Merge branch 'dev'

Update register_verify_eml.tpl

See merge request hubzilla/core!1998

.gitignore

@@ -33,8 +33,10 @@ apps/
 home.html
 # page header plugin
 pageheader.html
-# Ignore site TOS
+# Ignore site TOS & gddpr
 doc/SiteTOS.md
+doc/*/SiteTOS.md
+doc/*/gdpr.md
 # themes except for redbasic
 view/theme/*
 !view/theme/redbasic
@@ -55,6 +57,7 @@ tests/results/
 .buildpath
 .externalToolBuilders
 .settings/
+.pydevproject
 # NetBeans project folder
 nbproject/
 # Kdevelop project files
@@ -75,3 +78,5 @@ composer.phar
 vendor/**/tests/
 vendor/**/Test/
 vendor/sabre/*/examples/
+# /info is a directory containing site-specific HTML documents
+/info/

.gitlab-ci.yml

@@ -115,16 +115,16 @@ php7.3_mariadb10.3:
 
 
 # PHP7.3 with PostgreSQL latest (11)
-php7.3_postgres11:
-  <<: *job_definition_postgres
-  artifacts: *artifacts_template
+#php7.3_postgres11:
+#  <<: *job_definition_postgres
+#  artifacts: *artifacts_template
 
 
 # PHP7.3 with PostgreSQL latest (11)
-php7.3_postgres11:
-  <<: *job_definition_postgres
-  image: registry.gitlab.com/dawnbreak/hubzilla/core:php7.3
-  artifacts: *artifacts_template
+#php7.3_postgres11:
+#  <<: *job_definition_postgres
+#  image: registry.gitlab.com/dawnbreak/hubzilla/core:php7.3
+#  artifacts: *artifacts_template
 
 
 # Generate Doxygen API Documentation and deploy it as GitLab pages

CHANGELOG

@@ -1,3 +1,389 @@
+Hubzilla 7.0.2 (2022-02-09)
+	- Update french templates
+	- Add charset to the PDO connection strings
+	- Introduce delete keytype for get_activitystreams_key()
+	- Fix PHP error in Daemon/Externals
+	- Improved actor cache handling
+	- Implement manual fetch of packed local links
+	- Add JSalmon data to the meta field instead of data in Lib/ActivityStreams
+	- Fix some PHP8.1 deprecation warnings
+	- Fix delivery report for likes not found in some cases
+	- Allow zotfinger to recurse through all known hublocs if the one we got does not exist (404) or got removed (410)
+	- Diaspora: improve relaying of comments
+	- Fix regression in mod hcard
+	- Add the LD signature in Daemon/Notifier in case where there is no signed data available
+	- Prevent zot6 packet being saved as AP raw message
+	- Attach iconfig to the activity instead of the activity object
+
+	Addons
+	- Pubcrawl: make sure the sys channel falls through the app installed check
+	- Pubcrawl: improve local delivery of shared inbox items
+
+
+Hubzilla 7.0.1 (2022-01-28)
+	- Fix removing contacts from privacy groups in the contact edit modal
+	- Fix escape_tags() messing with URLs in actor_store()
+	- Fix pagination in the cards module if a category is selected
+	- Remove unused entries in webfinger
+	- Remove deprecated mail app from apps
+	- Set item_hidden for forum comment announces
+	- Fix relaying of signed messages for activitypub
+	- Fix contact role permissions not re-assigned if the role permission has changed
+	- Fix default channel role not set in rare cases
+
+	Addons
+	- Pubcrawl: fix webfinger not returning the fetched URL
+	- Pubcrawl: improved queue handling for rejected deliveries
+
+
+Hubzilla 7.0 (2022-01-21)
+	- Provide theme_color and background_color in App::$theme_info for usage in page meta and manifest
+	- PWA improvements according to lighthouse
+	- Refactor mod profile_photo
+	- Remove core legacy mail code
+	- Set session samesite cookie flag
+	- Improve toc bbcode for more flexible usecases
+	- Deprecate include/group in favor of Lib/AccessList
+	- Deprecate AccessList::widget()
+	- Mark forum channel profile images with a small icon in the timelines
+	- Improve privacy groups UI/UX
+	- Do not show connections widget if there are no connections
+	- Remove suggestions widget from various modules
+	- Provide guest access links for private resources in lockview
+	- Improve pconfig syncing
+	- deprecate include/group in favor of Lib/AccessList
+	- Implement background deleting of items in contact_remove()
+	- Refactor guest access tokens for better usability and provide quick access
+	- Refactor permissions handling
+	- Improved poll rendering
+
+	Bugfixes
+	- Fix items not deleted on remote channel purge
+	- Fix plink in post_activity_item()
+	- Fix multiple update_poll() calls dismissed in queueworker
+	- Fix blocked or ignored contacts displayed in connections
+	- Fix polls for forum channels
+
+	Addons:
+	- Legacy mail: remove
+	- Deprecate include/group in favor of Lib/AccessList
+	- Pubcrawl: support pleroma end time for polls
+	- Pubcrawl: slightly adjust the way we check mastodon direct messages
+	- Socialauth: scope support and improvements
+
+
+Hubzilla 6.4.2 (2021-12-14)
+	- Fix issue in mod sse_bs where returning message id's were assumed to be base64 encoded
+	- Fix announce activity type not registered as response activity
+
+
+Hubzilla 6.4.1 (2021-12-03)
+	- Fix hubloc_site_id in fix_system_urls() on detected site rename events
+	- Fix duplicate deliveries if duplicate hublocs available
+	- Redesign profile vcard for improved responsive handling
+	- Fix profile photos not stored in profile photo folder
+	- Maximum width of content region is now calculated in rem for improved responsive handling
+	- Fix likes notices emited allthough they are disabled
+	- Fix page not reloaded after comment/like in mod photos - issue #1651
+	- Port improved Lib/HttpMeta from zap
+	- Improved responsive aside
+
+
+Hubzilla 6.4 (2021-11-09)
+	- Automatically connect the invitee with the inviting channel
+	- Use the composer version of urlify
+	- Implement zip file import of exported items from mod uexport
+	- Start sending supported protocols with the actor object
+	- Split up manual item export to separate sections
+	- Serve w3.org jsonld documents locally - issue #1637
+	- Support IDNA URL embedding
+	- Improve handling of re-installed hubs in lib HTTPSig
+	- BBcode support for notes widget/app
+	- Implement a force flag for HTTPSig::get_key()
+	- Update composer libs
+	- Use Libzot::fetch_conversation for manual content import
+	- Implement optional force argument in Libzot::process_delivery
+	- Improve german doco
+	- Move sync logic for apps to mod appman
+	- Provide sync for system apps
+	- Update certificates
+	- Return status code 410 if a channel is deleted
+	- Add optional argument to channelx_by_* functions to allow inclusion of removed channels
+	- Improve file upload performance
+	- Introduce progress tracking for channel cloning via network (not compatible with cloning from older versions)
+	- Improve channel delete performance by moving some actions to background tasks
+	- Introduce all in one channel cloning via network (not compatible with cloning from older versions)
+	- Rename zotfeed to outbox but keep an alias for compatibility
+	- Implement apps un-starring from the app bin via drag and drop
+	- Re-implement the externals daemon
+	- Add zot6 specific handling to onepoll
+	- Implement the top option in items_fetch() which will only return top level items
+	- Add notices tab to HQ widget
+	- Improve mod manage performance
+	- Add option to mark all notices of a thread read if a notice of the thread is clicked (default true)
+	- Provide a get_cached_actor_provider hook and improve the author/owner handling in Libzot::import()
+
+	Bugfixes
+	- Fix issue where remote channels could not create wiki pages due to wron permission check - issue #1640
+	- Fix dutch registration email template
+	- Fix selection of invite template
+	- Fix too restrictive email check in mod invite
+	- Fix photos and albums ActivityStreams 2 representation
+	- Fix keys always fetched from network in lib HTTPSig for some AP implementations
+	- Fix album display of root directory
+	- Fix onepoll importing to deleted channels
+	- Fix rendering of image tags in codeblocks
+	- Fix webfinger and xrd providing results for removed channels
+	- Fix alt_pager() providing too many arguments
+	- Fix drop_query_params() if no query params are provided
+	- Fix duplicate entries for dead hubs in delivery report
+	- Fix site lookup
+	- Fix mod locs displaying drop icons for local channels
+	- Fix multiple issues with propagating deletes of cloned channels
+	- Fix apps can be draged outsite of drop areas
+	- Fix removed channels counted in max id check
+	- Fix api_auth not fetching the id if it was not cached
+	- Fix public stream unseen notifications displayed allthough the app is not installed
+	- Fix possible storage conversion stuck on file save error
+	- Fix notification panel collapsed state not saved if closed manually
+	- Fix find_best_identity() dismissing AP hublocs
+	- Fix likes and commments on direct messages mixed up in notices
+	- Fix rewrite of links to resources in body fails if nicknames of clones differ - issue #1507
+	- Fix syncing outdated data due to profile sync done before the fields were updated
+	- Fix $desturl set to wrong value (null)
+
+	Addons
+	- Cart: add settings URL to the apd file
+	- Diaspora: remove deprecated included
+	- Cart: remove deprecated include
+	- Openid: remove library/urlify in favor of composer installed versions
+	- Pubcrawl: provide tags indicating the supported protocols
+	- Pubcrawl: if we do not get an uuid, create a v5 uuid from the mid
+	- Cart: fix rendering regressions from bootstrap5 upgrade
+	- Upgrade_info: fix dismiss button
+	- Pubcrawl: move fetch_provider from core to addon
+	- Diaspora: fix regression in fetch_provider
+	- Content_import: fix syntax error
+	- Queueworker: update priorities
+	- Pubcrawl: only lookup announce author if we actually deal with an announce
+	- Pubcrawl: make sure we have the best identity before we make the abook lookup
+	- Pubcrawl: outbox moved to core
+	- Diaspora: implement the get_cached_actor_provider hook
+
+
+Hubzilla 6.2.2 (2021-10-03)
+	- Fix an issue which could lead to loss of photos under certain conditions
+
+
+Hubzilla 6.2.1 (2021-09-16)
+	- Fix regression introduced in 6.2 where Diaspora comments on Hubzilla posts were not relayed
+	- Fix wrong variable used for refresh under certain conditions
+	- Fix issue where summary tag was processed in cleanup_bbcode() while it shoud not
+	- Fix issue where profile name change was not applied if done from non primary location
+	- Fix spacing issue for collapsed pinned apps with an image
+	- Fix language selector reloading the page if not clicking exactly the icon
+	- Fix regression displaying bootstrap modals introduced in 6.2
+
+
+Hubzilla 6.2 (2021-09-08)
+	- Deprecate the custom highlight [hl] bbcode in favor of [mark] which is a html5 standard
+	- Check post_mail permission when receiving a direct message
+	- Refactor actor store and cache mechanism
+	- Add optional strict flag (false) to base64url_decode() which is passed on to base64_decode()
+	- Update russian translations
+	- Add optional force flag (false) to Activity::actor_store()
+	- Improved icon lookup for actor objects
+	- Improved desktop notifications
+	- Make Hubzilla installable as PWA in supported browsers
+	- Capitalized widget titles (redbasic)
+	- Make images loaded counter showing % loaded instead of actual image count
+	- Deprecate optional channel menu in favor of extended app bin
+	- Implement infrastructure to provide an app install widget for modules
+	- Implement app descriptions
+	- Implement app drag and drop sorting
+	- Implement app drag and drop pinning/starring
+	- Update polish translations
+	- Update to bootstrap 5 and adjust templates
+
+	Bugfixes
+	- Fix anonymous comments for cards and articles
+	- Resolve regex interference between contact and channel autocomplete
+	- Fix files stored in wrong directory when uploaded in the photo module
+	- Fix records with empty public key selected for OWA
+	- Fix import_author_zot failing if primary is both dead and unknown - issue #1599
+	- Fix regression with bookmarks
+	- Fix pubstream notifications link redirecting to mod hq when not local
+	- Cleanup legacy mail leftovers - issue #1595
+	- Fix getimagesize() called with empty path
+	- Fix display issue caused by redundant closing div tag
+
+	Addons
+	- Pubcrawl: fix post to forum - issue #159
+	- Diaspora: implement post_mail permissions for direct messages
+	- Pubcrawl: implement post_mail permissions for direct messages
+	- Pubcrawl: deprecate asencode_person() in favor of Activity::encode_person()
+	- Pubcrawl: implement Activity::get_actor_collections() to reflect core actor store changes
+	- Diaspora: fix use of deprecated function
+	- Twitter: prevent re-retweeting of a post from a clone if it has already been sent
+	- Totp: use platform name instead of banner text
+	- Pubcrawl: use force flag when updating an actor
+	- Sse: do not process possible empty hashes
+	- Implement app descriptions for addons that already support the apps infrastructure
+
+
+Hubzilla 6.0.1 (2021-07-27)
+	- Fix regression in notification handling introduced in 6.0
+	- Fix regression in regard to unified session page load times introduced in 6.0
+	- Fix photo description textarea only available if create status post enabled
+	- Fix item not found by message id at clone locations
+	- Dismiss deleted xchans in mod chanview
+
+
+Hubzilla 6.0 (2021-07-09)
+	- Implement swipe to right for bringing in left aside
+	- DB update 1247 to clean up bogus entries in updates
+	- DB update 1246 to mark legacy zot xchans and hublocs deleted
+	- Implement desktop notifications
+	- Emit a warning if the calendar for the created event is disabled
+	- Add an option to drop media for bbcode processing
+	- Make mod HQ the default landing page after login
+	- Implement direct messages view for mod HQ
+	- Implement public/restricted messages view for mod HQ
+	- Implement starred messages view for mod HQ (only available if the Star Posts feature is enabled)
+	- Update composer libs
+	- Remove deprecated mod ping
+	- Remove legacy zot libs and functions - major cleanup
+
+	Bugfixes
+	- Fix deleting and starring in unthreaded view
+	- Fix issue where incomplete datasets were stored into updates
+	- Fix photo item tags not stored and propagated
+	- Fix notifications not loading if a filter was applied
+	- Fix in browser email validation for registrations
+	- Fix directory sync issues
+	- Fix issue where the original rawmsg iconfig got overwritten
+	- Fix unmaintained id3 pareser for PHP8
+	- Fix item_private state for imported items
+	- Random PHP8 fixes (ongoing)
+
+	Addons
+	- Pubcrawl: fix ld-signature for profile updates
+	- Pubcrawl: deprecate as_actor_store() in favor of Activity::actor_store()
+	- Twitter: prevent duplicated tweets
+	- Remove legacy zot dpendencies and deprecated functions
+	- Pubcrawl: fix remote reply for peertube
+	- Pubcrawl: fix issue where we could end up with an xchan but without hubloc
+	- Diaspora: implement the direct_message_recipients hook
+	- Queueworker: add a simple priority mechanism to prevent not so important janitor tasks (e.g. onedirsync) stuffing up the queue and delaying delivery of items
+	- Pubcrawl: implement direct message recognision for activities coming from Mastodon
+	- Pubcrawl: always show complete threads (complete as in all the messages we have received) in public stream
+	- Twitter_api: remove the mail endpoint
+	- Mail: make interface read only with the possibility to download and delete mails (this addon will be removed in a future version)
+	- Pubsubhubbub: move to addons-unmaintained
+	- GNU-Social: move to addons-unmaintained
+	- Fixes to reflect core notifier changes
+	- Diaspora: refactor conversations a.k.a mail to implement direct messages infrastructure
+	- Pubcrawl: allow hublocs to be upgraded from ostatus
+	- Diaspora: fix issue where we could end up with an xchan but without hubloc
+
+
+Hubzilla 5.6.1 (2021-06-04)
+	- Update spanish translations
+	- Fix login name label if register email verification is disabled
+	- Fix zotinfo issue with deleted channels
+	- Make pubstream ordering configurable
+	- Fix article summary duplicated when editing
+	- Update polish translations
+	- Fix admin setting for invitations not displayed correctly
+	- Fix registration in invite only mode
+	- Fix notifications not returning offset -1 when returning early
+	- Fix direct messages for items imported via sync
+	- Bring back the channel protocols hooks
+	- Fix security headers switching
+	- Fix magic auth for delegated channels
+	- Introduce drop_query_params() for secure query parameter removal
+	- PHP8 fixes (ongoing)
+	- Fix menu wrapping regression
+
+	Addons
+	- LDAPauth: fix regression creating an account
+	- Twitter: allow feeds crossposting
+	- Twitter: fix posting when post by default is disabled
+	- Pubcrawl: add litepub directMessage attribute
+	- Pubcrawl: allow xchan/hubloc upgrades from e.g. ostatus
+	- Diaspora: fix possible issue with missing hublocs
+	- Diaspora: refine dispatching of public of public items
+
+
+Hubzilla 5.6 (2021-05-11)
+	- Improve postgres hubloc queries
+	- Implement automatic duplicate singleton hubloc removal
+	- Send author id, id_sig and key fields along with author/owner
+	- Implement custom redis session backend
+	- Improved registration workflow
+	- Complete rewrite of the registration backend with many new features
+	- Complete rewrite of the invite app
+	- Update Spanish, Russian and Polish translations
+	- Improved PHP8 compatibiliy (work in progress)
+
+	Bugfixes
+	- Fix manual fetching of non-ascii domains
+	- Fix revision not compared when importing items
+	- Fix events not transformed to UTC when importing calendar
+	- Fix timezone issue in mod cal
+	- Fix profile photos not revalidated
+	- Fix regression in caldav/carddav discovery
+	- Fix caldav/carddav sync on remote access
+	- Fix info and notice messages not bootstraped when using SSE
+	- Fix URL including an @ treated like a webbie
+	- Fix cover photo image issues on some mobile devices
+
+	Addons
+	- Diaspora: improve performance when delivering public items
+	- Diaspora: make sure to not process same contact more than once
+	- Pubcrawl: make sure to not process same contact more than once
+	- Pubcrawl: do not relay Like and Dislike activity
+	- Pubcrawl: deprecate as_follow() in favour of core Activity::follow()
+	- Pubcrawl: improved compatibility with mobilizon and xwiki
+	- Pubcrawl: do not process follow/unfollw thread in as_create_note()
+	- Diaspora: do not relay comments/likes of strangers if the thread-owner is local and does not allow comments/likes by strangers in the diaspora app settings
+
+
+Hubzilla 5.4.3 (2021-04-20)
+	- Fix regression in mod notifications (only the last was visible)
+	- Set Permissions-Policy: interest-cohort=() header by default
+	- Fix xchans containing a % breaking get_forum_channels()
+	- Fix webfinger if using a reverse proxy
+	- Fix regression finding bookmarks
+	- Fix zot6 hublocs import on channel import
+	- Fix revision not checked in import_items()
+
+
+Hubzilla 5.4.2 (2021-03-15)
+	- Fix translation plural variable
+	- Fix issue with following/unfollowing a thread
+	- Fix rendering of long text in xchan vcard
+	- Fix local link for rss content if rewrite author is sets
+	- Fix regression in mod display
+
+	Addons
+	- Pubcrawl: fix issue with following/unfollowing a thread
+	- Pubcrawl: more robust implementation of mastodon remote reply
+	- Photocache: remove suffix from the cached photo URL
+
+
+Hubzilla 5.4.1 (2021-03-09)
+	- Fix profile not found if not logged in
+	- Fix summary not reset on cancel
+	- Fix summary not saved with aoutosave draft
+	- Fix unexpected trigger of buttons when pressing enter in input fields
+	- Fix spanish plural expression
+	- Fix undefined page-end on non dynamic pages
+
+	Addons
+	- Pubcrawl: fix regression in pubcrawl_follow_mod_init()
+
+
 Hubzilla 5.4 (2021-03-08)
 	- Add new connections to privacy group independend from the default privacy group settings
 	- group_add() return group hash to save a lookup

CHANGELOG.air

@@ -0,0 +1,48 @@
+"air" is a branch name for revision of Account-Invite-Register at the Hubzilla project
+
+Invite:
+* Rewritten and now language template driven
+* Selectable templates for the invite mails
+* Invitor may add personal notes in the mailtext
++ Invite codes are bound to the recipients email address
+* Invite mod never more creates accounts
+* new db scheme for table register
+* existing register table will be migrated to the new schema even when detected at runtime
+* Bugfix: creating invite codes when admin only calls Invite w/o any further action
+* account library revision also together with invite mod
+* Depending on config: Users may send invitations also
+* Invitations expires, controlled by the invitor
+* Changed and new configs:
+* * invitation_only       As usual before
+* * invitation_also       Beside other registration policies, invitations may be used also
+* * invitation_max_per_day	defaults 50, may be changed in adminUI admin>site
+* * invitation_max_per_user defaults 4
+* Requirements:
+* * Addon language has to be installed
+
+Register:
+* Register panel (form) and js interaction changed
+* Unused registrations expire
+* Depending on config, anonymous registrations (w/o email) are supported
+* :... dont't panic, that may let grow security
+* Even anonymous users have to confirm their registration
+* Registrations may be enabled / disabled time driven for each day in the week (dudy)
+* Unsoliced registration floods may be blocked
+* Limited registrations from one single source ip
+* Using one additional log file, to easy interfare with f2b
+
+Account:
+* An user account always becomes created only if all depending conditions are satisfied
+* AdminUI for site configuration, accounts and registrations enhancements
+* Still untouched, but accountUI needs enhanced async control in case for mass delete
+  with deep level of recursion cascade of the dependencies (channels etc). An open TODO
+  since years for instances with many much users and channels.
+
+History:
+2020.03 Hubzilla Prod version 4.6 (master branch) of hubzilla/core was the base for AIR 
+        that was assigned Version 4.6.2 at sn/core
+2021.02 Hubzilla Prod version 5.2.1 (master branch) of hubzilla/core was new base for AIR
+        that was assigned version 5.2.2 at sn/core (air.5)
+        plus adjustment of hubzilla 5.2.2 (master) to sn/core (air.5) version 5.2.9
+
+

SBOM.md

@@ -2,20 +2,21 @@
 
 |Name|Version|License|Source|
 |----|-------|-------|------|
-|blueimp/jquery-file-upload|10.31.0.0|MIT|https://github.com/vkhramtsov/jQuery-File-Upload.git|
-|brick/math|0.9.2.0|MIT|https://github.com/brick/math.git|
+|blueimp/jquery-file-upload|10.32.0.0|MIT|https://github.com/vkhramtsov/jQuery-File-Upload.git|
+|brick/math|0.9.3.0|MIT|https://github.com/brick/math.git|
 |bshaffer/oauth2-server-php|1.11.1.0|MIT|https://github.com/bshaffer/oauth2-server-php.git|
-|commerceguys/intl|1.0.7.0|MIT|https://github.com/commerceguys/intl.git|
+|commerceguys/intl|1.1.0.0|MIT|https://github.com/commerceguys/intl.git|
 |desandro/imagesloaded|4.1.4.0|MIT|https://github.com/desandro/imagesloaded.git|
 |ezyang/htmlpurifier|4.13.0.0|LGPL-2.1-or-later|https://github.com/ezyang/htmlpurifier.git|
-|league/html-to-markdown|4.10.0.0|MIT|https://github.com/thephpleague/html-to-markdown.git|
+|jbroadway/urlify|1.2.2.0|BSD-3-Clause-Clear|https://github.com/jbroadway/urlify.git|
+|league/html-to-markdown|5.0.1.0|MIT|https://github.com/thephpleague/html-to-markdown.git|
 |lukasreschke/id3parser|0.0.3.0|GPL|https://github.com/LukasReschke/ID3Parser.git|
 |michelf/php-markdown|1.9.0.0|BSD-3-Clause|https://github.com/michelf/php-markdown.git|
 |pear/text_languagedetect|1.0.1.0|BSD-2-Clause|https://github.com/pear/Text_LanguageDetect.git|
-|phpseclib/phpseclib|2.0.30.0|MIT|https://github.com/phpseclib/phpseclib.git|
-|psr/log|1.1.3.0|MIT|https://github.com/php-fig/log.git|
-|ramsey/collection|1.1.3.0|MIT|https://github.com/ramsey/collection.git|
-|ramsey/uuid|4.1.1.0|MIT|https://github.com/ramsey/uuid.git|
+|phpseclib/phpseclib|2.0.33.0|MIT|https://github.com/phpseclib/phpseclib.git|
+|psr/log|1.1.4.0|MIT|https://github.com/php-fig/log.git|
+|ramsey/collection|1.2.2.0|MIT|https://github.com/ramsey/collection.git|
+|ramsey/uuid|4.2.3.0|MIT|https://github.com/ramsey/uuid.git|
 |sabre/dav|4.1.5.0|BSD-3-Clause|https://github.com/sabre-io/dav.git|
 |sabre/event|5.1.2.0|BSD-3-Clause|https://github.com/sabre-io/event.git|
 |sabre/http|5.1.1.0|BSD-3-Clause|https://github.com/sabre-io/http.git|
@@ -23,9 +24,13 @@
 |sabre/vobject|4.3.5.0|BSD-3-Clause|https://github.com/sabre-io/vobject.git|
 |sabre/xml|2.2.3.0|BSD-3-Clause|https://github.com/sabre-io/xml.git|
 |simplepie/simplepie|1.5.6.0|BSD-3-Clause|https://github.com/simplepie/simplepie.git|
-|smarty/smarty|3.1.38.0|LGPL-3.0|https://github.com/smarty-php/smarty.git|
-|symfony/polyfill-ctype|1.22.0.0|MIT|https://github.com/symfony/polyfill-ctype.git|
-|twbs/bootstrap|4.6.0.0|MIT|https://github.com/twbs/bootstrap.git|
+|smarty/smarty|3.1.39.0|LGPL-3.0|https://github.com/smarty-php/smarty.git|
+|symfony/polyfill-ctype|1.23.0.0|MIT|https://github.com/symfony/polyfill-ctype.git|
+|symfony/polyfill-php80|1.23.1.0|MIT|https://github.com/symfony/polyfill-php80.git|
+|symfony/polyfill-php81|1.23.0.0|MIT|https://github.com/symfony/polyfill-php81.git|
+|twbs/bootstrap|5.1.3.0|MIT|https://github.com/twbs/bootstrap.git|
+|voku/portable-ascii|1.5.6.0|MIT|https://github.com/voku/portable-ascii.git|
+|voku/stop-words|2.0.1.0|MIT|https://github.com/voku/stop-words.git|
 |fullcalendar/fullcalendar|4.4.2.0|MIT|https://github.com/fullcalendar/fullcalendar.git|
 |miromannino/Justified-Gallery|3.8.1.0|MIT|https://github.com/miromannino/Justified-Gallery.git|
 |fengyuanchen/cropperjs|1.5.7.0|MIT|https://github.com/fengyuanchen/cropperjs.git|

ServiceWorker.js

@@ -0,0 +1,10 @@
+// This file should be served from the web root to avoid scope and cookie related issues with some browsers
+self.addEventListener('install', function(e) {
+	console.log('install event');
+});
+
+self.addEventListener('fetch', function(e) {
+	// nothing here yet
+	return;
+});
+

Zotlabs/Access/PermissionLimits.php

@@ -89,4 +89,4 @@ class PermissionLimits {
 
 		return false;
 	}
-}
+}

Zotlabs/Access/PermissionRoles.php

@@ -17,7 +17,7 @@ class PermissionRoles {
 	 * @return number
 	 */
 	static public function version() {
-		return 2;
+		return 3;
 	}
 
 	static function role_perms($role) {
@@ -27,6 +27,54 @@ class PermissionRoles {
 		$ret['role'] = $role;
 
 		switch($role) {
+
+			case 'public':
+				$ret['default_collection'] = false;
+				$ret['perms_connect'] = [
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage', 'view_pages', 'view_wiki',
+					'send_stream', 'post_comments', 'post_mail', 'post_wall', 'chat', 'post_like', 'republish'
+				];
+				$ret['limits'] = PermissionLimits::Std_Limits();
+				$ret['limits']['post_comments'] = PERMS_AUTHED;
+				$ret['limits']['post_mail'] = PERMS_AUTHED;
+				$ret['limits']['post_like'] = PERMS_AUTHED;
+				$ret['limits']['chat'] = PERMS_AUTHED;
+				break;
+
+			// Hubzilla default role
+			case 'personal':
+				$ret['default_collection'] = true;
+				$ret['perms_connect'] = [
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage', 'view_pages', 'view_wiki',
+					'send_stream', 'post_comments', 'post_mail', 'chat', 'post_like'
+				];
+				$ret['limits'] = PermissionLimits::Std_Limits();
+				$ret['limits']['view_contacts'] = PERMS_SPECIFIC;
+				break;
+
+			case 'group':
+				$ret['default_collection'] = false;
+				$ret['perms_connect'] = [
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+					'view_pages', 'view_wiki', 'post_wall', 'post_comments',
+					'post_mail', 'post_like', 'chat'
+				];
+				$ret['limits'] = PermissionLimits::Std_Limits();
+				$ret['channel_type'] = 'group';
+				break;
+
+			// Provide some defaults for the custom role so that we do not start
+			// with no permissions at all if we create a new channel with this role
+			case 'custom':
+				$ret['default_collection'] = true;
+				$ret['perms_connect'] = [
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage', 'view_pages', 'view_wiki',
+					'send_stream', 'post_comments', 'post_mail', 'chat', 'post_like'
+				];
+				$ret['limits'] = PermissionLimits::Std_Limits();
+				break;
+
+/*
 			case 'social':
 				$ret['perms_auto'] = false;
 				$ret['default_collection'] = false;
@@ -193,13 +241,14 @@ class PermissionRoles {
 				$ret['channel_type'] = 'group';
 
 				break;
+*/
 
-			case 'custom':
 			default:
 				break;
 		}
 
 		$x = get_config('system','role_perms');
+
 		// let system settings over-ride any or all
 		if($x && is_array($x) && array_key_exists($role,$x))
 			$ret = array_merge($ret,$x[$role]);
@@ -284,6 +333,7 @@ class PermissionRoles {
 	 */
 	static public function roles() {
 		$roles = [
+
 			t('Social Networking') => [
 				'social_federation' => t('Social - Federation'),
 				'social' => t('Social - Mostly Public'),
@@ -317,4 +367,29 @@ class PermissionRoles {
 		return $roles;
 	}
 
+	/**
+	 * @brief Array with translated role names and grouping.
+	 *
+	 * Return an associative array with role names that can be used
+	 * to create select groups like in \e field_select_grouped.tpl.
+	 *
+	 * @return array
+	 */
+	static public function channel_roles() {
+		$channel_roles = [
+			//'public' => [t('Public'), t('A very permissive role suited for participation in the fediverse')],
+			//'personal' => [t('Personal'), t('The $Projectname default role suited for a personal channel')],
+			//'forum' => [t('Community forum'), t('This role configures your channel to act as an community forum')],
+			//'custom' => [t('Custom'), t('This role comes with the presets of the personal role but allows you to configure it to your needs')]
+			'public' => t('Public'),
+			'personal' => t('Personal'),
+			'group' => t('Community forum'),
+			'custom' => t('Custom')
+		];
+
+		call_hooks('list_channel_roles', $channel_roles);
+
+		return $channel_roles;
+	}
+
 }

Zotlabs/Access/Permissions.php

@@ -41,7 +41,7 @@ class Permissions {
 	 * @return number
 	 */
 	static public function version() {
-		return 2;
+		return 3;
 	}
 
 	/**
@@ -65,11 +65,11 @@ class Permissions {
 			'write_wiki'    => t('Can write to my wiki pages'),
 			'post_wall'     => t('Can post on my channel (wall) page'),
 			'post_comments' => t('Can comment on or like my posts'),
-			'post_mail'     => t('Can send me private mail messages'),
+			'post_mail'     => t('Can send me direct messages'),
 			'post_like'     => t('Can like/dislike profiles and profile things'),
-			'tag_deliver'   => t('Can forward to all my channel connections via ! mentions in posts'),
 			'chat'          => t('Can chat with me'),
-			'republish'     => t('Can source my public posts in derived channels'),
+			'republish'     => t('Can source/mirror my public posts in derived channels'),
+			//'tag_deliver'   => t('Can forward to my contacts via direct messages (forum)'),
 			'delegate'      => t('Can administer my channel')
 		];
 
@@ -217,25 +217,23 @@ class Permissions {
 
 		$my_perms  = [];
 		$permcat   = null;
-		$automatic = 0;
+		$automatic = get_pconfig($channel_id, 'system', 'autoperms');
 
 		// If a default permcat exists, use that
 
-		$pc = ((feature_enabled($channel_id, 'permcats')) ? get_pconfig($channel_id, 'system', 'default_permcat') : 'default');
-		if (!in_array($pc, ['', 'default'])) {
-			$pcp     = new Zlib\Permcat($channel_id);
-			$permcat = $pcp->fetch($pc);
-			if ($permcat && $permcat['perms']) {
-				foreach ($permcat['perms'] as $p) {
-					$my_perms[$p['name']] = $p['value'];
-				}
+		$pc = get_pconfig($channel_id, 'system', 'default_permcat', 'default');
+		$pcp     = new Zlib\Permcat($channel_id);
+		$permcat = $pcp->fetch($pc);
+		if ($permcat && $permcat['perms']) {
+			foreach ($permcat['perms'] as $p) {
+				$my_perms[$p['name']] = $p['value'];
 			}
 		}
 
 		// look up the permission role to see if it specified auto-connect
 		// and if there was no permcat or a default permcat, set the perms
 		// from the role
-
+/*
 		$role = get_pconfig($channel_id, 'system', 'permissions_role');
 		if ($role) {
 			$xx = PermissionRoles::role_perms($role);
@@ -247,11 +245,12 @@ class Permissions {
 				$my_perms      = Permissions::FilledPerms($default_perms);
 			}
 		}
+*/
 
 		// If we reached this point without having any permission information,
 		// it is likely a custom permissions role. First see if there are any
 		// automatic permissions.
-
+/*
 		if (!$my_perms) {
 			$m = Permissions::FilledAutoperms($channel_id);
 			if ($m) {
@@ -259,11 +258,12 @@ class Permissions {
 				$my_perms  = $m;
 			}
 		}
-
+*/
 		// If we reached this point with no permissions, the channel is using
 		// custom perms but they are not automatic. They will be stored in abconfig with
 		// the channel's channel_hash (the 'self' connection).
 
+/*
 		if (!$my_perms) {
 			$r = q("select channel_hash from channel where channel_id = %d",
 				intval($channel_id)
@@ -280,10 +280,10 @@ class Permissions {
 				}
 			}
 		}
-
-		return (['perms' => $my_perms, 'automatic' => $automatic]);
+*/
+		return (['perms' => $my_perms, 'automatic' => $automatic, 'role' => $pc]);
 	}
-
+/*
 	static public function serialise($p) {
 		$n = [];
 		if ($p) {
@@ -295,4 +295,5 @@ class Permissions {
 		}
 		return implode(',', $n);
 	}
+*/
 }

Zotlabs/Daemon/Channel_purge.php

@@ -0,0 +1,34 @@
+<?php
+
+namespace Zotlabs\Daemon;
+
+class Channel_purge {
+
+	static public function run($argc,$argv) {
+
+		cli_startup();
+
+		$channel_id = intval($argv[1]);
+
+		$channel = q("select * from channel where channel_id = %d and channel_removed = 1",
+			intval($channel_id)
+		);
+
+		if (! $channel) {
+			return;
+		}
+
+		do {
+			$r = q("select id from item where uid = %d and item_deleted = 0 limit 1000",
+				intval($channel_id)
+			);
+			if ($r) {
+				foreach ($r as $rv) {
+					drop_item($rv['id'], false);
+				}
+			}
+		} while ($r);
+
+		return;
+	}
+}

Zotlabs/Daemon/Content_importer.php

@@ -0,0 +1,77 @@
+<?php
+
+namespace Zotlabs\Daemon;
+
+use Zotlabs\Web\HTTPSig;
+use Zotlabs\Lib\PConfig;
+
+
+require_once('include/cli_startup.php');
+require_once('include/attach.php');
+require_once('include/import.php');
+
+class Content_importer {
+
+	static public function run($argc,$argv) {
+		cli_startup();
+
+		$page = $argv[1];
+		$since = $argv[2];
+		$until = $argv[3];
+		$channel_address = $argv[4];
+		$hz_server = urldecode($argv[5]);
+
+		$m = parse_url($hz_server);
+
+		$channel = channelx_by_nick($channel_address);
+		if(! $channel) {
+			logger('channel not found');
+			return;
+		}
+
+		$headers = [
+			'X-API-Token'      => random_string(),
+			'X-API-Request'    => $hz_server . '/api/z/1.0/item/export_page?f=&since=' . urlencode($since) . '&until=' . urlencode($until) . '&page=' . $page ,
+			'Host'             => $m['host'],
+			'(request-target)' => 'get /api/z/1.0/item/export_page?f=&since=' . urlencode($since) . '&until=' . urlencode($until) . '&page=' . $page ,
+		];
+
+		$headers = HTTPSig::create_sig($headers,$channel['channel_prvkey'], channel_url($channel),true,'sha512');
+
+		$x = z_fetch_url($hz_server . '/api/z/1.0/item/export_page?f=&since=' . urlencode($since) . '&until=' . urlencode($until) . '&page=' . $page,false,$redirects,[ 'headers' => $headers ]);
+
+		// logger('item fetch: ' . print_r($x,true));
+
+		if(! $x['success']) {
+			logger('no API response',LOGGER_DEBUG);
+			killme();
+		}
+
+		$j = json_decode($x['body'],true);
+
+		if(! is_array($j['item']) || ! count($j['item'])) {
+			PConfig::Set($channel['channel_id'], 'import', 'content_completed', 1);
+			return;
+		}
+
+		$saved_notification_flags = notifications_off($channel['channel_id']);
+
+		import_items($channel,$j['item'],false,((array_key_exists('relocate',$j)) ? $j['relocate'] : null));
+
+		notifications_on($channel['channel_id'], $saved_notification_flags);
+
+		PConfig::Set($channel['channel_id'], 'import', 'content_progress', [
+			'items_total' => $j['items_total'],
+			'items_page' => $j['items_page'],
+			'items_current_page' => count($j['item']),
+			'last_page' => $page,
+			'next_cmd' => ['Content_importer', sprintf('%d',$page + 1), $since, $until, $channel['channel_address'], urlencode($hz_server)]
+		]);
+
+		$page++;
+
+		Master::Summon([ 'Content_importer', sprintf('%d',$page), $since, $until, $channel['channel_address'], urlencode($hz_server) ]);
+
+		return;
+	}
+}

Zotlabs/Daemon/Cron.php

@@ -36,7 +36,6 @@ class Cron {
 		// run queue delivery process in the background
 
 		Master::Summon(array('Queue'));
-
 		Master::Summon(array('Poller'));
 
 		/**
@@ -48,18 +47,14 @@ class Cron {
 			db_quoteinterval('3 MINUTE')
 		);
 
-		// expire any expired mail
-
-		q("delete from mail where expires > '%s' and expires < %s ",
-			dbesc(NULL_DATE),
-			db_utcnow()
-		);
+		require_once('include/account.php');
+		remove_expired_registrations();
 
 		$interval = get_config('system', 'delivery_interval', 3);
 
 		// expire any expired items
 
-		$r = q("select id,item_wall from item where expires > '2001-01-01 00:00:00' and expires < %s 
+		$r = q("select id,item_wall from item where expires > '2001-01-01 00:00:00' and expires < %s
 			and item_deleted = 0 ",
 			db_utcnow()
 		);
@@ -131,7 +126,7 @@ class Cron {
 
 		// publish any applicable items that were set to be published in the future
 		// (time travel posts). Restrict to items that have come of age in the last
-		// couple of days to limit the query to something reasonable. 
+		// couple of days to limit the query to something reasonable.
 
 		$r = q("select id from item where item_delayed = 1 and created <= %s  and created > '%s' ",
 			db_utcnow(),
@@ -162,11 +157,6 @@ class Cron {
 			}
 		}
 
-
-		// check if any connections transitioned to zot6 and upgrade the connections to zot6 at this hub if so.
-		require_once('include/connections.php');
-		z6trans_connections();
-
 		require_once('include/attach.php');
 		attach_upgrade();
 
@@ -192,7 +182,7 @@ class Cron {
 		// update any photos which didn't get imported properly
 		// This should be rare
 
-		$r = q("select xchan_photo_l, xchan_hash from xchan where xchan_photo_l != '' and xchan_photo_m = '' 
+		$r = q("select xchan_photo_l, xchan_hash from xchan where xchan_photo_l != '' and xchan_photo_m = ''
 			and xchan_photo_date < %s - INTERVAL %s",
 			db_utcnow(),
 			db_quoteinterval('1 DAY')
@@ -215,10 +205,9 @@ class Cron {
 
 		// pull in some public posts
 
-/*		$disable_discover_tab = get_config('system', 'disable_discover_tab') || get_config('system', 'disable_discover_tab') === false;
+		$disable_discover_tab = get_config('system', 'disable_discover_tab') || get_config('system', 'disable_discover_tab') === false;
 		if (!$disable_discover_tab)
-			Master::Summon(array('Externals'));
-*/
+			Master::Summon(['Externals']);
 
 		$restart = false;
 
@@ -238,7 +227,7 @@ class Cron {
 
 		set_config('system', 'lastcron', datetime_convert());
 
-		//All done - clear the lockfile	
+		//All done - clear the lockfile
 		@unlink($lockfile);
 
 		return;

Zotlabs/Daemon/Cron_daily.php

@@ -93,8 +93,7 @@ class Cron_daily {
 		Master::Summon(array('Cli_suggest'));
 
 		remove_obsolete_hublocs();
-
-		z6_discover();
+		remove_duplicate_singleton_hublocs();
 
 		$date = datetime_convert();
 		call_hooks('cron_daily', $date);

Zotlabs/Daemon/Deliver.php

@@ -2,7 +2,7 @@
 
 namespace Zotlabs\Daemon;
 
-require_once('include/queue_fn.php');
+use Zotlabs\Lib\Queue;
 
 class Deliver {
 
@@ -23,7 +23,7 @@ class Deliver {
 			);
 
 			if ($r) {
-				queue_deliver($r[0], true);
+				Queue::deliver($r[0], true);
 			}
 
 		}

Zotlabs/Daemon/Delxitems.php

@@ -0,0 +1,25 @@
+<?php
+
+namespace Zotlabs\Daemon;
+
+require_once('include/connections.php');
+
+/*
+ * Daemon to remove 'item' resources in the background from a removed connection
+ */
+
+class Delxitems {
+
+	static public function run($argc, $argv) {
+
+		cli_startup();
+
+		if($argc != 3) {
+			return;
+		}
+
+		remove_abook_items($argv[1], $argv[2]);
+
+		return;
+	}
+}

Zotlabs/Daemon/Directory.php

@@ -49,8 +49,9 @@ class Directory {
 			);
 
 			// Now update all the connections
-			if ($pushall)
+			if ($pushall) {
 				Master::Summon(array('Notifier', 'refresh_all', $channel['channel_id']));
+			}
 
 			return;
 		}
@@ -74,7 +75,7 @@ class Directory {
 			 * the directory packet. That means we'll try again on the next poll run.
 			 */
 
-			$hash = random_string();
+			$hash = new_uuid();
 
 			Queue::insert(array(
 				'hash'       => $hash,
@@ -93,8 +94,8 @@ class Directory {
 		}
 
 		// Now update all the connections
-		if ($pushall)
+		if ($pushall) {
 			Master::Summon(array('Notifier', 'refresh_all', $channel['channel_id']));
-
+		}
 	}
 }

Zotlabs/Daemon/Expire.php

@@ -2,6 +2,7 @@
 
 namespace Zotlabs\Daemon;
 
+require_once('include/items.php');
 
 class Expire {
 

Zotlabs/Daemon/Externals.php

@@ -3,6 +3,7 @@
 namespace Zotlabs\Daemon;
 
 use Zotlabs\Lib\Activity;
+use Zotlabs\Lib\Libzot;
 use Zotlabs\Lib\ActivityStreams;
 use Zotlabs\Lib\ASCollection;
 
@@ -31,25 +32,55 @@ class Externals {
 				$url = $arr['url'];
 			}
 			else {
+				$networks = ['zot6'];
+
+				if (plugin_is_installed('pubcrawl')) {
+					$networks[] = 'activitypub';
+				}
+
+				stringify_array_elms($networks);
+				$networks_str = implode(',', $networks);
+
 				$randfunc = db_getfunc('RAND');
 
 				// fixme this query does not deal with directory realms.
+				//$r = q("select site_url, site_pull from site where site_url != '%s'
+						//and site_flags != %d and site_type = %d
+						//and site_dead = 0 and site_project like '%s' and site_version > '5.3.1' order by $randfunc limit 1",
+					//dbesc(z_root()),
+					//intval(DIRECTORY_MODE_STANDALONE),
+					//intval(SITE_TYPE_ZOT),
+					//dbesc('hubzilla%')
+				//);
 
-				$r = q("select site_url, site_pull from site where site_url != '%s'
-						and site_flags != %d and site_type = %d
-						and site_dead = 0 and site_project like '%s' and site_version > '5.3.1' order by $randfunc limit 1",
+				$r = q("SELECT * FROM hubloc
+					LEFT JOIN abook ON abook_xchan = hubloc_hash
+					LEFT JOIN site ON site_url = hubloc_url WHERE
+					hubloc_network IN ( $networks_str ) AND
+					abook_xchan IS NULL AND
+					hubloc_url != '%s' AND
+					hubloc_updated > '%s' AND
+					hubloc_primary = 1 AND hubloc_deleted = 0 AND
+					site_dead = 0
+					ORDER BY $randfunc LIMIT 1",
 					dbesc(z_root()),
-					intval(DIRECTORY_MODE_STANDALONE),
-					intval(SITE_TYPE_ZOT),
-					dbesc('hubzilla%')
+					datetime_convert('UTC', 'UTC', 'now - 30 days')
 				);
-				if ($r)
-					$url = $r[0]['site_url'];
+
+				$contact = $r[0];
+
+				if ($contact) {
+					$url = $contact['hubloc_id_url'];
+				}
+			}
+
+			if (!$url) {
+				continue;
 			}
 
 			$blacklisted = false;
 
-			if (!check_siteallowed($url)) {
+			if (!check_siteallowed($contact['hubloc_url'])) {
 				logger('blacklisted site: ' . $url);
 				$blacklisted = true;
 			}
@@ -59,123 +90,67 @@ class Externals {
 			// make sure we can eventually break out if somebody blacklists all known sites
 
 			if ($blacklisted) {
-				if ($attempts > 20)
+				if ($attempts > 5)
 					break;
 				$attempts--;
 				continue;
 			}
 
+			$cl = Activity::get_actor_collections($contact['hubloc_hash']);
+			if(empty($cl)) {
+				$cl = get_xconfig($contact['hubloc_hash'], 'activitypub', 'collections');
+			}
+
+			if (is_array($cl) && array_key_exists('outbox', $cl)) {
+				$url = $cl['outbox'];
+			}
+			else {
+				$url = str_replace('/channel/', '/outbox/', $contact['hubloc_id_url']);
+				if ($url) {
+					$url .= '?top=1';
+				}
+			}
+
 			if ($url) {
+				logger('fetching outbox: ' . $url);
 
-				$max = intval(get_config('system', 'max_imported_posts', 30));
-				if (intval($max)) {
-					logger('externals: fetching outbox');
+				$obj      = new ASCollection($url, $importer, 0, 10);
+				$messages = $obj->get();
 
-					$feed_url = $url . '/zotfeed';
-					$obj      = new ASCollection($feed_url, $importer, 0, $max);
-					$messages = $obj->get();
+				if ($messages) {
+					foreach ($messages as $message) {
+						if (is_string($message)) {
+							$message = Activity::fetch($message, $importer);
+						}
 
-					if ($messages) {
-						foreach ($messages as $message) {
-							if (is_string($message)) {
-								$message = Activity::fetch($message, $importer);
-							}
-							$AS = new ActivityStreams($message);
-							if ($AS->is_valid() && is_array($AS->obj)) {
-								$item = Activity::decode_note($AS);
-								Activity::store($importer, $importer['xchan_hash'], $AS, $item, true);
-								$total++;
+						if ($message['type'] !== 'Create') {
+							continue;
+						}
+
+						if ($contact['hubloc_network'] === 'zot6') {
+							// make sure we only fetch top level items
+							if (isset($message['object']['inReplyTo'])) {
+								continue;
 							}
+
+							$obj_id = isset($message['object']['id']) ?? $message['object'];
+
+							Libzot::fetch_conversation($importer, $obj_id);
+							$total++;
+							continue;
+						}
+
+						$AS = new ActivityStreams($message);
+						if ($AS->is_valid() && is_array($AS->obj)) {
+							$item = Activity::decode_note($AS);
+							Activity::store($importer, $contact['abook_xchan'], $AS, $item);
+							$total++;
 						}
 					}
-					logger('externals: import_public_posts: ' . $total . ' messages imported', LOGGER_DEBUG);
 				}
+				logger('fetched messages count: ' . $total);
 			}
 		}
 		return;
-
-		/*		$total    = 0;
-				$attempts = 0;
-
-				logger('externals: startup', LOGGER_DEBUG);
-
-				// pull in some public posts
-
-				while ($total == 0 && $attempts < 3) {
-					$arr = ['url' => ''];
-					call_hooks('externals_url_select', $arr);
-
-					if ($arr['url']) {
-						$url = $arr['url'];
-					}
-					else {
-						$randfunc = db_getfunc('RAND');
-
-						// fixme this query does not deal with directory realms.
-
-						$r = q("select site_url, site_pull from site where site_url != '%s' and site_flags != %d and site_type = %d and site_dead = 0 order by $randfunc limit 1",
-							dbesc(z_root()),
-							intval(DIRECTORY_MODE_STANDALONE),
-							intval(SITE_TYPE_ZOT)
-						);
-						if ($r)
-							$url = $r[0]['site_url'];
-					}
-
-					$blacklisted = false;
-
-					if (!check_siteallowed($url)) {
-						logger('blacklisted site: ' . $url);
-						$blacklisted = true;
-					}
-
-					$attempts++;
-
-					// make sure we can eventually break out if somebody blacklists all known sites
-
-					if ($blacklisted) {
-						if ($attempts > 20)
-							break;
-						$attempts--;
-						continue;
-					}
-
-					if ($url) {
-						if ($r[0]['site_pull'] > NULL_DATE)
-							$mindate = urlencode(datetime_convert('', '', $r[0]['site_pull'] . ' - 1 day'));
-						else {
-							$days = get_config('externals', 'since_days');
-							if ($days === false)
-								$days = 15;
-							$mindate = urlencode(datetime_convert('', '', 'now - ' . intval($days) . ' days'));
-						}
-
-						$feedurl = $url . '/zotfeed?f=&mindate=' . $mindate;
-
-						logger('externals: pulling public content from ' . $feedurl, LOGGER_DEBUG);
-
-						$x = z_fetch_url($feedurl);
-						if (($x) && ($x['success'])) {
-
-							q("update site set site_pull = '%s' where site_url = '%s'",
-								dbesc(datetime_convert()),
-								dbesc($url)
-							);
-
-							$j = json_decode($x['body'], true);
-							if ($j['success'] && $j['messages']) {
-								$sys = get_sys_channel();
-								foreach ($j['messages'] as $message) {
-									// on these posts, clear any route info.
-									$message['route'] = '';
-									process_delivery(['hash' => 'undefined'], get_item_elements($message),
-										[['hash' => $sys['xchan_hash']]], false, true);
-									$total++;
-								}
-								logger('externals: import_public_posts: ' . $total . ' messages imported', LOGGER_DEBUG);
-							}
-						}
-					}
-				}*/
 	}
 }

Zotlabs/Daemon/File_importer.php

@@ -0,0 +1,71 @@
+<?php
+
+namespace Zotlabs\Daemon;
+
+use Zotlabs\Web\HTTPSig;
+use Zotlabs\Lib\PConfig;
+
+
+require_once('include/cli_startup.php');
+require_once('include/attach.php');
+require_once('include/import.php');
+
+class File_importer {
+
+	static public function run($argc,$argv) {
+
+		cli_startup();
+
+		$page = $argv[1];
+		$channel_address = $argv[2];
+		$hz_server = urldecode($argv[3]);
+
+		$m = parse_url($hz_server);
+
+		$channel = channelx_by_nick($channel_address);
+		if(! $channel) {
+			logger('channel not found');
+			return;
+		}
+
+		$headers = [
+			'X-API-Token'      => random_string(),
+			'X-API-Request'    => $hz_server . '/api/z/1.0/file/export_page?f=records=1&page=' . $page,
+			'Host'             => $m['host'],
+			'(request-target)' => 'get /api/z/1.0/file/export_page?f=records=1&page=' . $page,
+		];
+
+		$headers = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel),true,'sha512');
+
+		// TODO: implement total count
+		$x = z_fetch_url($hz_server . '/api/z/1.0/file/export_page?f=records=1&page=' . $page, false, $redirects, [ 'headers' => $headers ]);
+		// logger('file fetch: ' . print_r($x,true));
+
+		if(! $x['success']) {
+			logger('no API response',LOGGER_DEBUG);
+			killme();
+		}
+
+		$j = json_decode($x['body'],true);
+
+		if(! is_array($j['results'][0]['attach']) || ! count($j['results'][0]['attach'])) {
+			PConfig::Set($channel['channel_id'], 'import', 'files_completed', 1);
+			return;
+		}
+
+		$r = sync_files($channel, $j['results']);
+
+		PConfig::Set($channel['channel_id'], 'import', 'files_progress', [
+			'files_total' => $j['total'],
+			'files_page' => 1, // export page atm returns just one file
+			'last_page' => $page,
+			'next_cmd' => ['File_importer',sprintf('%d',$page + 1), $channel['channel_address'], urlencode($hz_server)]
+		]);
+
+		$page++;
+
+		Master::Summon([ 'File_importer',sprintf('%d',$page), $channel['channel_address'], urlencode($hz_server) ]);
+
+		return;
+	}
+}

Zotlabs/Daemon/Onedirsync.php

@@ -5,10 +5,6 @@ namespace Zotlabs\Daemon;
 use Zotlabs\Lib\Libzot;
 use Zotlabs\Lib\Libzotdir;
 
-require_once('include/zot.php');
-require_once('include/dir_fns.php');
-
-
 class Onedirsync {
 
 	static public function run($argc, $argv) {
@@ -29,6 +25,7 @@ class Onedirsync {
 
 		if (!$r)
 			return;
+
 		if (($r[0]['ud_flags'] & UPDATE_FLAGS_UPDATED) || (!$r[0]['ud_addr']))
 			return;
 
@@ -54,25 +51,24 @@ class Onedirsync {
 		// ignore doing an update if this ud_addr refers to a known dead hubloc
 
 		$h = q("select * from hubloc where hubloc_addr = '%s'",
-			dbesc($r[0]['ud_addr'])
+			dbesc($r[0]['ud_addr']),
 		);
 
 		$h = Libzot::zot_record_preferred($h);
 
-		if (($h) && ($h['hubloc_status'] & HUBLOC_OFFLINE)) {
+		if (($h) && (($h['hubloc_status'] & HUBLOC_OFFLINE) || $h['hubloc_deleted'] || $h['hubloc_error'])) {
 			q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and ( ud_flags & %d ) = 0 ",
-				intval(UPDATE_FLAGS_UPDATED),
+				intval(UPDATE_FLAGS_DELETED),
 				dbesc($r[0]['ud_addr']),
 				intval(UPDATE_FLAGS_UPDATED)
 			);
-
 			return;
 		}
 
 		// we might have to pull this out some day, but for now update_directory_entry()
 		// runs zot_finger() and is kind of zot specific
 
-		if ($h && !in_array($h['hubloc_network'], ['zot6', 'zot']))
+		if ($h && $h['hubloc_network'] !== 'zot6')
 			return;
 
 		Libzotdir::update_directory_entry($r[0]);

Zotlabs/Daemon/Onepoll.php

@@ -8,6 +8,7 @@ use Zotlabs\Lib\ASCollection;
 use Zotlabs\Lib\Libzot;
 
 require_once('include/socgraph.php');
+require_once('include/feedutils.php');
 
 class Onepoll {
 
@@ -44,18 +45,14 @@ class Onepoll {
 			return;
 		}
 
-		$contact      = array_shift($contacts);
+		$contact      = $contacts[0];
 		$importer_uid = $contact['abook_channel'];
 
-		$r = q("SELECT * from channel left join xchan on channel_hash = xchan_hash where channel_id = %d limit 1",
-			intval($importer_uid)
-		);
+		$importer = channelx_by_n($importer_uid);
 
-		if (!$r)
+		if (!$importer)
 			return;
 
-		$importer = $r[0];
-
 		logger("onepoll: poll: ({$contact['id']}) IMPORTER: {$importer['xchan_name']}, CONTACT: {$contact['xchan_name']}");
 
 		$last_update = ((($contact['abook_updated'] === $contact['abook_created']) || ($contact['abook_updated'] <= NULL_DATE))
@@ -75,16 +72,12 @@ class Onepoll {
 			return;
 		}
 
-		if (!in_array($contact['xchan_network'], ['zot', 'zot6']))
+		if ($contact['xchan_network'] !== 'zot6')
 			return;
 
 		// update permissions
 
-		if ($contact['xchan_network'] === 'zot6')
-			$x = Libzot::refresh($contact, $importer);
-
-		if ($contact['xchan_network'] === 'zot')
-			$x = zot_refresh($contact, $importer);
+		$x = Libzot::refresh($contact, $importer);
 
 		$responded = false;
 		$updated   = datetime_convert();
@@ -109,46 +102,63 @@ class Onepoll {
 			return;
 
 		$fetch_feed = true;
-		$x          = null;
 
 		// They haven't given us permission to see their stream
-
 		$can_view_stream = intval(get_abconfig($importer_uid, $contact['abook_xchan'], 'their_perms', 'view_stream'));
 
-		if (!$can_view_stream)
+		if (!$can_view_stream) {
 			$fetch_feed = false;
+		}
 
 		// we haven't given them permission to send us their stream
-
 		$can_send_stream = intval(get_abconfig($importer_uid, $contact['abook_xchan'], 'my_perms', 'send_stream'));
 
-		if (!$can_send_stream)
+		if (!$can_send_stream) {
 			$fetch_feed = false;
+		}
 
-		if ($fetch_feed && $contact['xchan_network'] !== 'zot') {
+		if ($fetch_feed) {
 
 			$max = intval(get_config('system', 'max_imported_posts', 30));
 
 			if (intval($max)) {
-				$cl = get_xconfig($contact['abook_xchan'], 'activitypub', 'collections');
+				$cl = Activity::get_actor_collections($contact['abook_xchan']);
+				if(empty($cl)) {
+					$cl = get_xconfig($contact['abook_xchan'], 'activitypub', 'collections');
+				}
 
-				if (is_array($cl) && $cl) {
-					$url = ((array_key_exists('outbox', $cl)) ? $cl['outbox'] : '');
+				if (is_array($cl) && array_key_exists('outbox', $cl)) {
+					$url = $cl['outbox'];
 				}
 				else {
-					$url = str_replace('/poco/', '/zotfeed/', $contact['xchan_connurl']);
+					$url = str_replace('/poco/', '/outbox/', $contact['xchan_connurl']);
 				}
 
 				if ($url) {
 					logger('fetching outbox');
-					$url      = $url . '?date_begin=' .  urlencode($last_update);
+					$url = $url . '?date_begin=' .  urlencode($last_update);
+
+					if($contact['xchan_network'] === 'zot6') {
+						$url = $url . '&top=1';
+					}
+
 					$obj      = new ASCollection($url, $importer, 0, $max);
 					$messages = $obj->get();
+
 					if ($messages) {
 						foreach ($messages as $message) {
 							if (is_string($message)) {
 								$message = Activity::fetch($message, $importer);
 							}
+
+							if ($contact['xchan_network'] === 'zot6') {
+								// make sure we only fetch top level items
+								if ($message['type'] === 'Create' && !isset($message['object']['inReplyTo'])) {
+									Libzot::fetch_conversation($importer, $message['object']['id']);
+								}
+								continue;
+							}
+
 							$AS = new ActivityStreams($message);
 							if ($AS->is_valid() && is_array($AS->obj)) {
 								$item = Activity::decode_note($AS);
@@ -160,55 +170,13 @@ class Onepoll {
 			}
 		}
 
-		/*			if ($fetch_feed) {
-
-						if (strpos($contact['xchan_connurl'], z_root()) === 0) {
-							// local channel - save a network fetch
-							$c = channelx_by_hash($contact['xchan_hash']);
-							if ($c) {
-								$x = [
-									'success' => true,
-									'body'    => json_encode([
-										'success'  => true,
-										'messages' => zot_feed($c['channel_id'], $importer['xchan_hash'], ['mindate' => $last_update])
-									])
-								];
-							}
-						}
-						else {
-							// remote fetch
-
-							$feedurl = str_replace('/poco/', '/zotfeed/', $contact['xchan_connurl']);
-							$feedurl .= '?f=&mindate=' . urlencode($last_update) . '&zid=' . $importer['channel_address'] . '@' . App::get_hostname();
-							$recurse = 0;
-							$x       = z_fetch_url($feedurl, false, $recurse, ['session' => true]);
-						}
-
-						logger('feed_update: ' . print_r($x, true), LOGGER_DATA);
-					}
-
-					if (($x) && ($x['success'])) {
-						$total = 0;
-						logger('onepoll: feed update ' . $contact['xchan_name'] . ' ' . $feedurl);
-
-						$j = json_decode($x['body'], true);
-						if ($j['success'] && $j['messages']) {
-							foreach ($j['messages'] as $message) {
-								$results = process_delivery(['hash' => $contact['xchan_hash']], get_item_elements($message),
-									[['hash' => $importer['xchan_hash']]], false);
-								logger('onepoll: feed_update: process_delivery: ' . print_r($results, true), LOGGER_DATA);
-								$total++;
-							}
-							logger("onepoll: $total messages processed");
-						}
-					}
-		*/
-
 		// update the poco details for this connection
 		$r = q("SELECT xlink_id from xlink where xlink_xchan = '%s' and xlink_updated > %s - INTERVAL %s and xlink_static = 0 limit 1",
 			intval($contact['xchan_hash']),
-			db_utcnow(), db_quoteinterval('1 DAY')
+			db_utcnow(),
+			db_quoteinterval('1 DAY')
 		);
+
 		if (!$r) {
 			poco_load($contact['xchan_hash'], $contact['xchan_connurl']);
 		}

Zotlabs/Daemon/Poller.php

@@ -69,11 +69,11 @@ class Poller {
 			abook.abook_channel, abook.abook_id, abook.abook_archived, abook.abook_pending,
 			abook.abook_ignored, abook.abook_blocked,
 			xchan.xchan_network,
-			account.account_lastlog, account.account_flags 
-			FROM abook LEFT JOIN xchan on abook_xchan = xchan_hash 
+			account.account_lastlog, account.account_flags
+			FROM abook LEFT JOIN xchan on abook_xchan = xchan_hash
 			LEFT JOIN account on abook_account = account_id
 			where abook_self = 0
-			$sql_extra 
+			$sql_extra
 			AND (( account_flags = %d ) OR ( account_flags = %d )) $abandon_sql ORDER BY $randfunc",
 			intval(ACCOUNT_OK),
 			intval(ACCOUNT_UNVERIFIED)     // FIXME
@@ -102,8 +102,7 @@ class Poller {
 					continue;
 				}
 
-
-				if (!in_array($contact['xchan_network'], ['zot', 'zot6']))
+				if ($contact['xchan_network'] !== 'zot6')
 					continue;
 
 				if ($c == $t) {
@@ -191,7 +190,7 @@ class Poller {
 
 		set_config('system', 'lastpoll', datetime_convert());
 
-		//All done - clear the lockfile	
+		//All done - clear the lockfile
 
 		@unlink($lockfile);
 

Zotlabs/Daemon/Queue.php

@@ -2,8 +2,7 @@
 
 namespace Zotlabs\Daemon;
 
-require_once('include/queue_fn.php');
-require_once('include/zot.php');
+use Zotlabs\Lib\Queue as LibQueue;
 
 class Queue {
 
@@ -28,7 +27,7 @@ class Queue {
 		if ($r) {
 			foreach ($r as $rr) {
 				$h       = parse_url($rr['outq_posturl']);
-				$desturl = $h['scheme'] . '://' . $h['host'] . (($h['port']) ? ':' . $h['port'] : '');
+				$desturl = $h['scheme'] . '://' . $h['host'] . (isset($h['port']) ? ':' . $h['port'] : '');
 				q("update site set site_dead = 1 where site_dead = 0 and site_url = '%s' and site_update < %s - INTERVAL %s",
 					dbesc($desturl),
 					db_utcnow(), db_quoteinterval('1 MONTH')
@@ -48,17 +47,17 @@ class Queue {
 		else {
 
 			// For the first 12 hours we'll try to deliver every 15 minutes
-			// After that, we'll only attempt delivery once per hour. 
-			// This currently only handles the default queue drivers ('zot' or '') which we will group by posturl 
+			// After that, we'll only attempt delivery once per hour.
+			// This currently only handles the default queue drivers ('zot' or '') which we will group by posturl
 			// so that we don't start off a thousand deliveries for a couple of dead hubs.
 			// The zot driver will deliver everything destined for a single hub once contact is made (*if* contact is made).
 			// Other drivers will have to do something different here and may need their own query.
 
-			// Note: this requires some tweaking as new posts to long dead hubs once a day will keep them in the 
+			// Note: this requires some tweaking as new posts to long dead hubs once a day will keep them in the
 			// "every 15 minutes" category. We probably need to prioritise them when inserted into the queue
 			// or just prior to this query based on recent and long-term delivery history. If we have good reason to believe
-			// the site is permanently down, there's no reason to attempt delivery at all, or at most not more than once 
-			// or twice a day. 
+			// the site is permanently down, there's no reason to attempt delivery at all, or at most not more than once
+			// or twice a day.
 
 			$sqlrandfunc = db_getfunc('rand');
 
@@ -67,7 +66,7 @@ class Queue {
 			);
 			while ($r) {
 				foreach ($r as $rv) {
-					queue_deliver($rv);
+					LibQueue::deliver($rv);
 				}
 				$r = q("SELECT *,$sqlrandfunc as rn FROM outq WHERE outq_delivered = 0 and outq_scheduled < %s order by rn limit 1",
 					db_utcnow()
@@ -78,7 +77,7 @@ class Queue {
 			return;
 
 		foreach ($r as $rv) {
-			queue_deliver($rv);
+			LibQueue::deliver($rv);
 		}
 	}
 }

Zotlabs/Daemon/Ratenotif.php

@@ -1,126 +0,0 @@
-<?php
-
-namespace Zotlabs\Daemon;
-
-require_once('include/zot.php');
-require_once('include/queue_fn.php');
-
-
-class Ratenotif {
-
-	static public function run($argc,$argv) {
-
-
-		// Deprecated
-		return;
-
-
-		require_once("datetime.php");
-		require_once('include/items.php');
-
-		if($argc < 3)
-			return;
-
-
-		logger('ratenotif: invoked: ' . print_r($argv,true), LOGGER_DEBUG);
-
-		$cmd = $argv[1];
-
-		$item_id = $argv[2];
-
-
-		if($cmd === 'rating') {
-			$r = q("select * from xlink where xlink_id = %d and xlink_static = 1 limit 1",
-				intval($item_id)
-			);
-			if(! $r) {
-				logger('rating not found');
-				return;
-			}
-
-			$encoded_item = array(
-				'type' => 'rating', 
-				'encoding' => 'zot',
-				'target' => $r[0]['xlink_link'],
-				'rating' => intval($r[0]['xlink_rating']),
-				'rating_text' => $r[0]['xlink_rating_text'],
-				'signature' => $r[0]['xlink_sig'],
-				'edited' => $r[0]['xlink_updated']
-			);
-		}
-
-		$channel = channelx_by_hash($r[0]['xlink_xchan']);
-		if(! $channel) {
-			logger('no channel');
-			return;
-		}
-
-
-		$primary = get_directory_primary();
-	
-		if(! $primary)
-			return;
-
-
-		$interval = ((get_config('system','delivery_interval') !== false) 
-			? intval(get_config('system','delivery_interval')) : 2 );
-
-		$deliveries_per_process = intval(get_config('system','delivery_batch_count'));
-
-		if($deliveries_per_process <= 0)
-			$deliveries_per_process = 1;
-
-		$deliver = array();
-
-		$x = z_fetch_url($primary . '/regdir');
-		if($x['success']) {
-			$j = json_decode($x['body'],true);
-			if($j && $j['success'] && is_array($j['directories'])) {
-
-				foreach($j['directories'] as $h) {
-					if($h == z_root())
-						continue;
-
-					$hash = random_string();
-					$n = zot_build_packet($channel,'notify',null,null,'',$hash);
-
-					queue_insert(array(
-						'hash'       => $hash,
-						'account_id' => $channel['channel_account_id'],
-						'channel_id' => $channel['channel_id'],
-						'posturl'    => $h . '/post',
-						'notify'     => $n,
-						'msg'        => json_encode($encoded_item)
-					));
-
-
-					$x = q("select count(outq_hash) as total from outq where outq_delivered = 0");
-					if(intval($x[0]['total']) > intval(get_config('system','force_queue_threshold',300))) {
-						logger('immediate delivery deferred.', LOGGER_DEBUG, LOG_INFO);
-						update_queue_item($hash);
-						continue;
-					}
-
-					$deliver[] = $hash;
-	
-					if(count($deliver) >= $deliveries_per_process) {
-						Master::Summon(array('Deliver',$deliver));
-						$deliver = array();
-						if($interval)
-							@time_sleep_until(microtime(true) + (float) $interval);
-					}
-				}
-	
-				// catch any stragglers
-	
-				if(count($deliver)) {
-					Master::Summon(array('Deliver',$deliver));
-				}
-			}
-		}
-		
-		logger('ratenotif: complete.');
-		return;
-
-	}
-}

Zotlabs/Daemon/Thumbnail.php

@@ -45,7 +45,6 @@ class Thumbnail {
 			return;
 		}
 
-
 		$default_controller = null;
 
 		$files = glob('Zotlabs/Thumbs/*.php');

Zotlabs/Lib/AccessList.php

@@ -1,38 +1,37 @@
-<?php 
+<?php
 
 namespace Zotlabs\Lib;
 
-use Zotlabs\Lib\Libsync;
-
-
 class AccessList {
-	
-	static function add($uid,$name,$public = 0) {
 
-		$ret = false;
+	static function add($uid, $name, $public = 0) {
+
+		$ret  = false;
+		$hash = '';
 		if ($uid && $name) {
-			$r = self::byname($uid,$name); // check for dups
+			$r = self::by_name($uid, $name); // check for dups
 			if ($r !== false) {
 
-				// This could be a problem. 
+				// This could be a problem.
 				// Let's assume we've just created a list which we once deleted
 				// all the old members are gone, but the list remains so we don't break any security
 				// access lists. What we're doing here is reviving the dead list, but old content which
-				// was restricted to this list may now be seen by the new list members. 
+				// was restricted to this list may now be seen by the new list members.
 
 				$z = q("SELECT * FROM pgrp WHERE id = %d LIMIT 1",
 					intval($r)
 				);
-				if(($z) && $z[0]['deleted']) {
+				if (($z) && $z[0]['deleted']) {
 					q('UPDATE pgrp SET deleted = 0 WHERE id = %d', intval($z[0]['id']));
-					notice( t('A deleted list with this name was revived. Existing item permissions <strong>may</strong> apply to this list and any future members. If this is not what you intended, please create another list with a different name.') . EOL); 
+					notice(t('A deleted privacy group with this name was revived. Existing item permissions <strong>may</strong> apply to this privacy group and any future members. If this is not what you intended, please create another privacy group with a different name.') . EOL);
 				}
-				return true;
+				$hash = self::by_id($uid, $r);
+				return $hash;
 			}
 
 			$hash = new_uuid();
 
-			$r = q("INSERT INTO pgrp ( hash, uid, visible, gname )
+			$r   = q("INSERT INTO pgrp ( hash, uid, visible, gname )
 				VALUES( '%s', %d, %d, '%s' ) ",
 				dbesc($hash),
 				intval($uid),
@@ -42,12 +41,12 @@ class AccessList {
 			$ret = $r;
 		}
 
-		Libsync::build_sync_packet($uid,null,true);
-		return $ret;
+		Libsync::build_sync_packet($uid, null, true);
+
+		return (($ret) ? $hash : $ret);
 	}
 
-
-	static function remove($uid,$name) {
+	static function remove($uid, $name) {
 		$ret = false;
 		if ($uid && $name) {
 			$r = q("SELECT id, hash FROM pgrp WHERE uid = %d AND gname = '%s' LIMIT 1",
@@ -55,36 +54,36 @@ class AccessList {
 				dbesc($name)
 			);
 			if ($r) {
-				$group_id = $r[0]['id'];
+				$group_id   = $r[0]['id'];
 				$group_hash = $r[0]['hash'];
 			}
 			else {
 				return false;
 			}
-			
+
 			// remove group from default posting lists
 			$r = q("SELECT channel_default_group, channel_allow_gid, channel_deny_gid FROM channel WHERE channel_id = %d LIMIT 1",
-			       intval($uid)
+				intval($uid)
 			);
 			if ($r) {
 				$user_info = array_shift($r);
-				$change = false;
+				$change    = false;
 
 				if ($user_info['channel_default_group'] == $group_hash) {
 					$user_info['channel_default_group'] = '';
-					$change = true;
+					$change                             = true;
 				}
 				if (strpos($user_info['channel_allow_gid'], '<' . $group_hash . '>') !== false) {
 					$user_info['channel_allow_gid'] = str_replace('<' . $group_hash . '>', '', $user_info['channel_allow_gid']);
-					$change = true;
+					$change                         = true;
 				}
 				if (strpos($user_info['channel_deny_gid'], '<' . $group_hash . '>') !== false) {
 					$user_info['channel_deny_gid'] = str_replace('<' . $group_hash . '>', '', $user_info['channel_deny_gid']);
-					$change = true;
+					$change                        = true;
 				}
 
 				if ($change) {
-					q("UPDATE channel SET channel_default_group = '%s', channel_allow_gid = '%s', channel_deny_gid = '%s' 
+					q("UPDATE channel SET channel_default_group = '%s', channel_allow_gid = '%s', channel_deny_gid = '%s'
 						WHERE channel_id = %d",
 						intval($user_info['channel_default_group']),
 						dbesc($user_info['channel_allow_gid']),
@@ -110,16 +109,16 @@ class AccessList {
 
 		}
 
-		Libsync::build_sync_packet($uid,null,true);
+		Libsync::build_sync_packet($uid, null, true);
 
 		return $ret;
 	}
 
 	// returns the integer id of an access group owned by $uid and named $name
 	// or false.
-	
-	static function byname($uid,$name) {
-		if (! ($uid && $name)) {
+
+	static function by_name($uid, $name) {
+		if (!($uid && $name)) {
 			return false;
 		}
 		$r = q("SELECT id FROM pgrp WHERE uid = %d AND gname = '%s' LIMIT 1",
@@ -132,11 +131,11 @@ class AccessList {
 		return false;
 	}
 
-	static function by_id($uid,$id) {
-		if (! ($uid && $id)) {
+	static function by_id($uid, $id) {
+		if (!($uid && $id)) {
 			return false;
 		}
-		
+
 		$r = q("SELECT * FROM pgrp WHERE uid = %d AND id = %d and deleted = 0",
 			intval($uid),
 			intval($id)
@@ -147,10 +146,8 @@ class AccessList {
 		return false;
 	}
 
-
-
-	static function rec_byhash($uid,$hash) {
-		if (! ( $uid && $hash)) {
+	static function by_hash($uid, $hash) {
+		if (!($uid && $hash)) {
 			return false;
 		}
 		$r = q("SELECT * FROM pgrp WHERE uid = %d AND hash = '%s' LIMIT 1",
@@ -163,46 +160,46 @@ class AccessList {
 		return false;
 	}
 
+	static function member_remove($uid, $name, $member, $gid = 0) {
+		if (!$gid) {
+			$gid = self::by_name($uid, $name);
+		}
 
-	static function member_remove($uid,$name,$member) {
-		$gid = self::byname($uid,$name);
-		if (! $gid) {
-			return false;
-		}
-		if (! ($uid && $gid && $member)) {
+		if (!($uid && $gid && $member)) {
 			return false;
 		}
+
 		$r = q("DELETE FROM pgrp_member WHERE uid = %d AND gid = %d AND xchan = '%s' ",
 			intval($uid),
 			intval($gid),
 			dbesc($member)
 		);
 
-		Libsync::build_sync_packet($uid,null,true);
+		Libsync::build_sync_packet($uid, null, true);
 
 		return $r;
 	}
 
-
-	static function member_add($uid,$name,$member,$gid = 0) {
-		if (! $gid) {
-			$gid = self::byname($uid,$name);
+	static function member_add($uid, $name, $member, $gid = 0) {
+		if (!$gid) {
+			$gid = self::by_name($uid, $name);
 		}
-		if (! ($gid && $uid && $member)) {
+		if (!($gid && $uid && $member)) {
 			return false;
 		}
 
-		$r = q("SELECT * FROM pgrp_member WHERE uid = %d AND gid = %d AND xchan = '%s' LIMIT 1",	
+		$r = q("SELECT * FROM pgrp_member WHERE uid = %d AND gid = %d AND xchan = '%s' LIMIT 1",
 			intval($uid),
 			intval($gid),
 			dbesc($member)
 		);
 		if ($r) {
-			return true;	// You might question this, but 
-				// we indicate success because the group member was in fact created
-				// -- It was just created at another time
+			return true;
+			// You might question this, but
+			// we indicate success because the group member was in fact created
+			// -- It was just created at another time
 		}
-	 	else {
+		else {
 			$r = q("INSERT INTO pgrp_member (uid, gid, xchan)
 				VALUES( %d, %d, '%s' ) ",
 				intval($uid),
@@ -210,15 +207,14 @@ class AccessList {
 				dbesc($member)
 			);
 		}
-		Libsync::build_sync_packet($uid,null,true);
+		Libsync::build_sync_packet($uid, null, true);
 		return $r;
 	}
 
-
 	static function members($uid, $gid) {
 		$ret = [];
 		if (intval($gid)) {
-			$r = q("SELECT * FROM pgrp_member 
+			$r = q("SELECT * FROM pgrp_member
 				LEFT JOIN abook ON abook_xchan = pgrp_member.xchan left join xchan on xchan_hash = abook_xchan
 				WHERE gid = %d AND abook_channel = %d and pgrp_member.uid = %d and xchan_deleted = 0 and abook_self = 0 and abook_blocked = 0 and abook_pending = 0 ORDER BY xchan_name ASC ",
 				intval($gid),
@@ -232,7 +228,7 @@ class AccessList {
 		return $ret;
 	}
 
-	static function members_xchan($uid,$gid) {
+	static function members_xchan($uid, $gid) {
 		$ret = [];
 		if (intval($gid)) {
 			$r = q("SELECT xchan FROM pgrp_member WHERE gid = %d AND uid = %d",
@@ -248,99 +244,124 @@ class AccessList {
 		return $ret;
 	}
 
-	static function members_profile_xchan($uid,$gid) {
+	static function profile_members_xchan($uid,$gid) {
 		$ret = [];
-		if (intval($gid)) {
+
+		if(intval($gid)) {
 			$r = q("SELECT abook_xchan as xchan from abook left join profile on abook_profile = profile_guid where profile.id = %d and profile.uid = %d",
 				intval($gid),
 				intval($uid)
 			);
-			if ($r) {
-				foreach($r as $rv) {
-					$ret[] = $rv['xchan'];
+			if($r) {
+				foreach($r as $rr) {
+					$ret[] = $rr['xchan'];
 				}
 			}
 		}
 		return $ret;
 	}
 
+	static function select($uid, $options) {
 
+		$selected = $options['selected'] ?? '';
+		$form_id = $options['form_id'] ?? 'accesslist_select';
+		$label = $options['label'] ?? t('Select a privacy group');
+		$before = $options['before'] ?? [];
+		$after = $options['after'] ?? [];
 
-
-	static function select($uid,$group = '') {
-	
 		$grps = [];
+		$o = '';
+
+		$grps[] = [
+			'name' => '',
+			'id' => '0',
+			'selected' => false
+		];
+
+		if ($before) {
+			$grps[] = $before;
+		}
 
 		$r = q("SELECT * FROM pgrp WHERE deleted = 0 AND uid = %d ORDER BY gname ASC",
 			intval($uid)
 		);
-		$grps[] = [ 'name' => '', 'hash' => '0', 'selected' => '' ];
-		if ($r) {
-			foreach ($r as $rr) {
-				$grps[] = [ 'name' => $rr['gname'], 'id' => $rr['hash'], 'selected' => (($group == $rr['hash']) ? 'true' : '') ];
-			}
 
+		if($r) {
+			foreach($r as $rr) {
+				$grps[] = [
+					'name' => $rr['gname'],
+					'id' => $rr['hash'],
+					'selected' => ($selected == $rr['hash'])
+				];
+			}
 		}
-		
-		return replace_macros(get_markup_template('group_selection.tpl'), [
-			'$label' => t('Add new connections to this access list'),
-			'$groups' => $grps 
-		]);
+
+		if ($after) {
+			$grps[] = $after;
+		}
+
+		logger('select: ' . print_r($grps,true), LOGGER_DATA);
+
+		$o = replace_macros(get_markup_template('group_selection.tpl'), array(
+			'$label' => $label,
+			'$form_id' => $form_id,
+			'$groups' => $grps
+		));
+
+		return $o;
 	}
 
-
-	static function widget($every="connections",$each="lists",$edit = false, $group_id = 0, $cid = '',$mode = 1) {
-
-		$o = '';
+/* deprecated
+	static function widget($every = "connections", $each = "lists", $edit = false, $group_id = 0, $cid = '', $mode = 1) {
 
 		$groups = [];
 
-		$r = q("SELECT * FROM pgrp WHERE deleted = 0 AND uid = %d ORDER BY gname ASC",
+		$r         = q("SELECT * FROM pgrp WHERE deleted = 0 AND uid = %d ORDER BY gname ASC",
 			intval($_SESSION['uid'])
 		);
 		$member_of = [];
 		if ($cid) {
-			$member_of = self::containing(local_channel(),$cid);
-		} 
+			$member_of = self::containing(local_channel(), $cid);
+		}
 
 		if ($r) {
 			foreach ($r as $rr) {
 				$selected = (($group_id == $rr['id']) ? ' group-selected' : '');
-			
+
 				if ($edit) {
-					$groupedit = [ 'href' => "lists/".$rr['id'], 'title' => t('edit') ];
-				} 
+					$groupedit = ['href' => "lists/" . $rr['id'], 'title' => t('edit')];
+				}
 				else {
 					$groupedit = null;
 				}
-			
+
 				$groups[] = [
-					'id'		=> $rr['id'],
-					'enc_cid'   => base64url_encode($cid),
-					'cid'		=> $cid,
-					'text' 		=> $rr['gname'],
-					'selected' 	=> $selected,
-					'href'		=> (($mode == 0) ? $each.'?f=&gid='.$rr['id'] : $each."/".$rr['id']) . ((x($_GET,'new')) ? '&new=' . $_GET['new'] : '') . ((x($_GET,'order')) ? '&order=' . $_GET['order'] : ''),
-					'edit'		=> $groupedit,
-					'ismember'	=> in_array($rr['id'],$member_of),
+					'id'       => $rr['id'],
+					'enc_cid'  => base64url_encode($cid),
+					'cid'      => $cid,
+					'text'     => $rr['gname'],
+					'selected' => $selected,
+					'href'     => (($mode == 0) ? $each . '?f=&gid=' . $rr['id'] : $each . "/" . $rr['id']) . ((x($_GET, 'new')) ? '&new=' . $_GET['new'] : '') . ((x($_GET, 'order')) ? '&order=' . $_GET['order'] : ''),
+					'edit'     => $groupedit,
+					'ismember' => in_array($rr['id'], $member_of),
 				];
 			}
 		}
-		
+
 		return replace_macros(get_markup_template('group_side.tpl'), [
-			'$title'		=> t('Lists'),
-			'$edittext'     => t('Edit list'),
-			'$createtext' 	=> t('Create new list'),
-			'$ungrouped'    => (($every === 'contacts') ? t('Channels not in any access list') : ''),
-			'$groups'		=> $groups,
-			'$add'			=> t('add'),
+			'$title'      => t('Privacy Groups'),
+			'$edittext'   => t('Edit group'),
+			'$createtext' => t('Create new group'),
+			'$ungrouped'  => (($every === 'contacts') ? t('Channels not in any privacy group') : ''),
+			'$groups'     => $groups,
+			'$add'        => t('Add'),
 		]);
 
 	}
-
+*/
 
 	static function expand($g) {
-		if (! (is_array($g) && count($g))) {
+		if (!(is_array($g) && count($g))) {
 			return [];
 		}
 
@@ -350,8 +371,8 @@ class AccessList {
 		// private profile linked virtual groups
 
 		foreach ($g as $gv) {
-			if (substr($gv,0,3) === 'vp.') {
-				$profile_hash = substr($gv,3);
+			if (substr($gv, 0, 3) === 'vp.') {
+				$profile_hash = substr($gv, 3);
 				if ($profile_hash) {
 					$r = q("select abook_xchan from abook where abook_profile = '%s'",
 						dbesc($profile_hash)
@@ -366,10 +387,10 @@ class AccessList {
 			else {
 				$x[] = $gv;
 			}
-		}								 
+		}
 
 		if ($x) {
-			stringify_array_elms($x,true);
+			stringify_array_elms($x, true);
 			$groups = implode(',', $x);
 			if ($groups) {
 				$r = q("SELECT xchan FROM pgrp_member WHERE gid IN ( select id from pgrp where hash in ( $groups ))");
@@ -383,9 +404,8 @@ class AccessList {
 		return $ret;
 	}
 
-
 	static function member_of($c) {
-		$r = q("SELECT pgrp.gname, pgrp.id FROM pgrp LEFT JOIN pgrp_member ON pgrp_member.gid = pgrp.id 
+		$r = q("SELECT pgrp.gname, pgrp.id FROM pgrp LEFT JOIN pgrp_member ON pgrp_member.gid = pgrp.id
 			WHERE pgrp_member.xchan = '%s' AND pgrp.deleted = 0 ORDER BY pgrp.gname  ASC ",
 			dbesc($c)
 		);
@@ -393,7 +413,7 @@ class AccessList {
 		return $r;
 	}
 
-	static function containing($uid,$c) {
+	static function containing($uid, $c) {
 
 		$r = q("SELECT gid FROM pgrp_member WHERE uid = %d AND pgrp_member.xchan = '%s' ",
 			intval($uid),
@@ -405,7 +425,8 @@ class AccessList {
 			foreach ($r as $rv)
 				$ret[] = $rv['gid'];
 		}
-		
+
 		return $ret;
 	}
-}
+
+}

Zotlabs/Lib/ActivityStreams.php

@@ -11,6 +11,7 @@ class ActivityStreams {
 
 	public $raw = null;
 	public $data = null;
+	public $meta = null;
 	public $valid = false;
 	public $deleted = false;
 	public $id = '';
@@ -36,10 +37,14 @@ class ActivityStreams {
 	 */
 	function __construct($string) {
 
+		if(!$string)
+			return;
+
 		$this->raw = $string;
 
 		if (is_array($string)) {
 			$this->data = $string;
+			$this->raw = json_encode($string, JSON_UNESCAPED_SLASHES);
 		}
 		else {
 			$this->data = json_decode($string, true);
@@ -56,10 +61,10 @@ class ActivityStreams {
 					if ($ret['signer']) {
 						$saved                     = json_encode($this->data, JSON_UNESCAPED_SLASHES);
 						$this->data                = $tmp;
-						$this->data['signer']      = $ret['signer'];
-						$this->data['signed_data'] = $saved;
+						$this->meta['signer']      = $ret['signer'];
+						$this->meta['signed_data'] = $saved;
 						if ($ret['hubloc']) {
-							$this->data['hubloc'] = $ret['hubloc'];
+							$this->meta['hubloc'] = $ret['hubloc'];
 						}
 					}
 				}
@@ -87,7 +92,7 @@ class ActivityStreams {
 
 			$this->ldsig = $this->get_compound_property('signature');
 			if ($this->ldsig) {
-				$this->signer = $this->get_compound_property('creator', $this->ldsig);
+				$this->signer = $this->get_actor('creator', $this->ldsig);
 				if ($this->signer && is_array($this->signer) && array_key_exists('publicKey', $this->signer) && is_array($this->signer['publicKey']) && $this->signer['publicKey']['publicKeyPem']) {
 					$this->sigok = LDSignatures::verify($this->data, $this->signer['publicKey']['publicKeyPem']);
 				}
@@ -285,7 +290,7 @@ class ActivityStreams {
 		if (!$s) {
 			return false;
 		}
-		return (in_array($s, ['Like', 'Dislike', 'Flag', 'Block', 'Accept', 'Reject', 'TentativeAccept', 'TentativeReject', 'emojiReaction', 'EmojiReaction', 'EmojiReact']));
+		return (in_array($s, ['Like', 'Dislike', 'Flag', 'Block', 'Announce', 'Accept', 'Reject', 'TentativeAccept', 'TentativeReject', 'emojiReaction', 'EmojiReaction', 'EmojiReact']));
 	}
 
 	/**
@@ -300,16 +305,8 @@ class ActivityStreams {
 	function get_actor($property, $base = '', $namespace = '') {
 		$x = $this->get_property_obj($property, $base, $namespace);
 		if ($this->is_url($x)) {
-
-			// SECURITY: If we have already stored the actor profile, re-generate it
-			// from cached data - don't refetch it from the network
-
-			$r = q("select * from xchan left join hubloc on xchan_hash = hubloc_hash where hubloc_id_url = '%s' limit 1",
-				dbesc($x)
-			);
-			if ($r) {
-				$y           = Activity::encode_person($r[0]);
-				$y['cached'] = true;
+			$y = Activity::get_cached_actor($x);
+			if ($y) {
 				return $y;
 			}
 		}
@@ -351,10 +348,10 @@ class ActivityStreams {
 				if ($ret['signer']) {
 					$saved            = json_encode($x, JSON_UNESCAPED_SLASHES);
 					$x                = $tmp;
-					$x['signer']      = $ret['signer'];
-					$x['signed_data'] = $saved;
+					$x['meta']['signer']      = $ret['signer'];
+					$x['meta']['signed_data'] = $saved;
 					if ($ret['hubloc']) {
-						$x['hubloc'] = $ret['hubloc'];
+						$x['meta']['hubloc'] = $ret['hubloc'];
 					}
 				}
 			}

Zotlabs/Lib/Apps.php

@@ -2,7 +2,7 @@
 
 namespace Zotlabs\Lib;
 
-use Zotlabs\Lib\Libsync;
+use App;
 
 require_once('include/plugin.php');
 require_once('include/channel.php');
@@ -21,9 +21,10 @@ class Apps {
 	 * @brief
 	 *
 	 * @param boolean $translate (optional) default true
+	 * @param boolean $sync (optional) default false used if called from sync_sysapps()
 	 * @return array
 	 */
-	static public function get_system_apps($translate = true) {
+	static public function get_system_apps($translate = true, $sync = false) {
 		$ret = [];
 
 		if(is_dir('apps'))
@@ -33,7 +34,7 @@ class Apps {
 
 		if($files) {
 			foreach($files as $f) {
-				$x = self::parse_app_description($f,$translate);
+				$x = self::parse_app_description($f, $translate, $sync);
 				if($x) {
 					$ret[] = $x;
 				}
@@ -45,7 +46,7 @@ class Apps {
 				$path = explode('/',$f);
 				$plugin = trim($path[1]);
 				if(plugin_is_installed($plugin)) {
-					$x = self::parse_app_description($f,$translate);
+					$x = self::parse_app_description($f, $translate, $sync);
 					if($x) {
 						$x['plugin'] = $plugin;
 						$ret[] = $x;
@@ -66,17 +67,17 @@ class Apps {
 	static public function get_base_apps() {
 		$x = get_config('system','base_apps',[
 			'Connections',
+			'Contact Roles',
 			'Network',
-			'Settings',
 			'Files',
-			'Channel Home',
-			'View Profile',
+			'Channel',
 			'Photos',
 			'Calendar',
 			'Directory',
 			'Search',
 			'Help',
-			'Profile Photo'
+			'HQ',
+			'Post'
 		]);
 
 		/**
@@ -207,9 +208,10 @@ class Apps {
 	 *
 	 * @param string $f filename
 	 * @param boolean $translate (optional) default true
+	 * @param boolean $sync (optional) default false
 	 * @return boolean|array
 	 */
-	static public function parse_app_description($f, $translate = true) {
+	static public function parse_app_description($f, $translate = true, $sync = false) {
 		$ret = [];
 		$matches = [];
 
@@ -255,7 +257,7 @@ class Apps {
 		if(array_key_exists('categories',$ret))
 			$ret['categories'] = str_replace(array('\'','"'),array(''','&dquot;'),$ret['categories']);
 
-		if(array_key_exists('requires',$ret)) {
+		if(array_key_exists('requires',$ret) && !$sync) {
 			$requires = explode(',',$ret['requires']);
 			foreach($requires as $require) {
 				$require = trim(strtolower($require));
@@ -307,14 +309,16 @@ class Apps {
 				}
 			}
 		}
-		if(isset($ret)) {
-			if($translate)
-				self::translate_system_apps($ret);
 
-			return $ret;
+		if(empty($ret)) {
+			return false;
 		}
 
-		return false;
+		if($translate) {
+			self::translate_system_apps($ret);
+		}
+
+		return $ret;
 	}
 
 
@@ -340,7 +344,7 @@ class Apps {
 			'Files' => t('Files'),
 			'Webpages' => t('Webpages'),
 			'Wiki' => t('Wiki'),
-			'Channel Home' => t('Channel Home'),
+			'Channel' => t('Channel'),
 			'View Profile' => t('View Profile'),
 			'Photos' => t('Photos'),
 			'Calendar' => t('Calendar'),
@@ -371,7 +375,7 @@ class Apps {
 			'OAuth Apps Manager' => t('OAuth Apps Manager'),
 			'OAuth2 Apps Manager' => t('OAuth2 Apps Manager'),
 			'PDL Editor' => t('PDL Editor'),
-			'Permission Categories' => t('Permission Categories'),
+			'Contact Roles' => t('Contact Roles'),
 			'Public Stream' => t('Public Stream'),
 			'My Chatrooms' => t('My Chatrooms'),
 			'Channel Export' => t('Channel Export')
@@ -422,7 +426,7 @@ class Apps {
 
 		self::translate_system_apps($papp);
 
-		if(trim($papp['plugin']) && (! plugin_is_installed(trim($papp['plugin']))))
+		if(isset($papp['plugin']) && trim($papp['plugin']) && (! plugin_is_installed(trim($papp['plugin']))))
 			return '';
 
 		$papp['papp'] = self::papp_encode($papp);
@@ -524,7 +528,7 @@ class Apps {
 		}
 		elseif(remote_channel()) {
 			$observer = \App::get_observer();
-			if($observer && in_array($observer['xchan_network'], ['zot6', 'zot'])) {
+			if($observer && $observer['xchan_network'] === 'zot6') {
 				// some folks might have xchan_url redirected offsite, use the connurl
 				$x = parse_url($observer['xchan_connurl']);
 				if($x) {
@@ -536,13 +540,47 @@ class Apps {
 		$install_action = (($installed) ? t('Update') : t('Install'));
 		$icon = ((strpos($papp['photo'],'icon:') === 0) ? substr($papp['photo'],5) : '');
 
+		if (!$installed && $mode === 'module') {
+			$_SESSION['return_url'] = App::$query_string;
+			return replace_macros(get_markup_template('app_install.tpl'), [
+				'$papp' => $papp,
+				'$install' => $install_action
+			]);
+		}
+
 		if($mode === 'navbar') {
+			return replace_macros(get_markup_template('app_nav_pinned.tpl'),array(
+				'$app' => $papp,
+				'$icon' => $icon,
+			));
+		}
+
+		if($mode === 'nav') {
 			return replace_macros(get_markup_template('app_nav.tpl'),array(
 				'$app' => $papp,
 				'$icon' => $icon,
 			));
 		}
 
+		if($mode === 'inline') {
+			return replace_macros(get_markup_template('app_inline.tpl'),array(
+				'$app' => $papp,
+				'$icon' => $icon,
+				'$installed' => $installed,
+				'$purchase' => ((isset($papp['page']) && (! $installed)) ? t('Purchase') : ''),
+				'$action_label' => $install_action
+			));
+		}
+
+		if(in_array($mode, ['nav-order', 'nav-order-pinned'])) {
+			return replace_macros(get_markup_template('app_order.tpl'),array(
+				'$app' => $papp,
+				'$icon' => $icon,
+				'$hosturl' => $hosturl,
+				'$mode' => $mode
+			));
+		}
+
 		if($mode === 'install') {
 			$papp['embed'] = true;
 		}
@@ -551,7 +589,7 @@ class Apps {
 			'$app' => $papp,
 			'$icon' => $icon,
 			'$hosturl' => $hosturl,
-			'$purchase' => (($papp['page'] && (! $installed)) ? t('Purchase') : ''),
+			'$purchase' => ((isset($papp['page']) && (! $installed)) ? t('Purchase') : ''),
 			'$installed' => $installed,
 			'$action_label' => (($hosturl && in_array($mode, ['view','install'])) ? $install_action : ''),
 			'$edit' => ((local_channel() && $installed && $mode == 'edit') ? t('Edit') : ''),
@@ -559,12 +597,10 @@ class Apps {
 			'$undelete' => ((local_channel() && $mode == 'edit') ? t('Undelete') : ''),
 			'$settings_url' => ((local_channel() && $installed && $mode == 'list') ? $papp['settings_url'] : ''),
 			'$deleted' => $papp['deleted'],
-			'$feature' => (($papp['embed'] || $mode == 'edit') ? false : true),
-			'$pin' => (($papp['embed'] || $mode == 'edit') ? false : true),
+			'$feature' => ((isset($papp['embed']) || $mode == 'edit') ? false : true),
+			'$pin' => ((isset($papp['embed']) || $mode == 'edit') ? false : true),
 			'$featured' => ((strpos($papp['categories'], 'nav_featured_app') === false) ? false : true),
 			'$pinned' => ((strpos($papp['categories'], 'nav_pinned_app') === false) ? false : true),
-			'$navapps' => (($mode == 'nav') ? true : false),
-			'$order' => (($mode === 'nav-order' || $mode === 'nav-order-pinned') ? true : false),
 			'$mode' => $mode,
 			'$add' => t('Add to app-tray'),
 			'$remove' => t('Remove from app-tray'),
@@ -574,6 +610,7 @@ class Apps {
 		));
 	}
 
+
 	static public function app_install($uid,$app) {
 
 		if(! is_array($app)) {
@@ -588,10 +625,12 @@ class Apps {
 
 		$app['uid'] = $uid;
 
-		if(self::app_installed($uid,$app,true))
+		if(self::app_installed($uid,$app,true)) {
 			$x = self::app_update($app);
-		else
+		}
+		else {
 			$x = self::app_store($app);
+		}
 
 		if($x['success']) {
 			$r = q("select * from app where app_id = '%s' and app_channel = %d limit 1",
@@ -599,13 +638,12 @@ class Apps {
 				intval($uid)
 			);
 			if($r) {
-				if(($app['uid']) && (! $r[0]['app_system'])) {
+				if($app['uid']) {
 					if($app['categories'] && (! $app['term'])) {
 						$r[0]['term'] = q("select * from term where otype = %d and oid = %d",
 							intval(TERM_OBJ_APP),
 							intval($r[0]['id'])
 						);
-						Libsync::build_sync_packet($uid,array('app' => $r[0]));
 					}
 				}
 			}
@@ -634,6 +672,7 @@ class Apps {
 				}
 			}
 		}
+
 		return true;
 	}
 
@@ -645,38 +684,35 @@ class Apps {
 				dbesc($app['guid']),
 				intval($uid)
 			);
-			if($x) {
-				if(! intval($x[0]['app_deleted'])) {
-					$x[0]['app_deleted'] = 1;
-					if(self::can_delete($uid,$app)) {
-						q("delete from app where app_id = '%s' and app_channel = %d",
-							dbesc($app['guid']),
-							intval($uid)
-						);
-						q("delete from term where otype = %d and oid = %d",
-							intval(TERM_OBJ_APP),
-							intval($x[0]['id'])
-						);
-						/**
-						 * @hooks app_destroy
-						 *  Called after app entry got removed from database
-						 *  and provide app array from database.
-						 */
-						call_hooks('app_destroy', $x[0]);
-					}
-					else {
-						q("update app set app_deleted = 1 where app_id = '%s' and app_channel = %d",
-							dbesc($app['guid']),
-							intval($uid)
-						);
-					}
-					if(! intval($x[0]['app_system'])) {
-						Libsync::build_sync_packet($uid,array('app' => $x));
-					}
-				}
-				else {
-					self::app_undestroy($uid,$app);
-				}
+
+			if($x && intval($x[0]['app_deleted'])) {
+				self::app_undestroy($uid, $app);
+				return;
+			}
+
+			if(self::can_delete($uid,$app)) {
+				q("delete from app where app_id = '%s' and app_channel = %d",
+					dbesc($app['guid']),
+					intval($uid)
+				);
+
+				q("delete from term where otype = %d and oid = %d",
+					intval(TERM_OBJ_APP),
+					intval($x[0]['id'])
+				);
+
+				/**
+				 * @hooks app_destroy
+				 *  Called after app entry got removed from database
+				 *  and provide app array from database.
+				 */
+				call_hooks('app_destroy', $x[0]);
+			}
+			else {
+				q("update app set app_deleted = 1 where app_id = '%s' and app_channel = %d",
+					dbesc($app['guid']),
+					intval($uid)
+				);
 			}
 		}
 	}
@@ -693,13 +729,11 @@ class Apps {
 				dbesc($app['guid']),
 				intval($uid)
 			);
-			if($x) {
-				if($x[0]['app_system']) {
-					q("update app set app_deleted = 0 where app_id = '%s' and app_channel = %d",
-						dbesc($app['guid']),
-						intval($uid)
-					);
-				}
+			if($x && intval($x[0]['app_deleted']) && $x[0]['app_system']) {
+				q("update app set app_deleted = 0 where app_id = '%s' and app_channel = %d",
+					dbesc($app['guid']),
+					intval($uid)
+				);
 			}
 		}
 	}
@@ -1158,9 +1192,9 @@ class Apps {
 			$y = explode(',',$arr['categories']);
 			if($y) {
 				foreach($y as $t) {
-					$t = trim($t);
+					$t = escape_tags(trim($t));
 					if($t) {
-						store_item_tag($darray['app_channel'],$x[0]['id'],TERM_OBJ_APP,TERM_CATEGORY,escape_tags($t),escape_tags(z_root() . '/apps/?f=&cat=' . escape_tags($t)));
+						store_item_tag($darray['app_channel'], $x[0]['id'], TERM_OBJ_APP, TERM_CATEGORY, $t, z_root() . '/apps/?f=&cat=' . $t);
 					}
 				}
 			}
@@ -1276,58 +1310,58 @@ class Apps {
 
 		$ret['type'] = 'personal';
 
-		if($app['app_id'])
+		if(!empty($app['app_id']))
 			$ret['guid'] = $app['app_id'];
 
-		if($app['app_sig'])
+		if(!empty($app['app_sig']))
 			$ret['sig'] = $app['app_sig'];
 
-		if($app['app_author'])
+		if(!empty($app['app_author']))
 			$ret['author'] = $app['app_author'];
 
-		if($app['app_name'])
+		if(!empty($app['app_name']))
 			$ret['name'] = $app['app_name'];
 
-		if($app['app_desc'])
+		if(!empty($app['app_desc']))
 			$ret['desc'] = $app['app_desc'];
 
-		if($app['app_url'])
+		if(!empty($app['app_url']))
 			$ret['url'] = $app['app_url'];
 
-		if($app['app_photo'])
+		if(!empty($app['app_photo']))
 			$ret['photo'] = $app['app_photo'];
 
-		if($app['app_icon'])
+		if(!empty($app['app_icon']))
 			$ret['icon'] = $app['app_icon'];
 
-		if($app['app_version'])
+		if(!empty($app['app_version']))
 			$ret['version'] = $app['app_version'];
 
-		if($app['app_addr'])
+		if(!empty($app['app_addr']))
 			$ret['addr'] = $app['app_addr'];
 
-		if($app['app_price'])
+		if(!empty($app['app_price']))
 			$ret['price'] = $app['app_price'];
 
-		if($app['app_page'])
+		if(!empty($app['app_page']))
 			$ret['page'] = $app['app_page'];
 
-		if($app['app_requires'])
+		if(!empty($app['app_requires']))
 			$ret['requires'] = $app['app_requires'];
 
-		if($app['app_system'])
+		if(!empty($app['app_system']))
 			$ret['system'] = $app['app_system'];
 
-		if($app['app_options'])
+		if(!empty($app['app_options']))
 			$ret['options'] = $app['app_options'];
 
-		if($app['app_plugin'])
+		if(!empty($app['app_plugin']))
 			$ret['plugin'] = trim($app['app_plugin']);
 
-		if($app['app_deleted'])
+		if(!empty($app['app_deleted']))
 			$ret['deleted'] = $app['app_deleted'];
 
-		if($app['term']) {
+		if(!empty($app['term']) && is_array($app['term'])) {
 			$s = '';
 			foreach($app['term'] as $t) {
 				if($s)
@@ -1356,4 +1390,17 @@ class Apps {
 		return chunk_split(base64_encode(json_encode($papp)),72,"\n");
 	}
 
+	static public function get_papp($app) {
+
+		$r = q("select * from app where app_id = '%s' and app_channel = 0 limit 1",
+			dbesc(hash('whirlpool', $app))
+		);
+
+		if ($r) {
+			$papp = self::app_encode($r[0]);
+			return $papp;
+		}
+
+		return false;
+	}
 }

Zotlabs/Lib/Connect.php

@@ -146,7 +146,7 @@ class Connect {
 
 		}
 
-		$allowed = ((in_array($xchan['xchan_network'],['rss','zot','zot6'])) ? 1 : 0);
+		$allowed = ((in_array($xchan['xchan_network'],['rss', 'zot6'])) ? 1 : 0);
 
 		$hookdata = ['channel_id' => $uid, 'follow_address' => $url, 'xchan' => $xchan, 'allowed' => $allowed, 'singleton' => 0];
 		call_hooks('follow_allow',$hookdata);
@@ -207,13 +207,13 @@ class Connect {
 		}
 
 		$my_perms = $p['perms'];
-		
+
 		$profile_assign = get_pconfig($uid,'system','profile_assign','');
 
 
 		// See if we are already connected by virtue of having an abook record
 
-		$r = q("select abook_id, abook_xchan, abook_pending, abook_instance from abook 
+		$r = q("select abook_id, abook_xchan, abook_pending, abook_instance from abook
 			where abook_xchan = '%s' and abook_channel = %d limit 1",
 			dbesc($xchan_hash),
 			intval($uid)
@@ -261,7 +261,8 @@ class Connect {
 					'abook_feed'      => intval(($xchan['xchan_network'] === 'rss') ? 1 : 0),
 					'abook_created'   => datetime_convert(),
 					'abook_updated'   => datetime_convert(),
-					'abook_instance'  => (($singleton) ? z_root() : '')
+					'abook_instance'  => (($singleton) ? z_root() : ''),
+					'abook_role'      => get_pconfig($uid, 'system', 'default_permcat', 'default')
 				]
 			);
 		}
@@ -282,7 +283,7 @@ class Connect {
 
 		// fetch the entire record
 
-		$r = q("select abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash 
+		$r = q("select abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash
 			where abook_xchan = '%s' and abook_channel = %d limit 1",
 			dbesc($xchan_hash),
 			intval($uid)
@@ -300,7 +301,7 @@ class Connect {
 		/** If there is a default group for this channel, add this connection to it */
 
 		if ($default_group) {
-			$g = AccessList::rec_byhash($uid,$default_group);
+			$g = AccessList::by_hash($uid,$default_group);
 			if ($g) {
 				AccessList::member_add($uid,'',$xchan_hash,$g['id']);
 			}

Zotlabs/Lib/DReport.php

@@ -87,8 +87,7 @@ class DReport {
 
 		// Is the sender one of our channels?
 
-		$c = q("select channel_id from channel where channel_hash = '%s' or channel_portable_id = '%s' limit 1",
-			dbesc($dr['sender']),
+		$c = q("select channel_id from channel where channel_hash = '%s' limit 1",
 			dbesc($dr['sender'])
 		);
 

Zotlabs/Lib/Enotify.php

@@ -69,24 +69,24 @@ class Enotify {
 		$sender_name = $product;
 		$hostname = \App::get_hostname();
 		if(strpos($hostname,':'))
-			$hostname = substr($hostname,0,strpos($hostname,':'));
+			$hostname = substr($hostname, 0, strpos($hostname,':'));
 
 		// Do not translate 'noreply' as it must be a legal 7-bit email address
 
-		$reply_email = get_config('system','reply_address');
+		$reply_email = get_config('system', 'reply_address');
 		if(! $reply_email)
 			$reply_email = 'noreply' . '@' . $hostname;
 
-		$sender_email = get_config('system','from_email');
+		$sender_email = get_config('system', 'from_email');
 		if(! $sender_email)
 			$sender_email = 'Administrator' . '@' . $hostname;
 
-		$sender_name = get_config('system','from_email_name');
+		$sender_name = get_config('system', 'from_email_name');
 		if(! $sender_name)
 			$sender_name = \Zotlabs\Lib\System::get_site_name();
 
 
-		$additional_mail_header = "";
+		$additional_mail_header = '';
 
 		if(array_key_exists('item', $params)) {
 			require_once('include/conversation.php');
@@ -114,27 +114,28 @@ class Enotify {
 		}
 
 
-	$always_show_in_notices = get_pconfig($recip['channel_id'],'system','always_show_in_notices');
-	$vnotify = get_pconfig($recip['channel_id'],'system','vnotify');
+	$always_show_in_notices = get_pconfig($recip['channel_id'], 'system', 'always_show_in_notices');
+	$vnotify = get_pconfig($recip['channel_id'], 'system', 'vnotify');
 
 	$salutation = $recip['channel_name'];
 
 	// e.g. "your post", "David's photo", etc.
 	$possess_desc = t('%s <!item_type!>');
 
+// @@TODO: consider using switch instead of those elseif
 	if ($params['type'] == NOTIFY_MAIL) {
 		logger('notification: mail');
-		$subject = 	sprintf( t('[$Projectname:Notify] New mail received at %s'),$sitename);
+		$subject = 	sprintf( t('[$Projectname:Notify] New direct message received at %s'), $sitename);
 
-		$preamble = sprintf( t('%1$s sent you a new private message at %2$s.'), $sender['xchan_name'],$sitename);
-		$epreamble = sprintf( t('%1$s sent you %2$s.'),'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]', '[zrl=$itemlink]' . t('a private message') . '[/zrl]');
-		$sitelink = t('Please visit %s to view and/or reply to your private messages.');
-		$tsitelink = sprintf( $sitelink, $siteurl . '/mail/' . $params['item']['id'] );
-		$hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '/mail/' . $params['item']['id'] . '">' . $sitename . '</a>');
-		$itemlink = $siteurl . '/mail/' . $params['item']['id'];
+		$preamble = sprintf( t('%1$s sent you a new direct message at %2$s'), $sender['xchan_name'], $sitename);
+		$epreamble = sprintf( t('%1$s sent you %2$s.'), '[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]', '[zrl=$itemlink]' . t('a direct message') . '[/zrl]');
+		$sitelink = t('Please visit %s to view and/or reply to your direct messages.');
+		$tsitelink = sprintf( $sitelink, $siteurl . '/hq/' . gen_link_id($params['item']['mid']));
+		$hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '/hq/' . gen_link_id($params['item']['mid']) . '">' . $sitename . '</a>');
+		$itemlink = $siteurl . '/hq/' . gen_link_id($params['item']['mid']);
 	}
 
-	if ($params['type'] == NOTIFY_COMMENT) {
+	elseif ($params['type'] === NOTIFY_COMMENT) {
 		//logger("notification: params = " . print_r($params, true), LOGGER_DEBUG);
 
 		$moderated = (($params['item']['item_blocked'] == ITEM_MODERATED) ? true : false);
@@ -171,7 +172,6 @@ class Enotify {
 		// Check to see if there was already a notify for this post.
 		// If so don't create a second notification
 
-		$p = null;
 		$p = q("select id from notify where link = '%s' and uid = %d limit 1",
 			dbesc($params['link']),
 			intval($recip['channel_id'])
@@ -196,6 +196,7 @@ class Enotify {
 
 		xchan_query($p);
 
+//@@FIXME $p can be null (line 188)
 		$item_post_type = item_post_type($p[0]);
 //		$private = $p[0]['item_private'];
 		$parent_id = $p[0]['id'];
@@ -237,7 +238,7 @@ class Enotify {
 			$subject = sprintf( t('[$Projectname:Notify] Moderated Comment to conversation #%1$d by %2$s'), $parent_id, $sender['xchan_name']);
 		else
 			$subject = sprintf( t('[$Projectname:Notify] Comment to conversation #%1$d by %2$s'), $parent_id, $sender['xchan_name']);
-		$preamble = sprintf( t('%1$s commented on an item/conversation you have been following.'), $sender['xchan_name']);
+		$preamble = sprintf( t('%1$s commented on an item/conversation you have been following'), $sender['xchan_name']);
 		$epreamble = $dest_str;
 
 		$sitelink = t('Please visit %s to view and/or reply to the conversation.');
@@ -250,12 +251,12 @@ class Enotify {
 
 	}
 
-	if ($params['type'] == NOTIFY_LIKE) {
+	elseif ($params['type'] === NOTIFY_LIKE) {
 //		logger("notification: params = " . print_r($params, true), LOGGER_DEBUG);
 
 		$itemlink =  $params['link'];
 
-		if (array_key_exists('item',$params) && (! activity_match($params['item']['verb'],ACTIVITY_LIKE))) {
+		if (array_key_exists('item',$params) && activity_match($params['item']['verb'],ACTIVITY_LIKE)) {
 			if(! $always_show_in_notices  || !($vnotify & VNOTIFY_LIKE)) {
 				logger('notification: not a visible activity. Ignoring.');
 				pop_lang();
@@ -268,7 +269,6 @@ class Enotify {
 		// Check to see if there was already a notify for this post.
 		// If so don't create a second notification
 
-		$p = null;
 		$p = q("select id from notify where link = '%s' and uid = %d limit 1",
 			dbesc($params['link']),
 			intval($recip['channel_id'])
@@ -293,7 +293,7 @@ class Enotify {
 
 		xchan_query($p);
 
-
+//@@FIXME $p can be null (line 285)
 		$item_post_type = item_post_type($p[0]);
 //		$private = $p[0]['item_private'];
 		$parent_id = $p[0]['id'];
@@ -302,7 +302,7 @@ class Enotify {
 
 
 		// "your post"
-		if($p[0]['owner']['xchan_name'] == $p[0]['author']['xchan_name'] && intval($p[0]['item_wall']))
+		if($p[0]['owner']['xchan_name'] === $p[0]['author']['xchan_name'] && intval($p[0]['item_wall']))
 			$dest_str = sprintf(t('%1$s liked [zrl=%2$s]your %3$s[/zrl]'),
 				'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
 				$itemlink,
@@ -318,7 +318,7 @@ class Enotify {
 		// differents subjects for messages on the same thread.
 
 		$subject = sprintf( t('[$Projectname:Notify] Like received to conversation #%1$d by %2$s'), $parent_id, $sender['xchan_name']);
-		$preamble = sprintf( t('%1$s liked an item/conversation you created.'), $sender['xchan_name']);
+		$preamble = sprintf( t('%1$s liked an item/conversation you created'), $sender['xchan_name']);
 		$epreamble = $dest_str;
 
 		$sitelink = t('Please visit %s to view and/or reply to the conversation.');
@@ -328,7 +328,7 @@ class Enotify {
 
 
 
-	if($params['type'] == NOTIFY_WALL) {
+	elseif($params['type'] === NOTIFY_WALL) {
 		$subject = sprintf( t('[$Projectname:Notify] %s posted to your profile wall') , $sender['xchan_name']);
 
 		$preamble = sprintf( t('%1$s posted to your profile wall at %2$s') , $sender['xchan_name'], $sitename);
@@ -343,9 +343,8 @@ class Enotify {
 		$itemlink =  $params['link'];
 	}
 
-	if ($params['type'] == NOTIFY_TAGSELF) {
+	elseif ($params['type'] === NOTIFY_TAGSELF) {
 
-		$p = null;
 		$p = q("select id from notify where link = '%s' and uid = %d limit 1",
 			dbesc($params['link']),
 			intval($recip['channel_id'])
@@ -368,7 +367,7 @@ class Enotify {
 		$itemlink =  $params['link'];
 	}
 
-	if ($params['type'] == NOTIFY_POKE) {
+	elseif ($params['type'] === NOTIFY_POKE) {
 		$subject =	sprintf( t('[$Projectname:Notify] %1$s poked you') , $sender['xchan_name']);
 		$preamble = sprintf( t('%1$s poked you at %2$s') , $sender['xchan_name'], $sitename);
 		$epreamble = sprintf( t('%1$s [zrl=%2$s]poked you[/zrl].') ,
@@ -385,7 +384,7 @@ class Enotify {
 		$itemlink =  $params['link'];
 	}
 
-	if ($params['type'] == NOTIFY_TAGSHARE) {
+	elseif ($params['type'] === NOTIFY_TAGSHARE) {
 		$subject =	sprintf( t('[$Projectname:Notify] %s tagged your post') , $sender['xchan_name']);
 		$preamble = sprintf( t('%1$s tagged your post at %2$s'),$sender['xchan_name'], $sitename);
 		$epreamble = sprintf( t('%1$s tagged [zrl=%2$s]your post[/zrl]') ,
@@ -398,7 +397,7 @@ class Enotify {
 		$itemlink =  $params['link'];
 	}
 
-	if ($params['type'] == NOTIFY_INTRO) {
+	elseif ($params['type'] === NOTIFY_INTRO) {
 		$subject = sprintf( t('[$Projectname:Notify] Introduction received'));
 		$preamble = sprintf( t('You\'ve received an new connection request from \'%1$s\' at %2$s'), $sender['xchan_name'], $sitename);
 		$epreamble = sprintf( t('You\'ve received [zrl=%1$s]a new connection request[/zrl] from %2$s.'),
@@ -412,7 +411,7 @@ class Enotify {
 		$itemlink = $params['link'];
 	}
 
-	if ($params['type'] == NOTIFY_SUGGEST) {
+	elseif ($params['type'] === NOTIFY_SUGGEST) {
 		$subject = sprintf( t('[$Projectname:Notify] Friend suggestion received'));
 		$preamble = sprintf( t('You\'ve received a friend suggestion from \'%1$s\' at %2$s'), $sender['xchan_name'], $sitename);
 		$epreamble = sprintf( t('You\'ve received [zrl=%1$s]a friend suggestion[/zrl] for %2$s from %3$s.'),
@@ -430,11 +429,11 @@ class Enotify {
 		$itemlink =  $params['link'];
 	}
 
-	if ($params['type'] == NOTIFY_CONFIRM) {
+	elseif ($params['type'] === NOTIFY_CONFIRM) {
 		// ?
 	}
 
-	if ($params['type'] == NOTIFY_SYSTEM) {
+	elseif ($params['type'] === NOTIFY_SYSTEM) {
 		// ?
 	}
 
@@ -477,7 +476,7 @@ class Enotify {
 	} while ($dups === true);
 
 
-	$datarray = array();
+	$datarray = [];
 	$datarray['hash']   = $hash;
 	$datarray['sender_hash'] = $sender['xchan_hash'];
 	$datarray['xname']   = $sender['xchan_name'];
@@ -514,7 +513,7 @@ class Enotify {
 	// (probably would be better that way)
 
 	if (!$always_show_in_notices) {
-		if (($params['type'] == NOTIFY_WALL) || ($params['type'] == NOTIFY_MAIL) || ($params['type'] == NOTIFY_INTRO)) {
+		if (($params['type'] === NOTIFY_WALL) || ($params['type'] === NOTIFY_MAIL) || ($params['type'] === NOTIFY_INTRO)) {
 			$seen = 1;
 		}
 	}
@@ -550,12 +549,12 @@ class Enotify {
 	}
 
 	$itemlink = z_root() . '/notify/view/' . $notify_id;
-	$msg = str_replace('$itemlink',$itemlink,$epreamble);
+	$msg = str_replace('$itemlink', $itemlink, $epreamble);
 
 	// wretched hack, but we don't want to duplicate all the preamble variations and we also don't want to screw up a translation
 
 	if ((\App::$language === 'en' || (! \App::$language)) && strpos($msg,', '))
-		$msg = substr($msg,strpos($msg,', ')+1);
+		$msg = substr($msg, strpos($msg,', ')+1);
 
 	$datarray['id'] = $notify_id;
 	$datarray['msg'] = $msg;
@@ -575,7 +574,7 @@ class Enotify {
 
 		logger('notification: sending notification email');
 
-		$hn = get_pconfig($recip['channel_id'],'system','email_notify_host');
+		$hn = get_pconfig($recip['channel_id'], 'system', 'email_notify_host');
 		if($hn && (! stristr(\App::get_hostname(),$hn))) {
 			// this isn't the email notification host
 			pop_lang();
@@ -584,7 +583,7 @@ class Enotify {
 
 		$textversion = strip_tags(html_entity_decode(bbcode(stripslashes(str_replace(array("\\r", "\\n"), array( "", "\n"), $body))),ENT_QUOTES,'UTF-8'));
 
-		$htmlversion = bbcode(stripslashes(str_replace(array("\\r","\\n"), array("","<br />\n"),$body)));
+		$htmlversion = bbcode(stripslashes(str_replace(array("\\r","\\n"), array('',"<br />\n"),$body)));
 
 
 		// use $_SESSION['zid_override'] to force zid() to use
@@ -601,7 +600,7 @@ class Enotify {
 		unset($_SESSION['zid_override']);
 		unset($_SESSION['zrl_override']);
 
-		$datarray = array();
+		$datarray = [];
 		$datarray['banner']       = $banner;
 		$datarray['product']      = $product;
 		$datarray['preamble']     = $preamble;
@@ -758,9 +757,9 @@ class Enotify {
 		$messageSubject = email_header_encode(html_entity_decode($params['messageSubject'],ENT_QUOTES,'UTF-8'),'UTF-8');
 
 		// generate a mime boundary
-		$mimeBoundary = rand(0, 9) . "-"
-				.rand(100000000, 999999999) . "-"
-				.rand(100000000, 999999999) . "=:"
+		$mimeBoundary = rand(0, 9) . '-'
+				.rand(100000000, 999999999) . '-'
+				.rand(100000000, 999999999) . '=:'
 				.rand(10000, 99999);
 
 		// generate a multipart/alternative message header
@@ -768,7 +767,7 @@ class Enotify {
 			$params['additionalMailHeader'] .
 			"From: $fromName <{$params['fromEmail']}>" . PHP_EOL .
 			"Reply-To: $fromName <{$params['replyTo']}>" . PHP_EOL .
-			"MIME-Version: 1.0" . PHP_EOL .
+			'MIME-Version: 1.0' . PHP_EOL .
 			"Content-Type: multipart/alternative; boundary=\"{$mimeBoundary}\"";
 
 		// assemble the final multipart message body with the text and html types included
@@ -776,15 +775,15 @@ class Enotify {
 		$htmlBody = chunk_split(base64_encode($params['htmlVersion']));
 
 		$multipartMessageBody =
-			"--" . $mimeBoundary . PHP_EOL .					// plain text section
-			"Content-Type: text/plain; charset=UTF-8" . PHP_EOL .
-			"Content-Transfer-Encoding: base64" . PHP_EOL . PHP_EOL .
+			'--' . $mimeBoundary . PHP_EOL .					// plain text section
+			'Content-Type: text/plain; charset=UTF-8' . PHP_EOL .
+			'Content-Transfer-Encoding: base64' . PHP_EOL . PHP_EOL .
 			$textBody . PHP_EOL .
-			"--" . $mimeBoundary . PHP_EOL .					// text/html section
-			"Content-Type: text/html; charset=UTF-8" . PHP_EOL .
-			"Content-Transfer-Encoding: base64" . PHP_EOL . PHP_EOL .
+			'--' . $mimeBoundary . PHP_EOL .					// text/html section
+			'Content-Type: text/html; charset=UTF-8' . PHP_EOL .
+			'Content-Transfer-Encoding: base64' . PHP_EOL . PHP_EOL .
 			$htmlBody . PHP_EOL .
-			"--" . $mimeBoundary . "--" . PHP_EOL;					// message ending
+			'--' . $mimeBoundary . '--' . PHP_EOL;					// message ending
 
 		// send the message
 		$res = mail(
@@ -793,7 +792,7 @@ class Enotify {
 			$multipartMessageBody,							// message body
 			$messageHeader									// message headers
 		);
-		logger("notification: enotify::send returns " . (($res) ? 'success' : 'failure'), LOGGER_DEBUG);
+		logger('notification: enotify::send returns ' . (($res) ? 'success' : 'failure'), LOGGER_DEBUG);
 		return $res;
 	}
 
@@ -833,13 +832,12 @@ class Enotify {
 		$edit = false;
 
 		if($item['edited'] > $item['created']) {
+			$edit = true;
 			if($item['item_thread_top']) {
 				$itemem_text = sprintf( t('edited a post dated %s'), relative_date($item['created']));
-				$edit = true;
 			}
 			else {
 				$itemem_text = sprintf( t('edited a comment dated %s'), relative_date($item['created']));
-				$edit = true;
 			}
 		}
 
@@ -856,18 +854,18 @@ class Enotify {
 			'photo' => $item[$who]['xchan_photo_s'],
 			'when' => (($edit) ? datetime_convert('UTC', date_default_timezone_get(), $item['edited']) : datetime_convert('UTC', date_default_timezone_get(), $item['created'])),
 			'class' => (intval($item['item_unseen']) ? 'notify-unseen' : 'notify-seen'),
-			'b64mid' => (($item['mid']) ? 'b64.' . base64url_encode($item['mid']) : ''),
-			//'b64mid' => ((in_array($item['verb'], [ACTIVITY_LIKE, ACTIVITY_DISLIKE])) ? 'b64.' . base64url_encode($item['thr_parent']) : 'b64.' . base64url_encode($item['mid'])),
+			'b64mid' => (($item['mid']) ? gen_link_id($item['mid']) : ''),
+			//'b64mid' => ((in_array($item['verb'], [ACTIVITY_LIKE, ACTIVITY_DISLIKE])) ? gen_link_id($item['thr_parent']) : gen_link_id($item['mid'])),
 			'thread_top' => (($item['item_thread_top']) ? true : false),
 			'message' => bbcode(escape_tags($itemem_text)),
-			'body' =>  htmlentities(html2plain(bbcode($item['body']), 75, true), ENT_QUOTES, 'UTF-8', false),
+			'body' =>  htmlentities(html2plain(bbcode($item['body'], ['drop_media', true]), 75, true), ENT_QUOTES, 'UTF-8', false),
 			// these are for the superblock addon
 			'hash' => $item[$who]['xchan_hash'],
 			'uid' => $item['uid'],
 			'display' => true
 		);
 
-		call_hooks('enotify_format',$x);
+		call_hooks('enotify_format', $x);
 		if(! $x['display']) {
 			return [];
 		}
@@ -884,9 +882,9 @@ class Enotify {
 
 		$mid = basename($tt['link']);
 
-		$b64mid = ((strpos($mid, 'b64.') === 0) ? $mid : 'b64.' . base64url_encode($mid));
+		$b64mid = gen_link_id($mid);
 		$x = [
-			'notify_link' => z_root() . '/notify/view/' . $tt['id'],
+			'notify_link' => (($tt['ntype'] === NOTIFY_MAIL) ? $tt['link'] : z_root() . '/notify/view/' . $tt['id']),
 			'name' => $tt['xname'],
 			'url' => $tt['url'],
 			'photo' => $tt['photo'],
@@ -903,8 +901,8 @@ class Enotify {
 
 	static public function format_intros($rr) {
 
-		$x = [
-			'notify_link' => z_root() . '/connections/ifpending',
+		return [
+			'notify_link' => z_root() . '/connections#' . $rr['abook_id'],
 			'name' => $rr['xchan_name'],
 			'addr' => $rr['xchan_addr'],
 			'url' => $rr['xchan_url'],
@@ -914,13 +912,11 @@ class Enotify {
 			'message' => t('added your channel')
 		];
 
-		return $x;
-
 	}
 
 	static public function format_files($rr) {
 
-		$x = [
+		return [
 			'notify_link' => z_root() . '/sharedwithme',
 			'name' => $rr['author']['xchan_name'],
 			'addr' => $rr['author']['xchan_addr'],
@@ -931,13 +927,11 @@ class Enotify {
 			'message' => t('shared a file with you')
 		];
 
-		return $x;
-
 	}
 
 	static public function format_mail($rr) {
 
-		$x = [
+		return [
 			'notify_link' => z_root() . '/mail/' . $rr['id'],
 			'name' => $rr['xchan_name'],
 			'addr' => $rr['xchan_addr'],
@@ -945,11 +939,9 @@ class Enotify {
 			'photo' => $rr['xchan_photo_s'],
 			'when' => datetime_convert('UTC', date_default_timezone_get(), $rr['created']),
 			'hclass' => (intval($rr['mail_seen']) ? 'notify-seen' : 'notify-unseen'),
-			'message' => t('sent you a private message'),
+			'message' => t('sent you a direct message'),
 		];
 
-		return $x;
-
 	}
 
 	static public function format_all_events($rr) {
@@ -959,7 +951,7 @@ class Enotify {
 		$today = ((substr($strt, 0, 10) === datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y-m-d')) ? true : false);
 		$when = day_translate(datetime_convert('UTC', (($rr['adjust']) ? date_default_timezone_get() : 'UTC'), $rr['dtstart'], $bd_format)) . (($today) ?  ' ' . t('[today]') : '');
 
-		$x = [
+		return [
 			'notify_link' => z_root() . '/cdav/calendar/' . $rr['event_hash'],
 			'name'        => $rr['xchan_name'],
 			'addr'        => $rr['xchan_addr'],
@@ -970,23 +962,20 @@ class Enotify {
 			'message'     => t('created an event')
 		];
 
-		return $x;
 
 	}
 
 	static public function format_register($rr) {
 
-		$x = [
+		return [
 			'notify_link' => z_root() . '/admin/accounts',
-			'name' => $rr['account_email'],
-			//'addr' => $rr['account_email'],
+			'name' => $rr['reg_did2'],
+			//'addr' => '',
 			'photo' => z_root() . '/' . get_default_profile_photo(48),
-			'when' => datetime_convert('UTC', date_default_timezone_get(),$rr['account_created']),
+			'when' => datetime_convert('UTC', date_default_timezone_get(),$rr['reg_created']),
 			'hclass' => ('notify-unseen'),
-			'message' => t('requires approval')
+			'message' => t('status verified')
 		];
 
-		return $x;
-
 	}
 }

Zotlabs/Lib/Group.php

@@ -1,405 +0,0 @@
-<?php 
-
-namespace Zotlabs\Lib;
-
-use Zotlabs\Lib\Libsync;
-
-
-class Group {
-	
-	static function add($uid,$name,$public = 0) {
-
-		$ret = false;
-		if(x($uid) && x($name)) {
-			$r = self::byname($uid,$name); // check for dups
-			if($r !== false) {
-
-				// This could be a problem. 
-				// Let's assume we've just created a group which we once deleted
-				// all the old members are gone, but the group remains so we don't break any security
-				// access lists. What we're doing here is reviving the dead group, but old content which
-				// was restricted to this group may now be seen by the new group members. 
-
-				$z = q("SELECT * FROM pgrp WHERE id = %d LIMIT 1",
-					intval($r)
-				);
-				if(($z) && $z[0]['deleted']) {
-					q('UPDATE pgrp SET deleted = 0 WHERE id = %d', intval($z[0]['id']));
-					notice( t('A deleted group with this name was revived. Existing item permissions <strong>may</strong> apply to this group and any future members. If this is not what you intended, please create another group with a different name.') . EOL); 
-				}
-				return true;
-			}
-
-			do {
-				$dups = false;
-				$hash = random_string(32) . str_replace(['<','>'],['.','.'], $name);
-
-				$r = q("SELECT id FROM pgrp WHERE hash = '%s' LIMIT 1", dbesc($hash));
-				if($r)
-					$dups = true;
-			} while($dups == true);
-
-
-			$r = q("INSERT INTO pgrp ( hash, uid, visible, gname )
-				VALUES( '%s', %d, %d, '%s' ) ",
-				dbesc($hash),
-				intval($uid),
-				intval($public),
-				dbesc($name)
-			);
-			$ret = $r;
-		}
-
-		Libsync::build_sync_packet($uid,null,true);
-		return $ret;
-	}
-
-
-	static function remove($uid,$name) {
-		$ret = false;
-		if(x($uid) && x($name)) {
-			$r = q("SELECT id, hash FROM pgrp WHERE uid = %d AND gname = '%s' LIMIT 1",
-				intval($uid),
-				dbesc($name)
-			);
-			if($r) {
-				$group_id = $r[0]['id'];
-				$group_hash = $r[0]['hash'];
-			}
-
-			if(! $group_id)
-				return false;
-
-			// remove group from default posting lists
-			$r = q("SELECT channel_default_group, channel_allow_gid, channel_deny_gid FROM channel WHERE channel_id = %d LIMIT 1",
-			       intval($uid)
-			);
-			if($r) {
-				$user_info = $r[0];
-				$change = false;
-
-				if($user_info['channel_default_group'] == $group_hash) {
-					$user_info['channel_default_group'] = '';
-					$change = true;
-				}
-				if(strpos($user_info['channel_allow_gid'], '<' . $group_hash . '>') !== false) {
-					$user_info['channel_allow_gid'] = str_replace('<' . $group_hash . '>', '', $user_info['channel_allow_gid']);
-					$change = true;
-				}
-				if(strpos($user_info['channel_deny_gid'], '<' . $group_hash . '>') !== false) {
-					$user_info['channel_deny_gid'] = str_replace('<' . $group_hash . '>', '', $user_info['channel_deny_gid']);
-					$change = true;
-				}
-
-				if($change) {
-					q("UPDATE channel SET channel_default_group = '%s', channel_allow_gid = '%s', channel_deny_gid = '%s' 
-						WHERE channel_id = %d",
-						intval($user_info['channel_default_group']),
-						dbesc($user_info['channel_allow_gid']),
-						dbesc($user_info['channel_deny_gid']),
-						intval($uid)
-					);
-				}
-			}
-
-			// remove all members
-			$r = q("DELETE FROM pgrp_member WHERE uid = %d AND gid = %d ",
-				intval($uid),
-				intval($group_id)
-			);
-
-			// remove group
-			$r = q("UPDATE pgrp SET deleted = 1 WHERE uid = %d AND gname = '%s'",
-				intval($uid),
-				dbesc($name)
-			);
-
-			$ret = $r;
-
-		}
-
-		Libsync::build_sync_packet($uid,null,true);
-
-		return $ret;
-	}
-
-
-	static function byname($uid,$name) {
-		if((! $uid) || (! strlen($name)))
-			return false;
-		$r = q("SELECT * FROM pgrp WHERE uid = %d AND gname = '%s' LIMIT 1",
-			intval($uid),
-			dbesc($name)
-		);
-		if($r)
-			return $r[0]['id'];
-		return false;
-	}
-
-
-	static function rec_byhash($uid,$hash) {
-		if((! $uid) || (! strlen($hash)))
-			return false;
-		$r = q("SELECT * FROM pgrp WHERE uid = %d AND hash = '%s' LIMIT 1",
-			intval($uid),
-			dbesc($hash)
-		);
-		if($r)
-			return $r[0];
-		return false;
-	}
-
-
-	static function member_remove($uid,$name,$member) {
-		$gid = self::byname($uid,$name);
-		if(! $gid)
-			return false;
-		if(! ( $uid && $gid && $member))
-			return false;
-		$r = q("DELETE FROM pgrp_member WHERE uid = %d AND gid = %d AND xchan = '%s' ",
-			intval($uid),
-			intval($gid),
-			dbesc($member)
-		);
-
-		Libsync::build_sync_packet($uid,null,true);
-
-		return $r;
-	}
-
-
-	static function member_add($uid,$name,$member,$gid = 0) {
-		if(! $gid)
-			$gid = self::byname($uid,$name);
-		if((! $gid) || (! $uid) || (! $member))
-			return false;
-
-		$r = q("SELECT * FROM pgrp_member WHERE uid = %d AND gid = %d AND xchan = '%s' LIMIT 1",	
-			intval($uid),
-			intval($gid),
-			dbesc($member)
-		);
-		if($r)
-			return true;	// You might question this, but 
-				// we indicate success because the group member was in fact created
-				// -- It was just created at another time
-	 	if(! $r)
-			$r = q("INSERT INTO pgrp_member (uid, gid, xchan)
-				VALUES( %d, %d, '%s' ) ",
-				intval($uid),
-				intval($gid),
-				dbesc($member)
-		);
-
-		Libsync::build_sync_packet($uid,null,true);
-
-		return $r;
-	}
-
-
-	static function members($gid) {
-		$ret = array();
-		if(intval($gid)) {
-			$r = q("SELECT * FROM pgrp_member 
-				LEFT JOIN abook ON abook_xchan = pgrp_member.xchan left join xchan on xchan_hash = abook_xchan
-				WHERE gid = %d AND abook_channel = %d and pgrp_member.uid = %d and xchan_deleted = 0 and abook_self = 0 and abook_blocked = 0 and abook_pending = 0 ORDER BY xchan_name ASC ",
-				intval($gid),
-				intval(local_channel()),
-				intval(local_channel())
-			);
-			if($r)
-				$ret = $r;
-		}
-		return $ret;
-	}
-
-	static function members_xchan($gid) {
-		$ret = [];
-		if(intval($gid)) {
-			$r = q("SELECT xchan FROM pgrp_member WHERE gid = %d AND uid = %d",
-				intval($gid),
-				intval(local_channel())
-			);
-			if($r) {
-				foreach($r as $rr) {
-					$ret[] = $rr['xchan'];
-				}
-			}
-		}
-		return $ret;
-	}
-
-	static function members_profile_xchan($uid,$gid) {
-		$ret = [];
-
-		if(intval($gid)) {
-			$r = q("SELECT abook_xchan as xchan from abook left join profile on abook_profile = profile_guid where profile.id = %d and profile.uid = %d",
-				intval($gid),
-				intval($uid)
-			);
-			if($r) {
-				foreach($r as $rr) {
-					$ret[] = $rr['xchan'];
-				}
-			}
-		}
-		return $ret;
-	}
-
-
-
-
-	static function select($uid,$group = '') {
-	
-		$grps = [];
-		$o = '';
-
-		$r = q("SELECT * FROM pgrp WHERE deleted = 0 AND uid = %d ORDER BY gname ASC",
-			intval($uid)
-		);
-		$grps[] = array('name' => '', 'hash' => '0', 'selected' => '');
-		if($r) {
-			foreach($r as $rr) {
-				$grps[] = array('name' => $rr['gname'], 'id' => $rr['hash'], 'selected' => (($group == $rr['hash']) ? 'true' : ''));
-			}
-
-		}
-		logger('select: ' . print_r($grps,true), LOGGER_DATA);
-
-		$o = replace_macros(get_markup_template('group_selection.tpl'), array(
-			'$label' => t('Add new connections to this privacy group'),
-			'$groups' => $grps 
-		));
-		return $o;
-	}
-
-
-
-
-	static function widget($every="connections",$each="group",$edit = false, $group_id = 0, $cid = '',$mode = 1) {
-
-		$o = '';
-
-		if(! (local_channel() && feature_enabled(local_channel(),'groups'))) {
-			return '';
-		}
-
-		$groups = array();
-
-		$r = q("SELECT * FROM pgrp WHERE deleted = 0 AND uid = %d ORDER BY gname ASC",
-			intval($_SESSION['uid'])
-		);
-		$member_of = array();
-		if($cid) {
-			$member_of = self::containing(local_channel(),$cid);
-		} 
-
-		if($r) {
-			foreach($r as $rr) {
-				$selected = (($group_id == $rr['id']) ? ' group-selected' : '');
-			
-				if ($edit) {
-					$groupedit = [ 'href' => "group/".$rr['id'], 'title' => t('edit') ];
-				} 
-				else {
-					$groupedit = null;
-				}
-			
-				$groups[] = [
-					'id'		=> $rr['id'],
-					'enc_cid'   => base64url_encode($cid),
-					'cid'		=> $cid,
-					'text' 		=> $rr['gname'],
-					'selected' 	=> $selected,
-					'href'		=> (($mode == 0) ? $each.'?f=&gid='.$rr['id'] : $each."/".$rr['id']) . ((x($_GET,'new')) ? '&new=' . $_GET['new'] : '') . ((x($_GET,'order')) ? '&order=' . $_GET['order'] : ''),
-					'edit'		=> $groupedit,
-					'ismember'	=> in_array($rr['id'],$member_of),
-				];
-			}
-		}
-	
-	
-		$tpl = get_markup_template("group_side.tpl");
-		$o = replace_macros($tpl, array(
-			'$title'		=> t('Privacy Groups'),
-			'$edittext'     => t('Edit group'),
-			'$createtext' 	=> t('Add privacy group'),
-			'$ungrouped'    => (($every === 'contacts') ? t('Channels not in any privacy group') : ''),
-			'$groups'		=> $groups,
-			'$add'			=> t('add'),
-		));
-		
-	
-		return $o;
-	}
-
-
-	static function expand($g) {
-		if(! (is_array($g) && count($g)))
-			return array();
-
-		$ret = [];
-		$x   = [];
-
-		// private profile linked virtual groups
-
-		foreach($g as $gv) {
-			if(substr($gv,0,3) === 'vp.') {
-				$profile_hash = substr($gv,3);
-				if($profile_hash) {
-					$r = q("select abook_xchan from abook where abook_profile = '%s'",
-						dbesc($profile_hash)
-					);
-					if($r) {
-						foreach($r as $rv) {
-							$ret[] = $rv['abook_xchan'];
-						}
-					}
-				}
-			}
-			else {
-				$x[] = $gv;
-			}
-		}								 
-
-		if($x) {
-			stringify_array_elms($x,true);
-			$groups = implode(',', $x);
-			if($groups) {
-				$r = q("SELECT xchan FROM pgrp_member WHERE gid IN ( select id from pgrp where hash in ( $groups ))");
-				if($r) {
-					foreach($r as $rr) {
-						$ret[] = $rr['xchan'];
-					}
-				}
-			}
-		}
-		return $ret;
-	}
-
-
-	static function member_of($c) {
-		$r = q("SELECT pgrp.gname, pgrp.id FROM pgrp LEFT JOIN pgrp_member ON pgrp_member.gid = pgrp.id WHERE pgrp_member.xchan = '%s' AND pgrp.deleted = 0 ORDER BY pgrp.gname  ASC ",
-			dbesc($c)
-		);
-
-		return $r;
-
-	}
-
-	static function containing($uid,$c) {
-
-		$r = q("SELECT gid FROM pgrp_member WHERE uid = %d AND pgrp_member.xchan = '%s' ",
-			intval($uid),
-			dbesc($c)
-		);
-
-		$ret = array();
-		if($r) {
-			foreach($r as $rr)
-				$ret[] = $rr['gid'];
-		}
-	
-		return $ret;
-	}
-}

Zotlabs/Lib/Libsync.php

@@ -141,7 +141,6 @@ class Libsync {
 		logger('Packet: ' . print_r($info, true), LOGGER_DATA, LOG_DEBUG);
 
 		$total = count($synchubs);
-
 		foreach ($synchubs as $hub) {
 			$hash = random_string();
 			$n    = Libzot::build_packet($channel, 'sync', $env_recips, json_encode($info), 'hz', $hub['hubloc_sitekey'], $hub['site_crypto']);
@@ -186,7 +185,6 @@ class Libsync {
 		require_once('include/import.php');
 
 		$result = [];
-
 		$keychange = ((array_key_exists('keychange', $arr)) ? true : false);
 
 		foreach ($deliveries as $d) {
@@ -232,8 +230,35 @@ class Libsync {
 
 			if (array_key_exists('config', $arr) && is_array($arr['config']) && count($arr['config'])) {
 				foreach ($arr['config'] as $cat => $k) {
-					foreach ($arr['config'][$cat] as $k => $v)
-						set_pconfig($channel['channel_id'], $cat, $k, $v);
+					$pconfig_updated = [];
+
+					foreach($arr['config'][$cat] as $k => $v) {
+						if ($cat === 'hz_delpconfig' && strpos($k, 'b64.') === 0) {
+							$delpconfig = explode(':', unpack_link_id($k));
+
+							// delete the provided pconfig
+							del_pconfig($channel['channel_id'], $delpconfig[0], $delpconfig[1], $v);
+
+							// delete the messenger pconfig
+							del_pconfig($channel['channel_id'], 'hz_delpconfig', $k);
+						}
+
+						if (strpos($k,'pcfgud:') === 0) {
+							$realk = substr($k,7);
+							$pconfig_updated[$realk] = $v;
+							unset($arr['config'][$cat][$k]);
+						}
+					}
+
+					foreach($arr['config'][$cat] as $k => $v) {
+						if (!isset($pconfig_updated[$k])) {
+							$pconfig_updated[$k] = NULL;
+						}
+
+						if ($cat !== 'hz_delpconfig') {
+							set_pconfig($channel['channel_id'],$cat,$k,$v,$pconfig_updated[$k]);
+						}
+					}
 				}
 			}
 
@@ -246,6 +271,10 @@ class Libsync {
 			if (array_key_exists('app', $arr) && $arr['app'])
 				sync_apps($channel, $arr['app']);
 
+			if (array_key_exists('sysapp',$arr) && $arr['sysapp']) {
+				sync_sysapps($channel, $arr['sysapp']);
+			}
+
 			if (array_key_exists('addressbook', $arr) && $arr['addressbook'])
 				sync_addressbook($channel, $arr['addressbook']);
 
@@ -255,11 +284,8 @@ class Libsync {
 			if (array_key_exists('chatroom', $arr) && $arr['chatroom'])
 				sync_chatrooms($channel, $arr['chatroom']);
 
-			if (array_key_exists('conv', $arr) && $arr['conv'])
-				import_conv($channel, $arr['conv']);
-
-			if (array_key_exists('mail', $arr) && $arr['mail'])
-				sync_mail($channel, $arr['mail']);
+			//if (array_key_exists('mail', $arr) && $arr['mail'])
+			//	sync_mail($channel, $arr['mail']);
 
 			if (array_key_exists('event', $arr) && $arr['event'])
 				sync_events($channel, $arr['event']);
@@ -273,8 +299,8 @@ class Libsync {
 			// deprecated, maintaining for a few months for upward compatibility
 			// this should sync webpages, but the logic is a bit subtle
 
-			if (array_key_exists('item_id', $arr) && $arr['item_id'])
-				sync_items($channel, $arr['item_id']);
+			//if (array_key_exists('item_id', $arr) && $arr['item_id'])
+			//	sync_items($channel, $arr['item_id']);
 
 			if (array_key_exists('menu', $arr) && $arr['menu'])
 				sync_menus($channel, $arr['menu']);
@@ -385,19 +411,42 @@ class Libsync {
 					// This relies on the undocumented behaviour that red sites send xchan info with the abook
 					// and import_author_xchan will look them up on all federated networks
 
-					if ($abook['abook_xchan'] && $abook['xchan_addr']) {
+					$found = false;
+					if ($abook['abook_xchan'] && $abook['xchan_addr'] && (! in_array($abook['xchan_network'], [ 'token', 'unknown' ]))) {
 						$h = Libzot::get_hublocs($abook['abook_xchan']);
-						if (!$h) {
+						if ($h) {
+							$found = true;
+						}
+						else {
 							$xhash = import_author_xchan(encode_item_xchan($abook));
-							if (!$xhash) {
+							if ($xhash) {
+								$found = true;
+							}
+							else {
 								logger('Import of ' . $abook['xchan_addr'] . ' failed.');
-								continue;
 							}
 						}
 					}
 
+					if (!$found && !in_array($abook['xchan_network'], ['zot6', 'activitypub', 'diaspora'])) {
+						// just import the record.
+						$xc = [];
+						foreach ($abook as $k => $v) {
+							if (strpos($k,'xchan_') === 0) {
+								$xc[$k] = $v;
+							}
+						}
+						$r = q("select * from xchan where xchan_hash = '%s'",
+							dbesc($xc['xchan_hash'])
+						);
+						if (! $r) {
+							xchan_store_lowlevel($xc);
+						}
+					}
+
+
 					foreach ($abook as $k => $v) {
-						if (in_array($k, $disallowed) || (strpos($k, 'abook') !== 0)) {
+						if (in_array($k, $disallowed) || (strpos($k, 'abook_') !== 0)) {
 							continue;
 						}
 						if (!in_array($k, $fields)) {
@@ -411,6 +460,13 @@ class Libsync {
 
 					if (array_key_exists('abook_instance', $clean) && $clean['abook_instance'] && strpos($clean['abook_instance'], z_root()) === false) {
 						$clean['abook_not_here'] = 1;
+
+						// guest pass or access token - don't try to probe since it is one-way
+						// we are relying on the undocumented behaviour that the abook record also contains the xchan
+						if ($abook['xchan_network'] === 'token') {
+							$clean['abook_instance'] .= ',';
+							$clean['abook_instance'] .= z_root();
+						}
 					}
 
 
@@ -707,6 +763,15 @@ class Libsync {
 
 		$ret = [];
 
+		// If a sender reports that the channel has been deleted, delete its hubloc
+		if (isset($arr['deleted_locally']) && intval($arr['deleted_locally'])) {
+			q("UPDATE hubloc SET hubloc_deleted = 1, hubloc_updated = '%s' WHERE hubloc_hash = '%s' AND hubloc_url = '%s'",
+				dbesc(datetime_convert()),
+				dbesc($sender['hash']),
+				dbesc($sender['site']['url'])
+			);
+		}
+
 		if ($arr['locations']) {
 
 			if ($absolute)
@@ -716,6 +781,9 @@ class Libsync {
 				dbesc($sender['hash'])
 			);
 
+			if(!$xisting)
+				$xisting = [];
+
 			// See if a primary is specified
 
 			$has_primary = false;
@@ -757,14 +825,13 @@ class Libsync {
 
 				// match as many fields as possible in case anything at all changed.
 
-				$r = q("select * from hubloc where hubloc_hash = '%s' and hubloc_guid = '%s' and hubloc_guid_sig = '%s' and hubloc_id_url = '%s' and hubloc_url = '%s' and hubloc_url_sig = '%s' and hubloc_site_id = '%s' and hubloc_host = '%s' and hubloc_addr = '%s' and hubloc_callback = '%s' and hubloc_sitekey = '%s' ",
+				$r = q("select * from hubloc where hubloc_hash = '%s' and hubloc_guid = '%s' and hubloc_guid_sig = '%s' and hubloc_id_url = '%s' and hubloc_url = '%s' and hubloc_url_sig = '%s' and hubloc_host = '%s' and hubloc_addr = '%s' and hubloc_callback = '%s' and hubloc_sitekey = '%s' ",
 					dbesc($sender['hash']),
 					dbesc($sender['id']),
 					dbesc($sender['id_sig']),
 					dbesc($location['id_url']),
 					dbesc($location['url']),
 					dbesc($location['url_sig']),
-					dbesc($location['site_id']),
 					dbesc($location['host']),
 					dbesc($location['address']),
 					dbesc($location['callback']),
@@ -773,6 +840,15 @@ class Libsync {
 				if ($r) {
 					logger('Hub exists: ' . $location['url'], LOGGER_DEBUG);
 
+					// generate a new hubloc_site_id if it's wrong due to historical bugs 2021-11-30
+
+					if ($r[0]['hubloc_site_id'] !== $location['site_id']) {
+						q("update hubloc set hubloc_site_id = '%s' where hubloc_id = %d",
+							dbesc(Libzot::make_xchan_hash($location['url'], $location['sitekey'])),
+							intval($r[0]['hubloc_id'])
+						);
+					}
+
 					// update connection timestamp if this is the site we're talking to
 					// This only happens when called from import_xchan
 
@@ -781,7 +857,7 @@ class Libsync {
 					$t = datetime_convert('UTC', 'UTC', 'now - 15 minutes');
 
 					if (array_key_exists('site', $arr) && $location['url'] == $arr['site']['url']) {
-						q("update hubloc set hubloc_connected = '%s', hubloc_updated = '%s' where hubloc_id = %d and hubloc_connected < '%s'",
+						q("update hubloc set hubloc_connected = '%s', hubloc_updated = '%s' where hubloc_id = %d and hubloc_updated < '%s'",
 							dbesc(datetime_convert()),
 							dbesc(datetime_convert()),
 							intval($r[0]['hubloc_id']),
@@ -861,6 +937,7 @@ class Libsync {
 						$what    .= 'delete_hub ';
 						$changed = true;
 					}
+
 					continue;
 				}
 

Zotlabs/Lib/Libzot.php

@@ -266,7 +266,7 @@ class Libzot {
 					dbesc($them['xchan_addr'])
 				);
 			}
-			if (!$r) {
+			if (!$r && array_key_exists('xchan_hash', $them) && $them['xchan_hash']) {
 				$r = q("select hubloc_id_url, hubloc_primary from hubloc where hubloc_hash = '%s' order by hubloc_id desc",
 					dbesc($them['xchan_hash'])
 				);
@@ -275,8 +275,8 @@ class Libzot {
 			if ($r) {
 				foreach ($r as $rr) {
 					if (intval($rr['hubloc_primary'])) {
-						$url    = $rr['hubloc_id_url'];
-						$record = $rr;
+						$url = $rr['hubloc_id_url'];
+						break;
 					}
 				}
 				if (!$url) {
@@ -284,13 +284,17 @@ class Libzot {
 				}
 			}
 		}
+
 		if (!$url) {
 			logger('zot_refresh: no url');
 			return false;
 		}
 
+		$m = parse_url($url);
+		$site_url = unparse_url([ 'scheme' => $m['scheme'], 'host' => $m['host'] ]);
+
 		$s = q("select site_dead from site where site_url = '%s' limit 1",
-			dbesc($url)
+			dbesc($site_url)
 		);
 
 		if ($s && intval($s[0]['site_dead']) && (!$force)) {
@@ -301,24 +305,23 @@ class Libzot {
 		$record = Zotfinger::exec($url, $channel);
 
 		// Check the HTTP signature
-
 		$hsig = $record['signature'];
-		if ($hsig && $hsig['signer'] === $url && $hsig['header_valid'] === true && $hsig['content_valid'] === true)
+		if ($hsig && $hsig['signer'] === $url && $hsig['header_valid'] === true && $hsig['content_valid'] === true) {
 			$hsig_valid = true;
+		}
 
 		if (!$hsig_valid) {
 			logger('http signature not valid: ' . print_r($hsig, true));
 			return false;
 		}
 
-
 		logger('zot-info: ' . print_r($record, true), LOGGER_DATA, LOG_DEBUG);
 
 		$x = self::import_xchan($record['data'], (($force) ? UPDATE_FLAGS_FORCED : UPDATE_FLAGS_UPDATED));
 
-
-		if (!$x['success'])
+		if (!$x['success']) {
 			return false;
+		}
 
 		if ($channel && $record['data']['permissions']) {
 			$permissions = explode(',', $record['data']['permissions']);
@@ -358,8 +361,9 @@ class Libzot {
 				// we have as we may have updated the year after sending a notification; and resetting
 				// to the one we just received would cause us to create duplicated events.
 
-				if (substr($r[0]['abook_dob'], 5) == substr($next_birthday, 5))
+				if (substr($r[0]['abook_dob'], 5) == substr($next_birthday, 5)) {
 					$next_birthday = $r[0]['abook_dob'];
+				}
 
 				$y = q("update abook set abook_dob = '%s'
 					where abook_xchan = '%s' and abook_channel = %d
@@ -369,20 +373,23 @@ class Libzot {
 					intval($channel['channel_id'])
 				);
 
-				if (!$y)
+				if (!$y) {
 					logger('abook update failed');
+				}
 				else {
 					// if we were just granted read stream permission and didn't have it before, try to pull in some posts
-					if ((!$old_read_stream_perm) && (intval($permissions['view_stream'])))
+					if (!$old_read_stream_perm && intval($permissions['view_stream'])) {
 						Master::Summon(['Onepoll', $r[0]['abook_id']]);
+					}
 				}
 			}
 			else {
 
-				$p        = Permissions::connect_perms($channel['channel_id']);
-				$my_perms = $p['perms'];
+				$p = Permissions::connect_perms($channel['channel_id']);
 
+				$my_perms = $p['perms'];
 				$automatic = $p['automatic'];
+				$role = (($automatic) ? $p['role'] : '');
 
 				// new connection
 
@@ -404,7 +411,8 @@ class Libzot {
 						'abook_created'   => datetime_convert(),
 						'abook_updated'   => datetime_convert(),
 						'abook_dob'       => $next_birthday,
-						'abook_pending'   => intval(($automatic) ? 0 : 1)
+						'abook_pending'   => intval(($automatic) ? 0 : 1),
+						'abook_role'      => $role
 					]
 				);
 
@@ -420,53 +428,62 @@ class Libzot {
 					);
 
 					if ($new_connection) {
-						if (!Permissions::PermsCompare($new_perms, $previous_perms))
+						if (!Permissions::PermsCompare($new_perms, $previous_perms)) {
 							Master::Summon(['Notifier', 'permission_create', $new_connection[0]['abook_id']]);
+						}
+
 						Enotify::submit(
 							[
 								'type'       => NOTIFY_INTRO,
 								'from_xchan' => $x['hash'],
 								'to_xchan'   => $channel['channel_hash'],
-								'link'       => z_root() . '/connedit/' . $new_connection[0]['abook_id']
+								'link'       => z_root() . '/connections#' . $new_connection[0]['abook_id']
 							]
 						);
 
 						if (intval($permissions['view_stream'])) {
 							if (intval(get_pconfig($channel['channel_id'], 'perm_limits', 'send_stream') & PERMS_PENDING)
-								|| (!intval($new_connection[0]['abook_pending'])))
+								|| (!intval($new_connection[0]['abook_pending']))) {
 								Master::Summon(['Onepoll', $new_connection[0]['abook_id']]);
+							}
 						}
 
-
 						// If there is a default group for this channel, add this connection to it
-						// for pending connections this will happens at acceptance time.
+						// for pending connections this will happen at acceptance time.
 
 						if (!intval($new_connection[0]['abook_pending'])) {
 							$default_group = $channel['channel_default_group'];
+
 							if ($default_group) {
-								$g = Group::rec_byhash($channel['channel_id'], $default_group);
-								if ($g)
-									Group::member_add($channel['channel_id'], '', $x['hash'], $g['id']);
+								$g = AccessList::by_hash($channel['channel_id'], $default_group);
+
+								if ($g) {
+									AccessList::member_add($channel['channel_id'], '', $x['hash'], $g['id']);
+								}
 							}
 						}
 
 						unset($new_connection[0]['abook_id']);
 						unset($new_connection[0]['abook_account']);
 						unset($new_connection[0]['abook_channel']);
+
 						$abconfig = load_abconfig($channel['channel_id'], $new_connection['abook_xchan']);
-						if ($abconfig)
+
+						if ($abconfig) {
 							$new_connection['abconfig'] = $abconfig;
+						}
 
 						Libsync::build_sync_packet($channel['channel_id'], ['abook' => $new_connection]);
+
 					}
 				}
-
 			}
 			return true;
 		}
 		return false;
 	}
 
+
 	/**
 	 * @brief Look up if channel is known and previously verified.
 	 *
@@ -480,6 +497,7 @@ class Libzot {
 	 *  * \e string \b id_sig => id signed with conversant's private key
 	 *  * \e string \b location => URL of the origination hub of this communication
 	 *  * \e string \b location_sig => URL signed with conversant's private key
+	 *  * \e string \b site_id => URL signed with conversant's private key
 	 * @param boolean $multiple (optional) default false
 	 *
 	 * @return array|null
@@ -489,7 +507,7 @@ class Libzot {
 
 	static function gethub($arr, $multiple = false) {
 
-		if ($arr['id'] && $arr['id_sig'] && $arr['location'] && $arr['location_sig']) {
+		if ($arr['id'] && $arr['id_sig'] && $arr['location'] && $arr['location_sig'] && $arr['site_id']) {
 
 			if (!check_siteallowed($arr['location'])) {
 				logger('blacklisted site: ' . $arr['location']);
@@ -513,9 +531,9 @@ class Libzot {
 				logger('Found', LOGGER_DEBUG);
 				return (($multiple) ? $r : $r[0]);
 			}
+			logger('Not found: ' . print_r($arr, true), LOGGER_DEBUG);
 		}
-		logger('Not found: ' . print_r($arr, true), LOGGER_DEBUG);
-
+		logger('Incomplete array: ' . print_r($arr, true), LOGGER_DEBUG);
 		return false;
 	}
 
@@ -617,7 +635,6 @@ class Libzot {
 	 */
 
 	static function import_xchan($arr, $ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) {
-
 		/**
 		 * @hooks import_xchan
 		 *   Called when processing the result of zot_finger() to store the result
@@ -667,6 +684,7 @@ class Libzot {
 			$arr['connect_url'] = '';
 
 		if ($r) {
+
 			if ($arr['photo'] && array_key_exists('updated', $arr['photo']) && $arr['photo']['updated'] > $r[0]['xchan_photo_date'])
 				$import_photos = true;
 
@@ -1127,6 +1145,7 @@ class Libzot {
 		if ($env['encoding'] === 'activitystreams') {
 
 			$AS = new ActivityStreams($data);
+
 			if (!$AS->is_valid()) {
 				logger('Activity rejected: ' . print_r($data, true));
 				return;
@@ -1142,7 +1161,6 @@ class Libzot {
 
 		}
 
-
 		$deliveries = null;
 
 		if (array_key_exists('recipients', $env) && count($env['recipients'])) {
@@ -1200,31 +1218,41 @@ class Libzot {
 
 			if (in_array($env['type'], ['activity', 'response'])) {
 
-				$r = q("select hubloc_hash, hubloc_network from hubloc where hubloc_id_url = '%s' ",
+				if(empty($AS->actor['id'])) {
+					logger('No actor id!');
+					return;
+				}
+
+				$r = q("select hubloc_hash, hubloc_network, hubloc_url from hubloc where hubloc_id_url = '%s'",
 					dbesc($AS->actor['id'])
 				);
 
 				if ($r) {
-					// selects a zot6 hash if available, otherwise use whatever we have
-					$r                   = self::zot_record_preferred($r);
+					$r = self::zot_record_preferred($r);
 					$arr['author_xchan'] = $r['hubloc_hash'];
 				}
 
-				if (!$arr['author_xchan']) {
+				if (! $arr['author_xchan']) {
 					logger('No author!');
 					return;
 				}
 
-				$s = q("select hubloc_hash from hubloc where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1",
-					dbesc($env['sender'])
-				);
+				$arr['owner_xchan'] = $env['sender'];
 
-				// in individual delivery, change owner if needed
-				if ($s) {
-					$arr['owner_xchan'] = $s[0]['hubloc_hash'];
+				if(filter_var($env['sender'], FILTER_VALIDATE_URL)) {
+					// in individual delivery, change owner if needed
+					$s = q("select hubloc_hash, hubloc_url from hubloc where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1",
+						dbesc($env['sender'])
+					);
+
+					if ($s) {
+						$arr['owner_xchan'] = $s[0]['hubloc_hash'];
+					}
 				}
-				else {
-					$arr['owner_xchan'] = $env['sender'];
+
+				if (! $arr['owner_xchan']) {
+					logger('No owner!');
+					return;
 				}
 
 				if ($private && (!intval($arr['item_private']))) {
@@ -1268,13 +1296,8 @@ class Libzot {
 						}
 					}
 				}
-
-				if ($AS->data['signed_data']) {
-					IConfig::Set($arr, 'activitypub', 'signed_data', $AS->data['signed_data'], false);
-					$j = json_decode($AS->data['signed_data'], true);
-					if ($j) {
-						IConfig::Set($arr, 'activitypub', 'rawmsg', json_encode(JSalmon::unpack($j['data'])), true);
-					}
+				if ($AS->meta['signed_data']) {
+					IConfig::Set($arr, 'activitypub', 'signed_data', $AS->meta['signed_data'], false);
 				}
 
 				logger('Activity received: ' . print_r($arr, true), LOGGER_DATA, LOG_DEBUG);
@@ -1333,7 +1356,7 @@ class Libzot {
 
 	static function find_parent($env, $act) {
 		if ($act) {
-			if (in_array($act->type, ['Like', 'Dislike'])) {
+			if (in_array($act->type, ['Like', 'Dislike']) && is_array($act->obj)) {
 				return $act->obj['id'];
 			}
 			if ($act->parent_id) {
@@ -1378,8 +1401,6 @@ class Libzot {
 				$check_mentions = true;
 			}
 		}
-		elseif ($msg['type'] === 'mail')
-			$perm = 'post_mail';
 
 		$r = [];
 
@@ -1465,10 +1486,11 @@ class Libzot {
 	 * @param boolean $relay
 	 * @param boolean $public (optional) default false
 	 * @param boolean $request (optional) default false
+	 * @param boolean $force (optional) default false - should only be set for manual fetch
 	 * @return array
 	 */
 
-	static function process_delivery($sender, $act, $arr, $deliveries, $relay, $public = false, $request = false) {
+	static function process_delivery($sender, $act, $arr, $deliveries, $relay, $public = false, $request = false, $force = false) {
 
 		$result = [];
 
@@ -1570,7 +1592,8 @@ class Libzot {
 
 			if ((!$tag_delivery) && (!$local_public)) {
 				$allowed = (perm_is_allowed($channel['channel_id'], $sender, $perm));
-				if (!$allowed) {
+
+				if ((!$allowed) && $perm === 'post_comments') {
 					$parent = q("select * from item where mid = '%s' and uid = %d limit 1",
 						dbesc($arr['parent_mid']),
 						intval($channel['channel_id'])
@@ -1596,7 +1619,7 @@ class Libzot {
 					// doesn't exist.
 
 					if ($perm === 'send_stream') {
-						if (get_pconfig($channel['channel_id'], 'system', 'hyperdrive', false) || $arr['verb'] === ACTIVITY_SHARE) {
+						if ($force || get_pconfig($channel['channel_id'], 'system', 'hyperdrive', false) || $arr['verb'] === ACTIVITY_SHARE) {
 							$allowed = true;
 						}
 					}
@@ -1607,6 +1630,12 @@ class Libzot {
 					$friendofriend = true;
 				}
 
+				if (intval($arr['item_private']) === 2) {
+					if (!perm_is_allowed($channel['channel_id'], $sender, 'post_mail')) {
+						$allowed = false;
+					}
+				}
+
 				if (!$allowed) {
 					logger("permission denied for delivery to channel {$channel['channel_id']} {$channel['channel_address']}");
 					$DR->update('permission denied');
@@ -1714,7 +1743,7 @@ class Libzot {
 				}
 			}
 
-			$ab    = q("select * from abook where abook_channel = %d and abook_xchan = '%s'",
+			$ab = q("select * from abook where abook_channel = %d and abook_xchan = '%s'",
 				intval($channel['channel_id']),
 				dbesc($arr['owner_xchan'])
 			);
@@ -1865,7 +1894,7 @@ class Libzot {
 		return $result;
 	}
 
-	static public function fetch_conversation($channel, $mid) {
+	static public function fetch_conversation($channel, $mid, $force = false) {
 
 		// Use Zotfinger to create a signed request
 
@@ -1897,6 +1926,7 @@ class Libzot {
 			dbesc($a['signature']['signer'])
 		);
 
+
 		foreach ($items as $activity) {
 
 			$AS = new ActivityStreams($activity);
@@ -1916,16 +1946,18 @@ class Libzot {
 
 			// logger($AS->debug());
 
-			$r = q("select hubloc_hash from hubloc where hubloc_id_url = '%s' limit 1",
+			$r = q("select hubloc_hash, hubloc_network from hubloc where hubloc_id_url = '%s'",
 				dbesc($AS->actor['id'])
 			);
+			$r = self::zot_record_preferred($r);
 
 			if (!$r) {
 				$y = import_author_xchan(['url' => $AS->actor['id']]);
 				if ($y) {
-					$r = q("select hubloc_hash from hubloc where hubloc_id_url = '%s' limit 1",
+					$r = q("select hubloc_hash, hubloc_network from hubloc where hubloc_id_url = '%s'",
 						dbesc($AS->actor['id'])
 					);
+					$r = self::zot_record_preferred($r);
 				}
 				if (!$r) {
 					logger('FOF Activity: no actor');
@@ -1941,9 +1973,8 @@ class Libzot {
 				}
 			}
 
-
 			if ($r) {
-				$arr['author_xchan'] = $r[0]['hubloc_hash'];
+				$arr['author_xchan'] = $r['hubloc_hash'];
 			}
 
 			if ($signer) {
@@ -1957,9 +1988,9 @@ class Libzot {
 				$arr['item_verified'] = true;
 			}
 
-			if ($AS->data['signed_data']) {
-				IConfig::Set($arr, 'activitypub', 'signed_data', $AS->data['signed_data'], false);
-				$j = json_decode($AS->data['signed_data'], true);
+			if ($AS->meta['signed_data']) {
+				IConfig::Set($arr, 'activitypub', 'signed_data', $AS->meta['signed_data'], false);
+				$j = json_decode($AS->meta['signed_data'], true);
 				if ($j) {
 					IConfig::Set($arr, 'activitypub', 'rawmsg', json_encode(JSalmon::unpack($j['data'])), true);
 				}
@@ -1968,7 +1999,7 @@ class Libzot {
 			logger('FOF Activity received: ' . print_r($arr, true), LOGGER_DATA, LOG_DEBUG);
 			logger('FOF Activity recipient: ' . $channel['channel_hash'], LOGGER_DATA, LOG_DEBUG);
 
-			$result = self::process_delivery($arr['owner_xchan'], $AS, $arr, [$channel['channel_hash']], false, false, true);
+			$result = self::process_delivery($arr['owner_xchan'], $AS, $arr, [$channel['channel_hash']], false, false, true, $force);
 			if ($result) {
 				$ret = array_merge($ret, $result);
 			}
@@ -2211,90 +2242,6 @@ class Libzot {
 		return $post_id;
 	}
 
-	static function process_mail_delivery($sender, $arr, $deliveries) {
-
-		$result = [];
-
-		if ($sender != $arr['from_xchan']) {
-			logger('process_mail_delivery: sender is not mail author');
-			return;
-		}
-
-		foreach ($deliveries as $d) {
-
-			$DR = new DReport(z_root(), $sender, $d, $arr['mid']);
-
-			$r = q("select * from channel where channel_hash = '%s' limit 1",
-				dbesc($d['hash'])
-			);
-
-			if (!$r) {
-				$DR->update('recipient not found');
-				$result[] = $DR->get();
-				continue;
-			}
-
-			$channel = $r[0];
-			$DR->set_name($channel['channel_name'] . ' <' . channel_reddress($channel) . '>');
-
-
-			if (!perm_is_allowed($channel['channel_id'], $sender, 'post_mail')) {
-
-				/*
-				 * Always allow somebody to reply if you initiated the conversation. It's anti-social
-				 * and a bit rude to send a private message to somebody and block their ability to respond.
-				 * If you are being harrassed and want to put an end to it, delete the conversation.
-				 */
-
-				$return = false;
-				if ($arr['parent_mid']) {
-					$return = q("select * from mail where mid = '%s' and channel_id = %d limit 1",
-						dbesc($arr['parent_mid']),
-						intval($channel['channel_id'])
-					);
-				}
-				if (!$return) {
-					logger("permission denied for mail delivery {$channel['channel_id']}");
-					$DR->update('permission denied');
-					$result[] = $DR->get();
-					continue;
-				}
-			}
-
-
-			$r = q("select id from mail where mid = '%s' and channel_id = %d limit 1",
-				dbesc($arr['mid']),
-				intval($channel['channel_id'])
-			);
-			if ($r) {
-				if (intval($arr['mail_recalled'])) {
-					$x = q("delete from mail where id = %d and channel_id = %d",
-						intval($r[0]['id']),
-						intval($channel['channel_id'])
-					);
-					$DR->update('mail recalled');
-					$result[] = $DR->get();
-					logger('mail_recalled');
-				}
-				else {
-					$DR->update('duplicate mail received');
-					$result[] = $DR->get();
-					logger('duplicate mail received');
-				}
-				continue;
-			}
-			else {
-				$arr['account_id'] = $channel['channel_account_id'];
-				$arr['channel_id'] = $channel['channel_id'];
-				$item_id           = mail_store($arr);
-				$DR->update('mail delivered');
-				$result[] = $DR->get();
-			}
-		}
-
-		return $result;
-	}
-
 
 	/**
 	 * @brief Processes delivery of profile.
@@ -2535,14 +2482,14 @@ class Libzot {
 				$access_policy = ACCESS_PRIVATE;
 		}
 
-		$directory_url = htmlspecialchars($arr['directory_url'], ENT_COMPAT, 'UTF-8', false);
-		$url           = htmlspecialchars(strtolower($arr['url']), ENT_COMPAT, 'UTF-8', false);
-		$sellpage      = htmlspecialchars($arr['sellpage'], ENT_COMPAT, 'UTF-8', false);
-		$site_location = htmlspecialchars($arr['location'], ENT_COMPAT, 'UTF-8', false);
-		$site_realm    = htmlspecialchars($arr['realm'], ENT_COMPAT, 'UTF-8', false);
-		$site_project  = htmlspecialchars($arr['project'], ENT_COMPAT, 'UTF-8', false);
-		$site_crypto   = ((array_key_exists('encryption', $arr) && is_array($arr['encryption'])) ? htmlspecialchars(implode(',', $arr['encryption']), ENT_COMPAT, 'UTF-8', false) : '');
-		$site_version  = ((array_key_exists('version', $arr)) ? htmlspecialchars($arr['version'], ENT_COMPAT, 'UTF-8', false) : '');
+		$directory_url = htmlspecialchars((string)$arr['directory_url'], ENT_COMPAT, 'UTF-8', false);
+		$url           = htmlspecialchars((string)strtolower($arr['url']), ENT_COMPAT, 'UTF-8', false);
+		$sellpage      = htmlspecialchars((string)$arr['sellpage'], ENT_COMPAT, 'UTF-8', false);
+		$site_location = htmlspecialchars((string)$arr['location'], ENT_COMPAT, 'UTF-8', false);
+		$site_realm    = htmlspecialchars((string)$arr['realm'], ENT_COMPAT, 'UTF-8', false);
+		$site_project  = htmlspecialchars((string)$arr['project'], ENT_COMPAT, 'UTF-8', false);
+		$site_crypto   = ((array_key_exists('encryption', $arr) && is_array($arr['encryption'])) ? htmlspecialchars((string)implode(',', $arr['encryption']), ENT_COMPAT, 'UTF-8', false) : '');
+		$site_version  = ((array_key_exists('version', $arr)) ? htmlspecialchars((string)$arr['version'], ENT_COMPAT, 'UTF-8', false) : '');
 
 		// You can have one and only one primary directory per realm.
 		// Downgrade any others claiming to be primary. As they have
@@ -2665,29 +2612,34 @@ class Libzot {
 		// we may only end up with one; which results in posts with no author name or photo and are a bit
 		// of a hassle to repair. If either or both are missing, do a full discovery probe.
 
-		if (!array_key_exists('id', $x)) {
-			return import_author_activitypub($x);
+		if(!isset($x['id']) && !isset($x['key']) && !isset($x['id_sig'])) {
+			return false;
 		}
 
 		$hash = self::make_xchan_hash($x['id'], $x['key']);
 
 		$desturl = $x['url'];
 
+		$found_primary = false;
+
 		$r1 = q("select hubloc_url, hubloc_updated, site_dead from hubloc left join site on
 			hubloc_url = site_url where hubloc_guid = '%s' and hubloc_guid_sig = '%s' and hubloc_primary = 1 limit 1",
 			dbesc($x['id']),
 			dbesc($x['id_sig'])
 		);
+		if ($r1) {
+			$found_primary = true;
+		}
 
 		$r2 = q("select xchan_hash from xchan where xchan_guid = '%s' and xchan_guid_sig = '%s' limit 1",
 			dbesc($x['id']),
 			dbesc($x['id_sig'])
 		);
 
-		$site_dead = false;
+		$primary_dead = false;
 
 		if ($r1 && intval($r1[0]['site_dead'])) {
-			$site_dead = true;
+			$primary_dead = true;
 		}
 
 		// We have valid and somewhat fresh information. Always true if it is our own site.
@@ -2705,16 +2657,17 @@ class Libzot {
 		// cached entry and the identity is valid. It's just unreachable until they bring back their
 		// server from the grave or create another clone elsewhere.
 
-		if ($site_dead) {
-			logger('dead site - ignoring', LOGGER_DEBUG, LOG_INFO);
+		if ($primary_dead || ! $found_primary) {
+			logger('dead or unknown primary site - ignoring', LOGGER_DEBUG, LOG_INFO);
 
 			$r = q("select hubloc_id_url from hubloc left join site on hubloc_url = site_url
 				where hubloc_hash = '%s' and site_dead = 0",
 				dbesc($hash)
 			);
+
 			if ($r) {
-				logger('found another site that is not dead: ' . $r[0]['hubloc_url'], LOGGER_DEBUG, LOG_INFO);
-				$desturl = $r[0]['hubloc_url'];
+				logger('found another site that is not dead: ' . $r[0]['hubloc_id_url'], LOGGER_DEBUG, LOG_INFO);
+				$desturl = $r[0]['hubloc_id_url'];
 			}
 			else {
 				return $hash;
@@ -2822,7 +2775,6 @@ class Libzot {
 		}
 
 		$e = $r[0];
-
 		$id = $e['channel_id'];
 
 		$sys_channel     = (intval($e['channel_system']) ? true : false);
@@ -2835,28 +2787,6 @@ class Libzot {
 		if ($deleted || $censored || $sys_channel)
 			$searchable = false;
 
-		$public_forum = false;
-
-		$role = get_pconfig($e['channel_id'], 'system', 'permissions_role');
-		if ($role === 'forum' || $role === 'repository') {
-			$public_forum = true;
-		}
-		else {
-			// check if it has characteristics of a public forum based on custom permissions.
-			$m = Permissions::FilledAutoperms($e['channel_id']);
-			if ($m) {
-				foreach ($m as $k => $v) {
-					if ($k == 'tag_deliver' && intval($v) == 1)
-						$ch++;
-					if ($k == 'send_stream' && intval($v) == 0)
-						$ch++;
-				}
-				if ($ch == 2)
-					$public_forum = true;
-			}
-		}
-
-
 		//  This is for birthdays and keywords, but must check access permissions
 		$p = q("select * from profile where uid = %d and is_default = 1",
 			intval($e['channel_id'])
@@ -2925,19 +2855,35 @@ class Libzot {
 		];
 
 		$ret['channel_role']  = get_pconfig($e['channel_id'], 'system', 'permissions_role', 'custom');
-		$ret['protocols']     = ['zot6', 'zot'];
+		$ret['channel_type']  = ((get_pconfig($e['channel_id'], 'system', 'group_actor')) ? 'group' : 'normal');
+
+		$hookinfo = [
+			'channel_id' => $id,
+			'protocols' => ['zot6']
+		];
+		/**
+		 * @hooks channel_protocols
+		 *   * \e int \b channel_id
+		 *   * \e array \b protocols
+		 */
+		call_hooks('channel_protocols', $hookinfo);
+
+		$ret['protocols']     = $hookinfo['protocols'];
 		$ret['searchable']    = $searchable;
 		$ret['adult_content'] = $adult_channel;
-		$ret['public_forum']  = $public_forum;
 
+		// now all forums (public, restricted, and private) set the public_forum flag. So it really means "is a group"
+		// and has nothing to do with accessibility.
+		$ret['public_forum'] = get_pconfig($e['channel_id'], 'system', 'group_actor');
 		$ret['comments'] = map_scope(PermissionLimits::Get($e['channel_id'], 'post_comments'));
 		$ret['mail']     = map_scope(PermissionLimits::Get($e['channel_id'], 'post_mail'));
 
 		if ($deleted)
 			$ret['deleted'] = $deleted;
 
-		if (intval($e['channel_removed']))
+		if (intval($e['channel_removed'])) {
 			$ret['deleted_locally'] = true;
+		}
 
 		// premium or other channel desiring some contact with potential followers before connecting.
 		// This is a template - %s will be replaced with the follow_url we discover for the return channel.
@@ -3220,14 +3166,15 @@ class Libzot {
 				return $v;
 			}
 		}
-		foreach ($arr as $v) {
-			if ($v[$check] === 'zot') {
-				return $v;
-			}
-		}
 
 		return $arr[0];
 
 	}
 
+	static function update_cached_hubloc($hubloc) {
+		if ($hubloc['hubloc_updated'] > datetime_convert('UTC','UTC','now - 3 days') || $hubloc['hubloc_url'] === z_root()) {
+			return;
+		}
+		self::refresh( [ 'hubloc_id_url' => $hubloc['hubloc_id_url'] ] );
+	}
 }

Zotlabs/Lib/Libzotdir.php

@@ -207,8 +207,6 @@ class Libzotdir {
 			);
 		}
 
-
-
 		// If there are no directory servers, setup the fallback master
 		/** @FIXME What to do if we're in a different realm? */
 
@@ -249,11 +247,12 @@ class Libzotdir {
 
 			$syncdate = (($rr['site_sync'] <= NULL_DATE) ? datetime_convert('UTC','UTC','now - 2 days') : $rr['site_sync']);
 			$x = z_fetch_url($rr['site_directory'] . '?f=&sync=' . urlencode($syncdate) . (($token) ? '&t=' . $token : ''));
+
 			if (! $x['success'])
 				continue;
 
 			$j = json_decode($x['body'],true);
-			if (!($j['transactions']) || ($j['ratings']))
+			if (!$j['transactions'])
 				continue;
 
 			q("update site set site_sync = '%s' where site_url = '%s'",
@@ -265,6 +264,11 @@ class Libzotdir {
 
 			if (is_array($j['transactions']) && count($j['transactions'])) {
 				foreach ($j['transactions'] as $t) {
+
+					if (empty($t['hash']) || empty($t['transaction_id']) || empty($t['address'])) {
+						continue;
+					}
+
 					$r = q("select * from updates where ud_guid = '%s' limit 1",
 						dbesc($t['transaction_id'])
 					);
@@ -319,6 +323,14 @@ class Libzotdir {
 			}
 			if(array_path_exists('signature/signer',$zf) && $zf['signature']['signer'] === $href && intval($zf['signature']['header_valid'])) {
 				$xc = Libzot::import_xchan($zf['data'], 0, $ud);
+				// This is a workaround for a missing xchan_updated column
+				// TODO: implement xchan_updated in the xchan table and update this column instead
+				if($zf['data']['primary_location']['address'] && $zf['data']['primary_location']['url']) {
+					q("UPDATE hubloc SET hubloc_updated = '%s' WHERE hubloc_id_url = '%s' AND hubloc_primary = 1",
+						dbesc(datetime_convert()),
+						dbesc($zf['data']['primary_location']['url'])
+					);
+				}
 			}
 			else {
 				q("update updates set ud_last = '%s' where ud_addr = '%s'",
@@ -345,7 +357,7 @@ class Libzotdir {
 
 		logger('local_dir_update: uid: ' . $uid, LOGGER_DEBUG);
 
-		$p = q("select channel.channel_hash, channel_address, channel_timezone, channel_portable_id, profile.* from profile left join channel on channel_id = uid where uid = %d and is_default = 1",
+		$p = q("select channel.channel_hash, channel_address, channel_timezone, profile.* from profile left join channel on channel_id = uid where uid = %d and is_default = 1",
 			intval($uid)
 		);
 
@@ -354,7 +366,6 @@ class Libzotdir {
 
 		if ($p) {
 			$hash = $p[0]['channel_hash'];
-			$legacy_hash = $p[0]['channel_portable_id'];
 
 			$profile['description'] = $p[0]['pdesc'];
 			$profile['birthday']    = $p[0]['dob'];
@@ -393,10 +404,9 @@ class Libzotdir {
 			);
 
 			if(intval($r[0]['xchan_hidden']) != $hidden) {
-				$r = q("update xchan set xchan_hidden = %d where xchan_hash in ('%s', '%s')",
+				$r = q("update xchan set xchan_hidden = %d where xchan_hash = '%s'",
 					intval($hidden),
-					dbesc($hash),
-					dbesc($legacy_hash)
+					dbesc($hash)
 				);
 			}
 
@@ -410,13 +420,11 @@ class Libzotdir {
 			}
 			else {
 				// they may have made it private
-				q("delete from xprof where xprof_hash in ('%s', '%s')",
-					dbesc($hash),
-					dbesc($legacy_hash)
+				q("delete from xprof where xprof_hash = '%s'",
+					dbesc($hash)
 				);
-				q("delete from xtag where xtag_hash in ('%s', '%s')",
-					dbesc($hash),
-					dbesc($legacy_hash)
+				q("delete from xtag where xtag_hash = '%s'",
+					dbesc($hash)
 				);
 			}
 
@@ -635,8 +643,13 @@ class Libzotdir {
 
 		$dirmode = intval(get_config('system', 'directory_mode'));
 
-		if($dirmode == DIRECTORY_MODE_NORMAL)
+		if($dirmode == DIRECTORY_MODE_NORMAL) {
 			return;
+		}
+
+		if (empty($hash) || empty($guid) || empty($addr)) {
+			return;
+		}
 
 		if($flags) {
 			q("insert into updates (ud_hash, ud_guid, ud_date, ud_flags, ud_addr ) values ( '%s', '%s', '%s', %d, '%s' )",
@@ -656,9 +669,4 @@ class Libzotdir {
 		}
 	}
 
-
-
-
-
-
 }

Zotlabs/Lib/MessageFilter.php

@@ -11,8 +11,6 @@ class MessageFilter {
 
 		require_once('include/html2plain.php');
 
-		unobscure($item);
-
 		$text = prepare_text($item['body'],$item['mimetype']);
 		$text = html2plain(($item['title']) ? $item['title'] . ' ' . $text : $text);
 

Zotlabs/Lib/NativeWiki.php

@@ -12,8 +12,8 @@ class NativeWiki {
 	public static function listwikis($channel, $observer_hash) {
 
 		$sql_extra = item_permissions_sql($channel['channel_id'], $observer_hash);
-		$wikis = q("SELECT * FROM item 
-			WHERE resource_type = '%s' AND mid = parent_mid AND uid = %d AND item_deleted = 0 $sql_extra", 
+		$wikis = q("SELECT * FROM item
+			WHERE resource_type = '%s' AND mid = parent_mid AND uid = %d AND item_deleted = 0 $sql_extra",
 			dbesc(NWIKI_ITEM_RESOURCE_TYPE),
 			intval($channel['channel_id'])
 		);
@@ -49,7 +49,7 @@ class NativeWiki {
 		$mid = z_root() . '/item/' . $uuid;
 
 		$arr = array();	// Initialize the array of parameters for the post
-		$item_hidden = ((intval($wiki['postVisible']) === 0) ? 1 : 0); 
+		$item_hidden = ((intval($wiki['postVisible']) === 0) ? 1 : 0);
 		$wiki_url = z_root() . '/wiki/' . $channel['channel_address'] . '/' . $wiki['urlName'];
 		$arr['aid'] = $channel['channel_account_id'];
 		$arr['uuid'] = $uuid;
@@ -61,8 +61,8 @@ class NativeWiki {
 		$arr['resource_id'] = $resource_id;
 		$arr['owner_xchan'] = $channel['channel_hash'];
 		$arr['author_xchan'] = $observer_hash;
-		$arr['plink'] = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . urlencode($arr['mid']);
-		$arr['llink'] = $arr['plink'];
+		$arr['plink'] = $mid;
+		$arr['llink'] = z_root() . '/display/' . gen_link_id($mid);
 		$arr['title'] = $wiki['htmlName'];  // name of new wiki;
 		$arr['allow_cid'] = $ac['allow_cid'];
 		$arr['allow_gid'] = $ac['allow_gid'];
@@ -101,6 +101,7 @@ class NativeWiki {
 		}
 	}
 
+
 	public static function update_wiki($channel_id, $observer_hash, $arr, $acl) {
 
 		$w = self::get_wiki($channel_id, $observer_hash, $arr['resource_id']);
@@ -132,13 +133,13 @@ class NativeWiki {
 		// update acl for any existing wiki pages
 
 		q("update item set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d where resource_type = 'nwikipage' and resource_id = '%s'",
-			dbesc($item['allow_cid']), 
-			dbesc($item['allow_gid']), 
-			dbesc($item['deny_cid']), 
-			dbesc($item['deny_gid']), 
-			dbesc($item['item_private']), 
+			dbesc($item['allow_cid']),
+			dbesc($item['allow_gid']),
+			dbesc($item['deny_cid']),
+			dbesc($item['deny_gid']),
+			dbesc($item['item_private']),
 			dbesc($arr['resource_id'])
-		); 
+		);
 
 
 		if($update['item_id']) {
@@ -156,8 +157,8 @@ class NativeWiki {
 		}
 	}
 
-	public static function sync_a_wiki_item($uid,$id,$resource_id) {
 
+	public static function sync_a_wiki_item($uid,$id,$resource_id) {
 
 		$r = q("SELECT * from item WHERE uid = %d AND ( id = %d OR ( resource_type = '%s' and resource_id = '%s' )) ",
 			intval($uid),
@@ -165,8 +166,8 @@ class NativeWiki {
 			dbesc(NWIKI_ITEM_RESOURCE_TYPE),
 			dbesc($resource_id)
 		);
-
 		if($r) {
+
 			$q = q("select * from item where resource_type = 'nwikipage' and resource_id = '%s'",
 				dbesc($r[0]['resource_id'])
 			);
@@ -185,38 +186,45 @@ class NativeWiki {
 		}
 	}
 
+
 	public static function delete_wiki($channel_id,$observer_hash,$resource_id) {
 
 		$w = self::get_wiki($channel_id,$observer_hash,$resource_id);
-		$item = $w['wiki'];
-		if(! $item) {
-			return array('item' => null, 'success' => false);
-		} 
-		else {
-			$drop = drop_item($item['id'], false, DROPITEM_NORMAL);
+		if(! $w['wiki']) {
+			return [ 'success' => false ];
 		}
+		else {
 
-		info( t('Wiki files deleted successfully'));
+			$r = q("SELECT id FROM item WHERE uid = %s AND resource_id = '%s'",
+				intval($channel_id),
+				dbesc($resource_id)
+			);
 
-		return array('item' => $item, 'item_id' => $item['id'], 'success' => (($drop === 1) ? true : false));
+			$ids = array_column($r, 'id');
+			drop_items($ids, true, DROPITEM_PHASE1);
+
+			info(t('Wiki files deleted successfully'));
+
+			return [ 'success' => true ];
+		}
 	}
 
 
 	public static function get_wiki($channel_id, $observer_hash, $resource_id) {
-		
+
 		$sql_extra = item_permissions_sql($channel_id,$observer_hash);
 
-		$item = q("SELECT * FROM item WHERE uid = %d AND resource_type = '%s' AND resource_id = '%s' AND item_deleted = 0 
-			$sql_extra limit 1",
-			intval($channel_id), 
+		$item = q("SELECT * FROM item WHERE uid = %d AND resource_type = '%s' AND resource_id = '%s' AND item_deleted = 0
+			$sql_extra ORDER BY id LIMIT 1",
+			intval($channel_id),
 			dbesc(NWIKI_ITEM_RESOURCE_TYPE),
 			dbesc($resource_id)
 		);
 		if(! $item) {
-			return array('wiki' => null);
+			return [ 'wiki' => null ];
 		}
 		else {
-		
+
 			$w = $item[0];	// wiki item table record
 			// Get wiki metadata
 			$rawName  = get_iconfig($w, 'wiki', 'rawName');
@@ -238,20 +246,20 @@ class NativeWiki {
 
 	public static function exists_by_name($uid, $urlName) {
 
-		$sql_extra = item_permissions_sql($uid);		
+		$sql_extra = item_permissions_sql($uid);
 
-		$item = q("SELECT item.id, resource_id FROM item left join iconfig on iconfig.iid = item.id 
-			WHERE resource_type = '%s' AND iconfig.v = '%s' AND uid = %d 
-			AND item_deleted = 0 $sql_extra limit 1", 
-			dbesc(NWIKI_ITEM_RESOURCE_TYPE), 
-			//dbesc(urldecode($urlName)), 
+		$item = q("SELECT item.id, resource_id FROM item left join iconfig on iconfig.iid = item.id
+			WHERE resource_type = '%s' AND iconfig.v = '%s' AND uid = %d
+			AND item_deleted = 0 $sql_extra limit 1",
+			dbesc(NWIKI_ITEM_RESOURCE_TYPE),
+			//dbesc(urldecode($urlName)),
 			dbesc(self::name_decode($urlName)),
 			intval($uid)
 		);
 
 		if($item) {
 			return array('id' => $item[0]['id'], 'resource_id' => $item[0]['resource_id']);
-		} 
+		}
 		else {
 			return array('id' => null, 'resource_id' => null);
 		}
@@ -259,6 +267,7 @@ class NativeWiki {
 
 
 	public static function get_permissions($resource_id, $owner_id, $observer_hash) {
+
 		// TODO: For now, only the owner can edit
 		$sql_extra = item_permissions_sql($owner_id, $observer_hash);
 
@@ -268,7 +277,7 @@ class NativeWiki {
 
 		$r = q("SELECT * FROM item WHERE uid = %d and resource_type = '%s' AND resource_id = '%s' $sql_extra LIMIT 1",
 			intval($owner_id),
-			dbesc(NWIKI_ITEM_RESOURCE_TYPE), 
+			dbesc(NWIKI_ITEM_RESOURCE_TYPE),
 			dbesc($resource_id)
 		);
 
@@ -276,13 +285,12 @@ class NativeWiki {
 			return array('read' => false, 'write' => false, 'success' => true);
 		}
 		else {
-			// TODO: Create a new permission setting for wiki analogous to webpages. Until
-			// then, use webpage permissions
 			$write = perm_is_allowed($owner_id, $observer_hash,'write_wiki');
 			return array('read' => true, 'write' => $write, 'success' => true);
 		}
 	}
 
+
 	public static function name_encode ($string) {
 
 		$string = html_entity_decode($string);
@@ -298,6 +306,7 @@ class NativeWiki {
 		return $ret;
 	}
 
+
 	public static function name_decode ($string) {
 
 		$encoding = mb_internal_encoding();

Zotlabs/Lib/NativeWikiPage.php

@@ -2,14 +2,15 @@
 
 namespace Zotlabs\Lib;
 
-use \Zotlabs\Lib as Zlib;
+use App;
+use Zotlabs\Access\PermissionLimits;
 
 class NativeWikiPage {
 
-	static public function page_list($channel_id,$observer_hash, $resource_id) {
+	static public function page_list($channel_id, $observer_hash, $resource_id) {
 
 		// TODO: Create item table records for pages so that metadata like title can be applied
-		$w = Zlib\NativeWiki::get_wiki($channel_id,$observer_hash,$resource_id);
+		$w = NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
 
 		$pages[] = [
 			'resource_id' => '',
@@ -18,133 +19,149 @@ class NativeWikiPage {
 			'link_id'     => 'id_wiki_home_0'
 		];
 
-		$sql_extra = item_permissions_sql($channel_id,$observer_hash);
+		$sql_extra = item_permissions_sql($channel_id, $observer_hash);
 
-		$r = q("select * from item where resource_type = 'nwikipage' and resource_id = '%s' and uid = %d and item_deleted = 0 
+		$r = q("select * from item where resource_type = 'nwikipage' and resource_id = '%s' and uid = %d and item_deleted = 0
 			$sql_extra order by title asc",
 			dbesc($resource_id),
 			intval($channel_id)
 		);
-		if($r) {
+		if ($r) {
 			$x = [];
 			$y = [];
 
-			foreach($r as $rv) {
-				if(! in_array($rv['mid'],$x)) {
+			foreach ($r as $rv) {
+				if (!in_array($rv['mid'], $x)) {
 					$y[] = $rv;
 					$x[] = $rv['mid'];
 				}
 			}
 
-			$items = fetch_post_tags($y,true);
+			$items = fetch_post_tags($y, true);
 
-			foreach($items as $page_item) {
-				$title = get_iconfig($page_item['id'],'nwikipage','pagetitle',t('(No Title)'));
-				if(urldecode($title) !== 'Home') {
+			foreach ($items as $page_item) {
+				$title = get_iconfig($page_item['id'], 'nwikipage', 'pagetitle', t('(No Title)'));
+				if (urldecode($title) !== 'Home') {
 					$pages[] = [
 						'resource_id' => $resource_id,
 						'title'       => escape_tags($title),
 						//'url'         => str_replace('%2F','/',urlencode(str_replace('%2F','/',urlencode($title)))),
-						'url'		=> Zlib\NativeWiki::name_encode($title),
+						'url'         => NativeWiki::name_encode($title),
 						'link_id'     => 'id_' . substr($resource_id, 0, 10) . '_' . $page_item['id']
 					];
 				}
 			}
 		}
 
-		return array('pages' => $pages, 'wiki' => $w);
+		return ['pages' => $pages, 'wiki' => $w];
 	}
 
 
-	static public function create_page($channel_id, $observer_hash, $name, $resource_id, $mimetype = 'text/bbcode') {
+	static public function create_page($channel, $observer_hash, $name, $resource_id, $mimetype = 'text/bbcode') {
 
 		logger('mimetype: ' . $mimetype);
 
-		if(! in_array($mimetype,[ 'text/markdown','text/bbcode','text/plain','text/html' ]))
+		if (!in_array($mimetype, ['text/markdown', 'text/bbcode', 'text/plain', 'text/html']))
 			$mimetype = 'text/markdown';
 
-		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
+		$w = NativeWiki::get_wiki($channel['channel_id'], $observer_hash, $resource_id);
 
-		if (! $w['wiki']) {
-			return array('content' => null, 'message' => 'Error reading wiki', 'success' => false);
+		if (!$w['wiki']) {
+			return ['content' => null, 'message' => 'Error reading wiki', 'success' => false];
 		}
 
 		// backslashes won't work well in the javascript functions
-		$name = str_replace('\\','',$name);
+		$name = str_replace('\\', '', $name);
+
+		$uuid = new_uuid();
+		$mid  = z_root() . '/item/' . $uuid;
 
 		// create an empty activity
-
-		$arr = [];
-		$arr['uid']           = $channel_id;
-		$arr['author_xchan']  = $observer_hash;
-		$arr['mimetype']      = $mimetype;
-		$arr['title']         = $name;
-		$arr['resource_type'] = 'nwikipage';
-		$arr['resource_id']   = $resource_id;
-		$arr['allow_cid']     = $w['wiki']['allow_cid'];
-		$arr['allow_gid']     = $w['wiki']['allow_gid'];
-		$arr['deny_cid']      = $w['wiki']['deny_cid'];
-		$arr['deny_gid']      = $w['wiki']['deny_gid'];
-
-		$arr['public_policy'] = map_scope(\Zotlabs\Access\PermissionLimits::Get($channel_id,'view_wiki'),true);
+		$arr                    = [];
+		$arr['aid']             = $channel['channel_account_id'];
+		$arr['uid']             = $channel['channel_id'];
+		$arr['mid']             = $mid;
+		$arr['parent_mid']      = $w['wiki']['mid'];
+		$arr['parent']          = $w['wiki']['parent'];
+		$arr['uuid']            = $uuid;
+		$arr['item_hidden']     = $w['wiki']['item_hidden'];
+		$arr['plink']           = $mid;
+		$arr['llink']           = z_root() . '/display/' . gen_link_id($mid);
+		$arr['author_xchan']    = $observer_hash;
+		$arr['mimetype']        = $mimetype;
+		$arr['title']           = $name;
+		$arr['resource_type']   = 'nwikipage';
+		$arr['resource_id']     = $resource_id;
+		$arr['allow_cid']       = $w['wiki']['allow_cid'];
+		$arr['allow_gid']       = $w['wiki']['allow_gid'];
+		$arr['deny_cid']        = $w['wiki']['deny_cid'];
+		$arr['deny_gid']        = $w['wiki']['deny_gid'];
+		$arr['item_private']    = $w['wiki']['item_private'];
+		$arr['item_wall']       = 1;
+		$arr['item_origin']     = 1;
+		$arr['item_thread_top'] = 1;
+		$arr['verb']            = ACTIVITY_CREATE;
+		$arr['obj_type']        = 'Document';
+		// TODO: add an object?
+		$arr['public_policy'] = map_scope(PermissionLimits::Get($channel['channel_id'], 'view_wiki'), true);
 
 		// We may wish to change this some day.
 		$arr['item_unpublished'] = 1;
 
-		set_iconfig($arr,'nwikipage','pagetitle',(($name) ? $name : t('(No Title)')),true);
+		set_iconfig($arr, 'nwikipage', 'pagetitle', (($name) ? $name : t('(No Title)')), true);
+		$p = item_store($arr, false, false);
 
-		$p = post_activity_item($arr, false, false);
-
-		if($p['item_id']) {
-			$page = [ 
+		if ($p['item_id']) {
+			$page = [
 				'rawName'  => $name,
 				'htmlName' => escape_tags($name),
-				//'urlName'  => urlencode($name), 
-				'urlName' => Zlib\NativeWiki::name_encode($name)
+				//'urlName'  => urlencode($name),
+				'urlName'  => NativeWiki::name_encode($name)
 
 			];
 
-			return array('page' => $page, 'item_id' => $p['item_id'], 'item' => $p['activity'], 'wiki' => $w, 'message' => '', 'success' => true);
+			return ['page' => $page, 'item_id' => $p['item_id'], 'item' => $p['activity'], 'wiki' => $w, 'message' => '', 'success' => true];
 		}
-		return [ 'success' => false, 'message' => t('Wiki page create failed.') ];
+		return ['success' => false, 'message' => t('Wiki page create failed.')];
 	}
 
+
 	static public function rename_page($arr) {
 
-		$pageUrlName   = ((array_key_exists('pageUrlName',$arr))   ? $arr['pageUrlName']   : '');
-		$pageNewName   = ((array_key_exists('pageNewName',$arr))   ? $arr['pageNewName']   : '');
-		$resource_id   = ((array_key_exists('resource_id',$arr))   ? $arr['resource_id']   : '');
-		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash'] : '');
-		$channel_id    = ((array_key_exists('channel_id',$arr))    ? $arr['channel_id']    : 0);
+		$pageUrlName   = ((array_key_exists('pageUrlName', $arr)) ? $arr['pageUrlName'] : '');
+		$pageNewName   = ((array_key_exists('pageNewName', $arr)) ? $arr['pageNewName'] : '');
+		$resource_id   = ((array_key_exists('resource_id', $arr)) ? $arr['resource_id'] : '');
+		$observer_hash = ((array_key_exists('observer_hash', $arr)) ? $arr['observer_hash'] : '');
+		$channel_id    = ((array_key_exists('channel_id', $arr)) ? $arr['channel_id'] : 0);
 
-		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
-		if(! $w['wiki']) {
-			return array('message' => t('Wiki not found.'), 'success' => false);
+		$w = NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
+		if (!$w['wiki']) {
+			return ['message' => t('Wiki not found.'), 'success' => false];
 		}
 
 
-		$ic = q("select * from iconfig left join item on iconfig.iid = item.id 
+		$ic = q("select * from iconfig left join item on iconfig.iid = item.id
 			where uid = %d and cat = 'nwikipage' and k = 'pagetitle' and v = '%s'",
 			intval($channel_id),
 			dbesc($pageNewName)
 		);
 
-		if($ic) {
-			return [ 'success' => false, 'message' => t('Destination name already exists') ];
+		if ($ic) {
+			return ['success' => false, 'message' => t('Destination name already exists')];
 		}
 
 
 		$ids = [];
 
-		$ic = q("select *, item.id as item_id from iconfig left join item on iconfig.iid = item.id 
+		$ic = q("select *, item.id as item_id from iconfig left join item on iconfig.iid = item.id
 			where uid = %d and cat = 'nwikipage' and k = 'pagetitle' and v = '%s'",
 			intval($channel_id),
 			dbesc($pageUrlName)
 		);
 
-		if($ic) {
-			foreach($ic as $c) {
-				set_iconfig($c['item_id'],'nwikipage','pagetitle',$pageNewName);
+		if ($ic) {
+			foreach ($ic as $c) {
+				set_iconfig($c['item_id'], 'nwikipage', 'pagetitle', $pageNewName);
 				$ids[] = $c['item_id'];
 			}
 
@@ -153,101 +170,101 @@ class NativeWikiPage {
 				dbesc($pageNewName)
 			);
 
-			$page = [ 
-				'rawName'  => $pageNewName, 
-				'htmlName' => escape_tags($pageNewName), 
+			$page = [
+				'rawName'  => $pageNewName,
+				'htmlName' => escape_tags($pageNewName),
 				//'urlName'  => urlencode(escape_tags($pageNewName))
-				'urlName' => Zlib\NativeWiki::name_encode($pageNewName)
+				'urlName'  => NativeWiki::name_encode($pageNewName)
 			];
 
-			return [ 'success' => true, 'page' => $page ];
+			return ['success' => true, 'page' => $page];
 		}
 
-		return [ 'success' => false, 'message' => t('Page not found') ];
-	
+		return ['success' => false, 'message' => t('Page not found')];
+
 	}
 
+
 	static public function get_page_content($arr) {
-		$pageUrlName   = ((array_key_exists('pageUrlName',$arr))   ? $arr['pageUrlName']        : '');
-		$resource_id   = ((array_key_exists('resource_id',$arr))   ? $arr['resource_id']        : '');
-		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash']      : '');
-		$channel_id    = ((array_key_exists('channel_id',$arr))    ? intval($arr['channel_id']) : 0);
-		$revision      = ((array_key_exists('revision',$arr))      ? intval($arr['revision'])   : (-1));
 
+		$resource_id   = ((array_key_exists('resource_id', $arr)) ? $arr['resource_id'] : '');
+		$observer_hash = ((array_key_exists('observer_hash', $arr)) ? $arr['observer_hash'] : '');
+		$channel_id    = ((array_key_exists('channel_id', $arr)) ? intval($arr['channel_id']) : 0);
 
-		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
-		if (! $w['wiki']) {
-			return array('content' => null, 'message' => 'Error reading wiki', 'success' => false);
+		$w = NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
+		if (!$w['wiki']) {
+			return ['content' => null, 'message' => 'Error reading wiki', 'success' => false];
 		}
 
 		$item = self::load_page($arr);
 
-		if($item) {
+		if ($item) {
 			$content = $item['body'];
 
-			return [ 
+			return [
 				'content'      => $content,
 				'mimeType'     => $w['mimeType'],
-				'pageMimeType' => $item['mimetype'], 
-				'message'      => '', 
+				'pageMimeType' => $item['mimetype'],
+				'message'      => '',
 				'success'      => true
 			];
 		}
-	
-		return array('content' => null, 'message' => t('Error reading page content'), 'success' => false);
+
+		return ['content' => null, 'message' => t('Error reading page content'), 'success' => false];
 
 	}
 
-	static public function page_history($arr) {
-		$pageUrlName = ((array_key_exists('pageUrlName',$arr)) ? $arr['pageUrlName'] : '');
-		$resource_id = ((array_key_exists('resource_id',$arr)) ? $arr['resource_id'] : '');
-		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash'] : '');
-		$channel_id    = ((array_key_exists('channel_id',$arr))    ? $arr['channel_id']    : 0);
 
-		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
+	static public function page_history($arr) {
+
+		$resource_id   = ((array_key_exists('resource_id', $arr)) ? $arr['resource_id'] : '');
+		$observer_hash = ((array_key_exists('observer_hash', $arr)) ? $arr['observer_hash'] : '');
+		$channel_id    = ((array_key_exists('channel_id', $arr)) ? $arr['channel_id'] : 0);
+
+		$w = NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
 		if (!$w['wiki']) {
-			return array('history' => null, 'message' => 'Error reading wiki', 'success' => false);
+			return ['history' => null, 'message' => 'Error reading wiki', 'success' => false];
 		}
 
 		$items = self::load_page_history($arr);
 
 		$history = [];
 
-		if($items) {
+		if ($items) {
 			$processed = 0;
-			foreach($items as $item) {
-				if($processed > 1000)
+			foreach ($items as $item) {
+				if ($processed > 1000)
 					break;
-				$processed ++;
-				$history[] = [ 
+				$processed++;
+				$history[] = [
 					'revision' => $item['revision'],
-					'date' => datetime_convert('UTC',date_default_timezone_get(),$item['edited']),
-					'name' => $item['author']['xchan_name'],
-					'title' => get_iconfig($item,'nwikipage','commit_msg') 
+					'date'     => datetime_convert('UTC', date_default_timezone_get(), $item['edited']),
+					'name'     => $item['author']['xchan_name'],
+					'title'    => get_iconfig($item, 'nwikipage', 'commit_msg')
 				];
 
 			}
 
-			return [ 'success' => true, 'history' => $history ];
+			return ['success' => true, 'history' => $history];
 		}
 
-		return [ 'success' => false ];
+		return ['success' => false];
 
 	}
-	
+
 
 	static public function load_page($arr) {
 
-		$pageUrlName   = ((array_key_exists('pageUrlName',$arr))   ? $arr['pageUrlName']     : '');
-		$resource_id   = ((array_key_exists('resource_id',$arr))   ? $arr['resource_id']     : '');
-		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash']   : '');
-		$channel_id    = ((array_key_exists('channel_id',$arr))    ? $arr['channel_id']      : 0);
-		$revision      = ((array_key_exists('revision',$arr))      ? $arr['revision']        : (-1));
+		$pageUrlName   = ((array_key_exists('pageUrlName', $arr)) ? $arr['pageUrlName'] : '');
+		$resource_id   = ((array_key_exists('resource_id', $arr)) ? $arr['resource_id'] : '');
+		$observer_hash = ((array_key_exists('observer_hash', $arr)) ? $arr['observer_hash'] : '');
+		$channel_id    = ((array_key_exists('channel_id', $arr)) ? $arr['channel_id'] : 0);
+		$revision      = ((array_key_exists('revision', $arr)) ? $arr['revision'] : (-1));
 
-		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
+		$w = NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
 
-		if (! $w['wiki']) {
-			return array('content' => null, 'message' => 'Error reading wiki', 'success' => false);
+		if (!$w['wiki']) {
+			return ['content' => null, 'message' => 'Error reading wiki', 'success' => false];
 		}
 
 		$ids = '';
@@ -257,32 +274,32 @@ class NativeWikiPage {
 			dbesc($pageUrlName)
 		);
 
-		if($ic) {
-			foreach($ic as $c) {
-				if($ids)
+		if ($ic) {
+			foreach ($ic as $c) {
+				if ($ids)
 					$ids .= ',';
 				$ids .= intval($c['iid']);
 			}
 		}
 
-		$sql_extra = item_permissions_sql($channel_id,$observer_hash);
+		$sql_extra = item_permissions_sql($channel_id, $observer_hash);
 
-		if($revision == (-1))
+		if ($revision == (-1))
 			$sql_extra .= " order by revision desc ";
-		elseif($revision)
+		elseif ($revision)
 			$sql_extra .= " and revision = " . intval($revision) . " ";
 
 		$r = null;
 
 
-		if($ids) {
+		if ($ids) {
 			$r = q("select * from item where resource_type = 'nwikipage' and resource_id = '%s' and uid = %d and id in ( $ids ) $sql_extra limit 1",
 				dbesc($resource_id),
 				intval($channel_id)
 			);
 
-			if($r) {
-				$items = fetch_post_tags($r,true);
+			if ($r) {
+				$items = fetch_post_tags($r, true);
 				return $items[0];
 			}
 		}
@@ -290,17 +307,17 @@ class NativeWikiPage {
 		return null;
 	}
 
+
 	static public function load_page_history($arr) {
 
-		$pageUrlName   = ((array_key_exists('pageUrlName',$arr))   ? $arr['pageUrlName']     : '');
-		$resource_id   = ((array_key_exists('resource_id',$arr))   ? $arr['resource_id']     : '');
-		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash']   : '');
-		$channel_id    = ((array_key_exists('channel_id',$arr))    ? $arr['channel_id']      : 0);
-		$revision      = ((array_key_exists('revision',$arr))      ? $arr['revision']        : (-1));
+		$pageUrlName   = ((array_key_exists('pageUrlName', $arr)) ? $arr['pageUrlName'] : '');
+		$resource_id   = ((array_key_exists('resource_id', $arr)) ? $arr['resource_id'] : '');
+		$observer_hash = ((array_key_exists('observer_hash', $arr)) ? $arr['observer_hash'] : '');
+		$channel_id    = ((array_key_exists('channel_id', $arr)) ? $arr['channel_id'] : 0);
 
-		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
-		if (! $w['wiki']) {
-			return array('content' => null, 'message' => 'Error reading wiki', 'success' => false);
+		$w = NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
+		if (!$w['wiki']) {
+			return ['content' => null, 'message' => 'Error reading wiki', 'success' => false];
 		}
 
 		$ids = '';
@@ -309,28 +326,28 @@ class NativeWikiPage {
 			intval($channel_id),
 			dbesc($pageUrlName)
 		);
-	
-		if($ic) {
-			foreach($ic as $c) {
-				if($ids)
+
+		if ($ic) {
+			foreach ($ic as $c) {
+				if ($ids)
 					$ids .= ',';
 				$ids .= intval($c['iid']);
 			}
 		}
 
-		$sql_extra = item_permissions_sql($channel_id,$observer_hash);
+		$sql_extra = item_permissions_sql($channel_id, $observer_hash);
 
 		$sql_extra .= " order by revision desc ";
 
 		$r = null;
-		if($ids) {
+		if ($ids) {
 			$r = q("select * from item where resource_type = 'nwikipage' and resource_id = '%s' and uid = %d and id in ( $ids ) and item_deleted = 0 $sql_extra",
 				dbesc($resource_id),
 				intval($channel_id)
 			);
-			if($r) {
+			if ($r) {
 				xchan_query($r);
-				$items = fetch_post_tags($r,true);
+				$items = fetch_post_tags($r, true);
 				return $items;
 			}
 		}
@@ -338,32 +355,32 @@ class NativeWikiPage {
 		return null;
 	}
 
-	static public function save_page($arr) {
-		$pageUrlName   = ((array_key_exists('pageUrlName',$arr))   ? $arr['pageUrlName']   : '');
-		$content       = ((array_key_exists('content',$arr))       ? $arr['content']       : '');
-		$resource_id   = ((array_key_exists('resource_id',$arr))   ? $arr['resource_id']   : '');
-		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash'] : '');
-		$channel_id    = ((array_key_exists('channel_id',$arr))    ? $arr['channel_id']    : 0);
-		$revision      = ((array_key_exists('revision',$arr))      ? $arr['revision']      : 0);
 
-		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
+	static public function save_page($arr) {
+		$pageUrlName   = ((array_key_exists('pageUrlName', $arr)) ? $arr['pageUrlName'] : '');
+		$content       = ((array_key_exists('content', $arr)) ? $arr['content'] : '');
+		$resource_id   = ((array_key_exists('resource_id', $arr)) ? $arr['resource_id'] : '');
+		$observer_hash = ((array_key_exists('observer_hash', $arr)) ? $arr['observer_hash'] : '');
+		$channel_id    = ((array_key_exists('channel_id', $arr)) ? $arr['channel_id'] : 0);
+
+		$w = NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
 
 		if (!$w['wiki']) {
-			return array('message' => t('Error reading wiki'), 'success' => false);
+			return ['message' => t('Error reading wiki'), 'success' => false];
 		}
 
-	
-		// fetch the most recently saved revision. 
+
+		// fetch the most recently saved revision.
 
 		$item = self::load_page($arr);
 
-		if(! $item) {
-			return array('message' => t('Page not found'), 'success' => false);
+		if (!$item) {
+			return ['message' => t('Page not found'), 'success' => false];
 		}
 
 		$mimetype = $item['mimetype'];
 
-		// change just the fields we need to change to create a revision; 
+		// change just the fields we need to change to create a revision;
 
 		unset($item['id']);
 		unset($item['author']);
@@ -374,8 +391,8 @@ class NativeWikiPage {
 		$item['edited']       = datetime_convert();
 		$item['mimetype']     = $mimetype;
 
-		if($item['iconfig'] && is_array($item['iconfig']) && count($item['iconfig'])) {
-			for($x = 0; $x < count($item['iconfig']); $x ++) {
+		if ($item['iconfig'] && is_array($item['iconfig']) && count($item['iconfig'])) {
+			for ($x = 0; $x < count($item['iconfig']); $x++) {
 				unset($item['iconfig'][$x]['id']);
 				unset($item['iconfig'][$x]['iid']);
 			}
@@ -383,162 +400,164 @@ class NativeWikiPage {
 
 		$ret = item_store($item, false, false);
 
-		if($ret['item_id'])
-			return array('message' => '', 'item_id' => $ret['item_id'], 'filename' => $pageUrlName, 'success' => true);
+		if ($ret['item_id'])
+			return ['message' => '', 'item_id' => $ret['item_id'], 'filename' => $pageUrlName, 'success' => true];
 		else
-			return array('message' => t('Page update failed.'), 'success' => false);
-	}	
+			return ['message' => t('Page update failed.'), 'success' => false];
+	}
+
 
 	static public function delete_page($arr) {
-		$pageUrlName = ((array_key_exists('pageUrlName',$arr)) ? $arr['pageUrlName'] : '');
-		$resource_id = ((array_key_exists('resource_id',$arr)) ? $arr['resource_id'] : '');
-		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash'] : '');
-		$channel_id    = ((array_key_exists('channel_id',$arr))    ? $arr['channel_id']    : 0);
 
-		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
+		$pageUrlName   = (array_key_exists('pageUrlName', $arr) ? $arr['pageUrlName'] : '');
+		$resource_id   = (array_key_exists('resource_id', $arr) ? $arr['resource_id'] : '');
+		$observer_hash = (array_key_exists('observer_hash', $arr) ? $arr['observer_hash'] : '');
+		$channel_id    = (array_key_exists('channel_id', $arr) ? $arr['channel_id'] : 0);
 
-		if(! $w['wiki']) {
-			return [ 'success' => false, 'message' => t('Error reading wiki') ];
+		$w = NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
+		if (!$w['wiki']) {
+			return ['success' => false, 'message' => t('Error reading wiki')];
 		}
 
 		$ids = [];
 
-		$ic = q("select * from iconfig left join item on iconfig.iid = item.id 
+		$ic = q("select * from iconfig left join item on iconfig.iid = item.id
 			where uid = %d and cat = 'nwikipage' and k = 'pagetitle' and v = '%s'",
 			intval($channel_id),
 			dbesc($pageUrlName)
 		);
 
-		if($ic) {
-			foreach($ic as $c) {
+		if ($ic) {
+			foreach ($ic as $c) {
 				$ids[] = intval($c['iid']);
 			}
 		}
 
-		if($ids) {
-			drop_items($ids);
-			return [ 'success' => true ];
+		if ($ids) {
+			drop_items($ids, true, DROPITEM_PHASE1);
+			return ['success' => true];
 		}
 
-		return [ 'success' => false, 'message' => t('Nothing deleted') ];	
+		return ['success' => false, 'message' => t('Nothing deleted')];
 	}
-	
-	static public function revert_page($arr) {
-		$pageUrlName   = ((array_key_exists('pageUrlName',$arr))   ? $arr['pageUrlName']   : '');
-		$resource_id   = ((array_key_exists('resource_id',$arr))   ? $arr['resource_id']   : '');
-		$commitHash    = ((array_key_exists('commitHash',$arr))    ? $arr['commitHash']    : null);
-		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash'] : '');
-		$channel_id    = ((array_key_exists('channel_id',$arr))    ? $arr['channel_id']    : 0);
 
-		if (! $commitHash) {
-			return array('message' => 'No commit was provided', 'success' => false);
+
+	static public function revert_page($arr) {
+
+		$resource_id   = ((array_key_exists('resource_id', $arr)) ? $arr['resource_id'] : '');
+		$commitHash    = ((array_key_exists('commitHash', $arr)) ? $arr['commitHash'] : null);
+		$observer_hash = ((array_key_exists('observer_hash', $arr)) ? $arr['observer_hash'] : '');
+		$channel_id    = ((array_key_exists('channel_id', $arr)) ? $arr['channel_id'] : 0);
+
+		if (!$commitHash) {
+			return ['message' => 'No commit was provided', 'success' => false];
 		}
 
-		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
+		$w = NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
 		if (!$w['wiki']) {
-			return array('message' => 'Error reading wiki', 'success' => false);
+			return ['message' => 'Error reading wiki', 'success' => false];
 		}
 
 		$x = $arr;
 
-		if(intval($commitHash) > 0) {
+		if (intval($commitHash) > 0) {
 			unset($x['commitHash']);
 			$x['revision'] = intval($commitHash) - 1;
-			$loaded = self::load_page($x);
+			$loaded        = self::load_page($x);
 
-			if($loaded) {
+			if ($loaded) {
 				$content = $loaded['body'];
-				return [ 'content' => $content, 'success' => true ];
+				return ['content' => $content, 'success' => true];
 			}
-			return [ 'success' => false ];
+			return ['success' => false];
 		}
 	}
-	
-	static public function compare_page($arr) {
-		$pageUrlName = ((array_key_exists('pageUrlName',$arr)) ? $arr['pageUrlName'] : '');
-		$resource_id = ((array_key_exists('resource_id',$arr)) ? $arr['resource_id'] : '');
-		$currentCommit = ((array_key_exists('currentCommit',$arr)) ? $arr['currentCommit'] : (-1));
-		$compareCommit = ((array_key_exists('compareCommit',$arr)) ? $arr['compareCommit'] : 0);
-		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash'] : '');
-		$channel_id    = ((array_key_exists('channel_id',$arr))    ? $arr['channel_id']    : 0);
 
-		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
+
+	static public function compare_page($arr) {
+
+		$resource_id   = ((array_key_exists('resource_id', $arr)) ? $arr['resource_id'] : '');
+		$compareCommit = ((array_key_exists('compareCommit', $arr)) ? $arr['compareCommit'] : 0);
+		$observer_hash = ((array_key_exists('observer_hash', $arr)) ? $arr['observer_hash'] : '');
+		$channel_id    = ((array_key_exists('channel_id', $arr)) ? $arr['channel_id'] : 0);
+
+		$w = NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
 
 		if (!$w['wiki']) {
-			return array('message' => t('Error reading wiki'), 'success' => false);
+			return ['message' => t('Error reading wiki'), 'success' => false];
 		}
 
-		$x = $arr;
+		$x             = $arr;
 		$x['revision'] = (-1);
 
 		$currpage = self::load_page($x);
-		if($currpage)
+		if ($currpage)
 			$currentContent = $currpage['body'];
 
 		$x['revision'] = $compareCommit;
-		$comppage = self::load_page($x);
-		if($comppage)
+		$comppage      = self::load_page($x);
+		if ($comppage)
 			$compareContent = $comppage['body'];
 
-		if($currpage && $comppage) {
+		if ($currpage && $comppage) {
 			require_once('library/class.Diff.php');
 			$diff = \Diff::toTable(\Diff::compare($currentContent, $compareContent));
 
-			return [ 'success' => true, 'diff' => $diff ];
+			return ['success' => true, 'diff' => $diff];
 		}
-		return [ 'success' => false, 'message' =>  t('Compare: object not found.') ];
+		return ['success' => false, 'message' => t('Compare: object not found.')];
 
 	}
-	
+
+
 	static public function commit($arr) {
 
-		$commit_msg    = ((array_key_exists('commit_msg', $arr))   ? $arr['commit_msg']    : t('Page updated'));
-		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash'] : '');
-		$channel_id    = ((array_key_exists('channel_id',$arr))    ? $arr['channel_id']    : 0);
-		$pageUrlName   = ((array_key_exists('pageUrlName',$arr))   ? $arr['pageUrlName']   : t('Untitled'));
+		$commit_msg    = ((array_key_exists('commit_msg', $arr)) ? $arr['commit_msg'] : t('Page updated'));
+		$observer_hash = ((array_key_exists('observer_hash', $arr)) ? $arr['observer_hash'] : '');
+		$channel_id    = ((array_key_exists('channel_id', $arr)) ? $arr['channel_id'] : 0);
 
-		if(array_key_exists('resource_id', $arr)) {
+		if (array_key_exists('resource_id', $arr)) {
 			$resource_id = $arr['resource_id'];
 		}
 		else {
-			return array('message' => t('Wiki resource_id required for git commit'), 'success' => false);
+			return ['message' => t('Wiki resource_id required for git commit'), 'success' => false];
 		}
 
-		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
-		if (! $w['wiki']) {
-			return array('message' => t('Error reading wiki'), 'success' => false);
+		$w = NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
+		if (!$w['wiki']) {
+			return ['message' => t('Error reading wiki'), 'success' => false];
 		}
 
 
 		$page = self::load_page($arr);
 
-		if($page) {
-			set_iconfig($page['id'],'nwikipage','commit_msg',escape_tags($commit_msg),true);
-			return [ 'success' => true, 'item_id' => $page['id'], 'page' => $page ];
+		if ($page) {
+			set_iconfig($page['id'], 'nwikipage', 'commit_msg', escape_tags($commit_msg), true);
+			return ['success' => true, 'item_id' => $page['id'], 'page' => $page];
 		}
 
-		return [ 'success' => false, 'message' => t('Page not found.') ];
+		return ['success' => false, 'message' => t('Page not found.')];
 
 	}
-	
+
 	static public function convert_links($s, $wikiURL) {
-		
-		if (strpos($s,'[[') !== false) {
+
+		if (strpos($s, '[[') !== false) {
 			preg_match_all("/\[\[(.*?)\]\]/", $s, $match);
-			$pages = $pageURLs = array();
+			$pages = $pageURLs = [];
 			foreach ($match[1] as $m) {
 				// TODO: Why do we need to double urlencode for this to work?
 				//$pageURLs[] = urlencode(urlencode(escape_tags($m)));
-				$titleUri = explode('|',$m);
-				$page = $titleUri[0] ?? '';
-				$title = $titleUri[1] ?? $page;
-				$pageURLs[] = Zlib\NativeWiki::name_encode(escape_tags($page));
-				$pages[] = $title;
+				$titleUri   = explode('|', $m);
+				$page       = $titleUri[0] ?? '';
+				$title      = $titleUri[1] ?? $page;
+				$pageURLs[] = NativeWiki::name_encode(escape_tags($page));
+				$pages[]    = $title;
 			}
 			$idx = 0;
-			while(strpos($s,'[[') !== false) {
-			$replace = '<a href="'.$wikiURL.'/'.$pageURLs[$idx].'">'.$pages[$idx].'</a>';
-				$s = preg_replace("/\[\[(.*?)\]\]/", $replace, $s, 1);
+			while (strpos($s, '[[') !== false) {
+				$replace = '<a href="' . $wikiURL . '/' . $pageURLs[$idx] . '">' . $pages[$idx] . '</a>';
+				$s       = preg_replace("/\[\[(.*?)\]\]/", $replace, $s, 1);
 				$idx++;
 			}
 		}
@@ -551,26 +570,25 @@ class NativeWikiPage {
 		$resource_id = ((array_key_exists('resource_id', $arr)) ? $arr['resource_id'] : '');
 
 		$pageHistory = self::page_history([
-			'channel_id'    => \App::$profile_uid, 
+			'channel_id'    => App::$profile_uid,
 			'observer_hash' => get_observer_hash(),
 			'resource_id'   => $resource_id,
 			'pageUrlName'   => $pageUrlName
 		]);
 
-		return replace_macros(get_markup_template('nwiki_page_history.tpl'), array(
+		return replace_macros(get_markup_template('nwiki_page_history.tpl'), [
 			'$pageHistory' => $pageHistory['history'],
 			'$permsWrite'  => $arr['permsWrite'],
 			'$name_lbl'    => t('Name'),
-			'$msg_label'   => t('Message','wiki_history'),
+			'$msg_label'   => t('Message', 'wiki_history'),
 			'$date_lbl'    => t('Date'),
 			'$revert_btn'  => t('Revert'),
 			'$compare_btn' => t('Compare')
-		));
+		]);
 
 	}
 
 
-	
 	/**
 	 * Replace the instances of the string [toc] with a list element that will be populated by
 	 * a table of contents by the JavaScript library
@@ -578,41 +596,42 @@ class NativeWikiPage {
 	 * @return string
 	 */
 	static public function generate_toc($s) {
-		if (strpos($s,'[toc]') !== false) {
+		if (strpos($s, '[toc]') !== false) {
 			//$toc_md = wiki_toc($s);	// Generate Markdown-formatted list prior to HTML render
 			$toc_md = '<ul id="wiki-toc"></ul>'; // use the available jQuery plugin http://ndabas.github.io/toc/
-			$s = preg_replace("/\[toc\]/", $toc_md, $s, -1);
+			$s      = preg_replace("/\[toc\]/", $toc_md, $s, -1);
 		}
 		return $s;
 	}
-	
+
+
 	/**
 	 *  Converts a select set of bbcode tags. Much of the code is copied from include/bbcode.php
 	 * @param string $s
 	 * @return string
 	 */
 	static public function bbcode($s) {
-			
-		$s = str_replace(array('[baseurl]', '[sitename]'), array(z_root(), get_config('system', 'sitename')), $s);
-			
-		$s = preg_replace_callback("/\[observer\.language\=(.*?)\](.*?)\[\/observer\]/ism",'oblanguage_callback', $s);
 
-		$s = preg_replace_callback("/\[observer\.language\!\=(.*?)\](.*?)\[\/observer\]/ism",'oblanguage_necallback', $s);
+		$s = str_replace(['[baseurl]', '[sitename]'], [z_root(), get_config('system', 'sitename')], $s);
+
+		$s = preg_replace_callback("/\[observer\.language\=(.*?)\](.*?)\[\/observer\]/ism", 'oblanguage_callback', $s);
+
+		$s = preg_replace_callback("/\[observer\.language\!\=(.*?)\](.*?)\[\/observer\]/ism", 'oblanguage_necallback', $s);
 
 
-		$observer = \App::get_observer();
+		$observer = App::get_observer();
 		if ($observer) {
-			$s1 = '<span class="bb_observer" title="' . t('Different viewers will see this text differently') . '">';
-			$s2 = '</span>';
+			$s1         = '<span class="bb_observer" title="' . t('Different viewers will see this text differently') . '">';
+			$s2         = '</span>';
 			$obsBaseURL = $observer['xchan_connurl'];
 			$obsBaseURL = preg_replace("/\/poco\/.*$/", '', $obsBaseURL);
-			$s = str_replace('[observer.baseurl]', $obsBaseURL, $s);
-			$s = str_replace('[observer.url]', $observer['xchan_url'], $s);
-			$s = str_replace('[observer.name]', $s1 . $observer['xchan_name'] . $s2, $s);
-			$s = str_replace('[observer.address]', $s1 . $observer['xchan_addr'] . $s2, $s);
-			$s = str_replace('[observer.webname]', substr($observer['xchan_addr'], 0, strpos($observer['xchan_addr'], '@')), $s);
-			$s = str_replace('[observer.photo]', '', $s);
-		} 
+			$s          = str_replace('[observer.baseurl]', $obsBaseURL, $s);
+			$s          = str_replace('[observer.url]', $observer['xchan_url'], $s);
+			$s          = str_replace('[observer.name]', $s1 . $observer['xchan_name'] . $s2, $s);
+			$s          = str_replace('[observer.address]', $s1 . $observer['xchan_addr'] . $s2, $s);
+			$s          = str_replace('[observer.webname]', substr($observer['xchan_addr'], 0, strpos($observer['xchan_addr'], '@')), $s);
+			$s          = str_replace('[observer.photo]', '', $s);
+		}
 		else {
 			$s = str_replace('[observer.baseurl]', '', $s);
 			$s = str_replace('[observer.url]', '', $s);
@@ -624,60 +643,63 @@ class NativeWikiPage {
 
 		return $s;
 	}
-	
+
+
 	static public function get_file_ext($arr) {
-		if($arr['mimetype'] === 'text/bbcode')
+
+		if ($arr['mimetype'] === 'text/bbcode')
 			return '.bb';
-		elseif($arr['mimetype'] === 'text/markdown')
+		elseif ($arr['mimetype'] === 'text/markdown')
 			return '.md';
-		elseif($arr['mimetype'] === 'text/plain')
+		elseif ($arr['mimetype'] === 'text/plain')
 			return '.txt';
 
 	}
-	
-	// This function is derived from 
+
+	// This function is derived from
 	// http://stackoverflow.com/questions/32068537/generate-table-of-contents-from-markdown-in-php
 	static public function toc($content) {
-	  // ensure using only "\n" as line-break
-	  $source = str_replace(["\r\n", "\r"], "\n", $content);
-	
-	  // look for markdown TOC items
-	  preg_match_all(
-		'/^(?:=|-|#).*$/m',
-		$source,
-		$matches,
-		PREG_PATTERN_ORDER | PREG_OFFSET_CAPTURE
-	  );
-	
-	  // preprocess: iterate matched lines to create an array of items
-	  // where each item is an array(level, text)
-	  $file_size = strlen($source);
-	  foreach ($matches[0] as $item) {
-		$found_mark = substr($item[0], 0, 1);
-		if ($found_mark == '#') {
-		  // text is the found item
-		  $item_text = $item[0];
-		  $item_level = strrpos($item_text, '#') + 1;
-		  $item_text = substr($item_text, $item_level);
-		} else {
-		  // text is the previous line (empty if <hr>)
-		  $item_offset = $item[1];
-		  $prev_line_offset = strrpos($source, "\n", -($file_size - $item_offset + 2));
-		  $item_text =
-			substr($source, $prev_line_offset, $item_offset - $prev_line_offset - 1);
-		  $item_text = trim($item_text);
-		  $item_level = $found_mark == '=' ? 1 : 2;
+		// ensure using only "\n" as line-break
+		$source = str_replace(["\r\n", "\r"], "\n", $content);
+
+		// look for markdown TOC items
+		preg_match_all(
+			'/^(?:=|-|#).*$/m',
+			$source,
+			$matches,
+			PREG_PATTERN_ORDER | PREG_OFFSET_CAPTURE
+		);
+
+		// preprocess: iterate matched lines to create an array of items
+		// where each item is an array(level, text)
+		$file_size = strlen($source);
+		foreach ($matches[0] as $item) {
+			$found_mark = substr($item[0], 0, 1);
+			if ($found_mark == '#') {
+				// text is the found item
+				$item_text  = $item[0];
+				$item_level = strrpos($item_text, '#') + 1;
+				$item_text  = substr($item_text, $item_level);
+			}
+			else {
+				// text is the previous line (empty if <hr>)
+				$item_offset      = $item[1];
+				$prev_line_offset = strrpos($source, "\n", -($file_size - $item_offset + 2));
+				$item_text        =
+					substr($source, $prev_line_offset, $item_offset - $prev_line_offset - 1);
+				$item_text        = trim($item_text);
+				$item_level       = $found_mark == '=' ? 1 : 2;
+			}
+			if (!trim($item_text) or strpos($item_text, '|') !== FALSE) {
+				// item is an horizontal separator or a table header, don't mind
+				continue;
+			}
+			$raw_toc[] = ['level' => $item_level, 'text' => trim($item_text)];
 		}
-		if (!trim($item_text) OR strpos($item_text, '|') !== FALSE) {
-		  // item is an horizontal separator or a table header, don't mind
-		  continue;
-		}
-		$raw_toc[] = ['level' => $item_level, 'text' => trim($item_text)];
-	  }
 		$o = '';
-		foreach($raw_toc as $t) {
+		foreach ($raw_toc as $t) {
 			$level = intval($t['level']);
-			$text = $t['text'];
+			$text  = $t['text'];
 			switch ($level) {
 				case 1:
 					$li = '* ';
@@ -697,7 +719,7 @@ class NativeWikiPage {
 			}
 			$o .= $li . $text . "\n";
 		}
-	  return $o;
+		return $o;
 	}
 
 }

Zotlabs/Lib/PConfig.php

@@ -2,6 +2,8 @@
 
 namespace Zotlabs\Lib;
 
+use App;
+
 /**
  * @brief Class for handling channel specific configurations.
  *
@@ -32,15 +34,15 @@ class PConfig {
 		if(is_null($uid) || $uid === false)
 			return false;
 
-		if(! is_array(\App::$config)) {
+		if(! is_array(App::$config)) {
 			btlogger('App::$config not an array');
 		}
 
-		if(! array_key_exists($uid, \App::$config)) {
-			\App::$config[$uid] = array();
+		if(! array_key_exists($uid, App::$config)) {
+			App::$config[$uid] = array();
 		}
 
-		if(! is_array(\App::$config[$uid])) {
+		if(! is_array(App::$config[$uid])) {
 			btlogger('App::$config[$uid] not an array: ' . $uid);
 		}
 
@@ -52,12 +54,12 @@ class PConfig {
 			foreach($r as $rr) {
 				$k = $rr['k'];
 				$c = $rr['cat'];
-				if(! array_key_exists($c, \App::$config[$uid])) {
-					\App::$config[$uid][$c] = array();
-					\App::$config[$uid][$c]['config_loaded'] = true;
+				if(! array_key_exists($c, App::$config[$uid])) {
+					App::$config[$uid][$c] = array();
+					App::$config[$uid][$c]['config_loaded'] = true;
 				}
-				\App::$config[$uid][$c][$k] = $rr['v'];
-				\App::$config[$uid][$c]['pcfgud:'.$k] = $rr['updated'];
+				App::$config[$uid][$c][$k] = $rr['v'];
+				App::$config[$uid][$c]['pcfgud:'.$k] = $rr['updated'];
 			}
 		}
 	}
@@ -86,15 +88,15 @@ class PConfig {
 		if(is_null($uid) || $uid === false)
 			return $default;
 
-		if(! array_key_exists($uid, \App::$config))
+		if(! array_key_exists($uid, App::$config))
 			self::Load($uid);
 
-		if((! array_key_exists($family, \App::$config[$uid])) || (! array_key_exists($key, \App::$config[$uid][$family])))
+		if((! array_key_exists($family, App::$config[$uid])) || (! array_key_exists($key, App::$config[$uid][$family])))
 			return $default;
 
-		return ((! is_array(\App::$config[$uid][$family][$key])) && (preg_match('|^a:[0-9]+:{.*}$|s', \App::$config[$uid][$family][$key]))
-			? unserialize(\App::$config[$uid][$family][$key])
-			: \App::$config[$uid][$family][$key]
+		return ((! is_array(App::$config[$uid][$family][$key])) && (preg_match('|^a:[0-9]+:{.*}$|s', App::$config[$uid][$family][$key]))
+			? unserialize(App::$config[$uid][$family][$key])
+			: App::$config[$uid][$family][$key]
 		);
 	}
 
@@ -133,6 +135,7 @@ class PConfig {
 		$dbvalue = ((is_array($value))  ? serialize($value) : $value);
 		$dbvalue = ((is_bool($dbvalue)) ? intval($dbvalue)  : $dbvalue);
 		$new = false;
+		$update = false;
 
 		$now = datetime_convert();
 		if (! $updated) {
@@ -143,23 +146,22 @@ class PConfig {
 			$updated = datetime_convert('UTC','UTC','-2 seconds');
 		}
 
-		$hash = hash('sha256',$family.':'.$key);
+		$hash = gen_link_id($family.':'.$key);
 
 		if (self::Get($uid, 'hz_delpconfig', $hash) !== false) {
 			if (self::Get($uid, 'hz_delpconfig', $hash) > $now) {
 				logger('Refusing to update pconfig with outdated info (Item deleted more recently).', LOGGER_NORMAL, LOG_ERR);
 				return self::Get($uid,$family,$key);
 			} else {
-				self::Delete($uid,'hz_delpconfig',$hash);
+				self::Delete($uid, 'hz_delpconfig', $hash);
 			}
 		}
 
 		if(self::Get($uid, $family, $key) === false) {
-			if(! array_key_exists($uid, \App::$config))
-				\App::$config[$uid] = array();
-			if(! array_key_exists($family, \App::$config[$uid]))
-				\App::$config[$uid][$family] = array();
-
+			if(! array_key_exists($uid, App::$config))
+				App::$config[$uid] = array();
+			if(! array_key_exists($family, App::$config[$uid]))
+				App::$config[$uid][$family] = array();
 
 			$ret = q("INSERT INTO pconfig ( uid, cat, k, v, updated ) VALUES ( %d, '%s', '%s', '%s', '%s' ) ",
 				intval($uid),
@@ -177,13 +179,14 @@ class PConfig {
 				logger("Error: Insert to pconfig failed.",LOGGER_NORMAL, LOG_ERR);
 			}
 
-			\App::$config[$uid][$family]['pcfgud:'.$key] = $updated;
+			$new = true;
+			App::$config[$uid][$family]['pcfgud:'.$key] = $updated;
 
 		}
 		else {
-			$new = (\App::$config[$uid][$family]['pcfgud:'.$key] < $now);
+			$update = (App::$config[$uid][$family]['pcfgud:'.$key] < $now);
 
-			if ($new) {
+			if ($update) {
 
 				// @NOTE There is still a possible race condition under limited circumstances
 				// where a value will be updated by another thread with more current data than
@@ -198,7 +201,7 @@ class PConfig {
 					dbesc($key)
 				);
 
-				\App::$config[$uid][$family]['pcfgud:'.$key] = $updated;
+				App::$config[$uid][$family]['pcfgud:'.$key] = $updated;
 
 			} else {
 				logger('Refusing to update pconfig with outdated info.', LOGGER_NORMAL, LOG_ERR);
@@ -211,16 +214,16 @@ class PConfig {
 		// set in the life of this page. We need this to
 		// synchronise channel clones.
 
-		if(! array_key_exists('transient', \App::$config[$uid]))
-			\App::$config[$uid]['transient'] = array();
-		if(! array_key_exists($family, \App::$config[$uid]['transient']))
-			\App::$config[$uid]['transient'][$family] = array();
+		if(! array_key_exists('transient', App::$config[$uid]))
+			App::$config[$uid]['transient'] = array();
+		if(! array_key_exists($family, App::$config[$uid]['transient']))
+			App::$config[$uid]['transient'][$family] = array();
 
-		\App::$config[$uid][$family][$key] = $value;
+		App::$config[$uid][$family][$key] = $value;
 
-		if ($new) {
-			\App::$config[$uid]['transient'][$family][$key] = $value;
-			\App::$config[$uid]['transient'][$family]['pcfgud:'.$key] = $updated;
+		if ($new || $update) {
+			App::$config[$uid]['transient'][$family][$key] = $value;
+			App::$config[$uid]['transient'][$family]['pcfgud:'.$key] = $updated;
 		}
 
 		if($ret)
@@ -253,7 +256,7 @@ class PConfig {
 
 		$updated = ($updated) ? $updated : datetime_convert('UTC','UTC','-2 seconds');
 		$now = datetime_convert();
-		$newer = (\App::$config[$uid][$family]['pcfgud:'.$key] < $now);
+		$newer = (App::$config[$uid][$family]['pcfgud:'.$key] < $now);
 
 		if (! $newer) {
 			logger('Refusing to delete pconfig with outdated delete request.', LOGGER_NORMAL, LOG_ERR);
@@ -262,12 +265,12 @@ class PConfig {
 
 		$ret = false;
 
-		if (isset(\App::$config[$uid][$family][$key])) {
-			unset(\App::$config[$uid][$family][$key]);
+		if (isset(App::$config[$uid][$family][$key])) {
+			unset(App::$config[$uid][$family][$key]);
 		}
 
-		if (isset(\App::$config[$uid][$family]['pcfgud:'.$key])) {
-			unset(\App::$config[$uid][$family]['pcfgud:'.$key]);
+		if (isset(App::$config[$uid][$family]['pcfgud:'.$key])) {
+			unset(App::$config[$uid][$family]['pcfgud:'.$key]);
 		}
 
 		$ret = q("DELETE FROM pconfig WHERE uid = %d AND cat = '%s' AND k = '%s'",
@@ -278,9 +281,9 @@ class PConfig {
 
 		// Synchronize delete with clones.
 
-		if ($family != 'hz_delpconfig') {
-			$hash = hash('sha256',$family.':'.$key);
-			set_pconfig($uid,'hz_delpconfig',$hash,$updated);
+		if ($family !== 'hz_delpconfig') {
+			$hash = gen_link_id($family.':'.$key);
+			set_pconfig($uid, 'hz_delpconfig', $hash, $updated);
 		}
 
 		return $ret;

Zotlabs/Lib/Permcat.php

@@ -4,6 +4,7 @@ namespace Zotlabs\Lib;
 
 use Zotlabs\Access\PermissionRoles;
 use Zotlabs\Access\Permissions;
+use Zotlabs\Daemon\Master;
 
 /**
  * @brief Permission Categories. Permission rules for various classes of connections.
@@ -38,33 +39,33 @@ class Permcat {
 
 		// first check role perms for a perms_connect setting
 
-		$role = get_pconfig($channel_id,'system','permissions_role');
-		if($role) {
+		$role = get_pconfig($channel_id, 'system', 'permissions_role');
+		if ($role) {
 			$x = PermissionRoles::role_perms($role);
-			if($x['perms_connect']) {
+			if ($x['perms_connect']) {
 				$perms = Permissions::FilledPerms($x['perms_connect']);
 			}
 		}
 
 		// if no role perms it may be a custom role, see if there any autoperms
 
-		if(! $perms) {
+		if (!$perms) {
 			$perms = Permissions::FilledAutoPerms($channel_id);
 		}
 
 		// if no autoperms it may be a custom role with manual perms
 
-		if(! $perms) {
+		if (!$perms) {
 			$r = q("select channel_hash from channel where channel_id = %d",
 				intval($channel_id)
 			);
-			if($r) {
+			if ($r) {
 				$x = q("select * from abconfig where chan = %d and xchan = '%s' and cat = 'my_perms'",
 					intval($channel_id),
 					dbesc($r[0]['channel_hash'])
 				);
-				if($x) {
-					foreach($x as $xv) {
+				if ($x) {
+					foreach ($x as $xv) {
 						$perms[$xv['k']] = intval($xv['v']);
 					}
 				}
@@ -73,25 +74,27 @@ class Permcat {
 
 		// nothing was found - create a filled permission array where all permissions are 0
 
-		if(! $perms) {
+		if (!$perms) {
 			$perms = Permissions::FilledPerms([]);
 		}
 
 		$this->permcats[] = [
 			'name'      => 'default',
-			'localname' => t('default','permcat'),
+			'localname' => t('Default', 'permcat'),
 			'perms'     => Permissions::Operms($perms),
+			'raw_perms' => $perms,
 			'system'    => 1
 		];
 
 
 		$p = $this->load_permcats($channel_id);
-		if($p) {
-			for($x = 0; $x < count($p); $x++) {
+		if ($p) {
+			for ($x = 0; $x < count($p); $x++) {
 				$this->permcats[] = [
 					'name'      => $p[$x][0],
 					'localname' => $p[$x][1],
 					'perms'     => Permissions::Operms(Permissions::FilledPerms($p[$x][2])),
+					'raw_perms' => Permissions::FilledPerms($p[$x][2]),
 					'system'    => intval($p[$x][3])
 				];
 			}
@@ -116,9 +119,9 @@ class Permcat {
 	 *   * \e bool \b error if $name not found in permcats true
 	 */
 	public function fetch($name) {
-		if($name && $this->permcats) {
-			foreach($this->permcats as $permcat) {
-				if(strcasecmp($permcat['name'], $name) === 0) {
+		if ($name && $this->permcats) {
+			foreach ($this->permcats as $permcat) {
+				if (strcasecmp($permcat['name'], $name) === 0) {
 					return $permcat;
 				}
 			}
@@ -128,31 +131,28 @@ class Permcat {
 	}
 
 	public function load_permcats($uid) {
-
+		/*
 		$permcats = [
-			[ 'follower', t('follower','permcat'),
-				[ 'view_stream','view_profile','view_contacts','view_storage','view_pages','view_wiki',
-				  'post_like' ], 1
-			],
-			[ 'contributor', t('contributor','permcat'),
-				[ 'view_stream','view_profile','view_contacts','view_storage','view_pages','view_wiki',
-				  'post_wall','post_comments','write_wiki','post_like','tag_deliver','chat' ], 1
-			],
-			[ 'publisher', t('publisher','permcat'),
+			[ 'contributor', t('Contributor','permcat'),
 				[ 'view_stream','view_profile','view_contacts','view_storage','view_pages',
-				  'write_storage','post_wall','write_pages','write_wiki','post_comments','post_like','tag_deliver',
-				  'chat', 'republish' ], 1
-			]
+				  'write_storage','post_wall','write_pages','write_wiki','post_comments', 'post_mail', 'post_like',
+				  'chat' ], 1
+			],
+			[ 'muted', t('Muted','permcat'),
+				[ 'view_stream','view_profile','view_contacts','view_storage','view_pages','view_wiki',
+				  'post_comments','write_wiki','post_like' ], 1
+			],
 		];
-
-		if($uid) {
+		*/
+		if ($uid) {
 			$x = q("select * from pconfig where uid = %d and cat = 'permcat'",
 				intval($uid)
 			);
-			if($x) {
-				foreach($x as $xv) {
-					$value = ((preg_match('|^a:[0-9]+:{.*}$|s', $xv['v'])) ? unserialize($xv['v']) : $xv['v']);
-					$permcats[] = [ $xv['k'], $xv['k'], $value, 0 ];
+
+			if ($x) {
+				foreach ($x as $xv) {
+					$value      = ((preg_match('|^a:[0-9]+:{.*}$|s', $xv['v'])) ? unserialize($xv['v']) : $xv['v']);
+					$permcats[] = [$xv['k'], $xv['k'], $value, 0];
 				}
 			}
 		}
@@ -167,11 +167,11 @@ class Permcat {
 	}
 
 	static public function find_permcat($arr, $name) {
-		if((! $arr) || (! $name))
+		if ((!$arr) || (!$name))
 			return false;
 
-		foreach($arr as $p)
-			if($p['name'] == $name)
+		foreach ($arr as $p)
+			if ($p['name'] == $name)
 				return $p['value'];
 	}
 
@@ -183,4 +183,105 @@ class Permcat {
 		PConfig::Delete($channel_id, 'permcat', $name);
 	}
 
-}
+	/**
+	 * @brief assign a contact role to contacts
+	 *
+	 * @param array $channel
+	 * @param string $role the name of the role
+	 * @param array $contacts an array of contact hashes
+	 */
+	public static function assign($channel, $role, $contacts) {
+
+		if (!isset($channel['channel_id'])) {
+			return;
+		}
+
+		if (!is_array($contacts) || empty($contacts)) {
+			return;
+		}
+
+		if (!$role) {
+			// lookup the default
+			$role = get_pconfig($channel['channel_id'], 'system', 'default_permcat', 'default');
+		}
+
+
+		// Doublecheck that we do not assign a role to ourself.
+		// It does not make a difference but could be confusing.
+		if (in_array($channel['channel_hash'], $contacts)) {
+			$contacts = array_diff($contacts, [$channel['channel_hash']]);
+		}
+
+		$all_perms  = Permissions::Perms();
+		$permcats   = new Permcat($channel['channel_id']);
+		$role_perms = $permcats->fetch($role);
+
+		if (isset($role_perms['error'])) {
+			return false;
+		}
+
+		$perms = $role_perms['raw_perms'];
+
+		$values_sql = '';
+		stringify_array_elms($contacts, true);
+
+		if ($all_perms && $perms) {
+
+			foreach ($contacts as $contact) {
+				foreach ($all_perms as $perm => $desc) {
+					if (array_key_exists($perm, $perms)) {
+						$values_sql .= " (" . intval($channel['channel_id']) . ", " . protect_sprintf($contact) . ", 'my_perms', '" . dbesc($perm) . "', " . intval($perms[$perm]) . "),";
+					}
+					else {
+						$values_sql .= " (" . intval($channel['channel_id']) . ", " . protect_sprintf($contact) . ", 'my_perms', '" . dbesc($perm) . "', 0), ";
+					}
+				}
+			}
+		}
+
+		$values_sql = rtrim($values_sql, ',');
+
+		dbq("DELETE FROM abconfig WHERE chan = " . intval($channel['channel_id']) . " AND cat = 'my_perms' AND xchan IN (" . protect_sprintf(implode(',', $contacts)) . ")");
+
+		dbq("INSERT INTO abconfig ( chan, xchan, cat, k, v ) VALUES $values_sql");
+
+		q("UPDATE abook SET abook_role = '%s'
+			WHERE abook_xchan IN (" . protect_sprintf(implode(',', $contacts)) . ") AND abook_channel = %d",
+			dbesc($role),
+			intval($channel['channel_id'])
+		);
+
+		$r = q("SELECT abook.*, xchan.* FROM abook LEFT JOIN xchan ON abook.abook_xchan = xchan.xchan_hash WHERE abook.abook_xchan IN (" . protect_sprintf(implode(',', $contacts)) . ") AND abook.abook_channel = %d AND abook_self = 0",
+			intval($channel['channel_id'])
+		);
+
+		foreach ($r as $rr) {
+
+			if (intval($rr['abook_self'])) {
+				continue;
+			}
+
+			Master::Summon([
+				'Notifier',
+				'permission_update',
+				$rr['abook_id']
+			]);
+
+			$clone = $rr;
+
+			unset($clone['abook_id']);
+			unset($clone['abook_account']);
+			unset($clone['abook_channel']);
+
+			$abconfig = load_abconfig($channel['channel_id'], $clone['abook_xchan']);
+			if ($abconfig)
+				$clone['abconfig'] = $abconfig;
+
+			Libsync::build_sync_packet(0 /* use the current local_channel */, ['abook' => [$clone]]);
+
+		}
+
+		return true;
+	}
+
+}

Zotlabs/Lib/Queue.php

@@ -2,6 +2,9 @@
 
 namespace Zotlabs\Lib;
 
+use Zotlabs\Zot6\Receiver;
+use Zotlabs\Zot6\Zot6Handler;
+
 class Queue {
 
 	static function update($id, $add_priority = 0) {
@@ -28,19 +31,19 @@ class Queue {
 			$might_be_down = ((datetime_convert('UTC','UTC',$y[0]['earliest']) < datetime_convert('UTC','UTC','now - 2 days')) ? true : false);
 
 
-		// Set all other records for this destination way into the future. 
+		// Set all other records for this destination way into the future.
 		// The queue delivers by destination. We'll keep one queue item for
 		// this destination (this one) with a shorter delivery. If we succeed
 		// once, we'll try to deliver everything for that destination.
-		// The delivery will be set to at most once per hour, and if the 
+		// The delivery will be set to at most once per hour, and if the
 		// queue item is less than 12 hours old, we'll schedule for fifteen
-		// minutes. 
+		// minutes.
 
 		q("UPDATE outq SET outq_scheduled = '%s' WHERE outq_posturl = '%s'",
 			dbesc(datetime_convert('UTC','UTC','now + 5 days')),
 			dbesc($x[0]['outq_posturl'])
 		);
- 
+
 		$since = datetime_convert('UTC','UTC',$x[0]['outq_created']);
 
 		if(($might_be_down) || ($since < datetime_convert('UTC','UTC','now - 12 hour'))) {
@@ -50,9 +53,9 @@ class Queue {
 			$next = datetime_convert('UTC','UTC','now + ' . intval($add_priority) . ' minutes');
 		}
 
-		q("UPDATE outq SET outq_updated = '%s', 
-			outq_priority = outq_priority + %d, 
-			outq_scheduled = '%s' 
+		q("UPDATE outq SET outq_updated = '%s',
+			outq_priority = outq_priority + %d,
+			outq_scheduled = '%s'
 			WHERE outq_hash = '%s'",
 
 			dbesc(datetime_convert()),
@@ -66,7 +69,7 @@ class Queue {
 	static function remove($id,$channel_id = 0) {
 		logger('queue: remove queue item ' . $id,LOGGER_DEBUG);
 		$sql_extra = (($channel_id) ? " and outq_channel = " . intval($channel_id) . " " : '');
-		
+
 		q("DELETE FROM outq WHERE outq_hash = '%s' $sql_extra",
 			dbesc($id)
 		);
@@ -75,7 +78,7 @@ class Queue {
 
 	static function remove_by_posturl($posturl) {
 		logger('queue: remove queue posturl ' . $posturl,LOGGER_DEBUG);
-		
+
 		q("DELETE FROM outq WHERE outq_posturl = '%s' ",
 			dbesc($posturl)
 		);
@@ -88,7 +91,7 @@ class Queue {
 		$sql_extra = (($channel['channel_id']) ? " and outq_channel = " . intval($channel['channel_id']) . " " : '');
 
 		// Set the next scheduled run date so far in the future that it will be expired
-		// long before it ever makes it back into the delivery chain. 
+		// long before it ever makes it back into the delivery chain.
 
 		q("update outq set outq_delivered = 1, outq_updated = '%s', outq_scheduled = '%s' where outq_hash = '%s' $sql_extra ",
 			dbesc(datetime_convert()),
@@ -108,7 +111,7 @@ class Queue {
 		}
 
 		$x = q("insert into outq ( outq_hash, outq_account, outq_channel, outq_driver, outq_posturl, outq_async, outq_priority,
-			outq_created, outq_updated, outq_scheduled, outq_notify, outq_msg ) 
+			outq_created, outq_updated, outq_scheduled, outq_notify, outq_msg )
 			values ( '%s', %d, %d, '%s', '%s', %d, %d, '%s', '%s', '%s', '%s', '%s' )",
 			dbesc($arr['hash']),
 			intval($arr['account_id']),
@@ -116,7 +119,7 @@ class Queue {
 			dbesc(($arr['driver']) ? $arr['driver'] : 'zot6'),
 			dbesc($arr['posturl']),
 			intval(1),
-			intval(($arr['priority']) ? $arr['priority'] : 0),
+			intval(isset($arr['priority']) ? $arr['priority'] : 0),
 			dbesc(datetime_convert()),
 			dbesc(datetime_convert()),
 			dbesc(datetime_convert()),
@@ -133,8 +136,8 @@ class Queue {
 
 		$base = null;
 		$h = parse_url($outq['outq_posturl']);
-		if($h !== false) 
-			$base = $h['scheme'] . '://' . $h['host'] . (($h['port']) ? ':' . $h['port'] : '');
+		if($h !== false)
+			$base = $h['scheme'] . '://' . $h['host'] . (isset($h['port']) ? ':' . $h['port'] : '');
 
 		if(($base) && ($base !== z_root()) && ($immediate)) {
 			$y = q("select site_update, site_dead from site where site_url = '%s' ",
@@ -147,7 +150,7 @@ class Queue {
 					return;
 				}
 				if($y[0]['site_update'] < datetime_convert('UTC','UTC','now - 1 month')) {
-					self::update($outq['outq_hash'],10);
+					self::update($outq['outq_hash'], 10);
 					logger('immediate delivery deferred for site ' . $base);
 					return;
 				}
@@ -158,12 +161,12 @@ class Queue {
 				// your site has existed. Since we don't know for sure what these sites are,
 				// call them unknown
 
-				site_store_lowlevel( 
+				site_store_lowlevel(
 					[
 						'site_url'    => $base,
 						'site_update' => datetime_convert(),
 						'site_dead'   => 0,
-						'site_type'   => intval(($outq['outq_driver'] === 'post') ? SITE_TYPE_NOTZOT : SITE_TYPE_UNKNOWN),
+						'site_type'   => SITE_TYPE_UNKNOWN,
 						'site_crypto' => ''
 					]
 				);
@@ -171,65 +174,17 @@ class Queue {
 		}
 
 		$arr = array('outq' => $outq, 'base' => $base, 'handled' => false, 'immediate' => $immediate);
-		call_hooks('queue_deliver',$arr);
+		call_hooks('queue_deliver', $arr);
 		if($arr['handled'])
 			return;
 
-		// "post" queue driver - used for diaspora and friendica-over-diaspora communications.
-
-		if($outq['outq_driver'] === 'post') {
-			$result = z_post_url($outq['outq_posturl'],$outq['outq_msg']);
-			if($result['success'] && $result['return_code'] < 300) {
-				logger('deliver: queue post success to ' . $outq['outq_posturl'], LOGGER_DEBUG);
-				if($base) {
-					q("update site set site_update = '%s', site_dead = 0 where site_url = '%s' ",
-						dbesc(datetime_convert()),
-						dbesc($base)
-					);
-				}
-				q("update dreport set dreport_result = '%s', dreport_time = '%s' where dreport_queue = '%s'",
-					dbesc('accepted for delivery'),
-					dbesc(datetime_convert()),
-					dbesc($outq['outq_hash'])
-				);
-				self::remove($outq['outq_hash']);
-
-				// server is responding - see if anything else is going to this destination and is piled up 
-				// and try to send some more. We're relying on the fact that do_delivery() results in an 
-				// immediate delivery otherwise we could get into a queue loop. 
-
-				if(! $immediate) {
-					$x = q("select outq_hash from outq where outq_posturl = '%s' and outq_delivered = 0",
-						dbesc($outq['outq_posturl'])
-					);
-	
-					$piled_up = array();
-					if($x) {
-						foreach($x as $xx) {
-							 $piled_up[] = $xx['outq_hash'];
-						}
-					}
-					if($piled_up) {
-						// call do_delivery() with the force flag
-						do_delivery($piled_up, true);
-					}
-				}
-			}
-			else {
-				logger('deliver: queue post returned ' . $result['return_code'] 
-					. ' from ' . $outq['outq_posturl'],LOGGER_DEBUG);
-					self::update($outq['outq_hash'],10);
-			}
-			return;
-		}
-
 		// normal zot delivery
 
 		logger('deliver: dest: ' . $outq['outq_posturl'], LOGGER_DEBUG);
 
 		if($outq['outq_posturl'] === z_root() . '/zot') {
 			// local delivery
-			$zot = new \Zotlabs\Zot6\Receiver(new \Zotlabs\Zot6\Zot6Handler(),$outq['outq_notify']);
+			$zot = new Receiver(new Zot6Handler(), $outq['outq_notify']);
 			$result = $zot->run();
 			logger('returned_json: ' . json_encode($result,JSON_PRETTY_PRINT|JSON_UNESCAPED_SLASHES), LOGGER_DATA);
 			logger('deliver: local zot delivery succeeded to ' . $outq['outq_posturl']);
@@ -240,13 +195,14 @@ class Queue {
 			$channel = null;
 
 			if($outq['outq_channel']) {
-				$channel = channelx_by_n($outq['outq_channel']);
+				$channel = channelx_by_n($outq['outq_channel'], true);
 			}
 
 			$host_crypto = null;
 
 			if($channel && $base) {
-				$h = q("select hubloc_sitekey, site_crypto from hubloc left join site on hubloc_url = site_url where site_url = '%s' and hubloc_sitekey != '' order by hubloc_id desc limit 1",
+				$h = q("SELECT hubloc_sitekey, site_crypto FROM hubloc LEFT JOIN site ON hubloc_url = site_url
+					WHERE site_url = '%s' AND hubloc_network = 'zot6' ORDER BY hubloc_id DESC LIMIT 1",
 					dbesc($base)
 				);
 				if($h) {
@@ -256,7 +212,7 @@ class Queue {
 
 			$msg = $outq['outq_notify'];
 
-			$result = Libzot::zot($outq['outq_posturl'],$msg,$channel,$host_crypto);
+			$result = Libzot::zot($outq['outq_posturl'], $msg, $channel, $host_crypto);
 
 			if($result['success']) {
 				logger('deliver: remote zot delivery succeeded to ' . $outq['outq_posturl']);
@@ -265,7 +221,7 @@ class Queue {
 			else {
 				logger('deliver: remote zot delivery failed to ' . $outq['outq_posturl']);
 				logger('deliver: remote zot delivery fail data: ' . print_r($result,true), LOGGER_DATA);
-				self::update($outq['outq_hash'],10);
+				self::update($outq['outq_hash'], 10);
 			}
 		}
 		return;

Zotlabs/Lib/Share.php

@@ -8,13 +8,13 @@ class Share {
 
 
 	public function __construct($post_id) {
-	
+
 		if(! $post_id)
 			return;
-	
+
 		if(! (local_channel() || remote_channel()))
 			return;
-	
+
 		$r = q("SELECT * from item left join xchan on author_xchan = xchan_hash WHERE id = %d  LIMIT 1",
 			intval($post_id)
 		);
@@ -23,26 +23,26 @@ class Share {
 
 		if(($r[0]['item_private']) && ($r[0]['xchan_network'] !== 'rss'))
 			return;
-	
+
 		$sql_extra = item_permissions_sql($r[0]['uid']);
-	
+
 		$r = q("select * from item where id = %d $sql_extra",
 			intval($post_id)
 		);
 		if(! $r)
 			return;
-	
+
 		if($r[0]['mimetype'] !== 'text/bbcode')
 			return;
-	
+
 		/** @FIXME eventually we want to post remotely via rpost on your home site */
 		// When that works remove this next bit:
-	
+
 		if(! local_channel())
 			return;
 
 		xchan_query($r);
-	
+
 		$this->item = $r[0];
 		return;
 	}
@@ -66,14 +66,14 @@ class Share {
 			'address'  => $this->item['author']['xchan_addr'],
 			'network'  => $this->item['author']['xchan_network'],
 			'link'     => [
-				[ 
-					'rel'  => 'alternate', 
-					'type' => 'text/html', 
+				[
+					'rel'  => 'alternate',
+					'type' => 'text/html',
 					'href' => $this->item['author']['xchan_url']
 				],
 				[
-					'rel'  => 'photo', 
-					'type' => $this->item['author']['xchan_photo_mimetype'], 
+					'rel'  => 'photo',
+					'type' => $this->item['author']['xchan_photo_mimetype'],
 					'href' => $this->item['author']['xchan_photo_m']
 				]
 			]
@@ -84,14 +84,14 @@ class Share {
 			'address'  => $this->item['owner']['xchan_addr'],
 			'network'  => $this->item['owner']['xchan_network'],
 			'link'     => [
-				[ 
-					'rel'  => 'alternate', 
-					'type' => 'text/html', 
+				[
+					'rel'  => 'alternate',
+					'type' => 'text/html',
 					'href' => $this->item['owner']['xchan_url']
 				],
 				[
-					'rel'  => 'photo', 
-					'type' => $this->item['owner']['xchan_photo_mimetype'], 
+					'rel'  => 'photo',
+					'type' => $this->item['owner']['xchan_photo_mimetype'],
 					'href' => $this->item['owner']['xchan_photo_m']
 				]
 			]
@@ -117,7 +117,7 @@ class Share {
 			$object = json_decode($this->item['obj'],true);
 			$photo_bb = $object['body'];
 		}
-	
+
 		if (strpos($this->item['body'], "[/share]") !== false) {
 			$pos = strpos($this->item['body'], "[share");
 			$bb = substr($this->item['body'], $pos);
@@ -126,7 +126,7 @@ class Share {
 				"' profile='"    . $this->item['author']['xchan_url'] .
 				"' avatar='"     . $this->item['author']['xchan_photo_s'] .
 				"' link='"       . $this->item['plink'] .
-				"' auth='"       . ((in_array($this->item['author']['xchan_network'], ['zot6', 'zot'])) ? 'true' : 'false') .
+				"' auth='"       . (($this->item['author']['xchan_network'] === 'zot6') ? 'true' : 'false') .
 				"' posted='"     . $this->item['created'] .
 				"' message_id='" . $this->item['mid'] .
 			"']";

Zotlabs/Lib/ThreadItem.php

@@ -2,7 +2,9 @@
 
 namespace Zotlabs\Lib;
 
+use App;
 use Zotlabs\Lib\Apps;
+use Zotlabs\Access\AccessList;
 
 require_once('include/text.php');
 
@@ -43,7 +45,7 @@ class ThreadItem {
 		$observer = \App::get_observer();
 
 		// Prepare the children
-		if($data['children']) {
+		if(isset($data['children'])) {
 			foreach($data['children'] as $item) {
 
 				/*
@@ -58,6 +60,9 @@ class ThreadItem {
 				$child = new ThreadItem($item);
 				$this->add_child($child);
 			}
+
+			// performance: we have already added the children
+			unset($this->data['children']);
 		}
 
 		// allow a site to configure the order and content of the reaction emoji list
@@ -98,11 +103,25 @@ class ThreadItem {
  		$conv = $this->get_conversation();
 		$observer = $conv->get_observer();
 
-		$lock = (((intval($item['item_private'])) || (($item['uid'] == local_channel()) && (strlen($item['allow_cid']) || strlen($item['allow_gid'])
-			|| strlen($item['deny_cid']) || strlen($item['deny_gid']))))
-			? t('Private Message')
+		$acl = new AccessList(false);
+		$acl->set($item);
+
+		$lock = ((intval($item['item_private']) || ($item['uid'] == local_channel() && $acl->is_private()))
+			? t('Restricted message')
 			: false);
-		$locktype = $item['item_private'];
+
+		// 1 = restricted message, 2 = direct message
+		$locktype = intval($item['item_private']);
+
+		if ($locktype === 2) {
+			$lock = t('Direct message');
+		}
+
+		// 0 = limited based on public policy
+		if ($item['uid'] == local_channel() && intval($item['item_private']) && !$acl->is_private() && strlen($item['public_policy'])) {
+			$lock = t('Public Policy');
+			$locktype = 0;
+		}
 
 		$shareable = ((($conv->get_profile_owner() == local_channel() && local_channel()) && ($item['item_private'] != 1)) ? true : false);
 
@@ -110,6 +129,16 @@ class ThreadItem {
 		if($item['author']['xchan_network'] === 'rss')
 			$shareable = true;
 
+		// @fixme
+		// Have recently added code to properly handle polls in group reshares by redirecting all of the poll responses to the group.
+		// Sharing a poll using a regular embedded share is harder because the poll will need to fork. This is due to comment permissions.
+		// The original poll author may not accept responses from strangers. Forking the poll will receive responses from the sharer's
+		// followers, but there's no elegant way to merge these two sets of results together. For now, we'll disable sharing polls.
+
+		if ($item['obj_type'] === 'Question') {
+			$shareable = false;
+		}
+
 		$privacy_warning = false;
 		if(intval($item['item_private']) && ($item['owner']['xchan_network'] === 'activitypub')) {
 			$recips = get_iconfig($item['parent'], 'activitypub', 'recips');
@@ -299,7 +328,7 @@ class ThreadItem {
 			);
 			*/
 
-			$settings = t('Conversation Tools');
+			$settings = t('Conversation Features');
 		}
 
 		$has_bookmarks = false;
@@ -367,7 +396,7 @@ class ThreadItem {
                 call_hooks('dropdown_extras',$dropdown_extras_arr);
                 $dropdown_extras = $dropdown_extras_arr['dropdown_extras'];
 
-		$midb64 = 'b64.' . base64url_encode($item['mid']);
+		$midb64 = gen_link_id($item['mid']);
 		$mids = [ $midb64 ];
 		$response_mids = [];
 		foreach($response_verbs as $v) {
@@ -384,6 +413,12 @@ class ThreadItem {
 		$pinned_items = ($allowed_type ? get_pconfig($item['uid'], 'pinned', $item['item_type'], []) : []);
 		$pinned = ((!empty($pinned_items) && in_array($midb64, $pinned_items)) ? true : false);
 
+		$contact = [];
+
+		if(App::$contacts && array_key_exists($item['author_xchan'], App::$contacts)) {
+			$contact = App::$contacts[$item['author_xchan']];
+		}
+
 		$tmp_item = array(
 			'template' => $this->get_template(),
 			'mode' => $mode,
@@ -401,6 +436,7 @@ class ThreadItem {
 			'mids' => $json_mids,
 			'parent' => $item['parent'],
 			'author_id' => (($item['author']['xchan_addr']) ? $item['author']['xchan_addr'] : $item['author']['xchan_url']),
+			'author_is_group_actor' => (($item['author']['xchan_pubforum']) ? t('Forum') : ''),
 			'isevent' => $isevent,
 			'attend' => $attend,
 			'consensus' => $consensus,
@@ -503,7 +539,9 @@ class ThreadItem {
 			'wait' => t('Please wait'),
 			'thread_level' => $thread_level,
 			'settings' => $settings,
-			'thr_parent' => (($item['parent_mid'] != $item['thr_parent']) ? 'b64.' . base64url_encode($item['thr_parent']) : '')
+			'thr_parent' => (($item['parent_mid'] != $item['thr_parent']) ? gen_link_id($item['thr_parent']) : ''),
+			'contact_id' => (($contact) ? $contact['abook_id'] : '')
+
 		);
 
 		$arr = array('item' => $item, 'output' => $tmp_item);
@@ -842,7 +880,7 @@ class ThreadItem {
 			'$cipher' => $conv->get_cipher(),
 			'$sourceapp' => \App::$sourcename,
 			'$observer' => get_observer_hash(),
-			'$anoncomments' => ((($conv->get_mode() === 'channel' || $conv->get_mode() === 'display') && perm_is_allowed($conv->get_profile_owner(),'','post_comments')) ? true : false),
+			'$anoncomments' => ((in_array($conv->get_mode(), ['channel', 'display', 'cards', 'articles']) && perm_is_allowed($conv->get_profile_owner(),'','post_comments')) ? true : false),
 			'$anonname' => [ 'anonname', t('Your full name (required)') ],
 			'$anonmail' => [ 'anonmail', t('Your email address (required)') ],
 			'$anonurl'  => [ 'anonurl',  t('Your website URL (optional)') ]

Zotlabs/Lib/ThreadStream.php

@@ -77,7 +77,7 @@ class ThreadStream {
 				$this->reload = $_SESSION['return_url'];
 				break;
 			case 'display':
-				// in this mode we set profile_owner after initialisation (from conversation()) and then 
+				// in this mode we set profile_owner after initialisation (from conversation()) and then
 				// pull some trickery which allows us to re-invoke this function afterward
 				// it's an ugly hack so @FIXME
 				$this->writable = perm_is_allowed($this->profile_owner,$ob_hash,'post_comments');
@@ -170,14 +170,14 @@ class ThreadStream {
 		 * Only add things that will be displayed
 		 */
 
-		
+
 		if(($item->get_data_value('id') != $item->get_data_value('parent')) && (activity_match($item->get_data_value('verb'),ACTIVITY_LIKE) || activity_match($item->get_data_value('verb'),ACTIVITY_DISLIKE))) {
 			return false;
 		}
 
 		$item->set_commentable(false);
 		$ob_hash = (($this->observer) ? $this->observer['xchan_hash'] : '');
-		
+
 		if(! comments_are_now_closed($item->get_data())) {
 			if(($item->get_data_value('author_xchan') === $ob_hash) || ($item->get_data_value('owner_xchan') === $ob_hash))
 				$item->set_commentable(true);
@@ -194,7 +194,7 @@ class ThreadStream {
 		}
 		if($this->mode === 'pubstream' && (! local_channel())) {
 			$item->set_commentable(false);
-		} 
+		}
 
 
 		$item->set_conversation($this);

Zotlabs/Lib/ZotURL.php

@@ -87,4 +87,4 @@ class ZotURL {
 		return ids_to_array($r,'hubloc_url');
 	}
 
-}
+}

Zotlabs/Lib/Zotfinger.php

@@ -6,7 +6,7 @@ use Zotlabs\Web\HTTPSig;
 
 class Zotfinger {
 
-	static function exec($resource,$channel = null, $verify = true) {
+	static function exec($resource, $channel = null, $verify = true, $recurse = true) {
 
 		if(! $resource) {
 			return false;
@@ -39,6 +39,30 @@ class Zotfinger {
 
 		logger('fetch: ' . print_r($x,true));
 
+        if (in_array(intval($x['return_code']), [ 404, 410 ]) && $recurse) {
+
+            // The resource has been deleted or doesn't exist at this location.
+            // Try to find another nomadic resource for this channel and return that.
+
+            // First, see if there's a hubloc for this site. Fetch that record to
+            // obtain the nomadic identity hash. Then use that to find any additional
+            // nomadic locations.
+
+            $h = Activity::get_actor_hublocs($resource, 'zot6');
+            if ($h) {
+                // mark this location deleted
+                hubloc_delete($h[0]);
+                $hubs = Activity::get_actor_hublocs($h[0]['hubloc_hash']);
+                if ($hubs) {
+                    foreach ($hubs as $hub) {
+                        if ($hub['hubloc_id_url'] !== $resource && !$hub['hubloc_deleted']) {
+                            return self::exec($hub['hubloc_id_url'], $channel, $verify);
+                        }
+                    }
+                }
+            }
+        }
+
 		if($x['success']) {
 			if ($verify) {
 				$result['signature'] = HTTPSig::verify($x, EMPTY_STR, 'zot6');

Zotlabs/Module/Acl.php

@@ -3,9 +3,9 @@
 namespace Zotlabs\Module;
 
 use Zotlabs\Lib\Libzotdir;
+use Zotlabs\Lib\AccessList;
 
 require_once 'include/acl_selectors.php';
-require_once 'include/group.php';
 
 /**
  * @brief ACL selector json backend.
@@ -123,7 +123,7 @@ class Acl extends \Zotlabs\Web\Controller {
 						"name"  => t('Profile','acl') . ' ' . $rv['profile_name'],
 						"id"	=> 'vp' . $rv['id'],
 						"xid"   => 'vp.' . $rv['profile_guid'],
-						"uids"  => group_get_profile_members_xchan(local_channel(), $rv['id']),
+						"uids"  => AccessList::profile_members_xchan(local_channel(), $rv['id']),
 						"link"  => ''
 					);
 				}
@@ -146,14 +146,14 @@ class Acl extends \Zotlabs\Web\Controller {
 
 			if($r) {
 				foreach($r as $g){
-		//		logger('acl: group: ' . $g['gname'] . ' members: ' . group_get_members_xchan($g['id']));
+		//		logger('acl: group: ' . $g['gname'] . ' members: ' . AccessList::members_xchan(local_channel(), $g['id']));
 					$groups[] = array(
 						"type"  => "g",
 						"photo" => "images/twopeople.png",
 						"name"  => $g['gname'],
 						"id"	=> $g['id'],
 						"xid"   => $g['hash'],
-						"uids"  => group_get_members_xchan($g['id']),
+						"uids"  => AccessList::members_xchan(local_channel(), $g['id']),
 						"link"  => ''
 					);
 				}
@@ -222,6 +222,7 @@ class Acl extends \Zotlabs\Web\Controller {
 					WHERE (abook_channel = %d $extra_channels_sql) AND abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc" ,
 					intval(local_channel())
 				);
+
 				if($r2)
 					$r = array_merge($r2,$r);
 
@@ -282,13 +283,12 @@ class Acl extends \Zotlabs\Web\Controller {
 			}
 		}
 		elseif($type == 'm') {
-
 			$r = array();
 			$z = q("SELECT xchan_hash as hash, xchan_name as name, xchan_network as net, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url
 				FROM abook left join xchan on abook_xchan = xchan_hash
 				WHERE abook_channel = %d
 				and xchan_deleted = 0
-				and xchan_network IN ('zot', 'diaspora', 'friendica-over-diaspora')
+				and not xchan_network IN ('rss', 'anon', 'unknown')
 				$sql_extra3
 				ORDER BY xchan_name ASC ",
 				intval(local_channel())
@@ -371,7 +371,7 @@ class Acl extends \Zotlabs\Web\Controller {
 					);
 				}
 				if($type !== 'f') {
-					if (! array_key_exists($x[$lkey], $contacts) || ($contacts[$x[$lkey]]['net'] !== 'zot6' && ($g['net'] == 'zot6' || $g['net'] == 'zot'))) {
+					if (! array_key_exists($x[$lkey], $contacts) || ($contacts[$x[$lkey]]['net'] !== 'zot6' && $g['net'] == 'zot6')) {
 						$contacts[$x[$lkey]] = array(
 							"type"     => "c",
 							"photo"    => $g['micro'],
@@ -438,7 +438,6 @@ class Acl extends \Zotlabs\Web\Controller {
 		}
 
 		if(! $url) {
-			require_once("include/dir_fns.php");
 			$directory = Libzotdir::find_upstream_directory($dirmode);
 			$url = $directory['url'] . '/dirsearch';
 		}

Zotlabs/Module/Activity.php

@@ -26,7 +26,12 @@ class Activity extends Controller {
 
 			$portable_id = EMPTY_STR;
 
-			$item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 ";
+			$item_normal_extra = sprintf(" and not verb in ('%s', '%s') ",
+				dbesc(ACTIVITY_FOLLOW),
+				dbesc(ACTIVITY_UNFOLLOW)
+			);
+
+			$item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 $item_normal_extra ";
 
 			$i = null;
 
@@ -86,7 +91,7 @@ class Activity extends Controller {
 			}
 
 			$parents_str = ids_to_querystr($i,'item_id');
-	
+
 			$items = q("SELECT item.*, item.id AS item_id FROM item WHERE item.parent IN ( %s ) $item_normal ",
 				dbesc($parents_str)
 			);
@@ -197,8 +202,12 @@ class Activity extends Controller {
 				}
 			}
 
-			$item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 
-				and item.item_delayed = 0 and item.item_blocked = 0 ";
+			$item_normal_extra = sprintf(" and not verb in ('%s', '%s') ",
+				dbesc(ACTIVITY_FOLLOW),
+				dbesc(ACTIVITY_UNFOLLOW)
+			);
+
+			$item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 $item_normal_extra ";
 
 			$sigdata = HTTPSig::verify(EMPTY_STR);
 			if ($sigdata['portable_id'] && $sigdata['header_valid']) {

Zotlabs/Module/Admin.php

@@ -8,7 +8,6 @@
 
 namespace Zotlabs\Module;
 
-require_once('include/queue_fn.php');
 require_once('include/account.php');
 
 /**
@@ -101,11 +100,14 @@ class Admin extends \Zotlabs\Web\Controller {
 
 		// pending registrations
 
-		$pdg = q("SELECT account.*, register.hash from account left join register on account_id = register.uid where (account_flags & %d ) > 0 ",
-			intval(ACCOUNT_PENDING)
+		// $pdg = q("SELECT account.*, register.reg_hash from account left join register on account_id = register.reg_uid // where (account_flags & %d ) > 0 ",
+		//		intval(ACCOUNT_PENDING)
+		// );
+		$pdg = q("SELECT COUNT(*) AS pdg FROM register WHERE reg_vital = 1 AND reg_expires > '%s' ",
+			dbesc(date('Y-m-d H:i:s'))
 		);
 
-		$pending = (($pdg) ? count($pdg) : 0);
+		$pending = ($pdg ? $pdg[0]['pdg'] : 0);
 
 		// available channels, primary and clones
 		$channels = array();

Zotlabs/Module/Admin/Accounts.php

@@ -5,7 +5,7 @@ namespace Zotlabs\Module\Admin;
 
 
 class Accounts {
-	
+
 	/**
 	 * @brief Handle POST actions on accounts admin page.
 	 *
@@ -15,14 +15,105 @@ class Accounts {
 	 *
 	 */
 
+	const MYP = 	'ZAR';			// ZAR2x
+	const VERSION =	'2.0.0';
+
 	function post() {
 
 		$pending = ( x($_POST, 'pending') ? $_POST['pending'] : array() );
 		$users   = ( x($_POST, 'user')    ? $_POST['user']    : array() );
 		$blocked = ( x($_POST, 'blocked') ? $_POST['blocked'] : array() );
-	
+
 		check_form_security_token_redirectOnErr('/admin/accounts', 'admin_accounts');
-	
+
+		$isajax = is_ajax();
+		$rc = 0;
+
+		If (!is_site_admin()) {
+			if ($isajax) {
+				killme();
+				exit;
+			}
+			goaway(z_root() . '/');
+		}
+
+		if ($isajax) {
+			//$debug = print_r($_SESSION[self::MYP],true);
+			$zarop = (x($_POST['zardo']) && preg_match('/^[ad]{1,1}$/', $_POST['zardo']) )
+					 ? $_POST['zardo'] : '';
+			// zarat arrives with leading underscore _n
+			$zarat = (x($_POST['zarat']) && preg_match('/^_{1,1}[0-9]{1,6}$/', $_POST['zarat']) )
+					 ? substr($_POST['zarat'],1) : '';
+			$zarse = (x($_POST['zarse']) && preg_match('/^[0-9a-f]{8,8}$/', $_POST['zarse']) )
+					 ? hex2bin($_POST['zarse']) : '';
+
+			if ($zarop && $zarat >= 0 && $zarse && $zarse == $_SESSION[self::MYP]['h'][$zarat]) {
+
+				//
+				if ($zarop == 'd') {
+					$rd = q("UPDATE register SET reg_vital = 0 WHERE reg_id = %d AND SUBSTR(reg_hash,1,4) = '%s' ",
+						intval($_SESSION[self::MYP]['i'][$zarat]),
+						dbesc($_SESSION[self::MYP]['h'][$zarat])
+					);
+					$rc = '×';
+				}
+				elseif ($zarop == 'a') {
+					// approval, REGISTER_DENIED by user 0x0040, REGISTER_AGREED by user 0x0020 @Regate
+					$rd = q("UPDATE register SET reg_flags = (reg_flags & ~ 16), "
+						.	" reg_vital = (CASE (reg_flags & ~ 48) WHEN 0 THEN 0 ELSE 1 END) "
+						.	" WHERE reg_vital = 1 AND reg_id = %d AND SUBSTR(reg_hash,1,4) = '%s' ",
+						intval($_SESSION[self::MYP]['i'][$zarat]),
+						dbesc($_SESSION[self::MYP]['h'][$zarat])
+					);
+					$rc = 0;
+					$rs = q("SELECT * from register WHERE reg_id = %d ",
+							intval($_SESSION[self::MYP]['i'][$zarat])
+					);
+					if ($rs && ($rs[0]['reg_flags'] & ~ 48) == 0) {
+						// create account
+						$rc = 'ok'.$rs[0]['reg_id'];
+						$ac = create_account_from_register($rs[0]);
+						if ( $ac['success'] ) {
+							$rc .= '✔';
+
+							$auto_create  = get_config('system','auto_channel_create',1);
+
+							if($auto_create) {
+								$reonar = json_decode($rs[0]['reg_stuff'], true);
+								// prepare channel creation
+								if($reonar['chan.name'])
+									set_aconfig($ac['account']['account_id'], 'register', 'channel_name', $reonar['chan.name']);
+
+								if($reonar['chan.did1'])
+									set_aconfig($ac['account']['account_id'], 'register', 'channel_address', $reonar['chan.did1']);
+
+								$permissions_role  = get_config('system','default_permissions_role');
+								if($permissions_role)
+									set_aconfig($ac['account']['account_id'], 'register', 'permissions_role', $permissions_role);
+
+								// create channel
+								$new_channel = auto_channel_create($ac['account']['account_id']);
+
+								if($new_channel['success']) {
+									$rc .= ' c,ok' . $new_channel['channel']['channel_id'] . '✔';
+								}
+								else {
+									$rc .= ' c ×';
+								}
+							}
+
+
+						}
+					} else {
+						$rc='oh ×';
+					}
+				}
+				echo json_encode(array('re' => $zarop, 'at' => '_' . $zarat, 'rc' => $rc));
+			}
+			killme();
+			exit;
+		}
+
 		// change to switch structure?
 		// account block/unblock button was submitted
 		if (x($_POST, 'page_accounts_block')) {
@@ -55,7 +146,7 @@ class Accounts {
 				account_deny($hash);
 			}
 		}
-	
+
 		goaway(z_root() . '/admin/accounts' );
 	}
 
@@ -75,19 +166,21 @@ class Accounts {
 			$account = q("SELECT * FROM account WHERE account_id = %d",
 				intval($uid)
 			);
-	
+
 			if (! $account) {
 				notice( t('Account not found') . EOL);
 				goaway(z_root() . '/admin/accounts' );
 			}
-	
+
 			check_form_security_token_redirectOnErr('/admin/accounts', 'admin_accounts', 't');
-	
+
+			$debug = '';
+
 			switch (argv(2)){
 				case 'delete':
 					// delete user
 					account_remove($uid,true,false);
-	
+
 					notice( sprintf(t("Account '%s' deleted"), $account[0]['account_email']) . EOL);
 					break;
 				case 'block':
@@ -95,7 +188,7 @@ class Accounts {
 						intval(ACCOUNT_BLOCKED),
 						intval($uid)
 					);
-	
+
 					notice( sprintf( t("Account '%s' blocked") , $account[0]['account_email']) . EOL);
 					break;
 				case 'unblock':
@@ -103,27 +196,74 @@ class Accounts {
 							intval(ACCOUNT_BLOCKED),
 							intval($uid)
 					);
-	
+
 					notice( sprintf( t("Account '%s' unblocked"), $account[0]['account_email']) . EOL);
 					break;
 			}
-	
+
 			goaway(z_root() . '/admin/accounts' );
 		}
-	
-		/* get pending */
-		$pending = q("SELECT account.*, register.hash from account left join register on account_id = register.uid where (account_flags & %d )>0 ",
-			intval(ACCOUNT_PENDING)
-		);
-	
+
+		$tao = 'tao.zar.zarax = ' . "'" . '<img src="' . z_root() . '/images/zapax16.gif">' . "';\n";
+
+
+		// by default we will only return verified results. if reg_all is set we will return everything''
+		$get_all = isset($_REQUEST['get_all']);
+		$pending = get_pending_accounts($get_all);
+
+		unset($_SESSION[self::MYP]);
+
+		if ($pending) {
+			// collect and group all ip
+			$atips = dbq("SELECT reg_atip AS atip, COUNT(reg_atip) AS atips FROM register
+				WHERE reg_vital = 1 GROUP BY reg_atip"
+			);
+
+			(($atips) ? $atipn = array_column($atips, 'atips', 'atip') : $atipn = ['' => 0]);
+
+			$tao .= 'tao.zar.zarar = {';
+			foreach ($pending as $n => $v) {
+
+				$stuff = json_decode($v['reg_stuff'], true);
+
+				if(isset($stuff['msg'])) {
+					$pending[$n]['msg'] = $stuff['msg'];
+				}
+
+				if (array_key_exists($v['reg_atip'], $atipn)) {
+					$pending[$n]['reg_atip'] = $v['reg_atip'];
+					$pending[$n]['reg_atip_n'] = $atipn[$v['reg_atip']];
+				}
+
+				$pending[$n]['status'] = '';
+				if($pending[$n]['reg_flags'] & ACCOUNT_UNVERIFIED > 0)
+					$pending[$n]['status'] = [t('Unverified'), 'bg-warning'];
+
+				if($pending[$n]['status'] && $pending[$n]['reg_expires'] < datetime_convert())
+					$pending[$n]['status'] = [t('Expired'), 'bg-danger text-white'];
+
+				// timezone adjust date_time for display
+				$pending[$n]['reg_created'] = datetime_convert('UTC', date_default_timezone_get(), $pending[$n]['reg_created']);
+				$pending[$n]['reg_startup'] = datetime_convert('UTC', date_default_timezone_get(), $pending[$n]['reg_startup']);
+				$pending[$n]['reg_expires'] = datetime_convert('UTC', date_default_timezone_get(), $pending[$n]['reg_expires']);
+
+				// better secure
+				$tao .= $n . ": '" . substr(bin2hex($v['reg_hash']),0,8) . "',";
+				$_SESSION[self::MYP]['h'][] = substr($v['reg_hash'],0,4);
+				$_SESSION[self::MYP]['i'][] = $v['reg_id'];
+			}
+			$tao = rtrim($tao,',') . '};' . "\n";
+		}
+		// <- hilmar]
+
 		/* get accounts */
-	
+
 		$total = q("SELECT count(*) as total FROM account");
 		if (count($total)) {
 			\App::set_pager_total($total[0]['total']);
 			\App::set_pager_itemspage(100);
 		}
-	
+
 		$serviceclass = (($_REQUEST['class']) ? " and account_service_class = '" . dbesc($_REQUEST['class']) . "' " : '');
 
 		$key = (($_REQUEST['key']) ? dbesc($_REQUEST['key']) : 'account_id');
@@ -134,8 +274,8 @@ class Accounts {
 		$base = z_root() . '/admin/accounts?f=';
 		$odir = (($dir === 'asc') ? '0' : '1');
 
-		$users = q("SELECT account_id , account_email, account_lastlog, account_created, account_expires, account_service_class, ( account_flags & %d ) > 0 as blocked, 
-			(SELECT %s FROM channel as ch WHERE ch.channel_account_id = ac.account_id and ch.channel_removed = 0 ) as channels FROM account as ac 
+		$users = q("SELECT account_id , account_email, account_lastlog, account_created, account_expires, account_service_class, ( account_flags & %d ) > 0 as blocked,
+			(SELECT %s FROM channel as ch WHERE ch.channel_account_id = ac.account_id and ch.channel_removed = 0 ) as channels FROM account as ac
 			where true $serviceclass and account_flags != %d order by $key $dir limit %d offset %d ",
 			intval(ACCOUNT_BLOCKED),
 			db_concat('ch.channel_address', ' '),
@@ -143,15 +283,15 @@ class Accounts {
 			intval(\App::$pager['itemspage']),
 			intval(\App::$pager['start'])
 		);
-	
+
 	//	function _setup_users($e){
 	//		$accounts = Array(
-	//			t('Normal Account'), 
+	//			t('Normal Account'),
 	//			t('Soapbox Account'),
 	//			t('Community/Celebrity Account'),
 	//			t('Automatic Friend Account')
 	//		);
-	
+
 	//		$e['page_flags'] = $accounts[$e['page-flags']];
 	//		$e['register_date'] = relative_date($e['register_date']);
 	//		$e['login_date'] = relative_date($e['login_date']);
@@ -159,49 +299,57 @@ class Accounts {
 	//		return $e;
 	//	}
 	//	$users = array_map("_setup_users", $users);
-	
+
 		$t = get_markup_template('admin_accounts.tpl');
 		$o = replace_macros($t, array(
 			// strings //
+			'$debug' => $debug,
 			'$title' => t('Administration'),
 			'$page' => t('Accounts'),
 			'$submit' => t('Submit'),
-			'$select_all' => t('select all'),
-			'$h_pending' => t('Registrations waiting for confirm'),
-			'$th_pending' => array( t('Request date'), t('Email') ),
-			'$no_pending' =>  t('No registrations.'),
+			'$get_all' => (($get_all) ? t('Show verified registrations') : t('Show all registrations')),
+			'$get_all_link' => (($get_all) ? z_root() .'/admin/accounts' : z_root() .'/admin/accounts?get_all'),
+			'$sel_tall' => t('Select toggle'),
+			'$sel_deny' => t('Deny selected'),
+			'$sel_aprv' => t('Approve selected'),
+			'$h_pending' => (($get_all) ? t('All registrations') : t('Verified registrations waiting for approval')),
+			'$th_pending' => array(t('Request date'), 'dId2', t('Email'), 'IP', t('Requests')),
+			'$no_pending' => (($get_all) ? t('No registrations available') : t('No verified registrations available')),
 			'$approve' => t('Approve'),
 			'$deny' => t('Deny'),
 			'$delete' => t('Delete'),
 			'$block' => t('Block'),
 			'$unblock' => t('Unblock'),
+			'$verified' => t('Verified'),
+			'$not_verified' => t('Not yet verified'),
 			'$odir' => $odir,
 			'$base' => $base,
 			'$h_users' => t('Accounts'),
-			'$th_users' => array( 
+			'$th_users' => array(
 				[ t('ID'), 'account_id' ],
 				[ t('Email'), 'account_email' ],
-				[ t('All Channels'), 'channels' ],
+				[ t('All channels'), 'channels' ],
 				[ t('Register date'), 'account_created' ],
 				[ t('Last login'), 'account_lastlog' ],
 				[ t('Expires'), 'account_expires' ],
-				[ t('Service Class'), 'account_service_class'] ),
-	
-			'$confirm_delete_multi' => t('Selected accounts will be deleted!\n\nEverything these accounts had posted on this site will be permanently deleted!\n\nAre you sure?'),
-			'$confirm_delete' => t('The account {0} will be deleted!\n\nEverything this account has posted on this site will be permanently deleted!\n\nAre you sure?'),
-	
+				[ t('Service class'), 'account_service_class'] ),
+
+			'$confirm_delete_multi' => p2j(t('Selected accounts will be deleted!\n\nEverything these accounts had posted on this site will be permanently deleted!\n\nAre you sure?')),
+			'$confirm_delete' => p2j(t('The account {0} will be deleted!\n\nEverything this account has posted on this site will be permanently deleted!\n\nAre you sure?')),
+
 			'$form_security_token' => get_form_security_token("admin_accounts"),
-	
+
 			// values //
-			'$baseurl' => z_root(),
-	
-			'$pending' => $pending,
-			'$users' => $users,
+			'$baseurl' 	=> z_root(),
+			'$tao'		=> $tao,
+			'$pending' 	=> $pending,
+			'$users' 	=> $users,
+			'$msg'      => t('Message')
 		));
 		$o .= paginate($a);
-	
+
 		return $o;
 	}
-	
 
 }
+

Zotlabs/Module/Admin/Channels.php

@@ -173,4 +173,4 @@ class Channels {
 		return $o;
 	}
 
-}
+}

Zotlabs/Module/Admin/Queue.php

@@ -2,52 +2,64 @@
 
 namespace Zotlabs\Module\Admin;
 
-
+use Zotlabs\Lib\Queue as LibQueue;
 
 class Queue {
 
 
-	
+
 	function get() {
 
 		$o = '';
-	
+
 		$expert = ((array_key_exists('expert',$_REQUEST)) ? intval($_REQUEST['expert']) : 0);
-	
+
 		if($_REQUEST['drophub']) {
 			hubloc_mark_as_down($_REQUEST['drophub']);
-			remove_queue_by_posturl($_REQUEST['drophub']);
+			LibQueue::remove_by_posturl($_REQUEST['drophub']);
 		}
-	
+
 		if($_REQUEST['emptyhub']) {
-			remove_queue_by_posturl($_REQUEST['emptyhub']);
+			LibQueue::remove_by_posturl($_REQUEST['emptyhub']);
 		}
-	
-		$r = q("select count(outq_posturl) as total, max(outq_priority) as priority, outq_posturl from outq 
+
+		if($_REQUEST['deliverhub']) {
+
+			$hubq = q("SELECT * FROM outq WHERE outq_posturl = '%s'",
+				dbesc($_REQUEST['deliverhub'])
+			);
+
+			foreach ($hubq as $q) {
+				LibQueue::deliver($q, true);
+			}
+		}
+
+		$r = dbq("select count(outq_posturl) as total, max(outq_priority) as priority, outq_posturl from outq
 			where outq_delivered = 0 group by outq_posturl order by total desc");
-	
+
 		for($x = 0; $x < count($r); $x ++) {
 			$r[$x]['eurl'] = urlencode($r[$x]['outq_posturl']);
 			$r[$x]['connected'] = datetime_convert('UTC',date_default_timezone_get(),$r[$x]['connected'],'Y-m-d');
 		}
-	
+
 		$o = replace_macros(get_markup_template('admin_queue.tpl'), array(
 			'$banner' => t('Queue Statistics'),
 			'$numentries' => t('Total Entries'),
 			'$priority' => t('Priority'),
 			'$desturl' => t('Destination URL'),
 			'$nukehub' => t('Mark hub permanently offline'),
+			'$deliverhub' => t('Retry delivery to this hub'),
 			'$empty' => t('Empty queue for this hub'),
 			'$lastconn' => t('Last known contact'),
 			'$hasentries' => ((count($r)) ? true : false),
 			'$entries' => $r,
 			'$expert' => $expert
 		));
-	
+
 		return $o;
 	}
-	
 
 
 
-}
+
+}

Zotlabs/Module/Admin/Site.php

@@ -5,14 +5,25 @@ namespace Zotlabs\Module\Admin;
 
 class Site {
 
+
 	/**
 	 * @brief POST handler for Admin Site Page.
 	 *
 	 */
 	function post(){
+		// [hilmar->
+		$this->isajax = is_ajax();
+		$this->eol = $this->isajax ? "\n" : EOL;
+		// ]
 		if (!x($_POST, 'page_site')) {
-			return;
+		// [
+			if (!$this->isajax)
+		// ]
+				return;
 		}
+		// [
+		$this->msgbg = '';
+		// <-hilmar]
 
 		check_form_security_token_redirectOnErr('/admin/site', 'admin_site');
 
@@ -24,14 +35,17 @@ class Site {
 		$siteinfo			=	((x($_POST,'siteinfo'))		    ? trim($_POST['siteinfo'])				: '');
 		$language			=	((x($_POST,'language'))			? notags(trim($_POST['language']))			: '');
 		$theme				=	((x($_POST,'theme'))			? notags(trim($_POST['theme']))				: '');
-//		$theme_mobile			=	((x($_POST,'theme_mobile'))		? notags(trim($_POST['theme_mobile']))			: '');
-//		$site_channel			=	((x($_POST,'site_channel'))	? notags(trim($_POST['site_channel']))				: '');
+		//		$theme_mobile			=	((x($_POST,'theme_mobile'))		? notags(trim($_POST['theme_mobile']))			: '');
+		//		$site_channel			=	((x($_POST,'site_channel'))	? notags(trim($_POST['site_channel']))				: '');
 		$maximagesize		=	((x($_POST,'maximagesize'))		? intval(trim($_POST['maximagesize']))				:  0);
 
 		$register_policy	=	((x($_POST,'register_policy'))	? intval(trim($_POST['register_policy']))	:  0);
+		$register_wo_email	=	((x($_POST,'register_wo_email'))	? intval(trim($_POST['register_wo_email']))	:  0);
 		$minimum_age           = ((x($_POST,'minimum_age'))          ? intval(trim($_POST['minimum_age']))    : 13);
 		$access_policy	=	((x($_POST,'access_policy'))	? intval(trim($_POST['access_policy']))	:  0);
-		$invite_only	= ((x($_POST,'invite_only'))		? True	: False);
+		$reg_autochannel	= ((x($_POST,'auto_channel_create'))		? True	: False);
+		$invitation_only	= ((x($_POST,'invitation_only'))		? True	: False);
+		$invitation_also	= ((x($_POST,'invitation_also'))		? True	: False);
 		$abandon_days	=	((x($_POST,'abandon_days'))	    ? intval(trim($_POST['abandon_days']))	    :  0);
 
 		$register_text		=	((x($_POST,'register_text'))	? notags(trim($_POST['register_text']))		: '');
@@ -75,6 +89,16 @@ class Site {
 		$maxloadavg        = ((x($_POST,'maxloadavg'))       ? intval(trim($_POST['maxloadavg'])) : 50);
 		$feed_contacts     = ((x($_POST,'feed_contacts'))    ? intval($_POST['feed_contacts'])    : 0);
 		$verify_email      = ((x($_POST,'verify_email'))     ? 1 : 0);
+		$register_perday   = ((x($_POST,'register_perday'))	 ? intval(trim($_POST['register_perday'])) : 50);
+		$register_sameip   = ((x($_POST,'register_sameip'))	 ? intval(trim($_POST['register_sameip'])) : 3);
+
+		$regdelayn 		   = ((x($_POST,'zardelayn'))	 	? intval(trim($_POST['zardelayn'])) : 0);
+		$regdelayu 		   = ((x($_POST,'zardelay'))	 	? notags(trim($_POST['zardelay'])) : '');
+		$reg_delay 		   = (preg_match('/^[a-z]{1,1}$/', $regdelayu) ? $regdelayn . $regdelayu : '');
+		$regexpiren 	   = ((x($_POST,'zarexpiren'))	 	? intval(trim($_POST['zarexpiren'])) : 0);
+		$regexpireu 	   = ((x($_POST,'zarexpire'))	 	? notags(trim($_POST['zarexpire'])) : '');
+		$reg_expire 	   = (preg_match('/^[a-z]{1,1}$/', $regexpireu) ? $regexpiren . $regexpireu : '');
+
 		$imagick_path      = ((x($_POST,'imagick_path'))     ? trim($_POST['imagick_path'])   : '');
 		$force_queue       = ((intval($_POST['force_queue']) > 0) ? intval($_POST['force_queue'])   : 3000);
 		$pub_incl = escape_tags(trim($_POST['pub_incl']));
@@ -82,6 +106,35 @@ class Site {
 
 		$permissions_role = escape_tags(trim($_POST['permissions_role']));
 
+		// [hilmar->
+		$this->register_duty = ((x($_POST,'register_duty')) ? notags(trim($_POST['register_duty']))  : '');
+		if (! preg_match('/^[0-9 .,:\-]{0,191}$/', $this->register_duty)) {
+			$this->msgbg .= 'ZAR0131E,' . t('Invalid input') . $this->eol;
+			$this->error++;
+		} else {
+
+			$this->duty();
+
+			if ($this->isajax) {
+				echo json_encode(array('msgbg' => $this->msgbg, 'me' => 'zar'));
+				// that mission is complete
+				killme();
+				exit;
+
+			} else {
+
+				//logger( print_r( $this->msgbg, true) );
+				//logger( print_r( $this->joo, true) );
+				if ($this->error === 0) {
+					set_config('system', 'register_duty', $this->register_duty);
+					set_config('system', 'register_duty_jso', $this->joo);
+				} else {
+					notice('ZAR0130E,'.t('Errors') . ': ' . $this->error) . EOL . $this->msgfg;
+				}
+			}
+		}
+		// <-hilmar]
+
 		set_config('system', 'feed_contacts', $feed_contacts);
 		set_config('system', 'delivery_interval', $delivery_interval);
 		set_config('system', 'delivery_batch_count', $delivery_batch_count);
@@ -96,6 +149,10 @@ class Site {
 		set_config('system', 'login_on_homepage', $login_on_homepage);
 		set_config('system', 'enable_context_help', $enable_context_help);
 		set_config('system', 'verify_email', $verify_email);
+		set_config('system', 'max_daily_registrations', $register_perday);
+		set_config('system', 'register_sameip', $register_sameip);
+		set_config('system', 'register_delay', $reg_delay);
+		set_config('system', 'register_expire', $reg_expire);
 		set_config('system', 'default_expire_days', $default_expire_days);
 		set_config('system', 'active_expire_days', $active_expire_days);
 		set_config('system', 'reply_address', $reply_address);
@@ -126,17 +183,20 @@ class Site {
 		set_config('system','siteinfo',$siteinfo);
 		set_config('system', 'language', $language);
 		set_config('system', 'theme', $theme);
-//		if ( $theme_mobile === '---' ) {
-//			del_config('system', 'mobile_theme');
-//		} else {
-//			set_config('system', 'mobile_theme', $theme_mobile);
-//		}
-	//	set_config('system','site_channel', $site_channel);
+		//		if ( $theme_mobile === '---' ) {
+		//			del_config('system', 'mobile_theme');
+		//		} else {
+		//			set_config('system', 'mobile_theme', $theme_mobile);
+		//		}
+		//	set_config('system','site_channel', $site_channel);
 		set_config('system','maximagesize', $maximagesize);
 
 		set_config('system','register_policy', $register_policy);
+		set_config('system','register_wo_email', $register_wo_email);
 		set_config('system','minimum_age', $minimum_age);
-		set_config('system','invitation_only', $invite_only);
+		set_config('system','auto_channel_create', $reg_autochannel);
+		set_config('system', 'invitation_only', $invitation_only);
+		set_config('system', 'invitation_also', $invitation_also);
 		set_config('system','access_policy', $access_policy);
 		set_config('system','account_abandon_days', $abandon_days);
 		set_config('system','register_text', $register_text);
@@ -260,6 +320,8 @@ class Site {
 			REGISTER_APPROVE => t("Yes - with approval"),
 			REGISTER_OPEN    => t("Yes")
 		);
+		$this->register_duty = get_config('system', 'register_duty', '-:-');
+		$register_perday = get_config('system','max_daily_registrations', 50);
 
 		/* Acess policy */
 		$access_choices = Array(
@@ -277,18 +339,78 @@ class Site {
 		// now invert the logic for the setting.
 		$discover_tab = (1 - $discover_tab);
 
-		$perm_roles = \Zotlabs\Access\PermissionRoles::roles();
-		$default_role = get_config('system','default_permissions_role','social');
+		$perm_roles = \Zotlabs\Access\PermissionRoles::channel_roles();
+		$default_role = get_config('system', 'default_permissions_role', 'personal');
+
+		if (!in_array($default_role, array_keys($perm_roles))) {
+			$default_role = 'personal';
+		}
 
 		$role = array('permissions_role' , t('Default permission role for new accounts'), $default_role, t('This role will be used for the first channel created after registration.'),$perm_roles);
 
-
 		$homelogin = get_config('system','login_on_homepage');
 		$enable_context_help = get_config('system','enable_context_help');
 
+		// for reuse reg_delay and reg_expire
+		$reg_rabots = array(
+ 					'i'	=> t('Minute(s)'),
+ 					'h' => t('Hour(s)')  ,
+ 					'd' => t('Day(s)')   ,
+ 					'w' => t('Week(s)')  ,
+ 					'm' => t('Month(s)') ,
+ 					'y' => t('Year(s)')
+		);
+		$regdelay_n = $regdelay_u = false;
+		$regdelay = get_config('system','register_delay');
+		if ($regdelay)
+			list($regdelay_n, $regdelay_u) = array(substr($regdelay,0,-1),substr($regdelay,-1));
+		$reg_delay = replace_macros(get_markup_template('field_duration.qmc.tpl'),
+			 array(
+			 	'label'  	=> t('Register verification delay'),
+			 	'qmc'	 	=> 'zar',
+				'qmcid'		=> '',
+				'help'		=> t('Time to wait before a registration can be verified'),
+			 	'field' => 	array(
+			 		'name'  => 'delay',
+			 		'title' => t('duration up from now'),
+			 		'value' => ($regdelay_n === false ? 0 : $regdelay_n),
+			 		'min'   => '0',
+			 		'max'   => '99',
+			 		'size'  => '2',
+					'default' => ($regdelay_u === false ? 'i' : $regdelay_u)
+			 	),
+			 	'rabot'	=> 	$reg_rabots
+ 			)
+		);
+		$regexpire_n = $regexpire_u = false;
+		$regexpire = get_config('system','register_expire');
+		if ($regexpire)
+			list($regexpire_n, $regexpire_u) = array(substr($regexpire,0,-1),substr($regexpire,-1));
+		$reg_expire = replace_macros(get_markup_template('field_duration.qmc.tpl'),
+			 array(
+			 	'label'  	=> t('Register verification expiration time'),
+			 	'qmc'	 	=> 'zar',
+				'qmcid'		=> '',
+			 	'help'		=> t('Time before an unverified registration will expire'),
+			 	'field' => 	array(
+			 		'name'  => 'expire',
+			 		'title' => t('duration up from now'),
+			 		'value' => ($regexpire_n === false ? 3 : $regexpire_n),
+			 		'min'  => '0',
+			 		'max'  => '99',
+			 		'size' => '2',
+					'default' => ($regexpire_u === false ? 'd' : $regexpire_u)
+			 	),
+			 	'rabot'	=> 	$reg_rabots
+			 )
+		);
+
+		$tao = '';
 		$t = get_markup_template("admin_site.tpl");
 		return replace_macros($t, array(
 			'$title' => t('Administration'),
+			// interfacing js vars
+			'$tao' => $tao,
 			'$page' => t('Site'),
 			'$submit' => t('Submit'),
 			'$registration' => t('Registration'),
@@ -305,21 +427,87 @@ class Site {
 			'$siteinfo'		=> array('siteinfo', t('Site Information'), get_config('system','siteinfo'), t("Publicly visible description of this site.  Displayed on siteinfo page.  BBCode can be used here")),
 			'$language' 		=> array('language', t("System language"), get_config('system','language'), "", $lang_choices),
 			'$theme' 			=> array('theme', t("System theme"), get_config('system','theme'), t("Default system theme - may be over-ridden by user profiles - <a href='#' id='cnftheme'>change theme settings</a>"), $theme_choices),
-//			'$theme_mobile' 	=> array('theme_mobile', t("Mobile system theme"), get_config('system','mobile_theme'), t("Theme for mobile devices"), $theme_choices_mobile),
-//			'$site_channel' 	=> array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")),
+		//			'$theme_mobile' 	=> array('theme_mobile', t("Mobile system theme"), get_config('system','mobile_theme'), t("Theme for mobile devices"), $theme_choices_mobile),
+		//			'$site_channel' 	=> array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")),
 			'$feed_contacts'    => array('feed_contacts', t('Allow Feeds as Connections'),get_config('system','feed_contacts'),t('(Heavy system resource usage)')),
 			'$maximagesize'		=> array('maximagesize', t("Maximum image size"), intval(get_config('system','maximagesize')), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")),
-			'$register_policy'	=> array('register_policy', t("Does this site allow new member registration?"), get_config('system','register_policy'), "", $register_choices),
-			'$invite_only'		=> array('invite_only', t("Invitation only"), get_config('system','invitation_only'), t("Only allow new member registrations with an invitation code. Above register policy must be set to Yes.")),
 			'$minimum_age'		=> array('minimum_age', t("Minimum age"), (x(get_config('system','minimum_age'))?get_config('system','minimum_age'):13), t("Minimum age (in years) for who may register on this site.")),
 			'$access_policy'	=> array('access_policy', t("Which best describes the types of account offered by this hub?"), get_config('system','access_policy'), t("This is displayed on the public server site list."), $access_choices),
-			'$register_text'	=> array('register_text', t("Register text"), htmlspecialchars(get_config('system','register_text'), ENT_QUOTES, 'UTF-8'), t("Will be displayed prominently on the registration page.")),
+
+			// Register
+			// [hilmar->
+			'$register_text'	=> [
+				'register_text',
+				t("Register text"),
+				htmlspecialchars(get_config('system','register_text'), ENT_QUOTES, 'UTF-8'),
+				t("This text will be displayed prominently at the registration page")
+			],
+			'$register_policy'	=> [
+				'register_policy',
+				t("Does this site allow new member registration?"),
+				get_config('system','register_policy'),
+				"",
+				$register_choices,
+			],
+			'$register_duty' => [
+				'register_duty',
+				t('Configure the registration open days/hours'),
+				get_config('system', 'register_duty', '-:-'),
+				t('Empty or \'-:-\' value will keep registration open 24/7 (default)') . EOL .
+				t('Weekdays and hours must be separated by colon \':\', From-To ranges with a dash `-` example: 1:800-1200') . EOL .
+				t('Weekday:Hour pairs must be separated by space \' \' example: 1:900-1700 2:900-1700') . EOL .
+				t('From-To ranges must be separated by comma \',\' example: 1:800-1200,1300-1700 or 1-2,4-5:900-1700') . EOL .
+				t('Advanced examples:') . ' 1-5:0900-1200,1300-1700 6:900-1230 ' . t('or') . ' 1-2,4-5:800-1800<br>' . EOL .
+				'<a id="zar083a" class="btn btn-sm btn-outline-secondary zuia">' . t('Check your configuration') . '</a>'. EOL
+			],
+			'$register_perday' => [
+				'register_perday',
+				t('Max account registrations per day'),
+				get_config('system', 'max_daily_registrations', 50),
+				t('Unlimited if zero or no value - default 50')
+			],
+			'$register_sameip' => [
+				'register_sameip',
+				t('Max account registrations from same IP'),
+				get_config('system', 'register_sameip', 3),
+				t('Unlimited if zero or no value - default 3')
+			],
+			'$reg_delay' => $reg_delay,
+			'$reg_expire' => $reg_expire,
+			'$reg_autochannel'		=> [
+				'auto_channel_create',
+				t("Auto channel create"),
+				get_config('system','auto_channel_create', 1),
+				t("If disabled the channel will be created in a separate step during the registration process")
+			],
+			'$invitation_only' => [
+				'invitation_only',
+				t("Require invite code"),
+				get_config('system', 'invitation_only', 0)
+			],
+			'$invitation_also' => [
+				'invitation_also',
+				t("Allow invite code"),
+				get_config('system', 'invitation_also', 0)
+			],
+			'$verify_email'		=> [
+				'verify_email',
+				t("Require email address"),
+				get_config('system','verify_email'),
+				t("The provided email address will be verified (recommended)")
+			],
+			'$abandon_days' => [
+				'abandon_days',
+				t('Abandon account after x days'),
+				get_config('system','account_abandon_days'),
+				t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.')
+			],
+			// <-hilmar]
+
 			'$role'         => $role,
 			'$frontpage'	=> array('frontpage', t("Site homepage to show visitors (default: login box)"), get_config('system','frontpage'), t("example: 'pubstream' to show public stream, 'page/sys/home' to show a system webpage called 'home' or 'include:home.html' to include a file.")),
 			'$mirror_frontpage'	=> array('mirror_frontpage', t("Preserve site homepage URL"), get_config('system','mirror_frontpage'), t('Present the site homepage in a frame at the original location instead of redirecting')),
-			'$abandon_days'     => array('abandon_days', t('Accounts abandoned after x days'), get_config('system','account_abandon_days'), t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.')),
 			'$allowed_sites'	=> array('allowed_sites', t("Allowed friend domains"), get_config('system','allowed_sites'), t("Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains")),
-			'$verify_email'		=> array('verify_email', t("Verify Email Addresses"), get_config('system','verify_email'), t("Check to verify email addresses used in account registration (recommended).")),
 			'$force_publish'	=> array('publish_all', t("Force publish"), get_config('system','publish_all'), t("Check to force all profiles on this site to be listed in the site directory.")),
 			'$disable_discover_tab'	=> array('disable_discover_tab', t('Import Public Streams'), $discover_tab, t('Import and allow access to public content pulled from other sites. Warning: this content is unmoderated.')),
 			'$site_firehose'	=> array('site_firehose', t('Site only Public Streams'), get_config('system','site_firehose'), t('Allow access to public content originating only from this site if Imported Public Streams are disabled.')),
@@ -350,15 +538,184 @@ class Site {
 			'$maxloadavg'			=> array('maxloadavg', t("Maximum Load Average"), ((intval(get_config('system','maxloadavg')) > 0)?get_config('system','maxloadavg'):50), t("Maximum system load before delivery and poll processes are deferred - default 50.")),
 			'$default_expire_days' => array('default_expire_days', t('Expiration period in days for imported (grid/network) content'), intval(get_config('system','default_expire_days')), t('0 for no expiration of imported content')),
 			'$active_expire_days' => array('active_expire_days', t('Do not expire any posts which have comments less than this many days ago'), intval(get_config('system','active_expire_days',7)), ''),
-
 			'$sellpage' => array('site_sellpage', t('Public servers: Optional landing (marketing) webpage for new registrants'), get_config('system','sellpage',''), sprintf( t('Create this page first. Default is %s/register'),z_root())),
 			'$first_page' => array('first_page', t('Page to display after creating a new channel'), get_config('system','workflow_channel_next','profiles'), t('Default: profiles')),
-
 			'$location' => array('site_location', t('Optional: site location'), get_config('system','site_location',''), t('Region or country')),
-
-
 			'$form_security_token' => get_form_security_token("admin_site"),
 		));
 	}
 
+	/**
+	 * @brief Admin page site common post submit and ajax interaction
+	 * @author hilmar runge
+	 * @since  2020-02-04
+	 * Configure register office duty weekdays and hours
+	 * Syntax: weekdays:hours [weekdays:hours]
+	 *         [.d[,d-d.]]]:hhmm-hhmm[,hhmm-hhmm...]
+	 *		   ranges are between blanks, days are 1-7, where 1 = Monday
+	 *		   hours are [h]hmm 3-4digit 24 clock values
+	 *      ie 0900-1200,1300-1800 for hours
+	 *      ie 1-2,4,5 for weekdays
+	 *		ie 1-2:900-1800		monday and tuesday open from 9 to 18h
+	 *
+	 * @var $register_duty is the input field from the admin -> site page
+	 * @return the results are in the class vars $error, $msgbg and $jsoo
+	 *		$jsoo is
+	 */
+
+	// 3-4 digit 24h clock regex
+	const regxTime34 = '/^(?:2[0-3]|[01][0-9]|[0-9])[0-5][0-9]$/';
+	var $wdconst = array('','mo','tu','we','th','fr','sa','so');
+
+	// in
+	var $register_duty;
+	// intermediate
+	var $isajax;
+	// return
+	var $jsoo;
+	var $msgbg;
+	var $error = 0;
+	var $msgfg = '';
+
+	private function duty() {
+
+		$aro=array_fill(1, 7, 0);
+
+		if ($this->isajax) {
+			$op = (preg_match('/[a-z]{2,4}/', $_REQUEST['zarop'])) ? $_REQUEST['zarop'] : '';
+			if ($op == 'zar083') {
+				$this->msgbg = 'Testmode:' . $this->eol . $this->msgbg;
+			} else {
+				killme();
+				exit;
+			}
+		}
+
+		$ranges = preg_split('/\s+/', $this->register_duty);
+		$this->msgbg .= '..ranges: ' . print_r(count($ranges),true) . $this->eol;
+
+		foreach ($ranges as $rn => $range) {
+			list($ws,$hs,) = explode(':', $range);
+
+			$ws ? $arw = explode( ',', $ws) : $arw=array();
+			$this->msgbg .= ($rn+1).'.weekday ranges: ' . count($arw) . $this->eol;
+			// $this->msgbg .= print_r($arw,true);
+			$hs ? $arh = explode( ',', $hs) : $arh=array();
+			$this->msgbg .= ($rn+1).'.hour ranges: ' . count($arh) . $this->eol;
+
+			$this->msgbg .= ($rn+1).'.wdays: ' . ( $ws ? print_r($ws,true) : 'none') . ' : '
+					.  ' hours: ' . print_r($hs,true) . $this->eol;
+
+			// several hs may belog to one wd
+			// aro[0] is tmp store
+			foreach ($arh as $hs) {
+				list($ho,$hc,) = explode( '-', $hs );
+
+				// no value forces open very early, and be sure having valid hhmm values
+				!$ho ? $ho = "0000" : '';
+				!$hc ? $hc = "0000" : ''; // pseudo
+				if (preg_match(self::regxTime34, $ho)
+				 && preg_match(self::regxTime34, $hc)) {
+
+					// fix pseudo, allow no reverse range
+					$hc == "0000" || $ho > $hc ? $hc = "2400" : '';
+
+					$aro[0][$ho] = 0;
+					$aro[0][$hc] = 1;
+
+					$this->msgbg .= ($ho ? ' .open:' . $ho : '') . ($hc ? ' close:' . $hc : '') .$this->eol;
+				} else {
+					$this->msgbg .= ' .' . t('Invalid 24h time value (hhmm/hmm)') . $this->eol;
+					$this->msgfg  .= ' .ZAR0132E,' . t('Invalid 24h time value (hhmm/hmm)') . $this->eol;
+					$this->error++;
+				}
+			}
+
+			// the weekday(s) values or ranges
+			foreach ($arw as $ds) {
+				$wd=explode('-', $ds);
+				array_key_exists("1", $wd) && $wd[1]=="" ? $wd[1] = "7" : '';	 // a case 3-
+				array_key_exists("1", $wd) && $wd[0]=="" ? $wd[0] = "1" : '';	 // a case -3
+				!array_key_exists("1", $wd)				 ? $wd[1] = $wd[0] : ''; // a case 3
+				if ($wd[0] > $wd[1]) continue; //  reverse order will be ignored // a case 5-3
+				if (preg_match('/^[1-7]{1}$/', $wd[0])) {
+					if (preg_match('/^[1-7]{1}$/', $wd[1])) {
+						// $this->msgbg .= print_r($wd,true);
+						for ($i=$wd[0]; $i<=$wd[1]; $i++) {
+							// take the tmp store for the selected day(s)
+							$aro[$i]=$aro[0];
+						}
+					}
+				}
+			}
+			//$this->msgbg .= 'aro0: ' . print_r($aro,true) . $this->eol; // 4devels
+			// clear the tmp store
+			$aro[0]=array();
+		}
+		// discart the tmp store
+		unset($aro[0]);
+		// not configured days close at the beginning 0000h
+		for ($i=1;$i<=7;$i++) { is_array($aro[$i]) ? '' : $aro[$i] = array("0000" => 1); }
+		// $this->msgbg .= 'aro: ' . print_r($aro,true) . $this->eol; // 4devels
+
+		if ($this->isajax) {
+			// tell what we have
+			// $this->msgbg .= 'aro0: ' . print_r($aro,true) . $this->eol; // 4devels
+			$this->msgbg .= 'Duty time table:' . $this->eol;
+			foreach ($aro as $dow => $hrs) {
+				$this->msgbg .= ' ' . $this->wdconst[$dow] . ' ';
+				// $this->msgbg .= '**' . print_r($hrs,true);
+				foreach ($hrs as $h => $o) {
+					$this->msgbg .= ((!$o) ? $h . ':open' : $h . ':close') . ', ';
+				}
+				$this->msgbg = rtrim($this->msgbg, ', ') . $this->eol;
+			}
+
+			$this->msgbg .= 'Generating 6 random times to check duty hours: ' . $this->eol;
+			// we only need some random dates from anyway in past or future
+			// because only the weekday and the clock is to test
+			for ($i=0; $i<6; $i++) {
+				$adow = rand(1, 7); // 1 to 7 (days)
+				$cdow = $this->wdconst[$adow];
+				// below is the essential algo to verify a date (of format Hi) meets an open or closed condition
+				$t = date('Hi', ( rand(time(), 60*60*24+time()) ) );
+				$how='close';
+				foreach ($aro[$adow] as $o => $v) {
+					// $this->msgbg .= 'debug: ' . $o . ' gt ' . $t . ' / ' . $v . $this->eol; // 4devels
+					if ($o > $t) {
+						$how = ($v ? 'open' : 'close');
+						break;
+					}
+				}
+				// now we know
+				$this->msgbg .= ' ' . $cdow . '.' . $t . '=' . $how . ', ';
+			}
+			$this->msgbg = rtrim($this->msgbg, ', ') . $this->eol;
+		}
+
+		/*
+		//$jov1 = array( 'view1' => $aro, 'view2' => '');
+		$jov2=array();
+		foreach ($aro as $d => $ts) {
+			foreach ($ts as $t => $ft) {
+				$jov2['view2'][$ft][] = $d.$t;
+				//$ft=="1" && $t=="0000" ? $jov2['view2']["0"][] = $d."2400" : '';
+			}
+		}
+		 $this->msgbg .= print_r($jov2, true) . $this->eol; // 4devels
+		*/
+
+		$this->joo = json_encode($aro);
+		// $this->msgbg .= $this->joo . $this->eol; // 4devels
+		// $this->msgbg .= print_r($aro, true) . $this->eol; // 4devels
+		$okko = (json_decode($this->joo, true) ? true : false);
+		if (!$okko) {
+			$this->msgbg .= 'ZAR0139D,json 4 duty KO crash' . $this->eol;
+			$this->msgfg .= 'ZAR0139D,json 4 duty KO crash' . $this->eol;
+			$this->error++;
+		}
+		return ;
+	}
+
+
 }

Zotlabs/Module/Affinity.php

@@ -44,17 +44,14 @@ class Affinity extends \Zotlabs\Web\Controller {
 		if(! local_channel())
 			return;
 
-		$desc = t('This app presents a slider control in your connection editor and also on your network page. The slider represents your degree of friendship (affinity) with each connection. It allows you to zoom in or out and display conversations from only your closest friends or everybody in your stream.');
-		if(! Apps::system_app_installed(local_channel(),'Affinity Tool')) {
+		if(! Apps::system_app_installed(local_channel(), 'Affinity Tool')) {
 			//Do not display any associated widgets at this point
 			App::$pdl = '';
-
-			$o = '<b>' . t('Affinity Tool App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= $desc;
-			return $o;
+			$papp = Apps::get_papp('Affinity Tool');
+			return Apps::app_render($papp, 'module');
 		}
 
-		$text = t('The numbers below represent the minimum and maximum slider default positions for your network/stream page as a percentage.'); 			
+		$text = t('The numbers below represent the minimum and maximum slider default positions for your network/stream page as a percentage.');
 
 		$content = '<div class="section-content-info-wrapper">' . $text . '</div>';
 

Zotlabs/Module/Album.php

@@ -0,0 +1,103 @@
+<?php
+
+namespace Zotlabs\Module;
+
+use App;
+use Zotlabs\Web\Controller;
+use Zotlabs\Lib\Activity;
+use Zotlabs\Lib\ActivityStreams;
+use Zotlabs\Lib\Config;
+use Zotlabs\Web\HTTPSig;
+
+require_once('include/security.php');
+require_once('include/attach.php');
+require_once('include/photo/photo_driver.php');
+require_once('include/photos.php');
+
+
+class Album extends Controller {
+
+	function init() {
+
+		if (ActivityStreams::is_as_request()) {
+			$sigdata = HTTPSig::verify(EMPTY_STR);
+			if ($sigdata['portable_id'] && $sigdata['header_valid']) {
+				$portable_id = $sigdata['portable_id'];
+				if (!check_channelallowed($portable_id)) {
+					http_status_exit(403, 'Permission denied');
+				}
+				if (!check_siteallowed($sigdata['signer'])) {
+					http_status_exit(403, 'Permission denied');
+				}
+				observer_auth($portable_id);
+			}
+			elseif (Config::get('system', 'require_authenticated_fetch', false)) {
+				http_status_exit(403, 'Permission denied');
+			}
+
+			$observer_xchan = get_observer_hash();
+			$allowed        = false;
+
+			$bear = Activity::token_from_request();
+			if ($bear) {
+				logger('bear: ' . $bear, LOGGER_DEBUG);
+			}
+
+			$channel = null;
+
+			if (argc() > 1) {
+				$channel = channelx_by_nick(argv(1));
+			}
+			if (!$channel) {
+				http_status_exit(404, 'Not found.');
+			}
+
+			$sql_extra = permissions_sql($channel['channel_id'], $observer_xchan);
+
+			if (argc() > 2) {
+				$folder  = argv(2);
+				$r       = q("select * from attach where is_dir = 1 and hash = '%s' and uid = %d $sql_extra limit 1",
+					dbesc($folder),
+					intval($channel['channel_id'])
+				);
+				$allowed = (($r) ? attach_can_view($channel['channel_id'], $observer_xchan, $r[0]['hash'] /*,$bear */) : false);
+			}
+			else {
+				$folder  = EMPTY_STR;
+				$allowed = perm_is_allowed($channel['channel_id'], $observer_xchan, 'view_storage');
+			}
+
+			if (!$allowed) {
+				http_status_exit(403, 'Permission denied.');
+			}
+
+			$x = q("select * from attach where folder = '%s' and uid = %d $sql_extra",
+				dbesc($folder),
+				intval($channel['channel_id'])
+			);
+
+			$contents = [];
+
+			if ($x) {
+				foreach ($x as $xv) {
+					if (intval($xv['is_dir'])) {
+						continue;
+					}
+					if (!attach_can_view($channel['channel_id'], $observer_xchan, $xv['hash'] /*,$bear*/)) {
+						continue;
+					}
+					if (intval($xv['is_photo'])) {
+						$contents[] = z_root() . '/photo/' . $xv['hash'];
+					}
+				}
+			}
+
+			$obj = Activity::encode_simple_collection($contents, App::$query_string, 'OrderedCollection', count($contents));
+			as_return_and_die($obj, $channel);
+
+		}
+
+	}
+
+}
+

Zotlabs/Module/Appman.php

@@ -1,18 +1,18 @@
 <?php /** @file */
 
-namespace Zotlabs\Module; 
+namespace Zotlabs\Module;
 
-//require_once('include/apps.php');
-
-use \Zotlabs\Lib as Zlib;
+use App;
+use Zotlabs\Lib\Apps;
+use Zotlabs\Lib\Libsync;
 
 class Appman extends \Zotlabs\Web\Controller {
 
 	function post() {
-	
+
 		if(! local_channel())
 			return;
-	
+
 		if($_POST['url']) {
 			$arr = array(
 				'uid' => intval($_REQUEST['uid']),
@@ -32,32 +32,70 @@ class Appman extends \Zotlabs\Web\Controller {
 				'sig' => escape_tags($_REQUEST['sig']),
 				'categories' => escape_tags($_REQUEST['categories'])
 			);
-	
-			$_REQUEST['appid'] = Zlib\Apps::app_install(local_channel(),$arr);
-	
-			if(Zlib\Apps::app_installed(local_channel(),$arr))
+
+			$_REQUEST['appid'] = Apps::app_install(local_channel(),$arr);
+
+			if(Apps::app_installed(local_channel(),$arr))
 				info( t('App installed.') . EOL);
 
 			goaway(z_root() . '/apps');
 			return; //not reached
 		}
-	
-	
-		$papp = Zlib\Apps::app_decode($_POST['papp']);
-	
+
+
+		$papp = Apps::app_decode($_POST['papp']);
+
 		if(! is_array($papp)) {
 			notice( t('Malformed app.') . EOL);
 			return;
 		}
-	
+
 		if($_POST['install']) {
-			Zlib\Apps::app_install(local_channel(),$papp);
-			if(Zlib\Apps::app_installed(local_channel(),$papp))
+			Apps::app_install(local_channel(),$papp);
+			if(Apps::app_installed(local_channel(),$papp))
 				info( t('App installed.') . EOL);
+
+			$sync = q("SELECT * FROM app WHERE app_channel = %d AND app_id = '%s' LIMIT 1",
+				intval(local_channel()),
+				dbesc($papp['guid'])
+			);
+
+			if (!$sync) {
+				return;
+			}
+
+			if (intval($sync[0]['app_system'])) {
+				Libsync::build_sync_packet($uid, ['sysapp' => $sync]);
+			}
+			else {
+				Libsync::build_sync_packet($uid, ['app' => $sync]);
+			}
+
 		}
-	
+
 		if($_POST['delete']) {
-			Zlib\Apps::app_destroy(local_channel(),$papp);
+
+			// Fetch the app for sync before it is deleted (if it is deletable))
+			$sync = q("SELECT * FROM app WHERE app_channel = %d AND app_id = '%s' LIMIT 1",
+				intval(local_channel()),
+				dbesc($papp['guid'])
+			);
+
+			if (!$sync) {
+				return;
+			}
+
+			Apps::app_destroy(local_channel(), $papp);
+
+			// Now flag it deleted
+			$sync[0]['app_deleted'] = 1;
+
+			if (intval($sync[0]['app_system'])) {
+				Libsync::build_sync_packet($uid, ['sysapp' => $sync]);
+			}
+			else {
+				Libsync::build_sync_packet($uid, ['app' => $sync]);
+			}
 		}
 
 		if($_POST['edit']) {
@@ -65,37 +103,65 @@ class Appman extends \Zotlabs\Web\Controller {
 		}
 
 		if($_POST['feature']) {
-			Zlib\Apps::app_feature(local_channel(), $papp, $_POST['feature']);
+			Apps::app_feature(local_channel(), $papp, $_POST['feature']);
+
+			$sync = q("SELECT * FROM app WHERE app_channel = %d AND app_id = '%s' LIMIT 1",
+				intval(local_channel()),
+				dbesc($papp['guid'])
+			);
+
+			if (intval($sync[0]['app_system'])) {
+				Libsync::build_sync_packet($uid, ['sysapp' => $sync]);
+			}
+			else {
+				Libsync::build_sync_packet($uid, ['app' => $sync]);
+			}
 		}
 
 		if($_POST['pin']) {
-			Zlib\Apps::app_feature(local_channel(), $papp, $_POST['pin']);
+			Apps::app_feature(local_channel(), $papp, $_POST['pin']);
+
+			$sync = q("SELECT * FROM app WHERE app_channel = %d AND app_id = '%s' LIMIT 1",
+				intval(local_channel()),
+				dbesc($papp['guid'])
+			);
+
+			if (intval($sync[0]['app_system'])) {
+				Libsync::build_sync_packet($uid, ['sysapp' => $sync]);
+			}
+			else {
+				Libsync::build_sync_packet($uid, ['app' => $sync]);
+			}
 		}
 
-		if($_SESSION['return_url']) 
+		if($_POST['aj']) {
+			killme();
+		}
+
+		if($_SESSION['return_url'])
 			goaway(z_root() . '/' . $_SESSION['return_url']);
 
 		goaway(z_root() . '/apps');
-	
-	
+
+
 	}
-	
-	
+
+
 	function get() {
-	
+
 		if(! local_channel()) {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}
 
-		$channel = \App::get_channel();
+		$channel = App::get_channel();
 
 		if(argc() > 3) {
 			if(argv(2) === 'moveup') {
-				Zlib\Apps::moveup(local_channel(),argv(1),argv(3));
+				Apps::moveup(local_channel(),argv(1),argv(3));
 			}
 			if(argv(2) === 'movedown') {
-				Zlib\Apps::movedown(local_channel(),argv(1),argv(3));
+				Apps::movedown(local_channel(),argv(1),argv(3));
 			}
 			goaway(z_root() . '/apporder');
 		}
@@ -129,12 +195,12 @@ class Appman extends \Zotlabs\Web\Controller {
 				}
 			}
 
-			$embed = array('embed', t('Embed code'), Zlib\Apps::app_encode($app,true),'', 'onclick="this.select();"');
-	
+			$embed = array('embed', t('Embed code'), Apps::app_encode($app,true),'', 'onclick="this.select();"');
+
 		}
-				
+
 		return replace_macros(get_markup_template('app_create.tpl'), array(
-	
+
 			'$banner' => (($app) ? t('Edit App') : t('Create App')),
 			'$app' => $app,
 			'$guid' => (($app) ? $app['app_id'] : ''),
@@ -154,7 +220,7 @@ class Appman extends \Zotlabs\Web\Controller {
 			'$embed' => $embed,
 			'$submit' => t('Submit')
 		));
-	
+
 	}
-	
+
 }

Zotlabs/Module/Apps.php

@@ -9,7 +9,7 @@ class Apps extends \Zotlabs\Web\Controller {
 	function get() {
 
 		nav_set_selected('Apps');
-	
+
 		if(argc() == 2 && argv(1) == 'edit')
 			$mode = 'edit';
 		else
@@ -18,9 +18,9 @@ class Apps extends \Zotlabs\Web\Controller {
 		$available = ((argc() == 2 && argv(1) === 'available') ? true : false);
 
 		$_SESSION['return_url'] = \App::$query_string;
-	
+
 		$apps = array();
-	
+
 		if(local_channel()) {
 			Zlib\Apps::import_system_apps();
 			$syslist = array();
@@ -37,9 +37,9 @@ class Apps extends \Zotlabs\Web\Controller {
 			$syslist = Zlib\Apps::get_system_apps(true);
 
 		usort($syslist,'Zotlabs\\Lib\\Apps::app_name_compare');
-	
+
 	//	logger('apps: ' . print_r($syslist,true));
-	
+
 		foreach($syslist as $app) {
 			$apps[] = Zlib\Apps::app_render($app,(($available) ? 'install' : $mode));
 		}
@@ -53,7 +53,7 @@ class Apps extends \Zotlabs\Web\Controller {
 			'$manage' => (($available) ? '' : t('Manage Apps')),
 			'$create' => (($mode == 'edit') ? t('Create Custom App') : '')
 		));
-	
+
 	}
-	
+
 }

Zotlabs/Module/Apschema.php

@@ -14,7 +14,7 @@ class Apschema extends \Zotlabs\Web\Controller {
 				'zot'              => z_root() . '/apschema#',
 				'id'               => '@id',
 				'type'             => '@type',
-				'commentPolicy'    => 'as:commentPolicy',
+				'commentPolicy'    => 'zot:commentPolicy',
 				'meData'           => 'zot:meData',
 				'meDataType'       => 'zot:meDataType',
 				'meEncoding'       => 'zot:meEncoding',
@@ -33,6 +33,9 @@ class Apschema extends \Zotlabs\Web\Controller {
 				'PropertyValue'    => 'schema:PropertyValue',
 				'value'            => 'schema:value',
 
+				'manuallyApprovesFollowers' => 'as:manuallyApprovesFollowers',
+
+
 				'magicEnv' => [
 					'@id'   => 'zot:magicEnv',
 					'@type' => '@id'
@@ -50,7 +53,7 @@ class Apschema extends \Zotlabs\Web\Controller {
 				'guid'         => 'diaspora:guid',
 
 				'Hashtag'      => 'as:Hashtag'
-				
+
 			]
 		];
 

Zotlabs/Module/Article_edit.php

@@ -85,7 +85,6 @@ class Article_edit extends \Zotlabs\Web\Controller {
 
 		$mimetype = $itm[0]['mimetype'];
 
-		$summary = (($itm[0]['summary']) ? '[summary]' . $itm[0]['summary'] . '[/summary]' . "\r\n" : '');
 		$content = $itm[0]['body'];
 
 		$rp = 'articles/' . $channel['channel_address'];
@@ -109,7 +108,7 @@ class Article_edit extends \Zotlabs\Web\Controller {
 			'ptyp' => $itm[0]['type'],
 			'mimeselect' => false,
 			'mimetype' => $itm[0]['mimetype'],
-			'body' => $summary . undo_post_tagging($content),
+			'body' => undo_post_tagging($content),
 			'post_id' => $post_id,
 			'visitor' => true,
 			'title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'),

Zotlabs/Module/Articles.php

@@ -48,10 +48,8 @@ class Articles extends Controller {
 		if(! Apps::system_app_installed(App::$profile_uid, 'Articles')) {
 			//Do not display any associated widgets at this point
 			App::$pdl = '';
-
-			$o = '<b>' . t('Articles App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= t('Create interactive articles');
-			return $o;
+			$papp = Apps::get_papp('Articles');
+			return Apps::app_render($papp, 'module');
 		}
 
 		nav_set_selected('Articles');

Zotlabs/Module/Authtest.php

@@ -1,41 +1,38 @@
 <?php
 namespace Zotlabs\Module;
 
-require_once('include/zot.php');
-
-
 class Authtest extends \Zotlabs\Web\Controller {
 
 	function get() {
-	
-	
+
+
 		$auth_success = false;
 		$o .= '<h3>Magic-Auth Diagnostic</h3>';
-	
+
 		if(! local_channel()) {
 			notice( t('Permission denied.') . EOL);
 			return $o;
 		}
-	
+
 		$o .= '<form action="authtest" method="get">';
 		$o .= 'Target URL: <input type="text" style="width: 250px;" name="dest" value="' . $_GET['dest'] .'" />';
-		$o .= '<input type="submit" name="submit" value="Submit" /></form>'; 
-	
+		$o .= '<input type="submit" name="submit" value="Submit" /></form>';
+
 		$o .= '<br /><br />';
-	
+
 		if(x($_GET,'dest')) {
 			if(strpos($_GET['dest'],'@')) {
 				$_GET['dest'] = $_REQUEST['dest'] = 'https://' . substr($_GET['dest'],strpos($_GET['dest'],'@')+1) . '/channel/' . substr($_GET['dest'],0,strpos($_GET['dest'],'@'));
 			}
-	
+
 			$_REQUEST['test'] = 1;
 			$mod = new Magic();
 			$x = $mod->init($a);
 
 			$o .= 'Local Setup returns: ' . print_r($x,true);
-	
-	
-	
+
+
+
 			if($x['url']) {
 				$z = z_fetch_url($x['url'] . '&test=1');
 				if($z['success']) {
@@ -50,12 +47,12 @@ class Authtest extends \Zotlabs\Web\Controller {
 					$o .= 'fetch url failure.' . print_r($z,true);
 				}
 			}
-	
+
 			if(! $auth_success)
 				$o .= 'Authentication Failed!' . EOL;
 		}
-	
+
 		return str_replace("\n",'<br />',$o);
 	}
-	
+
 }

Zotlabs/Module/Bookmarks.php

@@ -16,33 +16,33 @@ class Bookmarks extends \Zotlabs\Web\Controller {
 
 		nav_set_selected('Bookmarks');
 
-		$item_id = intval($_REQUEST['item']);
-		$burl = trim($_REQUEST['burl']);
-	
+		$item_id = (isset($_REQUEST['item']) ? $_REQUEST['item'] : false);
+		$burl    = (isset($_REQUEST['burl']) ? trim($_REQUEST['burl']) : '');
+
 		if(! $item_id)
 			return;
-	
+
 		$u = \App::get_channel();
-	
+
 		$item_normal = item_normal();
-	
+
 		$i = q("select * from item where id = %d and uid = %d $item_normal limit 1",
 			intval($item_id),
 			intval(local_channel())
 		);
-	
+
 		if(! $i)
 			return;
-	
+
 		$i = fetch_post_tags($i);
-	
+
 		$item = $i[0];
-	
-		$terms = get_terms_oftype($item['term'],TERM_BOOKMARK);
-	
+
+		$terms = (x($item, 'term') ? get_terms_oftype($item['term'],TERM_BOOKMARK) : false);
+
 		if($terms) {
 			require_once('include/bookmarks.php');
-	
+
 			$s = q("select * from xchan where xchan_hash = '%s' limit 1",
 				dbesc($item['author_xchan'])
 			);
@@ -58,13 +58,13 @@ class Bookmarks extends \Zotlabs\Web\Controller {
 				}
 				else
 					bookmark_add($u,$s[0],$t,$item['item_private']);
-	
+
 				info( t('Bookmark added') . EOL);
 			}
 		}
 		killme();
 	}
-	
+
 	function get() {
 		if(! local_channel()) {
 			notice( t('Permission denied.') . EOL);
@@ -74,49 +74,47 @@ class Bookmarks extends \Zotlabs\Web\Controller {
 		if(! Apps::system_app_installed(local_channel(), 'Bookmarks')) {
 			//Do not display any associated widgets at this point
 			App::$pdl = '';
-
-			$o = '<b>' . t('Bookmarks App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= t('Bookmark links from posts and manage them');
-			return $o;
+			$papp = Apps::get_papp('Bookmarks');
+			return Apps::app_render($papp, 'module');
 		}
-	
+
 		require_once('include/menu.php');
 		require_once('include/conversation.php');
-	
+
 		$channel = \App::get_channel();
-	
+
 		$o = '';
-	
+
 		$o .= '<div class="generic-content-wrapper-styled">';
-	
-		$o .= '<h3>' . t('My Bookmarks') . '</h3>';
-	
+
+		$o .= '<h3>' . t('Bookmarks') . '</h3>';
+
 		$x = menu_list(local_channel(),'',MENU_BOOKMARK);
-	
+
 		if($x) {
 			foreach($x as $xx) {
 				$y = menu_fetch($xx['menu_name'],local_channel(),get_observer_hash());
 				$o .= menu_render($y,'',true);
 			}
 		}
-	
+
 		$o .= '<h3>' . t('My Connections Bookmarks') . '</h3>';
-	
-	
+
+
 		$x = menu_list(local_channel(),'',MENU_SYSTEM|MENU_BOOKMARK);
-	
+
 		if($x) {
 			foreach($x as $xx) {
 				$y = menu_fetch($xx['menu_name'],local_channel(),get_observer_hash());
 				$o .= menu_render($y,'',true);
 			}
 		}
-	
+
 		$o .= '</div>';
-	
+
 		return $o;
-	
+
 	}
-	
-	
+
+
 }

Zotlabs/Module/Cal.php

@@ -19,45 +19,45 @@ class Cal extends Controller {
 		if(observer_prohibited()) {
 			return;
 		}
-	
+
 		if(argc() > 1) {
 			$nick = argv(1);
-	
+
 			profile_load($nick);
-	
+
 			$channelx = channelx_by_nick($nick);
-	
+
 			if(! $channelx) {
 				notice( t('Channel not found.') . EOL);
 				return;
 			}
-	
+
 			App::$data['channel'] = $channelx;
-	
+
 			$observer = App::get_observer();
 			App::$data['observer'] = $observer;
-	
+
 			head_set_icon(App::$data['channel']['xchan_photo_s']);
-	
+
 			App::$page['htmlhead'] .= "<script> var profile_uid = " . ((App::$data['channel']) ? App::$data['channel']['channel_id'] : 0) . "; </script>" ;
-	
+
 		}
-	
+
 		return;
 	}
-	
-	
-	
+
+
+
 	function get() {
-	
+
 		if(observer_prohibited()) {
 			return;
 		}
-		
+
 		$channel = App::$data['channel'];
 
 		// since we don't currently have an event permission - use the stream permission
-	
+
 		if(! perm_is_allowed($channel['channel_id'], get_observer_hash(), 'view_stream')) {
 			notice( t('Permissions denied.') . EOL);
 			return;
@@ -76,10 +76,10 @@ class Cal extends Controller {
 
 		if(! perm_is_allowed($channel['channel_id'], get_observer_hash(), 'view_contacts') || App::$profile['hide_friends'])
 			$sql_extra .= " and etype != 'birthday' ";
-	
+
 		$first_day = feature_enabled($channel['channel_id'], 'cal_first_day');
 		$first_day = (($first_day) ? $first_day : 0);
-	
+
 		$start = '';
 		$finish = '';
 
@@ -87,7 +87,7 @@ class Cal extends Controller {
 			if (x($_GET,'start'))	$start = $_GET['start'];
 			if (x($_GET,'end'))	$finish = $_GET['end'];
 		}
-	
+
 		$start  = datetime_convert('UTC','UTC',$start);
 		$finish = datetime_convert('UTC','UTC',$finish);
 		$adjust_start = datetime_convert('UTC', date_default_timezone_get(), $start);
@@ -107,10 +107,10 @@ class Cal extends Controller {
 			// Noting this for now - it will need to be fixed here and in Friendica.
 			// Ultimately the finish date shouldn't be involved in the query.
 			$r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan, item.id as item_id
-				from event left join item on event.event_hash = item.resource_id 
-				where item.resource_type = 'event' and event.uid = %d and event.uid = item.uid 
-				AND (( event.adjust = 0 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' ) 
-				OR (  event.adjust = 1 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' )) 
+				from event left join item on event.event_hash = item.resource_id
+				where item.resource_type = 'event' and event.uid = %d and event.uid = item.uid
+				AND (( event.adjust = 0 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' )
+				OR (  event.adjust = 1 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' ))
 				$sql_extra",
 				intval($channel['channel_id']),
 				dbesc($start),
@@ -119,7 +119,7 @@ class Cal extends Controller {
 				dbesc($adjust_finish)
 			);
 		}
-	
+
 		if($r) {
 			xchan_query($r);
 			$r = fetch_post_tags($r,true);
@@ -127,20 +127,16 @@ class Cal extends Controller {
 		}
 
 		$events = [];
-	
+
 		if($r) {
 
 			foreach($r as $rr) {
 
-				$tz = get_iconfig($rr, 'event', 'timezone');
-				if(! $tz)
-					$tz = 'UTC';
-
-				$start = (($rr['adjust']) ? datetime_convert($tz, date_default_timezone_get(), $rr['dtstart'], 'c') : datetime_convert('UTC', 'UTC', $rr['dtstart'], 'c'));
+				$start = (($rr['adjust']) ? datetime_convert('UTC', date_default_timezone_get(), $rr['dtstart'], 'c') : datetime_convert('UTC', 'UTC', $rr['dtstart'], 'c'));
 				if ($rr['nofinish']){
 					$end = null;
 				} else {
-					$end = (($rr['adjust']) ? datetime_convert($tz, date_default_timezone_get(), $rr['dtend'], 'c') : datetime_convert('UTC', 'UTC', $rr['dtend'], 'c'));
+					$end = (($rr['adjust']) ? datetime_convert('UTC', date_default_timezone_get(), $rr['dtend'], 'c') : datetime_convert('UTC', 'UTC', $rr['dtend'], 'c'));
 				}
 
 				$html = '';
@@ -149,6 +145,10 @@ class Cal extends Controller {
 					$html = format_event_html($rr);
 				}
 
+				$tz = get_iconfig($rr, 'event', 'timezone');
+				if(! $tz)
+					$tz = 'UTC';
+
 				$events[] = array(
 					'calendar_id' => 'channel_calendar',
 					'rw' => true,
@@ -178,7 +178,7 @@ class Cal extends Controller {
 			echo json_encode($events);
 			killme();
 		}
-			
+
 		if (x($_GET,'id')) {
 			$o = replace_macros(get_markup_template("cal_event.tpl"), [
 				'$events' => $events
@@ -210,7 +210,7 @@ class Cal extends Controller {
 		]);
 
 		return $o;
-	
+
 	}
-	
+
 }

Zotlabs/Module/Cards.php

@@ -47,10 +47,8 @@ class Cards extends Controller {
 		if(! Apps::system_app_installed(App::$profile_uid, 'Cards')) {
 			//Do not display any associated widgets at this point
 			App::$pdl = '';
-
-			$o = '<b>' . t('Cards App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= t('Create personal planning cards');
-			return $o;
+			$papp = Apps::get_papp('Cards');
+			return Apps::app_render($papp, 'module');
 		}
 
 		nav_set_selected('Cards');

Zotlabs/Module/Cdav.php

@@ -135,7 +135,7 @@ class Cdav extends Controller {
 			$auth = new \Zotlabs\Storage\BasicAuth();
 			$auth->setRealm(ucfirst(\Zotlabs\Lib\System::get_platform_name()) . 'CalDAV/CardDAV');
 
-			if (local_channel()) {
+			if(local_channel()) {
 
 				logger('loggedin');
 
@@ -153,9 +153,9 @@ class Cdav extends Controller {
 				$auth->observer = $channel['channel_hash'];
 
 				$principalUri = 'principals/' . $channel['channel_address'];
-				if(!cdav_principal($principalUri)) {
+				if(! cdav_principal($principalUri)) {
 					$this->activate($pdo, $channel);
-					if(!cdav_principal($principalUri)) {
+					if(! cdav_principal($principalUri)) {
 						return;
 					}
 				}
@@ -168,21 +168,24 @@ class Cdav extends Controller {
 
 			if($httpmethod === 'PUT' || $httpmethod === 'DELETE') {
 
+				$channel = channelx_by_nick(argv(2));
+				$principalUri = 'principals/' . $channel['channel_address'];
 				$httpuri = $_SERVER['REQUEST_URI'];
 
 				logger("debug: method: " . $httpmethod, LOGGER_DEBUG);
 				logger("debug: uri: " . $httpuri, LOGGER_DEBUG);
 
-				if(strpos($httpuri, 'cdav/addressbooks')) {
+				if(strpos($httpuri, 'cdav/addressbooks') !== false) {
 					$sync = 'addressbook';
 					$cdavtable = 'addressbooks';
 				}
-				elseif(strpos($httpuri, 'cdav/calendars')) {
+				elseif(strpos($httpuri, 'cdav/calendars') !== false) {
 					$sync = 'calendar';
 					$cdavtable = 'calendarinstances';
 				}
-				else
+				else {
 					$sync = false;
+				}
 
 				if($sync) {
 
@@ -191,14 +194,13 @@ class Cdav extends Controller {
 
 					logger("debug: body: " . $httpbody, LOGGER_DEBUG);
 
-					if($x = get_cdav_id($principalUri, explode("/", $httpuri)[4], $cdavtable)) {
+					if($x = get_cdav_id($principalUri, argv(3), $cdavtable)) {
 
 						$cdavdata = $this->get_cdav_data($x['id'], $cdavtable);
-
 						$etag = (isset($_SERVER['HTTP_IF_MATCH']) ? $_SERVER['HTTP_IF_MATCH'] : false);
 
 						// delete
-						if($httpmethod === 'DELETE' && $cdavdata['etag'] == $etag)
+						if($httpmethod === 'DELETE' && $cdavdata['etag'] == $etag) {
 							Libsync::build_sync_packet($channel['channel_id'], [
 								$sync => [
 									'action' => 'delete_card',
@@ -206,18 +208,18 @@ class Cdav extends Controller {
 									'carduri' => $uri
 								]
 							]);
+						}
 						else {
-							if($etag) {
+							if($etag && $cdavdata['etag'] !== $etag) {
 								// update
-								if($cdavdata['etag'] !== $etag)
-								    Libsync::build_sync_packet($channel['channel_id'], [
-									    $sync => [
-										    'action' => 'update_card',
-										    'uri' => $cdavdata['uri'],
-										    'carduri' => $uri,
-										    'card' => $httpbody
-									    ]
-								    ]);
+								Libsync::build_sync_packet($channel['channel_id'], [
+									$sync => [
+										'action' => 'update_card',
+										'uri' => $cdavdata['uri'],
+										'carduri' => $uri,
+										'card' => $httpbody
+									]
+								]);
 							}
 							else {
 								// new
@@ -235,7 +237,6 @@ class Cdav extends Controller {
 				}
 			}
 
-
 			$principalBackend = new \Sabre\DAVACL\PrincipalBackend\PDO($pdo);
 			$carddavBackend   = new \Sabre\CardDAV\Backend\PDO($pdo);
 			$caldavBackend    = new \Sabre\CalDAV\Backend\PDO($pdo);
@@ -268,7 +269,7 @@ class Cdav extends Controller {
 
 			// Plugins
 			$server->addPlugin(new \Sabre\DAV\Auth\Plugin($auth));
-			//$server->addPlugin(new \Sabre\DAV\Browser\Plugin());
+			// $server->addPlugin(new \Sabre\DAV\Browser\Plugin());
 			$server->addPlugin(new \Sabre\DAV\Sync\Plugin());
 			$server->addPlugin(new \Sabre\DAV\Sharing\Plugin());
 			$server->addPlugin(new \Sabre\DAVACL\Plugin());
@@ -276,7 +277,7 @@ class Cdav extends Controller {
 			// CalDAV plugins
 			$server->addPlugin(new \Sabre\CalDAV\Plugin());
 			$server->addPlugin(new \Sabre\CalDAV\SharingPlugin());
-			//$server->addPlugin(new \Sabre\CalDAV\Schedule\Plugin());
+			// $server->addPlugin(new \Sabre\CalDAV\Schedule\Plugin());
 			$server->addPlugin(new \Sabre\CalDAV\ICSExportPlugin());
 
 			// CardDAV plugins
@@ -872,10 +873,8 @@ class Cdav extends Controller {
 		if((argv(1) === 'addressbook') && (! Apps::system_app_installed(local_channel(), 'CardDAV'))) {
 			//Do not display any associated widgets at this point
 			App::$pdl = '';
-
-			$o = '<b>' . t('CardDAV App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= t('CalDAV capable addressbook');
-			return $o;
+			$papp = Apps::get_papp('CardDAV');
+			return Apps::app_render($papp, 'module');
 		}
 
 		App::$profile_uid = local_channel();
@@ -1058,6 +1057,7 @@ class Cdav extends Controller {
 				'$cancel' => t('Cancel'),
 				'$create' => t('Create'),
 				'$recurrence_warning' => t('Sorry! Editing of recurrent events is not yet implemented.'),
+				'$disabled_warning' => t('Could not fetch calendar resource. The selected calendar might be disabled.'),
 
 				'$channel_hash' => $channel['channel_hash'],
 				'$acl' => $acl,

Zotlabs/Module/Channel.php

@@ -27,8 +27,8 @@ class Channel extends Controller {
 
 	function init() {
 
-		if (in_array(substr($_GET['search'], 0, 1), ['@', '!', '?']) || strpos($_GET['search'], 'https://') === 0)
-			goaway('search' . '?f=&search=' . $_GET['search']);
+		if (array_key_exists('search', $_GET) && (in_array(substr($_GET['search'], 0, 1), ['@', '!', '?']) || strpos($_GET['search'], 'https://') === 0))
+			goaway(z_root() . '/search?f=&search=' . $_GET['search']);
 
 		$which = null;
 		if (argc() > 1)
@@ -46,14 +46,15 @@ class Channel extends Controller {
 		}
 
 		$profile = 0;
-		$channel = App::get_channel();
 
 		if ((local_channel()) && (argc() > 2) && (argv(2) === 'view')) {
+			$channel = App::get_channel();
 			$which   = $channel['channel_address'];
 			$profile = argv(1);
 		}
 
-		$channel = channelx_by_nick($which);
+		$channel = channelx_by_nick($which, true);
+
 		if (!$channel) {
 			http_status_exit(404, 'Not found');
 		}
@@ -65,8 +66,8 @@ class Channel extends Controller {
 			$sigdata = HTTPSig::verify(file_get_contents('php://input'), EMPTY_STR, 'zot6');
 
 			if ($sigdata && $sigdata['signer'] && $sigdata['header_valid']) {
-				$data = json_encode(Libzot::zotinfo(['address' => $channel['channel_address'], 'target_url' => $sigdata['signer']]));
-				$s    = q("select site_crypto, hubloc_sitekey from site left join hubloc on hubloc_url = site_url where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1",
+				$data = json_encode(Libzot::zotinfo(['guid_hash' => $channel['channel_hash'], 'target_url' => $sigdata['signer']]));
+				$s = q("select site_crypto, hubloc_sitekey from site left join hubloc on hubloc_url = site_url where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1",
 					dbesc($sigdata['signer'])
 				);
 
@@ -83,24 +84,31 @@ class Channel extends Controller {
 				'Digest'           => HTTPSig::generate_digest_header($data),
 				'(request-target)' => strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI']
 			];
-			$h       = HTTPSig::create_sig($headers, $channel['channel_prvkey'], channel_url($channel));
+
+			$h = HTTPSig::create_sig($headers, $channel['channel_prvkey'], channel_url($channel));
 			HTTPSig::set_headers($h);
 			echo $data;
 			killme();
 		}
 
+		if ($channel['channel_removed']) {
+			http_status_exit(410, 'Gone');
+		}
+
+		if (get_pconfig($channel['channel_id'], 'system', 'index_opt_out')) {
+			App::$meta->set('robots', 'noindex, noarchive');
+		}
+
 		if (ActivityStreams::is_as_request($channel)) {
 
 			// Somebody may attempt an ActivityStreams fetch on one of our message permalinks
 			// Make it do the right thing.
 
-			$mid = ((x($_REQUEST, 'mid')) ? $_REQUEST['mid'] : '');
-			if ($mid && strpos($mid, 'b64.') === 0) {
-				$decoded = @base64url_decode(substr($mid, 4));
-				if ($decoded) {
-					$mid = $decoded;
-				}
+			$mid = ((x($_REQUEST, 'mid')) ? unpack_link_id($_REQUEST['mid']) : '');
+			if ($mid === false) {
+				http_status_exit(404, 'Not found');
 			}
+
 			if ($mid) {
 				$obj = null;
 				if (strpos($mid, z_root() . '/item/') === 0) {
@@ -145,17 +153,21 @@ class Channel extends Controller {
 		profile_load($which, $profile);
 
 		// Add Opengraph markup
-		$mid = ((x($_REQUEST, 'mid')) ? $_REQUEST['mid'] : '');
-		if (strpos($mid, 'b64.') === 0)
-			$mid = @base64url_decode(substr($mid, 4));
+		$mid = ((x($_REQUEST, 'mid')) ? unpack_link_id($_REQUEST['mid']) : '');
 
-		if ($mid)
+		if ($mid === false) {
+			notice(t('Malformed message id.') . EOL);
+			return;
+		}
+
+		if ($mid) {
 			$r = q("SELECT * FROM item WHERE mid = '%s' AND uid = %d AND item_private = 0 LIMIT 1",
 				dbesc($mid),
 				intval($channel['channel_id'])
 			);
+		}
 
-		opengraph_add_meta($r ? $r[0] : [], $channel);
+		opengraph_add_meta((isset($r) && count($r) ? $r[0] : []), $channel);
 	}
 
 	function get($update = 0, $load = false) {
@@ -164,12 +176,11 @@ class Channel extends Controller {
 
 		$category = $datequery = $datequery2 = '';
 
-		$mid = ((x($_REQUEST, 'mid')) ? $_REQUEST['mid'] : '');
-
-		if (strpos($mid, 'b64.') === 0)
-			$decoded = @base64url_decode(substr($mid, 4));
-		if ($decoded)
-			$mid = $decoded;
+		$mid = ((x($_REQUEST, 'mid')) ? unpack_link_id($_REQUEST['mid']) : '');
+		if ($mid === false) {
+			notice(t('Malformed message id.') . EOL);
+			return;
+		}
 
 		$datequery  = ((x($_GET, 'dend') && is_a_date_arg($_GET['dend'])) ? notags($_GET['dend']) : '');
 		$datequery2 = ((x($_GET, 'dbegin') && is_a_date_arg($_GET['dbegin'])) ? notags($_GET['dbegin']) : '');
@@ -213,7 +224,7 @@ class Channel extends Controller {
 
 		if (!$update) {
 
-			nav_set_selected('Channel Home');
+			nav_set_selected('Channel');
 
 			// search terms header
 			if ($search) {
@@ -308,9 +319,9 @@ class Channel extends Controller {
 		if (($update) && (!$load)) {
 
 			if ($mid) {
-				$r = q("SELECT parent AS item_id from item where mid like '%s' and uid = %d $item_normal_update
+				$r = q("SELECT parent AS item_id from item where mid = '%s' and uid = %d $item_normal_update
 					AND item_wall = 1 $simple_update $sql_extra limit 1",
-					dbesc($mid . '%'),
+					dbesc($mid),
 					intval(App::$profile['profile_uid'])
 				);
 			}
@@ -328,6 +339,7 @@ class Channel extends Controller {
 		}
 		else {
 
+			$sql_extra2 = '';
 			if (x($category)) {
 				$sql_extra2 .= protect_sprintf(term_item_parent_query(App::$profile['profile_uid'], 'item', $category, TERM_CATEGORY));
 			}
@@ -355,9 +367,9 @@ class Channel extends Controller {
 
 			if ($noscript_content || $load) {
 				if ($mid) {
-					$r = q("SELECT parent AS item_id from item where mid like '%s' and uid = %d $item_normal
+					$r = q("SELECT parent AS item_id from item where mid = '%s' and uid = %d $item_normal
 						AND item_wall = 1 $sql_extra limit 1",
-						dbesc($mid . '%'),
+						dbesc($mid),
 						intval(App::$profile['profile_uid'])
 					);
 					if (!$r) {
@@ -419,8 +431,8 @@ class Channel extends Controller {
 
 		if ((!$update) && (!$load)) {
 
-			if ($decoded)
-				$mid = 'b64.' . base64url_encode($mid);
+			//if we got a decoded hash we must encode it again before handing to javascript
+			$mid = gen_link_id($mid);
 
 			// This is ugly, but we can't pass the profile_uid through the session to the ajax updater,
 			// because browser prefetching might change it on us. We have to deliver it with the page.
@@ -485,7 +497,7 @@ class Channel extends Controller {
 
 			$o .= conversation($items, $mode, $update, $page_mode);
 
-			if ($mid && $items[0]['title'])
+			if ($mid && count($items) > 0 && isset($items[0]['title']))
 				App::$page['title'] = $items[0]['title'] . " - " . App::$page['title'];
 
 		}

Zotlabs/Module/Channel_calendar.php

@@ -116,7 +116,7 @@ class Channel_calendar extends Controller {
 
 		if ($results) {
 			// Set permissions based on tag replacements
-			set_linkified_perms($results, $str_contact_allow, $str_group_allow, $uid, false, $private);
+			set_linkified_perms($results, $str_contact_allow, $str_group_allow, $uid, $private);
 
 			foreach ($results as $result) {
 				$success = $result['success'];

Zotlabs/Module/Chanview.php

@@ -10,49 +10,49 @@ use Zotlabs\Lib\Zotfinger;
 class Chanview extends \Zotlabs\Web\Controller {
 
 	function get() {
-	
+
 		$observer = App::get_observer();
 		$xchan = null;
-	
+
 		$r = null;
-	
+
 		if($_REQUEST['hash']) {
-			$r = q("select * from xchan where xchan_hash = '%s'",
+			$r = q("select * from xchan where xchan_hash = '%s' and xchan_deleted = 0",
 				dbesc($_REQUEST['hash'])
 			);
 		}
 		if($_REQUEST['address']) {
-			$r = q("select * from xchan where xchan_addr = '%s'",
+			$r = q("select * from xchan where xchan_addr = '%s' and xchan_deleted = 0",
 				dbesc(punify($_REQUEST['address']))
 			);
 		}
 		elseif(local_channel() && intval($_REQUEST['cid'])) {
-			$r = q("SELECT abook.*, xchan.* 
+			$r = q("SELECT abook.*, xchan.*
 				FROM abook left join xchan on abook_xchan = xchan_hash
-				WHERE abook_channel = %d and abook_id = %d",
+				WHERE abook_channel = %d and abook_id = %d and xchan_deleted = 0",
 				intval(local_channel()),
 				intval($_REQUEST['cid'])
 			);
-		}	
+		}
 		elseif($_REQUEST['url']) {
-	
+
 			// if somebody re-installed they will have more than one xchan, use the most recent name date as this is
-			// the most useful consistently ascending table item we have. 
-	
-			$r = q("select * from xchan where xchan_url = '%s' order by xchan_name_date desc",
+			// the most useful consistently ascending table item we have.
+
+			$r = q("select * from xchan where xchan_url = '%s' and xchan_deleted = 0 order by xchan_name_date desc",
 				dbesc($_REQUEST['url'])
 			);
 		}
 		if($r) {
 			App::$poi = Libzot::zot_record_preferred($r, 'xchan_network');
 		}
-	
-	
+
+
 		// Here, let's see if we have an xchan. If we don't, how we proceed is determined by what
-		// info we do have. If it's a URL, we can offer to visit it directly. If it's a webbie or 
-		// address, we can and should try to import it. If it's just a hash, we can't continue, but we 
+		// info we do have. If it's a URL, we can offer to visit it directly. If it's a webbie or
+		// address, we can and should try to import it. If it's just a hash, we can't continue, but we
 		// probably wouldn't have a hash if we don't already have an xchan for this channel.
-	
+
 		if(! App::$poi) {
 			logger('mod_chanview: fallback');
 
@@ -71,7 +71,7 @@ class Chanview extends \Zotlabs\Web\Controller {
 
 				if(array_path_exists('signature/signer',$zf) && $zf['signature']['signer'] === $_REQUEST['url'] && intval($zf['signature']['header_valid'])) {
 					Libzot::import_xchan($zf['data']);
-					$r = q("select * from xchan where xchan_url = '%s'",
+					$r = q("select * from xchan where xchan_url = '%s' and xchan_deleted = 0",
 						dbesc($_REQUEST['url'])
 					);
 					if($r) {
@@ -80,7 +80,7 @@ class Chanview extends \Zotlabs\Web\Controller {
 				}
 				if(! $r) {
 					if(discover_by_webbie($_REQUEST['url'])) {
-						$r = q("select * from xchan where xchan_url = '%s'",
+						$r = q("select * from xchan where xchan_url = '%s' and xchan_deleted = 0",
 							dbesc($_REQUEST['url'])
 						);
 						if($r) {
@@ -90,7 +90,7 @@ class Chanview extends \Zotlabs\Web\Controller {
 				}
 			}
 		}
-	
+
 		if(! App::$poi) {
 			notice( t('Channel not found.') . EOL);
 			return;
@@ -98,9 +98,9 @@ class Chanview extends \Zotlabs\Web\Controller {
 
 		$is_zot = false;
 		$connected = false;
-	
+
 		$url = App::$poi['xchan_url'];
-		if(in_array(App::$poi['xchan_network'], ['zot', 'zot6'])) {
+		if(App::$poi['xchan_network'] === 'zot6') {
 			$is_zot = true;
 		}
 		if(local_channel()) {
@@ -111,29 +111,29 @@ class Chanview extends \Zotlabs\Web\Controller {
 			if($c)
 				$connected = true;
 		}
-		
-		// We will load the chanview template if it's a foreign network, 
+
+		// We will load the chanview template if it's a foreign network,
 		// just so that we can provide a connect button along with a profile
 		// photo. Chances are we can't load the remote profile into an iframe
 		// because of cross-domain security headers. So provide a link to
-		// the remote profile. 
+		// the remote profile.
 		// If we are already connected, just go to the profile.
 		// Zot channels will usually have a connect link.
-	
+
 		if($is_zot || $connected) {
 			if($is_zot && $observer) {
 				$url = zid($url);
 			}
 			goaway($url);
 		}
-		else {	
+		else {
 			$o = replace_macros(get_markup_template('chanview.tpl'),array(
 				'$url' => $url,
 				'$full' => t('toggle full screen mode')
 			));
-	
+
 			return $o;
 		}
 	}
-	
+
 }

Zotlabs/Module/Chat.php

@@ -14,7 +14,7 @@ require_once('include/bookmarks.php');
 class Chat extends Controller {
 
 	function init() {
-	
+
 		$which = null;
 		if(argc() > 1)
 			$which = argv(1);
@@ -29,79 +29,77 @@ class Chat extends Controller {
 			notice( t('You must be logged in to see this page.') . EOL );
 			return;
 		}
-	
+
 		$profile = 0;
 		$channel = App::get_channel();
-	
+
 		if((local_channel()) && (argc() > 2) && (argv(2) === 'view')) {
 			$which = $channel['channel_address'];
-			$profile = argv(1);		
+			$profile = argv(1);
 		}
-		
+
 		// Run profile_load() here to make sure the theme is set before
 		// we start loading content
-	
+
 		profile_load($which,$profile);
-	
+
 	}
-	
+
 	function post() {
-	
+
 		if($_POST['room_name'])
-			$room = strip_tags(trim($_POST['room_name']));	
-	
+			$room = strip_tags(trim($_POST['room_name']));
+
 		if((! $room) || (! local_channel()))
 			return;
-	
+
 		$channel = App::get_channel();
-	
-	
+
+
 		if($_POST['action'] === 'drop') {
 			logger('delete chatroom');
 			Chatroom::destroy($channel,array('cr_name' => $room));
 			goaway(z_root() . '/chat/' . $channel['channel_address']);
 		}
-	
+
 		$acl = new AccessList($channel);
 		$acl->set_from_array($_REQUEST);
-	
+
 		$arr = $acl->get();
 		$arr['name'] = $room;
 		$arr['expire'] = intval($_POST['chat_expire']);
 		if(intval($arr['expire']) < 0)
 			$arr['expire'] = 0;
-	
+
 		Chatroom::create($channel,$arr);
-	
+
 		$x = q("select * from chatroom where cr_name = '%s' and cr_uid = %d limit 1",
 			dbesc($room),
 			intval(local_channel())
 		);
-	
+
 		Libsync::build_sync_packet(0, array('chatroom' => $x));
-	
+
 		if($x)
 			goaway(z_root() . '/chat/' . $channel['channel_address'] . '/' . $x[0]['cr_id']);
-	
+
 		// that failed. Try again perhaps?
-	
+
 		goaway(z_root() . '/chat/' . $channel['channel_address'] . '/new');
-	
-	
+
+
 	}
-	
-	
+
+
 	function get() {
 
 		if(! Apps::system_app_installed(App::$profile_uid, 'Chatrooms')) {
 			//Do not display any associated widgets at this point
 			App::$pdl = '';
-
-			$o = '<b>' . t('Chatrooms App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= t('Access Controlled Chatrooms');
-			return $o;
+			$papp = Apps::get_papp('Chatrooms');
+			return Apps::app_render($papp, 'module');
 		}
-	
+
 		if(local_channel()) {
 			$channel = App::get_channel();
 			nav_set_selected('Chatrooms');
@@ -113,24 +111,24 @@ class Chat extends Controller {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}
-	
+
 		if(! perm_is_allowed(App::$profile['profile_uid'],$observer,'chat')) {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}
-		
+
 		if((argc() > 3) && intval(argv(2)) && (argv(3) === 'leave')) {
 			Chatroom::leave($observer,argv(2),$_SERVER['REMOTE_ADDR']);
 			goaway(z_root() . '/channel/' . argv(1));
 		}
-	
-	
+
+
 		if((argc() > 3) && intval(argv(2)) && (argv(3) === 'status')) {
 			$ret = array('success' => false);
 			$room_id = intval(argv(2));
 			if(! $room_id || ! $observer)
 				return;
-	
+
 			$r = q("select * from chatroom where cr_id = %d limit 1",
 				intval($room_id)
 			);
@@ -139,7 +137,7 @@ class Chat extends Controller {
 			}
 			require_once('include/security.php');
 			$sql_extra = permissions_sql($r[0]['cr_uid']);
-	
+
 			$x = q("select * from chatroom where cr_id = %d and cr_uid = %d $sql_extra limit 1",
 				intval($room_id),
 				intval($r[0]['cr_uid'])
@@ -155,9 +153,9 @@ class Chat extends Controller {
 				$ret['chatroom'] = $r[0]['cr_name'];
 				$ret['inroom'] = $y[0]['total'];
 			}
-	
+
 			// figure out how to present a timestamp of the last activity, since we don't know the observer's timezone.
-	
+
 			$z = q("select created from chat where chat_room = %d order by created desc limit 1",
 				intval($room_id)
 			);
@@ -166,13 +164,13 @@ class Chat extends Controller {
 			}
 			json_return_and_die($ret);
 		}
-	
-	
+
+
 		if(argc() > 2 && intval(argv(2))) {
-	
+
 			$room_id = intval(argv(2));
 			$bookmark_link = get_bookmark_link($ob);
-	
+
 			$x = Chatroom::enter($observer,$room_id,'online',$_SERVER['REMOTE_ADDR']);
 			if(! $x)
 				return;
@@ -180,26 +178,26 @@ class Chat extends Controller {
 				intval($room_id),
 				intval(App::$profile['profile_uid'])
 			);
-	
+
 			if($x) {
 				$acl = new AccessList(false);
 				$acl->set($x[0]);
-	
+
 				$private = $acl->is_private();
 				$room_name = $x[0]['cr_name'];
 				if($bookmark_link)
-					$bookmark_link .= '&url=' . z_root() . '/chat/' . argv(1) . '/' . argv(2) . '&title=' . urlencode($x[0]['cr_name']) . (($private) ? '&private=1' : '') . '&ischat=1'; 
+					$bookmark_link .= '&url=' . z_root() . '/chat/' . argv(1) . '/' . argv(2) . '&title=' . urlencode($x[0]['cr_name']) . (($private) ? '&private=1' : '') . '&ischat=1';
 			}
 			else {
 				notice( t('Room not found') . EOL);
 				return;
 			}
-	
+
 			$cipher = get_pconfig(local_channel(),'system','default_cipher');
 			if(! $cipher)
 				$cipher = 'AES-128-CCM';
-	
-	
+
+
 			$o = replace_macros(get_markup_template('chat.tpl'),array(
 				'$is_owner' => ((local_channel() && local_channel() == $x[0]['cr_uid']) ? true : false),
 				'$room_name' => $room_name,
@@ -223,7 +221,7 @@ class Chat extends Controller {
 		}
 
 		require_once('include/conversation.php');
-	
+
 		$o = '';
 
 		$acl = new AccessList($channel);
@@ -246,12 +244,12 @@ class Chat extends Controller {
 				'$deny_gid' => acl2json($channel_acl['deny_gid']),
 				'$lockstate' => $lockstate,
 				'$submit' => t('Submit')
-	
+
 			));
 		}
 
 		$rooms = Chatroom::roomlist(App::$profile['profile_uid']);
-	
+
 		$o .= replace_macros(get_markup_template('chatrooms.tpl'), array(
 			'$header' => sprintf( t('%1$s\'s Chatrooms'), App::$profile['fullname']),
 			'$name' => t('Name'),
@@ -259,15 +257,15 @@ class Chat extends Controller {
 			'$nickname' => App::$profile['channel_address'],
 			'$rooms' => $rooms,
 			'$norooms' => t('No chatrooms available'),
-			'$newroom' => t('Create New'),
+			'$newroom' => t('Add Room'),
 			'$is_owner' => ((local_channel() && local_channel() == App::$profile['profile_uid']) ? 1 : 0),
 			'$chatroom_new' => $chatroom_new,
 			'$expire' => t('Expiration'),
 			'$expire_unit' => t('min') //minutes
 		));
-	 
+
 		return $o;
-	
+
 	}
-	
+
 }

Zotlabs/Module/Cloud.php

@@ -123,7 +123,8 @@ class Cloud extends Controller {
 			notice( t('Permission denied') . EOL);
 		}
 		elseif($err instanceof \Sabre\DAV\Exception\NotImplemented) {
-			notice( t('Please refresh page') . EOL);
+			// notice( t('Please refresh page') . EOL);
+			goaway(z_root() . '/' . \App::$query_string);
 		}
 		else {
 			notice( t('Unknown error') . EOL);

Zotlabs/Module/Connect.php

@@ -18,11 +18,11 @@ class Connect extends Controller {
 			App::$error = 404;
 			return;
 		}
-	
+
 		$r = q("select * from channel where channel_address = '%s' limit 1",
 			dbesc($which)
 		);
-	
+
 		if($r)
 			App::$data['channel'] = $r[0];
 
@@ -30,36 +30,36 @@ class Connect extends Controller {
 
 		profile_load($which,'');
 	}
-	
+
 	function post() {
-	
+
 		if(! array_key_exists('channel', App::$data))
 			return;
 
 		$channel_id = App::$data['channel']['channel_id'];
 
 		$edit = ((local_channel() && (local_channel() == $channel_id)) ? true : false);
-	
+
 		if($edit) {
 			$has_premium = ((App::$data['channel']['channel_pageflags'] & PAGE_PREMIUM) ? 1 : 0);
 			$premium = (($_POST['premium']) ? intval($_POST['premium']) : 0);
 			$text = escape_tags($_POST['text']);
-			
+
 			if($has_premium != $premium) {
 				$r = q("update channel set channel_pageflags = ( channel_pageflags %s %d ) where channel_id = %d",
 					db_getfunc('^'),
 					intval(PAGE_PREMIUM),
-					intval(local_channel()) 
+					intval(local_channel())
 				);
-				
+
 				\Zotlabs\Daemon\Master::Summon(array('Notifier','refresh_all',$channel_id));
 			}
 			set_pconfig($channel_id,'system','selltext',$text);
 			// reload the page completely to get fresh data
 			goaway(z_root() . '/' . App::$query_string);
-	
+
 		}
-	
+
 		$url = '';
 		$observer = App::get_observer();
 		if(($observer) && ($_POST['submit'] === t('Continue'))) {
@@ -70,18 +70,18 @@ class Connect extends Controller {
 					dbesc($observer['xchan_hash'])
 				);
 				if($r)
-					$url = $r[0]['hubloc_url'] . '/follow?f=&url=' . urlencode(channel_reddress(App::$data['channel']));
+					$url = $r[0]['hubloc_url'] . '/follow?f=&interactive=1&url=' . urlencode(channel_reddress(App::$data['channel']));
 			}
 		}
 		if($url)
 			goaway($url . '&confirm=1');
 		else
 			notice('Unable to connect to your home hub location.');
-	
+
 	}
-	
-	
-	
+
+
+
 	function get() {
 
 		if(! array_key_exists('channel', App::$data))
@@ -90,11 +90,11 @@ class Connect extends Controller {
 		$channel_id = App::$data['channel']['channel_id'];
 
 		$edit = ((local_channel() && (local_channel() == $channel_id)) ? true : false);
-	
+
 		$text = get_pconfig($channel_id,'system','selltext');
-	
+
 		if($edit) {
-	
+
 			$o = replace_macros(get_markup_template('sellpage_edit.tpl'),array(
 				'$header' => t('Premium Channel Setup'),
 				'$address' => App::$data['channel']['channel_address'],
@@ -105,36 +105,36 @@ class Connect extends Controller {
 				'$lbl2' => t('Potential connections will then see the following text before proceeding:'),
 				'$desc2' => t('By continuing, I certify that I have complied with any instructions provided on this page.'),
 				'$submit' => t('Submit'),
-	
-	
+
+
 			));
 			return $o;
 		}
 		else {
 			if(! $text)
 				$text = t('(No specific instructions have been provided by the channel owner.)');
-	
+
 			$submit = replace_macros(get_markup_template('sellpage_submit.tpl'), array(
-				'$continue' => t('Continue'),			
+				'$continue' => t('Continue'),
 				'$address' => App::$data['channel']['channel_address']
 			));
-	
+
 			$o = replace_macros(get_markup_template('sellpage_view.tpl'),array(
 				'$header' => t('Restricted or Premium Channel'),
 				'$desc' => t('This channel may require additional steps or acknowledgement of the following conditions prior to connecting:'),
-				'$text' => prepare_text($text), 
-	
+				'$text' => prepare_text($text),
+
 				'$desc2' => t('By continuing, I certify that I have complied with any instructions provided on this page.'),
 				'$submit' => $submit,
-	
+
 			));
-	
+
 			$arr = array('channel' => App::$data['channel'],'observer' => App::get_observer(), 'sellpage' => $o, 'submit' => $submit);
 			call_hooks('connect_premium', $arr);
 			$o = $arr['sellpage'];
-	
+
 		}
-	
+
 		return $o;
 	}
 }

Zotlabs/Module/Connections.php

@@ -2,32 +2,32 @@
 namespace Zotlabs\Module;
 
 use App;
+use Zotlabs\Lib\Permcat;
 
 require_once('include/socgraph.php');
 require_once('include/selectors.php');
-require_once('include/group.php');
 
 class Connections extends \Zotlabs\Web\Controller {
 
 	function init() {
-	
+
 		if(! local_channel())
 			return;
 
 		App::$profile_uid = local_channel();
-	
+
 		$channel = App::get_channel();
 		if($channel)
 			head_set_icon($channel['xchan_photo_s']);
-	
+
 	}
-	
+
 	function get() {
-	
+
 		$sort_type = 0;
 		$o = '';
-	
-	
+
+
 		if(! local_channel()) {
 			notice( t('Permission denied.') . EOL);
 			return login();
@@ -44,13 +44,13 @@ class Connections extends \Zotlabs\Web\Controller {
 		$pending     = false;
 		$unconnected = false;
 		$all         = false;
-	
+
 		if(! $_REQUEST['aj'])
 			$_SESSION['return_url'] = App::$query_string;
-	
+
 		$search_flags = "";
 		$head = '';
-	
+
 		if(argc() == 2) {
 			switch(argv(1)) {
 				case 'active':
@@ -106,7 +106,7 @@ class Connections extends \Zotlabs\Web\Controller {
 	//				$head = t('Unconnected');
 	//				$unconnected = true;
 	//				break;
-	
+
 				case 'all':
 					$head = t('All');
 					break;
@@ -115,19 +115,19 @@ class Connections extends \Zotlabs\Web\Controller {
 					$active = true;
 					$head = t('Active');
 					break;
-	
+
 			}
-	
+
 			$sql_extra = $search_flags;
 			if(argv(1) === 'pending')
 				$sql_extra .= " and abook_ignored = 0 ";
-	
+
 		}
 		else {
 			$sql_extra = " and abook_blocked = 0 ";
 			$unblocked = true;
 		}
-	
+
 		switch($_REQUEST['order']) {
 			case 'name_desc':
 				$sql_order = 'xchan_name DESC';
@@ -143,32 +143,32 @@ class Connections extends \Zotlabs\Web\Controller {
 		}
 
 		$search = ((x($_REQUEST,'search')) ? notags(trim($_REQUEST['search'])) : '');
-	
+
 		$tabs = array(
 			/*
 			array(
 				'label' => t('Suggestions'),
-				'url'   => z_root() . '/suggest', 
+				'url'   => z_root() . '/suggest',
 				'sel'   => '',
 				'title' => t('Suggest new connections'),
 			),
 			*/
-	
+
 			'active' => array(
 				'label' => t('Active Connections'),
-				'url'   => z_root() . '/connections/active', 
+				'url'   => z_root() . '/connections/active',
 				'sel'   => ($active) ? 'active' : '',
 				'title' => t('Show active connections'),
 			),
 
 			'pending' => array(
 				'label' => t('New Connections'),
-				'url'   => z_root() . '/connections/pending', 
+				'url'   => z_root() . '/connections/pending',
 				'sel'   => ($pending) ? 'active' : '',
 				'title' => t('Show pending (new) connections'),
 			),
-	
-	
+
+
 			/*
 			array(
 				'label' => t('Unblocked'),
@@ -177,55 +177,55 @@ class Connections extends \Zotlabs\Web\Controller {
 				'title' => t('Only show unblocked connections'),
 			),
 			*/
-	
+
 			'blocked' => array(
 				'label' => t('Blocked'),
 				'url'   => z_root() . '/connections/blocked',
 				'sel'   => ($blocked) ? 'active' : '',
 				'title' => t('Only show blocked connections'),
 			),
-	
+
 			'ignored' => array(
 				'label' => t('Ignored'),
 				'url'   => z_root() . '/connections/ignored',
 				'sel'   => ($ignored) ? 'active' : '',
 				'title' => t('Only show ignored connections'),
 			),
-	
+
 			'archived' => array(
 				'label' => t('Archived/Unreachable'),
 				'url'   => z_root() . '/connections/archived',
 				'sel'   => ($archived) ? 'active' : '',
 				'title' => t('Only show archived/unreachable connections'),
 			),
-	
+
 			'hidden' => array(
 				'label' => t('Hidden'),
 				'url'   => z_root() . '/connections/hidden',
 				'sel'   => ($hidden) ? 'active' : '',
 				'title' => t('Only show hidden connections'),
 			),
-	
+
 	//		array(
 	//			'label' => t('Unconnected'),
 	//			'url'   => z_root() . '/connections/unconnected',
 	//			'sel'   => ($unconnected) ? 'active' : '',
 	//			'title' => t('Only show one-way connections'),
 	//		),
-	
+
 
 			'all' => array(
 				'label' => t('All Connections'),
-				'url'   => z_root() . '/connections', 
+				'url'   => z_root() . '/connections',
 				'sel'   => ($all) ? 'active' : '',
 				'title' => t('Show all connections'),
 			),
-	
+
 		);
-	
+
 		//$tab_tpl = get_markup_template('common_tabs.tpl');
 		//$t = replace_macros($tab_tpl, array('$tabs'=>$tabs));
-	
+
 		$searching = false;
 		if($search) {
 			$search_hdr = $search;
@@ -233,12 +233,12 @@ class Connections extends \Zotlabs\Web\Controller {
 			$searching = true;
 		}
 		$sql_extra .= (($searching) ? protect_sprintf(" AND xchan_name like '%$search_txt%' ") : "");
-	
+
 		if($_REQUEST['gid']) {
 			$sql_extra .= " and xchan_hash in ( select xchan from pgrp_member where gid = " . intval($_REQUEST['gid']) . " and uid = " . intval(local_channel()) . " ) ";
 		}
-	 	
-		$r = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash 
+
+		$r = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash
 			where abook_channel = %d and abook_self = 0 and xchan_deleted = 0 and xchan_orphan = 0 $sql_extra ",
 			intval(local_channel())
 		);
@@ -246,19 +246,27 @@ class Connections extends \Zotlabs\Web\Controller {
 			App::set_pager_total($r[0]['total']);
 			$total = $r[0]['total'];
 		}
-	
+
 		$r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash
 			WHERE abook_channel = %d and abook_self = 0 and xchan_deleted = 0 and xchan_orphan = 0 $sql_extra ORDER BY $sql_order LIMIT %d OFFSET %d ",
 			intval(local_channel()),
 			intval(App::$pager['itemspage']),
 			intval(App::$pager['start'])
 		);
-	
+
+		$roles = new Permcat(local_channel());
+		$roles_list = $roles->listing();
+		$roles_dict = [];
+
+		foreach ($roles_list as $role) {
+			$roles_dict[$role['name']] = $role['localname'];
+		}
+
 		$contacts = array();
-	
+
 		if($r) {
 
-			vcard_query($r);
+			//vcard_query($r);
 
 
 			foreach($r as $rr) {
@@ -268,7 +276,7 @@ class Connections extends \Zotlabs\Web\Controller {
 						$phone = $rr['vcard']['tels'][0]['nr'];
 					else
 						$phone = '';
-	
+
 					$status_str = '';
 					$status = array(
 						((intval($rr['abook_active'])) ? t('Active') : ''),
@@ -306,7 +314,7 @@ class Connections extends \Zotlabs\Web\Controller {
 						$perminfo['connperms'] .= t('Nothing');
 					}
 
-	
+
 					foreach($status as $str) {
 						if(!$str)
 							continue;
@@ -314,19 +322,16 @@ class Connections extends \Zotlabs\Web\Controller {
 						$status_str .= ', ';
 					}
 					$status_str = rtrim($status_str, ', ');
-	
+
 					$contacts[] = array(
 						'img_hover' => sprintf( t('%1$s [%2$s]'),$rr['xchan_name'],$rr['xchan_url']),
 						'edit_hover' => t('Edit connection'),
 						'edit' => t('Edit'),
 						'delete_hover' => t('Delete connection'),
 						'id' => $rr['abook_id'],
-						'thumb' => $rr['xchan_photo_m'], 
+						'thumb' => $rr['xchan_photo_m'],
 						'name' => $rr['xchan_name'],
 						'classes' => ((intval($rr['abook_archived']) || intval($rr['abook_not_here'])) ? 'archived' : ''),
-						'link' => z_root() . '/connedit/' . $rr['abook_id'],
-						'deletelink' => z_root() . '/connedit/' . intval($rr['abook_id']) . '/drop',
-						'delete' => t('Delete'),
 						'url' => chanlink_hash($rr['xchan_hash']),
 						'webbie_label' => t('Channel address'),
 						'webbie' => $rr['xchan_addr'],
@@ -337,6 +342,7 @@ class Connections extends \Zotlabs\Web\Controller {
 						'phone' => $phone,
 						'status_label' => t('Status'),
 						'status' => $status_str,
+						'states' => $status,
 						'connected_label' => t('Connected'),
 						'connected' => datetime_convert('UTC',date_default_timezone_get(),$rr['abook_created'], 'c'),
 						'approve_hover' => t('Approve connection'),
@@ -349,13 +355,22 @@ class Connections extends \Zotlabs\Web\Controller {
 						'perminfo' => $perminfo,
 						'connect' => (intval($rr['abook_not_here']) ? t('Connect') : ''),
 						'follow' => z_root() . '/follow/?f=&url=' . urlencode($rr['xchan_hash']) . '&interactive=0',
-						'connect_hover' => t('Connect at this location')
+						'connect_hover' => t('Connect at this location'),
+						'role' => $roles_dict[$rr['abook_role']],
+						'pending' => intval($rr['abook_pending'])
 					);
 				}
 			}
 		}
-		
-	
+
+		$limit = service_class_fetch(local_channel(),'total_channels');
+		if($limit !== false) {
+			$abook_usage_message = sprintf( t("You have %1$.0f of %2$.0f allowed connections."), $$total, $limit);
+		}
+		else {
+			$abook_usage_message = '';
+ 		}
+
 		if($_REQUEST['aj']) {
 			if($contacts) {
 				$o = replace_macros(get_markup_template('contactsajax.tpl'),array(
@@ -371,27 +386,30 @@ class Connections extends \Zotlabs\Web\Controller {
 		}
 		else {
 			$o .= "<script> var page_query = '" . escape_tags(urlencode($_GET['q'])) . "'; var extra_args = '" . extra_query_args() . "' ; </script>";
-			$o .= replace_macros(get_markup_template('connections.tpl'),array(
+			$o .= replace_macros(get_markup_template('connections.tpl'), [
 				'$header' => t('Connections') . (($head) ? ': ' . $head : ''),
 				'$tabs' => $tabs,
 				'$total' => $total,
 				'$search' => $search_hdr,
 				'$label' => t('Search'),
+				'$role_label' => t('Contact role'),
 				'$desc' => t('Search your connections'),
-				'$finding' => (($searching) ? t('Connections search') . ": '" . $search . "'" : ""),
+				'$finding' => (($searching) ? t('Contact search') . ": '" . $search . "'" : ""),
 				'$submit' => t('Find'),
 				'$edit' => t('Edit'),
+				'$approve' => t('Approve'),
 				'$cmd' => App::$cmd,
 				'$contacts' => $contacts,
 				'$paginate' => paginate($a),
-	
-			)); 
+				'$abook_usage_message' => $abook_usage_message,
+				'$group_label' => t('This is a group/forum channel')
+			]);
 		}
-	
+
 		if(! $contacts)
 			$o .= '<div id="content-complete"></div>';
-	
+
 		return $o;
 	}
-	
+
 }

Zotlabs/Module/Contactedit.php

@@ -0,0 +1,675 @@
+<?php
+
+namespace Zotlabs\Module;
+
+/* @file Cobtactedit.php
+ * @brief In this file the connection-editor form is generated and evaluated.
+ *
+ *
+ */
+
+use App;
+use Sabre\VObject\Reader;
+use Zotlabs\Lib\Apps;
+use Zotlabs\Lib\Libzot;
+use Zotlabs\Lib\Libsync;
+use Zotlabs\Daemon\Master;
+use Zotlabs\Web\Controller;
+use Zotlabs\Access\Permissions;
+use Zotlabs\Access\PermissionLimits;
+use Zotlabs\Web\HTTPHeaders;
+use Zotlabs\Lib\Permcat;
+use Zotlabs\Lib\AccessList;
+
+require_once('include/socgraph.php');
+require_once('include/selectors.php');
+require_once('include/group.php');
+require_once('include/photos.php');
+
+class Contactedit extends Controller {
+
+	/* @brief Initialize the connection-editor
+	 *
+	 *
+	 */
+
+	function init() {
+
+		if (!local_channel())
+			return;
+
+		if ((argc() >= 2) && intval(argv(1))) {
+			$r = q("SELECT abook.*, xchan.* FROM abook LEFT JOIN xchan ON abook_xchan = xchan_hash
+				WHERE abook_channel = %d AND abook_id = %d AND abook_self = 0 AND xchan_deleted = 0",
+				intval(local_channel()),
+				intval(argv(1))
+			);
+			if (!$r) {
+				json_return_and_die([
+					'success' => false,
+					'message' => t('Invalid abook_id')
+				]);
+			}
+
+			App::$poi = $r[0];
+
+		}
+	}
+
+
+	/* @brief Evaluate posted values and set changes
+	 *
+	 */
+
+	function post() {
+
+		if (!local_channel())
+			return;
+
+		$contact_id = intval(argv(1));
+		if (!$contact_id)
+			return;
+
+		$channel = App::get_channel();
+
+		$contact = App::$poi;
+
+		if (!$contact) {
+			notice(t('Could not access contact record.') . EOL);
+			killme();
+		}
+
+		call_hooks('contact_edit_post', $_REQUEST);
+
+		if (Apps::system_app_installed(local_channel(), 'Privacy Groups')) {
+			$pgrp_ids = q("SELECT id FROM pgrp WHERE deleted = 0 AND uid = %d",
+				intval(local_channel())
+			);
+
+			foreach($pgrp_ids as $pgrp) {
+				if (array_key_exists('pgrp_id_' . $pgrp['id'], $_REQUEST)) {
+					AccessList::member_add(local_channel(), '', $contact['abook_xchan'], $pgrp['id']);
+				}
+				else {
+					AccessList::member_remove(local_channel(), '', $contact['abook_xchan'], $pgrp['id']);
+				}
+			}
+		}
+
+		$profile_id = ((array_key_exists('profile_assign', $_REQUEST)) ? $_REQUEST['profile_assign'] : $contact['abook_profile']);
+
+		if ($profile_id) {
+			$r = q("SELECT profile_guid FROM profile WHERE profile_guid = '%s' AND uid = %d LIMIT 1",
+				dbesc($profile_id),
+				intval(local_channel())
+			);
+			if (!count($r)) {
+				notice(t('Could not locate selected profile.') . EOL);
+				return;
+			}
+		}
+
+		$abook_incl = ((array_key_exists('abook_incl', $_REQUEST)) ? escape_tags($_REQUEST['abook_incl']) : $contact['abook_incl']);
+		$abook_excl = ((array_key_exists('abook_excl', $_REQUEST)) ? escape_tags($_REQUEST['abook_excl']) : $contact['abook_excl']);
+		$abook_role = ((array_key_exists('permcat', $_REQUEST)) ? escape_tags($_REQUEST['permcat']) : $contact['abook_role']);
+
+		if (!array_key_exists('closeness', $_REQUEST)) {
+			$_REQUEST['closeness'] = 80;
+		}
+
+		$closeness = intval($_REQUEST['closeness']);
+
+		if ($closeness < 0 || $closeness > 99) {
+			$closeness = 80;
+		}
+
+		$new_friend = ((intval($contact['abook_pending'])) ? true : false);
+
+		\Zotlabs\Lib\Permcat::assign($channel, $abook_role, [$contact['abook_xchan']]);
+
+		$abook_pending = (($new_friend) ? 0 : $contact['abook_pending']);
+
+		$r = q("UPDATE abook SET abook_profile = '%s', abook_closeness = %d, abook_pending = %d,
+			abook_incl = '%s', abook_excl = '%s'
+			where abook_id = %d AND abook_channel = %d",
+			dbesc($profile_id),
+			intval($closeness),
+			intval($abook_pending),
+			dbesc($abook_incl),
+			dbesc($abook_excl),
+			intval($contact_id),
+			intval(local_channel())
+		);
+
+		$_REQUEST['success'] = false;
+
+		if ($r) {
+			$_REQUEST['success'] = true;
+		}
+
+
+		if (!intval($contact['abook_self'])) {
+			if ($new_friend) {
+				Master::Summon(['Notifier', 'permission_accept', $contact_id]);
+			}
+
+			Master::Summon([
+				'Notifier',
+				(($new_friend) ? 'permission_create' : 'permission_update'),
+				$contact_id
+			]);
+		}
+
+		if ($new_friend) {
+			$default_group = $channel['channel_default_group'];
+			if ($default_group) {
+				$g = AccessList::by_hash(local_channel(), $default_group);
+				if ($g) {
+					AccessList::member_add(local_channel(), '', $contact['abook_xchan'], $g['id']);
+				}
+			}
+
+			// Check if settings permit ("post new friend activity" is allowed, and
+			// friends in general or this friend in particular aren't hidden)
+			// and send out a new friend activity
+
+			$pr = q("select * from profile where uid = %d and is_default = 1 and hide_friends = 0",
+				intval($channel['channel_id'])
+			);
+			if (($pr) && (!intval($contact['abook_hidden'])) && (intval(get_pconfig($channel['channel_id'], 'system', 'post_newfriend')))) {
+				$xarr = [];
+
+				$xarr['item_wall']       = 1;
+				$xarr['item_origin']     = 1;
+				$xarr['item_thread_top'] = 1;
+				$xarr['owner_xchan']     = $xarr['author_xchan'] = $channel['channel_hash'];
+				$xarr['allow_cid']       = $channel['channel_allow_cid'];
+				$xarr['allow_gid']       = $channel['channel_allow_gid'];
+				$xarr['deny_cid']        = $channel['channel_deny_cid'];
+				$xarr['deny_gid']        = $channel['channel_deny_gid'];
+				$xarr['item_private']    = (($xarr['allow_cid'] || $xarr['allow_gid'] || $xarr['deny_cid'] || $xarr['deny_gid']) ? 1 : 0);
+
+				$xarr['body'] = '[zrl=' . $channel['xchan_url'] . ']' . $channel['xchan_name'] . '[/zrl]' . ' ' . t('is now connected to') . ' ' . '[zrl=' . $contact['xchan_url'] . ']' . $contact['xchan_name'] . '[/zrl]';
+
+				$xarr['body'] .= "\n\n\n" . '[zrl=' . $contact['xchan_url'] . '][zmg=80x80]' . $contact['xchan_photo_m'] . '[/zmg][/zrl]';
+
+				post_activity_item($xarr);
+
+			}
+
+			// pull in a bit of content if there is any to pull in
+			Master::Summon(['Onepoll', $contact_id]);
+
+		}
+
+		// Refresh the structure in memory with the new data
+		$this->init();
+
+		if ($new_friend) {
+			$arr = ['channel_id' => local_channel(), 'abook' => App::$poi];
+			call_hooks('accept_follow', $arr);
+		}
+
+		$this->contactedit_clone();
+		$this->get();
+
+		killme();
+
+		return;
+
+	}
+
+
+	/* @brief Generate content of contact edit page
+	 *
+	 *
+	 */
+
+	function get() {
+
+		if (!local_channel()) {
+			killme();
+		}
+
+		if (!App::$poi) {
+			killme();
+		}
+
+
+		$channel = App::get_channel();
+		$contact_id = App::$poi['abook_id'];
+		$contact    = App::$poi;
+		$section = ((array_key_exists('section', $_REQUEST)) ? $_REQUEST['section'] : 'roles');
+		$sub_section = ((array_key_exists('sub_section', $_REQUEST)) ? $_REQUEST['sub_section'] : '');
+
+
+		if (argc() == 3) {
+			$cmd = argv(2);
+			$ret = $this->do_action($contact, $cmd);
+			$contact = App::$poi;
+
+			$tools_html =  replace_macros(get_markup_template("contact_edit_tools.tpl"), [
+				'$tools_label'      => t('Contact Tools'),
+				'$tools'            => $this->get_tools($contact),
+			]);
+
+			$ret['tools'] = $tools_html;
+
+			json_return_and_die($ret);
+		}
+
+		$groups = [];
+
+		if (Apps::system_app_installed(local_channel(), 'Privacy Groups')) {
+
+			$r = q("SELECT * FROM pgrp WHERE deleted = 0 AND uid = %d ORDER BY gname ASC",
+				intval(local_channel())
+			);
+
+			$member_of = AccessList::containing(local_channel(), $contact['xchan_hash']);
+
+			if ($r) {
+				foreach ($r as $rr) {
+					$default_group = false;
+					if ($rr['hash'] === $channel['channel_default_group']) {
+						$default_group = true;
+					}
+
+					$groups[] = [
+						'pgrp_id_' . $rr['id'],
+						$rr['gname'],
+						// if it's a new contact preset the default group if we have one
+						(($default_group && $contact['abook_pending']) ? 1 : in_array($rr['id'], $member_of)),
+						'',
+						[t('No'), t('Yes')]
+					];
+				}
+			}
+		}
+
+		$slide = '';
+
+		if (Apps::system_app_installed(local_channel(), 'Affinity Tool')) {
+
+			$labels = [
+				t('Me'),
+				t('Family'),
+				t('Friends'),
+				t('Acquaintances'),
+				t('All')
+			];
+			call_hooks('affinity_labels', $labels);
+			$label_str = '';
+
+			if ($labels) {
+				foreach ($labels as $l) {
+					if ($label_str) {
+						$label_str .= ", '|'";
+						$label_str .= ", '" . $l . "'";
+					}
+					else
+						$label_str .= "'" . $l . "'";
+				}
+			}
+
+			$slider_tpl = get_markup_template('contact_slider.tpl');
+
+			$slideval = intval($contact['abook_closeness']);
+
+			$slide = replace_macros($slider_tpl, [
+				'$min'    => 1,
+				'$val'    => $slideval,
+				'$labels' => $label_str,
+			]);
+		}
+
+		$perms        = [];
+		$global_perms = Permissions::Perms();
+		$existing     = get_all_perms(local_channel(), $contact['abook_xchan'], false);
+		$unapproved   = ['pending', t('Approve this contact'), '', t('Accept contact to allow communication'), [t('No'), ('Yes')]];
+		$multiprofs   = ((feature_enabled(local_channel(), 'multi_profiles')) ? true : false);
+
+		$theirs = q("select * from abconfig where chan = %d and xchan = '%s' and cat = 'their_perms'",
+			intval(local_channel()),
+			dbesc($contact['abook_xchan'])
+		);
+
+		$their_perms = [];
+		if ($theirs) {
+			foreach ($theirs as $t) {
+				$their_perms[$t['k']] = $t['v'];
+			}
+		}
+
+		foreach ($global_perms as $k => $v) {
+			$thisperm       = $existing[$k];
+			$checkinherited = PermissionLimits::Get(local_channel(), $k);
+			$perms[]        = ['perms_' . $k, $v, ((array_key_exists($k, $their_perms)) ? intval($their_perms[$k]) : ''), $thisperm, 1, (($checkinherited & PERMS_SPECIFIC) ? '0' : '1'), '', $checkinherited];
+		}
+
+		$pcat            = new Permcat(local_channel());
+		$pcatlist        = $pcat->listing();
+		$default_role    = get_pconfig(local_channel(), 'system', 'default_permcat');
+		$current_permcat = (($contact['abook_pending']) ? $default_role : $contact['abook_role']);
+
+		$roles_dict = [];
+		foreach ($pcatlist as $role) {
+			$roles_dict[$role['name']] = $role['localname'];
+		}
+
+
+		if (!$current_permcat) {
+			notice(t('Please select a role for this contact!') . EOL);
+			$permcats[] = '';
+		}
+
+		if ($pcatlist) {
+			foreach ($pcatlist as $pc) {
+				$permcats[$pc['name']] = $pc['localname'];
+			}
+		}
+
+		$locstr = locations_by_netid($contact['xchan_hash']);
+		if (!$locstr) {
+			$locstr = unpunify($contact['xchan_url']);
+		}
+
+		$clone_warn = '';
+		$clonable   = in_array($contact['xchan_network'], ['zot6', 'rss']);
+		if (!$clonable) {
+			$clone_warn = '<strong>';
+			$clone_warn .= ((intval($contact['abook_not_here']))
+				? t('This contact is unreachable from this location.')
+				: t('This contact may be unreachable from other channel locations.')
+			);
+			$clone_warn .= '</strong><br>' . t('Location independence is not supported by their network.');
+		}
+
+		$header_card = '<img src="' . $contact['xchan_photo_s'] . '" class="rounded" style="width: 3rem; height: 3rem;">&nbsp; ' . $contact['xchan_name'];
+
+		$header_html =  replace_macros(get_markup_template("contact_edit_header.tpl"), [
+			'$img_src' => $contact['xchan_photo_s'],
+			'$name' => $contact['xchan_name'],
+			'$addr' => (($contact['xchan_addr']) ? $contact['xchan_addr'] : $contact['xchan_url']),
+			'$href' => ((is_matrix_url($contact['xchan_url'])) ? zid($contact['xchan_url']) : $contact['xchan_url']),
+			'$link_label' => t('View profile'),
+			'$is_group' => $contact['xchan_pubforum'],
+			'$group_label' => t('This is a group/forum channel')
+		]);
+
+		$tools_html =  replace_macros(get_markup_template("contact_edit_tools.tpl"), [
+			'$tools_label'      => t('Contact Tools'),
+			'$tools'            => $this->get_tools($contact),
+		]);
+
+		$tpl = get_markup_template("contact_edit.tpl");
+
+		$o = replace_macros($tpl, [
+			'$permcat'          => ['permcat', t('Select a role for this contact'), $current_permcat, '', $permcats],
+			'$permcat_new'      => t('Contact roles'),
+			'$permcat_value'    => bin2hex($current_permcat),
+//			'$addr'             => unpunify($contact['xchan_addr']),
+//			'$primeurl'         => unpunify($contact['xchan_url']),
+			'$section'          => $section,
+			'$sub_section'      => $sub_section,
+			'$groups'           => $groups,
+//			'$addr_text'        => t('This contacts\'s primary address is'),
+//			'$loc_text'         => t('Available locations:'),
+//			'$locstr'           => $locstr,
+//			'$unclonable'       => $clone_warn,
+			'$lbl_slider'       => t('Slide to adjust your degree of friendship'),
+			'$connfilter'       => feature_enabled(local_channel(), 'connfilter'),
+			'$connfilter_label' => t('Custom Filter'),
+			'$incl'             => ['abook_incl', t('Only import posts with this text'), $contact['abook_incl'], t('words one per line or #tags or /patterns/ or lang=xx, leave blank to import all posts')],
+			'$excl'             => ['abook_excl', t('Do not import posts with this text'), $contact['abook_excl'], t('words one per line or #tags or /patterns/ or lang=xx, leave blank to import all posts')],
+			'$slide'            => $slide,
+//			'$pending_label'    => t('Contact Pending Approval'),
+//			'$is_pending'       => (intval($contact['abook_pending']) ? 1 : ''),
+//			'$unapproved'       => $unapproved,
+			'$submit'           => ((intval($contact['abook_pending'])) ? t('Approve contact') : t('Submit')),
+			'$close'            => (($contact['abook_closeness']) ? $contact['abook_closeness'] : 80),
+			'$them'             => t('Their'),
+			'$me'               => t('My'),
+			'$perms'            => $perms,
+//			'$lastupdtext'      => t('Last update:'),
+//			'$last_update'      => relative_date($contact['abook_connected']),
+			'$profile_select'   => contact_profile_assign($contact['abook_profile']),
+			'$multiprofs'       => $multiprofs,
+			'$contact_id'       => $contact['abook_id'],
+//			'$name'             => $contact['xchan_name'],
+			'$roles_label'	    => t('Roles'),
+			'$compare_label'    => t('Compare permissions'),
+			'$permission_label' => t('Permission'),
+			'$pgroups_label'    => t('Privacy groups'),
+			'$profiles_label'   => t('Profiles'),
+			'$affinity_label'   => t('Affinity'),
+			'$filter_label'	    => t('Content filter')
+		]);
+
+		$arr = ['contact' => $contact, 'output' => $o];
+
+		call_hooks('contact_edit', $arr);
+
+		if (is_ajax()) {
+			json_return_and_die([
+				'success' => ((intval($_REQUEST['success'])) ? intval($_REQUEST['success']) : 1),
+				'message' => (($_REQUEST['success']) ? t('Contact updated') : t('Contact update failed')),
+				'id' => $contact_id,
+				'title' => $header_html,
+				'role' => ((intval($contact['abook_pending'])) ? '' : $roles_dict[$current_permcat]),
+				'body' => $arr['output'],
+				'tools' => $tools_html,
+				'submit' => ((intval($contact['abook_pending'])) ? t('Approve connection') : t('Submit')),
+				'pending' => intval($contact['abook_pending'])
+			]);
+		}
+
+		return $arr['output'];
+
+	}
+
+	function contactedit_clone() {
+
+		if (!App::$poi)
+			return;
+
+		$channel = App::get_channel();
+
+		$clone = App::$poi;
+
+		unset($clone['abook_id']);
+		unset($clone['abook_account']);
+		unset($clone['abook_channel']);
+
+		$abconfig = load_abconfig($channel['channel_id'], $clone['abook_xchan']);
+		if ($abconfig)
+			$clone['abconfig'] = $abconfig;
+
+		Libsync::build_sync_packet(0 /* use the current local_channel */, ['abook' => [$clone]]);
+	}
+
+	function do_action($contact, $cmd) {
+		$ret = [
+			'sucess' => false,
+			'message' => ''
+		];
+
+		if ($cmd === 'resetphoto') {
+			q("update xchan set xchan_photo_date = '2001-01-01 00:00:00' where xchan_hash = '%s'",
+				dbesc($contact['xchan_hash'])
+			);
+			$cmd = 'refresh';
+		}
+
+		if ($cmd === 'refresh') {
+			if ($contact['xchan_network'] === 'zot6') {
+				if (Libzot::refresh($contact, App::get_channel())) {
+					$ret['success'] = true;
+					$ret['message'] = t('Refresh succeeded');
+				}
+				else {
+					$ret['message'] = t('Refresh failed - channel is currently unavailable');
+				}
+			}
+			else {
+				// if you are on a different network we'll force a refresh of the connection basic info
+				Master::Summon(['Notifier', 'permission_update', $contact['abook_id']]);
+				$ret['success'] = true;
+				$ret['message'] = t('Refresh succeeded');
+			}
+
+			return $ret;
+		}
+
+		if ($cmd === 'block') {
+			if (abook_toggle_flag($contact, ABOOK_FLAG_BLOCKED)) {
+				$this->init(); // refresh data
+
+				$this->contactedit_clone();
+				$ret['success'] = true;
+				$ret['message'] = t('Block status updated');
+			}
+			else {
+				$ret['success'] = false;
+				$ret['message'] = t('Block failed');
+			}
+			return $ret;
+		}
+
+		if ($cmd === 'ignore') {
+			if (abook_toggle_flag($contact, ABOOK_FLAG_IGNORED)) {
+				$this->init(); // refresh data
+
+				$this->contactedit_clone();
+				$ret['success'] = true;
+				$ret['message'] = t('Ignore status updated');
+			}
+			else {
+				$ret['success'] = false;
+				$ret['message'] = t('Ignore failed');
+			}
+			return $ret;
+		}
+
+		if ($cmd === 'archive') {
+			if (abook_toggle_flag($contact, ABOOK_FLAG_ARCHIVED)) {
+				$this->init(); // refresh data
+
+				$this->contactedit_clone();
+				$ret['success'] = true;
+				$ret['message'] = t('Archive status updated');
+			}
+			else {
+				$ret['success'] = false;
+				$ret['message'] = t('Archive failed');
+			}
+			return $ret;
+		}
+
+		if ($cmd === 'hide') {
+			if (abook_toggle_flag($contact, ABOOK_FLAG_HIDDEN)) {
+				$this->init(); // refresh data
+
+				$this->contactedit_clone();
+				$ret['success'] = true;
+				$ret['message'] = t('Hide status updated');
+			}
+			else {
+				$ret['success'] = false;
+				$ret['message'] = t('Hide failed');
+			}
+			return $ret;
+		}
+
+		// We'll prevent somebody from unapproving an already approved contact.
+		// Though maybe somebody will want this eventually (??)
+
+		//if ($cmd === 'approve') {
+			//if (intval($contact['abook_pending'])) {
+				//if (abook_toggle_flag($contact, ABOOK_FLAG_PENDING)) {
+					//$this->contactedit_clone();
+				//}
+				//else
+					//notice(t('Unable to set address book parameters.') . EOL);
+			//}
+			//goaway(z_root() . '/connedit/' . $contact_id);
+		//}
+
+
+		if ($cmd === 'drop') {
+
+			if (contact_remove(local_channel(), $contact['abook_id'])) {
+
+				Master::Summon(['Notifier', 'purge', local_channel(), $contact['xchan_hash']]);
+				Libsync::build_sync_packet(0 /* use the current local_channel */,
+					['abook' => [
+						[
+							'abook_xchan'   => $contact['abook_xchan'],
+							'entry_deleted' => true
+						]
+					]
+				]);
+
+				$ret['success'] = true;
+				$ret['message'] = t('Contact removed');
+			}
+			else {
+				$ret['success'] = false;
+				$ret['message'] = t('Delete failed');
+			}
+			return $ret;
+		}
+	}
+
+	function get_tools($contact) {
+		return [
+
+			'refresh' => [
+				'label' => t('Refresh Permissions'),
+				'title' => t('Fetch updated permissions'),
+			],
+
+			'rephoto' => [
+				'label' => t('Refresh Photo'),
+				'title' => t('Fetch updated photo'),
+			],
+
+
+			'block' => [
+				'label' => (intval($contact['abook_blocked']) ? t('Unblock') : t('Block')),
+				'sel'   => (intval($contact['abook_blocked']) ? 'active' : ''),
+				'title' => t('Block (or Unblock) all communications with this connection'),
+				'info'  => (intval($contact['abook_blocked']) ? t('This connection is blocked!') : ''),
+			],
+
+			'ignore' => [
+				'label' => (intval($contact['abook_ignored']) ? t('Unignore') : t('Ignore')),
+				'sel'   => (intval($contact['abook_ignored']) ? 'active' : ''),
+				'title' => t('Ignore (or Unignore) all inbound communications from this connection'),
+				'info'  => (intval($contact['abook_ignored']) ? t('This connection is ignored!') : ''),
+			],
+
+			'archive' => [
+				'label' => (intval($contact['abook_archived']) ? t('Unarchive') : t('Archive')),
+				'sel'   => (intval($contact['abook_archived']) ? 'active' : ''),
+				'title' => t('Archive (or Unarchive) this connection - mark channel dead but keep content'),
+				'info'  => (intval($contact['abook_archived']) ? t('This connection is archived!') : ''),
+			],
+
+			'hide' => [
+				'label' => (intval($contact['abook_hidden']) ? t('Unhide') : t('Hide')),
+				'sel'   => (intval($contact['abook_hidden']) ? 'active' : ''),
+				'title' => t('Hide or Unhide this connection from your other connections'),
+				'info'  => (intval($contact['abook_hidden']) ? t('This connection is hidden!') : ''),
+			],
+
+			'delete' => [
+				'label' => t('Delete'),
+				'sel'   => '',
+				'title' => t('Delete this connection'),
+			],
+
+		];
+	}
+
+}

Zotlabs/Module/Contactgroup.php

@@ -1,17 +1,17 @@
 <?php
 namespace Zotlabs\Module;
 
-require_once('include/group.php');
+use Zotlabs\Lib\AccessList;
+use Zotlabs\Web\Controller;
 
-
-class Contactgroup extends \Zotlabs\Web\Controller {
+class Contactgroup extends Controller {
 
 	function get() {
-	
+
 		if(! local_channel()) {
 			killme();
 		}
-	
+
 		if((argc() > 2) && (intval(argv(1))) && (argv(2))) {
 			$r = q("SELECT abook_xchan from abook where abook_xchan = '%s' and abook_channel = %d and abook_self = 0 limit 1",
 				dbesc(base64url_decode(argv(2))),
@@ -20,9 +20,9 @@ class Contactgroup extends \Zotlabs\Web\Controller {
 			if($r)
 				$change = $r[0]['abook_xchan'];
 		}
-	
+
 		if((argc() > 1) && (intval(argv(1)))) {
-	
+
 			$r = q("SELECT * FROM pgrp WHERE id = %d AND uid = %d AND deleted = 0 LIMIT 1",
 				intval(argv(1)),
 				intval(local_channel())
@@ -30,25 +30,25 @@ class Contactgroup extends \Zotlabs\Web\Controller {
 			if(! $r) {
 				killme();
 			}
-	
+
 			$group = $r[0];
-			$members = group_get_members($group['id']);
+			$members = AccessList::members(local_channel(), $group['id']);
 			$preselected = array();
 			if(count($members))	{
 				foreach($members as $member)
 					$preselected[] = $member['xchan_hash'];
 			}
-	
+
 			if($change) {
 				if(in_array($change,$preselected)) {
-					group_rmv_member(local_channel(),$group['gname'],$change);
+					AccessList::member_remove(local_channel(),$group['gname'],$change);
 				}
 				else {
-					group_add_member(local_channel(),$group['gname'],$change);
+					AccessList::member_add(local_channel(),$group['gname'],$change);
 				}
 			}
 		}
-	
+
 		killme();
 	}
 }

Zotlabs/Module/Defperms.php

@@ -8,7 +8,6 @@ use Zotlabs\Lib\Libsync;
 
 require_once('include/socgraph.php');
 require_once('include/selectors.php');
-require_once('include/group.php');
 require_once('include/photos.php');
 
 class Defperms extends Controller {
@@ -19,13 +18,13 @@ class Defperms extends Controller {
 	 */
 
 	function init() {
-	
+
 		if(! local_channel())
 			return;
 
-		if(! Apps::system_app_installed(local_channel(), 'Default Permissions'))
-			return;
-	
+		//if(! Apps::system_app_installed(local_channel(), 'Default Permissions'))
+		//	return;
+
 		$r = q("SELECT abook.*, xchan.*
 			FROM abook left join xchan on abook_xchan = xchan_hash
 			WHERE abook_self = 1 and abook_channel = %d LIMIT 1",
@@ -37,39 +36,39 @@ class Defperms extends Controller {
 
 		$channel = App::get_channel();
 		if($channel)
-			head_set_icon($channel['xchan_photo_s']);	
+			head_set_icon($channel['xchan_photo_s']);
 	}
 
-	
+
 	/* @brief Evaluate posted values and set changes
 	 *
 	 */
-	
+
 	function post() {
-	
+
 		if(! local_channel())
 			return;
 
-		if(! Apps::system_app_installed(local_channel(), 'Default Permissions'))
-			return;
-	
+		//if(! Apps::system_app_installed(local_channel(), 'Default Permissions'))
+		//	return;
+
 		$contact_id = intval(argv(1));
 		if(! $contact_id)
 			return;
-	
+
 		$channel = App::get_channel();
-	
+
 		$orig_record = q("SELECT * FROM abook WHERE abook_id = %d AND abook_channel = %d LIMIT 1",
 			intval($contact_id),
 			intval(local_channel())
 		);
-	
+
 		if(! $orig_record) {
 			notice( t('Could not access contact record.') . EOL);
 			goaway(z_root() . '/connections');
 			return; // NOTREACHED
 		}
-	
+
 
 		if(intval($orig_record[0]['abook_self'])) {
 			$autoperms = intval($_POST['autoperms']);
@@ -79,8 +78,8 @@ class Defperms extends Controller {
 			$autoperms = null;
 			$is_self = false;
 		}
-	
-	
+
+
 		$all_perms = \Zotlabs\Access\Permissions::Perms();
 
 		if($all_perms) {
@@ -105,15 +104,15 @@ class Defperms extends Controller {
 			}
 		}
 
-		if(! is_null($autoperms)) 
+		if(! is_null($autoperms))
 			set_pconfig($channel['channel_id'],'system','autoperms',$autoperms);
-				
-	
+
+
 		notice( t('Settings updated.') . EOL);
 
-	
+
 		// Refresh the structure in memory with the new data
-	
+
 		$r = q("SELECT abook.*, xchan.*
 			FROM abook left join xchan on abook_xchan = xchan_hash
 			WHERE abook_channel = %d and abook_id = %d LIMIT 1",
@@ -123,28 +122,28 @@ class Defperms extends Controller {
 		if($r) {
 			App::$poi = $r[0];
 		}
-	
-	
+
+
 		$this->defperms_clone($a);
-	
+
 		goaway(z_root() . '/defperms');
-	
+
 		return;
-	
+
 	}
-	
+
 	/* @brief Clone connection
 	 *
 	 *
 	 */
-	
+
 	function defperms_clone(&$a) {
-	
+
 			if(! App::$poi)
 				return;
-		
+
 			$channel = App::get_channel();
-	
+
 			$r = q("SELECT abook.*, xchan.*
 				FROM abook left join xchan on abook_xchan = xchan_hash
 				WHERE abook_channel = %d and abook_id = %d LIMIT 1",
@@ -154,49 +153,47 @@ class Defperms extends Controller {
 			if($r) {
 				App::$poi = array_shift($r);
 			}
-	
+
 			$clone = App::$poi;
-	
+
 			unset($clone['abook_id']);
 			unset($clone['abook_account']);
 			unset($clone['abook_channel']);
-	
+
 			$abconfig = load_abconfig($channel['channel_id'],$clone['abook_xchan']);
 			if($abconfig)
 				$clone['abconfig'] = $abconfig;
-	
+
 			Libsync::build_sync_packet(0 /* use the current local_channel */, array('abook' => array($clone)));
 	}
-	
+
 	/* @brief Generate content of connection default permissions page
 	 *
 	 *
 	 */
-	
+
 	function get() {
-	
+
 		$sort_type = 0;
 		$o = '';
-	
+
 		if(! local_channel()) {
 			notice( t('Permission denied.') . EOL);
 			return login();
 		}
 
-		if(! Apps::system_app_installed(local_channel(), 'Default Permissions')) {
-			//Do not display any associated widgets at this point
-			App::$pdl = '';
+		//~ if(! Apps::system_app_installed(local_channel(), 'Default Permissions')) {
+			//~ //Do not display any associated widgets at this point
+			//~ App::$pdl = '';
+			//~ $papp = Apps::get_papp('Default Permissions');
+			//~ return Apps::app_render($papp, 'module');
+		//~ }
 
-			$o = '<b>' . t('Default Permissions App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= t('Set custom default permissions for new connections');
-			return $o;
-		}
-	
 		$section = ((array_key_exists('section',$_REQUEST)) ? $_REQUEST['section'] : '');
 		$channel = App::get_channel();
-	
+
 		$yes_no = array(t('No'),t('Yes'));
-	
+
 		$connect_perms = \Zotlabs\Access\Permissions::connect_perms(local_channel());
 
 		$o .= "<script>function connectDefaultShare() {
@@ -210,28 +207,28 @@ class Defperms extends Controller {
 			}
 		}
 		$o .= " }\n</script>\n";
-	
+
 		if(App::$poi) {
-	
+
 			$sections = [];
 
 			$self = false;
-	
+
 			$tpl = get_markup_template('defperms.tpl');
-	
-	
+
+
 			$perms = array();
 			$channel = App::get_channel();
 
 			$contact = App::$poi;
-	
+
 			$global_perms = \Zotlabs\Access\Permissions::Perms();
 
 			$hidden_perms = [];
-	
+
 			foreach($global_perms as $k => $v) {
 				$thisperm = get_abconfig(local_channel(),$contact['abook_xchan'],'my_perms',$k);
-				
+
 				$checkinherited = \Zotlabs\Access\PermissionLimits::Get(local_channel(),$k);
 
 				$inherited = (($checkinherited & PERMS_SPECIFIC) ? false : true);
@@ -241,7 +238,7 @@ class Defperms extends Controller {
 					$hidden_perms[] = [ 'perms_' . $k, intval($thisperm) ];
 				}
 			}
-	
+
 			$pcat = new \Zotlabs\Lib\Permcat(local_channel());
 			$pcatlist = $pcat->listing();
 			$permcats = [];
@@ -272,13 +269,13 @@ class Defperms extends Controller {
 				'$contact_id'     => $contact['abook_id'],
 				'$name'           => $contact['xchan_name'],
 			]);
-	
+
 			$arr = array('contact' => $contact,'output' => $o);
-	
+
 			call_hooks('contact_edit', $arr);
-	
+
 			return $arr['output'];
-	
-		}	
+
+		}
 	}
 }

Zotlabs/Module/Directory.php

@@ -8,7 +8,6 @@ use Zotlabs\Lib\Libzotdir;
 
 
 require_once('include/socgraph.php');
-require_once('include/dir_fns.php');
 require_once('include/bbcode.php');
 require_once('include/html2plain.php');
 
@@ -245,7 +244,7 @@ class Directory extends Controller {
 							$profile_link = chanlink_url($rr['url']);
 
 							$pdesc = (($rr['description']) ? $rr['description'] . '<br />' : '');
-							$connect_link = ((local_channel()) ? z_root() . '/follow?f=&url=' . urlencode($rr['address']) : '');
+							$connect_link = ((local_channel()) ? z_root() . '/follow?f=&interactive=1&url=' . urlencode($rr['address']) : '');
 
 							// Checking status is disabled ATM until someone checks the performance impact more carefully
 							//$online = remote_online_status($rr['address']);

Zotlabs/Module/Dirsearch.php

@@ -4,26 +4,22 @@ namespace Zotlabs\Module;
 use App;
 use Zotlabs\Web\Controller;
 
-require_once('include/dir_fns.php');
-
-
-
 class Dirsearch extends Controller {
 
 	function init() {
 		App::set_pager_itemspage(30);
-	
+
 	}
-	
+
 	function get() {
-	
+
 		$ret = array('success' => false);
-	
+
 	//	logger('request: ' . print_r($_REQUEST,true));
-	
-	
+
+
 		$dirmode = intval(get_config('system','directory_mode'));
-	
+
 		if($dirmode == DIRECTORY_MODE_NORMAL) {
 			$ret['message'] = t('This site is not a directory server');
 			json_return_and_die($ret);
@@ -31,24 +27,24 @@ class Dirsearch extends Controller {
 
 
 		$access_token = $_REQUEST['t'];
-	
+
 		$token = get_config('system','realm_token');
 		if($token && $access_token != $token) {
 			$ret['message'] = t('This directory server requires an access token');
 			json_return_and_die($ret);
 		}
-	
-	
+
+
 		if(argc() > 1 && argv(1) === 'sites') {
 			$ret = $this->list_public_sites();
 			json_return_and_die($ret);
 		}
-	
+
 		$sql_extra = '';
-	
-	
+
+
 		$tables = array('name','address','locale','region','postcode','country','gender','marital','sexual','keywords');
-	
+
 		if($_REQUEST['query']) {
 			$advanced = $this->dir_parse_query($_REQUEST['query']);
 			if($advanced) {
@@ -64,9 +60,9 @@ class Dirsearch extends Controller {
 				}
 			}
 		}
-	
+
 		$hash     = ((x($_REQUEST['hash']))    ? $_REQUEST['hash']     : '');
-	
+
 		$name     = ((x($_REQUEST,'name'))     ? $_REQUEST['name']     : '');
 		$hub      = ((x($_REQUEST,'hub'))      ? $_REQUEST['hub']      : '');
 		$address  = ((x($_REQUEST,'address'))  ? $_REQUEST['address']  : '');
@@ -82,16 +78,16 @@ class Dirsearch extends Controller {
 		$agele    = ((x($_REQUEST,'agele'))    ? intval($_REQUEST['agele']) : 0 );
 		$kw       = ((x($_REQUEST,'kw'))       ? intval($_REQUEST['kw'])    : 0 );
 		$forums   = ((array_key_exists('pubforums',$_REQUEST)) ? intval($_REQUEST['pubforums']) : 0);
-	
+
 		if(get_config('system','disable_directory_keywords'))
 			$kw = 0;
-	
-	
+
+
 		// by default use a safe search
 		$safe     = ((x($_REQUEST,'safe')));    // ? intval($_REQUEST['safe'])  : 1 );
 		if ($safe === false)
 				$safe = 1;
-			
+
 		if(array_key_exists('sync',$_REQUEST)) {
 			if($_REQUEST['sync'])
 				$sync = datetime_convert('UTC','UTC',$_REQUEST['sync']);
@@ -100,7 +96,7 @@ class Dirsearch extends Controller {
 		}
 		else
 			$sync = false;
-	
+
 		if(($dirmode == DIRECTORY_MODE_STANDALONE) && (! $hub)) {
 			$hub = \App::get_hostname();
 		}
@@ -109,13 +105,13 @@ class Dirsearch extends Controller {
 			$hub_query = " and xchan_hash in (select hubloc_hash from hubloc where hubloc_host =  '" . protect_sprintf(dbesc($hub)) . "') ";
 		else
 			$hub_query = '';
-	
+
 		$sort_order  = ((x($_REQUEST,'order')) ? $_REQUEST['order'] : '');
-	
+
 		$joiner = ' OR ';
 		if($_REQUEST['and'])
 			$joiner = ' AND ';
-	
+
 		if($name)
 			$sql_extra .= $this->dir_query_build($joiner,'xchan_name',$name);
 		if($address)
@@ -136,58 +132,58 @@ class Dirsearch extends Controller {
 			$sql_extra .= $this->dir_query_build($joiner,'xprof_sexual',$sexual);
 		if($keywords)
 			$sql_extra .= $this->dir_query_build($joiner,'xprof_keywords',$keywords);
-	
-	
-		// we only support an age range currently. You must set both agege 
-		// (greater than or equal) and agele (less than or equal) 
-	
+
+
+		// we only support an age range currently. You must set both agege
+		// (greater than or equal) and agele (less than or equal)
+
 		if($agele && $agege) {
 			$sql_extra .= " $joiner ( xprof_age <= " . intval($agele) . " ";
 			$sql_extra .= " AND  xprof_age >= " . intval($agege) . ") ";
 		}
-	
-	
+
+
 		if($hash) {
 			$sql_extra = " AND xchan_hash like '" . dbesc($hash) . protect_sprintf('%') . "' ";
 		}
-	
-	
+
+
 	    $perpage      = (($_REQUEST['n'])              ? $_REQUEST['n']                    : 60);
 	    $page         = (($_REQUEST['p'])              ? intval($_REQUEST['p'] - 1)        : 0);
 	    $startrec     = (($page+1) * $perpage) - $perpage;
 		$limit        = (($_REQUEST['limit'])          ? intval($_REQUEST['limit'])        : 0);
 		$return_total = ((x($_REQUEST,'return_total')) ? intval($_REQUEST['return_total']) : 0);
-	
+
 		// mtime is not currently working
-	
+
 		$mtime        = ((x($_REQUEST,'mtime'))        ? datetime_convert('UTC','UTC',$_REQUEST['mtime']) : '');
-	
-		// ok a separate tag table won't work. 
+
+		// ok a separate tag table won't work.
 		// merge them into xprof
-	
+
 		$ret['success'] = true;
-	
+
 		// If &limit=n, return at most n entries
 		// If &return_total=1, we count matching entries and return that as 'total_items' for use in pagination.
 		// By default we return one page (default 80 items maximum) and do not count total entries
-	
+
 		$logic = ((strlen($sql_extra)) ? 'false' : 'true');
-	
+
 		if($hash)
 			$logic = 'true';
-	
+
 		if($dirmode == DIRECTORY_MODE_STANDALONE) {
 			$sql_extra .= " and xchan_addr like '%%" . \App::get_hostname() . "' ";
 		}
-	
+
 		$safesql = (($safe > 0) ? " and xchan_censored = 0 and xchan_selfcensored = 0 " : '');
 		if($safe < 0)
 			$safesql = " and ( xchan_censored = 1 OR xchan_selfcensored = 1 ) ";
-	
+
 		if($forums)
 			$safesql .= " and xchan_pubforum = " . ((intval($forums)) ? '1 ' : '0 ');
-	
-		if($limit) 
+
+		if($limit)
 			$qlimit = " LIMIT $limit ";
 		else {
 			$qlimit = " LIMIT " . intval($perpage) . " OFFSET " . intval($startrec);
@@ -198,27 +194,27 @@ class Dirsearch extends Controller {
 				}
 			}
 		}
-	
+
 		if($sort_order == 'normal') {
 			$order = " order by xchan_name asc ";
-	
-			// Start the alphabetic search at 'A' 
+
+			// Start the alphabetic search at 'A'
 			// This will make a handful of channels whose names begin with
 			// punctuation un-searchable in this mode
-	
+
 			$safesql .= " and ascii(substring(xchan_name FROM 1 FOR 1)) > 64 ";
 		}
 		elseif($sort_order == 'reverse')
 			$order = " order by xchan_name desc ";
 		elseif($sort_order == 'reversedate')
 			$order = " order by xchan_name_date asc ";
-		else	
+		else
 			$order = " order by xchan_name_date desc ";
-	
-	
+
+
 		if($sync) {
 			$spkt = array('transactions' => array());
-			$r = q("select * from updates where ud_date >= '%s' and ud_guid != '' order by ud_date desc",
+			$r = q("select * from updates where ud_date >= '%s' and ud_guid != '' and ud_addr != '' order by ud_date desc",
 				dbesc($sync)
 			);
 			if($r) {
@@ -228,7 +224,7 @@ class Dirsearch extends Controller {
 						$flags[] = 'deleted';
 					if($rr['ud_flags'] & UPDATE_FLAGS_FORCED)
 						$flags[] = 'forced';
-	
+
 					$spkt['transactions'][] = array(
 						'hash' => $rr['ud_hash'],
 						'address' => $rr['ud_addr'],
@@ -238,87 +234,48 @@ class Dirsearch extends Controller {
 					);
 				}
 			}
-			$r = q("select * from xlink where xlink_static = 1 and xlink_updated >= '%s' ",
-				dbesc($sync)
-			);
-			if($r) {
-				$spkt['ratings'] = array();
-				foreach($r as $rr) {
-					$spkt['ratings'][] = array(
-						'type' => 'rating', 
-						'encoding' => 'zot',
-						'channel' => $rr['xlink_xchan'],
-						'target' => $rr['xlink_link'],
-						'rating' => intval($rr['xlink_rating']),
-						'rating_text' => $rr['xlink_rating_text'],
-						'signature' => $rr['xlink_sig'],
-						'edited' => $rr['xlink_updated']
-					);
-				}
-			}
 			json_return_and_die($spkt);
 		}
 		else {
-	
-			$r = q("SELECT xchan.*, xprof.* from xchan left join xprof on xchan_hash = xprof_hash 
-				where ( $logic $sql_extra ) $hub_query and xchan_network = 'zot6' and xchan_system = 0 and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0 
-				$safesql $order $qlimit "
+
+			$r = q("SELECT
+				xchan.xchan_name as name,
+				xchan.xchan_hash as hash,
+				xchan.xchan_censored as censored,
+				xchan.xchan_selfcensored as selfcensored,
+				xchan.xchan_pubforum as public_forum,
+				xchan.xchan_url as url,
+				xchan.xchan_photo_l as photo_l,
+				xchan.xchan_photo_m as photo,
+				xchan.xchan_addr as address,
+				xprof.xprof_desc as description,
+				xprof.xprof_locale as locale,
+				xprof.xprof_region as region,
+				xprof.xprof_postcode as postcode,
+				xprof.xprof_country as country,
+				xprof.xprof_dob as birthday,
+				xprof.xprof_age as age,
+				xprof.xprof_gender as gender,
+				xprof.xprof_marital as marital,
+				xprof.xprof_sexual as sexual,
+				xprof.xprof_about as about,
+				xprof.xprof_homepage as homepage,
+				xprof.xprof_hometown as hometown,
+				xprof.xprof_keywords as keywords
+				from xchan left join xprof on xchan_hash = xprof_hash left join hubloc on hubloc_hash = xchan_hash
+				where hubloc_primary = 1 and hubloc_updated > %s - INTERVAL %s and ( $logic $sql_extra ) $hub_query and xchan_network = 'zot6' and xchan_system = 0 and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0
+				$safesql $order $qlimit",
+				db_utcnow(),
+				db_quoteinterval('30 DAY')
 			);
-	
-	
-	
-			$ret['page'] = $page + 1;
-			$ret['records'] = count($r);		
+
 		}
-	
-	
-	
+
 		if($r) {
-	
-			$entries = array();
-	
-			foreach($r as $rr) {
-	
-				$entry = array();
-	
-				$pc = q("select count(xlink_rating) as total_ratings from xlink where xlink_link = '%s' and xlink_rating != 0 and xlink_static = 1 group by xlink_rating",
-					dbesc($rr['xchan_hash'])
-				);
-	
-				if($pc)
-					$entry['total_ratings'] = intval($pc[0]['total_ratings']);
-				else
-					$entry['total_ratings'] = 0;
-	
-				$entry['name']         = $rr['xchan_name'];
-				$entry['hash']         = $rr['xchan_hash'];
-				$entry['censored']     = $rr['xchan_censored'];
-				$entry['selfcensored'] = $rr['xchan_selfcensored'];
-				$entry['public_forum'] = (intval($rr['xchan_pubforum']) ? true : false);
-				$entry['url']          = $rr['xchan_url'];
-				$entry['photo_l']      = $rr['xchan_photo_l'];
-				$entry['photo']        = $rr['xchan_photo_m'];
-				$entry['address']      = $rr['xchan_addr'];
-				$entry['description']  = $rr['xprof_desc'];
-				$entry['locale']       = $rr['xprof_locale'];
-				$entry['region']       = $rr['xprof_region'];
-				$entry['postcode']     = $rr['xprof_postcode'];
-				$entry['country']      = $rr['xprof_country'];
-				$entry['birthday']     = $rr['xprof_dob'];
-				$entry['age']          = $rr['xprof_age'];
-				$entry['gender']       = $rr['xprof_gender'];
-				$entry['marital']      = $rr['xprof_marital'];
-				$entry['sexual']       = $rr['xprof_sexual'];
-				$entry['about']        = $rr['xprof_about'];
-				$entry['homepage']     = $rr['xprof_homepage'];
-				$entry['hometown']     = $rr['xprof_hometown'];
-				$entry['keywords']     = $rr['xprof_keywords'];
-	
-				$entries[] = $entry;
-	
-			}
-	
-			$ret['results'] = $entries;
+			$ret['results'] = $r;
+			$ret['page'] = $page + 1;
+			$ret['records'] = count($r);
+
 			if($kw) {
 				$k = dir_tagadelic($kw, $hub);
 				if($k) {
@@ -328,30 +285,30 @@ class Dirsearch extends Controller {
 					}
 				}
 			}
-		}		
-	
+		}
+
 		json_return_and_die($ret);
 	}
-	
+
 	function dir_query_build($joiner,$field,$s) {
 		$ret = '';
 		if(trim($s))
 			$ret .= dbesc($joiner) . " " . dbesc($field) . " like '" . protect_sprintf( '%' . dbesc($s) . '%' ) . "' ";
 		return $ret;
 	}
-	
+
 	function dir_flag_build($joiner,$field,$bit,$s) {
 		return dbesc($joiner) . " ( " . dbesc($field) . " & " . intval($bit) . " ) " . ((intval($s)) ? '>' : '=' ) . " 0 ";
 	}
-	
-	
+
+
 	function dir_parse_query($s) {
-	
+
 		$ret = array();
 		$curr = array();
 		$all = explode(' ',$s);
 		$quoted_string = false;
-	
+
 		if($all) {
 			foreach($all as $q) {
 				if($quoted_string === false) {
@@ -382,7 +339,7 @@ class Dirsearch extends Controller {
 							$ret[] = $curr;
 							$curr = array();
 							continue;
-						}	
+						}
 						else {
 							$ret[] = $curr;
 							$curr = array();
@@ -405,15 +362,15 @@ class Dirsearch extends Controller {
 		logger('dir_parse_query:' . print_r($ret,true),LOGGER_DATA);
 		return $ret;
 	}
-	
-		
-	
-	
-	
-	
-	
+
+
+
+
+
+
+
 	function list_public_sites() {
-	
+
 		$rand = db_getfunc('rand');
 		$realm = get_directory_realm();
 		if($realm == DIRECTORY_REALM) {
@@ -428,16 +385,16 @@ class Dirsearch extends Controller {
 				intval(SITE_TYPE_ZOT)
 			);
 		}
-			
+
 		$ret = array('success' => false);
-	
+
 		if($r) {
 			$ret['success'] = true;
 			$ret['sites'] = array();
 			$insecure = array();
-	
+
 			foreach($r as $rr) {
-				
+
 				if($rr['site_access'] == ACCESS_FREE)
 					$access = 'free';
 				elseif($rr['site_access'] == ACCESS_PAID)
@@ -446,14 +403,14 @@ class Dirsearch extends Controller {
 					$access = 'tiered';
 				else
 					$access = 'private';
-	
+
 				if($rr['site_register'] == REGISTER_OPEN)
 					$register = 'open';
 				elseif($rr['site_register'] == REGISTER_APPROVE)
 					$register = 'approve';
 				else
 					$register = 'closed';
-	
+
 				if(strpos($rr['site_url'],'https://') !== false)
 					$ret['sites'][] = array('url' => $rr['site_url'], 'access' => $access, 'register' => $register, 'sellpage' => $rr['site_sellpage'], 'location' => $rr['site_location'], 'project' => $rr['site_project'], 'version' => $rr['site_version']);
 				else

Zotlabs/Module/Display.php

@@ -1,6 +1,8 @@
 <?php
 namespace Zotlabs\Module;
 
+use App;
+
 require_once("include/bbcode.php");
 require_once('include/security.php');
 require_once('include/conversation.php');
@@ -34,11 +36,20 @@ class Display extends \Zotlabs\Web\Controller {
 			}
 		}
 
-		if($_REQUEST['mid'])
+		if($_REQUEST['mid']) {
 			$item_hash = $_REQUEST['mid'];
+		}
 
-		if(! $item_hash) {
-			\App::$error = 404;
+		$item_hash = unpack_link_id($item_hash);
+
+		if ($item_hash === false) {
+			App::$error = 400;
+			notice(t('Malformed message id.') . EOL);
+			return;
+		}
+
+		if(!$item_hash) {
+			App::$error = 404;
 			notice( t('Item not found.') . EOL);
 			return;
 		}
@@ -47,7 +58,7 @@ class Display extends \Zotlabs\Web\Controller {
 
 		if(local_channel() && (! $update)) {
 
-			$channel = \App::get_channel();
+			$channel = App::get_channel();
 
 			$channel_acl = array(
 				'allow_cid' => $channel['channel_allow_cid'],
@@ -92,13 +103,8 @@ class Display extends \Zotlabs\Web\Controller {
 
 		$target_item = null;
 
-		if(strpos($item_hash,'b64.') === 0)
-			$decoded = @base64url_decode(substr($item_hash,4));
-		if($decoded)
-			$item_hash = $decoded;
-
-		$r = q("select id, uid, mid, parent, parent_mid, thr_parent, verb, item_type, item_deleted, author_xchan, item_blocked from item where mid like '%s' limit 1",
-			dbesc($item_hash . '%')
+		$r = q("select id, uid, mid, parent, parent_mid, thr_parent, verb, item_type, item_deleted, author_xchan, item_blocked from item where mid = '%s' limit 1",
+			dbesc($item_hash)
 		);
 
 		if($r) {
@@ -110,7 +116,7 @@ class Display extends \Zotlabs\Web\Controller {
 		);
 		if($x) {
 // not yet ready for prime time
-//			\App::$poi = $x[0];
+//			App::$poi = $x[0];
 		}
 
 		//if the item is to be moderated redirect to /moderate
@@ -189,17 +195,15 @@ class Display extends \Zotlabs\Web\Controller {
 			// if the target item is not a post (eg a like) we want to address its thread parent
 
 			//$mid = ((($target_item['verb'] == ACTIVITY_LIKE) || ($target_item['verb'] == ACTIVITY_DISLIKE)) ? $target_item['thr_parent'] : $target_item['mid']);
-			$mid = $target_item['mid'];
 
 			// if we got a decoded hash we must encode it again before handing to javascript
-			if($decoded)
-				$mid = 'b64.' . base64url_encode($mid);
+			$mid = gen_link_id($target_item['mid']);
 
 			$o .= '<div id="live-display"></div>' . "\r\n";
 			$o .= "<script> var profile_uid = " . ((intval(local_channel())) ? local_channel() : (-1))
-				. "; var netargs = '?f='; var profile_page = " . \App::$pager['page'] . "; </script>\r\n";
+				. "; var netargs = '?f='; var profile_page = " . App::$pager['page'] . "; </script>\r\n";
 
-			\App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),array(
+			App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),array(
 				'$baseurl' => z_root(),
 				'$pgtype'  => 'display',
 				'$uid'     => '0',
@@ -215,7 +219,7 @@ class Display extends \Zotlabs\Web\Controller {
 				'$dm'      => '0',
 				'$nouveau' => '0',
 				'$wall'    => '0',
-				'$page'    => ((\App::$pager['page'] != 1) ? \App::$pager['page'] : 1),
+				'$page'    => ((App::$pager['page'] != 1) ? App::$pager['page'] : 1),
 				'$list'    => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0),
 				'$search'  => '',
 				'$xchan'   => '',
@@ -233,7 +237,7 @@ class Display extends \Zotlabs\Web\Controller {
 			head_add_link([
 				'rel'   => 'alternate',
 				'type'  => 'application/json+oembed',
-				'href'  => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string),
+				'href'  => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . App::$query_string),
 				'title' => 'oembed'
 			]);
 
@@ -243,89 +247,81 @@ class Display extends \Zotlabs\Web\Controller {
 		$item_normal = item_normal();
 		$item_normal_update = item_normal_update();
 
-		$sql_extra = public_permissions_sql($observer_hash);
+		$sql_extra = ((local_channel()) ? EMPTY_STR : item_permissions_sql(0, $observer_hash));
 
 		if($noscript_content || $load) {
 
-			$r = null;
-
 			require_once('include/channel.php');
 			$sys = get_sys_channel();
-			$sysid = $sys['channel_id'];
+			// in case somebody turned off public access to sys channel content using permissions
+			// make that content unsearchable by ensuring the owner uid can't match
+			$sys_id = perm_is_allowed($sys['channel_id'], $observer_hash, 'view_stream') ? $sys['channel_id'] : 0;
+
+			$r = null;
 
 			if(local_channel()) {
-				$r = q("SELECT item.id as item_id from item WHERE uid = %d and mid = '%s' $item_normal limit 1",
+				$r = q("SELECT item.id AS item_id FROM item WHERE uid = %d AND mid = '%s' $item_normal LIMIT 1",
+					intval(local_channel()),
+					dbesc($target_item['parent_mid'])
+				);
+			}
+
+			if(!$r) {
+				$r = q("SELECT item.id AS item_id FROM item
+					WHERE ((mid = '%s'
+					AND (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid  = ''
+					AND item.deny_gid  = '' AND item_private = 0 )
+					AND uid IN ( " . stream_perms_api_uids(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " ))
+					OR uid = %d ))) OR
+					(mid = '%s' $sql_extra ))
+					$item_normal
+					limit 1",
+					dbesc($target_item['parent_mid']),
+					intval($sys_id),
+					dbesc($target_item['parent_mid'])
+				);
+			}
+		}
+
+		elseif($update && !$load) {
+			require_once('include/channel.php');
+			$sys = get_sys_channel();
+			// in case somebody turned off public access to sys channel content using permissions
+			// make that content unsearchable by ensuring the owner uid can't match
+			$sys_id = perm_is_allowed($sys['channel_id'], $observer_hash, 'view_stream') ? $sys['channel_id'] : 0;
+
+			$r = null;
+			if(local_channel()) {
+				$r = q("SELECT item.parent AS item_id from item
+					WHERE uid = %d
+					AND parent_mid = '%s'
+					$item_normal_update
+					$simple_update
+					LIMIT 1",
 					intval(local_channel()),
 					dbesc($target_item['parent_mid'])
 				);
 			}
 
 			if(! $r) {
-
-				// in case somebody turned off public access to sys channel content using permissions
-				// make that content unsearchable by ensuring the owner uid can't match
-
-				if(! perm_is_allowed($sysid,$observer_hash,'view_stream'))
-					$sysid = 0;
-
 				$r = q("SELECT item.id as item_id from item
-					WHERE ( (mid = '%s'
-					AND (((( item.allow_cid = ''  AND item.allow_gid = '' AND item.deny_cid  = ''
+					WHERE ((parent_mid = '%s'
+					AND (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid  = ''
 					AND item.deny_gid  = '' AND item_private = 0 )
 					and uid in ( " . stream_perms_api_uids(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " ))
-					OR uid = %d ) ) ) OR
-					(mid = '%s' $sql_extra ) )
+					OR uid = %d ))) OR
+					(parent_mid = '%s' $sql_extra ))
 					$item_normal
 					limit 1",
 					dbesc($target_item['parent_mid']),
-					intval($sysid),
+					intval($sys_id),
 					dbesc($target_item['parent_mid'])
 				);
-
-
-			}
-		}
-
-		elseif($update && !$load) {
-			$r = null;
-
-			require_once('include/channel.php');
-			$sys = get_sys_channel();
-			$sysid = $sys['channel_id'];
-			if(local_channel()) {
-				$r = q("SELECT item.parent AS item_id from item
-					WHERE uid = %d
-					and parent_mid = '%s'
-					$item_normal_update
-					$simple_update
-					limit 1",
-					intval(local_channel()),
-					dbesc($target_item['parent_mid'])
-				);
-			}
-			if($r === null) {
-				// in case somebody turned off public access to sys channel content using permissions
-				// make that content unsearchable by ensuring the owner_xchan can't match
-				if(! perm_is_allowed($sysid,$observer_hash,'view_stream'))
-					$sysid = 0;
-				$r = q("SELECT item.parent AS item_id from item
-					WHERE parent_mid = '%s'
-					AND (((( item.allow_cid = ''  AND item.allow_gid = '' AND item.deny_cid  = ''
-					AND item.deny_gid  = '' AND item_private = 0 )
-					and uid in ( " . stream_perms_api_uids(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " ))
-					OR uid = %d )
-					$sql_extra )
-					$item_normal_update
-					$simple_update
-					limit 1",
-					dbesc($target_item['parent_mid']),
-					intval($sysid)
-				);
 			}
 		}
 
 		else {
-			$r = array();
+			$r = [];
 		}
 
 		if($r) {
@@ -333,7 +329,7 @@ class Display extends \Zotlabs\Web\Controller {
 			if($parents_str) {
 				$items = q("SELECT item.*, item.id AS item_id
 					FROM item
-					WHERE parent in ( %s ) $item_normal ",
+					WHERE parent in ( %s ) $sql_extra $item_normal ",
 					dbesc($parents_str)
 				);
 				xchan_query($items);
@@ -363,7 +359,7 @@ class Display extends \Zotlabs\Web\Controller {
 				}
 				$o .= '</noscript>';
 
-				\App::$page['title'] = (($items[0]['title']) ? $items[0]['title'] . " - " . \App::$page['title'] : \App::$page['title']);
+				App::$page['title'] = (($items[0]['title']) ? $items[0]['title'] . " - " . App::$page['title'] : App::$page['title']);
 
 				$o .= conversation($items, 'display', $update, 'client');
 			}
@@ -376,12 +372,12 @@ class Display extends \Zotlabs\Web\Controller {
 				'$version'       => xmlify(\Zotlabs\Lib\System::get_project_version()),
 				'$generator'     => xmlify(\Zotlabs\Lib\System::get_platform_name()),
 				'$generator_uri' => 'https://hubzilla.org',
-				'$feed_id'       => xmlify(\App::$cmd),
+				'$feed_id'       => xmlify(App::$cmd),
 				'$feed_title'    => xmlify(t('Article')),
 				'$feed_updated'  => xmlify(datetime_convert('UTC', 'UTC', 'now', ATOM_TIME)),
 				'$author'        => '',
 				'$owner'         => '',
-				'$profile_page'  => xmlify(z_root() . '/display/' . $target_item['mid']),
+				'$profile_page'  => xmlify(z_root() . '/display/' . gen_link_id($target_item['mid'])),
 			));
 
 			$x = [ 'xml' => $atom, 'channel' => $channel, 'observer_hash' => $observer_hash, 'params' => $params ];

Zotlabs/Module/Dreport.php

@@ -5,33 +5,21 @@ namespace Zotlabs\Module;
 class Dreport extends \Zotlabs\Web\Controller {
 
 	function get() {
-	
+
 		if(! local_channel()) {
 			notice( t('Permission denied') . EOL);
 			return;
 		}
-	
-		$table = 'item';
-	
-		$channel = \App::get_channel();
-		
-		$mid = ((argc() > 1) ? argv(1) : '');
-		$encoded_mid = '';
 
-		if(strpos($mid,'b64.') === 0) {
-			$encoded_mid = $mid;
-			$mid = @base64url_decode(substr($mid,4));
-		}
+		$table = 'item';
+		$channel = \App::get_channel();
+		$mid = ((argc() > 1) ? unpack_link_id(argv(1)) : '');
+
 		if($mid === 'push') {
 			$table = 'push';
-			$mid = ((argc() > 2) ? argv(2) : '');
+			$mid = ((argc() > 2) ? unpack_link_id(argv(2)) : '');
 
-			if(strpos($mid,'b64.') === 0) {
-				$encoded_mid = $mid;
-				$mid = @base64url_decode(substr($mid,4));
-			}
-
-			if($mid) {	
+			if($mid) {
 				$i = q("select id from item where mid = '%s' and uid = %d and ( author_xchan = '%s' or ( owner_xchan = '%s' and item_wall = 1 )) ",
 					dbesc($mid),
 					intval($channel['channel_id']),
@@ -43,23 +31,14 @@ class Dreport extends \Zotlabs\Web\Controller {
 				}
 			}
 			sleep(3);
-			goaway(z_root() . '/dreport/' . (($encoded_mid) ? $encoded_mid : $mid));
+			goaway(z_root() . '/dreport/' . gen_link_id($mid));
 		}
 
-		if($mid === 'mail') {
-			$table = 'mail';
-			$mid = ((argc() > 2) ? argv(2) : '');
-			if(strpos($mid,'b64.') === 0)
-				$mid = @base64url_decode(substr($mid,4));
-
-		}
-	
-	
 		if(! $mid) {
 			notice( t('Invalid message') . EOL);
 			return;
 		}
-	
+
 		switch($table) {
 			case 'item':
 				$i = q("select id from item where mid = '%s' and ( author_xchan = '%s' or ( owner_xchan = '%s' and item_wall = 1 )) ",
@@ -68,39 +47,33 @@ class Dreport extends \Zotlabs\Web\Controller {
 					dbesc($channel['channel_hash'])
 				);
 				break;
-			case 'mail':
-				$i = q("select id from mail where mid = '%s' and from_xchan = '%s'",
-					dbesc($mid),
-					dbesc($channel['channel_hash'])
-				);
-				break;
 			default:
 				break;
 		}
-	
+
 		if(! $i) {
 			notice( t('Permission denied') . EOL);
 			return;
 		}
-		
-		$r = q("select * from dreport where (dreport_xchan = '%s' or dreport_xchan = '%s') and dreport_mid = '%s'",
+
+		$r = q("select * from dreport where dreport_xchan = '%s' and (dreport_mid = '%s' or dreport_mid = '%s')",
 			dbesc($channel['channel_hash']),
-			dbesc($channel['channel_portable_id']),
-			dbesc($mid)
+			dbesc($mid),
+			dbesc(str_replace('/item/', '/activity/', $mid))
 		);
-	
+
 		if(! $r) {
 			notice( t('no results') . EOL);
 //			return;
 		}
-		
+
 		for($x = 0; $x < count($r); $x++ ) {
-	
+
 			// This has two purposes: 1. make the delivery report strings translateable, and
 			// 2. assign an ordering to item delivery results so we can group them and provide
 			// a readable report with more interesting events listed toward the top and lesser
 			// interesting items towards the bottom
-	
+
 			switch($r[$x]['dreport_result']) {
 				case 'channel sync processed':
 					$r[$x]['gravity'] = 0;
@@ -132,27 +105,18 @@ class Dreport extends \Zotlabs\Web\Controller {
 				case 'recipient not found':
 					$r[$x]['dreport_result'] = t('recipient not found');
 					break;
-				case 'mail recalled':
-					$r[$x]['dreport_result'] = t('mail recalled');
-					break;
-				case 'duplicate mail received':
-					$r[$x]['dreport_result'] = t('duplicate mail received');
-					break;
-				case 'mail delivered':
-					$r[$x]['dreport_result'] = t('mail delivered');
-					break;
 				default:
 					$r[$x]['gravity'] = 1;
 					break;
 			}
 		}
-	
+
 		usort($r,'self::dreport_gravity_sort');
 
 		$entries = array();
 		foreach($r as $rr) {
-			$entries[] = [ 
-				'name' => escape_tags($rr['dreport_name'] ?: $rr['dreport_recip']),					
+			$entries[] = [
+				'name' => escape_tags($rr['dreport_name'] ?: $rr['dreport_recip']),
 				'result' => escape_tags($rr['dreport_result']),
 				'time' => escape_tags(datetime_convert('UTC',date_default_timezone_get(),$rr['dreport_time']))
 			];
@@ -167,14 +131,14 @@ class Dreport extends \Zotlabs\Web\Controller {
 			'$push' => t('Redeliver'),
 			'$entries' => $entries
 		));
-	
-	
+
+
 		return $o;
-	
-	
-	
+
+
+
 	}
-	
+
 	private static function dreport_gravity_sort($a,$b) {
 		if($a['gravity'] == $b['gravity']) {
 			if($a['dreport_name'] === $b['dreport_name'])
@@ -183,5 +147,5 @@ class Dreport extends \Zotlabs\Web\Controller {
 		}
 		return (($a['gravity'] > $b['gravity']) ? 1 : (-1));
 	}
-	
+
 }

Zotlabs/Module/Events.php

@@ -1,750 +0,0 @@
-<?php
-namespace Zotlabs\Module;
-
-require_once('include/conversation.php');
-require_once('include/bbcode.php');
-require_once('include/datetime.php');
-require_once('include/event.php');
-require_once('include/items.php');
-require_once('include/html2plain.php');
-
-class Events extends \Zotlabs\Web\Controller {
-
-	function post() {
-
-		// this module is deprecated
-		return;
-	
-		logger('post: ' . print_r($_REQUEST,true), LOGGER_DATA);
-	
-		if(! local_channel())
-			return;
-	
-		if(($_FILES) && array_key_exists('userfile',$_FILES) && intval($_FILES['userfile']['size'])) {
-			$src = $_FILES['userfile']['tmp_name'];
-			if($src) {
-				$result = parse_ical_file($src,local_channel());
-				if($result)
-					info( t('Calendar entries imported.') . EOL);
-				else
-					notice( t('No calendar entries found.') . EOL);
-				@unlink($src);
-			}
-			goaway(z_root() . '/events');
-		}
-	
-	
-		$event_id = ((x($_POST,'event_id')) ? intval($_POST['event_id']) : 0);
-		$event_hash = ((x($_POST,'event_hash')) ? $_POST['event_hash'] : '');
-	
-		$xchan = ((x($_POST,'xchan')) ? dbesc($_POST['xchan']) : '');
-		$uid      = local_channel();
-	
-		$start_text = escape_tags($_REQUEST['start_text']);
-		$finish_text = escape_tags($_REQUEST['finish_text']);
-	
-		$adjust   = intval($_POST['adjust']);
-		$nofinish = intval($_POST['nofinish']);
-	
-		$timezone = ((x($_POST,'timezone_select')) ? notags(trim($_POST['timezone_select']))     : '');
-
-		$tz = (($timezone) ? $timezone : date_default_timezone_get());
-
-		$categories = escape_tags(trim($_POST['category']));
-	
-		// only allow editing your own events. 
-	
-		if(($xchan) && ($xchan !== get_observer_hash()))
-			return;
-	
-		if($start_text) {
-			$start = $start_text;
-		}
-		else {
-			$start = sprintf('%d-%d-%d %d:%d:0',$startyear,$startmonth,$startday,$starthour,$startminute);
-		}
-	
-	
-		if($finish_text) {
-			$finish = $finish_text;
-		}
-		else {
-			$finish = sprintf('%d-%d-%d %d:%d:0',$finishyear,$finishmonth,$finishday,$finishhour,$finishminute);
-		}
-
-		if($nofinish) {
-			$finish = NULL_DATE;
-		}
-
-	
-		if($adjust) {
-			$start = datetime_convert($tz,'UTC',$start);
-			if(! $nofinish)
-				$finish = datetime_convert($tz,'UTC',$finish);
-		}
-		else {
-			$start = datetime_convert('UTC','UTC',$start);
-			if(! $nofinish)
-				$finish = datetime_convert('UTC','UTC',$finish);
-		}
-	
-		// Don't allow the event to finish before it begins.
-		// It won't hurt anything, but somebody will file a bug report
-		// and we'll waste a bunch of time responding to it. Time that 
-		// could've been spent doing something else. 
-	
-	
-		$summary  = escape_tags(trim($_POST['summary']));
-		$desc     = escape_tags(trim($_POST['desc']));
-		$location = escape_tags(trim($_POST['location']));
-		$type     = escape_tags(trim($_POST['type']));
-	
-		require_once('include/text.php');
-		linkify_tags($desc, local_channel());
-		linkify_tags($location, local_channel());
-	
-		//$action = ($event_hash == '') ? 'new' : "event/" . $event_hash;
-	
-		//fixme: this url gives a wsod if there is a linebreak detected in one of the variables ($desc or $location)
-		//$onerror_url = z_root() . "/events/" . $action . "?summary=$summary&description=$desc&location=$location&start=$start_text&finish=$finish_text&adjust=$adjust&nofinish=$nofinish&type=$type";
-		$onerror_url = z_root() . "/events";
-	
-		if(strcmp($finish,$start) < 0 && !$nofinish) {
-			notice( t('Event can not end before it has started.') . EOL);
-			if(intval($_REQUEST['preview'])) {
-				echo( t('Unable to generate preview.'));
-				killme();
-			}
-			goaway($onerror_url);
-		}
-	
-		if((! $summary) || (! $start)) {
-			notice( t('Event title and start time are required.') . EOL);
-			if(intval($_REQUEST['preview'])) {
-				echo( t('Unable to generate preview.'));
-				killme();
-			}
-			goaway($onerror_url);
-		}
-	
-		//		$share = ((intval($_POST['distr'])) ? intval($_POST['distr']) : 0);
-
-		$share = 1;	
-
-		$channel = \App::get_channel();
-	
-		$acl = new \Zotlabs\Access\AccessList(false);
-	
-		if($event_id) {
-			$x = q("select * from event where id = %d and uid = %d limit 1",
-				intval($event_id),
-				intval(local_channel())
-			);
-			if(! $x) {
-				notice( t('Event not found.') . EOL);
-				if(intval($_REQUEST['preview'])) {
-					echo( t('Unable to generate preview.'));
-					killme();
-				}
-				return;
-			}
-	
-			$acl->set($x[0]);
-	
-			$created = $x[0]['created'];
-			$edited = datetime_convert();
-	
-			if($x[0]['allow_cid'] === '<' . $channel['channel_hash'] . '>' 
-				&& $x[0]['allow_gid'] === '' && $x[0]['deny_cid'] === '' && $x[0]['deny_gid'] === '') {
-				$share = false;
-			}
-			else {
-				$share = true;
-			}
-		}
-		else {
-			$created = $edited = datetime_convert();
-			if($share) {
-				$acl->set_from_array($_POST);
-			}
-			else {
-				$acl->set(array('allow_cid' => '<' . $channel['channel_hash'] . '>', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => ''));
-			}
-		}
-	
-		$post_tags = array();
-		$channel = \App::get_channel();
-		$ac = $acl->get();
-	
-		if(strlen($categories)) {
-			$cats = explode(',',$categories);
-			foreach($cats as $cat) {
-				$post_tags[] = array(
-					'uid'   => $profile_uid, 
-					'ttype' => TERM_CATEGORY,
-					'otype' => TERM_OBJ_POST,
-					'term'  => trim($cat),
-					'url'   => $channel['xchan_url'] . '?f=&cat=' . urlencode(trim($cat))
-				);
-			}
-		}
-	
-		$datarray = array();
-		$datarray['dtstart'] = $start;
-		$datarray['dtend'] = $finish;
-		$datarray['summary'] = $summary;
-		$datarray['description'] = $desc;
-		$datarray['location'] = $location;
-		$datarray['etype'] = $type;
-		$datarray['adjust'] = $adjust;
-		$datarray['nofinish'] = $nofinish;
-		$datarray['uid'] = local_channel();
-		$datarray['account'] = get_account_id();
-		$datarray['event_xchan'] = $channel['channel_hash'];
-		$datarray['allow_cid'] = $ac['allow_cid'];
-		$datarray['allow_gid'] = $ac['allow_gid'];
-		$datarray['deny_cid'] = $ac['deny_cid'];
-		$datarray['deny_gid'] = $ac['deny_gid'];
-		$datarray['private'] = (($acl->is_private()) ? 1 : 0);
-		$datarray['id'] = $event_id;
-		$datarray['created'] = $created;
-		$datarray['edited'] = $edited;
-	
-		if(intval($_REQUEST['preview'])) {
-			$html = format_event_html($datarray);
-			echo $html;
-			killme();
-		}
-	
-		$event = event_store_event($datarray);
-	
-		if($post_tags)	
-			$datarray['term'] = $post_tags;
-	
-		$item_id = event_store_item($datarray,$event);
-	
-		if($item_id) {
-			$r = q("select * from item where id = %d",
-				intval($item_id)
-			);
-			if($r) {
-				xchan_query($r);
-				$sync_item = fetch_post_tags($r);
-				$z = q("select * from event where event_hash = '%s' and uid = %d limit 1",
-					dbesc($r[0]['resource_id']),
-					intval($channel['channel_id'])
-				);
-				if($z) {
-					build_sync_packet($channel['channel_id'],array('event_item' => array(encode_item($sync_item[0],true)),'event' => $z));
-				}
-			}
-		}
-	
-		if($share)
-			\Zotlabs\Daemon\Master::Summon(array('Notifier','event',$item_id));
-	
-	}
-	
-	
-	
-	function get() {
-
-		// this module is deprecated
-		return;
-	
-		if(argc() > 2 && argv(1) == 'ical') {
-			$event_id = argv(2);
-	
-			require_once('include/security.php');
-			$sql_extra = permissions_sql(local_channel());
-	
-			$r = q("select * from event where event_hash = '%s' $sql_extra limit 1",
-				dbesc($event_id)
-			);
-			if($r) { 
-				header('Content-type: text/calendar');
-				header('content-disposition: attachment; filename="' . t('event') . '-' . $event_id . '.ics"' );
-				echo ical_wrapper($r);
-				killme();
-			}
-			else {
-				notice( t('Event not found.') . EOL );
-				return;
-			}
-		}
-	
-		if(! local_channel()) {
-			notice( t('Permission denied.') . EOL);
-			return;
-		}
-
-		\App::$profile_uid = local_channel();
-		nav_set_selected('Events');
-
-	
-		if((argc() > 2) && (argv(1) === 'ignore') && intval(argv(2))) {
-			$r = q("update event set dismissed = 1 where id = %d and uid = %d",
-				intval(argv(2)),
-				intval(local_channel())
-			);
-		}
-	
-		if((argc() > 2) && (argv(1) === 'unignore') && intval(argv(2))) {
-			$r = q("update event set dismissed = 0 where id = %d and uid = %d",
-				intval(argv(2)),
-				intval(local_channel())
-			);
-		}
-	
-		$first_day = feature_enabled(local_channel(), 'events_cal_first_day');
-		$first_day = (($first_day) ? $first_day : 0);
-	
-		$htpl = get_markup_template('event_head.tpl');
-		\App::$page['htmlhead'] .= replace_macros($htpl,array(
-			'$baseurl' => z_root(),
-			'$module_url' => '/events',
-			'$modparams' => 1,
-			'$lang' => \App::$language,
-			'$first_day' => $first_day
-		));
-	
-		$o = '';
-	
-		$channel = \App::get_channel();
-	
-		$mode = 'view';
-		$y = 0;
-		$m = 0;
-		$ignored = ((x($_REQUEST,'ignored')) ? " and dismissed = " . intval($_REQUEST['ignored']) . " "  : '');
-	
-	
-		// logger('args: ' . print_r(\App::$argv,true));
-	
-	
-	
-		if(argc() > 1) {
-			if(argc() > 2 && argv(1) === 'add') {
-				$mode = 'add';
-				$item_id = intval(argv(2));
-			}
-			if(argc() > 2 && argv(1) === 'drop') {
-				$mode = 'drop';
-				$event_id = argv(2);
-			}
-			if(argc() > 2 && intval(argv(1)) && intval(argv(2))) {
-				$mode = 'view';
-				$y = intval(argv(1));
-				$m = intval(argv(2));
-			}
-			if(argc() <= 2) {
-				$mode = 'view';
-				$event_id = argv(1);
-			}
-		}
-	
-		if($mode === 'add') {
-			event_addtocal($item_id,local_channel());
-			killme();
-		}
-	
-		if($mode == 'view') {
-	
-			/* edit/create form */
-			if($event_id) {
-				$r = q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1",
-					dbesc($event_id),
-					intval(local_channel())
-				);
-				if(count($r))
-					$orig_event = $r[0];
-			}
-	
-			$channel = \App::get_channel();
-	
-			// Passed parameters overrides anything found in the DB
-			if(!x($orig_event))
-				$orig_event = array();
-	
-			// In case of an error the browser is redirected back here, with these parameters filled in with the previous values
-			/*
-			if(x($_REQUEST,'nofinish')) $orig_event['nofinish'] = $_REQUEST['nofinish'];
-			if(x($_REQUEST,'adjust')) $orig_event['adjust'] = $_REQUEST['adjust'];
-			if(x($_REQUEST,'summary')) $orig_event['summary'] = $_REQUEST['summary'];
-			if(x($_REQUEST,'description')) $orig_event['description'] = $_REQUEST['description'];
-			if(x($_REQUEST,'location')) $orig_event['location'] = $_REQUEST['location'];
-			if(x($_REQUEST,'start')) $orig_event['dtstart'] = $_REQUEST['start'];
-			if(x($_REQUEST,'finish')) $orig_event['dtend'] = $_REQUEST['finish'];
-			if(x($_REQUEST,'type')) $orig_event['etype'] = $_REQUEST['type'];
-			*/
-	
-			$n_checked = ((x($orig_event) && $orig_event['nofinish']) ? ' checked="checked" ' : '');
-			$a_checked = ((x($orig_event) && $orig_event['adjust']) ? ' checked="checked" ' : '');
-			$t_orig = ((x($orig_event)) ? $orig_event['summary'] : '');
-			$d_orig = ((x($orig_event)) ? $orig_event['description'] : '');
-			$l_orig = ((x($orig_event)) ? $orig_event['location'] : '');
-			$eid = ((x($orig_event)) ? $orig_event['id'] : 0);
-			$event_xchan = ((x($orig_event)) ? $orig_event['event_xchan'] : $channel['channel_hash']);
-			$mid = ((x($orig_event)) ? $orig_event['mid'] : '');
-	
-			if(! x($orig_event)) {
-				$sh_checked = '';
-				$a_checked = ' checked="checked" ';
-			}
-			else {
-				$sh_checked = ((($orig_event['allow_cid'] === '<' . $channel['channel_hash'] . '>' || (! $orig_event['allow_cid'])) && (! $orig_event['allow_gid']) && (! $orig_event['deny_cid']) && (! $orig_event['deny_gid'])) ? '' : ' checked="checked" ' );
-			}
-
-			if($orig_event['event_xchan'])
-				$sh_checked .= ' disabled="disabled" ';
-	
-			$sdt = ((x($orig_event)) ? $orig_event['dtstart'] : 'now');
-	
-			$fdt = ((x($orig_event)) ? $orig_event['dtend'] : '+1 hour');
-	
-			$tz = date_default_timezone_get();
-			if(x($orig_event))
-				$tz = (($orig_event['adjust']) ? date_default_timezone_get() : 'UTC');
-	
-			$syear = datetime_convert('UTC', $tz, $sdt, 'Y');
-			$smonth = datetime_convert('UTC', $tz, $sdt, 'm');
-			$sday = datetime_convert('UTC', $tz, $sdt, 'd');
-			$shour = datetime_convert('UTC', $tz, $sdt, 'H');
-			$sminute = datetime_convert('UTC', $tz, $sdt, 'i');
-	
-			$stext = datetime_convert('UTC',$tz,$sdt);
-			$stext = substr($stext,0,14) . "00:00";
-	
-			$fyear = datetime_convert('UTC', $tz, $fdt, 'Y');
-			$fmonth = datetime_convert('UTC', $tz, $fdt, 'm');
-			$fday = datetime_convert('UTC', $tz, $fdt, 'd');
-			$fhour = datetime_convert('UTC', $tz, $fdt, 'H');
-			$fminute = datetime_convert('UTC', $tz, $fdt, 'i');
-	
-			$ftext = datetime_convert('UTC',$tz,$fdt);
-			$ftext = substr($ftext,0,14) . "00:00";
-	
-			$type = ((x($orig_event)) ? $orig_event['etype'] : 'event');
-	
-			$f = get_config('system','event_input_format');
-			if(! $f)
-				$f = 'ymd';
-	
-			$catsenabled = feature_enabled(local_channel(),'categories');
-	
-			$category = '';
-	
-			if($catsenabled && x($orig_event)){
-				$itm = q("select * from item where resource_type = 'event' and resource_id = '%s' and uid = %d limit 1",
-					dbesc($orig_event['event_hash']),
-					intval(local_channel())
-				);
-				$itm = fetch_post_tags($itm);
-				if($itm) {
-					$cats = get_terms_oftype($itm[0]['term'], TERM_CATEGORY);
-					foreach ($cats as $cat) {
-						if(strlen($category))
-							$category .= ', ';
-						$category .= $cat['term'];
-	            			}
-				}
-			}
-	
-			require_once('include/acl_selectors.php');
-	
-			$acl = new \Zotlabs\Access\AccessList($channel);
-			$perm_defaults = $acl->get();
-
-			$permissions = ((x($orig_event)) ? $orig_event : $perm_defaults);
-
-			$tpl = get_markup_template('event_form.tpl');
-	
-			$form = replace_macros($tpl,array(
-				'$post' => z_root() . '/events',
-				'$eid' => $eid,
-				'$type' => $type,
-				'$xchan' => $event_xchan,
-				'$mid' => $mid,
-				'$event_hash' => $event_id,
-				'$summary' => array('summary', (($event_id) ? t('Edit event title') : t('Event title')), $t_orig, t('Required'), '*'),
-				'$catsenabled' => $catsenabled,
-				'$placeholdercategory' => t('Categories (comma-separated list)'),
-				'$c_text' => (($event_id) ? t('Edit Category') : t('Category')),
-				'$category' => $category,
-				'$required' => '<span class="required" title="' . t('Required') . '">*</span>',
-				'$s_dsel' => datetimesel($f,new \DateTime(),\DateTime::createFromFormat('Y',$syear+5),\DateTime::createFromFormat('Y-m-d H:i',"$syear-$smonth-$sday $shour:$sminute"), (($event_id) ? t('Edit start date and time') : t('Start date and time')), 'start_text',true,true,'','',true,$first_day),
-				'$n_text' => t('Finish date and time are not known or not relevant'),
-				'$n_checked' => $n_checked,
-				'$f_dsel' => datetimesel($f,new \DateTime(),\DateTime::createFromFormat('Y',$fyear+5),\DateTime::createFromFormat('Y-m-d H:i',"$fyear-$fmonth-$fday $fhour:$fminute"), (($event_id) ? t('Edit finish date and time') : t('Finish date and time')),'finish_text',true,true,'start_text','',false,$first_day),
-				'$nofinish' => array('nofinish', t('Finish date and time are not known or not relevant'), $n_checked, '', array(t('No'),t('Yes')), 'onclick="enableDisableFinishDate();"'),
-				'$adjust' => array('adjust', t('Adjust for viewer timezone'), $a_checked, t('Important for events that happen in a particular place. Not practical for global holidays.'), array(t('No'),t('Yes'))),
-				'$a_text' => t('Adjust for viewer timezone'),
-				'$d_text' => (($event_id) ? t('Edit Description') : t('Description')),
-				'$d_orig' => $d_orig,
-				'$l_text' => (($event_id) ? t('Edit Location') : t('Location')),
-				'$l_orig' => $l_orig,
-				'$t_orig' => $t_orig,
-				'$preview' => t('Preview'),
-				'$perms_label' => t('Permission settings'),
-				// populating the acl dialog was a permission description from view_stream because Cal.php, which
-				// displays events, says "since we don't currently have an event permission - use the stream permission"
-				'$acl' => (($orig_event['event_xchan']) ? '' : populate_acl(((x($orig_event)) ? $orig_event : $perm_defaults), false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'))),
-
-				'$allow_cid' => acl2json($permissions['allow_cid']),
-				'$allow_gid' => acl2json($permissions['allow_gid']),
-				'$deny_cid' => acl2json($permissions['deny_cid']),
-				'$deny_gid' => acl2json($permissions['deny_gid']),
-				'$tz_choose' => feature_enabled(local_channel(),'event_tz_select'),
-				'$timezone' => array('timezone_select' , t('Timezone:'), date_default_timezone_get(), '', get_timezones()),
-
-				'$lockstate' => (($acl->is_private()) ? 'lock' : 'unlock'),
-
-				'$submit' => t('Submit'),
-				'$advanced' => t('Advanced Options')
-	
-			));
-			/* end edit/create form */
-	
-			$thisyear = datetime_convert('UTC',date_default_timezone_get(),'now','Y');
-			$thismonth = datetime_convert('UTC',date_default_timezone_get(),'now','m');
-			if(! $y)
-				$y = intval($thisyear);
-			if(! $m)
-				$m = intval($thismonth);
-	
-			$export = false;
-			if(argc() === 4 && argv(3) === 'export')
-				$export = true;
-	
-			// Put some limits on dates. The PHP date functions don't seem to do so well before 1900.
-			// An upper limit was chosen to keep search engines from exploring links millions of years in the future. 
-	
-			if($y < 1901)
-				$y = 1900;
-			if($y > 2099)
-				$y = 2100;
-	
-			$nextyear = $y;
-			$nextmonth = $m + 1;
-			if($nextmonth > 12) {
-					$nextmonth = 1;
-				$nextyear ++;
-			}
-	
-			$prevyear = $y;
-			if($m > 1)
-				$prevmonth = $m - 1;
-			else {
-				$prevmonth = 12;
-				$prevyear --;
-			}
-				
-			$dim    = get_dim($y,$m);
-			$start  = sprintf('%d-%d-%d %d:%d:%d',$y,$m,1,0,0,0);
-			$finish = sprintf('%d-%d-%d %d:%d:%d',$y,$m,$dim,23,59,59);
-	
-	
-			if (argv(1) === 'json'){
-				if (x($_GET,'start'))	$start = $_GET['start'];
-				if (x($_GET,'end'))	$finish = $_GET['end'];
-			}
-	
-			$start  = datetime_convert('UTC','UTC',$start);
-			$finish = datetime_convert('UTC','UTC',$finish);
-	
-			$adjust_start = datetime_convert('UTC', date_default_timezone_get(), $start);
-			$adjust_finish = datetime_convert('UTC', date_default_timezone_get(), $finish);
-	
-			if (x($_GET,'id')){
-			  	$r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan
-	                                from event left join item on resource_id = event_hash where resource_type = 'event' and event.uid = %d and event.id = %d limit 1",
-					intval(local_channel()),
-					intval($_GET['id'])
-				);
-			} elseif($export) {
-				$r = q("SELECT * from event where uid = %d
-					AND (( adjust = 0 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' ) 
-					OR  (  adjust = 1 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' )) ",
-					intval(local_channel()),
-					dbesc($start),
-					dbesc($finish),
-					dbesc($adjust_start),
-					dbesc($adjust_finish)
-				);
-			}
-			else {
-				// fixed an issue with "nofinish" events not showing up in the calendar.
-				// There's still an issue if the finish date crosses the end of month.
-				// Noting this for now - it will need to be fixed here and in Friendica.
-				// Ultimately the finish date shouldn't be involved in the query. 
-
-				$r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan
-	                              from event left join item on event_hash = resource_id 
-					where resource_type = 'event' and event.uid = %d and event.uid = item.uid $ignored 
-					AND (( adjust = 0 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' ) 
-					OR  (  adjust = 1 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' )) ",
-					intval(local_channel()),
-					dbesc($start),
-					dbesc($finish),
-					dbesc($adjust_start),
-					dbesc($adjust_finish)
-				);
-			}
-	
-			$links = array();
-	
-			if($r && ! $export) {
-				xchan_query($r);
-				$r = fetch_post_tags($r,true);
-	
-				$r = sort_by_date($r);
-			}
-	
-			if($r) {
-				foreach($r as $rr) {
-					$j = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtstart'], 'j') : datetime_convert('UTC','UTC',$rr['dtstart'],'j'));
-					if(! x($links,$j)) 
-						$links[$j] = z_root() . '/' . \App::$cmd . '#link-' . $j;
-				}
-			}
-	
-			$events=array();
-	
-			$last_date = '';
-			$fmt = t('l, F j');
-	
-			if($r) {
-	
-				foreach($r as $rr) {
-					
-					$j = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtstart'], 'j') : datetime_convert('UTC','UTC',$rr['dtstart'],'j'));
-					$d = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtstart'], $fmt) : datetime_convert('UTC','UTC',$rr['dtstart'],$fmt));
-					$d = day_translate($d);
-					
-					$start = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtstart'], 'c') : datetime_convert('UTC','UTC',$rr['dtstart'],'c'));
-					if ($rr['nofinish']){
-						$end = null;
-					} else {
-						$end = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtend'], 'c') : datetime_convert('UTC','UTC',$rr['dtend'],'c'));
-
-						// give a fake end to birthdays so they get crammed into a 
-						// single day on the calendar
-
-						if($rr['etype'] === 'birthday')
-							$end = null;
-					}
-					
-					
-					$is_first = ($d !== $last_date);
-						
-					$last_date = $d;
-	
-					$edit = ((local_channel() && $rr['author_xchan'] == get_observer_hash()) ? array(z_root().'/events/'.$rr['event_hash'].'?expandform=1',t('Edit event'),'','') : false);
-	
-					$drop = array(z_root().'/events/drop/'.$rr['event_hash'],t('Delete event'),'','');
-	
-					$title = strip_tags(html_entity_decode(zidify_links(bbcode($rr['summary'])),ENT_QUOTES,'UTF-8'));
-					if(! $title) {
-						list($title, $_trash) = explode("<br",bbcode($rr['desc']),2);
-						$title = strip_tags(html_entity_decode($title,ENT_QUOTES,'UTF-8'));
-					}
-					$html = format_event_html($rr);
-					$rr['desc'] = zidify_links(smilies(bbcode($rr['desc'])));
-					$rr['description'] = htmlentities(html2plain(bbcode($rr['description'])),ENT_COMPAT,'UTF-8',false);
-					$rr['location'] = zidify_links(smilies(bbcode($rr['location'])));
-					$events[] = array(
-						'id'=>$rr['id'],
-						'hash' => $rr['event_hash'],
-						'start'=> $start,
-						'end' => $end,
-						'drop' => $drop,
-						'allDay' => false,
-						'title' => $title,
-						
-						'j' => $j,
-						'd' => $d,
-						'edit' => $edit,
-						'is_first'=>$is_first,
-						'item'=>$rr,
-						'html'=>$html,
-						'plink' => array($rr['plink'],t('Link to Source'),'',''),
-					);
-
-				}
-			}
-
-			if($export) {
-				header('Content-type: text/calendar');
-				header('content-disposition: attachment; filename="' . t('calendar') . '-' . $channel['channel_address'] . '.ics"' );
-				echo ical_wrapper($r);
-				killme();
-			}
-	
-			if (\App::$argv[1] === 'json'){
-				echo json_encode($events); killme();
-			}
-			
-			// links: array('href', 'text', 'extra css classes', 'title')
-			if (x($_GET,'id')){
-				$tpl =  get_markup_template("event.tpl");
-			} 
-			else {
-				$tpl = get_markup_template("events-js.tpl");
-			}
-	
-			$o = replace_macros($tpl, array(
-				'$baseurl'	=> z_root(),
-				'$new_event'	=> array(z_root().'/events',(($event_id) ? t('Edit Event') : t('Create Event')),'',''),
-				'$previus'	=> array(z_root()."/events/$prevyear/$prevmonth",t('Previous'),'',''),
-				'$next'		=> array(z_root()."/events/$nextyear/$nextmonth",t('Next'),'',''),
-				'$export'	=> array(z_root()."/events/$y/$m/export",t('Export'),'',''),
-				'$calendar'	=> cal($y,$m,$links, ' eventcal'),
-				'$events'	=> $events,
-				'$view_label'   => t('View'),
-				'$month'        => t('Month'),
-				'$week'         => t('Week'),
-				'$day'          => t('Day'),
-				'$prev'		=> t('Previous'),
-				'$next'		=> t('Next'),
-				'$today'	=> t('Today'),
-				'$form'		=> $form,
-				'$expandform'	=> ((x($_GET,'expandform')) ? true : false),
-			));
-			
-			if (x($_GET,'id')){ echo $o; killme(); }
-			
-			return $o;
-		}
-	
-		if($mode === 'drop' && $event_id) {
-			$r = q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1",
-				dbesc($event_id),
-				intval(local_channel())
-			);
-	
-			$sync_event = $r[0];
-	
-			if($r) {
-				$r = q("delete from event where event_hash = '%s' and uid = %d",
-					dbesc($event_id),
-					intval(local_channel())
-				);
-				if($r) {
-					$r = q("update item set resource_type = '', resource_id = '' where resource_type = 'event' and resource_id = '%s' and uid = %d",
-						dbesc($event_id),
-						intval(local_channel())
-					);
-					$sync_event['event_deleted'] = 1;
-					build_sync_packet(0,array('event' => array($sync_event)));
-	
-					info( t('Event removed') . EOL);
-				}
-				else {
-					notice( t('Failed to remove event' ) . EOL);
-				}
-				goaway(z_root() . '/events');
-			}
-		}
-	
-	}
-	
-}

Zotlabs/Module/Fhublocs.php

@@ -3,7 +3,6 @@ namespace Zotlabs\Module;
 
 use Zotlabs\Lib\Libzot;
 
-require_once('include/zot.php');
 require_once('include/crypto.php');
 
 /* fix missing or damaged hublocs */
@@ -59,23 +58,6 @@ class Fhublocs extends \Zotlabs\Web\Controller {
 
 				// Create a verified hub location pointing to this site.
 
-/*
-				$h = hubloc_store_lowlevel(
-					[
-						'hubloc_guid'     => $rr['channel_guid'],
-						'hubloc_guid_sig' => $rr['channel_guid_sig'],
-						'hubloc_hash'     => $rr['channel_hash'],
-						'hubloc_addr'     => channel_reddress($rr),
-						'hubloc_network'  => 'zot',
-						'hubloc_primary'  => $primary,
-						'hubloc_url'      => z_root(),
-						'hubloc_url_sig'  => base64url_encode(Crypto::sign(z_root(),$rr['channel_prvkey'])),
-						'hubloc_host'     => \App::get_hostname(),
-						'hubloc_callback' => z_root() . '/post',
-						'hubloc_sitekey'  => $sitekey
-					]
-				);
-*/
 				$h = hubloc_store_lowlevel(
 					[
 						'hubloc_guid'     => $rr['channel_guid'],

Zotlabs/Module/File_upload.php

@@ -99,6 +99,9 @@ class File_upload extends \Zotlabs\Web\Controller {
 			}
 		}
 
+		if(is_ajax())
+			killme();
+
 		goaway(z_root() . '/' . $_REQUEST['return_url']);
 
 	}

Zotlabs/Module/Follow.php

@@ -14,7 +14,7 @@ use Zotlabs\Daemon\Master;
 class Follow extends Controller {
 
 	function init() {
-	
+
 		if (ActivityStreams::is_as_request() && argc() == 2) {
 
 			$abook_id = intval(argv(1));
@@ -73,11 +73,11 @@ class Follow extends Controller {
 		$url = notags(trim(punify($_REQUEST['url'])));
 		$return_url = $_SESSION['return_url'];
 		$confirm = intval($_REQUEST['confirm']);
-		$interactive = (($_REQUEST['interactive']) ? intval($_REQUEST['interactive']) : 1);	
+		$interactive = (($_REQUEST['interactive']) ? intval($_REQUEST['interactive']) : 1);
 		$channel = App::get_channel();
 
 		$result = Connect::connect($channel,$url);
-		
+
 		if ($result['success'] == false) {
 			if ($result['message']) {
 				notice($result['message']);
@@ -89,9 +89,9 @@ class Follow extends Controller {
 				json_return_and_die($result);
 			}
 		}
-	
+
 		info( t('Connection added.') . EOL);
-	
+
 		$clone = array();
 		foreach ($result['abook'] as $k => $v) {
 			if (strpos($k,'abook_') === 0) {
@@ -101,30 +101,30 @@ class Follow extends Controller {
 		unset($clone['abook_id']);
 		unset($clone['abook_account']);
 		unset($clone['abook_channel']);
-	
+
 		$abconfig = load_abconfig($channel['channel_id'],$clone['abook_xchan']);
 		if ($abconfig) {
 			$clone['abconfig'] = $abconfig;
 		}
 		Libsync::build_sync_packet(0, [ 'abook' => [ $clone ] ], true);
-	
-		$can_view_stream = their_perms_contains($channel['channel_id'],$clone['abook_xchan'],'view_stream');
-	
+
+		$can_view_stream = intval(get_abconfig($channel['channel_id'], $clone['abook_xchan'], 'their_perms', 'view_stream'));
+
 		// If we can view their stream, pull in some posts
-	
+
 		if (($can_view_stream) || ($result['abook']['xchan_network'] === 'rss')) {
 			Master::Summon([ 'Onepoll', $result['abook']['abook_id'] ]);
 		}
-	
+
 		if ($interactive) {
-			goaway(z_root() . '/connedit/' . $result['abook']['abook_id'] . '?follow=1');
+			goaway(z_root() . '/connections#' . $result['abook']['abook_id']);
 		}
 		else {
 			json_return_and_die([ 'success' => true ]);
 		}
-	
+
 	}
-	
+
 	function get() {
 		if (! local_channel()) {
 			return login();

Zotlabs/Module/Group.php

@@ -5,8 +5,7 @@ use App;
 use Zotlabs\Web\Controller;
 use Zotlabs\Lib\Apps;
 use Zotlabs\Lib\Libsync;
-
-require_once('include/group.php');
+use Zotlabs\Lib\AccessList;
 
 class Group extends Controller {
 
@@ -26,7 +25,7 @@ class Group extends Controller {
 	}
 
 	function post() {
-	
+
 		if(! local_channel()) {
 			notice( t('Permission denied.') . EOL);
 			return;
@@ -35,25 +34,26 @@ class Group extends Controller {
 		if(! Apps::system_app_installed(local_channel(), 'Privacy Groups')) {
 			return;
 		}
-	
+
 		if((argc() == 2) && (argv(1) === 'new')) {
 			check_form_security_token_redirectOnErr('/group/new', 'group_edit');
-			
+
 			$name = notags(trim($_POST['groupname']));
 			$public = intval($_POST['public']);
-			$r = group_add(local_channel(),$name,$public);
+			$r = AccessList::add(local_channel(),$name,$public);
+			$group_hash = $r;
+
 			if($r) {
 				info( t('Privacy group created.') . EOL );
 			}
 			else {
 				notice( t('Could not create privacy group.') . EOL );
 			}
-			goaway(z_root() . '/group');
-	
 		}
+
 		if((argc() == 2) && (intval(argv(1)))) {
 			check_form_security_token_redirectOnErr('/group', 'group_edit');
-			
+
 			$r = q("SELECT * FROM pgrp WHERE id = %d AND uid = %d LIMIT 1",
 				intval(argv(1)),
 				intval(local_channel())
@@ -61,14 +61,15 @@ class Group extends Controller {
 			if(! $r) {
 				notice( t('Privacy group not found.') . EOL );
 				goaway(z_root() . '/connections');
-	
+
 			}
 			$group = $r[0];
 			$groupname = notags(trim($_POST['groupname']));
+			$group_hash = $group['hash'];
 			$public = intval($_POST['public']);
-	
+
 			$hookinfo = [ 'pgrp_extras' => '', 'group'=>$group['id'] ];
-                       	call_hooks ('privacygroup_extras_post',$hookinfo);
+			call_hooks('privacygroup_extras_post',$hookinfo);
 
 			if((strlen($groupname))  && (($groupname != $group['gname']) || ($public != $group['visible']))) {
 				$r = q("UPDATE pgrp SET gname = '%s', visible = %d  WHERE uid = %d AND id = %d",
@@ -79,22 +80,30 @@ class Group extends Controller {
 				);
 				if($r)
 					info( t('Privacy group updated.') . EOL );
-
-
-				Libsync::build_sync_packet(local_channel(),null,true);
 			}
-	
-			goaway(z_root() . '/group/' . argv(1) . '/' . argv(2));
 		}
-		return;	
+
+		$channel = App::get_channel();
+
+		$default_group = ((isset($_POST['set_default_group'])) ? $group_hash : (($channel['channel_default_group'] === $group_hash) ? '' : $channel['channel_default_group']));
+		$default_acl = ((isset($_POST['set_default_acl'])) ? '<' . $group_hash . '>' : (($channel['channel_allow_gid'] === '<' . $group_hash . '>') ? '' : $channel['channel_allow_gid']));
+
+		q("update channel set channel_default_group = '%s', channel_allow_gid = '%s'
+			where channel_id = %d",
+			dbesc($default_group),
+			dbesc($default_acl),
+			intval(local_channel())
+		);
+
+		Libsync::build_sync_packet(local_channel(),null,true);
+
+		goaway(z_root() . '/group/' . argv(1) . ((argv(2)) ? '/' . argv(2) : ''));
+
+		return;
 	}
-	
+
 	function get() {
 
-		$change = false;
-	
-		logger('mod_group: ' . App::$cmd,LOGGER_DEBUG);
-		
 		if(! local_channel()) {
 			notice( t('Permission denied') . EOL);
 			return;
@@ -103,12 +112,14 @@ class Group extends Controller {
 		if(! Apps::system_app_installed(local_channel(), 'Privacy Groups')) {
 			//Do not display any associated widgets at this point
 			App::$pdl = '';
-
-			$o = '<b>' . t('Privacy Groups App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= t('Management of privacy groups');
-			return $o;
+			$papp = Apps::get_papp('Privacy Groups');
+			return Apps::app_render($papp, 'module');
 		}
 
+		logger('mod_group: ' . App::$cmd,LOGGER_DEBUG);
+
+		$change = false;
+
 		// Switch to text mode interface if we have more than 'n' contacts or group members
 		$switchtotext = get_pconfig(local_channel(),'system','groupedit_image_limit');
 		if($switchtotext === false)
@@ -119,64 +130,45 @@ class Group extends Controller {
 
 		if((argc() == 1) || ((argc() == 2) && (argv(1) === 'new'))) {
 
-			$new = (((argc() == 2) && (argv(1) === 'new')) ? true : false);
-
-			$groups = q("SELECT id, gname FROM pgrp WHERE deleted = 0 AND uid = %d ORDER BY gname ASC",
-				intval(local_channel())
-			);
-
-			$i = 0;
-			foreach($groups as $group) {
-				$entries[$i]['name'] = $group['gname'];
-				$entries[$i]['id'] = $group['id'];
-				$entries[$i]['count'] = count(group_get_members($group['id']));
-				$i++;
-			}
-
 			$hookinfo = [ 'pgrp_extras' => '', 'group'=>argv(1) ];
 			call_hooks ('privacygroup_extras',$hookinfo);
 			$pgrp_extras = $hookinfo['pgrp_extras'];
 
+			$is_default_acl = ['set_default_acl', t('Post to this group by default'), 0, '', [t('No'), t('Yes')]];
+			$is_default_group = ['set_default_group', t('Add new contacts to this group by default'), 0, '', [t('No'), t('Yes')]];
+
+
 			$tpl = get_markup_template('privacy_groups.tpl');
 			$o = replace_macros($tpl, [
 				'$title' => t('Privacy Groups'),
-				'$add_new_label' => t('Add Group'),
-				'$new' => $new,
 
 				// new group form
 				'$gname' => array('groupname',t('Privacy group name')),
-				'$public' => array('public',t('Members are visible to other channels'), false),
+				'$public' => array('public',t('Members are visible to other channels'), 0, '', [t('No'), t('Yes')]),
 				'$pgrp_extras' => $pgrp_extras,
 				'$form_security_token' => get_form_security_token("group_edit"),
 				'$submit' => t('Submit'),
-
-				// groups list
-				'$title' => t('Privacy Groups'),
-				'$name_label' => t('Name'),
-				'$count_label' => t('Members'),
-				'$entries' => $entries
+				'$is_default_acl' => $is_default_acl,
+				'$is_default_group' => $is_default_group,
 			]);
 
 			return $o;
 
 		}
 
-
-
-
 		$context = array('$submit' => t('Submit'));
 		$tpl = get_markup_template('group_edit.tpl');
-	
+
 		if((argc() == 3) && (argv(1) === 'drop')) {
 			check_form_security_token_redirectOnErr('/group', 'group_drop', 't');
-			
+
 			if(intval(argv(2))) {
 				$r = q("SELECT gname FROM pgrp WHERE id = %d AND uid = %d LIMIT 1",
 					intval(argv(2)),
 					intval(local_channel())
 				);
-				if($r) 
-					$result = group_rmv(local_channel(),$r[0]['gname']);
+				if($r)
+					$result = AccessList::remove(local_channel(),$r[0]['gname']);
 				if($result) {
 					$hookinfo = [ 'pgrp_extras' => '', 'group' => argv(2) ];
 					call_hooks ('privacygroup_extras_drop',$hookinfo);
@@ -188,23 +180,23 @@ class Group extends Controller {
 			goaway(z_root() . '/group');
 			// NOTREACHED
 		}
-	
-	
+
+
 		if((argc() > 2) && intval(argv(1)) && argv(2)) {
-	
+
 			check_form_security_token_ForbiddenOnErr('group_member_change', 't');
-	
+
 			$r = q("SELECT abook_xchan from abook left join xchan on abook_xchan = xchan_hash where abook_xchan = '%s' and abook_channel = %d and xchan_deleted = 0 and abook_self = 0 and abook_blocked = 0 and abook_pending = 0 limit 1",
 				dbesc(base64url_decode(argv(2))),
 				intval(local_channel())
 			);
 			if(count($r))
 				$change = base64url_decode(argv(2));
-	
+
 		}
-	
+
 		if((argc() > 1) && (intval(argv(1)))) {
-	
+
 			require_once('include/acl_selectors.php');
 			$r = q("SELECT * FROM pgrp WHERE id = %d AND uid = %d AND deleted = 0 LIMIT 1",
 				intval(argv(1)),
@@ -215,28 +207,28 @@ class Group extends Controller {
 				goaway(z_root() . '/connections');
 			}
 			$group = $r[0];
-	
-	
-			$members = group_get_members($group['id']);
-	
+
+
+			$members = AccessList::members(local_channel(), $group['id']);
+
 			$preselected = array();
 			if(count($members))	{
 				foreach($members as $member)
 					if(! in_array($member['xchan_hash'],$preselected))
 						$preselected[] = $member['xchan_hash'];
 			}
-	
+
 			if($change) {
-	
+
 				if(in_array($change,$preselected)) {
-					group_rmv_member(local_channel(),$group['gname'],$change);
+					AccessList::member_remove(local_channel(),$group['gname'],$change);
 				}
 				else {
-					group_add_member(local_channel(),$group['gname'],$change);
+					AccessList::member_add(local_channel(),$group['gname'],$change);
 				}
-	
-				$members = group_get_members($group['id']);
-	
+
+				$members = AccessList::members(local_channel(), $group['id']);
+
 				$preselected = array();
 				if(count($members))	{
 					foreach($members as $member)
@@ -254,25 +246,25 @@ class Group extends Controller {
 				'$gname' => array('groupname',t('Privacy group name: '),$group['gname'], ''),
 				'$gid' => $group['id'],
 				'$drop' => $drop_txt,
-				'$public' => array('public',t('Members are visible to other channels'), $group['visible'], ''),
+				'$public' => array('public',t('Members are visible to other channels'), $group['visible'], '', [t('No'), t('Yes')]),
 				'$form_security_token_edit' => get_form_security_token('group_edit'),
-				'$delete' => t('Delete Group'),
+				'$delete' => t('Delete'),
 				'$form_security_token_drop' => get_form_security_token("group_drop"),
 				'$pgrp_extras' => $pgrp_extras,
 			);
-	
+
 		}
-	
+
 		if(! isset($group))
 			return;
-	
+
 		$groupeditor = array(
 			'label_members' => t('Group members'),
 			'members' => array(),
 			'label_contacts' => t('Not in this group'),
 			'contacts' => array(),
 		);
-			
+
 		$sec_token = addslashes(get_form_security_token('group_member_change'));
 		$textmode = (($switchtotext && (count($members) > $switchtotext)) ? true : 'card');
 		foreach($members as $member) {
@@ -282,13 +274,13 @@ class Group extends Controller {
 				$groupeditor['members'][] = micropro($member,true,'mpgroup', $textmode);
 			}
 			else
-				group_rmv_member(local_channel(),$group['gname'],$member['xchan_hash']);
+				AccessList::member_remove(local_channel(),$group['gname'],$member['xchan_hash']);
 		}
-	
+
 		$r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d AND abook_self = 0 and abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 order by xchan_name asc",
 			intval(local_channel())
 		);
-	
+
 		if(count($r)) {
 			$textmode = (($switchtotext && (count($r) > $switchtotext)) ? true : 'card');
 			foreach($r as $member) {
@@ -299,20 +291,26 @@ class Group extends Controller {
 				}
 			}
 		}
-	
+
 		$context['$groupeditor'] = $groupeditor;
 		$context['$desc'] = t('Click a channel to toggle membership');
 		$context['$pgrp_extras'] = $pgrp_extras;
-	
+
+		$channel = App::get_channel();
+
+		$context['$is_default_acl'] = ['set_default_acl', t('Post to this group by default'), intval($group['hash'] === trim($channel['channel_allow_gid'], '<>')), '', [t('No'), t('Yes')]];
+		$context['$is_default_group'] = ['set_default_group', t('Add new contacts to this group by default'), intval($group['hash'] === $channel['channel_default_group']), '', [t('No'), t('Yes')]];
+
+
 		if($change) {
 			$tpl = get_markup_template('groupeditor.tpl');
 			echo replace_macros($tpl, $context);
 			killme();
 		}
-		
+
 		return replace_macros($tpl, $context);
-	
+
 	}
-	
-	
+
+
 }

Zotlabs/Module/Hcard.php

@@ -5,7 +5,7 @@ namespace Zotlabs\Module;
 class Hcard extends \Zotlabs\Web\Controller {
 
 	function init() {
-	
+
 	   if(argc() > 1)
 	        $which = argv(1);
 	    else {
@@ -13,12 +13,12 @@ class Hcard extends \Zotlabs\Web\Controller {
 	        \App::$error = 404;
 	        return;
 	    }
-	
+
 		logger('hcard_request: ' . $which, LOGGER_DEBUG);
 
 	    $profile = '';
 	    $channel = \App::get_channel();
-	
+
 	    if((local_channel()) && (argc() > 2) && (argv(2) === 'view')) {
 	        $which = $channel['channel_address'];
 	        $profile = argv(1);
@@ -30,22 +30,22 @@ class Hcard extends \Zotlabs\Web\Controller {
 	            $profile = '';
 	        $profile = $r[0]['profile_guid'];
 	    }
-	
-		head_add_link( [ 
-			'rel'   => 'alternate', 
+
+		head_add_link( [
+			'rel'   => 'alternate',
 			'type'  => 'application/atom+xml',
 			'title' => t('Posts and comments'),
 			'href'  => z_root() . '/feed/' . $which
 		]);
 
-		head_add_link( [ 
-			'rel'   => 'alternate', 
+		head_add_link( [
+			'rel'   => 'alternate',
 			'type'  => 'application/atom+xml',
 			'title' => t('Only posts'),
 			'href'  => z_root() . '/feed/' . $which . '?f=&top=1'
 		]);
 
-	
+
 	    if(! $profile) {
 	        $x = q("select channel_id as profile_uid from channel where channel_address = '%s' limit 1",
 	            dbesc(argv(1))
@@ -54,20 +54,20 @@ class Hcard extends \Zotlabs\Web\Controller {
 	            \App::$profile = $x[0];
 	        }
 	    }
-	
+
 		profile_load($which,$profile);
-	
-	
+
+
 	}
-	
-	
+
+
 	function get() {
 
-		$x = new \Zotlabs\Widget\Profile();	
+		$x = new \Zotlabs\Widget\Fullprofile();
 		return $x->widget(array());
-	
+
 	}
-	
-	
-	
+
+
+
 }

Zotlabs/Module/Home.php

@@ -40,7 +40,7 @@ class Home extends Controller {
 			if (!$dest)
 				$dest = get_config('system', 'startpage');
 			if (!$dest)
-				$dest = z_root() . '/network';
+				$dest = z_root() . '/hq';
 
 			goaway($dest);
 		}

Zotlabs/Module/Hq.php

@@ -1,6 +1,10 @@
 <?php
 namespace Zotlabs\Module;
 
+use App;
+use Zotlabs\Widget\Messages;
+
+
 require_once("include/bbcode.php");
 require_once('include/security.php');
 require_once('include/conversation.php');
@@ -14,67 +18,55 @@ class Hq extends \Zotlabs\Web\Controller {
 		if(! local_channel())
 			return;
 
-		\App::$profile_uid = local_channel();
-	}
-
-	function post() {
-
-		if(!local_channel())
-			return;
-
-		if($_REQUEST['notify_id']) {
-			q("update notify set seen = 1 where id = %d and uid = %d",
-				intval($_REQUEST['notify_id']),
-				intval(local_channel())
-			);
-		}
-
-		killme();
-
+		App::$profile_uid = local_channel();
 	}
 
 	function get($update = 0, $load = false) {
 
-		if(!local_channel())
+		if(!local_channel()) {
 			return;
+		}
 
 		if(argc() > 1 && argv(1) !== 'load') {
-			$item_hash = argv(1);
+			$item_hash = unpack_link_id(argv(1));
+		}
+
+		if(isset($_REQUEST['mid'])) {
+			$item_hash = unpack_link_id($_REQUEST['mid']);
+		}
+
+		if($item_hash === false) {
+			notice(t('Malformed message id.') . EOL);
+			return;
 		}
-	
-		if($_REQUEST['mid'])
-			$item_hash = $_REQUEST['mid'];
 
 		$item_normal = item_normal();
 		$item_normal_update = item_normal_update();
+		$sys = get_sys_channel();
+		$sys_item = false;
+		$sql_extra = '';
 
 		if(! $item_hash) {
-			$r = q("SELECT mid FROM item 
+			$r = q("SELECT mid FROM item
 				WHERE uid = %d $item_normal
-				AND mid = parent_mid 
+				AND mid = parent_mid
+				AND item_private IN (0, 1)
 				ORDER BY created DESC LIMIT 1",
 				intval(local_channel())
 			);
-
 			if($r[0]['mid']) {
-				$item_hash = 'b64.' . base64url_encode($r[0]['mid']);
+				$item_hash = $r[0]['mid'];
 			}
 		}
 
 		if($item_hash) {
 
-			if(strpos($item_hash,'b64.') === 0)
-				$decoded = @base64url_decode(substr($item_hash,4));
-
-			if($decoded)
-				$item_hash = $decoded;
-
 			$target_item = null;
 
-			$r = q("select id, uid, mid, parent_mid, thr_parent, verb, item_type, item_deleted, item_blocked from item where mid like '%s' limit 1",
-				dbesc($item_hash . '%')
+			$r = q("select id, uid, mid, parent_mid, thr_parent, verb, item_type, item_deleted, item_blocked from item where mid = '%s' limit 1",
+				dbesc($item_hash)
 			);
-		
+
 			if($r) {
 				$target_item = $r[0];
 			}
@@ -83,27 +75,22 @@ class Hq extends \Zotlabs\Web\Controller {
 			if($target_item['item_blocked'] == ITEM_MODERATED) {
 				goaway(z_root() . '/moderate/' . $target_item['id']);
 			}
-		
+
 			$simple_update = '';
 			if($update && $_SESSION['loadtime'])
 				$simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' )  OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) ";
 
-			$sys = get_sys_channel();
-			$sql_extra = item_permissions_sql($sys['channel_id']);
-
-			$sys_item = false;
-
 		}
-	
+
 		if(! $update) {
-			$channel = \App::get_channel();
+			$channel = App::get_channel();
 
 			$channel_acl = [
-				'allow_cid' => $channel['channel_allow_cid'], 
-				'allow_gid' => $channel['channel_allow_gid'], 
-				'deny_cid'  => $channel['channel_deny_cid'], 
+				'allow_cid' => $channel['channel_allow_cid'],
+				'allow_gid' => $channel['channel_allow_gid'],
+				'deny_cid'  => $channel['channel_deny_cid'],
 				'deny_gid'  => $channel['channel_deny_gid']
-			]; 
+			];
 
 			$x = [
 				'is_owner'            => true,
@@ -125,13 +112,7 @@ class Hq extends \Zotlabs\Web\Controller {
 				'reset'               => t('Reset form')
 			];
 
-			$o = replace_macros(get_markup_template("hq.tpl"),
-				[
-					'$no_messages' => (($target_item) ? false : true),
-					'$no_messages_label' => [ t('Welcome to Hubzilla!'), t('You have got no unseen posts...') ],
-					'$editor' => status_editor($a,$x,false,'Hq')
-				]
-			);
+			$o = status_editor($a, $x, true);
 
 		}
 
@@ -142,10 +123,9 @@ class Hq extends \Zotlabs\Web\Controller {
 			if($target_item) {
 				// if the target item is not a post (eg a like) we want to address its thread parent
 				//$mid = ((($target_item['verb'] == ACTIVITY_LIKE) || ($target_item['verb'] == ACTIVITY_DISLIKE)) ? $target_item['thr_parent'] : $target_item['mid']);
-				$mid = $target_item['mid'];
-				// if we got a decoded hash we must encode it again before handing to javascript 
-				if($decoded)
-					$mid = 'b64.' . base64url_encode($mid);
+
+				// if we got a decoded hash we must encode it again before handing to javascript
+				$mid = gen_link_id($target_item['mid']);
 			}
 			else {
 				$mid = '';
@@ -153,9 +133,9 @@ class Hq extends \Zotlabs\Web\Controller {
 
 			$o .= '<div id="live-hq"></div>' . "\r\n";
 			$o .= "<script> var profile_uid = " . local_channel()
-				. "; var netargs = '?f='; var profile_page = " . \App::$pager['page'] . ";</script>\r\n";
-	
-			\App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),[
+				. "; var netargs = '?f='; var profile_page = " . App::$pager['page'] . ";</script>\r\n";
+
+			App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),[
 				'$baseurl' => z_root(),
 				'$pgtype'  => 'hq',
 				'$uid'     => local_channel(),
@@ -201,6 +181,7 @@ class Hq extends \Zotlabs\Web\Controller {
 
 			if(!$r) {
 				$sys_item = true;
+				$sql_extra = item_permissions_sql($sys['channel_id']);
 
 				$r = q("SELECT item.id AS item_id FROM item
 					LEFT JOIN abook ON item.author_xchan = abook.abook_xchan
@@ -227,6 +208,7 @@ class Hq extends \Zotlabs\Web\Controller {
 
 			if(!$r) {
 				$sys_item = true;
+				$sql_extra = item_permissions_sql($sys['channel_id']);
 
 				$r = q("SELECT item.parent AS item_id FROM item
 					LEFT JOIN abook ON item.author_xchan = abook.abook_xchan
@@ -241,14 +223,14 @@ class Hq extends \Zotlabs\Web\Controller {
 		else {
 			$r = [];
 		}
-	
+
 		if($r) {
-			$items = q("SELECT item.*, item.id AS item_id 
+			$items = q("SELECT item.*, item.id AS item_id
 				FROM item
-				WHERE parent = '%s' $item_normal ",
+				WHERE parent = '%s' $item_normal $sql_extra",
 				dbesc($r[0]['item_id'])
 			);
-	
+
 			xchan_query($items,true,(($sys_item) ? local_channel() : 0));
 			$items = fetch_post_tags($items,true);
 			$items = conv_sort($items,'created');
@@ -267,4 +249,16 @@ class Hq extends \Zotlabs\Web\Controller {
 
 	}
 
+	function post() {
+		if (!local_channel())
+			return;
+
+		$options['offset'] = $_REQUEST['offset'];
+		$options['type'] = $_REQUEST['type'];
+
+		$ret = Messages::get_messages_page($options);
+
+		json_return_and_die($ret);
+	}
+
 }

Zotlabs/Module/Impel.php

@@ -1,5 +1,9 @@
 <?php
-namespace Zotlabs\Module; /** @file */
+namespace Zotlabs\Module;
+
+use URLify;
+
+/** @file */
 
 // import page design element
 
@@ -9,33 +13,33 @@ require_once('include/menu.php');
 class Impel extends \Zotlabs\Web\Controller {
 
 	function init() {
-	
+
 		$ret = array('success' => false);
-	
+
 		if(! local_channel())
 			json_return_and_die($ret);
-	
+
 		logger('impel: ' . print_r($_REQUEST,true), LOGGER_DATA);
-	
+
 		$elm = $_REQUEST['element'];
 		$x = base64url_decode($elm);
 		if(! $x)
 			json_return_and_die($ret);
-	
+
 		$j = json_decode($x,true);
 		if(! $j)
 			json_return_and_die($ret);
-	
+
 		// logger('element: ' . print_r($j,true));
 
 		$channel = \App::get_channel();
-	
+
 		$arr = array();
 		$is_menu = false;
-	
+
 		// a portable menu has its links rewritten with the local baseurl
 		$portable_menu = false;
-	
+
 		switch($j['type']) {
 			case 'webpage':
 				$arr['item_type'] = ITEM_TYPE_WEBPAGE;
@@ -58,12 +62,12 @@ class Impel extends \Zotlabs\Web\Controller {
 			case 'menu':
 				$is_menu = true;
 				$installed_type = t('menu');
-				break;			
+				break;
 			default:
 				logger('mod_impel: unrecognised element type' . print_r($j,true));
 				break;
 		}
-	
+
 		if($is_menu) {
 			$m = array();
 			$m['menu_channel_id'] = local_channel();
@@ -73,23 +77,23 @@ class Impel extends \Zotlabs\Web\Controller {
 				$m['menu_created'] = datetime_convert($j['created']);
 			if($j['edited'])
 				$m['menu_edited'] = datetime_convert($j['edited']);
-	
+
 			$m['menu_flags'] = 0;
 			if($j['flags']) {
 				if(in_array('bookmark',$j['flags']))
 					$m['menu_flags'] |= MENU_BOOKMARK;
 				if(in_array('system',$j['flags']))
 					$m['menu_flags'] |= MENU_SYSTEM;
-	
+
 			}
-	
+
 			$menu_id = menu_create($m);
-	
+
 			if($menu_id) {
 				if(is_array($j['items'])) {
 					foreach($j['items'] as $it) {
 						$mitem = array();
-	
+
 						$mitem['mitem_link'] = str_replace('[channelurl]',z_root() . '/channel/' . $channel['channel_address'],$it['link']);
 						$mitem['mitem_link'] = str_replace('[pageurl]',z_root() . '/page/' . $channel['channel_address'],$it['link']);
 						$mitem['mitem_link'] = str_replace('[cloudurl]',z_root() . '/cloud/' . $channel['channel_address'],$it['link']);
@@ -115,7 +119,7 @@ class Impel extends \Zotlabs\Web\Controller {
 							intval(local_channel())
 						);
 					}
-				}	
+				}
 				$ret['success'] = true;
 			}
 			$x = $ret;
@@ -132,22 +136,21 @@ class Impel extends \Zotlabs\Web\Controller {
 			$arr['owner_xchan'] = get_observer_hash();
 			$arr['author_xchan'] = (($j['author_xchan']) ? $j['author_xchan'] : get_observer_hash());
 			$arr['mimetype'] = (($j['mimetype']) ? $j['mimetype'] : 'text/bbcode');
-	
+
 			if(! $j['mid']) {
 				$j['uuid'] = item_message_id();
 				$j['mid'] = z_root() . '/item/' . $j['uuid'];
 			}
 			$arr['uuid'] = $j['uuid'];
 			$arr['mid'] = $arr['parent_mid'] = $j['mid'];
-	
-	
+
+
 			if($j['pagetitle']) {
-				require_once('library/urlify/URLify.php');
-				$pagetitle = strtolower(\URLify::transliterate($j['pagetitle']));
+				$pagetitle = strtolower(URLify::transliterate($j['pagetitle']));
 			}
-		
+
 			// Verify ability to use html or php!!!
-	
+
 			$execflag = ((intval($channel['channel_id']) == intval(local_channel()) && ($channel['channel_pageflags'] & PAGE_ALLOWCODE)) ? true : false);
 
 			$i = q("select id, edited, item_deleted from item where mid = '%s' and uid = %d limit 1",
@@ -156,7 +159,7 @@ class Impel extends \Zotlabs\Web\Controller {
 			);
 
 			\Zotlabs\Lib\IConfig::Set($arr,'system',$namespace,(($pagetitle) ? $pagetitle : substr($arr['mid'],0,16)),true);
-	
+
 			if($i) {
 				$arr['id'] = $i[0]['id'];
 				// don't update if it has the same timestamp as the original
@@ -174,24 +177,24 @@ class Impel extends \Zotlabs\Web\Controller {
 				else
 					$x = item_store($arr,$execflag);
 			}
-	
+
 			if($x && $x['success']) {
 				$item_id = $x['item_id'];
 			}
 		}
-	
+
 		if($x['success']) {
 			$ret['success'] = true;
-			info( sprintf( t('%s element installed'), $installed_type)); 
+			info( sprintf( t('%s element installed'), $installed_type));
 		}
 		else {
-			notice( sprintf( t('%s element installation failed'), $installed_type)); 
+			notice( sprintf( t('%s element installation failed'), $installed_type));
 		}
-	
-		//??? should perhaps return ret? 
+
+		//??? should perhaps return ret?
 
 		json_return_and_die(true);
-	
+
 	}
-	
+
 }

Zotlabs/Module/Import.php

@@ -2,14 +2,15 @@
 
 namespace Zotlabs\Module;
 
-require_once('include/zot.php');
 require_once('include/channel.php');
 require_once('include/import.php');
 require_once('include/perm_upgrade.php');
-require_once('library/urlify/URLify.php');
 
-use Zotlabs\Lib\Crypto;
+use App;
+use URLify;
+use Zotlabs\Daemon\Master;
 use Zotlabs\Lib\Libzot;
+use Zotlabs\Web\Controller;
 
 
 /**
@@ -18,7 +19,7 @@ use Zotlabs\Lib\Libzot;
  * Import a channel, either by direct file upload or via
  * connection to another server.
  */
-class Import extends \Zotlabs\Web\Controller {
+class Import extends Controller {
 
 	/**
 	 * @brief Import channel into account.
@@ -27,95 +28,94 @@ class Import extends \Zotlabs\Web\Controller {
 	 */
 	function import_account($account_id) {
 
-		if(! $account_id){
+		if (!$account_id) {
 			logger('No account ID supplied');
 			return;
 		}
 
-		$max_friends    = account_service_class_fetch($account_id,'total_channels');
-		$max_feeds      = account_service_class_fetch($account_id,'total_feeds');
-		$data           = null;
-		$seize          = ((x($_REQUEST,'make_primary')) ? intval($_REQUEST['make_primary']) : 0);
-		$import_posts   = ((x($_REQUEST,'import_posts')) ? intval($_REQUEST['import_posts']) : 0);
-		$moving         = intval($_REQUEST['moving']);
-		$src            = $_FILES['filename']['tmp_name'];
-		$filename       = basename($_FILES['filename']['name']);
-		$filesize       = intval($_FILES['filename']['size']);
-		$filetype       = $_FILES['filename']['type'];
-		$newname        = trim(strtolower($_REQUEST['newname']));
+		$max_friends  = account_service_class_fetch($account_id, 'total_channels');
+		$max_feeds    = account_service_class_fetch($account_id, 'total_feeds');
+		$data         = null;
+		$seize        = ((x($_REQUEST, 'make_primary')) ? intval($_REQUEST['make_primary']) : 0);
+		$import_posts = ((x($_REQUEST, 'import_posts')) ? intval($_REQUEST['import_posts']) : 0);
+		$moving       = false; //intval($_REQUEST['moving']);
+		$src          = $_FILES['filename']['tmp_name'];
+		$filename     = basename($_FILES['filename']['name']);
+		$filesize     = intval($_FILES['filename']['size']);
+		$filetype     = $_FILES['filename']['type'];
+		$newname      = trim(strtolower($_REQUEST['newname']));
 
 		// import channel from file
-		if($src) {
+		if ($src) {
 
 			// This is OS specific and could also fail if your tmpdir isn't very
 			// large mostly used for Diaspora which exports gzipped files.
 
-			if(strpos($filename,'.gz')){
-				@rename($src,$src . '.gz');
+			if (strpos($filename, '.gz')) {
+				@rename($src, $src . '.gz');
 				@system('gunzip ' . escapeshellarg($src . '.gz'));
 			}
 
-			if($filesize) {
+			if ($filesize) {
 				$data = @file_get_contents($src);
 			}
 			unlink($src);
 		}
 
 		// import channel from another server
-		if(! $src) {
-			$old_address = ((x($_REQUEST,'old_address')) ? $_REQUEST['old_address'] : '');
-			if(! $old_address) {
+		if (!$src) {
+			$old_address = ((x($_REQUEST, 'old_address')) ? $_REQUEST['old_address'] : '');
+			if (!$old_address) {
 				logger('Nothing to import.');
-				notice( t('Nothing to import.') . EOL);
+				notice(t('Nothing to import.') . EOL);
 				return;
-			} else if(strpos($old_address, '＠')) {
+			}
+			else if (strpos($old_address, '＠')) {
 				// if you copy the identity address from your profile page, make it work for convenience - WARNING: this is a utf-8 variant and NOT an ASCII ampersand. Please do not edit.
 				$old_address = str_replace('＠', '@', $old_address);
 			}
 
-			$email    = ((x($_REQUEST,'email'))    ? $_REQUEST['email']    : '');
-			$password = ((x($_REQUEST,'password')) ? $_REQUEST['password'] : '');
+			$email    = ((x($_REQUEST, 'email')) ? $_REQUEST['email'] : '');
+			$password = ((x($_REQUEST, 'password')) ? $_REQUEST['password'] : '');
 
-			$channelname = substr($old_address,0,strpos($old_address,'@'));
-			$servername  = substr($old_address,strpos($old_address,'@')+1);
+			$channelname = substr($old_address, 0, strpos($old_address, '@'));
+			$servername  = substr($old_address, strpos($old_address, '@') + 1);
 
 			$api_path = probe_api_path($servername);
-			if(! $api_path) {
-				notice( t('Unable to download data from old server') . EOL);
+			if (!$api_path) {
+				notice(t('Unable to download data from old server') . EOL);
 				return;
 			}
 
 			$api_path .= 'channel/export/basic?f=&channel=' . $channelname;
-			if($import_posts)
-				$api_path .= '&posts=1';
 
-			$binary = false;
+			$binary    = false;
 			$redirects = 0;
-			$opts = array('http_auth' => $email . ':' . $password);
-			$ret = z_fetch_url($api_path, $binary, $redirects, $opts);
-			if($ret['success']) {
+			$opts      = ['http_auth' => $email . ':' . $password];
+			$ret       = z_fetch_url($api_path, $binary, $redirects, $opts);
+			if ($ret['success']) {
 				$data = $ret['body'];
 			}
 			else {
-				notice( t('Unable to download data from old server') . EOL);
+				notice(t('Unable to download data from old server') . EOL);
 				return;
 			}
 		}
 
-		if(! $data) {
+		if (!$data) {
 			logger('Empty import file.');
-			notice( t('Imported file is empty.') . EOL);
+			notice(t('Imported file is empty.') . EOL);
 			return;
 		}
 
-		$data = json_decode($data,true);
+		$data = json_decode($data, true);
 
 		//logger('import: data: ' . print_r($data,true));
 		//print_r($data);
 
-		if(! array_key_exists('compatibility',$data)) {
-			call_hooks('import_foreign_channel_data',$data);
-			if($data['handled'])
+		if (!array_key_exists('compatibility', $data)) {
+			call_hooks('import_foreign_channel_data', $data);
+			if ($data['handled'])
 				return;
 		}
 
@@ -133,47 +133,47 @@ class Import extends \Zotlabs\Web\Controller {
 
 		// prevent incompatible osada or zap data from horking your database
 
-		if(array_path_exists('compatibility/codebase',$data)) {
+		if (array_path_exists('compatibility/codebase', $data)) {
 			notice('Data export format is not compatible with this software');
 			return;
 		}
 
-		if(version_compare($data['compatibility']['version'], '4.7.3', '<=')) {
+		if (version_compare($data['compatibility']['version'], '4.7.3', '<=')) {
 			// zot6 transition: cloning is not compatible with older versions
 			notice('Data export format is not compatible with this software (not a zot6 channel)');
 			return;
 		}
 
-		if($moving)
+		if ($moving)
 			$seize = 1;
 
 		// import channel
 
-		$relocate = ((array_key_exists('relocate',$data)) ? $data['relocate'] : null);
+		$relocate = ((array_key_exists('relocate', $data)) ? $data['relocate'] : null);
 
-		if(array_key_exists('channel',$data)) {
+		if (array_key_exists('channel', $data)) {
 
-			$max_identities = account_service_class_fetch($account_id,'total_identities');
+			$max_identities = account_service_class_fetch($account_id, 'total_identities');
 
-			if($max_identities !== false) {
-				$r = q("select channel_id from channel where channel_account_id = %d",
+			if ($max_identities !== false) {
+				$r = q("select channel_id from channel where channel_account_id = %d and channel_removed = 0",
 					intval($account_id)
 				);
-				if($r && count($r) > $max_identities) {
-					notice( sprintf( t('Your service plan only allows %d channels.'), $max_identities) . EOL);
+				if ($r && count($r) > $max_identities) {
+					notice(sprintf(t('Your service plan only allows %d channels.'), $max_identities) . EOL);
 					return;
 				}
 			}
 
-            if($newname) {
-	            $x = false;
+			if ($newname) {
+				$x = false;
 
-    	        if(get_config('system','unicode_usernames')) {
-        	        $x = punify(mb_strtolower($newname));
-            	}
+				if (get_config('system', 'unicode_usernames')) {
+					$x = punify(mb_strtolower($newname));
+				}
 
-	            if((! $x) || strlen($x) > 64) {
-    	            $x = strtolower(\URLify::transliterate($newname));
+				if ((!$x) || strlen($x) > 64) {
+					$x = strtolower(URLify::transliterate($newname));
 				}
 				$newname = $x;
 			}
@@ -182,71 +182,38 @@ class Import extends \Zotlabs\Web\Controller {
 		}
 		else {
 			$moving  = false;
-			$channel = \App::get_channel();
+			$channel = App::get_channel();
 		}
 
-		if(! $channel) {
-			logger('Channel not found. ', print_r($channel,true));
-			notice( t('No channel. Import failed.') . EOL);
+		if (!$channel) {
+			logger('Channel not found. ', print_r($channel, true));
+			notice(t('No channel. Import failed.') . EOL);
 			return;
 		}
 
-		if(is_array($data['config'])) {
-			import_config($channel,$data['config']);
+		if (is_array($data['config'])) {
+			import_config($channel, $data['config']);
 		}
 
 		logger('import step 2');
 
-		if(array_key_exists('channel',$data)) {
-			if($data['photo']) {
+		if (array_key_exists('channel', $data)) {
+			if ($data['photo']) {
 				require_once('include/photo/photo_driver.php');
-				import_channel_photo(base64url_decode($data['photo']['data']),$data['photo']['type'],$account_id,$channel['channel_id']);
+				import_channel_photo(base64url_decode($data['photo']['data']), $data['photo']['type'], $account_id, $channel['channel_id']);
 			}
 
-			if(is_array($data['profile']))
-				import_profiles($channel,$data['profile']);
+			if (is_array($data['profile']))
+				import_profiles($channel, $data['profile']);
 		}
 
 		logger('import step 3');
 
-		if(is_array($data['hubloc'])) {
-			import_hublocs($channel,$data['hubloc'],$seize,$moving);
-		}
-
-		logger('import step 4');
-
 		// create new hubloc for the new channel at this site
 
-		if(array_key_exists('channel',$data)) {
-			if($channel['channel_portable_id']) {
-				$r = hubloc_store_lowlevel(
-					[
-						'hubloc_guid'     => $channel['channel_guid'],
-						'hubloc_guid_sig' => $channel['channel_guid_sig'],
-						'hubloc_hash'     => $channel['channel_portable_id'],
-						'hubloc_addr'     => channel_reddress($channel),
-						'hubloc_network'  => 'zot',
-						'hubloc_primary'  => (($seize) ? 1 : 0),
-						'hubloc_url'      => z_root(),
-						'hubloc_url_sig'  => base64url_encode(Crypto::sign(z_root(),$channel['channel_prvkey'])),
-						'hubloc_host'     => \App::get_hostname(),
-						'hubloc_callback' => z_root() . '/post',
-						'hubloc_sitekey'  => get_config('system','pubkey'),
-						'hubloc_updated'  => datetime_convert(),
-						'hubloc_id_url'   => channel_url($channel)
-					]
-				);
+		if (array_key_exists('channel', $data)) {
 
-				// reset the original primary hubloc if it is being seized
-				if($seize) {
-					$r = q("update hubloc set hubloc_primary = 0 where hubloc_primary = 1 and hubloc_hash = '%s' and hubloc_url != '%s' ",
-						dbesc($channel['channel_portable_id']),
-						dbesc(z_root())
-					);
-				}
-			}
-
-			// create a new zot6 hubloc if we have got a channel_portable_id
+			// create a new zot6 hubloc
 
 			$r = hubloc_store_lowlevel(
 				[
@@ -257,18 +224,18 @@ class Import extends \Zotlabs\Web\Controller {
 					'hubloc_network'  => 'zot6',
 					'hubloc_primary'  => (($seize) ? 1 : 0),
 					'hubloc_url'      => z_root(),
-					'hubloc_url_sig'  => 'sha256.' . base64url_encode(Crypto::sign(z_root(),$channel['channel_prvkey'])),
-					'hubloc_host'     => \App::get_hostname(),
+					'hubloc_url_sig'  => Libzot::sign(z_root(), $channel['channel_prvkey']),
+					'hubloc_host'     => App::get_hostname(),
 					'hubloc_callback' => z_root() . '/zot',
-					'hubloc_sitekey'  => get_config('system','pubkey'),
+					'hubloc_sitekey'  => get_config('system', 'pubkey'),
 					'hubloc_updated'  => datetime_convert(),
 					'hubloc_id_url'   => channel_url($channel),
-					'hubloc_site_id'  => Libzot::make_xchan_hash(z_root(),get_config('system','pubkey'))
+					'hubloc_site_id'  => Libzot::make_xchan_hash(z_root(), get_config('system', 'pubkey'))
 				]
 			);
 
 			// reset the original primary hubloc if it is being seized
-			if($seize) {
+			if ($seize) {
 				$r = q("update hubloc set hubloc_primary = 0 where hubloc_primary = 1 and hubloc_hash = '%s' and hubloc_url != '%s' ",
 					dbesc($channel['channel_hash']),
 					dbesc(z_root())
@@ -277,88 +244,56 @@ class Import extends \Zotlabs\Web\Controller {
 
 		}
 
-		logger('import step 5');
-
+		logger('import step 4');
 
 		// import xchans and contact photos
 
-		if(array_key_exists('channel',$data) && $seize) {
+		if (array_key_exists('channel', $data) && $seize) {
 
 			// replace any existing xchan we may have on this site if we're seizing control
 
-			$r = q("delete from xchan where ( xchan_hash = '%s' or xchan_hash = '%s' ) ",
-				dbesc($channel['channel_hash']),
-				dbesc($channel['channel_portable_id'])
+			$r = q("delete from xchan where xchan_hash = '%s'",
+				dbesc($channel['channel_hash'])
 			);
 
-			if($channel['channel_portable_id']) {
-				$r = xchan_store_lowlevel(
-					[
-						'xchan_hash'           => $channel['channel_portable_id'],
-						'xchan_guid'           => $channel['channel_guid'],
-						'xchan_guid_sig'       => $channel['channel_guid_sig'],
-						'xchan_pubkey'         => $channel['channel_pubkey'],
-						'xchan_photo_l'        => z_root() . "/photo/profile/l/" . $channel['channel_id'],
-						'xchan_photo_m'        => z_root() . "/photo/profile/m/" . $channel['channel_id'],
-						'xchan_photo_s'        => z_root() . "/photo/profile/s/" . $channel['channel_id'],
-						'xchan_addr'           => channel_reddress($channel),
-						'xchan_url'            => z_root() . '/channel/' . $channel['channel_address'],
-						'xchan_connurl'        => z_root() . '/poco/' . $channel['channel_address'],
-						'xchan_follow'         => z_root() . '/follow?f=&url=%s',
-						'xchan_name'           => $channel['channel_name'],
-						'xchan_network'        => 'zot',
-						'xchan_photo_date'     => datetime_convert(),
-						'xchan_name_date'      => datetime_convert()
-					]
-				);
-			}
-
 			$r = xchan_store_lowlevel(
 				[
-					'xchan_hash'           => $channel['channel_hash'],
-					'xchan_guid'           => $channel['channel_guid'],
-					'xchan_guid_sig'       => $channel['channel_guid_sig'],
-					'xchan_pubkey'         => $channel['channel_pubkey'],
-					'xchan_photo_l'        => z_root() . "/photo/profile/l/" . $channel['channel_id'],
-					'xchan_photo_m'        => z_root() . "/photo/profile/m/" . $channel['channel_id'],
-					'xchan_photo_s'        => z_root() . "/photo/profile/s/" . $channel['channel_id'],
-					'xchan_addr'           => channel_reddress($channel),
-					'xchan_url'            => z_root() . '/channel/' . $channel['channel_address'],
-					'xchan_connurl'        => z_root() . '/poco/' . $channel['channel_address'],
-					'xchan_follow'         => z_root() . '/follow?f=&url=%s',
-					'xchan_name'           => $channel['channel_name'],
-					'xchan_network'        => 'zot6',
-					'xchan_photo_date'     => datetime_convert(),
-					'xchan_name_date'      => datetime_convert()
+					'xchan_hash'       => $channel['channel_hash'],
+					'xchan_guid'       => $channel['channel_guid'],
+					'xchan_guid_sig'   => $channel['channel_guid_sig'],
+					'xchan_pubkey'     => $channel['channel_pubkey'],
+					'xchan_photo_l'    => z_root() . "/photo/profile/l/" . $channel['channel_id'],
+					'xchan_photo_m'    => z_root() . "/photo/profile/m/" . $channel['channel_id'],
+					'xchan_photo_s'    => z_root() . "/photo/profile/s/" . $channel['channel_id'],
+					'xchan_addr'       => channel_reddress($channel),
+					'xchan_url'        => z_root() . '/channel/' . $channel['channel_address'],
+					'xchan_connurl'    => z_root() . '/poco/' . $channel['channel_address'],
+					'xchan_follow'     => z_root() . '/follow?f=&url=%s',
+					'xchan_name'       => $channel['channel_name'],
+					'xchan_network'    => 'zot6',
+					'xchan_photo_date' => datetime_convert(),
+					'xchan_name_date'  => datetime_convert()
 				]
 			);
 
 		}
 
-		logger('import step 6');
+		logger('import step 5');
 
 		// import xchans
 		$xchans = $data['xchan'];
-		if($xchans) {
-			foreach($xchans as $xchan) {
+		if ($xchans) {
+			foreach ($xchans as $xchan) {
 
-				if($xchan['xchan_network'] === 'zot') {
-					$hash = make_xchan_hash($xchan['xchan_guid'],$xchan['xchan_guid_sig']);
-					if($hash !== $xchan['xchan_hash']) {
-						logger('forged xchan: ' . print_r($xchan,true));
+				if ($xchan['xchan_network'] === 'zot6') {
+					$zhash = Libzot::make_xchan_hash($xchan['xchan_guid'], $xchan['xchan_pubkey']);
+					if ($zhash !== $xchan['xchan_hash']) {
+						logger('forged xchan: ' . print_r($xchan, true));
 						continue;
 					}
 				}
 
-				if($xchan['xchan_network'] === 'zot6') {
-					$zhash = Libzot::make_xchan_hash($xchan['xchan_guid'],$xchan['xchan_pubkey']);
-					if($zhash !== $xchan['xchan_hash']) {
-						logger('forged xchan: ' . print_r($xchan,true));
-						continue;
-					}
-				}
-
-				if(! array_key_exists('xchan_hidden',$xchan)) {
+				if (!array_key_exists('xchan_hidden', $xchan)) {
 					$xchan['xchan_hidden']       = (($xchan['xchan_flags'] & 0x0001) ? 1 : 0);
 					$xchan['xchan_orphan']       = (($xchan['xchan_flags'] & 0x0002) ? 1 : 0);
 					$xchan['xchan_censored']     = (($xchan['xchan_flags'] & 0x0004) ? 1 : 0);
@@ -371,14 +306,14 @@ class Import extends \Zotlabs\Web\Controller {
 				$r = q("select xchan_hash from xchan where xchan_hash = '%s' limit 1",
 					dbesc($xchan['xchan_hash'])
 				);
-				if($r)
+				if ($r)
 					continue;
 
-				create_table_from_array('xchan',$xchan);
+				create_table_from_array('xchan', $xchan);
 
 				require_once('include/photo/photo_driver.php');
 
-				if($xchan['xchan_hash'] === $channel['channel_hash']) {
+				if ($xchan['xchan_hash'] === $channel['channel_hash']) {
 					$r = q("update xchan set xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s' where xchan_hash = '%s'",
 						dbesc(z_root() . '/photo/profile/l/' . $channel['channel_id']),
 						dbesc(z_root() . '/photo/profile/m/' . $channel['channel_id']),
@@ -387,13 +322,13 @@ class Import extends \Zotlabs\Web\Controller {
 					);
 				}
 				else {
-					$photos = import_xchan_photo($xchan['xchan_photo_l'],$xchan['xchan_hash']);
-					if($photos[4])
+					$photos = import_xchan_photo($xchan['xchan_photo_l'], $xchan['xchan_hash']);
+					if ($photos[4])
 						$photodate = NULL_DATE;
 					else
 						$photodate = $xchan['xchan_photo_date'];
 
-					$r = q("update xchan set xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s', xchan_photo_date = '%s' where xchan_hash = '%s'",
+					q("update xchan set xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s', xchan_photo_date = '%s' where xchan_hash = '%s'",
 						dbesc($photos[0]),
 						dbesc($photos[1]),
 						dbesc($photos[2]),
@@ -404,21 +339,28 @@ class Import extends \Zotlabs\Web\Controller {
 				}
 			}
 
-			logger('import step 7');
+			logger('import step 6');
+		}
+
+		logger('import step 7');
+
+		// this must happen after xchans got imported!
+		if (is_array($data['hubloc'])) {
+			import_hublocs($channel, $data['hubloc'], $seize, $moving);
 		}
 
 		$friends = 0;
-		$feeds = 0;
+		$feeds   = 0;
 
 		// import contacts
 		$abooks = $data['abook'];
-		if($abooks) {
-			foreach($abooks as $abook) {
+		if ($abooks) {
+			foreach ($abooks as $abook) {
 
 				$abook_copy = $abook;
 
 				$abconfig = null;
-				if(array_key_exists('abconfig',$abook) && is_array($abook['abconfig']) && count($abook['abconfig']))
+				if (array_key_exists('abconfig', $abook) && is_array($abook['abconfig']) && count($abook['abconfig']))
 					$abconfig = $abook['abconfig'];
 
 				unset($abook['abook_id']);
@@ -431,33 +373,33 @@ class Import extends \Zotlabs\Web\Controller {
 
 				$abook['abook_account'] = $account_id;
 				$abook['abook_channel'] = $channel['channel_id'];
-				if(! array_key_exists('abook_blocked',$abook)) {
-					$abook['abook_blocked']     = (($abook['abook_flags'] & 0x0001 ) ? 1 : 0);
-					$abook['abook_ignored']     = (($abook['abook_flags'] & 0x0002 ) ? 1 : 0);
-					$abook['abook_hidden']      = (($abook['abook_flags'] & 0x0004 ) ? 1 : 0);
-					$abook['abook_archived']    = (($abook['abook_flags'] & 0x0008 ) ? 1 : 0);
-					$abook['abook_pending']     = (($abook['abook_flags'] & 0x0010 ) ? 1 : 0);
-					$abook['abook_unconnected'] = (($abook['abook_flags'] & 0x0020 ) ? 1 : 0);
-					$abook['abook_self']        = (($abook['abook_flags'] & 0x0080 ) ? 1 : 0);
-					$abook['abook_feed']        = (($abook['abook_flags'] & 0x0100 ) ? 1 : 0);
+				if (!array_key_exists('abook_blocked', $abook)) {
+					$abook['abook_blocked']     = (($abook['abook_flags'] & 0x0001) ? 1 : 0);
+					$abook['abook_ignored']     = (($abook['abook_flags'] & 0x0002) ? 1 : 0);
+					$abook['abook_hidden']      = (($abook['abook_flags'] & 0x0004) ? 1 : 0);
+					$abook['abook_archived']    = (($abook['abook_flags'] & 0x0008) ? 1 : 0);
+					$abook['abook_pending']     = (($abook['abook_flags'] & 0x0010) ? 1 : 0);
+					$abook['abook_unconnected'] = (($abook['abook_flags'] & 0x0020) ? 1 : 0);
+					$abook['abook_self']        = (($abook['abook_flags'] & 0x0080) ? 1 : 0);
+					$abook['abook_feed']        = (($abook['abook_flags'] & 0x0100) ? 1 : 0);
 				}
 
-				if(array_key_exists('abook_instance',$abook) && $abook['abook_instance'] && strpos($abook['abook_instance'],z_root()) === false) {
+				if (array_key_exists('abook_instance', $abook) && $abook['abook_instance'] && strpos($abook['abook_instance'], z_root()) === false) {
 					$abook['abook_not_here'] = 1;
 				}
 
-				if($abook['abook_self']) {
-					$role = get_pconfig($channel['channel_id'],'system','permissions_role');
-					if(($role === 'forum') || ($abook['abook_my_perms'] & PERMS_W_TAGWALL)) {
+				if ($abook['abook_self']) {
+					$role = get_pconfig($channel['channel_id'], 'system', 'permissions_role');
+					if (($role === 'forum') || ($abook['abook_my_perms'] & PERMS_W_TAGWALL)) {
 						q("update xchan set xchan_pubforum = 1 where xchan_hash = '%s' ",
 							dbesc($abook['abook_xchan'])
 						);
 					}
 				}
 				else {
-					if($max_friends !== false && $friends > $max_friends)
+					if ($max_friends !== false && $friends > $max_friends)
 						continue;
-					if($max_feeds !== false && intval($abook['abook_feed']) && ($feeds > $max_feeds))
+					if ($max_feeds !== false && intval($abook['abook_feed']) && ($feeds > $max_feeds))
 						continue;
 				}
 
@@ -465,9 +407,9 @@ class Import extends \Zotlabs\Web\Controller {
 					dbesc($abook['abook_xchan']),
 					intval($channel['channel_id'])
 				);
-				if($r) {
-					foreach($abook as $k => $v) {
-						$r = q("UPDATE abook SET " . TQUOT . "%s" . TQUOT . " = '%s' WHERE abook_xchan = '%s' AND abook_channel = %d",
+				if ($r) {
+					foreach ($abook as $k => $v) {
+						q("UPDATE abook SET " . TQUOT . "%s" . TQUOT . " = '%s' WHERE abook_xchan = '%s' AND abook_channel = %d",
 							dbesc($k),
 							dbesc($v),
 							dbesc($abook['abook_xchan']),
@@ -478,17 +420,17 @@ class Import extends \Zotlabs\Web\Controller {
 				else {
 					abook_store_lowlevel($abook);
 
-					$friends ++;
-					if(intval($abook['abook_feed']))
-						$feeds ++;
+					$friends++;
+					if (intval($abook['abook_feed']))
+						$feeds++;
 				}
 
-				translate_abook_perms_inbound($channel,$abook_copy);
+				translate_abook_perms_inbound($channel, $abook_copy);
 
-				if($abconfig) {
+				if ($abconfig) {
 					/// @FIXME does not handle sync of del_abconfig
-					foreach($abconfig as $abc) {
-						set_abconfig($channel['channel_id'],$abc['xchan'],$abc['cat'],$abc['k'],$abc['v']);
+					foreach ($abconfig as $abc) {
+						set_abconfig($channel['channel_id'], $abc['xchan'], $abc['cat'], $abc['k'], $abc['v']);
 					}
 				}
 			}
@@ -496,13 +438,14 @@ class Import extends \Zotlabs\Web\Controller {
 			logger('import step 8');
 		}
 
+
 		// import groups
 		$groups = $data['group'];
-		if($groups) {
-			$saved = array();
-			foreach($groups as $group) {
-				$saved[$group['hash']] = array('old' => $group['id']);
-				if(array_key_exists('name', $group)) {
+		if ($groups) {
+			$saved = [];
+			foreach ($groups as $group) {
+				$saved[$group['hash']] = ['old' => $group['id']];
+				if (array_key_exists('name', $group)) {
 					$group['gname'] = $group['name'];
 					unset($group['name']);
 				}
@@ -514,8 +457,8 @@ class Import extends \Zotlabs\Web\Controller {
 			$r = q("select * from pgrp where uid = %d",
 				intval($channel['channel_id'])
 			);
-			if($r) {
-				foreach($r as $rr) {
+			if ($r) {
+				foreach ($r as $rr) {
 					$saved[$rr['hash']]['new'] = $rr['id'];
 				}
 			}
@@ -523,12 +466,12 @@ class Import extends \Zotlabs\Web\Controller {
 
 		// import group members
 		$group_members = $data['group_member'];
-		if($group_members) {
-			foreach($group_members as $group_member) {
+		if ($group_members) {
+			foreach ($group_members as $group_member) {
 				unset($group_member['id']);
 				$group_member['uid'] = $channel['channel_id'];
-				foreach($saved as $x) {
-					if($x['old'] == $group_member['gid'])
+				foreach ($saved as $x) {
+					if ($x['old'] == $group_member['gid'])
 						$group_member['gid'] = $x['new'];
 				}
 				create_table_from_array('pgrp_member', $group_member);
@@ -537,65 +480,85 @@ class Import extends \Zotlabs\Web\Controller {
 
 		logger('import step 9');
 
-		if(is_array($data['obj']))
-			import_objs($channel,$data['obj']);
 
-		if(is_array($data['likes']))
-			import_likes($channel,$data['likes']);
+		if (is_array($data['obj']))
+			import_objs($channel, $data['obj']);
 
-		if(is_array($data['app']))
-			import_apps($channel,$data['app']);
+		if (is_array($data['likes']))
+			import_likes($channel, $data['likes']);
 
-		if(is_array($data['sysapp']))
-			import_sysapps($channel,$data['sysapp']);
+		if (is_array($data['app']))
+			import_apps($channel, $data['app']);
 
-		if(is_array($data['chatroom']))
-			import_chatrooms($channel,$data['chatroom']);
+		if (is_array($data['sysapp']))
+			import_sysapps($channel, $data['sysapp']);
 
-		if(is_array($data['conv']))
-			import_conv($channel,$data['conv']);
+		if (is_array($data['chatroom']))
+			import_chatrooms($channel, $data['chatroom']);
 
-		if(is_array($data['mail']))
-			import_mail($channel,$data['mail']);
+		if (is_array($data['event']))
+			import_events($channel, $data['event']);
 
-		if(is_array($data['event']))
-			import_events($channel,$data['event']);
+		if (is_array($data['event_item']))
+			import_items($channel, $data['event_item'], false, $relocate);
 
-		if(is_array($data['event_item']))
-			import_items($channel,$data['event_item'],false,$relocate);
+		if (is_array($data['menu']))
+			import_menus($channel, $data['menu']);
 
-		if(is_array($data['menu']))
-			import_menus($channel,$data['menu']);
+		if (is_array($data['wiki']))
+			import_items($channel, $data['wiki'], false, $relocate);
 
-		if(is_array($data['wiki']))
-			import_items($channel,$data['wiki'],false,$relocate);
+		if (is_array($data['webpages']))
+			import_items($channel, $data['webpages'], false, $relocate);
 
-		if(is_array($data['webpages']))
-			import_items($channel,$data['webpages'],false,$relocate);
+		$addon = ['channel' => $channel, 'data' => $data];
+		call_hooks('import_channel', $addon);
 
-		$addon = array('channel' => $channel,'data' => $data);
-		call_hooks('import_channel',$addon);
+		if ($import_posts && array_key_exists('item', $data) && $data['item']) {
+			import_items($channel, $data['item'], false, $relocate);
+		}
 
-		$saved_notification_flags = notifications_off($channel['channel_id']);
-
-		if($import_posts && array_key_exists('item',$data) && $data['item'])
-			import_items($channel,$data['item'],false,$relocate);
-
-		notifications_on($channel['channel_id'],$saved_notification_flags);
-
-		if(array_key_exists('item_id',$data) && $data['item_id'])
-			import_item_ids($channel,$data['item_id']);
+		// Immediately notify old server about the new clone
+		Master::Summon(['Notifier', 'refresh_all', $channel['channel_id']]);
 
 		// This will indirectly perform a refresh_all *and* update the directory
+		Master::Summon(['Directory', $channel['channel_id']]);
 
-		\Zotlabs\Daemon\Master::Summon(array('Directory', $channel['channel_id']));
+		$cf_api_compat = true;
 
+		if ($api_path && $import_posts) {  // we are importing from a server and not a file
+			if (version_compare($data['compatibility']['version'], '6.3.4', '>=')) {
 
-		notice( t('Import completed.') . EOL);
+				$m = parse_url($api_path);
+
+				$hz_server = $m['scheme'] . '://' . $m['host'];
+
+				$since = datetime_convert(date_default_timezone_get(), date_default_timezone_get(), '0001-01-01 00:00');
+				$until = datetime_convert(date_default_timezone_get(), date_default_timezone_get(), 'now + 1 day');
+
+				$poll_interval = get_config('system', 'poll_interval', 3);
+				$page          = 0;
+
+				Master::Summon(['Content_importer', sprintf('%d', $page), $since, $until, $channel['channel_address'], urlencode($hz_server)]);
+				Master::Summon(['File_importer', sprintf('%d', $page), $channel['channel_address'], urlencode($hz_server)]);
+			}
+			else {
+				$cf_api_compat = false;
+			}
+		}
 
 		change_channel($channel['channel_id']);
 
-		goaway(z_root() . '/network' );
+		if ($api_path && $import_posts && $cf_api_compat) {
+			goaway(z_root() . '/import_progress');
+		}
+
+		if (!$cf_api_compat) {
+			notice(t('Automatic content and files import was not possible due to API version incompatiblity. Please import content and files manually!') . EOL);
+		}
+
+		goaway(z_root());
+
 	}
 
 	/**
@@ -603,7 +566,7 @@ class Import extends \Zotlabs\Web\Controller {
 	 */
 	function post() {
 		$account_id = get_account_id();
-		if(! $account_id)
+		if (!$account_id)
 			return;
 
 		check_form_security_token_redirectOnErr('/import', 'channel_import');
@@ -618,33 +581,35 @@ class Import extends \Zotlabs\Web\Controller {
 	 */
 	function get() {
 
-		if(! get_account_id()) {
-			notice( t('You must be logged in to use this feature.') . EOL);
+		if (!get_account_id()) {
+			notice(t('You must be logged in to use this feature.') . EOL);
 			return '';
 		}
 
-		$o = replace_macros(get_markup_template('channel_import.tpl'),array(
-			'$title' => t('Import Channel'),
-			'$desc' => t('Use this form to import an existing channel from a different server/hub. You may retrieve the channel identity from the old server/hub via the network or provide an export file.'),
-			'$label_filename' => t('File to Upload'),
-			'$choice' => t('Or provide the old server/hub details'),
+		nav_set_selected('Channel Import');
 
-			'$old_address' => [ 'old_address', t('Your old identity address (xyz@example.com)'), '', ''],
-			'$email' => [ 'email', t('Your old login email address'), '', '' ],
-			'$password' => [ 'password', t('Your old login password'), '', '' ],
-			'$import_posts' => [ 'import_posts', t('Import a few months of posts if possible (limited by available memory'), false, '', [ t('No'), t('Yes') ]],
+		$o = replace_macros(get_markup_template('channel_import.tpl'), [
+			'$title'          => t('Channel Import'),
+			'$desc'           => t('Use this form to import an existing channel from a different server/hub. You may retrieve the channel identity from the old server/hub via the network or provide an export file.'),
+			'$label_filename' => t('File to Upload'),
+			'$choice'         => t('Or provide the old server/hub details'),
+
+			'$old_address'  => ['old_address', t('Your old identity address (xyz@example.com)'), '', ''],
+			'$email'        => ['email', t('Your old login email address'), '', ''],
+			'$password'     => ['password', t('Your old login password'), '', ''],
+			'$import_posts' => ['import_posts', t('Import your items and files (limited by available memory)'), false, '', [t('No'), t('Yes')]],
 
 			'$common' => t('For either option, please choose whether to make this hub your new primary address, or whether your old location should continue this role. You will be able to post from either location, but only one can be marked as the primary location for files, photos, and media.'),
 
-			'$make_primary' => [ 'make_primary', t('Make this hub my primary location'), false, '', [ t('No'), t('Yes') ] ],
-			'$moving' => [ 'moving', t('Move this channel (disable all previous locations)'), false, '', [ t('No'), t('Yes') ] ],
-			'$newname' => [ 'newname', t('Use this channel nickname instead of the one provided'), '', t('Leave blank to keep your existing channel nickname. You will be randomly assigned a similar nickname if either name is already allocated on this site.')],
+			'$make_primary' => ['make_primary', t('Make this hub my primary location'), false, '', [t('No'), t('Yes')]],
+			'$moving'       => ['moving', t('Move this channel (disable all previous locations)'), false, '', [t('No'), t('Yes')]],
+			'$newname'      => ['newname', t('Use this channel nickname instead of the one provided'), '', t('Leave blank to keep your existing channel nickname. You will be randomly assigned a similar nickname if either name is already allocated on this site.')],
 
 			'$pleasewait' => t('This process may take several minutes to complete. Please submit the form only once and leave this page open until finished.'),
 
 			'$form_security_token' => get_form_security_token('channel_import'),
-			'$submit' => t('Submit')
-		));
+			'$submit'              => t('Submit')
+		]);
 
 		return $o;
 	}

Zotlabs/Module/Import_items.php

@@ -1,6 +1,11 @@
 <?php
+
 namespace Zotlabs\Module;
 
+use App;
+use ZipArchive;
+use Zotlabs\Web\Controller;
+
 require_once('include/import.php');
 
 /**
@@ -8,104 +13,95 @@ require_once('include/import.php');
  *
  * Import existing posts and content from an export file.
  */
-class Import_items extends \Zotlabs\Web\Controller {
+class Import_items extends Controller {
 
 	function post() {
 
-		if(! local_channel())
+		if (!local_channel())
 			return;
 
 		check_form_security_token_redirectOnErr('/import_items', 'import_items');
 
-		$data     = null;
+		$data = null;
 
 		$src      = $_FILES['filename']['tmp_name'];
 		$filename = basename($_FILES['filename']['name']);
 		$filesize = intval($_FILES['filename']['size']);
 		$filetype = $_FILES['filename']['type'];
 
-		if($src) {
-			// This is OS specific and could also fail if your tmpdir isn't very large
-			// mostly used for Diaspora which exports gzipped files.
+		$channel = App::get_channel();
 
-			if(strpos($filename,'.gz')){
-				@rename($src,$src . '.gz');
-				@system('gunzip ' . escapeshellarg($src . '.gz'));
-			}
+		if ($src) {
 
-			if($filesize) {
-				$data = @file_get_contents($src);
-			}
-			unlink($src);
-		}
+			if ($filetype === 'application/zip') {
+				$zip = new ZipArchive;
 
-		if(! $src) {
+				$r = $zip->open($src);
+				if ($r === true) {
+					for ($i = 0; $i < $zip->count(); $i++) {
+						$data = $zip->getFromIndex($i);
+						self::import($channel, $data);
+					}
+					$zip->close();
+					unlink($src);
+					return;
+				}
 
-			$old_address = ((x($_REQUEST,'old_address')) ? $_REQUEST['old_address'] : '');
-
-			if(! $old_address) {
-				logger('Nothing to import.');
-				notice( t('Nothing to import.') . EOL);
+				notice(t('Not a zip file or zip file corrupted.') . EOL);
+				unlink($src);
 				return;
 			}
 
-			$email    = ((x($_REQUEST,'email'))    ? $_REQUEST['email']    : '');
-			$password = ((x($_REQUEST,'password')) ? $_REQUEST['password'] : '');
+			// This is OS specific and could also fail if your tmpdir isn't very large
+			// mostly used for Diaspora which exports gzipped files.
 
-			$year = ((x($_REQUEST,'year'))    ? $_REQUEST['year']    : '');
+			//if(strpos($filename,'.gz')){
+			//@rename($src,$src . '.gz');
+			//@system('gunzip ' . escapeshellarg($src . '.gz'));
+			//}
 
-			$channelname = substr($old_address,0,strpos($old_address,'@'));
-			$servername  = substr($old_address,strpos($old_address,'@')+1);
-
-			$scheme = 'https://';
-			$api_path = '/api/red/channel/export/items?f=&channel=' . $channelname . '&year=' . intval($year);
-			$binary = false;
-			$redirects = 0;
-			$opts = array('http_auth' => $email . ':' . $password);
-			$url = $scheme . $servername . $api_path;
-			$ret = z_fetch_url($url, $binary, $redirects, $opts);
-			if(! $ret['success'])
-				$ret = z_fetch_url('http://' . $servername . $api_path, $binary, $redirects, $opts);
-			if($ret['success'])
-				$data = $ret['body'];
-			else
-				notice( t('Unable to download data from old server') . EOL);
-		}
-
-		if(! $data) {
-			logger('Empty file.');
-			notice( t('Imported file is empty.') . EOL);
-			return;
-		}
-
-		$data = json_decode($data, true);
-
-		//logger('import: data: ' . print_r($data,true));
-		//print_r($data);
-
-		if(! is_array($data))
-			return;
-
-		if(array_key_exists('compatibility',$data) && array_key_exists('database',$data['compatibility'])) {
-			$v1 = substr($data['compatibility']['database'],-4);
-			$v2 = substr(DB_UPDATE_VERSION,-4);
-			if($v2 > $v1) {
-				$t = sprintf( t('Warning: Database versions differ by %1$d updates.'), $v2 - $v1 );
-				notice($t . EOL);
+			if ($filesize) {
+				$data = @file_get_contents($src);
+				self::import($channel, $data);
 			}
+			unlink($src);
+			return;
 		}
+		/*
+				if(! $src) {
 
-		$channel = \App::get_channel();
+					$old_address = ((x($_REQUEST,'old_address')) ? $_REQUEST['old_address'] : '');
 
-		if(array_key_exists('item',$data) && $data['item']) {
-			import_items($channel,$data['item'],false,((array_key_exists('relocate',$data)) ? $data['relocate'] : null));
-		}
+					if(! $old_address) {
+						logger('Nothing to import.');
+						notice( t('Nothing to import.') . EOL);
+						return;
+					}
 
-		if(array_key_exists('item_id',$data) && $data['item_id']) {
-			import_item_ids($channel,$data['item_id']);
-		}
+					$email    = ((x($_REQUEST,'email'))    ? $_REQUEST['email']    : '');
+					$password = ((x($_REQUEST,'password')) ? $_REQUEST['password'] : '');
+
+					$year = ((x($_REQUEST,'year'))    ? $_REQUEST['year']    : '');
+
+					$channelname = substr($old_address,0,strpos($old_address,'@'));
+					$servername  = substr($old_address,strpos($old_address,'@')+1);
+
+					$scheme = 'https://';
+					$api_path = '/api/red/channel/export/items?f=&channel=' . $channelname . '&year=' . intval($year);
+					$binary = false;
+					$redirects = 0;
+					$opts = array('http_auth' => $email . ':' . $password);
+					$url = $scheme . $servername . $api_path;
+					$ret = z_fetch_url($url, $binary, $redirects, $opts);
+					if(! $ret['success'])
+						$ret = z_fetch_url('http://' . $servername . $api_path, $binary, $redirects, $opts);
+					if($ret['success'])
+						$data = $ret['body'];
+					else
+						notice( t('Unable to download data from old server') . EOL);
+				}
+		*/
 
-		info( t('Import completed') . EOL);
 	}
 
 
@@ -116,20 +112,85 @@ class Import_items extends \Zotlabs\Web\Controller {
 	 */
 	function get() {
 
-		if(! local_channel()) {
-			notice( t('Permission denied') . EOL);
+		if (!local_channel()) {
+			notice(t('Permission denied') . EOL);
 			return login();
 		}
 
-		$o = replace_macros(get_markup_template('item_import.tpl'), array(
-			'$title' => t('Import Items'),
-			'$desc' => t('Use this form to import existing posts and content from an export file.'),
-			'$label_filename' => t('File to Upload'),
+		$o = replace_macros(get_markup_template('item_import.tpl'), [
+			'$title'               => t('Import Items'),
+			'$desc'                => t('Use this form to import existing posts and content from an export file.'),
+			'$label_filename'      => t('File to Upload'),
 			'$form_security_token' => get_form_security_token('import_items'),
-			'$submit' => t('Submit')
-		));
+			'$submit'              => t('Submit')
+		]);
 
 		return $o;
 	}
 
+
+	public static function import($channel, $data) {
+
+		if (!$data) {
+			logger('Empty file.');
+			notice(t('Imported file is empty.') . EOL);
+			return;
+		}
+
+		$data = json_decode($data, true);
+		//logger('import: data: ' . print_r($data,true));
+		//print_r($data);
+
+		if (!is_array($data)) {
+			return;
+		}
+
+		//if (array_key_exists('compatibility', $data) && array_key_exists('database', $data['compatibility'])) {
+			//$v1 = substr($data['compatibility']['database'], -4);
+			//$v2 = substr(DB_UPDATE_VERSION, -4);
+			//if ($v2 > $v1) {
+				//$t = sprintf(t('Warning: Database versions differ by %1$d updates.'), $v2 - $v1);
+				//notice($t . EOL);
+			//}
+		//}
+
+		if (array_key_exists('item', $data) && is_array($data['item'])) {
+			import_items($channel, $data['item'], false, ((array_key_exists('relocate', $data)) ? $data['relocate'] : null));
+			info(t('Content import completed') . EOL);
+		}
+
+		if (array_key_exists('chatroom', $data) && is_array($data['chatroom'])) {
+			import_chatrooms($channel, $data['chatroom']);
+			info(t('Chatroom import completed') . EOL);
+
+		}
+
+		if (array_key_exists('event', $data) && is_array($data['event'])) {
+			import_events($channel, $data['event']);
+			info(t('Channel calendar import 1/2 completed') . EOL);
+
+		}
+
+		if (array_key_exists('event_item', $data) && is_array($data['event_item'])) {
+			import_items($channel, $data['event_item'], false, ((array_key_exists('relocate', $data)) ? $data['relocate'] : null));
+			info(t('Channel calendar import 2/2 completed') . EOL);
+		}
+
+		if (array_key_exists('menu', $data) && is_array($data['menu'])) {
+			import_menus($channel, $data['menu']);
+			info(t('Menu import completed') . EOL);
+		}
+
+		if (array_key_exists('wiki', $data) && is_array($data['wiki'])) {
+			import_items($channel, $data['wiki'], false, ((array_key_exists('relocate', $data)) ? $data['relocate'] : null));
+			info(t('Wiki import completed') . EOL);
+		}
+
+		if (array_key_exists('webpages', $data) && is_array($data['webpages'])) {
+			import_items($channel, $data['webpages'], false, ((array_key_exists('relocate', $data)) ? $data['relocate'] : null));
+			info(t('Webpages import completed') . EOL);
+		}
+
+	}
+
 }

Zotlabs/Module/Import_progress.php

@@ -0,0 +1,122 @@
+<?php
+namespace Zotlabs\Module;
+
+use Zotlabs\Lib\PConfig;
+use Zotlabs\Daemon\Master;
+
+class Import_progress extends \Zotlabs\Web\Controller {
+
+	function post() {
+
+		if(! local_channel())
+			return;
+
+	}
+
+	function get() {
+
+		if(! local_channel()) {
+			return;
+		}
+
+		nav_set_selected('Channel Import');
+
+		// items
+		$c = PConfig::Get(local_channel(), 'import', 'content_progress');
+
+		if ($c) {
+			$total_cpages = floor(intval($c['items_total']) / intval($c['items_page']));
+			if(!$total_cpages) {
+				$total_cpages = 1; // because of floor
+			}
+
+			$cpage = $c['last_page'] + 1; // because page count start at 0
+
+			$cprogress = intval(floor((intval($cpage) * 100) / $total_cpages));
+			$ccompleted_str = t('Item sync completed!');
+
+			if(argv(1) === 'resume_itemsync' && $cprogress < 100) {
+				Master::Summon($c['next_cmd']);
+				goaway('/import_progress');
+			}
+		}
+		else {
+			$cprogress = 'waiting to start...';
+
+			if (PConfig::Get(local_channel(), 'import', 'content_completed')) {
+				// There was nothing todo. Fake 100% and mention that there were no files found
+				$cprogress = 100;
+			}
+
+			$ccompleted_str = t('Item sync completed but no items were found!');
+
+			if(argv(1) === 'resume_itemsync') {
+				Master::Summon(["Content_importer","0","0001-01-01 00:00:00","2021-10-02 19:49:14","ct5","https%3A%2F%2Fhub.somaton.com"]);
+				goaway('/import_progress');
+			}
+		}
+
+		$cprogress_str = ((intval($cprogress)) ? $cprogress . '%' : $cprogress);
+
+		// files
+		$f = PConfig::Get(local_channel(), 'import', 'files_progress');
+
+		if ($f) {
+			$total_fpages = floor(intval($f['files_total']) / intval($f['files_page']));
+			if(!$total_fpages) {
+				$total_fpages = 1;
+			}
+
+			$fpage = $f['last_page'] + 1;
+
+			$fprogress = intval(floor((intval($fpage) * 100) / $total_fpages));
+			$fcompleted_str = t('File sync completed!');
+
+			if(argv(1) === 'resume_filesync' && $fprogress < 100) {
+				Master::Summon($f['next_cmd']);
+				goaway('/import_progress');
+			}
+
+
+		}
+		else {
+			$fprogress = 'waiting to start...';
+
+			if (PConfig::Get(local_channel(), 'import', 'files_completed')) {
+				// There was nothing todo. Fake 100% and mention that there were no files found
+				$fprogress = 100;
+			}
+
+			$fcompleted_str = t('File sync completed but no files were found!');
+		}
+
+		$fprogress_str = ((intval($fprogress)) ? $fprogress . '%' : $fprogress);
+
+		if(is_ajax()) {
+			$ret = [
+				'cprogress' => $cprogress,
+				'fprogress' => $fprogress
+			];
+
+			json_return_and_die($ret);
+		}
+
+		$o = replace_macros(get_markup_template("import_progress.tpl"), [
+			'$chtitle_str' => t('Channel clone status'),
+			'$ctitle_str' => t('Item sync status'),
+			'$ftitle_str' => t('File sync status'),
+			'$cprogress_str' => $cprogress_str,
+			'$cprogress' => intval($cprogress),
+			'$fprogress_str' => $fprogress_str,
+			'$fprogress' => intval($fprogress),
+			'$fcompleted_str' => $fcompleted_str,
+			'$ccompleted_str' => $ccompleted_str,
+			'$chcompleted_str' => t('Channel cloning completed!'),
+			'$resume_str' => t('Resume'),
+			'$resume_helper_str' => t('Only resume if sync stalled!')
+		]);
+
+		return $o;
+	}
+
+}

Zotlabs/Module/Invite.php

@@ -6,7 +6,7 @@ use Zotlabs\Lib\Apps;
 use Zotlabs\Web\Controller;
 
 /**
- * module: invite.php
+ * module: invitexv2.php
  *
  * send email invitations to join social network
  *
@@ -15,160 +15,559 @@ use Zotlabs\Web\Controller;
 
 class Invite extends Controller {
 
+	/**
+	 * While coding this, I want to introduce a system of qualified messages and notifications.
+	 * Each message consists of a 3 letter prefix, a 4 digit number and a one letter suffix (PREnnnnS).
+	 * The spirit about is not from me, but many decades used by IBM inc. in devel with best success.
+	 *
+	 * The system prefix, used uppercase as system message id, lowercase as css and js prefix (classes, ids etc).
+	 * Usually not used as self::MYP, but placed in the code dominant enough for easy to find.
+	 *
+	 * Concrete here:
+	 * The prefix indicates Z for the Zlabs(core), A for Account stuff, I for Invite.
+	 * The numbers scope will be 00xx within/for templates, 01xx for get, 02xx for post functions.
+	 * Message qualification ends with a uppercase suffix, where
+	 * 	I=Info(only),
+	 *	W=Warning(more then info and less then error),
+	 *	E=Error,
+	 *	F=Fatal(for unexpected errors).
+	 * Btw, in case of using fail2ban, a scan of messages going to log is very much more with ease,
+	 * esspecially in multi language driven systems where messages vary.
+	 *
+	 * @author Hilmar Runge
+	 * @version 2.0.0
+	 * @since 2020-01-20
+	 *
+	 */
+
+	const MYP = 	'ZAI';
+	const VERSION =	'2.0.0';
+
 	function post() {
-	
-		if(! local_channel()) {
-			notice( t('Permission denied.') . EOL);
+
+		// zai02
+
+		if (! local_channel()) {
+			notice( 'ZAI0201E,' .t('Permission denied.') . EOL);
 			return;
 		}
 
-		if(! Apps::system_app_installed(local_channel(), 'Invite')) {
+		if (! Apps::system_app_installed(local_channel(), 'Invite')) {
+			notice( 'ZAI0202E,' . t('Invite App') . ' (' . t('Not Installed') . ')' . EOL);
 			return;
 		}
-	
+
 		check_form_security_token_redirectOnErr('/', 'send_invite');
-	
-		$max_invites = intval(get_config('system','max_invites'));
-		if(! $max_invites)
-			$max_invites = 50;
-	
-		$current_invites = intval(get_pconfig(local_channel(),'system','sent_invites'));
-		if($current_invites > $max_invites) {
-			notice( t('Total invitation limit exceeded.') . EOL);
+
+		$ok = $ko = 0;
+		$feedbk = '';
+		$isajax = is_ajax();
+		$eol 	= $isajax ? "\n" : EOL;
+		$policy  = intval(get_config('system','register_policy'));
+		if ($policy == REGISTER_CLOSED) {
+			notice( 'ZAI0212E,' . t('Register is closed') . ')' . EOL);
 			return;
-		};
-	
-	
-		$recips  = ((x($_POST,'recipients')) ? explode("\n",$_POST['recipients']) : array());
-		$message = ((x($_POST,'message'))    ? notags(trim($_POST['message']))    : '');
-	
-		$total = 0;
-	
-		if(get_config('system','invitation_only')) {
-			$invonly = true;
-			$x = get_pconfig(local_channel(),'system','invites_remaining');
-			if((! $x) && (! is_site_admin()))
-				return;
 		}
-	
-		foreach($recips as $recip) {
-	
-			$recip = trim($recip);
-			if(! $recip)
-				continue;
-	
-			if(! validate_email($recip)) {
-				notice(  sprintf( t('%s : Not a valid email address.'), $recip) . EOL);
-				continue;
-			}
-	
-			else
-				$nmessage = $message;
-	
-			$account = App::get_account();
-	
-			$res = z_mail(
-				[ 
-				'toEmail'        => $recip,
-				'fromName'       => ' ',
-				'fromEmail'      => $account['account_email'],
-				'messageSubject' => t('Please join us on $Projectname'),
-				'textVersion'    => $nmessage,
-				]
-			);
-	
-			if($res) {
-				$total ++;
-				$current_invites ++;
-				set_pconfig(local_channel(),'system','sent_invites',$current_invites);
-				if($current_invites > $max_invites) {
-					notice( t('Invitation limit exceeded. Please contact your site administrator.') . EOL);
-					return;
+		if ($policy == REGISTER_OPEN)
+			$flags = 0;
+		elseif ($policy == REGISTER_APPROVE)
+			$flags = ACCOUNT_PENDING;
+		$flags  = ($flags | intval(get_config('system','verify_email')));
+
+		// how many max recipients in one mail submit
+		$maxto = get_config('system','invitation_max_recipients', 'na');
+		If (is_site_admin()) {
+			// set, if admin is operator, default to 12
+			if ($maxto === 'na') set_config('system','invitation_max_recipients', 12);
+		}
+		$maxto = ($maxto === 'na') ? 12 : $maxto;
+
+		// language code current for the invitation
+		$lcc  = x($_POST['zailcc'])  && preg_match('/[a-z\-]{2,5}/', $_POST['zailcc'])
+				? $_POST['zailcc']
+				: '';
+
+		// expiration duration amount quantity, in case of doubts defaults 2
+		$durn = x($_POST['zaiexpiren']) && preg_match('/[0-9]{1,2}/', $_POST['zaiexpiren'])
+				? trim(intval($_POST['zaiexpiren']))
+				: '2';
+		!$durn ? $durn = 2 : '';
+
+		// expiration duration unit 1st letter (day, weeks, months, years), defaults days
+		$durq = x($_POST['zaiexpire']) && preg_match('/[ihd]{1,1}/', $_POST['zaiexpire'])
+				? $_POST['zaiexpire']
+				: 'd';
+
+		$dur = self::calcdue($durn.$durq);
+		$due = t('Note, the invitation code is valid up to') . ' ' . $dur['due'];
+
+		if ($isajax) {
+			$feedbk .= 'ZAI0207I ' . $due . $eol;
+		}
+
+		// take the received email addresses and discart duplicates
+		$recips  = array_filter( array_unique( preg_replace('/^\s*$/', '',
+			((x($_POST,'zaito')) ? explode( "\n",$_POST['zaito']) : array() ) )));
+
+		$havto = count($recips);
+
+		if ( $havto > $maxto) {
+			$feedbk .= 'ZAI0210E ' . sprintf( t('Too many recipients for one invitation (max %d)'), $maxto) . $eol;
+			$ko++;
+
+		} elseif ( $havto == 0 ) {
+			$feedbk .= 'ZAI0211E ' . t('No recipients for this invitation') . $eol;
+			$ko++;
+
+		} else {
+
+			// each email address
+			foreach($recips as $n => $recip) {
+
+				// if empty ignore
+				$recip = $recips[$n] = trim($recip);
+				if(! $recip) continue;
+
+				// see if we have an email address who@domain.tld
+				//if (!preg_match('/^.{2,64}\@[a-z0-9.-]{2,32}\.[a-z]{2,12}$/', $recip)) {
+					//$feedbk .= 'ZAI0203E ' . ($n+1) . ': ' . sprintf( t('(%s) : Not a valid email address'), $recip) . $eol;
+					//$ko++;
+					//continue;
+				//}
+				if(! validate_email($recip)) {
+					$feedbk .= 'ZAI0204E ' . ($n+1) . ': ' . sprintf( t('(%s) : Not a real email address'), $recip) . $eol;
+					$ko++;
+					continue;
+				}
+
+				// do we accept the email (not black listed)
+				if(! allowed_email($recip)) {
+					$feedbk .= 'ZAI0205E ' . ($n+1) . ': ' . sprintf( t('(%s) : Not allowed email address'), $recip) . $eol;
+					$ko++;
+					continue;
+				}
+
+				// is the email address just in use for account or registered before
+				$r = q("SELECT account_email       AS em FROM account  WHERE account_email = '%s'"
+					  . " UNION "
+					  ."SELECT reg_email           AS em FROM register WHERE reg_vital = 1 AND reg_email = '%s' LIMIT 1;",
+						dbesc($recip),
+						dbesc($recip)
+				);
+				if($r && $r[0]['em'] == $recip) {
+					$feedbk .= 'ZAI0206E ' . ($n+1) . ': ' . sprintf( t('(%s) : email address already in use'), $recip) . $eol;
+					$ko++;
+					continue;
+				}
+
+				if ($isajax) {
+					// seems we have an email address acceptable
+					$feedbk .= 'ZAI0209I ' . ($n+1) . ': ' . sprintf( t('(%s) : Accepted email address'), $recip) . $eol;
 				}
 			}
-			else {
-				notice( sprintf( t('%s : Message delivery failed.'), $recip) . EOL);
-			}
-	
 		}
-		notice( sprintf( tt("%d message sent.", "%d messages sent.", $total) , $total) . EOL);
+
+		if ($isajax) {
+			// we are not silent on the ajax road
+			echo json_encode(array('feedbk' => $feedbk, 'due' => $due));
+
+			// that mission is complete
+			killme();
+			exit;
+		}
+
+		//	Total ?todo notice( t('Invitation limit exceeded. Please contact your site administrator.') . EOL);
+
+		// any errors up to now in fg?
+
+
+		// down from here, only on the main road (no more ajax)
+
+		// tell if sth is to tell
+		$feedbk ? notice($feedbk) . $eol : '';
+
+		if ($ko > 0) return;
+
+		// the personal mailtext
+		$mailtext = ((x($_POST,'zaitxt'))    ? notags(trim($_POST['zaitxt']))    : '');
+
+		// to log in db
+		$reonar = json_decode( ((x($_POST,'zaireon'))  ? notags(trim($_POST['zaireon']))    : ''), TRUE, 8) ;
+
+		// me, the invitor
+		$account = App::get_account();
+		$reonar['from'] = $account['account_email'];
+		$reonar['date'] = datetime_convert();
+		$reonar['fromip'] = $_SERVER['REMOTE_ADDR'];
+
+		// who is the invitor on
+		$inby = local_channel();
+
+		$ok = $ko = 0;
+
+		// send the mail(s)
+		foreach($recips as $n => $recip) {
+
+			$reonar['due'] = $due;
+			$reonar['to']  = $recip;
+			$reonar['txtpersonal'] = $mailtext;
+
+			// generate an invide code to store and pm
+			$invite_code = autoname(8) . rand(1000,9999);
+
+			// again the final localized templates  $reonar['subject'] $reonar['lang'] $reonar['tpl']
+
+			// save current operators lc and take the desired to mail
+			push_lang($reonar['lang']);
+			// resolve
+			$tx = replace_macros(get_intltext_template('invite.'.$reonar['tpl'].'.tpl'),
+				array(
+					'$projectname'		=> t('$Projectname'),
+					'$invite_code'		=> $invite_code,
+					'$invite_where' 	=> z_root() . '/register',
+					'$invite_whereami'	=> $reonar['whereami'],
+					'$invite_whoami'	=> z_root() . '/channel/' . $reonar['whoami'],
+					'$invite_anywhere'	=> z_root() . '/pubsites'
+				)
+			);
+			// restore lc to operator
+			pop_lang();
+
+			$reonar['txttemplate'] = $tx;
+
+			// pm
+			$zem = z_mail(
+				[
+				'toEmail'        => $recip,
+				'fromName'       => ' ',
+				'fromEmail'      => $reonar['from'],
+				'messageSubject' => $reonar['subject'],
+				'textVersion'    => ($mailtext ? $mailtext . "\n\n" : '') . $tx . "\n" . $due,
+				]
+			);
+
+			if(!$zem) {
+
+				$ko++;
+				$msg = 'ZAI0208E,' . sprintf( t('%s : Message delivery failed.'), $recip);
+
+			} else {
+
+				$ok++;
+				$msg = 'ZAI0208I ' . sprintf( t('To %s : Message delivery success.'), $recip);
+
+				// if verify_email is the rule, email becomes a dId2 - NO
+				// $did2 = ($flags & ACCOUNT_UNVERIFIED) == ACCOUNT_UNVERIFIED ? $recip : '';
+
+				// always enforce verify email with invitations, thus email becomes a dId2
+				$did2 = $recip;
+				$flags |= ACCOUNT_UNVERIFIED;
+
+				// defaults vital, reg_pass
+				$r = q("INSERT INTO register ("
+				. "reg_flags,reg_didx,reg_did2,reg_hash,reg_created,reg_startup,reg_expires,reg_email,reg_byc,reg_uid,reg_atip,reg_lang,reg_stuff)"
+				. " VALUES ( %d, 'i', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', '%s', '%s') ",
+					intval($flags),
+					dbesc($did2),
+					dbesc($invite_code),
+					dbesc(datetime_convert()),
+					dbesc(datetime_convert()),
+					dbesc($dur['due']),
+					dbesc($recip),
+					intval($inby),
+					intval($account['account_id']),
+					dbesc($reonar['fromip']),
+					dbesc($reonar['lang']),
+					dbesc(json_encode( array('reon' => $reonar) ))
+				);
+			}
+			$msg .= ' (a' . $account['account_id'] . ', c' . $inby . ', from:' . $reonar['from'] . ')';
+			zar_log( $msg);
+		}
+
+		$ok + $ko > 0
+		? notice( 'ZAI0212I ' . sprintf( t('%1$d mail(s) sent, %2$d mail error(s)'), $ok, $ko) . EOL)
+		: '';
+		//logger( print_r( $reonar, true) );
+
 		return;
 	}
-	
-	
+
+
 	function get() {
-	
+
+		// zai1
+
 		if(! local_channel()) {
-			notice( t('Permission denied.') . EOL);
+			notice( 'ZAI0101E,' . t('Permission denied.') . EOL);
 			return;
 		}
 
 		if(! Apps::system_app_installed(local_channel(), 'Invite')) {
 			//Do not display any associated widgets at this point
 			App::$pdl = '';
+			$papp = Apps::get_papp('Invite');
+			return Apps::app_render($papp, 'module');
+		}
 
-			$o = '<b>' . t('Invite App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= t('Send email invitations to join this network');
+		if (! (get_config('system','invitation_also') || get_config('system','invitation_only')) ) {
+			$o = 'ZAI0103E,' . t('Invites not proposed by configuration') . '. ';
+			$o .= t('Contact the site admin');
 			return $o;
 		}
 
-		nav_set_selected('Invite');
-	
-		$tpl = get_markup_template('invite.tpl');
-		$invonly = false;
-	
-		if(get_config('system','invitation_only')) {
-			$invonly = true;
-			$x = get_pconfig(local_channel(),'system','invites_remaining');
-			if((! $x) && (! is_site_admin())) {
-				notice( t('You have no more invitations available') . EOL);
+		// invitation_by_user may still not configured, the default 'na' will tell this
+		// if configured, 0 disables invitations by users, other numbers are how many invites a user may propagate
+		$invuser = get_config('system','invitation_by_user', 'na');
+
+		// if the mortal user drives the invitation
+		If (! is_site_admin()) {
+
+			// when not configured, 4 is the default
+			$invuser = ($invuser === 'na') ? 4 : $invuser;
+
+			// a config value 0 disables invitation by users
+			if (!$invuser) {
+				$o = 'ZAI0104E, ' . t('Invites by users not enabled') . '. ';
+				return $o;
+			}
+
+			if ($ihave >= $invuser) {
+				notice( 'ZAI0105W,' . t('You have no more invitations available') . EOL);
 				return '';
 			}
+
+		} else {
+			// general deity admin invite limit infinite (theoretical)
+			if ($invuser === 'na') set_config('system','invitation_by_user', 4);
+			// for display only
+			$invuser = '∞';
 		}
-	
-			if($invonly && ($x || is_site_admin())) {
-				$invite_code = autoname(8) . rand(1000,9999);
-				$nmessage = str_replace('$invite_code',$invite_code,$message);
-	
-				$r = q("INSERT INTO register (hash,created,uid,password,lang) VALUES ('%s', '%s',0,'','') ",
-					dbesc($invite_code),
-					dbesc(datetime_convert())
-				);
-	
-				if(! is_site_admin()) {
-					$x --;
-					if($x >= 0)
-						set_pconfig(local_channel(),'system','invites_remaining',$x);
-					else
-						return;
-				}
-			}
-	
+
+		// xchan record of the page observer
+		// while quoting matters the user, the sending is associated with a channel (of the user)
+		// also the admin may and should decide, which channel will told to the public
 		$ob = App::get_observer();
 		if(! $ob)
-			return $o;
-	
-		$channel = App::get_channel();
-	
+			return 'ZAI0109F,' . t('Not on xchan') . EOL;
+		$whereami = $ob['xchan_addr'];
+		$channel  = App::get_channel();
+		$whoami = $channel['channel_address'];
+
+		// to pass also to post()
+		$tao = 'tao.zai.whereami = ' . "'" . $whereami . "';\n"
+			 . 'tao.zai.whoami = ' 	 . "'" . $whoami . "';\n";
+
+		// expirations, duration interval
+		$dur = self::calcdue();
+		$tao .= 'tao.zai.expire = { durn: ' . $dur['durn']
+			  					. ', durq: ' . "'" . $dur['durq']  . "'"
+			  					. ', due: '  . "'" . $dur['due']   . "' };\n";
+
+		// to easy redisplay the empty form
+		nav_set_selected('Invite');
+
+		// inform about the count of invitations we have at all
+		$r = q("SELECT count(reg_id) as ct FROM register WHERE reg_vital = 1");		// where not admin TODO
+		$wehave = ($r ? $r[0]['ct'] : 0);
+
+		// invites max for all users except admins
+		$invmaxau = intval(get_config('system','invitations_max_users'));
+		if(! $invmaxau) {
+			$invmaxau = 50;
+			if (is_site_admin()) {
+				set_config('system','invitations_max_users',intval($invmaxau));
+			}
+		}
+
+		if ($wehave > $invmaxau) {
+			if (! is_site_admin()) {
+				$feedbk .= 'ZAI0200E,' . t('All users invitation limit exceeded.') . $eol;
+			}
+		}
+
+		// let see how many invites currently used by the user
+		$r = q("SELECT count(reg_id) AS n FROM register WHERE reg_vital = 1 AND reg_byc = %d",
+			 intval(local_channel()));
+		$ihave = $r ? $r[0]['n'] : 0;
+
+		$tpl = get_markup_template('invite.tpl');
+
+		$inv_rabots = array(
+ 					'i'	=> t('Minute(s)'),
+ 					'h' => t('Hour(s)')  ,
+ 					'd' => t('Day(s)')
+		);
+		$inv_expire = replace_macros(get_markup_template('field_duration.qmc.tpl'),
+			 array(
+			 	'label'  	=> t('Invitation expires after'),
+			 	'qmc'	 	=> 'zai',
+				'qmcid'		=> 'ZAI0014I',
+			 	'field' => 	array(
+			 		'name'  => 'expire',
+			 		'title' => t('duration up from now'),
+			 		'value' => ($invexpire_n ? $invexpire_n : 2),
+			 		'min'  => '1',
+			 		'max'  => '99',
+			 		'size' => '2',
+					'default' => ($invexpire_u ? $invexpire_u : 'd')
+			 	),
+			 	'rabot'	=> 	$inv_rabots
+			 )
+		);
+
+		// let generate an invite code that here and never will be applied (only to fill displayed template)
+		// real invite codes become generated for each recipient when we store the new invitation(s)
+		// $invite_code = substr(str_shuffle('abcdefghijklmnopqrstuvwxyz'), 0, 8) . rand(1000,9999);
+		// let take one descriptive for template (as said is never used)
+		$invite_code = 'INVITATE2020';
+
+		// and all the localized templates belonging to invite
+		$tpls	= glob('view/*/invite.*.tpl');
+
+		$tpla=$tplx=$tplxs=array();
+		foreach ($tpls as $tpli) {
+			list( $nop, $l, $t ) = explode( '/', $tpli);
+			if ( preg_match('/\.subject/', $t) =='1' ) {
+				// indicate a subject tpl exists
+				$t=str_replace(array('invite.', '.subject', '.tpl'), '', $t);
+				$tplxs[$l][$t]=true;
+				continue;
+			}
+			// collect unique template names cross all languages and
+			// tpla[language][]=template those available in each language
+			$tplx[] = $tpla[$l][] = str_replace( array('invite.', '.tpl'), '', $t);
+		}
+
+		$langs = array_keys($tpla);
+		asort($langs);
+
+		// Use the current language if we have a template for it. Otherwise fall back to 'en'.
+		$lccmy	= ((in_array(App::$language, $langs)) ? App::$language : 'en');
+
+		$tplx = array_unique($tplx);
+		asort($tplx);
+
+		// prepare current language and the default standard template (causual) for js
+		// With and in js, I use a var 'tao' as a shortcut for top array object
+		// and also qualify the object with the prefix zai = tao.zai as my var used outsite functions
+		// can be unique within the overall included spaghette whirls
+		// one can say Im too lazy to write prototypes and just I can agree.
+		// tao simply applies the fact of using the same var as object and/or array in ja.
+		$tao.='tao.zai.lccmy = ' . "'" . $lccmy . "';\n" . 'tao.zai.itpl = ' . "'" . 'casual' . "';\n";
+
+		$lcclane=$tx=$tplin='';
+		//$lccsym='<span class="fa zai_fa zai_lccsym"></span>';	// alt 
+		$tplsym='<span class="fa zai_fa"></span>';
+
+		// I will uncomment for js console debug
+		// $tao.='tao.zai.debug = ' . "'" . json_encode($tplxs) . "';\n";
+
+		// running thru the localized templates (subjects and textmsgs) and bring them to tao
+		// lcc LanguageCountryCode,
+		// lcc2 is a 2 character and lcc5 a 5 character LanguageCountryCode
+		foreach($tpla as $l => $tn) {
+
+			// restyle lc to iso getttext format to avoid errors in js, hilite the current
+			$lcc = str_replace('-', '_', $l);
+			$hi = ($l == $lccmy) ? ' zai_hi' : '';
+			$lcc2 = strlen($l) == 2 ? ' zai_lcc2' : '';
+			$lcc5 = strlen($l) == 5 ? ' zai_lcc5' : '';
+			$lccg = ' zai_lccg' . substr( $l, 0, 2 );
+			$lcclane
+			.= 	'<span class="fa zai_fa zai_lccsym' . $lcc2 . $lcc5 . $lccg . '"></span>'
+			.	'<a href="javascript:;" class="zai_lcc' . $lcc2 . $lcc5 . $lccg . $hi . '">' . $lcc . '</a>';
+			//  textmsg
+			$tao .= 'tao.zai.t.' . $lcc . ' = {};' . "\n";
+			//  subject
+			$tao .= 'tao.zai.s.' . $lcc . ' = {};' . "\n";
+
+			// resolve localized templates and take intented lc for
+			foreach($tn as $t1) {
+
+				// save current lc and take the desired
+				push_lang($l);
+
+				// resolve
+				$tx = replace_macros(get_intltext_template('invite.'.$t1.'.tpl'),
+					array(
+						'$projectname'		=> t('$Projectname'),
+						'$invite_code'		=> $invite_code,
+						'$invite_where' 	=> z_root() . '/register',
+						'$invite_whereami'	=> $whereami,
+						'$invite_whoami'	=> z_root() . '/channel/' . $whoami,
+						'$invite_anywhere'	=> z_root() . '/pubsites'
+					)
+				);
+
+				// a default subject if no associated exists
+				$ts=t('Invitation');
+				if ( $tplxs[$l][$t1] )
+					$ts = replace_macros(get_intltext_template('invite.'.$t1.'.subject.tpl'),
+					array(
+						'$projectname'		=> t('$Projectname'),
+						'$invite_loc'		=> get_config('system','sitename')
+					)
+				);
+
+				// restore lc to current foreground
+				pop_lang();
+
+				// bring to tao as js like it
+				$tao .= 'tao.zai.t.' . $lcc . '.' . $t1 . " = '" . rawurlencode($tx) . "';\n";
+				$tao .= 'tao.zai.s.' . $lcc . '.' . $t1 . " = '" . rawurlencode($ts) . "';\n";
+			}
+		}
+
+		// hilite the current defauls just from the beginning
+		foreach ($tplx as $t1) {
+			$hi = ($t1 == 'casual') ? ' zai_hi' : '';
+			$tplin .= $tplsym.'<a href="javascript:;" id="zai-' . $t1
+					. '" class="invites'.$hi.'">' . $t1 . '</a>';
+		}
+
+		// fill the form for foreground
 		$o = replace_macros($tpl, array(
 			'$form_security_token' => get_form_security_token("send_invite"),
+			'$zai'	=> strtolower(self::MYP),
+			'$tao'	=> $tao,
 			'$invite' => t('Send invitations'),
-			'$addr_text' => t('Enter email addresses, one per line:'),
-			'$msg_text' => t('Your message:'),
-			'$default_message' => t('Please join my community on $Projectname.') . "\r\n" . "\r\n"
-				. $linktxt
-				. (($invonly) ? "\r\n" . "\r\n" . t('You will need to supply this invitation code:') . " " . $invite_code . "\r\n" . "\r\n" : '')
-				. t('1. Register at any $Projectname location (they are all inter-connected)')
-				. "\r\n" . "\r\n" . z_root() . '/register'
-				. "\r\n" . "\r\n" . t('2. Enter my $Projectname network address into the site searchbar.')
-				. "\r\n" . "\r\n" . $ob['xchan_addr'] . ' (' . t('or visit') . " " . z_root() . '/channel/' . $channel['channel_address'] . ')'
-				. "\r\n" . "\r\n"
-				. t('3. Click [Connect]')
-				. "\r\n" . "\r\n"  ,
+			'$ihave'  => 'ZAI0106I, ' . t('Invitations I am using') . ': ' . $ihave . ' / ' . $invuser,
+			'$wehave' => 'ZAI0107I, ' . t('Invitations we are using') . ': ' . $wehave . ' / ' . $invmaxau,
+			'$n10' => 'ZAI0010I',	'$m10' => t('§ Note, the email(s) sent will be recorded in the system logs'),
+			'$n11' => 'ZAI0011I',	'$m11' => t('Enter email addresses, one per line:'),
+			'$n12' => 'ZAI0012I',	'$m12' => t('Your message:'),
+			'$n13' => 'ZAI0013I',	'$m13' => t('Invite template'),
+			'$inv_expire' => $inv_expire,
+			'$subject_label' => t('Subject:'),
+			'$subject'	=> t('Invitation'),
+			'$lcclane'		=> $lcclane,
+			'$tplin'	=> $tplin,
+			'$standard_message' => '',
+			'$personal_message' => '',
+			'$personal_pointer' => t('Here you may enter personal notes to the recipient(s)'),
+			'$due' => t('Note, the invitation code is valid up to') . ' ' . $dur['due'],
 			'$submit' => t('Submit')
 		));
-	
+
 		return $o;
 	}
-	
+
+	function calcdue($duri=false) {
+		// expirations, duration interval
+		if ($duri===false)
+			$duri = get_config('system','register_expire', '2d');
+		if ( preg_match( '/^[0-9]{1,2}[ihdwmy]{1}$/', $duri ) ) {
+			$durq = substr($duri, -1);
+			$durn = substr($duri, 0, -1);
+			$due  = date('Y-m-d H:i:s', strtotime('+' . $durn . ' '
+				  . str_replace( array(':i',':h',':d',':w',':m',':y'),
+			 				 	 array('minutes', 'hours', 'days', 'weeks', 'months', 'years'),
+			 		 (':'.$durq))
+				));
+			return array( 'durn' => $durn, 'durq' => $durq, 'due' => $due);
+		}
+		return false;
+	}
 }
+

Zotlabs/Module/Lang.php

@@ -7,16 +7,60 @@ use Zotlabs\Web\Controller;
 
 class Lang extends Controller {
 
+	const MYP = 	'ZIN';
+	const VERSION =	'2.0.0';
+
+	function post() {
+
+		$re = [];
+		$isajax = is_ajax();
+		$eol 	= $isajax ? "\n" : EOL;
+
+		if (! Apps::system_app_installed(local_channel(), 'Language')) {
+			$re['msg'] = 'ZIN0202E, ' . t('Language App') . ' (' . t('Not Installed') . ')' ;
+			notice( $re['msg'] . EOL);
+			if ($isajax) {
+				echo json_encode( $re );
+				killme();
+				exit;
+			} else {
+				return;
+			}
+		}
+
+		$lc = x($_POST['zinlc']) && preg_match('/^\?\?|[a-z]{2,2}[x_\-]{0,1}[a-zA-Z]{0,2}$/', $_POST['zinlc'])
+			? $_POST['zinlc'] : '';
+		$lcs= x($_POST['zinlcs']) && preg_match('/^[a-z,_\-]{0,191}$/', $_POST['zinlcs'])
+			? $_POST['zinlcs'] : '';
+
+		if ($isajax) {
+
+			if ($lc == '??') {
+				$re['lc'] = get_best_language();
+				$re['lcs'] = language_list();
+			} else {
+				$re['lc'] = $lc;
+				$re['alc'] = App::$language;
+				$re['slc'] = $_SESSION['language'];
+				$_SESSION['language'] = $lc;
+				App::$language = $lc;
+				load_translation_table($lc, true);
+			}
+
+			echo json_encode( $re );
+			killme();
+			exit;
+		}
+	}
+
 	function get() {
 
 		if(local_channel()) {
 			if(! Apps::system_app_installed(local_channel(), 'Language')) {
-				//Do not display any associated widgets at this point
-				App::$pdl = '';
-
-				$o = '<b>' . t('Language App') . ' (' . t('Not Installed') . '):</b><br>';
-				$o .= t('Change UI language');
-				return $o;
+			//Do not display any associated widgets at this point
+			App::$pdl = '';
+			$papp = Apps::get_papp('Language');
+			return Apps::app_render($papp, 'module');
 			}
 		}
 
@@ -24,5 +68,5 @@ class Lang extends Controller {
 		return lang_selector();
 
 	}
-	
+
 }

Zotlabs/Module/Like.php

@@ -91,6 +91,12 @@ class Like extends Controller {
 			'id'      => $arr['item']['id'],
 			'html'    => conversation($items, $conv_mode, true, $page_mode),
 		];
+
+		// mod photos
+		if (isset($_REQUEST['reload']) && $_REQUEST['reload']) {
+			$ret['reload'] = 1;
+		}
+
 		return $ret;
 
 	}

Zotlabs/Module/Linkinfo.php

@@ -5,37 +5,40 @@ namespace Zotlabs\Module;
 class Linkinfo extends \Zotlabs\Web\Controller {
 
 	function get() {
-	
+
 		logger('linkinfo: ' . print_r($_REQUEST,true));
-	
+
 		$text = null;
 		$str_tags = '';
-		$process_oembed = true;	
-	
+		$process_oembed = true;
+
 		$br = "\n";
-	
+
 		if(x($_GET,'binurl'))
 			$url = trim(hex2bin($_GET['binurl']));
 		else
 			$url = trim($_GET['url']);
-	
+
 		if(substr($url,0,1) === '!') {
 			$process_oembed = false;
 			$url = substr($url,1);
 		}
 
 		$url = strip_zids($url);
-	
+
 		if((substr($url,0,1) != '/') && (substr($url,0,4) != 'http'))
 			$url = 'http://' . $url;
-	
-	
+
+		$x = parse_url($url);
+		if ($x)
+			$url = str_replace($x['host'], punify($x['host']), $url);
+
 		if($_GET['title'])
 			$title = strip_tags(trim($_GET['title']));
-	
+
 		if($_GET['description'])
 			$text = strip_tags(trim($_GET['description']));
-	
+
 		if($_GET['tags']) {
 			$arr_tags = str_getcsv($_GET['tags']);
 			if(count($arr_tags)) {
@@ -43,23 +46,25 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 				$str_tags = $br . implode(' ',$arr_tags) . $br;
 			}
 		}
-	
+
 		logger('linkinfo: ' . $url);
-		
-                // Replace plink URL with 'share' tag if possible
-                preg_match("/(mid=b64\.|display\/|posts\/)([\w\-]+)(&.+)?$/", $url, $mid);
 
-                if (!empty($mid) && $mid[1] == 'mid=b64.')
-                        $mid[2] = base64_decode($mid[2]);
+		// Replace plink URL with 'share' tag if possible
+		preg_match("/(mid=b64\.|display\/|posts\/)([\w\-]+)(&.+)?$/", $url, $mid);
 
-                $r = q("SELECT id FROM item WHERE mid = '%s' AND uid = %d AND item_private = 0 LIMIT 1",
-                        dbesc((empty($mid) ? $url : $mid[2])),
-                        intval(local_channel())
-                );
-                if ($r) {
-                        echo "[share=" . $r[0]['id'] . "][/share]";
-                        killme();
-                }
+		if (!empty($mid)) {
+			$mid[2] = unpack_link_id($mid[2]);
+		}
+
+		$r = q("SELECT id FROM item WHERE mid = '%s' AND uid = %d AND item_private = 0 LIMIT 1",
+			dbesc((empty($mid) ? $url : $mid[2])),
+			intval(local_channel())
+		);
+
+		if ($r) {
+			echo "[share=" . $r[0]['id'] . "][/share]";
+			killme();
+		}
 
 		$result = z_fetch_url($url,false,0,array('novalidate' => true, 'nobody' => true));
 		if($result['success']) {
@@ -108,13 +113,13 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 				}
 			}
 		}
-	
+
 		$template = $br . '#^[url=%s]%s[/url]%s' . $br;
-	
+
 		$arr = array('url' => $url, 'text' => '');
-	
+
 		call_hooks('parse_link', $arr);
-	
+
 		if(strlen($arr['text'])) {
 			echo $arr['text'];
 			killme();
@@ -127,28 +132,28 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 				killme();
 			}
 		}
-	
+
 		if($url && $title && $text) {
-	
+
 			$text = $br . '[quote]' . trim($text) . '[/quote]' . $br;
-	
+
 			$title = str_replace(array("\r","\n"),array('',''),$title);
-	
+
 			$result = sprintf($template,$url,($title) ? $title : $url,$text) . $str_tags;
-	
+
 			logger('linkinfo (unparsed): returns: ' . $result);
-	
+
 			echo $result;
 			killme();
 		}
-	
+
 		$siteinfo = self::parseurl_getsiteinfo($url);
-	
+
 		// If the site uses this platform, use zrl rather than url so they get zids sent to them by default
-	
+
 		if(is_matrix_url($url))
 			$template = str_replace('url','zrl',$template);
-	
+
 		if($siteinfo["title"] == "") {
 			echo sprintf($template,$url,$url,'') . $str_tags;
 			killme();
@@ -156,19 +161,19 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 			$text = $siteinfo["text"];
 			$title = $siteinfo["title"];
 		}
-	
+
 		$image = "";
 
 		if(is_array($siteinfo["images"]) && count($siteinfo["images"])){
 			/* Execute below code only if image is present in siteinfo */
-	
+
 			$total_images = 0;
 			$max_images = get_config('system','max_bookmark_images');
 			if($max_images === false)
 				$max_images = 2;
 			else
 				$max_images = intval($max_images);
-	
+
 			foreach ($siteinfo["images"] as $imagedata) {
 	                        if ($url) {
 	                            $image .= sprintf('[url=%s]', $url);
@@ -183,57 +188,57 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 					break;
 			}
 		}
-	
+
 		if(strlen($text)) {
 			$text = $br.'[quote]'.trim($text).'[/quote]'.$br ;
 		}
-	
+
 		if($image) {
 			$text = $br.$br.$image.$text;
 		}
 		$title = str_replace(array("\r","\n"),array('',''),$title);
-	
+
 		$result = sprintf($template,$url,($title) ? $title : $url,$text) . $str_tags;
-	
+
 		logger('linkinfo: returns: ' . $result, LOGGER_DEBUG);
-	
+
 		echo trim($result);
 		killme();
-	
+
 	}
-	
-	
+
+
 	public static function deletexnode(&$doc, $node) {
 		$xpath = new \DomXPath($doc);
 		$list = $xpath->query("//".$node);
 		foreach ($list as $child)
 			$child->parentNode->removeChild($child);
 	}
-	
+
 	public static function completeurl($url, $scheme) {
 	        $urlarr = parse_url($url);
-	
+
 	        if (isset($urlarr["scheme"]))
 	                return($url);
-	
+
 	        $schemearr = parse_url($scheme);
-	
+
 	        $complete = $schemearr["scheme"]."://".$schemearr["host"];
-	
+
 	        if ($schemearr["port"] != "")
 	                $complete .= ":".$schemearr["port"];
-	
+
 			if(strpos($urlarr['path'],'/') !== 0)
 				$complete .= '/';
-	
+
 	        $complete .= $urlarr["path"];
-	
+
 	        if ($urlarr["query"] != "")
 	                $complete .= "?".$urlarr["query"];
-	
+
 	        if ($urlarr["fragment"] != "")
 	                $complete .= "#".$urlarr["fragment"];
-	
+
 	        return($complete);
 	}
 
@@ -251,7 +256,7 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 		$p = substr($m,strpos($m,'/')+1);
 
 		// get the channel to check permissions
-		
+
 		$u = channelx_by_nick($nick);
 
 		if($u && $p) {
@@ -272,18 +277,18 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 		return EMPTY_STR;
 	}
 
-	
+
 	public static function parseurl_getsiteinfo($url) {
 		$siteinfo = array();
-	
-	
+
+
 		$result = z_fetch_url($url,false,0,array('novalidate' => true));
 		if(! $result['success'])
 			return $siteinfo;
-	
+
 		$header = $result['header'];
 		$body   = $result['body'];
-		
+
 		// Check codepage in HTTP headers or HTML if not exist
 		$cp = (preg_match('/Content-Type: text\/html; charset=(.+)\r\n/i', $header, $o) ? $o[1] : '');
 		if(empty($cp))
@@ -291,10 +296,10 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 
 		$body   = mb_convert_encoding($body, 'UTF-8', $cp);
 		$body   = mb_convert_encoding($body, 'HTML-ENTITIES', "UTF-8");
-	
+
 		$doc    = new \DOMDocument();
 		@$doc->loadHTML($body);
-	
+
 		self::deletexnode($doc, 'style');
 		self::deletexnode($doc, 'script');
 		self::deletexnode($doc, 'option');
@@ -306,14 +311,14 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 		self::deletexnode($doc, 'h6');
 		self::deletexnode($doc, 'ol');
 		self::deletexnode($doc, 'ul');
-	
+
 		$xpath = new \DomXPath($doc);
-	
+
 		//$list = $xpath->query("head/title");
 		$list = $xpath->query("//title");
 		foreach ($list as $node)
 			$siteinfo["title"] =  html_entity_decode($node->nodeValue, ENT_QUOTES, "UTF-8");
-	
+
 		//$list = $xpath->query("head/meta[@name]");
 		$list = $xpath->query("//meta[@name]");
 		foreach ($list as $node) {
@@ -321,9 +326,9 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 			if ($node->attributes->length)
 	                        foreach ($node->attributes as $attribute)
 	                                $attr[$attribute->name] = $attribute->value;
-	
+
 			$attr["content"] = html_entity_decode($attr["content"], ENT_QUOTES, "UTF-8");
-	
+
 			switch (strtolower($attr["name"])) {
 				case "fulltitle":
 					$siteinfo["title"] = trim($attr["content"]);
@@ -365,7 +370,7 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 					break;
 			}
 		}
-	
+
 		//$list = $xpath->query("head/meta[@property]");
 		$list = $xpath->query("//meta[@property]");
 		foreach ($list as $node) {
@@ -373,9 +378,9 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 			if ($node->attributes->length)
 	                        foreach ($node->attributes as $attribute)
 	                                $attr[$attribute->name] = $attribute->value;
-	
+
 			$attr["content"] = html_entity_decode($attr["content"], ENT_QUOTES, "UTF-8");
-	
+
 			switch (strtolower($attr["property"])) {
 				case "og:image":
 					$siteinfo["image"] = $attr["content"];
@@ -388,7 +393,7 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 					break;
 			}
 		}
-	
+
 		if ($siteinfo["image"] == "") {
 	            $list = $xpath->query("//img[@src]");
 	            foreach ($list as $node) {
@@ -396,10 +401,10 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 	                if ($node->attributes->length)
 	                    foreach ($node->attributes as $attribute)
 	                        $attr[$attribute->name] = $attribute->value;
-	
+
 				$src = self::completeurl($attr["src"], $url);
 				$photodata = @getimagesize($src);
-	
+
 				if (($photodata) && ($photodata[0] > 150) and ($photodata[1] > 150)) {
 					if ($photodata[0] > 300) {
 						$photodata[1] = round($photodata[1] * (300 / $photodata[0]));
@@ -413,36 +418,36 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 									"width"=>$photodata[0],
 									"height"=>$photodata[1]);
 				}
-	
+
 	 		}
 	    } else {
 			$src = self::completeurl($siteinfo["image"], $url);
-	
+
 			unset($siteinfo["image"]);
-	
+
 			$photodata = @getimagesize($src);
-	
+
 			if (($photodata) && ($photodata[0] > 10) and ($photodata[1] > 10))
 				$siteinfo["images"][] = array("src"=>$src,
 								"width"=>$photodata[0],
 								"height"=>$photodata[1]);
 		}
-	
+
 		if ($siteinfo["text"] == "") {
 			$text = "";
-	
+
 			$list = $xpath->query("//div[@class='article']");
 			foreach ($list as $node)
 				if (strlen($node->nodeValue) > 40)
 					$text .= " ".trim($node->nodeValue);
-	
+
 			if ($text == "") {
 				$list = $xpath->query("//div[@class='content']");
 				foreach ($list as $node)
 					if (strlen($node->nodeValue) > 40)
 						$text .= " ".trim($node->nodeValue);
 			}
-	
+
 			// If none text was found then take the paragraph content
 			if ($text == "") {
 				$list = $xpath->query("//p");
@@ -450,21 +455,21 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 					if (strlen($node->nodeValue) > 40)
 						$text .= " ".trim($node->nodeValue);
 			}
-	
+
 			if ($text != "") {
 				$text = trim(str_replace(array("\n", "\r"), array(" ", " "), $text));
-	
+
 				while (strpos($text, "  "))
 					$text = trim(str_replace("  ", " ", $text));
-					
+
 				$text = substr(html_entity_decode($text, ENT_QUOTES, "UTF-8"), 0, 350);
 				$siteinfo["text"] = rtrim(substr($text, 0, strrpos($text, " ")), "?.,:;!-") . '...';
 			}
 		}
-	
+
 		return($siteinfo);
 	}
-	
+
 
 	private static function arr_add_hashes(&$item,$k) {
 		$item = '#' . $item;

Zotlabs/Module/Lockview.php

@@ -1,21 +1,30 @@
 <?php
+
 namespace Zotlabs\Module;
 
+use Zotlabs\Lib\AccessList;
+use Zotlabs\Web\Controller;
+
 require_once('include/security.php');
 
-class Lockview extends \Zotlabs\Web\Controller {
+class Lockview extends Controller {
 
 	function get() {
 
-		$atokens = array();
+		$atokens           = [];
+		$atoken_xchans     = [];
+		$access_list       = [];
+		$guest_access_list = [];
 
-		if(local_channel()) {
+		if (local_channel()) {
 			$at = q("select * from atoken where atoken_uid = %d",
 				intval(local_channel())
 			);
-			if($at) {
-				foreach($at as $t) {
-					$atokens[] = atoken_xchan($t);
+			if ($at) {
+				foreach ($at as $t) {
+					$atoken_xchan    = atoken_xchan($t);
+					$atokens[]       = array_merge($t, $atoken_xchan);
+					$atoken_xchans[] = $atoken_xchan['xchan_hash'];
 				}
 			}
 		}
@@ -23,20 +32,20 @@ class Lockview extends \Zotlabs\Web\Controller {
 		$type = ((argc() > 1) ? argv(1) : 0);
 		if (is_numeric($type)) {
 			$item_id = intval($type);
-			$type='item';
+			$type    = 'item';
 		}
 		else {
 			$item_id = ((argc() > 2) ? intval(argv(2)) : 0);
 		}
 
-		if(! $item_id)
+		if (!$item_id)
 			killme();
 
-		if (! in_array($type, array('item', 'photo', 'attach', 'event', 'menu_item', 'chatroom')))
+		if (!in_array($type, ['item', 'photo', 'attach', 'menu_item', 'chatroom']))
 			killme();
 
 		// we have different naming in in menu_item table and chatroom table
-		switch($type) {
+		switch ($type) {
 			case 'menu_item':
 				$id = 'mitem_id';
 				break;
@@ -53,134 +62,177 @@ class Lockview extends \Zotlabs\Web\Controller {
 			intval($item_id)
 		);
 
-		if(! $r)
+		if (!$r)
 			killme();
 
 		$item = $r[0];
+		$uid  = null;
+		$url  = '';
 
-		//we have different naming in in menu_item table and chatroom table
-		switch($type) {
+		switch ($type) {
 			case 'menu_item':
 				$uid = $item['mitem_channel_id'];
 				break;
 			case 'chatroom':
-				$uid = $item['cr_uid'];
+				$uid     = $item['cr_uid'];
+				$channel = channelx_by_n($uid);
+				$url     = z_root() . '/chat/' . $channel['channel_address'] . '/' . $item['cr_id'];
+				break;
+			case 'item':
+				$uid = $item['uid'];
+				$url = $item['plink'];
+				break;
+			case 'photo':
+				$uid     = $item['uid'];
+				$channel = channelx_by_n($uid);
+				$url     = z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $item['resource_id'];
+				break;
+			case 'attach':
+				$uid     = $item['uid'];
+				$channel = channelx_by_n($uid);
+				$url     = z_root() . '/cloud/' . $channel['channel_address'] . '/' . $item['display_path'];
 				break;
 			default:
-				$uid = $item['uid'];
 				break;
 		}
 
-		if($uid != local_channel()) {
-			echo '<div class="dropdown-item">' . t('Remote privacy information not available.') . '</div>';
+		if (intval($uid) !== local_channel()) {
+			echo '<div class="dropdown-item-text">' . t('Remote privacy information not available') . '</div>';
 			killme();
 		}
 
-		if(intval($item['item_private']) && (! strlen($item['allow_cid'])) && (! strlen($item['allow_gid']))
-			&& (! strlen($item['deny_cid'])) && (! strlen($item['deny_gid']))) {
+		if (intval($item['item_private']) && (!strlen($item['allow_cid'])) && (!strlen($item['allow_gid']))
+			&& (!strlen($item['deny_cid'])) && (!strlen($item['deny_gid']))) {
 
 			// if the post is private, but public_policy is blank ("visible to the internet"), and there aren't any
 			// specific recipients, we're the recipient of a post with "bcc" or targeted recipients; so we'll just show it
 			// as unknown specific recipients. The sender will have the visibility list and will fall through to the
 			// next section.
 
-			echo '<div class="dropdown-item">' . translate_scope((! $item['public_policy']) ? 'specific' : $item['public_policy']) . '</div>';
+			echo '<div class="dropdown-item-text">' . translate_scope((!$item['public_policy']) ? 'specific' : $item['public_policy']) . '</div>';
 			killme();
 		}
 
-		$allowed_users = expand_acl($item['allow_cid']);
+		$allowed_users  = expand_acl($item['allow_cid']);
 		$allowed_groups = expand_acl($item['allow_gid']);
-		$deny_users = expand_acl($item['deny_cid']);
-		$deny_groups = expand_acl($item['deny_gid']);
+		$deny_users     = expand_acl($item['deny_cid']);
+		$deny_groups    = expand_acl($item['deny_gid']);
 
-		$o = '<div class="dropdown-item">' . t('Visible to:') . '</div>';
-		$l = array();
-
-		stringify_array_elms($allowed_groups,true);
-		stringify_array_elms($allowed_users,true);
-		stringify_array_elms($deny_groups,true);
-		stringify_array_elms($deny_users,true);
+		stringify_array_elms($allowed_groups, true);
+		stringify_array_elms($allowed_users, true);
+		stringify_array_elms($deny_groups, true);
+		stringify_array_elms($deny_users, true);
 
+		$allowed_xchans = [];
 
 		$profile_groups = [];
-		if($allowed_groups) {
-			foreach($allowed_groups as $g) {
-				if(substr($g,0,4) === '\'vp.') {
-					$profile_groups[] = '\'' . substr($g,4);
+		if ($allowed_groups) {
+			foreach ($allowed_groups as $g) {
+				if (substr($g, 0, 4) === '\'vp.') {
+					$profile_groups[] = '\'' . substr($g, 4);
 				}
 			}
 		}
-		if(count($profile_groups)) {
-			$r = q("SELECT profile_name FROM profile WHERE profile_guid IN ( " . implode(', ', $profile_groups) . " )");
-			if($r)
-				foreach($r as $rr)
-					$l[] = '<div class="dropdown-item"><b>' . t('Profile','acl') . ' ' . $rr['profile_name'] . '</b></div>';
+
+		if ($profile_groups) {
+			$r = q("SELECT id, profile_name FROM profile WHERE profile_guid IN ( " . implode(', ', $profile_groups) . " )");
+			if ($r) {
+				foreach ($r as $rr) {
+					$pgrp_members   = AccessList::profile_members_xchan($uid, $rr['id']);
+					$allowed_xchans = array_merge($allowed_xchans, $pgrp_members);
+					$access_list[] = '<div class="dropdown-item-text" title="' . t('Profile', 'acl') . '">' . $rr['profile_name'] . '</div>';
+				}
+			}
 		}
 
-		if(count($allowed_groups)) {
-			$r = q("SELECT gname FROM pgrp WHERE hash IN ( " . implode(', ', $allowed_groups) . " )");
-			if($r)
-				foreach($r as $rr)
-					$l[] = '<div class="dropdown-item"><b>' . $rr['gname'] . '</b></div>';
+		if ($allowed_groups) {
+			$r = q("SELECT id, gname FROM pgrp WHERE hash IN ( " . implode(', ', $allowed_groups) . " )");
+			if ($r) {
+				foreach ($r as $rr) {
+					$pgrp_members   = AccessList::members_xchan($uid, $rr['id']);
+					$allowed_xchans = array_merge($allowed_xchans, $pgrp_members);
+					$access_list[] = '<div class="dropdown-item-text" title="' . t('Privacy group') . '">' . $rr['gname'] . '</div>';
+				}
+			}
 		}
-		if(count($allowed_users)) {
-			$r = q("SELECT xchan_name FROM xchan WHERE xchan_hash IN ( " . implode(', ',$allowed_users) . " )");
-			if($r)
-				foreach($r as $rr)
-					$l[] = '<div class="dropdown-item">' . $rr['xchan_name'] . '</div>';
-			if($atokens) {
-				foreach($atokens as $at) {
-					if(in_array("'" . $at['xchan_hash'] . "'",$allowed_users)) {
-						$l[] = '<div class="dropdown-item">' . $at['xchan_name'] . '</div>';
+
+		if ($allowed_users) {
+			$r = q("SELECT xchan_name, xchan_hash FROM xchan WHERE xchan_hash IN ( " . implode(', ', $allowed_users) . " )");
+			if ($r) {
+				foreach ($r as $rr) {
+					$allowed_xchans[] = $rr['xchan_hash'];
+					if (!in_array($rr['xchan_hash'], $atoken_xchans)) {
+						$access_list[] = '<div class="dropdown-item-text">' . $rr['xchan_name'] . '</div>';
 					}
 				}
 			}
 		}
 
-
 		$profile_groups = [];
-		if($deny_groups) {
-			foreach($deny_groups as $g) {
-				if(substr($g,0,4) === '\'vp.') {
-					$profile_groups[] = '\'' . substr($g,4);
+		if ($deny_groups) {
+			foreach ($deny_groups as $g) {
+				if (substr($g, 0, 4) === '\'vp.') {
+					$profile_groups[] = '\'' . substr($g, 4);
 				}
 			}
 		}
-		if(count($profile_groups)) {
+
+		if ($profile_groups) {
 			$r = q("SELECT profile_name FROM profile WHERE profile_guid IN ( " . implode(', ', $profile_groups) . " )");
-			if($r)
-				foreach($r as $rr)
-					$l[] = '<div class="dropdown-item"><b><strike>' . t('Profile','acl') . ' ' . $rr['profile_name'] . '</strike></b></div>';
+			if ($r) {
+				foreach ($r as $rr) {
+					$access_list[] = '<div class="dropdown-item-text" title="' . t('Profile', 'acl') . '"><strike>' . $rr['profile_name'] . '</strike></b></div>';
+				}
+			}
 		}
 
-
-
-		if(count($deny_groups)) {
+		if ($deny_groups) {
 			$r = q("SELECT gname FROM pgrp WHERE hash IN ( " . implode(', ', $deny_groups) . " )");
-			if($r)
-				foreach($r as $rr)
-					$l[] = '<div class="dropdown-item"><b><strike>' . $rr['gname'] . '</strike></b></div>';
-		}
-		if(count($deny_users)) {
-			$r = q("SELECT xchan_name FROM xchan WHERE xchan_hash IN ( " . implode(', ', $deny_users) . " )");
-			if($r)
-				foreach($r as $rr)
-					$l[] = '<div class="dropdown-item"><strike>' . $rr['xchan_name'] . '</strike></div>';
-
-			if($atokens) {
-				foreach($atokens as $at) {
-					if(in_array("'" . $at['xchan_hash'] . "'",$deny_users)) {
-						$l[] = '<div class="dropdown-item"><strike>' . $at['xchan_name'] . '</strike></div>';
-					}
+			if ($r) {
+				foreach ($r as $rr) {
+					$access_list[] = '<div class="dropdown-item-text" title="' . t('Privacy group') . '"><strike>' . $rr['gname'] . '</strike></b></div>';
 				}
 			}
-
-
 		}
 
-		echo $o . implode($l);
-		killme();
+		if ($deny_users) {
+			$r = q("SELECT xchan_name FROM xchan WHERE xchan_hash IN ( " . implode(', ', $deny_users) . " )");
+			if ($r) {
+				foreach ($r as $rr) {
+					$access_list[] = '<div class="dropdown-item-text"><strike>' . $rr['xchan_name'] . '</strike></div>';
+				}
+			}
+		}
 
+		if ($atokens && $allowed_xchans && $url) {
+
+			$guest_access_list = [];
+
+			$allowed_xchans = array_unique($allowed_xchans);
+			foreach ($atokens as $atoken) {
+				if (in_array($atoken['xchan_hash'], $allowed_xchans)) {
+					$guest_access_list[] = '<div class="dropdown-item d-flex justify-content-between cursor-pointer" title="' . sprintf(t('Click to copy link to this ressource for guest %s to clipboard'), $atoken['xchan_name']) . '" data-token="' . $url . '?zat=' . $atoken['atoken_token'] . '" onclick="navigator.clipboard.writeText(this.dataset.token); $.jGrowl(\'' . t('Link copied') . '\', { sticky: false, theme: \'info\', life: 1000 });"><span>' . $atoken['xchan_name'] . '</span><i class="fa fa-copy p-1"></i></div>';
+				}
+			}
+		}
+
+		$access_list_header = '';
+		if ($access_list) {
+			$access_list_header = '<div class="dropdown-header text-uppercase h6">' . t('Access') . '</div>';
+		}
+
+		$guest_access_list_header = '';
+		if ($guest_access_list) {
+			$guest_access_list_header = '<div class="dropdown-header text-uppercase h6">' . t('Guest access') . '</div>';
+		}
+
+		$divider = '';
+		if ($access_list && $guest_access_list) {
+				$divider = '<div class="dropdown-divider"></div>';
+		}
+
+		echo $access_list_header . implode($access_list) . $divider . $guest_access_list_header . implode($guest_access_list);
+		killme();
 
 	}