version 6.0

Merge branch '6.0RC'
Merge branch 'dev' into 6.0RC
2026-06-22 01:17:41 -04:00 · 2021-07-09 11:33:19 +02:00 · 2021-07-09 11:31:26 +02:00 · 2021-07-08 13:36:06 +02:00 · 2021-07-08 13:35:28 +02:00 · 2021-07-08 13:23:49 +02:00
660 changed files with 60430 additions and 61506 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -33,8 +33,10 @@ apps/
 home.html
 # page header plugin
 pageheader.html
-# Ignore site TOS
+# Ignore site TOS & gddpr
 doc/SiteTOS.md
+doc/*/SiteTOS.md
+doc/*/gdpr.md
 # themes except for redbasic
 view/theme/*
 !view/theme/redbasic
@@ -55,6 +57,7 @@ tests/results/
 .buildpath
 .externalToolBuilders
 .settings/
+.pydevproject
 # NetBeans project folder
 nbproject/
 # Kdevelop project files
@@ -75,3 +78,5 @@ composer.phar
 vendor/**/tests/
 vendor/**/Test/
 vendor/sabre/*/examples/
+# /info is a directory containing site-specific HTML documents
+/info/
--- a/145
+++ b/145
@@ -1,3 +1,148 @@
+Hubzilla 6.0 (2021-07-09)
+	- Implement swipe to right for bringing in left aside
+	- DB update 1247 to clean up bogus entries in updates
+	- DB update 1246 to mark legacy zot xchans and hublocs deleted
+	- Implement desktop notifications
+	- Emit a warning if the calendar for the created event is disabled
+	- Add an option to drop media for bbcode processing
+	- Make mod HQ the default landing page after login
+	- Implement direct messages view for mod HQ
+	- Implement public/restricted messages view for mod HQ
+	- Implement starred messages view for mod HQ (only available if the Star Posts feature is enabled)
+	- Update composer libs
+	- Remove deprecated mod ping
+	- Remove legacy zot libs and functions - major cleanup
+
+	Bugfixes
+	- Fix deleting and starring in unthreaded view
+	- Fix issue where incomplete datasets were stored into updates
+	- Fix photo item tags not stored and propagated
+	- Fix notifications not loading if a filter was applied
+	- Fix in browser email validation for registrations
+	- Fix directory sync issues
+	- Fix issue where the original rawmsg iconfig got overwritten
+	- Fix unmaintained id3 pareser for PHP8
+	- Fix item_private state for imported items
+	- Random PHP8 fixes (ongoing)
+
+	Addons
+	- Pubcrawl: fix ld-signature for profile updates
+	- Pubcrawl: deprecate as_actor_store() in favor of Activity::actor_store()
+	- Twitter: prevent duplicated tweets
+	- Remove legacy zot dpendencies and deprecated functions
+	- Pubcrawl: fix remote reply for peertube
+	- Pubcrawl: fix issue where we could end up with an xchan but without hubloc
+	- Diaspora: implement the direct_message_recipients hook
+	- Queueworker: add a simple priority mechanism to prevent not so important janitor tasks (e.g. onedirsync) stuffing up the queue and delaying delivery of items
+	- Pubcrawl: implement direct message recognision for activities coming from Mastodon
+	- Pubcrawl: always show complete threads (complete as in all the messages we have received) in public stream
+	- Twitter_api: remove the mail endpoint
+	- Mail: make interface read only with the possibility to download and delete mails (this addon will be removed in a future version)
+	- Pubsubhubbub: move to addons-unmaintained
+	- GNU-Social: move to addons-unmaintained
+	- Fixes to reflect core notifier changes
+	- Diaspora: refactor conversations a.k.a mail to implement direct messages infrastructure
+	- Pubcrawl: allow hublocs to be upgraded from ostatus
+	- Diaspora: fix issue where we could end up with an xchan but without hubloc
+
+
+Hubzilla 5.6.1 (2021-06-04)
+	- Update spanish translations
+	- Fix login name label if register email verification is disabled
+	- Fix zotinfo issue with deleted channels
+	- Make pubstream ordering configurable
+	- Fix article summary duplicated when editing
+	- Update polish translations
+	- Fix admin setting for invitations not displayed correctly
+	- Fix registration in invite only mode
+	- Fix notifications not returning offset -1 when returning early
+	- Fix direct messages for items imported via sync
+	- Bring back the channel protocols hooks
+	- Fix security headers switching
+	- Fix magic auth for delegated channels
+	- Introduce drop_query_params() for secure query parameter removal
+	- PHP8 fixes (ongoing)
+	- Fix menu wrapping regression
+
+	Addons
+	- LDAPauth: fix regression creating an account
+	- Twitter: allow feeds crossposting
+	- Twitter: fix posting when post by default is disabled
+	- Pubcrawl: add litepub directMessage attribute
+	- Pubcrawl: allow xchan/hubloc upgrades from e.g. ostatus
+	- Diaspora: fix possible issue with missing hublocs
+	- Diaspora: refine dispatching of public of public items
+
+
+Hubzilla 5.6 (2021-05-11)
+	- Improve postgres hubloc queries
+	- Implement automatic duplicate singleton hubloc removal
+	- Send author id, id_sig and key fields along with author/owner
+	- Implement custom redis session backend
+	- Improved registration workflow
+	- Complete rewrite of the registration backend with many new features
+	- Complete rewrite of the invite app
+	- Update Spanish, Russian and Polish translations
+	- Improved PHP8 compatibiliy (work in progress)
+
+	Bugfixes
+	- Fix manual fetching of non-ascii domains
+	- Fix revision not compared when importing items
+	- Fix events not transformed to UTC when importing calendar
+	- Fix timezone issue in mod cal
+	- Fix profile photos not revalidated
+	- Fix regression in caldav/carddav discovery
+	- Fix caldav/carddav sync on remote access
+	- Fix info and notice messages not bootstraped when using SSE
+	- Fix URL including an @ treated like a webbie
+	- Fix cover photo image issues on some mobile devices
+
+	Addons
+	- Diaspora: improve performance when delivering public items
+	- Diaspora: make sure to not process same contact more than once
+	- Pubcrawl: make sure to not process same contact more than once
+	- Pubcrawl: do not relay Like and Dislike activity
+	- Pubcrawl: deprecate as_follow() in favour of core Activity::follow()
+	- Pubcrawl: improved compatibility with mobilizon and xwiki
+	- Pubcrawl: do not process follow/unfollw thread in as_create_note()
+	- Diaspora: do not relay comments/likes of strangers if the thread-owner is local and does not allow comments/likes by strangers in the diaspora app settings
+
+
+Hubzilla 5.4.3 (2021-04-20)
+	- Fix regression in mod notifications (only the last was visible)
+	- Set Permissions-Policy: interest-cohort=() header by default
+	- Fix xchans containing a % breaking get_forum_channels()
+	- Fix webfinger if using a reverse proxy
+	- Fix regression finding bookmarks
+	- Fix zot6 hublocs import on channel import
+	- Fix revision not checked in import_items()
+
+
+Hubzilla 5.4.2 (2021-03-15)
+	- Fix translation plural variable
+	- Fix issue with following/unfollowing a thread
+	- Fix rendering of long text in xchan vcard
+	- Fix local link for rss content if rewrite author is sets
+	- Fix regression in mod display
+
+	Addons
+	- Pubcrawl: fix issue with following/unfollowing a thread
+	- Pubcrawl: more robust implementation of mastodon remote reply
+	- Photocache: remove suffix from the cached photo URL
+
+
+Hubzilla 5.4.1 (2021-03-09)
+	- Fix profile not found if not logged in
+	- Fix summary not reset on cancel
+	- Fix summary not saved with aoutosave draft
+	- Fix unexpected trigger of buttons when pressing enter in input fields
+	- Fix spanish plural expression
+	- Fix undefined page-end on non dynamic pages
+
+	Addons
+	- Pubcrawl: fix regression in pubcrawl_follow_mod_init()
+
+
 Hubzilla 5.4 (2021-03-08)
 	- Add new connections to privacy group independend from the default privacy group settings
 	- group_add() return group hash to save a lookup
--- a/CHANGELOG.air
+++ b/CHANGELOG.air
@@ -0,0 +1,48 @@
+"air" is a branch name for revision of Account-Invite-Register at the Hubzilla project
+
+Invite:
+* Rewritten and now language template driven
+* Selectable templates for the invite mails
+* Invitor may add personal notes in the mailtext
+ Invite codes are bound to the recipients email address
+* Invite mod never more creates accounts
+* new db scheme for table register
+* existing register table will be migrated to the new schema even when detected at runtime
+* Bugfix: creating invite codes when admin only calls Invite w/o any further action
+* account library revision also together with invite mod
+* Depending on config: Users may send invitations also
+* Invitations expires, controlled by the invitor
+* Changed and new configs:
+* * invitation_only       As usual before
+* * invitation_also       Beside other registration policies, invitations may be used also
+* * invitation_max_per_day	defaults 50, may be changed in adminUI admin>site
+* * invitation_max_per_user defaults 4
+* Requirements:
+* * Addon language has to be installed
+
+Register:
+* Register panel (form) and js interaction changed
+* Unused registrations expire
+* Depending on config, anonymous registrations (w/o email) are supported
+* :... dont't panic, that may let grow security
+* Even anonymous users have to confirm their registration
+* Registrations may be enabled / disabled time driven for each day in the week (dudy)
+* Unsoliced registration floods may be blocked
+* Limited registrations from one single source ip
+* Using one additional log file, to easy interfare with f2b
+
+Account:
+* An user account always becomes created only if all depending conditions are satisfied
+* AdminUI for site configuration, accounts and registrations enhancements
+* Still untouched, but accountUI needs enhanced async control in case for mass delete
+  with deep level of recursion cascade of the dependencies (channels etc). An open TODO
+  since years for instances with many much users and channels.
+
+History:
+2020.03 Hubzilla Prod version 4.6 (master branch) of hubzilla/core was the base for AIR 
+        that was assigned Version 4.6.2 at sn/core
+2021.02 Hubzilla Prod version 5.2.1 (master branch) of hubzilla/core was new base for AIR
+        that was assigned version 5.2.2 at sn/core (air.5)
+        plus adjustment of hubzilla 5.2.2 (master) to sn/core (air.5) version 5.2.9
+
+
--- a/SBOM.md
+++ b/SBOM.md
@@ -5,15 +5,15 @@
 |blueimp/jquery-file-upload|10.31.0.0|MIT|https://github.com/vkhramtsov/jQuery-File-Upload.git|
 |brick/math|0.9.2.0|MIT|https://github.com/brick/math.git|
 |bshaffer/oauth2-server-php|1.11.1.0|MIT|https://github.com/bshaffer/oauth2-server-php.git|
-|commerceguys/intl|1.0.7.0|MIT|https://github.com/commerceguys/intl.git|
+|commerceguys/intl|1.1.0.0|MIT|https://github.com/commerceguys/intl.git|
 |desandro/imagesloaded|4.1.4.0|MIT|https://github.com/desandro/imagesloaded.git|
 |ezyang/htmlpurifier|4.13.0.0|LGPL-2.1-or-later|https://github.com/ezyang/htmlpurifier.git|
-|league/html-to-markdown|4.10.0.0|MIT|https://github.com/thephpleague/html-to-markdown.git|
+|league/html-to-markdown|5.0.0.0|MIT|https://github.com/thephpleague/html-to-markdown.git|
 |lukasreschke/id3parser|0.0.3.0|GPL|https://github.com/LukasReschke/ID3Parser.git|
 |michelf/php-markdown|1.9.0.0|BSD-3-Clause|https://github.com/michelf/php-markdown.git|
 |pear/text_languagedetect|1.0.1.0|BSD-2-Clause|https://github.com/pear/Text_LanguageDetect.git|
 |phpseclib/phpseclib|2.0.30.0|MIT|https://github.com/phpseclib/phpseclib.git|
-|psr/log|1.1.3.0|MIT|https://github.com/php-fig/log.git|
+|psr/log|1.1.4.0|MIT|https://github.com/php-fig/log.git|
 |ramsey/collection|1.1.3.0|MIT|https://github.com/ramsey/collection.git|
 |ramsey/uuid|4.1.1.0|MIT|https://github.com/ramsey/uuid.git|
 |sabre/dav|4.1.5.0|BSD-3-Clause|https://github.com/sabre-io/dav.git|
@@ -23,8 +23,8 @@
 |sabre/vobject|4.3.5.0|BSD-3-Clause|https://github.com/sabre-io/vobject.git|
 |sabre/xml|2.2.3.0|BSD-3-Clause|https://github.com/sabre-io/xml.git|
 |simplepie/simplepie|1.5.6.0|BSD-3-Clause|https://github.com/simplepie/simplepie.git|
-|smarty/smarty|3.1.38.0|LGPL-3.0|https://github.com/smarty-php/smarty.git|
-|symfony/polyfill-ctype|1.22.0.0|MIT|https://github.com/symfony/polyfill-ctype.git|
+|smarty/smarty|3.1.39.0|LGPL-3.0|https://github.com/smarty-php/smarty.git|
+|symfony/polyfill-ctype|1.23.0.0|MIT|https://github.com/symfony/polyfill-ctype.git|
 |twbs/bootstrap|4.6.0.0|MIT|https://github.com/twbs/bootstrap.git|
 |fullcalendar/fullcalendar|4.4.2.0|MIT|https://github.com/fullcalendar/fullcalendar.git|
 |miromannino/Justified-Gallery|3.8.1.0|MIT|https://github.com/miromannino/Justified-Gallery.git|
--- a/Zotlabs/Daemon/Cron.php
+++ b/Zotlabs/Daemon/Cron.php
@@ -55,11 +55,14 @@ class Cron {
 			db_utcnow()
 		);

+		require_once('include/account.php');
+		remove_expired_registrations();
+
 		$interval = get_config('system', 'delivery_interval', 3);

 		// expire any expired items

-		$r = q("select id,item_wall from item where expires > '2001-01-01 00:00:00' and expires < %s 
+		$r = q("select id,item_wall from item where expires > '2001-01-01 00:00:00' and expires < %s
 			and item_deleted = 0 ",
 			db_utcnow()
 		);
@@ -131,7 +134,7 @@ class Cron {

 		// publish any applicable items that were set to be published in the future
 		// (time travel posts). Restrict to items that have come of age in the last
-		// couple of days to limit the query to something reasonable. 
+		// couple of days to limit the query to something reasonable.

 		$r = q("select id from item where item_delayed = 1 and created <= %s  and created > '%s' ",
 			db_utcnow(),
@@ -162,11 +165,6 @@ class Cron {
 			}
 		}

-
-		// check if any connections transitioned to zot6 and upgrade the connections to zot6 at this hub if so.
-		require_once('include/connections.php');
-		z6trans_connections();
-
 		require_once('include/attach.php');
 		attach_upgrade();

@@ -192,7 +190,7 @@ class Cron {
 		// update any photos which didn't get imported properly
 		// This should be rare

-		$r = q("select xchan_photo_l, xchan_hash from xchan where xchan_photo_l != '' and xchan_photo_m = '' 
+		$r = q("select xchan_photo_l, xchan_hash from xchan where xchan_photo_l != '' and xchan_photo_m = ''
 			and xchan_photo_date < %s - INTERVAL %s",
 			db_utcnow(),
 			db_quoteinterval('1 DAY')
@@ -238,7 +236,7 @@ class Cron {

 		set_config('system', 'lastcron', datetime_convert());

-		//All done - clear the lockfile	
+		//All done - clear the lockfile
 		@unlink($lockfile);

 		return;
--- a/Zotlabs/Daemon/Cron_daily.php
+++ b/Zotlabs/Daemon/Cron_daily.php
@@ -93,8 +93,7 @@ class Cron_daily {
 		Master::Summon(array('Cli_suggest'));

 		remove_obsolete_hublocs();
-
-		z6_discover();
+		remove_duplicate_singleton_hublocs();

 		$date = datetime_convert();
 		call_hooks('cron_daily', $date);
--- a/Zotlabs/Daemon/Deliver.php
+++ b/Zotlabs/Daemon/Deliver.php
@@ -2,7 +2,7 @@

 namespace Zotlabs\Daemon;

-require_once('include/queue_fn.php');
+use Zotlabs\Lib\Queue;

 class Deliver {

@@ -23,7 +23,7 @@ class Deliver {
 			);

 			if ($r) {
-				queue_deliver($r[0], true);
+				Queue::deliver($r[0], true);
 			}

 		}
--- a/Zotlabs/Daemon/Directory.php
+++ b/Zotlabs/Daemon/Directory.php
@@ -74,7 +74,7 @@ class Directory {
 			 * the directory packet. That means we'll try again on the next poll run.
 			 */

-			$hash = random_string();
+			$hash = new_uuid();

 			Queue::insert(array(
 				'hash'       => $hash,
--- a/Zotlabs/Daemon/Expire.php
+++ b/Zotlabs/Daemon/Expire.php
@@ -2,6 +2,7 @@

 namespace Zotlabs\Daemon;

+require_once('include/items.php');

 class Expire {

--- a/Zotlabs/Daemon/Notifier.php
+++ b/Zotlabs/Daemon/Notifier.php
@@ -6,23 +6,14 @@ use Zotlabs\Lib\Libzot;
 use Zotlabs\Lib\Activity;
 use Zotlabs\Lib\Queue;

-require_once('include/queue_fn.php');
 require_once('include/html2plain.php');
 require_once('include/conversation.php');
-require_once('include/zot.php');
 require_once('include/items.php');
 require_once('include/bbcode.php');


 /*
- * This file was at one time responsible for doing all deliveries, but this caused
- * big problems on shared hosting systems, where the process might get killed by the
- * hosting provider and nothing would get delivered.
- * It now only delivers one message under certain cases, and invokes a queued
- * delivery mechanism (include/deliver.php) to deliver individual contacts at
- * controlled intervals.
- * This has a much better chance of surviving random processes getting killed
- * by the hosting provider.
+ * Notifier - message dispatch and preparation for delivery
 *
 * The basic flow is:
 *   Identify the type of message
@@ -53,7 +44,6 @@ require_once('include/bbcode.php');
 *	event			(in events.php)
 *	expire			(in items.php)
 *	like			(in like.php, poke.php)
- *	mail			(in message.php)
 *	tag			(in photos.php, poke.php, tagger.php)
 *	tgroup			(in items.php)
 *	wall-new		(in photos.php, item.php)
@@ -63,7 +53,6 @@ require_once('include/bbcode.php');
 * ZOT
 *       permission_create      abook_id
 *       permission_accept      abook_id
- *       permission_reject      abook_id
 *       permission_update      abook_id
 *       refresh_all            channel_id
 *       purge                  channel_id            xchan_hash
@@ -71,7 +60,6 @@ require_once('include/bbcode.php');
 *       expire                 channel_id
 *       relay			item_id (item was relayed to owner, we will deliver it as owner)
 *       single_activity        item_id (deliver to a singleton network from the appropriate clone)
- *       single_mail            mail_id (deliver to a singleton network from the appropriate clone)
 *       location               channel_id
 *       request                channel_id            xchan_hash             message_id
 *       rating                 xlink_id
@@ -82,10 +70,20 @@ require_once('include/bbcode.php');

 class Notifier {

+	static public $deliveries = [];
+	static public $recipients = [];
+	static public $env_recips = [];
+	static public $packet_type = 'activity';
+	static public $encoding = 'activitystreams';
+	static public $encoded_item = null;
+	static public $channel = null;
+	static public $private = false;
+
 	static public function run($argc, $argv) {

-		if ($argc < 3)
+		if ($argc < 3) {
 			return;
+		}

 		logger('notifier: invoked: ' . print_r($argv, true), LOGGER_DEBUG);

@@ -93,153 +91,97 @@ class Notifier {

 		$item_id = $argv[2];

-		if (!$item_id)
+		if (!$item_id) {
 			return;
-
-		$sys = get_sys_channel();
-
-		$deliveries = [];
-
-		$request        = false;
-		$mail           = false;
-		$location       = false;
-		$recipients     = [];
-		$normal_mode    = true;
-		$packet_type    = 'undefined';
-
-		if ($cmd === 'mail' || $cmd === 'single_mail') {
-			$normal_mode = false;
-			$mail        = true;
-			$private     = true;
-			$message     = q("SELECT * FROM mail WHERE id = %d LIMIT 1",
-				intval($item_id)
-			);
-			if (!$message) {
-				return;
-			}
-			xchan_mail_query($message[0]);
-			$uid          = $message[0]['channel_id'];
-			$recipients[] = $message[0]['from_xchan']; // include clones
-			$recipients[] = $message[0]['to_xchan'];
-			$item         = $message[0];
-			$encoded_item = encode_mail($item);
-
-			$s = q("select * from channel where channel_id = %d limit 1",
-				intval($uid)
-			);
-			if ($s)
-				$channel = $s[0];
-
 		}
-		elseif ($cmd === 'request') {
-			$channel_id         = $item_id;
-			$xchan              = $argv[3];
-			$request_message_id = $argv[4];

-			$s = q("select * from channel where channel_id = %d limit 1",
-				intval($channel_id)
-			);
-			if ($s)
-				$channel = $s[0];

-			$private      = true;
-			$recipients[] = $xchan;
-			$packet_type  = 'request';
-			$normal_mode  = false;
-		}
-		elseif ($cmd === 'keychange') {
-			$channel = channelx_by_n($item_id);
+		self::$deliveries   = [];
+		self::$recipients   = [];
+		self::$env_recips   = [];
+		self::$packet_type  = 'activity';
+		self::$encoding     = 'activitystreams';
+		self::$encoded_item = null;
+		self::$channel      = null;
+		self::$private      = false;

-			$r       = q("select abook_xchan from abook where abook_channel = %d",
+		$sys         = get_sys_channel();
+		$normal_mode = true;
+
+		if ($cmd === 'keychange') {
+			self::$channel = channelx_by_n($item_id);
+			$r             = q("select abook_xchan from abook where abook_channel = %d",
 				intval($item_id)
 			);
 			if ($r) {
 				foreach ($r as $rr) {
-					$recipients[] = $rr['abook_xchan'];
+					self::$recipients[] = $rr['abook_xchan'];
 				}
 			}
-			$private     = false;
-			$packet_type = 'keychange';
-			$normal_mode = false;
+			self::$private      = false;
+			self::$packet_type  = 'keychange';
+			self::$encoded_item = get_pconfig(self::$channel['channel_id'], 'system', 'keychange');
+			self::$encoding     = 'zot';
+			$normal_mode        = false;
 		}
-		elseif (in_array($cmd, ['permission_update', 'permission_reject', 'permission_accept', 'permission_create'])) {
+		elseif (in_array($cmd, ['permission_update', 'permission_accept', 'permission_create'])) {
 			// Get the (single) recipient
 			$r = q("select * from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d and abook_self = 0",
 				intval($item_id)
 			);
 			if ($r) {
-				$uid = $r[0]['abook_channel'];
-				// Get the sender
-				$channel = channelx_by_n($uid);
-				if ($channel) {
-					$perm_update = ['sender' => $channel, 'recipient' => $r[0], 'success' => false, 'deliveries' => ''];
+				$recip = $r[0];

-					if ($cmd === 'permission_create')
-						call_hooks('permissions_create', $perm_update);
-					elseif ($cmd === 'permission_accept')
-						call_hooks('permissions_accept', $perm_update);
-					elseif ($cmd === 'permission_reject')
-						call_hooks('permissions_reject', $perm_update);
-					else
-						call_hooks('permissions_update', $perm_update);
+				// Get the sender
+				self::$channel = channelx_by_n($recip['abook_channel']);
+				if (self::$channel) {
+					$perm_update = ['sender' => self::$channel, 'recipient' => $recip, 'success' => false, 'deliveries' => ''];
+
+					switch ($cmd) {
+						case 'permission_create':
+							call_hooks('permissions_create', $perm_update);
+							break;
+						case 'permission_accept':
+							call_hooks('permissions_accept', $perm_update);
+							break;
+						case 'permission_update':
+							call_hooks('permissions_update', $perm_update);
+							break;
+						default:
+							break;
+					}

 					if ($perm_update['success']) {
 						if ($perm_update['deliveries']) {
-							$deliveries[] = $perm_update['deliveries'];
-							do_delivery($deliveries);
+							self::$deliveries[] = $perm_update['deliveries'];
+							do_delivery(self::$deliveries);
 						}
 						return;
 					}
 					else {
-						$recipients[]  = $r[0]['abook_xchan'];
-						$private       = false;
-						$packet_type   = 'refresh';
-						$packet_recips = [['guid' => $r[0]['xchan_guid'], 'guid_sig' => $r[0]['xchan_guid_sig'], 'hash' => $r[0]['xchan_hash']]];
+						self::$recipients[] = $recip['abook_xchan'];
+						self::$private      = false;
+						self::$packet_type  = 'refresh';
+						self::$env_recips   = [$recip['xchan_hash']];
 					}
 				}
 			}
 		}
 		elseif ($cmd === 'refresh_all') {
 			logger('notifier: refresh_all: ' . $item_id);
-			$uid     = $item_id;
-			$channel = channelx_by_n($item_id);

-			$r       = q("select abook_xchan from abook where abook_channel = %d",
-				intval($uid)
-			);
-			if ($r) {
-				foreach ($r as $rr) {
-					$recipients[] = $rr['abook_xchan'];
-				}
-			}
-			$private     = false;
-			$packet_type = 'refresh';
-		}
-		elseif ($cmd === 'location') {
-			logger('notifier: location: ' . $item_id);
-			$s = q("select * from channel where channel_id = %d limit 1",
+			self::$channel = channelx_by_n($item_id);
+
+			$r = q("select abook_xchan from abook where abook_channel = %d",
 				intval($item_id)
 			);
-			if ($s)
-				$channel = $s[0];
-
-			$uid        = $item_id;
-			$recipients = [];
-
-			$r          = q("select abook_xchan from abook where abook_channel = %d",
-				intval($uid)
-			);
 			if ($r) {
 				foreach ($r as $rr) {
-					$recipients[] = $rr['abook_xchan'];
+					self::$recipients[] = $rr['abook_xchan'];
 				}
 			}
-
-			$encoded_item = ['locations' => Libzot::encode_locations($channel), 'type' => 'location', 'encoding' => 'zot'];
-			$target_item  = ['aid' => $channel['channel_account_id'], 'uid' => $channel['channel_id']];
-			$private      = false;
-			$packet_type  = 'location';
-			$location     = true;
+			self::$private     = false;
+			self::$packet_type = 'refresh';
 		}
 		elseif ($cmd === 'purge') {
 			$xchan = $argv[3];
@@ -248,33 +190,27 @@ class Notifier {
 				return;
 			}

-			$channel         = channelx_by_n($item_id);
-			$recipients[]    = $xchan;
-			$private         = true;
-			$packet_type     = 'purge';
-			$packet_recips[] = ['hash' => $xchan];
+			self::$channel     = channelx_by_n($item_id);
+			self::$recipients  = [$xchan];
+			self::$private     = true;
+			self::$packet_type = 'purge';
 		}
 		elseif ($cmd === 'purge_all') {
-
 			logger('notifier: purge_all: ' . $item_id);
-			$channel = channelx_by_n($item_id);
+			self::$channel     = channelx_by_n($item_id);
+			self::$recipients  = [];
+			self::$private     = false;
+			self::$packet_type = 'purge';

-			$recipients = [];
-			$r          = q("select abook_xchan from abook where abook_channel = %d and abook_self = 0",
+			$r = q("select abook_xchan from abook where abook_channel = %d and abook_self = 0",
 				intval($item_id)
 			);
 			if (!$r) {
 				return;
 			}
 			foreach ($r as $rr) {
-				$recipients[]    = $rr['abook_xchan'];
-				$packet_recips[] = ['hash' => $rr['abook_xchan']];
+				self::$recipients[] = $rr['abook_xchan'];
 			}
-
-			$private     = false;
-			$packet_type = 'purge';
-
-
 		}
 		else {

@@ -282,15 +218,14 @@ class Notifier {

 			// Fetch the target item

-			$r = q("SELECT * FROM item WHERE id = %d and parent != 0 LIMIT 1",
+			$r = q("SELECT * FROM item WHERE id = %d AND parent != 0",
 				intval($item_id)
 			);
-
-			if (!$r)
+			if (!$r) {
 				return;
+			}

 			xchan_query($r);
-
 			$r = fetch_post_tags($r);

 			$target_item = $r[0];
@@ -331,6 +266,12 @@ class Notifier {
 				return;
 			}

+			// follow/unfollow is for internal use only
+			if (in_array($target_item['verb'], [ACTIVITY_FOLLOW, ACTIVITY_UNFOLLOW])) {
+				logger('not fowarding follow/unfollow note activity');
+				return;
+			}
+
 			if (strpos($target_item['postopts'], 'nodeliver') !== false) {
 				logger('notifier: target item is undeliverable', LOGGER_DEBUG);
 				return;
@@ -339,11 +280,12 @@ class Notifier {
 			$s = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_id = %d limit 1",
 				intval($target_item['uid'])
 			);
-			if ($s)
-				$channel = $s[0];
+			if ($s) {
+				self::$channel = $s[0];
+			}

-			if ($channel['channel_hash'] !== $target_item['author_xchan'] && $channel['channel_hash'] !== $target_item['owner_xchan']) {
-				logger("notifier: Sending channel {$channel['channel_hash']} is not owner {$target_item['owner_xchan']} or author {$target_item['author_xchan']}", LOGGER_NORMAL, LOG_WARNING);
+			if (self::$channel['channel_hash'] !== $target_item['author_xchan'] && self::$channel['channel_hash'] !== $target_item['owner_xchan']) {
+				logger("notifier: Sending channel " . self::$channel['channel_hash'] . " is not owner {$target_item['owner_xchan']} or author {$target_item['author_xchan']}", LOGGER_NORMAL, LOG_WARNING);
 				return;
 			}

@@ -353,12 +295,13 @@ class Notifier {
 			}
 			else {
 				// fetch the parent item
-				$r = q("SELECT * from item where id = %d order by id asc",
+				$r = q("SELECT * FROM item WHERE id = %d",
 					intval($target_item['parent'])
 				);

-				if (!$r)
+				if (!$r) {
 					return;
+				}

 				if (strpos($r[0]['postopts'], 'nodeliver') !== false) {
 					logger('notifier: target item is undeliverable', LOGGER_DEBUG, LOG_NOTICE);
@@ -373,20 +316,17 @@ class Notifier {
 			}

 			// avoid looping of discover items 12/4/2014
-
-			if ($sys && $parent_item['uid'] == $sys['channel_id'])
+			if ($sys && $parent_item['uid'] == $sys['channel_id']) {
 				return;
+			}

-			$encoded_item = encode_item($target_item);
-
+			$m = get_iconfig($target_item, 'activitypub', 'signed_data');
 			// Re-use existing signature unless the activity type changed to a Tombstone, which won't verify.
-			$m = ((intval($target_item['item_deleted'])) ? '' : get_iconfig($target_item, 'activitypub', 'signed_data'));
-
-			if ($m) {
-				$activity = json_decode($m, true);
+			if ($m && (!intval($target_item['item_deleted']))) {
+				self::$encoded_item = json_decode($m, true);
 			}
 			else {
-				$activity = array_merge(['@context' => [
+				self::$encoded_item = array_merge(['@context' => [
 					ACTIVITYSTREAMS_JSONLD_REV,
 					'https://w3id.org/security/v1',
 					z_root() . ZOT_APSCHEMA_REV
@@ -395,7 +335,7 @@ class Notifier {
 			}

 			logger('target_item: ' . print_r($target_item, true), LOGGER_DEBUG);
-			logger('encoded: ' . print_r($activity, true), LOGGER_DEBUG);
+			logger('encoded: ' . print_r(self::$encoded_item, true), LOGGER_DEBUG);

 			// Send comments to the owner to re-deliver to everybody in the conversation
 			// We only do this if the item in question originated on this site. This prevents looping.
@@ -406,9 +346,9 @@ class Notifier {
 			// flag on comments for an extended period. So we'll also call comment_local_origin() which looks at
 			// the hostname in the message_id and provides a second (fallback) opinion.

-			$relay_to_owner = (((!$top_level_post) && (intval($target_item['item_origin'])) && comment_local_origin($target_item)) ? true : false);
-
-			$uplink = false;
+			$relay_to_owner = (!$top_level_post && intval($target_item['item_origin']) && comment_local_origin($target_item));
+			$uplink         = false;
+			$upstream       = false;

 			// $cmd === 'relay' indicates the owner is sending it to the original recipients
 			// don't allow the item in the relay command to relay to owner under any circumstances, it will loop
@@ -420,27 +360,34 @@ class Notifier {

 			if (($cmd === 'uplink') && intval($parent_item['item_uplink']) && (!$top_level_post)) {
 				logger('notifier: uplink');
-				$uplink = true;
+				$uplink            = true;
+				self::$packet_type = 'response';
 			}

 			if (($relay_to_owner || $uplink) && ($cmd !== 'relay')) {
 				logger('notifier: followup relay', LOGGER_DEBUG);
-				$recipients = [($uplink) ? $parent_item['source_xchan'] : $parent_item['owner_xchan']];
-				$private    = true;
-				if (!$encoded_item['flags'])
-					$encoded_item['flags'] = [];
-				$encoded_item['flags'][] = 'relay';
-				$upstream                = true;
+				$sendto            = (($uplink) ? $parent_item['source_xchan'] : $parent_item['owner_xchan']);
+				self::$recipients  = [$sendto];
+				self::$private     = true;
+				$upstream          = true;
+				self::$packet_type = 'response';
 			}
 			else {
-				logger('notifier: normal distribution', LOGGER_DEBUG);
-				if ($cmd === 'relay')
-					logger('notifier: owner relay');
-				$upstream = false;
+				if ($cmd === 'relay') {
+					logger('owner relay (downstream delivery)');
+				}
+				else {
+					logger('normal (downstream) distribution', LOGGER_DEBUG);
+				}
+
+				if ($parent_item && $parent_item['item_private'] !== $target_item['item_private']) {
+					logger('conversation privacy mismatch - downstream delivery prevented');
+					return;
+				}
+
 				// if our parent is a tag_delivery recipient, uplink to the original author causing
 				// a delivery fork.
-
-				if (($parent_item) && intval($parent_item['item_uplink']) && (!$top_level_post) && ($cmd !== 'uplink')) {
+				if ($parent_item && intval($parent_item['item_uplink']) && !$top_level_post && $cmd !== 'uplink') {
 					// don't uplink a relayed post to the relay owner
 					if ($parent_item['source_xchan'] !== $parent_item['owner_xchan']) {
 						logger('notifier: uplinking this item');
@@ -448,98 +395,88 @@ class Notifier {
 					}
 				}

-				$private    = false;
-				$recipients = collect_recipients($parent_item, $private);
-
-				if ($top_level_post) {
-					// remove clones who will receive the post via sync
-					$recipients = array_diff($recipients, [$target_item['owner_xchan']]);
-				}
+				self::$private    = false;
+				self::$recipients = collect_recipients($parent_item, self::$private);

 				// FIXME add any additional recipients such as mentions, etc.

+				if ($top_level_post) {
+					// remove clones who will receive the post via sync
+					self::$recipients = array_values(array_diff(self::$recipients, [$target_item['owner_xchan']]));
+				}
+
+				// don't send deletions onward for other people's stuff
+				if (intval($target_item['item_deleted']) && (!intval($target_item['item_wall']))) {
+					logger('notifier: ignoring delete notification for non-wall item', LOGGER_NORMAL, LOG_NOTICE);
+					return;
+				}
 			}
 		}

-		$walltowall = (($top_level_post && $channel['xchan_hash'] === $target_item['author_xchan']) ? true : false);
-
 		// Generic delivery section, we have an encoded item and recipients
 		// Now start the delivery process

-		$x          = $encoded_item;
-		$x['title'] = 'private';
-		$x['body']  = 'private';
-		logger('notifier: encoded item: ' . print_r($x, true), LOGGER_DATA, LOG_DEBUG);
+		logger('encoded item: ' . print_r(self::$encoded_item, true), LOGGER_DATA, LOG_DEBUG);

-		//logger('notifier: encoded activity: ' . print_r($activity,true), LOGGER_DATA, LOG_DEBUG);
-
-		stringify_array_elms($recipients);
-		if (!$recipients) {
+		stringify_array_elms(self::$recipients);
+		if (!self::$recipients) {
 			logger('no recipients');
 			return;
 		}

-		//	logger('notifier: recipients: ' . print_r($recipients,true), LOGGER_NORMAL, LOG_DEBUG);
+		// logger('recipients: ' . print_r(self::$recipients,true), LOGGER_NORMAL, LOG_DEBUG);

-		$env_recips = (($private) ? [] : null);
-
-		$details = q("select xchan_hash, xchan_network, xchan_addr, xchan_guid, xchan_guid_sig from xchan where xchan_hash in (" . protect_sprintf(implode(',', $recipients)) . ")");
+		if (!count(self::$env_recips)) {
+			self::$env_recips = ((self::$private) ? [] : null);
+		}

 		$recip_list = [];

+		$details = dbq("select xchan_hash, xchan_network, xchan_addr, xchan_guid, xchan_guid_sig from xchan where xchan_hash in (" . protect_sprintf(implode(',', self::$recipients)) . ")");
+
 		if ($details) {
 			foreach ($details as $d) {
 				$recip_list[] = $d['xchan_addr'] . ' (' . $d['xchan_hash'] . ')';
-				if ($private) {
-					$env_recips[] = [
-						'guid'     => $d['xchan_guid'],
-						'guid_sig' => $d['xchan_guid_sig'],
-						'hash'     => $d['xchan_hash']
-					];
+				if (self::$private) {
+					self::$env_recips[] = $d['xchan_hash'];
 				}
 			}
 		}


 		$narr = [
-			'channel'        => $channel,
+			'channel'        => self::$channel,
 			'upstream'       => $upstream,
-			'env_recips'     => $env_recips,
-			'packet_recips'  => $packet_recips,
-			'recipients'     => $recipients,
-			'item'           => $item,
+			'env_recips'     => self::$env_recips,
+			'recipients'     => self::$recipients,
 			'target_item'    => $target_item,
 			'parent_item'    => $parent_item,
 			'top_level_post' => $top_level_post,
-			'private'        => $private,
+			'private'        => self::$private,
 			'relay_to_owner' => $relay_to_owner,
 			'uplink'         => $uplink,
 			'cmd'            => $cmd,
-			'mail'           => $mail,
-			'single'         => (($cmd === 'single_mail' || $cmd === 'single_activity') ? true : false),
-			'location'       => $location,
-			'request'        => $request,
+			'single'         => ($cmd === 'single_activity'),
 			'normal_mode'    => $normal_mode,
-			'packet_type'    => $packet_type,
-			'walltowall'     => $walltowall,
+			'packet_type'    => self::$packet_type,
 			'queued'         => []
 		];

 		call_hooks('notifier_process', $narr);
 		if ($narr['queued']) {
 			foreach ($narr['queued'] as $pq)
-				$deliveries[] = $pq;
+				self::$deliveries[] = $pq;
 		}

 		// notifier_process can alter the recipient list

-		$recipients    = $narr['recipients'];
-		$env_recips    = $narr['env_recips'];
-		$packet_recips = $narr['packet_recips'];
+		self::$recipients = $narr['recipients'];
+		self::$env_recips = $narr['env_recips'];

-		if (($private) && (!$env_recips)) {
+		if (self::$private && !self::$env_recips) {
 			// shouldn't happen
 			logger('notifier: private message with no envelope recipients.' . print_r($argv, true), LOGGER_NORMAL, LOG_NOTICE);
+			return;
 		}

 		logger('notifier: recipients (may be delivered to more if public): ' . print_r($recip_list, true), LOGGER_DEBUG);
@@ -548,15 +485,15 @@ class Notifier {
 		// Now we have collected recipients (except for external mentions, FIXME)
 		// Let's reduce this to a set of hubs; checking that the site is not dead.

-		$hubs = q("select hubloc.*, site.site_crypto, site.site_flags, site.site_version, site.site_project, site.site_dead from hubloc left join site on site_url = hubloc_url
-			where hubloc_hash in (" . protect_sprintf(implode(',', $recipients)) . ")
+		$hubs = q("select hubloc.*, site.site_crypto, site.site_flags, site.site_dead from hubloc left join site on site_url = hubloc_url
+			where hubloc_hash in (" . protect_sprintf(implode(',', self::$recipients)) . ")
 			and hubloc_error = 0 and hubloc_deleted = 0"
 		);

 		// public posts won't make it to the local public stream unless there's a recipient on this site.
 		// This code block sees if it's a public post and localhost is missing, and if so adds an entry for the local sys channel to the $hubs list

-		if (!$private) {
+		if (!self::$private) {
 			$found_localhost = false;
 			if ($hubs) {
 				foreach ($hubs as $h) {
@@ -567,12 +504,12 @@ class Notifier {
 				}
 			}
 			if (!$found_localhost) {
-				$localhub = q("select hubloc.*, site.site_crypto, site.site_flags, site.site_version, site.site_project, site.site_dead from hubloc
-					left join site on site_url = hubloc_url where hubloc_id_url = '%s' and hubloc_error = 0 and hubloc_deleted = 0",
+				$localhub = q("select hubloc.*, site.site_crypto, site.site_flags, site.site_dead from hubloc left join site on site_url = hubloc_url
+				 	where hubloc_id_url = '%s' and hubloc_error = 0 and hubloc_deleted = 0",
 					dbesc(z_root() . '/channel/sys')
 				);
 				if ($localhub) {
-					$hubs = array_merge($hubs, $localhub);
+					$hubs = array_merge($localhub, $hubs);
 				}
 			}
 		}
@@ -597,33 +534,24 @@ class Notifier {
 		$dead    = []; // known dead hubs - report them as undeliverable

 		foreach ($hubs as $hub) {
-
-			if (intval($hub['site_dead'])) {
+			if (isset($hub['site_dead']) && intval($hub['site_dead'])) {
 				$dead[] = $hub;
 				continue;
 			}

-			if ($env_recips) {
-				foreach ($env_recips as $er) {
-					if ($hub['hubloc_hash'] === $er['hash']) {
-						if (!array_key_exists($hub['hubloc_host'] . $hub['hubloc_sitekey'], $hub_env)) {
-							$hub_env[$hub['hubloc_host'] . $hub['hubloc_sitekey']] = [];
+			if (self::$env_recips) {
+				foreach (self::$env_recips as $er) {
+					if ($hub['hubloc_hash'] === $er) {
+						if (!array_key_exists($hub['hubloc_site_id'], $hub_env)) {
+							$hub_env[$hub['hubloc_site_id']] = [];
 						}
-						$hub_env[$hub['hubloc_host'] . $hub['hubloc_sitekey']][] = $er;
+						$hub_env[$hub['hubloc_site_id']][] = $er;
 					}
 				}
 			}

-
-			if ($hub['hubloc_network'] == 'zot') {
+			if ($hub['hubloc_network'] === 'zot6') {
 				if (!in_array($hub['hubloc_sitekey'], $keys)) {
-					$hublist[] = $hub['hubloc_host'] . ' ' . $hub['hubloc_network'];
-					$dhubs[]   = $hub;
-					$keys[]    = $hub['hubloc_sitekey'];
-				}
-			}
-			else {
-				if (!in_array($hub['hubloc_url'], $urls)) {
 					if ($hub['hubloc_url'] === z_root()) {
 						//deliver to local hub first
 						array_unshift($hublist, $hub['hubloc_host'] . ' ' . $hub['hubloc_network']);
@@ -633,7 +561,14 @@ class Notifier {
 						$hublist[] = $hub['hubloc_host'] . ' ' . $hub['hubloc_network'];
 						$dhubs[]   = $hub;
 					}
-					$urls[] = $hub['hubloc_url'];
+					$keys[] = $hub['hubloc_sitekey'];
+				}
+			}
+			else {
+				if (!in_array($hub['hubloc_url'], $urls)) {
+					$hublist[] = $hub['hubloc_host'] . ' ' . $hub['hubloc_network'];
+					$dhubs[]   = $hub;
+					$urls[]    = $hub['hubloc_url'];
 				}
 			}
 		}
@@ -644,37 +579,30 @@ class Notifier {

 			logger('notifier_hub: ' . $hub['hubloc_url'], LOGGER_DEBUG);

-			if (!in_array($hub['hubloc_network'], ['zot', 'zot6'])) {
+			if ($hub['hubloc_network'] !== 'zot6') {
 				$narr = [
-					'channel'        => $channel,
+					'channel'        => self::$channel,
 					'upstream'       => $upstream,
-					'env_recips'     => $env_recips,
-					'packet_recips'  => $packet_recips,
-					'recipients'     => $recipients,
-					'item'           => $item,
+					'env_recips'     => self::$env_recips,
+					'recipients'     => self::$recipients,
 					'target_item'    => $target_item,
 					'parent_item'    => $parent_item,
 					'hub'            => $hub,
 					'top_level_post' => $top_level_post,
-					'private'        => $private,
+					'private'        => self::$private,
 					'relay_to_owner' => $relay_to_owner,
 					'uplink'         => $uplink,
 					'cmd'            => $cmd,
-					'mail'           => $mail,
-					'single'         => (($cmd === 'single_mail' || $cmd === 'single_activity') ? true : false),
-					'location'       => $location,
-					'request'        => $request,
+					'single'         => $cmd === 'single_activity',
 					'normal_mode'    => $normal_mode,
-					'packet_type'    => $packet_type,
-					'walltowall'     => $walltowall,
+					'packet_type'    => self::$packet_type,
 					'queued'         => []
 				];

-
 				call_hooks('notifier_hub', $narr);
 				if ($narr['queued']) {
 					foreach ($narr['queued'] as $pq)
-						$deliveries[] = $pq;
+						self::$deliveries[] = $pq;
 				}
 				continue;

@@ -689,153 +617,62 @@ class Notifier {
 			// will invoke a delivery to those connections which are connected to just that
 			// hub instance.

-			if ($cmd === 'single_mail' || $cmd === 'single_activity') {
+			if ($cmd === 'single_activity') {
 				continue;
 			}

-			if (!in_array($hub['hubloc_network'], ['zot', 'zot6'])) {
+			// default: zot protocol
+
+			$hash = new_uuid();
+
+			$env = (($hub_env && $hub_env[$hub['hubloc_site_id']]) ? $hub_env[$hub['hubloc_site_id']] : '');
+			if ((self::$private) && (!$env)) {
 				continue;
 			}

-			// Do not change this to a uuid as long as we have traditional zot servers
-			// in the loop. The signature verification step can't handle dashes in the
-			// hashes.
+			$packet = Libzot::build_packet(self::$channel, self::$packet_type, $env, self::$encoded_item, self::$encoding, ((self::$private) ? $hub['hubloc_sitekey'] : null), $hub['site_crypto']);

-			$hash = random_string(48);
+			Queue::insert(
+				[
+					'hash'       => $hash,
+					'account_id' => self::$channel['channel_account_id'],
+					'channel_id' => self::$channel['channel_id'],
+					'posturl'    => $hub['hubloc_callback'],
+					'notify'     => $packet,
+					'msg'        => EMPTY_STR
+				]
+			);

-			$packet = null;
-			$pmsg   = '';
-
-			if ($packet_type === 'refresh' || $packet_type === 'purge') {
-				if ($hub['hubloc_network'] === 'zot6') {
-					$packet = Libzot::build_packet($channel, $packet_type, ids_to_array($packet_recips, 'hash'));
-				}
-				else {
-					$packet = zot_build_packet($channel, $packet_type, (($packet_recips) ? $packet_recips : null));
-				}
-			}
-			if ($packet_type === 'keychange' && $hub['hubloc_network'] === 'zot') {
-				$pmsg   = get_pconfig($channel['channel_id'], 'system', 'keychange');
-				$packet = zot_build_packet($channel, $packet_type, (($packet_recips) ? $packet_recips : null));
-			}
-			elseif ($packet_type === 'request' && $hub['hubloc_network'] === 'zot') {
-				$env    = (($hub_env && $hub_env[$hub['hubloc_host'] . $hub['hubloc_sitekey']]) ? $hub_env[$hub['hubloc_host'] . $hub['hubloc_sitekey']] : '');
-				$packet = zot_build_packet($channel, $packet_type, $env, $hub['hubloc_sitekey'], $hub['site_crypto'],
-					$hash, ['message_id' => $request_message_id]
+			// only create delivery reports for normal undeleted items
+			if (is_array($target_item) && (!$target_item['item_deleted']) && (!get_config('system', 'disable_dreport'))) {
+				q("insert into dreport ( dreport_mid, dreport_site, dreport_recip, dreport_name, dreport_result, dreport_time, dreport_xchan, dreport_queue )
+					values ( '%s', '%s','%s','%s','%s','%s','%s','%s' ) ",
+					dbesc($target_item['mid']),
+					dbesc($hub['hubloc_host']),
+					dbesc($hub['hubloc_host']),
+					dbesc($hub['hubloc_host']),
+					dbesc('queued'),
+					dbesc(datetime_convert()),
+					dbesc(self::$channel['channel_hash']),
+					dbesc($hash)
 				);
 			}

-			if ($packet) {
-				Queue::insert(
-					[
-						'hash'       => $hash,
-						'account_id' => $channel['channel_account_id'],
-						'channel_id' => $channel['channel_id'],
-						'posturl'    => $hub['hubloc_callback'],
-						'driver'     => $hub['hubloc_network'],
-						'notify'     => $packet,
-						'msg'        => (($pmsg) ? json_encode($pmsg) : '')
-					]
-				);
-			}
-			else {
-				$env = (($hub_env && $hub_env[$hub['hubloc_host'] . $hub['hubloc_sitekey']]) ? $hub_env[$hub['hubloc_host'] . $hub['hubloc_sitekey']] : '');
+			self::$deliveries[] = $hash;

-				if ($hub['hubloc_network'] === 'zot6') {
-					$zenv = [];
-					if ($env) {
-						foreach ($env as $e) {
-							$zenv[] = $e['hash'];
-						}
-					}
-
-					$packet_type = (($upstream || $uplink) ? 'response' : 'activity');
-
-					// block zot private reshares from zot6, as this could cause a number of privacy issues
-					// due to parenting differences between the reshare implementations. In zot a reshare is
-					// a standalone parent activity and in zot6 it is a followup/child of the original activity.
-					// For public reshares, some comments to the reshare on the zot fork will not make it to zot6
-					// due to these different message models. This cannot be prevented at this time.
-
-					if ($packet_type === 'activity' && $activity['type'] === 'Announce' && intval($target_item['item_private'])) {
-						continue;
-					}
-
-					$packet = Libzot::build_packet($channel, $packet_type, $zenv, $activity, 'activitystreams', (($private) ? $hub['hubloc_sitekey'] : null), $hub['site_crypto']);
-				}
-				else {
-					// currently zot6 delivery is only performed on normal items and not sync items or mail or anything else
-					// Eventually we will do this for all deliveries, but for now ensure this is precisely what we are dealing
-					// with before switching to zot6 as the primary zot6 handler checks for the existence of a message delivery report
-					// to trigger dequeue'ing
-
-					$z6 = (($encoded_item && $encoded_item['type'] === 'activity' && (!array_key_exists('allow_cid', $encoded_item))) ? true : false);
-					if ($z6) {
-						$packet = zot6_build_packet($channel, 'notify', $env, json_encode($encoded_item), (($private) ? $hub['hubloc_sitekey'] : null), $hub['site_crypto'], $hash);
-					}
-					else {
-						$packet = zot_build_packet($channel, 'notify', $env, (($private) ? $hub['hubloc_sitekey'] : null), $hub['site_crypto'], $hash);
-
-					}
-				}
-
-
-				// remove this after most hubs have updated to version 5.0
-				if (stripos($hub['site_project'], 'hubzilla') !== false && version_compare($hub['site_version'], '4.7.3', '<=')) {
-					if ($encoded_item['type'] === 'mail') {
-						$encoded_item['from']['network']  = 'zot';
-						$encoded_item['from']['guid_sig'] = str_replace('sha256.', '', $encoded_item['from']['guid_sig']);
-					}
-					else {
-						$encoded_item['owner']['network']  = 'zot';
-						$encoded_item['owner']['guid_sig'] = str_replace('sha256.', '', $encoded_item['owner']['guid_sig']);
-						if (strpos($encoded_item['author']['url'], z_root()) === 0) {
-							$encoded_item['author']['network']  = 'zot';
-							$encoded_item['author']['guid_sig'] = str_replace('sha256.', '', $encoded_item['author']['guid_sig']);
-						}
-					}
-				}
-
-				Queue::insert(
-					[
-						'hash'       => $hash,
-						'account_id' => $target_item['aid'],
-						'channel_id' => $target_item['uid'],
-						'posturl'    => $hub['hubloc_callback'],
-						'driver'     => $hub['hubloc_network'],
-						'notify'     => $packet,
-						'msg'        => json_encode($encoded_item)
-					]
-				);
-
-				// only create delivery reports for normal undeleted items
-				if (is_array($target_item) && array_key_exists('postopts', $target_item) && (!$target_item['item_deleted']) && (!get_config('system', 'disable_dreport'))) {
-					q("insert into dreport ( dreport_mid, dreport_site, dreport_recip, dreport_result, dreport_time, dreport_xchan, dreport_queue ) values ( '%s','%s','%s','%s','%s','%s','%s' ) ",
-						dbesc($target_item['mid']),
-						dbesc($hub['hubloc_host']),
-						dbesc($hub['hubloc_host']),
-						dbesc('queued'),
-						dbesc(datetime_convert()),
-						dbesc($channel['channel_hash']),
-						dbesc($hash)
-					);
-				}
-			}
-
-			$deliveries[] = $hash;
 		}

 		if ($normal_mode) {
+			// This wastes a process if there are no delivery hooks configured, so check this before launching the new process
 			$x = q("select * from hook where hook = 'notifier_normal'");
 			if ($x) {
 				Master::Summon(['Deliver_hooks', $target_item['id']]);
 			}
 		}

-		if ($deliveries)
-			do_delivery($deliveries);
-
-		logger('notifier: basic loop complete.', LOGGER_DEBUG);
+		if (self::$deliveries) {
+			do_delivery(self::$deliveries);
+		}

 		if ($dead) {
 			foreach ($dead as $deceased) {
@@ -848,8 +685,8 @@ class Notifier {
 						dbesc($deceased['hubloc_host']),
 						dbesc('undeliverable/unresponsive site'),
 						dbesc(datetime_convert()),
-						dbesc($channel['channel_hash']),
-						dbesc(random_string(48))
+						dbesc(self::$channel['channel_hash']),
+						dbesc(new_uuid())
 					);
 				}
 			}
@@ -858,6 +695,7 @@ class Notifier {
 		call_hooks('notifier_end', $target_item);

 		logger('notifer: complete.');
+
 		return;

 	}
--- a/Zotlabs/Daemon/Onedirsync.php
+++ b/Zotlabs/Daemon/Onedirsync.php
@@ -5,10 +5,6 @@ namespace Zotlabs\Daemon;
 use Zotlabs\Lib\Libzot;
 use Zotlabs\Lib\Libzotdir;

-require_once('include/zot.php');
-require_once('include/dir_fns.php');
-
-
 class Onedirsync {

 	static public function run($argc, $argv) {
@@ -29,6 +25,7 @@ class Onedirsync {

 		if (!$r)
 			return;
+
 		if (($r[0]['ud_flags'] & UPDATE_FLAGS_UPDATED) || (!$r[0]['ud_addr']))
 			return;

@@ -54,25 +51,24 @@ class Onedirsync {
 		// ignore doing an update if this ud_addr refers to a known dead hubloc

 		$h = q("select * from hubloc where hubloc_addr = '%s'",
-			dbesc($r[0]['ud_addr'])
+			dbesc($r[0]['ud_addr']),
 		);

 		$h = Libzot::zot_record_preferred($h);

-		if (($h) && ($h['hubloc_status'] & HUBLOC_OFFLINE)) {
+		if (($h) && (($h['hubloc_status'] & HUBLOC_OFFLINE) || $h['hubloc_deleted'] || $h['hubloc_error'])) {
 			q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and ( ud_flags & %d ) = 0 ",
-				intval(UPDATE_FLAGS_UPDATED),
+				intval(UPDATE_FLAGS_DELETED),
 				dbesc($r[0]['ud_addr']),
 				intval(UPDATE_FLAGS_UPDATED)
 			);
-
 			return;
 		}

 		// we might have to pull this out some day, but for now update_directory_entry()
 		// runs zot_finger() and is kind of zot specific

-		if ($h && !in_array($h['hubloc_network'], ['zot6', 'zot']))
+		if ($h && $h['hubloc_network'] !== 'zot6')
 			return;

 		Libzotdir::update_directory_entry($r[0]);
--- a/Zotlabs/Daemon/Onepoll.php
+++ b/Zotlabs/Daemon/Onepoll.php
@@ -8,6 +8,7 @@ use Zotlabs\Lib\ASCollection;
 use Zotlabs\Lib\Libzot;

 require_once('include/socgraph.php');
+require_once('include/feedutils.php');

 class Onepoll {

@@ -44,7 +45,7 @@ class Onepoll {
 			return;
 		}

-		$contact      = array_shift($contacts);
+		$contact      = $contacts[0];
 		$importer_uid = $contact['abook_channel'];

 		$r = q("SELECT * from channel left join xchan on channel_hash = xchan_hash where channel_id = %d limit 1",
@@ -75,16 +76,12 @@ class Onepoll {
 			return;
 		}

-		if (!in_array($contact['xchan_network'], ['zot', 'zot6']))
+		if ($contact['xchan_network'] !== 'zot6')
 			return;

 		// update permissions

-		if ($contact['xchan_network'] === 'zot6')
-			$x = Libzot::refresh($contact, $importer);
-
-		if ($contact['xchan_network'] === 'zot')
-			$x = zot_refresh($contact, $importer);
+		$x = Libzot::refresh($contact, $importer);

 		$responded = false;
 		$updated   = datetime_convert();
@@ -109,31 +106,30 @@ class Onepoll {
 			return;

 		$fetch_feed = true;
-		$x          = null;

 		// They haven't given us permission to see their stream
-
 		$can_view_stream = intval(get_abconfig($importer_uid, $contact['abook_xchan'], 'their_perms', 'view_stream'));

-		if (!$can_view_stream)
+		if (!$can_view_stream) {
 			$fetch_feed = false;
+		}

 		// we haven't given them permission to send us their stream
-
 		$can_send_stream = intval(get_abconfig($importer_uid, $contact['abook_xchan'], 'my_perms', 'send_stream'));

-		if (!$can_send_stream)
+		if (!$can_send_stream) {
 			$fetch_feed = false;
+		}

-		if ($fetch_feed && $contact['xchan_network'] !== 'zot') {
+		if ($fetch_feed) {

 			$max = intval(get_config('system', 'max_imported_posts', 30));

 			if (intval($max)) {
 				$cl = get_xconfig($contact['abook_xchan'], 'activitypub', 'collections');

-				if (is_array($cl) && $cl) {
-					$url = ((array_key_exists('outbox', $cl)) ? $cl['outbox'] : '');
+				if (is_array($cl) && array_key_exists('outbox', $cl)) {
+					$url = $cl['outbox'];
 				}
 				else {
 					$url = str_replace('/poco/', '/zotfeed/', $contact['xchan_connurl']);
@@ -160,55 +156,13 @@ class Onepoll {
 			}
 		}

-		/*			if ($fetch_feed) {
-
-						if (strpos($contact['xchan_connurl'], z_root()) === 0) {
-							// local channel - save a network fetch
-							$c = channelx_by_hash($contact['xchan_hash']);
-							if ($c) {
-								$x = [
-									'success' => true,
-									'body'    => json_encode([
-										'success'  => true,
-										'messages' => zot_feed($c['channel_id'], $importer['xchan_hash'], ['mindate' => $last_update])
-									])
-								];
-							}
-						}
-						else {
-							// remote fetch
-
-							$feedurl = str_replace('/poco/', '/zotfeed/', $contact['xchan_connurl']);
-							$feedurl .= '?f=&mindate=' . urlencode($last_update) . '&zid=' . $importer['channel_address'] . '@' . App::get_hostname();
-							$recurse = 0;
-							$x       = z_fetch_url($feedurl, false, $recurse, ['session' => true]);
-						}
-
-						logger('feed_update: ' . print_r($x, true), LOGGER_DATA);
-					}
-
-					if (($x) && ($x['success'])) {
-						$total = 0;
-						logger('onepoll: feed update ' . $contact['xchan_name'] . ' ' . $feedurl);
-
-						$j = json_decode($x['body'], true);
-						if ($j['success'] && $j['messages']) {
-							foreach ($j['messages'] as $message) {
-								$results = process_delivery(['hash' => $contact['xchan_hash']], get_item_elements($message),
-									[['hash' => $importer['xchan_hash']]], false);
-								logger('onepoll: feed_update: process_delivery: ' . print_r($results, true), LOGGER_DATA);
-								$total++;
-							}
-							logger("onepoll: $total messages processed");
-						}
-					}
-		*/
-
 		// update the poco details for this connection
 		$r = q("SELECT xlink_id from xlink where xlink_xchan = '%s' and xlink_updated > %s - INTERVAL %s and xlink_static = 0 limit 1",
 			intval($contact['xchan_hash']),
-			db_utcnow(), db_quoteinterval('1 DAY')
+			db_utcnow(),
+			db_quoteinterval('1 DAY')
 		);
+
 		if (!$r) {
 			poco_load($contact['xchan_hash'], $contact['xchan_connurl']);
 		}
--- a/Zotlabs/Daemon/Poller.php
+++ b/Zotlabs/Daemon/Poller.php
@@ -69,11 +69,11 @@ class Poller {
 			abook.abook_channel, abook.abook_id, abook.abook_archived, abook.abook_pending,
 			abook.abook_ignored, abook.abook_blocked,
 			xchan.xchan_network,
-			account.account_lastlog, account.account_flags 
-			FROM abook LEFT JOIN xchan on abook_xchan = xchan_hash 
+			account.account_lastlog, account.account_flags
+			FROM abook LEFT JOIN xchan on abook_xchan = xchan_hash
 			LEFT JOIN account on abook_account = account_id
 			where abook_self = 0
-			$sql_extra 
+			$sql_extra
 			AND (( account_flags = %d ) OR ( account_flags = %d )) $abandon_sql ORDER BY $randfunc",
 			intval(ACCOUNT_OK),
 			intval(ACCOUNT_UNVERIFIED)     // FIXME
@@ -102,8 +102,7 @@ class Poller {
 					continue;
 				}

-
-				if (!in_array($contact['xchan_network'], ['zot', 'zot6']))
+				if ($contact['xchan_network'] !== 'zot6')
 					continue;

 				if ($c == $t) {
@@ -191,7 +190,7 @@ class Poller {

 		set_config('system', 'lastpoll', datetime_convert());

-		//All done - clear the lockfile	
+		//All done - clear the lockfile

 		@unlink($lockfile);

--- a/Zotlabs/Daemon/Queue.php
+++ b/Zotlabs/Daemon/Queue.php
@@ -2,8 +2,7 @@

 namespace Zotlabs\Daemon;

-require_once('include/queue_fn.php');
-require_once('include/zot.php');
+use Zotlabs\Lib\Queue as LibQueue;

 class Queue {

@@ -28,7 +27,7 @@ class Queue {
 		if ($r) {
 			foreach ($r as $rr) {
 				$h       = parse_url($rr['outq_posturl']);
-				$desturl = $h['scheme'] . '://' . $h['host'] . (($h['port']) ? ':' . $h['port'] : '');
+				$desturl = $h['scheme'] . '://' . $h['host'] . (isset($h['port']) ? ':' . $h['port'] : '');
 				q("update site set site_dead = 1 where site_dead = 0 and site_url = '%s' and site_update < %s - INTERVAL %s",
 					dbesc($desturl),
 					db_utcnow(), db_quoteinterval('1 MONTH')
@@ -48,17 +47,17 @@ class Queue {
 		else {

 			// For the first 12 hours we'll try to deliver every 15 minutes
-			// After that, we'll only attempt delivery once per hour. 
-			// This currently only handles the default queue drivers ('zot' or '') which we will group by posturl 
+			// After that, we'll only attempt delivery once per hour.
+			// This currently only handles the default queue drivers ('zot' or '') which we will group by posturl
 			// so that we don't start off a thousand deliveries for a couple of dead hubs.
 			// The zot driver will deliver everything destined for a single hub once contact is made (*if* contact is made).
 			// Other drivers will have to do something different here and may need their own query.

-			// Note: this requires some tweaking as new posts to long dead hubs once a day will keep them in the 
+			// Note: this requires some tweaking as new posts to long dead hubs once a day will keep them in the
 			// "every 15 minutes" category. We probably need to prioritise them when inserted into the queue
 			// or just prior to this query based on recent and long-term delivery history. If we have good reason to believe
-			// the site is permanently down, there's no reason to attempt delivery at all, or at most not more than once 
-			// or twice a day. 
+			// the site is permanently down, there's no reason to attempt delivery at all, or at most not more than once
+			// or twice a day.

 			$sqlrandfunc = db_getfunc('rand');

@@ -67,7 +66,7 @@ class Queue {
 			);
 			while ($r) {
 				foreach ($r as $rv) {
-					queue_deliver($rv);
+					LibQueue::deliver($rv);
 				}
 				$r = q("SELECT *,$sqlrandfunc as rn FROM outq WHERE outq_delivered = 0 and outq_scheduled < %s order by rn limit 1",
 					db_utcnow()
@@ -78,7 +77,7 @@ class Queue {
 			return;

 		foreach ($r as $rv) {
-			queue_deliver($rv);
+			LibQueue::deliver($rv);
 		}
 	}
 }
--- a/Zotlabs/Daemon/Ratenotif.php
+++ b/Zotlabs/Daemon/Ratenotif.php
@@ -1,126 +0,0 @@
-<?php
-
-namespace Zotlabs\Daemon;
-
-require_once('include/zot.php');
-require_once('include/queue_fn.php');
-
-
-class Ratenotif {
-
-	static public function run($argc,$argv) {
-
-
-		// Deprecated
-		return;
-
-
-		require_once("datetime.php");
-		require_once('include/items.php');
-
-		if($argc < 3)
-			return;
-
-
-		logger('ratenotif: invoked: ' . print_r($argv,true), LOGGER_DEBUG);
-
-		$cmd = $argv[1];
-
-		$item_id = $argv[2];
-
-
-		if($cmd === 'rating') {
-			$r = q("select * from xlink where xlink_id = %d and xlink_static = 1 limit 1",
-				intval($item_id)
-			);
-			if(! $r) {
-				logger('rating not found');
-				return;
-			}
-
-			$encoded_item = array(
-				'type' => 'rating', 
-				'encoding' => 'zot',
-				'target' => $r[0]['xlink_link'],
-				'rating' => intval($r[0]['xlink_rating']),
-				'rating_text' => $r[0]['xlink_rating_text'],
-				'signature' => $r[0]['xlink_sig'],
-				'edited' => $r[0]['xlink_updated']
-			);
-		}
-
-		$channel = channelx_by_hash($r[0]['xlink_xchan']);
-		if(! $channel) {
-			logger('no channel');
-			return;
-		}
-
-
-		$primary = get_directory_primary();
-	
-		if(! $primary)
-			return;
-
-
-		$interval = ((get_config('system','delivery_interval') !== false) 
-			? intval(get_config('system','delivery_interval')) : 2 );
-
-		$deliveries_per_process = intval(get_config('system','delivery_batch_count'));
-
-		if($deliveries_per_process <= 0)
-			$deliveries_per_process = 1;
-
-		$deliver = array();
-
-		$x = z_fetch_url($primary . '/regdir');
-		if($x['success']) {
-			$j = json_decode($x['body'],true);
-			if($j && $j['success'] && is_array($j['directories'])) {
-
-				foreach($j['directories'] as $h) {
-					if($h == z_root())
-						continue;
-
-					$hash = random_string();
-					$n = zot_build_packet($channel,'notify',null,null,'',$hash);
-
-					queue_insert(array(
-						'hash'       => $hash,
-						'account_id' => $channel['channel_account_id'],
-						'channel_id' => $channel['channel_id'],
-						'posturl'    => $h . '/post',
-						'notify'     => $n,
-						'msg'        => json_encode($encoded_item)
-					));
-
-
-					$x = q("select count(outq_hash) as total from outq where outq_delivered = 0");
-					if(intval($x[0]['total']) > intval(get_config('system','force_queue_threshold',300))) {
-						logger('immediate delivery deferred.', LOGGER_DEBUG, LOG_INFO);
-						update_queue_item($hash);
-						continue;
-					}
-
-					$deliver[] = $hash;
-	
-					if(count($deliver) >= $deliveries_per_process) {
-						Master::Summon(array('Deliver',$deliver));
-						$deliver = array();
-						if($interval)
-							@time_sleep_until(microtime(true) + (float) $interval);
-					}
-				}
-	
-				// catch any stragglers
-	
-				if(count($deliver)) {
-					Master::Summon(array('Deliver',$deliver));
-				}
-			}
-		}
-		
-		logger('ratenotif: complete.');
-		return;
-
-	}
-}
--- a/Zotlabs/Daemon/Thumbnail.php
+++ b/Zotlabs/Daemon/Thumbnail.php
@@ -45,7 +45,6 @@ class Thumbnail {
 			return;
 		}

-
 		$default_controller = null;

 		$files = glob('Zotlabs/Thumbs/*.php');
--- a/Zotlabs/Lib/Activity.php
+++ b/Zotlabs/Lib/Activity.php
@@ -11,6 +11,7 @@ use Zotlabs\Web\HTTPSig;

 require_once('include/event.php');
 require_once('include/html2plain.php');
+require_once('include/items.php');

 class Activity {

@@ -41,9 +42,6 @@ class Activity {
 			if ($x['type'] === ACTIVITY_OBJ_EVENT) {
 				return self::fetch_event($x);
 			}
-			if ($x['type'] === ACTIVITY_OBJ_PHOTO) {
-				return self::fetch_image($x);
-			}

 			call_hooks('encode_object', $x);
 		}
@@ -104,7 +102,10 @@ class Activity {
 		if ($x['success']) {
 			$m = parse_url($url);
 			if ($m) {
-				$site_url = unparse_url(['scheme' => $m['scheme'], 'host' => $m['host'], 'port' => $m['port'] ]);
+				$y = [ 'scheme' => $m['scheme'], 'host' => $m['host'] ];
+				if (array_key_exists('port', $m))
+					$y['port'] = $m['port'];
+				$site_url = unparse_url($y);
 				q("UPDATE site SET site_update = '%s', site_dead = 0 WHERE site_url = '%s' AND site_update < %s - INTERVAL %s",
 					dbesc(datetime_convert()),
 					dbesc($site_url),
@@ -129,8 +130,8 @@ class Activity {
 	}

 	static function fetch_profile($x) {
-		$r = q("select * from xchan where xchan_url like '%s' limit 1",
-			dbesc($x['id'] . '/%')
+		$r = q("select * from xchan where xchan_url = '%s' limit 1",
+			dbesc($x['id'])
 		);
 		if (!$r) {
 			$r = q("select * from xchan where xchan_hash = '%s' limit 1",
@@ -190,6 +191,7 @@ class Activity {
 	}

 	static function fetch_image($x) {
+
 		$ret = [
 			'type'      => 'Image',
 			'id'        => $x['id'],
@@ -376,6 +378,8 @@ class Activity {

 		$ret = [];

+
+
 		if ($i['verb'] === ACTIVITY_FRIEND) {
 			// Hubzilla 'make-friend' activity, no direct mapping from AS1 to AS2 - make it a note
 			$objtype = 'Note';
@@ -570,7 +574,7 @@ class Activity {

 		$ret = [];

-		if ($item['tag'] && is_array($item['tag'])) {
+		if (array_key_exists('tag', $item) && is_array($item['tag'])) {
 			$ptr = $item['tag'];
 			if (!array_key_exists(0, $ptr)) {
 				$ptr = [$ptr];
@@ -579,23 +583,25 @@ class Activity {
 				if (!array_key_exists('type', $t))
 					$t['type'] = 'Hashtag';

-				switch ($t['type']) {
-					case 'Hashtag':
-						$ret[] = ['ttype' => TERM_HASHTAG, 'url' => $t['href'], 'term' => escape_tags((substr($t['name'], 0, 1) === '#') ? substr($t['name'], 1) : $t['name'])];
-						break;
+				if (array_key_exists('href', $t) && array_key_exists('name', $t)) {
+					switch ($t['type']) {
+						case 'Hashtag':
+							$ret[] = ['ttype' => TERM_HASHTAG, 'url' => $t['href'], 'term' => escape_tags((substr($t['name'], 0, 1) === '#') ? substr($t['name'], 1) : $t['name'])];
+							break;

-					case 'Mention':
-						$mention_type = substr($t['name'], 0, 1);
-						if ($mention_type === '!') {
-							$ret[] = ['ttype' => TERM_FORUM, 'url' => $t['href'], 'term' => escape_tags(substr($t['name'], 1))];
-						}
-						else {
-							$ret[] = ['ttype' => TERM_MENTION, 'url' => $t['href'], 'term' => escape_tags((substr($t['name'], 0, 1) === '@') ? substr($t['name'], 1) : $t['name'])];
-						}
-						break;
+						case 'Mention':
+							$mention_type = substr($t['name'], 0, 1);
+							if ($mention_type === '!') {
+								$ret[] = ['ttype' => TERM_FORUM, 'url' => $t['href'], 'term' => escape_tags(substr($t['name'], 1))];
+							}
+							else {
+								$ret[] = ['ttype' => TERM_MENTION, 'url' => $t['href'], 'term' => escape_tags((substr($t['name'], 0, 1) === '@') ? substr($t['name'], 1) : $t['name'])];
+							}
+							break;

-					default:
-						break;
+						default:
+							break;
+					}
 				}
 			}
 		}
@@ -607,7 +613,7 @@ class Activity {

 		$ret = [];

-		if ($item['term']) {
+		if (array_key_exists('term', $item) && is_array($item['term'])) {
 			foreach ($item['term'] as $t) {
 				switch ($t['ttype']) {
 					case TERM_HASHTAG:
@@ -638,11 +644,11 @@ class Activity {

 		$ret = [];

-		if ($item['attach']) {
+		if (array_key_exists('attach', $item)) {
 			$atts = ((is_array($item['attach'])) ? $item['attach'] : json_decode($item['attach'], true));
 			if ($atts) {
 				foreach ($atts as $att) {
-					if (strpos($att['type'], 'image')) {
+					if (isset($att['type']) && strpos($att['type'], 'image')) {
 						$ret[] = ['type' => 'Image', 'url' => $att['href']];
 					}
 					else {
@@ -651,7 +657,7 @@ class Activity {
 				}
 			}
 		}
-		if ($item['iconfig']) {
+		if (array_key_exists('iconfig', $item) && is_array($item['iconfig'])) {
 			foreach ($item['iconfig'] as $att) {
 				if ($att['sharing']) {
 					$value = ((is_string($att['v']) && preg_match('|^a:[0-9]+:{.*}$|s', $att['v'])) ? unserialize($att['v']) : $att['v']);
@@ -695,16 +701,16 @@ class Activity {

 		$ret = [];

-		if ($item['attachment']) {
+		if (array_key_exists('attachment', $item) && is_array($item['attachment'])) {
 			foreach ($item['attachment'] as $att) {
 				$entry = [];
-				if ($att['href'])
+				if (array_key_exists('href', $att))
 					$entry['href'] = $att['href'];
-				elseif ($att['url'])
+				elseif (array_key_exists('url', $att))
 					$entry['href'] = $att['url'];
-				if ($att['mediaType'])
+				if (array_key_exists('mediaType', $att))
 					$entry['type'] = $att['mediaType'];
-				elseif ($att['type'] === 'Image')
+				elseif (array_key_exists('type', $att) && $att['type'] === 'Image')
 					$entry['type'] = 'image/jpeg';
 				if ($entry)
 					$ret[] = $entry;
@@ -719,7 +725,6 @@ class Activity {
 		$ret   = [];
 		$reply = false;

-
 		if ($i['verb'] === ACTIVITY_FRIEND) {
 			// Hubzilla 'make-friend' activity, no direct mapping from AS1 to AS2 - make it a note
 			$ret['obj'] = [];
@@ -977,19 +982,17 @@ class Activity {
 	// Returns an array of URLS for any mention tags found in the item array $i.
 	static function map_mentions($i) {

-		if (!$i['term']) {
-			return [];
-		}
-
 		$list = [];

-		foreach ($i['term'] as $t) {
-			if (!$t['url']) {
-				continue;
-			}
-			if ($t['ttype'] == TERM_MENTION) {
-				$url    = self::lookup_term_url($t['url']);
-				$list[] = (($url) ? $url : $t['url']);
+		if (array_key_exists('term', $i) && is_array($i['term'])) {
+			foreach ($i['term'] as $t) {
+				if (!$t['url']) {
+					continue;
+				}
+				if ($t['ttype'] == TERM_MENTION) {
+					$url    = self::lookup_term_url($t['url']);
+					$list[] = (($url) ? $url : $t['url']);
+				}
 			}
 		}

@@ -1090,18 +1093,7 @@ class Activity {
 			'height'    => 300,
 			'width'     => 300,
 		];
-		$ret['url']     = [
-			[
-				'type'      => 'Link',
-				'mediaType' => 'text/html',
-				'href'      => $p['xchan_url']
-			],
-			[
-				'type'      => 'Link',
-				'mediaType' => 'text/x-zot+json',
-				'href'      => $p['xchan_url']
-			]
-		];
+		$ret['url']     = $p['xchan_url'];

 		$ret['publicKey'] = [
 			'id'           => $p['xchan_url'],
@@ -1122,7 +1114,7 @@ class Activity {

 	static function encode_item_object($item, $elm = 'obj') {
 		$ret = [];
-		
+
 		if ($item[$elm]) {
 			if (! is_array($item[$elm])) {
 				$item[$elm] = json_decode($item[$elm],true);
@@ -1164,6 +1156,7 @@ class Activity {
 			'http://activitystrea.ms/schema/1.0/tag'      => 'Add',
 			'http://activitystrea.ms/schema/1.0/follow'   => 'Follow',
 			'http://activitystrea.ms/schema/1.0/unfollow' => 'Unfollow',
+			'http://activitystrea.ms/schema/1.0/stop-following' => 'Unfollow',
 			'http://purl.org/zot/activity/attendyes'      => 'Accept',
 			'http://purl.org/zot/activity/attendno'       => 'Reject',
 			'http://purl.org/zot/activity/attendmaybe'    => 'TentativeAccept',
@@ -1211,6 +1204,7 @@ class Activity {
 			'http://activitystrea.ms/schema/1.0/tag'      => 'Add',
 			'http://activitystrea.ms/schema/1.0/follow'   => 'Follow',
 			'http://activitystrea.ms/schema/1.0/unfollow' => 'Unfollow',
+			'http://activitystrea.ms/schema/1.0/stop-following' => 'Unfollow',
 			'http://purl.org/zot/activity/attendyes'      => 'Accept',
 			'http://purl.org/zot/activity/attendno'       => 'Reject',
 			'http://purl.org/zot/activity/attendmaybe'    => 'TentativeAccept',
@@ -1328,12 +1322,12 @@ class Activity {
 		 *
 		 */

-		$person_obj = $act->actor;
-
-		if ($act->type === 'Follow') {
+		if (in_array($act->type, [ 'Follow', 'Invite', 'Join'])) {
 			$their_follow_id = $act->id;
 		}

+		$person_obj = (($act->type == 'Invite') ? $act->obj : $act->actor);
+
 		if (is_array($person_obj)) {

 			// store their xchan and hubloc
@@ -1351,9 +1345,8 @@ class Activity {
 			}
 		}

-		$x           = PermissionRoles::role_perms('social');
-		$p           = Permissions::FilledPerms($x['perms_connect']);
-		$their_perms = Permissions::serialise($p);
+		$x = \Zotlabs\Access\PermissionRoles::role_perms('social');
+		$their_perms = \Zotlabs\Access\Permissions::FilledPerms($x['perms_connect']);

 		if ($contact && $contact['abook_id']) {

@@ -1362,18 +1355,18 @@ class Activity {
 			switch ($act->type) {

 				case 'Follow':
+				case 'Invite':
+				case 'Join':

 					// A second Follow request, but we haven't approved the first one
-
 					if ($contact['abook_pending']) {
 						return;
 					}

 					// We've already approved them or followed them first
 					// Send an Accept back to them
-
 					set_abconfig($channel['channel_id'], $person_obj['id'], 'pubcrawl', 'their_follow_id', $their_follow_id);
-					Master::Summon(['Notifier', 'permissions_accept', $contact['abook_id']]);
+					Master::Summon(['Notifier', 'permission_accept', $contact['abook_id']]);
 					return;

 				case 'Accept':
@@ -1427,8 +1420,8 @@ class Activity {
 		}
 		$ret = $r[0];

-		$p         = Permissions::connect_perms($channel['channel_id']);
-		$my_perms  = Permissions::serialise($p['perms']);
+		$p = \Zotlabs\Access\Permissions::connect_perms($channel['channel_id']);
+		$my_perms  = $p['perms'];
 		$automatic = $p['automatic'];

 		$closeness = get_pconfig($channel['channel_id'], 'system', 'new_abook_closeness', 80);
@@ -1448,12 +1441,13 @@ class Activity {
 			]
 		);

-		if ($my_perms)
-			set_abconfig($channel['channel_id'], $ret['xchan_hash'], 'system', 'my_perms', $my_perms);
-
-		if ($their_perms)
-			set_abconfig($channel['channel_id'], $ret['xchan_hash'], 'system', 'their_perms', $their_perms);
+		if($my_perms)
+			foreach($my_perms as $k => $v)
+				set_abconfig($channel['channel_id'],$ret['xchan_hash'],'my_perms',$k,$v);

+		if($their_perms)
+			foreach($their_perms as $k => $v)
+				set_abconfig($channel['channel_id'],$ret['xchan_hash'],'their_perms',$k,$v);

 		if ($r) {
 			logger("New ActivityPub follower for {$channel['channel_name']}");
@@ -1474,9 +1468,9 @@ class Activity {

 				if ($my_perms && $automatic) {
 					// send an Accept for this Follow activity
-					Master::Summon(['Notifier', 'permissions_accept', $new_connection[0]['abook_id']]);
+					Master::Summon(['Notifier', 'permission_accept', $new_connection[0]['abook_id']]);
 					// Send back a Follow notification to them
-					Master::Summon(['Notifier', 'permissions_create', $new_connection[0]['abook_id']]);
+					Master::Summon(['Notifier', 'permission_create', $new_connection[0]['abook_id']]);
 				}

 				$clone = [];
@@ -1539,8 +1533,9 @@ class Activity {

 	static function actor_store($url, $person_obj) {

-		if (!is_array($person_obj))
+		if (!is_array($person_obj)) {
 			return;
+		}

 		$inbox = $person_obj['inbox'];

@@ -1551,11 +1546,14 @@ class Activity {
 		}

 		$name = $person_obj['name'];
-		if (!$name)
+		if (!$name) {
 			$name = $person_obj['preferredUsername'];
-		if (!$name)
+		}
+		if (!$name) {
 			$name = t('Unknown');
+		}

+		$icon = z_root() . '/' . get_default_profile_photo(300);
 		if ($person_obj['icon']) {
 			if (is_array($person_obj['icon'])) {
 				if (array_key_exists('url', $person_obj['icon']))
@@ -1601,13 +1599,13 @@ class Activity {

 		if ($inbox) {
 			$collections['inbox'] = $inbox;
-			if ($person_obj['outbox'])
+			if (array_key_exists('outbox', $person_obj))
 				$collections['outbox'] = $person_obj['outbox'];
-			if ($person_obj['followers'])
+			if (array_key_exists('followers', $person_obj))
 				$collections['followers'] = $person_obj['followers'];
-			if ($person_obj['following'])
+			if (array_key_exists('following', $person_obj))
 				$collections['following'] = $person_obj['following'];
-			if ($person_obj['endpoints'] && $person_obj['endpoints']['sharedInbox'])
+			if (array_key_exists('endpoints', $person_obj) && array_key_exists('sharedInbox', $person_obj['endpoints']))
 				$collections['sharedInbox'] = $person_obj['endpoints']['sharedInbox'];
 		}

@@ -1620,41 +1618,79 @@ class Activity {
 			}
 		}

-		$r = q("select * from xchan where xchan_hash = '%s' limit 1",
+		$m = parse_url($url);
+		if($m) {
+			$hostname = $m['host'];
+			$baseurl = $m['scheme'] . '://' . $m['host'] . (($m['port']) ? ':' . $m['port'] : '');
+			$site_url = $m['scheme'] . '://' . $m['host'];
+		}
+
+		$r = q("select * from xchan join hubloc on xchan_hash = hubloc_hash where xchan_hash = '%s'",
 			dbesc($url)
 		);
-		if (!$r) {
+
+		if($r) {
+			// Record exists. Cache existing records for one week at most
+			// then refetch to catch updated profile photos, names, etc.
+			$d = datetime_convert('UTC', 'UTC', 'now - 3 days');
+			if($r[0]['hubloc_updated'] > $d) {
+				return;
+			}
+
+			q("UPDATE site SET site_update = '%s', site_dead = 0 WHERE site_url = '%s'",
+				dbesc(datetime_convert()),
+				dbesc($site_url)
+			);
+
+			// update existing xchan record
+			q("update xchan set xchan_name = '%s', xchan_guid = '%s', xchan_pubkey = '%s', xchan_network = 'activitypub', xchan_name_date = '%s' where xchan_hash = '%s'",
+				dbesc(escape_tags($name)),
+				dbesc(escape_tags($url)),
+				dbesc(escape_tags($pubkey)),
+				dbescdate(datetime_convert()),
+				dbesc($url)
+			);
+
+			// update existing hubloc record
+			q("update hubloc set hubloc_guid = '%s', hubloc_network = 'activitypub', hubloc_url = '%s', hubloc_host = '%s', hubloc_callback = '%s', hubloc_updated = '%s', hubloc_id_url = '%s' where hubloc_hash = '%s'",
+				dbesc(escape_tags($url)),
+				dbesc(escape_tags($baseurl)),
+				dbesc(escape_tags($hostname)),
+				dbesc(escape_tags($inbox)),
+				dbescdate(datetime_convert()),
+				dbesc(escape_tags($profile)),
+				dbesc($url)
+			);
+		}
+		else {
 			// create a new record

 			xchan_store_lowlevel(
 				[
-					'xchan_hash'      => $url,
-					'xchan_guid'      => $url,
-					'xchan_pubkey'    => $pubkey,
-					'xchan_addr'      => '',
-					'xchan_url'       => $profile,
-					'xchan_name'      => $name,
-					'xchan_name_date' => datetime_convert(),
-					'xchan_network'   => 'activitypub'
+					'xchan_hash'         => escape_tags($url),
+					'xchan_guid'         => escape_tags($url),
+					'xchan_pubkey'       => escape_tags($pubkey),
+					'xchan_addr'         => '',
+					'xchan_url'          => escape_tags($profile),
+					'xchan_name'         => escape_tags($name),
+					'xchan_name_date'    => datetime_convert(),
+					'xchan_network'      => 'activitypub'
 				]
 			);
-		}
-		else {

-			// Record exists. Cache existing records for one week at most
-			// then refetch to catch updated profile photos, names, etc.
-
-			$d = datetime_convert('UTC', 'UTC', 'now - 1 week');
-			if ($r[0]['xchan_name_date'] > $d)
-				return;
-
-			// update existing record
-			q("update xchan set xchan_name = '%s', xchan_pubkey = '%s', xchan_network = '%s', xchan_name_date = '%s' where xchan_hash = '%s'",
-				dbesc($name),
-				dbesc($pubkey),
-				dbesc('activitypub'),
-				dbesc(datetime_convert()),
-				dbesc($url)
+			hubloc_store_lowlevel(
+				[
+					'hubloc_guid'     => escape_tags($url),
+					'hubloc_hash'     => escape_tags($url),
+					'hubloc_addr'     => '',
+					'hubloc_network'  => 'activitypub',
+					'hubloc_url'      => escape_tags($baseurl),
+					'hubloc_host'     => escape_tags($hostname),
+					'hubloc_callback' => escape_tags($inbox),
+					'hubloc_updated'  => datetime_convert(),
+					'hubloc_primary'  => 1,
+					'hubloc_id_url'   => escape_tags($profile)
+				]
 			);
 		}

@@ -1662,43 +1698,6 @@ class Activity {
 			set_xconfig($url, 'activitypub', 'collections', $collections);
 		}

-		$r = q("select * from hubloc where hubloc_hash = '%s' limit 1",
-			dbesc($url)
-		);
-
-		$m = parse_url($url);
-		if ($m) {
-			$hostname = $m['host'];
-			$site_url  = $m['scheme'] . '://' . $m['host'] . (($m['port']) ? ':' . $m['port'] : '');
-		}
-
-		if (!$r) {
-			hubloc_store_lowlevel(
-				[
-					'hubloc_guid'     => $url,
-					'hubloc_hash'     => $url,
-					'hubloc_addr'     => '',
-					'hubloc_network'  => 'activitypub',
-					'hubloc_url'      => $site_url,
-					'hubloc_host'     => $hostname,
-					'hubloc_callback' => $inbox,
-					'hubloc_updated'  => datetime_convert(),
-					'hubloc_primary'  => 1,
-					'hubloc_id_url'   => $profile
-				]
-			);
-		}
-
-		q("UPDATE site SET site_update = '%s', site_dead = 0 WHERE site_url = '%s' AND site_update < %s - INTERVAL %s",
-			dbesc(datetime_convert()),
-			dbesc($site_url),
-			db_utcnow(),
-			db_quoteinterval('1 DAY')
-		);
-
-		if (!$icon)
-			$icon = z_root() . '/' . get_default_profile_photo(300);
-
 		$photos = import_xchan_photo($icon, $url);
 		q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s'",
 			dbescdate(datetime_convert('UTC', 'UTC', $photos[5])),
@@ -1747,14 +1746,9 @@ class Activity {
 	static function create_note($channel, $observer_hash, $act) {

 		$s = [];
-
-		// Mastodon only allows visibility in public timelines if the public inbox is listed in the 'to' field.
-		// They are hidden in the public timeline if the public inbox is listed in the 'cc' field.
-		// This is not part of the activitypub protocol - we might change this to show all public posts in pubstream at some point.
-		$pubstream      = ((is_array($act->obj) && array_key_exists('to', $act->obj) && in_array(ACTIVITY_PUBLIC_INBOX, $act->obj['to'])) ? true : false);
 		$is_sys_channel = is_sys_channel($channel['channel_id']);
-
 		$parent = ((array_key_exists('inReplyTo', $act->obj)) ? urldecode($act->obj['inReplyTo']) : '');
+
 		if ($parent) {

 			$r = q("select * from item where uid = %d and ( mid = '%s' or  mid = '%s' ) limit 1",
@@ -1769,7 +1763,7 @@ class Activity {
 			}

 			if ($r[0]['owner_xchan'] === $channel['channel_hash']) {
-				if (!perm_is_allowed($channel['channel_id'], $observer_hash, 'send_stream') && !($is_sys_channel && $pubstream)) {
+				if (!perm_is_allowed($channel['channel_id'], $observer_hash, 'send_stream') && !$is_sys_channel) {
 					logger('no comment permission.');
 					return;
 				}
@@ -1781,7 +1775,7 @@ class Activity {

 		}
 		else {
-			if (!perm_is_allowed($channel['channel_id'], $observer_hash, 'send_stream') && !($is_sys_channel && $pubstream)) {
+			if (!perm_is_allowed($channel['channel_id'], $observer_hash, 'send_stream') && !$is_sys_channel) {
 				logger('no permission');
 				return;
 			}
@@ -2093,6 +2087,15 @@ class Activity {

 	static function decode_note($act) {

+		// Within our family of projects, Follow/Unfollow of a thread is an internal activity which should not be transmitted,
+		// hence if we receive it - ignore or reject it.
+		// Unfollow is not defined by ActivityStreams, which prefers Undo->Follow.
+		// This may have to be revisited if AP projects start using Follow for objects other than actors.
+
+		if (in_array($act->type, [ 'Follow', 'Unfollow' ])) {
+			return false;
+		}
+
 		$response_activity = false;

 		$s = [];
@@ -2111,22 +2114,22 @@ class Activity {
 		$s['uuid']       = $act->obj['diaspora:guid'];
 		$s['parent_mid'] = $act->parent_id;

-		if ($act->data['published']) {
+		if (array_key_exists('published', $act->data)) {
 			$s['created'] = datetime_convert('UTC', 'UTC', $act->data['published']);
 		}
-		elseif ($act->obj['published']) {
+		elseif (array_key_exists('published', $act->obj)) {
 			$s['created'] = datetime_convert('UTC', 'UTC', $act->obj['published']);
 		}
-		if ($act->data['updated']) {
+		if (array_key_exists('updated', $act->data)) {
 			$s['edited'] = datetime_convert('UTC', 'UTC', $act->data['updated']);
 		}
-		elseif ($act->obj['updated']) {
+		elseif (array_key_exists('updated', $act->obj)) {
 			$s['edited'] = datetime_convert('UTC', 'UTC', $act->obj['updated']);
 		}
-		if ($act->data['expires']) {
+		if (array_key_exists('expires', $act->data)) {
 			$s['expires'] = datetime_convert('UTC', 'UTC', $act->data['expires']);
 		}
-		elseif ($act->obj['expires']) {
+		elseif (array_key_exists('expires', $act->obj)) {
 			$s['expires'] = datetime_convert('UTC', 'UTC', $act->obj['expires']);
 		}

@@ -2186,10 +2189,10 @@ class Activity {
 			}
 		}

-		if (!$s['created'])
+		if (! array_key_exists('created', $s))
 			$s['created'] = datetime_convert();

-		if (!$s['edited'])
+		if (! array_key_exists('edited', $s))
 			$s['edited'] = $s['created'];

 		$s['title']   = (($response_activity) ? EMPTY_STR : self::bb_content($content, 'name'));
@@ -2264,7 +2267,6 @@ class Activity {
 			$s['app'] = escape_tags($generator['name']);
 		}

-
 		if (!$response_activity) {
 			$a = self::decode_taxonomy($act->obj);
 			if ($a) {
@@ -2290,17 +2292,20 @@ class Activity {
 			$s['iconfig'] = $a;
 		}

-		if ($act->obj['type'] === 'Note' && $s['attach']) {
-			$s['body'] .= self::bb_attach($s['attach'], $s['body']);
-		}
+		if (array_key_exists('type', $act->obj)) {

-		if ($act->obj['type'] === 'Question' && in_array($act->type, ['Create', 'Update'])) {
-			if ($act->obj['endTime']) {
-				$s['comments_closed'] = datetime_convert('UTC', 'UTC', $act->obj['endTime']);
+			if ($act->obj['type'] === 'Note' && $s['attach']) {
+				$s['body'] .= self::bb_attach($s['attach'], $s['body']);
+			}
+
+			if ($act->obj['type'] === 'Question' && in_array($act->type, ['Create', 'Update'])) {
+				if (array_key_exists('endTime', $act->obj)) {
+					$s['comments_closed'] = datetime_convert('UTC', 'UTC', $act->obj['endTime']);
+				}
 			}
 		}

-		if ($act->obj['closed']) {
+		if (array_key_exists('closed', $act->obj)) {
 			$s['comments_closed'] = datetime_convert('UTC', 'UTC', $act->obj['closed']);
 		}

@@ -2396,7 +2401,7 @@ class Activity {

 			}

-			if ($act->obj['type'] === 'Image') {
+			if ($act->obj['type'] === 'Image' && strpos($s['body'],'zrl=') === false) {

 				$ptr = null;

@@ -2538,12 +2543,6 @@ class Activity {
 			return;
 		}*/

-		// Mastodon only allows visibility in public timelines if the public inbox is listed in the 'to' field.
-		// They are hidden in the public timeline if the public inbox is listed in the 'cc' field.
-		// This is not part of the activitypub protocol - we might change this to show all public posts in pubstream at some point.
-
-		$pubstream = ((is_array($act->obj) && array_key_exists('to', $act->obj) && in_array(ACTIVITY_PUBLIC_INBOX, $act->obj['to'])) ? true : false);
-
 		// TODO: this his handled in pubcrawl atm.
 		// very unpleasant and imperfect way of determining a Mastodon DM
 		/*if ($act->raw_recips && array_key_exists('to',$act->raw_recips) && is_array($act->raw_recips['to']) && count($act->raw_recips['to']) === 1 && $act->raw_recips['to'][0] === channel_url($channel) && ! $act->raw_recips['cc']) {
@@ -2604,7 +2603,7 @@ class Activity {

 				$allowed = true;
 				// reject public stream comments that weren't sent by the conversation owner
-				if ($is_sys_channel && $pubstream && $item['owner_xchan'] !== $observer_hash && !$fetch_parents) {
+				if ($is_sys_channel && $item['owner_xchan'] !== $observer_hash && !$fetch_parents) {
 					$allowed = false;
 				}
 			}
@@ -2619,7 +2618,7 @@ class Activity {

 			// The $item['item_fetched'] flag is set in fetch_and_store_parents().
 			// In this case we should check against author permissions because sender is not owner.
-			if (perm_is_allowed($channel['channel_id'], (($item['item_fetched']) ? $item['author_xchan'] : $observer_hash), 'send_stream') || ($is_sys_channel && $pubstream)) {
+			if (perm_is_allowed($channel['channel_id'], (($item['item_fetched']) ? $item['author_xchan'] : $observer_hash), 'send_stream') || $is_sys_channel) {
 				$allowed = true;
 			}
 			// TODO: not implemented
@@ -2716,7 +2715,7 @@ class Activity {
 			}
 		}

-		if ($act->obj['conversation']) {
+		if (array_key_exists('conversation', $act->obj)) {
 			set_iconfig($item, 'ostatus', 'conversation', $act->obj['conversation'], 1);
 		}

@@ -2757,7 +2756,7 @@ class Activity {
 					$fetch = false;
 					// TODO: debug
 					// if (perm_is_allowed($channel['channel_id'],$observer_hash,'send_stream') && (PConfig::Get($channel['channel_id'],'system','hyperdrive',true) || $act->type === 'Announce')) {
-					if (perm_is_allowed($channel['channel_id'], $observer_hash, 'send_stream') || ($is_sys_channel && $pubstream)) {
+					if (perm_is_allowed($channel['channel_id'], $observer_hash, 'send_stream') || $is_sys_channel) {
 						$fetch = (($fetch_parents) ? self::fetch_and_store_parents($channel, $observer_hash, $item, $force) : false);
 					}
 					if ($fetch) {
@@ -3066,15 +3065,9 @@ class Activity {
 	static function announce_note($channel, $observer_hash, $act) {

 		$s = [];
-
 		$is_sys_channel = is_sys_channel($channel['channel_id']);

-		// Mastodon only allows visibility in public timelines if the public inbox is listed in the 'to' field.
-		// They are hidden in the public timeline if the public inbox is listed in the 'cc' field.
-		// This is not part of the activitypub protocol - we might change this to show all public posts in pubstream at some point.
-		$pubstream = ((is_array($act->obj) && array_key_exists('to', $act->obj) && in_array(ACTIVITY_PUBLIC_INBOX, $act->obj['to'])) ? true : false);
-
-		if (!perm_is_allowed($channel['channel_id'], $observer_hash, 'send_stream') && !($is_sys_channel && $pubstream)) {
+		if (!perm_is_allowed($channel['channel_id'], $observer_hash, 'send_stream') && !$is_sys_channel) {
 			logger('no permission');
 			return;
 		}
@@ -3369,22 +3362,25 @@ class Activity {
 		require_once('include/event.php');
 		$ret = false;

-		if (is_array($content[$field])) {
-			foreach ($content[$field] as $k => $v) {
-				$ret .= html2bbcode($v);
-				// save this for auto-translate or dynamic filtering
-				// $ret .= '[language=' . $k . ']' . html2bbcode($v) . '[/language]';
-			}
-		}
-		else {
-			if ($field === 'bbcode' && array_key_exists('bbcode', $content)) {
-				$ret = $content[$field];
+		if (array_key_exists($field, $content)) {
+			if (is_array($content[$field])) {
+				foreach ($content[$field] as $k => $v) {
+					$ret .= html2bbcode($v);
+					// save this for auto-translate or dynamic filtering
+					// $ret .= '[language=' . $k . ']' . html2bbcode($v) . '[/language]';
+				}
 			}
 			else {
-				$ret = html2bbcode($content[$field]);
+				if ($field === 'bbcode' && array_key_exists('bbcode', $content)) {
+					$ret = $content[$field];
+				}
+				else {
+					$ret = html2bbcode($content[$field]);
+				}
 			}
 		}
-		if ($field === 'content' && $content['event'] && (!strpos($ret, '[event'))) {
+
+		if ($field === 'content' && array_key_exists('event', $content) && (!strpos($ret, '[event'))) {
 			$ret .= format_event_bbcode($content['event']);
 		}

@@ -3486,7 +3482,7 @@ class Activity {
 	static function find_best_identity($xchan) {

 		if (filter_var($xchan, FILTER_VALIDATE_URL)) {
-			$r = q("select hubloc_hash, hubloc_network from hubloc where hubloc_id_url = '%s' and hubloc_network in ('zot6', 'zot') and hubloc_deleted = 0",
+			$r = q("select hubloc_hash, hubloc_network from hubloc where hubloc_id_url = '%s' and hubloc_network = 'zot6' and hubloc_deleted = 0",
 				dbesc($xchan)
 			);
 			if ($r) {
--- a/Zotlabs/Lib/ActivityStreams.php
+++ b/Zotlabs/Lib/ActivityStreams.php
@@ -304,11 +304,12 @@ class ActivityStreams {
 			// SECURITY: If we have already stored the actor profile, re-generate it
 			// from cached data - don't refetch it from the network

-			$r = q("select * from xchan left join hubloc on xchan_hash = hubloc_hash where hubloc_id_url = '%s' limit 1",
+			$r = q("select * from xchan join hubloc on xchan_hash = hubloc_hash where hubloc_id_url = '%s'",
 				dbesc($x)
 			);
 			if ($r) {
-				$y           = Activity::encode_person($r[0]);
+				$r = Libzot::zot_record_preferred($r);
+				$y = Activity::encode_person($r);
 				$y['cached'] = true;
 				return $y;
 			}
--- a/Zotlabs/Lib/Apps.php
+++ b/Zotlabs/Lib/Apps.php
@@ -76,7 +76,8 @@ class Apps {
 			'Directory',
 			'Search',
 			'Help',
-			'Profile Photo'
+			'Profile Photo',
+			'HQ'
 		]);

 		/**
@@ -374,7 +375,7 @@ class Apps {
 			'Permission Categories' => t('Permission Categories'),
 			'Public Stream' => t('Public Stream'),
 			'My Chatrooms' => t('My Chatrooms'),
-			'Channel Export' => t('Channel Export')
+			'Channel Export' => t('Channel Export'),
 		);

 		if(array_key_exists('name',$arr)) {
@@ -524,7 +525,7 @@ class Apps {
 		}
 		elseif(remote_channel()) {
 			$observer = \App::get_observer();
-			if($observer && in_array($observer['xchan_network'], ['zot6', 'zot'])) {
+			if($observer && $observer['xchan_network'] === 'zot6') {
 				// some folks might have xchan_url redirected offsite, use the connurl
 				$x = parse_url($observer['xchan_connurl']);
 				if($x) {
@@ -551,7 +552,7 @@ class Apps {
 			'$app' => $papp,
 			'$icon' => $icon,
 			'$hosturl' => $hosturl,
-			'$purchase' => (($papp['page'] && (! $installed)) ? t('Purchase') : ''),
+			'$purchase' => ((isset($papp['page']) && (! $installed)) ? t('Purchase') : ''),
 			'$installed' => $installed,
 			'$action_label' => (($hosturl && in_array($mode, ['view','install'])) ? $install_action : ''),
 			'$edit' => ((local_channel() && $installed && $mode == 'edit') ? t('Edit') : ''),
@@ -559,8 +560,8 @@ class Apps {
 			'$undelete' => ((local_channel() && $mode == 'edit') ? t('Undelete') : ''),
 			'$settings_url' => ((local_channel() && $installed && $mode == 'list') ? $papp['settings_url'] : ''),
 			'$deleted' => $papp['deleted'],
-			'$feature' => (($papp['embed'] || $mode == 'edit') ? false : true),
-			'$pin' => (($papp['embed'] || $mode == 'edit') ? false : true),
+			'$feature' => ((isset($papp['embed']) || $mode == 'edit') ? false : true),
+			'$pin' => ((isset($papp['embed']) || $mode == 'edit') ? false : true),
 			'$featured' => ((strpos($papp['categories'], 'nav_featured_app') === false) ? false : true),
 			'$pinned' => ((strpos($papp['categories'], 'nav_pinned_app') === false) ? false : true),
 			'$navapps' => (($mode == 'nav') ? true : false),
@@ -1276,58 +1277,58 @@ class Apps {

 		$ret['type'] = 'personal';

-		if($app['app_id'])
+		if(!empty($app['app_id']))
 			$ret['guid'] = $app['app_id'];

-		if($app['app_sig'])
+		if(!empty($app['app_sig']))
 			$ret['sig'] = $app['app_sig'];

-		if($app['app_author'])
+		if(!empty($app['app_author']))
 			$ret['author'] = $app['app_author'];

-		if($app['app_name'])
+		if(!empty($app['app_name']))
 			$ret['name'] = $app['app_name'];

-		if($app['app_desc'])
+		if(!empty($app['app_desc']))
 			$ret['desc'] = $app['app_desc'];

-		if($app['app_url'])
+		if(!empty($app['app_url']))
 			$ret['url'] = $app['app_url'];

-		if($app['app_photo'])
+		if(!empty($app['app_photo']))
 			$ret['photo'] = $app['app_photo'];

-		if($app['app_icon'])
+		if(!empty($app['app_icon']))
 			$ret['icon'] = $app['app_icon'];

-		if($app['app_version'])
+		if(!empty($app['app_version']))
 			$ret['version'] = $app['app_version'];

-		if($app['app_addr'])
+		if(!empty($app['app_addr']))
 			$ret['addr'] = $app['app_addr'];

-		if($app['app_price'])
+		if(!empty($app['app_price']))
 			$ret['price'] = $app['app_price'];

-		if($app['app_page'])
+		if(!empty($app['app_page']))
 			$ret['page'] = $app['app_page'];

-		if($app['app_requires'])
+		if(!empty($app['app_requires']))
 			$ret['requires'] = $app['app_requires'];

-		if($app['app_system'])
+		if(!empty($app['app_system']))
 			$ret['system'] = $app['app_system'];

-		if($app['app_options'])
+		if(!empty($app['app_options']))
 			$ret['options'] = $app['app_options'];

-		if($app['app_plugin'])
+		if(!empty($app['app_plugin']))
 			$ret['plugin'] = trim($app['app_plugin']);

-		if($app['app_deleted'])
+		if(!empty($app['app_deleted']))
 			$ret['deleted'] = $app['app_deleted'];

-		if($app['term']) {
+		if(!empty($app['term']) && is_array($app['term'])) {
 			$s = '';
 			foreach($app['term'] as $t) {
 				if($s)
--- a/Zotlabs/Lib/Connect.php
+++ b/Zotlabs/Lib/Connect.php
@@ -146,7 +146,7 @@ class Connect {

 		}

-		$allowed = ((in_array($xchan['xchan_network'],['rss','zot','zot6'])) ? 1 : 0);
+		$allowed = ((in_array($xchan['xchan_network'],['rss', 'zot6'])) ? 1 : 0);

 		$hookdata = ['channel_id' => $uid, 'follow_address' => $url, 'xchan' => $xchan, 'allowed' => $allowed, 'singleton' => 0];
 		call_hooks('follow_allow',$hookdata);
@@ -207,13 +207,13 @@ class Connect {
 		}

 		$my_perms = $p['perms'];
-		
+
 		$profile_assign = get_pconfig($uid,'system','profile_assign','');


 		// See if we are already connected by virtue of having an abook record

-		$r = q("select abook_id, abook_xchan, abook_pending, abook_instance from abook 
+		$r = q("select abook_id, abook_xchan, abook_pending, abook_instance from abook
 			where abook_xchan = '%s' and abook_channel = %d limit 1",
 			dbesc($xchan_hash),
 			intval($uid)
@@ -282,7 +282,7 @@ class Connect {

 		// fetch the entire record

-		$r = q("select abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash 
+		$r = q("select abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash
 			where abook_xchan = '%s' and abook_channel = %d limit 1",
 			dbesc($xchan_hash),
 			intval($uid)
--- a/Zotlabs/Lib/DReport.php
+++ b/Zotlabs/Lib/DReport.php
@@ -87,8 +87,7 @@ class DReport {

 		// Is the sender one of our channels?

-		$c = q("select channel_id from channel where channel_hash = '%s' or channel_portable_id = '%s' limit 1",
-			dbesc($dr['sender']),
+		$c = q("select channel_id from channel where channel_hash = '%s' limit 1",
 			dbesc($dr['sender'])
 		);

--- a/Zotlabs/Lib/Enotify.php
+++ b/Zotlabs/Lib/Enotify.php
@@ -69,24 +69,24 @@ class Enotify {
 		$sender_name = $product;
 		$hostname = \App::get_hostname();
 		if(strpos($hostname,':'))
-			$hostname = substr($hostname,0,strpos($hostname,':'));
+			$hostname = substr($hostname, 0, strpos($hostname,':'));

 		// Do not translate 'noreply' as it must be a legal 7-bit email address

-		$reply_email = get_config('system','reply_address');
+		$reply_email = get_config('system', 'reply_address');
 		if(! $reply_email)
 			$reply_email = 'noreply' . '@' . $hostname;

-		$sender_email = get_config('system','from_email');
+		$sender_email = get_config('system', 'from_email');
 		if(! $sender_email)
 			$sender_email = 'Administrator' . '@' . $hostname;

-		$sender_name = get_config('system','from_email_name');
+		$sender_name = get_config('system', 'from_email_name');
 		if(! $sender_name)
 			$sender_name = \Zotlabs\Lib\System::get_site_name();


-		$additional_mail_header = "";
+		$additional_mail_header = '';

 		if(array_key_exists('item', $params)) {
 			require_once('include/conversation.php');
@@ -114,27 +114,28 @@ class Enotify {
 		}


-	$always_show_in_notices = get_pconfig($recip['channel_id'],'system','always_show_in_notices');
-	$vnotify = get_pconfig($recip['channel_id'],'system','vnotify');
+	$always_show_in_notices = get_pconfig($recip['channel_id'], 'system', 'always_show_in_notices');
+	$vnotify = get_pconfig($recip['channel_id'], 'system', 'vnotify');

 	$salutation = $recip['channel_name'];

 	// e.g. "your post", "David's photo", etc.
 	$possess_desc = t('%s <!item_type!>');

+// @@TODO: consider using switch instead of those elseif
 	if ($params['type'] == NOTIFY_MAIL) {
 		logger('notification: mail');
-		$subject = 	sprintf( t('[$Projectname:Notify] New mail received at %s'),$sitename);
+		$subject = 	sprintf( t('[$Projectname:Notify] New direct message received at %s'), $sitename);

-		$preamble = sprintf( t('%1$s sent you a new private message at %2$s.'), $sender['xchan_name'],$sitename);
-		$epreamble = sprintf( t('%1$s sent you %2$s.'),'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]', '[zrl=$itemlink]' . t('a private message') . '[/zrl]');
-		$sitelink = t('Please visit %s to view and/or reply to your private messages.');
-		$tsitelink = sprintf( $sitelink, $siteurl . '/mail/' . $params['item']['id'] );
-		$hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '/mail/' . $params['item']['id'] . '">' . $sitename . '</a>');
-		$itemlink = $siteurl . '/mail/' . $params['item']['id'];
+		$preamble = sprintf( t('%1$s sent you a new direct message at %2$s.'), $sender['xchan_name'], $sitename);
+		$epreamble = sprintf( t('%1$s sent you %2$s.'), '[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]', '[zrl=$itemlink]' . t('a direct message') . '[/zrl]');
+		$sitelink = t('Please visit %s to view and/or reply to your direct messages.');
+		$tsitelink = sprintf( $sitelink, $siteurl . '/hq/' . gen_link_id($params['item']['mid']));
+		$hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '/hq/' . gen_link_id($params['item']['mid']) . '">' . $sitename . '</a>');
+		$itemlink = $siteurl . '/hq/' . gen_link_id($params['item']['mid']);
 	}

-	if ($params['type'] == NOTIFY_COMMENT) {
+	elseif ($params['type'] === NOTIFY_COMMENT) {
 		//logger("notification: params = " . print_r($params, true), LOGGER_DEBUG);

 		$moderated = (($params['item']['item_blocked'] == ITEM_MODERATED) ? true : false);
@@ -171,7 +172,6 @@ class Enotify {
 		// Check to see if there was already a notify for this post.
 		// If so don't create a second notification

-		$p = null;
 		$p = q("select id from notify where link = '%s' and uid = %d limit 1",
 			dbesc($params['link']),
 			intval($recip['channel_id'])
@@ -196,6 +196,7 @@ class Enotify {

 		xchan_query($p);

+//@@FIXME $p can be null (line 188)
 		$item_post_type = item_post_type($p[0]);
 //		$private = $p[0]['item_private'];
 		$parent_id = $p[0]['id'];
@@ -250,7 +251,7 @@ class Enotify {

 	}

-	if ($params['type'] == NOTIFY_LIKE) {
+	elseif ($params['type'] === NOTIFY_LIKE) {
 //		logger("notification: params = " . print_r($params, true), LOGGER_DEBUG);

 		$itemlink =  $params['link'];
@@ -268,7 +269,6 @@ class Enotify {
 		// Check to see if there was already a notify for this post.
 		// If so don't create a second notification

-		$p = null;
 		$p = q("select id from notify where link = '%s' and uid = %d limit 1",
 			dbesc($params['link']),
 			intval($recip['channel_id'])
@@ -293,7 +293,7 @@ class Enotify {

 		xchan_query($p);

-
+//@@FIXME $p can be null (line 285)
 		$item_post_type = item_post_type($p[0]);
 //		$private = $p[0]['item_private'];
 		$parent_id = $p[0]['id'];
@@ -302,7 +302,7 @@ class Enotify {


 		// "your post"
-		if($p[0]['owner']['xchan_name'] == $p[0]['author']['xchan_name'] && intval($p[0]['item_wall']))
+		if($p[0]['owner']['xchan_name'] === $p[0]['author']['xchan_name'] && intval($p[0]['item_wall']))
 			$dest_str = sprintf(t('%1$s liked [zrl=%2$s]your %3$s[/zrl]'),
 				'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
 				$itemlink,
@@ -328,7 +328,7 @@ class Enotify {



-	if($params['type'] == NOTIFY_WALL) {
+	elseif($params['type'] === NOTIFY_WALL) {
 		$subject = sprintf( t('[$Projectname:Notify] %s posted to your profile wall') , $sender['xchan_name']);

 		$preamble = sprintf( t('%1$s posted to your profile wall at %2$s') , $sender['xchan_name'], $sitename);
@@ -343,9 +343,8 @@ class Enotify {
 		$itemlink =  $params['link'];
 	}

-	if ($params['type'] == NOTIFY_TAGSELF) {
+	elseif ($params['type'] === NOTIFY_TAGSELF) {

-		$p = null;
 		$p = q("select id from notify where link = '%s' and uid = %d limit 1",
 			dbesc($params['link']),
 			intval($recip['channel_id'])
@@ -368,7 +367,7 @@ class Enotify {
 		$itemlink =  $params['link'];
 	}

-	if ($params['type'] == NOTIFY_POKE) {
+	elseif ($params['type'] === NOTIFY_POKE) {
 		$subject =	sprintf( t('[$Projectname:Notify] %1$s poked you') , $sender['xchan_name']);
 		$preamble = sprintf( t('%1$s poked you at %2$s') , $sender['xchan_name'], $sitename);
 		$epreamble = sprintf( t('%1$s [zrl=%2$s]poked you[/zrl].') ,
@@ -385,7 +384,7 @@ class Enotify {
 		$itemlink =  $params['link'];
 	}

-	if ($params['type'] == NOTIFY_TAGSHARE) {
+	elseif ($params['type'] === NOTIFY_TAGSHARE) {
 		$subject =	sprintf( t('[$Projectname:Notify] %s tagged your post') , $sender['xchan_name']);
 		$preamble = sprintf( t('%1$s tagged your post at %2$s'),$sender['xchan_name'], $sitename);
 		$epreamble = sprintf( t('%1$s tagged [zrl=%2$s]your post[/zrl]') ,
@@ -398,7 +397,7 @@ class Enotify {
 		$itemlink =  $params['link'];
 	}

-	if ($params['type'] == NOTIFY_INTRO) {
+	elseif ($params['type'] === NOTIFY_INTRO) {
 		$subject = sprintf( t('[$Projectname:Notify] Introduction received'));
 		$preamble = sprintf( t('You\'ve received an new connection request from \'%1$s\' at %2$s'), $sender['xchan_name'], $sitename);
 		$epreamble = sprintf( t('You\'ve received [zrl=%1$s]a new connection request[/zrl] from %2$s.'),
@@ -412,7 +411,7 @@ class Enotify {
 		$itemlink = $params['link'];
 	}

-	if ($params['type'] == NOTIFY_SUGGEST) {
+	elseif ($params['type'] === NOTIFY_SUGGEST) {
 		$subject = sprintf( t('[$Projectname:Notify] Friend suggestion received'));
 		$preamble = sprintf( t('You\'ve received a friend suggestion from \'%1$s\' at %2$s'), $sender['xchan_name'], $sitename);
 		$epreamble = sprintf( t('You\'ve received [zrl=%1$s]a friend suggestion[/zrl] for %2$s from %3$s.'),
@@ -430,11 +429,11 @@ class Enotify {
 		$itemlink =  $params['link'];
 	}

-	if ($params['type'] == NOTIFY_CONFIRM) {
+	elseif ($params['type'] === NOTIFY_CONFIRM) {
 		// ?
 	}

-	if ($params['type'] == NOTIFY_SYSTEM) {
+	elseif ($params['type'] === NOTIFY_SYSTEM) {
 		// ?
 	}

@@ -477,7 +476,7 @@ class Enotify {
 	} while ($dups === true);


-	$datarray = array();
+	$datarray = [];
 	$datarray['hash']   = $hash;
 	$datarray['sender_hash'] = $sender['xchan_hash'];
 	$datarray['xname']   = $sender['xchan_name'];
@@ -514,7 +513,7 @@ class Enotify {
 	// (probably would be better that way)

 	if (!$always_show_in_notices) {
-		if (($params['type'] == NOTIFY_WALL) || ($params['type'] == NOTIFY_MAIL) || ($params['type'] == NOTIFY_INTRO)) {
+		if (($params['type'] === NOTIFY_WALL) || ($params['type'] === NOTIFY_MAIL) || ($params['type'] === NOTIFY_INTRO)) {
 			$seen = 1;
 		}
 	}
@@ -550,12 +549,12 @@ class Enotify {
 	}

 	$itemlink = z_root() . '/notify/view/' . $notify_id;
-	$msg = str_replace('$itemlink',$itemlink,$epreamble);
+	$msg = str_replace('$itemlink', $itemlink, $epreamble);

 	// wretched hack, but we don't want to duplicate all the preamble variations and we also don't want to screw up a translation

 	if ((\App::$language === 'en' || (! \App::$language)) && strpos($msg,', '))
-		$msg = substr($msg,strpos($msg,', ')+1);
+		$msg = substr($msg, strpos($msg,', ')+1);

 	$datarray['id'] = $notify_id;
 	$datarray['msg'] = $msg;
@@ -575,7 +574,7 @@ class Enotify {

 		logger('notification: sending notification email');

-		$hn = get_pconfig($recip['channel_id'],'system','email_notify_host');
+		$hn = get_pconfig($recip['channel_id'], 'system', 'email_notify_host');
 		if($hn && (! stristr(\App::get_hostname(),$hn))) {
 			// this isn't the email notification host
 			pop_lang();
@@ -584,7 +583,7 @@ class Enotify {

 		$textversion = strip_tags(html_entity_decode(bbcode(stripslashes(str_replace(array("\\r", "\\n"), array( "", "\n"), $body))),ENT_QUOTES,'UTF-8'));

-		$htmlversion = bbcode(stripslashes(str_replace(array("\\r","\\n"), array("","<br />\n"),$body)));
+		$htmlversion = bbcode(stripslashes(str_replace(array("\\r","\\n"), array('',"<br />\n"),$body)));


 		// use $_SESSION['zid_override'] to force zid() to use
@@ -601,7 +600,7 @@ class Enotify {
 		unset($_SESSION['zid_override']);
 		unset($_SESSION['zrl_override']);

-		$datarray = array();
+		$datarray = [];
 		$datarray['banner']       = $banner;
 		$datarray['product']      = $product;
 		$datarray['preamble']     = $preamble;
@@ -758,9 +757,9 @@ class Enotify {
 		$messageSubject = email_header_encode(html_entity_decode($params['messageSubject'],ENT_QUOTES,'UTF-8'),'UTF-8');

 		// generate a mime boundary
-		$mimeBoundary = rand(0, 9) . "-"
-				.rand(100000000, 999999999) . "-"
-				.rand(100000000, 999999999) . "=:"
+		$mimeBoundary = rand(0, 9) . '-'
+				.rand(100000000, 999999999) . '-'
+				.rand(100000000, 999999999) . '=:'
 				.rand(10000, 99999);

 		// generate a multipart/alternative message header
@@ -768,7 +767,7 @@ class Enotify {
 			$params['additionalMailHeader'] .
 			"From: $fromName <{$params['fromEmail']}>" . PHP_EOL .
 			"Reply-To: $fromName <{$params['replyTo']}>" . PHP_EOL .
-			"MIME-Version: 1.0" . PHP_EOL .
+			'MIME-Version: 1.0' . PHP_EOL .
 			"Content-Type: multipart/alternative; boundary=\"{$mimeBoundary}\"";

 		// assemble the final multipart message body with the text and html types included
@@ -776,15 +775,15 @@ class Enotify {
 		$htmlBody = chunk_split(base64_encode($params['htmlVersion']));

 		$multipartMessageBody =
-			"--" . $mimeBoundary . PHP_EOL .					// plain text section
-			"Content-Type: text/plain; charset=UTF-8" . PHP_EOL .
-			"Content-Transfer-Encoding: base64" . PHP_EOL . PHP_EOL .
+			'--' . $mimeBoundary . PHP_EOL .					// plain text section
+			'Content-Type: text/plain; charset=UTF-8' . PHP_EOL .
+			'Content-Transfer-Encoding: base64' . PHP_EOL . PHP_EOL .
 			$textBody . PHP_EOL .
-			"--" . $mimeBoundary . PHP_EOL .					// text/html section
-			"Content-Type: text/html; charset=UTF-8" . PHP_EOL .
-			"Content-Transfer-Encoding: base64" . PHP_EOL . PHP_EOL .
+			'--' . $mimeBoundary . PHP_EOL .					// text/html section
+			'Content-Type: text/html; charset=UTF-8' . PHP_EOL .
+			'Content-Transfer-Encoding: base64' . PHP_EOL . PHP_EOL .
 			$htmlBody . PHP_EOL .
-			"--" . $mimeBoundary . "--" . PHP_EOL;					// message ending
+			'--' . $mimeBoundary . '--' . PHP_EOL;					// message ending

 		// send the message
 		$res = mail(
@@ -793,7 +792,7 @@ class Enotify {
 			$multipartMessageBody,							// message body
 			$messageHeader									// message headers
 		);
-		logger("notification: enotify::send returns " . (($res) ? 'success' : 'failure'), LOGGER_DEBUG);
+		logger('notification: enotify::send returns ' . (($res) ? 'success' : 'failure'), LOGGER_DEBUG);
 		return $res;
 	}

@@ -833,13 +832,12 @@ class Enotify {
 		$edit = false;

 		if($item['edited'] > $item['created']) {
+			$edit = true;
 			if($item['item_thread_top']) {
 				$itemem_text = sprintf( t('edited a post dated %s'), relative_date($item['created']));
-				$edit = true;
 			}
 			else {
 				$itemem_text = sprintf( t('edited a comment dated %s'), relative_date($item['created']));
-				$edit = true;
 			}
 		}

@@ -860,14 +858,14 @@ class Enotify {
 			//'b64mid' => ((in_array($item['verb'], [ACTIVITY_LIKE, ACTIVITY_DISLIKE])) ? 'b64.' . base64url_encode($item['thr_parent']) : 'b64.' . base64url_encode($item['mid'])),
 			'thread_top' => (($item['item_thread_top']) ? true : false),
 			'message' => bbcode(escape_tags($itemem_text)),
-			'body' =>  htmlentities(html2plain(bbcode($item['body']), 75, true), ENT_QUOTES, 'UTF-8', false),
+			'body' =>  htmlentities(html2plain(bbcode($item['body'], ['drop_media', true]), 75, true), ENT_QUOTES, 'UTF-8', false),
 			// these are for the superblock addon
 			'hash' => $item[$who]['xchan_hash'],
 			'uid' => $item['uid'],
 			'display' => true
 		);

-		call_hooks('enotify_format',$x);
+		call_hooks('enotify_format', $x);
 		if(! $x['display']) {
 			return [];
 		}
@@ -886,7 +884,7 @@ class Enotify {

 		$b64mid = ((strpos($mid, 'b64.') === 0) ? $mid : 'b64.' . base64url_encode($mid));
 		$x = [
-			'notify_link' => z_root() . '/notify/view/' . $tt['id'],
+			'notify_link' => (($tt['ntype'] === NOTIFY_MAIL) ? $tt['link'] : z_root() . '/notify/view/' . $tt['id']),
 			'name' => $tt['xname'],
 			'url' => $tt['url'],
 			'photo' => $tt['photo'],
@@ -903,7 +901,7 @@ class Enotify {

 	static public function format_intros($rr) {

-		$x = [
+		return [
 			'notify_link' => z_root() . '/connections/ifpending',
 			'name' => $rr['xchan_name'],
 			'addr' => $rr['xchan_addr'],
@@ -912,15 +910,13 @@ class Enotify {
 			'when' => datetime_convert('UTC', date_default_timezone_get(), $rr['abook_created']),
 			'hclass' => ('notify-unseen'),
 			'message' => t('added your channel')
-		];
-
-		return $x;
+		];		

 	}

 	static public function format_files($rr) {

-		$x = [
+		return [
 			'notify_link' => z_root() . '/sharedwithme',
 			'name' => $rr['author']['xchan_name'],
 			'addr' => $rr['author']['xchan_addr'],
@@ -931,13 +927,11 @@ class Enotify {
 			'message' => t('shared a file with you')
 		];

-		return $x;
-
 	}

 	static public function format_mail($rr) {

-		$x = [
+		return [
 			'notify_link' => z_root() . '/mail/' . $rr['id'],
 			'name' => $rr['xchan_name'],
 			'addr' => $rr['xchan_addr'],
@@ -945,11 +939,9 @@ class Enotify {
 			'photo' => $rr['xchan_photo_s'],
 			'when' => datetime_convert('UTC', date_default_timezone_get(), $rr['created']),
 			'hclass' => (intval($rr['mail_seen']) ? 'notify-seen' : 'notify-unseen'),
-			'message' => t('sent you a private message'),
+			'message' => t('sent you a direct message'),
 		];

-		return $x;
-
 	}

 	static public function format_all_events($rr) {
@@ -959,7 +951,7 @@ class Enotify {
 		$today = ((substr($strt, 0, 10) === datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y-m-d')) ? true : false);
 		$when = day_translate(datetime_convert('UTC', (($rr['adjust']) ? date_default_timezone_get() : 'UTC'), $rr['dtstart'], $bd_format)) . (($today) ?  ' ' . t('[today]') : '');

-		$x = [
+		return [
 			'notify_link' => z_root() . '/cdav/calendar/' . $rr['event_hash'],
 			'name'        => $rr['xchan_name'],
 			'addr'        => $rr['xchan_addr'],
@@ -970,23 +962,20 @@ class Enotify {
 			'message'     => t('created an event')
 		];

-		return $x;

 	}

 	static public function format_register($rr) {

-		$x = [
+		return [
 			'notify_link' => z_root() . '/admin/accounts',
-			'name' => $rr['account_email'],
-			//'addr' => $rr['account_email'],
+			'name' => $rr['reg_did2'],
+			//'addr' => '',
 			'photo' => z_root() . '/' . get_default_profile_photo(48),
-			'when' => datetime_convert('UTC', date_default_timezone_get(),$rr['account_created']),
+			'when' => datetime_convert('UTC', date_default_timezone_get(),$rr['reg_created']),
 			'hclass' => ('notify-unseen'),
-			'message' => t('requires approval')
+			'message' => t('status verified')
 		];

-		return $x;
-
 	}
 }
--- a/Zotlabs/Lib/Libsync.php
+++ b/Zotlabs/Lib/Libsync.php
@@ -255,9 +255,6 @@ class Libsync {
 			if (array_key_exists('chatroom', $arr) && $arr['chatroom'])
 				sync_chatrooms($channel, $arr['chatroom']);

-			if (array_key_exists('conv', $arr) && $arr['conv'])
-				import_conv($channel, $arr['conv']);
-
 			if (array_key_exists('mail', $arr) && $arr['mail'])
 				sync_mail($channel, $arr['mail']);

@@ -716,6 +713,9 @@ class Libsync {
 				dbesc($sender['hash'])
 			);

+			if(!$xisting)
+				$xisting = [];
+
 			// See if a primary is specified

 			$has_primary = false;
@@ -781,7 +781,7 @@ class Libsync {
 					$t = datetime_convert('UTC', 'UTC', 'now - 15 minutes');

 					if (array_key_exists('site', $arr) && $location['url'] == $arr['site']['url']) {
-						q("update hubloc set hubloc_connected = '%s', hubloc_updated = '%s' where hubloc_id = %d and hubloc_connected < '%s'",
+						q("update hubloc set hubloc_connected = '%s', hubloc_updated = '%s' where hubloc_id = %d and hubloc_updated < '%s'",
 							dbesc(datetime_convert()),
 							dbesc(datetime_convert()),
 							intval($r[0]['hubloc_id']),
--- a/Zotlabs/Lib/Libzot.php
+++ b/Zotlabs/Lib/Libzot.php
@@ -299,7 +299,6 @@ class Libzot {
 		}

 		$record = Zotfinger::exec($url, $channel);
-
 		// Check the HTTP signature

 		$hsig = $record['signature'];
@@ -1143,6 +1142,7 @@ class Libzot {
 		}


+
 		$deliveries = null;

 		if (array_key_exists('recipients', $env) && count($env['recipients'])) {
@@ -1271,10 +1271,6 @@ class Libzot {

 				if ($AS->data['signed_data']) {
 					IConfig::Set($arr, 'activitypub', 'signed_data', $AS->data['signed_data'], false);
-					$j = json_decode($AS->data['signed_data'], true);
-					if ($j) {
-						IConfig::Set($arr, 'activitypub', 'rawmsg', json_encode(JSalmon::unpack($j['data'])), true);
-					}
 				}

 				logger('Activity received: ' . print_r($arr, true), LOGGER_DATA, LOG_DEBUG);
@@ -1378,8 +1374,6 @@ class Libzot {
 				$check_mentions = true;
 			}
 		}
-		elseif ($msg['type'] === 'mail')
-			$perm = 'post_mail';

 		$r = [];

@@ -2211,90 +2205,6 @@ class Libzot {
 		return $post_id;
 	}

-	static function process_mail_delivery($sender, $arr, $deliveries) {
-
-		$result = [];
-
-		if ($sender != $arr['from_xchan']) {
-			logger('process_mail_delivery: sender is not mail author');
-			return;
-		}
-
-		foreach ($deliveries as $d) {
-
-			$DR = new DReport(z_root(), $sender, $d, $arr['mid']);
-
-			$r = q("select * from channel where channel_hash = '%s' limit 1",
-				dbesc($d['hash'])
-			);
-
-			if (!$r) {
-				$DR->update('recipient not found');
-				$result[] = $DR->get();
-				continue;
-			}
-
-			$channel = $r[0];
-			$DR->set_name($channel['channel_name'] . ' <' . channel_reddress($channel) . '>');
-
-
-			if (!perm_is_allowed($channel['channel_id'], $sender, 'post_mail')) {
-
-				/*
-				 * Always allow somebody to reply if you initiated the conversation. It's anti-social
-				 * and a bit rude to send a private message to somebody and block their ability to respond.
-				 * If you are being harrassed and want to put an end to it, delete the conversation.
-				 */
-
-				$return = false;
-				if ($arr['parent_mid']) {
-					$return = q("select * from mail where mid = '%s' and channel_id = %d limit 1",
-						dbesc($arr['parent_mid']),
-						intval($channel['channel_id'])
-					);
-				}
-				if (!$return) {
-					logger("permission denied for mail delivery {$channel['channel_id']}");
-					$DR->update('permission denied');
-					$result[] = $DR->get();
-					continue;
-				}
-			}
-
-
-			$r = q("select id from mail where mid = '%s' and channel_id = %d limit 1",
-				dbesc($arr['mid']),
-				intval($channel['channel_id'])
-			);
-			if ($r) {
-				if (intval($arr['mail_recalled'])) {
-					$x = q("delete from mail where id = %d and channel_id = %d",
-						intval($r[0]['id']),
-						intval($channel['channel_id'])
-					);
-					$DR->update('mail recalled');
-					$result[] = $DR->get();
-					logger('mail_recalled');
-				}
-				else {
-					$DR->update('duplicate mail received');
-					$result[] = $DR->get();
-					logger('duplicate mail received');
-				}
-				continue;
-			}
-			else {
-				$arr['account_id'] = $channel['channel_account_id'];
-				$arr['channel_id'] = $channel['channel_id'];
-				$item_id           = mail_store($arr);
-				$DR->update('mail delivered');
-				$result[] = $DR->get();
-			}
-		}
-
-		return $result;
-	}
-

 	/**
 	 * @brief Processes delivery of profile.
@@ -2665,8 +2575,8 @@ class Libzot {
 		// we may only end up with one; which results in posts with no author name or photo and are a bit
 		// of a hassle to repair. If either or both are missing, do a full discovery probe.

-		if (!array_key_exists('id', $x)) {
-			return import_author_activitypub($x);
+		if(!isset($x['id']) && !isset($x['key']) && !isset($x['id_sig'])) {
+			return false;
 		}

 		$hash = self::make_xchan_hash($x['id'], $x['key']);
@@ -2925,7 +2835,19 @@ class Libzot {
 		];

 		$ret['channel_role']  = get_pconfig($e['channel_id'], 'system', 'permissions_role', 'custom');
-		$ret['protocols']     = ['zot6', 'zot'];
+
+		$hookinfo = [
+			'channel_id' => $id,
+			'protocols' => ['zot6']
+		];
+		/**
+		 * @hooks channel_protocols
+		 *   * \e int \b channel_id
+		 *   * \e array \b protocols
+		 */
+		call_hooks('channel_protocols', $hookinfo);
+
+		$ret['protocols']     = $hookinfo['protocols'];
 		$ret['searchable']    = $searchable;
 		$ret['adult_content'] = $adult_channel;
 		$ret['public_forum']  = $public_forum;
@@ -3220,11 +3142,6 @@ class Libzot {
 				return $v;
 			}
 		}
-		foreach ($arr as $v) {
-			if ($v[$check] === 'zot') {
-				return $v;
-			}
-		}

 		return $arr[0];

--- a/Zotlabs/Lib/Libzotdir.php
+++ b/Zotlabs/Lib/Libzotdir.php
@@ -207,8 +207,6 @@ class Libzotdir {
 			);
 		}

-
-
 		// If there are no directory servers, setup the fallback master
 		/** @FIXME What to do if we're in a different realm? */

@@ -249,11 +247,12 @@ class Libzotdir {

 			$syncdate = (($rr['site_sync'] <= NULL_DATE) ? datetime_convert('UTC','UTC','now - 2 days') : $rr['site_sync']);
 			$x = z_fetch_url($rr['site_directory'] . '?f=&sync=' . urlencode($syncdate) . (($token) ? '&t=' . $token : ''));
+
 			if (! $x['success'])
 				continue;

 			$j = json_decode($x['body'],true);
-			if (!($j['transactions']) || ($j['ratings']))
+			if (!$j['transactions'])
 				continue;

 			q("update site set site_sync = '%s' where site_url = '%s'",
@@ -265,6 +264,11 @@ class Libzotdir {

 			if (is_array($j['transactions']) && count($j['transactions'])) {
 				foreach ($j['transactions'] as $t) {
+
+					if (empty($t['hash']) || empty($t['transaction_id']) || empty($t['address'])) {
+						continue;
+					}
+
 					$r = q("select * from updates where ud_guid = '%s' limit 1",
 						dbesc($t['transaction_id'])
 					);
@@ -319,6 +323,14 @@ class Libzotdir {
 			}
 			if(array_path_exists('signature/signer',$zf) && $zf['signature']['signer'] === $href && intval($zf['signature']['header_valid'])) {
 				$xc = Libzot::import_xchan($zf['data'], 0, $ud);
+				// This is a workaround for a missing xchan_updated column
+				// TODO: implement xchan_updated in the xchan table and update this column instead
+				if($zf['data']['primary_location']['address'] && $zf['data']['primary_location']['url']) {
+					q("UPDATE hubloc SET hubloc_updated = '%s' WHERE hubloc_id_url = '%s' AND hubloc_primary = 1",
+						dbesc(datetime_convert()),
+						dbesc($zf['data']['primary_location']['url'])
+					);
+				}
 			}
 			else {
 				q("update updates set ud_last = '%s' where ud_addr = '%s'",
@@ -345,7 +357,7 @@ class Libzotdir {

 		logger('local_dir_update: uid: ' . $uid, LOGGER_DEBUG);

-		$p = q("select channel.channel_hash, channel_address, channel_timezone, channel_portable_id, profile.* from profile left join channel on channel_id = uid where uid = %d and is_default = 1",
+		$p = q("select channel.channel_hash, channel_address, channel_timezone, profile.* from profile left join channel on channel_id = uid where uid = %d and is_default = 1",
 			intval($uid)
 		);

@@ -354,7 +366,6 @@ class Libzotdir {

 		if ($p) {
 			$hash = $p[0]['channel_hash'];
-			$legacy_hash = $p[0]['channel_portable_id'];

 			$profile['description'] = $p[0]['pdesc'];
 			$profile['birthday']    = $p[0]['dob'];
@@ -393,10 +404,9 @@ class Libzotdir {
 			);

 			if(intval($r[0]['xchan_hidden']) != $hidden) {
-				$r = q("update xchan set xchan_hidden = %d where xchan_hash in ('%s', '%s')",
+				$r = q("update xchan set xchan_hidden = %d where xchan_hash = '%s'",
 					intval($hidden),
-					dbesc($hash),
-					dbesc($legacy_hash)
+					dbesc($hash)
 				);
 			}

@@ -410,13 +420,11 @@ class Libzotdir {
 			}
 			else {
 				// they may have made it private
-				q("delete from xprof where xprof_hash in ('%s', '%s')",
-					dbesc($hash),
-					dbesc($legacy_hash)
+				q("delete from xprof where xprof_hash = '%s'",
+					dbesc($hash)
 				);
-				q("delete from xtag where xtag_hash in ('%s', '%s')",
-					dbesc($hash),
-					dbesc($legacy_hash)
+				q("delete from xtag where xtag_hash = '%s'",
+					dbesc($hash)
 				);
 			}

@@ -635,8 +643,13 @@ class Libzotdir {

 		$dirmode = intval(get_config('system', 'directory_mode'));

-		if($dirmode == DIRECTORY_MODE_NORMAL)
+		if($dirmode == DIRECTORY_MODE_NORMAL) {
 			return;
+		}
+
+		if (empty($hash) || empty($guid) || empty($addr)) {
+			return;
+		}

 		if($flags) {
 			q("insert into updates (ud_hash, ud_guid, ud_date, ud_flags, ud_addr ) values ( '%s', '%s', '%s', %d, '%s' )",
@@ -656,9 +669,4 @@ class Libzotdir {
 		}
 	}

-
-
-
-
-
 }
--- a/Zotlabs/Lib/MessageFilter.php
+++ b/Zotlabs/Lib/MessageFilter.php
@@ -11,8 +11,6 @@ class MessageFilter {

 		require_once('include/html2plain.php');

-		unobscure($item);
-
 		$text = prepare_text($item['body'],$item['mimetype']);
 		$text = html2plain(($item['title']) ? $item['title'] . ' ' . $text : $text);

--- a/Zotlabs/Lib/NativeWiki.php
+++ b/Zotlabs/Lib/NativeWiki.php
@@ -101,6 +101,7 @@ class NativeWiki {
 		}
 	}

+
 	public static function update_wiki($channel_id, $observer_hash, $arr, $acl) {

 		$w = self::get_wiki($channel_id, $observer_hash, $arr['resource_id']);
@@ -156,8 +157,8 @@ class NativeWiki {
 		}
 	}

-	public static function sync_a_wiki_item($uid,$id,$resource_id) {

+	public static function sync_a_wiki_item($uid,$id,$resource_id) {

 		$r = q("SELECT * from item WHERE uid = %d AND ( id = %d OR ( resource_type = '%s' and resource_id = '%s' )) ",
 			intval($uid),
@@ -165,8 +166,8 @@ class NativeWiki {
 			dbesc(NWIKI_ITEM_RESOURCE_TYPE),
 			dbesc($resource_id)
 		);
-
 		if($r) {
+
 			$q = q("select * from item where resource_type = 'nwikipage' and resource_id = '%s'",
 				dbesc($r[0]['resource_id'])
 			);
@@ -185,20 +186,27 @@ class NativeWiki {
 		}
 	}

+
 	public static function delete_wiki($channel_id,$observer_hash,$resource_id) {

 		$w = self::get_wiki($channel_id,$observer_hash,$resource_id);
-		$item = $w['wiki'];
-		if(! $item) {
-			return array('item' => null, 'success' => false);
-		} 
-		else {
-			$drop = drop_item($item['id'], false, DROPITEM_NORMAL);
+		if(! $w['wiki']) {
+			return [ 'success' => false ];
 		}
+		else {

-		info( t('Wiki files deleted successfully'));
+			$r = q("SELECT id FROM item WHERE uid = %s AND resource_id = '%s'",
+				intval($channel_id),
+				dbesc($resource_id)
+			);

-		return array('item' => $item, 'item_id' => $item['id'], 'success' => (($drop === 1) ? true : false));
+			$ids = array_column($r, 'id');
+			drop_items($ids, true, DROPITEM_PHASE1);
+
+			info(t('Wiki files deleted successfully'));
+
+			return [ 'success' => true ];
+		}
 	}


@@ -207,13 +215,13 @@ class NativeWiki {
 		$sql_extra = item_permissions_sql($channel_id,$observer_hash);

 		$item = q("SELECT * FROM item WHERE uid = %d AND resource_type = '%s' AND resource_id = '%s' AND item_deleted = 0 
-			$sql_extra limit 1",
+			$sql_extra ORDER BY id LIMIT 1",
 			intval($channel_id), 
 			dbesc(NWIKI_ITEM_RESOURCE_TYPE),
 			dbesc($resource_id)
 		);
 		if(! $item) {
-			return array('wiki' => null);
+			return [ 'wiki' => null ];
 		}
 		else {
 		
@@ -259,6 +267,7 @@ class NativeWiki {


 	public static function get_permissions($resource_id, $owner_id, $observer_hash) {
+
 		// TODO: For now, only the owner can edit
 		$sql_extra = item_permissions_sql($owner_id, $observer_hash);

@@ -283,6 +292,7 @@ class NativeWiki {
 		}
 	}

+
 	public static function name_encode ($string) {

 		$string = html_entity_decode($string);
@@ -298,6 +308,7 @@ class NativeWiki {
 		return $ret;
 	}

+
 	public static function name_decode ($string) {

 		$encoding = mb_internal_encoding();
--- a/Zotlabs/Lib/NativeWikiPage.php
+++ b/Zotlabs/Lib/NativeWikiPage.php
@@ -109,6 +109,7 @@ class NativeWikiPage {
 		return [ 'success' => false, 'message' => t('Wiki page create failed.') ];
 	}

+
 	static public function rename_page($arr) {

 		$pageUrlName   = ((array_key_exists('pageUrlName',$arr))   ? $arr['pageUrlName']   : '');
@@ -167,7 +168,9 @@ class NativeWikiPage {
 	
 	}

+
 	static public function get_page_content($arr) {
+
 		$pageUrlName   = ((array_key_exists('pageUrlName',$arr))   ? $arr['pageUrlName']        : '');
 		$resource_id   = ((array_key_exists('resource_id',$arr))   ? $arr['resource_id']        : '');
 		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash']      : '');
@@ -198,7 +201,9 @@ class NativeWikiPage {

 	}

+
 	static public function page_history($arr) {
+
 		$pageUrlName = ((array_key_exists('pageUrlName',$arr)) ? $arr['pageUrlName'] : '');
 		$resource_id = ((array_key_exists('resource_id',$arr)) ? $arr['resource_id'] : '');
 		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash'] : '');
@@ -290,6 +295,7 @@ class NativeWikiPage {
 		return null;
 	}

+
 	static public function load_page_history($arr) {

 		$pageUrlName   = ((array_key_exists('pageUrlName',$arr))   ? $arr['pageUrlName']     : '');
@@ -338,6 +344,7 @@ class NativeWikiPage {
 		return null;
 	}

+
 	static public function save_page($arr) {
 		$pageUrlName   = ((array_key_exists('pageUrlName',$arr))   ? $arr['pageUrlName']   : '');
 		$content       = ((array_key_exists('content',$arr))       ? $arr['content']       : '');
@@ -389,14 +396,15 @@ class NativeWikiPage {
 			return array('message' => t('Page update failed.'), 'success' => false);
 	}	

+
 	static public function delete_page($arr) {
-		$pageUrlName = ((array_key_exists('pageUrlName',$arr)) ? $arr['pageUrlName'] : '');
-		$resource_id = ((array_key_exists('resource_id',$arr)) ? $arr['resource_id'] : '');
-		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash'] : '');
-		$channel_id    = ((array_key_exists('channel_id',$arr))    ? $arr['channel_id']    : 0);
+
+		$pageUrlName   = (array_key_exists('pageUrlName',$arr) ? $arr['pageUrlName'] : '');
+		$resource_id   = (array_key_exists('resource_id',$arr) ? $arr['resource_id'] : '');
+		$observer_hash = (array_key_exists('observer_hash',$arr) ? $arr['observer_hash'] : '');
+		$channel_id    = (array_key_exists('channel_id',$arr) ? $arr['channel_id'] : 0);

 		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
-
 		if(! $w['wiki']) {
 			return [ 'success' => false, 'message' => t('Error reading wiki') ];
 		}
@@ -416,14 +424,16 @@ class NativeWikiPage {
 		}

 		if($ids) {
-			drop_items($ids);
+			drop_items($ids, true, DROPITEM_PHASE1);
 			return [ 'success' => true ];
 		}

 		return [ 'success' => false, 'message' => t('Nothing deleted') ];	
 	}
 	
+
 	static public function revert_page($arr) {
+
 		$pageUrlName   = ((array_key_exists('pageUrlName',$arr))   ? $arr['pageUrlName']   : '');
 		$resource_id   = ((array_key_exists('resource_id',$arr))   ? $arr['resource_id']   : '');
 		$commitHash    = ((array_key_exists('commitHash',$arr))    ? $arr['commitHash']    : null);
@@ -454,7 +464,9 @@ class NativeWikiPage {
 		}
 	}
 	
+
 	static public function compare_page($arr) {
+
 		$pageUrlName = ((array_key_exists('pageUrlName',$arr)) ? $arr['pageUrlName'] : '');
 		$resource_id = ((array_key_exists('resource_id',$arr)) ? $arr['resource_id'] : '');
 		$currentCommit = ((array_key_exists('currentCommit',$arr)) ? $arr['currentCommit'] : (-1));
@@ -490,6 +502,7 @@ class NativeWikiPage {

 	}
 	
+
 	static public function commit($arr) {

 		$commit_msg    = ((array_key_exists('commit_msg', $arr))   ? $arr['commit_msg']    : t('Page updated'));
@@ -570,7 +583,6 @@ class NativeWikiPage {
 	}


-	
 	/**
 	 * Replace the instances of the string [toc] with a list element that will be populated by
 	 * a table of contents by the JavaScript library
@@ -586,6 +598,7 @@ class NativeWikiPage {
 		return $s;
 	}
 	
+
 	/**
 	 *  Converts a select set of bbcode tags. Much of the code is copied from include/bbcode.php
 	 * @param string $s
@@ -625,7 +638,9 @@ class NativeWikiPage {
 		return $s;
 	}
 	
+
 	static public function get_file_ext($arr) {
+
 		if($arr['mimetype'] === 'text/bbcode')
 			return '.bb';
 		elseif($arr['mimetype'] === 'text/markdown')
--- a/Zotlabs/Lib/Queue.php
+++ b/Zotlabs/Lib/Queue.php
@@ -2,6 +2,9 @@

 namespace Zotlabs\Lib;

+use Zotlabs\Zot6\Receiver;
+use Zotlabs\Zot6\Zot6Handler;
+
 class Queue {

 	static function update($id, $add_priority = 0) {
@@ -28,19 +31,19 @@ class Queue {
 			$might_be_down = ((datetime_convert('UTC','UTC',$y[0]['earliest']) < datetime_convert('UTC','UTC','now - 2 days')) ? true : false);


-		// Set all other records for this destination way into the future. 
+		// Set all other records for this destination way into the future.
 		// The queue delivers by destination. We'll keep one queue item for
 		// this destination (this one) with a shorter delivery. If we succeed
 		// once, we'll try to deliver everything for that destination.
-		// The delivery will be set to at most once per hour, and if the 
+		// The delivery will be set to at most once per hour, and if the
 		// queue item is less than 12 hours old, we'll schedule for fifteen
-		// minutes. 
+		// minutes.

 		q("UPDATE outq SET outq_scheduled = '%s' WHERE outq_posturl = '%s'",
 			dbesc(datetime_convert('UTC','UTC','now + 5 days')),
 			dbesc($x[0]['outq_posturl'])
 		);
- 
+
 		$since = datetime_convert('UTC','UTC',$x[0]['outq_created']);

 		if(($might_be_down) || ($since < datetime_convert('UTC','UTC','now - 12 hour'))) {
@@ -50,9 +53,9 @@ class Queue {
 			$next = datetime_convert('UTC','UTC','now + ' . intval($add_priority) . ' minutes');
 		}

-		q("UPDATE outq SET outq_updated = '%s', 
-			outq_priority = outq_priority + %d, 
-			outq_scheduled = '%s' 
+		q("UPDATE outq SET outq_updated = '%s',
+			outq_priority = outq_priority + %d,
+			outq_scheduled = '%s'
 			WHERE outq_hash = '%s'",

 			dbesc(datetime_convert()),
@@ -66,7 +69,7 @@ class Queue {
 	static function remove($id,$channel_id = 0) {
 		logger('queue: remove queue item ' . $id,LOGGER_DEBUG);
 		$sql_extra = (($channel_id) ? " and outq_channel = " . intval($channel_id) . " " : '');
-		
+
 		q("DELETE FROM outq WHERE outq_hash = '%s' $sql_extra",
 			dbesc($id)
 		);
@@ -75,7 +78,7 @@ class Queue {

 	static function remove_by_posturl($posturl) {
 		logger('queue: remove queue posturl ' . $posturl,LOGGER_DEBUG);
-		
+
 		q("DELETE FROM outq WHERE outq_posturl = '%s' ",
 			dbesc($posturl)
 		);
@@ -88,7 +91,7 @@ class Queue {
 		$sql_extra = (($channel['channel_id']) ? " and outq_channel = " . intval($channel['channel_id']) . " " : '');

 		// Set the next scheduled run date so far in the future that it will be expired
-		// long before it ever makes it back into the delivery chain. 
+		// long before it ever makes it back into the delivery chain.

 		q("update outq set outq_delivered = 1, outq_updated = '%s', outq_scheduled = '%s' where outq_hash = '%s' $sql_extra ",
 			dbesc(datetime_convert()),
@@ -108,7 +111,7 @@ class Queue {
 		}

 		$x = q("insert into outq ( outq_hash, outq_account, outq_channel, outq_driver, outq_posturl, outq_async, outq_priority,
-			outq_created, outq_updated, outq_scheduled, outq_notify, outq_msg ) 
+			outq_created, outq_updated, outq_scheduled, outq_notify, outq_msg )
 			values ( '%s', %d, %d, '%s', '%s', %d, %d, '%s', '%s', '%s', '%s', '%s' )",
 			dbesc($arr['hash']),
 			intval($arr['account_id']),
@@ -116,7 +119,7 @@ class Queue {
 			dbesc(($arr['driver']) ? $arr['driver'] : 'zot6'),
 			dbesc($arr['posturl']),
 			intval(1),
-			intval(($arr['priority']) ? $arr['priority'] : 0),
+			intval(isset($arr['priority']) ? $arr['priority'] : 0),
 			dbesc(datetime_convert()),
 			dbesc(datetime_convert()),
 			dbesc(datetime_convert()),
@@ -133,8 +136,8 @@ class Queue {

 		$base = null;
 		$h = parse_url($outq['outq_posturl']);
-		if($h !== false) 
-			$base = $h['scheme'] . '://' . $h['host'] . (($h['port']) ? ':' . $h['port'] : '');
+		if($h !== false)
+			$base = $h['scheme'] . '://' . $h['host'] . (isset($h['port']) ? ':' . $h['port'] : '');

 		if(($base) && ($base !== z_root()) && ($immediate)) {
 			$y = q("select site_update, site_dead from site where site_url = '%s' ",
@@ -147,7 +150,7 @@ class Queue {
 					return;
 				}
 				if($y[0]['site_update'] < datetime_convert('UTC','UTC','now - 1 month')) {
-					self::update($outq['outq_hash'],10);
+					self::update($outq['outq_hash'], 10);
 					logger('immediate delivery deferred for site ' . $base);
 					return;
 				}
@@ -158,12 +161,12 @@ class Queue {
 				// your site has existed. Since we don't know for sure what these sites are,
 				// call them unknown

-				site_store_lowlevel( 
+				site_store_lowlevel(
 					[
 						'site_url'    => $base,
 						'site_update' => datetime_convert(),
 						'site_dead'   => 0,
-						'site_type'   => intval(($outq['outq_driver'] === 'post') ? SITE_TYPE_NOTZOT : SITE_TYPE_UNKNOWN),
+						'site_type'   => SITE_TYPE_UNKNOWN,
 						'site_crypto' => ''
 					]
 				);
@@ -171,65 +174,17 @@ class Queue {
 		}

 		$arr = array('outq' => $outq, 'base' => $base, 'handled' => false, 'immediate' => $immediate);
-		call_hooks('queue_deliver',$arr);
+		call_hooks('queue_deliver', $arr);
 		if($arr['handled'])
 			return;

-		// "post" queue driver - used for diaspora and friendica-over-diaspora communications.
-
-		if($outq['outq_driver'] === 'post') {
-			$result = z_post_url($outq['outq_posturl'],$outq['outq_msg']);
-			if($result['success'] && $result['return_code'] < 300) {
-				logger('deliver: queue post success to ' . $outq['outq_posturl'], LOGGER_DEBUG);
-				if($base) {
-					q("update site set site_update = '%s', site_dead = 0 where site_url = '%s' ",
-						dbesc(datetime_convert()),
-						dbesc($base)
-					);
-				}
-				q("update dreport set dreport_result = '%s', dreport_time = '%s' where dreport_queue = '%s'",
-					dbesc('accepted for delivery'),
-					dbesc(datetime_convert()),
-					dbesc($outq['outq_hash'])
-				);
-				self::remove($outq['outq_hash']);
-
-				// server is responding - see if anything else is going to this destination and is piled up 
-				// and try to send some more. We're relying on the fact that do_delivery() results in an 
-				// immediate delivery otherwise we could get into a queue loop. 
-
-				if(! $immediate) {
-					$x = q("select outq_hash from outq where outq_posturl = '%s' and outq_delivered = 0",
-						dbesc($outq['outq_posturl'])
-					);
-	
-					$piled_up = array();
-					if($x) {
-						foreach($x as $xx) {
-							 $piled_up[] = $xx['outq_hash'];
-						}
-					}
-					if($piled_up) {
-						// call do_delivery() with the force flag
-						do_delivery($piled_up, true);
-					}
-				}
-			}
-			else {
-				logger('deliver: queue post returned ' . $result['return_code'] 
-					. ' from ' . $outq['outq_posturl'],LOGGER_DEBUG);
-					self::update($outq['outq_hash'],10);
-			}
-			return;
-		}
-
 		// normal zot delivery

 		logger('deliver: dest: ' . $outq['outq_posturl'], LOGGER_DEBUG);

 		if($outq['outq_posturl'] === z_root() . '/zot') {
 			// local delivery
-			$zot = new \Zotlabs\Zot6\Receiver(new \Zotlabs\Zot6\Zot6Handler(),$outq['outq_notify']);
+			$zot = new Receiver(new Zot6Handler(), $outq['outq_notify']);
 			$result = $zot->run();
 			logger('returned_json: ' . json_encode($result,JSON_PRETTY_PRINT|JSON_UNESCAPED_SLASHES), LOGGER_DATA);
 			logger('deliver: local zot delivery succeeded to ' . $outq['outq_posturl']);
@@ -246,7 +201,8 @@ class Queue {
 			$host_crypto = null;

 			if($channel && $base) {
-				$h = q("select hubloc_sitekey, site_crypto from hubloc left join site on hubloc_url = site_url where site_url = '%s' and hubloc_sitekey != '' order by hubloc_id desc limit 1",
+				$h = q("SELECT hubloc_sitekey, site_crypto FROM hubloc LEFT JOIN site ON hubloc_url = site_url
+					WHERE site_url = '%s' AND hubloc_network = 'zot6' ORDER BY hubloc_id DESC LIMIT 1",
 					dbesc($base)
 				);
 				if($h) {
@@ -256,7 +212,7 @@ class Queue {

 			$msg = $outq['outq_notify'];

-			$result = Libzot::zot($outq['outq_posturl'],$msg,$channel,$host_crypto);
+			$result = Libzot::zot($outq['outq_posturl'], $msg, $channel, $host_crypto);

 			if($result['success']) {
 				logger('deliver: remote zot delivery succeeded to ' . $outq['outq_posturl']);
@@ -265,7 +221,7 @@ class Queue {
 			else {
 				logger('deliver: remote zot delivery failed to ' . $outq['outq_posturl']);
 				logger('deliver: remote zot delivery fail data: ' . print_r($result,true), LOGGER_DATA);
-				self::update($outq['outq_hash'],10);
+				self::update($outq['outq_hash'], 10);
 			}
 		}
 		return;
--- a/Zotlabs/Lib/Share.php
+++ b/Zotlabs/Lib/Share.php
@@ -8,13 +8,13 @@ class Share {


 	public function __construct($post_id) {
-	
+
 		if(! $post_id)
 			return;
-	
+
 		if(! (local_channel() || remote_channel()))
 			return;
-	
+
 		$r = q("SELECT * from item left join xchan on author_xchan = xchan_hash WHERE id = %d  LIMIT 1",
 			intval($post_id)
 		);
@@ -23,26 +23,26 @@ class Share {

 		if(($r[0]['item_private']) && ($r[0]['xchan_network'] !== 'rss'))
 			return;
-	
+
 		$sql_extra = item_permissions_sql($r[0]['uid']);
-	
+
 		$r = q("select * from item where id = %d $sql_extra",
 			intval($post_id)
 		);
 		if(! $r)
 			return;
-	
+
 		if($r[0]['mimetype'] !== 'text/bbcode')
 			return;
-	
+
 		/** @FIXME eventually we want to post remotely via rpost on your home site */
 		// When that works remove this next bit:
-	
+
 		if(! local_channel())
 			return;

 		xchan_query($r);
-	
+
 		$this->item = $r[0];
 		return;
 	}
@@ -66,14 +66,14 @@ class Share {
 			'address'  => $this->item['author']['xchan_addr'],
 			'network'  => $this->item['author']['xchan_network'],
 			'link'     => [
-				[ 
-					'rel'  => 'alternate', 
-					'type' => 'text/html', 
+				[
+					'rel'  => 'alternate',
+					'type' => 'text/html',
 					'href' => $this->item['author']['xchan_url']
 				],
 				[
-					'rel'  => 'photo', 
-					'type' => $this->item['author']['xchan_photo_mimetype'], 
+					'rel'  => 'photo',
+					'type' => $this->item['author']['xchan_photo_mimetype'],
 					'href' => $this->item['author']['xchan_photo_m']
 				]
 			]
@@ -84,14 +84,14 @@ class Share {
 			'address'  => $this->item['owner']['xchan_addr'],
 			'network'  => $this->item['owner']['xchan_network'],
 			'link'     => [
-				[ 
-					'rel'  => 'alternate', 
-					'type' => 'text/html', 
+				[
+					'rel'  => 'alternate',
+					'type' => 'text/html',
 					'href' => $this->item['owner']['xchan_url']
 				],
 				[
-					'rel'  => 'photo', 
-					'type' => $this->item['owner']['xchan_photo_mimetype'], 
+					'rel'  => 'photo',
+					'type' => $this->item['owner']['xchan_photo_mimetype'],
 					'href' => $this->item['owner']['xchan_photo_m']
 				]
 			]
@@ -117,7 +117,7 @@ class Share {
 			$object = json_decode($this->item['obj'],true);
 			$photo_bb = $object['body'];
 		}
-	
+
 		if (strpos($this->item['body'], "[/share]") !== false) {
 			$pos = strpos($this->item['body'], "[share");
 			$bb = substr($this->item['body'], $pos);
@@ -126,7 +126,7 @@ class Share {
 				"' profile='"    . $this->item['author']['xchan_url'] .
 				"' avatar='"     . $this->item['author']['xchan_photo_s'] .
 				"' link='"       . $this->item['plink'] .
-				"' auth='"       . ((in_array($this->item['author']['xchan_network'], ['zot6', 'zot'])) ? 'true' : 'false') .
+				"' auth='"       . (($this->item['author']['xchan_network'] === 'zot6') ? 'true' : 'false') .
 				"' posted='"     . $this->item['created'] .
 				"' message_id='" . $this->item['mid'] .
 			"']";
--- a/Zotlabs/Lib/ThreadItem.php
+++ b/Zotlabs/Lib/ThreadItem.php
@@ -43,7 +43,7 @@ class ThreadItem {
 		$observer = \App::get_observer();

 		// Prepare the children
-		if($data['children']) {
+		if(isset($data['children'])) {
 			foreach($data['children'] as $item) {

 				/*
@@ -299,7 +299,7 @@ class ThreadItem {
 			);
 			*/

-			$settings = t('Conversation Tools');
+			$settings = t('Conversation Features');
 		}

 		$has_bookmarks = false;
@@ -367,7 +367,7 @@ class ThreadItem {
                call_hooks('dropdown_extras',$dropdown_extras_arr);
                $dropdown_extras = $dropdown_extras_arr['dropdown_extras'];

-		$midb64 = 'b64.' . base64url_encode($item['mid']);
+		$midb64 = gen_link_id($item['mid']);
 		$mids = [ $midb64 ];
 		$response_mids = [];
 		foreach($response_verbs as $v) {
--- a/Zotlabs/Lib/ThreadStream.php
+++ b/Zotlabs/Lib/ThreadStream.php
@@ -77,7 +77,7 @@ class ThreadStream {
 				$this->reload = $_SESSION['return_url'];
 				break;
 			case 'display':
-				// in this mode we set profile_owner after initialisation (from conversation()) and then 
+				// in this mode we set profile_owner after initialisation (from conversation()) and then
 				// pull some trickery which allows us to re-invoke this function afterward
 				// it's an ugly hack so @FIXME
 				$this->writable = perm_is_allowed($this->profile_owner,$ob_hash,'post_comments');
@@ -170,14 +170,14 @@ class ThreadStream {
 		 * Only add things that will be displayed
 		 */

-		
+
 		if(($item->get_data_value('id') != $item->get_data_value('parent')) && (activity_match($item->get_data_value('verb'),ACTIVITY_LIKE) || activity_match($item->get_data_value('verb'),ACTIVITY_DISLIKE))) {
 			return false;
 		}

 		$item->set_commentable(false);
 		$ob_hash = (($this->observer) ? $this->observer['xchan_hash'] : '');
-		
+
 		if(! comments_are_now_closed($item->get_data())) {
 			if(($item->get_data_value('author_xchan') === $ob_hash) || ($item->get_data_value('owner_xchan') === $ob_hash))
 				$item->set_commentable(true);
@@ -194,7 +194,7 @@ class ThreadStream {
 		}
 		if($this->mode === 'pubstream' && (! local_channel())) {
 			$item->set_commentable(false);
-		} 
+		}


 		$item->set_conversation($this);
--- a/Zotlabs/Module/Acl.php
+++ b/Zotlabs/Module/Acl.php
@@ -222,6 +222,7 @@ class Acl extends \Zotlabs\Web\Controller {
 					WHERE (abook_channel = %d $extra_channels_sql) AND abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc" ,
 					intval(local_channel())
 				);
+
 				if($r2)
 					$r = array_merge($r2,$r);

@@ -282,13 +283,12 @@ class Acl extends \Zotlabs\Web\Controller {
 			}
 		}
 		elseif($type == 'm') {
-
 			$r = array();
 			$z = q("SELECT xchan_hash as hash, xchan_name as name, xchan_network as net, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url
 				FROM abook left join xchan on abook_xchan = xchan_hash
 				WHERE abook_channel = %d
 				and xchan_deleted = 0
-				and xchan_network IN ('zot', 'diaspora', 'friendica-over-diaspora')
+				and not xchan_network IN ('rss', 'anon', 'unknown')
 				$sql_extra3
 				ORDER BY xchan_name ASC ",
 				intval(local_channel())
@@ -371,7 +371,7 @@ class Acl extends \Zotlabs\Web\Controller {
 					);
 				}
 				if($type !== 'f') {
-					if (! array_key_exists($x[$lkey], $contacts) || ($contacts[$x[$lkey]]['net'] !== 'zot6' && ($g['net'] == 'zot6' || $g['net'] == 'zot'))) {
+					if (! array_key_exists($x[$lkey], $contacts) || ($contacts[$x[$lkey]]['net'] !== 'zot6' && $g['net'] == 'zot6')) {
 						$contacts[$x[$lkey]] = array(
 							"type"     => "c",
 							"photo"    => $g['micro'],
@@ -438,7 +438,6 @@ class Acl extends \Zotlabs\Web\Controller {
 		}

 		if(! $url) {
-			require_once("include/dir_fns.php");
 			$directory = Libzotdir::find_upstream_directory($dirmode);
 			$url = $directory['url'] . '/dirsearch';
 		}
--- a/Zotlabs/Module/Activity.php
+++ b/Zotlabs/Module/Activity.php
@@ -26,7 +26,12 @@ class Activity extends Controller {

 			$portable_id = EMPTY_STR;

-			$item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 ";
+			$item_normal_extra = sprintf(" and not verb in ('%s', '%s') ",
+				dbesc(ACTIVITY_FOLLOW),
+				dbesc(ACTIVITY_UNFOLLOW)
+			);
+
+			$item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 $item_normal_extra ";

 			$i = null;

@@ -86,7 +91,7 @@ class Activity extends Controller {
 			}

 			$parents_str = ids_to_querystr($i,'item_id');
-	
+
 			$items = q("SELECT item.*, item.id AS item_id FROM item WHERE item.parent IN ( %s ) $item_normal ",
 				dbesc($parents_str)
 			);
@@ -197,8 +202,12 @@ class Activity extends Controller {
 				}
 			}

-			$item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 
-				and item.item_delayed = 0 and item.item_blocked = 0 ";
+			$item_normal_extra = sprintf(" and not verb in ('%s', '%s') ",
+				dbesc(ACTIVITY_FOLLOW),
+				dbesc(ACTIVITY_UNFOLLOW)
+			);
+
+			$item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 $item_normal_extra ";

 			$sigdata = HTTPSig::verify(EMPTY_STR);
 			if ($sigdata['portable_id'] && $sigdata['header_valid']) {
--- a/Zotlabs/Module/Admin.php
+++ b/Zotlabs/Module/Admin.php
@@ -8,7 +8,6 @@

 namespace Zotlabs\Module;

-require_once('include/queue_fn.php');
 require_once('include/account.php');

 /**
@@ -101,11 +100,14 @@ class Admin extends \Zotlabs\Web\Controller {

 		// pending registrations

-		$pdg = q("SELECT account.*, register.hash from account left join register on account_id = register.uid where (account_flags & %d ) > 0 ",
-			intval(ACCOUNT_PENDING)
+		// $pdg = q("SELECT account.*, register.reg_hash from account left join register on account_id = register.reg_uid // where (account_flags & %d ) > 0 ",
+		//		intval(ACCOUNT_PENDING)
+		// );
+		$pdg = q("SELECT COUNT(*) AS pdg FROM register WHERE reg_vital = 1 AND reg_expires > '%s' ",
+			dbesc(date('Y-m-d H:i:s'))
 		);

-		$pending = (($pdg) ? count($pdg) : 0);
+		$pending = ($pdg ? $pdg[0]['pdg'] : 0);

 		// available channels, primary and clones
 		$channels = array();
--- a/Zotlabs/Module/Admin/Accounts.php
+++ b/Zotlabs/Module/Admin/Accounts.php
@@ -5,7 +5,7 @@ namespace Zotlabs\Module\Admin;


 class Accounts {
-	
+
 	/**
 	 * @brief Handle POST actions on accounts admin page.
 	 *
@@ -15,14 +15,105 @@ class Accounts {
 	 *
 	 */

+	const MYP = 	'ZAR';			// ZAR2x
+	const VERSION =	'2.0.0';
+
 	function post() {

 		$pending = ( x($_POST, 'pending') ? $_POST['pending'] : array() );
 		$users   = ( x($_POST, 'user')    ? $_POST['user']    : array() );
 		$blocked = ( x($_POST, 'blocked') ? $_POST['blocked'] : array() );
-	
+
 		check_form_security_token_redirectOnErr('/admin/accounts', 'admin_accounts');
-	
+
+		$isajax = is_ajax();
+		$rc = 0;
+
+		If (!is_site_admin()) {
+			if ($isajax) {
+				killme();
+				exit;
+			}
+			goaway(z_root() . '/');
+		}
+
+		if ($isajax) {
+			//$debug = print_r($_SESSION[self::MYP],true);
+			$zarop = (x($_POST['zardo']) && preg_match('/^[ad]{1,1}$/', $_POST['zardo']) )
+					 ? $_POST['zardo'] : '';
+			// zarat arrives with leading underscore _n
+			$zarat = (x($_POST['zarat']) && preg_match('/^_{1,1}[0-9]{1,6}$/', $_POST['zarat']) )
+					 ? substr($_POST['zarat'],1) : '';
+			$zarse = (x($_POST['zarse']) && preg_match('/^[0-9a-f]{8,8}$/', $_POST['zarse']) )
+					 ? hex2bin($_POST['zarse']) : '';
+
+			if ($zarop && $zarat >= 0 && $zarse && $zarse == $_SESSION[self::MYP]['h'][$zarat]) {
+
+				//
+				if ($zarop == 'd') {
+					$rd = q("UPDATE register SET reg_vital = 0 WHERE reg_id = %d AND SUBSTR(reg_hash,1,4) = '%s' ",
+						intval($_SESSION[self::MYP]['i'][$zarat]),
+						dbesc($_SESSION[self::MYP]['h'][$zarat])
+					);
+					$rc = '×';
+				}
+				elseif ($zarop == 'a') {
+					// approval, REGISTER_DENIED by user 0x0040, REGISTER_AGREED by user 0x0020 @Regate
+					$rd = q("UPDATE register SET reg_flags = (reg_flags & ~ 16), "
+						.	" reg_vital = (CASE (reg_flags & ~ 48) WHEN 0 THEN 0 ELSE 1 END) "
+						.	" WHERE reg_vital = 1 AND reg_id = %d AND SUBSTR(reg_hash,1,4) = '%s' ",
+						intval($_SESSION[self::MYP]['i'][$zarat]),
+						dbesc($_SESSION[self::MYP]['h'][$zarat])
+					);
+					$rc = 0;
+					$rs = q("SELECT * from register WHERE reg_id = %d ",
+							intval($_SESSION[self::MYP]['i'][$zarat])
+					);
+					if ($rs && ($rs[0]['reg_flags'] & ~ 48) == 0) {
+						// create account
+						$rc = 'ok'.$rs[0]['reg_id'];
+						$ac = create_account_from_register($rs[0]);
+						if ( $ac['success'] ) {
+							$rc .= '✔';
+
+							$auto_create  = get_config('system','auto_channel_create',1);
+
+							if($auto_create) {
+								$reonar = json_decode($rs[0]['reg_stuff'], true);
+								// prepare channel creation
+								if($reonar['chan.name'])
+									set_aconfig($ac['account']['account_id'], 'register', 'channel_name', $reonar['chan.name']);
+
+								if($reonar['chan.did1'])
+									set_aconfig($ac['account']['account_id'], 'register', 'channel_address', $reonar['chan.did1']);
+
+								$permissions_role  = get_config('system','default_permissions_role');
+								if($permissions_role)
+									set_aconfig($ac['account']['account_id'], 'register', 'permissions_role', $permissions_role);
+
+								// create channel
+								$new_channel = auto_channel_create($ac['account']['account_id']);
+
+								if($new_channel['success']) {
+									$rc .= ' c,ok' . $new_channel['channel']['channel_id'] . '✔';
+								}
+								else {
+									$rc .= ' c ×';
+								}
+							}
+
+
+						}
+					} else {
+						$rc='oh ×';
+					}
+				}
+				echo json_encode(array('re' => $zarop, 'at' => '_' . $zarat, 'rc' => $rc));
+			}
+			killme();
+			exit;
+		}
+
 		// change to switch structure?
 		// account block/unblock button was submitted
 		if (x($_POST, 'page_accounts_block')) {
@@ -55,7 +146,7 @@ class Accounts {
 				account_deny($hash);
 			}
 		}
-	
+
 		goaway(z_root() . '/admin/accounts' );
 	}

@@ -75,19 +166,21 @@ class Accounts {
 			$account = q("SELECT * FROM account WHERE account_id = %d",
 				intval($uid)
 			);
-	
+
 			if (! $account) {
 				notice( t('Account not found') . EOL);
 				goaway(z_root() . '/admin/accounts' );
 			}
-	
+
 			check_form_security_token_redirectOnErr('/admin/accounts', 'admin_accounts', 't');
-	
+
+			$debug = '';
+
 			switch (argv(2)){
 				case 'delete':
 					// delete user
 					account_remove($uid,true,false);
-	
+
 					notice( sprintf(t("Account '%s' deleted"), $account[0]['account_email']) . EOL);
 					break;
 				case 'block':
@@ -95,7 +188,7 @@ class Accounts {
 						intval(ACCOUNT_BLOCKED),
 						intval($uid)
 					);
-	
+
 					notice( sprintf( t("Account '%s' blocked") , $account[0]['account_email']) . EOL);
 					break;
 				case 'unblock':
@@ -103,27 +196,74 @@ class Accounts {
 							intval(ACCOUNT_BLOCKED),
 							intval($uid)
 					);
-	
+
 					notice( sprintf( t("Account '%s' unblocked"), $account[0]['account_email']) . EOL);
 					break;
 			}
-	
+
 			goaway(z_root() . '/admin/accounts' );
 		}
-	
-		/* get pending */
-		$pending = q("SELECT account.*, register.hash from account left join register on account_id = register.uid where (account_flags & %d )>0 ",
-			intval(ACCOUNT_PENDING)
-		);
-	
+
+		$tao = 'tao.zar.zarax = ' . "'" . '<img src="' . z_root() . '/images/zapax16.gif">' . "';\n";
+
+
+		// by default we will only return verified results. if reg_all is set we will return everything''
+		$get_all = isset($_REQUEST['get_all']);
+		$pending = get_pending_accounts($get_all);
+
+		unset($_SESSION[self::MYP]);
+
+		if ($pending) {
+			// collect and group all ip
+			$atips = dbq("SELECT reg_atip AS atip, COUNT(reg_atip) AS atips FROM register
+				WHERE reg_vital = 1 GROUP BY reg_atip"
+			);
+
+			(($atips) ? $atipn = array_column($atips, 'atips', 'atip') : $atipn = ['' => 0]);
+
+			$tao .= 'tao.zar.zarar = {';
+			foreach ($pending as $n => $v) {
+
+				$stuff = json_decode($v['reg_stuff'], true);
+
+				if(isset($stuff['msg'])) {
+					$pending[$n]['msg'] = $stuff['msg'];
+				}
+
+				if (array_key_exists($v['reg_atip'], $atipn)) {
+					$pending[$n]['reg_atip'] = $v['reg_atip'];
+					$pending[$n]['reg_atip_n'] = $atipn[$v['reg_atip']];
+				}
+
+				$pending[$n]['status'] = '';
+				if($pending[$n]['reg_flags'] & ACCOUNT_UNVERIFIED > 0)
+					$pending[$n]['status'] = [t('Unverified'), 'bg-warning'];
+
+				if($pending[$n]['status'] && $pending[$n]['reg_expires'] < datetime_convert())
+					$pending[$n]['status'] = [t('Expired'), 'bg-danger text-white'];
+
+				// timezone adjust date_time for display
+				$pending[$n]['reg_created'] = datetime_convert('UTC', date_default_timezone_get(), $pending[$n]['reg_created']);
+				$pending[$n]['reg_startup'] = datetime_convert('UTC', date_default_timezone_get(), $pending[$n]['reg_startup']);
+				$pending[$n]['reg_expires'] = datetime_convert('UTC', date_default_timezone_get(), $pending[$n]['reg_expires']);
+
+				// better secure
+				$tao .= $n . ": '" . substr(bin2hex($v['reg_hash']),0,8) . "',";
+				$_SESSION[self::MYP]['h'][] = substr($v['reg_hash'],0,4);
+				$_SESSION[self::MYP]['i'][] = $v['reg_id'];
+			}
+			$tao = rtrim($tao,',') . '};' . "\n";
+		}
+		// <- hilmar]
+
 		/* get accounts */
-	
+
 		$total = q("SELECT count(*) as total FROM account");
 		if (count($total)) {
 			\App::set_pager_total($total[0]['total']);
 			\App::set_pager_itemspage(100);
 		}
-	
+
 		$serviceclass = (($_REQUEST['class']) ? " and account_service_class = '" . dbesc($_REQUEST['class']) . "' " : '');

 		$key = (($_REQUEST['key']) ? dbesc($_REQUEST['key']) : 'account_id');
@@ -134,8 +274,8 @@ class Accounts {
 		$base = z_root() . '/admin/accounts?f=';
 		$odir = (($dir === 'asc') ? '0' : '1');

-		$users = q("SELECT account_id , account_email, account_lastlog, account_created, account_expires, account_service_class, ( account_flags & %d ) > 0 as blocked, 
-			(SELECT %s FROM channel as ch WHERE ch.channel_account_id = ac.account_id and ch.channel_removed = 0 ) as channels FROM account as ac 
+		$users = q("SELECT account_id , account_email, account_lastlog, account_created, account_expires, account_service_class, ( account_flags & %d ) > 0 as blocked,
+			(SELECT %s FROM channel as ch WHERE ch.channel_account_id = ac.account_id and ch.channel_removed = 0 ) as channels FROM account as ac
 			where true $serviceclass and account_flags != %d order by $key $dir limit %d offset %d ",
 			intval(ACCOUNT_BLOCKED),
 			db_concat('ch.channel_address', ' '),
@@ -143,15 +283,15 @@ class Accounts {
 			intval(\App::$pager['itemspage']),
 			intval(\App::$pager['start'])
 		);
-	
+
 	//	function _setup_users($e){
 	//		$accounts = Array(
-	//			t('Normal Account'), 
+	//			t('Normal Account'),
 	//			t('Soapbox Account'),
 	//			t('Community/Celebrity Account'),
 	//			t('Automatic Friend Account')
 	//		);
-	
+
 	//		$e['page_flags'] = $accounts[$e['page-flags']];
 	//		$e['register_date'] = relative_date($e['register_date']);
 	//		$e['login_date'] = relative_date($e['login_date']);
@@ -159,49 +299,57 @@ class Accounts {
 	//		return $e;
 	//	}
 	//	$users = array_map("_setup_users", $users);
-	
+
 		$t = get_markup_template('admin_accounts.tpl');
 		$o = replace_macros($t, array(
 			// strings //
+			'$debug' => $debug,
 			'$title' => t('Administration'),
 			'$page' => t('Accounts'),
 			'$submit' => t('Submit'),
-			'$select_all' => t('select all'),
-			'$h_pending' => t('Registrations waiting for confirm'),
-			'$th_pending' => array( t('Request date'), t('Email') ),
-			'$no_pending' =>  t('No registrations.'),
+			'$get_all' => (($get_all) ? t('Show verified registrations') : t('Show all registrations')),
+			'$get_all_link' => (($get_all) ? z_root() .'/admin/accounts' : z_root() .'/admin/accounts?get_all'),
+			'$sel_tall' => t('Select toggle'),
+			'$sel_deny' => t('Deny selected'),
+			'$sel_aprv' => t('Approve selected'),
+			'$h_pending' => (($get_all) ? t('All registrations') : t('Verified registrations waiting for approval')),
+			'$th_pending' => array(t('Request date'), 'dId2', t('Email'), 'IP', t('Requests')),
+			'$no_pending' => (($get_all) ? t('No registrations available') : t('No verified registrations available')),
 			'$approve' => t('Approve'),
 			'$deny' => t('Deny'),
 			'$delete' => t('Delete'),
 			'$block' => t('Block'),
 			'$unblock' => t('Unblock'),
+			'$verified' => t('Verified'),
+			'$not_verified' => t('Not yet verified'),
 			'$odir' => $odir,
 			'$base' => $base,
 			'$h_users' => t('Accounts'),
-			'$th_users' => array( 
+			'$th_users' => array(
 				[ t('ID'), 'account_id' ],
 				[ t('Email'), 'account_email' ],
-				[ t('All Channels'), 'channels' ],
+				[ t('All channels'), 'channels' ],
 				[ t('Register date'), 'account_created' ],
 				[ t('Last login'), 'account_lastlog' ],
 				[ t('Expires'), 'account_expires' ],
-				[ t('Service Class'), 'account_service_class'] ),
-	
-			'$confirm_delete_multi' => t('Selected accounts will be deleted!\n\nEverything these accounts had posted on this site will be permanently deleted!\n\nAre you sure?'),
-			'$confirm_delete' => t('The account {0} will be deleted!\n\nEverything this account has posted on this site will be permanently deleted!\n\nAre you sure?'),
-	
+				[ t('Service class'), 'account_service_class'] ),
+
+			'$confirm_delete_multi' => p2j(t('Selected accounts will be deleted!\n\nEverything these accounts had posted on this site will be permanently deleted!\n\nAre you sure?')),
+			'$confirm_delete' => p2j(t('The account {0} will be deleted!\n\nEverything this account has posted on this site will be permanently deleted!\n\nAre you sure?')),
+
 			'$form_security_token' => get_form_security_token("admin_accounts"),
-	
+
 			// values //
-			'$baseurl' => z_root(),
-	
-			'$pending' => $pending,
-			'$users' => $users,
+			'$baseurl' 	=> z_root(),
+			'$tao'		=> $tao,
+			'$pending' 	=> $pending,
+			'$users' 	=> $users,
+			'$msg'      => t('Message')
 		));
 		$o .= paginate($a);
-	
+
 		return $o;
 	}
-	

 }
+
--- a/Zotlabs/Module/Admin/Channels.php
+++ b/Zotlabs/Module/Admin/Channels.php
@@ -173,4 +173,4 @@ class Channels {
 		return $o;
 	}

-}
+}
--- a/Zotlabs/Module/Admin/Queue.php
+++ b/Zotlabs/Module/Admin/Queue.php
@@ -2,35 +2,35 @@

 namespace Zotlabs\Module\Admin;

-
+use Zotlabs\Lib\Queue as LibQueue;

 class Queue {


-	
+
 	function get() {

 		$o = '';
-	
+
 		$expert = ((array_key_exists('expert',$_REQUEST)) ? intval($_REQUEST['expert']) : 0);
-	
+
 		if($_REQUEST['drophub']) {
 			hubloc_mark_as_down($_REQUEST['drophub']);
-			remove_queue_by_posturl($_REQUEST['drophub']);
+			LibQueue::remove_by_posturl($_REQUEST['drophub']);
 		}
-	
+
 		if($_REQUEST['emptyhub']) {
-			remove_queue_by_posturl($_REQUEST['emptyhub']);
+			LibQueue::remove_by_posturl($_REQUEST['emptyhub']);
 		}
-	
-		$r = q("select count(outq_posturl) as total, max(outq_priority) as priority, outq_posturl from outq 
+
+		$r = q("select count(outq_posturl) as total, max(outq_priority) as priority, outq_posturl from outq
 			where outq_delivered = 0 group by outq_posturl order by total desc");
-	
+
 		for($x = 0; $x < count($r); $x ++) {
 			$r[$x]['eurl'] = urlencode($r[$x]['outq_posturl']);
 			$r[$x]['connected'] = datetime_convert('UTC',date_default_timezone_get(),$r[$x]['connected'],'Y-m-d');
 		}
-	
+
 		$o = replace_macros(get_markup_template('admin_queue.tpl'), array(
 			'$banner' => t('Queue Statistics'),
 			'$numentries' => t('Total Entries'),
@@ -43,11 +43,11 @@ class Queue {
 			'$entries' => $r,
 			'$expert' => $expert
 		));
-	
+
 		return $o;
 	}
-	



-}
+
+}
--- a/Zotlabs/Module/Admin/Site.php
+++ b/Zotlabs/Module/Admin/Site.php
@@ -5,14 +5,25 @@ namespace Zotlabs\Module\Admin;

 class Site {

+
 	/**
 	 * @brief POST handler for Admin Site Page.
 	 *
 	 */
 	function post(){
+		// [hilmar->
+		$this->isajax = is_ajax();
+		$this->eol = $this->isajax ? "\n" : EOL;
+		// ]
 		if (!x($_POST, 'page_site')) {
-			return;
+		// [
+			if (!$this->isajax)
+		// ]
+				return;
 		}
+		// [
+		$this->msgbg = '';
+		// <-hilmar]

 		check_form_security_token_redirectOnErr('/admin/site', 'admin_site');

@@ -24,14 +35,17 @@ class Site {
 		$siteinfo			=	((x($_POST,'siteinfo'))		    ? trim($_POST['siteinfo'])				: '');
 		$language			=	((x($_POST,'language'))			? notags(trim($_POST['language']))			: '');
 		$theme				=	((x($_POST,'theme'))			? notags(trim($_POST['theme']))				: '');
-//		$theme_mobile			=	((x($_POST,'theme_mobile'))		? notags(trim($_POST['theme_mobile']))			: '');
-//		$site_channel			=	((x($_POST,'site_channel'))	? notags(trim($_POST['site_channel']))				: '');
+		//		$theme_mobile			=	((x($_POST,'theme_mobile'))		? notags(trim($_POST['theme_mobile']))			: '');
+		//		$site_channel			=	((x($_POST,'site_channel'))	? notags(trim($_POST['site_channel']))				: '');
 		$maximagesize		=	((x($_POST,'maximagesize'))		? intval(trim($_POST['maximagesize']))				:  0);

 		$register_policy	=	((x($_POST,'register_policy'))	? intval(trim($_POST['register_policy']))	:  0);
+		$register_wo_email	=	((x($_POST,'register_wo_email'))	? intval(trim($_POST['register_wo_email']))	:  0);
 		$minimum_age           = ((x($_POST,'minimum_age'))          ? intval(trim($_POST['minimum_age']))    : 13);
 		$access_policy	=	((x($_POST,'access_policy'))	? intval(trim($_POST['access_policy']))	:  0);
-		$invite_only	= ((x($_POST,'invite_only'))		? True	: False);
+		$reg_autochannel	= ((x($_POST,'auto_channel_create'))		? True	: False);
+		$invitation_only	= ((x($_POST,'invitation_only'))		? True	: False);
+		$invitation_also	= ((x($_POST,'invitation_also'))		? True	: False);
 		$abandon_days	=	((x($_POST,'abandon_days'))	    ? intval(trim($_POST['abandon_days']))	    :  0);

 		$register_text		=	((x($_POST,'register_text'))	? notags(trim($_POST['register_text']))		: '');
@@ -75,6 +89,16 @@ class Site {
 		$maxloadavg        = ((x($_POST,'maxloadavg'))       ? intval(trim($_POST['maxloadavg'])) : 50);
 		$feed_contacts     = ((x($_POST,'feed_contacts'))    ? intval($_POST['feed_contacts'])    : 0);
 		$verify_email      = ((x($_POST,'verify_email'))     ? 1 : 0);
+		$register_perday   = ((x($_POST,'register_perday'))	 ? intval(trim($_POST['register_perday'])) : 50);
+		$register_sameip   = ((x($_POST,'register_sameip'))	 ? intval(trim($_POST['register_sameip'])) : 3);
+
+		$regdelayn 		   = ((x($_POST,'zardelayn'))	 	? intval(trim($_POST['zardelayn'])) : 0);
+		$regdelayu 		   = ((x($_POST,'zardelay'))	 	? notags(trim($_POST['zardelay'])) : '');
+		$reg_delay 		   = (preg_match('/^[a-z]{1,1}$/', $regdelayu) ? $regdelayn . $regdelayu : '');
+		$regexpiren 	   = ((x($_POST,'zarexpiren'))	 	? intval(trim($_POST['zarexpiren'])) : 0);
+		$regexpireu 	   = ((x($_POST,'zarexpire'))	 	? notags(trim($_POST['zarexpire'])) : '');
+		$reg_expire 	   = (preg_match('/^[a-z]{1,1}$/', $regexpireu) ? $regexpiren . $regexpireu : '');
+
 		$imagick_path      = ((x($_POST,'imagick_path'))     ? trim($_POST['imagick_path'])   : '');
 		$force_queue       = ((intval($_POST['force_queue']) > 0) ? intval($_POST['force_queue'])   : 3000);
 		$pub_incl = escape_tags(trim($_POST['pub_incl']));
@@ -82,6 +106,35 @@ class Site {

 		$permissions_role = escape_tags(trim($_POST['permissions_role']));

+		// [hilmar->
+		$this->register_duty = ((x($_POST,'register_duty')) ? notags(trim($_POST['register_duty']))  : '');
+		if (! preg_match('/^[0-9 .,:\-]{0,191}$/', $this->register_duty)) {
+			$this->msgbg .= 'ZAR0131E,' . t('Invalid input') . $this->eol;
+			$this->error++;
+		} else {
+
+			$this->duty();
+
+			if ($this->isajax) {
+				echo json_encode(array('msgbg' => $this->msgbg, 'me' => 'zar'));
+				// that mission is complete
+				killme();
+				exit;
+
+			} else {
+
+				//logger( print_r( $this->msgbg, true) );
+				//logger( print_r( $this->joo, true) );
+				if ($this->error === 0) {
+					set_config('system', 'register_duty', $this->register_duty);
+					set_config('system', 'register_duty_jso', $this->joo);
+				} else {
+					notice('ZAR0130E,'.t('Errors') . ': ' . $this->error) . EOL . $this->msgfg;
+				}
+			}
+		}
+		// <-hilmar]
+
 		set_config('system', 'feed_contacts', $feed_contacts);
 		set_config('system', 'delivery_interval', $delivery_interval);
 		set_config('system', 'delivery_batch_count', $delivery_batch_count);
@@ -96,6 +149,10 @@ class Site {
 		set_config('system', 'login_on_homepage', $login_on_homepage);
 		set_config('system', 'enable_context_help', $enable_context_help);
 		set_config('system', 'verify_email', $verify_email);
+		set_config('system', 'max_daily_registrations', $register_perday);
+		set_config('system', 'register_sameip', $register_sameip);
+		set_config('system', 'register_delay', $reg_delay);
+		set_config('system', 'register_expire', $reg_expire);
 		set_config('system', 'default_expire_days', $default_expire_days);
 		set_config('system', 'active_expire_days', $active_expire_days);
 		set_config('system', 'reply_address', $reply_address);
@@ -126,17 +183,20 @@ class Site {
 		set_config('system','siteinfo',$siteinfo);
 		set_config('system', 'language', $language);
 		set_config('system', 'theme', $theme);
-//		if ( $theme_mobile === '---' ) {
-//			del_config('system', 'mobile_theme');
-//		} else {
-//			set_config('system', 'mobile_theme', $theme_mobile);
-//		}
-	//	set_config('system','site_channel', $site_channel);
+		//		if ( $theme_mobile === '---' ) {
+		//			del_config('system', 'mobile_theme');
+		//		} else {
+		//			set_config('system', 'mobile_theme', $theme_mobile);
+		//		}
+		//	set_config('system','site_channel', $site_channel);
 		set_config('system','maximagesize', $maximagesize);

 		set_config('system','register_policy', $register_policy);
+		set_config('system','register_wo_email', $register_wo_email);
 		set_config('system','minimum_age', $minimum_age);
-		set_config('system','invitation_only', $invite_only);
+		set_config('system','auto_channel_create', $reg_autochannel);
+		set_config('system', 'invitation_only', $invitation_only);
+		set_config('system', 'invitation_also', $invitation_also);
 		set_config('system','access_policy', $access_policy);
 		set_config('system','account_abandon_days', $abandon_days);
 		set_config('system','register_text', $register_text);
@@ -260,6 +320,8 @@ class Site {
 			REGISTER_APPROVE => t("Yes - with approval"),
 			REGISTER_OPEN    => t("Yes")
 		);
+		$this->register_duty = get_config('system', 'register_duty', '-:-');
+		$register_perday = get_config('system','max_daily_registrations', 50);

 		/* Acess policy */
 		$access_choices = Array(
@@ -286,9 +348,66 @@ class Site {
 		$homelogin = get_config('system','login_on_homepage');
 		$enable_context_help = get_config('system','enable_context_help');

+		// for reuse reg_delay and reg_expire
+		$reg_rabots = array(
+ 					'i'	=> t('Minute(s)'),
+ 					'h' => t('Hour(s)')  ,
+ 					'd' => t('Day(s)')   ,
+ 					'w' => t('Week(s)')  ,
+ 					'm' => t('Month(s)') ,
+ 					'y' => t('Year(s)')
+		);
+		$regdelay_n = $regdelay_u = false;
+		$regdelay = get_config('system','register_delay');
+		if ($regdelay)
+			list($regdelay_n, $regdelay_u) = array(substr($regdelay,0,-1),substr($regdelay,-1));
+		$reg_delay = replace_macros(get_markup_template('field_duration.qmc.tpl'),
+			 array(
+			 	'label'  	=> t('Register verification delay'),
+			 	'qmc'	 	=> 'zar',
+				'qmcid'		=> '',
+				'help'		=> t('Time to wait before a registration can be verified'),
+			 	'field' => 	array(
+			 		'name'  => 'delay',
+			 		'title' => t('duration up from now'),
+			 		'value' => ($regdelay_n === false ? 0 : $regdelay_n),
+			 		'min'   => '0',
+			 		'max'   => '99',
+			 		'size'  => '2',
+					'default' => ($regdelay_u === false ? 'i' : $regdelay_u)
+			 	),
+			 	'rabot'	=> 	$reg_rabots
+ 			)
+		);
+		$regexpire_n = $regexpire_u = false;
+		$regexpire = get_config('system','register_expire');
+		if ($regexpire)
+			list($regexpire_n, $regexpire_u) = array(substr($regexpire,0,-1),substr($regexpire,-1));
+		$reg_expire = replace_macros(get_markup_template('field_duration.qmc.tpl'),
+			 array(
+			 	'label'  	=> t('Register verification expiration time'),
+			 	'qmc'	 	=> 'zar',
+				'qmcid'		=> '',
+			 	'help'		=> t('Time before an unverified registration will expire'),
+			 	'field' => 	array(
+			 		'name'  => 'expire',
+			 		'title' => t('duration up from now'),
+			 		'value' => ($regexpire_n === false ? 3 : $regexpire_n),
+			 		'min'  => '0',
+			 		'max'  => '99',
+			 		'size' => '2',
+					'default' => ($regexpire_u === false ? 'd' : $regexpire_u)
+			 	),
+			 	'rabot'	=> 	$reg_rabots
+			 )
+		);
+
+		$tao = '';
 		$t = get_markup_template("admin_site.tpl");
 		return replace_macros($t, array(
 			'$title' => t('Administration'),
+			// interfacing js vars
+			'$tao' => $tao,
 			'$page' => t('Site'),
 			'$submit' => t('Submit'),
 			'$registration' => t('Registration'),
@@ -305,21 +424,87 @@ class Site {
 			'$siteinfo'		=> array('siteinfo', t('Site Information'), get_config('system','siteinfo'), t("Publicly visible description of this site.  Displayed on siteinfo page.  BBCode can be used here")),
 			'$language' 		=> array('language', t("System language"), get_config('system','language'), "", $lang_choices),
 			'$theme' 			=> array('theme', t("System theme"), get_config('system','theme'), t("Default system theme - may be over-ridden by user profiles - <a href='#' id='cnftheme'>change theme settings</a>"), $theme_choices),
-//			'$theme_mobile' 	=> array('theme_mobile', t("Mobile system theme"), get_config('system','mobile_theme'), t("Theme for mobile devices"), $theme_choices_mobile),
-//			'$site_channel' 	=> array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")),
+		//			'$theme_mobile' 	=> array('theme_mobile', t("Mobile system theme"), get_config('system','mobile_theme'), t("Theme for mobile devices"), $theme_choices_mobile),
+		//			'$site_channel' 	=> array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")),
 			'$feed_contacts'    => array('feed_contacts', t('Allow Feeds as Connections'),get_config('system','feed_contacts'),t('(Heavy system resource usage)')),
 			'$maximagesize'		=> array('maximagesize', t("Maximum image size"), intval(get_config('system','maximagesize')), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")),
-			'$register_policy'	=> array('register_policy', t("Does this site allow new member registration?"), get_config('system','register_policy'), "", $register_choices),
-			'$invite_only'		=> array('invite_only', t("Invitation only"), get_config('system','invitation_only'), t("Only allow new member registrations with an invitation code. Above register policy must be set to Yes.")),
 			'$minimum_age'		=> array('minimum_age', t("Minimum age"), (x(get_config('system','minimum_age'))?get_config('system','minimum_age'):13), t("Minimum age (in years) for who may register on this site.")),
 			'$access_policy'	=> array('access_policy', t("Which best describes the types of account offered by this hub?"), get_config('system','access_policy'), t("This is displayed on the public server site list."), $access_choices),
-			'$register_text'	=> array('register_text', t("Register text"), htmlspecialchars(get_config('system','register_text'), ENT_QUOTES, 'UTF-8'), t("Will be displayed prominently on the registration page.")),
+
+			// Register
+			// [hilmar->
+			'$register_text'	=> [
+				'register_text',
+				t("Register text"),
+				htmlspecialchars(get_config('system','register_text'), ENT_QUOTES, 'UTF-8'),
+				t("This text will be displayed prominently at the registration page")
+			],
+			'$register_policy'	=> [
+				'register_policy',
+				t("Does this site allow new member registration?"),
+				get_config('system','register_policy'),
+				"",
+				$register_choices,
+			],
+			'$register_duty' => [
+				'register_duty',
+				t('Configure the registration open days/hours'),
+				get_config('system', 'register_duty', '-:-'),
+				t('Empty or \'-:-\' value will keep registration open 24/7 (default)') . EOL .
+				t('Weekdays and hours must be separated by colon \':\', From-To ranges with a dash `-` example: 1:800-1200') . EOL .
+				t('Weekday:Hour pairs must be separated by space \' \' example: 1:900-1700 2:900-1700') . EOL .
+				t('From-To ranges must be separated by comma \',\' example: 1:800-1200,1300-1700 or 1-2,4-5:900-1700') . EOL .
+				t('Advanced examples:') . ' 1-5:0900-1200,1300-1700 6:900-1230 ' . t('or') . ' 1-2,4-5:800-1800<br>' . EOL .
+				'<a id="zar083a" class="btn btn-sm btn-outline-secondary zuia">' . t('Check your configuration') . '</a>'. EOL
+			],
+			'$register_perday' => [
+				'register_perday',
+				t('Max account registrations per day'),
+				get_config('system', 'max_daily_registrations', 50),
+				t('Unlimited if zero or no value - default 50')
+			],
+			'$register_sameip' => [
+				'register_sameip',
+				t('Max account registrations from same IP'),
+				get_config('system', 'register_sameip', 3),
+				t('Unlimited if zero or no value - default 3')
+			],
+			'$reg_delay' => $reg_delay,
+			'$reg_expire' => $reg_expire,
+			'$reg_autochannel'		=> [
+				'auto_channel_create',
+				t("Auto channel create"),
+				get_config('system','auto_channel_create', 1),
+				t("If disabled the channel will be created in a separate step during the registration process")
+			],
+			'$invitation_only' => [
+				'invitation_only',
+				t("Require invite code"),
+				get_config('system', 'invitation_only', 0)
+			],
+			'$invitation_also' => [
+				'invitation_also',
+				t("Allow invite code"),
+				get_config('system', 'invitation_also', 0)
+			],
+			'$verify_email'		=> [
+				'verify_email',
+				t("Require email address"),
+				get_config('system','verify_email'),
+				t("The provided email address will be verified (recommended)")
+			],
+			'$abandon_days' => [
+				'abandon_days',
+				t('Abandon account after x days'),
+				get_config('system','account_abandon_days'),
+				t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.')
+			],
+			// <-hilmar]
+
 			'$role'         => $role,
 			'$frontpage'	=> array('frontpage', t("Site homepage to show visitors (default: login box)"), get_config('system','frontpage'), t("example: 'pubstream' to show public stream, 'page/sys/home' to show a system webpage called 'home' or 'include:home.html' to include a file.")),
 			'$mirror_frontpage'	=> array('mirror_frontpage', t("Preserve site homepage URL"), get_config('system','mirror_frontpage'), t('Present the site homepage in a frame at the original location instead of redirecting')),
-			'$abandon_days'     => array('abandon_days', t('Accounts abandoned after x days'), get_config('system','account_abandon_days'), t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.')),
 			'$allowed_sites'	=> array('allowed_sites', t("Allowed friend domains"), get_config('system','allowed_sites'), t("Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains")),
-			'$verify_email'		=> array('verify_email', t("Verify Email Addresses"), get_config('system','verify_email'), t("Check to verify email addresses used in account registration (recommended).")),
 			'$force_publish'	=> array('publish_all', t("Force publish"), get_config('system','publish_all'), t("Check to force all profiles on this site to be listed in the site directory.")),
 			'$disable_discover_tab'	=> array('disable_discover_tab', t('Import Public Streams'), $discover_tab, t('Import and allow access to public content pulled from other sites. Warning: this content is unmoderated.')),
 			'$site_firehose'	=> array('site_firehose', t('Site only Public Streams'), get_config('system','site_firehose'), t('Allow access to public content originating only from this site if Imported Public Streams are disabled.')),
@@ -350,15 +535,184 @@ class Site {
 			'$maxloadavg'			=> array('maxloadavg', t("Maximum Load Average"), ((intval(get_config('system','maxloadavg')) > 0)?get_config('system','maxloadavg'):50), t("Maximum system load before delivery and poll processes are deferred - default 50.")),
 			'$default_expire_days' => array('default_expire_days', t('Expiration period in days for imported (grid/network) content'), intval(get_config('system','default_expire_days')), t('0 for no expiration of imported content')),
 			'$active_expire_days' => array('active_expire_days', t('Do not expire any posts which have comments less than this many days ago'), intval(get_config('system','active_expire_days',7)), ''),
-
 			'$sellpage' => array('site_sellpage', t('Public servers: Optional landing (marketing) webpage for new registrants'), get_config('system','sellpage',''), sprintf( t('Create this page first. Default is %s/register'),z_root())),
 			'$first_page' => array('first_page', t('Page to display after creating a new channel'), get_config('system','workflow_channel_next','profiles'), t('Default: profiles')),
-
 			'$location' => array('site_location', t('Optional: site location'), get_config('system','site_location',''), t('Region or country')),
-
-
 			'$form_security_token' => get_form_security_token("admin_site"),
 		));
 	}

+	/**
+	 * @brief Admin page site common post submit and ajax interaction
+	 * @author hilmar runge
+	 * @since  2020-02-04
+	 * Configure register office duty weekdays and hours
+	 * Syntax: weekdays:hours [weekdays:hours]
+	 *         [.d[,d-d.]]]:hhmm-hhmm[,hhmm-hhmm...]
+	 *		   ranges are between blanks, days are 1-7, where 1 = Monday
+	 *		   hours are [h]hmm 3-4digit 24 clock values
+	 *      ie 0900-1200,1300-1800 for hours
+	 *      ie 1-2,4,5 for weekdays
+	 *		ie 1-2:900-1800		monday and tuesday open from 9 to 18h
+	 *
+	 * @var $register_duty is the input field from the admin -> site page
+	 * @return the results are in the class vars $error, $msgbg and $jsoo
+	 *		$jsoo is
+	 */
+
+	// 3-4 digit 24h clock regex
+	const regxTime34 = '/^(?:2[0-3]|[01][0-9]|[0-9])[0-5][0-9]$/';
+	var $wdconst = array('','mo','tu','we','th','fr','sa','so');
+
+	// in
+	var $register_duty;
+	// intermediate
+	var $isajax;
+	// return
+	var $jsoo;
+	var $msgbg;
+	var $error = 0;
+	var $msgfg = '';
+
+	private function duty() {
+
+		$aro=array_fill(1, 7, 0);
+
+		if ($this->isajax) {
+			$op = (preg_match('/[a-z]{2,4}/', $_REQUEST['zarop'])) ? $_REQUEST['zarop'] : '';
+			if ($op == 'zar083') {
+				$this->msgbg = 'Testmode:' . $this->eol . $this->msgbg;
+			} else {
+				killme();
+				exit;
+			}
+		}
+
+		$ranges = preg_split('/\s+/', $this->register_duty);
+		$this->msgbg .= '..ranges: ' . print_r(count($ranges),true) . $this->eol;
+
+		foreach ($ranges as $rn => $range) {
+			list($ws,$hs,) = explode(':', $range);
+
+			$ws ? $arw = explode( ',', $ws) : $arw=array();
+			$this->msgbg .= ($rn+1).'.weekday ranges: ' . count($arw) . $this->eol;
+			// $this->msgbg .= print_r($arw,true);
+			$hs ? $arh = explode( ',', $hs) : $arh=array();
+			$this->msgbg .= ($rn+1).'.hour ranges: ' . count($arh) . $this->eol;
+
+			$this->msgbg .= ($rn+1).'.wdays: ' . ( $ws ? print_r($ws,true) : 'none') . ' : '
+					.  ' hours: ' . print_r($hs,true) . $this->eol;
+
+			// several hs may belog to one wd
+			// aro[0] is tmp store
+			foreach ($arh as $hs) {
+				list($ho,$hc,) = explode( '-', $hs );
+
+				// no value forces open very early, and be sure having valid hhmm values
+				!$ho ? $ho = "0000" : '';
+				!$hc ? $hc = "0000" : ''; // pseudo
+				if (preg_match(self::regxTime34, $ho)
+				 && preg_match(self::regxTime34, $hc)) {
+
+					// fix pseudo, allow no reverse range
+					$hc == "0000" || $ho > $hc ? $hc = "2400" : '';
+
+					$aro[0][$ho] = 0;
+					$aro[0][$hc] = 1;
+
+					$this->msgbg .= ($ho ? ' .open:' . $ho : '') . ($hc ? ' close:' . $hc : '') .$this->eol;
+				} else {
+					$this->msgbg .= ' .' . t('Invalid 24h time value (hhmm/hmm)') . $this->eol;
+					$this->msgfg  .= ' .ZAR0132E,' . t('Invalid 24h time value (hhmm/hmm)') . $this->eol;
+					$this->error++;
+				}
+			}
+
+			// the weekday(s) values or ranges
+			foreach ($arw as $ds) {
+				$wd=explode('-', $ds);
+				array_key_exists("1", $wd) && $wd[1]=="" ? $wd[1] = "7" : '';	 // a case 3-
+				array_key_exists("1", $wd) && $wd[0]=="" ? $wd[0] = "1" : '';	 // a case -3
+				!array_key_exists("1", $wd)				 ? $wd[1] = $wd[0] : ''; // a case 3
+				if ($wd[0] > $wd[1]) continue; //  reverse order will be ignored // a case 5-3
+				if (preg_match('/^[1-7]{1}$/', $wd[0])) {
+					if (preg_match('/^[1-7]{1}$/', $wd[1])) {
+						// $this->msgbg .= print_r($wd,true);
+						for ($i=$wd[0]; $i<=$wd[1]; $i++) {
+							// take the tmp store for the selected day(s)
+							$aro[$i]=$aro[0];
+						}
+					}
+				}
+			}
+			//$this->msgbg .= 'aro0: ' . print_r($aro,true) . $this->eol; // 4devels
+			// clear the tmp store
+			$aro[0]=array();
+		}
+		// discart the tmp store
+		unset($aro[0]);
+		// not configured days close at the beginning 0000h
+		for ($i=1;$i<=7;$i++) { is_array($aro[$i]) ? '' : $aro[$i] = array("0000" => 1); }
+		// $this->msgbg .= 'aro: ' . print_r($aro,true) . $this->eol; // 4devels
+
+		if ($this->isajax) {
+			// tell what we have
+			// $this->msgbg .= 'aro0: ' . print_r($aro,true) . $this->eol; // 4devels
+			$this->msgbg .= 'Duty time table:' . $this->eol;
+			foreach ($aro as $dow => $hrs) {
+				$this->msgbg .= ' ' . $this->wdconst[$dow] . ' ';
+				// $this->msgbg .= '**' . print_r($hrs,true);
+				foreach ($hrs as $h => $o) {
+					$this->msgbg .= ((!$o) ? $h . ':open' : $h . ':close') . ', ';
+				}
+				$this->msgbg = rtrim($this->msgbg, ', ') . $this->eol;
+			}
+
+			$this->msgbg .= 'Generating 6 random times to check duty hours: ' . $this->eol;
+			// we only need some random dates from anyway in past or future
+			// because only the weekday and the clock is to test
+			for ($i=0; $i<6; $i++) {
+				$adow = rand(1, 7); // 1 to 7 (days)
+				$cdow = $this->wdconst[$adow];
+				// below is the essential algo to verify a date (of format Hi) meets an open or closed condition
+				$t = date('Hi', ( rand(time(), 60*60*24+time()) ) );
+				$how='close';
+				foreach ($aro[$adow] as $o => $v) {
+					// $this->msgbg .= 'debug: ' . $o . ' gt ' . $t . ' / ' . $v . $this->eol; // 4devels
+					if ($o > $t) {
+						$how = ($v ? 'open' : 'close');
+						break;
+					}
+				}
+				// now we know
+				$this->msgbg .= ' ' . $cdow . '.' . $t . '=' . $how . ', ';
+			}
+			$this->msgbg = rtrim($this->msgbg, ', ') . $this->eol;
+		}
+
+		/*
+		//$jov1 = array( 'view1' => $aro, 'view2' => '');
+		$jov2=array();
+		foreach ($aro as $d => $ts) {
+			foreach ($ts as $t => $ft) {
+				$jov2['view2'][$ft][] = $d.$t;
+				//$ft=="1" && $t=="0000" ? $jov2['view2']["0"][] = $d."2400" : '';
+			}
+		}
+		 $this->msgbg .= print_r($jov2, true) . $this->eol; // 4devels
+		*/
+
+		$this->joo = json_encode($aro);
+		// $this->msgbg .= $this->joo . $this->eol; // 4devels
+		// $this->msgbg .= print_r($aro, true) . $this->eol; // 4devels
+		$okko = (json_decode($this->joo, true) ? true : false);
+		if (!$okko) {
+			$this->msgbg .= 'ZAR0139D,json 4 duty KO crash' . $this->eol;
+			$this->msgfg .= 'ZAR0139D,json 4 duty KO crash' . $this->eol;
+			$this->error++;
+		}
+		return ;
+	}
+
+
 }
--- a/Zotlabs/Module/Article_edit.php
+++ b/Zotlabs/Module/Article_edit.php
@@ -85,7 +85,6 @@ class Article_edit extends \Zotlabs\Web\Controller {

 		$mimetype = $itm[0]['mimetype'];

-		$summary = (($itm[0]['summary']) ? '[summary]' . $itm[0]['summary'] . '[/summary]' . "\r\n" : '');
 		$content = $itm[0]['body'];

 		$rp = 'articles/' . $channel['channel_address'];
@@ -109,7 +108,7 @@ class Article_edit extends \Zotlabs\Web\Controller {
 			'ptyp' => $itm[0]['type'],
 			'mimeselect' => false,
 			'mimetype' => $itm[0]['mimetype'],
-			'body' => $summary . undo_post_tagging($content),
+			'body' => undo_post_tagging($content),
 			'post_id' => $post_id,
 			'visitor' => true,
 			'title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'),
--- a/Zotlabs/Module/Authtest.php
+++ b/Zotlabs/Module/Authtest.php
@@ -1,41 +1,38 @@
 <?php
 namespace Zotlabs\Module;

-require_once('include/zot.php');
-
-
 class Authtest extends \Zotlabs\Web\Controller {

 	function get() {
-	
-	
+
+
 		$auth_success = false;
 		$o .= '<h3>Magic-Auth Diagnostic</h3>';
-	
+
 		if(! local_channel()) {
 			notice( t('Permission denied.') . EOL);
 			return $o;
 		}
-	
+
 		$o .= '<form action="authtest" method="get">';
 		$o .= 'Target URL: <input type="text" style="width: 250px;" name="dest" value="' . $_GET['dest'] .'" />';
-		$o .= '<input type="submit" name="submit" value="Submit" /></form>'; 
-	
+		$o .= '<input type="submit" name="submit" value="Submit" /></form>';
+
 		$o .= '<br /><br />';
-	
+
 		if(x($_GET,'dest')) {
 			if(strpos($_GET['dest'],'@')) {
 				$_GET['dest'] = $_REQUEST['dest'] = 'https://' . substr($_GET['dest'],strpos($_GET['dest'],'@')+1) . '/channel/' . substr($_GET['dest'],0,strpos($_GET['dest'],'@'));
 			}
-	
+
 			$_REQUEST['test'] = 1;
 			$mod = new Magic();
 			$x = $mod->init($a);

 			$o .= 'Local Setup returns: ' . print_r($x,true);
-	
-	
-	
+
+
+
 			if($x['url']) {
 				$z = z_fetch_url($x['url'] . '&test=1');
 				if($z['success']) {
@@ -50,12 +47,12 @@ class Authtest extends \Zotlabs\Web\Controller {
 					$o .= 'fetch url failure.' . print_r($z,true);
 				}
 			}
-	
+
 			if(! $auth_success)
 				$o .= 'Authentication Failed!' . EOL;
 		}
-	
+
 		return str_replace("\n",'<br />',$o);
 	}
-	
+
 }
--- a/Zotlabs/Module/Bookmarks.php
+++ b/Zotlabs/Module/Bookmarks.php
@@ -16,8 +16,8 @@ class Bookmarks extends \Zotlabs\Web\Controller {

 		nav_set_selected('Bookmarks');

-		$item_id = intval($_REQUEST['item']);
-		$burl = trim($_REQUEST['burl']);
+		$item_id = (isset($_REQUEST['item']) ? $_REQUEST['item'] : false);
+		$burl    = (isset($_REQUEST['burl']) ? trim($_REQUEST['burl']) : '');
 	
 		if(! $item_id)
 			return;
@@ -38,7 +38,7 @@ class Bookmarks extends \Zotlabs\Web\Controller {
 	
 		$item = $i[0];
 	
-		$terms = get_terms_oftype($item['term'],TERM_BOOKMARK);
+		$terms = (x($item, 'term') ? get_terms_oftype($item['term'],TERM_BOOKMARK) : false);
 	
 		if($terms) {
 			require_once('include/bookmarks.php');
--- a/Zotlabs/Module/Cal.php
+++ b/Zotlabs/Module/Cal.php
@@ -19,45 +19,45 @@ class Cal extends Controller {
 		if(observer_prohibited()) {
 			return;
 		}
-	
+
 		if(argc() > 1) {
 			$nick = argv(1);
-	
+
 			profile_load($nick);
-	
+
 			$channelx = channelx_by_nick($nick);
-	
+
 			if(! $channelx) {
 				notice( t('Channel not found.') . EOL);
 				return;
 			}
-	
+
 			App::$data['channel'] = $channelx;
-	
+
 			$observer = App::get_observer();
 			App::$data['observer'] = $observer;
-	
+
 			head_set_icon(App::$data['channel']['xchan_photo_s']);
-	
+
 			App::$page['htmlhead'] .= "<script> var profile_uid = " . ((App::$data['channel']) ? App::$data['channel']['channel_id'] : 0) . "; </script>" ;
-	
+
 		}
-	
+
 		return;
 	}
-	
-	
-	
+
+
+
 	function get() {
-	
+
 		if(observer_prohibited()) {
 			return;
 		}
-		
+
 		$channel = App::$data['channel'];

 		// since we don't currently have an event permission - use the stream permission
-	
+
 		if(! perm_is_allowed($channel['channel_id'], get_observer_hash(), 'view_stream')) {
 			notice( t('Permissions denied.') . EOL);
 			return;
@@ -76,10 +76,10 @@ class Cal extends Controller {

 		if(! perm_is_allowed($channel['channel_id'], get_observer_hash(), 'view_contacts') || App::$profile['hide_friends'])
 			$sql_extra .= " and etype != 'birthday' ";
-	
+
 		$first_day = feature_enabled($channel['channel_id'], 'cal_first_day');
 		$first_day = (($first_day) ? $first_day : 0);
-	
+
 		$start = '';
 		$finish = '';

@@ -87,7 +87,7 @@ class Cal extends Controller {
 			if (x($_GET,'start'))	$start = $_GET['start'];
 			if (x($_GET,'end'))	$finish = $_GET['end'];
 		}
-	
+
 		$start  = datetime_convert('UTC','UTC',$start);
 		$finish = datetime_convert('UTC','UTC',$finish);
 		$adjust_start = datetime_convert('UTC', date_default_timezone_get(), $start);
@@ -107,10 +107,10 @@ class Cal extends Controller {
 			// Noting this for now - it will need to be fixed here and in Friendica.
 			// Ultimately the finish date shouldn't be involved in the query.
 			$r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan, item.id as item_id
-				from event left join item on event.event_hash = item.resource_id 
-				where item.resource_type = 'event' and event.uid = %d and event.uid = item.uid 
-				AND (( event.adjust = 0 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' ) 
-				OR (  event.adjust = 1 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' )) 
+				from event left join item on event.event_hash = item.resource_id
+				where item.resource_type = 'event' and event.uid = %d and event.uid = item.uid
+				AND (( event.adjust = 0 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' )
+				OR (  event.adjust = 1 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' ))
 				$sql_extra",
 				intval($channel['channel_id']),
 				dbesc($start),
@@ -119,7 +119,7 @@ class Cal extends Controller {
 				dbesc($adjust_finish)
 			);
 		}
-	
+
 		if($r) {
 			xchan_query($r);
 			$r = fetch_post_tags($r,true);
@@ -127,20 +127,16 @@ class Cal extends Controller {
 		}

 		$events = [];
-	
+
 		if($r) {

 			foreach($r as $rr) {

-				$tz = get_iconfig($rr, 'event', 'timezone');
-				if(! $tz)
-					$tz = 'UTC';
-
-				$start = (($rr['adjust']) ? datetime_convert($tz, date_default_timezone_get(), $rr['dtstart'], 'c') : datetime_convert('UTC', 'UTC', $rr['dtstart'], 'c'));
+				$start = (($rr['adjust']) ? datetime_convert('UTC', date_default_timezone_get(), $rr['dtstart'], 'c') : datetime_convert('UTC', 'UTC', $rr['dtstart'], 'c'));
 				if ($rr['nofinish']){
 					$end = null;
 				} else {
-					$end = (($rr['adjust']) ? datetime_convert($tz, date_default_timezone_get(), $rr['dtend'], 'c') : datetime_convert('UTC', 'UTC', $rr['dtend'], 'c'));
+					$end = (($rr['adjust']) ? datetime_convert('UTC', date_default_timezone_get(), $rr['dtend'], 'c') : datetime_convert('UTC', 'UTC', $rr['dtend'], 'c'));
 				}

 				$html = '';
@@ -149,6 +145,10 @@ class Cal extends Controller {
 					$html = format_event_html($rr);
 				}

+				$tz = get_iconfig($rr, 'event', 'timezone');
+				if(! $tz)
+					$tz = 'UTC';
+
 				$events[] = array(
 					'calendar_id' => 'channel_calendar',
 					'rw' => true,
@@ -178,7 +178,7 @@ class Cal extends Controller {
 			echo json_encode($events);
 			killme();
 		}
-			
+
 		if (x($_GET,'id')) {
 			$o = replace_macros(get_markup_template("cal_event.tpl"), [
 				'$events' => $events
@@ -210,7 +210,7 @@ class Cal extends Controller {
 		]);

 		return $o;
-	
+
 	}
-	
+
 }
--- a/Zotlabs/Module/Cdav.php
+++ b/Zotlabs/Module/Cdav.php
@@ -135,7 +135,7 @@ class Cdav extends Controller {
 			$auth = new \Zotlabs\Storage\BasicAuth();
 			$auth->setRealm(ucfirst(\Zotlabs\Lib\System::get_platform_name()) . 'CalDAV/CardDAV');

-			if (local_channel()) {
+			if(local_channel()) {

 				logger('loggedin');

@@ -153,9 +153,9 @@ class Cdav extends Controller {
 				$auth->observer = $channel['channel_hash'];

 				$principalUri = 'principals/' . $channel['channel_address'];
-				if(!cdav_principal($principalUri)) {
+				if(! cdav_principal($principalUri)) {
 					$this->activate($pdo, $channel);
-					if(!cdav_principal($principalUri)) {
+					if(! cdav_principal($principalUri)) {
 						return;
 					}
 				}
@@ -168,21 +168,24 @@ class Cdav extends Controller {

 			if($httpmethod === 'PUT' || $httpmethod === 'DELETE') {

+				$channel = channelx_by_nick(argv(2));
+				$principalUri = 'principals/' . $channel['channel_address'];
 				$httpuri = $_SERVER['REQUEST_URI'];

 				logger("debug: method: " . $httpmethod, LOGGER_DEBUG);
 				logger("debug: uri: " . $httpuri, LOGGER_DEBUG);

-				if(strpos($httpuri, 'cdav/addressbooks')) {
+				if(strpos($httpuri, 'cdav/addressbooks') !== false) {
 					$sync = 'addressbook';
 					$cdavtable = 'addressbooks';
 				}
-				elseif(strpos($httpuri, 'cdav/calendars')) {
+				elseif(strpos($httpuri, 'cdav/calendars') !== false) {
 					$sync = 'calendar';
 					$cdavtable = 'calendarinstances';
 				}
-				else
+				else {
 					$sync = false;
+				}

 				if($sync) {

@@ -191,14 +194,13 @@ class Cdav extends Controller {

 					logger("debug: body: " . $httpbody, LOGGER_DEBUG);

-					if($x = get_cdav_id($principalUri, explode("/", $httpuri)[4], $cdavtable)) {
+					if($x = get_cdav_id($principalUri, argv(3), $cdavtable)) {

 						$cdavdata = $this->get_cdav_data($x['id'], $cdavtable);
-
 						$etag = (isset($_SERVER['HTTP_IF_MATCH']) ? $_SERVER['HTTP_IF_MATCH'] : false);

 						// delete
-						if($httpmethod === 'DELETE' && $cdavdata['etag'] == $etag)
+						if($httpmethod === 'DELETE' && $cdavdata['etag'] == $etag) {
 							Libsync::build_sync_packet($channel['channel_id'], [
 								$sync => [
 									'action' => 'delete_card',
@@ -206,18 +208,18 @@ class Cdav extends Controller {
 									'carduri' => $uri
 								]
 							]);
+						}
 						else {
-							if($etag) {
+							if($etag && $cdavdata['etag'] !== $etag) {
 								// update
-								if($cdavdata['etag'] !== $etag)
-								    Libsync::build_sync_packet($channel['channel_id'], [
-									    $sync => [
-										    'action' => 'update_card',
-										    'uri' => $cdavdata['uri'],
-										    'carduri' => $uri,
-										    'card' => $httpbody
-									    ]
-								    ]);
+								Libsync::build_sync_packet($channel['channel_id'], [
+									$sync => [
+										'action' => 'update_card',
+										'uri' => $cdavdata['uri'],
+										'carduri' => $uri,
+										'card' => $httpbody
+									]
+								]);
 							}
 							else {
 								// new
@@ -235,7 +237,6 @@ class Cdav extends Controller {
 				}
 			}

-
 			$principalBackend = new \Sabre\DAVACL\PrincipalBackend\PDO($pdo);
 			$carddavBackend   = new \Sabre\CardDAV\Backend\PDO($pdo);
 			$caldavBackend    = new \Sabre\CalDAV\Backend\PDO($pdo);
@@ -268,7 +269,7 @@ class Cdav extends Controller {

 			// Plugins
 			$server->addPlugin(new \Sabre\DAV\Auth\Plugin($auth));
-			//$server->addPlugin(new \Sabre\DAV\Browser\Plugin());
+			// $server->addPlugin(new \Sabre\DAV\Browser\Plugin());
 			$server->addPlugin(new \Sabre\DAV\Sync\Plugin());
 			$server->addPlugin(new \Sabre\DAV\Sharing\Plugin());
 			$server->addPlugin(new \Sabre\DAVACL\Plugin());
@@ -276,7 +277,7 @@ class Cdav extends Controller {
 			// CalDAV plugins
 			$server->addPlugin(new \Sabre\CalDAV\Plugin());
 			$server->addPlugin(new \Sabre\CalDAV\SharingPlugin());
-			//$server->addPlugin(new \Sabre\CalDAV\Schedule\Plugin());
+			// $server->addPlugin(new \Sabre\CalDAV\Schedule\Plugin());
 			$server->addPlugin(new \Sabre\CalDAV\ICSExportPlugin());

 			// CardDAV plugins
@@ -1058,6 +1059,7 @@ class Cdav extends Controller {
 				'$cancel' => t('Cancel'),
 				'$create' => t('Create'),
 				'$recurrence_warning' => t('Sorry! Editing of recurrent events is not yet implemented.'),
+				'$disabled_warning' => t('Could not fetch calendar resource. The selected calendar might be disabled.'),

 				'$channel_hash' => $channel['channel_hash'],
 				'$acl' => $acl,
--- a/Zotlabs/Module/Channel.php
+++ b/Zotlabs/Module/Channel.php
@@ -27,8 +27,8 @@ class Channel extends Controller {

 	function init() {

-		if (in_array(substr($_GET['search'], 0, 1), ['@', '!', '?']) || strpos($_GET['search'], 'https://') === 0)
-			goaway('search' . '?f=&search=' . $_GET['search']);
+		if (array_key_exists('search', $_GET) && (in_array(substr($_GET['search'], 0, 1), ['@', '!', '?']) || strpos($_GET['search'], 'https://') === 0))
+			goaway(z_root() . '/search?f=&search=' . $_GET['search']);

 		$which = null;
 		if (argc() > 1)
@@ -46,14 +46,22 @@ class Channel extends Controller {
 		}

 		$profile = 0;
-		$channel = App::get_channel();

 		if ((local_channel()) && (argc() > 2) && (argv(2) === 'view')) {
+			$channel = App::get_channel();
 			$which   = $channel['channel_address'];
 			$profile = argv(1);
 		}

-		$channel = channelx_by_nick($which);
+
+		// Do not use channelx_by_nick() here since it will dismiss deleted channels.
+		// We need to provide zotinfo for deleted channels so that directories can pick up the info.
+		$r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_address = '%s' LIMIT 1",
+			dbesc($which)
+		);
+
+		$channel = $r[0];
+
 		if (!$channel) {
 			http_status_exit(404, 'Not found');
 		}
@@ -83,12 +91,17 @@ class Channel extends Controller {
 				'Digest'           => HTTPSig::generate_digest_header($data),
 				'(request-target)' => strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI']
 			];
-			$h       = HTTPSig::create_sig($headers, $channel['channel_prvkey'], channel_url($channel));
+
+			$h = HTTPSig::create_sig($headers, $channel['channel_prvkey'], channel_url($channel));
 			HTTPSig::set_headers($h);
 			echo $data;
 			killme();
 		}

+		if ($channel['channel_removed']) {
+			http_status_exit(404, 'Not found');
+		}
+
 		if (ActivityStreams::is_as_request($channel)) {

 			// Somebody may attempt an ActivityStreams fetch on one of our message permalinks
@@ -155,7 +168,7 @@ class Channel extends Controller {
 				intval($channel['channel_id'])
 			);

-		opengraph_add_meta($r ? $r[0] : [], $channel);
+		opengraph_add_meta((isset($r) && count($r) ? $r[0] : []), $channel);
 	}

 	function get($update = 0, $load = false) {
@@ -168,7 +181,7 @@ class Channel extends Controller {

 		if (strpos($mid, 'b64.') === 0)
 			$decoded = @base64url_decode(substr($mid, 4));
-		if ($decoded)
+		if (isset($decoded))
 			$mid = $decoded;

 		$datequery  = ((x($_GET, 'dend') && is_a_date_arg($_GET['dend'])) ? notags($_GET['dend']) : '');
@@ -308,9 +321,9 @@ class Channel extends Controller {
 		if (($update) && (!$load)) {

 			if ($mid) {
-				$r = q("SELECT parent AS item_id from item where mid like '%s' and uid = %d $item_normal_update
+				$r = q("SELECT parent AS item_id from item where mid = '%s' and uid = %d $item_normal_update
 					AND item_wall = 1 $simple_update $sql_extra limit 1",
-					dbesc($mid . '%'),
+					dbesc($mid),
 					intval(App::$profile['profile_uid'])
 				);
 			}
@@ -328,6 +341,7 @@ class Channel extends Controller {
 		}
 		else {

+			$sql_extra2 = '';
 			if (x($category)) {
 				$sql_extra2 .= protect_sprintf(term_item_parent_query(App::$profile['profile_uid'], 'item', $category, TERM_CATEGORY));
 			}
@@ -355,9 +369,9 @@ class Channel extends Controller {

 			if ($noscript_content || $load) {
 				if ($mid) {
-					$r = q("SELECT parent AS item_id from item where mid like '%s' and uid = %d $item_normal
+					$r = q("SELECT parent AS item_id from item where mid = '%s' and uid = %d $item_normal
 						AND item_wall = 1 $sql_extra limit 1",
-						dbesc($mid . '%'),
+						dbesc($mid),
 						intval(App::$profile['profile_uid'])
 					);
 					if (!$r) {
@@ -419,7 +433,7 @@ class Channel extends Controller {

 		if ((!$update) && (!$load)) {

-			if ($decoded)
+			if (isset($decoded))
 				$mid = 'b64.' . base64url_encode($mid);

 			// This is ugly, but we can't pass the profile_uid through the session to the ajax updater,
@@ -485,7 +499,7 @@ class Channel extends Controller {

 			$o .= conversation($items, $mode, $update, $page_mode);

-			if ($mid && $items[0]['title'])
+			if ($mid && count($items) > 0 && isset($items[0]['title']))
 				App::$page['title'] = $items[0]['title'] . " - " . App::$page['title'];

 		}
--- a/Zotlabs/Module/Channel_calendar.php
+++ b/Zotlabs/Module/Channel_calendar.php
@@ -116,7 +116,7 @@ class Channel_calendar extends Controller {

 		if ($results) {
 			// Set permissions based on tag replacements
-			set_linkified_perms($results, $str_contact_allow, $str_group_allow, $uid, false, $private);
+			set_linkified_perms($results, $str_contact_allow, $str_group_allow, $uid, $private);

 			foreach ($results as $result) {
 				$success = $result['success'];
--- a/Zotlabs/Module/Chanview.php
+++ b/Zotlabs/Module/Chanview.php
@@ -10,12 +10,12 @@ use Zotlabs\Lib\Zotfinger;
 class Chanview extends \Zotlabs\Web\Controller {

 	function get() {
-	
+
 		$observer = App::get_observer();
 		$xchan = null;
-	
+
 		$r = null;
-	
+
 		if($_REQUEST['hash']) {
 			$r = q("select * from xchan where xchan_hash = '%s'",
 				dbesc($_REQUEST['hash'])
@@ -27,18 +27,18 @@ class Chanview extends \Zotlabs\Web\Controller {
 			);
 		}
 		elseif(local_channel() && intval($_REQUEST['cid'])) {
-			$r = q("SELECT abook.*, xchan.* 
+			$r = q("SELECT abook.*, xchan.*
 				FROM abook left join xchan on abook_xchan = xchan_hash
 				WHERE abook_channel = %d and abook_id = %d",
 				intval(local_channel()),
 				intval($_REQUEST['cid'])
 			);
-		}	
+		}
 		elseif($_REQUEST['url']) {
-	
+
 			// if somebody re-installed they will have more than one xchan, use the most recent name date as this is
-			// the most useful consistently ascending table item we have. 
-	
+			// the most useful consistently ascending table item we have.
+
 			$r = q("select * from xchan where xchan_url = '%s' order by xchan_name_date desc",
 				dbesc($_REQUEST['url'])
 			);
@@ -46,13 +46,13 @@ class Chanview extends \Zotlabs\Web\Controller {
 		if($r) {
 			App::$poi = Libzot::zot_record_preferred($r, 'xchan_network');
 		}
-	
-	
+
+
 		// Here, let's see if we have an xchan. If we don't, how we proceed is determined by what
-		// info we do have. If it's a URL, we can offer to visit it directly. If it's a webbie or 
-		// address, we can and should try to import it. If it's just a hash, we can't continue, but we 
+		// info we do have. If it's a URL, we can offer to visit it directly. If it's a webbie or
+		// address, we can and should try to import it. If it's just a hash, we can't continue, but we
 		// probably wouldn't have a hash if we don't already have an xchan for this channel.
-	
+
 		if(! App::$poi) {
 			logger('mod_chanview: fallback');

@@ -90,7 +90,7 @@ class Chanview extends \Zotlabs\Web\Controller {
 				}
 			}
 		}
-	
+
 		if(! App::$poi) {
 			notice( t('Channel not found.') . EOL);
 			return;
@@ -98,9 +98,9 @@ class Chanview extends \Zotlabs\Web\Controller {

 		$is_zot = false;
 		$connected = false;
-	
+
 		$url = App::$poi['xchan_url'];
-		if(in_array(App::$poi['xchan_network'], ['zot', 'zot6'])) {
+		if(App::$poi['xchan_network'] === 'zot6') {
 			$is_zot = true;
 		}
 		if(local_channel()) {
@@ -111,29 +111,29 @@ class Chanview extends \Zotlabs\Web\Controller {
 			if($c)
 				$connected = true;
 		}
-		
-		// We will load the chanview template if it's a foreign network, 
+
+		// We will load the chanview template if it's a foreign network,
 		// just so that we can provide a connect button along with a profile
 		// photo. Chances are we can't load the remote profile into an iframe
 		// because of cross-domain security headers. So provide a link to
-		// the remote profile. 
+		// the remote profile.
 		// If we are already connected, just go to the profile.
 		// Zot channels will usually have a connect link.
-	
+
 		if($is_zot || $connected) {
 			if($is_zot && $observer) {
 				$url = zid($url);
 			}
 			goaway($url);
 		}
-		else {	
+		else {
 			$o = replace_macros(get_markup_template('chanview.tpl'),array(
 				'$url' => $url,
 				'$full' => t('toggle full screen mode')
 			));
-	
+
 			return $o;
 		}
 	}
-	
+
 }
--- a/Zotlabs/Module/Cloud.php
+++ b/Zotlabs/Module/Cloud.php
@@ -123,7 +123,8 @@ class Cloud extends Controller {
 			notice( t('Permission denied') . EOL);
 		}
 		elseif($err instanceof \Sabre\DAV\Exception\NotImplemented) {
-			notice( t('Please refresh page') . EOL);
+			// notice( t('Please refresh page') . EOL);
+			goaway(z_root() . '/' . \App::$query_string);
 		}
 		else {
 			notice( t('Unknown error') . EOL);
--- a/Zotlabs/Module/Connect.php
+++ b/Zotlabs/Module/Connect.php
@@ -18,11 +18,11 @@ class Connect extends Controller {
 			App::$error = 404;
 			return;
 		}
-	
+
 		$r = q("select * from channel where channel_address = '%s' limit 1",
 			dbesc($which)
 		);
-	
+
 		if($r)
 			App::$data['channel'] = $r[0];

@@ -30,36 +30,36 @@ class Connect extends Controller {

 		profile_load($which,'');
 	}
-	
+
 	function post() {
-	
+
 		if(! array_key_exists('channel', App::$data))
 			return;

 		$channel_id = App::$data['channel']['channel_id'];

 		$edit = ((local_channel() && (local_channel() == $channel_id)) ? true : false);
-	
+
 		if($edit) {
 			$has_premium = ((App::$data['channel']['channel_pageflags'] & PAGE_PREMIUM) ? 1 : 0);
 			$premium = (($_POST['premium']) ? intval($_POST['premium']) : 0);
 			$text = escape_tags($_POST['text']);
-			
+
 			if($has_premium != $premium) {
 				$r = q("update channel set channel_pageflags = ( channel_pageflags %s %d ) where channel_id = %d",
 					db_getfunc('^'),
 					intval(PAGE_PREMIUM),
-					intval(local_channel()) 
+					intval(local_channel())
 				);
-				
+
 				\Zotlabs\Daemon\Master::Summon(array('Notifier','refresh_all',$channel_id));
 			}
 			set_pconfig($channel_id,'system','selltext',$text);
 			// reload the page completely to get fresh data
 			goaway(z_root() . '/' . App::$query_string);
-	
+
 		}
-	
+
 		$url = '';
 		$observer = App::get_observer();
 		if(($observer) && ($_POST['submit'] === t('Continue'))) {
@@ -70,18 +70,18 @@ class Connect extends Controller {
 					dbesc($observer['xchan_hash'])
 				);
 				if($r)
-					$url = $r[0]['hubloc_url'] . '/follow?f=&url=' . urlencode(channel_reddress(App::$data['channel']));
+					$url = $r[0]['hubloc_url'] . '/follow?f=&interactive=1&url=' . urlencode(channel_reddress(App::$data['channel']));
 			}
 		}
 		if($url)
 			goaway($url . '&confirm=1');
 		else
 			notice('Unable to connect to your home hub location.');
-	
+
 	}
-	
-	
-	
+
+
+
 	function get() {

 		if(! array_key_exists('channel', App::$data))
@@ -90,11 +90,11 @@ class Connect extends Controller {
 		$channel_id = App::$data['channel']['channel_id'];

 		$edit = ((local_channel() && (local_channel() == $channel_id)) ? true : false);
-	
+
 		$text = get_pconfig($channel_id,'system','selltext');
-	
+
 		if($edit) {
-	
+
 			$o = replace_macros(get_markup_template('sellpage_edit.tpl'),array(
 				'$header' => t('Premium Channel Setup'),
 				'$address' => App::$data['channel']['channel_address'],
@@ -105,36 +105,36 @@ class Connect extends Controller {
 				'$lbl2' => t('Potential connections will then see the following text before proceeding:'),
 				'$desc2' => t('By continuing, I certify that I have complied with any instructions provided on this page.'),
 				'$submit' => t('Submit'),
-	
-	
+
+
 			));
 			return $o;
 		}
 		else {
 			if(! $text)
 				$text = t('(No specific instructions have been provided by the channel owner.)');
-	
+
 			$submit = replace_macros(get_markup_template('sellpage_submit.tpl'), array(
-				'$continue' => t('Continue'),			
+				'$continue' => t('Continue'),
 				'$address' => App::$data['channel']['channel_address']
 			));
-	
+
 			$o = replace_macros(get_markup_template('sellpage_view.tpl'),array(
 				'$header' => t('Restricted or Premium Channel'),
 				'$desc' => t('This channel may require additional steps or acknowledgement of the following conditions prior to connecting:'),
-				'$text' => prepare_text($text), 
-	
+				'$text' => prepare_text($text),
+
 				'$desc2' => t('By continuing, I certify that I have complied with any instructions provided on this page.'),
 				'$submit' => $submit,
-	
+
 			));
-	
+
 			$arr = array('channel' => App::$data['channel'],'observer' => App::get_observer(), 'sellpage' => $o, 'submit' => $submit);
 			call_hooks('connect_premium', $arr);
 			$o = $arr['sellpage'];
-	
+
 		}
-	
+
 		return $o;
 	}
 }
--- a/Zotlabs/Module/Connedit.php
+++ b/Zotlabs/Module/Connedit.php
@@ -40,12 +40,12 @@ class Connedit extends Controller {
 		if((argc() >= 2) && intval(argv(1))) {
 			$r = q("SELECT abook.*, xchan.*
 				FROM abook left join xchan on abook_xchan = xchan_hash
-				WHERE abook_channel = %d and abook_id = %d LIMIT 1",
+				WHERE abook_channel = %d and abook_id = %d and xchan_deleted = 0 LIMIT 1",
 				intval(local_channel()),
 				intval(argv(1))
 			);
 			if($r) {
-				App::$poi = array_shift($r);
+				App::$poi = $r[0];
 			}
 		}

@@ -220,9 +220,6 @@ class Connedit extends Controller {
 				if($z)
 					$record = $z[0]['xlink_id'];
 			}
-			if($record) {
-				Master::Summon(array('Ratenotif','rating',$record));
-			}
 		}

 		if(($_REQUEST['pending']) && intval($orig_record[0]['abook_pending'])) {
@@ -426,7 +423,7 @@ class Connedit extends Controller {
 			$cmd = argv(2);

 			$orig_record = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash
-				WHERE abook_id = %d AND abook_channel = %d AND abook_self = 0 LIMIT 1",
+				WHERE abook_id = %d AND abook_channel = %d AND abook_self = 0 and xchan_deleted = 0 LIMIT 1",
 				intval($contact_id),
 				intval(local_channel())
 			);
@@ -478,16 +475,11 @@ class Connedit extends Controller {
 			}

 			if($cmd === 'refresh') {
-				if($orig_record[0]['xchan_network'] === 'zot') {
-					if(! zot_refresh($orig_record[0],App::get_channel()))
-						notice( t('Refresh failed - channel is currently unavailable.') );
-				}
-				elseif($orig_record[0]['xchan_network'] === 'zot6') {
+				if($orig_record[0]['xchan_network'] === 'zot6') {
 					if(! Libzot::refresh($orig_record[0],App::get_channel()))
 						notice( t('Refresh failed - channel is currently unavailable.') );
 				}
 				else {
-
 					// if you are on a different network we'll force a refresh of the connection basic info
 					Master::Summon(array('Notifier','permission_update',$contact_id));
 				}
@@ -667,7 +659,7 @@ class Connedit extends Controller {
 			);


-			if(in_array($contact['xchan_network'], ['zot6', 'zot'])) {
+			if($contact['xchan_network'] === 'zot6') {
 				$tools['fetchvc'] = [
 					'label' => t('Fetch Vcard'),
 					'url'    => z_root() . '/connedit/' . $contact['abook_id'] . '/fetchvc',
@@ -841,7 +833,7 @@ class Connedit extends Controller {
 				$locstr = unpunify($contact['xchan_url']);

 			$clone_warn = '';
-			$clonable = (in_array($contact['xchan_network'],['zot', 'zot6', 'rss']) ? true : false);
+			$clonable = in_array($contact['xchan_network'], ['zot6', 'rss']);
 			if(! $clonable) {
 				$clone_warn = '<strong>';
 				$clone_warn .= ((intval($contact['abook_not_here']))
--- a/Zotlabs/Module/Directory.php
+++ b/Zotlabs/Module/Directory.php
@@ -8,7 +8,6 @@ use Zotlabs\Lib\Libzotdir;


 require_once('include/socgraph.php');
-require_once('include/dir_fns.php');
 require_once('include/bbcode.php');
 require_once('include/html2plain.php');

@@ -245,7 +244,7 @@ class Directory extends Controller {
 							$profile_link = chanlink_url($rr['url']);

 							$pdesc = (($rr['description']) ? $rr['description'] . '<br />' : '');
-							$connect_link = ((local_channel()) ? z_root() . '/follow?f=&url=' . urlencode($rr['address']) : '');
+							$connect_link = ((local_channel()) ? z_root() . '/follow?f=&interactive=1&url=' . urlencode($rr['address']) : '');

 							// Checking status is disabled ATM until someone checks the performance impact more carefully
 							//$online = remote_online_status($rr['address']);
--- a/Zotlabs/Module/Dirsearch.php
+++ b/Zotlabs/Module/Dirsearch.php
@@ -4,26 +4,22 @@ namespace Zotlabs\Module;
 use App;
 use Zotlabs\Web\Controller;

-require_once('include/dir_fns.php');
-
-
-
 class Dirsearch extends Controller {

 	function init() {
 		App::set_pager_itemspage(30);
-	
+
 	}
-	
+
 	function get() {
-	
+
 		$ret = array('success' => false);
-	
+
 	//	logger('request: ' . print_r($_REQUEST,true));
-	
-	
+
+
 		$dirmode = intval(get_config('system','directory_mode'));
-	
+
 		if($dirmode == DIRECTORY_MODE_NORMAL) {
 			$ret['message'] = t('This site is not a directory server');
 			json_return_and_die($ret);
@@ -31,24 +27,24 @@ class Dirsearch extends Controller {


 		$access_token = $_REQUEST['t'];
-	
+
 		$token = get_config('system','realm_token');
 		if($token && $access_token != $token) {
 			$ret['message'] = t('This directory server requires an access token');
 			json_return_and_die($ret);
 		}
-	
-	
+
+
 		if(argc() > 1 && argv(1) === 'sites') {
 			$ret = $this->list_public_sites();
 			json_return_and_die($ret);
 		}
-	
+
 		$sql_extra = '';
-	
-	
+
+
 		$tables = array('name','address','locale','region','postcode','country','gender','marital','sexual','keywords');
-	
+
 		if($_REQUEST['query']) {
 			$advanced = $this->dir_parse_query($_REQUEST['query']);
 			if($advanced) {
@@ -64,9 +60,9 @@ class Dirsearch extends Controller {
 				}
 			}
 		}
-	
+
 		$hash     = ((x($_REQUEST['hash']))    ? $_REQUEST['hash']     : '');
-	
+
 		$name     = ((x($_REQUEST,'name'))     ? $_REQUEST['name']     : '');
 		$hub      = ((x($_REQUEST,'hub'))      ? $_REQUEST['hub']      : '');
 		$address  = ((x($_REQUEST,'address'))  ? $_REQUEST['address']  : '');
@@ -82,16 +78,16 @@ class Dirsearch extends Controller {
 		$agele    = ((x($_REQUEST,'agele'))    ? intval($_REQUEST['agele']) : 0 );
 		$kw       = ((x($_REQUEST,'kw'))       ? intval($_REQUEST['kw'])    : 0 );
 		$forums   = ((array_key_exists('pubforums',$_REQUEST)) ? intval($_REQUEST['pubforums']) : 0);
-	
+
 		if(get_config('system','disable_directory_keywords'))
 			$kw = 0;
-	
-	
+
+
 		// by default use a safe search
 		$safe     = ((x($_REQUEST,'safe')));    // ? intval($_REQUEST['safe'])  : 1 );
 		if ($safe === false)
 				$safe = 1;
-			
+
 		if(array_key_exists('sync',$_REQUEST)) {
 			if($_REQUEST['sync'])
 				$sync = datetime_convert('UTC','UTC',$_REQUEST['sync']);
@@ -100,7 +96,7 @@ class Dirsearch extends Controller {
 		}
 		else
 			$sync = false;
-	
+
 		if(($dirmode == DIRECTORY_MODE_STANDALONE) && (! $hub)) {
 			$hub = \App::get_hostname();
 		}
@@ -109,13 +105,13 @@ class Dirsearch extends Controller {
 			$hub_query = " and xchan_hash in (select hubloc_hash from hubloc where hubloc_host =  '" . protect_sprintf(dbesc($hub)) . "') ";
 		else
 			$hub_query = '';
-	
+
 		$sort_order  = ((x($_REQUEST,'order')) ? $_REQUEST['order'] : '');
-	
+
 		$joiner = ' OR ';
 		if($_REQUEST['and'])
 			$joiner = ' AND ';
-	
+
 		if($name)
 			$sql_extra .= $this->dir_query_build($joiner,'xchan_name',$name);
 		if($address)
@@ -136,58 +132,58 @@ class Dirsearch extends Controller {
 			$sql_extra .= $this->dir_query_build($joiner,'xprof_sexual',$sexual);
 		if($keywords)
 			$sql_extra .= $this->dir_query_build($joiner,'xprof_keywords',$keywords);
-	
-	
-		// we only support an age range currently. You must set both agege 
-		// (greater than or equal) and agele (less than or equal) 
-	
+
+
+		// we only support an age range currently. You must set both agege
+		// (greater than or equal) and agele (less than or equal)
+
 		if($agele && $agege) {
 			$sql_extra .= " $joiner ( xprof_age <= " . intval($agele) . " ";
 			$sql_extra .= " AND  xprof_age >= " . intval($agege) . ") ";
 		}
-	
-	
+
+
 		if($hash) {
 			$sql_extra = " AND xchan_hash like '" . dbesc($hash) . protect_sprintf('%') . "' ";
 		}
-	
-	
+
+
 	    $perpage      = (($_REQUEST['n'])              ? $_REQUEST['n']                    : 60);
 	    $page         = (($_REQUEST['p'])              ? intval($_REQUEST['p'] - 1)        : 0);
 	    $startrec     = (($page+1) * $perpage) - $perpage;
 		$limit        = (($_REQUEST['limit'])          ? intval($_REQUEST['limit'])        : 0);
 		$return_total = ((x($_REQUEST,'return_total')) ? intval($_REQUEST['return_total']) : 0);
-	
+
 		// mtime is not currently working
-	
+
 		$mtime        = ((x($_REQUEST,'mtime'))        ? datetime_convert('UTC','UTC',$_REQUEST['mtime']) : '');
-	
-		// ok a separate tag table won't work. 
+
+		// ok a separate tag table won't work.
 		// merge them into xprof
-	
+
 		$ret['success'] = true;
-	
+
 		// If &limit=n, return at most n entries
 		// If &return_total=1, we count matching entries and return that as 'total_items' for use in pagination.
 		// By default we return one page (default 80 items maximum) and do not count total entries
-	
+
 		$logic = ((strlen($sql_extra)) ? 'false' : 'true');
-	
+
 		if($hash)
 			$logic = 'true';
-	
+
 		if($dirmode == DIRECTORY_MODE_STANDALONE) {
 			$sql_extra .= " and xchan_addr like '%%" . \App::get_hostname() . "' ";
 		}
-	
+
 		$safesql = (($safe > 0) ? " and xchan_censored = 0 and xchan_selfcensored = 0 " : '');
 		if($safe < 0)
 			$safesql = " and ( xchan_censored = 1 OR xchan_selfcensored = 1 ) ";
-	
+
 		if($forums)
 			$safesql .= " and xchan_pubforum = " . ((intval($forums)) ? '1 ' : '0 ');
-	
-		if($limit) 
+
+		if($limit)
 			$qlimit = " LIMIT $limit ";
 		else {
 			$qlimit = " LIMIT " . intval($perpage) . " OFFSET " . intval($startrec);
@@ -198,27 +194,27 @@ class Dirsearch extends Controller {
 				}
 			}
 		}
-	
+
 		if($sort_order == 'normal') {
 			$order = " order by xchan_name asc ";
-	
-			// Start the alphabetic search at 'A' 
+
+			// Start the alphabetic search at 'A'
 			// This will make a handful of channels whose names begin with
 			// punctuation un-searchable in this mode
-	
+
 			$safesql .= " and ascii(substring(xchan_name FROM 1 FOR 1)) > 64 ";
 		}
 		elseif($sort_order == 'reverse')
 			$order = " order by xchan_name desc ";
 		elseif($sort_order == 'reversedate')
 			$order = " order by xchan_name_date asc ";
-		else	
+		else
 			$order = " order by xchan_name_date desc ";
-	
-	
+
+
 		if($sync) {
 			$spkt = array('transactions' => array());
-			$r = q("select * from updates where ud_date >= '%s' and ud_guid != '' order by ud_date desc",
+			$r = q("select * from updates where ud_date >= '%s' and ud_guid != '' and ud_addr != '' order by ud_date desc",
 				dbesc($sync)
 			);
 			if($r) {
@@ -228,7 +224,7 @@ class Dirsearch extends Controller {
 						$flags[] = 'deleted';
 					if($rr['ud_flags'] & UPDATE_FLAGS_FORCED)
 						$flags[] = 'forced';
-	
+
 					$spkt['transactions'][] = array(
 						'hash' => $rr['ud_hash'],
 						'address' => $rr['ud_addr'],
@@ -238,87 +234,48 @@ class Dirsearch extends Controller {
 					);
 				}
 			}
-			$r = q("select * from xlink where xlink_static = 1 and xlink_updated >= '%s' ",
-				dbesc($sync)
-			);
-			if($r) {
-				$spkt['ratings'] = array();
-				foreach($r as $rr) {
-					$spkt['ratings'][] = array(
-						'type' => 'rating', 
-						'encoding' => 'zot',
-						'channel' => $rr['xlink_xchan'],
-						'target' => $rr['xlink_link'],
-						'rating' => intval($rr['xlink_rating']),
-						'rating_text' => $rr['xlink_rating_text'],
-						'signature' => $rr['xlink_sig'],
-						'edited' => $rr['xlink_updated']
-					);
-				}
-			}
 			json_return_and_die($spkt);
 		}
 		else {
-	
-			$r = q("SELECT xchan.*, xprof.* from xchan left join xprof on xchan_hash = xprof_hash 
-				where ( $logic $sql_extra ) $hub_query and xchan_network = 'zot6' and xchan_system = 0 and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0 
-				$safesql $order $qlimit "
+
+			$r = q("SELECT
+				xchan.xchan_name as name,
+				xchan.xchan_hash as hash,
+				xchan.xchan_censored as censored,
+				xchan.xchan_selfcensored as selfcensored,
+				xchan.xchan_pubforum as public_forum,
+				xchan.xchan_url as url,
+				xchan.xchan_photo_l as photo_l,
+				xchan.xchan_photo_m as photo,
+				xchan.xchan_addr as address,
+				xprof.xprof_desc as description,
+				xprof.xprof_locale as locale,
+				xprof.xprof_region as region,
+				xprof.xprof_postcode as postcode,
+				xprof.xprof_country as country,
+				xprof.xprof_dob as birthday,
+				xprof.xprof_age as age,
+				xprof.xprof_gender as gender,
+				xprof.xprof_marital as marital,
+				xprof.xprof_sexual as sexual,
+				xprof.xprof_about as about,
+				xprof.xprof_homepage as homepage,
+				xprof.xprof_hometown as hometown,
+				xprof.xprof_keywords as keywords
+				from xchan left join xprof on xchan_hash = xprof_hash left join hubloc on hubloc_hash = xchan_hash
+				where hubloc_primary = 1 and hubloc_updated > %s - INTERVAL %s and ( $logic $sql_extra ) $hub_query and xchan_network = 'zot6' and xchan_system = 0 and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0
+				$safesql $order $qlimit",
+				db_utcnow(),
+				db_quoteinterval('30 DAY')
 			);
-	
-	
-	
-			$ret['page'] = $page + 1;
-			$ret['records'] = count($r);		
+
 		}
-	
-	
-	
+
 		if($r) {
-	
-			$entries = array();
-	
-			foreach($r as $rr) {
-	
-				$entry = array();
-	
-				$pc = q("select count(xlink_rating) as total_ratings from xlink where xlink_link = '%s' and xlink_rating != 0 and xlink_static = 1 group by xlink_rating",
-					dbesc($rr['xchan_hash'])
-				);
-	
-				if($pc)
-					$entry['total_ratings'] = intval($pc[0]['total_ratings']);
-				else
-					$entry['total_ratings'] = 0;
-	
-				$entry['name']         = $rr['xchan_name'];
-				$entry['hash']         = $rr['xchan_hash'];
-				$entry['censored']     = $rr['xchan_censored'];
-				$entry['selfcensored'] = $rr['xchan_selfcensored'];
-				$entry['public_forum'] = (intval($rr['xchan_pubforum']) ? true : false);
-				$entry['url']          = $rr['xchan_url'];
-				$entry['photo_l']      = $rr['xchan_photo_l'];
-				$entry['photo']        = $rr['xchan_photo_m'];
-				$entry['address']      = $rr['xchan_addr'];
-				$entry['description']  = $rr['xprof_desc'];
-				$entry['locale']       = $rr['xprof_locale'];
-				$entry['region']       = $rr['xprof_region'];
-				$entry['postcode']     = $rr['xprof_postcode'];
-				$entry['country']      = $rr['xprof_country'];
-				$entry['birthday']     = $rr['xprof_dob'];
-				$entry['age']          = $rr['xprof_age'];
-				$entry['gender']       = $rr['xprof_gender'];
-				$entry['marital']      = $rr['xprof_marital'];
-				$entry['sexual']       = $rr['xprof_sexual'];
-				$entry['about']        = $rr['xprof_about'];
-				$entry['homepage']     = $rr['xprof_homepage'];
-				$entry['hometown']     = $rr['xprof_hometown'];
-				$entry['keywords']     = $rr['xprof_keywords'];
-	
-				$entries[] = $entry;
-	
-			}
-	
-			$ret['results'] = $entries;
+			$ret['results'] = $r;
+			$ret['page'] = $page + 1;
+			$ret['records'] = count($r);
+
 			if($kw) {
 				$k = dir_tagadelic($kw, $hub);
 				if($k) {
@@ -328,30 +285,30 @@ class Dirsearch extends Controller {
 					}
 				}
 			}
-		}		
-	
+		}
+
 		json_return_and_die($ret);
 	}
-	
+
 	function dir_query_build($joiner,$field,$s) {
 		$ret = '';
 		if(trim($s))
 			$ret .= dbesc($joiner) . " " . dbesc($field) . " like '" . protect_sprintf( '%' . dbesc($s) . '%' ) . "' ";
 		return $ret;
 	}
-	
+
 	function dir_flag_build($joiner,$field,$bit,$s) {
 		return dbesc($joiner) . " ( " . dbesc($field) . " & " . intval($bit) . " ) " . ((intval($s)) ? '>' : '=' ) . " 0 ";
 	}
-	
-	
+
+
 	function dir_parse_query($s) {
-	
+
 		$ret = array();
 		$curr = array();
 		$all = explode(' ',$s);
 		$quoted_string = false;
-	
+
 		if($all) {
 			foreach($all as $q) {
 				if($quoted_string === false) {
@@ -382,7 +339,7 @@ class Dirsearch extends Controller {
 							$ret[] = $curr;
 							$curr = array();
 							continue;
-						}	
+						}
 						else {
 							$ret[] = $curr;
 							$curr = array();
@@ -405,15 +362,15 @@ class Dirsearch extends Controller {
 		logger('dir_parse_query:' . print_r($ret,true),LOGGER_DATA);
 		return $ret;
 	}
-	
-		
-	
-	
-	
-	
-	
+
+
+
+
+
+
+
 	function list_public_sites() {
-	
+
 		$rand = db_getfunc('rand');
 		$realm = get_directory_realm();
 		if($realm == DIRECTORY_REALM) {
@@ -428,16 +385,16 @@ class Dirsearch extends Controller {
 				intval(SITE_TYPE_ZOT)
 			);
 		}
-			
+
 		$ret = array('success' => false);
-	
+
 		if($r) {
 			$ret['success'] = true;
 			$ret['sites'] = array();
 			$insecure = array();
-	
+
 			foreach($r as $rr) {
-				
+
 				if($rr['site_access'] == ACCESS_FREE)
 					$access = 'free';
 				elseif($rr['site_access'] == ACCESS_PAID)
@@ -446,14 +403,14 @@ class Dirsearch extends Controller {
 					$access = 'tiered';
 				else
 					$access = 'private';
-	
+
 				if($rr['site_register'] == REGISTER_OPEN)
 					$register = 'open';
 				elseif($rr['site_register'] == REGISTER_APPROVE)
 					$register = 'approve';
 				else
 					$register = 'closed';
-	
+
 				if(strpos($rr['site_url'],'https://') !== false)
 					$ret['sites'][] = array('url' => $rr['site_url'], 'access' => $access, 'register' => $register, 'sellpage' => $rr['site_sellpage'], 'location' => $rr['site_location'], 'project' => $rr['site_project'], 'version' => $rr['site_version']);
 				else
--- a/Zotlabs/Module/Display.php
+++ b/Zotlabs/Module/Display.php
@@ -97,8 +97,8 @@ class Display extends \Zotlabs\Web\Controller {
 		if($decoded)
 			$item_hash = $decoded;

-		$r = q("select id, uid, mid, parent, parent_mid, thr_parent, verb, item_type, item_deleted, author_xchan, item_blocked from item where mid like '%s' limit 1",
-			dbesc($item_hash . '%')
+		$r = q("select id, uid, mid, parent, parent_mid, thr_parent, verb, item_type, item_deleted, author_xchan, item_blocked from item where mid = '%s' limit 1",
+			dbesc($item_hash)
 		);

 		if($r) {
@@ -243,89 +243,81 @@ class Display extends \Zotlabs\Web\Controller {
 		$item_normal = item_normal();
 		$item_normal_update = item_normal_update();

-		$sql_extra = public_permissions_sql($observer_hash);
+		$sql_extra = ((local_channel()) ? EMPTY_STR : item_permissions_sql(0, $observer_hash));

 		if($noscript_content || $load) {

-			$r = null;
-
 			require_once('include/channel.php');
 			$sys = get_sys_channel();
-			$sysid = $sys['channel_id'];
+			// in case somebody turned off public access to sys channel content using permissions
+			// make that content unsearchable by ensuring the owner uid can't match
+			$sys_id = perm_is_allowed($sys['channel_id'], $observer_hash, 'view_stream') ? $sys['channel_id'] : 0;
+
+			$r = null;

 			if(local_channel()) {
-				$r = q("SELECT item.id as item_id from item WHERE uid = %d and mid = '%s' $item_normal limit 1",
+				$r = q("SELECT item.id AS item_id FROM item WHERE uid = %d AND mid = '%s' $item_normal LIMIT 1",
+					intval(local_channel()),
+					dbesc($target_item['parent_mid'])
+				);
+			}
+
+			if(!$r) {
+				$r = q("SELECT item.id AS item_id FROM item
+					WHERE ((mid = '%s'
+					AND (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid  = ''
+					AND item.deny_gid  = '' AND item_private = 0 )
+					AND uid IN ( " . stream_perms_api_uids(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " ))
+					OR uid = %d ))) OR
+					(mid = '%s' $sql_extra ))
+					$item_normal
+					limit 1",
+					dbesc($target_item['parent_mid']),
+					intval($sys_id),
+					dbesc($target_item['parent_mid'])
+				);
+			}
+		}
+
+		elseif($update && !$load) {
+			require_once('include/channel.php');
+			$sys = get_sys_channel();
+			// in case somebody turned off public access to sys channel content using permissions
+			// make that content unsearchable by ensuring the owner uid can't match
+			$sys_id = perm_is_allowed($sys['channel_id'], $observer_hash, 'view_stream') ? $sys['channel_id'] : 0;
+
+			$r = null;
+			if(local_channel()) {
+				$r = q("SELECT item.parent AS item_id from item
+					WHERE uid = %d
+					AND parent_mid = '%s'
+					$item_normal_update
+					$simple_update
+					LIMIT 1",
 					intval(local_channel()),
 					dbesc($target_item['parent_mid'])
 				);
 			}

 			if(! $r) {
-
-				// in case somebody turned off public access to sys channel content using permissions
-				// make that content unsearchable by ensuring the owner uid can't match
-
-				if(! perm_is_allowed($sysid,$observer_hash,'view_stream'))
-					$sysid = 0;
-
 				$r = q("SELECT item.id as item_id from item
-					WHERE ( (mid = '%s'
-					AND (((( item.allow_cid = ''  AND item.allow_gid = '' AND item.deny_cid  = ''
+					WHERE ((parent_mid = '%s'
+					AND (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid  = ''
 					AND item.deny_gid  = '' AND item_private = 0 )
 					and uid in ( " . stream_perms_api_uids(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " ))
-					OR uid = %d ) ) ) OR
-					(mid = '%s' $sql_extra ) )
+					OR uid = %d ))) OR
+					(parent_mid = '%s' $sql_extra ))
 					$item_normal
 					limit 1",
 					dbesc($target_item['parent_mid']),
-					intval($sysid),
+					intval($sys_id),
 					dbesc($target_item['parent_mid'])
 				);
-
-
-			}
-		}
-
-		elseif($update && !$load) {
-			$r = null;
-
-			require_once('include/channel.php');
-			$sys = get_sys_channel();
-			$sysid = $sys['channel_id'];
-			if(local_channel()) {
-				$r = q("SELECT item.parent AS item_id from item
-					WHERE uid = %d
-					and parent_mid = '%s'
-					$item_normal_update
-					$simple_update
-					limit 1",
-					intval(local_channel()),
-					dbesc($target_item['parent_mid'])
-				);
-			}
-			if($r === null) {
-				// in case somebody turned off public access to sys channel content using permissions
-				// make that content unsearchable by ensuring the owner_xchan can't match
-				if(! perm_is_allowed($sysid,$observer_hash,'view_stream'))
-					$sysid = 0;
-				$r = q("SELECT item.parent AS item_id from item
-					WHERE parent_mid = '%s'
-					AND (((( item.allow_cid = ''  AND item.allow_gid = '' AND item.deny_cid  = ''
-					AND item.deny_gid  = '' AND item_private = 0 )
-					and uid in ( " . stream_perms_api_uids(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " ))
-					OR uid = %d )
-					$sql_extra )
-					$item_normal_update
-					$simple_update
-					limit 1",
-					dbesc($target_item['parent_mid']),
-					intval($sysid)
-				);
 			}
 		}

 		else {
-			$r = array();
+			$r = [];
 		}

 		if($r) {
@@ -333,7 +325,7 @@ class Display extends \Zotlabs\Web\Controller {
 			if($parents_str) {
 				$items = q("SELECT item.*, item.id AS item_id
 					FROM item
-					WHERE parent in ( %s ) $item_normal ",
+					WHERE parent in ( %s ) $sql_extra $item_normal ",
 					dbesc($parents_str)
 				);
 				xchan_query($items);
--- a/Zotlabs/Module/Dreport.php
+++ b/Zotlabs/Module/Dreport.php
@@ -5,16 +5,16 @@ namespace Zotlabs\Module;
 class Dreport extends \Zotlabs\Web\Controller {

 	function get() {
-	
+
 		if(! local_channel()) {
 			notice( t('Permission denied') . EOL);
 			return;
 		}
-	
+
 		$table = 'item';
-	
+
 		$channel = \App::get_channel();
-		
+
 		$mid = ((argc() > 1) ? argv(1) : '');
 		$encoded_mid = '';

@@ -31,7 +31,7 @@ class Dreport extends \Zotlabs\Web\Controller {
 				$mid = @base64url_decode(substr($mid,4));
 			}

-			if($mid) {	
+			if($mid) {
 				$i = q("select id from item where mid = '%s' and uid = %d and ( author_xchan = '%s' or ( owner_xchan = '%s' and item_wall = 1 )) ",
 					dbesc($mid),
 					intval($channel['channel_id']),
@@ -53,13 +53,13 @@ class Dreport extends \Zotlabs\Web\Controller {
 				$mid = @base64url_decode(substr($mid,4));

 		}
-	
-	
+
+
 		if(! $mid) {
 			notice( t('Invalid message') . EOL);
 			return;
 		}
-	
+
 		switch($table) {
 			case 'item':
 				$i = q("select id from item where mid = '%s' and ( author_xchan = '%s' or ( owner_xchan = '%s' and item_wall = 1 )) ",
@@ -77,30 +77,29 @@ class Dreport extends \Zotlabs\Web\Controller {
 			default:
 				break;
 		}
-	
+
 		if(! $i) {
 			notice( t('Permission denied') . EOL);
 			return;
 		}
-		
-		$r = q("select * from dreport where (dreport_xchan = '%s' or dreport_xchan = '%s') and dreport_mid = '%s'",
+
+		$r = q("select * from dreport where dreport_xchan = '%s' and dreport_mid = '%s'",
 			dbesc($channel['channel_hash']),
-			dbesc($channel['channel_portable_id']),
 			dbesc($mid)
 		);
-	
+
 		if(! $r) {
 			notice( t('no results') . EOL);
 //			return;
 		}
-		
+
 		for($x = 0; $x < count($r); $x++ ) {
-	
+
 			// This has two purposes: 1. make the delivery report strings translateable, and
 			// 2. assign an ordering to item delivery results so we can group them and provide
 			// a readable report with more interesting events listed toward the top and lesser
 			// interesting items towards the bottom
-	
+
 			switch($r[$x]['dreport_result']) {
 				case 'channel sync processed':
 					$r[$x]['gravity'] = 0;
@@ -146,13 +145,13 @@ class Dreport extends \Zotlabs\Web\Controller {
 					break;
 			}
 		}
-	
+
 		usort($r,'self::dreport_gravity_sort');

 		$entries = array();
 		foreach($r as $rr) {
-			$entries[] = [ 
-				'name' => escape_tags($rr['dreport_name'] ?: $rr['dreport_recip']),					
+			$entries[] = [
+				'name' => escape_tags($rr['dreport_name'] ?: $rr['dreport_recip']),
 				'result' => escape_tags($rr['dreport_result']),
 				'time' => escape_tags(datetime_convert('UTC',date_default_timezone_get(),$rr['dreport_time']))
 			];
@@ -167,14 +166,14 @@ class Dreport extends \Zotlabs\Web\Controller {
 			'$push' => t('Redeliver'),
 			'$entries' => $entries
 		));
-	
-	
+
+
 		return $o;
-	
-	
-	
+
+
+
 	}
-	
+
 	private static function dreport_gravity_sort($a,$b) {
 		if($a['gravity'] == $b['gravity']) {
 			if($a['dreport_name'] === $b['dreport_name'])
@@ -183,5 +182,5 @@ class Dreport extends \Zotlabs\Web\Controller {
 		}
 		return (($a['gravity'] > $b['gravity']) ? 1 : (-1));
 	}
-	
+
 }
--- a/Zotlabs/Module/Events.php
+++ b/Zotlabs/Module/Events.php
@@ -1,750 +0,0 @@
-<?php
-namespace Zotlabs\Module;
-
-require_once('include/conversation.php');
-require_once('include/bbcode.php');
-require_once('include/datetime.php');
-require_once('include/event.php');
-require_once('include/items.php');
-require_once('include/html2plain.php');
-
-class Events extends \Zotlabs\Web\Controller {
-
-	function post() {
-
-		// this module is deprecated
-		return;
-	
-		logger('post: ' . print_r($_REQUEST,true), LOGGER_DATA);
-	
-		if(! local_channel())
-			return;
-	
-		if(($_FILES) && array_key_exists('userfile',$_FILES) && intval($_FILES['userfile']['size'])) {
-			$src = $_FILES['userfile']['tmp_name'];
-			if($src) {
-				$result = parse_ical_file($src,local_channel());
-				if($result)
-					info( t('Calendar entries imported.') . EOL);
-				else
-					notice( t('No calendar entries found.') . EOL);
-				@unlink($src);
-			}
-			goaway(z_root() . '/events');
-		}
-	
-	
-		$event_id = ((x($_POST,'event_id')) ? intval($_POST['event_id']) : 0);
-		$event_hash = ((x($_POST,'event_hash')) ? $_POST['event_hash'] : '');
-	
-		$xchan = ((x($_POST,'xchan')) ? dbesc($_POST['xchan']) : '');
-		$uid      = local_channel();
-	
-		$start_text = escape_tags($_REQUEST['start_text']);
-		$finish_text = escape_tags($_REQUEST['finish_text']);
-	
-		$adjust   = intval($_POST['adjust']);
-		$nofinish = intval($_POST['nofinish']);
-	
-		$timezone = ((x($_POST,'timezone_select')) ? notags(trim($_POST['timezone_select']))     : '');
-
-		$tz = (($timezone) ? $timezone : date_default_timezone_get());
-
-		$categories = escape_tags(trim($_POST['category']));
-	
-		// only allow editing your own events. 
-	
-		if(($xchan) && ($xchan !== get_observer_hash()))
-			return;
-	
-		if($start_text) {
-			$start = $start_text;
-		}
-		else {
-			$start = sprintf('%d-%d-%d %d:%d:0',$startyear,$startmonth,$startday,$starthour,$startminute);
-		}
-	
-	
-		if($finish_text) {
-			$finish = $finish_text;
-		}
-		else {
-			$finish = sprintf('%d-%d-%d %d:%d:0',$finishyear,$finishmonth,$finishday,$finishhour,$finishminute);
-		}
-
-		if($nofinish) {
-			$finish = NULL_DATE;
-		}
-
-	
-		if($adjust) {
-			$start = datetime_convert($tz,'UTC',$start);
-			if(! $nofinish)
-				$finish = datetime_convert($tz,'UTC',$finish);
-		}
-		else {
-			$start = datetime_convert('UTC','UTC',$start);
-			if(! $nofinish)
-				$finish = datetime_convert('UTC','UTC',$finish);
-		}
-	
-		// Don't allow the event to finish before it begins.
-		// It won't hurt anything, but somebody will file a bug report
-		// and we'll waste a bunch of time responding to it. Time that 
-		// could've been spent doing something else. 
-	
-	
-		$summary  = escape_tags(trim($_POST['summary']));
-		$desc     = escape_tags(trim($_POST['desc']));
-		$location = escape_tags(trim($_POST['location']));
-		$type     = escape_tags(trim($_POST['type']));
-	
-		require_once('include/text.php');
-		linkify_tags($desc, local_channel());
-		linkify_tags($location, local_channel());
-	
-		//$action = ($event_hash == '') ? 'new' : "event/" . $event_hash;
-	
-		//fixme: this url gives a wsod if there is a linebreak detected in one of the variables ($desc or $location)
-		//$onerror_url = z_root() . "/events/" . $action . "?summary=$summary&description=$desc&location=$location&start=$start_text&finish=$finish_text&adjust=$adjust&nofinish=$nofinish&type=$type";
-		$onerror_url = z_root() . "/events";
-	
-		if(strcmp($finish,$start) < 0 && !$nofinish) {
-			notice( t('Event can not end before it has started.') . EOL);
-			if(intval($_REQUEST['preview'])) {
-				echo( t('Unable to generate preview.'));
-				killme();
-			}
-			goaway($onerror_url);
-		}
-	
-		if((! $summary) || (! $start)) {
-			notice( t('Event title and start time are required.') . EOL);
-			if(intval($_REQUEST['preview'])) {
-				echo( t('Unable to generate preview.'));
-				killme();
-			}
-			goaway($onerror_url);
-		}
-	
-		//		$share = ((intval($_POST['distr'])) ? intval($_POST['distr']) : 0);
-
-		$share = 1;	
-
-		$channel = \App::get_channel();
-	
-		$acl = new \Zotlabs\Access\AccessList(false);
-	
-		if($event_id) {
-			$x = q("select * from event where id = %d and uid = %d limit 1",
-				intval($event_id),
-				intval(local_channel())
-			);
-			if(! $x) {
-				notice( t('Event not found.') . EOL);
-				if(intval($_REQUEST['preview'])) {
-					echo( t('Unable to generate preview.'));
-					killme();
-				}
-				return;
-			}
-	
-			$acl->set($x[0]);
-	
-			$created = $x[0]['created'];
-			$edited = datetime_convert();
-	
-			if($x[0]['allow_cid'] === '<' . $channel['channel_hash'] . '>' 
-				&& $x[0]['allow_gid'] === '' && $x[0]['deny_cid'] === '' && $x[0]['deny_gid'] === '') {
-				$share = false;
-			}
-			else {
-				$share = true;
-			}
-		}
-		else {
-			$created = $edited = datetime_convert();
-			if($share) {
-				$acl->set_from_array($_POST);
-			}
-			else {
-				$acl->set(array('allow_cid' => '<' . $channel['channel_hash'] . '>', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => ''));
-			}
-		}
-	
-		$post_tags = array();
-		$channel = \App::get_channel();
-		$ac = $acl->get();
-	
-		if(strlen($categories)) {
-			$cats = explode(',',$categories);
-			foreach($cats as $cat) {
-				$post_tags[] = array(
-					'uid'   => $profile_uid, 
-					'ttype' => TERM_CATEGORY,
-					'otype' => TERM_OBJ_POST,
-					'term'  => trim($cat),
-					'url'   => $channel['xchan_url'] . '?f=&cat=' . urlencode(trim($cat))
-				);
-			}
-		}
-	
-		$datarray = array();
-		$datarray['dtstart'] = $start;
-		$datarray['dtend'] = $finish;
-		$datarray['summary'] = $summary;
-		$datarray['description'] = $desc;
-		$datarray['location'] = $location;
-		$datarray['etype'] = $type;
-		$datarray['adjust'] = $adjust;
-		$datarray['nofinish'] = $nofinish;
-		$datarray['uid'] = local_channel();
-		$datarray['account'] = get_account_id();
-		$datarray['event_xchan'] = $channel['channel_hash'];
-		$datarray['allow_cid'] = $ac['allow_cid'];
-		$datarray['allow_gid'] = $ac['allow_gid'];
-		$datarray['deny_cid'] = $ac['deny_cid'];
-		$datarray['deny_gid'] = $ac['deny_gid'];
-		$datarray['private'] = (($acl->is_private()) ? 1 : 0);
-		$datarray['id'] = $event_id;
-		$datarray['created'] = $created;
-		$datarray['edited'] = $edited;
-	
-		if(intval($_REQUEST['preview'])) {
-			$html = format_event_html($datarray);
-			echo $html;
-			killme();
-		}
-	
-		$event = event_store_event($datarray);
-	
-		if($post_tags)	
-			$datarray['term'] = $post_tags;
-	
-		$item_id = event_store_item($datarray,$event);
-	
-		if($item_id) {
-			$r = q("select * from item where id = %d",
-				intval($item_id)
-			);
-			if($r) {
-				xchan_query($r);
-				$sync_item = fetch_post_tags($r);
-				$z = q("select * from event where event_hash = '%s' and uid = %d limit 1",
-					dbesc($r[0]['resource_id']),
-					intval($channel['channel_id'])
-				);
-				if($z) {
-					build_sync_packet($channel['channel_id'],array('event_item' => array(encode_item($sync_item[0],true)),'event' => $z));
-				}
-			}
-		}
-	
-		if($share)
-			\Zotlabs\Daemon\Master::Summon(array('Notifier','event',$item_id));
-	
-	}
-	
-	
-	
-	function get() {
-
-		// this module is deprecated
-		return;
-	
-		if(argc() > 2 && argv(1) == 'ical') {
-			$event_id = argv(2);
-	
-			require_once('include/security.php');
-			$sql_extra = permissions_sql(local_channel());
-	
-			$r = q("select * from event where event_hash = '%s' $sql_extra limit 1",
-				dbesc($event_id)
-			);
-			if($r) { 
-				header('Content-type: text/calendar');
-				header('content-disposition: attachment; filename="' . t('event') . '-' . $event_id . '.ics"' );
-				echo ical_wrapper($r);
-				killme();
-			}
-			else {
-				notice( t('Event not found.') . EOL );
-				return;
-			}
-		}
-	
-		if(! local_channel()) {
-			notice( t('Permission denied.') . EOL);
-			return;
-		}
-
-		\App::$profile_uid = local_channel();
-		nav_set_selected('Events');
-
-	
-		if((argc() > 2) && (argv(1) === 'ignore') && intval(argv(2))) {
-			$r = q("update event set dismissed = 1 where id = %d and uid = %d",
-				intval(argv(2)),
-				intval(local_channel())
-			);
-		}
-	
-		if((argc() > 2) && (argv(1) === 'unignore') && intval(argv(2))) {
-			$r = q("update event set dismissed = 0 where id = %d and uid = %d",
-				intval(argv(2)),
-				intval(local_channel())
-			);
-		}
-	
-		$first_day = feature_enabled(local_channel(), 'events_cal_first_day');
-		$first_day = (($first_day) ? $first_day : 0);
-	
-		$htpl = get_markup_template('event_head.tpl');
-		\App::$page['htmlhead'] .= replace_macros($htpl,array(
-			'$baseurl' => z_root(),
-			'$module_url' => '/events',
-			'$modparams' => 1,
-			'$lang' => \App::$language,
-			'$first_day' => $first_day
-		));
-	
-		$o = '';
-	
-		$channel = \App::get_channel();
-	
-		$mode = 'view';
-		$y = 0;
-		$m = 0;
-		$ignored = ((x($_REQUEST,'ignored')) ? " and dismissed = " . intval($_REQUEST['ignored']) . " "  : '');
-	
-	
-		// logger('args: ' . print_r(\App::$argv,true));
-	
-	
-	
-		if(argc() > 1) {
-			if(argc() > 2 && argv(1) === 'add') {
-				$mode = 'add';
-				$item_id = intval(argv(2));
-			}
-			if(argc() > 2 && argv(1) === 'drop') {
-				$mode = 'drop';
-				$event_id = argv(2);
-			}
-			if(argc() > 2 && intval(argv(1)) && intval(argv(2))) {
-				$mode = 'view';
-				$y = intval(argv(1));
-				$m = intval(argv(2));
-			}
-			if(argc() <= 2) {
-				$mode = 'view';
-				$event_id = argv(1);
-			}
-		}
-	
-		if($mode === 'add') {
-			event_addtocal($item_id,local_channel());
-			killme();
-		}
-	
-		if($mode == 'view') {
-	
-			/* edit/create form */
-			if($event_id) {
-				$r = q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1",
-					dbesc($event_id),
-					intval(local_channel())
-				);
-				if(count($r))
-					$orig_event = $r[0];
-			}
-	
-			$channel = \App::get_channel();
-	
-			// Passed parameters overrides anything found in the DB
-			if(!x($orig_event))
-				$orig_event = array();
-	
-			// In case of an error the browser is redirected back here, with these parameters filled in with the previous values
-			/*
-			if(x($_REQUEST,'nofinish')) $orig_event['nofinish'] = $_REQUEST['nofinish'];
-			if(x($_REQUEST,'adjust')) $orig_event['adjust'] = $_REQUEST['adjust'];
-			if(x($_REQUEST,'summary')) $orig_event['summary'] = $_REQUEST['summary'];
-			if(x($_REQUEST,'description')) $orig_event['description'] = $_REQUEST['description'];
-			if(x($_REQUEST,'location')) $orig_event['location'] = $_REQUEST['location'];
-			if(x($_REQUEST,'start')) $orig_event['dtstart'] = $_REQUEST['start'];
-			if(x($_REQUEST,'finish')) $orig_event['dtend'] = $_REQUEST['finish'];
-			if(x($_REQUEST,'type')) $orig_event['etype'] = $_REQUEST['type'];
-			*/
-	
-			$n_checked = ((x($orig_event) && $orig_event['nofinish']) ? ' checked="checked" ' : '');
-			$a_checked = ((x($orig_event) && $orig_event['adjust']) ? ' checked="checked" ' : '');
-			$t_orig = ((x($orig_event)) ? $orig_event['summary'] : '');
-			$d_orig = ((x($orig_event)) ? $orig_event['description'] : '');
-			$l_orig = ((x($orig_event)) ? $orig_event['location'] : '');
-			$eid = ((x($orig_event)) ? $orig_event['id'] : 0);
-			$event_xchan = ((x($orig_event)) ? $orig_event['event_xchan'] : $channel['channel_hash']);
-			$mid = ((x($orig_event)) ? $orig_event['mid'] : '');
-	
-			if(! x($orig_event)) {
-				$sh_checked = '';
-				$a_checked = ' checked="checked" ';
-			}
-			else {
-				$sh_checked = ((($orig_event['allow_cid'] === '<' . $channel['channel_hash'] . '>' || (! $orig_event['allow_cid'])) && (! $orig_event['allow_gid']) && (! $orig_event['deny_cid']) && (! $orig_event['deny_gid'])) ? '' : ' checked="checked" ' );
-			}
-
-			if($orig_event['event_xchan'])
-				$sh_checked .= ' disabled="disabled" ';
-	
-			$sdt = ((x($orig_event)) ? $orig_event['dtstart'] : 'now');
-	
-			$fdt = ((x($orig_event)) ? $orig_event['dtend'] : '+1 hour');
-	
-			$tz = date_default_timezone_get();
-			if(x($orig_event))
-				$tz = (($orig_event['adjust']) ? date_default_timezone_get() : 'UTC');
-	
-			$syear = datetime_convert('UTC', $tz, $sdt, 'Y');
-			$smonth = datetime_convert('UTC', $tz, $sdt, 'm');
-			$sday = datetime_convert('UTC', $tz, $sdt, 'd');
-			$shour = datetime_convert('UTC', $tz, $sdt, 'H');
-			$sminute = datetime_convert('UTC', $tz, $sdt, 'i');
-	
-			$stext = datetime_convert('UTC',$tz,$sdt);
-			$stext = substr($stext,0,14) . "00:00";
-	
-			$fyear = datetime_convert('UTC', $tz, $fdt, 'Y');
-			$fmonth = datetime_convert('UTC', $tz, $fdt, 'm');
-			$fday = datetime_convert('UTC', $tz, $fdt, 'd');
-			$fhour = datetime_convert('UTC', $tz, $fdt, 'H');
-			$fminute = datetime_convert('UTC', $tz, $fdt, 'i');
-	
-			$ftext = datetime_convert('UTC',$tz,$fdt);
-			$ftext = substr($ftext,0,14) . "00:00";
-	
-			$type = ((x($orig_event)) ? $orig_event['etype'] : 'event');
-	
-			$f = get_config('system','event_input_format');
-			if(! $f)
-				$f = 'ymd';
-	
-			$catsenabled = feature_enabled(local_channel(),'categories');
-	
-			$category = '';
-	
-			if($catsenabled && x($orig_event)){
-				$itm = q("select * from item where resource_type = 'event' and resource_id = '%s' and uid = %d limit 1",
-					dbesc($orig_event['event_hash']),
-					intval(local_channel())
-				);
-				$itm = fetch_post_tags($itm);
-				if($itm) {
-					$cats = get_terms_oftype($itm[0]['term'], TERM_CATEGORY);
-					foreach ($cats as $cat) {
-						if(strlen($category))
-							$category .= ', ';
-						$category .= $cat['term'];
-	            			}
-				}
-			}
-	
-			require_once('include/acl_selectors.php');
-	
-			$acl = new \Zotlabs\Access\AccessList($channel);
-			$perm_defaults = $acl->get();
-
-			$permissions = ((x($orig_event)) ? $orig_event : $perm_defaults);
-
-			$tpl = get_markup_template('event_form.tpl');
-	
-			$form = replace_macros($tpl,array(
-				'$post' => z_root() . '/events',
-				'$eid' => $eid,
-				'$type' => $type,
-				'$xchan' => $event_xchan,
-				'$mid' => $mid,
-				'$event_hash' => $event_id,
-				'$summary' => array('summary', (($event_id) ? t('Edit event title') : t('Event title')), $t_orig, t('Required'), '*'),
-				'$catsenabled' => $catsenabled,
-				'$placeholdercategory' => t('Categories (comma-separated list)'),
-				'$c_text' => (($event_id) ? t('Edit Category') : t('Category')),
-				'$category' => $category,
-				'$required' => '<span class="required" title="' . t('Required') . '">*</span>',
-				'$s_dsel' => datetimesel($f,new \DateTime(),\DateTime::createFromFormat('Y',$syear+5),\DateTime::createFromFormat('Y-m-d H:i',"$syear-$smonth-$sday $shour:$sminute"), (($event_id) ? t('Edit start date and time') : t('Start date and time')), 'start_text',true,true,'','',true,$first_day),
-				'$n_text' => t('Finish date and time are not known or not relevant'),
-				'$n_checked' => $n_checked,
-				'$f_dsel' => datetimesel($f,new \DateTime(),\DateTime::createFromFormat('Y',$fyear+5),\DateTime::createFromFormat('Y-m-d H:i',"$fyear-$fmonth-$fday $fhour:$fminute"), (($event_id) ? t('Edit finish date and time') : t('Finish date and time')),'finish_text',true,true,'start_text','',false,$first_day),
-				'$nofinish' => array('nofinish', t('Finish date and time are not known or not relevant'), $n_checked, '', array(t('No'),t('Yes')), 'onclick="enableDisableFinishDate();"'),
-				'$adjust' => array('adjust', t('Adjust for viewer timezone'), $a_checked, t('Important for events that happen in a particular place. Not practical for global holidays.'), array(t('No'),t('Yes'))),
-				'$a_text' => t('Adjust for viewer timezone'),
-				'$d_text' => (($event_id) ? t('Edit Description') : t('Description')),
-				'$d_orig' => $d_orig,
-				'$l_text' => (($event_id) ? t('Edit Location') : t('Location')),
-				'$l_orig' => $l_orig,
-				'$t_orig' => $t_orig,
-				'$preview' => t('Preview'),
-				'$perms_label' => t('Permission settings'),
-				// populating the acl dialog was a permission description from view_stream because Cal.php, which
-				// displays events, says "since we don't currently have an event permission - use the stream permission"
-				'$acl' => (($orig_event['event_xchan']) ? '' : populate_acl(((x($orig_event)) ? $orig_event : $perm_defaults), false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'))),
-
-				'$allow_cid' => acl2json($permissions['allow_cid']),
-				'$allow_gid' => acl2json($permissions['allow_gid']),
-				'$deny_cid' => acl2json($permissions['deny_cid']),
-				'$deny_gid' => acl2json($permissions['deny_gid']),
-				'$tz_choose' => feature_enabled(local_channel(),'event_tz_select'),
-				'$timezone' => array('timezone_select' , t('Timezone:'), date_default_timezone_get(), '', get_timezones()),
-
-				'$lockstate' => (($acl->is_private()) ? 'lock' : 'unlock'),
-
-				'$submit' => t('Submit'),
-				'$advanced' => t('Advanced Options')
-	
-			));
-			/* end edit/create form */
-	
-			$thisyear = datetime_convert('UTC',date_default_timezone_get(),'now','Y');
-			$thismonth = datetime_convert('UTC',date_default_timezone_get(),'now','m');
-			if(! $y)
-				$y = intval($thisyear);
-			if(! $m)
-				$m = intval($thismonth);
-	
-			$export = false;
-			if(argc() === 4 && argv(3) === 'export')
-				$export = true;
-	
-			// Put some limits on dates. The PHP date functions don't seem to do so well before 1900.
-			// An upper limit was chosen to keep search engines from exploring links millions of years in the future. 
-	
-			if($y < 1901)
-				$y = 1900;
-			if($y > 2099)
-				$y = 2100;
-	
-			$nextyear = $y;
-			$nextmonth = $m + 1;
-			if($nextmonth > 12) {
-					$nextmonth = 1;
-				$nextyear ++;
-			}
-	
-			$prevyear = $y;
-			if($m > 1)
-				$prevmonth = $m - 1;
-			else {
-				$prevmonth = 12;
-				$prevyear --;
-			}
-				
-			$dim    = get_dim($y,$m);
-			$start  = sprintf('%d-%d-%d %d:%d:%d',$y,$m,1,0,0,0);
-			$finish = sprintf('%d-%d-%d %d:%d:%d',$y,$m,$dim,23,59,59);
-	
-	
-			if (argv(1) === 'json'){
-				if (x($_GET,'start'))	$start = $_GET['start'];
-				if (x($_GET,'end'))	$finish = $_GET['end'];
-			}
-	
-			$start  = datetime_convert('UTC','UTC',$start);
-			$finish = datetime_convert('UTC','UTC',$finish);
-	
-			$adjust_start = datetime_convert('UTC', date_default_timezone_get(), $start);
-			$adjust_finish = datetime_convert('UTC', date_default_timezone_get(), $finish);
-	
-			if (x($_GET,'id')){
-			  	$r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan
-	                                from event left join item on resource_id = event_hash where resource_type = 'event' and event.uid = %d and event.id = %d limit 1",
-					intval(local_channel()),
-					intval($_GET['id'])
-				);
-			} elseif($export) {
-				$r = q("SELECT * from event where uid = %d
-					AND (( adjust = 0 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' ) 
-					OR  (  adjust = 1 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' )) ",
-					intval(local_channel()),
-					dbesc($start),
-					dbesc($finish),
-					dbesc($adjust_start),
-					dbesc($adjust_finish)
-				);
-			}
-			else {
-				// fixed an issue with "nofinish" events not showing up in the calendar.
-				// There's still an issue if the finish date crosses the end of month.
-				// Noting this for now - it will need to be fixed here and in Friendica.
-				// Ultimately the finish date shouldn't be involved in the query. 
-
-				$r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan
-	                              from event left join item on event_hash = resource_id 
-					where resource_type = 'event' and event.uid = %d and event.uid = item.uid $ignored 
-					AND (( adjust = 0 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' ) 
-					OR  (  adjust = 1 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' )) ",
-					intval(local_channel()),
-					dbesc($start),
-					dbesc($finish),
-					dbesc($adjust_start),
-					dbesc($adjust_finish)
-				);
-			}
-	
-			$links = array();
-	
-			if($r && ! $export) {
-				xchan_query($r);
-				$r = fetch_post_tags($r,true);
-	
-				$r = sort_by_date($r);
-			}
-	
-			if($r) {
-				foreach($r as $rr) {
-					$j = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtstart'], 'j') : datetime_convert('UTC','UTC',$rr['dtstart'],'j'));
-					if(! x($links,$j)) 
-						$links[$j] = z_root() . '/' . \App::$cmd . '#link-' . $j;
-				}
-			}
-	
-			$events=array();
-	
-			$last_date = '';
-			$fmt = t('l, F j');
-	
-			if($r) {
-	
-				foreach($r as $rr) {
-					
-					$j = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtstart'], 'j') : datetime_convert('UTC','UTC',$rr['dtstart'],'j'));
-					$d = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtstart'], $fmt) : datetime_convert('UTC','UTC',$rr['dtstart'],$fmt));
-					$d = day_translate($d);
-					
-					$start = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtstart'], 'c') : datetime_convert('UTC','UTC',$rr['dtstart'],'c'));
-					if ($rr['nofinish']){
-						$end = null;
-					} else {
-						$end = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtend'], 'c') : datetime_convert('UTC','UTC',$rr['dtend'],'c'));
-
-						// give a fake end to birthdays so they get crammed into a 
-						// single day on the calendar
-
-						if($rr['etype'] === 'birthday')
-							$end = null;
-					}
-					
-					
-					$is_first = ($d !== $last_date);
-						
-					$last_date = $d;
-	
-					$edit = ((local_channel() && $rr['author_xchan'] == get_observer_hash()) ? array(z_root().'/events/'.$rr['event_hash'].'?expandform=1',t('Edit event'),'','') : false);
-	
-					$drop = array(z_root().'/events/drop/'.$rr['event_hash'],t('Delete event'),'','');
-	
-					$title = strip_tags(html_entity_decode(zidify_links(bbcode($rr['summary'])),ENT_QUOTES,'UTF-8'));
-					if(! $title) {
-						list($title, $_trash) = explode("<br",bbcode($rr['desc']),2);
-						$title = strip_tags(html_entity_decode($title,ENT_QUOTES,'UTF-8'));
-					}
-					$html = format_event_html($rr);
-					$rr['desc'] = zidify_links(smilies(bbcode($rr['desc'])));
-					$rr['description'] = htmlentities(html2plain(bbcode($rr['description'])),ENT_COMPAT,'UTF-8',false);
-					$rr['location'] = zidify_links(smilies(bbcode($rr['location'])));
-					$events[] = array(
-						'id'=>$rr['id'],
-						'hash' => $rr['event_hash'],
-						'start'=> $start,
-						'end' => $end,
-						'drop' => $drop,
-						'allDay' => false,
-						'title' => $title,
-						
-						'j' => $j,
-						'd' => $d,
-						'edit' => $edit,
-						'is_first'=>$is_first,
-						'item'=>$rr,
-						'html'=>$html,
-						'plink' => array($rr['plink'],t('Link to Source'),'',''),
-					);
-
-				}
-			}
-
-			if($export) {
-				header('Content-type: text/calendar');
-				header('content-disposition: attachment; filename="' . t('calendar') . '-' . $channel['channel_address'] . '.ics"' );
-				echo ical_wrapper($r);
-				killme();
-			}
-	
-			if (\App::$argv[1] === 'json'){
-				echo json_encode($events); killme();
-			}
-			
-			// links: array('href', 'text', 'extra css classes', 'title')
-			if (x($_GET,'id')){
-				$tpl =  get_markup_template("event.tpl");
-			} 
-			else {
-				$tpl = get_markup_template("events-js.tpl");
-			}
-	
-			$o = replace_macros($tpl, array(
-				'$baseurl'	=> z_root(),
-				'$new_event'	=> array(z_root().'/events',(($event_id) ? t('Edit Event') : t('Create Event')),'',''),
-				'$previus'	=> array(z_root()."/events/$prevyear/$prevmonth",t('Previous'),'',''),
-				'$next'		=> array(z_root()."/events/$nextyear/$nextmonth",t('Next'),'',''),
-				'$export'	=> array(z_root()."/events/$y/$m/export",t('Export'),'',''),
-				'$calendar'	=> cal($y,$m,$links, ' eventcal'),
-				'$events'	=> $events,
-				'$view_label'   => t('View'),
-				'$month'        => t('Month'),
-				'$week'         => t('Week'),
-				'$day'          => t('Day'),
-				'$prev'		=> t('Previous'),
-				'$next'		=> t('Next'),
-				'$today'	=> t('Today'),
-				'$form'		=> $form,
-				'$expandform'	=> ((x($_GET,'expandform')) ? true : false),
-			));
-			
-			if (x($_GET,'id')){ echo $o; killme(); }
-			
-			return $o;
-		}
-	
-		if($mode === 'drop' && $event_id) {
-			$r = q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1",
-				dbesc($event_id),
-				intval(local_channel())
-			);
-	
-			$sync_event = $r[0];
-	
-			if($r) {
-				$r = q("delete from event where event_hash = '%s' and uid = %d",
-					dbesc($event_id),
-					intval(local_channel())
-				);
-				if($r) {
-					$r = q("update item set resource_type = '', resource_id = '' where resource_type = 'event' and resource_id = '%s' and uid = %d",
-						dbesc($event_id),
-						intval(local_channel())
-					);
-					$sync_event['event_deleted'] = 1;
-					build_sync_packet(0,array('event' => array($sync_event)));
-	
-					info( t('Event removed') . EOL);
-				}
-				else {
-					notice( t('Failed to remove event' ) . EOL);
-				}
-				goaway(z_root() . '/events');
-			}
-		}
-	
-	}
-	
-}
--- a/Zotlabs/Module/Fhublocs.php
+++ b/Zotlabs/Module/Fhublocs.php
@@ -3,7 +3,6 @@ namespace Zotlabs\Module;

 use Zotlabs\Lib\Libzot;

-require_once('include/zot.php');
 require_once('include/crypto.php');

 /* fix missing or damaged hublocs */
@@ -59,23 +58,6 @@ class Fhublocs extends \Zotlabs\Web\Controller {

 				// Create a verified hub location pointing to this site.

-/*
-				$h = hubloc_store_lowlevel(
-					[
-						'hubloc_guid'     => $rr['channel_guid'],
-						'hubloc_guid_sig' => $rr['channel_guid_sig'],
-						'hubloc_hash'     => $rr['channel_hash'],
-						'hubloc_addr'     => channel_reddress($rr),
-						'hubloc_network'  => 'zot',
-						'hubloc_primary'  => $primary,
-						'hubloc_url'      => z_root(),
-						'hubloc_url_sig'  => base64url_encode(Crypto::sign(z_root(),$rr['channel_prvkey'])),
-						'hubloc_host'     => \App::get_hostname(),
-						'hubloc_callback' => z_root() . '/post',
-						'hubloc_sitekey'  => $sitekey
-					]
-				);
-*/
 				$h = hubloc_store_lowlevel(
 					[
 						'hubloc_guid'     => $rr['channel_guid'],
--- a/Zotlabs/Module/Follow.php
+++ b/Zotlabs/Module/Follow.php
@@ -14,7 +14,7 @@ use Zotlabs\Daemon\Master;
 class Follow extends Controller {

 	function init() {
-	
+
 		if (ActivityStreams::is_as_request() && argc() == 2) {

 			$abook_id = intval(argv(1));
@@ -73,11 +73,11 @@ class Follow extends Controller {
 		$url = notags(trim(punify($_REQUEST['url'])));
 		$return_url = $_SESSION['return_url'];
 		$confirm = intval($_REQUEST['confirm']);
-		$interactive = (($_REQUEST['interactive']) ? intval($_REQUEST['interactive']) : 1);	
+		$interactive = (($_REQUEST['interactive']) ? intval($_REQUEST['interactive']) : 1);
 		$channel = App::get_channel();

 		$result = Connect::connect($channel,$url);
-		
+
 		if ($result['success'] == false) {
 			if ($result['message']) {
 				notice($result['message']);
@@ -89,9 +89,9 @@ class Follow extends Controller {
 				json_return_and_die($result);
 			}
 		}
-	
+
 		info( t('Connection added.') . EOL);
-	
+
 		$clone = array();
 		foreach ($result['abook'] as $k => $v) {
 			if (strpos($k,'abook_') === 0) {
@@ -101,30 +101,30 @@ class Follow extends Controller {
 		unset($clone['abook_id']);
 		unset($clone['abook_account']);
 		unset($clone['abook_channel']);
-	
+
 		$abconfig = load_abconfig($channel['channel_id'],$clone['abook_xchan']);
 		if ($abconfig) {
 			$clone['abconfig'] = $abconfig;
 		}
 		Libsync::build_sync_packet(0, [ 'abook' => [ $clone ] ], true);
-	
+
 		$can_view_stream = their_perms_contains($channel['channel_id'],$clone['abook_xchan'],'view_stream');
-	
+
 		// If we can view their stream, pull in some posts
-	
+
 		if (($can_view_stream) || ($result['abook']['xchan_network'] === 'rss')) {
 			Master::Summon([ 'Onepoll', $result['abook']['abook_id'] ]);
 		}
-	
+
 		if ($interactive) {
 			goaway(z_root() . '/connedit/' . $result['abook']['abook_id'] . '?follow=1');
 		}
 		else {
 			json_return_and_die([ 'success' => true ]);
 		}
-	
+
 	}
-	
+
 	function get() {
 		if (! local_channel()) {
 			return login();
--- a/Zotlabs/Module/Home.php
+++ b/Zotlabs/Module/Home.php
@@ -40,7 +40,7 @@ class Home extends Controller {
 			if (!$dest)
 				$dest = get_config('system', 'startpage');
 			if (!$dest)
-				$dest = z_root() . '/network';
+				$dest = z_root() . '/hq';

 			goaway($dest);
 		}
--- a/Zotlabs/Module/Hq.php
+++ b/Zotlabs/Module/Hq.php
@@ -1,6 +1,10 @@
 <?php
 namespace Zotlabs\Module;

+use App;
+use Zotlabs\Widget\Messages;
+
+
 require_once("include/bbcode.php");
 require_once('include/security.php');
 require_once('include/conversation.php');
@@ -14,23 +18,7 @@ class Hq extends \Zotlabs\Web\Controller {
 		if(! local_channel())
 			return;

-		\App::$profile_uid = local_channel();
-	}
-
-	function post() {
-
-		if(!local_channel())
-			return;
-
-		if($_REQUEST['notify_id']) {
-			q("update notify set seen = 1 where id = %d and uid = %d",
-				intval($_REQUEST['notify_id']),
-				intval(local_channel())
-			);
-		}
-
-		killme();
-
+		App::$profile_uid = local_channel();
 	}

 	function get($update = 0, $load = false) {
@@ -41,21 +29,21 @@ class Hq extends \Zotlabs\Web\Controller {
 		if(argc() > 1 && argv(1) !== 'load') {
 			$item_hash = argv(1);
 		}
-	
-		if($_REQUEST['mid'])
+
+		if(isset($_REQUEST['mid'])) {
 			$item_hash = $_REQUEST['mid'];
+		}

 		$item_normal = item_normal();
 		$item_normal_update = item_normal_update();

 		if(! $item_hash) {
-			$r = q("SELECT mid FROM item 
+			$r = q("SELECT mid FROM item
 				WHERE uid = %d $item_normal
-				AND mid = parent_mid 
+				AND mid = parent_mid
 				ORDER BY created DESC LIMIT 1",
 				intval(local_channel())
 			);
-
 			if($r[0]['mid']) {
 				$item_hash = 'b64.' . base64url_encode($r[0]['mid']);
 			}
@@ -71,10 +59,10 @@ class Hq extends \Zotlabs\Web\Controller {

 			$target_item = null;

-			$r = q("select id, uid, mid, parent_mid, thr_parent, verb, item_type, item_deleted, item_blocked from item where mid like '%s' limit 1",
-				dbesc($item_hash . '%')
+			$r = q("select id, uid, mid, parent_mid, thr_parent, verb, item_type, item_deleted, item_blocked from item where mid = '%s' limit 1",
+				dbesc($item_hash)
 			);
-		
+
 			if($r) {
 				$target_item = $r[0];
 			}
@@ -83,7 +71,7 @@ class Hq extends \Zotlabs\Web\Controller {
 			if($target_item['item_blocked'] == ITEM_MODERATED) {
 				goaway(z_root() . '/moderate/' . $target_item['id']);
 			}
-		
+
 			$simple_update = '';
 			if($update && $_SESSION['loadtime'])
 				$simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' )  OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) ";
@@ -94,16 +82,16 @@ class Hq extends \Zotlabs\Web\Controller {
 			$sys_item = false;

 		}
-	
+
 		if(! $update) {
-			$channel = \App::get_channel();
+			$channel = App::get_channel();

 			$channel_acl = [
-				'allow_cid' => $channel['channel_allow_cid'], 
-				'allow_gid' => $channel['channel_allow_gid'], 
-				'deny_cid'  => $channel['channel_deny_cid'], 
+				'allow_cid' => $channel['channel_allow_cid'],
+				'allow_gid' => $channel['channel_allow_gid'],
+				'deny_cid'  => $channel['channel_deny_cid'],
 				'deny_gid'  => $channel['channel_deny_gid']
-			]; 
+			];

 			$x = [
 				'is_owner'            => true,
@@ -125,13 +113,7 @@ class Hq extends \Zotlabs\Web\Controller {
 				'reset'               => t('Reset form')
 			];

-			$o = replace_macros(get_markup_template("hq.tpl"),
-				[
-					'$no_messages' => (($target_item) ? false : true),
-					'$no_messages_label' => [ t('Welcome to Hubzilla!'), t('You have got no unseen posts...') ],
-					'$editor' => status_editor($a,$x,false,'Hq')
-				]
-			);
+			$o = status_editor($a, $x, true);

 		}

@@ -143,7 +125,7 @@ class Hq extends \Zotlabs\Web\Controller {
 				// if the target item is not a post (eg a like) we want to address its thread parent
 				//$mid = ((($target_item['verb'] == ACTIVITY_LIKE) || ($target_item['verb'] == ACTIVITY_DISLIKE)) ? $target_item['thr_parent'] : $target_item['mid']);
 				$mid = $target_item['mid'];
-				// if we got a decoded hash we must encode it again before handing to javascript 
+				// if we got a decoded hash we must encode it again before handing to javascript
 				if($decoded)
 					$mid = 'b64.' . base64url_encode($mid);
 			}
@@ -153,9 +135,9 @@ class Hq extends \Zotlabs\Web\Controller {

 			$o .= '<div id="live-hq"></div>' . "\r\n";
 			$o .= "<script> var profile_uid = " . local_channel()
-				. "; var netargs = '?f='; var profile_page = " . \App::$pager['page'] . ";</script>\r\n";
-	
-			\App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),[
+				. "; var netargs = '?f='; var profile_page = " . App::$pager['page'] . ";</script>\r\n";
+
+			App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),[
 				'$baseurl' => z_root(),
 				'$pgtype'  => 'hq',
 				'$uid'     => local_channel(),
@@ -241,14 +223,14 @@ class Hq extends \Zotlabs\Web\Controller {
 		else {
 			$r = [];
 		}
-	
+
 		if($r) {
-			$items = q("SELECT item.*, item.id AS item_id 
+			$items = q("SELECT item.*, item.id AS item_id
 				FROM item
 				WHERE parent = '%s' $item_normal ",
 				dbesc($r[0]['item_id'])
 			);
-	
+
 			xchan_query($items,true,(($sys_item) ? local_channel() : 0));
 			$items = fetch_post_tags($items,true);
 			$items = conv_sort($items,'created');
@@ -267,4 +249,17 @@ class Hq extends \Zotlabs\Web\Controller {

 	}

+	function post() {
+		if (!local_channel())
+			return;
+
+		$options['offset'] = $_REQUEST['offset'];
+		$options['dm'] = $_REQUEST['dm'];
+		$options['type'] = $_REQUEST['type'];
+
+		$ret = Messages::get_messages_page($options);
+
+		json_return_and_die($ret);
+	}
+
 }
--- a/Zotlabs/Module/Import.php
+++ b/Zotlabs/Module/Import.php
@@ -2,7 +2,6 @@

 namespace Zotlabs\Module;

-require_once('include/zot.php');
 require_once('include/channel.php');
 require_once('include/import.php');
 require_once('include/perm_upgrade.php');
@@ -209,44 +208,11 @@ class Import extends \Zotlabs\Web\Controller {

 		logger('import step 3');

-		if(is_array($data['hubloc'])) {
-			import_hublocs($channel,$data['hubloc'],$seize,$moving);
-		}
-
-		logger('import step 4');
-
 		// create new hubloc for the new channel at this site

 		if(array_key_exists('channel',$data)) {
-			if($channel['channel_portable_id']) {
-				$r = hubloc_store_lowlevel(
-					[
-						'hubloc_guid'     => $channel['channel_guid'],
-						'hubloc_guid_sig' => $channel['channel_guid_sig'],
-						'hubloc_hash'     => $channel['channel_portable_id'],
-						'hubloc_addr'     => channel_reddress($channel),
-						'hubloc_network'  => 'zot',
-						'hubloc_primary'  => (($seize) ? 1 : 0),
-						'hubloc_url'      => z_root(),
-						'hubloc_url_sig'  => base64url_encode(Crypto::sign(z_root(),$channel['channel_prvkey'])),
-						'hubloc_host'     => \App::get_hostname(),
-						'hubloc_callback' => z_root() . '/post',
-						'hubloc_sitekey'  => get_config('system','pubkey'),
-						'hubloc_updated'  => datetime_convert(),
-						'hubloc_id_url'   => channel_url($channel)
-					]
-				);

-				// reset the original primary hubloc if it is being seized
-				if($seize) {
-					$r = q("update hubloc set hubloc_primary = 0 where hubloc_primary = 1 and hubloc_hash = '%s' and hubloc_url != '%s' ",
-						dbesc($channel['channel_portable_id']),
-						dbesc(z_root())
-					);
-				}
-			}
-
-			// create a new zot6 hubloc if we have got a channel_portable_id
+			// create a new zot6 hubloc

 			$r = hubloc_store_lowlevel(
 				[
@@ -277,7 +243,7 @@ class Import extends \Zotlabs\Web\Controller {

 		}

-		logger('import step 5');
+		logger('import step 4');


 		// import xchans and contact photos
@@ -286,33 +252,10 @@ class Import extends \Zotlabs\Web\Controller {

 			// replace any existing xchan we may have on this site if we're seizing control

-			$r = q("delete from xchan where ( xchan_hash = '%s' or xchan_hash = '%s' ) ",
-				dbesc($channel['channel_hash']),
-				dbesc($channel['channel_portable_id'])
+			$r = q("delete from xchan where xchan_hash = '%s'",
+				dbesc($channel['channel_hash'])
 			);

-			if($channel['channel_portable_id']) {
-				$r = xchan_store_lowlevel(
-					[
-						'xchan_hash'           => $channel['channel_portable_id'],
-						'xchan_guid'           => $channel['channel_guid'],
-						'xchan_guid_sig'       => $channel['channel_guid_sig'],
-						'xchan_pubkey'         => $channel['channel_pubkey'],
-						'xchan_photo_l'        => z_root() . "/photo/profile/l/" . $channel['channel_id'],
-						'xchan_photo_m'        => z_root() . "/photo/profile/m/" . $channel['channel_id'],
-						'xchan_photo_s'        => z_root() . "/photo/profile/s/" . $channel['channel_id'],
-						'xchan_addr'           => channel_reddress($channel),
-						'xchan_url'            => z_root() . '/channel/' . $channel['channel_address'],
-						'xchan_connurl'        => z_root() . '/poco/' . $channel['channel_address'],
-						'xchan_follow'         => z_root() . '/follow?f=&url=%s',
-						'xchan_name'           => $channel['channel_name'],
-						'xchan_network'        => 'zot',
-						'xchan_photo_date'     => datetime_convert(),
-						'xchan_name_date'      => datetime_convert()
-					]
-				);
-			}
-
 			$r = xchan_store_lowlevel(
 				[
 					'xchan_hash'           => $channel['channel_hash'],
@@ -335,21 +278,13 @@ class Import extends \Zotlabs\Web\Controller {

 		}

-		logger('import step 6');
+		logger('import step 5');

 		// import xchans
 		$xchans = $data['xchan'];
 		if($xchans) {
 			foreach($xchans as $xchan) {

-				if($xchan['xchan_network'] === 'zot') {
-					$hash = make_xchan_hash($xchan['xchan_guid'],$xchan['xchan_guid_sig']);
-					if($hash !== $xchan['xchan_hash']) {
-						logger('forged xchan: ' . print_r($xchan,true));
-						continue;
-					}
-				}
-
 				if($xchan['xchan_network'] === 'zot6') {
 					$zhash = Libzot::make_xchan_hash($xchan['xchan_guid'],$xchan['xchan_pubkey']);
 					if($zhash !== $xchan['xchan_hash']) {
@@ -404,7 +339,14 @@ class Import extends \Zotlabs\Web\Controller {
 				}
 			}

-			logger('import step 7');
+			logger('import step 6');
+		}
+
+		logger('import step 7');
+
+		// this must happen after xchans got imported!
+		if(is_array($data['hubloc'])) {
+			import_hublocs($channel,$data['hubloc'],$seize,$moving);
 		}

 		$friends = 0;
@@ -552,12 +494,6 @@ class Import extends \Zotlabs\Web\Controller {
 		if(is_array($data['chatroom']))
 			import_chatrooms($channel,$data['chatroom']);

-		if(is_array($data['conv']))
-			import_conv($channel,$data['conv']);
-
-		if(is_array($data['mail']))
-			import_mail($channel,$data['mail']);
-
 		if(is_array($data['event']))
 			import_events($channel,$data['event']);

--- a/Zotlabs/Module/Invite.php
+++ b/Zotlabs/Module/Invite.php
@@ -6,7 +6,7 @@ use Zotlabs\Lib\Apps;
 use Zotlabs\Web\Controller;

 /**
- * module: invite.php
+ * module: invitexv2.php
 *
 * send email invitations to join social network
 *
@@ -15,91 +15,291 @@ use Zotlabs\Web\Controller;

 class Invite extends Controller {

+	/**
+	 * While coding this, I want to introduce a system of qualified messages and notifications.
+	 * Each message consists of a 3 letter prefix, a 4 digit number and a one letter suffix (PREnnnnS).
+	 * The spirit about is not from me, but many decades used by IBM inc. in devel with best success.
+	 *
+	 * The system prefix, used uppercase as system message id, lowercase as css and js prefix (classes, ids etc).
+	 * Usually not used as self::MYP, but placed in the code dominant enough for easy to find.
+	 *
+	 * Concrete here:
+	 * The prefix indicates Z for the Zlabs(core), A for Account stuff, I for Invite.
+	 * The numbers scope will be 00xx within/for templates, 01xx for get, 02xx for post functions.
+	 * Message qualification ends with a uppercase suffix, where
+	 * 	I=Info(only),
+	 *	W=Warning(more then info and less then error),
+	 *	E=Error,
+	 *	F=Fatal(for unexpected errors).
+	 * Btw, in case of using fail2ban, a scan of messages going to log is very much more with ease,
+	 * esspecially in multi language driven systems where messages vary.
+	 *
+	 * @author Hilmar Runge
+	 * @version 2.0.0
+	 * @since 2020-01-20
+	 *
+	 */
+
+	const MYP = 	'ZAI';
+	const VERSION =	'2.0.0';
+
 	function post() {
-	
-		if(! local_channel()) {
-			notice( t('Permission denied.') . EOL);
+
+		// zai02
+
+		if (! local_channel()) {
+			notice( 'ZAI0201E,' .t('Permission denied.') . EOL);
 			return;
 		}

-		if(! Apps::system_app_installed(local_channel(), 'Invite')) {
+		if (! Apps::system_app_installed(local_channel(), 'Invite')) {
+			notice( 'ZAI0202E,' . t('Invite App') . ' (' . t('Not Installed') . ')' . EOL);
 			return;
 		}
-	
+
 		check_form_security_token_redirectOnErr('/', 'send_invite');
-	
-		$max_invites = intval(get_config('system','max_invites'));
-		if(! $max_invites)
-			$max_invites = 50;
-	
-		$current_invites = intval(get_pconfig(local_channel(),'system','sent_invites'));
-		if($current_invites > $max_invites) {
-			notice( t('Total invitation limit exceeded.') . EOL);
+
+		$ok = $ko = 0;
+		$feedbk = '';
+		$isajax = is_ajax();
+		$eol 	= $isajax ? "\n" : EOL;
+		$policy  = intval(get_config('system','register_policy'));
+		if ($policy == REGISTER_CLOSED) {
+			notice( 'ZAI0212E,' . t('Register is closed') . ')' . EOL);
 			return;
-		};
-	
-	
-		$recips  = ((x($_POST,'recipients')) ? explode("\n",$_POST['recipients']) : array());
-		$message = ((x($_POST,'message'))    ? notags(trim($_POST['message']))    : '');
-	
-		$total = 0;
-	
-		if(get_config('system','invitation_only')) {
-			$invonly = true;
-			$x = get_pconfig(local_channel(),'system','invites_remaining');
-			if((! $x) && (! is_site_admin()))
-				return;
 		}
-	
-		foreach($recips as $recip) {
-	
-			$recip = trim($recip);
-			if(! $recip)
-				continue;
-	
-			if(! validate_email($recip)) {
-				notice(  sprintf( t('%s : Not a valid email address.'), $recip) . EOL);
-				continue;
-			}
-	
-			else
-				$nmessage = $message;
-	
-			$account = App::get_account();
-	
-			$res = z_mail(
-				[ 
-				'toEmail'        => $recip,
-				'fromName'       => ' ',
-				'fromEmail'      => $account['account_email'],
-				'messageSubject' => t('Please join us on $Projectname'),
-				'textVersion'    => $nmessage,
-				]
-			);
-	
-			if($res) {
-				$total ++;
-				$current_invites ++;
-				set_pconfig(local_channel(),'system','sent_invites',$current_invites);
-				if($current_invites > $max_invites) {
-					notice( t('Invitation limit exceeded. Please contact your site administrator.') . EOL);
-					return;
+		if ($policy == REGISTER_OPEN)
+			$flags = 0;
+		elseif ($policy == REGISTER_APPROVE)
+			$flags = ACCOUNT_PENDING;
+		$flags  = ($flags | intval(get_config('system','verify_email')));
+
+		// how many max recipients in one mail submit
+		$maxto = get_config('system','invitation_max_recipients', 'na');
+		If (is_site_admin()) {
+			// set, if admin is operator, default to 12
+			if ($maxto === 'na') set_config('system','invitation_max_recipients', 12);
+		}
+		$maxto = ($maxto === 'na') ? 12 : $maxto;
+
+		// language code current for the invitation
+		$lcc  = x($_POST['zailcc'])  && preg_match('/[a-z\-]{2,5}/', $_POST['zailcc'])
+				? $_POST['zailcc']
+				: '';
+
+		// expiration duration amount quantity, in case of doubts defaults 2
+		$durn = x($_POST['zaiexpiren']) && preg_match('/[0-9]{1,2}/', $_POST['zaiexpiren'])
+				? trim(intval($_POST['zaiexpiren']))
+				: '2';
+		!$durn ? $durn = 2 : '';
+
+		// expiration duration unit 1st letter (day, weeks, months, years), defaults days
+		$durq = x($_POST['zaiexpire']) && preg_match('/[ihd]{1,1}/', $_POST['zaiexpire'])
+				? $_POST['zaiexpire']
+				: 'd';
+
+		$dur = self::calcdue($durn.$durq);
+		$due = t('Note, the invitation code is valid up to') . ' ' . $dur['due'];
+
+		if ($isajax) {
+			$feedbk .= 'ZAI0207I ' . $due . $eol;
+		}
+
+		// take the received email addresses and discart duplicates
+		$recips  = array_filter( array_unique( preg_replace('/^\s*$/', '',
+			((x($_POST,'zaito')) ? explode( "\n",$_POST['zaito']) : array() ) )));
+
+		$havto = count($recips);
+
+		if ( $havto > $maxto) {
+			$feedbk .= 'ZAI0210E ' . sprintf( t('Too many recipients for one invitation (max %d)'), $maxto) . $eol;
+			$ko++;
+
+		} elseif ( $havto == 0 ) {
+			$feedbk .= 'ZAI0211E ' . t('No recipients for this invitation') . $eol;
+			$ko++;
+
+		} else {
+
+			// each email address
+			foreach($recips as $n => $recip) {
+
+				// if empty ignore
+				$recip = $recips[$n] = trim($recip);
+				if(! $recip) continue;
+
+				// see if we have an email address who@domain.tld
+				if (!preg_match('/^.{2,64}\@[a-z0-9.-]{4,32}\.[a-z]{2,12}$/', $recip)) {
+					$feedbk .= 'ZAI0203E ' . ($n+1) . ': ' . sprintf( t('(%s) : Not a valid email address'), $recip) . $eol;
+					$ko++;
+					continue;
+				}
+				if(! validate_email($recip)) {
+					$feedbk .= 'ZAI0204E ' . ($n+1) . ': ' . sprintf( t('(%s) : Not a real email address'), $recip) . $eol;
+					$ko++;
+					continue;
+				}
+
+				// do we accept the email (not black listed)
+				if(! allowed_email($recip)) {
+					$feedbk .= 'ZAI0205E ' . ($n+1) . ': ' . sprintf( t('(%s) : Not allowed email address'), $recip) . $eol;
+					$ko++;
+					continue;
+				}
+
+				// is the email address just in use for account or registered before
+				$r = q("SELECT account_email       AS em FROM account  WHERE account_email = '%s'"
+					  . " UNION "
+					  ."SELECT reg_email           AS em FROM register WHERE reg_vital = 1 AND reg_email = '%s' LIMIT 1;",
+						dbesc($recip),
+						dbesc($recip)
+				);
+				if($r && $r[0]['em'] == $recip) {
+					$feedbk .= 'ZAI0206E ' . ($n+1) . ': ' . sprintf( t('(%s) : email address already in use'), $recip) . $eol;
+					$ko++;
+					continue;
+				}
+
+				if ($isajax) {
+					// seems we have an email address acceptable
+					$feedbk .= 'ZAI0209I ' . ($n+1) . ': ' . sprintf( t('(%s) : Accepted email address'), $recip) . $eol;
 				}
 			}
-			else {
-				notice( sprintf( t('%s : Message delivery failed.'), $recip) . EOL);
-			}
-	
 		}
-		notice( sprintf( tt("%d message sent.", "%d messages sent.", $total) , $total) . EOL);
+
+		if ($isajax) {
+			// we are not silent on the ajax road
+			echo json_encode(array('feedbk' => $feedbk, 'due' => $due));
+
+			// that mission is complete
+			killme();
+			exit;
+		}
+
+		//	Total ?todo notice( t('Invitation limit exceeded. Please contact your site administrator.') . EOL);
+
+		// any errors up to now in fg?
+
+
+		// down from here, only on the main road (no more ajax)
+
+		// tell if sth is to tell
+		$feedbk ? notice($feedbk) . $eol : '';
+
+		if ($ko > 0) return;
+
+		// the personal mailtext
+		$mailtext = ((x($_POST,'zaitxt'))    ? notags(trim($_POST['zaitxt']))    : '');
+
+		// to log in db
+		$reonar = json_decode( ((x($_POST,'zaireon'))  ? notags(trim($_POST['zaireon']))    : ''), TRUE, 8) ;
+
+		// me, the invitor
+		$account = App::get_account();
+		$reonar['from'] = $account['account_email'];
+		$reonar['date'] = datetime_convert();
+		$reonar['fromip'] = $_SERVER['REMOTE_ADDR'];
+
+		// who is the invitor on
+		$inby = local_channel();
+
+		$ok = $ko = 0;
+
+		// send the mail(s)
+		foreach($recips as $n => $recip) {
+
+			$reonar['due'] = $due;
+			$reonar['to']  = $recip;
+			$reonar['txtpersonal'] = $mailtext;
+
+			// generate an invide code to store and pm
+			$invite_code = autoname(8) . rand(1000,9999);
+
+			// again the final localized templates  $reonar['subject'] $reonar['lang'] $reonar['tpl']
+
+			// save current operators lc and take the desired to mail
+			push_lang($reonar['lang']);
+			// resolve
+			$tx = replace_macros(get_intltext_template('invite.'.$reonar['tpl'].'.tpl'),
+				array(
+					'$projectname'		=> t('$Projectname'),
+					'$invite_code'		=> $invite_code,
+					'$invite_where' 	=> z_root() . '/register',
+					'$invite_whereami'	=> str_replace('@', '@+', $reonar['whereami']),
+					'$invite_whoami'	=> z_root() . '/channel/' . $reonar['whoami'],
+					'$invite_anywhere'	=> z_root() . '/pubsites'
+				)
+			);
+			// restore lc to operator
+			pop_lang();
+
+			$reonar['txttemplate'] = $tx;
+
+			// pm
+			$zem = z_mail(
+				[
+				'toEmail'        => $recip,
+				'fromName'       => ' ',
+				'fromEmail'      => $reonar['from'],
+				'messageSubject' => $reonar['subject'],
+				'textVersion'    => ($mailtext ? $mailtext . "\n\n" : '') . $tx . "\n" . $due,
+				]
+			);
+
+			if(!$zem) {
+
+				$ko++;
+				$msg = 'ZAI0208E,' . sprintf( t('%s : Message delivery failed.'), $recip);
+
+			} else {
+
+				$ok++;
+				$msg = 'ZAI0208I ' . sprintf( t('To %s : Message delivery success.'), $recip);
+
+				// if verify_email is the rule, email becomes a dId2 - NO
+				// $did2 = ($flags & ACCOUNT_UNVERIFIED) == ACCOUNT_UNVERIFIED ? $recip : '';
+
+				// always enforce verify email with invitations, thus email becomes a dId2
+				$did2 = $recip;
+				$flags |= ACCOUNT_UNVERIFIED;
+
+				// defaults vital, reg_pass
+				$r = q("INSERT INTO register ("
+				. "reg_flags,reg_didx,reg_did2,reg_hash,reg_created,reg_startup,reg_expires,reg_email,reg_byc,reg_uid,reg_atip,reg_lang,reg_stuff)"
+				. " VALUES ( %d, 'i', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', '%s', '%s') ",
+					intval($flags),
+					dbesc($did2),
+					dbesc($invite_code),
+					dbesc(datetime_convert()),
+					dbesc(datetime_convert()),
+					dbesc($dur['due']),
+					dbesc($recip),
+					intval($inby),
+					intval($account['account_id']),
+					dbesc($reonar['fromip']),
+					dbesc($reonar['lang']),
+					dbesc(json_encode( array('reon' => $reonar) ))
+				);
+			}
+			$msg .= ' (a' . $account['account_id'] . ', c' . $inby . ', from:' . $reonar['from'] . ')';
+			zar_log( $msg);
+		}
+
+		$ok + $ko > 0
+		? notice( 'ZAI0212I ' . sprintf( t('%1$d mail(s) sent, %2$d mail error(s)'), $ok, $ko) . EOL)
+		: '';
+		//logger( print_r( $reonar, true) );
+
 		return;
 	}
-	
-	
+
+
 	function get() {
-	
+
+		// zai1
+
 		if(! local_channel()) {
-			notice( t('Permission denied.') . EOL);
+			notice( 'ZAI0101E,' . t('Permission denied.') . EOL);
 			return;
 		}

@@ -107,68 +307,267 @@ class Invite extends Controller {
 			//Do not display any associated widgets at this point
 			App::$pdl = '';

-			$o = '<b>' . t('Invite App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= t('Send email invitations to join this network');
+			$o = 'ZAI0102E,' . t('Invite App') . ' (' . t('Not Installed') . ')' . EOL;
 			return $o;
 		}

-		nav_set_selected('Invite');
-	
-		$tpl = get_markup_template('invite.tpl');
-		$invonly = false;
-	
-		if(get_config('system','invitation_only')) {
-			$invonly = true;
-			$x = get_pconfig(local_channel(),'system','invites_remaining');
-			if((! $x) && (! is_site_admin())) {
-				notice( t('You have no more invitations available') . EOL);
+		if (! (get_config('system','invitation_also') || get_config('system','invitation_only')) ) {
+			$o = 'ZAI0103E,' . t('Invites not proposed by configuration') . '. ';
+			$o .= t('Contact the site admin');
+			return $o;
+		}
+
+		// invitation_by_user may still not configured, the default 'na' will tell this
+		// if configured, 0 disables invitations by users, other numbers are how many invites a user may propagate
+		$invuser = get_config('system','invitation_by_user', 'na');
+
+		// if the mortal user drives the invitation
+		If (! is_site_admin()) {
+
+			// when not configured, 4 is the default
+			$invuser = ($invuser === 'na') ? 4 : $invuser;
+
+			// a config value 0 disables invitation by users
+			if (!$invuser) {
+				$o = 'ZAI0104E, ' . t('Invites by users not enabled') . '. ';
+				return $o;
+			}
+
+			if ($ihave >= $invuser) {
+				notice( 'ZAI0105W,' . t('You have no more invitations available') . EOL);
 				return '';
 			}
+
+		} else {
+			// general deity admin invite limit infinite (theoretical)
+			if ($invuser === 'na') set_config('system','invitation_by_user', 4);
+			// for display only
+			$invuser = '∞';
 		}
-	
-			if($invonly && ($x || is_site_admin())) {
-				$invite_code = autoname(8) . rand(1000,9999);
-				$nmessage = str_replace('$invite_code',$invite_code,$message);
-	
-				$r = q("INSERT INTO register (hash,created,uid,password,lang) VALUES ('%s', '%s',0,'','') ",
-					dbesc($invite_code),
-					dbesc(datetime_convert())
-				);
-	
-				if(! is_site_admin()) {
-					$x --;
-					if($x >= 0)
-						set_pconfig(local_channel(),'system','invites_remaining',$x);
-					else
-						return;
-				}
-			}
-	
+
+		// xchan record of the page observer
+		// while quoting matters the user, the sending is associated with a channel (of the user)
+		// also the admin may and should decide, which channel will told to the public
 		$ob = App::get_observer();
 		if(! $ob)
-			return $o;
-	
-		$channel = App::get_channel();
-	
+			return 'ZAI0109F,' . t('Not on xchan') . EOL;
+		$whereami = $ob['xchan_addr'];
+		$channel  = App::get_channel();
+		$whoami = $channel['channel_address'];
+
+		// to pass also to post()
+		$tao = 'tao.zai.whereami = ' . "'" . $whereami . "';\n"
+			 . 'tao.zai.whoami = ' 	 . "'" . $whoami . "';\n";
+
+		// expirations, duration interval
+		$dur = self::calcdue();
+		$tao .= 'tao.zai.expire = { durn: ' . $dur['durn']
+			  					. ', durq: ' . "'" . $dur['durq']  . "'"
+			  					. ', due: '  . "'" . $dur['due']   . "' };\n";
+
+		// to easy redisplay the empty form
+		nav_set_selected('Invite');
+
+		// inform about the count of invitations we have at all
+		$r = q("SELECT count(reg_id) as ct FROM register WHERE reg_vital = 1");		// where not admin TODO
+		$wehave = ($r ? $r[0]['ct'] : 0);
+
+		// invites max for all users except admins
+		$invmaxau = intval(get_config('system','invitations_max_users'));
+		if(! $invmaxau) {
+			$invmaxau = 50;
+			if (is_site_admin()) {
+				set_config('system','invitations_max_users',intval($invmaxau));
+			}
+		}
+
+		if ($wehave > $invmaxau) {
+			if (! is_site_admin()) {
+				$feedbk .= 'ZAI0200E,' . t('All users invitation limit exceeded.') . $eol;
+			}
+		}
+
+		// let see how many invites currently used by the user
+		$r = q("SELECT count(reg_id) AS n FROM register WHERE reg_vital = 1 AND reg_byc = %d",
+			 intval(local_channel()));
+		$ihave = $r ? $r[0]['n'] : 0;
+
+		$tpl = get_markup_template('invite.tpl');
+
+		$inv_rabots = array(
+ 					'i'	=> t('Minute(s)'),
+ 					'h' => t('Hour(s)')  ,
+ 					'd' => t('Day(s)')
+		);
+		$inv_expire = replace_macros(get_markup_template('field_duration.qmc.tpl'),
+			 array(
+			 	'label'  	=> t('Invitation expires after'),
+			 	'qmc'	 	=> 'zai',
+				'qmcid'		=> 'ZAI0014I',
+			 	'field' => 	array(
+			 		'name'  => 'expire',
+			 		'title' => t('duration up from now'),
+			 		'value' => ($invexpire_n ? $invexpire_n : 2),
+			 		'min'  => '1',
+			 		'max'  => '99',
+			 		'size' => '2',
+					'default' => ($invexpire_u ? $invexpire_u : 'd')
+			 	),
+			 	'rabot'	=> 	$inv_rabots
+			 )
+		);
+
+		// let generate an invite code that here and never will be applied (only to fill displayed template)
+		// real invite codes become generated for each recipient when we store the new invitation(s)
+		// $invite_code = substr(str_shuffle('abcdefghijklmnopqrstuvwxyz'), 0, 8) . rand(1000,9999);
+		// let take one descriptive for template (as said is never used)
+		$invite_code = 'INVITATE2020';
+
+		// what languages we use now
+		$lccmy	= ((isset(App::$config['system']['language'])) ? App::$config['system']['language'] : 'en');
+		// and all the localized templates belonging to invite
+		$tpls	= glob('view/*/invite.*.tpl');
+
+		$tpla=$tplx=$tplxs=array();
+		foreach ($tpls as $tpli) {
+			list( $nop, $l, $t ) = explode( '/', $tpli);
+			if ( preg_match('/\.subject/', $t) =='1' ) {
+				// indicate a subject tpl exists
+				$t=str_replace(array('invite.', '.subject', '.tpl'), '', $t);
+				$tplxs[$l][$t]=true;
+				continue;
+			}
+			// collect unique template names cross all languages and
+			// tpla[language][]=template those available in each language
+			$tplx[] = $tpla[$l][] = str_replace( array('invite.', '.tpl'), '', $t);
+		}
+
+		$langs = array_keys($tpla);
+		asort($langs);
+
+		$tplx = array_unique($tplx);
+		asort($tplx);
+
+		// prepare current language and the default standard template (causual) for js
+		// With and in js, I use a var 'tao' as a shortcut for top array object
+		// and also qualify the object with the prefix zai = tao.zai as my var used outsite functions
+		// can be unique within the overall included spaghette whirls
+		// one can say Im too lazy to write prototypes and just I can agree.
+		// tao simply applies the fact of using the same var as object and/or array in ja.
+		$tao.='tao.zai.lccmy = ' . "'" . $lccmy . "';\n" . 'tao.zai.itpl = ' . "'" . 'casual' . "';\n";
+
+		$lcclane=$tx=$tplin='';
+		//$lccsym='<span class="fa zai_fa zai_lccsym"></span>';	// alt 
+		$tplsym='<span class="fa zai_fa"></span>';
+
+		// I will uncomment for js console debug
+		// $tao.='tao.zai.debug = ' . "'" . json_encode($tplxs) . "';\n";
+
+		// running thru the localized templates (subjects and textmsgs) and bring them to tao
+		// lcc LanguageCountryCode,
+		// lcc2 is a 2 character and lcc5 a 5 character LanguageCountryCode
+		foreach($tpla as $l => $tn) {
+
+			// restyle lc to iso getttext format to avoid errors in js, hilite the current
+			$lcc = str_replace('-', '_', $l);
+			$hi = ($l == $lccmy) ? ' zai_hi' : '';
+			$lcc2 = strlen($l) == 2 ? ' zai_lcc2' : '';
+			$lcc5 = strlen($l) == 5 ? ' zai_lcc5' : '';
+			$lccg = ' zai_lccg' . substr( $l, 0, 2 );
+			$lcclane
+			.= 	'<span class="fa zai_fa zai_lccsym' . $lcc2 . $lcc5 . $lccg . '"></span>'
+			.	'<a href="javascript:;" class="zai_lcc' . $lcc2 . $lcc5 . $lccg . $hi . '">' . $lcc . '</a>';
+			//  textmsg
+			$tao .= 'tao.zai.t.' . $lcc . ' = {};' . "\n";
+			//  subject
+			$tao .= 'tao.zai.s.' . $lcc . ' = {};' . "\n";
+
+			// resolve localized templates and take intented lc for
+			foreach($tn as $t1) {
+
+				// save current lc and take the desired
+				push_lang($l);
+
+				// resolve
+				$tx = replace_macros(get_intltext_template('invite.'.$t1.'.tpl'),
+					array(
+						'$projectname'		=> t('$Projectname'),
+						'$invite_code'		=> $invite_code,
+						'$invite_where' 	=> z_root() . '/register',
+						'$invite_whereami'	=> $whereami,
+						'$invite_whoami'	=> z_root() . '/channel/' . $whoami,
+						'$invite_anywhere'	=> z_root() . '/pubsites'
+					)
+				);
+
+				// a default subject if no associated exists
+				$ts=t('Invitation');
+				if ( $tplxs[$l][$t1] )
+					$ts = replace_macros(get_intltext_template('invite.'.$t1.'.subject.tpl'),
+					array(
+						'$projectname'		=> t('$Projectname'),
+						'$invite_loc'		=> get_config('system','sitename')
+					)
+				);
+
+				// restore lc to current foreground
+				pop_lang();
+
+				// bring to tao as js like it
+				$tao .= 'tao.zai.t.' . $lcc . '.' . $t1 . " = '" . rawurlencode($tx) . "';\n";
+				$tao .= 'tao.zai.s.' . $lcc . '.' . $t1 . " = '" . rawurlencode($ts) . "';\n";
+			}
+		}
+
+		// hilite the current defauls just from the beginning
+		foreach ($tplx as $t1) {
+			$hi = ($t1 == 'casual') ? ' zai_hi' : '';
+			$tplin .= $tplsym.'<a href="javascript:;" id="zai-' . $t1
+					. '" class="invites'.$hi.'">' . $t1 . '</a>';
+		}
+
+		// fill the form for foreground
 		$o = replace_macros($tpl, array(
 			'$form_security_token' => get_form_security_token("send_invite"),
+			'$zai'	=> strtolower(self::MYP),
+			'$tao'	=> $tao,
 			'$invite' => t('Send invitations'),
-			'$addr_text' => t('Enter email addresses, one per line:'),
-			'$msg_text' => t('Your message:'),
-			'$default_message' => t('Please join my community on $Projectname.') . "\r\n" . "\r\n"
-				. $linktxt
-				. (($invonly) ? "\r\n" . "\r\n" . t('You will need to supply this invitation code:') . " " . $invite_code . "\r\n" . "\r\n" : '')
-				. t('1. Register at any $Projectname location (they are all inter-connected)')
-				. "\r\n" . "\r\n" . z_root() . '/register'
-				. "\r\n" . "\r\n" . t('2. Enter my $Projectname network address into the site searchbar.')
-				. "\r\n" . "\r\n" . $ob['xchan_addr'] . ' (' . t('or visit') . " " . z_root() . '/channel/' . $channel['channel_address'] . ')'
-				. "\r\n" . "\r\n"
-				. t('3. Click [Connect]')
-				. "\r\n" . "\r\n"  ,
+			'$ihave'  => 'ZAI0106I, ' . t('Invitations I am using') . ': ' . $ihave . ' / ' . $invuser,
+			'$wehave' => 'ZAI0107I, ' . t('Invitations we are using') . ': ' . $wehave . ' / ' . $invmaxau,
+			'$n10' => 'ZAI0010I',	'$m10' => t('§ Note, the email(s) sent will be recorded in the system logs'),
+			'$n11' => 'ZAI0011I',	'$m11' => t('Enter email addresses, one per line:'),
+			'$n12' => 'ZAI0012I',	'$m12' => t('Your message:'),
+			'$n13' => 'ZAI0013I',	'$m13' => t('Invite template'),
+			'$inv_expire' => $inv_expire,
+			'$subject_label' => t('Subject:'),
+			'$subject'	=> t('Invitation'),
+			'$lcclane'		=> $lcclane,
+			'$tplin'	=> $tplin,
+			'$standard_message' => '',
+			'$personal_message' => '',
+			'$personal_pointer' => t('Here you may enter personal notes to the recipient(s)'),
+			'$due' => t('Note, the invitation code is valid up to') . ' ' . $dur['due'],
 			'$submit' => t('Submit')
 		));
-	
+
 		return $o;
 	}
-	
+
+	function calcdue($duri=false) {
+		// expirations, duration interval
+		if ($duri===false)
+			$duri = get_config('system','register_expire', '2d');
+		if ( preg_match( '/^[0-9]{1,2}[ihdwmy]{1}$/', $duri ) ) {
+			$durq = substr($duri, -1);
+			$durn = substr($duri, 0, -1);
+			$due  = date('Y-m-d H:i:s', strtotime('+' . $durn . ' '
+				  . str_replace( array(':i',':h',':d',':w',':m',':y'),
+			 				 	 array('minutes', 'hours', 'days', 'weeks', 'months', 'years'),
+			 		 (':'.$durq))
+				));
+			return array( 'durn' => $durn, 'durq' => $durq, 'due' => $due);
+		}
+		return false;
+	}
 }
+
--- a/Zotlabs/Module/Item.php
+++ b/Zotlabs/Module/Item.php
@@ -55,7 +55,12 @@ class Item extends Controller {

 			$portable_id = EMPTY_STR;

-			$item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 ";
+			$item_normal_extra = sprintf(" and not verb in ('%s', '%s') ",
+				dbesc(ACTIVITY_FOLLOW),
+				dbesc(ACTIVITY_UNFOLLOW)
+			);
+
+			$item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 $item_normal_extra ";

 			$i = null;

@@ -167,7 +172,12 @@ class Item extends Controller {

 			$portable_id = EMPTY_STR;

-			$item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 ";
+			$item_normal_extra = sprintf(" and not verb in ('%s', '%s') ",
+				dbesc(ACTIVITY_FOLLOW),
+				dbesc(ACTIVITY_UNFOLLOW)
+			);
+
+			$item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 $item_normal_extra ";

 			$i = null;

@@ -735,10 +745,10 @@ class Item extends Controller {

 			if($parent_item) {
 				$acl->set($parent_item);
-				$private = intval($acl->is_private() || $parent_item['item_private']);
-				$public_policy     = $parent_item['public_policy'];
-				$owner_hash        = $parent_item['owner_xchan'];
-				$webpage           = $parent_item['item_type'];
+				$private       = intval($parent_item['item_private']);
+				$public_policy = $parent_item['public_policy'];
+				$owner_hash    = $parent_item['owner_xchan'];
+				$webpage       = $parent_item['item_type'];
 			}

 			if((! $allow_empty) && (! strlen($body))) {
@@ -812,6 +822,8 @@ class Item extends Controller {

 		$post_tags = [];

+
+
 		if($mimetype === 'text/bbcode') {

 			require_once('include/text.php');
@@ -821,18 +833,16 @@ class Item extends Controller {
 			// and will require alternatives for alternative content-types (text/html, text/markdown, text/plain, etc.)
 			// we may need virtual or template classes to implement the possible alternatives

-			$summary = cleanup_bbcode($summary);
 			$body = cleanup_bbcode($body);

 			// Look for tags and linkify them

-			$results = linkify_tags($summary, ($uid) ? $uid : $profile_uid);
 			$results = linkify_tags($body, ($uid) ? $uid : $profile_uid);

 			if($results) {

 				// Set permissions based on tag replacements
-				set_linkified_perms($results, $str_contact_allow, $str_group_allow, $profile_uid, $parent_item, $private);
+				set_linkified_perms($results, $str_contact_allow, $str_group_allow, $profile_uid, $private, $parent_item);

 				foreach($results as $result) {
 					$success = $result['success'];
--- a/Zotlabs/Module/Lang.php
+++ b/Zotlabs/Module/Lang.php
@@ -7,6 +7,52 @@ use Zotlabs\Web\Controller;

 class Lang extends Controller {

+	const MYP = 	'ZIN';
+	const VERSION =	'2.0.0';
+
+	function post() {
+
+		$re = [];
+		$isajax = is_ajax();
+		$eol 	= $isajax ? "\n" : EOL;
+
+		if (! Apps::system_app_installed(local_channel(), 'Language')) {
+			$re['msg'] = 'ZIN0202E, ' . t('Language App') . ' (' . t('Not Installed') . ')' ;
+			notice( $re['msg'] . EOL);
+			if ($isajax) {
+				echo json_encode( $re );
+				killme();
+				exit;
+			} else {
+				return;
+			}
+		}
+
+		$lc = x($_POST['zinlc']) && preg_match('/^\?\?|[a-z]{2,2}[x_\-]{0,1}[a-zA-Z]{0,2}$/', $_POST['zinlc']) 
+			? $_POST['zinlc'] : '';
+		$lcs= x($_POST['zinlcs']) && preg_match('/^[a-z,_\-]{0,191}$/', $_POST['zinlcs']) 
+			? $_POST['zinlcs'] : '';
+
+		if ($isajax) {
+
+			if ($lc == '??') {
+				$re['lc'] = get_best_language();
+				$re['lcs'] = language_list();
+			} else {
+				$re['lc'] = $lc;
+				$re['alc'] = App::$language;
+				$re['slc'] = $_SESSION['language'];
+				$_SESSION['language'] = $lc;
+				App::$language = $lc;
+				load_translation_table($lc, true);
+			}
+
+			echo json_encode( $re );
+			killme();
+			exit;
+		}
+	}
+
 	function get() {

 		if(local_channel()) {
--- a/Zotlabs/Module/Locs.php
+++ b/Zotlabs/Module/Locs.php
@@ -28,9 +28,8 @@ class Locs extends Controller {
 					return;
 				}

-				q("UPDATE hubloc SET hubloc_primary = 0 WHERE hubloc_primary = 1 AND (hubloc_hash = '%s' OR hubloc_hash = '%s')",
-					dbesc($channel['channel_hash']),
-					dbesc($channel['channel_portable_id'])
+				q("UPDATE hubloc SET hubloc_primary = 0 WHERE hubloc_primary = 1 AND hubloc_hash = '%s'",
+					dbesc($channel['channel_hash'])
 				);

 				q("UPDATE hubloc SET hubloc_primary = 1 WHERE hubloc_id = %d AND hubloc_hash = '%s'",
@@ -81,10 +80,9 @@ class Locs extends Controller {
 					}
 				}

-				q("UPDATE hubloc SET hubloc_deleted = 1 WHERE hubloc_id_url = '%s' AND (hubloc_hash = '%s' OR hubloc_hash = '%s')",
+				q("UPDATE hubloc SET hubloc_deleted = 1 WHERE hubloc_id_url = '%s' AND hubloc_hash = '%s'",
 					dbesc($r[0]['hubloc_id_url']),
-					dbesc($channel['channel_hash']),
-					dbesc($channel['channel_portable_id'])
+					dbesc($channel['channel_hash'])
 				);
 				Master::Summon( [ 'Notifier', 'refresh_all', $channel['channel_id'] ] );
 				return;
--- a/Zotlabs/Module/Magic.php
+++ b/Zotlabs/Module/Magic.php
@@ -40,7 +40,7 @@ class Magic extends Controller {
 			goaway($dest);
 		}

-		$basepath = $parsed['scheme'] . '://' . $parsed['host'] . (($parsed['port']) ? ':' . $parsed['port'] : ''); 
+		$basepath = $parsed['scheme'] . '://' . $parsed['host'] . (isset($parsed['port']) ? ':' . $parsed['port'] : '');
 		$owapath = SConfig::get($basepath,'system','openwebauth', $basepath . '/owa');

 		// This is ready-made for a plugin that provides a blacklist or "ask me" before blindly authenticating. 
@@ -110,6 +110,7 @@ class Magic extends Controller {
 				$headers['(request-target)'] = 'post ' . '/owa';

 				$headers = HTTPSig::create_sig($headers,$channel['channel_prvkey'], channel_url($channel),true,'sha512');
+				$redirects = 0;
 				$x = z_post_url($owapath,$data,$redirects,[ 'headers' => $headers ]);
 				logger('owa fetch returned: ' . print_r($x,true),LOGGER_DATA);
 				if ($x['success']) {
--- a/Zotlabs/Module/Manage.php
+++ b/Zotlabs/Module/Manage.php
@@ -5,18 +5,18 @@ namespace Zotlabs\Module;
 class Manage extends \Zotlabs\Web\Controller {

 	function get() {
-	
+
 		if((! get_account_id()) || ($_SESSION['delegate'])) {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}

 		nav_set_selected('Channel Manager', 'settings/manage');
-	
+
 		require_once('include/security.php');
-	
+
 		$change_channel = ((argc() > 1) ? intval(argv(1)) : 0);
-	
+
 		if((argc() > 2) && (argv(2) === 'default')) {
 			$r = q("select channel_id from channel where channel_id = %d and channel_account_id = %d limit 1",
 				intval($change_channel),
@@ -31,7 +31,7 @@ class Manage extends \Zotlabs\Web\Controller {
 			goaway(z_root() . '/manage');
 		}

-	
+
 		if($change_channel) {

 			$r = change_channel($change_channel);
@@ -45,29 +45,29 @@ class Manage extends \Zotlabs\Web\Controller {
 			}
 			goaway(z_root());
 		}
-	
+
 		$channels = null;
-	
+
 		$r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel.channel_account_id = %d and channel_removed = 0 order by channel_name ",
 			intval(get_account_id())
 		);
-	
+
 		$account = \App::get_account();
-	
+
 		if($r && count($r)) {
 			$channels = $r;
 			for($x = 0; $x < count($channels); $x ++) {
 				$channels[$x]['link'] = 'manage/' . intval($channels[$x]['channel_id']);
-				$channels[$x]['default'] = (($channels[$x]['channel_id'] == $account['account_default_channel']) ? "1" : ''); 
+				$channels[$x]['default'] = (($channels[$x]['channel_id'] == $account['account_default_channel']) ? "1" : '');
 				$channels[$x]['default_links'] = '1';
-	
-	
+
+
 				$c = q("SELECT id, item_wall FROM item
 					WHERE item_unseen = 1 and uid = %d " . item_normal(),
 					intval($channels[$x]['channel_id'])
 				);
-	
-				if($c) {	
+
+				if($c) {
 					foreach ($c as $it) {
 						if(intval($it['item_wall']))
 							$channels[$x]['home'] ++;
@@ -75,25 +75,15 @@ class Manage extends \Zotlabs\Web\Controller {
 							$channels[$x]['network'] ++;
 					}
 				}
-	
-	
+
+
 				$intr = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and abook_pending = 1 and abook_self = 0 and abook_ignored = 0 and xchan_deleted = 0 and xchan_orphan = 0 ",
 					intval($channels[$x]['channel_id'])
 				);
-	
+
 				if($intr)
 					$channels[$x]['intros'] = intval($intr[0]['total']);
-	
-	
-				$mails = q("SELECT count(id) as total from mail WHERE channel_id = %d AND mail_seen = 0 and from_xchan != '%s' ",
-					intval($channels[$x]['channel_id']),
-					dbesc($channels[$x]['channel_hash'])
-				);
-	
-				if($mails)
-					$channels[$x]['mail'] = intval($mails[0]['total']);
-			
-	
+
 				$events = q("SELECT etype, dtstart, adjust FROM event
 					WHERE event.uid = %d AND dtstart < '%s' AND dtstart > '%s' and dismissed = 0
 					ORDER BY dtstart ASC ",
@@ -101,7 +91,7 @@ class Manage extends \Zotlabs\Web\Controller {
 					dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + 7 days')),
 					dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days'))
 				);
-	
+
 				if($events) {
 					$channels[$x]['all_events'] = count($events);

@@ -128,7 +118,7 @@ class Manage extends \Zotlabs\Web\Controller {
 				}
 			}

-		}			
+		}

 		$r = q("select count(channel_id) as total from channel where channel_account_id = %d and channel_removed = 0",
 			intval(get_account_id())
@@ -140,23 +130,23 @@ class Manage extends \Zotlabs\Web\Controller {
 		else {
 			$channel_usage_message = '';
 	 	}
-	
-	
+
+
 		$create = array( 'new_channel', t('Create a new channel'), t('Create New'));
-	
+
 		$delegates = null;

 		if(local_channel()) {
-			$delegates = q("select * from abook left join xchan on abook_xchan = xchan_hash where 
+			$delegates = q("select * from abook left join xchan on abook_xchan = xchan_hash where
 				abook_channel = %d and abook_xchan in ( select xchan from abconfig where chan = %d and cat = 'their_perms' and k = 'delegate' and v = '1' )",
 				intval(local_channel()),
 				intval(local_channel())
 			);
 		}
-	
+
 		if($delegates) {
 			for($x = 0; $x < count($delegates); $x ++) {
-				$delegates[$x]['link'] = 'magic?f=&bdest=' . bin2hex($delegates[$x]['xchan_url']) 
+				$delegates[$x]['link'] = 'magic?f=&bdest=' . bin2hex($delegates[$x]['xchan_url'] . '?zid=' . get_my_address() . '&delegate=' . urlencode($delegates[$x]['xchan_addr']))
 				. '&delegate=' . urlencode($delegates[$x]['xchan_addr']);
 				$delegates[$x]['channel_name'] = $delegates[$x]['xchan_name'];
 				$delegates[$x]['delegate'] = 1;
@@ -165,7 +155,7 @@ class Manage extends \Zotlabs\Web\Controller {
 		else {
 			$delegates = null;
 		}
-	
+
 		$o = replace_macros(get_markup_template('channels.tpl'), array(
 			'$header'           => t('Channel Manager'),
 			'$msg_selected'     => t('Current Channel'),
@@ -175,15 +165,14 @@ class Manage extends \Zotlabs\Web\Controller {
 			'$msg_make_default' => t('Make Default'),
 			'$create'           => $create,
 			'$all_channels'     => $channels,
-			'$mail_format'      => t('%d new messages'),
 			'$intros_format'    => t('%d new introductions'),
 			'$channel_usage_message' => $channel_usage_message,
 			'$delegated_desc'   => t('Delegated Channel'),
 			'$delegates'        => $delegates
 		));
-	
+
 		return $o;
-	
+
 	}
-	
+
 }
--- a/Zotlabs/Module/Message.php
+++ b/Zotlabs/Module/Message.php
@@ -1,108 +0,0 @@
-<?php
-namespace Zotlabs\Module;
-
-require_once('include/acl_selectors.php');
-require_once('include/message.php');
-require_once('include/zot.php');
-require_once("include/bbcode.php");
-
-
-class Message extends \Zotlabs\Web\Controller {
-
-	function get() {
-	
-		$o = '';
-		nav_set_selected('messages');
-	
-		if(! local_channel()) {
-			notice( t('Permission denied.') . EOL);
-			return login();
-		}
-	
-		$channel = \App::get_channel();
-		head_set_icon($channel['xchan_photo_s']);
-	
-		$cipher = get_pconfig(local_channel(),'system','default_cipher');
-		if(! $cipher)
-			$cipher = 'aes256';
-	
-	/*
-		if((argc() == 3) && (argv(1) === 'dropconv')) {
-			if(! intval(argv(2)))
-				return;
-			$cmd = argv(1);
-			$r = private_messages_drop(local_channel(), argv(2), true);
-			if($r)
-				info( t('Conversation removed.') . EOL );
-			goaway(z_root() . '/mail/combined' );
-		}
-	
-		if(argc() == 2) {
-	
-			switch(argv(1)) {
-				case 'combined':
-					$mailbox = 'combined';
-					$header = t('Conversations');
-					break;
-				case 'inbox':
-					$mailbox = 'inbox';
-					$header = t('Received Messages');
-					break;
-				case 'outbox':
-					$mailbox = 'outbox';
-					$header = t('Sent Messages');
-					break;
-				default:
-					break;
-			}
-	
-			// private_messages_list() can do other more complicated stuff, for now keep it simple
-	
-			$r = private_messages_list(local_channel(), $mailbox, \App::$pager['start'], \App::$pager['itemspage']);
-	
-			if(! $r) {
-				info( t('No messages.') . EOL);
-				return $o;
-			}
-	
-			$messages = array();
-	
-			foreach($r as $rr) {
-	
-				$messages[] = array(
-					'id'         => $rr['id'],
-					'from_name'  => $rr['from']['xchan_name'],
-					'from_url'   => chanlink_hash($rr['from_xchan']),
-					'from_photo' => $rr['from']['xchan_photo_s'],
-					'to_name'    => $rr['to']['xchan_name'],
-					'to_url'     => chanlink_hash($rr['to_xchan']),
-					'to_photo'   => $rr['to']['xchan_photo_s'],
-					'subject'    => (($rr['seen']) ? $rr['title'] : '<strong>' . $rr['title'] . '</strong>'),
-					'delete'     => t('Delete conversation'),
-					'body'       => zidify_links(smilies(bbcode($rr['body']))),
-					'date'       => datetime_convert('UTC',date_default_timezone_get(),$rr['created'], t('D, d M Y - g:i A')),
-					'seen'       => $rr['seen']
-				);
-			}
-	
-	
-			$tpl = get_markup_template('mail_head.tpl');
-			$o = replace_macros($tpl, array(
-				'$header' => $header,
-				'$messages' => $messages
-			));
-	
-	
-			$o .= alt_pager(count($r));	
-	
-			return $o;
-	
-			return;
-	
-		}
-	*/
-	
-		return;
-	}
-	
-}
--- a/Zotlabs/Module/Network.php
+++ b/Zotlabs/Module/Network.php
@@ -20,13 +20,15 @@ class Network extends \Zotlabs\Web\Controller {
 			return;
 		}

-		if(in_array(substr($_GET['search'],0,1),[ '@', '!', '?']) || strpos($_GET['search'], 'https://') === 0)
-			goaway('search' . '?f=&search=' . $_GET['search']);
+		$search = $_GET['search'] ?? '';
+
+		if(in_array(substr($search, 0, 1), [ '@', '!', '?']) || strpos($search, 'https://') === 0)
+			goaway(z_root() . '/search?f=&search=' . $search);

 		if(count($_GET) < 2) {
-			$network_options = get_pconfig(local_channel(),'system','network_page_default');
+			$network_options = get_pconfig(local_channel(), 'system', 'network_page_default');
 			if($network_options)
-				goaway('network' . '?f=&' . $network_options);
+				goaway(z_root() . '/network?f=&' . $network_options);
 		}

 		$channel = App::get_channel();
@@ -80,9 +82,9 @@ class Network extends \Zotlabs\Web\Controller {
 				break;
 		}

-		$search = (($_GET['search']) ? $_GET['search'] : '');
+		$search = $_GET['search'] ?? '';
 		if($search) {
-			if(strpos($search,'#') === 0) {
+			if(strpos($search, '#') === 0) {
 				$hashtags = substr($search,1);
 				$search = '';
 			}
@@ -112,33 +114,35 @@ class Network extends \Zotlabs\Web\Controller {
 			$def_acl    = array('allow_gid' => '<' . $r[0]['hash'] . '>');
 		}

-		$default_cmin = ((Apps::system_app_installed(local_channel(),'Affinity Tool')) ? get_pconfig(local_channel(),'affinity','cmin',0) : (-1));
-		$default_cmax = ((Apps::system_app_installed(local_channel(),'Affinity Tool')) ? get_pconfig(local_channel(),'affinity','cmax',99) : (-1));
+		$default_cmin = ((Apps::system_app_installed(local_channel(), 'Affinity Tool')) ? get_pconfig(local_channel(), 'affinity', 'cmin', 0) : (-1));
+		$default_cmax = ((Apps::system_app_installed(local_channel(), 'Affinity Tool')) ? get_pconfig(local_channel(), 'affinity', 'cmax', 99) : (-1));

-		$cid      = ((x($_GET,'cid'))   ? intval($_GET['cid'])   : 0);
-		$star     = ((x($_GET,'star'))  ? intval($_GET['star'])  : 0);
-		$liked    = ((x($_GET,'liked')) ? intval($_GET['liked']) : 0);
-		$conv     = ((x($_GET,'conv'))  ? intval($_GET['conv'])  : 0);
-		$spam     = ((x($_GET,'spam'))  ? intval($_GET['spam'])  : 0);
-		$cmin     = ((array_key_exists('cmin',$_GET))  ? intval($_GET['cmin'])  : $default_cmin);
-		$cmax     = ((array_key_exists('cmax',$_GET))  ? intval($_GET['cmax'])  : $default_cmax);
-		$file     = ((x($_GET,'file'))  ? $_GET['file']          : '');
-		$xchan    = ((x($_GET,'xchan')) ? $_GET['xchan']         : '');
-		$net      = ((x($_GET,'net'))   ? $_GET['net']           : '');
-		$pf       = ((x($_GET,'pf'))    ? $_GET['pf']            : '');
-		$unseen   = ((x($_GET,'unseen'))    ? $_GET['unseen']            : '');
+		$cid      = ((x($_GET, 'cid'))   ? intval($_GET['cid'])   : 0);
+		$star     = ((x($_GET, 'star'))  ? intval($_GET['star'])  : 0);
+		$liked    = ((x($_GET, 'liked')) ? intval($_GET['liked']) : 0);
+		$conv     = ((x($_GET, 'conv'))  ? intval($_GET['conv'])  : 0);
+		$spam     = ((x($_GET, 'spam'))  ? intval($_GET['spam'])  : 0);
+		$cmin     = ((array_key_exists('cmin', $_GET))  ? intval($_GET['cmin'])  : $default_cmin);
+		$cmax     = ((array_key_exists('cmax', $_GET))  ? intval($_GET['cmax'])  : $default_cmax);
+		$file     = ((x($_GET, 'file'))  ? $_GET['file']          : '');
+		$xchan    = ((x($_GET, 'xchan')) ? $_GET['xchan']         : '');
+		$net      = ((x($_GET, 'net'))   ? $_GET['net']           : '');
+		$pf       = ((x($_GET, 'pf'))    ? $_GET['pf']            : '');
+		$unseen   = ((x($_GET, 'unseen'))    ? $_GET['unseen']            : '');

-                if (Apps::system_app_installed(local_channel(),'Affinity Tool')) {
-			$affinity_locked = intval(get_pconfig(local_channel(),'affinity','lock',1));
+		if (Apps::system_app_installed(local_channel(), 'Affinity Tool')) {
+			$affinity_locked = intval(get_pconfig(local_channel(), 'affinity', 'lock', 1));
 			if ($affinity_locked) {
-                        	set_pconfig(local_channel(),'affinity','cmin',$cmin);
-                        	set_pconfig(local_channel(),'affinity','cmax',$cmax);
+				set_pconfig(local_channel(), 'affinity', 'cmin', $cmin);
+				set_pconfig(local_channel(), 'affinity', 'cmax', $cmax);
 			}
-                }
+		}

-		if(x($_GET,'search') || $file || (!$pf && $cid) || $hashtags || $verb || $category || $conv || $unseen)
+		if(x($_GET, 'search') || $file || (!$pf && $cid) || $hashtags || $verb || $category || $conv || $unseen)
 			$nouveau = true;

+		$cid_r = [];
+
 		if($cid) {
 			$cid_r = q("SELECT abook.abook_xchan, xchan.xchan_addr, xchan.xchan_name, xchan.xchan_url, xchan.xchan_photo_s, xchan.xchan_pubforum from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d and abook_channel = %d and abook_blocked = 0 limit 1",
 				intval($cid),
@@ -160,8 +164,8 @@ class Network extends \Zotlabs\Web\Controller {

 			// search terms header
 			if($search || $hashtags) {
-				$o .= replace_macros(get_markup_template("section_title.tpl"),array(
-					'$title' => t('Search Results For:') . ' ' . (($search) ? htmlspecialchars($search, ENT_COMPAT,'UTF-8') : '#' . htmlspecialchars($hashtags, ENT_COMPAT,'UTF-8'))
+				$o .= replace_macros(get_markup_template('section_title.tpl'), array(
+					'$title' => t('Search Results For:') . ' ' . (($search) ? htmlspecialchars($search, ENT_COMPAT, 'UTF-8') : '#' . htmlspecialchars($hashtags, ENT_COMPAT,'UTF-8'))
 				));
 			}

@@ -189,7 +193,7 @@ class Network extends \Zotlabs\Web\Controller {

 			$x = array(
 				'is_owner'         => true,
-				'allow_location'   => ((intval(get_pconfig($channel['channel_id'],'system','use_browser_location'))) ? '1' : ''),
+				'allow_location'   => ((intval(get_pconfig($channel['channel_id'], 'system', 'use_browser_location'))) ? '1' : ''),
 				'default_location' => $channel['channel_location'],
 				'nickname'         => $channel['channel_address'],
 				'lockstate'        => (($private_editing || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
@@ -205,7 +209,7 @@ class Network extends \Zotlabs\Web\Controller {
 				'reset' => t('Reset form')
 			);

-			$status_editor = status_editor($a,$x,false,'Network');
+			$status_editor = status_editor($a, $x, false, 'Network');
 			$o .= $status_editor;

 		}
@@ -217,7 +221,7 @@ class Network extends \Zotlabs\Web\Controller {


 		$sql_options  = (($star)
-			? " and item_starred = 1 "
+			? ' and item_starred = 1 '
 			: '');

 		$sql_nets = '';
@@ -231,7 +235,7 @@ class Network extends \Zotlabs\Web\Controller {
 			$contact_str = '';
 			$contacts = group_get_members($group);
 			if($contacts) {
-				$contact_str = ids_to_querystr($contacts,'xchan',true);
+				$contact_str = ids_to_querystr($contacts, 'xchan', true);
 			}
 			else {
 				$contact_str = " '0' ";
@@ -245,7 +249,7 @@ class Network extends \Zotlabs\Web\Controller {
 			$x = group_rec_byhash(local_channel(), $group_hash);

 			if($x) {
-				$title = replace_macros(get_markup_template("section_title.tpl"),array(
+				$title = replace_macros(get_markup_template('section_title.tpl'), array(
 					'$title' => t('Privacy group: ') . $x['gname']
 				));
 			}
@@ -288,7 +292,7 @@ class Network extends \Zotlabs\Web\Controller {
 					$p1 = q("SELECT DISTINCT parent FROM item WHERE uid = " . intval(local_channel()) . " AND ( author_xchan = '" . dbesc($cid_r[0]['abook_xchan']) . "' OR owner_xchan = '" . dbesc($cid_r[0]['abook_xchan']) . "' ) $item_normal ");
 					$p2 = q("SELECT oid AS parent FROM term WHERE uid = " . intval(local_channel()) . " AND ttype = $ttype AND term = '" . dbesc($cid_r[0]['xchan_name']) . "'");

-					$p_str = ids_to_querystr(array_merge($p1,$p2),'parent');
+					$p_str = ids_to_querystr(array_merge($p1, $p2), 'parent');
 					if(! $p_str)
 						killme();

@@ -296,7 +300,7 @@ class Network extends \Zotlabs\Web\Controller {
 				}
 			}

-			$title = replace_macros(get_markup_template("section_title.tpl"),array(
+			$title = replace_macros(get_markup_template('section_title.tpl'), array(
 				'$title' => '<a href="' . zid($cid_r[0]['xchan_url']) . '" ><img src="' . zid($cid_r[0]['xchan_photo_s'])  . '" alt="' . urlencode($cid_r[0]['xchan_name']) . '" /></a> <a href="' . zid($cid_r[0]['xchan_url']) . '" >' . $cid_r[0]['xchan_name'] . '</a>'
 			));

@@ -310,7 +314,7 @@ class Network extends \Zotlabs\Web\Controller {
 			if($r) {
 				$item_thread_top = '';
 				$sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true $sql_options AND uid = " . intval(local_channel()) . " AND ( author_xchan = '" . dbesc($xchan) . "' or owner_xchan = '" . dbesc($xchan) . "' ) $item_normal ) ";
-				$title = replace_macros(get_markup_template("section_title.tpl"),array(
+				$title = replace_macros(get_markup_template("section_title.tpl"), array(
 					'$title' => '<a href="' . zid($r[0]['xchan_url']) . '" ><img src="' . zid($r[0]['xchan_photo_s'])  . '" alt="' . urlencode($r[0]['xchan_name']) . '" /></a> <a href="' . zid($r[0]['xchan_url']) . '" >' . $r[0]['xchan_name'] . '</a>'
 				));

@@ -341,13 +345,13 @@ class Network extends \Zotlabs\Web\Controller {
 			$sql_extra3 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery2))));
 		}

-		$sql_extra2 = (($nouveau) ? '' : " AND item.parent = item.id ");
+		$sql_extra2 = (($nouveau) ? '' : ' AND item.parent = item.id ');
 		$sql_extra3 = (($nouveau) ? '' : $sql_extra3);

-		if(x($_GET,'search')) {
+		if(x($_GET, 'search')) {
 			$search = escape_tags($_GET['search']);
-			if(strpos($search,'#') === 0) {
-				$sql_extra .= term_query('item',substr($search,1),TERM_HASHTAG,TERM_COMMUNITYTAG);
+			if(strpos($search, '#') === 0) {
+				$sql_extra .= term_query('item', substr($search, 1), TERM_HASHTAG, TERM_COMMUNITYTAG);
 			}
 			else {
 				$sql_extra .= sprintf(" AND (item.body like '%s' OR item.title like '%s') ",
@@ -364,8 +368,8 @@ class Network extends \Zotlabs\Web\Controller {
 			// The name 'verb' is a holdover from the earlier XML
 			// ActivityStreams specification.

-			if (substr($verb,0,1) === '.') {
-				$verb = substr($verb,1);
+			if (substr($verb, 0, 1) === '.') {
+				$verb = substr($verb, 1);
 				$sql_extra .= sprintf(" AND item.obj_type like '%s' ",
 					dbesc(protect_sprintf('%' . $verb . '%'))
 				);
@@ -378,12 +382,16 @@ class Network extends \Zotlabs\Web\Controller {
 		}

 		if(strlen($file)) {
-			$sql_extra .= term_query('item',$file,TERM_FILE);
+			$sql_extra .= term_query('item', $file, TERM_FILE);
 		}

 		if ($dm) {
-			$sql_extra .= " AND item_private = 2 ";
+			$sql_extra .= ' AND item_private = 2 ';
 		}
+		else {
+			$sql_extra .= ' AND item_private IN (0, 1) ';
+		}
+

 		if($conv) {
 			$item_thread_top = '';
@@ -397,38 +405,38 @@ class Network extends \Zotlabs\Web\Controller {

 		}
 		else {
-			$itemspage = get_pconfig(local_channel(),'system','itemspage');
+			$itemspage = get_pconfig(local_channel(), 'system', 'itemspage');
 			App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 10));
 			$pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(App::$pager['itemspage']), intval(App::$pager['start']));
 		}

 		// cmin and cmax are both -1 when the affinity tool is disabled

-		if(($cmin != (-1)) || ($cmax != (-1))) {
+		if(($cmin !== (-1)) || ($cmax !== (-1))) {

 			// Not everybody who shows up in the network stream will be in your address book.
 			// By default those that aren't are assumed to have closeness = 99; but this isn't
 			// recorded anywhere. So if cmax is 99, we'll open the search up to anybody in
 			// the stream with a NULL address book entry.

-			$sql_nets .= " AND ";
+			$sql_nets .= ' AND ';

-			if($cmax == 99)
-				$sql_nets .= " ( ";
+			if($cmax === 99)
+				$sql_nets .= ' ( ';

-			$sql_nets .= "( abook.abook_closeness >= " . intval($cmin) . " ";
-			$sql_nets .= " AND abook.abook_closeness <= " . intval($cmax) . " ) ";
+			$sql_nets .= '( abook.abook_closeness >= ' . intval($cmin) . ' ';
+			$sql_nets .= ' AND abook.abook_closeness <= ' . intval($cmax) . ' ) ';

-			if($cmax == 99)
-				$sql_nets .= " OR abook.abook_closeness IS NULL ) ";
+			if($cmax === 99)
+				$sql_nets .= ' OR abook.abook_closeness IS NULL ) ';

 		}

-		$net_query = (($net) ? " left join xchan on xchan_hash = author_xchan " : '');
+		$net_query = (($net) ? ' left join xchan on xchan_hash = author_xchan ' : '');
 		$net_query2 = (($net) ? " and xchan_network = '" . protect_sprintf(dbesc($net)) . "' " : '');

-		$abook_uids = " and abook.abook_channel = " . local_channel() . " ";
-		$uids = " and item.uid = " . local_channel() . " ";
+		$abook_uids = ' and abook.abook_channel = ' . local_channel() . ' ';
+		$uids = ' and item.uid = ' . local_channel() . ' ';

 		if(feature_enabled(local_channel(), 'network_list_mode'))
 			$page_mode = 'list';
@@ -453,6 +461,8 @@ class Network extends \Zotlabs\Web\Controller {
 		if($update && $_SESSION['loadtime'])
 			$simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' )  OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) ";

+		$items = [];
+
 		if($nouveau && $load) {
 			// "New Item View" - show all items unthreaded in reverse created date order
 			$items = q("SELECT item.*, item.id AS item_id, created FROM item
@@ -465,22 +475,22 @@ class Network extends \Zotlabs\Web\Controller {
 				ORDER BY item.created DESC $pager_sql "
 			);

-			$parents_str = ids_to_querystr($items,'item_id');
+			$parents_str = ids_to_querystr($items, 'item_id');

 			require_once('include/items.php');

 			xchan_query($items);

-			$items = fetch_post_tags($items,true);
+			$items = fetch_post_tags($items, true);
 		}
 		elseif($update) {

 			// Normal conversation view

 			if($order === 'post')
-				$ordering = "created";
+				$ordering = 'created';
 			else
-				$ordering = "commented";
+				$ordering = 'commented';

 			if($load) {
 				// Fetch a page full of parent items for this page
@@ -511,7 +521,7 @@ class Network extends \Zotlabs\Web\Controller {

 			if($r) {

-				$parents_str = ids_to_querystr($r,'item_id');
+				$parents_str = ids_to_querystr($r, 'item_id');

 				$items = q("SELECT item.*, item.id AS item_id FROM item
 					WHERE true $uids $item_normal
@@ -520,9 +530,9 @@ class Network extends \Zotlabs\Web\Controller {
 					dbesc($parents_str)
 				);

-				xchan_query($items,true);
-				$items = fetch_post_tags($items,true);
-				$items = conv_sort($items,$ordering);
+				xchan_query($items, true);
+				$items = fetch_post_tags($items, true);
+				$items = conv_sort($items, $ordering);
 			}
 			else {
 				$items = array();
@@ -540,7 +550,7 @@ class Network extends \Zotlabs\Web\Controller {
 			// We only launch liveUpdate if you aren't filtering in some incompatible
 			// way and also you aren't writing a comment (discovered in javascript).

-			$maxheight = get_pconfig(local_channel(),'system','network_divmore_height');
+			$maxheight = get_pconfig(local_channel(), 'system', 'network_divmore_height');
 			if(! $maxheight)
 				$maxheight = 400;

@@ -585,7 +595,7 @@ class Network extends \Zotlabs\Web\Controller {
 			));
 		}

-		$o .= conversation($items,$mode,$update,$page_mode);
+		$o .= conversation($items, $mode, $update, $page_mode);

 		if(($items) && (! $update))
 			$o .= alt_pager(count($items));
--- a/Zotlabs/Module/New_channel.php
+++ b/Zotlabs/Module/New_channel.php
@@ -11,7 +11,7 @@ class New_channel extends \Zotlabs\Web\Controller {
 	function init() {

 		$cmd = ((argc() > 1) ? argv(1) : '');
-	
+
 		if($cmd === 'autofill.json') {
 			require_once('library/urlify/URLify.php');
 			$result = array('error' => false, 'message' => '');
@@ -20,14 +20,14 @@ class New_channel extends \Zotlabs\Web\Controller {
 			$x = false;

 			if(get_config('system','unicode_usernames')) {
-				$x = punify(mb_strtolower($n)); 
+				$x = punify(mb_strtolower($n));
 			}

 			if((! $x) || strlen($x) > 64)
 				$x = strtolower(\URLify::transliterate($n));
-	
+
 			$test = array();
-	
+
 			// first name
 			if(strpos($x,' '))
 				$test[] = legal_webbie(substr($x,0,strpos($x,' ')));
@@ -44,19 +44,19 @@ class New_channel extends \Zotlabs\Web\Controller {

 			json_return_and_die(check_webbie($test));
 		}
-	
+
 		if($cmd === 'checkaddr.json') {
 			require_once('library/urlify/URLify.php');
 			$result = array('error' => false, 'message' => '');
 			$n = trim($_REQUEST['nick']);
 			if(! $n) {
-				$n = trim($_REQUEST['name']);	
+				$n = trim($_REQUEST['name']);
 			}

 			$x = false;

 			if(get_config('system','unicode_usernames')) {
-				$x = punify(mb_strtolower($n)); 
+				$x = punify(mb_strtolower($n));
 			}

 			if((! $x) || strlen($x) > 64)
@@ -64,7 +64,7 @@ class New_channel extends \Zotlabs\Web\Controller {


 			$test = array();
-	
+
 			// first name
 			if(strpos($x,' '))
 				$test[] = legal_webbie(substr($x,0,strpos($x,' ')));
@@ -80,57 +80,57 @@ class New_channel extends \Zotlabs\Web\Controller {
 				$test[] = $n;
 				$test[] = $n . mt_rand(1000,9999);
 			}
-	
+
 			for($y = 0; $y < 100; $y ++)
 				$test[] = 'id' . mt_rand(1000,9999);
-	
+
 			json_return_and_die(check_webbie($test));
 		}
-	
-	
+
+
 	}
-	
+
 	function post() {
-	
+
 		$arr = $_POST;
-	
+
 		$acc = \App::get_account();
 		$arr['account_id'] = get_account_id();
-	
-		// prevent execution by delegated channels as well as those not logged in. 
+
+		// prevent execution by delegated channels as well as those not logged in.
 		// get_account_id() returns the account_id from the session. But \App::$account
-		// may point to the original authenticated account. 
-	
+		// may point to the original authenticated account.
+
 		if((! $acc) || ($acc['account_id'] != $arr['account_id'])) {
 			notice( t('Permission denied.') . EOL );
 			return;
 		}
-	
+
 		$result = create_identity($arr);
-	
+
 		if(! $result['success']) {
 			notice($result['message']);
 			return;
 		}
-	
+
 		$newuid = $result['channel']['channel_id'];
-	
+
 		change_channel($result['channel']['channel_id']);
-	
-		$next_page = get_config('system', 'workflow_channel_next', 'profiles');		
+
+		$next_page = get_config('system', 'workflow_channel_next', 'profiles');
 		goaway(z_root() . '/' . $next_page);
-	
+
 	}
-	
+
 	function get() {
-	
+
 		$acc = \App::get_account();
-	
+
 		if((! $acc) || $acc['account_id'] != get_account_id()) {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}
-	
+
 		$default_role = '';
 		$aid = get_account_id();
 		if($aid) {
@@ -140,7 +140,7 @@ class New_channel extends \Zotlabs\Web\Controller {
 			if($r && (! intval($r[0]['total']))) {
 				$default_role = get_config('system','default_permissions_role','social');
 			}
-	
+
 			$limit = account_service_class_fetch(get_account_id(),'total_identities');
 			$canadd = true;
 			if($r && ($limit !== false)) {
@@ -155,7 +155,7 @@ class New_channel extends \Zotlabs\Web\Controller {
 		}

 		$name_help = '<span id="name_help_loading" style="display:none">' . t('Loading') . '</span><span id="name_help_text">';
-		$name_help .= (($default_role) 
+		$name_help .= (($default_role)
 			? t('Your real name is recommended.')
 			: t('Examples: "Bob Jameson", "Lisa and her Horses", "Soccer", "Aviation Group"')
 		);
@@ -176,10 +176,10 @@ class New_channel extends \Zotlabs\Web\Controller {
 		$nickhub = '@' . \App::get_hostname();
 		$nickname = array('nickname', t('Choose a short nickname'), ((x($_REQUEST,'nickname')) ? $_REQUEST['nickname'] : ''), $nick_help, "*");
 		$role = array('permissions_role' , t('Channel role and privacy'), ($privacy_role) ? $privacy_role : 'social', t('Select a channel permission role compatible with your usage needs and privacy requirements.') . '<br>' . '<a href="help/member/member_guide#Channel_Permission_Roles" target="_blank">' . t('Read more about channel permission roles') . '</a>',$perm_roles);
-	
+
 		$o = replace_macros(get_markup_template('new_channel.tpl'), array(
 			'$title'        => t('Create a Channel'),
-			'$desc'         => t('A channel is a unique network identity. It can represent a person (social network profile), a forum (group), a business or celebrity page, a newsfeed, and many other things.') , 
+			'$desc'         => t('A channel is a unique network identity. It can represent a person (social network profile), a forum (group), a business or celebrity page, a newsfeed, and many other things.') ,
 			'$label_import' => t('or <a href="import">import an existing channel</a> from another location.'),
 			'$name'         => $name,
 			'$role'		    => $role,
@@ -190,10 +190,10 @@ class New_channel extends \Zotlabs\Web\Controller {
 			'$channel_usage_message' => $channel_usage_message,
 			'$canadd'	=> $canadd
 		));
-	
+
 		return $o;
-	
+
 	}
-	
-	
+
+
 }
--- a/Zotlabs/Module/Notes.php
+++ b/Zotlabs/Module/Notes.php
@@ -38,7 +38,6 @@ class Notes extends Controller {
 		// push updates to channel clones

 		if((argc() > 1) && (argv(1) === 'sync')) {
-			require_once('include/zot.php');
 			Libsync::build_sync_packet();
 		}

--- a/Zotlabs/Module/Notifications.php
+++ b/Zotlabs/Module/Notifications.php
@@ -6,15 +6,65 @@ require_once('include/bbcode.php');
 class Notifications extends \Zotlabs\Web\Controller {

 	function get() {
-	
+
 		if(! local_channel()) {
-			notice( t('Permission denied.') . EOL);
 			return;
 		}
-	
+
+		// ajax mark all unseen items read
+		if(x($_REQUEST, 'markRead')) {
+			switch($_REQUEST['markRead']) {
+				case 'dm':
+					$r = q("UPDATE item SET item_unseen = 0 WHERE uid = %d AND item_unseen = 1 AND item_private = 2",
+						intval(local_channel())
+					);
+					break;
+				case 'network':
+					$r = q("UPDATE item SET item_unseen = 0 WHERE uid = %d AND item_unseen = 1 AND item_private IN (0, 1)",
+						intval(local_channel())
+					);
+					break;
+				case 'home':
+					$r = q("UPDATE item SET item_unseen = 0 WHERE uid = %d AND item_unseen = 1 AND item_wall = 1 AND item_private IN (0, 1)",
+						intval(local_channel())
+					);
+					break;
+				case 'all_events':
+					$evdays = intval(get_pconfig(local_channel(), 'system', 'evdays', 3));
+					$r = q("UPDATE event SET dismissed = 1 WHERE uid = %d AND dismissed = 0 AND dtstart < '%s' AND dtstart > '%s' ",
+						intval(local_channel()),
+						dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')),
+						dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days'))
+					);
+					break;
+				case 'notify':
+					$r = q("UPDATE notify SET seen = 1 WHERE seen = 0 AND uid = %d",
+						intval(local_channel())
+					);
+					break;
+				case 'pubs':
+					unset($_SESSION['static_loadtime']);
+					break;
+				default:
+					break;
+			}
+			killme();
+		}
+
+		// ajax mark all comments of a parent item read
+		if(x($_REQUEST, 'markItemRead') && local_channel()) {
+			$r = q("UPDATE item SET item_unseen = 0 WHERE  uid = %d AND parent = %d",
+				intval(local_channel()),
+				intval($_REQUEST['markItemRead'])
+			);
+			killme();
+		}
+
 		nav_set_selected('Notifications');
-	
+
 		$o = '';
+		$notif_content = '';
+		$notifications_available = false;

 		$r = q("select count(*) as total from notify where uid = %d and seen = 0",
 			intval(local_channel())
@@ -24,7 +74,8 @@ class Notifications extends \Zotlabs\Web\Controller {
 				and seen = 0 order by created desc limit 50",
 				intval(local_channel())
 			);
-		} else {
+		}
+		else {
 			$r1 = q("select * from notify where uid = %d
 				and seen = 0 order by created desc limit 50",
 				intval(local_channel())
@@ -36,12 +87,12 @@ class Notifications extends \Zotlabs\Web\Controller {
 			);
 			$r = array_merge($r1,$r2);
 		}
-			
+
 		if($r) {
-			$notifications_available = 1;
+			$notifications_available = true;
 			foreach ($r as $rr) {
 				$x = strip_tags(bbcode($rr['msg']));
-				$notif_content = replace_macros(get_markup_template('notify.tpl'),array(
+				$notif_content .= replace_macros(get_markup_template('notify.tpl'),array(
 					'$item_link' => z_root().'/notify/view/'. $rr['id'],
 					'$item_image' => $rr['photo'],
 					'$item_text' => $x,
@@ -54,15 +105,15 @@ class Notifications extends \Zotlabs\Web\Controller {
 		else {
 			$notif_content = t('No more system notifications.');
 		}
-			
+
 		$o .= replace_macros(get_markup_template('notifications.tpl'),array(
 			'$notif_header' => t('System Notifications'),
 			'$notif_link_mark_seen' => t('Mark all seen'),
 			'$notif_content' => $notif_content,
 			'$notifications_available' => $notifications_available,
 		));
-	
+
 		return $o;
 	}
-	
+
 }
--- a/Zotlabs/Module/Notify.php
+++ b/Zotlabs/Module/Notify.php
@@ -8,7 +8,15 @@ class Notify extends \Zotlabs\Web\Controller {
 	function init() {
 		if(! local_channel())
 			return;
-	
+
+		if($_REQUEST['notify_id']) {
+			q("update notify set seen = 1 where id = %d and uid = %d",
+				intval($_REQUEST['notify_id']),
+				intval(local_channel())
+			);
+			killme();
+		}
+
 		if(argc() > 2 && argv(1) === 'view' && intval(argv(2))) {
 			$r = q("select * from notify where id = %d and uid = %d limit 1",
 				intval(argv(2)),
@@ -29,24 +37,24 @@ class Notify extends \Zotlabs\Web\Controller {
 			}
 			goaway(z_root());
 		}
-	
-	
+
+
 	}
-	
-	
+
+
 	function get() {
 		if(! local_channel())
 			return login();
-	
+
 		$notif_tpl = get_markup_template('notifications.tpl');
-			
+
 		$not_tpl = get_markup_template('notify.tpl');
 		require_once('include/bbcode.php');
-	
+
 		$r = q("SELECT * from notify where uid = %d and seen = 0 order by created desc",
 			intval(local_channel())
 		);
-			
+
 		if($r) {
 			foreach ($r as $it) {
 				$notif_content .= replace_macros($not_tpl,array(
@@ -56,18 +64,18 @@ class Notify extends \Zotlabs\Web\Controller {
 					'$item_when' => relative_date($it['created'])
 				));
 			}
-		} 
+		}
 		else {
 			$notif_content .= t('No more system notifications.');
 		}
-			
+
 		$o .= replace_macros($notif_tpl,array(
 			'$notif_header' => t('System Notifications'),
 			'$tabs' => '', // $tabs,
 			'$notif_content' => $notif_content,
 		));
-	
+
 		return $o;
-	
+
 	}
 }
--- a/Zotlabs/Module/Oep.php
+++ b/Zotlabs/Module/Oep.php
@@ -11,24 +11,24 @@ require_once('include/security.php');
 class Oep extends \Zotlabs\Web\Controller {

 	function init() {
-	
+
 		logger('oep: ' . print_r($_REQUEST,true), LOGGER_DEBUG, LOG_INFO);
-	
+
 		$html = ((argc() > 1 && argv(1) === 'html') ? true : false);
 		if($_REQUEST['url']) {
 			$_REQUEST['url'] = strip_zids($_REQUEST['url']);
 			$url = $_REQUEST['url'];
 		}
-	
+
 		if(! $url)
 			http_status_exit(404, 'Not found');
-	
+
 		$maxwidth  = $_REQUEST['maxwidth'];
 		$maxheight = $_REQUEST['maxheight'];
 		$format = $_REQUEST['format'];
 		if($format && $format !== 'json')
 			http_status_exit(501, 'Not implemented');
-	
+
 		if(fnmatch('*/photos/*/album/*',$url))
 			$arr = $this->oep_album_reply($_REQUEST);
 		elseif(fnmatch('*/photos/*/image/*',$url))
@@ -47,7 +47,7 @@ class Oep extends \Zotlabs\Web\Controller {
 			$arr = $this->oep_cards_reply($_REQUEST);
 		elseif(fnmatch('*/articles/*',$url))
 			$arr = $this->oep_articles_reply($_REQUEST);
-	
+
 		if($arr) {
 			if($html) {
 				if($arr['type'] === 'rich') {
@@ -61,13 +61,13 @@ class Oep extends \Zotlabs\Web\Controller {
 			}
 			killme();
 		}
-	
+
 		http_status_exit(404,'Not found');
-	
+
 	}
-	
+
 	function oep_display_reply($args) {
-	
+
 		$ret = array();
 		$url = $args['url'];
 		$maxwidth  = intval($args['maxwidth']);
@@ -83,8 +83,8 @@ class Oep extends \Zotlabs\Web\Controller {

 		$item_normal = item_normal();

-		$p = q("select * from item where mid like '%s' limit 1",
-	  		dbesc($res . '%')
+		$p = q("select * from item where mid = '%s' limit 1",
+	  		dbesc($res)
 		);

 		if(! $p)
@@ -92,7 +92,7 @@ class Oep extends \Zotlabs\Web\Controller {

 		$c = channelx_by_n($p[0]['uid']);

-	
+
 		if(! ($c && $res))
 			return;

@@ -100,60 +100,60 @@ class Oep extends \Zotlabs\Web\Controller {
 			return;

 		$sql_extra = item_permissions_sql($c['channel_id']);
-	
-		$p = q("select * from item where mid like '%s' and uid = %d $sql_extra $item_normal limit 1",
-			dbesc($res . '%'),
+
+		$p = q("select * from item where mid = '%s' and uid = %d $sql_extra $item_normal limit 1",
+			dbesc($res),
 			intval($c['channel_id'])
 		);

 		if(! $p)
 			return;
-		
+
 		xchan_query($p,true);
 		$p = fetch_post_tags($p,true);

 		// This function can get tripped up if the item is already a reshare
-		// (the multiple share declarations do not parse cleanly if nested) 
+		// (the multiple share declarations do not parse cleanly if nested)
 		// So build a template with a known nonsense string as the content, and then
 		// replace that known string with the actual rendered content, sending
 		// each content layer through bbcode() separately.

 		$x = '2eGriplW^*Jmf4';

-	        
+
 		$o = "[share author='".urlencode($p[0]['author']['xchan_name']).
-            "' profile='".$p[0]['author']['xchan_url'] .
-            "' avatar='".$p[0]['author']['xchan_photo_s'].
-            "' link='".$p[0]['plink'].
-		"' auth='".((in_array($p[0]['author']['xchan_network'], ['zot6','zot'])) ? 'true' : 'false') .
-            "' posted='".$p[0]['created'].
-            "' message_id='".$p[0]['mid']."']";
+			"' profile='".$p[0]['author']['xchan_url'] .
+			"' avatar='".$p[0]['author']['xchan_photo_s'].
+			"' link='".$p[0]['plink'].
+			"' auth='".(($p[0]['author']['xchan_network'] === 'zot6') ? 'true' : 'false') .
+			"' posted='".$p[0]['created'].
+			"' message_id='".$p[0]['mid']."']";
 	    if($p[0]['title'])
            $o .= '[b]'.$p[0]['title'].'[/b]'."\r\n";

-		$o .= $x; 
+		$o .= $x;
 		$o .= "[/share]";
 		$o = bbcode($o);
-	
+
 		$o = str_replace($x,bbcode($p[0]['body']),$o);
-	
+
 		$ret['type'] = 'rich';
-	
+
 		$w = (($maxwidth) ? $maxwidth : 640);
 		$h = (($maxheight) ? $maxheight : intval($w * 2 / 3));
-	
+
 		$ret['html'] = '<div style="width: ' . $w . '; height: ' . $h . '; font-family: sans-serif,arial,freesans;" >' . $o . '</div>';
-		
+
 		$ret['width'] = $w;
 		$ret['height'] = $h;
-	
+
 		return $ret;
-	
+
 	}


 	function oep_cards_reply($args) {
-	
+
 		$ret = [];
 		$url = $args['url'];
 		$maxwidth  = intval($args['maxwidth']);
@@ -164,7 +164,7 @@ class Oep extends \Zotlabs\Web\Controller {
 			$res = $matches[3];
 		}
 		if(! ($nick && $res))
-			return $ret; 
+			return $ret;

 		$channel = channelx_by_nick($nick);

@@ -187,8 +187,8 @@ class Oep extends \Zotlabs\Web\Controller {
 			return $ret;
 		}

-		$r = q("select * from item 
-			where item.uid = %d and item_type = %d 
+		$r = q("select * from item
+			where item.uid = %d and item_type = %d
 			$sql_extra order by item.created desc",
 			intval($channel['channel_id']),
 			intval(ITEM_TYPE_CARD)
@@ -208,39 +208,39 @@ class Oep extends \Zotlabs\Web\Controller {

 		$x = '2eGriplW^*Jmf4';

-	        
+
 		$o = "[share author='".urlencode($p[0]['author']['xchan_name']).
-            "' profile='".$p[0]['author']['xchan_url'] .
-            "' avatar='".$p[0]['author']['xchan_photo_s'].
-            "' link='".$p[0]['plink'].
-			"' auth='".((in_array($p[0]['author']['xchan_network'], ['zot6','zot'])) ? 'true' : 'false') .
-            "' posted='".$p[0]['created'].
-            "' message_id='".$p[0]['mid']."']";
-	    if($p[0]['title'])
+			"' profile='".$p[0]['author']['xchan_url'] .
+			"' avatar='".$p[0]['author']['xchan_photo_s'].
+			"' link='".$p[0]['plink'].
+			"' auth='".(($p[0]['author']['xchan_network'] === 'zot6') ? 'true' : 'false') .
+			"' posted='".$p[0]['created'].
+			"' message_id='".$p[0]['mid']."']";
+		if($p[0]['title'])
            $o .= '[b]'.$p[0]['title'].'[/b]'."\r\n";

-		$o .= $x; 
+		$o .= $x;
 		$o .= "[/share]";
 		$o = bbcode($o);
-	
+
 		$o = str_replace($x,bbcode($p[0]['body']),$o);
-	
+
 		$ret['type'] = 'rich';
-	
+
 		$w = (($maxwidth) ? $maxwidth : 640);
 		$h = (($maxheight) ? $maxheight : intval($w * 2 / 3));
-	
+
 		$ret['html'] = '<div style="width: ' . $w . '; height: ' . $h . '; font-family: sans-serif,arial,freesans;" >' . $o . '</div>';
-		
+
 		$ret['width'] = $w;
 		$ret['height'] = $h;
-	
+
 		return $ret;
-	
+
 	}

 	function oep_articles_reply($args) {
-	
+
 		$ret = [];
 		$url = $args['url'];
 		$maxwidth  = intval($args['maxwidth']);
@@ -251,7 +251,7 @@ class Oep extends \Zotlabs\Web\Controller {
 			$res = $matches[3];
 		}
 		if(! ($nick && $res))
-			return $ret; 
+			return $ret;

 		$channel = channelx_by_nick($nick);

@@ -273,8 +273,8 @@ class Oep extends \Zotlabs\Web\Controller {
 			return $ret;
 		}

-		$r = q("select * from item 
-			where item.uid = %d and item_type = %d 
+		$r = q("select * from item
+			where item.uid = %d and item_type = %d
 			$sql_extra order by item.created desc",
 			intval($channel['channel_id']),
 			intval(ITEM_TYPE_ARTICLE)
@@ -294,137 +294,137 @@ class Oep extends \Zotlabs\Web\Controller {

 		$x = '2eGriplW^*Jmf4';

-	        
-		$o = "[share author='".urlencode($p[0]['author']['xchan_name']).
-            "' profile='".$p[0]['author']['xchan_url'] .
-            "' avatar='".$p[0]['author']['xchan_photo_s'].
-            "' link='".$p[0]['plink'].
-			"' auth='".((in_array($p[0]['author']['xchan_network'], ['zot6','zot'])) ? 'true' : 'false') .
-            "' posted='".$p[0]['created'].
-            "' message_id='".$p[0]['mid']."']";
-	    if($p[0]['title'])
-            $o .= '[b]'.$p[0]['title'].'[/b]'."\r\n";

-		$o .= $x; 
+		$o = "[share author='".urlencode($p[0]['author']['xchan_name']).
+			"' profile='".$p[0]['author']['xchan_url'] .
+			"' avatar='".$p[0]['author']['xchan_photo_s'].
+			"' link='".$p[0]['plink'].
+			"' auth='".(($p[0]['author']['xchan_network'] === 'zot6') ? 'true' : 'false') .
+			"' posted='".$p[0]['created'].
+			"' message_id='".$p[0]['mid']."']";
+		if($p[0]['title'])
+			$o .= '[b]'.$p[0]['title'].'[/b]'."\r\n";
+
+		$o .= $x;
 		$o .= "[/share]";
 		$o = bbcode($o);
-	
+
 		$o = str_replace($x,bbcode($p[0]['body']),$o);
-	
+
 		$ret['type'] = 'rich';
-	
+
 		$w = (($maxwidth) ? $maxwidth : 640);
 		$h = (($maxheight) ? $maxheight : intval($w * 2 / 3));
-	
+
 		$ret['html'] = '<div style="width: ' . $w . '; height: ' . $h . '; font-family: sans-serif,arial,freesans;" >' . $o . '</div>';
-		
+
 		$ret['width'] = $w;
 		$ret['height'] = $h;
-	
+
 		return $ret;
-	
+
 	}

-	
+
 	function oep_mid_reply($args) {
-	
+
 		$ret = array();
 		$url = $args['url'];
 		$maxwidth  = intval($args['maxwidth']);
 		$maxheight = intval($args['maxheight']);
-	
+
 		if(preg_match('#//(.*?)/(.*?)/(.*?)/(.*?)mid\=(.*?)(&|$)#',$url,$matches)) {
 			$chn = $matches[3];
 			$res = $matches[5];
 		}
-	
+
 		if(! ($chn && $res))
 			return;
 		$c = q("select * from channel where channel_address = '%s' limit 1",
 			dbesc($chn)
 		);
-	
+
 		if(! $c)
 			return;

 		if(! perm_is_allowed($c[0]['channel_id'],get_observer_hash(),'view_stream'))
 			return;
-	
+
 		$sql_extra = item_permissions_sql($c[0]['channel_id']);
-	
+
 		$p = q("select * from item where mid = '%s' and uid = %d $sql_extra limit 1",
 	  		dbesc($res),
 			intval($c[0]['channel_id'])
 		);
 		if(! $p)
 			return;
-		
+
 		xchan_query($p,true);
 		$p = fetch_post_tags($p,true);

 		// This function can get tripped up if the item is already a reshare
-		// (the multiple share declarations do not parse cleanly if nested) 
+		// (the multiple share declarations do not parse cleanly if nested)
 		// So build a template with a known nonsense string as the content, and then
 		// replace that known string with the actual rendered content, sending
 		// each content layer through bbcode() separately.

 		$x = '2eGriplW^*Jmf4';
-			
+
 		$o = "[share author='".urlencode($p[0]['author']['xchan_name']).
 			"' profile='".$p[0]['author']['xchan_url'] .
 			"' avatar='".$p[0]['author']['xchan_photo_s'].
 			"' link='".$p[0]['plink'].
-			"' auth='".((in_array($p[0]['author']['xchan_network'], ['zot6','zot'])) ? 'true' : 'false') .
+			"' auth='".(($p[0]['author']['xchan_network'] === 'zot6') ? 'true' : 'false') .
 			"' posted='".$p[0]['created'].
 			"' message_id='".$p[0]['mid']."']";
 		if($p[0]['title'])
 			$o .= '[b]'.$p[0]['title'].'[/b]'."\r\n";
-		$o .= $x; 
+		$o .= $x;
 		$o .= "[/share]";
 		$o = bbcode($o);
-	
+
 		$o = str_replace($x,bbcode($p[0]['body']),$o);

 		$ret['type'] = 'rich';
-	
+
 		$w = (($maxwidth) ? $maxwidth : 640);
 		$h = (($maxheight) ? $maxheight : intval($w * 2 / 3));
-	
+
 		$ret['html'] = '<div style="width: ' . $w . '; height: ' . $h . '; font-family: sans-serif,arial,freesans;" >' . $o . '</div>';
-		
+
 		$ret['width'] = $w;
 		$ret['height'] = $h;
-	
+
 		return $ret;
-	
+
 	}
-	
+
 	function oep_profile_reply($args) {
-	
-		
+
+
 		require_once('include/channel.php');

 		$url = $args['url'];
-	
+
 		if(preg_match('#//(.*?)/(.*?)/(.*?)(/|\?|&|$)#',$url,$matches)) {
 			$chn = $matches[3];
 		}
-	
+
 		if(! $chn)
 			return;
-	
+
 		$c = channelx_by_nick($chn);
-	
+
 		if(! $c)
 			return;
-	
-	
+
+
 		$maxwidth  = intval($args['maxwidth']);
 		$maxheight = intval($args['maxheight']);
-	
+
 		$width = 800;
 		$height = 375;
-	
+
 		if($maxwidth) {
 			$width = $maxwidth;
 			$height = (375 / 800) * $width;
@@ -434,59 +434,59 @@ class Oep extends \Zotlabs\Web\Controller {
 				$width = (800 / 375) * $maxheight;
 				$height = $maxheight;
 			}
-		} 
+		}
 		$ret = array();
-	
+
 		$ret['type'] = 'rich';
 		$ret['width'] = intval($width);
 		$ret['height'] = intval($height);
-	
+
 		$ret['html'] = get_zcard_embed($c,get_observer_hash(),array('width' => $width, 'height' => $height));
-	
+
 		return $ret;
-	
+
 	}
-	
+
 	function oep_album_reply($args) {
-	
+
 		$ret = array();
 		$url = $args['url'];
 		$maxwidth  = intval($args['maxwidth']);
 		$maxheight = intval($args['maxheight']);
-	
+
 		if(preg_match('|//(.*?)/(.*?)/(.*?)/album/|',$url,$matches)) {
 			$chn = $matches[3];
 			$res = basename($url);
 		}
-	
+
 		if(! ($chn && $res))
 			return;
 		$c = q("select * from channel where channel_address = '%s' limit 1",
 			dbesc($chn)
 		);
-	
+
 		if(! $c)
 			return;
-	
+
 		if(! perm_is_allowed($c[0]['channel_id'],get_observer_hash(),'view_files'))
 			return;

 		$sql_extra = permissions_sql($c[0]['channel_id']);
-	
+
 		$p = q("select resource_id from photo where album = '%s' and uid = %d and imgscale = 0 $sql_extra order by created desc limit 1",
 	  		dbesc($res),
 			intval($c[0]['channel_id'])
 		);
 		if(! $p)
 			return;
-	
+
 		$res = $p[0]['resource_id'];
-	
+
 		$r = q("select height, width, imgscale, resource_id from photo where uid = %d and resource_id = '%s' $sql_extra order by imgscale asc",
 			intval($c[0]['channel_id']),
 			dbesc($res)
 		);
-	
+
 		if($r) {
 			foreach($r as $rr) {
 				$foundres = false;
@@ -494,62 +494,62 @@ class Oep extends \Zotlabs\Web\Controller {
 					continue;
 				if($maxwidth && $rr['width'] > $maxwidth)
 					continue;
-				$foundres = true;			
+				$foundres = true;
 				break;
 			}
-	
+
 			if($foundres) {
 				$ret['type'] = 'link';
 				$ret['thumbnail_url'] = z_root() . '/photo/' . '/' . $rr['resource_id'] . '-' . $rr['imgscale'];
 				$ret['thumbnail_width'] = $rr['width'];
 				$ret['thumbnail_height'] = $rr['height'];
 			}
-				
-	
+
+
 		}
 		return $ret;
-	
+
 	}
-	
-	
+
+
 	function oep_phototop_reply($args) {
-	
+
 		$ret = array();
 		$url = $args['url'];
 		$maxwidth  = intval($args['maxwidth']);
 		$maxheight = intval($args['maxheight']);
-	
+
 		if(preg_match('|//(.*?)/(.*?)/(.*?)$|',$url,$matches)) {
 			$chn = $matches[3];
 		}
-	
+
 		if(! $chn)
 			return;
 		$c = q("select * from channel where channel_address = '%s' limit 1",
 			dbesc($chn)
 		);
-	
+
 		if(! $c)
 			return;
-	
+
 		if(! perm_is_allowed($c[0]['channel_id'],get_observer_hash(),'view_files'))
 			return;

 		$sql_extra = permissions_sql($c[0]['channel_id']);
-	
+
 		$p = q("select resource_id from photo where uid = %d and imgscale = 0 $sql_extra order by created desc limit 1",
 			intval($c[0]['channel_id'])
 		);
 		if(! $p)
 			return;
-	
+
 		$res = $p[0]['resource_id'];
-	
+
 		$r = q("select height, width, imgscale, resource_id from photo where uid = %d and resource_id = '%s' $sql_extra order by imgscale asc",
 			intval($c[0]['channel_id']),
 			dbesc($res)
 		);
-	
+
 		if($r) {
 			foreach($r as $rr) {
 				$foundres = false;
@@ -557,42 +557,42 @@ class Oep extends \Zotlabs\Web\Controller {
 					continue;
 				if($maxwidth && $rr['width'] > $maxwidth)
 					continue;
-				$foundres = true;			
+				$foundres = true;
 				break;
 			}
-	
+
 			if($foundres) {
 				$ret['type'] = 'link';
 				$ret['thumbnail_url'] = z_root() . '/photo/' . '/' . $rr['resource_id'] . '-' . $rr['imgscale'];
 				$ret['thumbnail_width'] = $rr['width'];
 				$ret['thumbnail_height'] = $rr['height'];
 			}
-				
-	
+
+
 		}
 		return $ret;
-	
+
 	}
-	
-	
+
+
 	function oep_photo_reply($args) {
-	
+
 		$ret = array();
 		$url = $args['url'];
 		$maxwidth  = intval($args['maxwidth']);
 		$maxheight = intval($args['maxheight']);
-	
+
 		if(preg_match('|//(.*?)/(.*?)/(.*?)/image/|',$url,$matches)) {
 			$chn = $matches[3];
 			$res = basename($url);
 		}
-	
+
 		if(! ($chn && $res))
 			return;
 		$c = q("select * from channel where channel_address = '%s' limit 1",
 			dbesc($chn)
 		);
-	
+
 		if(! $c)
 			return;

@@ -600,13 +600,13 @@ class Oep extends \Zotlabs\Web\Controller {
 			return;

 		$sql_extra = permissions_sql($c[0]['channel_id']);
-	
-	
+
+
 		$r = q("select height, width, imgscale, resource_id from photo where uid = %d and resource_id = '%s' $sql_extra order by imgscale asc",
 			intval($c[0]['channel_id']),
 			dbesc($res)
 		);
-	
+
 		if($r) {
 			foreach($r as $rr) {
 				$foundres = false;
@@ -614,20 +614,20 @@ class Oep extends \Zotlabs\Web\Controller {
 					continue;
 				if($maxwidth && $rr['width'] > $maxwidth)
 					continue;
-				$foundres = true;			
+				$foundres = true;
 				break;
 			}
-	
+
 			if($foundres) {
 				$ret['type'] = 'link';
 				$ret['thumbnail_url'] = z_root() . '/photo/' . '/' . $rr['resource_id'] . '-' . $rr['imgscale'];
 				$ret['thumbnail_width'] = $rr['width'];
 				$ret['thumbnail_height'] = $rr['height'];
 			}
-				
-	
+
+
 		}
 		return $ret;
-	
+
 	}
 }
--- a/Zotlabs/Module/Photo.php
+++ b/Zotlabs/Module/Photo.php
@@ -180,7 +180,7 @@ class Photo extends \Zotlabs\Web\Controller {
 				$channel = channelx_by_n($r[0]['uid']);

 				// Now we'll see if we can access the photo
-				$e = q("SELECT * FROM photo WHERE resource_id = '%s' AND imgscale = %d $sql_extra LIMIT 1",
+				$e = q("SELECT * FROM photo WHERE resource_id = '%s' AND imgscale = %d LIMIT 1",
 					dbesc($photo),
 					intval($resolution)
 				);
--- a/Zotlabs/Module/Photos.php
+++ b/Zotlabs/Module/Photos.php
@@ -876,7 +876,7 @@ class Photos extends \Zotlabs\Web\Controller {
 			$prevlink = '';
 			$nextlink = '';

-			if($_GET['order'] === 'posted')
+			if(isset($_GET['order']) && $_GET['order'] === 'posted')
 				$order = 'ASC';
 			else
 				$order = 'DESC';
@@ -901,8 +901,8 @@ class Photos extends \Zotlabs\Web\Controller {
 					}
 				}

-				$prevlink = z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $prvnxt[$prv]['hash'] . (($_GET['order'] === 'posted') ? '?f=&order=posted' : '');
-				$nextlink = z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $prvnxt[$nxt]['hash'] . (($_GET['order'] === 'posted') ? '?f=&order=posted' : '');
+				$prevlink = z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $prvnxt[$prv]['hash'] . (($order == 'ASC') ? '?f=&order=posted' : '');
+				$nextlink = z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $prvnxt[$nxt]['hash'] . (($order == 'ASC') ? '?f=&order=posted' : '');
 	 		}


@@ -987,7 +987,7 @@ class Photos extends \Zotlabs\Web\Controller {
 				}

 				$tags = array();
-				if($link_item['term']) {
+				if(x($link_item, 'term')) {
 					$cnt = 0;
 					foreach($link_item['term'] as $t) {
 						$tags[$cnt] = array(0 => format_term_for_display($t));
@@ -1178,10 +1178,8 @@ class Photos extends \Zotlabs\Web\Controller {
 						if($observer['xchan_hash'] === $item['author_xchan'] || $observer['xchan_hash'] === $item['owner_xchan'])
 							$drop = replace_macros(get_markup_template('photo_drop.tpl'), array('$id' => $item['id'], '$delete' => t('Delete')));

-
 						$name_e = $profile_name;
 						$title_e = $item['title'];
-						unobscure($item);
 						$body_e = prepare_text($item['body'],$item['mimetype']);

 						$comments .= replace_macros($template,array(
--- a/Zotlabs/Module/Ping.php
+++ b/Zotlabs/Module/Ping.php
@@ -1,707 +0,0 @@
-<?php
-
-namespace Zotlabs\Module;
-
-use Zotlabs\Lib\Apps;
-
-require_once('include/bbcode.php');
-
-/**
- * @brief Ping Controller.
- *
- */
-class Ping extends \Zotlabs\Web\Controller {
-
-	/**
-	 * @brief do several updates when pinged.
-	 *
-	 * This function does several tasks. Whenever called it checks for new messages,
-	 * introductions, notifications, etc. and returns a json with the results.
-	 *
-	 * @result JSON
-	 */
-	function init() {
-
-		$result = array();
-		$notifs = array();
-
-		$result['notify'] = 0;
-		$result['home'] = 0;
-		$result['network'] = 0;
-		$result['intros'] = 0;
-		$result['mail'] = 0;
-		$result['register'] = 0;
-		$result['events'] = 0;
-		$result['events_today'] = 0;
-		$result['birthdays'] = 0;
-		$result['birthdays_today'] = 0;
-		$result['all_events'] = 0;
-		$result['all_events_today'] = 0;
-		$result['notice'] = [];
-		$result['info'] = [];
-		$result['pubs'] = 0;
-		$result['files'] = 0;
-		$result['forums'] = 0;
-		$result['forums_sub'] = [];
-
-		if(! $_SESSION['static_loadtime'])
-			$_SESSION['static_loadtime'] = datetime_convert();
-
-		$t0 = dba_timer();
-
-		header("content-type: application/json");
-
-		$vnotify = false;
-
-		$item_normal = item_normal();
-
-		if(local_channel()) {
-			$vnotify = get_pconfig(local_channel(),'system','vnotify');
-			$evdays = intval(get_pconfig(local_channel(),'system','evdays'));
-			$ob_hash = get_observer_hash();
-		}
-
-		// if unset show all visual notification types
-		if($vnotify === false)
-			$vnotify = (-1);
-		if($evdays < 1)
-			$evdays = 3;
-
-		/**
-		 * If you have several windows open to this site and switch to a different channel
-		 * in one of them, the others may get into a confused state showing you a page or options
-		 * on that page which were only valid under the old identity. You session has changed.
-		 * Therefore we send a notification of this fact back to the browser where it is picked up
-		 * in javascript and which reloads the page it is on so that it is valid under the context
-		 * of the now current channel.
-		 */
-
-		$result['invalid'] = ((intval($_GET['uid'])) && (intval($_GET['uid']) != local_channel()) ? 1 : 0);
-
-		/**
-		 * Send all system messages (alerts) to the browser.
-		 * Some are marked as informational and some represent
-		 * errors or serious notifications. These typically
-		 * will popup on the current page (no matter what page it is)
-		 */
-
-		if(x($_SESSION, 'sysmsg')){
-			foreach ($_SESSION['sysmsg'] as $m){
-				$result['notice'][] = array('message' => $m);
-			}
-			unset($_SESSION['sysmsg']);
-		}
-		if(x($_SESSION, 'sysmsg_info')){
-			foreach ($_SESSION['sysmsg_info'] as $m){
-				$result['info'][] = array('message' => $m);
-			}
-			unset($_SESSION['sysmsg_info']);
-		}
-		if(! ($vnotify & VNOTIFY_INFO))
-			$result['info'] = array();
-		if(! ($vnotify & VNOTIFY_ALERT))
-			$result['notice'] = array();
-
-		if(\App::$install) {
-			echo json_encode($result);
-			killme();
-		}
-
-		/**
-		 * Update chat presence indication (if applicable)
-		 */
-
-		if(get_observer_hash() && (! $result['invalid'])) {
-			$r = q("select cp_id, cp_room from chatpresence where cp_xchan = '%s' and cp_client = '%s' and cp_room = 0 limit 1",
-				dbesc(get_observer_hash()),
-				dbesc($_SERVER['REMOTE_ADDR'])
-			);
-			$basic_presence = false;
-			if($r) {
-				$basic_presence = true;
-				q("update chatpresence set cp_last = '%s' where cp_id = %d",
-					dbesc(datetime_convert()),
-					intval($r[0]['cp_id'])
-				);
-			}
-			if(! $basic_presence) {
-				q("insert into chatpresence ( cp_xchan, cp_last, cp_status, cp_client)
-					values( '%s', '%s', '%s', '%s' ) ",
-					dbesc(get_observer_hash()),
-					dbesc(datetime_convert()),
-					dbesc('online'),
-					dbesc($_SERVER['REMOTE_ADDR'])
-				);
-			}
-		}
-
-		/**
-		 * Chatpresence continued... if somebody hasn't pinged recently, they've most likely left the page
-		 * and shouldn't count as online anymore. We allow an expection for bots.
-		 */
-
-		q("delete from chatpresence where cp_last < %s - INTERVAL %s and cp_client != 'auto' ",
-			db_utcnow(), db_quoteinterval('3 MINUTE')
-		);
-
-
-		$sql_extra = '';
-		if(! ($vnotify & VNOTIFY_LIKE))
-			$sql_extra = " AND verb NOT IN ('" . dbesc(ACTIVITY_LIKE) . "', '" . dbesc(ACTIVITY_DISLIKE) . "') ";
-
-		if(local_channel()) {
-			$notify_pubs = ($vnotify & VNOTIFY_PUBS) && can_view_public_stream() && Apps::system_app_installed(local_channel(), 'Public Stream');
-		}
-		else {
-			$notify_pubs = can_view_public_stream();
-		}
-
-		if($notify_pubs) {
-			$sys = get_sys_channel();
-
-			$pubs = q("SELECT count(id) as total from item
-				WHERE uid = %d
-				AND item_unseen = 1
-				AND author_xchan != '%s'
-				AND created > '" . datetime_convert('UTC','UTC',$_SESSION['static_loadtime']) . "'
-				$item_normal
-				$sql_extra",
-				intval($sys['channel_id']),
-				dbesc(get_observer_hash())
-			);
-
-			if($pubs)
-				$result['pubs'] = intval($pubs[0]['total']);
-		}
-
-
-
-		if((argc() > 1) && (argv(1) === 'pubs') && ($notify_pubs)) {
-			$sys = get_sys_channel();
-			$result = array();
-
-			$r = q("SELECT * FROM item
-				WHERE uid = %d
-				AND item_unseen = 1
-				AND author_xchan != '%s'
-				AND created > '" . datetime_convert('UTC','UTC',$_SESSION['static_loadtime']) . "'
-				$item_normal
-				$sql_extra
-				ORDER BY created DESC
-				LIMIT 300",
-				intval($sys['channel_id']),
-				dbesc(get_observer_hash())
-			);
-
-			if($r) {
-				xchan_query($r);
-				foreach($r as $rr) {
-					$rr['llink'] = str_replace('display/', 'pubstream/?f=&mid=', $rr['llink']);
-					$result[] = \Zotlabs\Lib\Enotify::format($rr);
-				}
-			}
-
-//			logger('ping (network||home): ' . print_r($result, true), LOGGER_DATA);
-			echo json_encode(array('notify' => $result));
-			killme();
-		}
-
-		$t1 = dba_timer();
-
-		if((! local_channel()) || ($result['invalid'])) {
-			echo json_encode($result);
-			killme();
-		}
-
-		/**
-		 * Everything following is only permitted under the context of a locally authenticated site member.
-		 */
-
-		/**
-		 * Handle "mark all xyz notifications read" requests.
-		 */
-
-		// mark all items read
-		if(x($_REQUEST, 'markRead') && local_channel()) {
-			switch($_REQUEST['markRead']) {
-				case 'network':
-					$r = q("UPDATE item SET item_unseen = 0 WHERE uid = %d AND item_unseen = 1",
-						intval(local_channel())
-					);
-					break;
-				case 'home':
-					$r = q("UPDATE item SET item_unseen = 0 WHERE uid = %d AND item_unseen = 1 AND item_wall = 1",
-						intval(local_channel())
-					);
-					break;
-				case 'mail':
-					$r = q("UPDATE mail SET mail_seen = 1 WHERE channel_id = %d AND mail_seen = 0",
-						intval(local_channel())
-					);
-					break;
-				case 'all_events':
-					$r = q("UPDATE event SET dismissed = 1 WHERE uid = %d AND dismissed = 0 AND dtstart < '%s' AND dtstart > '%s' ",
-						intval(local_channel()),
-						dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')),
-						dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days'))
-					);
-					break;
-				case 'notify':
-					$r = q("update notify set seen = 1 where uid = %d",
-						intval(local_channel())
-					);
-					break;
-				case 'pubs':
-					unset($_SESSION['static_loadtime']);
-					break;
-				default:
-					break;
-			}
-		}
-
-		if(x($_REQUEST, 'markItemRead') && local_channel()) {
-			$r = q("UPDATE item SET item_unseen = 0 WHERE  uid = %d AND parent = %d",
-				intval(local_channel()),
-				intval($_REQUEST['markItemRead'])
-			);
-		}
-
-		/**
-		 * URL ping/something will return detail for "something", e.g. a json list with which to populate a notification
-		 * dropdown menu.
-		 */
-		if(argc() > 1 && argv(1) === 'notify') {
-			$t = q("SELECT * FROM notify WHERE uid = %d AND seen = 0 ORDER BY CREATED DESC",
-				intval(local_channel())
-			);
-
-			if($t) {
-				foreach($t as $tt) {
-					$message = trim(strip_tags(bbcode($tt['msg'])));
-
-					if(strpos($message, $tt['xname']) === 0)
-						$message = substr($message, strlen($tt['xname']) + 1);
-
-					$mid = basename($tt['link']);
-					$mid = ((strpos($mid, 'b64.') === 0) ? @base64url_decode(substr($mid, 4)) : $mid);
-
-					if(in_array($tt['verb'], [ACTIVITY_LIKE, ACTIVITY_DISLIKE])) {
-						// we need the thread parent
-						$r = q("select thr_parent from item where mid = '%s' and uid = %d limit 1",
-							dbesc($mid),
-							intval(local_channel())
-						);
-						$b64mid = ((strpos($r[0]['thr_parent'], 'b64.') === 0) ? $r[0]['thr_parent'] : 'b64.' . base64url_encode($r[0]['thr_parent']));
-					}
-					else {
-						$b64mid = ((strpos($mid, 'b64.') === 0) ? $mid : 'b64.' . base64url_encode($mid));
-					}
-
-					$notifs[] = array(
-						'notify_link' => z_root() . '/notify/view/' . $tt['id'],
-						'name' => $tt['xname'],
-						'url' => $tt['url'],
-						'photo' => $tt['photo'],
-						'when' => relative_date($tt['created']),
-						'hclass' => (($tt['seen']) ? 'notify-seen' : 'notify-unseen'),
-						'b64mid' => (($tt['otype'] == 'item') ? $b64mid : 'undefined'),
-						'notify_id' => (($tt['otype'] == 'item') ? $tt['id'] : 'undefined'),
-						'message' => $message
-					);
-				}
-			}
-
-			echo json_encode(array('notify' => $notifs));
-			killme();
-		}
-
-		if(argc() > 1 && argv(1) === 'mail') {
-			$channel = \App::get_channel();
-			$t = q("select mail.*, xchan.* from mail left join xchan on xchan_hash = from_xchan
-				where channel_id = %d and mail_seen = 0 and mail_deleted = 0
-				and from_xchan != '%s' order by created desc limit 50",
-				intval(local_channel()),
-				dbesc($channel['channel_hash'])
-			);
-
-			if($t) {
-				foreach($t as $zz) {
-					$notifs[] = array(
-						'notify_link' => z_root() . '/mail/' . $zz['id'],
-						'name' => $zz['xchan_name'],
-						'addr' => $zz['xchan_addr'],
-						'url' => $zz['xchan_url'],
-						'photo' => $zz['xchan_photo_s'],
-						'when' => relative_date($zz['created']),
-						'hclass' => (intval($zz['mail_seen']) ? 'notify-seen' : 'notify-unseen'),
-						'message' => t('sent you a private message'),
-					);
-				}
-			}
-
-			echo json_encode(array('notify' => $notifs));
-			killme();
-		}
-
-		if(argc() > 1 && (argv(1) === 'network' || argv(1) === 'home')) {
-			$result = array();
-
-			if(argv(1) === 'home') {
-				$sql_extra .= ' and item_wall = 1 ';
-			}
-
-			$r = q("SELECT * FROM item 
-				WHERE uid = %d
-				AND item_unseen = 1
-				AND author_xchan != '%s'
-				$item_normal
-				$sql_extra
-				ORDER BY created DESC
-				LIMIT 300",
-				intval(local_channel()),
-				dbesc($ob_hash)
-			);
-
-			if($r) {
-				xchan_query($r);
-				foreach($r as $item) {
-					$result[] = \Zotlabs\Lib\Enotify::format($item);
-				}
-			}
-//			logger('ping (network||home): ' . print_r($result, true), LOGGER_DATA);
-			echo json_encode(array('notify' => $result));
-			killme();
-		}
-
-		if(argc() > 1 && (argv(1) === 'intros')) {
-			$result = array();
-
-			$r = q("SELECT * FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and abook_pending = 1 and abook_self = 0 and abook_ignored = 0 and xchan_deleted = 0 and xchan_orphan = 0 ORDER BY abook_created DESC LIMIT 50",
-				intval(local_channel())
-			);
-
-			if($r) {
-				foreach($r as $rr) {
-					$result[] = array(
-						'notify_link' => z_root() . '/connections/ifpending',
-						'name' => $rr['xchan_name'],
-						'addr' => $rr['xchan_addr'],
-						'url' => $rr['xchan_url'],
-						'photo' => $rr['xchan_photo_s'],
-						'when' => relative_date($rr['abook_created']),
-						'hclass' => ('notify-unseen'),
-						'message' => t('added your channel')
-					);
-				}
-			}
-			logger('ping (intros): ' . print_r($result, true), LOGGER_DATA);
-			echo json_encode(array('notify' => $result));
-			killme();
-		}
-
-		if((argc() > 1 && (argv(1) === 'register')) && is_site_admin()) {
-			$result = array();
-
-			$r = q("SELECT account_email, account_created from account where (account_flags & %d) > 0",
-				intval(ACCOUNT_PENDING)
-			);
-			if($r) {
-				foreach($r as $rr) {
-					$result[] = array(
-						'notify_link' => z_root() . '/admin/accounts',
-						'name' => $rr['account_email'],
-						'addr' => $rr['account_email'],
-						'url' => '',
-						'photo' => z_root() . '/' . get_default_profile_photo(48),
-						'when' => relative_date($rr['account_created']),
-						'hclass' => ('notify-unseen'),
-						'message' => t('requires approval')
-					);
-				}
-			}
-			logger('ping (register): ' . print_r($result, true), LOGGER_DATA);
-			echo json_encode(array('notify' => $result));
-			killme();
-		}
-
-		if(argc() > 1 && (argv(1) === 'all_events')) {
-			$bd_format = t('g A l F d') ; // 8 AM Friday January 18
-
-			$result = array();
-
-			$r = q("SELECT * FROM event left join xchan on event_xchan = xchan_hash
-				WHERE event.uid = %d AND dtstart < '%s' AND dtstart > '%s' and dismissed = 0
-				and etype in ( 'event', 'birthday' )
-				ORDER BY dtstart DESC LIMIT 1000",
-				intval(local_channel()),
-				dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')),
-				dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days'))
-			);
-
-			if($r) {
-				foreach($r as $rr) {
-
-					$strt = datetime_convert('UTC', (($rr['adjust']) ? date_default_timezone_get() : 'UTC'), $rr['dtstart']);
-					$today = ((substr($strt, 0, 10) === datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y-m-d')) ? true : false);
-					$when = day_translate(datetime_convert('UTC', (($rr['adjust']) ? date_default_timezone_get() : 'UTC'), $rr['dtstart'], $bd_format)) . (($today) ?  ' ' . t('[today]') : '');
-
-					$result[] = array(
-						'notify_link' => z_root() . '/cdav/calendar/' . $rr['event_hash'],
-						'name'        => $rr['xchan_name'],
-						'addr'        => $rr['xchan_addr'],
-						'url'         => $rr['xchan_url'],
-						'photo'       => $rr['xchan_photo_s'],
-						'when'        => $when,
-						'hclass'       => ('notify-unseen'),
-						'message'     => t('posted an event')
-					);
-				}
-			}
-			logger('ping (all_events): ' . print_r($result, true), LOGGER_DATA);
-			echo json_encode(array('notify' => $result));
-			killme();
-		}
-
-		if(argc() > 1 && (argv(1) === 'files')) {
-			$result = array();
-
-			$r = q("SELECT item.created, xchan.xchan_name, xchan.xchan_addr, xchan.xchan_url, xchan.xchan_photo_s FROM item 
-				LEFT JOIN xchan on author_xchan = xchan_hash
-				WHERE item.verb = '%s'
-				AND item.obj_type = '%s'
-				AND item.uid = %d
-				AND item.owner_xchan != '%s'
-				AND item.item_unseen = 1",
-				dbesc(ACTIVITY_POST),
-				dbesc(ACTIVITY_OBJ_FILE),
-				intval(local_channel()),
-				dbesc($ob_hash)
-			);
-			if($r) {
-				foreach($r as $rr) {
-					$result[] = array(
-						'notify_link' => z_root() . '/sharedwithme',
-						'name' => $rr['xchan_name'],
-						'addr' => $rr['xchan_addr'],
-						'url' => $rr['xchan_url'],
-						'photo' => $rr['xchan_photo_s'],
-						'when' => relative_date($rr['created']),
-						'hclass' => ('notify-unseen'),
-						'message' => t('shared a file with you')
-					);
-				}
-			}
-			logger('ping (files): ' . print_r($result, true), LOGGER_DATA);
-			echo json_encode(array('notify' => $result));
-			killme();
-		}
-
-		/**
-		 * Normal ping - just the counts, no detail
-		 */
-		if($vnotify & VNOTIFY_SYSTEM) {
-			$t = q("select count(*) as total from notify where uid = %d and seen = 0",
-				intval(local_channel())
-			);
-			if($t)
-				$result['notify'] = intval($t[0]['total']);
-		}
-
-		$t2 = dba_timer();
-
-		if($vnotify & VNOTIFY_FILES) {
-			$files = q("SELECT count(id) as total FROM item
-				WHERE verb = '%s'
-				AND obj_type = '%s'
-				AND uid = %d
-				AND owner_xchan != '%s'
-				AND item_unseen = 1",
-				dbesc(ACTIVITY_POST),
-				dbesc(ACTIVITY_OBJ_FILE),
-				intval(local_channel()),
-				dbesc($ob_hash)
-			);
-			if($files)
-				$result['files'] = intval($files[0]['total']);
-		}
-
-		$t3 = dba_timer();
-
-		if($vnotify & (VNOTIFY_NETWORK|VNOTIFY_CHANNEL)) {
-
-			$r = q("SELECT id, item_wall FROM item 
-				WHERE uid = %d and item_unseen = 1 
-				$item_normal
-				$sql_extra
-				AND author_xchan != '%s'",
-				intval(local_channel()),
-				dbesc($ob_hash)
-			);
-
-			if($r) {
-				$arr = array('items' => $r);
-				call_hooks('network_ping', $arr);
-
-				foreach ($r as $it) {
-					if(intval($it['item_wall']))
-						$result['home'] ++;
-					else
-						$result['network'] ++;
-				}
-			}
-		}
-		if(! ($vnotify & VNOTIFY_NETWORK))
-			$result['network'] = 0;
-		if(! ($vnotify & VNOTIFY_CHANNEL))
-			$result['home'] = 0;
-
-		$t4 = dba_timer();
-
-		if($vnotify & VNOTIFY_INTRO) {
-			$intr = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and abook_pending = 1 and abook_self = 0 and abook_ignored = 0 and xchan_deleted = 0 and xchan_orphan = 0 ",
-				intval(local_channel())
-			);
-
-			$t5 = dba_timer();
-
-			if($intr)
-				$result['intros'] = intval($intr[0]['total']);
-		}
-
-		$t6 = dba_timer();
-		$channel = \App::get_channel();
-
-		if($vnotify & VNOTIFY_MAIL) {
-			$mails = q("SELECT count(id) as total from mail
-				WHERE channel_id = %d AND mail_seen = 0 and from_xchan != '%s' ",
-				intval(local_channel()),
-				dbesc($channel['channel_hash'])
-			);
-			if($mails)
-				$result['mail'] = intval($mails[0]['total']);
-		}
-
-		if($vnotify & VNOTIFY_REGISTER) {
-			if (\App::$config['system']['register_policy'] == REGISTER_APPROVE && is_site_admin()) {
-				$regs = q("SELECT count(account_id) as total from account where (account_flags & %d) > 0",
-					intval(ACCOUNT_PENDING)
-				);
-				if($regs)
-					$result['register'] = intval($regs[0]['total']);
-			}
-		}
-
-		$t7 = dba_timer();
-
-		if($vnotify & (VNOTIFY_EVENT|VNOTIFY_EVENTTODAY|VNOTIFY_BIRTHDAY)) {
-			$events = q("SELECT etype, dtstart, adjust FROM event
-				WHERE event.uid = %d AND dtstart < '%s' AND dtstart > '%s' and dismissed = 0
-				and etype in ( 'event', 'birthday' )
-				ORDER BY dtstart ASC ",
-					intval(local_channel()),
-					dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')),
-					dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days'))
-			);
-
-			if($events) {
-				$result['all_events'] = count($events);
-
-				if($result['all_events']) {
-					$str_now = datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y-m-d');
-					foreach($events as $x) {
-						$bd = false;
-						if($x['etype'] === 'birthday') {
-							$result['birthdays'] ++;
-							$bd = true;
-						}
-						else {
-							$result['events'] ++;
-						}
-						if(datetime_convert('UTC', ((intval($x['adjust'])) ? date_default_timezone_get() : 'UTC'), $x['dtstart'], 'Y-m-d') === $str_now) {
-							$result['all_events_today'] ++;
-							if($bd)
-								$result['birthdays_today'] ++;
-							else
-								$result['events_today'] ++;
-						}
-					}
-				}
-			}
-		}
-		if(! ($vnotify & VNOTIFY_EVENT))
-			$result['all_events'] = $result['events'] = 0;
-		if(! ($vnotify & VNOTIFY_EVENTTODAY))
-			$result['all_events_today'] = $result['events_today'] = 0;
-		if(! ($vnotify & VNOTIFY_BIRTHDAY))
-			$result['birthdays'] = 0;
-
-
-
-		if($vnotify & VNOTIFY_FORUMS) {
-			$forums = get_forum_channels(local_channel());
-
-			if($forums) {
-				$item_normal = item_normal();
-				$fcount = count($forums);
-				$forums['total'] = 0;
-
-				for($x = 0; $x < $fcount; $x ++) {
-					$p = q("SELECT oid AS parent FROM term WHERE uid = %d AND ttype = %d AND term = '%s'",
-						intval(local_channel()),
-						intval(TERM_FORUM),
-						dbesc($forums[$x]['xchan_name'])
-					);
-
-					$p_str = ids_to_querystr($p, 'parent');
-					$p_sql = (($p_str) ? "OR parent IN ( $p_str )" : '');
-
-					$r = q("select count(id) as unseen from item 
-						where uid = %d and ( owner_xchan = '%s' OR author_xchan = '%s' $p_sql ) and item_unseen = 1 $item_normal $sql_extra",
-						intval(local_channel()),
-						dbesc($forums[$x]['xchan_hash']),
-						dbesc($forums[$x]['xchan_hash'])
-					);
-					if($r[0]['unseen']) {
-						$forums[$x]['notify_link'] = (($forums[$x]['private_forum']) ? $forums[$x]['xchan_url'] : z_root() . '/network/?f=&pf=1&unseen=1&cid=' . $forums[$x]['abook_id']);
-						$forums[$x]['name'] = $forums[$x]['xchan_name'];
-						$forums[$x]['addr'] = $forums[$x]['xchan_addr'];
-						$forums[$x]['url'] = $forums[$x]['xchan_url'];
-						$forums[$x]['photo'] = $forums[$x]['xchan_photo_s'];
-						$forums[$x]['unseen'] = $r[0]['unseen'];
-						$forums[$x]['private_forum'] = (($forums[$x]['private_forum']) ? 'lock' : '');
-						$forums[$x]['message'] = (($forums[$x]['private_forum']) ? t('Private forum') : t('Public forum'));
-
-						$forums['total'] = $forums['total'] + $r[0]['unseen'];
-
-						unset($forums[$x]['abook_id']);
-						unset($forums[$x]['xchan_hash']);
-						unset($forums[$x]['xchan_name']);
-						unset($forums[$x]['xchan_url']);
-						unset($forums[$x]['xchan_photo_s']);
-
-						//if($forums[$x]['private_forum'])
-						//	unset($forums[$x]['private_forum']);
-
-					}
-					else {
-						unset($forums[$x]);
-					}
-				}
-				$result['forums'] = $forums['total'];
-				unset($forums['total']);
-
-				$result['forums_sub'] = $forums;
-			}
-		}
-
-		$x = json_encode($result);
-
-		$t8 = dba_timer();
-
-//		logger('ping timer: ' . sprintf('%01.4f %01.4f %01.4f %01.4f %01.4f %01.4f %01.4f %01.4f',$t8 - $t7, $t7 - $t6, $t6 - $t5, $t5 - $t4, $t4 - $t3, $t3 - $t2, $t2 - $t1, $t1 - $t0));
-
-		echo $x;
-		killme();
-	}
-
-}
--- a/Zotlabs/Module/Post.php
+++ b/Zotlabs/Module/Post.php
@@ -1,34 +0,0 @@
-<?php
-/**
- * @file Zotlabs/Module/Post.php
- *
- * @brief Zot endpoint.
- *
- */
-
-namespace Zotlabs\Module;
-
-require_once('include/zot.php');
-
-/**
- * @brief Post module.
- *
- */
-class Post extends \Zotlabs\Web\Controller {
-
-	function init() {
-		if(array_key_exists('auth', $_REQUEST)) {
-			$x = new \Zotlabs\Zot\Auth($_REQUEST);
-			exit;
-		}
-	}
-
-	function post() {
-		if(array_key_exists('data',$_REQUEST)) {
-			$z = new \Zotlabs\Zot\Receiver($_REQUEST['data'], get_config('system', 'prvkey'), new \Zotlabs\Zot\ZotHandler());
-			exit;
-		}
-
-	}
-
-}
--- a/Zotlabs/Module/Prate.php
+++ b/Zotlabs/Module/Prate.php
@@ -1,107 +0,0 @@
-<?php
-namespace Zotlabs\Module;
-
-
-use Zotlabs\Lib\Crypto;
-
-class Prate extends \Zotlabs\Web\Controller {
-
-	function init() {
-		if($_SERVER['REQUEST_METHOD'] === 'post')
-			return;
-
-		if(! local_channel())
-			return;
-
-		$channel = \App::get_channel();
-
-		$target = argv(1);
-		if(! $target)
-			return;
-
-		$r = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1",
-			dbesc($channel['channel_hash']),
-			dbesc($target)
-		);
-		if($r)
-			json_return_and_die(array('rating' => $r[0]['xlink_rating'],'rating_text' => $r[0]['xlink_rating_text']));
-		killme();
-	}
-
-		function post() {
-
-		if(! local_channel())
-			return;
-
-		$channel = \App::get_channel();
-
-		$target = trim($_REQUEST['target']);
-		if(! $target)
-			return;
-
-		if($target === $channel['channel_hash'])
-			return;
-
-		$rating = intval($_POST['rating']);
-		if($rating < (-10))
-			$rating = (-10);
-		if($rating > 10)
-			$rating = 10;
-
-		$rating_text = trim(escape_tags($_REQUEST['rating_text']));
-
-		$signed = $target . '.' . $rating . '.' . $rating_text;
-
-		$sig = base64url_encode(Crypto::sign($signed,$channel['channel_prvkey']));
-
-
-		$z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1",
-			dbesc($channel['channel_hash']),
-			dbesc($target)
-		);
-		if($z) {
-			$record = $z[0]['xlink_id'];
-			$w = q("update xlink set xlink_rating = '%d', xlink_rating_text = '%s', xlink_sig = '%s', xlink_updated = '%s'
-				where xlink_id = %d",
-				intval($rating),
-				dbesc($rating_text),
-				dbesc($sig),
-				dbesc(datetime_convert()),
-				intval($record)
-			);
-		}
-		else {
-			$w = q("insert into xlink ( xlink_xchan, xlink_link, xlink_rating, xlink_rating_text, xlink_sig, xlink_updated, xlink_static ) values ( '%s', '%s', %d, '%s', '%s', '%s', 1 ) ",
-				dbesc($channel['channel_hash']),
-				dbesc($target),
-				intval($rating),
-				dbesc($rating_text),
-				dbesc($sig),
-				dbesc(datetime_convert())
-			);
-			$z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1",
-				dbesc($channel['channel_hash']),
-				dbesc($orig_record[0]['abook_xchan'])
-			);
-			if($z)
-				$record = $z[0]['xlink_id'];
-		}
-		if($record) {
-			\Zotlabs\Daemon\Master::Summon(array('Ratenotif','rating',$record));
-		}
-
-		json_return_and_die(array('result' => true));;
-	}
-
-
-
-
-
-
-
-
-
-
-
-
-}
--- a/Zotlabs/Module/Probe.php
+++ b/Zotlabs/Module/Probe.php
@@ -1,60 +0,0 @@
-<?php
-namespace Zotlabs\Module;
-
-use App;
-use Zotlabs\Lib\Apps;
-use Zotlabs\Lib\Crypto;
-
-require_once('include/zot.php');
-
-class Probe extends \Zotlabs\Web\Controller {
-
-	function get() {
-
-		if(local_channel()) {
-			if(! Apps::system_app_installed(local_channel(), 'Remote Diagnostics')) {
-				//Do not display any associated widgets at this point
-				App::$pdl = '';
-
-				$o = '<b>' . t('Remote Diagnostics App') . ' (' . t('Not Installed') . '):</b><br>';
-				$o .= t('Perform diagnostics on remote channels');
-				return $o;
-			}
-		}
-
-		nav_set_selected('Remote Diagnostics');
-
-		$o .= '<h3>Remote Diagnostics</h3>';
-
-		$o .= '<form action="probe" method="get">';
-		$o .= 'Lookup address: <input type="text" style="width: 250px;" name="addr" value="' . $_GET['addr'] .'" />';
-		$o .= '<input type="submit" name="submit" value="Submit" /></form>';
-
-		$o .= '<br /><br />';
-
-		if(x($_GET,'addr')) {
-			$channel = App::get_channel();
-			$addr = trim($_GET['addr']);
-			$do_import = ((intval($_GET['import']) && is_site_admin()) ? true : false);
-
-			$j = \Zotlabs\Zot\Finger::run($addr,$channel,false);
-
-			$o .= '<pre>';
-			if(! $j['success']) {
-				$o .= "<strong>https connection failed. Trying again with auto failover to http.</strong>\r\n\r\n";
-				$j = \Zotlabs\Zot\Finger::run($addr,$channel,true);
-				if(! $j['success']) {
-					return $o;
-				}
-			}
-			if($do_import && $j)
-				$x = import_xchan($j);
-			if($j && $j['permissions'] && $j['permissions']['iv'])
-				$j['permissions'] = json_decode(Crypto::unencapsulate($j['permissions'],$channel['channel_prvkey']),true);
-			$o .= str_replace("\n",'<br />',print_r($j,true));
-			$o .= '</pre>';
-		}
-		return $o;
-	}
-
-}
--- a/Zotlabs/Module/Profile.php
+++ b/Zotlabs/Module/Profile.php
@@ -29,26 +29,28 @@ class Profile extends Controller {
 			return;
 		}

-		$profile = '';
-		$channel = App::get_channel();
-
-		if (!$channel)
-			http_status_exit(404, 'Not found');
-
 		if (ActivityStreams::is_as_request()) {
+			$channel = channelx_by_nick($which);
+			if (!$channel) {
+				http_status_exit(404, 'Not found');
+			}
+
 			$p = Activity::encode_person($channel, true);
 			as_return_and_die(['type' => 'Profile', 'describes' => $p], $channel);
 		}

-		nav_set_selected('Profile');
+		$profile = '';

 		if ((local_channel()) && (argc() > 2) && (argv(2) === 'view')) {
+			$channel = App::get_channel();
 			$which   = $channel['channel_address'];
 			$profile = argv(1);
-			$r       = q("select profile_guid from profile where id = %d and uid = %d limit 1",
+
+			$r = q("select profile_guid from profile where id = %d and uid = %d limit 1",
 				intval($profile),
 				intval(local_channel())
 			);
+
 			if (!$r)
 				$profile = '';
 			$profile = $r[0]['profile_guid'];
@@ -80,7 +82,6 @@ class Profile extends Controller {

 		profile_load($which, $profile);

-
 	}

 	function get() {
@@ -89,11 +90,10 @@ class Profile extends Controller {
 			return login();
 		}

+		nav_set_selected('Profile');
+
 		$groups = [];
-
-
-		$tab = 'profile';
-		$o   = '';
+		$o      = '';

 		if (!(perm_is_allowed(App::$profile['profile_uid'], get_observer_hash(), 'view_profile'))) {
 			notice(t('Permission denied.') . EOL);
--- a/Zotlabs/Module/Profiles.php
+++ b/Zotlabs/Module/Profiles.php
@@ -600,7 +600,6 @@ class Profiles extends \Zotlabs\Web\Controller {
 				intval(local_channel())
 			);
 			if($r) {
-				require_once('include/zot.php');
 				Libsync::build_sync_packet(local_channel(),array('profile' => $r));
 			}

--- a/Zotlabs/Module/Pubsites.php
+++ b/Zotlabs/Module/Pubsites.php
@@ -6,7 +6,6 @@ use Zotlabs\Lib\Libzotdir;
 class Pubsites extends \Zotlabs\Web\Controller {

 	function get() {
-		require_once('include/dir_fns.php');
 		$dirmode = intval(get_config('system','directory_mode'));

 		if(($dirmode == DIRECTORY_MODE_PRIMARY) || ($dirmode == DIRECTORY_MODE_STANDALONE)) {
--- a/Zotlabs/Module/Pubstream.php
+++ b/Zotlabs/Module/Pubstream.php
@@ -197,7 +197,7 @@ class Pubstream extends \Zotlabs\Web\Controller {

 		if($update) {
 	
-			$ordering = "commented";
+			$ordering = get_config('system', 'pubstream_ordering', 'commented');
 	
 			if($load) {
 				if($mid) {
--- a/Zotlabs/Module/Rate.php
+++ b/Zotlabs/Module/Rate.php
@@ -1,174 +0,0 @@
-<?php
-namespace Zotlabs\Module;
-
-
-
-use Zotlabs\Lib\Crypto;
-
-class Rate extends \Zotlabs\Web\Controller {
-
-	function init() {
-
-		if(! local_channel())
-			return;
-
-		$channel = \App::get_channel();
-
-		$target = $_REQUEST['target'];
-		if(! $target)
-			return;
-
-		\App::$data['target'] = $target;
-
-		if($target) {
-			$r = q("SELECT * FROM xchan where xchan_hash like '%s' LIMIT 1",
-				dbesc($target)
-			);
-			if($r) {
-				\App::$poi = $r[0];
-			}
-			else {
-				$r = q("select * from site where site_url like '%s' and site_type = %d",
-					dbesc('%' . $target),
-					intval(SITE_TYPE_ZOT)
-				);
-				if($r) {
-					\App::$data['site'] = $r[0];
-					\App::$data['site']['site_url'] = strtolower($r[0]['site_url']);
-				}
-			}
-		}
-
-
-		return;
-
-	}
-
-
-	function post() {
-
-		if(! local_channel())
-			return;
-
-		if(! \App::$data['target'])
-			return;
-
-		if(! $_REQUEST['execute'])
-			return;
-
-		$channel = \App::get_channel();
-
-		$rating = intval($_POST['rating']);
-		if($rating < (-10))
-			$rating = (-10);
-		if($rating > 10)
-			$rating = 10;
-
-		$rating_text = trim(escape_tags($_REQUEST['rating_text']));
-
-		$signed = \App::$data['target'] . '.' . $rating . '.' . $rating_text;
-
-		$sig = base64url_encode(Crypto::sign($signed,$channel['channel_prvkey']));
-
-		$z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1",
-			dbesc($channel['channel_hash']),
-			dbesc(\App::$data['target'])
-		);
-
-		if($z) {
-			$record = $z[0]['xlink_id'];
-			$w = q("update xlink set xlink_rating = '%d', xlink_rating_text = '%s', xlink_sig = '%s', xlink_updated = '%s'
-				where xlink_id = %d",
-				intval($rating),
-				dbesc($rating_text),
-				dbesc($sig),
-				dbesc(datetime_convert()),
-				intval($record)
-			);
-		}
-		else {
-			$w = q("insert into xlink ( xlink_xchan, xlink_link, xlink_rating, xlink_rating_text, xlink_sig, xlink_updated, xlink_static ) values ( '%s', '%s', %d, '%s', '%s', '%s', 1 ) ",
-				dbesc($channel['channel_hash']),
-				dbesc(\App::$data['target']),
-				intval($rating),
-				dbesc($rating_text),
-				dbesc($sig),
-				dbesc(datetime_convert())
-			);
-			$z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1",
-				dbesc($channel['channel_hash']),
-				dbesc(\App::$data['target'])
-			);
-			if($z)
-				$record = $z[0]['xlink_id'];
-		}
-
-		if($record) {
-			\Zotlabs\Daemon\Master::Summon(array('Ratenotif','rating',$record));
-		}
-
-	}
-
-	function get() {
-
-		if(! local_channel()) {
-			notice( t('Permission denied.') . EOL);
-			return;
-		}
-
-	//	if(! \App::$data['target']) {
-	//		notice( t('No recipients.') . EOL);
-	//		return;
-	//	}
-
-		$rating_enabled = get_config('system','rating_enabled');
-		if(! $rating_enabled) {
-			notice('Ratings are disabled on this site.');
-			return;
-		}
-
-		$channel = \App::get_channel();
-
-		$r = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1",
-			dbesc($channel['channel_hash']),
-			dbesc(\App::$data['target'])
-		);
-		if($r) {
-			\App::$data['xlink'] = $r[0];
-			$rating_val = $r[0]['xlink_rating'];
-			$rating_text = $r[0]['xlink_rating_text'];
-		}
-		else {
-			$rating_val = 0;
-			$rating_text = '';
-		}
-
-		if($rating_enabled) {
-			$rating = replace_macros(get_markup_template('rating_slider.tpl'),array(
-				'$min' => -10,
-				'$val' => $rating_val
-			));
-		}
-		else {
-			$rating = false;
-		}
-
-		$o = replace_macros(get_markup_template('rating_form.tpl'),array(
-			'$header' => t('Rating'),
-			'$website' => t('Website:'),
-			'$site' => ((\App::$data['site']) ? '<a href="' . \App::$data['site']['site_url'] . '" >' . \App::$data['site']['site_url'] . '</a>' : ''),
-			'target' => \App::$data['target'],
-			'$tgt_name' => ((\App::$poi && \App::$poi['xchan_name']) ? \App::$poi['xchan_name'] : sprintf( t('Remote Channel [%s] (not yet known on this site)'), substr(\App::$data['target'],0,16))),
-			'$lbl_rating'     => t('Rating (this information is public)'),
-			'$lbl_rating_txt' => t('Optionally explain your rating (this information is public)'),
-			'$rating_txt'     => $rating_text,
-			'$rating'         => $rating,
-			'$rating_val'     => $rating_val,
-			'$slide'          => $slide,
-			'$submit' => t('Submit')
-		));
-
-		return $o;
-
-	}
-}
--- a/Zotlabs/Module/Ratings.php
+++ b/Zotlabs/Module/Ratings.php
@@ -1,109 +0,0 @@
-<?php
-namespace Zotlabs\Module;
-
-require_once('include/dir_fns.php');
-
-
-class Ratings extends \Zotlabs\Web\Controller {
-
-	function init() {
-	
-		if(observer_prohibited()) {
-			return;
-		}
-	
-		if(local_channel())
-			load_contact_links(local_channel());
-	
-		$dirmode = intval(get_config('system','directory_mode'));
-	
-		$x = find_upstream_directory($dirmode);
-		if($x)
-			$url = $x['url'];
-	
-		$rating_enabled = get_config('system','rating_enabled');
-	
-		if(! $rating_enabled)
-			return;
-	
-		if(argc() > 1)
-			$hash = argv(1);
-	
-		if(! $hash) {
-			notice('Must supply a channel identififier.');
-			return;
-		}
-	
-		$results = false;
-	
-		$x = z_fetch_url($url . '/ratingsearch/' . urlencode($hash));
-	
-	
-		if($x['success'])
-			$results = json_decode($x['body'],true);
-	
-	
-		if((! $results) || (! $results['success'])) {
-	
-			notice('No results.');
-			return;
-		} 
-	
-		if(array_key_exists('xchan_hash',$results['target']))
-			\App::$poi = $results['target'];
-		
-		$friends = array();
-		$others = array();
-	
-		if($results['ratings']) {
-			foreach($results['ratings'] as $n) {
-				if(is_array(\App::$contacts) && array_key_exists($n['xchan_hash'],\App::$contacts))
-					$friends[] = $n;
-				else
-					$others[] = $n;
-			}
-		}
-	
-		\App::$data = array('target' => $results['target'], 'results' => array_merge($friends,$others));
-	
-		if(! \App::$data['results']) {
-			notice( t('No ratings') . EOL);
-		}
-	
-		return;
-	}
-	
-	
-	
-	
-	
-	function get() {
-	
-		if(observer_prohibited()) {
-			notice( t('Public access denied.') . EOL);
-			return;
-		}
-	
-		$rating_enabled = get_config('system','rating_enabled');
-	
-		if(! $rating_enabled)
-			return;
-	
-		$site_target = ((array_key_exists('target',\App::$data) && array_key_exists('site_url',\App::$data['target'])) ?
-			'<a href="' . \App::$data['target']['site_url'] . '" >' . \App::$data['target']['site_url'] . '</a>' : '');
-	
-	
-		$o = replace_macros(get_markup_template('prep.tpl'),array(
-			'$header' => t('Ratings'),
-			'$rating_lbl' => t('Rating: ' ),
-			'$website' => t('Website: '),
-			'$site' => $site_target,
-			'$rating_text_lbl' => t('Description: '),
-			'$raters' => \App::$data['results']
-		));
-	
-		return $o;
-	}
-	
-				
-}
--- a/Zotlabs/Module/Ratingsearch.php
+++ b/Zotlabs/Module/Ratingsearch.php
@@ -1,78 +0,0 @@
-<?php
-namespace Zotlabs\Module;
-
-
-
-class Ratingsearch extends \Zotlabs\Web\Controller {
-
-	function init() {
-	
-		$ret = array('success' => false);
-	
-		$dirmode = intval(get_config('system','directory_mode'));
-	
-		if($dirmode == DIRECTORY_MODE_NORMAL) {
-			$ret['message'] = 'This site is not a directory server.';
-			json_return_and_die($ret);
-		}
-	
-		if(argc() > 1)
-			$hash = argv(1);
-	
-		if(! $hash) {
-			$ret['message'] = 'No channel identifier';
-			json_return_and_die($ret);
-		}
-	
-		if(strpos($hash,'@')) {
-			$r = q("select * from hubloc where hubloc_addr = '%s' limit 1",
-				dbesc($hash)
-			);
-			if($r)
-				$hash = $r[0]['hubloc_hash'];
-		} 
-	
-		$p = q("select * from xchan where xchan_hash like '%s'",
-			dbesc($hash . '%')
-		);
-	
-		if($p)
-			$target = $p[0]['xchan_hash'];
-		else {
-			$p = q("select * from site where site_url like '%s' and site_type = %d ",
-				dbesc('%' . $hash),
-				intval(SITE_TYPE_ZOT)
-			);
-			if($p) {
-				$target = strtolower($hash);
-			}
-			else {
-				$ret['message'] = 'Rating target not found';
-				json_return_and_die($ret);
-			}
-		}
-	
-		if($p)
-			$ret['target']  = $p[0];
-	
-		$ret['success'] = true;
-	
-		$r = q("select * from xlink left join xchan on xlink_xchan = xchan_hash 
-			where xlink_link = '%s' and xlink_rating != 0 and xlink_static = 1 
-			and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0 
-			order by xchan_name asc",
-			dbesc($target)
-		);
-	
-		if($r) {
-			$ret['ratings'] = $r;
-		}
-		else
-			$ret['ratings'] = array();
-			
-		json_return_and_die($ret);
-	
-	}
-	
-	
-}
--- a/Zotlabs/Module/Rbmark.php
+++ b/Zotlabs/Module/Rbmark.php
@@ -6,12 +6,11 @@ require_once('include/crypto.php');
 require_once('include/items.php');
 require_once('include/taxonomy.php');
 require_once('include/conversation.php');
-require_once('include/zot.php');
 require_once('include/bookmarks.php');

 /**
 * remote bookmark
- * 
+ *
 * https://yoursite/rbmark?f=&title=&url=&private=&remote_return=
 *
 * This can be called via either GET or POST, use POST for long body content as suhosin often limits GET parameter length
@@ -31,45 +30,45 @@ class Rbmark extends \Zotlabs\Web\Controller {
 	function post() {
 		if($_POST['submit'] !== t('Save'))
 			return;
-	
+
 		logger('rbmark_post: ' . print_r($_REQUEST,true));
-	
+
 		$channel = \App::get_channel();
-	
+
 		$t = array('url' => escape_tags($_REQUEST['url']),'term' => escape_tags($_REQUEST['title']));
 		bookmark_add($channel,$channel,$t,((x($_REQUEST,'private')) ? intval($_REQUEST['private']) : 0),
 			array('menu_id' => ((x($_REQUEST,'menu_id')) ? intval($_REQUEST['menu_id']) : 0),
 				'menu_name' => ((x($_REQUEST,'menu_name')) ? escape_tags($_REQUEST['menu_name']) : ''),
 				'ischat' => ((x($_REQUEST['ischat'])) ? intval($_REQUEST['ischat']) : 0)
 			));
-	
+
 		goaway(z_root() . '/bookmarks');
-	
+
 	}
-	
-	
+
+
 		function get() {
-	
+
 		$o = '';
-	
+
 		if(! local_channel()) {
-	
+
 			// The login procedure is going to bugger our $_REQUEST variables
 			// so save them in the session.
-	
+
 			if(array_key_exists('url',$_REQUEST)) {
 				$_SESSION['bookmark'] = $_REQUEST;
 			}
 			return login();
 		}
-	
+
 		// If we have saved rbmark session variables, but nothing in the current $_REQUEST, recover the saved variables
-	
+
 		if((! array_key_exists('url',$_REQUEST)) && (array_key_exists('bookmark',$_SESSION))) {
 			$_REQUEST = $_SESSION['bookmark'];
 			unset($_SESSION['bookmark']);
 		}
-	
+
 		if($_REQUEST['remote_return']) {
 			$_SESSION['remote_return'] = $_REQUEST['remote_return'];
 		}
@@ -78,12 +77,12 @@ class Rbmark extends \Zotlabs\Web\Controller {
 				goaway($_SESSION['remote_return']);
 			goaway(z_root() . '/bookmarks');
 		}
-	
+
 		$channel = \App::get_channel();
-	
-	
+
+
 		$m = menu_list($channel['channel_id'],'',MENU_BOOKMARK);
-	
+
 		$menus = array();
 		if($m) {
 			$menus = array(0 => '');
@@ -92,10 +91,10 @@ class Rbmark extends \Zotlabs\Web\Controller {
 			}
 		}
 		$menu_select = array('menu_id',t('Select a bookmark folder'),false,'',$menus);
-	
-	
+
+
 		$o .= replace_macros(get_markup_template('rbmark.tpl'), array(
-	
+
 			'$header' => t('Save Bookmark'),
 			'$url' => array('url',t('URL of bookmark'),escape_tags($_REQUEST['url'])),
 			'$title' => array('title',t('Description'),escape_tags($_REQUEST['title'])),
@@ -104,18 +103,18 @@ class Rbmark extends \Zotlabs\Web\Controller {
 			'$submit' => t('Save'),
 			'$menu_name' => array('menu_name',t('Or enter new bookmark folder name'),'',''),
 			'$menus' => $menu_select
-	
+
 		));
-	
-	
-	
-	
-	
-	
+
+
+
+
+
+
 		return $o;
-	
+
 	}
-	
-	
-	
+
+
+
 }
--- a/Zotlabs/Module/Regate.php
+++ b/Zotlabs/Module/Regate.php
@@ -0,0 +1,447 @@
+<?php
+
+namespace Zotlabs\Module;
+
+require_once('include/security.php');
+
+/**
+ *
+ * @version 2.0.0
+ * @author  hilmar runge
+ * @since 	2020-03-03
+ * Check verification pin
+ * input field email address
+ * input field pin (told during register)
+ * check duty
+ * check startup and expire
+ * compare email address
+ * check pin
+ * limited tries to enter the correct pin/pass 2 handle via f2b
+ * on success create account and update register
+ *
+ */
+
+	define ( 'REGISTER_AGREED', 0x0020 );
+	define ( 'REGISTER_DENIED', 0x0040 );
+
+class Regate extends \Zotlabs\Web\Controller {
+
+	const MYP = 	'ZAR';		//ZAR1x
+	const VERSION =	'2.0.0';
+
+
+	function post() {
+
+		check_form_security_token_redirectOnErr('/', 'regate');
+
+		if ( argc() > 1 ) {
+			$did2 = hex2bin( substr( argv(1), 0, -1) );
+			$didx = substr( argv(1), -1 );
+		}
+
+		$msg = '';
+		$nextpage = '';
+
+		if ($did2) {
+
+			$nowhhmm 	= date('Hi');
+			$day 	= date('N');
+			$now 	= datetime_convert();
+			$ip 	= $_SERVER['REMOTE_ADDR'];
+
+			$isduty = zar_register_dutystate();
+
+			if (!$_SESSION['zar']['invite_in_progress'] && ($isduty['isduty'] !== false && $isduty['isduty'] != 1)) {
+					// normally, that should never happen here
+					// log suitable for fail2ban also
+					$logmsg = 'ZAR1230S Unexpected registration verification request for '
+							. get_config('system','sitename') . ' arrived from § ' . $ip . ' §';
+					zar_log($logmsg);
+					goaway(z_root());
+			}
+
+			// do we have a valid dId2 ?
+			if (($didx == 'a' && substr( $did2 , -2) == substr( base_convert( md5( substr( $did2, 1, -2) ),16 ,10), -2)) || ($didx == 'e') || ($didx == 'i')) {
+				// check startup and expiration via [=[register
+				$r = q("SELECT * FROM register WHERE reg_vital = 1 AND reg_did2 = '%s' ORDER BY reg_created DESC ",
+					dbesc($did2)
+				);
+				if ($r && count($r)) {
+					$r = $r[0];
+					// check timeframe
+					if ($r['reg_startup'] <= $now && $r['reg_expires'] >= $now) {
+						if (isset($_POST['resend']) && $didx == 'e') {
+							$re = q("SELECT * FROM register WHERE reg_vital = 1 AND reg_didx = 'e' AND reg_did2 = '%s' ORDER BY reg_created DESC ", dbesc($r['reg_did2']) );
+							if ($re) {
+								$re = $re[0];
+								$reonar = json_decode($re['reg_stuff'], true);
+								if ($reonar) {
+									$reonar['subject'] = 'Re,Fwd,' . $reonar['subject'];
+									$zm = zar_reg_mail($reonar);
+									$msg = (($zm) ? t('Email resent') : t('Email resend failed'));
+									zar_log((($zm) ? 'ZAR1238I' : 'ZAR1238E') . ' ' . $msg . ' ' . $r['reg_did2']);
+									info($msg);
+									return;
+								}
+							}
+						}
+
+						// check hash
+						if ( $didx == 'a' )
+							$acpin = (preg_match('/^[0-9]{6,6}$/', $_POST['acpin']) ? $_POST['acpin'] : false);
+						elseif ( $didx == 'e' )
+							$acpin = (preg_match('/^[0-9a-f]{24,24}$/', $_POST['acpin']) ? $_POST['acpin'] : false);
+						elseif ( $didx == 'i' )
+							$acpin = $r['reg_hash'];
+						else
+							$acpin = false;
+
+						if ( $acpin && ($r['reg_hash'] == $acpin )) {
+
+							$flags = $r['reg_flags'];
+							if (($flags & ACCOUNT_UNVERIFIED) == ACCOUNT_UNVERIFIED) {
+
+								// verification success
+								$msg_code = 'ZAR1237I';
+								$msg = t('Verification successful');
+								$reonar = json_decode( $r['reg_stuff'], true);
+								$reonar['valid'] = $now . ',' . $ip . ' ' . $did2 . ' ' . $msg_code . ' ' . $msg;
+
+								// clear flag
+								$flags &= $flags ^ ACCOUNT_UNVERIFIED;
+
+								// are we invited by the admin?
+								$isa = get_account_by_id($r['reg_uid']);
+								$isa = ($isa && ($isa['account_roles'] && ACCOUNT_ROLE_ADMIN));
+
+								// approve contra invite by admin
+								if ($isa && get_config('system','register_policy') == REGISTER_APPROVE) {
+									$flags &= $flags ^ ACCOUNT_PENDING;
+								}
+
+								// sth todo?
+								$vital = $flags == 0 ? 0 : 1;
+
+								// set flag
+								$flags |= REGISTER_AGREED;
+								zar_log($msg . ' ' . $did2 . ':flags' . $flags . ',rid' . $r['reg_id']);
+
+								q("START TRANSACTION");
+
+								$qu = q("UPDATE register SET reg_stuff = '%s', reg_vital = %d, reg_flags = %d "
+										." WHERE reg_id = %d ",
+									dbesc(json_encode($reonar)),
+									intval($vital),
+									intval($flags),
+									intval($r['reg_id'])
+								);
+
+								if (($flags & ACCOUNT_PENDING ) == ACCOUNT_PENDING) {
+									$nextpage = 'regate/' . bin2hex($did2) . $didx;
+									q("COMMIT");
+								}
+								elseif (($flags ^ REGISTER_AGREED) == 0) {
+
+									$cra = create_account_from_register([ 'reg_id' => $r['reg_id'] ]);
+
+									if ($cra['success']) {
+
+										q("COMMIT");
+										$msg = t('Account successfull created');
+										// zar_log($msg . ':' . print_r($cra, true));
+										zar_log('ZAR1238I ' . $msg . ' ' . $cra['account']['account_email']
+													 . ' ' . $cra['account']['account_language']);
+
+										authenticate_success($cra['account'],null,true,false,true);
+
+										$nextpage = 'new_channel';
+
+										$auto_create  = get_config('system', 'auto_channel_create', 1);
+
+										if($auto_create) {
+
+											$new_channel = ['success' => false];
+
+											// We do not reserve a channel_address before the registration is verified
+											// and possibly approved by the admin.
+											// If the provided channel_address has been claimed meanwhile,
+											// we will proceed to /new_channel.
+
+											if(isset($reonar['chan.did1']) && check_webbie([$reonar['chan.did1']])) {
+
+												// prepare channel creation
+												if($reonar['chan.name'])
+													set_aconfig($cra['account']['account_id'], 'register', 'channel_name', $reonar['chan.name']);
+
+												if($reonar['chan.did1'])
+													set_aconfig($cra['account']['account_id'], 'register', 'channel_address', $reonar['chan.did1']);
+
+												$permissions_role  = get_config('system','default_permissions_role');
+												if($permissions_role)
+													set_aconfig($cra['account']['account_id'], 'register', 'permissions_role', $permissions_role);
+
+												// create channel
+												$new_channel = auto_channel_create($cra['account']['account_id']);
+
+												if($new_channel['success']) {
+													$channel_id = $new_channel['channel']['channel_id'];
+													change_channel($channel_id);
+													$nextpage = 'profiles/' . $channel_id;
+													$msg_code = 'ZAR1239I';
+													$msg = t('Channel successfull created') . ' ' . $did2;
+												}
+											}
+
+											if(!$new_channel['success']) {
+												$msg_code = 'ZAR1239E';
+												$msg = t('Automatic channel creation failed. Please create a channel.') . ' ' . $did2;
+												$nextpage = 'new_channel?name=' . $reonar['chan.name'];
+											}
+
+											zar_log($msg_code . ' ' . $msg . ' ' . $reonar['chan.did1'] . ' (' . $reonar['chan.name'] . ')');
+
+										}
+										unset($_SESSION['login_return_url']);
+									}
+									else {
+										q("ROLLBACK");
+										$msg_code = 'ZAR1238E';
+										$msg = t('Account creation error');
+										zar_log($msg_code . ' ' . $msg . ': ' . print_r($cra, true));
+									}
+								}
+								else {
+									// new flags implemented and not recognized or sth like
+									zar_log('ZAR1237D unexpected,' . $flags);
+								}
+							}
+							else {
+								// nothing to confirm
+								$msg_code = 'ZAR1236E';
+								$msg = t('Verify failed');
+							}
+						}
+						else {
+							$msg_code = 'ZAR1235E';
+							$msg = t('Token verification failed');
+						}
+					}
+					else {
+						$msg_code = 'ZAR1234W';
+						$msg = t('Request not inside time frame');
+						//info($r[0]['reg_startup'] . EOL . $r[0]['reg_expire'] );
+					}
+				}
+				else {
+					$msg_code = 'ZAR1232E';
+					$msg = t('Identity unknown');
+					zar_log($msg_code . ' ' . $msg . ':' . $did2 . $didx);
+				}
+			}
+			else {
+				$msg_code = 'ZAR1231E';
+				$msg = t('dId2 mistaken');
+				zar_log($msg_code . ' ' . $msg);
+
+			}
+
+		}
+
+		if ($msg > '') info($msg);
+		goaway( z_root() . '/' . $nextpage );
+	}
+
+
+	function get() {
+
+		if (argc() == 1) {
+			if(isset($_GET['reg_id'])) {
+				if ( preg_match('/^.{2,64}\@[a-z0-9.-]{4,32}\.[a-z]{2,12}$/', $_GET['reg_id'] ) ) {
+					// dId2 E email
+					goaway(z_root() . '/regate/' . bin2hex($_GET['reg_id']) . 'e' );
+				}
+				if ( preg_match('/^d{1,1}[0-9]{5,10}$/', $_GET['reg_id'] ) ) {
+					// dId2 A artifical & anonymous
+					goaway(z_root() . '/regate/' . bin2hex($_GET['reg_id']) . 'a' );
+				}
+				notice(t('Identity unknown') . EOL);
+			}
+
+			$o = replace_macros(get_markup_template('plain.tpl'), [
+				'$title'	=> t('Your Registration ID'),
+				'$now'		=> '<form action="regate" method="get"><input type="text" name="reg_id" class="form-control form-group"><button class="btn btn-primary float-right">Submit</button></form>'
+			]);
+
+			return $o;
+		}
+
+		$isduty = zar_register_dutystate();
+		$nowfmt = $isduty['nowfmt'];
+		$atform = $isduty['atform'];
+
+		if ($_SESSION['zar']['delayed']) {
+			$o = replace_macros(get_markup_template('regate_pre.tpl'), [
+				'$title'      => t('Registration verification'),
+				'$now'        => $nowfmt,
+				'$id'         => $_SESSION['zar']['id'],
+				'$pin'        => $_SESSION['zar']['pin'],
+				'$regdelay'   => $_SESSION['zar']['regdelay'],
+				'$regexpire'  => $_SESSION['zar']['regexpire'],
+				'$strings' => [
+					t('Hold on, you can start verification in'),
+					t('Please remember your verification token for ID'),
+					'',
+					t('Token validity')
+				]
+			]);
+			unset($_SESSION['zar']['delayed']);
+			return $o;
+		}
+
+		if (argc() < 2)
+			return;
+
+		$did2   = hex2bin( substr( argv(1), 0, -1) );
+		$didx   = substr( argv(1), -1 );
+		$deny   = argc() > 2 ? argv(2) : '';
+		$deny   = preg_match('/^[0-9a-f]{8,8}$/', $deny) ? hex2bin($deny) : false;
+		$now    = datetime_convert();
+		$ip     = $_SERVER['REMOTE_ADDR'];
+
+		$pin    = '';
+
+		if(isset($_SESSION['zar']['pin'])) {
+			$pin = $_SESSION['zar']['pin'];
+			unset($_SESSION['zar']['pin']);
+		}
+
+		// do we have a valid dId2 ?
+		if (($didx == 'a' && substr( $did2 , -2) == substr( base_convert( md5( substr( $did2, 1, -2) ),16 ,10), -2)) || ($didx == 'e') || ($didx == 'i')) {
+
+			$r = q("SELECT * FROM register WHERE reg_vital = 1 AND reg_didx = '%s' AND reg_did2 = '%s' ORDER BY reg_created DESC",
+				dbesc($didx),
+				dbesc($did2)
+			);
+
+			if ($r && count($r) && $r[0]['reg_flags'] &= (ACCOUNT_UNVERIFIED | ACCOUNT_PENDING)) {
+				$r = $r[0];
+
+				// provide a button in case
+				$resend = (($r['reg_didx'] == 'e') ? t('Resend email') : '');
+
+				// is still only instance admins intervention required?
+				if ($r['reg_flags'] == ACCOUNT_PENDING) {
+					$o = replace_macros(get_markup_template('regate_post.tpl'), [
+						'$title' => t('Registration status'),
+						'$id'    => $did2,
+						'$strings' => [
+							t('Verification successful!'),
+							t('Your login ID is'),
+							t('After your account has been approved by our administrator you will be able to login with your login ID and your provided password.')
+						]
+					]);
+				}
+				else {
+
+					if ($deny) {
+
+						if (substr($r['reg_hash'],0,4) == $deny) {
+							zar_log('ZAR1134S email verfication denied ' . $did2);
+
+							$o = replace_macros(get_markup_template('plain.tpl'), [
+								'$title' => t('Registration request revoked'),
+								'$infos' => t('Sorry for any inconvience. Thank you for your response.')
+							]);
+
+							$reonar = json_decode( $r['reg_stuff'], true);
+							$reonar['deny'] = $now . ',' . $ip . ' ' . $did2 . ' ' . $msg;
+							$flags  = ( $r['reg_flags'] &= ( $r['reg_flags'] ^ ACCOUNT_UNVERIFIED) )
+									| ( $r['reg_flags'] |= REGISTER_DENIED);
+							$rd = q("UPDATE register SET reg_stuff='%s', reg_vital=0, reg_flags=%d  WHERE reg_id = %d ",
+								dbesc(json_encode($reonar)),
+								intval($flags),
+								intval($r['reg_id'])
+							);
+						}
+						else {
+							zar_log('ZAR1135E not awaited url parameter received');
+							goaway(z_root);
+						}
+					}
+					else {
+
+						if ( $r['reg_startup'] <= $now && $r['reg_expires'] >= $now) {
+							$o = replace_macros(get_markup_template('regate.tpl'), [
+							'$form_security_token' => get_form_security_token("regate"),
+							'$title'  => t('Registration verification'),
+							'$desc'   => t('Please enter your verification token for ID'),
+							'$email_extra' => (($didx === 'e') ? t('Please check your email!') : ''),
+							'$id'     => $did2,
+							// we might consider to not provide $pin if a registration delay is configured
+							// and the pin turns out to be readable by bots
+							'$pin'    => $pin,
+							'$did2'   => bin2hex($did2) . $didx,
+							'$now'    => $nowfmt,
+							'$atform' => $atform,
+							'$resend' => $resend,
+							'$submit' => t('Submit'),
+							'$acpin'  => [ 'acpin', t('Verification token'),'','' ]
+							]);
+						}
+						else {
+							//  expired ?
+							if ( $now > $r['reg_expires'] ) {
+								$rd = q("UPDATE register SET reg_vital = 0 WHERE reg_id = %d ",
+									intval($r['reg_id'])
+								);
+
+								$o = replace_macros(get_markup_template('plain.tpl'), [
+									'$infos'	=> t('ID expired'),
+								]);
+
+								return $o;
+							}
+
+							$email_extra = (($didx === 'e') ? t('Please check your email!') : '');
+
+							$o = replace_macros(get_markup_template('regate_pre.tpl'), [
+								'$title'     => t('Registration verification'),
+								'$now'       => $nowfmt,
+								'$id'        => $did2,
+								'$countdown' => datetime_convert('UTC', 'UTC', $r['reg_startup'], 'c'),
+								'$strings'   => [
+									t('Hold on, you can start verification in'),
+									t('You will require the verification token for ID'),
+									$email_extra
+								]
+							]);
+						}
+					}
+				}
+			}
+			else {
+				$msg = t('Unknown or expired ID');
+				zar_log('ZAR1132E ' . $msg . ':' . $did2 . ',' . $didx);
+				$o = replace_macros(get_markup_template('plain.tpl'), [
+					'$title'	=> $title,
+					'$now'		=> $nowfmt,
+					'$infos'	=> $msg
+				]);
+			}
+
+		}
+		else {
+			$msg = 'ZAR1131E ' . t('dId2 malformed');
+			// $log = ' from § ' . $ip . ' §' . ' (' . dbesc($did2) . ')';
+			zar_log($msg);
+			$o = replace_macros(get_markup_template('plain.tpl'), [
+				'$title'	=> $title,
+				'$now'		=> $nowfmt,
+				'$infos'	=> $msg
+			]);
+		}
+
+		return $o;
+	}
+}
+
--- a/Zotlabs/Module/Register.php
+++ b/Zotlabs/Module/Register.php
@@ -1,25 +1,34 @@
 <?php
+
 namespace Zotlabs\Module;

+use App;
 use Zotlabs\Web\Controller;

 require_once('include/security.php');
+require_once('include/channel.php');
+

 class Register extends Controller {

+	const MYP = 	'ZAR';		// ZAR0x
+	const VERSION =	'2.0.0';
+
 	function init() {
-	
+
+		// ZAR0
+
 		$result = null;
 		$cmd = ((argc() > 1) ? argv(1) : '');
-	
+
 		// Provide a stored request for somebody desiring a connection
 		// when they first need to register someplace. Once they've
-		// created a channel, we'll try to revive the connection request 
+		// created a channel, we'll try to revive the connection request
 		// and process it.
-	
+
 		if($_REQUEST['connect'])
 			$_SESSION['connect'] = $_REQUEST['connect'];
-	
+
 		switch($cmd) {
 			case 'invite_check.json':
 				$result = check_account_invite($_REQUEST['invite_code']);
@@ -30,50 +39,161 @@ class Register extends Controller {
 			case 'password_check.json':
 				$result = check_account_password($_REQUEST['password1']);
 				break;
-			default: 
+			default:
 				break;
 		}
 		if($result) {
 			json_return_and_die($result);
 		}
 	}
-	
-	
+
 	function post() {

 		check_form_security_token_redirectOnErr('/register', 'register');

-		$max_dailies = intval(get_config('system','max_daily_registrations'));
-		if($max_dailies) {
-			$r = q("select count(account_id) as total from account where account_created > %s - INTERVAL %s",
-				db_utcnow(), db_quoteinterval('1 day')
-			);
-			if($r && $r[0]['total'] >= $max_dailies) {
-				notice( t('Maximum daily site registrations exceeded. Please try again tomorrow.') . EOL);
+		/**
+		 * [hilmar:]
+		 * It may happen, the posted form arrives in a strange fashion. With the control of the duty hours
+		 * for registration, the input form was disabled at html. While receiving posted data, checks are
+		 * required if all is on the right road (most posts are not accepted during off duty).
+		 *
+		 */
+
+
+		$act          = q("SELECT COUNT(*) AS act FROM account")[0]['act'];
+		$is247        = false;
+		$ip           = $_SERVER['REMOTE_ADDR'];
+		$sameip       = intval(get_config('system','register_sameip', 3));
+		$arr          = $_POST;
+		$invite_code  = ((x($arr,'invite_code'))   ? notags(trim($arr['invite_code']))   : '');
+		$name         = '';
+		$nick         = '';
+		$email        = ((x($arr,'email'))         ? notags(punify(trim($arr['email']))) : '');
+		$password     = ((x($arr,'password'))      ? trim($arr['password'])              : '');
+		$password2    = ((x($arr,'password2'))      ? trim($arr['password2'])            : '');
+		$register_msg = ((x($arr,'register_msg'))   ? notags(trim($arr['register_msg']))   : '');
+		$reonar       = [];
+		$auto_create  = get_config('system','auto_channel_create', 1);
+		$duty         = zar_register_dutystate();
+
+		if (!get_config('system', 'register_duty_jso')) {
+			// if not yet configured default to true
+			$duty = array( 'isduty' => true, 'atfrm' => '', 'nowfmt' => '');
+		}
+
+		if($auto_create) {
+			$name = escape_tags(trim($arr['name']));
+
+			$name_error = validate_channelname($name);
+			if($name_error) {
+				notice($name_error . EOL);
+				return $ret;
+			}
+
+			$nick = mb_strtolower(escape_tags(trim($arr['nickname'])));
+			if(!$nick) {
+				notice(t('Nickname is required.'));
+				return;
+			}
+
+			if($nick === 'sys') {
+				notice(t('Reserved nickname. Please choose another.') . EOL);
+				return;
+			}
+
+			if(check_webbie([$nick]) !== $nick) {
+				notice(t('Nickname has unsupported characters or is already being used on this site.') . EOL);
 				return;
 			}
 		}
-	
-		if(! x($_POST,'tos')) {
-			notice( t('Please indicate acceptance of the Terms of Service. Registration failed.') . EOL);
+
+		$email_verify = get_config('system', 'verify_email');
+		if ($email_verify && !$email) {
+			notice(t('Email address required') . EOL);
 			return;
 		}
-	
-		$policy = get_config('system','register_policy');
-	
-		$email_verify = get_config('system','verify_email');
-	
-	
+
+		if ($email) {
+			$email_result = check_account_email($email);
+			if ($email_result['error']) {
+				if ($email_result['email_unverified']) {
+					goaway(z_root() . '/regate/' . bin2hex($email) . 'e');
+				}
+				return;
+			}
+
+		}
+
+		// case when an invited prepares the own account by supply own pw, accept tos, prepage channel (if auto)
+		if ($email && $invite_code) {
+			if ( preg_match('/^[a-z0-9]{12,12}$/', $invite_code ) ) {
+				$is247 = true;
+			}
+		}
+
+		if ($act > 0 && !$is247 && !$duty['isduty']) {
+			// normally (except very 1st timr after install), that should never arrive here (ie js hack or sth like)
+			// log suitable for f2b also
+			$logmsg = 'Unexpected registration request off duty';
+			notice($logmsg);
+			zar_log('ZAR0230S ' . $logmsg);
+			return;
+		}
+
+		if ($sameip) {
+			$f = q("SELECT COUNT(reg_atip) AS atip FROM register WHERE reg_vital = 1 AND reg_atip = '%s' ",
+				dbesc($ip)
+			);
+			if ($f && $f[0]['atip'] >= $sameip) {
+				$logmsg = 'ZAR0239S Exceeding same ip register request of ' . $sameip;
+				notice('Registrations from same IP exceeded.');
+				zar_log($logmsg);
+				return;
+			}
+		}
+
+		if (!$password) {
+			notice(t('No password provided') . EOL);
+			return;
+		}
+
+		if ($password !== $password2) {
+			notice(t('Passwords do not match') . EOL);
+			return;
+		}
+
+		$password_result = check_account_password($password);
+		if(!empty($password_result['error'])) {
+			$msg = $password_result['message'];
+			notice($msg);
+			zar_log($msg . ' ' . $did2);
+			return;
+		}
+
+		$salt = random_string(32);
+		$password = $salt . ',' . hash('whirlpool', $salt . $password);
+
+		// accept tos
+		if(! x($_POST,'tos')) {
+			// msg!
+			notice(t('Terms of Service not accepted') . EOL);
+			return;
+		}
+
+		$policy  = get_config('system','register_policy');
+		$invonly = get_config('system','invitation_only');
+		$invalso = get_config('system','invitation_also');
+
 		switch($policy) {
-	
+
 			case REGISTER_OPEN:
 				$flags = ACCOUNT_OK;
 				break;
-	
+
 			case REGISTER_APPROVE:
-				$flags = ACCOUNT_BLOCKED | ACCOUNT_PENDING;
+				$flags = ACCOUNT_PENDING;
 				break;
-	
+
 			default:
 			case REGISTER_CLOSED:
 				if(! is_site_admin()) {
@@ -83,164 +203,278 @@ class Register extends Controller {
 				$flags = ACCOUNT_BLOCKED;
 				break;
 		}
-	
-		if($email_verify && $policy == REGISTER_OPEN)
-			$flags = $flags | ACCOUNT_UNVERIFIED;
-			
-	
-		if((! $_POST['password']) || ($_POST['password'] !== $_POST['password2'])) {
-			notice( t('Passwords do not match.') . EOL);
-			return;
-		}
-	
-		$arr = $_POST;
+
+		if($email_verify && ($policy == REGISTER_OPEN || $policy == REGISTER_APPROVE))
+			$flags = ($flags | ACCOUNT_UNVERIFIED);
+
+		// $arr has $_POST;
 		$arr['account_flags'] = $flags;
-	
-		$result = create_account($arr);
-	
-		if(! $result['success']) {
-			notice($result['message']);
-			return;
-		}
-		require_once('include/security.php');
-	
-	
-		if($_REQUEST['name'])
-			set_aconfig($result['account']['account_id'],'register','channel_name',$_REQUEST['name']);
-		if($_REQUEST['nickname'])
-			set_aconfig($result['account']['account_id'],'register','channel_address',$_REQUEST['nickname']);
-		if($_REQUEST['permissions_role'])
-			set_aconfig($result['account']['account_id'],'register','permissions_role',$_REQUEST['permissions_role']);
-	
-	
-	 	$using_invites = intval(get_config('system','invitation_only'));
-		$num_invites   = intval(get_config('system','number_invites'));
-		$invite_code   = ((x($_POST,'invite_code'))  ? notags(trim($_POST['invite_code']))  : '');
-	
-		if($using_invites && $invite_code) {
-			q("delete from register where hash = '%s'", dbesc($invite_code));
-			// @FIXME - this also needs to be considered when using 'invites_remaining' in mod/invite.php
-			set_aconfig($result['account']['account_id'],'system','invites_remaining',$num_invites);
-		}
-	
-		if($policy == REGISTER_OPEN ) {
-			if($email_verify) {
-				$res = verify_email_address($result);
-			}
-			else {
-				$res = send_register_success_email($result['email'],$result['password']);
-			}
-			if($res) {
-				if($invite_code) {
-					info( t('Registration successful. Continue to create your first channel...') . EOL ) ;
-				} 
-				else {
-					info( t('Registration successful. Please check your email for validation instructions.') . EOL ) ;
+		$now = datetime_convert();
+		$well = false;
+
+		// s3
+		if ($invite_code) {
+
+			if ($invonly || $invalso) {
+
+				$reg = q("SELECT * from register WHERE reg_vital = 1 AND reg_didx = 'i' AND reg_hash = '%s'",
+					dbesc($invite_code)
+				);
+
+				if ($reg && count($reg) == 1) {
+					$reg = $reg[0];
+					if ($reg['reg_email'] == ($email)) {
+
+						if ($reg['reg_startup'] <= $now && $reg['reg_expires'] >= $now) {
+
+							if ($auto_create) {
+								$reonar['chan.name'] = $name;
+								$reonar['chan.did1'] = $nick;
+							}
+
+							q("UPDATE register set reg_pass = '%s', reg_stuff = '%s' WHERE reg_id = '%s'",
+								dbesc($password),
+								dbesc(json_encode($reonar)),
+								intval($reg['reg_id'])
+							);
+
+							$msg = t('Invitation code succesfully applied');
+							zar_log('ZAR0237I ' . $msg) . ', ' . $email;
+							// msg!
+							info($msg . EOL);
+
+
+							// the invitecode has verified us and we have all the info we need
+							// take the shortcut.
+
+							$_SESSION['zar']['invite_in_progress'] = true;
+
+							$mod = new Regate();
+							$_REQUEST['form_security_token'] = get_form_security_token("regate");
+							App::$argc = 2;
+							App::$argv[0] = 'regate';
+							App::$argv[1] = bin2hex($reg['reg_did2']) . 'i';
+							return $mod->post();
+
+						} else {
+							// msg!
+							notice(t('Invitation not in time or too late') . EOL);
+							return;
+						}
+
+					} else {
+						// no match email adr
+						$msg = t('Invitation email failed');
+						zar_log('ZAR0235S ' . $msg);
+						notice($msg . EOL);
+						return;
+					}
+
+				} else {
+					// no match invitecode
+					$msg = t('Invitation code failed') ;
+					zar_log('ZAR0234S ' . $msg);
+					notice( $msg . EOL);
+					return;
 				}
-			}
-		}
-		elseif($policy == REGISTER_APPROVE) {
-			$res = send_reg_approval_email($result);
-			if($res) {
-				info( t('Your registration is pending approval by the site owner.') . EOL ) ;
-			}
-			else {
-				notice( t('Your registration can not be processed.') . EOL);
-			}
-			goaway(z_root());
-		}
-	
-		if($email_verify) {
-			goaway(z_root() . '/email_validation/' . bin2hex($result['email']));
-		}

-		// fall through and authenticate if no approvals or verifications were required. 	
-
-		authenticate_success($result['account'],null,true,false,true);
-		
-		$new_channel = false;
-		$next_page = 'new_channel';
-	
-		if(get_config('system','auto_channel_create')) {
-			$new_channel = auto_channel_create($result['account']['account_id']);
-			if($new_channel['success']) {
-				$channel_id = $new_channel['channel']['channel_id'];
-				change_channel($channel_id);
-				$next_page = '~';
-			}
-			else
-				$new_channel = false;
-		}
-	
-		$x = get_config('system','workflow_register_next');
-		if($x) {
-			$next_page = $x;
-			$_SESSION['workflow'] = true;
-		}
-
-		unset($_SESSION['login_return_url']);
-		goaway(z_root() . '/' . $next_page);
-	
-	}
-	
-	
-	
-	function get() {
-	
-		$registration_is = '';
-		$other_sites = '';
-	
-		if(intval(get_config('system','register_policy')) === REGISTER_CLOSED) {
-			if(intval(get_config('system','directory_mode')) === DIRECTORY_MODE_STANDALONE) {
-				notice( t('Registration on this hub is disabled.')  . EOL);
+			} else {
+				notice(t('Invitations are not available') . EOL);
 				return;
 			}

-			$mod = new Pubsites();	
+		}
+		else {
+			if (!$invonly) {
+				$well = true;
+			}
+			else {
+				$msg = t('Registration on this hub is by invitation only') . EOL;
+				notice($msg);
+				zar_log('ZAR0233E ' . $msg);
+				return;
+			}
+		}
+
+		// check max daily registrations after we have dealt with the invitecode
+		if (self::check_reg_limits()['is']) {
+			notice('Max registrations per day exceeded.');
+			return;
+		}
+
+		if ($well) {
+
+			if($policy == REGISTER_OPEN || $policy == REGISTER_APPROVE ) {
+
+				$cfgdelay = get_config('system', 'register_delay', '0i');
+				$reg_delayed = calculate_adue( $cfgdelay );
+				$regdelay = (($reg_delayed) ? datetime_convert(date_default_timezone_get(), 'UTC', $reg_delayed['due']) : $now);
+
+				$cfgexpire = get_config('system', 'register_expire', '3d');
+				$reg_expires = calculate_adue( $cfgexpire );
+				$regexpire = (($reg_expires) ? datetime_convert(date_default_timezone_get(), 'UTC', $reg_expires['due']) : datetime_convert('UTC', 'UTC', 'now + 99 years'));
+
+				// handle an email request that will be verified or an ivitation associated with an email address
+				if ($email > '' && $email_verify) {
+					// enforce in case of icdone
+					$flags |= ACCOUNT_UNVERIFIED;
+					$empin = $pass2 = random_string(24);
+					$did2  = $email;
+					$didx  = 'e';
+
+					push_lang(($reg['lang']) ? $reg['lang'] : App::$language);
+					$reonar['from'] = get_config('system', 'from_email');
+					$reonar['to'] = $email;
+					$reonar['subject'] = sprintf( t('Registration confirmation for %s'), get_config('system','sitename'));
+					$reonar['txttemplate']= replace_macros(get_intltext_template('register_verify_member.tpl'),
+						[
+						'$sitename'  => get_config('system','sitename'),
+						'$siteurl'   => z_root(),
+						'$email'     => $email,
+						'$timeframe' => [$regdelay, $regexpire],
+						'$mail'      => bin2hex($email) . 'e',
+						'$ko'        => bin2hex(substr($empin,0,4)),
+						'$hash'      => $empin
+				 		]
+					);
+					pop_lang();
+					zar_reg_mail($reonar);
+
+				} else {
+					// that is an anonymous request without email or with email not to verify
+					$acpin = $pass2 = rand(100000,999999);
+					$did2 = rand(10,99);
+					$didx = 'a';
+					// enforce delayed verify
+					$flags = ($flags | ACCOUNT_UNVERIFIED);
+					if ($email) {
+						$reonar['email.untrust'] = $email;
+						$reonar['email.comment'] = 'received, but no need for';
+					}
+				}
+
+				if ($auto_create) {
+					$reonar['chan.name'] = $name;
+					$reonar['chan.did1'] = $nick;
+				}
+
+				if ($policy == REGISTER_APPROVE) {
+					$reonar['msg'] = $register_msg;
+				}
+
+				$reg = q("INSERT INTO register ("
+					. "reg_flags,reg_didx,reg_did2,reg_hash,reg_created,reg_startup,reg_expires,"
+					. "reg_email,reg_pass,reg_lang,reg_atip,reg_stuff)"
+					. " VALUES (%d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s') ",
+					intval($flags),
+					dbesc($didx),
+					dbesc($did2),
+					dbesc($pass2),
+					dbesc($now),
+					dbesc($regdelay),
+					dbesc($regexpire),
+					dbesc($email),
+					dbesc($password),
+					dbesc(App::$language),
+					dbesc($ip),
+					dbesc(json_encode($reonar))
+				);
+
+				if ($didx == 'a') {
+
+					$lid = q("SELECT reg_id FROM register WHERE reg_vital = 1 AND reg_did2 = '%s' AND reg_pass = '%s' ",
+						dbesc($did2),
+						dbesc($password)
+					);
+
+					if ($lid && count($lid) == 1 ) {
+
+						$didnew = ( $lid[0]['reg_id'] . $did2 )
+						 		. ( substr( base_convert( md5( $lid[0]['reg_id'] . $did2 ), 16, 10 ),-2 ) );
+
+						$reg = q("UPDATE register SET reg_did2 = CONCAT('d','%s') WHERE reg_id = %d ",
+							dbesc($didnew), intval($lid[0]['reg_id'])
+						);
+
+						zar_log( 'ZAR0239A ' . t('New register request') . ' d' . $didnew . ', '
+							.  $regdelay . ' - ' . $regexpire);
+
+						if($reg_delayed) {
+							// this could be removed to make registration harder
+							$_SESSION['zar']['id'] = 'd' . $didnew;
+							$_SESSION['zar']['pin'] = $pass2;
+							$_SESSION['zar']['delayed'] = true;
+							$_SESSION['zar']['regdelay'] = datetime_convert('UTC', 'UTC', $regdelay, 'c');
+							$_SESSION['zar']['regexpire'] = datetime_convert('UTC', 'UTC', $regexpire, 'c');
+						}
+						else {
+							$_SESSION['zar']['pin'] = $pass2;
+						}
+
+						goaway(z_root() . '/regate/' . bin2hex('d' . $didnew) . 'a' );
+					}
+					else {
+						$msg = t('Error creating dId A');
+						notice( $msg );
+						zar_log( 'ZAR0239D,' . $msg . ' ' . $did2);
+					}
+				}
+				goaway(z_root() . '/regate/' . bin2hex($email) . $didx );
+			}
+		}
+	}
+
+
+	function get() {
+
+		$registration_is = '';
+		$other_sites = '';
+
+		if(intval(get_config('system','register_policy')) === REGISTER_CLOSED) {
+			if(intval(get_config('system','directory_mode')) === DIRECTORY_MODE_STANDALONE) {
+				notice(t('Registration on this hub is disabled.')  . EOL);
+				return;
+			}
+
+			$mod = new Pubsites();
 			return $mod->get();
 		}
-	
+
 		if(intval(get_config('system','register_policy')) == REGISTER_APPROVE) {
 			$registration_is = t('Registration on this hub is by approval only.');
-			$other_sites = t('<a href="pubsites">Register at another affiliated hub.</a>');
+			$other_sites = '<a href="pubsites">' . t('Register at another affiliated hub in case when prefered') . '</a>';
 		}

+		$duty = zar_register_dutystate();
+
+		if (!get_config('system', 'register_duty_jso')) {
+			// if not yet configured default to true
+			$duty = array( 'isduty' => true, 'atfrm' => '', 'nowfmt' => '');
+		}

 		$invitations = false;
-
 		if(intval(get_config('system','invitation_only'))) {
 			$invitations = true;
 			$registration_is = t('Registration on this hub is by invitation only.');
-			$other_sites = t('<a href="pubsites">Register at another affiliated hub.</a>');
-		}
-	
-		$max_dailies = intval(get_config('system','max_daily_registrations'));
-		if($max_dailies) {
-			$r = q("select count(account_id) as total from account where account_created > %s - INTERVAL %s",
-				db_utcnow(), db_quoteinterval('1 day')
-			);
-			if($r && $r[0]['total'] >= $max_dailies) {
-				logger('max daily registrations exceeded.');
-				notice( t('This site has exceeded the number of allowed daily account registrations. Please try again tomorrow.') . EOL);
-				return;
-			}
+			$other_sites = '<a href="pubsites">' . t('Register at another affiliated hub') . '</a>';
+		} elseif (intval(get_config('system','invitation_also'))) {
+			$invitations = true;
 		}

-		$privacy_role = ((x($_REQUEST,'permissions_role')) ? $_REQUEST['permissions_role'] : "");
-
-		$perm_roles = \Zotlabs\Access\PermissionRoles::roles();
+		$opal = self::check_reg_limits();
+		if ( $opal['is'])
+			 $duty['atform'] = 'disabled';

 		// Configurable terms of service link
-	
 		$tosurl = get_config('system','tos_url');
 		if(! $tosurl)
 			$tosurl = z_root() . '/help/TermsOfService';
-	
+
 		$toslink = '<a href="' . $tosurl . '" target="_blank">' . t('Terms of Service') . '</a>';
-	
+
 		// Configurable whether to restrict age or not - default is based on international legal requirements
 		// This can be relaxed if you are on a restricted server that does not share with public servers
-	
+
 		if(get_config('system','no_age_restriction')) {
 			$label_tos = sprintf( t('I accept the %s for this website'), $toslink);
 		}
@@ -253,50 +487,96 @@ class Register extends Controller {
 		}

 		$enable_tos = 1 - intval(get_config('system','no_termsofservice'));
-	
-		$email        = array('email', t('Your email address'), ((x($_REQUEST,'email')) ? strip_tags(trim($_REQUEST['email'])) : ""));
-		$password     = array('password', t('Choose a password'), ''); 
-		$password2    = array('password2', t('Please re-enter your password'), ''); 
-		$invite_code  = array('invite_code', t('Please enter your invitation code'), ((x($_REQUEST,'invite_code')) ? strip_tags(trim($_REQUEST['invite_code'])) : ""));
-		$name = array('name', t('Your Name'), ((x($_REQUEST,'name')) ? $_REQUEST['name'] : ''), t('Real names are preferred.'));
-		$nickhub = '@' . str_replace(array('http://','https://','/'), '', get_config('system','baseurl'));
-		$nickname = array('nickname', t('Choose a short nickname'), ((x($_REQUEST,'nickname')) ? $_REQUEST['nickname'] : ''), sprintf( t('Your nickname will be used to create an easy to remember channel address e.g. nickname%s'), $nickhub));
-		$role = array('permissions_role' , t('Channel role and privacy'), ($privacy_role) ? $privacy_role : 'social', t('Select a channel permission role for your usage needs and privacy requirements.') . ' <a href="help/member/member_guide#Channel_Permission_Roles" target="_blank">' . t('Read more about channel permission roles') . '</a>',$perm_roles);
-		$tos = array('tos', $label_tos, '', '', array(t('no'),t('yes')));

-
-		$auto_create  = (get_config('system','auto_channel_create') ? true : false);
-		$default_role = get_config('system','default_permissions_role');
+		$auto_create  = get_config('system', 'auto_channel_create', 1);
 		$email_verify = get_config('system','verify_email');
-	
-		require_once('include/bbcode.php');
-	
-		$o = replace_macros(get_markup_template('register.tpl'), array(

+		$emailval = ((x($_REQUEST,'email')) ? strip_tags(trim($_REQUEST['email'])) : "");
+		$email = ['email',
+			t('Your email address'),
+			$emailval,
+			(($email_verify) ? t('Required') : t('Optional')),
+			(($email_verify) ? '*' : ''),
+			$duty['atform']
+		];
+
+		$password     = array('password', t('Choose a password'), '', '', '', $duty['atform']);
+		$password2    = array('password2', t('Please re-enter your password'), '', '', '', $duty['atform']);
+
+		$invite_code  = array('invite_code', t('Please enter your invitation code'), ((x($_REQUEST,'invite_code')) ? strip_tags(trim($_REQUEST['invite_code'])) : ""));
+
+		$name = array('name', t('Your name'), ((x($_REQUEST,'name')) ? $_REQUEST['name'] : ''), t('Real name is preferred'), '', '', $duty['atform']);
+		$nickhub = '@' . str_replace(array('http://','https://','/'), '', get_config('system','baseurl'));
+		$nickname = array('nickname', t('Choose a short nickname'),	((x($_REQUEST,'nickname')) ? $_REQUEST['nickname'] : ''), t('Your nickname will be used to create an easy to remember channel address'), '', '', $duty['atform']);
+
+		$tos = array('tos', $label_tos, ((x($_REQUEST,'tos')) ? $_REQUEST['tos'] : ''), '', [t('No'),t('Yes')], $duty['atform']);
+
+		$register_msg = ['register_msg', t('Why do you want to join this hub?'), ((x($_REQUEST,'register_msg')) ? $_REQUEST['register_msg'] : ''), t('This will help to review your registration')];
+
+		require_once('include/bbcode.php');
+
+		$o = replace_macros(get_markup_template('register.tpl'), array(
 			'$form_security_token' => get_form_security_token("register"),
 			'$title'        => t('Registration'),
 			'$reg_is'       => $registration_is,
+			'$register_msg' => $register_msg,
 			'$registertext' => bbcode(get_config('system','register_text')),
 			'$other_sites'  => $other_sites,
+			'$msg'          => $opal['msg'],
 			'$invitations'  => $invitations,
 			'$invite_code'  => $invite_code,
+			'$haveivc'		=> t('I have an invite code'),
+			'$now'			=> $duty['nowfmt'],
+			'$atform'		=> $duty['atform'],
 			'$auto_create'  => $auto_create,
 			'$name'         => $name,
-			'$role'         => $role,
-			'$default_role' => $default_role,
 			'$nickname'     => $nickname,
 			'$enable_tos'	=> $enable_tos,
 			'$tos'          => $tos,
 			'$email'        => $email,
+			'$validate'		=> $validate,
+			'$validate_link'=> $validate_link,
+			'$validate_here'=> $validate_here,
 			'$pass1'        => $password,
 			'$pass2'        => $password2,
 			'$submit'       => t('Register'),
-			'$verify_note'  => (($email_verify) ? t('This site requires email verification. After completing this form, please check your email for further instructions.') : ''),
+			'$nickhub'      => $nickhub
+
 		));
-	
+
 		return $o;
-	
 	}
-	
-	
+
+	function check_reg_limits() {
+		// check against register, account
+		$rear = array( 'is' => false, 'rn' => 0, 'an' => 0, 'msg' => '' );
+
+		$max_dailies = intval(get_config('system', 'max_daily_registrations', 50));
+
+		if ($max_dailies) {
+
+			$r = q("SELECT COUNT(reg_id) AS nr FROM register WHERE reg_vital = 1 AND reg_created > %s - INTERVAL %s",
+				db_utcnow(), db_quoteinterval('1 day')
+			);
+
+			$rear['is'] = ( $r && $r[0]['nr'] >= $max_dailies ) ? true : false;
+			$rear['rn'] = $r[0]['nr'];
+
+			if (!$rear['is']) {
+				$r = q("SELECT COUNT(account_id) AS nr FROM account WHERE account_created > %s - INTERVAL %s",
+					db_utcnow(), db_quoteinterval('1 day')
+				);
+
+				$rear['is'] = ( $r && ($r[0]['nr'] + $rear['rn']) >= $max_dailies ) ? true : false;
+				$rear['ra'] = $r[0]['nr'];
+			}
+
+			if ( $rear['is']) {
+				$rear['msg'] = t('This site has exceeded the number of allowed daily account registrations.');
+				zar_log('ZAR0333W ' . $rear['msg']);
+				$rear['is'] = true;
+			}
+		}
+		return $rear;
+	}
 }
--- a/Zotlabs/Module/Removeme.php
+++ b/Zotlabs/Module/Removeme.php
@@ -5,54 +5,54 @@ namespace Zotlabs\Module;
 class Removeme extends \Zotlabs\Web\Controller {

 	function post() {
-	
+
 		if(! local_channel())
 			return;
-	
+
 		if($_SESSION['delegate'])
 			return;
-	
+
 		if((! x($_POST,'qxz_password')) || (! strlen(trim($_POST['qxz_password']))))
 			return;
-	
+
 		if((! x($_POST,'verify')) || (! strlen(trim($_POST['verify']))))
 			return;
-	
+
 		if($_POST['verify'] !== $_SESSION['remove_account_verify'])
 			return;
-	
-	
+
+
 		$account = \App::get_account();
-	
-	
+
+
 		$x = account_verify_password($account['account_email'],$_POST['qxz_password']);
 		if(! ($x && $x['account']))
 			return;
-	
+
 		if($account['account_password_changed'] > NULL_DATE) {
 			$d1 = datetime_convert('UTC','UTC','now - 48 hours');
-			if($account['account_password_changed'] > d1) {
+			if($account['account_password_changed'] > $d1) {
 				notice( t('Channel removals are not allowed within 48 hours of changing the account password.') . EOL);
 				return;
 			}
 		}
-	
+
 		$global_remove = 0; //intval($_POST['global']);

 		channel_remove(local_channel(),1 - $global_remove,true);
-	
+
 	}
-	
-	
+
+
 	function get() {
-	
+
 		if(! local_channel())
 			goaway(z_root());
-	
+
 		$hash = random_string();
-	
+
 		$_SESSION['remove_account_verify'] = $hash;
-	
+
 		$tpl = get_markup_template('removeme.tpl');
 		$o .= replace_macros($tpl, array(
 			'$basedir' => z_root(),
@@ -63,9 +63,9 @@ class Removeme extends \Zotlabs\Web\Controller {
 			// '$global'  => [ 'global', t('Remove this channel and all its clones from the network'), false, t('By default only the instance of the channel located on this hub will be removed from the network'),  [ t('No'),t('Yes') ] ],
 			'$submit'  => t('Remove Channel')
 		));
-	
-		return $o;		
-	
+
+		return $o;
+
 	}
-	
+
 }
--- a/Zotlabs/Module/Rpost.php
+++ b/Zotlabs/Module/Rpost.php
@@ -1,12 +1,13 @@
 <?php
 namespace Zotlabs\Module; /** @file */

+use Zotlabs\Lib\Libzot;
+
 require_once('include/acl_selectors.php');
 require_once('include/crypto.php');
 require_once('include/items.php');
 require_once('include/taxonomy.php');
 require_once('include/conversation.php');
-require_once('include/zot.php');

 /**
 * remote post
@@ -42,7 +43,7 @@ class Rpost extends \Zotlabs\Web\Controller {
 				// by the wretched beast called 'suhosin'. All the browsers now allow long GET requests, but suhosin
 				// blocks them.

-				$url = get_rpost_path(\App::get_observer());
+				$url = Libzot::get_rpost_path(\App::get_observer());
 				// make sure we're not looping to our own hub
 				if(($url) && (! stristr($url, \App::get_hostname()))) {
 					foreach($_GET as $key => $arg) {
--- a/Zotlabs/Module/Search.php
+++ b/Zotlabs/Module/Search.php
@@ -14,7 +14,6 @@ class Search extends Controller {
 			App::$data['search'] = escape_tags($_REQUEST['search']);
 	}

-
 	function get($update = 0, $load = false) {

 		if ((get_config('system', 'block_public')) || (get_config('system', 'block_public_search'))) {
@@ -26,10 +25,11 @@ class Search extends Controller {

 		nav_set_selected('Search');

-		require_once("include/bbcode.php");
-		require_once('include/security.php');
+		require_once('include/bbcode.php');
 		require_once('include/conversation.php');
 		require_once('include/items.php');
+		require_once('include/security.php');
+

 		$format = (($_REQUEST['format']) ? $_REQUEST['format'] : '');
 		if ($format !== '') {
@@ -39,11 +39,9 @@ class Search extends Controller {
 		$observer      = App::get_observer();
 		$observer_hash = (($observer) ? $observer['xchan_hash'] : '');

-		$o = '<div id="live-search"></div>' . "\r\n";
+		$o = '<div class="generic-content-wrapper-styled">' . "\r\n";

-		$o .= '<div class="generic-content-wrapper-styled">' . "\r\n";
-
-		$o .= '<h3>' . t('Search') . '</h3>';
+		$o .= '<h2>' . t('Search') . '</h2>';

 		if (x(App::$data, 'search'))
 			$search = trim(App::$data['search']);
@@ -59,7 +57,7 @@ class Search extends Controller {
 		$o .= search($search, 'search-box', '/search', ((local_channel()) ? true : false));

 		if (local_channel() && strpos($search, 'https://') === 0 && !$update && !$load) {
-			$j = Activity::fetch($search, App::get_channel());
+			$j = Activity::fetch(punify($search), App::get_channel());
 			if ($j) {
 				$AS = new ActivityStreams($j);
 				if ($AS->is_valid()) {
@@ -88,21 +86,21 @@ class Search extends Controller {
 			$tag    = true;
 			$search = substr($search, 1);
 		}
-		if (strpos($search, '@') === 0) {
+		elseif(strpos($search, '@') === 0) {
 			$search = substr($search, 1);
 			goaway(z_root() . '/directory' . '?f=1&navsearch=1&search=' . $search);
 		}
-		if (strpos($search, '!') === 0) {
+		elseif(strpos($search, '!') === 0) {
 			$search = substr($search, 1);
 			goaway(z_root() . '/directory' . '?f=1&navsearch=1&search=' . $search);
 		}
-		if (strpos($search, '?') === 0) {
+		elseif(strpos($search, '?') === 0) {
 			$search = substr($search, 1);
 			goaway(z_root() . '/help' . '?f=1&navsearch=1&search=' . $search);
 		}

 		// look for a naked webbie
-		if (strpos($search, '@') !== false) {
+		if (strpos($search, '@') !== false && strpos($search, 'http') !== 0) {
 			goaway(z_root() . '/directory' . '?f=1&navsearch=1&search=' . $search);
 		}

@@ -194,7 +192,7 @@ class Search extends Controller {

 				if (local_channel()) {
 					$r = q("SELECT mid, MAX(id) as item_id from item
-						WHERE ((( item.allow_cid = ''  AND item.allow_gid = '' AND item.deny_cid  = '' AND item.deny_gid  = '' AND item_private = 0 ) 
+						WHERE ((( item.allow_cid = ''  AND item.allow_gid = '' AND item.deny_cid  = '' AND item.deny_gid  = '' AND item_private = 0 )
 						OR ( item.uid = %d )) OR item.owner_xchan = '%s' )
 						$item_normal
 						$sql_extra
@@ -210,7 +208,7 @@ class Search extends Controller {
 						and owner_xchan in ( " . stream_perms_xchans(($observer) ? (PERMS_NETWORK | PERMS_PUBLIC) : PERMS_PUBLIC) . " ))
 							$pub_sql ) OR owner_xchan = '%s')
 						$item_normal
-						$sql_extra 
+						$sql_extra
 						group by mid, created order by created desc $pager_sql",
 						dbesc($sys['xchan_hash'])
 					);
@@ -235,7 +233,7 @@ class Search extends Controller {
 			$items = [];
 		}

-		if ($format == 'json') {
+		if ($format === 'json') {
 			$result = [];
 			require_once('include/conversation.php');
 			foreach ($items as $item) {
--- a/Zotlabs/Module/Settings.php
+++ b/Zotlabs/Module/Settings.php
@@ -1,7 +1,6 @@
 <?php
 namespace Zotlabs\Module; /** @file */

-require_once('include/zot.php');
 require_once('include/security.php');

 class Settings extends \Zotlabs\Web\Controller {
@@ -11,68 +10,68 @@ class Settings extends \Zotlabs\Web\Controller {
 	function init() {
 		if(! local_channel())
 			return;
-	
+
 		if($_SESSION['delegate'])
 			return;
-	
+
 		\App::$profile_uid = local_channel();
-	
+
 		// default is channel settings in the absence of other arguments
-	
+
 		if(argc() == 1) {
 			// We are setting these values - don't use the argc(), argv() functions here
 			\App::$argc = 2;
 			\App::$argv[] = 'channel';
-		}	
+		}

 		$this->sm = new \Zotlabs\Web\SubModule();
 	}
-	
-	
+
+
 	function post() {
-	
+
 		if(! local_channel())
 			return;
-	
+
 		if($_SESSION['delegate'])
 			return;
-	
+
 		// logger('mod_settings: ' . print_r($_REQUEST,true));
-	
+
 		if(argc() > 1) {
 			if($this->sm->call('post') !== false) {
 				return;
 			}
 		}
-	
+
 		goaway(z_root() . '/settings' );
 		return; // NOTREACHED
 	}
-	
-	
-	
+
+
+
 	function get() {
-	
+
 		nav_set_selected('Settings');
-	
+
 		if((! local_channel()) || ($_SESSION['delegate'])) {
 			notice( t('Permission denied.') . EOL );
 			return login();
 		}
-	
-	
+
+
 		$channel = \App::get_channel();
 		if($channel)
 			head_set_icon($channel['xchan_photo_s']);
-	
+
 		$o = $this->sm->call('get');
 		if($o !== false)
 			return $o;

 		$o = '';

-	
-	}	
+
+	}
 }


--- a/Zotlabs/Module/Settings/Account.php
+++ b/Zotlabs/Module/Settings/Account.php
@@ -15,20 +15,23 @@ class Account {

 		$account = \App::get_account();
 		if($email != $account['account_email']) {
-			if(! validate_email($email))
-				$errs[] = t('Not valid email.');
-			$adm = trim(get_config('system','admin_email'));
-			if(($adm) && (strcasecmp($email,$adm) == 0)) {
-				$errs[] = t('Protected email address. Cannot change to that email.');
-				$email = \App::$account['account_email'];
-			}
-			if(! $errs) {
-				$r = q("update account set account_email = '%s' where account_id = %d",
-					dbesc($email),
-					intval($account['account_id'])
-				);
-				if(! $r)
-					$errs[] = t('System failure storing new email. Please try again.');
+			// a DId2 not an email addr does not allow to change to email addr
+			if (strpos($email, '@') > 0) {
+				if(! validate_email($email))
+					$errs[] = t('Not valid email.');
+				$adm = trim(get_config('system','admin_email'));
+				if(($adm) && (strcasecmp($email,$adm) == 0)) {
+					$errs[] = t('Protected email address. Cannot change to that email.');
+					$email = \App::$account['account_email'];
+				}
+				if(! $errs) {
+					$r = q("update account set account_email = '%s' where account_id = %d",
+						dbesc($email),
+						intval($account['account_id'])
+					);
+					if(! $r)
+						$errs[] = t('System failure storing new email. Please try again.');
+				}
 			}
 		}
 	
@@ -92,6 +95,7 @@ class Account {
 		call_hooks('account_settings', $account_settings);
 	
 		$email      = \App::$account['account_email'];
+		$attremail  = (!strpos($email, '@')) ? 'disabled="disabled"' : '';

 		$tpl = get_markup_template("settings_account.tpl");
 		$o .= replace_macros($tpl, array(
@@ -101,7 +105,7 @@ class Account {
 			'$password1'=> array('npassword', t('Enter New Password'), '', ''),
 			'$password2'=> array('confirm', t('Confirm New Password'), '', t('Leave password fields blank unless changing')),
 			'$submit' 	=> t('Submit'),
-			'$email' 	=> array('email', t('Email Address:'), $email, ''),
+			'$email' 	=> array('email', t('DId2 or Email Address:'), $email, '', '', $attremail),
 			'$removeme' => t('Remove Account'),
 			'$removeaccount' => t('Remove this account including all its channels'),
 			'$account_settings' => $account_settings
--- a/Zotlabs/Module/Settings/Channel.php
+++ b/Zotlabs/Module/Settings/Channel.php
@@ -16,11 +16,11 @@ class Channel {
 		$channel = \App::get_channel();

 		check_form_security_token_redirectOnErr('/settings', 'settings');
-		
+
 		call_hooks('settings_post', $_POST);
-	
+
 		$set_perms = '';
-	
+
 		$role = ((x($_POST,'permissions_role')) ? notags(trim($_POST['permissions_role'])) : '');
 		$oldrole = get_pconfig(local_channel(),'system','permissions_role');

@@ -28,9 +28,9 @@ class Channel {
 		if($oldrole === 'social_party') {
 			$oldrole = 'social_federation';
 		}
-	
+
 		if(($role != $oldrole) || ($role === 'custom')) {
-	
+
 			if($role === 'custom') {
 				$hide_presence    = (((x($_POST,'hide_presence')) && (intval($_POST['hide_presence']) == 1)) ? 1: 0);
 				$publish          = (((x($_POST,'profile_in_directory')) && (intval($_POST['profile_in_directory']) == 1)) ? 1: 0);
@@ -38,18 +38,18 @@ class Channel {
 				$r = q("update channel set channel_default_group = '%s' where channel_id = %d",
 					dbesc($def_group),
 					intval(local_channel())
-				);	
-	
+				);
+
 				$global_perms = \Zotlabs\Access\Permissions::Perms();
-	
+
 				foreach($global_perms as $k => $v) {
 					\Zotlabs\Access\PermissionLimits::Set(local_channel(),$k,intval($_POST[$k]));
 				}
 				$acl = new \Zotlabs\Access\AccessList($channel);
 				$acl->set_from_array($_POST);
 				$x = $acl->get();
-	
-				$r = q("update channel set channel_allow_cid = '%s', channel_allow_gid = '%s', 
+
+				$r = q("update channel set channel_allow_cid = '%s', channel_allow_gid = '%s',
 					channel_deny_cid = '%s', channel_deny_gid = '%s' where channel_id = %d",
 					dbesc($x['allow_cid']),
 					dbesc($x['allow_gid']),
@@ -93,13 +93,13 @@ class Channel {
 				}
 				// no default collection
 				else {
-					q("update channel set channel_default_group = '', channel_allow_gid = '', channel_allow_cid = '', channel_deny_gid = '', 
+					q("update channel set channel_default_group = '', channel_allow_gid = '', channel_allow_cid = '', channel_deny_gid = '',
 						channel_deny_cid = '' where channel_id = %d",
 							intval(local_channel())
 					);
 				}

-				if($role_permissions['perms_connect']) {	
+				if($role_permissions['perms_connect']) {
 					$x = \Zotlabs\Access\Permissions::FilledPerms($role_permissions['perms_connect']);
 					foreach($x as $k => $v) {
 						set_abconfig(local_channel(),$channel['channel_hash'],'my_perms',$k, $v);
@@ -110,7 +110,7 @@ class Channel {
 							del_pconfig(local_channel(),'autoperms',$k);
 						}
 					}
-				}	
+				}

 				if($role_permissions['limits']) {
 					foreach($role_permissions['limits'] as $k => $v) {
@@ -121,11 +121,11 @@ class Channel {
 					$publish = intval($role_permissions['directory_publish']);
 				}
 			}
-	
+
 			set_pconfig(local_channel(),'system','hide_online_status',$hide_presence);
 			set_pconfig(local_channel(),'system','permissions_role',$role);
 		}
-	
+
 		$username         = ((x($_POST,'username'))   ? notags(trim($_POST['username']))     : '');
 		$timezone         = ((x($_POST,'timezone_select'))   ? notags(trim($_POST['timezone_select']))     : '');
 		$defloc           = ((x($_POST,'defloc'))     ? notags(trim($_POST['defloc']))       : '');
@@ -135,36 +135,36 @@ class Channel {
 		$evdays           = ((x($_POST,'evdays'))     ? intval($_POST['evdays'])             : 3);
 		$photo_path       = ((x($_POST,'photo_path')) ? escape_tags(trim($_POST['photo_path'])) : '');
 		$attach_path      = ((x($_POST,'attach_path')) ? escape_tags(trim($_POST['attach_path'])) : '');
-	
+
 		$expire_items     = ((x($_POST,'expire_items')) ? intval($_POST['expire_items'])	 : 0);
 		$expire_starred   = ((x($_POST,'expire_starred')) ? intval($_POST['expire_starred']) : 0);
 		$expire_photos    = ((x($_POST,'expire_photos'))? intval($_POST['expire_photos'])	 : 0);
 		$expire_network_only    = ((x($_POST,'expire_network_only'))? intval($_POST['expire_network_only'])	 : 0);
-	
+
 		$allow_location   = (((x($_POST,'allow_location')) && (intval($_POST['allow_location']) == 1)) ? 1: 0);
-	
+
 		$blocktags        = (((x($_POST,'blocktags')) && (intval($_POST['blocktags']) == 1)) ? 0: 1); // this setting is inverted!
 		$unkmail          = (((x($_POST,'unkmail')) && (intval($_POST['unkmail']) == 1)) ? 1: 0);
 		$cntunkmail       = ((x($_POST,'cntunkmail')) ? intval($_POST['cntunkmail']) : 0);
-		$suggestme        = ((x($_POST,'suggestme')) ? intval($_POST['suggestme'])  : 0);  
-		$autoperms        = ((x($_POST,'autoperms')) ? intval($_POST['autoperms'])  : 0);  
-	
+		$suggestme        = ((x($_POST,'suggestme')) ? intval($_POST['suggestme'])  : 0);
+		$autoperms        = ((x($_POST,'autoperms')) ? intval($_POST['autoperms'])  : 0);
+
 		$post_newfriend   = (($_POST['post_newfriend'] == 1) ? 1: 0);
 		$post_joingroup   = (($_POST['post_joingroup'] == 1) ? 1: 0);
 		$post_profilechange   = (($_POST['post_profilechange'] == 1) ? 1: 0);
 		$adult            = (($_POST['adult'] == 1) ? 1 : 0);
 		$defpermcat       = ((x($_POST,'defpermcat')) ? notags(trim($_POST['defpermcat'])) : 'default');
-	
+
 		$mailhost        = ((array_key_exists('mailhost',$_POST)) ? notags(trim($_POST['mailhost'])) : '');
-	
+
 		$pageflags = $channel['channel_pageflags'];
 		$existing_adult = (($pageflags & PAGE_ADULT) ? 1 : 0);
 		if($adult != $existing_adult)
 			$pageflags = ($pageflags ^ PAGE_ADULT);
-	
-	
+
+
 		$notify = 0;
-	
+
 		if(x($_POST,'notify1'))
 			$notify += intval($_POST['notify1']);
 		if(x($_POST,'notify2'))
@@ -181,10 +181,10 @@ class Channel {
 			$notify += intval($_POST['notify7']);
 		if(x($_POST,'notify8'))
 			$notify += intval($_POST['notify8']);
-	
-	
+
+
 		$vnotify = 0;
-	
+
 		if(x($_POST,'vnotify1'))
 			$vnotify += intval($_POST['vnotify1']);
 		if(x($_POST,'vnotify2'))
@@ -215,13 +215,13 @@ class Channel {
 			$vnotify += intval($_POST['vnotify14']);
 		if(x($_POST,'vnotify15'))
 			$vnotify += intval($_POST['vnotify15']);
-	
+
 		$always_show_in_notices = x($_POST,'always_show_in_notices') ? 1 : 0;
-		
+
 		$err = '';
-	
+
 		$name_change = false;
-	
+
 		if($username != $channel['channel_name']) {
 			$name_change = true;
 			require_once('include/channel.php');
@@ -231,12 +231,12 @@ class Channel {
 				return;
 			}
 		}
-	
+
 		if($timezone != $channel['channel_timezone']) {
 			if(strlen($timezone))
 				date_default_timezone_set($timezone);
 		}
-	
+
 		set_pconfig(local_channel(),'system','use_browser_location',$allow_location);
 		set_pconfig(local_channel(),'system','suggestme', $suggestme);
 		set_pconfig(local_channel(),'system','post_newfriend', $post_newfriend);
@@ -251,7 +251,7 @@ class Channel {
 		set_pconfig(local_channel(),'system','default_permcat',$defpermcat);
 		set_pconfig(local_channel(),'system','email_notify_host',$mailhost);
 		set_pconfig(local_channel(),'system','autoperms',$autoperms);
-	
+
 		$r = q("update channel set channel_name = '%s', channel_pageflags = %d, channel_timezone = '%s', channel_location = '%s', channel_notifyflags = %d, channel_max_anon_mail = %d, channel_max_friend_req = %d, channel_expire_days = %d $set_perms where channel_id = %d",
 			dbesc($username),
 			intval($pageflags),
@@ -262,17 +262,17 @@ class Channel {
 			intval($maxreq),
 			intval($expire),
 			intval(local_channel())
-		);   
+		);
 		if($r)
 			info( t('Settings updated.') . EOL);
-	
+
 		if(! is_null($publish)) {
 			$r = q("UPDATE profile SET publish = %d WHERE is_default = 1 AND uid = %d",
 				intval($publish),
 				intval(local_channel())
 			);
 		}
-	
+
 		if($name_change) {
 			// change name on all associated xchans by matching the url
 			$r = q("update xchan set xchan_name = '%s', xchan_name_date = '%s' where xchan_url = '%s'",
@@ -285,49 +285,49 @@ class Channel {
 				intval($channel['channel_id'])
 			);
 		}
-	
+
 		\Zotlabs\Daemon\Master::Summon(array('Directory',local_channel()));
-	
+
 		Libsync::build_sync_packet();
-	
-	
+
+
 		if($email_changed && \App::$config['system']['register_policy'] == REGISTER_VERIFY) {
-	
+
 			// FIXME - set to un-verified, blocked and redirect to logout
 			// Q: Why? Are we verifying people or email addresses?
 			// A: the policy is to verify email addresses
 		}
-	
+
 		goaway(z_root() . '/settings' );
 		return; // NOTREACHED
 	}
-			
+
 	function get() {
-	
+
 		require_once('include/acl_selectors.php');
 		require_once('include/permissions.php');


 		$yes_no = array(t('No'),t('Yes'));
-	
-	
+
+
 		$p = q("SELECT * FROM profile WHERE is_default = 1 AND uid = %d LIMIT 1",
 			intval(local_channel())
 		);
 		if(count($p))
 			$profile = $p[0];
-	
+
 		load_pconfig(local_channel(),'expire');
-	
+
 		$channel = \App::get_channel();
-	
+
 		$global_perms = \Zotlabs\Access\Permissions::Perms();

 		$permiss = array();
-	
+
 		$perm_opts = array(
 			array( t('Nobody except yourself'), 0),
-			array( t('Only those you specifically allow'), PERMS_SPECIFIC), 
+			array( t('Only those you specifically allow'), PERMS_SPECIFIC),
 			array( t('Approved connections'), PERMS_CONTACTS),
 			array( t('Any connections'), PERMS_PENDING),
 			array( t('Anybody on this website'), PERMS_SITE),
@@ -335,10 +335,10 @@ class Channel {
 			array( t('Anybody authenticated'), PERMS_AUTHED),
 			array( t('Anybody on the internet'), PERMS_PUBLIC)
 		);
-	
+
 		$limits = \Zotlabs\Access\PermissionLimits::Get(local_channel());
 		$anon_comments = get_config('system','anonymous_comments',true);
-	
+
 		foreach($global_perms as $k => $perm) {
 			$options = array();
 			$can_be_public = ((strstr($k,'view') || ($k === 'post_comments' && $anon_comments)) ? true : false);
@@ -347,61 +347,61 @@ class Channel {
 					continue;
 				$options[$opt[1]] = $opt[0];
 			}
-			$permiss[] = array($k,$perm,$limits[$k],'',$options);			
+			$permiss[] = array($k,$perm,$limits[$k],'',$options);
 		}
-		
+
 		//		logger('permiss: ' . print_r($permiss,true));
-	
+
 		$username   = $channel['channel_name'];
 		$nickname   = $channel['channel_address'];
 		$timezone   = $channel['channel_timezone'];
 		$notify     = $channel['channel_notifyflags'];
 		$defloc     = $channel['channel_location'];
-	
+
 		$maxreq     = $channel['channel_max_friend_req'];
 		$expire     = $channel['channel_expire_days'];
 		$adult_flag = intval($channel['channel_pageflags'] & PAGE_ADULT);
 		$sys_expire = get_config('system','default_expire_days');
-	
+
 //		$unkmail    = \App::$user['unkmail'];
 //		$cntunkmail = \App::$user['cntunkmail'];
-	
+
 		$hide_presence = intval(get_pconfig(local_channel(), 'system','hide_online_status'));
-	
-	
+
+
 		$expire_items = get_pconfig(local_channel(), 'expire','items');
 		$expire_items = (($expire_items===false)? '1' : $expire_items); // default if not set: 1
-		
+
 		$expire_notes = get_pconfig(local_channel(), 'expire','notes');
 		$expire_notes = (($expire_notes===false)? '1' : $expire_notes); // default if not set: 1
-	
+
 		$expire_starred = get_pconfig(local_channel(), 'expire','starred');
 		$expire_starred = (($expire_starred===false)? '1' : $expire_starred); // default if not set: 1
-		
+
 		$expire_photos = get_pconfig(local_channel(), 'expire','photos');
 		$expire_photos = (($expire_photos===false)? '0' : $expire_photos); // default if not set: 0
-	
+
 		$expire_network_only = get_pconfig(local_channel(), 'expire','network_only');
 		$expire_network_only = (($expire_network_only===false)? '0' : $expire_network_only); // default if not set: 0
-	
-	
+
+
 		$suggestme = get_pconfig(local_channel(), 'system','suggestme');
 		$suggestme = (($suggestme===false)? '0': $suggestme); // default if not set: 0
-	
+
 		$post_newfriend = get_pconfig(local_channel(), 'system','post_newfriend');
 		$post_newfriend = (($post_newfriend===false)? '0': $post_newfriend); // default if not set: 0
-	
+
 		$post_joingroup = get_pconfig(local_channel(), 'system','post_joingroup');
 		$post_joingroup = (($post_joingroup===false)? '0': $post_joingroup); // default if not set: 0
-	
+
 		$post_profilechange = get_pconfig(local_channel(), 'system','post_profilechange');
 		$post_profilechange = (($post_profilechange===false)? '0': $post_profilechange); // default if not set: 0
-	
+
 		$blocktags  = get_pconfig(local_channel(),'system','blocktags');
 		$blocktags = (($blocktags===false) ? '0' : $blocktags);
-		
+
 		$timezone = date_default_timezone_get();
-	
+
 		$opt_tpl = get_markup_template("field_checkbox.tpl");
 		if(get_config('system','publish_all')) {
 			$profile_in_dir = '<input type="hidden" name="profile_in_directory" value="1" />';
@@ -411,20 +411,20 @@ class Channel {
 				'$field' 	=> array('profile_in_directory', t('Publish your default profile in the network directory'), $profile['publish'], '', $yes_no),
 			));
 		}
-	
+
 		$suggestme = replace_macros($opt_tpl,array(
 				'$field' 	=> array('suggestme',  t('Allow us to suggest you as a potential friend to new members?'), $suggestme, '', $yes_no),
-	
+
 		));
-	
+
 		$subdir = ((strlen(\App::get_path())) ? '<br />' . t('or') . ' ' . z_root() . '/channel/' . $nickname : '');

 		$webbie = $nickname . '@' . \App::get_hostname();
 		$intl_nickname = unpunify($nickname) . '@' . unpunify(\App::get_hostname());
-	
+

 		$tpl_addr = get_markup_template("settings_nick_set.tpl");
-	
+
 		$prof_addr = replace_macros($tpl_addr,array(
 			'$desc' => t('Your channel address is'),
 			'$nickname' => (($intl_nickname === $webbie) ? $webbie : $intl_nickname . '&nbsp;(' . $webbie . ')'),
@@ -447,27 +447,27 @@ class Channel {

 		$default_permcat = get_pconfig(local_channel(),'system','default_permcat','default');

-	
+
 		$stpl = get_markup_template('settings.tpl');
-	
+
 		$acl = new \Zotlabs\Access\AccessList($channel);
 		$perm_defaults = $acl->get();
-	
+
 		require_once('include/group.php');
 		$group_select = mini_group_select(local_channel(),$channel['channel_default_group']);
-	
+
 		$evdays = get_pconfig(local_channel(),'system','evdays');
 		if(! $evdays)
 			$evdays = 3;
-	
+
 		$permissions_role = get_pconfig(local_channel(),'system','permissions_role');
 		if(! $permissions_role)
 			$permissions_role = 'custom';
 		// compatibility mapping - can be removed after 3.4 release
-		if($permissions_role === 'social_party') 
+		if($permissions_role === 'social_party')
 			$permissions_role = 'social_federation';

-		if(in_array($permissions_role,['forum','repository'])) 	
+		if(in_array($permissions_role,['forum','repository']))
 			$autoperms = replace_macros(get_markup_template('field_checkbox.tpl'), [
 				'$field' =>  [ 'autoperms',t('Automatic membership approval'), ((get_pconfig(local_channel(),'system','autoperms')) ? 1 : 0), t('If enabled, connection requests will be approved without your interaction'), $yes_no ]]);
 		else
@@ -491,7 +491,7 @@ class Channel {

 		$o .= replace_macros($stpl,array(
 			'$ptitle' 	=> t('Channel Settings'),
-	
+
 			'$submit' 	=> t('Submit'),
 			'$baseurl' => z_root(),
 			'$uid' => local_channel(),
@@ -503,15 +503,15 @@ class Channel {
 			'$timezone' => array('timezone_select' , t('Your Timezone:'), $timezone, '', get_timezones()),
 			'$defloc'	=> array('defloc', t('Default Post Location:'), $defloc, t('Geographical location to display on your posts')),
 			'$allowloc' => array('allow_location', t('Use Browser Location:'), ((get_pconfig(local_channel(),'system','use_browser_location')) ? 1 : ''), '', $yes_no),
-			
+
 			'$adult'    => array('adult', t('Adult Content'), $adult_flag, t('This channel frequently or regularly publishes adult content. (Please tag any adult material and/or nudity with #NSFW)'), $yes_no),
-	
+
 			'$h_prv' 	=> t('Security and Privacy Settings'),
 			'$permissions_set' => $permissions_set,
 			'$perms_set_msg' => t('Your permissions are already configured. Click to view/adjust'),
-	
+
 			'$hide_presence' => array('hide_presence', t('Hide my online presence'),$hide_presence, t('Prevents displaying in your profile that you are online'), $yes_no),
-	
+
 			'$lbl_pmacro' => t('Simple Privacy Settings:'),
 			'$pmacro3'    => t('Very Public - <em>extremely permissive (should be used with caution)</em>'),
 			'$pmacro2'    => t('Typical - <em>default public, privacy when desired (similar to social network permissions but with improved privacy)</em>'),
@@ -519,9 +519,9 @@ class Channel {
 			'$pmacro0'    => t('Blocked - <em>default blocked to/from everybody</em>'),
 			'$permiss_arr' => $permiss,
 			'$blocktags' => array('blocktags',t('Allow others to tag your posts'), 1-$blocktags, t('Often used by the community to retro-actively flag inappropriate content'), $yes_no),
-	
+
 			'$lbl_p2macro' => t('Channel Permission Limits'),
-	
+
 			'$expire' => array('expire',t('Expire other channel content after this many days'),$expire, t('0 or blank to use the website limit.') . ' ' . ((intval($sys_expire)) ? sprintf( t('This website expires after %d days.'),intval($sys_expire)) : t('This website does not expire imported content.')) . ' ' . t('The website limit takes precedence if lower than your limit.')),
 			'$maxreq' 	=> array('maxreq', t('Maximum Friend Requests/Day:'), intval($channel['channel_max_friend_req']) , t('May reduce spam activity')),
 			'$permissions' => t('Default Privacy Group'),
@@ -540,10 +540,10 @@ class Channel {
 			'$profile_in_dir' => $profile_in_dir,
 			'$hide_friends' => $hide_friends,
 			'$hide_wall' => $hide_wall,
-			'$unkmail' => $unkmail,		
+			'$unkmail' => $unkmail,
 			'$cntunkmail' 	=> array('cntunkmail', t('Maximum private messages per day from unknown people:'), intval($channel['channel_max_anon_mail']) ,t("Useful to reduce spamming")),
-			
-			'$autoperms' => $autoperms,			
+
+			'$autoperms' => $autoperms,
 			'$h_not' 	=> t('Notification Settings'),
 			'$activity_options' => t('By default post a status message when:'),
 			'$post_newfriend' => array('post_newfriend',  t('accepting a friend request'), $post_newfriend, '', $yes_no),
@@ -558,12 +558,12 @@ class Channel {
 			'$notify6'  => array('notify6', t('You receive a friend suggestion'), ($notify & NOTIFY_SUGGEST), NOTIFY_SUGGEST, '', $yes_no),
 			'$notify7'  => array('notify7', t('You are tagged in a post'), ($notify & NOTIFY_TAGSELF), NOTIFY_TAGSELF, '', $yes_no),
 			'$notify8'  => array('notify8', t('You are poked/prodded/etc. in a post'), ($notify & NOTIFY_POKE), NOTIFY_POKE, '', $yes_no),
-			
+
 			'$notify9'  => array('notify9', t('Someone likes your post/comment'), ($notify & NOTIFY_LIKE), NOTIFY_LIKE, '', $yes_no),
-			
-	
+
+
 			'$lbl_vnot' 	=> t('Show visual notifications including:'),
-	
+
 			'$vnotify1'	=> array('vnotify1', t('Unseen stream activity'), ($vnotify & VNOTIFY_NETWORK), VNOTIFY_NETWORK, '', $yes_no),
 			'$vnotify2'	=> array('vnotify2', t('Unseen channel activity'), ($vnotify & VNOTIFY_CHANNEL), VNOTIFY_CHANNEL, '', $yes_no),
 			'$vnotify3'	=> array('vnotify3', t('Unseen private messages'), ($vnotify & VNOTIFY_MAIL), VNOTIFY_MAIL, t('Recommended'), $yes_no),
@@ -581,12 +581,13 @@ class Channel {
 			'$vnotify15'	=> array('vnotify15', t('Unseen forum posts'), ($vnotify & VNOTIFY_FORUMS), VNOTIFY_FORUMS, '', $yes_no),
 			'$mailhost' => [ 'mailhost', t('Email notification hub (hostname)'), get_pconfig(local_channel(),'system','email_notify_host',\App::get_hostname()), sprintf( t('If your channel is mirrored to multiple hubs, set this to your preferred location. This will prevent duplicate email notifications. Example: %s'),\App::get_hostname()) ],
 			'$always_show_in_notices'  => array('always_show_in_notices', t('Show new wall posts, private messages and connections under Notices'), $always_show_in_notices, 1, '', $yes_no),
-	
-			'$evdays' => array('evdays', t('Notify me of events this many days in advance'), $evdays, t('Must be greater than 0')),			
+			'$desktop_notifications_info' => t('Desktop notifications are unavailable because the required browser permission has not been granted'),
+			'$desktop_notifications_request' => t('Grant permission'),
+			'$evdays' => array('evdays', t('Notify me of events this many days in advance'), $evdays, t('Must be greater than 0')),
 			'$basic_addon' => $plugin['basic'],
 			'$sec_addon'  => $plugin['security'],
 			'$notify_addon' => $plugin['notify'],
-	
+
 			'$h_advn' => t('Advanced Account/Page Type Settings'),
 			'$h_descadvn' => t('Change the behaviour of this account for special situations'),
 			'$pagetype' => $pagetype,
@@ -596,11 +597,11 @@ class Channel {
 			'$removeme' => t('Remove Channel'),
 			'$removechannel' => t('Remove this channel.'),
 		));
-	
+
 		call_hooks('settings_form',$o);
-	
+
 		//$o .= '</form>' . "\r\n";
-	
+
 		return $o;
 	}
 }
--- a/Zotlabs/Module/Sse.php
+++ b/Zotlabs/Module/Sse.php
@@ -47,7 +47,6 @@ class Sse extends Controller {

 		self::$vnotify = get_pconfig(self::$uid, 'system', 'vnotify');

-		$sys = get_sys_channel();
 		$sleep_seconds = 3;

 		self::$sse_enabled = get_config('system', 'sse_enabled', 0);
@@ -109,7 +108,8 @@ class Sse extends Controller {
 				echo 'data: {}';
 				echo "\n\n";

-				ob_end_flush();
+				if(ob_get_length() > 0)
+					ob_end_flush();
 				flush();

 				if(connection_status() != CONNECTION_NORMAL || connection_aborted()) {
--- a/Zotlabs/Module/Sse_bs.php
+++ b/Zotlabs/Module/Sse_bs.php
@@ -6,6 +6,7 @@ use App;
 use Zotlabs\Lib\Apps;
 use Zotlabs\Web\Controller;
 use Zotlabs\Lib\Enotify;
+use Zotlabs\Lib\XConfig;

 class Sse_bs extends Controller {

@@ -36,7 +37,7 @@ class Sse_bs extends Controller {

 		self::$vnotify = get_pconfig(self::$uid, 'system', 'vnotify', -1);
 		self::$evdays = intval(get_pconfig(self::$uid, 'system', 'evdays'));
-		self::$limit = 50;
+		self::$limit = 30;
 		self::$offset = 0;
 		self::$xchans = '';

@@ -56,8 +57,6 @@ class Sse_bs extends Controller {

 		if(intval(argv(2)) > 0)
 			self::$offset = argv(2);
-		else
-			$_SESSION['sse_loadtime'] = datetime_convert();

 		$network = false;
 		$dm = false;
@@ -99,14 +98,14 @@ class Sse_bs extends Controller {
 			self::bs_forums(),
 			self::bs_pubs($pubs),
 			self::bs_files(),
-			self::bs_mail(),
 			self::bs_all_events(),
-			self::bs_register()
+			self::bs_register(),
+			self::bs_info_notice()
 		);

-		set_xconfig(self::$ob_hash, 'sse', 'timestamp', datetime_convert());
-		set_xconfig(self::$ob_hash, 'sse', 'notifications', []); // reset the cache
-		set_xconfig(self::$ob_hash, 'sse', 'language', App::$language);
+		XConfig::Set(self::$ob_hash, 'sse', 'notifications', []);
+		XConfig::Set(self::$ob_hash, 'sse', 'timestamp', datetime_convert());
+		XConfig::Set(self::$ob_hash, 'sse', 'language', App::$language);

 		json_return_and_die($result);
 	}
@@ -142,11 +141,15 @@ class Sse_bs extends Controller {
 		$result['network']['notifications'] = [];
 		$result['network']['count'] = 0;

-		if(! self::$uid)
+		if(! self::$uid) {
+			$result['network']['offset'] = -1;
 			return $result;
+		}

-		if(! (self::$vnotify & VNOTIFY_NETWORK))
+		if(! (self::$vnotify & VNOTIFY_NETWORK)) {
+			$result['network']['offset'] = -1;
 			return $result;
+		}

 		$limit = intval(self::$limit);
 		$offset = self::$offset;
@@ -173,7 +176,7 @@ class Sse_bs extends Controller {
 				$sql_extra2
 				ORDER BY created DESC LIMIT $limit OFFSET $offset",
 				intval(self::$uid),
-				dbescdate($_SESSION['sse_loadtime']),
+				dbescdate($_SESSION['page_loadtime']),
 				dbesc(self::$ob_hash)
 			);

@@ -214,11 +217,15 @@ class Sse_bs extends Controller {
 		$result['dm']['notifications'] = [];
 		$result['dm']['count'] = 0;

-		if(! self::$uid)
+		if(! self::$uid) {
+			$result['dm']['offset'] = -1;
 			return $result;
+		}

-		if(! (self::$vnotify & VNOTIFY_MAIL))
+		if(! (self::$vnotify & VNOTIFY_MAIL)) {
+			$result['dm']['offset'] = -1;
 			return $result;
+		}

 		$limit = intval(self::$limit);
 		$offset = self::$offset;
@@ -245,7 +252,7 @@ class Sse_bs extends Controller {
 				$sql_extra2
 				ORDER BY created DESC LIMIT $limit OFFSET $offset",
 				intval(self::$uid),
-				dbescdate($_SESSION['sse_loadtime']),
+				dbescdate($_SESSION['page_loadtime']),
 				dbesc(self::$ob_hash)
 			);

@@ -285,11 +292,15 @@ class Sse_bs extends Controller {
 		$result['home']['notifications'] = [];
 		$result['home']['count'] = 0;

-		if(! self::$uid)
+		if(! self::$uid) {
+			$result['home']['offset'] = -1;
 			return $result;
+		}

-		if(! (self::$vnotify & VNOTIFY_CHANNEL))
+		if(! (self::$vnotify & VNOTIFY_CHANNEL)) {
+			$result['home']['offset'] = -1;
 			return $result;
+		}

 		$limit = intval(self::$limit);
 		$offset = self::$offset;
@@ -317,7 +328,7 @@ class Sse_bs extends Controller {
 				$sql_extra2
 				ORDER BY created DESC LIMIT $limit OFFSET $offset",
 				intval(self::$uid),
-				dbescdate($_SESSION['sse_loadtime']),
+				dbescdate($_SESSION['page_loadtime']),
 				dbesc(self::$ob_hash)
 			);

@@ -357,15 +368,19 @@ class Sse_bs extends Controller {
 		$result['pubs']['notifications'] = [];
 		$result['pubs']['count'] = 0;

-		if(! (self::$vnotify & VNOTIFY_PUBS))
+		if(! (self::$vnotify & VNOTIFY_PUBS)) {
+			$result['pubs']['offset'] = -1;
 			return $result;
+		}

 		if((observer_prohibited(true))) {
+			$result['pubs']['offset'] = -1;
 			return $result;
 		}

 		if(! intval(get_config('system','open_pubstream',1))) {
 			if(! get_observer_hash()) {
+				$result['pubs']['offset'] = -1;
 				return $result;
 			}
 		}
@@ -400,7 +415,7 @@ class Sse_bs extends Controller {
 				$sql_extra2
 				ORDER BY created DESC LIMIT $limit OFFSET $offset",
 				intval($sys['channel_id']),
-				dbescdate($_SESSION['sse_loadtime']),
+				dbescdate($_SESSION['page_loadtime']),
 				dbesc(self::$ob_hash),
 				dbescdate($_SESSION['static_loadtime'])
 			);
@@ -616,36 +631,6 @@ class Sse_bs extends Controller {

 	}

-	function bs_mail() {
-
-		$result['mail']['notifications'] = [];
-		$result['mail']['count'] = 0;
-		$result['mail']['offset'] = -1;
-
-		if(! self::$uid)
-			return $result;
-
-		if(! (self::$vnotify & VNOTIFY_MAIL))
-			return $result;
-
-		$r = q("select mail.*, xchan.* from mail left join xchan on xchan_hash = from_xchan
-			where channel_id = %d and mail_seen = 0 and mail_deleted = 0
-			and from_xchan != '%s' order by created desc",
-			intval(self::$uid),
-			dbesc(self::$ob_hash)
-		);
-
-		if($r) {
-			foreach($r as $rr) {
-				$result['mail']['notifications'][] = Enotify::format_mail($rr);
-			}
-			$result['mail']['count'] = count($r);
-		}
-
-		return $result;
-
-	}
-
 	function bs_all_events() {

 		$result['all_events']['notifications'] = [];
@@ -686,12 +671,15 @@ class Sse_bs extends Controller {
 		if(! self::$uid && ! is_site_admin())
 			return $result;

+		$policy  = intval(get_config('system','register_policy'));
+		if(($policy & REGISTER_APPROVE) != REGISTER_APPROVE)
+			return $result;
+
 		if(! (self::$vnotify & VNOTIFY_REGISTER))
 			return $result;

-		$r = q("SELECT account_email, account_created from account where (account_flags & %d) > 0",
-			intval(ACCOUNT_PENDING)
-		);
+		$r = get_pending_accounts();
+
 		if($r) {
 			foreach($r as $rr) {
 				$result['register']['notifications'][] = Enotify::format_register($rr);
@@ -703,4 +691,22 @@ class Sse_bs extends Controller {

 	}

+	function bs_info_notice() {
+
+		$result['notice']['notifications'] = [];
+		$result['info']['notifications'] = [];
+
+		$r = XConfig::Get(self::$ob_hash, 'sse', 'notifications', []);
+
+		if(isset($r['notice']))
+			$result['notice']['notifications'] = $r['notice']['notifications'];
+
+		if(isset($r['info']))
+			$result['info']['notifications'] = $r['info']['notifications'];
+
+		return $result;
+
+	}
+
+
 }
--- a/Zotlabs/Module/Subthread.php
+++ b/Zotlabs/Module/Subthread.php
@@ -1,6 +1,9 @@
 <?php
 namespace Zotlabs\Module;

+use Zotlabs\Lib\Activity;
+
+
 require_once('include/security.php');
 require_once('include/bbcode.php');
 require_once('include/items.php');
@@ -10,22 +13,22 @@ require_once('include/items.php');
 class Subthread extends \Zotlabs\Web\Controller {

 	function get() {
-	
+
 		if(! local_channel()) {
 			return;
 		}
-	
+
 		$sys = get_sys_channel();
 		$channel = \App::get_channel();

 		$item_id = ((argc() > 2) ? notags(trim(argv(2))) : 0);
-	
+
 		if(argv(1) === 'sub')
 			$activity = ACTIVITY_FOLLOW;
 		elseif(argv(1) === 'unsub')
 			$activity = ACTIVITY_UNFOLLOW;
-	
-	
+
+
 		$i = q("select * from item where id = %d and uid = %d",
 			intval($item_id),
 			intval(local_channel())
@@ -42,7 +45,7 @@ class Subthread extends \Zotlabs\Web\Controller {
 				$item_id = (($i) ? $i[0]['id'] : 0);
 			}
 		}
-		
+
 		if(! $i) {
 			return;
 		}
@@ -56,37 +59,37 @@ class Subthread extends \Zotlabs\Web\Controller {
 				dbesc($r[0]['parent'])
 			);
 		}
-	
+
 		if((! $item_id) || (! $r)) {
 			logger('subthread: no item ' . $item_id);
 			return;
 		}
-	
+
 		$item = $r[0];
-	
+
 		$owner_uid = $item['uid'];
 		$observer = \App::get_observer();
 		$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
-	
+
 		if(! perm_is_allowed($owner_uid,$ob_hash,'post_comments'))
 			return;
-	
+
 		$sys = get_sys_channel();
-	
+
 		$owner_uid = $item['uid'];
 		$owner_aid = $item['aid'];
-	
+
 		// if this is a "discover" item, (item['uid'] is the sys channel),
 		// fallback to the item comment policy, which should've been
 		// respected when generating the conversation thread.
 		// Even if the activity is rejected by the item owner, it should still get attached
-		// to the local discover conversation on this site. 
-	
+		// to the local discover conversation on this site.
+
 		if(($owner_uid != $sys['channel_id']) && (! perm_is_allowed($owner_uid,$observer['xchan_hash'],'post_comments'))) {
 				notice( t('Permission denied') . EOL);
 				killme();
 		}
-	
+
 		$r = q("select * from xchan where xchan_hash = '%s' limit 1",
 			dbesc($item['owner_xchan'])
 		);
@@ -94,7 +97,7 @@ class Subthread extends \Zotlabs\Web\Controller {
 			$thread_owner = $r[0];
 		else
 			killme();
-	
+
 		$r = q("select * from xchan where xchan_hash = '%s' limit 1",
 			dbesc($item['author_xchan'])
 		);
@@ -102,50 +105,32 @@ class Subthread extends \Zotlabs\Web\Controller {
 			$item_author = $r[0];
 		else
 			killme();
-	
-	
-	
-	
+
+
+
+
 		$uuid = item_message_id();
 		$mid = z_root() . '/item/' . $uuid;

 		$post_type = (($item['resource_type'] === 'photo') ? t('photo') : t('status'));
-	
+
 		$links = array(array('rel' => 'alternate','type' => 'text/html', 'href' => $item['plink']));
-		$objtype = (($item['resource_type'] === 'photo') ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE ); 
-	
+		$objtype = (($item['resource_type'] === 'photo') ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE );
+
 		$body = $item['body'];
-	
-		$obj = json_encode(array(
-			'type'    => $objtype,
-			'id'      => $item['mid'],
-			'parent'  => (($item['thr_parent']) ? $item['thr_parent'] : $item['parent_mid']),
-			'link'    => $links,
-			'title'   => $item['title'],
-			'content' => $item['body'],
-			'created' => $item['created'],
-			'edited'  => $item['edited'],
-			'author'  => array(
-				'name'     => $item_author['xchan_name'],
-				'address'  => $item_author['xchan_addr'],
-				'guid'     => $item_author['xchan_guid'],
-				'guid_sig' => $item_author['xchan_guid_sig'],
-				'link'     => array(
-					array('rel' => 'alternate', 'type' => 'text/html', 'href' => $item_author['xchan_url']),
-					array('rel' => 'photo', 'type' => $item_author['xchan_photo_mimetype'], 'href' => $item_author['xchan_photo_m'])),
-				),
-		));
-	
+
+		$obj = Activity::fetch_item( [ 'id' => $item['mid'] ] );
+
 		if(! intval($item['item_thread_top']))
-			$post_type = 'comment';		
-	
+			$post_type = 'comment';
+
 		if($activity === ACTIVITY_FOLLOW)
 			$bodyverb = t('%1$s is following %2$s\'s %3$s');
 		if($activity === ACTIVITY_UNFOLLOW)
 			$bodyverb = t('%1$s stopped following %2$s\'s %3$s');
-	
+
 		$arr = array();
-	
+
 		$arr['uuid']          = $uuid;
 		$arr['mid']           = $mid;
 		$arr['aid']           = $owner_aid;
@@ -161,35 +146,35 @@ class Subthread extends \Zotlabs\Web\Controller {
 			$arr['item_wall'] = 1;
 		else
 			$arr['item_wall'] = 0;
-	
+
 		$ulink = '[zrl=' . $item_author['xchan_url'] . ']' . $item_author['xchan_name'] . '[/zrl]';
 		$alink = '[zrl=' . $observer['xchan_url'] . ']' . $observer['xchan_name'] . '[/zrl]';
 		$plink = '[zrl=' . z_root() . '/display/' . gen_link_id($item['mid']) . ']' . $post_type . '[/zrl]';
-		
+
 		$arr['body']          =  sprintf( $bodyverb, $alink, $ulink, $plink );
-	
+
 		$arr['verb']          = $activity;
 		$arr['obj_type']      = $objtype;
-		$arr['obj']           = $obj;
-	
+		$arr['obj']           = json_encode($obj);
+
 		$arr['allow_cid']     = $item['allow_cid'];
 		$arr['allow_gid']     = $item['allow_gid'];
 		$arr['deny_cid']      = $item['deny_cid'];
 		$arr['deny_gid']      = $item['deny_gid'];
-	
-		$post = item_store($arr);	
+
+		$post = item_store($arr);
 		$post_id = $post['item_id'];
-	
+
 		$arr['id'] = $post_id;
-	
+
 		call_hooks('post_local_end', $arr);
-	
+
 		killme();
-	
-	
+
+
 	}
-	
-	
-	
-	
+
+
+
+
 }
--- a/Zotlabs/Module/Suggest.php
+++ b/Zotlabs/Module/Suggest.php
@@ -15,17 +15,17 @@ class Suggest extends \Zotlabs\Web\Controller {

 		if(! Apps::system_app_installed(local_channel(), 'Suggest Channels'))
 			return;
-	
+
 		if(x($_GET,'ignore')) {
 			q("insert into xign ( uid, xchan ) values ( %d, '%s' ) ",
 				intval(local_channel()),
 				dbesc($_GET['ignore'])
 			);
 		}
-	
+
 	}
-			
-	
+
+
 	function get() {

 		if(! local_channel()) {
@@ -45,22 +45,22 @@ class Suggest extends \Zotlabs\Web\Controller {
 		$o = '';

 		nav_set_selected('Suggest Channels');
-	
+
 		$_SESSION['return_url'] = z_root() . '/' . \App::$cmd;
-	
+
 		$r = suggestion_query(local_channel(),get_observer_hash());
-	
+
 		if(! $r) {
 			info( t('No suggestions available. If this is a new site, please try again in 24 hours.'));
 			return;
 		}
-	
+
 		$arr = array();
-	
+
 		foreach($r as $rr) {
-	
-			$connlnk = z_root() . '/follow/?url=' . $rr['xchan_addr'];
-	
+
+			$connlnk = z_root() . '/follow?f=&url=' . $rr['xchan_addr'];
+
 			$arr[] = array(
 				'url' => chanlink_url($rr['xchan_url']),
 				'common' => $rr['total'],
@@ -73,15 +73,15 @@ class Suggest extends \Zotlabs\Web\Controller {
 				'ignore' => t('Ignore/Hide')
 			);
 		}
-	
-	
+
+
 		$o = replace_macros(get_markup_template('suggest_page.tpl'),array(
 			'$title' => t('Channel Suggestions'),
 			'$entries' => $arr
 		));
-	
+
 		return $o;
-	
+
 	}
-	
+
 }
--- a/Zotlabs/Module/Webpages.php
+++ b/Zotlabs/Module/Webpages.php
@@ -15,26 +15,26 @@ require_once('include/acl_selectors.php');
 class Webpages extends Controller {

 	function init() {
-	
+
 		if(argc() > 1 && argv(1) === 'sys' && is_site_admin()) {
 			$sys = get_sys_channel();
 			if($sys && intval($sys['channel_id'])) {
 				App::$is_sys = true;
 			}
 		}
-	
+
 		if(argc() > 1)
 			$which = argv(1);
 		else
 			return;
-	
+
 		profile_load($which);
-	
+
 	}
-	
-	
+
+
 	function get() {
-	
+
 		if(! App::$profile) {
 			notice( t('Requested profile is not available.') . EOL );
 			App::$error = 404;
@@ -53,13 +53,13 @@ class Webpages extends Controller {
 		nav_set_selected('Webpages');

 		$which = argv(1);
-		
+
 		$_SESSION['return_url'] = App::$query_string;
-	
+
 		$uid = local_channel();
 		$owner = 0;
 		$observer = App::get_observer();
-	
+
 		$channel = App::get_channel();

 		switch ($_SESSION['action']) {
@@ -74,7 +74,7 @@ class Webpages extends Controller {
 							'$blocks' => $_SESSION['blocks'],
 						));
 						return $o;
-				
+
        case 'importselected':
 						$_SESSION['action'] = null;
 						break;
@@ -85,7 +85,7 @@ class Webpages extends Controller {
 								break;
 						}
 						require_once('include/import.php');
-						
+
 						$pages = get_webpage_elements($channel, 'pages');
 						$layouts = get_webpage_elements($channel, 'layouts');
 						$blocks = get_webpage_elements($channel, 'blocks');
@@ -99,13 +99,13 @@ class Webpages extends Controller {
 						));
 						$_SESSION['export'] = null;
 						return $o;
-				
+
 				default :
 						$_SESSION['action'] = null;
 						break;
 		}
-		
-		
+
+
 		if(App::$is_sys && is_site_admin()) {
 			$sys = get_sys_channel();
 			if($sys && intval($sys['channel_id'])) {
@@ -114,7 +114,7 @@ class Webpages extends Controller {
 				$observer = $sys;
 			}
 		}
-	
+
 		if(! $owner) {
 			// Figure out who the page owner is.
 			$r = q("select channel_id from channel where channel_address = '%s'",
@@ -124,24 +124,24 @@ class Webpages extends Controller {
 				$owner = intval($r[0]['channel_id']);
 			}
 		}
-	
+
 		$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
-	
+
 		$perms = get_all_perms($owner,$ob_hash);
-	
+
 		if(! $perms['write_pages']) {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}
-	
+
 		$mimetype = (($_REQUEST['mimetype']) ? $_REQUEST['mimetype'] : get_pconfig($owner,'system','page_mimetype'));
-	
+
 		$layout = (($_REQUEST['layout']) ? $_REQUEST['layout'] : get_pconfig($owner,'system','page_layout'));
-	
+
 		// Create a status editor (for now - we'll need a WYSIWYG eventually) to create pages
-		// Nickname is set to the observers xchan, and profile_uid to the owner's.  
+		// Nickname is set to the observers xchan, and profile_uid to the owner's.
 		// This lets you post pages at other people's channels.
-	
+
 		if((! $channel) && ($uid) && ($uid == App::$profile_uid)) {
 			$channel = App::get_channel();
 		}
@@ -156,12 +156,12 @@ class Webpages extends Controller {
 		else {
 			$channel_acl = [ 'allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '' ];
 		}
-	
+

 		$is_owner = ($uid && $uid == $owner);

 		$o = '';
-	
+
 		$x = array(
 			'webpage' => ITEM_TYPE_WEBPAGE,
 			'is_owner' => true,
@@ -183,23 +183,23 @@ class Webpages extends Controller {
 			'bbco_autocomplete' => 'bbcode',
 			'bbcode' => true
 		);
-		
+
 		if($_REQUEST['title'])
 			$x['title'] = $_REQUEST['title'];
 		if($_REQUEST['body'])
 			$x['body'] = $_REQUEST['body'];
 		if($_REQUEST['pagetitle'])
 			$x['pagetitle'] = $_REQUEST['pagetitle'];
-	
-	
-		// Get a list of webpages.  We can't display all them because endless scroll makes that unusable, 
+
+
+		// Get a list of webpages.  We can't display all them because endless scroll makes that unusable,
 		// so just list titles and an edit link.
-	
-	
+
+
 		$sql_extra = item_permissions_sql($owner);
-	
-		$r = q("select * from iconfig left join item on iconfig.iid = item.id 
-			where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'WEBPAGE' and item_type = %d 
+
+		$r = q("select * from iconfig left join item on iconfig.iid = item.id
+			where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'WEBPAGE' and item_type = %d
 			$sql_extra order by item.created desc",
 			intval($owner),
 			intval(ITEM_TYPE_WEBPAGE)
@@ -211,14 +211,13 @@ class Webpages extends Controller {
 		$editor = status_editor($a,$x,false,'Webpages');

 		$pages = null;
-	
+
 		if($r) {
 			$pages = array();
 			foreach($r as $rr) {
-				unobscure($rr);
-	
+
 				$lockstate = (($rr['allow_cid'] || $rr['allow_gid'] || $rr['deny_cid'] || $rr['deny_gid']) ? 'lock' : 'unlock');
-	
+
 				$element_arr = array(
 					'type'		=> 'webpage',
 					'title'		=> $rr['title'],
@@ -243,11 +242,11 @@ class Webpages extends Controller {
 				);
 			}
 		}
-	
-	
+
+
 		//Build the base URL for edit links
 		$url = z_root() . '/editwebpage/' . $which;
-		
+
 		$o .= replace_macros(get_markup_template('webpagelist.tpl'), array(
 			'$listtitle'    => t('Webpages'),
 			'$baseurl'      => $url,
@@ -266,19 +265,19 @@ class Webpages extends Controller {
 			'$created_txt'  => t('Created'),
 			'$edited_txt'   => t('Edited')
 		));
-	
+
 		return $o;
 	}
-	
+
 	function post() {
    $action = $_REQUEST['action'];
 		if( $action ){
 			switch ($action) {
        case 'scan':
-					
+
 					// the state of this variable tracks whether website files have been scanned (null, true, false)
-					$cloud = null;	
-					
+					$cloud = null;
+
 					// Website files are to be imported from an uploaded zip file
 					if(($_FILES) && array_key_exists('zip_file',$_FILES) && isset($_POST['w_upload'])) {
 						$source = $_FILES["zip_file"]["tmp_name"];
@@ -306,8 +305,8 @@ class Webpages extends Controller {
 						} else {
 							notice( t('Error opening zip file') . EOL);
 							return null;
-						}	
-					} 
+						}
+					}

 					// Website files are to be imported from the channel cloud files
 					if (($_POST) && array_key_exists('path',$_POST) && isset($_POST['cloudsubmit'])) {
@@ -321,7 +320,7 @@ class Webpages extends Controller {
 						$cloud = true;

 					}
-					
+
 					// If the website files were uploaded or specified in the cloud files, then $cloud
 					// should be either true or false
 					if ($cloud !== null) {
@@ -345,24 +344,24 @@ class Webpages extends Controller {
 							notice( t('No webpage elements detected.') . EOL);
 							$_SESSION['action'] = null;
 						}
-						
+
 					}
-					
+
 					// If the website elements were imported from a zip file, delete the temporary decompressed files
 					if ($cloud === false && $website && $elements) {
 						$_SESSION['tempimportpath'] = $website;
 						//rrmdir($website);	// Delete the temporary decompressed files
 					}
-					
+
 					break;
-					
+
 				case 'importselected':
 						require_once('include/import.php');
 						$channel = App::get_channel();
-						
+
 						// Import layout first so that pages that reference new layouts will find
-						// the mid of layout items in the database						
-						
+						// the mid of layout items in the database
+
            // Obtain the user-selected layouts to import and import them
            $checkedlayouts = $_POST['layout'];
            $layouts = [];
@@ -380,7 +379,7 @@ class Webpages extends Controller {
 								}
            }
            $_SESSION['import_layouts'] = $layouts;
-            
+
            // Obtain the user-selected blocks to import and import them
            $checkedblocks = $_POST['block'];
            $blocks = [];
@@ -398,7 +397,7 @@ class Webpages extends Controller {
 								}
            }
            $_SESSION['import_blocks'] = $blocks;
-            
+
            // Obtain the user-selected pages to import and import them
            $checkedpages = $_POST['page'];
            $pages = [];
@@ -424,9 +423,9 @@ class Webpages extends Controller {
 								unset($_SESSION['tempimportpath']);
 						}
 						break;
-				
+
 				case 'exportzipfile':
-						
+
 						if(isset($_POST['w_download'])) {
 								$_SESSION['action'] = 'export_select_list';
 								$_SESSION['export'] = 'zipfile';
@@ -436,45 +435,45 @@ class Webpages extends Controller {
 										$filename = 'website.zip';
 								}
 								$_SESSION['zipfilename'] = $filename;
-								
+
 						}
-						
+
 						break;
-				
+
 				case 'exportcloud':
 						if(isset($_POST['exportcloudpath']) && $_POST['exportcloudpath'] !== '') {
 								$_SESSION['action'] = 'export_select_list';
 								$_SESSION['export'] = 'cloud';
 								$_SESSION['exportcloudpath'] = filter_var($_POST['exportcloudpath'], FILTER_SANITIZE_ENCODED);
 						}
-						
+
 						break;
-				
+
 				case 'cloud':
 				case 'zipfile':
-						
+
 						$channel = App::get_channel();
-						
+
 						$tmp_folder_name = random_string(10);
 						$zip_folder_name = random_string(10);
 						$zip_filename = $_SESSION['zipfilename'];
 						$tmp_folderpath = '/tmp/' . $tmp_folder_name;
 						$zip_folderpath = '/tmp/' . $zip_folder_name;
-						if (!mkdir($zip_folderpath, 0770, false)) {	
+						if (!mkdir($zip_folderpath, 0770, false)) {
 								logger('Error creating zip file export folder: ' . $zip_folderpath, LOGGER_NORMAL);
 								json_return_and_die(array('message' => 'Error creating zip file export folder'));
 						}
 						$zip_filepath = '/tmp/' . $zip_folder_name . '/' . $zip_filename;
-						
+
 						$checkedblocks = $_POST['block'];
            $blocks = [];
            if (!empty($checkedblocks)) {
                foreach ($checkedblocks as $mid) {
-										$b = q("select iconfig.v, iconfig.k, mimetype, title, body from iconfig 
-												left join item on item.id = iconfig.iid 
+										$b = q("select iconfig.v, iconfig.k, mimetype, title, body from iconfig
+												left join item on item.id = iconfig.iid
 												where mid = '%s' and item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'BUILDBLOCK' order by iconfig.v asc limit 1",
 												dbesc($mid),
-												intval($channel['channel_id'])																	
+												intval($channel['channel_id'])
 										);
 										if($b) {
 												$b = $b[0];
@@ -514,25 +513,25 @@ class Webpages extends Controller {
 												$block_filepath = $tmp_blockfolder . '/' . $block_filename;
 												$blockinfo['json']['contentfile'] = $block_filename;
 												$block_jsonpath = $tmp_blockfolder . '/block.json';
-												if (!is_dir($tmp_blockfolder) && !mkdir($tmp_blockfolder, 0770, true)) {	
+												if (!is_dir($tmp_blockfolder) && !mkdir($tmp_blockfolder, 0770, true)) {
 														logger('Error creating temp export folder: ' . $tmp_blockfolder, LOGGER_NORMAL);
 														json_return_and_die(array('message' => 'Error creating temp export folder'));
 												}
 												file_put_contents($block_filepath, $blockinfo['body']);
-												file_put_contents($block_jsonpath, json_encode($blockinfo['json'], JSON_UNESCAPED_SLASHES));																		
+												file_put_contents($block_jsonpath, json_encode($blockinfo['json'], JSON_UNESCAPED_SLASHES));
 										}
 								}
 						}
-						
+
 						$checkedlayouts = $_POST['layout'];
            $layouts = [];
            if (!empty($checkedlayouts)) {
                foreach ($checkedlayouts as $mid) {
-										$l = q("select iconfig.v, iconfig.k, mimetype, title, body from iconfig 
-												left join item on item.id = iconfig.iid 
+										$l = q("select iconfig.v, iconfig.k, mimetype, title, body from iconfig
+												left join item on item.id = iconfig.iid
 												where mid = '%s' and item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'PDL' order by iconfig.v asc limit 1",
 												dbesc($mid),
-												intval($channel['channel_id'])																	
+												intval($channel['channel_id'])
 										);
 										if($l) {
 												$l = $l[0];
@@ -558,38 +557,38 @@ class Webpages extends Controller {
 												$layout_filepath = $tmp_layoutfolder . '/' . $layout_filename;
 												$layoutinfo['json']['contentfile'] = $layout_filename;
 												$layout_jsonpath = $tmp_layoutfolder . '/layout.json';
-												if (!is_dir($tmp_layoutfolder) && !mkdir($tmp_layoutfolder, 0770, true)) {	
+												if (!is_dir($tmp_layoutfolder) && !mkdir($tmp_layoutfolder, 0770, true)) {
 														logger('Error creating temp export folder: ' . $tmp_layoutfolder, LOGGER_NORMAL);
 														json_return_and_die(array('message' => 'Error creating temp export folder'));
 												}
 												file_put_contents($layout_filepath, $layoutinfo['body']);
-												file_put_contents($layout_jsonpath, json_encode($layoutinfo['json'], JSON_UNESCAPED_SLASHES));																		
+												file_put_contents($layout_jsonpath, json_encode($layoutinfo['json'], JSON_UNESCAPED_SLASHES));
 										}
 								}
 						}
-						
+
 						$checkedpages = $_POST['page'];
            $pages = [];
            if (!empty($checkedpages)) {
                foreach ($checkedpages as $mid) {
-										
-										$p = q("select * from iconfig left join item on iconfig.iid = item.id 
+
+										$p = q("select * from iconfig left join item on iconfig.iid = item.id
 												where item.uid = %d and item.mid = '%s' and iconfig.cat = 'system' and iconfig.k = 'WEBPAGE' and item_type = %d",
 												intval($channel['channel_id']),
 												dbesc($mid),
 												intval(ITEM_TYPE_WEBPAGE)
 											);
-										
+
 										if($p) {
 												foreach ($p as $pp) {
 														// Get the associated layout
 														$layoutinfo = array();
 														if($pp['layout_mid']) {
-																$l = q("select iconfig.v, iconfig.k, mimetype, title, body from iconfig 
-																		left join item on item.id = iconfig.iid 
+																$l = q("select iconfig.v, iconfig.k, mimetype, title, body from iconfig
+																		left join item on item.id = iconfig.iid
 																		where mid = '%s' and item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'PDL' order by iconfig.v asc limit 1",
 																		dbesc($pp['layout_mid']),
-																		intval($channel['channel_id'])																	
+																		intval($channel['channel_id'])
 																);
 																if($l) {
 																		$l = $l[0];
@@ -614,12 +613,12 @@ class Webpages extends Controller {
 																		$layout_filepath = $tmp_layoutfolder . '/' . $layout_filename;
 																		$layoutinfo['json']['contentfile'] = $layout_filename;
 																		$layout_jsonpath = $tmp_layoutfolder . '/layout.json';
-																		if (!is_dir($tmp_layoutfolder) && !mkdir($tmp_layoutfolder, 0770, true)) {	
+																		if (!is_dir($tmp_layoutfolder) && !mkdir($tmp_layoutfolder, 0770, true)) {
 																				logger('Error creating temp export folder: ' . $tmp_layoutfolder, LOGGER_NORMAL);
 																				json_return_and_die(array('message' => 'Error creating temp export folder'));
 																		}
 																		file_put_contents($layout_filepath, $layoutinfo['body']);
-																		file_put_contents($layout_jsonpath, json_encode($layoutinfo['json'], JSON_UNESCAPED_SLASHES));																		
+																		file_put_contents($layout_jsonpath, json_encode($layoutinfo['json'], JSON_UNESCAPED_SLASHES));
 																}
 														}
 														switch ($pp['mimetype']) {
@@ -660,14 +659,14 @@ class Webpages extends Controller {
 														$page_filepath = $tmp_pagefolder . '/' . $page_filename;
 														$page_jsonpath = $tmp_pagefolder . '/page.json';
 														$pageinfo['json']['contentfile'] = $page_filename;
-														if (!is_dir($tmp_pagefolder) && !mkdir($tmp_pagefolder, 0770, true)) {	
+														if (!is_dir($tmp_pagefolder) && !mkdir($tmp_pagefolder, 0770, true)) {
 																logger('Error creating temp export folder: ' . $tmp_pagefolder, LOGGER_NORMAL);
 																json_return_and_die(array('message' => 'Error creating temp export folder'));
 														}
 														file_put_contents($page_filepath, $pageinfo['body']);
 														file_put_contents($page_jsonpath, json_encode($pageinfo['json'], JSON_UNESCAPED_SLASHES));
 												}
-										}										
+										}
                }
            }
 						if($action === 'zipfile') {
@@ -686,23 +685,23 @@ class Webpages extends Controller {
 										if(!$dirpath) {
 												$x = attach_mkdirp($channel, $channel['channel_hash'], array('pathname' => $cloudpath));
 												$folder_hash = (($x['success']) ? $x['data']['hash'] : '');
-												
+
 												if (!$x['success']) {
 														logger('Failed to create cloud file folder', LOGGER_NORMAL);
 												}
 												$dirpath = get_dirpath_by_cloudpath($channel, $cloudpath);
 												if (!is_dir($dirpath)) {
 														logger('Failed to create cloud file folder', LOGGER_NORMAL);
-												} 
+												}
 										}
-										
+
 										$success = copy_folder_to_cloudfiles($channel, $channel['channel_hash'], $tmp_folderpath, $cloudpath);
 								}
 						}
 						if(!$success) {
 								logger('Error exporting webpage elements', LOGGER_NORMAL);
 						}
-						
+
 						rrmdir($zip_folderpath); rrmdir($tmp_folderpath);		// delete temporary files
 						killme();

@@ -710,9 +709,9 @@ class Webpages extends Controller {
 				default :
 					break;
 			}
-			
+
 		}
-		
+
 	}
-	
+
 }
--- a/Show More
+++ b/Show More