location instead of redirecting')),
+			'$abandon_days'     => array('abandon_days', t('Accounts abandoned after x days'), get_config('system','account_abandon_days'), t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.')),
+			'$allowed_sites'	=> array('allowed_sites', t("Allowed friend domains"), get_config('system','allowed_sites'), t("Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains")),
+			'$verify_email'		=> array('verify_email', t("Verify Email Addresses"), get_config('system','verify_email'), t("Check to verify email addresses used in account registration (recommended).")),
+			'$force_publish'	=> array('publish_all', t("Force publish"), get_config('system','publish_all'), t("Check to force all profiles on this site to be listed in the site directory.")),
+			'$disable_discover_tab'	=> array('disable_discover_tab', t('Import Public Streams'), $discover_tab, t('Import and allow access to public content pulled from other sites. Warning: this content is unmoderated.')),
+			'$login_on_homepage'	=> array('login_on_homepage', t("Login on Homepage"),((intval($homelogin) || $homelogin === false) ? 1 : '') , t("Present a login box to visitors on the home page if no other content has been configured.")),
+			'$enable_context_help'	=> array('enable_context_help', t("Enable context help"),((intval($enable_context_help) === 1 || $enable_context_help === false) ? 1 : 0) , t("Display contextual help for the current page when the help button is pressed.")),
+	
+			'$directory_server' => (($dir_choices) ? array('directory_server', t("Directory Server URL"), get_config('system','directory_server'), t("Default directory server"), $dir_choices) : null),
+	
+			'$proxyuser'		=> array('proxyuser', t("Proxy user"), get_config('system','proxyuser'), ""),
+			'$proxy'			=> array('proxy', t("Proxy URL"), get_config('system','proxy'), ""),
+			'$timeout'			=> array('timeout', t("Network timeout"), (x(get_config('system','curl_timeout'))?get_config('system','curl_timeout'):60), t("Value is in seconds. Set to 0 for unlimited (not recommended).")),
+			'$delivery_interval'			=> array('delivery_interval', t("Delivery interval"), (x(get_config('system','delivery_interval'))?get_config('system','delivery_interval'):2), t("Delay background delivery processes by this many seconds to reduce system load. Recommend: 4-5 for shared hosts, 2-3 for virtual private servers. 0-1 for large dedicated servers.")),
+			'$delivery_batch_count' => array('delivery_batch_count', t('Deliveries per process'),(x(get_config('system','delivery_batch_count'))?get_config('system','delivery_batch_count'):1), t("Number of deliveries to attempt in a single operating system process. Adjust if necessary to tune system performance. Recommend: 1-5.")),
+			'$poll_interval'			=> array('poll_interval', t("Poll interval"), (x(get_config('system','poll_interval'))?get_config('system','poll_interval'):2), t("Delay background polling processes by this many seconds to reduce system load. If 0, use delivery interval.")),
+			'$maxloadavg'			=> array('maxloadavg', t("Maximum Load Average"), ((intval(get_config('system','maxloadavg')) > 0)?get_config('system','maxloadavg'):50), t("Maximum system load before delivery and poll processes are deferred - default 50.")),
+			'$default_expire_days' => array('default_expire_days', t('Expiration period in days for imported (grid/network) content'), intval(get_config('system','default_expire_days')), t('0 for no expiration of imported content')),
+			'$form_security_token' => get_form_security_token("admin_site"),
+		));
+	}
+	
+
+
+
+}

Zotlabs/Module/Admin/Themes.php

@@ -0,0 +1,233 @@
+<?php
+
+namespace Zotlabs\Module\Admin;
+
+
+class Themes {
+
+	function post() {
+
+		$theme = argv(2);
+		if (is_file("view/theme/$theme/php/config.php")){
+			require_once("view/theme/$theme/php/config.php");
+			// fixme add parent theme if derived
+			if (function_exists("theme_admin_post")){
+				theme_admin_post($a);
+			}
+		}
+		info(t('Theme settings updated.'));
+		if(is_ajax()) 
+			return;
+	
+		goaway(z_root() . '/admin/themes/' . $theme );
+	}
+
+
+	
+
+	
+	/**
+	 * @brief Themes admin page.
+	 *
+	 * @return string
+	 */
+
+	function get(){
+	
+		$allowed_themes_str = get_config('system', 'allowed_themes');
+		$allowed_themes_raw = explode(',', $allowed_themes_str);
+		$allowed_themes = array();
+		if(count($allowed_themes_raw))
+			foreach($allowed_themes_raw as $x)
+				if(strlen(trim($x)))
+					$allowed_themes[] = trim($x);
+	
+		$themes = array();
+		$files = glob('view/theme/*');
+		if($files) {
+			foreach($files as $file) {
+				$f = basename($file);
+				$is_experimental = intval(file_exists($file . '/.experimental'));
+				$is_supported = 1-(intval(file_exists($file . '/.unsupported'))); // Is not used yet
+				$is_allowed = intval(in_array($f,$allowed_themes));
+				$themes[] = array('name' => $f, 'experimental' => $is_experimental, 'supported' => $is_supported, 'allowed' => $is_allowed);
+			}
+		}
+	
+		if(! count($themes)) {
+			notice( t('No themes found.'));
+			return '';
+		}
+	
+		/*
+		 * Single theme
+		 */
+	
+		if (\App::$argc == 3){
+			$theme = \App::$argv[2];
+			if(! is_dir("view/theme/$theme")){
+				notice( t("Item not found.") );
+				return '';
+			}
+	
+			if (x($_GET,"a") && $_GET['a']=="t"){
+				check_form_security_token_redirectOnErr('/admin/themes', 'admin_themes', 't');
+	
+				// Toggle theme status
+	
+				$this->toggle_theme($themes, $theme, $result);
+				$s = $this->rebuild_theme_table($themes);
+				if($result)
+					info( sprintf('Theme %s enabled.', $theme));
+				else
+					info( sprintf('Theme %s disabled.', $theme));
+	
+				set_config('system', 'allowed_themes', $s);
+				goaway(z_root() . '/admin/themes' );
+			}
+	
+			// display theme details
+			require_once('library/markdown.php');
+	
+			if ($this->theme_status($themes,$theme)) {
+				$status="on"; $action= t("Disable");
+			} else {
+				$status="off"; $action= t("Enable");
+			}
+	
+			$readme=Null;
+			if (is_file("view/theme/$theme/README.md")){
+				$readme = file_get_contents("view/theme/$theme/README.md");
+				$readme = Markdown($readme);
+			} else if (is_file("view/theme/$theme/README")){
+				$readme = "<pre>". file_get_contents("view/theme/$theme/README") ."</pre>";
+			}
+	
+			$admin_form = '';
+			if (is_file("view/theme/$theme/php/config.php")){
+				require_once("view/theme/$theme/php/config.php");
+				if(function_exists("theme_admin")){
+					$admin_form = theme_admin($a);
+				}
+			}
+	
+			$screenshot = array( get_theme_screenshot($theme), t('Screenshot'));
+			if(! stristr($screenshot[0],$theme))
+				$screenshot = null;
+	
+			$t = get_markup_template('admin_plugins_details.tpl');
+			return replace_macros($t, array(
+				'$title' => t('Administration'),
+				'$page' => t('Themes'),
+				'$toggle' => t('Toggle'),
+				'$settings' => t('Settings'),
+				'$baseurl' => z_root(),
+			
+				'$plugin' => $theme,
+				'$status' => $status,
+				'$action' => $action,
+				'$info' => get_theme_info($theme),
+				'$function' => 'themes',
+				'$admin_form' => $admin_form,
+				'$str_author' => t('Author: '),
+				'$str_maintainer' => t('Maintainer: '),
+				'$screenshot' => $screenshot,
+				'$readme' => $readme,
+	
+				'$form_security_token' => get_form_security_token('admin_themes'),
+			));
+		}
+	
+		/*
+		 * List themes
+		 */
+	
+		$xthemes = array();
+		if($themes) {
+			foreach($themes as $th) {
+				$xthemes[] = array($th['name'],(($th['allowed']) ? "on" : "off"), get_theme_info($th['name']));
+			}
+		}
+	
+		$t = get_markup_template('admin_plugins.tpl');
+		return replace_macros($t, array(
+			'$title' => t('Administration'),
+			'$page' => t('Themes'),
+			'$submit' => t('Submit'),
+			'$baseurl' => z_root(),
+			'$function' => 'themes',
+			'$plugins' => $xthemes,
+			'$experimental' => t('[Experimental]'),
+			'$unsupported' => t('[Unsupported]'),
+			'$form_security_token' => get_form_security_token('admin_themes'),
+		));
+	}
+	
+
+
+	/**
+	 * @param array $themes
+	 * @param string $th
+	 * @param int $result
+	 */
+	function toggle_theme(&$themes, $th, &$result) {
+		for($x = 0; $x < count($themes); $x ++) {
+			if($themes[$x]['name'] === $th) {
+				if($themes[$x]['allowed']) {
+					$themes[$x]['allowed'] = 0;
+					$result = 0;
+				}
+				else {
+					$themes[$x]['allowed'] = 1;
+					$result = 1;
+				}
+			}
+		}
+	}
+	
+	/**
+	 * @param array $themes
+	 * @param string $th
+	 * @return int
+	 */
+	function theme_status($themes, $th) {
+		for($x = 0; $x < count($themes); $x ++) {
+			if($themes[$x]['name'] === $th) {
+				if($themes[$x]['allowed']) {
+					return 1;
+				}
+				else {
+					return 0;
+				}
+			}
+		}
+		return 0;
+	}
+	
+	
+	/**
+	 * @param array $themes
+	 * @return string
+	 */
+	function rebuild_theme_table($themes) {
+		$o = '';
+		if(count($themes)) {
+			foreach($themes as $th) {
+				if($th['allowed']) {
+					if(strlen($o))
+						$o .= ',';
+					$o .= $th['name'];
+				}
+			}
+		}
+		return $o;
+	}
+	
+
+
+
+
+
+
+
+}

Zotlabs/Module/Api.php

@@ -8,20 +8,15 @@ require_once('include/api.php');
 class Api extends \Zotlabs\Web\Controller {
 
 	function post() {
-	
 		if(! local_channel()) {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}
 	
-		if(count(\App::$user) && x(\App::$user,'uid') && \App::$user['uid'] != local_channel()) {
-			notice( t('Permission denied.') . EOL);
-			return;
-		}
-	
 	}
 	
-		function get() {
+	function get() {
+
 		if(\App::$cmd=='api/oauth/authorize'){
 	
 			/* 
@@ -33,7 +28,8 @@ class Api extends \Zotlabs\Web\Controller {
 			// get consumer/client from request token
 			try {
 				$request = OAuth1Request::from_request();
-			} catch(Exception $e) {
+			}
+			catch(\Exception $e) {
 				echo "<pre>"; var_dump($e); killme();
 			}
 			
@@ -41,17 +37,20 @@ class Api extends \Zotlabs\Web\Controller {
 			if(x($_POST,'oauth_yes')){
 			
 				$app = $this->oauth_get_client($request);
-				if (is_null($app)) return "Invalid request. Unknown token.";
+				if (is_null($app)) 
+					return "Invalid request. Unknown token.";
+
 				$consumer = new OAuth1Consumer($app['client_id'], $app['pw'], $app['redirect_uri']);
 	
 				$verifier = md5($app['secret'].local_channel());
 				set_config("oauth", $verifier, local_channel());
 				
 				
-				if($consumer->callback_url!=null) {
+				if($consumer->callback_url != null) {
 					$params = $request->get_parameters();
-					$glue="?";
-					if (strstr($consumer->callback_url,$glue)) $glue="?";
+					$glue = '?';
+					if(strstr($consumer->callback_url,$glue))
+						$glue = '?';
 					goaway($consumer->callback_url . $glue . "oauth_token=" . OAuth1Util::urlencode_rfc3986($params['oauth_token']) . "&oauth_verifier=" . OAuth1Util::urlencode_rfc3986($verifier));
 					killme();
 				}
@@ -59,7 +58,7 @@ class Api extends \Zotlabs\Web\Controller {
 				$tpl = get_markup_template("oauth_authorize_done.tpl");
 				$o = replace_macros($tpl, array(
 					'$title' => t('Authorize application connection'),
-					'$info' => t('Return to your app and insert this Securty Code:'),
+					'$info' => t('Return to your app and insert this Security Code:'),
 					'$code' => $verifier,
 				));
 			
@@ -72,14 +71,11 @@ class Api extends \Zotlabs\Web\Controller {
 				notice( t('Please login to continue.') . EOL );
 				return login(false,'api-login',$request->get_parameters());
 			}
-			//FKOAuth1::loginUser(4);
 			
 			$app = $this->oauth_get_client($request);
-			if (is_null($app)) return "Invalid request. Unknown token.";
-			
-			
-	
-			
+			if (is_null($app))
+				return "Invalid request. Unknown token.";
+						
 			$tpl = get_markup_template('oauth_authorize.tpl');
 			$o = replace_macros($tpl, array(
 				'$title' => t('Authorize application connection'),
@@ -94,29 +90,24 @@ class Api extends \Zotlabs\Web\Controller {
 			return $o;
 		}
 		
-		echo api_call($a);
+		echo api_call();
 		killme();
 	}
 
 	function oauth_get_client($request){
 
-	
 		$params = $request->get_parameters();
-		$token = $params['oauth_token'];
+		$token  = $params['oauth_token'];
 	
-		$r = q("SELECT `clients`.* 
-			FROM `clients`, `tokens` 
-			WHERE `clients`.`client_id`=`tokens`.`client_id` 
-			AND `tokens`.`id`='%s' AND `tokens`.`auth_scope`='request'",
-			dbesc($token));
+		$r = q("SELECT clients.* FROM clients, tokens WHERE clients.client_id = tokens.client_id 
+			AND tokens.id = '%s' AND tokens.auth_scope = 'request' ",
+			dbesc($token)
+		);
+		if($r)
+			return $r[0];
 
-		if (!count($r))
-			return null;
+		return null;
 	
-		return $r[0];
 	}
 	
-	
-	
-	
 }

Zotlabs/Module/Apps.php

@@ -1,7 +1,6 @@
 <?php
 namespace Zotlabs\Module;
 
-//require_once('include/apps.php');
 
 use \Zotlabs\Lib as Zlib;
 

Zotlabs/Module/Attach.php

@@ -14,7 +14,7 @@ class Attach extends \Zotlabs\Web\Controller {
 			return;
 		}
 	
-		$r = attach_by_hash(argv(1),((argc() > 2) ? intval(argv(2)) : 0));
+		$r = attach_by_hash(argv(1),get_observer_hash(),((argc() > 2) ? intval(argv(2)) : 0));
 	
 		if(! $r['success']) {
 			notice( $r['message'] . EOL);

Zotlabs/Module/Channel.php

@@ -120,8 +120,9 @@ class Channel extends \Zotlabs\Web\Controller {
 					'deny_gid' => $channel['channel_deny_gid']
 				);
 			}
-			else
-				$channel_acl = array(); 
+			else {
+				$channel_acl = [ 'allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '' ];
+			}
 
 
 			if($perms['post_wall']) {
@@ -133,13 +134,15 @@ class Channel extends \Zotlabs\Web\Controller {
 					'nickname' => \App::$profile['channel_address'],
 					'lockstate' => (((strlen(\App::$profile['channel_allow_cid'])) || (strlen(\App::$profile['channel_allow_gid'])) || (strlen(\App::$profile['channel_deny_cid'])) || (strlen(\App::$profile['channel_deny_gid']))) ? 'lock' : 'unlock'),
 					'acl' => (($is_owner) ? populate_acl($channel_acl,true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post') : ''),
+					'permissions' => $channel_acl,
 					'showacl' => (($is_owner) ? 'yes' : ''),
 					'bang' => '',
 					'visitor' => (($is_owner || $observer) ? true : false),
 					'profile_uid' => \App::$profile['profile_uid'],
 					'editor_autocomplete' => true,
 					'bbco_autocomplete' => 'bbcode',
-					'bbcode' => true
+					'bbcode' => true,
+					'jotnets' => true
         		);
 
         		$o .= status_editor($a,$x);
@@ -175,10 +178,11 @@ class Channel extends \Zotlabs\Web\Controller {
 
 			if($mid) {
 				$r = q("SELECT parent AS item_id from item where mid like '%s' and uid = %d $item_normal
-					AND item_wall = 1 AND item_unseen = 1 $sql_extra limit 1",
+					AND item_wall = 1 $simple_update $sql_extra limit 1",
 					dbesc($mid . '%'),
 					intval(\App::$profile['profile_uid'])
 				);
+				$_SESSION['loadtime'] = datetime_convert();
 			} 
 			else {
 				$r = q("SELECT distinct parent AS `item_id`, created from item
@@ -363,4 +367,4 @@ class Channel extends \Zotlabs\Web\Controller {
 
 		return $o;
 	}
-}
+}

Zotlabs/Module/Chat.php

@@ -218,14 +218,13 @@ class Chat extends \Zotlabs\Web\Controller {
 			notice( t('Feature disabled.') . EOL);
 			return $o;
 		}
-	
-	
+
 		$acl = new \Zotlabs\Access\AccessList($channel);
 		$channel_acl = $acl->get();
-	
+
 		$lockstate = (($channel_acl['allow_cid'] || $channel_acl['allow_gid'] || $channel_acl['deny_cid'] || $channel_acl['deny_gid']) ? 'lock' : 'unlock');
 		require_once('include/acl_selectors.php');
-		
+
 		$chatroom_new = '';
 		if(local_channel()) {
 			$chatroom_new = replace_macros(get_markup_template('chatroom_new.tpl'),array(
@@ -234,12 +233,16 @@ class Chat extends \Zotlabs\Web\Controller {
 				'$chat_expire' => array('chat_expire',t('Expiration of chats (minutes)'),120,''),
 				'$permissions' =>  t('Permissions'),
 				'$acl' => populate_acl($channel_acl,false),
+				'$allow_cid' => acl2json($channel_acl['allow_cid']),
+				'$allow_gid' => acl2json($channel_acl['allow_gid']),
+				'$deny_cid' => acl2json($channel_acl['deny_cid']),
+				'$deny_gid' => acl2json($channel_acl['deny_gid']),
 				'$lockstate' => $lockstate,
 				'$submit' => t('Submit')
 	
 			));
 		}
-	
+
 		$rooms = Zlib\Chatroom::roomlist(\App::$profile['profile_uid']);
 	
 		$o .= replace_macros(get_markup_template('chatrooms.tpl'), array(

Zotlabs/Module/Connect.php

@@ -60,13 +60,13 @@ class Connect extends \Zotlabs\Web\Controller {
 		$observer = \App::get_observer();
 		if(($observer) && ($_POST['submit'] === t('Continue'))) {
 			if($observer['xchan_follow'])
-				$url = sprintf($observer['xchan_follow'],urlencode(\App::$data['channel']['channel_address'] . '@' . \App::get_hostname())); 
+				$url = sprintf($observer['xchan_follow'],urlencode(channel_reddress(\App::$data['channel'])));
 			if(! $url) {
 				$r = q("select * from hubloc where hubloc_hash = '%s' order by hubloc_id desc limit 1",
 					dbesc($observer['xchan_hash'])
 				);
 				if($r)
-					$url = $r[0]['hubloc_url'] . '/follow?f=&url=' . urlencode(\App::$data['channel']['channel_address'] . '@' . \App::get_hostname()); 
+					$url = $r[0]['hubloc_url'] . '/follow?f=&url=' . urlencode(channel_reddress(\App::$data['channel']));
 			}
 		}
 		if($url)

Zotlabs/Module/Connedit.php

@@ -126,22 +126,42 @@ class Connedit extends \Zotlabs\Web\Controller {
 			$rating = 10;
 	
 		$rating_text = trim(escape_tags($_REQUEST['rating_text']));
-	
-		$abook_my_perms = 0;
-	
-		foreach($_POST as $k => $v) {
-			if(strpos($k,'perms_') === 0) {
-				$abook_my_perms += $v;
+		
+		$all_perms = \Zotlabs\Access\Permissions::Perms();
+
+		if($all_perms) {
+			foreach($all_perms as $perm => $desc) {
+				if(array_key_exists('perms_' . $perm, $_POST)) {
+					set_abconfig($channel['channel_id'],$orig_record[0]['abook_xchan'],'my_perms',$perm,
+						intval($_POST['perms_' . $perm]));
+					if($autoperms) {
+						set_pconfig($channel['channel_id'],'autoperms',$perm,intval($_POST['perms_' . $perm]));
+					}
+				}
+				else {
+					set_abconfig($channel['channel_id'],$orig_record[0]['abook_xchan'],'my_perms',$perm,0);
+					if($autoperms) {
+						set_pconfig($channel['channel_id'],'autoperms',$perm,0);
+					}
+				}
 			}
 		}
-	
+
+		if(! is_null($autoperms)) 
+			set_pconfig($channel['channel_id'],'system','autoperms',$autoperms);
+				
 		$new_friend = false;
 	
+		// only store a record and notify the directory if the rating changed
+
 		if(! $is_self) {
 	
 			$signed = $orig_record[0]['abook_xchan'] . '.' . $rating . '.' . $rating_text;
-	
 			$sig = base64url_encode(rsa_sign($signed,$channel['channel_prvkey']));
+
+			$rated = ((intval($rating) || strlen($rating_text)) ? true : false);
+	
+			$record = 0;
 	
 			$z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1",
 				dbesc($channel['channel_hash']),
@@ -149,17 +169,20 @@ class Connedit extends \Zotlabs\Web\Controller {
 			);
 	
 			if($z) {
-				$record = $z[0]['xlink_id'];
-				$w = q("update xlink set xlink_rating = '%d', xlink_rating_text = '%s', xlink_sig = '%s', xlink_updated = '%s'
-					where xlink_id = %d",
-					intval($rating),
-					dbesc($rating_text),
-					dbesc($sig),
-					dbesc(datetime_convert()),
-					intval($record)
-				);
+				if(($z[0]['xlink_rating'] != $rating) || ($z[0]['xlink_rating_text'] != $rating_text)) {
+					$record = $z[0]['xlink_id'];
+					$w = q("update xlink set xlink_rating = '%d', xlink_rating_text = '%s', xlink_sig = '%s', xlink_updated = '%s'
+						where xlink_id = %d",
+						intval($rating),
+						dbesc($rating_text),
+						dbesc($sig),
+						dbesc(datetime_convert()),
+						intval($record)
+					);
+				}
 			}
-			else {
+			elseif($rated) {
+				// only create a record if there's something to save
 				$w = q("insert into xlink ( xlink_xchan, xlink_link, xlink_rating, xlink_rating_text, xlink_sig, xlink_updated, xlink_static ) values ( '%s', '%s', %d, '%s', '%s', '%s', 1 ) ",
 					dbesc($channel['channel_hash']),
 					dbesc($orig_record[0]['abook_xchan']),
@@ -194,19 +217,25 @@ class Connedit extends \Zotlabs\Web\Controller {
 	
 			$role = get_pconfig(local_channel(),'system','permissions_role');
 			if($role) {
-				$x = get_role_perms($role);
-				if($x['perms_accept'])
-					$abook_my_perms = $x['perms_accept'];
+				$x = \Zotlabs\Access\PermissionRoles::role_perms($role);
+				if($x['perms_connect']) {
+					$abook_my_perms = $x['perms_connect'];
+				}
 			}
+
+			$filled_perms = \Zotlabs\Access\Permissions::FilledPerms($abook_my_perms);
+			foreach($filled_perms as $k => $v) {
+				set_abconfig($channel['channel_id'],$orig_record[0]['abook_xchan'],'my_perms',$k,$v);
+			}
+
 		}
-	
+
 		$abook_pending = (($new_friend) ? 0 : $orig_record[0]['abook_pending']);
 	
-		$r = q("UPDATE abook SET abook_profile = '%s', abook_my_perms = %d , abook_closeness = %d, abook_pending = %d,
+		$r = q("UPDATE abook SET abook_profile = '%s', abook_closeness = %d, abook_pending = %d,
 			abook_incl = '%s', abook_excl = '%s'
 			where abook_id = %d AND abook_channel = %d",
 			dbesc($profile_id),
-			intval($abook_my_perms),
 			intval($closeness),
 			intval($abook_pending),
 			dbesc($abook_incl),
@@ -227,10 +256,13 @@ class Connedit extends \Zotlabs\Web\Controller {
 			info( t('Connection updated.') . EOL);
 		else
 			notice( t('Failed to update connection record.') . EOL);
-	
-		if(\App::$poi && \App::$poi['abook_my_perms'] != $abook_my_perms
-			&& (! intval(\App::$poi['abook_self']))) {
-			\Zotlabs\Daemon\Master::Summon(array('Notifier', (($new_friend) ? 'permission_create' : 'permission_update'), $contact_id));
+
+		if(! intval(\App::$poi['abook_self'])) {
+			\Zotlabs\Daemon\Master::Summon( [ 
+				'Notifier', 
+				(($new_friend) ? 'permission_create' : 'permission_update'), 
+				$contact_id 
+			]);
 		}
 	
 		if($new_friend) {
@@ -304,9 +336,6 @@ class Connedit extends \Zotlabs\Web\Controller {
 			call_hooks('accept_follow', $arr);
 		}
 	
-		if(! is_null($autoperms))
-			set_pconfig(local_channel(),'system','autoperms',(($autoperms) ? $abook_my_perms : 0));
-	
 		$this->connedit_clone($a);
 	
 		if(($_REQUEST['pending']) && (!$_REQUEST['done']))
@@ -371,9 +400,9 @@ class Connedit extends \Zotlabs\Web\Controller {
 		$my_perms = get_channel_default_perms(local_channel());
 		$role = get_pconfig(local_channel(),'system','permissions_role');
 		if($role) {
-			$x = get_role_perms($role);
-			if($x['perms_accept'])
-				$my_perms = $x['perms_accept'];
+			$x = \Zotlabs\Access\PermissionRoles::role_perms($role);
+			if($x['perms_connect'])
+				$my_perms = $x['perms_connect'];
 		}
 	
 		$yes_no = array(t('No'),t('Yes'));
@@ -634,13 +663,9 @@ class Connedit extends \Zotlabs\Web\Controller {
 				$rating_text = $xl[0]['xlink_rating_text'];
 			}
 	
-			$poco_rating = get_config('system','poco_rating_enable');
+			$rating_enabled = get_config('system','rating_enabled');
 	
-			// if unset default to enabled
-			if($poco_rating === false)
-				$poco_rating = true;
-	
-			if($poco_rating) {
+			if($rating_enabled) {
 				$rating = replace_macros(get_markup_template('rating_slider.tpl'),array(
 					'$min' => -10,
 					'$val' => $rating_val
@@ -654,7 +679,8 @@ class Connedit extends \Zotlabs\Web\Controller {
 			$perms = array();
 			$channel = \App::get_channel();
 	
-			$global_perms = get_perms();
+			$global_perms = \Zotlabs\Access\Permissions::Perms();
+
 			$existing = get_all_perms(local_channel(),$contact['abook_xchan']);
 	
 			$unapproved = array('pending', t('Approve this connection'), '', t('Accept connection to allow communication'), array(t('No'),('Yes')));
@@ -670,16 +696,32 @@ class Connedit extends \Zotlabs\Web\Controller {
 			if($slide && $multiprofs)
 				$affinity = t('Set Affinity & Profile');
 	
+			$theirs = q("select * from abconfig where chan = %d and xchan = '%s' and cat = 'their_perms'",
+					intval(local_channel()),
+					dbesc($contact['abook_xchan'])
+			);
+			$their_perms = array();
+			if($theirs) {
+				foreach($theirs as $t) {
+					$their_perms[$t['k']] = $t['v'];
+				}
+			}
+
 			foreach($global_perms as $k => $v) {
-				$thisperm = (($contact['abook_my_perms'] & $v[1]) ? "1" : '');
-				$checkinherited = ((($channel[$v[0]]) && ($channel[$v[0]] != PERMS_SPECIFIC)) ? "1" : '');
+				$thisperm = get_abconfig(local_channel(),$contact['abook_xchan'],'my_perms',$k);
+//fixme
+				
+				$checkinherited = \Zotlabs\Access\PermissionLimits::Get(local_channel(),$k);
 	
 				// For auto permissions (when $self is true) we don't want to look at existing
 				// permissions because they are enabled for the channel owner
 				if((! $self) && ($existing[$k]))
 					$thisperm = "1";
+
+				
+
 	
-				$perms[] = array('perms_' . $k, $v[3], (($contact['abook_their_perms'] & $v[1]) ? "1" : ""),$thisperm, $v[1], (($channel[$v[0]] == PERMS_SPECIFIC) ? '' : '1'), $v[4], $checkinherited);
+				$perms[] = array('perms_' . $k, $v, ((array_key_exists($k,$their_perms)) ? intval($their_perms[$k]) : ''),$thisperm, 1, (($checkinherited & PERMS_SPECIFIC) ? '' : '1'), '', $checkinherited);
 			}
 	
 			$locstr = '';

Zotlabs/Module/Directory.php

@@ -84,10 +84,9 @@ class Directory extends \Zotlabs\Web\Controller {
 			$search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : '');
 	
 	
-		if(strpos($search,'=') && local_channel() && get_pconfig(local_channel(),'feature','expert'))
+		if(strpos($search,'=') && local_channel() && feature_enabled(local_channel(), 'advanced_dirsearch'))
 			$advanced = $search;
 	
-	
 		$keywords = (($_GET['keywords']) ? $_GET['keywords'] : '');
 	
 		// Suggest channels if no search terms or keywords are given
@@ -239,7 +238,9 @@ class Directory extends \Zotlabs\Web\Controller {
 	
 							$page_type = '';
 	
-							if($rr['total_ratings'])
+							$rating_enabled = get_config('system','rating_enabled');
+
+							if($rr['total_ratings'] && $rating_enabled)
 								$total_ratings = sprintf( tt("%d rating", "%d ratings", $rr['total_ratings']), $rr['total_ratings']);
 							else
 								$total_ratings = '';
@@ -264,6 +265,7 @@ class Directory extends \Zotlabs\Web\Controller {
 	
 							$keywords = ((x($profile,'keywords')) ? $profile['keywords'] : '');
 	
+
 							$out = '';
 	
 							if($keywords) {
@@ -312,7 +314,7 @@ class Directory extends \Zotlabs\Web\Controller {
 								'gender'   => $gender,
 								'total_ratings' => $total_ratings,
 								'viewrate' => true,
-								'canrate' => ((local_channel()) ? true : false),
+								'canrate' => (($rating_enabled && local_channel()) ? true : false),
 								'pdesc'	=> $pdesc,
 								'pdesc_label' => t('Description:'),
 								'marital'  => $marital,

Zotlabs/Module/Dirsearch.php

@@ -448,9 +448,9 @@ class Dirsearch extends \Zotlabs\Web\Controller {
 					$register = 'closed';
 	
 				if(strpos($rr['site_url'],'https://') !== false)
-					$ret['sites'][] = array('url' => $rr['site_url'], 'access' => $access, 'register' => $register, 'sellpage' => $rr['site_sellpage'], 'location' => $rr['site_location'], 'project' => $rr['site_project']);
+					$ret['sites'][] = array('url' => $rr['site_url'], 'access' => $access, 'register' => $register, 'sellpage' => $rr['site_sellpage'], 'location' => $rr['site_location'], 'project' => $rr['site_project'], 'version' => $rr['site_version']);
 				else
-					$insecure[] = array('url' => $rr['site_url'], 'access' => $access, 'register' => $register, 'sellpage' => $rr['site_sellpage'], 'location' => $rr['site_location'], 'project' => $rr['site_project']);
+					$insecure[] = array('url' => $rr['site_url'], 'access' => $access, 'register' => $register, 'sellpage' => $rr['site_sellpage'], 'location' => $rr['site_location'], 'project' => $rr['site_project'], 'version' => $rr['site_version']);
 			}
 			if($insecure) {
 				$ret['sites'] = array_merge($ret['sites'],$insecure);

Zotlabs/Module/Display.php

@@ -65,6 +65,7 @@ class Display extends \Zotlabs\Web\Controller {
 				'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
 	
 				'acl' => populate_acl($channel_acl),
+				'permissions' => $channel_acl,
 				'bang' => '',
 				'visitor' => true,
 				'profile_uid' => local_channel(),
@@ -72,7 +73,8 @@ class Display extends \Zotlabs\Web\Controller {
 				'expanded' => true,
 				'editor_autocomplete' => true,
 				'bbco_autocomplete' => 'bbcode',
-				'bbcode' => true
+				'bbcode' => true,
+				'jotnets' => true
 			);
 	
 			$o = '<div id="jot-popup">';

Zotlabs/Module/Dreport.php

@@ -74,7 +74,7 @@ class Dreport extends \Zotlabs\Web\Controller {
 	
 		if(! $r) {
 			notice( t('no results') . EOL);
-			return;
+//			return;
 		}
 		
 		for($x = 0; $x < count($r); $x++ ) {

Zotlabs/Module/Editpost.php

@@ -47,9 +47,9 @@ class Editpost extends \Zotlabs\Web\Controller {
 		if(intval($itm[0]['item_obscured'])) {
 			$key = get_config('system','prvkey');
 			if($itm[0]['title'])
-				$itm[0]['title'] = crypto_unencapsulate(json_decode_plus($itm[0]['title']),$key);
+				$itm[0]['title'] = crypto_unencapsulate(json_decode($itm[0]['title'],true),$key);
 			if($itm[0]['body'])
-				$itm[0]['body'] = crypto_unencapsulate(json_decode_plus($itm[0]['body']),$key);
+				$itm[0]['body'] = crypto_unencapsulate(json_decode($itm[0]['body'],true),$key);
 		}
 
 		$category = '';

Zotlabs/Module/Editwebpage.php

@@ -108,9 +108,9 @@ class Editwebpage extends \Zotlabs\Web\Controller {
 		if(intval($itm[0]['item_obscured'])) {
 			$key = get_config('system','prvkey');
 			if($itm[0]['title'])
-				$itm[0]['title'] = crypto_unencapsulate(json_decode_plus($itm[0]['title']),$key);
+				$itm[0]['title'] = crypto_unencapsulate(json_decode($itm[0]['title'],true),$key);
 			if($itm[0]['body'])
-				$itm[0]['body'] = crypto_unencapsulate(json_decode_plus($itm[0]['body']),$key);
+				$itm[0]['body'] = crypto_unencapsulate(json_decode($itm[0]['body'],true),$key);
 		}
 
 		$item_id = q("select * from iconfig where cat = 'system' and k = 'WEBPAGE' and iid = %d limit 1",
@@ -151,6 +151,7 @@ class Editwebpage extends \Zotlabs\Web\Controller {
 			'post_id' => $post_id,
 			'visitor' => ($is_owner) ? true : false,
 			'acl' => populate_acl($itm[0],false,\Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_pages')),
+			'permissions' => $itm[0],
 			'showacl' => ($is_owner) ? true : false,
 			'mimetype' => $mimetype,
 			'mimeselect' => true,

Zotlabs/Module/Embedphotos.php

@@ -39,9 +39,9 @@ class Embedphotos extends \Zotlabs\Web\Controller {
             json_return_and_die(array('errormsg' => 'Error retrieving link ' . $href, 'status' => false));
         }
         $resource_id = array_pop(explode("/", $href));
-        $r = q("SELECT obj from item where resource_type = 'photo' and resource_id = '%s' limit 1",
-			dbesc($resource_id)
-		);
+        $r = q("SELECT obj,body from item where resource_type = 'photo' and resource_id = '%s' limit 1",
+						dbesc($resource_id)
+					);
         if(!$r) {
             json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false));
         }
@@ -50,7 +50,9 @@ class Embedphotos extends \Zotlabs\Web\Controller {
             $photolink = $obj['body'];
         } elseif (x($obj,'bbcode')) {
             $photolink = $obj['bbcode'];
-        } else {
+        } elseif ($r[0]['body'] !== '') {
+						$photolink = $r[0]['body'];
+				}	else {
             json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false));
         }
         json_return_and_die(array('status' => true, 'photolink' => $photolink));
@@ -83,7 +85,7 @@ function embedphotos_widget_album($args) {
             return '';
 
     if($args['album'])
-            $album = $args['album'];
+            $album = (($args['album'] === '/') ? '' : $args['album'] );
     if($args['title'])
             $title = $args['title'];
 

Zotlabs/Module/Events.php

@@ -118,7 +118,7 @@ class Events extends \Zotlabs\Web\Controller {
 			goaway($onerror_url);
 		}
 	
-		$share = ((intval($_POST['share'])) ? intval($_POST['share']) : 0);
+		$share = ((intval($_POST['distr'])) ? intval($_POST['distr']) : 0);
 	
 		$channel = \App::get_channel();
 	
@@ -435,6 +435,10 @@ class Events extends \Zotlabs\Web\Controller {
 	
 			$acl = new \Zotlabs\Access\AccessList($channel);
 			$perm_defaults = $acl->get();
+
+			$permissions = ((x($orig_event)) ? $orig_event : $perm_defaults);
+
+			//print_r(acl2json($permissions['allow_gid'])); killme();
 	
 			$tpl = get_markup_template('event_form.tpl');
 	
@@ -465,12 +469,18 @@ class Events extends \Zotlabs\Web\Controller {
 				'$t_orig' => $t_orig,
 				'$sh_text' => t('Share this event'),
 				'$sh_checked' => $sh_checked,
-				'$share' => array('share', t('Share this event'), $sh_checked, '', array(t('No'),t('Yes'))),
+				'$share' => array('distr', t('Share this event'), $sh_checked, '', array(t('No'),t('Yes'))),
 				'$preview' => t('Preview'),
-				'$permissions' => t('Permission settings'),
+				'$perms_label' => t('Permission settings'),
 				// populating the acl dialog was a permission description from view_stream because Cal.php, which
 				// displays events, says "since we don't currently have an event permission - use the stream permission"
 				'$acl' => (($orig_event['event_xchan']) ? '' : populate_acl(((x($orig_event)) ? $orig_event : $perm_defaults), false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'))),
+
+				'$allow_cid' => acl2json($permissions['allow_cid']),
+				'$allow_gid' => acl2json($permissions['allow_gid']),
+				'$deny_cid' => acl2json($permissions['deny_cid']),
+				'$deny_gid' => acl2json($permissions['deny_gid']),
+
 				'$submit' => t('Submit'),
 				'$advanced' => t('Advanced Options')
 	

Zotlabs/Module/Fhublocs.php

@@ -42,7 +42,7 @@ class Fhublocs extends \Zotlabs\Web\Controller {
 				if($y)
 					$primary_address = $y[0]['xchan_addr'];
 	
-				$hub_address = $rr['channel']['channel_address'] . '@' . \App::get_hostname();
+				$hub_address = channel_reddress($rr['channel']);
 	
 			
 				$primary = (($hub_address === $primary_address) ? 1 : 0);
@@ -61,7 +61,7 @@ class Fhublocs extends \Zotlabs\Web\Controller {
 					dbesc($rr['channel_guid']),
 					dbesc($rr['channel_guid_sig']),
 					dbesc($rr['channel_hash']),
-					dbesc($rr['channel_address'] . '@' . \App::get_hostname()),
+					dbesc(channel_reddress($rr)),
 					intval($primary),
 					dbesc(z_root()),
 					dbesc(base64url_encode(rsa_sign(z_root(),$rr['channel_prvkey']))),

Zotlabs/Module/File_upload.php

@@ -0,0 +1,45 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/attach.php');
+require_once('include/channel.php');
+require_once('include/photos.php');
+
+
+class File_upload extends \Zotlabs\Web\Controller {
+
+	function post() {
+
+		// logger('file upload: ' . print_r($_REQUEST,true));
+	
+		$channel = (($_REQUEST['channick']) ? get_channel_by_nick($_REQUEST['channick']) : null);
+	
+		if(! $channel) {
+			logger('channel not found');
+			killme();
+		}
+	
+		$_REQUEST['source'] = 'file_upload';
+
+		if($channel['channel_id'] != local_channel()) {
+			$_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']);
+			$_REQUEST['group_allow']   = expand_acl($channel['channel_allow_gid']);
+			$_REQUEST['contact_deny']  = expand_acl($channel['channel_deny_cid']);
+			$_REQUEST['group_deny']    = expand_acl($channel['channel_deny_gid']);
+		}
+
+		if($_REQUEST['filename']) {
+			$_REQUEST['allow_cid'] = perms2str($_REQUEST['contact_allow']);
+			$_REQUEST['allow_gid'] = perms2str($_REQUEST['group_allow']);
+			$_REQUEST['deny_cid'] = perms2str($_REQUEST['contact_deny']);
+			$_REQUEST['deny_gid'] = perms2str($_REQUEST['group_deny']);
+			$r = attach_mkdir($channel,get_observer_hash(),$_REQUEST);
+		}
+		else {
+			$r = attach_store($channel,get_observer_hash(), '', $_REQUEST);
+		}
+		goaway(z_root() . '/' . $_REQUEST['return_url']);
+	
+	}
+	
+}

Zotlabs/Module/Filestorage.php

@@ -44,14 +44,14 @@ class Filestorage extends \Zotlabs\Web\Controller {
 		//get the object before permissions change so we can catch eventual former allowed members
 		$object = get_file_activity_object($channel_id, $resource, $cloudPath);
 	
-		attach_change_permissions($channel_id, $resource, $x['allow_cid'], $x['allow_gid'], $x['deny_cid'], $x['deny_gid'], $recurse);
+		attach_change_permissions($channel_id, $resource, $x['allow_cid'], $x['allow_gid'], $x['deny_cid'], $x['deny_gid'], $recurse, true);
 	
 		file_activity($channel_id, $object, $x['allow_cid'], $x['allow_gid'], $x['deny_cid'], $x['deny_gid'], 'post', $notify);
 	
 		goaway($cloudPath);
 	}
 	
-		function get() {
+	function get() {
 	
 		if(argc() > 1)
 			$which = argv(1);
@@ -141,7 +141,7 @@ class Filestorage extends \Zotlabs\Web\Controller {
 			// Encode path that is used for link so it's a valid URL
 			// Keep slashes as slashes, otherwise mod_rewrite doesn't work correctly
 			$encoded_path = str_replace('%2F', '/', rawurlencode($cloudpath));
-	
+
 			$o = replace_macros(get_markup_template('attach_edit.tpl'), array(
 				'$header' => t('Edit file permissions'),
 				'$file' => $f,
@@ -151,6 +151,10 @@ class Filestorage extends \Zotlabs\Web\Controller {
 				'$channelnick' => $channel['channel_address'],
 				'$permissions' => t('Permissions'),
 				'$aclselect' => $aclselect_e,
+				'$allow_cid' => acl2json($f['allow_cid']),
+				'$allow_gid' => acl2json($f['allow_gid']),
+				'$deny_cid' => acl2json($f['deny_cid']),
+				'$deny_gid' => acl2json($f['deny_gid']),
 				'$lockstate' => $lockstate,
 				'$permset' => t('Set/edit permissions'),
 				'$recurse' => array('recurse', t('Include all files and sub folders'), 0, '', array(t('No'), t('Yes'))),
@@ -161,7 +165,7 @@ class Filestorage extends \Zotlabs\Web\Controller {
 				'$submit' => t('Submit'),
 				'$attach_btn_title' => t('Share this file'),
 				'$link_btn_title' => t('Show URL to this file'),
-				'$notify' => array('notify', t('Notify your contacts about this file'), 0, '', array(t('No'), t('Yes')))
+				'$notify' => array('notify', t('Notify your contacts about this file'), 0, '', array(t('No'), t('Yes'))),
 			));
 	
 			echo $o;

Zotlabs/Module/Follow.php

@@ -47,12 +47,13 @@ class Follow extends \Zotlabs\Web\Controller {
 		if($abconfig)
 			$clone['abconfig'] = $abconfig;
 	
-		build_sync_packet(0 /* use the current local_channel */, array('abook' => array($clone)));
+		build_sync_packet(0 /* use the current local_channel */, array('abook' => array($clone)), true);
 	
+		$can_view_stream = intval(get_abconfig($channel['channel_id'],$clone['abook_xchan'],'their_perms','view_stream'));
 	
 		// If we can view their stream, pull in some posts
 	
-		if(($result['abook']['abook_their_perms'] & PERMS_R_STREAM) || ($result['abook']['xchan_network'] === 'rss'))
+		if(($can_view_stream) || ($result['abook']['xchan_network'] === 'rss'))
 			\Zotlabs\Daemon\Master::Summon(array('Onepoll',$result['abook']['abook_id']));
 	
 		goaway(z_root() . '/connedit/' . $result['abook']['abook_id'] . '?f=&follow=1');

Zotlabs/Module/Getfile.php

@@ -27,10 +27,12 @@ require_once('include/attach.php');
 class Getfile extends \Zotlabs\Web\Controller {
 
 	function post() {
+
+		logger('post: ' . print_r($_POST,true),LOGGER_DEBUG,LOG_INFO);
 	
-		$hash = $_POST['hash'];
-		$time = $_POST['time'];
-		$sig = $_POST['signature'];
+		$hash     = $_POST['hash'];
+		$time     = $_POST['time'];
+		$sig      = $_POST['signature'];
 		$resource = $_POST['resource'];
 		$revision = intval($_POST['revision']);
 	
@@ -38,9 +40,11 @@ class Getfile extends \Zotlabs\Web\Controller {
 			killme();
 	
 		$channel = channelx_by_hash($hash);
-	
-		if((! $channel) || (! $time) || (! $sig))
+
+		if((! $channel) || (! $time) || (! $sig)) {
+			logger('error: missing info');
 			killme();
+		}
 	
 		$slop = intval(get_pconfig($channel['channel_id'],'system','getfile_time_slop'));
 		if($slop < 1)
@@ -58,16 +62,15 @@ class Getfile extends \Zotlabs\Web\Controller {
 			logger('verify failed.');
 			killme();
 		}
-	
-	
-		$r = attach_by_hash($resource,$revision);
+		
+		$r = attach_by_hash($resource,$channel['channel_hash'],$revision);
 	
 		if(! $r['success']) {
+			logger('attach_by_hash failed: ' . $r['message']);
 			notice( $r['message'] . EOL);
 			return;
 		}
-		
-	
+			
 		$unsafe_types = array('text/html','text/css','application/javascript');
 	
 		if(in_array($r['data']['filetype'],$unsafe_types)) {
@@ -76,10 +79,10 @@ class Getfile extends \Zotlabs\Web\Controller {
 		else {
 			header('Content-type: ' . $r['data']['filetype']);
 		}
-	
+
 		header('Content-disposition: attachment; filename="' . $r['data']['filename'] . '"');
 		if(intval($r['data']['os_storage'])) {
-			$fname = dbunescbin($r['data']['data']);
+			$fname = dbunescbin($r['data']['content']);
 			if(strpos($fname,'store') !== false)
 				$istream = fopen($fname,'rb');
 			else
@@ -91,11 +94,9 @@ class Getfile extends \Zotlabs\Web\Controller {
 				fclose($ostream);
 			}
 		}
-		else
-			echo dbunescbin($r['data']['data']);
+		else {
+			echo dbunescbin($r['data']['content']);
+		}
 		killme();
-	
-	
-	
 	}
 }

Zotlabs/Module/Group.php

@@ -101,7 +101,7 @@ class Group extends \Zotlabs\Web\Controller {
 			check_form_security_token_redirectOnErr('/group', 'group_drop', 't');
 			
 			if(intval(argv(2))) {
-				$r = q("SELECT `name` FROM `groups` WHERE `id` = %d AND `uid` = %d LIMIT 1",
+				$r = q("SELECT `gname` FROM `groups` WHERE `id` = %d AND `uid` = %d LIMIT 1",
 					intval(argv(2)),
 					intval(local_channel())
 				);

Zotlabs/Module/Help.php

@@ -17,6 +17,7 @@ require_once('include/help.php');
 class Help extends \Zotlabs\Web\Controller {
 
 	function get() {
+
 		nav_set_selected('help');
 	
 		if($_REQUEST['search']) {
@@ -31,13 +32,14 @@ class Help extends \Zotlabs\Web\Controller {
 			if($r) {
 				$o .= '<ul class="help-searchlist">';
 				foreach($r as $rr) {
-					$dirname = dirname($rr['sid']);
-					$fname = basename($rr['sid']);
+					$dirname = dirname($rr['v']);
+					$fname = basename($rr['v']);
 					$fname = substr($fname,0,strrpos($fname,'.'));
 					$path = trim(substr($dirname,4),'/');
 	
-					$o .= '<li><a href="help/' . (($path) ? $path . '/' : '') . $fname . '" >' . ucwords(str_replace('_',' ',notags($fname))) . '</a><br />' . 
-					str_replace('$Projectname',\Zotlabs\Lib\System::get_platform_name(),substr($rr['text'],0,200)) . '...<br /><br /></li>';
+					$o .= '<li><a href="help/' . (($path) ? $path . '/' : '') . $fname . '" >' . ucwords(str_replace('_',' ',notags($fname))) . '</a><br />'
+						. '<b><i>' . 'help/' . (($path) ? $path . '/' : '') . $fname . '</i></b><br />' .
+					'...' . str_replace('$Projectname',\Zotlabs\Lib\System::get_platform_name(),$rr['text']) . '...<br /><br /></li>';
 	
 				}
 				$o .= '</ul>';
@@ -47,100 +49,18 @@ class Help extends \Zotlabs\Web\Controller {
 			return $o;
 		}
 	
-	
-		global $lang;
-	
-		$doctype = 'markdown';
-	
-		$text = '';
-	
-		if(argc() > 1) {
-			$path = '';
-			for($x = 1; $x < argc(); $x ++) {
-				if(strlen($path))
-					$path .= '/';
-				$path .= argv($x);
-			}
-			$title = basename($path);
-	
-			$text = load_doc_file('doc/' . $path . '.md');
-			\App::$page['title'] = t('Help:') . ' ' . ucwords(str_replace('-',' ',notags($title)));
-	
-			if(! $text) {
-				$text = load_doc_file('doc/' . $path . '.bb');
-				if($text)
-					$doctype = 'bbcode';
-				\App::$page['title'] = t('Help:') . ' ' . ucwords(str_replace('_',' ',notags($title)));
-			}
-			if(! $text) {
-				$text = load_doc_file('doc/' . $path . '.html');
-				if($text)
-					$doctype = 'html';
-				\App::$page['title'] = t('Help:') . ' ' . ucwords(str_replace('-',' ',notags($title)));
-			}
-		}
-	
-		if(! $text) {
-			$text = load_doc_file('doc/Site.md');
-			\App::$page['title'] = t('Help');
-		}
-		if(! $text) {
-			$doctype = 'bbcode';
-			$text = load_doc_file('doc/main.bb');
-			\App::$page['title'] = t('Help');
-		}
-		
-		if(! strlen($text)) {
-			header($_SERVER["SERVER_PROTOCOL"] . ' 404 ' . t('Not Found'));
-			$tpl = get_markup_template("404.tpl");
-			return replace_macros($tpl, array(
-				'$message' =>  t('Page not found.' )
-			));
-		}
-	
-		if($doctype === 'html')
-			$content = $text;
-		if($doctype === 'markdown')	{
-			require_once('library/markdown.php');
-			# escape #include tags
-			$text = preg_replace('/#include/ism', '%%include', $text);
-			$content = Markdown($text);
-			$content = preg_replace('/%%include/ism', '#include', $content);
-		}
-		if($doctype === 'bbcode') {
-			require_once('include/bbcode.php');
-			$content = bbcode($text);
-			// bbcode retargets external content to new windows. This content is internal.
-			$content = str_replace(' target="_blank"','',$content);		
-		} 
-	
-		$content = preg_replace_callback("/#include (.*?)\;/ism", 'self::preg_callback_help_include', $content);
-	
+
+		$content =  get_help_content();
+
+
 		return replace_macros(get_markup_template("help.tpl"), array(
 			'$title' => t('$Projectname Documentation'),
-			'$content' => translate_projectname($content)
+			'$content' => $content
 		));
 	
 	}
 	
 	
-	private static function preg_callback_help_include($matches) {
-	
-		if($matches[1]) {
-			$include = str_replace($matches[0],load_doc_file($matches[1]),$matches[0]);
-			if(preg_match('/\.bb$/', $matches[1]) || preg_match('/\.txt$/', $matches[1])) {
-				require_once('include/bbcode.php');
-				$include = bbcode($include);
-				$include = str_replace(' target="_blank"','',$include);		
-			} 
-			elseif(preg_match('/\.md$/', $matches[1])) {
-				require_once('library/markdown.php');
-				$include = Markdown($include);
-			}
-			return $include;
-		}
-	
-	}
 	
 	
 }

Zotlabs/Module/Id.php

@@ -1,319 +0,0 @@
-<?php
-namespace Zotlabs\Module;
-
-/**
- * @file mod/id.php
- * @brief OpenID implementation
- */
-
-require 'library/openid/provider/provider.php';
-
-
-$attrMap = array(
-	'namePerson/first'       => t('First Name'),
-	'namePerson/last'        => t('Last Name'),
-	'namePerson/friendly'    => t('Nickname'),
-	'namePerson'             => t('Full Name'),
-	'contact/internet/email' => t('Email'),
-	'contact/email'          => t('Email'),
-	'media/image/aspect11'   => t('Profile Photo'),
-	'media/image'            => t('Profile Photo'),
-	'media/image/default'    => t('Profile Photo'),
-	'media/image/16x16'      => t('Profile Photo 16px'),
-	'media/image/32x32'      => t('Profile Photo 32px'),
-	'media/image/48x48'      => t('Profile Photo 48px'),
-	'media/image/64x64'      => t('Profile Photo 64px'),
-	'media/image/80x80'      => t('Profile Photo 80px'),
-	'media/image/128x128'    => t('Profile Photo 128px'),
-	'timezone'               => t('Timezone'),
-	'contact/web/default'    => t('Homepage URL'),
-	'language/pref'          => t('Language'),
-	'birthDate/birthYear'    => t('Birth Year'),
-	'birthDate/birthMonth'   => t('Birth Month'),
-	'birthDate/birthday'     => t('Birth Day'),
-	'birthDate'              => t('Birthdate'),
-	'gender'                 => t('Gender'),
-);
-
-
-/**
- * @brief Entrypoint for the OpenID implementation.
- *
- * @param App &$a
- */
-
-class Id extends \Zotlabs\Web\Controller {
-
-	function init() {
-	
-		logger('id: ' . print_r($_REQUEST, true));
-	
-		if(argc() > 1) {
-			$which = argv(1);
-		} else {
-			\App::$error = 404;
-			return;
-		}
-	
-		$profile = '';
-		$channel = \App::get_channel();
-		profile_load($which,$profile);
-	
-		$op = new MysqlProvider;
-		$op->server();
-	}
-	
-	/**
-	 * @brief Returns user data needed for OpenID.
-	 *
-	 * If no $handle is provided we will use local_channel() by default.
-	 *
-	 * @param string $handle (default null)
-	 * @return boolean|array
-	 */
-	static public function getUserData($handle = null) {
-		if (! local_channel()) {
-			notice( t('Permission denied.') . EOL);
-			\App::$page['content'] =  login();
-	
-			return false;
-		}
-	
-	//	logger('handle: ' . $handle);
-	
-		if ($handle) {
-			$r = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_address = '%s' limit 1",
-				dbesc($handle)
-			);
-		} else {
-			$r = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_id = %d",
-				intval(local_channel())
-			);
-		}
-	
-		if (! r)
-			return false;
-	
-		$x = q("select * from account where account_id = %d limit 1", 
-			intval($r[0]['channel_account_id'])
-		);
-		if ($x)
-			$r[0]['email'] = $x[0]['account_email'];
-	
-		$p = q("select * from profile where is_default = 1 and uid = %d limit 1",
-			intval($r[0]['channel_account_id'])
-		);
-	
-		$gender = '';
-		if ($p[0]['gender'] == t('Male'))
-			$gender = 'M';
-		if ($p[0]['gender'] == t('Female'))
-			$gender = 'F';
-	
-		$r[0]['firstName'] = ((strpos($r[0]['channel_name'],' ')) ? substr($r[0]['channel_name'],0,strpos($r[0]['channel_name'],' ')) : $r[0]['channel_name']);
-		$r[0]['lastName'] = ((strpos($r[0]['channel_name'],' ')) ? substr($r[0]['channel_name'],strpos($r[0]['channel_name'],' ')+1) : '');
-		$r[0]['namePerson'] = $r[0]['channel_name'];
-		$r[0]['pphoto'] = $r[0]['xchan_photo_l'];
-		$r[0]['pphoto16'] = z_root() . '/photo/profile/16/' . $r[0]['channel_id'] . '.jpg';
-		$r[0]['pphoto32'] = z_root() . '/photo/profile/32/' . $r[0]['channel_id'] . '.jpg';
-		$r[0]['pphoto48'] = z_root() . '/photo/profile/48/' . $r[0]['channel_id'] . '.jpg';
-		$r[0]['pphoto64'] = z_root() . '/photo/profile/64/' . $r[0]['channel_id'] . '.jpg';
-		$r[0]['pphoto80'] = z_root() . '/photo/profile/80/' . $r[0]['channel_id'] . '.jpg';
-		$r[0]['pphoto128'] = z_root() . '/photo/profile/128/' . $r[0]['channel_id'] . '.jpg';
-		$r[0]['timezone'] = $r[0]['channel_timezone'];
-		$r[0]['url'] = $r[0]['xchan_url'];
-		$r[0]['language'] = (($x[0]['account_language']) ? $x[0]['account_language'] : 'en');
-		$r[0]['birthyear'] = ((intval(substr($p[0]['dob'],0,4))) ? intval(substr($p[0]['dob'],0,4)) : '');
-		$r[0]['birthmonth'] = ((intval(substr($p[0]['dob'],5,2))) ? intval(substr($p[0]['dob'],5,2)) : '');
-		$r[0]['birthday'] = ((intval(substr($p[0]['dob'],8,2))) ? intval(substr($p[0]['dob'],8,2)) : '');
-		$r[0]['birthdate'] = (($r[0]['birthyear'] && $r[0]['birthmonth'] && $r[0]['birthday']) ? $p[0]['dob'] : '');
-		$r[0]['gender'] = $gender;
-	
-		return $r[0];
-	
-	/*
-	*    if(isset($_POST['login'],$_POST['password'])) {
-	*        $login = mysql_real_escape_string($_POST['login']);
-	*        $password = sha1($_POST['password']);
-	*        $q = mysql_query("SELECT * FROM Users WHERE login = '$login' AND password = '$password'");
-	*        if($data = mysql_fetch_assoc($q)) {
-	*            return $data;
-	*        }
-	*        if($handle) {
-	*            echo 'Wrong login/password.';
-	*        }
-	*    }
-	*    if($handle) {
-	*    ?>
-	*    <form action="" method="post">
-	*    <input type="hidden" name="openid.assoc_handle" value="<?php
-namespace Zotlabs\Module; echo $handle?>">
-	*    Login: <input type="text" name="login"><br>
-	*    Password: <input type="password" name="password"><br>
-	*    <button>Submit</button>
-	*    </form>
-	*    <?php
-namespace Zotlabs\Module;
-	*    die();
-	*    }
-	*/
-	
-	}
-}
-	
-	
-	/**
-	 * @brief MySQL provider for OpenID implementation.
-	 *
-	 */
-	class MysqlProvider extends \LightOpenIDProvider {
-	
-		// See http://openid.net/specs/openid-attribute-properties-list-1_0-01.html
-		// This list contains a few variations of these attributes to maintain 
-		// compatibility with legacy clients
-	
-		private $attrFieldMap = array(
-			'namePerson/first'       => 'firstName',
-			'namePerson/last'        => 'lastName',
-			'namePerson/friendly'    => 'channel_address',
-			'namePerson'             => 'namePerson',
-			'contact/internet/email' => 'email',
-			'contact/email'          => 'email',
-			'media/image/aspect11'   => 'pphoto',
-			'media/image'            => 'pphoto',
-			'media/image/default'    => 'pphoto',
-			'media/image/16x16'      => 'pphoto16',
-			'media/image/32x32'      => 'pphoto32',
-			'media/image/48x48'      => 'pphoto48',
-			'media/image/64x64'      => 'pphoto64',
-			'media/image/80x80'      => 'pphoto80',
-			'media/image/128x128'    => 'pphoto128',
-			'timezone'               => 'timezone',
-			'contact/web/default'    => 'url',
-			'language/pref'          => 'language',
-			'birthDate/birthYear'    => 'birthyear',
-			'birthDate/birthMonth'   => 'birthmonth',
-			'birthDate/birthday'     => 'birthday',
-			'birthDate'              => 'birthdate',
-			'gender'                 => 'gender',
-		);
-	
-		function setup($identity, $realm, $assoc_handle, $attributes) {
-			global $attrMap;
-	
-	//		logger('identity: ' . $identity);
-	//		logger('realm: ' . $realm);
-	//		logger('assoc_handle: ' . $assoc_handle);
-	//		logger('attributes: ' . print_r($attributes,true));
-	
-			$data = \Zotlabs\Module\Id::getUserData($assoc_handle);
-	
-	
-	/** @FIXME this needs to be a template with localised strings */
-	
-	        $o .= '<form action="" method="post">'
-	           . '<input type="hidden" name="openid.assoc_handle" value="' . $assoc_handle . '">'
-	           . '<input type="hidden" name="login" value="' . $_POST['login'] .'">'
-	           . '<input type="hidden" name="password" value="' . $_POST['password'] .'">'
-	           . "<b>$realm</b> wishes to authenticate you.";
-	        if($attributes['required'] || $attributes['optional']) {
-	            $o .= " It also requests following information (required fields marked with *):"
-	               . '<ul>';
-	
-	            foreach($attributes['required'] as $attr) {
-	                if(isset($this->attrMap[$attr])) {
-	                    $o .= '<li>'
-	                       . '<input type="checkbox" name="attributes[' . $attr . ']"> '
-	                       . $this->attrMap[$attr] . ' <span class="required">*</span></li>';
-	                }
-	            }
-	
-	            foreach($attributes['optional'] as $attr) {
-	                if(isset($this->attrMap[$attr])) {
-	                    $o .= '<li>'
-	                       . '<input type="checkbox" name="attributes[' . $attr . ']"> '
-	                       . $this->attrMap[$attr] . '</li>';
-	                }
-	            }
-	            $o .= '</ul>';
-	        }
-	        $o .= '<br>'
-	           . '<button name="once">Allow once</button> '
-	           . '<button name="always">Always allow</button> '
-	           . '<button name="cancel">cancel</button> '
-	           . '</form>';
-	
-			\App::$page['content'] .= $o;
-		}
-	
-		function checkid($realm, &$attributes) {
-	
-			logger('checkid: ' . $realm);
-			logger('checkid attrs: ' . print_r($attributes,true));
-	
-			if(isset($_POST['cancel'])) {
-				$this->cancel();
-			}
-	
-			$data = \Zotlabs\Module\Id::getUserData();
-			if(! $data) {
-				return false;
-			}
-	
-			$q = get_pconfig(local_channel(), 'openid', $realm);
-	
-			$attrs = array();
-			if($q) {
-				$attrs = $q;
-	        } elseif(isset($_POST['attributes'])) {
-	            $attrs = array_keys($_POST['attributes']);
-	        } elseif(!isset($_POST['once']) && !isset($_POST['always'])) {
-	            return false;
-	        }
-	
-	        $attributes = array();
-	        foreach($attrs as $attr) {
-	            if(isset($this->attrFieldMap[$attr])) {
-	                $attributes[$attr] = $data[$this->attrFieldMap[$attr]];
-	            }
-	        }
-	
-			if(isset($_POST['always'])) {
-				set_pconfig(local_channel(),'openid',$realm,array_keys($attributes));
-			}
-	
-			return z_root() . '/id/' . $data['channel_address'];
-		}
-	
-		function assoc_handle() {
-			logger('assoc_handle');
-			$channel = \App::get_channel();
-	
-			return z_root() . '/channel/' . $channel['channel_address']; 
-		}
-	
-		function setAssoc($handle, $data) {
-			logger('setAssoc');
-			$channel = channelx_by_nick(basename($handle));
-			if($channel)
-				set_pconfig($channel['channel_id'],'openid','associate',$data);
-		}
-	
-		function getAssoc($handle) {
-			logger('getAssoc: ' . $handle);
-	
-			$channel = channelx_by_nick(basename($handle));
-			if($channel)
-				return get_pconfig($channel['channel_id'], 'openid', 'associate');
-	
-			return false;
-		}
-	
-		function delAssoc($handle) {
-			logger('delAssoc');
-			$channel = channelx_by_nick(basename($handle));
-			if($channel)
-				return del_pconfig($channel['channel_id'], 'openid', 'associate');
-		}
-	}
-	

Zotlabs/Module/Impel.php

@@ -88,7 +88,11 @@ class Impel extends \Zotlabs\Web\Controller {
 					foreach($j['items'] as $it) {
 						$mitem = array();
 	
+						$mitem['mitem_link'] = str_replace('[channelurl]',z_root() . '/channel/' . $channel['channel_address'],$it['link']);
+						$mitem['mitem_link'] = str_replace('[pageurl]',z_root() . '/page/' . $channel['channel_address'],$it['link']);
+						$mitem['mitem_link'] = str_replace('[cloudurl]',z_root() . '/cloud/' . $channel['channel_address'],$it['link']);
 						$mitem['mitem_link'] = str_replace('[baseurl]',z_root(),$it['link']);
+
 						$mitem['mitem_desc'] = escape_tags($it['desc']);
 						$mitem['mitem_order'] = intval($it['order']);
 						if(is_array($it['flags'])) {

Zotlabs/Module/Import.php

@@ -8,6 +8,7 @@ namespace Zotlabs\Module;
 require_once('include/zot.php');
 require_once('include/channel.php');
 require_once('include/import.php');
+require_once('include/perm_upgrade.php');
 
 
 
@@ -208,7 +209,7 @@ class Import extends \Zotlabs\Web\Controller {
 				dbesc($channel['channel_guid']),
 				dbesc($channel['channel_guid_sig']),
 				dbesc($channel['channel_hash']),
-				dbesc($channel['channel_address'] . '@' . \App::get_hostname()),
+				dbesc(channel_reddress($channel)),
 				dbesc('zot'),
 				intval(($seize) ? 1 : 0),
 				dbesc(z_root()),
@@ -251,7 +252,7 @@ class Import extends \Zotlabs\Web\Controller {
 					dbesc(z_root() . "/photo/profile/l/" . $channel['channel_id']),
 					dbesc(z_root() . "/photo/profile/m/" . $channel['channel_id']),
 					dbesc(z_root() . "/photo/profile/s/" . $channel['channel_id']),
-					dbesc($channel['channel_address'] . '@' . \App::get_hostname()),
+					dbesc(channel_reddress($channel)),
 					dbesc(z_root() . '/channel/' . $channel['channel_address']),
 					dbesc(z_root() . '/follow?f=&url=%s'),
 					dbesc(z_root() . '/poco/' . $channel['channel_address']),
@@ -339,6 +340,8 @@ class Import extends \Zotlabs\Web\Controller {
 			$abooks = $data['abook'];
 			if($abooks) {
 				foreach($abooks as $abook) {
+
+					$abook_copy = $abook;
 	
 					$abconfig = null;
 					if(array_key_exists('abconfig',$abook) && is_array($abook['abconfig']) && count($abook['abconfig']))
@@ -347,6 +350,10 @@ class Import extends \Zotlabs\Web\Controller {
 					unset($abook['abook_id']);
 					unset($abook['abook_rating']);
 					unset($abook['abook_rating_text']);
+					unset($abook['abconfig']);
+					unset($abook['abook_their_perms']);
+					unset($abook['abook_my_perms']);
+
 					$abook['abook_account'] = $account_id;
 					$abook['abook_channel'] = $channel['channel_id'];
 					if(! array_key_exists('abook_blocked',$abook)) {
@@ -385,6 +392,8 @@ class Import extends \Zotlabs\Web\Controller {
 					$friends ++;
 					if(intval($abook['abook_feed']))
 						$feeds ++;
+
+					translate_abook_perms_inbound($channel,$abook_copy);
 	
 					if($abconfig) {
 						// @fixme does not handle sync of del_abconfig

Zotlabs/Module/Invite.php

@@ -59,12 +59,15 @@ class Invite extends \Zotlabs\Web\Controller {
 	
 			$account = \App::get_account();
 	
-	
-			$res = mail($recip, sprintf( t('Please join us on $Projectname'), \App::$config['sitename']),
-				$nmessage,
-				"From: " . $account['account_email'] . "\n"
-				. 'Content-type: text/plain; charset=UTF-8' . "\n"
-				. 'Content-transfer-encoding: 8bit' );
+			$res = z_mail(
+				[ 
+				'toEmail'        => $recip,
+				'fromName'       => ' ',
+				'fromEmail'      => $account['account_email'],
+				'messageSubject' => t('Please join us on $Projectname'),
+				'textVersion'    => $nmessage,
+				]
+			);
 	
 			if($res) {
 				$total ++;

Zotlabs/Module/Item.php

@@ -20,6 +20,8 @@ namespace Zotlabs\Module;
 require_once('include/crypto.php');
 require_once('include/items.php');
 require_once('include/attach.php');
+require_once('include/bbcode.php');
+
 
 use \Zotlabs\Lib as Zlib;
 
@@ -81,6 +83,7 @@ class Item extends \Zotlabs\Web\Controller {
 		$api_source = ((x($_REQUEST,'api_source') && $_REQUEST['api_source']) ? true : false);
 	
 		$consensus = intval($_REQUEST['consensus']);
+		$nocomment = intval($_REQUEST['nocomment']);
 	
 		// 'origin' (if non-zero) indicates that this network is where the message originated,
 		// for the purpose of relaying comments to other conversation members. 
@@ -318,9 +321,11 @@ class Item extends \Zotlabs\Web\Controller {
 		}
 	
 		$acl = new \Zotlabs\Access\AccessList($channel);
+
+		$view_policy = \Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_stream');	
+		$comment_policy = \Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'post_comments');
 	
-			
-		$public_policy = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope($channel['channel_r_stream'],true));
+		$public_policy = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope($view_policy,true));
 		if($webpage)
 			$public_policy = '';
 		if($public_policy)
@@ -528,11 +533,11 @@ class Item extends \Zotlabs\Web\Controller {
 	
 	
 			if((! $parent) && (get_pconfig($profile_uid,'system','tagifonlyrecip')) && (substr_count($str_contact_allow,'<') == 1) && ($str_group_allow == '') && ($str_contact_deny == '') && ($str_group_deny == '')) {
-				$x = q("select abook_id, abook_their_perms from abook where abook_xchan = '%s' and abook_channel = %d limit 1",
+				$x = q("select abook_id, abconfig.v from abook left join abconfig on abook_xchan = abconfig.xchan and abook_channel = abconfig.chan and cat= 'their_perms' and abconfig.k = 'tag_deliver' and abconfig.v = 1 and abook_xchan = '%s' and abook_channel = %d limit 1",
 					dbesc(str_replace(array('<','>'),array('',''),$str_contact_allow)),
 					intval($profile_uid)
 				);
-				if($x && ($x[0]['abook_their_perms'] & PERMS_W_TAGWALL))
+				if($x)
 					$body .= "\n\n@group+" . $x[0]['abook_id'] . "\n";
 			}
 	
@@ -547,6 +552,8 @@ class Item extends \Zotlabs\Web\Controller {
 			$body = preg_replace_callback('/\[url(.*?)\[\/(url)\]/ism','\red_escape_codeblock',$body);
 			$body = preg_replace_callback('/\[zrl(.*?)\[\/(zrl)\]/ism','\red_escape_codeblock',$body);
 	
+
+			$body = preg_replace_callback("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\+\,]+)/ism", 'nakedoembed', $body);
 			$body = preg_replace_callback("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\+\,]+)/ism", '\red_zrl_callback', $body);
 	
 			$body = preg_replace_callback('/\[\$b64zrl(.*?)\[\/(zrl)\]/ism','\red_unescape_codeblock',$body);
@@ -623,9 +630,9 @@ class Item extends \Zotlabs\Web\Controller {
 			 */
 	
 			if(! $preview) {
-				$this->fix_attached_photo_permissions($profile_uid,$owner_xchan['xchan_hash'],((strpos($body,'[/crypt]')) ? $_POST['media_str'] : $body),$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny);
+				fix_attached_photo_permissions($profile_uid,$owner_xchan['xchan_hash'],((strpos($body,'[/crypt]')) ? $_POST['media_str'] : $body),$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny);
 	
-				$this->fix_attached_file_permissions($channel,$observer['xchan_hash'],((strpos($body,'[/crypt]')) ? $_POST['media_str'] : $body),$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny);
+				fix_attached_file_permissions($channel,$observer['xchan_hash'],((strpos($body,'[/crypt]')) ? $_POST['media_str'] : $body),$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny);
 	
 			}
 	
@@ -705,6 +712,7 @@ class Item extends \Zotlabs\Web\Controller {
 		$item_wall = (($post_type === 'wall' || $post_type === 'wall-comment') ? 1 : 0);
 		$item_origin = (($origin) ? 1 : 0);
 		$item_consensus = (($consensus) ? 1 : 0);
+		$item_nocomment = (($nocomment) ? 1 : 0);
 	
 	
 		// determine if this is a wall post
@@ -751,71 +759,64 @@ class Item extends \Zotlabs\Web\Controller {
 			$plink = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . $mid;
 		}
 		
-	
-	
-	
-	
-		$datarray['aid']            = $channel['channel_account_id'];
-		$datarray['uid']            = $profile_uid;
-		
-		$datarray['owner_xchan']    = (($owner_hash) ? $owner_hash : $owner_xchan['xchan_hash']);
-		$datarray['author_xchan']   = $observer['xchan_hash'];
-		$datarray['created']        = $created;
-		$datarray['edited']         = (($orig_post) ? datetime_convert() : $created);
-		$datarray['expires']        = $expires;
-		$datarray['commented']      = (($orig_post) ? datetime_convert() : $created);
-		$datarray['received']       = (($orig_post) ? datetime_convert() : $created);
-		$datarray['changed']        = (($orig_post) ? datetime_convert() : $created);
-		$datarray['mid']            = $mid;
-		$datarray['parent_mid']     = $parent_mid;
-		$datarray['mimetype']       = $mimetype;
-		$datarray['title']          = $title;
-		$datarray['body']           = $body;
-		$datarray['app']            = $app;
-		$datarray['location']       = $location;
-		$datarray['coord']          = $coord;
-		$datarray['verb']           = $verb;
-		$datarray['obj_type']       = $obj_type;
-		$datarray['allow_cid']      = $str_contact_allow;
-		$datarray['allow_gid']      = $str_group_allow;
-		$datarray['deny_cid']       = $str_contact_deny;
-		$datarray['deny_gid']       = $str_group_deny;
-		$datarray['item_private']   = $private;
-		$datarray['item_wall']      = $item_wall;
-		$datarray['attach']         = $attachments;
-		$datarray['thr_parent']     = $thr_parent;
-		$datarray['postopts']       = $postopts;
-		$datarray['item_unseen']    = $item_unseen;
-		$datarray['item_wall']      = $item_wall;
-		$datarray['item_origin']    = $item_origin;
-		$datarray['item_type']      = $webpage;
-		$datarray['item_thread_top'] = $item_thread_top;
-		$datarray['item_unseen']    = $item_unseen;
-		$datarray['item_starred']    = $item_starred;
-		$datarray['item_uplink']    = $item_uplink;
-		$datarray['item_consensus']    = $item_consensus;
-		$datarray['item_notshown']    = $item_notshown;
-		$datarray['item_nsfw']    = $item_nsfw;
-		$datarray['item_relay']    = $item_relay;
-		$datarray['item_mentionsme']    = $item_mentionsme;
-		$datarray['item_nocomment']    = $item_nocomment;
-		$datarray['item_obscured']    = $item_obscured;
-		$datarray['item_verified']    = $item_verified;
-		$datarray['item_retained']    = $item_retained;
-		$datarray['item_rss']    = $item_rss;
-		$datarray['item_deleted']    = $item_deleted;
-		$datarray['item_hidden']    = $item_hidden;
-		$datarray['item_unpublished']    = $item_unpublished;
-		$datarray['item_delayed']    = $item_delayed;
-		$datarray['item_pending_remove']    = $item_pending_remove;
-		$datarray['item_blocked']    = $item_blocked;
-	
-		$datarray['layout_mid']     = $layout_mid;
-		$datarray['public_policy']  = $public_policy;
-		$datarray['comment_policy'] = map_scope($channel['channel_w_comment']); 
-		$datarray['term']           = $post_tags;
-		$datarray['plink']          = $plink;
-		$datarray['route']          = $route;
+		$datarray['aid']                 = $channel['channel_account_id'];
+		$datarray['uid']                 = $profile_uid;
+		$datarray['owner_xchan']         = (($owner_hash) ? $owner_hash : $owner_xchan['xchan_hash']);
+		$datarray['author_xchan']        = $observer['xchan_hash'];
+		$datarray['created']             = $created;
+		$datarray['edited']              = (($orig_post) ? datetime_convert() : $created);
+		$datarray['expires']             = $expires;
+		$datarray['commented']           = (($orig_post) ? datetime_convert() : $created);
+		$datarray['received']            = (($orig_post) ? datetime_convert() : $created);
+		$datarray['changed']             = (($orig_post) ? datetime_convert() : $created);
+		$datarray['mid']                 = $mid;
+		$datarray['parent_mid']          = $parent_mid;
+		$datarray['mimetype']            = $mimetype;
+		$datarray['title']               = $title;
+		$datarray['body']                = $body;
+		$datarray['app']                 = $app;
+		$datarray['location']            = $location;
+		$datarray['coord']               = $coord;
+		$datarray['verb']                = $verb;
+		$datarray['obj_type']            = $obj_type;
+		$datarray['allow_cid']           = $str_contact_allow;
+		$datarray['allow_gid']           = $str_group_allow;
+		$datarray['deny_cid']            = $str_contact_deny;
+		$datarray['deny_gid']            = $str_group_deny;
+		$datarray['attach']              = $attachments;
+		$datarray['thr_parent']          = $thr_parent;
+		$datarray['postopts']            = $postopts;
+		$datarray['item_unseen']         = intval($item_unseen);
+		$datarray['item_wall']           = intval($item_wall);
+		$datarray['item_origin']         = intval($item_origin);
+		$datarray['item_type']           = $webpage;
+		$datarray['item_private']        = intval($private);
+		$datarray['item_thread_top']     = intval($item_thread_top);
+		$datarray['item_unseen']         = intval($item_unseen);
+		$datarray['item_starred']        = intval($item_starred);
+		$datarray['item_uplink']         = intval($item_uplink);
+		$datarray['item_consensus']      = intval($item_consensus);
+		$datarray['item_notshown']       = intval($item_notshown);
+		$datarray['item_nsfw']           = intval($item_nsfw);
+		$datarray['item_relay']          = intval($item_relay);
+		$datarray['item_mentionsme']     = intval($item_mentionsme);
+		$datarray['item_nocomment']      = intval($item_nocomment);
+		$datarray['item_obscured']       = intval($item_obscured);
+		$datarray['item_verified']       = intval($item_verified);
+		$datarray['item_retained']       = intval($item_retained);
+		$datarray['item_rss']            = intval($item_rss);
+		$datarray['item_deleted']        = intval($item_deleted);
+		$datarray['item_hidden']         = intval($item_hidden);
+		$datarray['item_unpublished']    = intval($item_unpublished);
+		$datarray['item_delayed']        = intval($item_delayed);
+		$datarray['item_pending_remove'] = intval($item_pending_remove);
+		$datarray['item_blocked']        = intval($item_blocked);	
+		$datarray['layout_mid']          = $layout_mid;
+		$datarray['public_policy']       = $public_policy;
+		$datarray['comment_policy']      = map_scope($comment_policy); 
+		$datarray['term']                = $post_tags;
+		$datarray['plink']               = $plink;
+		$datarray['route']               = $route;
 	
 		if($iconfig)
 			$datarray['iconfig'] = $iconfig;
@@ -925,7 +926,9 @@ class Item extends \Zotlabs\Web\Controller {
 		$post = item_store($datarray,$execflag);
 	
 		$post_id = $post['item_id'];
-	
+
+		$datarray = $post['item'];
+
 		if($post_id) {
 			logger('mod_item: saved item ' . $post_id);
 	
@@ -1086,138 +1089,6 @@ class Item extends \Zotlabs\Web\Controller {
 	}
 	
 	
-	function fix_attached_photo_permissions($uid,$xchan_hash,$body,
-			$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny) {
-	
-		if(get_pconfig($uid,'system','force_public_uploads')) {
-			$str_contact_allow = $str_group_allow = $str_contact_deny = $str_group_deny = '';
-		}
-	
-		$match = null;
-		// match img and zmg image links
-		if(preg_match_all("/\[[zi]mg(.*?)\](.*?)\[\/[zi]mg\]/",$body,$match)) {
-			$images = $match[2];
-			if($images) {
-				foreach($images as $image) {
-					if(! stristr($image,z_root() . '/photo/'))
-						continue;
-					$image_uri = substr($image,strrpos($image,'/') + 1);
-					if(strpos($image_uri,'-') !== false)
-						$image_uri = substr($image_uri,0, strpos($image_uri,'-'));
-					if(strpos($image_uri,'.') !== false)
-						$image_uri = substr($image_uri,0, strpos($image_uri,'.'));
-					if(! strlen($image_uri))
-						continue;
-					$srch = '<' . $xchan_hash . '>';
-						
-					$r = q("select folder from attach where hash = '%s' and uid = %d limit 1",
-						dbesc($image_uri),
-						intval($uid)
-					);
-					if($r && $r[0]['folder']) {
-						$f = q("select * from attach where hash = '%s' and is_dir = 1 and uid = %d limit 1",
-							dbesc($r[0]['folder']),
-							intval($uid)
-						);
-						if(($f) && (($f[0]['allow_cid']) || ($f[0]['allow_gid']) || ($f[0]['deny_cid']) || ($f[0]['deny_gid']))) {
-							$str_contact_allow = $f[0]['allow_cid'];
-							$str_group_allow = $f[0]['allow_gid'];
-							$str_contact_deny = $f[0]['deny_cid'];
-							$str_group_deny = $f[0]['deny_gid'];
-						}
-					}
-	
-					$r = q("SELECT id FROM photo 
-						WHERE allow_cid = '%s' AND allow_gid = '' AND deny_cid = '' AND deny_gid = ''
-						AND resource_id = '%s' AND uid = %d LIMIT 1",
-						dbesc($srch),
-						dbesc($image_uri),
-						intval($uid)
-					);
-	
-					if($r) {
-						$r = q("UPDATE photo SET allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s'
-							WHERE resource_id = '%s' AND uid = %d ",
-							dbesc($str_contact_allow),
-							dbesc($str_group_allow),
-							dbesc($str_contact_deny),
-							dbesc($str_group_deny),
-							dbesc($image_uri),
-							intval($uid)
-						);
-	
-						// also update the linked item (which is probably invisible)
-	
-						$r = q("select id from item
-							WHERE allow_cid = '%s' AND allow_gid = '' AND deny_cid = '' AND deny_gid = ''
-							AND resource_id = '%s' and resource_type = 'photo' AND uid = %d LIMIT 1",
-							dbesc($srch),
-							dbesc($image_uri),
-							intval($uid)
-						);
-						if($r) {
-							$private = (($str_contact_allow || $str_group_allow || $str_contact_deny || $str_group_deny) ? true : false);
-	
-							$r = q("UPDATE item SET allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d
-								WHERE id = %d AND uid = %d",
-								dbesc($str_contact_allow),
-								dbesc($str_group_allow),
-								dbesc($str_contact_deny),
-								dbesc($str_group_deny),
-								intval($private),
-								intval($r[0]['id']),
-								intval($uid)
-							);
-						}
-						$r = q("select id from attach where hash = '%s' and uid = %d limit 1",
-							dbesc($image_uri),
-							intval($uid)
-						);
-						if($r) {
-							q("update attach SET allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s'
-								WHERE id = %d AND uid = %d",
-								dbesc($str_contact_allow),
-								dbesc($str_group_allow),
-								dbesc($str_contact_deny),
-								dbesc($str_group_deny),
-								intval($r[0]['id']),
-								intval($uid)
-							);
-						} 
-					}
-				}
-			}
-		}
-	}
-	
-	
-	function fix_attached_file_permissions($channel,$observer_hash,$body,
-			$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny) {
-	
-		if(get_pconfig($channel['channel_id'],'system','force_public_uploads')) {
-			$str_contact_allow = $str_group_allow = $str_contact_deny = $str_group_deny = '';
-		}
-	
-		$match = false;
-	
-		if(preg_match_all("/\[attachment\](.*?)\[\/attachment\]/",$body,$match)) {
-			$attaches = $match[1];
-			if($attaches) {
-				foreach($attaches as $attach) {
-					$hash = substr($attach,0,strpos($attach,','));
-					$rev = intval(substr($attach,strpos($attach,',')));
-					attach_store($channel,$observer_hash,$options = 'update', array(
-						'hash'      => $hash,
-						'revision'  => $rev,
-						'allow_cid' => $str_contact_allow,
-						'allow_gid'  => $str_group_allow,
-						'deny_cid'  => $str_contact_deny,
-						'deny_gid'  => $str_group_deny
-					));
-				}
-			}
-		}
-	}
 	
 	function item_check_service_class($channel_id,$iswebpage) {
 		$ret = array('success' => false, 'message' => '');

Zotlabs/Module/Like.php

@@ -264,23 +264,22 @@ class Like extends \Zotlabs\Web\Controller {
 				logger('like: no item ' . $item_id);
 				killme();
 			}
-	
-	
+
+
+			xchan_query($r,true,(($r[0]['uid'] == local_channel()) ? 0 : local_channel()));	
+
 			$item = $r[0];
-			$owner_uid = $item['uid'];
-			$owner_aid = $item['aid'];
-	
-	
-			$sys = get_sys_channel();
-	
-	
-			// if this is a "discover" item, (item['uid'] is the sys channel),
-			// fallback to the item comment policy, which should've been
-			// respected when generating the conversation thread.
-			// Even if the activity is rejected by the item owner, it should still get attached
-			// to the local discover conversation on this site. 
-	
-			if(($owner_uid != $sys['channel_id']) && (! perm_is_allowed($owner_uid,$observer['xchan_hash'],'post_comments'))) {
+
+			$owner_uid = $r[0]['uid'];
+			$owner_aid = $r[0]['aid'];
+
+            $can_comment = false;
+            if((array_key_exists('owner',$item)) && intval($item['owner']['abook_self']))
+                $can_comment = perm_is_allowed($item['uid'],$observer['xchan_hash'],'post_comments');
+            else
+                $can_comment = can_comment_on_post($observer['xchan_hash'],$item);
+
+            if(! $can_comment) {
 				notice( t('Permission denied') . EOL);
 				killme();
 			}
@@ -496,6 +495,8 @@ class Like extends \Zotlabs\Web\Controller {
 		$arr['deny_gid']      = $deny_gid;
 		$arr['item_private']  = $private;
 	
+		call_hooks('post_local',$arr);
+
 	
 		$post = item_store($arr);	
 		$post_id = $post['item_id'];

Zotlabs/Module/Lostpass.php

@@ -43,18 +43,19 @@ class Lostpass extends \Zotlabs\Web\Controller {
 	
 		$subject = email_header_encode(sprintf( t('Password reset requested at %s'),get_config('system','sitename')), 'UTF-8');
 	
-		$res = mail($email, $subject ,
-				$message,
-				'From: Administrator@' . $_SERVER['SERVER_NAME'] . "\n"
-				. 'Content-type: text/plain; charset=UTF-8' . "\n"
-				. 'Content-transfer-encoding: 8bit' );
-	
-	
+		$res = z_mail(
+			[ 
+			'toEmail' => $email,
+			'messageSubject' => sprintf( t('Password reset requested at %s'), get_config('system','sitename')),
+			'textVersion' => $message,
+			]
+		);
+
 		goaway(z_root());
 	}
 	
 	
-		function get() {
+	function get() {
 	
 	
 		if(x($_GET,'verify')) {
@@ -102,20 +103,22 @@ class Lostpass extends \Zotlabs\Web\Controller {
 	
 				$email_tpl = get_intltext_template("passchanged_eml.tpl");
 				$message = replace_macros($email_tpl, array(
-				'$sitename' => \App::$config['sitename'],
-				'$siteurl' =>  z_root(),
-				'$username' => sprintf( t('Site Member (%s)'), $email),
-				'$email' => $email,
-				'$new_password' => $new_password,
-				'$uid' => $newuid ));
-	
-				$subject = email_header_encode( sprintf( t('Your password has changed at %s'), get_config('system','sitename')), 'UTF-8');
-	
-				$res = mail($email,$subject,$message,
-					'From: ' . 'Administrator@' . $_SERVER['SERVER_NAME'] . "\n"
-					. 'Content-type: text/plain; charset=UTF-8' . "\n"
-					. 'Content-transfer-encoding: 8bit' );
+					'$sitename' => \App::$config['sitename'],
+					'$siteurl' =>  z_root(),
+					'$username' => sprintf( t('Site Member (%s)'), $email),
+					'$email' => $email,
+					'$new_password' => $new_password,
+					'$uid' => $newuid )
+				);
 	
+				$res = z_mail(
+					[ 
+					'toEmail'        => $email,
+					'messageSubject' => sprintf( t('Your password has changed at %s'), get_config('system','sitename')),
+					'textVersion'    => $message,
+					]
+				);
+
 				return $o;
 			}
 		

Zotlabs/Module/Magic.php

@@ -140,7 +140,7 @@ class Magic extends \Zotlabs\Web\Controller {
 	
 			\Zotlabs\Zot\Verify::create('auth',$channel['channel_id'],$token,$x[0]['hubloc_url']);
 	
-			$target_url = $x[0]['hubloc_callback'] . '/?f=&auth=' . urlencode($channel['channel_address'] . '@' . \App::get_hostname())
+			$target_url = $x[0]['hubloc_callback'] . '/?f=&auth=' . urlencode(channel_reddress($channel))
 				. '&sec=' . $token . '&dest=' . urlencode($dest) . '&version=' . ZOT_REVISION;
 	
 			if($delegate)

Zotlabs/Module/Mail.php

@@ -57,24 +57,16 @@ class Mail extends \Zotlabs\Web\Controller {
 	
 			$their_perms = 0;
 	
-			$global_perms = get_perms();
-	
 			if($j['permissions']['data']) {
 				$permissions = crypto_unencapsulate($j['permissions'],$channel['channel_prvkey']);
 				if($permissions)
-					$permissions = json_decode($permissions);
+					$permissions = json_decode($permissions, true);
 				logger('decrypted permissions: ' . print_r($permissions,true), LOGGER_DATA);
 			}
 			else
 				$permissions = $j['permissions'];
 	
-			foreach($permissions as $k => $v) {
-				if($v) {
-					$their_perms = $their_perms | intval($global_perms[$k][1]);
-				}
-			}
-	
-			if(! ($their_perms & PERMS_W_MAIL)) {
+			if(! ($permissions['post_mail'])) {
 	 			notice( t('Selected channel has private message restrictions. Send failed.'));
 				// reported issue: let's still save the message and continue. We'll just tell them
 				// that nothing useful is likely to happen. They might have spent hours on it.  
@@ -120,7 +112,7 @@ class Mail extends \Zotlabs\Web\Controller {
 			
 	}
 	
-		function get() {
+	function get() {
 	
 		$o = '';
 		nav_set_selected('messages');
@@ -340,7 +332,7 @@ class Mail extends \Zotlabs\Web\Controller {
 				'delete' => t('Delete message'),
 				'dreport' => t('Delivery report'),
 				'recall' => t('Recall message'),
-				'can_recall' => (($channel['channel_hash'] == $message['from_xchan']) ? true : false),
+				'can_recall' => (($channel['channel_hash'] == $message['from_xchan'] && get_account_techlevel() > 0) ? true : false),
 				'is_recalled' => (intval($message['mail_recalled']) ? t('Message has been recalled.') : ''),
 				'date' => datetime_convert('UTC',date_default_timezone_get(),$message['created'], 'c'),
 			);

Zotlabs/Module/Manage.php

@@ -143,9 +143,9 @@ class Manage extends \Zotlabs\Web\Controller {
 		$create = array( 'new_channel', t('Create a new channel'), t('Create New'));
 	
 		$delegates = q("select * from abook left join xchan on abook_xchan = xchan_hash where 
-			abook_channel = %d and (abook_their_perms & %d) > 0",
+			abook_channel = %d and abook_xchan in ( select xchan from abconfig where chan = %d and cat = 'their_perms' and k = 'delegate' and v = '1' )",
 			intval(local_channel()),
-			intval(PERMS_A_DELEGATE)
+			intval(local_channel())
 		);
 	
 		if($delegates) {

Zotlabs/Module/Menu.php

@@ -65,7 +65,7 @@ class Menu extends \Zotlabs\Web\Controller {
 	
 	
 	
-		function get() {
+	function get() {
 	
 		$uid = local_channel();
 	
@@ -81,7 +81,7 @@ class Menu extends \Zotlabs\Web\Controller {
 	
 		if(argc() == 1) {
 	
-	
+			$channel = (($sys) ? $sys : \App::get_channel());
 	
 			// list menus
 			$x = menu_list($uid);
@@ -89,7 +89,7 @@ class Menu extends \Zotlabs\Web\Controller {
 				for($y = 0; $y < count($x); $y ++) {
 					$m = menu_fetch($x[$y]['menu_name'],$uid,get_observer_hash());
 					if($m)
-						$x[$y]['element'] = '[element]' . base64url_encode(json_encode(menu_element($m))) . '[/element]';
+						$x[$y]['element'] = '[element]' . base64url_encode(json_encode(menu_element($channel,$m))) . '[/element]';
 					$x[$y]['bookmark'] = (($x[$y]['menu_flags'] & MENU_BOOKMARK) ? true : false);
 				}
 			}

Zotlabs/Module/Mitem.php

@@ -147,12 +147,16 @@ class Mitem extends \Zotlabs\Web\Controller {
 			else {
 				$display = (($r) ? 'none' : 'block');
 			}
-	
+
 			$create = replace_macros(get_markup_template('mitemedit.tpl'), array(
 				'$menu_id'     => \App::$data['menu']['menu_id'],
 				'$permissions' => t('Menu Item Permissions'),
 				'$permdesc'    => t("\x28click to open/close\x29"),
 				'$aclselect'   => populate_acl($acl->get(),false),
+				'$allow_cid'   => acl2json($acl->get()['allow_cid']),
+				'$allow_gid'   => acl2json($acl->get()['allow_gid']),
+				'$deny_cid'    => acl2json($acl->get()['deny_cid']),
+				'$deny_gid'    => acl2json($acl->get()['deny_gid']),
 				'$mitem_desc'  => array('mitem_desc', t('Link Name'), '', 'Visible name of the link','*'),
 				'$mitem_link'  => array('mitem_link', t('Link or Submenu Target'), '', t('Enter URL of the link or select a menu name to create a submenu'), '*', 'list="menu-names"'),
 				'$usezid'      => array('usezid', t('Use magic-auth if available'), true, '', array(t('No'), t('Yes'))),
@@ -226,6 +230,10 @@ class Mitem extends \Zotlabs\Web\Controller {
 					'$permissions' => t('Menu Item Permissions'),
 					'$permdesc' => t("\x28click to open/close\x29"),
 					'$aclselect' => populate_acl($mitem,false),
+					'$allow_cid' => acl2json($mitem['allow_cid']),
+					'$allow_gid' => acl2json($mitem['allow_gid']),
+					'$deny_cid' => acl2json($mitem['deny_cid']),
+					'$deny_gid' => acl2json($mitem['deny_gid']),
 					'$mitem_id' => intval(argv(2)),
 					'$mitem_desc' => array('mitem_desc', t('Link text'), $mitem['mitem_desc'], '','*'),
 					'$mitem_link'  => array('mitem_link', t('Link or Submenu Target'), $mitem['mitem_link'], 'Enter URL of the link or select a menu name to create a submenu', '*', 'list="menu-names"'),

Zotlabs/Module/Network.php

@@ -61,6 +61,7 @@ class Network extends \Zotlabs\Web\Controller {
 	
 		$search = (($_GET['search']) ? $_GET['search'] : '');
 		if($search) {
+			$_GET['netsearch'] = escape_tags($search);
 			if(strpos($search,'@') === 0) {
 				$r = q("select abook_id from abook left join xchan on abook_xchan = xchan_hash where xchan_name = '%s' and abook_channel = %d limit 1",
 					dbesc(substr($search,1)),
@@ -138,7 +139,7 @@ class Network extends \Zotlabs\Web\Controller {
 			if($_GET['pf'] === '1')
 				$deftag = '@' . t('forum') . '+' . intval($cid) . '+';
 			else
-				$def_acl = array('allow_cid' => '<' . $r[0]['abook_xchan'] . '>');
+				$def_acl = [ 'allow_cid' => '<' . $r[0]['abook_xchan'] . '>', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '' ];
 		}
 	
 		if(! $update) {
@@ -159,7 +160,7 @@ class Network extends \Zotlabs\Web\Controller {
 				'allow_gid' => $channel['channel_allow_gid'], 
 				'deny_cid'  => $channel['channel_deny_cid'], 
 				'deny_gid'  => $channel['channel_deny_gid']
-			); 
+			);
 
 			$private_editing = ((($group || $cid) && (! intval($_GET['pf']))) ? true : false);
 	
@@ -170,12 +171,14 @@ class Network extends \Zotlabs\Web\Controller {
 				'nickname'         => $channel['channel_address'],
 				'lockstate'        => (($private_editing || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
 				'acl'              => populate_acl((($private_editing) ? $def_acl : $channel_acl), true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post'),
+				'permissions'      => (($private_editing) ? $def_acl : $channel_acl),
 				'bang'             => (($private_editing) ? '!' : ''),
 				'visitor'          => true,
 				'profile_uid'      => local_channel(),
 				'editor_autocomplete' => true,
 				'bbco_autocomplete' => 'bbcode',
-				'bbcode' => true
+				'bbcode' => true,
+				'jotnets' => true
 			);
 			if($deftag)
 				$x['pretext'] = $deftag;

Zotlabs/Module/New_channel.php

@@ -125,11 +125,16 @@ class New_channel extends \Zotlabs\Web\Controller {
 			}
 		}
 	
+		$privacy_role = ((x($_REQUEST,'permissions_role')) ? $_REQUEST['permissions_role'] :  "" );
+
+		$perm_roles = \Zotlabs\Access\PermissionRoles::roles();
+		if((get_account_techlevel() < 4) && $privacy_role !== 'custom')
+			unset($perm_roles[t('Other')]);
+
 		$name = array('name', t('Name or caption'), ((x($_REQUEST,'name')) ? $_REQUEST['name'] : ''), t('Examples: "Bob Jameson", "Lisa and her Horses", "Soccer", "Aviation Group"'), "*");
 		$nickhub = '@' . \App::get_hostname();
 		$nickname = array('nickname', t('Choose a short nickname'), ((x($_REQUEST,'nickname')) ? $_REQUEST['nickname'] : ''), sprintf( t('Your nickname will be used to create an easy to remember channel address e.g. nickname%s'), $nickhub), "*");
-		$privacy_role = ((x($_REQUEST,'permissions_role')) ? $_REQUEST['permissions_role'] :  "" );
-		$role = array('permissions_role' , t('Channel role and privacy'), ($privacy_role) ? $privacy_role : 'social', t('Select a channel role with your privacy requirements.') . ' <a href="help/roles" target="_blank">' . t('Read more about roles') . '</a>',get_roles());
+		$role = array('permissions_role' , t('Channel role and privacy'), ($privacy_role) ? $privacy_role : 'social', t('Select a channel role with your privacy requirements.') . ' <a href="help/roles" target="_blank">' . t('Read more about roles') . '</a>',$perm_roles);
 	
 		$o = replace_macros(get_markup_template('new_channel.tpl'), array(
 			'$title'        => t('Create Channel'),

Zotlabs/Module/Oembed.php

@@ -22,10 +22,10 @@ class Oembed extends \Zotlabs\Web\Controller {
 			}
 		
 			else {
-				echo "<html><body>";
+				echo "<html><head><base target=\"_blank\" /></head><body>";
 				$src = base64url_decode(argv(1));
 				$j = oembed_fetch_url($src);
-				echo $j->html;
+				echo $j['html'];
 	//		    logger('mod-oembed ' . $h, LOGGER_ALL);
 				echo "</body></html>";
 			}

Zotlabs/Module/Openid.php

@@ -1,198 +0,0 @@
-<?php
-namespace Zotlabs\Module;
-
-
-require_once('library/openid/openid.php');
-require_once('include/auth.php');
-
-
-class Openid extends \Zotlabs\Web\Controller {
-
-	function get() {
-	
-		$noid = get_config('system','disable_openid');
-		if($noid)
-			goaway(z_root());
-	
-		logger('mod_openid ' . print_r($_REQUEST,true), LOGGER_DATA);
-	
-		if(x($_REQUEST,'openid_mode')) {
-	
-			$openid = new LightOpenID(z_root());
-	
-			if($openid->validate()) {
-	
-				logger('openid: validate');
-	
-				$authid = normalise_openid($_REQUEST['openid_identity']);
-	
-				if(! strlen($authid)) {
-					logger( t('OpenID protocol error. No ID returned.') . EOL);
-					goaway(z_root());
-				}
-				
-				$x = match_openid($authid);
-				if($x) {	
-	
-					$r = q("select * from channel where channel_id = %d limit 1",
-						intval($x)
-					);
-					if($r) {
-						$y = q("select * from account where account_id = %d limit 1",
-							intval($r[0]['channel_account_id'])
-						);
-						if($y) {
-						    foreach($y as $record) {
-						        if(($record['account_flags'] == ACCOUNT_OK) || ($record['account_flags'] == ACCOUNT_UNVERIFIED)) {
-				            		logger('mod_openid: openid success for ' . $x[0]['channel_name']);
-									$_SESSION['uid'] = $r[0]['channel_id'];
-									$_SESSION['account_id'] = $r[0]['channel_account_id'];
-									$_SESSION['authenticated'] = true;
-									authenticate_success($record,$r[0],true,true,true,true);
-									goaway(z_root());
-								}
-							}
-						}
-					}
-				}
-	
-				// Successful OpenID login - but we can't match it to an existing account.
-				// See if they've got an xchan
-	
-				$r = q("select * from xconfig left join xchan on xchan_hash = xconfig.xchan where cat = 'system' and k = 'openid' and v = '%s' limit 1",
-					dbesc($authid)
-				);				
-	
-				if($r) {
-					$_SESSION['authenticated'] = 1;
-					$_SESSION['visitor_id'] = $r[0]['xchan_hash'];
-					$_SESSION['my_url'] = $r[0]['xchan_url'];
-					$_SESSION['my_address'] = $r[0]['xchan_addr'];
-					$arr = array('xchan' => $r[0], 'session' => $_SESSION);
-					call_hooks('magic_auth_openid_success',$arr);
-					\App::set_observer($r[0]);
-					require_once('include/security.php');
-					\App::set_groups(init_groups_visitor($_SESSION['visitor_id']));
-					info(sprintf( t('Welcome %s. Remote authentication successful.'),$r[0]['xchan_name']));
-					logger('mod_openid: remote auth success from ' . $r[0]['xchan_addr']); 
-					if($_SESSION['return_url'])
-						goaway($_SESSION['return_url']);
-					goaway(z_root());
-				}
-	
-				// no xchan...
-				// create one.
-				// We should probably probe the openid url and figure out if they have any kind of social presence we might be able to 
-				// scrape some identifying info from. 
-	
-				$name = $authid;
-				$url = trim($_REQUEST['openid_identity'],'/');
-				if(strpos($url,'http') === false)
-					$url = 'https://' . $url;
-				$pphoto = z_root() . '/' . get_default_profile_photo();
-				$parsed = @parse_url($url);
-				if($parsed) {
-					$host = $parsed['host'];
-				}
-	
-				$attr = $openid->getAttributes();
-	
-				if(is_array($attr) && count($attr)) {
-					foreach($attr as $k => $v) {
-						if($k === 'namePerson/friendly')
-							$nick = notags(trim($v));
-						if($k === 'namePerson/first')
-							$first = notags(trim($v));
-						if($k === 'namePerson')
-							$name = notags(trim($v));
-						if($k === 'contact/email')
-							$addr = notags(trim($v));
-						if($k === 'media/image/aspect11')
-							$photosq = trim($v);
-						if($k === 'media/image/default')
-							$photo_other = trim($v);
-					}
-				}
-				if(! $nick) {
-					if($first)
-						$nick = $first;
-					else
-						$nick = $name;
-				}
-	
-				require_once('library/urlify/URLify.php');
-				$x = strtolower(\URLify::transliterate($nick));
-				if($nick & $host)
-					$addr = $nick . '@' . $host;
-				$network = 'unknown';
-				
-				if($photosq)
-					$pphoto = $photosq;
-				elseif($photo_other)
-					$pphoto = $photo_other;
-	
-				$mimetype = guess_image_type($pphoto);
-	
-		        $x = q("insert into xchan ( xchan_hash, xchan_guid, xchan_guid_sig, xchan_pubkey, xchan_photo_mimetype,
-	                xchan_photo_l, xchan_addr, xchan_url, xchan_connurl, xchan_follow, xchan_connpage, xchan_name, xchan_network, xchan_photo_date, 
-					xchan_name_date, xchan_hidden)
-	                values ( '%s', '%s', '%s', '%s' , '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', 1) ",
-		            dbesc($url),
-	    	        dbesc(''),
-	        	    dbesc(''),
-	            	dbesc(''),
-		            dbesc($mimetype),
-	    	        dbesc($pphoto),
-	        	    dbesc($addr),
-	            	dbesc($url),
-		            dbesc(''),
-	    	        dbesc(''),
-	        	    dbesc(''),
-	            	dbesc($name),
-		            dbesc($network),
-	    	        dbesc(datetime_convert()),
-	        	    dbesc(datetime_convert())
-	        	);
-				if($x) {
-					$r = q("select * from xchan where xchan_hash = '%s' limit 1",
-						dbesc($url)
-					);
-					if($r) {
-	
-						$photos = import_xchan_photo($pphoto,$url);
-						if($photos) {
-							$z = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', 
-								xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s'",
-								dbesc(datetime_convert()),
-								dbesc($photos[0]),
-								dbesc($photos[1]),
-								dbesc($photos[2]),
-								dbesc($photos[3]),
-								dbesc($url)
-		            		);
-						}
-	
-						set_xconfig($url,'system','openid',$authid);
-						$_SESSION['authenticated'] = 1;
-						$_SESSION['visitor_id'] = $r[0]['xchan_hash'];
-						$_SESSION['my_url'] = $r[0]['xchan_url'];
-						$_SESSION['my_address'] = $r[0]['xchan_addr'];
-						$arr = array('xchan' => $r[0], 'session' => $_SESSION);
-						call_hooks('magic_auth_openid_success',$arr);
-						\App::set_observer($r[0]);
-						info(sprintf( t('Welcome %s. Remote authentication successful.'),$r[0]['xchan_name']));
-						logger('mod_openid: remote auth success from ' . $r[0]['xchan_addr']); 
-						if($_SESSION['return_url'])
-							goaway($_SESSION['return_url']);
-						goaway(z_root());
-					}
-				}
-	
-			}
-		}
-		notice( t('Login failed.') . EOL);
-		goaway(z_root());
-		// NOTREACHED
-	}
-	
-}

Zotlabs/Module/Pdledit.php

@@ -9,6 +9,9 @@ class Pdledit extends \Zotlabs\Web\Controller {
 			return;
 		if(! $_REQUEST['module'])
 			return;
+		if(! feature_enabled(local_channel(),'advanced_theming'))
+			return;
+
 		if(! trim($_REQUEST['content'])) {
 			del_pconfig(local_channel(),'system','mod_' . $_REQUEST['module'] . '.pdl');
 			goaway(z_root() . '/pdledit/' . $_REQUEST['module']);
@@ -26,6 +29,11 @@ class Pdledit extends \Zotlabs\Web\Controller {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}
+
+		if(! feature_enabled(local_channel(),'advanced_theming')) {
+			notice( t('Feature disabled.') . EOL);
+			return;
+		}
 	
 		if(argc() > 1)
 			$module = 'mod_' . argv(1) . '.pdl';

Zotlabs/Module/Photo.php

@@ -59,20 +59,33 @@ class Photo extends \Zotlabs\Web\Controller {
 			}
 	
 			$uid = $person;
-	
-			$r = q("SELECT * FROM photo WHERE imgscale = %d AND uid = %d AND photo_usage = %d LIMIT 1",
-				intval($resolution),
-				intval($uid),
-				intval(PHOTO_PROFILE)
-			);
-			if($r) {
-				$data = dbunescbin($r[0]['content']);
-				$mimetype = $r[0]['mimetype'];
+
+			$d = [ 'imgscale' => $resolution, 'channel_id' => $uid, 'default' => $default, 'data'  => '', 'mimetype' => '' ];
+			call_hooks('get_profile_photo',$d);
+
+			$resolution = $d['imgscale'];
+			$uid        = $d['channel_id']; 	
+			$default    = $d['default'];
+			$data       = $d['data'];
+			$mimetype   = $d['mimetype'];
+
+			if(! $data) {
+				$r = q("SELECT * FROM photo WHERE imgscale = %d AND uid = %d AND photo_usage = %d LIMIT 1",
+					intval($resolution),
+					intval($uid),
+					intval(PHOTO_PROFILE)
+				);
+				if($r) {
+					$data = dbunescbin($r[0]['content']);
+					$mimetype = $r[0]['mimetype'];
+				}
+				if(intval($r[0]['os_storage']))
+					$data = file_get_contents($data);
 			}
-			if(intval($r[0]['os_storage']))
-				$data = file_get_contents($data);
-			if(! isset($data)) {
+			if(! $data) {
 				$data = file_get_contents($default);
+			}
+			if(! $mimetype) {
 				$mimetype = 'image/png';
 			}
 		}
@@ -88,6 +101,7 @@ class Photo extends \Zotlabs\Web\Controller {
 			   Project link: https://github.com/Retina-Images/Retina-Images
 			   License link: http://creativecommons.org/licenses/by/3.0/
 			*/
+
 			$cookie_value = false;
 			if (isset($_COOKIE['devicePixelRatio'])) {
 			  $cookie_value = intval($_COOKIE['devicePixelRatio']);
@@ -114,15 +128,15 @@ class Photo extends \Zotlabs\Web\Controller {
 			}
 			
 			// If using resolution 1, make sure it exists before proceeding:
-			if ($resolution == 1)
-			  {
+			if($resolution == 1) {
 			    $r = q("SELECT uid FROM photo WHERE resource_id = '%s' AND imgscale = %d LIMIT 1",
 				   dbesc($photo),
 				   intval($resolution)
-				   );
-			    if (!($r))
+				);
+			    if(! $r) {
 			      $resolution = 2;
-			  }
+				}
+			}
 	
 			$r = q("SELECT uid FROM photo WHERE resource_id = '%s' AND imgscale = %d LIMIT 1",
 				dbesc($photo),
@@ -133,7 +147,16 @@ class Photo extends \Zotlabs\Web\Controller {
 				$allowed = (($r[0]['uid']) ? perm_is_allowed($r[0]['uid'],$observer_xchan,'view_storage') : true);
 	
 				$sql_extra = permissions_sql($r[0]['uid']);
+
+				if(! $sql_extra)
+					$sql_extra = ' and true ';
+
+				// Only check permissions on normal photos. Those photos we don't check includes
+				// profile photos, xchan photos (which are also profile photos), 'thing' photos,
+				// and cover photos
 	
+				$sql_extra = " and (( photo_usage = 0 $sql_extra ) or photo_usage != 0 )";
+
 				$channel = channelx_by_n($r[0]['uid']);
 
 				// Now we'll see if we can access the photo

Zotlabs/Module/Photos.php

@@ -50,7 +50,7 @@ class Photos extends \Zotlabs\Web\Controller {
 	
 	
 	
-		function post() {
+	function post() {
 	
 		logger('mod-photos: photos_post: begin' , LOGGER_DEBUG);
 	
@@ -105,24 +105,6 @@ class Photos extends \Zotlabs\Web\Controller {
 			}
 	
 	
-			/*
-			 * RENAME photo album
-			 */
-	
-			$newalbum = notags(trim($_REQUEST['albumname']));
-			if($newalbum != $album) {
-	
-				// @fixme - syncronise with DAV or disallow completely
-	
-				goaway(z_root() . '/' . $_SESSION['photo_return']);
-	
-	//			$x = photos_album_rename($page_owner_uid,$album,$newalbum);
-	//			if($x) {
-	//				$newurl = str_replace(bin2hex($album),bin2hex($newalbum),$_SESSION['photo_return']);
-	//				goaway(z_root() . '/' . $newurl);
-	//			}
-			}
-	
 			/*
 			 * DELETE photo album and all its photos
 			 */
@@ -229,15 +211,25 @@ class Photos extends \Zotlabs\Web\Controller {
 	
 			goaway(z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/album/' . $_SESSION['album_return']);
 		}
-	
-	
-		if((\App::$argc > 2) && ((x($_POST,'desc') !== false) || (x($_POST,'newtag') !== false)) || (x($_POST,'albname') !== false)) {
-	
+
+		if((argc() > 2) && array_key_exists('move_to_album',$_POST)) {
+			$m = q("select folder from attach where hash = '%s' and uid = %d limit 1",
+				dbesc(argv(2)),
+				intval($page_owner_uid)
+			);
+			if(($m) && ($m[0]['folder'] != $_POST['move_to_album'])) {
+				attach_move($page_owner_uid,argv(2),$_POST['move_to_album']);			
+				if(! ($_POST['desc'] && $_POST['newtag']))
+					goaway(z_root() . '/' . $_SESSION['photo_return']);
+			}
+		}
+
+		if((argc() > 2) && ((x($_POST,'desc') !== false) || (x($_POST,'newtag') !== false))) {
 	
 			$desc        = ((x($_POST,'desc'))    ? notags(trim($_POST['desc']))    : '');
 			$rawtags     = ((x($_POST,'newtag'))  ? notags(trim($_POST['newtag']))  : '');
 			$item_id     = ((x($_POST,'item_id')) ? intval($_POST['item_id'])       : 0);
-			$albname     = ((x($_POST,'albname')) ? notags(trim($_POST['albname'])) : '');
+
 			$is_nsfw     = ((x($_POST,'adult'))   ? intval($_POST['adult'])         : 0);
 		
 			$acl->set_from_array($_POST);
@@ -245,10 +237,6 @@ class Photos extends \Zotlabs\Web\Controller {
 	
 			$resource_id = argv(2);
 	
-			if(! strlen($albname))
-				$albname = datetime_convert('UTC',date_default_timezone_get(),'now', 'Y');
-	
-	
 			if((x($_POST,'rotate') !== false) && 
 			   ( (intval($_POST['rotate']) == 1) || (intval($_POST['rotate']) == 2) )) {
 				logger('rotate');
@@ -464,14 +452,15 @@ class Photos extends \Zotlabs\Web\Controller {
 				}
 	
 			}
-		
-			goaway(z_root() . '/' . $_SESSION['photo_return']);
-			return; // NOTREACHED
-	
+
 			$sync = attach_export_data(\App::$data['channel'],$resource_id);
 	
 			if($sync) 
 				build_sync_packet($page_owner_uid,array('file' => array($sync)));
+		
+			goaway(z_root() . '/' . $_SESSION['photo_return']);
+			return; // NOTREACHED
+	
 	
 		}
 	
@@ -668,6 +657,10 @@ class Photos extends \Zotlabs\Web\Controller {
 				'$selname' => $selname,
 				'$permissions' => t('Permissions'),
 				'$aclselect' => $aclselect,
+				'$allow_cid' => acl2json($channel_acl['allow_cid']),
+				'$allow_gid' => acl2json($channel_acl['allow_gid']),
+				'$deny_cid' => acl2json($channel_acl['deny_cid']),
+				'$deny_gid' => acl2json($channel_acl['deny_gid']),
 				'$lockstate' => $lockstate,
 				'$uploader' => $ret['addon_text'],
 				'$default' => (($ret['default_upload']) ? true : false),
@@ -1016,15 +1009,25 @@ class Photos extends \Zotlabs\Web\Controller {
 			// FIXME - remove this when we move to conversation module 
 	
 			$r = $r[0]['children'];
-	
+
 			$edit = null;
 			if($can_post) {
+
+				$m = q("select folder from attach where hash = '%s' and uid = %d limit 1",
+					dbesc($ph[0]['resource_id']),
+					intval($ph[0]['uid'])
+				);
+				if($m)
+					$album_hash = $m[0]['folder'];
+					
 				$album_e = $ph[0]['album'];
 				$caption_e = $ph[0]['description'];
 				$aclselect_e = (($_is_owner) ? populate_acl($ph[0], true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_storage')) : '');
 				$albums = ((array_key_exists('albums', \App::$data)) ? \App::$data['albums'] : photos_albums_list(\App::$data['channel'],\App::$data['observer']));
 	
 				$_SESSION['album_return'] = bin2hex($ph[0]['album']);
+
+				$folder_list = attach_folder_select_list($ph[0]['uid']);
 	
 				$edit = array(
 					'edit' => t('Edit photo'),
@@ -1033,6 +1036,7 @@ class Photos extends \Zotlabs\Web\Controller {
 					'rotateccw' => t('Rotate CCW (left)'),
 					'albums' => $albums['albums'],
 					'album' => $album_e,
+					'album_select' => [ 'move_to_album', t('Move photo to album'), $album_hash, '', $folder_list ],
 					'newalbum_label' => t('Enter a new album name'),
 					'newalbum_placeholder' => t('or select an existing one (doubleclick)'),
 					'nickname' => \App::$data['channel']['channel_address'],
@@ -1042,6 +1046,10 @@ class Photos extends \Zotlabs\Web\Controller {
 					'tag_label' => t('Add a Tag'),
 					'permissions' => t('Permissions'),
 					'aclselect' => $aclselect_e,
+					'allow_cid' => acl2json($ph[0]['allow_cid']),
+					'allow_gid' => acl2json($ph[0]['allow_gid']),
+					'deny_cid' => acl2json($ph[0]['deny_cid']),
+					'deny_gid' => acl2json($ph[0]['deny_gid']),
 					'lockstate' => $lockstate[0],
 					'help_tags' => t('Example: @bob, @Barbara_Jensen, @jim@example.com'),
 					'item_id' => ((count($linked_items)) ? $link_item['id'] : 0),

Zotlabs/Module/Probe.php

@@ -23,8 +23,6 @@ class Probe extends \Zotlabs\Web\Controller {
 			
 			$j = \Zotlabs\Zot\Finger::run($addr,$channel,false);
 
-			//			$res = zot_finger($addr,$channel,false);
-
 			$o .= '<pre>';
 			if(! $j['success']) {
 				$o .= sprintf( t('Fetching URL returns error: %1$s'),$res['error'] . "\r\n\r\n");

Zotlabs/Module/Profiles.php

@@ -708,7 +708,7 @@ class Profiles extends \Zotlabs\Web\Controller {
 				'$profile_id'   => $r[0]['id'],
 				'$profile_name' => array('profile_name', t('Profile name'), $r[0]['profile_name'], t('Required'), '*'),
 				'$is_default'   => $is_default,
-				'$default'      => t('This is your default profile.') . EOL . translate_scope(map_scope($channel['channel_r_profile'])),
+				'$default'      => t('This is your default profile.') . EOL . translate_scope(map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_profile'))),
 				'$advanced'     => $advanced,
 				'$name'         => array('name', t('Your full name'), $r[0]['fullname'], t('Required'), '*'),
 				'$pdesc'        => array('pdesc', t('Title/Description'), $r[0]['pdesc']),
@@ -724,7 +724,7 @@ class Profiles extends \Zotlabs\Web\Controller {
 				'$marital'      => marital_selector($r[0]['marital']),
 				'$marital_min'  => marital_selector_min($r[0]['marital']),
 				'$with'         => array('with', t("Who (if applicable)"), $r[0]['partner'], t('Examples: cathy123, Cathy Williams, cathy@example.com')),
-				'$howlong'      => array('howlong', t('Since (date)'), ($r[0]['howlong'] === NULL_DATE ? '' : datetime_convert('UTC',date_default_timezone_get(),$r[0]['howlong']))),
+				'$howlong'      => array('howlong', t('Since (date)'), ($r[0]['howlong'] <= NULL_DATE ? '' : datetime_convert('UTC',date_default_timezone_get(),$r[0]['howlong']))),
 				'$sexual'       => sexpref_selector($r[0]['sexual']),
 				'$sexual_min'   => sexpref_selector_min($r[0]['sexual']),
 				'$about'        => array('about', t('Tell us about yourself'), $r[0]['about']),
@@ -767,7 +767,7 @@ class Profiles extends \Zotlabs\Web\Controller {
 						'$alt' => t('Profile Image'),
 						'$profile_name' => $rr['profile_name'],
 						'$visible' => (($rr['is_default']) 
-							? '<strong>' . translate_scope(map_scope($channel['channel_r_profile'])) . '</strong>' 
+							? '<strong>' . translate_scope(map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_profile'))) . '</strong>' 
 							: '<a href="' . z_root() . '/profperm/' . $rr['id'] . '" />' . t('Edit visibility') . '</a>')
 					));
 				}

Zotlabs/Module/Pubsites.php

@@ -16,7 +16,9 @@ class Pubsites extends \Zotlabs\Web\Controller {
 			$url = $directory['url'] . '/dirsearch';
 		}
 		$url .= '/sites';
-	
+
+		$rating_enabled = get_config('system','rating_enabled');
+
 		$o .= '<div class="generic-content-wrapper">';
 	
 		$o .= '<div class="section-title-wrapper"><h2>' . t('Public Hubs') . '</h2></div>';
@@ -28,12 +30,20 @@ class Pubsites extends \Zotlabs\Web\Controller {
 		if($ret['success']) {
 			$j = json_decode($ret['body'],true);
 			if($j) {
-				$o .= '<table class="table table-striped table-hover"><tr><td>' . t('Hub URL') . '</td><td>' . t('Access Type') . '</td><td>' . t('Registration Policy') . '</td><td>' . t('Stats') . '</td><td>' . t('Software') . '</td><td colspan="2">' . t('Ratings') . '</td></tr>';
+				$o .= '<table class="table table-striped table-hover"><tr><td>' . t('Hub URL') . '</td><td>' . t('Access Type') . '</td><td>' . t('Registration Policy') . '</td><td>' . t('Stats') . '</td><td>' . t('Software') . '</td>';
+				if($rating_enabled)
+					$o .= '<td colspan="2">' . t('Ratings') . '</td>';
+				$o .= '</tr>';
 				if($j['sites']) {
 					foreach($j['sites'] as $jj) {
-						$m = parse_url($jj['url']);
-						if(strpos($jj['project'],\Zotlabs\Lib\System::get_platform_name()) === false)
+						if(! $jj['project'])
 							continue;
+						if(strpos($jj['version'],' ')) {
+							$x = explode(' ', $jj['version']);
+							if($x[1])
+								$jj['version'] = $x[1];
+						}
+						$m = parse_url($jj['url']);
 						$host = strtolower(substr($jj['url'],strpos($jj['url'],'://')+3));
 						$rate_links = ((local_channel()) ? '<td><a href="rate?f=&target=' . $host . '" class="btn-btn-default"><i class="fa fa-check-square-o"></i> ' . t('Rate') . '</a></td>' : '');
 						$location = '';
@@ -44,7 +54,10 @@ class Pubsites extends \Zotlabs\Web\Controller {
 							$location = '<br />&nbsp;';
 							}
 						$urltext = str_replace(array('https://'), '', $jj['url']);
-						$o .= '<tr><td><a href="'. (($jj['sellpage']) ? $jj['sellpage'] : $jj['url'] . '/register' ) . '" ><i class="fa fa-link"></i> ' . $urltext . '</a>' . $location . '</td><td>' . $jj['access'] . '</td><td>' . $jj['register'] . '</td><td>' . '<a target="stats" href="https://hubchart-tarine.rhcloud.com/hub.jsp?hubFqdn=' . $m['host'] . '"><i class="fa fa-area-chart"></i></a></td><td>' . ucwords($jj['project']) . '</td><td><a href="ratings/' . $host . '" class="btn-btn-default"><i class="fa fa-eye"></i> ' . t('View') . '</a></td>' . $rate_links . '</tr>';
+						$o .= '<tr><td><a href="'. (($jj['sellpage']) ? $jj['sellpage'] : $jj['url'] . '/register' ) . '" ><i class="fa fa-link"></i> ' . $urltext . '</a>' . $location . '</td><td>' . $jj['access'] . '</td><td>' . $jj['register'] . '</td><td>' . '<a target="stats" href="https://hubchart-tarine.rhcloud.com/hub.jsp?hubFqdn=' . $m['host'] . '"><i class="fa fa-area-chart"></i></a></td><td>' . ucwords($jj['project']) . (($jj['version']) ? ' ' . $jj['version'] : '') . '</td>';
+						if($rating_enabled)
+							$o .= '<td><a href="ratings/' . $host . '" class="btn-btn-default"><i class="fa fa-eye"></i> ' . t('View') . '</a></td>' . $rate_links ;
+						$o .=  '</tr>';
 					}
 				}
 		

Zotlabs/Module/Rate.php

@@ -43,7 +43,7 @@ class Rate extends \Zotlabs\Web\Controller {
 	}
 	
 	
-		function post() {
+	function post() {
 	
 		if(! local_channel())
 			return;
@@ -119,8 +119,8 @@ class Rate extends \Zotlabs\Web\Controller {
 	//		return;
 	//	}
 	
-		$poco_rating = get_config('system','poco_rating_enable');
-		if((! $poco_rating) && ($poco_rating !== false)) {
+		$rating_enabled = get_config('system','rating_enabled');
+		if(! $rating_enabled) {
 			notice('Ratings are disabled on this site.');
 			return;
 		}
@@ -141,11 +141,7 @@ class Rate extends \Zotlabs\Web\Controller {
 			$rating_text = '';
 		}
 	
-		// if unset default to enabled
-		if($poco_rating === false)
-			$poco_rating = true;
-	
-		if($poco_rating) {
+		if($rating_enabled) {
 			$rating = replace_macros(get_markup_template('rating_slider.tpl'),array(
 				'$min' => -10,
 				'$val' => $rating_val

Zotlabs/Module/Ratings.php

@@ -21,12 +21,9 @@ class Ratings extends \Zotlabs\Web\Controller {
 		if($x)
 			$url = $x['url'];
 	
-		$poco_rating = get_config('system','poco_rating_enable');
-		// if unset default to enabled
-		if($poco_rating === false)
-			$poco_rating = true;
+		$rating_enabled = get_config('system','rating_enabled');
 	
-		if(! $poco_rating)
+		if(! $rating_enabled)
 			return;
 	
 		if(argc() > 1)
@@ -87,12 +84,9 @@ class Ratings extends \Zotlabs\Web\Controller {
 			return;
 		}
 	
-		$poco_rating = get_config('system','poco_rating_enable');
-		// if unset default to enabled
-		if($poco_rating === false)
-			$poco_rating = true;
+		$rating_enabled = get_config('system','rating_enabled');
 	
-		if(! $poco_rating)
+		if(! $rating_enabled)
 			return;
 	
 		$site_target = ((array_key_exists('target',\App::$data) && array_key_exists('site_url',\App::$data['target'])) ?

Zotlabs/Module/Ratingsearch.php

@@ -58,7 +58,9 @@ class Ratingsearch extends \Zotlabs\Web\Controller {
 		$ret['success'] = true;
 	
 		$r = q("select * from xlink left join xchan on xlink_xchan = xchan_hash 
-			where xlink_link = '%s' and xlink_rating != 0 and xlink_static = 1 order by xchan_name asc",
+			where xlink_link = '%s' and xlink_rating != 0 and xlink_static = 1 
+			and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0 
+			order by xchan_name asc",
 			dbesc($target)
 		);
 	

Zotlabs/Module/Register.php

@@ -38,7 +38,7 @@ class Register extends \Zotlabs\Web\Controller {
 	}
 	
 	
-		function post() {
+	function post() {
 	
 		$max_dailies = intval(get_config('system','max_daily_registrations'));
 		if($max_dailies) {
@@ -151,7 +151,7 @@ class Register extends \Zotlabs\Web\Controller {
 		$new_channel = false;
 		$next_page = 'new_channel';
 	
-		if(get_config('system','auto_channel_create') || UNO) {
+		if(get_config('system','auto_channel_create') || get_config('system','server_role') == 'basic') {
 			$new_channel = auto_channel_create($result['account']['account_id']);
 			if($new_channel['success']) {
 				$channel_id = $new_channel['channel']['channel_id'];
@@ -174,7 +174,7 @@ class Register extends \Zotlabs\Web\Controller {
 	
 	
 	
-		function get() {
+	function get() {
 	
 		$registration_is = '';
 		$other_sites = '';
@@ -205,6 +205,12 @@ class Register extends \Zotlabs\Web\Controller {
 				return;
 			}
 		}
+
+		$privacy_role = ((x($_REQUEST,'permissions_role')) ? $_REQUEST['permissions_role'] : "");
+
+		$perm_roles = \Zotlabs\Access\PermissionRoles::roles();
+		if((get_account_techlevel() < 4) && $privacy_role !== 'custom')
+			unset($perm_roles[t('Other')]);
 	
 		// Configurable terms of service link
 	
@@ -231,12 +237,14 @@ class Register extends \Zotlabs\Web\Controller {
 		$name = array('name', t('Name or caption'), ((x($_REQUEST,'name')) ? $_REQUEST['name'] : ''), t('Examples: "Bob Jameson", "Lisa and her Horses", "Soccer", "Aviation Group"'));
 		$nickhub = '@' . str_replace(array('http://','https://','/'), '', get_config('system','baseurl'));
 		$nickname = array('nickname', t('Choose a short nickname'), ((x($_REQUEST,'nickname')) ? $_REQUEST['nickname'] : ''), sprintf( t('Your nickname will be used to create an easy to remember channel address e.g. nickname%s'), $nickhub));
-		$privacy_role = ((x($_REQUEST,'permissions_role')) ? $_REQUEST['permissions_role'] : "");
-		$role = array('permissions_role' , t('Channel role and privacy'), ($privacy_role) ? $privacy_role : 'social', t('Select a channel role with your privacy requirements.') . ' <a href="help/roles" target="_blank">' . t('Read more about roles') . '</a>',get_roles());
+		$role = array('permissions_role' , t('Channel role and privacy'), ($privacy_role) ? $privacy_role : 'social', t('Select a channel role with your privacy requirements.') . ' <a href="help/roles" target="_blank">' . t('Read more about roles') . '</a>',$perm_roles);
 		$tos = array('tos', $label_tos, '', '', array(t('no'),t('yes')));
-	
-		$auto_create  = ((UNO) || (get_config('system','auto_channel_create')) ? true : false);
-		$default_role = ((UNO) ? 'social' : get_config('system','default_permissions_role'));
+
+		$server_role = get_config('system','server_role');	
+
+
+		$auto_create  = (($server_role == 'basic') || (get_config('system','auto_channel_create')) ? true : false);
+		$default_role = (($server_role == 'basic') ? 'social' : get_config('system','default_permissions_role'));
 	
 		require_once('include/bbcode.php');
 	
@@ -251,11 +259,11 @@ class Register extends \Zotlabs\Web\Controller {
 			'$invite_code'  => $invite_code,
 			'$auto_create'  => $auto_create,
 			'$name'         => $name,
-			'$role' 	=> $role,
+			'$role'         => $role,
 			'$default_role' => $default_role,
 			'$nickname'     => $nickname,
 			'$enable_tos'	=> $enable_tos,
-			'$tos'		=> $tos,
+			'$tos'          => $tos,
 			'$email'        => $email,
 			'$pass1'        => $password,
 			'$pass2'        => $password2,

Zotlabs/Module/Removeaccount.php

@@ -29,7 +29,7 @@ class Removeaccount extends \Zotlabs\Web\Controller {
 		if(! ($x && $x['account']))
 			return;
 	
-		if($account['account_password_changed'] != NULL_DATE) {
+		if($account['account_password_changed'] > NULL_DATE) {
 			$d1 = datetime_convert('UTC','UTC','now - 48 hours');
 			if($account['account_password_changed'] > d1) {
 				notice( t('Account removals are not allowed within 48 hours of changing the account password.') . EOL);

Zotlabs/Module/Removeme.php

@@ -29,7 +29,7 @@ class Removeme extends \Zotlabs\Web\Controller {
 		if(! ($x && $x['account']))
 			return;
 	
-		if($account['account_password_changed'] != NULL_DATE) {
+		if($account['account_password_changed'] > NULL_DATE) {
 			$d1 = datetime_convert('UTC','UTC','now - 48 hours');
 			if($account['account_password_changed'] > d1) {
 				notice( t('Channel removals are not allowed within 48 hours of changing the account password.') . EOL);

Zotlabs/Module/Rmagic.php

@@ -31,18 +31,6 @@ class Rmagic extends \Zotlabs\Web\Controller {
 			$arr = array('address' => $address);
 			call_hooks('reverse_magic_auth', $arr);		
 	
-			try {
-				require_once('library/openid/openid.php');
-				$openid = new \LightOpenID(z_root());
-				$openid->identity = $address;
-				$openid->returnUrl = z_root() . '/openid'; 
-				$openid->required = array('namePerson/friendly', 'namePerson');
-				$openid->optional = array('namePerson/first','media/image/aspect11','media/image/default');
-				goaway($openid->authUrl());
-			} catch (\Exception $e) {
-				notice( t('We encountered a problem while logging in with the OpenID you provided. Please check the correct spelling of the ID.').'<br /><br >'. t('The error message was:').' '.$e->getMessage());
-			}
-	
 			// if they're still here...
 			notice( t('Authentication failed.') . EOL);		
 			return;

Zotlabs/Module/Rpost.php

@@ -116,6 +116,7 @@ class Rpost extends \Zotlabs\Web\Controller {
 			'nickname' => $channel['channel_address'],
 			'lockstate' => (($acl->is_private()) ? 'lock' : 'unlock'),
 			'acl' => populate_acl($channel_acl, true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post'),
+			'permissions' => $channel_acl,
 			'bang' => '',
 			'visitor' => true,
 			'profile_uid' => local_channel(),
@@ -125,7 +126,10 @@ class Rpost extends \Zotlabs\Web\Controller {
 			'source' => ((x($_REQUEST,'source')) ? strip_tags($_REQUEST['source']) : ''),
 			'return_path' => 'rpost/return',
 			'bbco_autocomplete' => 'bbcode',
-			'bbcode' => true
+			'editor_autocomplete'=> true,
+			'bbcode' => true,
+			'jotnets' => true
+
 		);
 	
 		$editor = status_editor($a,$x);

Zotlabs/Module/Search_ac.php

@@ -18,49 +18,68 @@ class Search_ac extends \Zotlabs\Web\Controller {
 			$search = $_REQUEST['query'];
 		}
 	
+		$do_people = true;
+		$do_tags = true;
+		
+		if(substr($search,0,1) === '@') {
+			$do_tags = false;
+			$search = substr($search,1);
+		}
+
+		if(substr($search,0,1) === '#') {
+			$do_people = false;
+			$search = substr($search,1);
+		}
+
 		// Priority to people searches
 	
 		if ($search) {
-			$people_sql_extra = protect_sprintf(" AND `xchan_name` LIKE '%". dbesc($search) . "%' ");
-			$tag_sql_extra = protect_sprintf(" AND term LIKE '%". dbesc($search) . "%' ");
+			$people_sql_extra = protect_sprintf(" AND xchan_name LIKE '%" . dbesc($search) . "%' ");
+			$tag_sql_extra = protect_sprintf(" AND term LIKE '%" . dbesc($search) . "%' ");
 		}
+
+		$results = [];
 	
+		if($do_people) {	
+			$r = q("SELECT abook_id, xchan_name, xchan_photo_s, xchan_url, xchan_addr FROM abook 
+				left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d 
+				$people_sql_extra
+				ORDER BY xchan_name ASC ",
+				intval(local_channel())
+			);
 	
-		$r = q("SELECT `abook_id`, `xchan_name`, `xchan_photo_s`, `xchan_url`, `xchan_addr` FROM `abook` left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d 
-			$people_sql_extra
-			ORDER BY `xchan_name` ASC ",
-			intval(local_channel())
-		);
-	
-		$results = array();
-		if($r) {
-			foreach($r as $g) {
-				$results[] = array(
-					"photo"    => $g['xchan_photo_s'],
-					"name"     => '@'.$g['xchan_name'],
-					"id"       => $g['abook_id'],
-					"link"     => $g['xchan_url'],
-					"label"    => '',
-					"nick"     => '',
-				);
+			if($r) {
+				foreach($r as $g) {
+					$results[] = [
+						'photo'    => $g['xchan_photo_s'],
+						'name'     => '@' . $g['xchan_name'],
+						'id'       => $g['abook_id'],
+						'link'     => $g['xchan_url'],
+						'label'    => '',
+						'nick'     => '',
+					];
+				}
 			}
 		}
+
+		if($do_tags) {	
+			$r = q("select distinct term, tid, url from term 
+				where ttype in ( %d, %d ) $tag_sql_extra group by term order by term asc",
+				intval(TERM_HASHTAG),
+				intval(TERM_COMMUNITYTAG)
+			);
 	
-		$r = q("select distinct term, tid, url from term where ttype in ( %d, %d ) $tag_sql_extra group by term order by term asc",
-			intval(TERM_HASHTAG),
-			intval(TERM_COMMUNITYTAG)
-		);
-	
-		if(count($r)) {
-			foreach($r as $g) {
-				$results[] = array(
-					"photo"    => z_root() . '/images/hashtag.png',
-					"name"     => '#'.$g['term'],
-					"id"       => $g['tid'],
-					"link"     => $g['url'],
-					"label"    => '',
-					"nick"     => '',
-				);
+			if($r) {
+				foreach($r as $g) {
+					$results[] = [
+						'photo'    => z_root() . '/images/hashtag.png',
+						'name'     => '#' . $g['term'],
+						'id'       => $g['tid'],
+						'link'     => $g['url'],
+						'label'    => '',
+						'nick'     => '',
+					];
+				}
 			}
 		}
 	
@@ -72,7 +91,7 @@ class Search_ac extends \Zotlabs\Web\Controller {
 		);
 		echo json_encode($o);
 	
-		logger('search_ac: ' . print_r($x,true));
+		logger('search_ac: ' . print_r($x,true),LOGGER_DATA,LOG_INFO);
 	
 		killme();
 	}

Zotlabs/Module/Settings/Account.php

@@ -0,0 +1,135 @@
+<?php
+
+namespace Zotlabs\Module\Settings;
+
+class Account {
+
+	function post() {
+		check_form_security_token_redirectOnErr('/settings/account', 'settings_account');
+		
+		call_hooks('account_settings_post', $_POST);
+	
+		$errs = array();
+	
+		$email = ((x($_POST,'email')) ? trim(notags($_POST['email'])) : '');
+		$techlevel = ((array_key_exists('techlevel',$_POST)) ? intval($_POST['techlevel']) : 0);
+
+		$account = \App::get_account();
+		if($email != $account['account_email']) {
+			if(! valid_email($email))
+				$errs[] = t('Not valid email.');
+			$adm = trim(get_config('system','admin_email'));
+			if(($adm) && (strcasecmp($email,$adm) == 0)) {
+				$errs[] = t('Protected email address. Cannot change to that email.');
+				$email = \App::$account['account_email'];
+			}
+			if(! $errs) {
+				$r = q("update account set account_email = '%s' where account_id = %d",
+					dbesc($email),
+					intval($account['account_id'])
+				);
+				if(! $r)
+					$errs[] = t('System failure storing new email. Please try again.');
+			}
+		}
+		if($techlevel != $account['account_level']) {
+			$r = q("update account set account_level = %d where account_id = %d",
+				intval($techlevel),
+				intval($account['account_id'])
+			);
+			info( t('Technical skill level updated') . EOL);
+		}
+	
+		if($errs) {
+			foreach($errs as $err)
+				notice($err . EOL);
+			$errs = array();
+		}
+	
+	
+		if((x($_POST,'npassword')) || (x($_POST,'confirm'))) {
+	
+			$origpass = trim($_POST['origpass']);
+	
+			require_once('include/auth.php');
+			if(! account_verify_password($email,$origpass)) {
+				$errs[] = t('Password verification failed.');
+			}
+	
+			$newpass = trim($_POST['npassword']);
+			$confirm = trim($_POST['confirm']);
+	
+			if($newpass != $confirm ) {
+				$errs[] = t('Passwords do not match. Password unchanged.');
+			}
+	
+			if((! x($newpass)) || (! x($confirm))) {
+				$errs[] = t('Empty passwords are not allowed. Password unchanged.');
+			}
+	
+			if(! $errs) {
+				$salt = random_string(32);
+				$password_encoded = hash('whirlpool', $salt . $newpass);
+				$r = q("update account set account_salt = '%s', account_password = '%s', account_password_changed = '%s' 
+					where account_id = %d",
+					dbesc($salt),
+					dbesc($password_encoded),
+					dbesc(datetime_convert()),
+					intval(get_account_id())
+				);
+				if($r)
+					info( t('Password changed.') . EOL);
+				else
+					$errs[] = t('Password update failed. Please try again.');
+			}
+		}
+	
+	
+		if($errs) {
+			foreach($errs as $err)
+				notice($err . EOL);
+		}
+		goaway(z_root() . '/settings/account' );
+	}
+	
+
+	
+	function get() {
+		$account_settings = "";
+			
+		call_hooks('account_settings', $account_settings);
+	
+		$email      = \App::$account['account_email'];
+
+		$techlevels = [
+			'0' => t('Beginner/Basic'),
+			'1' => t('Novice - not skilled but willing to learn'),
+			'2' => t('Intermediate - somewhat comfortable'),
+			'3' => t('Advanced - very comfortable'),
+			'4' => t('Expert - I can write computer code'),			
+			'5' => t('Wizard - I probably know more than you do')
+		];
+
+
+		$def_techlevel = \App::$account['account_level'];
+		$techlock = get_config('system','techlevel_lock');
+
+		$tpl = get_markup_template("settings_account.tpl");
+		$o .= replace_macros($tpl, array(
+			'$form_security_token' => get_form_security_token("settings_account"),
+			'$title'	=> t('Account Settings'),
+			'$origpass' => array('origpass', t('Current Password'), ' ',''),
+			'$password1'=> array('npassword', t('Enter New Password'), '', ''),
+			'$password2'=> array('confirm', t('Confirm New Password'), '', t('Leave password fields blank unless changing')),
+			'$techlevel' => [ 'techlevel', t('Your technical skill level'), $def_techlevel, t('Used to provide a member experience matched to your comfort level'), $techlevels ],
+			'$techlock' => $techlock,
+			'$submit' 	=> t('Submit'),
+			'$email' 	=> array('email', t('Email Address:'), $email, ''),
+			'$removeme' => t('Remove Account'),
+			'$removeaccount' => t('Remove this account including all its channels'),
+			'$account_settings' => $account_settings
+		));
+		return $o;
+	}
+
+}

Zotlabs/Module/Settings/Channel.php

@@ -0,0 +1,556 @@
+<?php
+
+namespace Zotlabs\Module\Settings;
+
+
+class Channel {
+
+
+	function post() {
+
+		$channel = \App::get_channel();
+
+		check_form_security_token_redirectOnErr('/settings', 'settings');
+		
+		call_hooks('settings_post', $_POST);
+	
+		$set_perms = '';
+	
+		$role = ((x($_POST,'permissions_role')) ? notags(trim($_POST['permissions_role'])) : '');
+		$oldrole = get_pconfig(local_channel(),'system','permissions_role');
+	
+		if(($role != $oldrole) || ($role === 'custom')) {
+	
+			if($role === 'custom') {
+				$hide_presence    = (((x($_POST,'hide_presence')) && (intval($_POST['hide_presence']) == 1)) ? 1: 0);
+				$publish          = (((x($_POST,'profile_in_directory')) && (intval($_POST['profile_in_directory']) == 1)) ? 1: 0);
+				$def_group        = ((x($_POST,'group-selection')) ? notags(trim($_POST['group-selection'])) : '');
+				$r = q("update channel set channel_default_group = '%s' where channel_id = %d",
+					dbesc($def_group),
+					intval(local_channel())
+				);	
+	
+				$global_perms = \Zotlabs\Access\Permissions::Perms();
+	
+				foreach($global_perms as $k => $v) {
+					\Zotlabs\Access\PermissionLimits::Set(local_channel(),$k,intval($_POST[$k]));
+				}
+				$acl = new \Zotlabs\Access\AccessList($channel);
+				$acl->set_from_array($_POST);
+				$x = $acl->get();
+	
+				$r = q("update channel set channel_allow_cid = '%s', channel_allow_gid = '%s', 
+					channel_deny_cid = '%s', channel_deny_gid = '%s' where channel_id = %d",
+					dbesc($x['allow_cid']),
+					dbesc($x['allow_gid']),
+					dbesc($x['deny_cid']),
+					dbesc($x['deny_gid']),
+					intval(local_channel())
+				);
+			}
+			else {
+			   	$role_permissions = \Zotlabs\Access\PermissionRoles::role_perms($_POST['permissions_role']);
+				if(! $role_permissions) {
+					notice('Permissions category could not be found.');
+					return;
+				}
+				$hide_presence    = 1 - (intval($role_permissions['online']));
+				if($role_permissions['default_collection']) {
+					$r = q("select hash from groups where uid = %d and gname = '%s' limit 1",
+						intval(local_channel()),
+						dbesc( t('Friends') )
+					);
+					if(! $r) {
+						require_once('include/group.php');
+						group_add(local_channel(), t('Friends'));
+						group_add_member(local_channel(),t('Friends'),$channel['channel_hash']);
+						$r = q("select hash from groups where uid = %d and gname = '%s' limit 1",
+							intval(local_channel()),
+							dbesc( t('Friends') )
+						);
+					}
+					if($r) {
+						q("update channel set channel_default_group = '%s', channel_allow_gid = '%s', channel_allow_cid = '', channel_deny_gid = '', channel_deny_cid = '' where channel_id = %d",
+							dbesc($r[0]['hash']),
+							dbesc('<' . $r[0]['hash'] . '>'),
+							intval(local_channel())
+						);
+					}
+					else {
+						notice( sprintf('Default privacy group \'%s\' not found. Please create and re-submit permission change.', t('Friends')) . EOL);
+						return;
+					}
+				}
+				// no default collection
+				else {
+					q("update channel set channel_default_group = '', channel_allow_gid = '', channel_allow_cid = '', channel_deny_gid = '', 
+						channel_deny_cid = '' where channel_id = %d",
+							intval(local_channel())
+					);
+				}
+	
+				$x = \Zotlabs\Access\Permissions::FilledPerms($role_permissions['perms_connect']);
+				foreach($x as $k => $v) {
+					set_abconfig(local_channel(),$channel['channel_hash'],'my_perms',$k, $v);
+					if($role_permissions['perms_auto']) {
+						set_pconfig(local_channel(),'autoperms',$k,$v);
+					}
+					else {
+						del_pconfig(local_channel(),'autoperms',$k);
+					}
+				}	
+
+				if($role_permissions['limits']) {
+					foreach($role_permissions['limits'] as $k => $v) {
+						\Zotlabs\Access\PermissionLimits::Set(local_channel(),$k,$v);
+					}
+				}
+				if(array_key_exists('directory_publish',$role_permissions)) {
+					$publish = intval($role_permissions['directory_publish']);
+				}
+			}
+	
+			set_pconfig(local_channel(),'system','hide_online_status',$hide_presence);
+			set_pconfig(local_channel(),'system','permissions_role',$role);
+		}
+	
+		$username         = ((x($_POST,'username'))   ? notags(trim($_POST['username']))     : '');
+		$timezone         = ((x($_POST,'timezone_select'))   ? notags(trim($_POST['timezone_select']))     : '');
+		$defloc           = ((x($_POST,'defloc'))     ? notags(trim($_POST['defloc']))       : '');
+		$openid           = ((x($_POST,'openid_url')) ? notags(trim($_POST['openid_url']))   : '');
+		$maxreq           = ((x($_POST,'maxreq'))     ? intval($_POST['maxreq'])             : 0);
+		$expire           = ((x($_POST,'expire'))     ? intval($_POST['expire'])             : 0);
+		$evdays           = ((x($_POST,'evdays'))     ? intval($_POST['evdays'])             : 3);
+		$photo_path       = ((x($_POST,'photo_path')) ? escape_tags(trim($_POST['photo_path'])) : '');
+		$attach_path      = ((x($_POST,'attach_path')) ? escape_tags(trim($_POST['attach_path'])) : '');
+	
+		$channel_menu     = ((x($_POST['channel_menu'])) ? htmlspecialchars_decode(trim($_POST['channel_menu']),ENT_QUOTES) : '');
+	
+		$expire_items     = ((x($_POST,'expire_items')) ? intval($_POST['expire_items'])	 : 0);
+		$expire_starred   = ((x($_POST,'expire_starred')) ? intval($_POST['expire_starred']) : 0);
+		$expire_photos    = ((x($_POST,'expire_photos'))? intval($_POST['expire_photos'])	 : 0);
+		$expire_network_only    = ((x($_POST,'expire_network_only'))? intval($_POST['expire_network_only'])	 : 0);
+	
+		$allow_location   = (((x($_POST,'allow_location')) && (intval($_POST['allow_location']) == 1)) ? 1: 0);
+	
+		$blocktags        = (((x($_POST,'blocktags')) && (intval($_POST['blocktags']) == 1)) ? 0: 1); // this setting is inverted!
+		$unkmail          = (((x($_POST,'unkmail')) && (intval($_POST['unkmail']) == 1)) ? 1: 0);
+		$cntunkmail       = ((x($_POST,'cntunkmail')) ? intval($_POST['cntunkmail']) : 0);
+		$suggestme        = ((x($_POST,'suggestme')) ? intval($_POST['suggestme'])  : 0);  
+	
+		$post_newfriend   = (($_POST['post_newfriend'] == 1) ? 1: 0);
+		$post_joingroup   = (($_POST['post_joingroup'] == 1) ? 1: 0);
+		$post_profilechange   = (($_POST['post_profilechange'] == 1) ? 1: 0);
+		$adult            = (($_POST['adult'] == 1) ? 1 : 0);
+	
+		$cal_first_day   = (((x($_POST,'first_day')) && (intval($_POST['first_day']) == 1)) ? 1: 0);
+	
+		$pageflags = $channel['channel_pageflags'];
+		$existing_adult = (($pageflags & PAGE_ADULT) ? 1 : 0);
+		if($adult != $existing_adult)
+			$pageflags = ($pageflags ^ PAGE_ADULT);
+	
+	
+		$notify = 0;
+	
+		if(x($_POST,'notify1'))
+			$notify += intval($_POST['notify1']);
+		if(x($_POST,'notify2'))
+			$notify += intval($_POST['notify2']);
+		if(x($_POST,'notify3'))
+			$notify += intval($_POST['notify3']);
+		if(x($_POST,'notify4'))
+			$notify += intval($_POST['notify4']);
+		if(x($_POST,'notify5'))
+			$notify += intval($_POST['notify5']);
+		if(x($_POST,'notify6'))
+			$notify += intval($_POST['notify6']);
+		if(x($_POST,'notify7'))
+			$notify += intval($_POST['notify7']);
+		if(x($_POST,'notify8'))
+			$notify += intval($_POST['notify8']);
+	
+	
+		$vnotify = 0;
+	
+		if(x($_POST,'vnotify1'))
+			$vnotify += intval($_POST['vnotify1']);
+		if(x($_POST,'vnotify2'))
+			$vnotify += intval($_POST['vnotify2']);
+		if(x($_POST,'vnotify3'))
+			$vnotify += intval($_POST['vnotify3']);
+		if(x($_POST,'vnotify4'))
+			$vnotify += intval($_POST['vnotify4']);
+		if(x($_POST,'vnotify5'))
+			$vnotify += intval($_POST['vnotify5']);
+		if(x($_POST,'vnotify6'))
+			$vnotify += intval($_POST['vnotify6']);
+		if(x($_POST,'vnotify7'))
+			$vnotify += intval($_POST['vnotify7']);
+		if(x($_POST,'vnotify8'))
+			$vnotify += intval($_POST['vnotify8']);
+		if(x($_POST,'vnotify9'))
+			$vnotify += intval($_POST['vnotify9']);
+		if(x($_POST,'vnotify10'))
+			$vnotify += intval($_POST['vnotify10']);
+		if(x($_POST,'vnotify11'))
+			$vnotify += intval($_POST['vnotify11']);
+	
+		$always_show_in_notices = x($_POST,'always_show_in_notices') ? 1 : 0;
+		
+		$err = '';
+	
+		$name_change = false;
+	
+		if($username != $channel['channel_name']) {
+			$name_change = true;
+			require_once('include/channel.php');
+			$err = validate_channelname($username);
+			if($err) {
+				notice($err);
+				return;
+			}
+		}
+	
+		if($timezone != $channel['channel_timezone']) {
+			if(strlen($timezone))
+				date_default_timezone_set($timezone);
+		}
+	
+		set_pconfig(local_channel(),'system','use_browser_location',$allow_location);
+		set_pconfig(local_channel(),'system','suggestme', $suggestme);
+		set_pconfig(local_channel(),'system','post_newfriend', $post_newfriend);
+		set_pconfig(local_channel(),'system','post_joingroup', $post_joingroup);
+		set_pconfig(local_channel(),'system','post_profilechange', $post_profilechange);
+		set_pconfig(local_channel(),'system','blocktags',$blocktags);
+		set_pconfig(local_channel(),'system','channel_menu',$channel_menu);
+		set_pconfig(local_channel(),'system','vnotify',$vnotify);
+		set_pconfig(local_channel(),'system','always_show_in_notices',$always_show_in_notices);
+		set_pconfig(local_channel(),'system','evdays',$evdays);
+		set_pconfig(local_channel(),'system','photo_path',$photo_path);
+		set_pconfig(local_channel(),'system','attach_path',$attach_path);
+		set_pconfig(local_channel(),'system','cal_first_day',$cal_first_day);
+	
+		$r = q("update channel set channel_name = '%s', channel_pageflags = %d, channel_timezone = '%s', channel_location = '%s', channel_notifyflags = %d, channel_max_anon_mail = %d, channel_max_friend_req = %d, channel_expire_days = %d $set_perms where channel_id = %d",
+			dbesc($username),
+			intval($pageflags),
+			dbesc($timezone),
+			dbesc($defloc),
+			intval($notify),
+			intval($unkmail),
+			intval($maxreq),
+			intval($expire),
+			intval(local_channel())
+		);   
+		if($r)
+			info( t('Settings updated.') . EOL);
+	
+		if(! is_null($publish)) {
+			$r = q("UPDATE profile SET publish = %d WHERE is_default = 1 AND uid = %d",
+				intval($publish),
+				intval(local_channel())
+			);
+		}
+	
+		if($name_change) {
+			$r = q("update xchan set xchan_name = '%s', xchan_name_date = '%s' where xchan_hash = '%s'",
+				dbesc($username),
+				dbesc(datetime_convert()),
+				dbesc($channel['channel_hash'])
+			);
+			$r = q("update profile set fullname = '%s' where uid = %d and is_default = 1",
+				dbesc($username),
+				intval($channel['channel_id'])
+			);
+		}
+	
+		\Zotlabs\Daemon\Master::Summon(array('Directory',local_channel()));
+	
+		build_sync_packet();
+	
+	
+		if($email_changed && \App::$config['system']['register_policy'] == REGISTER_VERIFY) {
+	
+			// FIXME - set to un-verified, blocked and redirect to logout
+			// Why? Are we verifying people or email addresses?
+	
+		}
+	
+		goaway(z_root() . '/settings' );
+		return; // NOTREACHED
+	}
+			
+	function get() {
+	
+		require_once('include/acl_selectors.php');
+		require_once('include/permissions.php');
+
+
+		$yes_no = array(t('No'),t('Yes'));
+	
+	
+		$p = q("SELECT * FROM `profile` WHERE `is_default` = 1 AND `uid` = %d LIMIT 1",
+			intval(local_channel())
+		);
+		if(count($p))
+			$profile = $p[0];
+	
+		load_pconfig(local_channel(),'expire');
+	
+		$channel = \App::get_channel();
+	
+		$global_perms = \Zotlabs\Access\Permissions::Perms();
+
+		$permiss = array();
+	
+		$perm_opts = array(
+			array( t('Nobody except yourself'), 0),
+			array( t('Only those you specifically allow'), PERMS_SPECIFIC), 
+			array( t('Approved connections'), PERMS_CONTACTS),
+			array( t('Any connections'), PERMS_PENDING),
+			array( t('Anybody on this website'), PERMS_SITE),
+			array( t('Anybody in this network'), PERMS_NETWORK),
+			array( t('Anybody authenticated'), PERMS_AUTHED),
+			array( t('Anybody on the internet'), PERMS_PUBLIC)
+		);
+	
+		$limits = \Zotlabs\Access\PermissionLimits::Get(local_channel());
+	
+		foreach($global_perms as $k => $perm) {
+			$options = array();
+			foreach($perm_opts as $opt) {
+				if((! strstr($perm,'view')) && $opt[1] == PERMS_PUBLIC)
+					continue;
+				$options[$opt[1]] = $opt[0];
+			}
+			$permiss[] = array($k,$perm,$limits[$k],'',$options);			
+		}
+	
+	
+		//logger('permiss: ' . print_r($permiss,true));
+	
+	
+	
+		$username   = $channel['channel_name'];
+		$nickname   = $channel['channel_address'];
+		$timezone   = $channel['channel_timezone'];
+		$notify     = $channel['channel_notifyflags'];
+		$defloc     = $channel['channel_location'];
+	
+		$maxreq     = $channel['channel_max_friend_req'];
+		$expire     = $channel['channel_expire_days'];
+		$adult_flag = intval($channel['channel_pageflags'] & PAGE_ADULT);
+		$sys_expire = get_config('system','default_expire_days');
+	
+//		$unkmail    = \App::$user['unkmail'];
+//		$cntunkmail = \App::$user['cntunkmail'];
+	
+		$hide_presence = intval(get_pconfig(local_channel(), 'system','hide_online_status'));
+	
+	
+		$expire_items = get_pconfig(local_channel(), 'expire','items');
+		$expire_items = (($expire_items===false)? '1' : $expire_items); // default if not set: 1
+		
+		$expire_notes = get_pconfig(local_channel(), 'expire','notes');
+		$expire_notes = (($expire_notes===false)? '1' : $expire_notes); // default if not set: 1
+	
+		$expire_starred = get_pconfig(local_channel(), 'expire','starred');
+		$expire_starred = (($expire_starred===false)? '1' : $expire_starred); // default if not set: 1
+		
+		$expire_photos = get_pconfig(local_channel(), 'expire','photos');
+		$expire_photos = (($expire_photos===false)? '0' : $expire_photos); // default if not set: 0
+	
+		$expire_network_only = get_pconfig(local_channel(), 'expire','network_only');
+		$expire_network_only = (($expire_network_only===false)? '0' : $expire_network_only); // default if not set: 0
+	
+	
+		$suggestme = get_pconfig(local_channel(), 'system','suggestme');
+		$suggestme = (($suggestme===false)? '0': $suggestme); // default if not set: 0
+	
+		$post_newfriend = get_pconfig(local_channel(), 'system','post_newfriend');
+		$post_newfriend = (($post_newfriend===false)? '0': $post_newfriend); // default if not set: 0
+	
+		$post_joingroup = get_pconfig(local_channel(), 'system','post_joingroup');
+		$post_joingroup = (($post_joingroup===false)? '0': $post_joingroup); // default if not set: 0
+	
+		$post_profilechange = get_pconfig(local_channel(), 'system','post_profilechange');
+		$post_profilechange = (($post_profilechange===false)? '0': $post_profilechange); // default if not set: 0
+	
+		$blocktags  = get_pconfig(local_channel(),'system','blocktags');
+		$blocktags = (($blocktags===false) ? '0' : $blocktags);
+		
+		$timezone = date_default_timezone_get();
+	
+		$opt_tpl = get_markup_template("field_checkbox.tpl");
+		if(get_config('system','publish_all')) {
+			$profile_in_dir = '<input type="hidden" name="profile_in_directory" value="1" />';
+		}
+		else {
+			$profile_in_dir = replace_macros($opt_tpl,array(
+				'$field' 	=> array('profile_in_directory', t('Publish your default profile in the network directory'), $profile['publish'], '', $yes_no),
+			));
+		}
+	
+		$suggestme = replace_macros($opt_tpl,array(
+				'$field' 	=> array('suggestme',  t('Allow us to suggest you as a potential friend to new members?'), $suggestme, '', $yes_no),
+	
+		));
+	
+		$subdir = ((strlen(\App::get_path())) ? '<br />' . t('or') . ' ' . z_root() . '/channel/' . $nickname : '');
+	
+		$tpl_addr = get_markup_template("settings_nick_set.tpl");
+	
+		$prof_addr = replace_macros($tpl_addr,array(
+			'$desc' => t('Your channel address is'),
+			'$nickname' => $nickname,
+			'$subdir' => $subdir,
+			'$basepath' => \App::get_hostname()
+		));
+	
+		$stpl = get_markup_template('settings.tpl');
+	
+		$acl = new \Zotlabs\Access\AccessList($channel);
+		$perm_defaults = $acl->get();
+	
+		require_once('include/group.php');
+		$group_select = mini_group_select(local_channel(),$channel['channel_default_group']);
+	
+		require_once('include/menu.php');
+		$m1 = menu_list(local_channel());
+		$menu = false;
+		if($m1) {
+			$menu = array();
+			$current = get_pconfig(local_channel(),'system','channel_menu');
+			$menu[] = array('name' => '', 'selected' => ((! $current) ? true : false));
+			foreach($m1 as $m) {
+				$menu[] = array('name' => htmlspecialchars($m['menu_name'],ENT_COMPAT,'UTF-8'), 'selected' => (($m['menu_name'] === $current) ? ' selected="selected" ' : false));
+			}
+		}
+	
+		$evdays = get_pconfig(local_channel(),'system','evdays');
+		if(! $evdays)
+			$evdays = 3;
+	
+		$permissions_role = get_pconfig(local_channel(),'system','permissions_role');
+		if(! $permissions_role)
+			$permissions_role = 'custom';
+	
+		$permissions_set = (($permissions_role != 'custom') ? true : false);
+
+		$perm_roles = \Zotlabs\Access\PermissionRoles::roles();
+		if((get_account_techlevel() < 4) && $permissions_role !== 'custom')
+			unset($perm_roles[t('Other')]);
+
+		$vnotify = get_pconfig(local_channel(),'system','vnotify');
+		$always_show_in_notices = get_pconfig(local_channel(),'system','always_show_in_notices');
+		if($vnotify === false)
+			$vnotify = (-1);
+	
+		$o .= replace_macros($stpl,array(
+			'$ptitle' 	=> t('Channel Settings'),
+	
+			'$submit' 	=> t('Submit'),
+			'$baseurl' => z_root(),
+			'$uid' => local_channel(),
+			'$form_security_token' => get_form_security_token("settings"),
+			'$nickname_block' => $prof_addr,
+			'$h_basic' 	=> t('Basic Settings'),
+			'$username' => array('username',  t('Full Name:'), $username,''),
+			'$email' 	=> array('email', t('Email Address:'), $email, ''),
+			'$timezone' => array('timezone_select' , t('Your Timezone:'), $timezone, '', get_timezones()),
+			'$defloc'	=> array('defloc', t('Default Post Location:'), $defloc, t('Geographical location to display on your posts')),
+			'$allowloc' => array('allow_location', t('Use Browser Location:'), ((get_pconfig(local_channel(),'system','use_browser_location')) ? 1 : ''), '', $yes_no),
+			
+			'$adult'    => array('adult', t('Adult Content'), $adult_flag, t('This channel frequently or regularly publishes adult content. (Please tag any adult material and/or nudity with #NSFW)'), $yes_no),
+	
+			'$h_prv' 	=> t('Security and Privacy Settings'),
+			'$permissions_set' => $permissions_set,
+			'$server_role' => \Zotlabs\Lib\System::get_server_role(),
+			'$perms_set_msg' => t('Your permissions are already configured. Click to view/adjust'),
+	
+			'$hide_presence' => array('hide_presence', t('Hide my online presence'),$hide_presence, t('Prevents displaying in your profile that you are online'), $yes_no),
+	
+			'$lbl_pmacro' => t('Simple Privacy Settings:'),
+			'$pmacro3'    => t('Very Public - <em>extremely permissive (should be used with caution)</em>'),
+			'$pmacro2'    => t('Typical - <em>default public, privacy when desired (similar to social network permissions but with improved privacy)</em>'),
+			'$pmacro1'    => t('Private - <em>default private, never open or public</em>'),
+			'$pmacro0'    => t('Blocked - <em>default blocked to/from everybody</em>'),
+			'$permiss_arr' => $permiss,
+			'$blocktags' => array('blocktags',t('Allow others to tag your posts'), 1-$blocktags, t('Often used by the community to retro-actively flag inappropriate content'), $yes_no),
+	
+			'$lbl_p2macro' => t('Channel Permission Limits'),
+	
+			'$expire' => array('expire',t('Expire other channel content after this many days'),$expire, t('0 or blank to use the website limit.') . ' ' . ((intval($sys_expire)) ? sprintf( t('This website expires after %d days.'),intval($sys_expire)) : t('This website does not expire imported content.')) . ' ' . t('The website limit takes precedence if lower than your limit.')),
+			'$maxreq' 	=> array('maxreq', t('Maximum Friend Requests/Day:'), intval($channel['channel_max_friend_req']) , t('May reduce spam activity')),
+			'$permissions' => t('Default Access Control List (ACL)'),
+			'$permdesc' => t("\x28click to open/close\x29"),
+			'$aclselect' => populate_acl($perm_defaults, false, \Zotlabs\Lib\PermissionDescription::fromDescription(t('Use my default audience setting for the type of object published'))),
+			'$allow_cid' => acl2json($perm_defaults['allow_cid']),
+			'$allow_gid' => acl2json($perm_defaults['allow_gid']),
+			'$deny_cid' => acl2json($perm_defaults['deny_cid']),
+			'$deny_gid' => acl2json($perm_defaults['deny_gid']),
+			'$suggestme' => $suggestme,
+			'$group_select' => $group_select,
+			'$role' => array('permissions_role' , t('Channel permissions category:'), $permissions_role, '', $perm_roles),
+	
+			'$profile_in_dir' => $profile_in_dir,
+			'$hide_friends' => $hide_friends,
+			'$hide_wall' => $hide_wall,
+			'$unkmail' => $unkmail,		
+			'$cntunkmail' 	=> array('cntunkmail', t('Maximum private messages per day from unknown people:'), intval($channel['channel_max_anon_mail']) ,t("Useful to reduce spamming")),
+			
+			
+			'$h_not' 	=> t('Notification Settings'),
+			'$activity_options' => t('By default post a status message when:'),
+			'$post_newfriend' => array('post_newfriend',  t('accepting a friend request'), $post_newfriend, '', $yes_no),
+			'$post_joingroup' => array('post_joingroup',  t('joining a forum/community'), $post_joingroup, '', $yes_no),
+			'$post_profilechange' => array('post_profilechange',  t('making an <em>interesting</em> profile change'), $post_profilechange, '', $yes_no),
+			'$lbl_not' 	=> t('Send a notification email when:'),
+			'$notify1'	=> array('notify1', t('You receive a connection request'), ($notify & NOTIFY_INTRO), NOTIFY_INTRO, '', $yes_no),
+			'$notify2'	=> array('notify2', t('Your connections are confirmed'), ($notify & NOTIFY_CONFIRM), NOTIFY_CONFIRM, '', $yes_no),
+			'$notify3'	=> array('notify3', t('Someone writes on your profile wall'), ($notify & NOTIFY_WALL), NOTIFY_WALL, '', $yes_no),
+			'$notify4'	=> array('notify4', t('Someone writes a followup comment'), ($notify & NOTIFY_COMMENT), NOTIFY_COMMENT, '', $yes_no),
+			'$notify5'	=> array('notify5', t('You receive a private message'), ($notify & NOTIFY_MAIL), NOTIFY_MAIL, '', $yes_no),
+			'$notify6'  => array('notify6', t('You receive a friend suggestion'), ($notify & NOTIFY_SUGGEST), NOTIFY_SUGGEST, '', $yes_no),
+			'$notify7'  => array('notify7', t('You are tagged in a post'), ($notify & NOTIFY_TAGSELF), NOTIFY_TAGSELF, '', $yes_no),
+			'$notify8'  => array('notify8', t('You are poked/prodded/etc. in a post'), ($notify & NOTIFY_POKE), NOTIFY_POKE, '', $yes_no),
+			
+	
+			'$lbl_vnot' 	=> t('Show visual notifications including:'),
+	
+			'$vnotify1'	=> array('vnotify1', t('Unseen grid activity'), ($vnotify & VNOTIFY_NETWORK), VNOTIFY_NETWORK, '', $yes_no),
+			'$vnotify2'	=> array('vnotify2', t('Unseen channel activity'), ($vnotify & VNOTIFY_CHANNEL), VNOTIFY_CHANNEL, '', $yes_no),
+			'$vnotify3'	=> array('vnotify3', t('Unseen private messages'), ($vnotify & VNOTIFY_MAIL), VNOTIFY_MAIL, t('Recommended'), $yes_no),
+			'$vnotify4'	=> array('vnotify4', t('Upcoming events'), ($vnotify & VNOTIFY_EVENT), VNOTIFY_EVENT, '', $yes_no),
+			'$vnotify5'	=> array('vnotify5', t('Events today'), ($vnotify & VNOTIFY_EVENTTODAY), VNOTIFY_EVENTTODAY, '', $yes_no),
+			'$vnotify6'  => array('vnotify6', t('Upcoming birthdays'), ($vnotify & VNOTIFY_BIRTHDAY), VNOTIFY_BIRTHDAY, t('Not available in all themes'), $yes_no),
+			'$vnotify7'  => array('vnotify7', t('System (personal) notifications'), ($vnotify & VNOTIFY_SYSTEM), VNOTIFY_SYSTEM, '', $yes_no),
+			'$vnotify8'  => array('vnotify8', t('System info messages'), ($vnotify & VNOTIFY_INFO), VNOTIFY_INFO, t('Recommended'), $yes_no),
+			'$vnotify9'  => array('vnotify9', t('System critical alerts'), ($vnotify & VNOTIFY_ALERT), VNOTIFY_ALERT, t('Recommended'), $yes_no),
+			'$vnotify10'  => array('vnotify10', t('New connections'), ($vnotify & VNOTIFY_INTRO), VNOTIFY_INTRO, t('Recommended'), $yes_no),
+			'$vnotify11'  => array('vnotify11', t('System Registrations'), ($vnotify & VNOTIFY_REGISTER), VNOTIFY_REGISTER, '', $yes_no),
+			'$always_show_in_notices'  => array('always_show_in_notices', t('Also show new wall posts, private messages and connections under Notices'), $always_show_in_notices, 1, '', $yes_no),
+	
+			'$evdays' => array('evdays', t('Notify me of events this many days in advance'), $evdays, t('Must be greater than 0')),			
+	
+			'$h_advn' => t('Advanced Account/Page Type Settings'),
+			'$h_descadvn' => t('Change the behaviour of this account for special situations'),
+			'$pagetype' => $pagetype,
+			'$lbl_misc' => t('Miscellaneous Settings'),
+			'$photo_path' => array('photo_path', t('Default photo upload folder'), get_pconfig(local_channel(),'system','photo_path'), t('%Y - current year, %m -  current month')),
+			'$attach_path' => array('attach_path', t('Default file upload folder'), get_pconfig(local_channel(),'system','attach_path'), t('%Y - current year, %m -  current month')),
+			'$menus' => $menu,			
+			'$menu_desc' => t('Personal menu to display in your channel pages'),
+			'$removeme' => t('Remove Channel'),
+			'$removechannel' => t('Remove this channel.'),
+			'$firefoxshare' => t('Firefox Share $Projectname provider'),
+			'$cal_first_day' => array('first_day', t('Start calendar week on monday'), ((get_pconfig(local_channel(),'system','cal_first_day')) ? 1 : ''), '', $yes_no),
+		));
+	
+		call_hooks('settings_form',$o);
+	
+		//$o .= '</form>' . "\r\n";
+	
+		return $o;
+	}
+}

Zotlabs/Module/Settings/Display.php

@@ -0,0 +1,240 @@
+<?php
+
+namespace Zotlabs\Module\Settings;
+
+
+class Display {
+
+		/*
+		 * DISPLAY SETTINGS
+		 */
+
+	function post() {
+		check_form_security_token_redirectOnErr('/settings/display', 'settings_display');
+
+		$themespec = explode(':', \App::$channel['channel_theme']);
+		$existing_theme  = $themespec[0];
+		$existing_schema = $themespec[1];
+
+		$theme             = ((x($_POST,'theme')) ? notags(trim($_POST['theme']))  : $existing_theme);
+
+		if(! $theme)
+			$theme = 'redbasic';
+
+		$mobile_theme      = ((x($_POST,'mobile_theme')) ? notags(trim($_POST['mobile_theme']))  : '');
+		$preload_images    = ((x($_POST,'preload_images')) ? intval($_POST['preload_images'])  : 0);
+		$user_scalable     = ((x($_POST,'user_scalable')) ? intval($_POST['user_scalable'])  : 0);
+		$nosmile           = ((x($_POST,'nosmile')) ? intval($_POST['nosmile'])  : 0); 
+		$title_tosource    = ((x($_POST,'title_tosource')) ? intval($_POST['title_tosource'])  : 0);		 
+		$channel_list_mode = ((x($_POST,'channel_list_mode')) ? intval($_POST['channel_list_mode']) : 0);
+		$network_list_mode = ((x($_POST,'network_list_mode')) ? intval($_POST['network_list_mode']) : 0);
+	
+		$channel_divmore_height = ((x($_POST,'channel_divmore_height')) ? intval($_POST['channel_divmore_height']) : 400);
+		if($channel_divmore_height < 50)
+			$channel_divmore_height = 50;
+		$network_divmore_height = ((x($_POST,'network_divmore_height')) ? intval($_POST['network_divmore_height']) : 400);
+		if($network_divmore_height < 50)
+			$network_divmore_height = 50;
+	
+		$browser_update   = ((x($_POST,'browser_update')) ? intval($_POST['browser_update']) : 0);
+		$browser_update   = $browser_update * 1000;
+		if($browser_update < 10000)
+			$browser_update = 10000;
+	
+		$itemspage   = ((x($_POST,'itemspage')) ? intval($_POST['itemspage']) : 20);
+		if($itemspage > 100)
+			$itemspage = 100;
+		
+		if ($mobile_theme == "---") 
+			del_pconfig(local_channel(),'system','mobile_theme');
+		else {
+			set_pconfig(local_channel(),'system','mobile_theme',$mobile_theme);
+		}
+	
+		set_pconfig(local_channel(),'system','preload_images',$preload_images);
+		set_pconfig(local_channel(),'system','user_scalable',$user_scalable);
+		set_pconfig(local_channel(),'system','update_interval', $browser_update);
+		set_pconfig(local_channel(),'system','itemspage', $itemspage);
+		set_pconfig(local_channel(),'system','no_smilies',1-intval($nosmile));
+		set_pconfig(local_channel(),'system','title_tosource',$title_tosource);
+		set_pconfig(local_channel(),'system','channel_list_mode', $channel_list_mode);
+		set_pconfig(local_channel(),'system','network_list_mode', $network_list_mode);
+		set_pconfig(local_channel(),'system','channel_divmore_height', $channel_divmore_height);
+		set_pconfig(local_channel(),'system','network_divmore_height', $network_divmore_height);
+	
+		$newschema = '';
+		if($theme == $existing_theme){
+			// call theme_post only if theme has not been changed
+			if( ($themeconfigfile = $this->get_theme_config_file($theme)) != null){
+				require_once($themeconfigfile);
+				if(class_exists('\\Zotlabs\\Theme\\' . ucfirst($theme) . 'Config')) {
+					$clsname = '\\Zotlabs\\Theme\\' . ucfirst($theme) . 'Config';
+					$theme_config = new $clsname();
+					$schemas = $theme_config->get_schemas();
+					if(array_key_exists($_POST['schema'],$schemas))
+						$newschema = $_POST['schema'];
+					if($newschema === '---')
+						$newschema = '';	
+					$theme_config->post();
+				}
+			}
+		}
+
+		logger('theme: ' . $theme . (($newschema) ? ':' . $newschema : ''));
+
+		$_SESSION['theme'] = $theme . (($newschema) ? ':' . $newschema : '');
+	
+		$r = q("UPDATE channel SET channel_theme = '%s' WHERE channel_id = %d",
+				dbesc($theme . (($newschema) ? ':' . $newschema : '')),
+				intval(local_channel())
+		);
+		
+		call_hooks('display_settings_post', $_POST);
+		build_sync_packet();
+		goaway(z_root() . '/settings/display' );
+		return; // NOTREACHED
+	}
+	
+
+	function get() {
+
+		$yes_no = array(t('No'),t('Yes'));
+
+		$default_theme = get_config('system','theme');
+		if(! $default_theme)
+			$default_theme = 'redbasic';
+
+		$themespec = explode(':', \App::$channel['channel_theme']);
+		$existing_theme  = $themespec[0];
+		$existing_schema = $themespec[1];
+
+		$theme = (($existing_theme) ? $existing_theme : $default_theme);
+
+		$default_mobile_theme = get_config('system','mobile_theme');
+		if(! $mobile_default_theme)
+			$mobile_default_theme = 'none';
+	
+		$allowed_themes_str = get_config('system','allowed_themes');
+		$allowed_themes_raw = explode(',',$allowed_themes_str);
+		$allowed_themes = array();
+		if(count($allowed_themes_raw))
+			foreach($allowed_themes_raw as $x) 
+				if(strlen(trim($x)) && is_dir("view/theme/$x"))
+					$allowed_themes[] = trim($x);
+
+			
+		$themes = array();
+		$files = glob('view/theme/*');
+		if($allowed_themes) {
+			foreach($allowed_themes as $th) {
+				$f = $th;
+				$is_experimental = file_exists('view/theme/' . $th . '/experimental');
+				$unsupported = file_exists('view/theme/' . $th . '/unsupported');
+				$is_mobile = file_exists('view/theme/' . $th . '/mobile');
+				$is_library = file_exists('view/theme/'. $th . '/library');
+				$mobile_themes["---"] = t("No special theme for mobile devices");
+	
+				if (!$is_experimental or ($is_experimental && (get_config('experimentals','exp_themes')==1 or get_config('experimentals','exp_themes')===false))){ 
+					$theme_name = (($is_experimental) ?  sprintf(t('%s - (Experimental)'), $f) : $f);
+					if (! $is_library) {
+						if($is_mobile) {
+							$mobile_themes[$f] = $themes[$f] = $theme_name . ' (' . t('mobile') . ')';
+						}
+						else {
+							$mobile_themes[$f] = $themes[$f] = $theme_name;
+						}
+					}
+				}
+
+			}
+		}
+
+		$theme_selected = ((array_key_exists('theme',$_SESSION) && $_SESSION['theme']) ? $_SESSION['theme'] : $theme);
+
+		$mobile_theme_selected = (!x($_SESSION,'mobile_theme')? $default_mobile_theme : $_SESSION['mobile_theme']);
+	
+		$preload_images = get_pconfig(local_channel(),'system','preload_images');
+		$preload_images = (($preload_images===false)? '0': $preload_images); // default if not set: 0
+	
+		$user_scalable = get_pconfig(local_channel(),'system','user_scalable');
+		$user_scalable = (($user_scalable===false)? '1': $user_scalable); // default if not set: 1
+			
+		$browser_update = intval(get_pconfig(local_channel(), 'system','update_interval'));
+		$browser_update = (($browser_update == 0) ? 80 : $browser_update / 1000); // default if not set: 40 seconds
+	
+		$itemspage = intval(get_pconfig(local_channel(), 'system','itemspage'));
+		$itemspage = (($itemspage > 0 && $itemspage < 101) ? $itemspage : 20); // default if not set: 20 items
+			
+		$nosmile = get_pconfig(local_channel(),'system','no_smilies');
+		$nosmile = (($nosmile===false)? '0': $nosmile); // default if not set: 0
+	
+		$title_tosource = get_pconfig(local_channel(),'system','title_tosource');
+		$title_tosource = (($title_tosource===false)? '0': $title_tosource); // default if not set: 0
+	
+		$theme_config = "";
+		if(($themeconfigfile = $this->get_theme_config_file($theme)) != null){
+			require_once($themeconfigfile);
+			if(class_exists('\\Zotlabs\\Theme\\' . ucfirst($theme) . 'Config')) {
+				$clsname = '\\Zotlabs\\Theme\\' . ucfirst($theme) . 'Config';
+				$thm_config = new $clsname();
+				$schemas = $thm_config->get_schemas();
+				$theme_config = $thm_config->get();
+			}
+		}
+
+		// logger('schemas: ' . print_r($schemas,true));
+			
+		$tpl = get_markup_template("settings_display.tpl");
+		$o = replace_macros($tpl, array(
+			'$ptitle' 	=> t('Display Settings'),
+			'$d_tset'       => t('Theme Settings'), 
+			'$d_ctset'      => t('Custom Theme Settings'), 
+			'$d_cset'       => t('Content Settings'),
+			'$form_security_token' => get_form_security_token("settings_display"),
+			'$submit' 	=> t('Submit'),
+			'$baseurl' => z_root(),
+			'$uid' => local_channel(),
+			
+			'$theme'	=> (($themes) ? array('theme', t('Display Theme:'), $theme_selected, '', $themes, 'preview') : false),
+			'$schema'   => array('schema', t('Select scheme'), $existing_schema, '' , $schemas),
+
+			'$mobile_theme' => (($mobile_themes) ? array('mobile_theme', t('Mobile Theme:'), $mobile_theme_selected, '', $mobile_themes, '') : false),
+			'$preload_images' => array('preload_images', t("Preload images before rendering the page"), $preload_images, t("The subjective page load time will be longer but the page will be ready when displayed"), $yes_no),
+			'$user_scalable' => array('user_scalable', t("Enable user zoom on mobile devices"), $user_scalable, '', $yes_no),
+			'$ajaxint'   => array('browser_update',  t("Update browser every xx seconds"), $browser_update, t('Minimum of 10 seconds, no maximum')),
+			'$itemspage'   => array('itemspage',  t("Maximum number of conversations to load at any time:"), $itemspage, t('Maximum of 100 items')),
+			'$nosmile'	=> array('nosmile', t("Show emoticons (smilies) as images"), 1-intval($nosmile), '', $yes_no),
+			'$title_tosource'	=> array('title_tosource', t("Link post titles to source"), $title_tosource, '', $yes_no),
+			'$layout_editor' => t('System Page Layout Editor - (advanced)'),
+			'$theme_config' => $theme_config,
+			'$expert' => feature_enabled(local_channel(),'advanced_theming'),
+			'$channel_list_mode' => array('channel_list_mode', t('Use blog/list mode on channel page'), get_pconfig(local_channel(),'system','channel_list_mode'), t('(comments displayed separately)'), $yes_no),
+			'$network_list_mode' => array('network_list_mode', t('Use blog/list mode on grid page'), get_pconfig(local_channel(),'system','network_list_mode'), t('(comments displayed separately)'), $yes_no),
+			'$channel_divmore_height' => array('channel_divmore_height', t('Channel page max height of content (in pixels)'), ((get_pconfig(local_channel(),'system','channel_divmore_height')) ? get_pconfig(local_channel(),'system','channel_divmore_height') : 400), t('click to expand content exceeding this height')),
+			'$network_divmore_height' => array('network_divmore_height', t('Grid page max height of content (in pixels)'), ((get_pconfig(local_channel(),'system','network_divmore_height')) ? get_pconfig(local_channel(),'system','network_divmore_height') : 400) , t('click to expand content exceeding this height')),
+	
+	
+		));
+
+		call_hooks('display_settings',$o);			
+		return $o;
+	}
+
+
+	function get_theme_config_file($theme){
+
+		$base_theme = \App::$theme_info['extends'];
+	
+		if (file_exists("view/theme/$theme/php/config.php")){
+			return "view/theme/$theme/php/config.php";
+		} 
+		if (file_exists("view/theme/$base_theme/php/config.php")){
+			return "view/theme/$base_theme/php/config.php";
+		}
+		return null;
+	}
+
+
+
+			
+}

Zotlabs/Module/Settings/Featured.php

@@ -0,0 +1,37 @@
+<?php
+
+namespace Zotlabs\Module\Settings;
+
+
+class Featured {
+		
+	function post() {
+		check_form_security_token_redirectOnErr('/settings/featured', 'settings_featured');
+	
+		call_hooks('feature_settings_post', $_POST);
+	
+		build_sync_packet();
+		return;
+	}
+
+	function get() {
+		$settings_addons = "";
+	
+		$o = '';
+			
+		$r = q("SELECT * FROM `hook` WHERE `hook` = 'feature_settings' ");
+		if(! $r)
+			$settings_addons = t('No feature settings configured');
+	
+		call_hooks('feature_settings', $settings_addons);
+					
+		$tpl = get_markup_template("settings_addons.tpl");
+		$o .= replace_macros($tpl, array(
+			'$form_security_token' => get_form_security_token("settings_featured"),
+			'$title'	=> t('Feature/Addon Settings'),
+			'$settings_addons' => $settings_addons
+		));
+		return $o;
+	}
+	
+}

Zotlabs/Module/Settings/Features.php

@@ -0,0 +1,53 @@
+<?php
+
+namespace Zotlabs\Module\Settings;
+
+
+class Features {
+
+	function post() {
+		check_form_security_token_redirectOnErr('/settings/features', 'settings_features');
+	
+		// Build list of features and check which are set
+		// We will not create any settings for features that are above our techlevel
+
+		$features = get_features();
+		$all_features = array();
+		foreach($features as $k => $v) {
+			foreach($v as $f) 
+				$all_features[] = $f[0];
+		}
+		foreach($all_features as $k) {
+			if(x($_POST,"feature_$k"))
+				set_pconfig(local_channel(),'feature',$k, 1);
+			else
+				set_pconfig(local_channel(),'feature',$k, 0);
+		}
+		build_sync_packet();
+		return;
+	}
+
+	function get() {
+		$arr = array();
+		$features = get_features();
+	
+		foreach($features as $fname => $fdata) {
+			$arr[$fname] = array();
+			$arr[$fname][0] = $fdata[0];
+			foreach(array_slice($fdata,1) as $f) {
+				$arr[$fname][1][] = array('feature_' .$f[0],$f[1],((intval(feature_enabled(local_channel(),$f[0]))) ? "1" : ''),$f[2],array(t('Off'),t('On')));
+			}
+		}
+			
+		$tpl = get_markup_template("settings_features.tpl");
+		$o .= replace_macros($tpl, array(
+			'$form_security_token' => get_form_security_token("settings_features"),
+			'$title'	=> t('Additional Features'),
+			'$features' => $arr,
+			'$submit'   => t('Submit'),
+		));
+	
+		return $o;
+	}
+
+}

Zotlabs/Module/Settings/Oauth.php

@@ -0,0 +1,160 @@
+<?php
+
+namespace Zotlabs\Module\Settings;
+
+
+class Oauth {
+
+
+	function post() {
+	
+		if(x($_POST,'remove')){
+			check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth');
+			
+			$key = $_POST['remove'];
+			q("DELETE FROM tokens WHERE id='%s' AND uid=%d",
+				dbesc($key),
+				local_channel());
+			goaway(z_root()."/settings/oauth/");
+			return;			
+		}
+	
+		if((argc() > 2) && (argv(2) === 'edit' || argv(2) === 'add') && x($_POST,'submit')) {
+			
+			check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth');
+			
+			$name   	= ((x($_POST,'name')) ? $_POST['name'] : '');
+			$key		= ((x($_POST,'key')) ? $_POST['key'] : '');
+			$secret		= ((x($_POST,'secret')) ? $_POST['secret'] : '');
+			$redirect	= ((x($_POST,'redirect')) ? $_POST['redirect'] : '');
+			$icon		= ((x($_POST,'icon')) ? $_POST['icon'] : '');
+			$ok = true;
+			if($name == '') {
+				$ok = false;
+				notice( t('Name is required') . EOL);
+			}
+			if($key == '' || $secret == '') {
+				$ok = false;
+				notice( t('Key and Secret are required') . EOL);
+			}
+		
+			if($ok) {
+				if ($_POST['submit']==t("Update")){
+					$r = q("UPDATE clients SET
+								client_id='%s',
+								pw='%s',
+								clname='%s',
+								redirect_uri='%s',
+								icon='%s',
+								uid=%d
+							WHERE client_id='%s'",
+							dbesc($key),
+							dbesc($secret),
+							dbesc($name),
+							dbesc($redirect),
+							dbesc($icon),
+							intval(local_channel()),
+							dbesc($key));
+				} else {
+					$r = q("INSERT INTO clients (client_id, pw, clname, redirect_uri, icon, uid)
+						VALUES ('%s','%s','%s','%s','%s',%d)",
+						dbesc($key),
+						dbesc($secret),
+						dbesc($name),
+						dbesc($redirect),
+						dbesc($icon),
+						intval(local_channel())
+					);
+					$r = q("INSERT INTO xperm (xp_client, xp_channel, xp_perm) VALUES ('%s', %d, '%s') ",
+						dbesc($key),
+						intval(local_channel()),
+						dbesc('all')
+					);
+				}
+			}
+			goaway(z_root()."/settings/oauth/");
+			return;
+		}
+	}
+
+	function get() {
+			
+		if((argc() > 2) && (argv(2) === 'add')) {
+			$tpl = get_markup_template("settings_oauth_edit.tpl");
+			$o .= replace_macros($tpl, array(
+				'$form_security_token' => get_form_security_token("settings_oauth"),
+				'$title'	=> t('Add application'),
+				'$submit'	=> t('Submit'),
+				'$cancel'	=> t('Cancel'),
+				'$name'		=> array('name', t('Name'), '', t('Name of application')),
+				'$key'		=> array('key', t('Consumer Key'), random_string(16), t('Automatically generated - change if desired. Max length 20')),
+				'$secret'	=> array('secret', t('Consumer Secret'), random_string(16), t('Automatically generated - change if desired. Max length 20')),
+				'$redirect'	=> array('redirect', t('Redirect'), '', t('Redirect URI - leave blank unless your application specifically requires this')),
+				'$icon'		=> array('icon', t('Icon url'), '', t('Optional')),
+			));
+			return $o;
+		}
+			
+		if((argc() > 3) && (argv(2) === 'edit')) {
+			$r = q("SELECT * FROM clients WHERE client_id='%s' AND uid=%d",
+					dbesc(argv(3)),
+					local_channel());
+			
+			if (!count($r)){
+				notice(t('Application not found.'));
+				return;
+			}
+			$app = $r[0];
+				
+			$tpl = get_markup_template("settings_oauth_edit.tpl");
+			$o .= replace_macros($tpl, array(
+				'$form_security_token' => get_form_security_token("settings_oauth"),
+				'$title'	=> t('Add application'),
+				'$submit'	=> t('Update'),
+				'$cancel'	=> t('Cancel'),
+				'$name'		=> array('name', t('Name'), $app['clname'] , ''),
+				'$key'		=> array('key', t('Consumer Key'), $app['client_id'], ''),
+				'$secret'	=> array('secret', t('Consumer Secret'), $app['pw'], ''),
+				'$redirect'	=> array('redirect', t('Redirect'), $app['redirect_uri'], ''),
+				'$icon'		=> array('icon', t('Icon url'), $app['icon'], ''),
+			));
+			return $o;
+		}
+			
+		if((argc() > 3) && (argv(2) === 'delete')) {
+			check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth', 't');
+			
+			$r = q("DELETE FROM clients WHERE client_id='%s' AND uid=%d",
+					dbesc(argv(3)),
+					local_channel());
+			goaway(z_root()."/settings/oauth/");
+			return;			
+		}
+			
+			
+		$r = q("SELECT clients.*, tokens.id as oauth_token, (clients.uid=%d) AS my 
+				FROM clients
+				LEFT JOIN tokens ON clients.client_id=tokens.client_id
+				WHERE clients.uid IN (%d,0)",
+				local_channel(),
+				local_channel());
+		
+			
+		$tpl = get_markup_template("settings_oauth.tpl");
+		$o .= replace_macros($tpl, array(
+			'$form_security_token' => get_form_security_token("settings_oauth"),
+			'$baseurl'	=> z_root(),
+			'$title'	=> t('Connected Apps'),
+			'$add'		=> t('Add application'),
+			'$edit'		=> t('Edit'),
+			'$delete'		=> t('Delete'),
+			'$consumerkey' => t('Client key starts with'),
+			'$noname'	=> t('No name'),
+			'$remove'	=> t('Remove authorization'),
+			'$apps'		=> $r,
+		));
+		return $o;
+			
+	}
+
+}

Zotlabs/Module/Settings/Tokens.php

@@ -0,0 +1,172 @@
+<?php
+
+namespace Zotlabs\Module\Settings;
+
+
+
+class Tokens {
+
+	function post() {
+
+		$channel = \App::get_channel();
+
+		check_form_security_token_redirectOnErr('/settings/tokens', 'settings_tokens');
+		$token_errs = 0;
+		if(array_key_exists('token',$_POST)) {
+			$atoken_id = (($_POST['atoken_id']) ? intval($_POST['atoken_id']) : 0);
+			$name = trim(escape_tags($_POST['name']));
+			$token = trim($_POST['token']);
+			if((! $name) || (! $token))
+					$token_errs ++;
+			if(trim($_POST['expires']))
+				$expires = datetime_convert(date_default_timezone_get(),'UTC',$_POST['expires']);
+			else
+				$expires = NULL_DATE;
+			$max_atokens = service_class_fetch(local_channel(),'access_tokens');
+			if($max_atokens) {
+				$r = q("select count(atoken_id) as total where atoken_uid = %d",
+					intval(local_channel())
+				);
+				if($r && intval($r[0]['total']) >= $max_tokens) {
+					notice( sprintf( t('This channel is limited to %d tokens'), $max_tokens) . EOL);
+					return;
+				}
+			}
+		}
+		if($token_errs) {
+			notice( t('Name and Password are required.') . EOL);
+			return;
+		}
+		if($atoken_id) {
+			$r = q("update atoken set atoken_name = '%s', atoken_token = '%s', atoken_expires = '%s' 
+				where atoken_id = %d and atoken_uid = %d",
+				dbesc($name),
+				dbesc($token),
+				dbesc($expires),
+				intval($atoken_id),
+				intval($channel['channel_id'])
+			);
+		}
+		else {
+			$r = q("insert into atoken ( atoken_aid, atoken_uid, atoken_name, atoken_token, atoken_expires )
+				values ( %d, %d, '%s', '%s', '%s' ) ",
+				intval($channel['channel_account_id']),
+				intval($channel['channel_id']),
+				dbesc($name),
+				dbesc($token),
+				dbesc($expires)
+			);
+		}
+
+		$atoken_xchan = substr($channel['channel_hash'],0,16) . '.' . $name;
+
+		$all_perms = \Zotlabs\Access\Permissions::Perms();
+
+		if($all_perms) {
+			foreach($all_perms as $perm => $desc) {
+				if(array_key_exists('perms_' . $perm, $_POST)) {
+					set_abconfig($channel['channel_id'],$atoken_xchan,'my_perms',$perm,intval($_POST['perms_' . $perm]));
+				}
+				else {
+					set_abconfig($channel['channel_id'],$atoken_xchan,'my_perms',$perm,0);
+				}
+			}
+		}
+		
+
+		info( t('Token saved.') . EOL);
+		return;
+	}
+	
+
+	function get() {
+
+		$channel = \App::get_channel();
+
+		$atoken = null;
+		$atoken_xchan = '';
+
+		if(argc() > 2) {
+			$id = argv(2);			
+
+			$atoken = q("select * from atoken where atoken_id = %d and atoken_uid = %d",
+				intval($id),
+				intval(local_channel())
+			);
+
+			if($atoken) {
+				$atoken = $atoken[0];
+				$atoken_xchan = substr($channel['channel_hash'],0,16) . '.' . $atoken['atoken_name'];
+			}
+
+			if($atoken && argc() > 3 && argv(3) === 'drop') {
+				atoken_delete($id);
+				$atoken = null;
+				$atoken_xchan = '';
+			}
+		}
+
+		$t = q("select * from atoken where atoken_uid = %d",
+			intval(local_channel())
+		);			
+
+		$desc = t('Use this form to create temporary access identifiers to share things with non-members. These identities may be used in Access Control Lists and visitors may login using these credentials to access private content.');
+
+		$desc2 = t('You may also provide <em>dropbox</em> style access links to friends and associates by adding the Login Password to any specific site URL as shown. Examples:');
+
+		$global_perms = \Zotlabs\Access\Permissions::Perms();
+
+		$existing = get_all_perms(local_channel(),(($atoken_xchan) ? $atoken_xchan : ''));
+
+		if($atoken_xchan) {
+			$theirs = q("select * from abconfig where chan = %d and xchan = '%s' and cat = 'their_perms'",
+				intval(local_channel()),
+				dbesc($atoken_xchan)
+			);
+			$their_perms = array();
+			if($theirs) {
+				foreach($theirs as $t) {
+					$their_perms[$t['k']] = $t['v'];
+				}
+			}
+		}
+		foreach($global_perms as $k => $v) {
+			$thisperm = get_abconfig(local_channel(),$contact['abook_xchan'],'my_perms',$k);
+//fixme
+
+			$checkinherited = \Zotlabs\Access\PermissionLimits::Get(local_channel(),$k);
+
+			if($existing[$k])
+				$thisperm = "1";
+
+			$perms[] = array('perms_' . $k, $v, ((array_key_exists($k,$their_perms)) ? intval($their_perms[$k]) : ''),$thisperm, 1, (($checkinherited & PERMS_SPECIFIC) ? '' : '1'), '', $checkinherited);
+		}
+
+
+
+		$tpl = get_markup_template("settings_tokens.tpl");
+		$o .= replace_macros($tpl, array(
+			'$form_security_token' => get_form_security_token("settings_tokens"),
+			'$title'	=> t('Guest Access Tokens'),
+			'$desc'     => $desc,
+			'$desc2' => $desc2,
+			'$tokens' => $t,
+			'$atoken' => $atoken,
+			'$url1' => z_root() . '/channel/' . $channel['channel_address'],
+			'$url2' => z_root() . '/photos/' . $channel['channel_address'],
+			'$name' => array('name', t('Login Name') . ' <span class="required">*</span>', (($atoken) ? $atoken['atoken_name'] : ''),''),
+			'$token'=> array('token', t('Login Password') . ' <span class="required">*</span>',(($atoken) ? $atoken['atoken_token'] : autoname(8)), ''),
+			'$expires'=> array('expires', t('Expires (yyyy-mm-dd)'), (($atoken['atoken_expires'] && $atoken['atoken_expires'] > NULL_DATE) ? datetime_convert('UTC',date_default_timezone_get(),$atoken['atoken_expires']) : ''), ''),
+			'$them' => t('Their Settings'),
+			'$me' => t('My Settings'),
+			'$perms' => $perms,
+			'$inherited' => t('inherited'),
+			'$notself' => '1',
+			'$permlbl' => t('Individual Permissions'),
+			'$permnote'       => t('Some permissions may be inherited from your channel\'s <a href="settings"><strong>privacy settings</strong></a>, which have higher priority than individual settings. You can <strong>not</strong> change those settings here.'),
+			'$submit' 	=> t('Submit')
+		));
+		return $o;
+	}
+	
+}

Zotlabs/Module/Setup.php

@@ -43,11 +43,12 @@ class Setup extends \Zotlabs\Web\Controller {
 			killme();
 		}
 	
-		if (x($_POST, 'pass'))
+		if (x($_POST, 'pass')) {
 			$this->install_wizard_pass = intval($_POST['pass']);
-		else
+		}
+		else {
 			$this->install_wizard_pass = 1;
-	
+		}
 	}
 	
 	/**
@@ -73,7 +74,9 @@ class Setup extends \Zotlabs\Web\Controller {
 				$phpath = trim($_POST['phpath']);
 				$adminmail = trim($_POST['adminmail']);
 				$siteurl = trim($_POST['siteurl']);
-				$advanced = ((intval($_POST['advanced'])) ? 1 : 0);
+				$server_role = trim($_POST['server_role']);
+				if(! $server_role)
+					$server_role = 'standard';
 				
 				// $siteurl should not have a trailing slash
 	
@@ -84,24 +87,26 @@ class Setup extends \Zotlabs\Web\Controller {
 				$db = \DBA::dba_factory($dbhost, $dbport, $dbuser, $dbpass, $dbdata, $dbtype, true);
 	
 				if(! \DBA::$dba->connected) {
-					echo 'Database Connect failed: ' . DBA::$dba->error;
+					echo 'Database Connect failed: ' . \DBA::$dba->error;
 					killme();
 				}
 				return;
 				// implied break;
 			case 4:
 				$urlpath = \App::get_path();
-				$dbhost = notags(trim($_POST['dbhost']));
-				$dbport = intval(notags(trim($_POST['dbport'])));
-				$dbuser = notags(trim($_POST['dbuser']));
-				$dbpass = notags(trim($_POST['dbpass']));
-				$dbdata = notags(trim($_POST['dbdata']));
-				$dbtype = intval(notags(trim($_POST['dbtype'])));
-				$phpath = notags(trim($_POST['phpath']));
-				$timezone = notags(trim($_POST['timezone']));
-				$adminmail = notags(trim($_POST['adminmail']));
-				$siteurl = notags(trim($_POST['siteurl']));
-				$advanced = ((intval($_POST['advanced'])) ? 1 : 0);
+				$dbhost = trim($_POST['dbhost']);
+				$dbport = intval(trim($_POST['dbport']));
+				$dbuser = trim($_POST['dbuser']);
+				$dbpass = trim($_POST['dbpass']);
+				$dbdata = trim($_POST['dbdata']);
+				$dbtype = intval(trim($_POST['dbtype']));
+				$phpath = trim($_POST['phpath']);
+				$timezone = trim($_POST['timezone']);
+				$adminmail = trim($_POST['adminmail']);
+				$siteurl = trim($_POST['siteurl']);
+				$server_role = trim($_POST['server_role']);
+				if(! $server_role)
+					$server_role = 'standard';
 	
 				if($siteurl != z_root()) {
 					$test = z_fetch_url($siteurl."/setup/testrewrite");
@@ -124,17 +129,17 @@ class Setup extends \Zotlabs\Web\Controller {
 	
 				$tpl = get_intltext_template('htconfig.tpl');
 				$txt = replace_macros($tpl,array(
-					'$dbhost'    => $dbhost,
-					'$dbport'    => $dbport,
-					'$dbuser'    => $dbuser,
-					'$dbpass'    => $dbpass,
-					'$dbdata'    => $dbdata,
-					'$dbtype'    => $dbtype,
-					'$uno'       => 1 - $advanced,
-					'$timezone'  => $timezone,
-					'$siteurl'   => $siteurl,
-					'$site_id'   => random_string(),
-					'$phpath'    => $phpath,
+					'$dbhost'      => $dbhost,
+					'$dbport'      => $dbport,
+					'$dbuser'      => $dbuser,
+					'$dbpass'      => $dbpass,
+					'$dbdata'      => $dbdata,
+					'$dbtype'      => $dbtype,
+					'$server_role' => $server_role,
+					'$timezone'    => $timezone,
+					'$siteurl'     => $siteurl,
+					'$site_id'     => random_string(),
+					'$phpath'      => $phpath,
 					'$adminmail' => $adminmail
 				));
 	
@@ -274,15 +279,15 @@ class Setup extends \Zotlabs\Web\Controller {
 	
 			case 2: { // Database config
 	
-				$dbhost = ((x($_POST,'dbhost')) ? notags(trim($_POST['dbhost'])) : '127.0.0.1');
-				$dbuser = notags(trim($_POST['dbuser']));
-				$dbport = intval(notags(trim($_POST['dbport'])));
-				$dbpass = notags(trim($_POST['dbpass']));
-				$dbdata = notags(trim($_POST['dbdata']));
-				$dbtype = intval(notags(trim($_POST['dbtype'])));
-				$phpath = notags(trim($_POST['phpath']));
-				$adminmail = notags(trim($_POST['adminmail']));
-				$siteurl = notags(trim($_POST['siteurl']));
+				$dbhost = ((x($_POST,'dbhost')) ? trim($_POST['dbhost']) : '127.0.0.1');
+				$dbuser = trim($_POST['dbuser']);
+				$dbport = intval(trim($_POST['dbport']));
+				$dbpass = trim($_POST['dbpass']);
+				$dbdata = trim($_POST['dbdata']);
+				$dbtype = intval(trim($_POST['dbtype']));
+				$phpath = trim($_POST['phpath']);
+				$adminmail = trim($_POST['adminmail']);
+				$siteurl = trim($_POST['siteurl']);
 	
 				$tpl = get_markup_template('install_db.tpl');
 				$o .= replace_macros($tpl, array(
@@ -315,18 +320,24 @@ class Setup extends \Zotlabs\Web\Controller {
 			}; break;
 			case 3: { // Site settings
 				require_once('include/datetime.php');
-				$dbhost = ((x($_POST,'dbhost')) ? notags(trim($_POST['dbhost'])) : '127.0.0.1');
-				$dbport = intval(notags(trim($_POST['dbuser'])));
-				$dbuser = notags(trim($_POST['dbuser']));
-				$dbpass = notags(trim($_POST['dbpass']));
-				$dbdata = notags(trim($_POST['dbdata']));
-				$dbtype = intval(notags(trim($_POST['dbtype'])));
-				$phpath = notags(trim($_POST['phpath']));
+				$dbhost = ((x($_POST,'dbhost')) ? trim($_POST['dbhost']) : '127.0.0.1');
+				$dbport = intval(trim($_POST['dbuser']));
+				$dbuser = trim($_POST['dbuser']);
+				$dbpass = trim($_POST['dbpass']);
+				$dbdata = trim($_POST['dbdata']);
+				$dbtype = intval(trim($_POST['dbtype']));
+				$phpath = trim($_POST['phpath']);
 	
-				$adminmail = notags(trim($_POST['adminmail']));
-				$siteurl = notags(trim($_POST['siteurl']));
+				$adminmail = trim($_POST['adminmail']);
+				$siteurl = trim($_POST['siteurl']);
 				$timezone = ((x($_POST,'timezone')) ? ($_POST['timezone']) : 'America/Los_Angeles');
 	
+				$server_roles = [
+					'basic'    => t('Basic/Minimal Social Networking'),
+					'standard' => t('Standard Configuration (default)'),
+					'pro'      => t('Professional')
+				];
+
 				$tpl = get_markup_template('install_settings.tpl');
 				$o .= replace_macros($tpl, array(
 					'$title' => $install_title,
@@ -344,7 +355,8 @@ class Setup extends \Zotlabs\Web\Controller {
 					'$adminmail' => array('adminmail', t('Site administrator email address'), $adminmail, t('Your account email address must match this in order to use the web admin panel.')),
 	
 					'$siteurl' => array('siteurl', t('Website URL'), z_root(), t('Please use SSL (https) URL if available.')),
-					'$advanced' => array('advanced', t('Enable $Projectname <strong>advanced</strong> features?'), 1, t('Some advanced features, while useful - may be best suited for technically proficient audiences')),
+
+					'$server_role' 		=> array('server_role', t("Server Configuration/Role"), 'standard','',$server_roles),
 	
 					'$timezone' => array('timezone', t('Please select a default timezone for your website'), $timezone, '', get_timezones()),
 	

Zotlabs/Module/Theme_info.php

@@ -0,0 +1,71 @@
+<?php
+
+namespace Zotlabs\Module;
+
+
+class Theme_info extends \Zotlabs\Web\Controller {
+
+	function get() {
+		$theme = argv(1);
+		if(! $theme)
+			killme();
+		
+		$schemalist = array();
+
+		$theme_config = "";
+		if(($themeconfigfile = $this->get_theme_config_file($theme)) != null){
+			require_once($themeconfigfile);
+			if(class_exists('\\Zotlabs\\Theme\\' . ucfirst($theme) . 'Config')) {
+				$clsname = '\\Zotlabs\\Theme\\' . ucfirst($theme) . 'Config';
+				$th_config = new $clsname();
+				$schemas = $th_config->get_schemas();
+				if($schemas) {
+					foreach($schemas as $k => $v) {
+						$schemalist[] = [ 'key' => $k, 'val' => $v ];
+					}
+				}
+				$theme_config = $th_config->get();
+			}
+		}
+		$info = get_theme_info($theme);
+		if($info) {
+			// unfortunately there will be no translation for this string
+			$desc    = $info['description'];
+			$version = $info['version'];
+			$credits = $info['credits'];
+		}
+		else {
+			$desc = '';
+			$version = '';
+			$credits = '';
+		}
+
+		$ret = [ 
+			'theme' => $theme, 
+			'img' => get_theme_screenshot($theme), 
+			'desc' => $desc, 
+			'version' => $version, 
+			'credits' => $credits, 
+			'schemas' => $schemalist,
+			'config' => $theme_config
+		];
+		json_return_and_die($ret);
+		
+	}
+
+
+	function get_theme_config_file($theme){
+
+		$base_theme = \App::$theme_info['extends'];
+	
+		if (file_exists("view/theme/$theme/php/config.php")){
+			return "view/theme/$theme/php/config.php";
+		} 
+		if (file_exists("view/theme/$base_theme/php/config.php")){
+			return "view/theme/$base_theme/php/config.php";
+		}
+		return null;
+	}
+
+
+}